CoCalc -- ipsec

GitHub Repository: freebsd/freebsd-src
Path: blob/main/sys/netipsec/ipsec_mbuf.c
³⁹⁴⁷⁵ views
1
/*-
2
 * SPDX-License-Identifier: BSD-2-Clause
3
 *
4
 * Copyright (c) 2002, 2003 Sam Leffler, Errno Consulting
5
 * All rights reserved.
6
 *
7
 * Redistribution and use in source and binary forms, with or without
8
 * modification, are permitted provided that the following conditions
9
 * are met:
10
 * 1. Redistributions of source code must retain the above copyright
11
 *    notice, this list of conditions and the following disclaimer.
12
 * 2. Redistributions in binary form must reproduce the above copyright
13
 *    notice, this list of conditions and the following disclaimer in the
14
 *    documentation and/or other materials provided with the distribution.
15
 *
16
 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
17
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
20
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26
 * SUCH DAMAGE.
27
 */
28

29
/*
30
 * IPsec-specific mbuf routines.
31
 */
32

33
#include "opt_ipsec.h"
34

35
#include <sys/param.h>
36
#include <sys/systm.h>
37
#include <sys/malloc.h>
38
#include <sys/mbuf.h>
39
#include <sys/socket.h>
40

41
#include <net/vnet.h>
42
#include <netinet/in.h>
43
#include <netipsec/ipsec.h>
44

45
/*
46
 * Make space for a new header of length hlen at skip bytes
47
 * into the packet.  When doing this we allocate new mbufs only
48
 * when absolutely necessary.  The mbuf where the new header
49
 * is to go is returned together with an offset into the mbuf.
50
 * If NULL is returned then the mbuf chain may have been modified;
51
 * the caller is assumed to always free the chain.
52
 */
53
struct mbuf *
54
m_makespace(struct mbuf *m0, int skip, int hlen, int *off)
55
{
56
	struct mbuf *m;
57
	unsigned remain;
58

59
	IPSEC_ASSERT(m0 != NULL, ("null mbuf"));
60
	IPSEC_ASSERT(hlen < MHLEN, ("hlen too big: %u", hlen));
61

62
	for (m = m0; m && skip > m->m_len; m = m->m_next)
63
		skip -= m->m_len;
64
	if (m == NULL)
65
		return (NULL);
66
	/*
67
	 * At this point skip is the offset into the mbuf m
68
	 * where the new header should be placed.  Figure out
69
	 * if there's space to insert the new header.  If so,
70
	 * and copying the remainder makes sense then do so.
71
	 * Otherwise insert a new mbuf in the chain, splitting
72
	 * the contents of m as needed.
73
	 */
74
	remain = m->m_len - skip;		/* data to move */
75
	if (remain > skip &&
76
	    hlen + max_linkhdr < M_LEADINGSPACE(m)) {
77
		/*
78
		 * mbuf has enough free space at the beginning.
79
		 * XXX: which operation is the most heavy - copying of
80
		 *	possible several hundred of bytes or allocation
81
		 *	of new mbuf? We can remove max_linkhdr check
82
		 *	here, but it is possible that this will lead
83
		 *	to allocation of new mbuf in Layer 2 code.
84
		 */
85
		m->m_data -= hlen;
86
		bcopy(mtodo(m, hlen), mtod(m, caddr_t), skip);
87
		m->m_len += hlen;
88
		*off = skip;
89
	} else if (hlen > M_TRAILINGSPACE(m)) {
90
		struct mbuf *n0, *n, **np;
91
		int todo, len, done;
92

93
		n0 = NULL;
94
		np = &n0;
95
		done = 0;
96
		todo = remain;
97
		while (todo > 0) {
98
			if (todo > MHLEN) {
99
				n = m_getcl(M_NOWAIT, m->m_type, 0);
100
				len = MCLBYTES;
101
			}
102
			else {
103
				n = m_get(M_NOWAIT, m->m_type);
104
				len = MHLEN;
105
			}
106
			if (n == NULL) {
107
				m_freem(n0);
108
				return NULL;
109
			}
110
			*np = n;
111
			np = &n->m_next;
112
			len = min(todo, len);
113
			memcpy(n->m_data, mtod(m, char *) + skip + done, len);
114
			n->m_len = len;
115
			done += len;
116
			todo -= len;
117
		}
118

