/*
* Help break down an mbuf chain by setting the first siz bytes contiguous
* pointed to by returned val.
* This is used by the macro NFSM_DISSECT for tough
* cases.
*/
APPLESTATIC void *
nfsm_dissct(struct nfsrv_descript *nd, int siz, int how)
{
mbuf_t mp2;
int siz2, xfer;
caddr_t p;
int left;
caddr_t retp;
retp = NULL;
left = NFSMTOD(nd->nd_md, caddr_t) + mbuf_len(nd->nd_md) - nd->nd_dpos;
while (left == 0) {
nd->nd_md = mbuf_next(nd->nd_md);
if (nd->nd_md == NULL)
return (retp);
left = mbuf_len(nd->nd_md);
nd->nd_dpos = NFSMTOD(nd->nd_md, caddr_t);
}
if (left >= siz) {
retp = nd->nd_dpos;
nd->nd_dpos += siz;
} else if (mbuf_next(nd->nd_md) == NULL) {
return (retp);
} else if (siz > ncl_mbuf_mhlen) {
panic("nfs S too big");
} else {
MGET(mp2, MT_DATA, how);
if (mp2 == NULL)
return (NULL);
mbuf_setnext(mp2, mbuf_next(nd->nd_md));
mbuf_setnext(nd->nd_md, mp2);
mbuf_setlen(nd->nd_md, mbuf_len(nd->nd_md) - left);
nd->nd_md = mp2;
retp = p = NFSMTOD(mp2, caddr_t);
NFSBCOPY(nd->nd_dpos, p, left); /* Copy what was left */
siz2 = siz - left;
p += left;
mp2 = mbuf_next(mp2);
/* Loop around copying up the siz2 bytes */
while (siz2 > 0) {
if (mp2 == NULL)
return (NULL);
xfer = (siz2 > mbuf_len(mp2)) ? mbuf_len(mp2) : siz2;
if (xfer > 0) {
NFSBCOPY(NFSMTOD(mp2, caddr_t), p, xfer);
NFSM_DATAP(mp2, xfer);
mbuf_setlen(mp2, mbuf_len(mp2) - xfer);
p += xfer;
siz2 -= xfer;
}
if (siz2 > 0)
mp2 = mbuf_next(mp2);
}
mbuf_setlen(nd->nd_md, siz);
nd->nd_md = mp2;
nd->nd_dpos = NFSMTOD(mp2, caddr_t);
}
return (retp);
}
/*
* Copy a string into mbuf(s).
* Return the number of bytes output, including XDR overheads.
*/
APPLESTATIC int
nfsm_strtom(struct nfsrv_descript *nd, const char *cp, int siz)
{
mbuf_t m2;
int xfer, left;
mbuf_t m1;
int rem, bytesize;
u_int32_t *tl;
char *cp2;
NFSM_BUILD(tl, u_int32_t *, NFSX_UNSIGNED);
*tl = txdr_unsigned(siz);
rem = NFSM_RNDUP(siz) - siz;
bytesize = NFSX_UNSIGNED + siz + rem;
m2 = nd->nd_mb;
cp2 = nd->nd_bpos;
left = M_TRAILINGSPACE(m2);
/*
* Loop around copying the string to mbuf(s).
*/
while (siz > 0) {
if (left == 0) {
if (siz > ncl_mbuf_mlen)
NFSMCLGET(m1, M_WAITOK);
else
NFSMGET(m1);
mbuf_setlen(m1, 0);
mbuf_setnext(m2, m1);
m2 = m1;
cp2 = NFSMTOD(m2, caddr_t);
left = M_TRAILINGSPACE(m2);
}
if (left >= siz)
xfer = siz;
else
xfer = left;
NFSBCOPY(cp, cp2, xfer);
cp += xfer;
mbuf_setlen(m2, mbuf_len(m2) + xfer);
siz -= xfer;
left -= xfer;
if (siz == 0 && rem) {
if (left < rem)
panic("nfsm_strtom");
NFSBZERO(cp2 + xfer, rem);
mbuf_setlen(m2, mbuf_len(m2) + rem);
}
}
nd->nd_mb = m2;
nd->nd_bpos = NFSMTOD(m2, caddr_t) + mbuf_len(m2);
return (bytesize);
}
size_t MbufUtils::attemptToSetLength(mbuf_t mbuf, size_t targetLength) {
size_t mbufLength = mbuf_len(mbuf);
size_t mbufMaxLength = mbuf_maxlen(mbuf);
if (targetLength > mbufLength && mbufMaxLength != mbufLength) {
size_t newBufLen = min_macro(targetLength, mbufMaxLength);
mbuf_setlen(mbuf, newBufLen);
mbufLength = newBufLen;
}
return mbufLength;
}
/*
* Call portmap to lookup a port number for a particular rpc program
* Returns non-zero error on failure.
*/
int
krpc_portmap(
struct sockaddr_in *sin, /* server address */
u_int prog, u_int vers, u_int proto, /* host order */
u_int16_t *portp) /* network order */
{
struct sdata {
u_int32_t prog; /* call program */
u_int32_t vers; /* call version */
u_int32_t proto; /* call protocol */
u_int32_t port; /* call port (unused) */
} *sdata;
struct rdata {
u_int16_t pad;
u_int16_t port;
} *rdata;
mbuf_t m;
int error;
/* The portmapper port is fixed. */
if (prog == PMAPPROG) {
*portp = htons(PMAPPORT);
return 0;
}
error = mbuf_gethdr(MBUF_WAITOK, MBUF_TYPE_DATA, &m);
if (error)
return error;
mbuf_setlen(m, sizeof(*sdata));
mbuf_pkthdr_setlen(m, sizeof(*sdata));
sdata = mbuf_data(m);
/* Do the RPC to get it. */
sdata->prog = htonl(prog);
sdata->vers = htonl(vers);
sdata->proto = htonl(proto);
sdata->port = 0;
sin->sin_port = htons(PMAPPORT);
error = krpc_call(sin, SOCK_DGRAM, PMAPPROG, PMAPVERS, PMAPPROC_GETPORT, &m, NULL);
if (error)
return error;
rdata = mbuf_data(m);
if (mbuf_len(m) >= sizeof(*rdata)) {
*portp = rdata->port;
}
if (mbuf_len(m) < sizeof(*rdata) || !rdata->port)
error = EPROGUNAVAIL;
mbuf_freem(m);
return (error);
}
static int
smb_ioc_request(
void * hContext,
struct smb_header * header,
const mbuf_t words,
const mbuf_t bytes,
mbuf_t response)
{
struct smbioc_rq krq;
bzero(&krq, sizeof(krq));
krq.ioc_version = SMB_IOC_STRUCT_VERSION;
krq.ioc_cmd = header->command;
/* XXX For large I/O requests where the uint16_t byte count
* (ioc_tbc) wraps to 0, this interface will get horribly
* confused. I don't think we can fix this without revving the
* ioctl version -- jpeach
*/
/* Set transmit words buffer ... */
krq.ioc_twc = mbuf_len(words) / sizeof(uint16_t);
krq.ioc_twords = mbuf_data(words);
/* Set transmit bytes buffer ... */
krq.ioc_tbc = mbuf_len(bytes);
krq.ioc_tbytes = mbuf_data(bytes);
/* Set receive buffer, reserving space for the word count and byte count ... */
krq.ioc_rpbufsz = (int32_t)mbuf_maxlen(response);
krq.ioc_rpbuf = mbuf_data(response);
if (smb_ioctl_call(((struct smb_ctx *)hContext)->ct_fd,
SMBIOC_REQUEST, &krq) == -1) {
return errno;
}
header->flags = krq.ioc_flags;
header->flags2 = krq.ioc_flags2;
header->status = krq.ioc_ntstatus;
mbuf_setlen(response, krq.ioc_rpbufsz);
return 0;
}
static bool mbuf_buffer(IOMemoryDescriptor *buffer, int skip_buffer, mbuf_t m, int skip_mbuf, int copy)
{
int offset = 0;
bool isWrite = (buffer->getDirection() == kIODirectionOut);
if (buffer->prepare() != kIOReturnSuccess)
{
KINFO("buffer prepare failed");
return false;
}
if (isWrite && mbuf_pkthdr_len(m) < skip_mbuf + copy)
mbuf_pkthdr_setlen(m, skip_mbuf + copy);
for (; m; m = mbuf_next(m))
{
if (isWrite && mbuf_len(m) < skip_mbuf + copy && mbuf_trailingspace(m))
mbuf_setlen(m, min(mbuf_maxlen(m), skip_mbuf + copy));
UInt32 available = mbuf_len(m);
//KDEBUG("available=%d, skip_mbuf=%d", available, skip_mbuf);
if (skip_mbuf >= available)
{
skip_mbuf -= available;
continue;
}
UInt8 *buf = (UInt8 *)mbuf_data(m) + skip_mbuf;
IOByteCount len = copy; // remaining requested
len = min(len, available - skip_mbuf); // available in mbuf
len = min(len, buffer->getLength() - offset); // available in iomd
IOByteCount wrote = 0;
if (!len)
{
KDEBUG("no space, %d-%d, %d-%d", available, skip_mbuf, buffer->getLength(), offset);
break;
}
//KDEBUG("COPY: skip_buffer=%d, offset=%d, len=%d (remaining=%d)", skip_buffer, offset, len, copy);
if (isWrite)
wrote = buffer->readBytes(skip_buffer + offset, buf, len);
else
wrote = buffer->writeBytes(skip_buffer + offset, buf, len);
if (wrote != len)
{
KINFO("short IO");
break;
}
offset += len;
copy -= len;
skip_mbuf = 0;
}
if (buffer->complete() != kIOReturnSuccess)
{
KINFO("buffer complete failed");
return false;
}
if (copy > 0)
{
KINFO("failed to copy requested data: %d remaining", copy);
return false;
}
return true;
}
errno_t kn_tcp_pkt_from_params(mbuf_t *data, u_int8_t tcph_flags, u_int32_t iph_saddr, u_int32_t iph_daddr, u_int16_t tcph_sport, u_int16_t tcph_dport, u_int32_t tcph_seq, u_int32_t tcph_ack, const char* payload, size_t payload_len)
{
int retval = 0;
size_t tot_data_len, tot_buf_len, max_len; // mac osx thing.. to be safe, leave out 14 bytes for ethernet header.
void *buf = NULL;
struct ip* o_iph;
struct tcphdr* o_tcph;
u_int16_t csum;
mbuf_csum_request_flags_t csum_flags = 0;
boolean_t pkt_allocated = FALSE;
tot_data_len = sizeof(struct ip) + sizeof(struct tcphdr) + payload_len;
tot_buf_len = tot_data_len + ETHHDR_LEN;
// allocate the packet
retval = mbuf_allocpacket(MBUF_DONTWAIT, tot_buf_len, NULL, data);
if (retval != 0) {
kn_debug("mbuf_allocpacket returned error %d\n", retval);
goto FAILURE;
}
else {
pkt_allocated = TRUE;
}
max_len = mbuf_maxlen(*data);
if (max_len < tot_buf_len) {
kn_debug("no enough buffer space, try to request more.\n");
retval = mbuf_prepend(data, tot_buf_len - max_len, MBUF_DONTWAIT);
if (retval != 0) {
kn_debug("mbuf_prepend returned error %d\n", retval);
goto FAILURE;
}
}
mbuf_pkthdr_setlen(*data, tot_data_len);
retval = mbuf_pkthdr_setrcvif(*data, NULL);
if (retval != 0) {
kn_debug("mbuf_pkthdr_setrcvif returned error %d\n", retval);
goto FAILURE;
}
mbuf_setlen(*data, tot_data_len);
retval = mbuf_setdata(*data, (mbuf_datastart(*data) + ETHHDR_LEN), tot_data_len);
if (retval != 0) {
kn_debug("mbuf_setdata returned error %d\n", retval);
goto FAILURE;
}
buf = mbuf_data(*data);
mbuf_pkthdr_setheader(*data, buf);
o_iph = (struct ip*)buf;
memset(o_iph, 0, sizeof(struct ip));
// setup IPv4 header
o_iph->ip_hl = sizeof(struct ip) / 4;
o_iph->ip_v = 4;
o_iph->ip_tos = 0;
o_iph->ip_id = 0;
o_iph->ip_off = htons(IP_DF);
o_iph->ip_p = IPPROTO_TCP;
o_iph->ip_len = htons(tot_data_len);
o_iph->ip_sum = 0;
o_iph->ip_ttl = 64;
o_iph->ip_src.s_addr = iph_saddr;
o_iph->ip_dst.s_addr = iph_daddr;
o_tcph = (struct tcphdr*)((char*)o_iph + sizeof(struct ip));
memset(o_tcph, 0, sizeof(struct tcphdr));
o_tcph->th_sport = tcph_sport;
o_tcph->th_dport = tcph_dport;
o_tcph->th_seq = tcph_seq;
o_tcph->th_ack = tcph_ack;
o_tcph->th_flags = tcph_flags;
o_tcph->th_win = 0xffffU;
o_tcph->th_off = sizeof(struct tcphdr) / 4;
o_tcph->th_sum = 0;
o_tcph->th_urp = 0;
if (payload_len > 0) {
memcpy((char*)o_tcph + sizeof(struct tcphdr), payload, payload_len);
}
mbuf_clear_csum_performed(*data);
csum_flags |= MBUF_CSUM_REQ_IP;
retval = mbuf_get_csum_requested(*data, &csum_flags, NULL);
if (retval != 0) {
kn_debug("mbuf_get_csum_requested returned error %d\n", retval);
goto FAILURE;
}
/* calculate TCP checksum */
csum = kn_tcp_sum_calc(sizeof(struct tcphdr) + payload_len, (u_int16_t*)&o_iph->ip_src.s_addr, (u_int16_t*)&o_iph->ip_dst.s_addr, (u_int16_t*)o_tcph);
o_tcph->th_sum = csum;
return 0;
FAILURE:
if (pkt_allocated == TRUE) {
mbuf_free(*data);
}
return retval;
}
/**
* Internal worker that create a darwin mbuf for a (scatter/)gather list.