119
		if (hlen <= M_TRAILINGSPACE(m) + remain) {
120
			m->m_len = skip + hlen;
121
			*off = skip;
122
			if (n0 != NULL) {
123
				*np = m->m_next;
124
				m->m_next = n0;
125
			}
126
		}
127
		else {
128
			n = m_get(M_NOWAIT, m->m_type);
129
			if (n == NULL) {
130
				m_freem(n0);
131
				return NULL;
132
			}
133

134
			if ((n->m_next = n0) == NULL)
135
				np = &n->m_next;
136
			n0 = n;
137

138
			*np = m->m_next;
139
			m->m_next = n0;
140

141
			n->m_len = hlen;
142
			m->m_len = skip;
143

144
			m = n;			/* header is at front ... */
145
			*off = 0;		/* ... of new mbuf */
146
		}
147
		IPSECSTAT_INC(ips_mbinserted);
148
	} else {
149
		/*
150
		 * Copy the remainder to the back of the mbuf
151
		 * so there's space to write the new header.
152
		 */
153
		bcopy(mtod(m, caddr_t) + skip,
154
		    mtod(m, caddr_t) + skip + hlen, remain);
155
		m->m_len += hlen;
156
		*off = skip;
157
	}
158
	m0->m_pkthdr.len += hlen;		/* adjust packet length */
159
	return m;
160
}
161

162
/*
163
 * m_pad(m, n) pads <m> with <n> bytes at the end. The packet header
164
 * length is updated, and a pointer to the first byte of the padding
165
 * (which is guaranteed to be all in one mbuf) is returned.
166
 */
167
caddr_t
168
m_pad(struct mbuf *m, int n)
169
{
170
	struct mbuf *m0, *m1;
171
	int len, pad;
172
	caddr_t retval;
173

174
	if (n <= 0) {  /* No stupid arguments. */
175
		DPRINTF(("%s: pad length invalid (%d)\n", __func__, n));
176
		m_freem(m);
177
		return NULL;
178
	}
179

180
	len = m->m_pkthdr.len;
181
	pad = n;
182
	m0 = m;
183

184
	while (m0->m_len < len) {
185
		len -= m0->m_len;
186
		m0 = m0->m_next;
187
	}
188

189
	if (m0->m_len != len) {
190
		DPRINTF(("%s: length mismatch (should be %d instead of %d)\n",
191
			__func__, m->m_pkthdr.len,
192
			m->m_pkthdr.len + m0->m_len - len));
193

194
		m_freem(m);
195
		return NULL;
196
	}
197

198
	/* Check for zero-length trailing mbufs, and find the last one. */
199
	for (m1 = m0; m1->m_next; m1 = m1->m_next) {
200
		if (m1->m_next->m_len != 0) {
201
			DPRINTF(("%s: length mismatch (should be %d instead "
202
				"of %d)\n", __func__,
203
				m->m_pkthdr.len,
204
				m->m_pkthdr.len + m1->m_next->m_len));
205

206
			m_freem(m);
207
			return NULL;
208
		}
209

210
		m0 = m1->m_next;
211
	}
212

213
	if (pad > M_TRAILINGSPACE(m0)) {
214
		/* Add an mbuf to the chain. */
215
		MGET(m1, M_NOWAIT, MT_DATA);
216
		if (m1 == NULL) {
217
			m_freem(m0);
218
			DPRINTF(("%s: unable to get extra mbuf\n", __func__));
219
			return NULL;
220
		}
221

222
		m0->m_next = m1;
223
		m0 = m1;
224
		m0->m_len = 0;
225
	}
226

227
	retval = m0->m_data + m0->m_len;
228
	m0->m_len += pad;
229
	m->m_pkthdr.len += pad;
230