*
* @returns Pointer to the mbuf.
* @param pThis The instance.
* @param pSG The (scatter/)gather list.
*/
static mbuf_t vboxNetFltDarwinMBufFromSG(PVBOXNETFLTINS pThis, PINTNETSG pSG)
{
/// @todo future? mbuf_how_t How = preemption enabled ? MBUF_DONTWAIT : MBUF_WAITOK;
mbuf_how_t How = MBUF_WAITOK;
/*
* We need some way of getting back to our instance data when
* the mbuf is freed, so use pvUserData for this.
* -- this is not relevant anylonger! --
*/
Assert(!pSG->pvUserData || pSG->pvUserData == pThis);
Assert(!pSG->pvUserData2);
pSG->pvUserData = pThis;
/*
* Allocate a packet and copy over the data.
*
* Using mbuf_attachcluster() here would've been nice but there are two
* issues with it: (1) it's 10.5.x only, and (2) the documentation indicates
* that it's not supposed to be used for really external buffers. The 2nd
* point might be argued against considering that the only m_clattach user
* is mallocs memory for the ext mbuf and not doing what's stated in the docs.
* However, it's hard to tell if these m_clattach buffers actually makes it
* to the NICs or not, and even if they did, the NIC would need the physical
* addresses for the pages they contain and might end up copying the data
* to a new mbuf anyway.
*
* So, in the end it's better to just do it the simple way that will work
* 100%, even if it involves some extra work (alloc + copy) we really wished
* to avoid.
*
* Note. We can't make use of the physical addresses on darwin because the
* way the mbuf / cluster stuff works (see mbuf_data_to_physical and
* mcl_to_paddr).
*/
mbuf_t pPkt = NULL;
errno_t err = mbuf_allocpacket(How, pSG->cbTotal, NULL, &pPkt);
if (!err)
{
/* Skip zero sized memory buffers (paranoia). */
mbuf_t pCur = pPkt;
while (pCur && !mbuf_maxlen(pCur))
pCur = mbuf_next(pCur);
Assert(pCur);
/* Set the required packet header attributes. */
mbuf_pkthdr_setlen(pPkt, pSG->cbTotal);
mbuf_pkthdr_setheader(pPkt, mbuf_data(pCur));
/* Special case the single buffer copy. */
if ( mbuf_next(pCur)
&& mbuf_maxlen(pCur) >= pSG->cbTotal)
{
mbuf_setlen(pCur, pSG->cbTotal);
IntNetSgRead(pSG, mbuf_data(pCur));
}
else
{
/* Multi buffer copying. */
size_t cbLeft = pSG->cbTotal;
size_t offSrc = 0;
while (cbLeft > 0 && pCur)
{
size_t cb = mbuf_maxlen(pCur);
if (cb > cbLeft)
cb = cbLeft;
mbuf_setlen(pCur, cb);
IntNetSgReadEx(pSG, offSrc, cb, mbuf_data(pCur));
/* advance */
offSrc += cb;
cbLeft -= cb;
pCur = mbuf_next(pCur);
}
Assert(cbLeft == 0);
}
if (!err)
{
/*
* Tag the packet and return successfully.
*/
PVBOXNETFLTTAG pTagData;
err = mbuf_tag_allocate(pPkt, g_idTag, 0 /* type */, sizeof(VBOXNETFLTTAG) /* tag len */, How, (void **)&pTagData);
if (!err)
{
Assert(pSG->aSegs[0].cb >= sizeof(pTagData->EthHdr));
memcpy(&pTagData->EthHdr, pSG->aSegs[0].pv, sizeof(pTagData->EthHdr));
return pPkt;
}
/* bailout: */
AssertMsg(err == ENOMEM || err == EWOULDBLOCK, ("err=%d\n", err));
}
mbuf_freem(pPkt);
}
else
AssertMsg(err == ENOMEM || err == EWOULDBLOCK, ("err=%d\n", err));
pSG->pvUserData = NULL;
return NULL;
}
/*
* copies a uio scatter/gather list to an mbuf chain.
* NOTE: can ony handle iovcnt == 1
*/
APPLESTATIC void
nfsm_uiombuf(struct nfsrv_descript *nd, struct uio *uiop, int siz)
{
char *uiocp;
struct mbuf *mp, *mp2;
int xfer, left, mlen;
int uiosiz, clflg, rem;
char *cp, *tcp;
KASSERT(uiop->uio_iovcnt == 1, ("nfsm_uiotombuf: iovcnt != 1"));
if (siz > ncl_mbuf_mlen) /* or should it >= MCLBYTES ?? */
clflg = 1;
else
clflg = 0;
rem = NFSM_RNDUP(siz) - siz;
mp = mp2 = nd->nd_mb;
while (siz > 0) {
left = uiop->uio_iov->iov_len;
uiocp = uiop->uio_iov->iov_base;
if (left > siz)
left = siz;
uiosiz = left;
while (left > 0) {
mlen = M_TRAILINGSPACE(mp);
if (mlen == 0) {
if (clflg)
NFSMCLGET(mp, M_WAITOK);
else
NFSMGET(mp);
mbuf_setlen(mp, 0);
mbuf_setnext(mp2, mp);
mp2 = mp;
mlen = M_TRAILINGSPACE(mp);
}
xfer = (left > mlen) ? mlen : left;
#ifdef notdef
/* Not Yet.. */
if (uiop->uio_iov->iov_op != NULL)
(*(uiop->uio_iov->iov_op))
(uiocp, NFSMTOD(mp, caddr_t) + mbuf_len(mp),
xfer);
else
#endif
if (uiop->uio_segflg == UIO_SYSSPACE)
NFSBCOPY(uiocp, NFSMTOD(mp, caddr_t) + mbuf_len(mp),
xfer);
else
copyin(CAST_USER_ADDR_T(uiocp), NFSMTOD(mp, caddr_t)
+ mbuf_len(mp), xfer);
mbuf_setlen(mp, mbuf_len(mp) + xfer);
left -= xfer;
uiocp += xfer;
uiop->uio_offset += xfer;
uiop->uio_resid -= xfer;
}
tcp = (char *)uiop->uio_iov->iov_base;
tcp += uiosiz;
uiop->uio_iov->iov_base = (void *)tcp;
uiop->uio_iov->iov_len -= uiosiz;
siz -= uiosiz;
}
if (rem > 0) {
if (rem > M_TRAILINGSPACE(mp)) {
NFSMGET(mp);
mbuf_setlen(mp, 0);
mbuf_setnext(mp2, mp);
}
cp = NFSMTOD(mp, caddr_t) + mbuf_len(mp);
for (left = 0; left < rem; left++)
*cp++ = '\0';
mbuf_setlen(mp, mbuf_len(mp) + rem);
nd->nd_bpos = cp;
} else
nd->nd_bpos = NFSMTOD(mp, caddr_t) + mbuf_len(mp);
nd->nd_mb = mp;
}
UInt32 IOMbufMemoryCursor::genPhysicalSegments(mbuf_t packet, void *vector,
UInt32 maxSegs, bool doCoalesce)
{
bool doneCoalesce = false;
if (!packet || !(mbuf_flags(packet) & MBUF_PKTHDR))
return 0;
if (!maxSegs)
{
maxSegs = maxNumSegments;
if (!maxSegs) return 0;
}
if ( mbuf_next(packet) == 0 )
{
uintptr_t src;
struct IOPhysicalSegment physSeg;
/*
* the packet consists of only 1 mbuf
* so if the data buffer doesn't span a page boundary
* we can take the simple way out
*/
src = (uintptr_t)mbuf_data(packet);
if ( trunc_page(src) == trunc_page(src + mbuf_len(packet) - 1) )
{
physSeg.location = (IOPhysicalAddress) mbuf_data_to_physical((char *)src);
if ( physSeg.location )
{
physSeg.length = mbuf_len(packet);
(*outSeg)(physSeg, vector, 0);
return 1;
}
maxSegs = 1;
if ( doCoalesce == false ) return 0;
}
}
if ( doCoalesce == true && maxSegs == 1 )
{
uintptr_t src;
uintptr_t dst;
mbuf_t m;
mbuf_t mnext;
mbuf_t out;
UInt32 len = 0;
struct IOPhysicalSegment physSeg;
if ( mbuf_pkthdr_len(packet) > MCLBYTES ) return 0;
m = packet;
// Allocate a non-header mbuf + cluster.
if (mbuf_getpacket( MBUF_DONTWAIT, &out ))
return 0;
mbuf_setflags( out, mbuf_flags( out ) & ~MBUF_PKTHDR );
dst = (uintptr_t)mbuf_data(out);
do
{
src = (uintptr_t)mbuf_data(m);
BCOPY( src, dst, mbuf_len(m) );
dst += mbuf_len(m);
len += mbuf_len(m);
} while ( (m = mbuf_next(m)) != 0 );
mbuf_setlen(out , len);
dst = (uintptr_t)mbuf_data(out);
physSeg.location = (IOPhysicalAddress) mbuf_data_to_physical((char *)dst);
if (!physSeg.location)
{
mbuf_free(out);
return 0;
}
physSeg.length = mbuf_len(out);
(*outSeg)(physSeg, vector, 0);
m = mbuf_next(packet);
while (m != 0)
{
mnext = mbuf_next(m);
mbuf_free(m);
m = mnext;
}
// The initial header mbuf is preserved, its length set to zero,
// and linked to the new packet chain.
mbuf_setlen(packet , 0);
mbuf_setnext(packet , out);
mbuf_setnext(out , 0);
return 1;
}
//
// Iterate over the mbuf, translating segments were allowed. When we
// are not allowed to translate segments then accumulate segment
// statistics up to kMBufDataCacheSize of mbufs. Finally
// if we overflow our cache just count how many segments this
// packet represents.
//
UInt32 segsPerMBuf[kMBufDataCacheSize];
tryAgain:
UInt32 curMBufIndex = 0;
UInt32 curSegIndex = 0;
UInt32 lastSegCount = 0;
mbuf_t m = packet;
// For each mbuf in incoming packet.
do {
vm_size_t mbufLen, thisLen = 0;
uintptr_t src;
// Step through each segment in the current mbuf
for (mbufLen = mbuf_len(m), src = (uintptr_t)mbuf_data(m);
mbufLen;
src += thisLen, mbufLen -= thisLen)
{
// If maxSegmentSize is atleast PAGE_SIZE, then
// thisLen = MIN(next_page(src), src + mbufLen) - src;
thisLen = MIN(mbufLen, maxSegmentSize);
thisLen = MIN(next_page(src), src + thisLen) - src;
// If room left then find the current segment addr and output
if (curSegIndex < maxSegs) {
struct IOPhysicalSegment physSeg;
physSeg.location = (IOPhysicalAddress) mbuf_data_to_physical((char *)src);
if ( physSeg.location == 0 )
{
return doCoalesce ?
genPhysicalSegments(packet, vector, 1, true) : 0;
}
physSeg.length = thisLen;
(*outSeg)(physSeg, vector, curSegIndex);
}
// Count segments if we are coalescing.
curSegIndex++;
}
// Cache the segment count data if room is available.
if (curMBufIndex < kMBufDataCacheSize) {
segsPerMBuf[curMBufIndex] = curSegIndex - lastSegCount;
lastSegCount = curSegIndex;
}
// Move on to next imcoming mbuf
curMBufIndex++;
m = mbuf_next(m);
} while (m);
// If we finished cleanly return number of segments found
if (curSegIndex <= maxSegs)
return curSegIndex;
if (!doCoalesce)
return 0; // if !coalescing we've got a problem.