231
	return retval;
232
}
233

234
/*
235
 * Remove hlen data at offset skip in the packet.  This is used by
236
 * the protocols strip protocol headers and associated data (e.g. IV,
237
 * authenticator) on input.
238
 */
239
int
240
m_striphdr(struct mbuf *m, int skip, int hlen)
241
{
242
	struct mbuf *m1;
243
	int roff;
244

245
	/* Find beginning of header */
246
	m1 = m_getptr(m, skip, &roff);
247
	if (m1 == NULL)
248
		return (EINVAL);
249

250
	/* Remove the header and associated data from the mbuf. */
251
	if (roff == 0) {
252
		/* The header was at the beginning of the mbuf */
253
		IPSECSTAT_INC(ips_input_front);
254
		m_adj(m1, hlen);
255
		if (m1 != m)
256
			m->m_pkthdr.len -= hlen;
257
	} else if (roff + hlen >= m1->m_len) {
258
		struct mbuf *mo;
259
		int adjlen;
260

261
		/*
262
		 * Part or all of the header is at the end of this mbuf,
263
		 * so first let's remove the remainder of the header from
264
		 * the beginning of the remainder of the mbuf chain, if any.
265
		 */
266
		IPSECSTAT_INC(ips_input_end);
267
		if (roff + hlen > m1->m_len) {
268
			adjlen = roff + hlen - m1->m_len;
269

270
			/* Adjust the next mbuf by the remainder */
271
			m_adj(m1->m_next, adjlen);
272

273
			/* The second mbuf is guaranteed not to have a pkthdr... */
274
			m->m_pkthdr.len -= adjlen;
275
		}
276

277
		/* Now, let's unlink the mbuf chain for a second...*/
278
		mo = m1->m_next;
279
		m1->m_next = NULL;
280

281
		/* ...and trim the end of the first part of the chain...sick */
282
		adjlen = m1->m_len - roff;
283
		m_adj(m1, -adjlen);
284
		if (m1 != m)
285
			m->m_pkthdr.len -= adjlen;
286

287
		/* Finally, let's relink */
288
		m1->m_next = mo;
289
	} else {
290
		/*
291
		 * The header lies in the "middle" of the mbuf; copy
292
		 * the remainder of the mbuf down over the header.
293
		 */
294
		IPSECSTAT_INC(ips_input_middle);
295
		bcopy(mtod(m1, u_char *) + roff + hlen,
296
		      mtod(m1, u_char *) + roff,
297
		      m1->m_len - (roff + hlen));
298
		m1->m_len -= hlen;
299
		m->m_pkthdr.len -= hlen;
300
	}
301
	return (0);
302
}
303

304
/*
305
 * Diagnostic routine to check mbuf alignment as required by the
306
 * crypto device drivers (that use DMA).
307
 */
308
void
309
m_checkalignment(const char* where, struct mbuf *m0, int off, int len)
310
{
311
	int roff;
312
	struct mbuf *m = m_getptr(m0, off, &roff);
313
	caddr_t addr;
314

315
	if (m == NULL)
316
		return;
317
	printf("%s (off %u len %u): ", where, off, len);
318
	addr = mtod(m, caddr_t) + roff;
319
	do {
320
		int mlen;
321

322
		if (((uintptr_t) addr) & 3) {
323
			printf("addr misaligned %p,", addr);
324
			break;
325
		}
326
		mlen = m->m_len;
327
		if (mlen > len)
328
			mlen = len;
329
		len -= mlen;
330
		if (len && (mlen & 3)) {
331
			printf("len mismatch %u,", mlen);
332
			break;
333
		}
334
		m = m->m_next;
335
		addr = m ? mtod(m, caddr_t) : NULL;
336
	} while (m && len > 0);
337
	for (m = m0; m; m = m->m_next)
338
		printf(" [%p:%u]", mtod(m, caddr_t), m->m_len);
339
	printf("\n");
340
}
341

342
Product

Resources

Company