// If we are coalescing and it is possible then attempt coalesce,
if (!doneCoalesce
&& (UInt) mbuf_pkthdr_len(packet) <= maxSegs * maxSegmentSize) {
// Hmm, we have to do some coalescing.
bool analysisRet;
analysisRet = analyseSegments(packet,
MIN(curMBufIndex, kMBufDataCacheSize),
segsPerMBuf,
curSegIndex, maxSegs);
if (analysisRet) {
doneCoalesce = true;
coalesceCount++;
goto tryAgain;
}
}
assert(!doneCoalesce); // Problem in Coalesce code.
packetTooBigErrors++;
return 0;
}
errno_t
firewire_inet_arp(
ifnet_t ifp,
u_short arpop,
const struct sockaddr_dl* sender_hw,
const struct sockaddr* sender_proto,
const struct sockaddr_dl* target_hw,
const struct sockaddr* target_proto)
{
mbuf_t m;
errno_t result;
register struct firewire_header *fwh;
register IP1394_ARP *fwa;
const struct sockaddr_in* sender_ip = (const struct sockaddr_in*)sender_proto;
const struct sockaddr_in* target_ip = (const struct sockaddr_in*)target_proto;
char *datap;
IOFWInterface *fwIf = (IOFWInterface*)ifnet_softc(ifp);
if(fwIf == NULL)
return EINVAL;
IOFireWireIP *fwIpObj = (IOFireWireIP*)fwIf->getController();
if(fwIpObj == NULL)
return EINVAL;
LCB *lcb = fwIpObj->getLcb();
if (target_ip == NULL)
return EINVAL;
if ((sender_ip && sender_ip->sin_family != AF_INET) ||
(target_ip && target_ip->sin_family != AF_INET))
return EAFNOSUPPORT;
result = mbuf_gethdr(MBUF_DONTWAIT, MBUF_TYPE_DATA, &m);
if (result != 0)
return result;
mbuf_setlen(m, sizeof(*fwa));
mbuf_pkthdr_setlen(m, sizeof(*fwa));
/* Move the data pointer in the mbuf to the end, aligned to 4 bytes */
datap = (char*)mbuf_datastart(m);
datap += mbuf_trailingspace(m);
datap -= (((u_long)datap) & 0x3);
mbuf_setdata(m, datap, sizeof(*fwa));
fwa = (IP1394_ARP*)mbuf_data(m);
bzero((caddr_t)fwa, sizeof(*fwa));
/* Prepend the ethernet header, we will send the raw frame */
result = mbuf_prepend(&m, sizeof(*fwh), MBUF_DONTWAIT);
if(result != 0)
return result;
fwh = (struct firewire_header*)mbuf_data(m);
fwh->fw_type = htons(FWTYPE_ARP);
/* Fill out the arp packet */
fwa->hardwareType = htons(ARP_HDW_TYPE);
fwa->protocolType = htons(FWTYPE_IP);
fwa->hwAddrLen = sizeof(IP1394_HDW_ADDR);
fwa->ipAddrLen = IPV4_ADDR_SIZE;
fwa->opcode = htons(arpop);
fwa->senderMaxRec = lcb->ownHardwareAddress.maxRec;
fwa->sspd = lcb->ownHardwareAddress.spd;
fwa->senderUnicastFifoHi = htons(lcb->ownHardwareAddress.unicastFifoHi);
fwa->senderUnicastFifoLo = htonl(lcb->ownHardwareAddress.unicastFifoLo);
/* Sender Hardware */
if (sender_hw != NULL)
bcopy(CONST_LLADDR(sender_hw), &fwa->senderUniqueID, sizeof(fwa->senderUniqueID));
else
ifnet_lladdr_copy_bytes(ifp, &fwa->senderUniqueID, FIREWIRE_ADDR_LEN);
ifnet_lladdr_copy_bytes(ifp, fwh->fw_shost, sizeof(fwh->fw_shost));
/* Sender IP */
if (sender_ip != NULL)
fwa->senderIpAddress = sender_ip->sin_addr.s_addr;
else
{
ifaddr_t *addresses;
struct sockaddr sa;
if (ifnet_get_address_list_family(ifp, &addresses, AF_INET) == 0)
{
ifaddr_address( addresses[0], &sa, 16 );
fwa->senderIpAddress = ((UInt32)(sa.sa_data[5] & 0xFF)) << 24;
fwa->senderIpAddress |= ((UInt32)(sa.sa_data[4] & 0xFF)) << 16;
fwa->senderIpAddress |= ((UInt32)(sa.sa_data[3] & 0xFF)) << 8;
fwa->senderIpAddress |= ((UInt32)(sa.sa_data[2] & 0xFF));
ifnet_free_address_list(addresses);
}
else
{
mbuf_free(m);
return ENXIO;
}
}
/* Target Hardware */
if (target_hw == 0)
bcopy(fwbroadcastaddr, fwh->fw_dhost, sizeof(fwh->fw_dhost));
else
bcopy(CONST_LLADDR(target_hw), fwh->fw_dhost, sizeof(fwh->fw_dhost));
/* Target IP */
fwa->targetIpAddress = target_ip->sin_addr.s_addr;
ifnet_output_raw(ifp, PF_INET, m);
return 0;
}
// Temporarily stuff a vlan tag back into a packet so that tag shows up to bpf.
// We do it by creating a temp header mbuf with the enet/vlan header in it and
// then point its next field to the proper place (after the dest+src addresses) in the original
// mbuf.
void IOEthernetInterface::_fixupVlanPacket(mbuf_t mt, u_int16_t vlan_tag, int inputPacket)
{
mbuf_t newmb;
mbuf_t chain;
size_t remainingBytes;
size_t copyBytes = 0; //initialize to prevent annoying, incorrect warning that it's used uninitialized
char * destptr;
if( mbuf_gethdr(MBUF_DONTWAIT, MT_DATA, &newmb) )
return;
//init enough of the mbuf to keep bpf happy
mbuf_setlen(newmb, ETHER_ADDR_LEN*2 + VLAN_HEADER_LEN);
mbuf_pkthdr_setlen(newmb, mbuf_pkthdr_len( mt ) + VLAN_HEADER_LEN);
mbuf_pkthdr_setrcvif(newmb, mbuf_pkthdr_rcvif( mt ) );
//now walk the incoming mbuf to copy out its dst & src address and
//locate the type/len field in the packet.
chain = mt;
remainingBytes = ETHER_ADDR_LEN*2;
destptr = (char *)mbuf_data( newmb );
while(chain && remainingBytes)
{
copyBytes = remainingBytes > mbuf_len( chain ) ? mbuf_len( chain ): remainingBytes;
remainingBytes -= copyBytes;
bcopy( mbuf_data( chain ), destptr, copyBytes);
destptr += copyBytes;
if (mbuf_len( chain ) == copyBytes) //we've completely drained this mbuf
{
chain = mbuf_next( chain ); //advance to next
copyBytes = 0; //if we break out of loop now, make sure the offset is correct
}
}
// chain points to the mbuf that contains the packet data with type/len field
// and copyBytes indicates the offset it's at.
if(chain==0 || remainingBytes)
{
mbuf_freem( newmb );
return; //if we can't munge the packet, just return
}
//patch mbuf so its data points after the dst+src address
mbuf_setdata(chain, (char *)mbuf_data( chain ) + copyBytes, mbuf_len( chain ) - copyBytes );
//finish setting up our head mbuf
*(short *)(destptr) = htons(ETHERTYPE_VLAN); //vlan magic number
*(short *)(destptr + 2) = htons( vlan_tag ); // and the tag's value
mbuf_setnext( newmb, chain ); //stick it infront of the rest of the packet
// feed the tap
if(inputPacket)
super::feedPacketInputTap( newmb );
else
super::feedPacketOutputTap( newmb );
//release the fake header
mbuf_setnext( newmb, NULL );
mbuf_freem( newmb );
//and repair our old mbuf
mbuf_setdata( chain, (char *)mbuf_data( chain ) - copyBytes, mbuf_len( chain ) + copyBytes );
}
NTSTATUS
SMBRawTransaction(
SMBHANDLE inConnection,
const void *lpInBuffer,
size_t nInBufferSize,
void *lpOutBuffer,
size_t nOutBufferSize,
size_t *lpBytesRead)
{
NTSTATUS status;
int err;
void * hContext;
struct smb_header header;
mbuf_t words = NULL;
mbuf_t bytes = NULL;
mbuf_t response = NULL;
size_t len;
const void * ptr;
bzero(&header, sizeof(header));
status = SMBServerContext(inConnection, &hContext);
if (!NT_SUCCESS(status)) {
return status;
}
if ((size_t)nInBufferSize < sizeof(struct smb_header) ||
(size_t)nOutBufferSize < sizeof(struct smb_header)) {
err = STATUS_BUFFER_TOO_SMALL;
goto errout;
}
/* Split the request buffer into the header, the parameter words and the
* data bytes.
*/
ptr = lpInBuffer;
ADVANCE(ptr, sizeof(uint32_t));
header.command = *(uint8_t *)ptr;
if ((size_t)nInBufferSize < (sizeof(struct smb_header) + sizeof(uint8_t))) {
err = STATUS_BUFFER_TOO_SMALL;
goto errout;
}
ptr = lpInBuffer;
ADVANCE(ptr, sizeof(struct smb_header));
len = (*(uint8_t *)ptr) * sizeof(uint16_t);
ADVANCE(ptr, sizeof(uint8_t)); /* skip word_count field */
if (mbuf_attachcluster(MBUF_WAITOK, MBUF_TYPE_DATA, &words, (void *)ptr, NULL, len, NULL)) {
err = STATUS_NO_MEMORY;
goto errout;
}
mbuf_setlen(words, len);
ADVANCE(ptr, len); /* skip parameter words */
if ((uintptr_t)ptr > ((uintptr_t)lpInBuffer + nInBufferSize) ||
(uintptr_t)ptr < (uintptr_t)mbuf_data(words)) {
err = STATUS_MARSHALL_OVERFLOW;
goto errout;
}
len = OSReadLittleInt16(ptr, 0);
ADVANCE(ptr, sizeof(uint16_t)); /* skip byte_count field */
if (mbuf_attachcluster(MBUF_WAITOK, MBUF_TYPE_DATA, &bytes, (void *)ptr, NULL, len, NULL)) {
err = STATUS_NO_MEMORY;
goto errout;
}
mbuf_setlen(bytes, len);
ADVANCE(ptr, len);
if ((uintptr_t)ptr > ((uintptr_t)lpInBuffer + nInBufferSize) ||
(uintptr_t)ptr < (uintptr_t)mbuf_data(bytes)) {
err = STATUS_MARSHALL_OVERFLOW;
goto errout;
}
/* Set up the response buffer so that we leave room to place the
* SMB header at the front.
*/
len = (size_t)(nOutBufferSize - sizeof(struct smb_header));
if (mbuf_attachcluster(MBUF_WAITOK, MBUF_TYPE_DATA, &response, ((uint8_t *)lpOutBuffer + sizeof(struct smb_header)), NULL, len, NULL)) {
err = STATUS_NO_MEMORY;
goto errout;
}
err = smb_ioc_request(hContext, &header, words, bytes, response);
if (err) {
err = STATUS_IO_DEVICE_ERROR;
goto errout;
}
/* Stash the new SMB header at the front of the output buffer so the
* caller gets the server status code, etc.
*/
memcpy(lpOutBuffer, lpInBuffer, sizeof(header));
OSWriteLittleInt32(lpOutBuffer, 0, *(const uint32_t *)(void *)SMB_SIGNATURE);
OSWriteLittleInt32(lpOutBuffer, offsetof(struct smb_header, status),
header.status);
OSWriteLittleInt16(lpOutBuffer, offsetof(struct smb_header, flags),
header.flags);
OSWriteLittleInt32(lpOutBuffer, offsetof(struct smb_header, flags2),
header.flags2);
*lpBytesRead = mbuf_len(response) + sizeof(struct smb_header);
/* We return success, even though the server may have failed the call. The
* caller is responsible for parsing the reply packet and looking at the
* status field in the header.
*/
err = STATUS_SUCCESS;
errout:
if (words)
mbuf_freem(words);
if (bytes)
mbuf_freem(bytes);
if (response)
mbuf_freem(response);
return err;
}
/*
* Do a remote procedure call (RPC) and wait for its reply.
* If from_p is non-null, then we are doing broadcast, and
* the address from whence the response came is saved there.
*/
int
krpc_call(
struct sockaddr_in *sa,
u_int sotype, u_int prog, u_int vers, u_int func,
mbuf_t *data, /* input/output */
struct sockaddr_in *from_p) /* output */
{
socket_t so;
struct sockaddr_in *sin;
mbuf_t m, nam, mhead;
struct rpc_call *call;
struct rpc_reply *reply;
int error, timo, secs;
size_t len;
static u_int32_t xid = ~0xFF;
u_int16_t tport;
size_t maxpacket = 1<<16;
/*
* Validate address family.
* Sorry, this is INET specific...
*/
if (sa->sin_family != AF_INET)
return (EAFNOSUPPORT);
/* Free at end if not null. */
nam = mhead = NULL;
/*
* Create socket and set its recieve timeout.
*/
if ((error = sock_socket(AF_INET, sotype, 0, 0, 0, &so)))
goto out1;
{
struct timeval tv;
tv.tv_sec = 1;
tv.tv_usec = 0;
if ((error = sock_setsockopt(so, SOL_SOCKET, SO_RCVTIMEO, &tv, sizeof(tv))))
goto out;
}
/*
* Enable broadcast if necessary.
*/
if (from_p && (sotype == SOCK_DGRAM)) {
int on = 1;
if ((error = sock_setsockopt(so, SOL_SOCKET, SO_BROADCAST, &on, sizeof(on))))
goto out;
}
/*
* Bind the local endpoint to a reserved port,
* because some NFS servers refuse requests from
* non-reserved (non-privileged) ports.
*/
if ((error = mbuf_get(MBUF_WAITOK, MBUF_TYPE_SONAME, &m)))
goto out;
sin = mbuf_data(m);
bzero(sin, sizeof(*sin));
mbuf_setlen(m, sizeof(*sin));
sin->sin_len = sizeof(*sin);
sin->sin_family = AF_INET;
sin->sin_addr.s_addr = INADDR_ANY;
tport = IPPORT_RESERVED;
do {
tport--;
sin->sin_port = htons(tport);
error = sock_bind(so, (struct sockaddr*)sin);
} while (error == EADDRINUSE &&
tport > IPPORT_RESERVED / 2);
mbuf_freem(m);
m = NULL;
if (error) {
printf("bind failed\n");
goto out;
}
/*
* Setup socket address for the server.
*/
if ((error = mbuf_get(MBUF_WAITOK, MBUF_TYPE_SONAME, &nam)))
goto out;
sin = mbuf_data(nam);
mbuf_setlen(nam, sa->sin_len);
bcopy((caddr_t)sa, (caddr_t)sin, sa->sin_len);
if (sotype == SOCK_STREAM) {
struct timeval tv;
tv.tv_sec = 60;
tv.tv_usec = 0;
error = sock_connect(so, mbuf_data(nam), MSG_DONTWAIT);
if (error && (error != EINPROGRESS))
goto out;
error = sock_connectwait(so, &tv);
if (error) {
if (error == EINPROGRESS)
error = ETIMEDOUT;
printf("krpc_call: error waiting for TCP socket connect: %d\n", error);
goto out;
}
}
/*
* Prepend RPC message header.
*/
m = *data;
*data = NULL;
#if DIAGNOSTIC
if ((mbuf_flags(m) & MBUF_PKTHDR) == 0)
panic("krpc_call: send data w/o pkthdr");
if (mbuf_pkthdr_len(m) < mbuf_len(m))
panic("krpc_call: pkthdr.len not set");
#endif
len = sizeof(*call);
if (sotype == SOCK_STREAM)
len += 4; /* account for RPC record marker */
mhead = m;
if ((error = mbuf_prepend(&mhead, len, MBUF_WAITOK)))
goto out;
if ((error = mbuf_pkthdr_setrcvif(mhead, NULL)))
goto out;
/*
* Fill in the RPC header
*/
if (sotype == SOCK_STREAM) {
/* first, fill in RPC record marker */
u_int32_t *recmark = mbuf_data(mhead);
*recmark = htonl(0x80000000 | (mbuf_pkthdr_len(mhead) - 4));
call = (struct rpc_call *)(recmark + 1);
} else {
call = mbuf_data(mhead);
}
bzero((caddr_t)call, sizeof(*call));
xid++;
call->rp_xid = htonl(xid);
/* call->rp_direction = 0; */
call->rp_rpcvers = htonl(2);
call->rp_prog = htonl(prog);
call->rp_vers = htonl(vers);
call->rp_proc = htonl(func);
/* call->rp_auth = 0; */
/* call->rp_verf = 0; */
/*
* Send it, repeatedly, until a reply is received,
* but delay each re-send by an increasing amount.
* If the delay hits the maximum, start complaining.
*/
timo = 0;
for (;;) {
struct msghdr msg;
/* Send RPC request (or re-send). */
if ((error = mbuf_copym(mhead, 0, MBUF_COPYALL, MBUF_WAITOK, &m)))
goto out;
bzero(&msg, sizeof(msg));
if (sotype == SOCK_STREAM) {
msg.msg_name = NULL;
msg.msg_namelen = 0;
} else {
msg.msg_name = mbuf_data(nam);
msg.msg_namelen = mbuf_len(nam);
}
error = sock_sendmbuf(so, &msg, m, 0, 0);
if (error) {
printf("krpc_call: sosend: %d\n", error);
goto out;
}
m = NULL;
/* Determine new timeout. */
if (timo < MAX_RESEND_DELAY)
timo++;
else
printf("RPC timeout for server " IP_FORMAT "\n",
IP_LIST(&(sin->sin_addr.s_addr)));
/*
* Wait for up to timo seconds for a reply.
* The socket receive timeout was set to 1 second.
*/
secs = timo;
while (secs > 0) {
size_t readlen;
if (m) {
mbuf_freem(m);
m = NULL;
}
if (sotype == SOCK_STREAM) {
int maxretries = 60;
struct iovec aio;
aio.iov_base = &len;
aio.iov_len = sizeof(u_int32_t);
bzero(&msg, sizeof(msg));
msg.msg_iov = &aio;
msg.msg_iovlen = 1;
do {
error = sock_receive(so, &msg, MSG_WAITALL, &readlen);
if ((error == EWOULDBLOCK) && (--maxretries <= 0))
error = ETIMEDOUT;
} while (error == EWOULDBLOCK);
if (!error && readlen < aio.iov_len) {
/* only log a message if we got a partial word */
if (readlen != 0)
printf("short receive (%ld/%ld) from server " IP_FORMAT "\n",
readlen, sizeof(u_int32_t), IP_LIST(&(sin->sin_addr.s_addr)));
error = EPIPE;
}
if (error)
goto out;
len = ntohl(len) & ~0x80000000;
/*
* This is SERIOUS! We are out of sync with the sender
* and forcing a disconnect/reconnect is all I can do.
*/
if (len > maxpacket) {
printf("impossible packet length (%ld) from server " IP_FORMAT "\n",
len, IP_LIST(&(sin->sin_addr.s_addr)));
error = EFBIG;
goto out;
}
do {
readlen = len;
error = sock_receivembuf(so, NULL, &m, MSG_WAITALL, &readlen);
} while (error == EWOULDBLOCK);
if (!error && (len > readlen)) {
printf("short receive (%ld/%ld) from server " IP_FORMAT "\n",
readlen, len, IP_LIST(&(sin->sin_addr.s_addr)));
error = EPIPE;
}
} else {
len = maxpacket;
readlen = len;
bzero(&msg, sizeof(msg));
msg.msg_name = from_p;
msg.msg_namelen = (from_p == NULL) ? 0 : sizeof(*from_p);
error = sock_receivembuf(so, &msg, &m, 0, &readlen);
}
if (error == EWOULDBLOCK) {
secs--;
continue;
}
if (error)
goto out;
len = readlen;
/* Does the reply contain at least a header? */
if (len < MIN_REPLY_HDR)
continue;
if (mbuf_len(m) < MIN_REPLY_HDR)
continue;
reply = mbuf_data(m);
/* Is it the right reply? */
if (reply->rp_direction != htonl(RPC_REPLY))
continue;
if (reply->rp_xid != htonl(xid))
continue;
/* Was RPC accepted? (authorization OK) */
if (reply->rp_astatus != 0) {
error = ntohl(reply->rp_u.rpu_errno);
printf("rpc denied, error=%d\n", error);
/* convert rpc error to errno */
switch (error) {
case RPC_MISMATCH:
error = ERPCMISMATCH;
break;
case RPC_AUTHERR:
error = EAUTH;
break;
}
goto out;
}
if (mbuf_len(m) < REPLY_SIZE) {
error = RPC_SYSTEM_ERR;
}
else {
error = ntohl(reply->rp_u.rpu_ok.rp_rstatus);
}
/* Did the call succeed? */
if (error != 0) {
printf("rpc status=%d\n", error);
/* convert rpc error to errno */
switch (error) {
case RPC_PROGUNAVAIL:
error = EPROGUNAVAIL;
break;
case RPC_PROGMISMATCH:
error = EPROGMISMATCH;
break;
case RPC_PROCUNAVAIL:
error = EPROCUNAVAIL;
break;
case RPC_GARBAGE:
error = EINVAL;
break;
case RPC_SYSTEM_ERR:
error = EIO;
break;
}
goto out;
}
goto gotreply; /* break two levels */
} /* while secs */
} /* forever send/receive */
error = ETIMEDOUT;
goto out;
gotreply:
/*
* Pull as much as we can into first mbuf, to make
* result buffer contiguous. Note that if the entire
* result won't fit into one mbuf, you're out of luck.
* XXX - Should not rely on making the entire reply
* contiguous (fix callers instead). -gwr
*/
#if DIAGNOSTIC
if ((mbuf_flags(m) & MBUF_PKTHDR) == 0)
panic("krpc_call: received pkt w/o header?");
#endif
len = mbuf_pkthdr_len(m);
if (sotype == SOCK_STREAM)
len -= 4; /* the RPC record marker was read separately */
if (mbuf_len(m) < len) {
if ((error = mbuf_pullup(&m, len)))
goto out;
reply = mbuf_data(m);
}
/*
* Strip RPC header
*/
len = sizeof(*reply);
if (reply->rp_u.rpu_ok.rp_auth.rp_atype != 0) {
len += ntohl(reply->rp_u.rpu_ok.rp_auth.rp_alen);
len = (len + 3) & ~3; /* XXX? */
}
mbuf_adj(m, len);
/* result */
*data = m;
out:
sock_close(so);
out1:
if (nam) mbuf_freem(nam);
if (mhead) mbuf_freem(mhead);
return error;
}
/*
* copies a uio scatter/gather list to an mbuf chain.
* This version returns the mbuf list and does not use "nd".
* NOTE: can ony handle iovcnt == 1
*/
struct mbuf *
nfsm_uiombuflist(struct uio *uiop, int siz, struct mbuf **mbp, char **cpp)
{
char *uiocp;
struct mbuf *mp, *mp2, *firstmp;
int xfer, left, mlen;
int uiosiz, clflg;
char *tcp;
KASSERT(uiop->uio_iovcnt == 1, ("nfsm_uiotombuf: iovcnt != 1"));
if (siz > ncl_mbuf_mlen) /* or should it >= MCLBYTES ?? */
clflg = 1;
else
clflg = 0;
if (clflg != 0)
NFSMCLGET(mp, M_WAITOK);
else
NFSMGET(mp);
mbuf_setlen(mp, 0);
firstmp = mp2 = mp;
while (siz > 0) {
left = uiop->uio_iov->iov_len;
uiocp = uiop->uio_iov->iov_base;
if (left > siz)
left = siz;
uiosiz = left;
while (left > 0) {
mlen = M_TRAILINGSPACE(mp);
if (mlen == 0) {
if (clflg)
NFSMCLGET(mp, M_WAITOK);
else
NFSMGET(mp);
mbuf_setlen(mp, 0);
mbuf_setnext(mp2, mp);
mp2 = mp;
mlen = M_TRAILINGSPACE(mp);
}
xfer = (left > mlen) ? mlen : left;
if (uiop->uio_segflg == UIO_SYSSPACE)
NFSBCOPY(uiocp, NFSMTOD(mp, caddr_t) +
mbuf_len(mp), xfer);
else
copyin(uiocp, NFSMTOD(mp, caddr_t) +
mbuf_len(mp), xfer);
mbuf_setlen(mp, mbuf_len(mp) + xfer);
left -= xfer;
uiocp += xfer;
uiop->uio_offset += xfer;
uiop->uio_resid -= xfer;
}
tcp = (char *)uiop->uio_iov->iov_base;
tcp += uiosiz;
uiop->uio_iov->iov_base = (void *)tcp;
uiop->uio_iov->iov_len -= uiosiz;
siz -= uiosiz;
}
if (cpp != NULL)
*cpp = NFSMTOD(mp, caddr_t) + mbuf_len(mp);
if (mbp != NULL)
*mbp = mp;
return (firstmp);
}
mbuf_t darwin_iwi3945::mergePacket(mbuf_t m)
{
mbuf_t nm,nm2;
int offset;
if(!mbuf_next(m))
{
offset = (4 - ((int)(mbuf_data(m)) & 3)) % 4; //packet needs to be 4 byte aligned
if (offset==0) return m;
IWI_DEBUG_FULL("this packet dont have mbuf_next, merge is not required\n");
goto copy_packet;
}
/* allocate and Initialize New mbuf */
nm = allocatePacket(mbuf_pkthdr_len(m));
if (nm==0) return NULL;
//if (mbuf_getpacket(MBUF_WAITOK, &nm)!=0) return NULL;
mbuf_setlen(nm,0);
mbuf_pkthdr_setlen(nm,0);
if( mbuf_next(nm)) IWI_ERR("merged mbuf_next\n");
/* merging chains to single mbuf */
for (nm2 = m; nm2; nm2 = mbuf_next(nm2)) {
memcpy (skb_put (nm, mbuf_len(nm2)), (UInt8*)mbuf_data(nm2), mbuf_len(nm2));
}
/* checking if merged or not. */
if( mbuf_len(nm) == mbuf_pkthdr_len(m) )
{
if (m!=NULL)
if (!(mbuf_type(m) == MBUF_TYPE_FREE)) freePacket(m);
m=NULL;
return nm;
}
/* merging is not completed. */
IWI_LOG("mergePacket is failed: data copy dont work collectly\n");
//IWI_LOG("orig_len %d orig_pktlen %d new_len %d new_pktlen %d\n",
// mbuf_len(m),mbuf_pkthdr_len(m),
// mbuf_len(nm),mbuf_pkthdr_len(nm) );
if (m!=NULL)
if (!(mbuf_type(m) == MBUF_TYPE_FREE)) freePacket(m);
m=NULL;
if (nm!=NULL)
if (!(mbuf_type(nm) == MBUF_TYPE_FREE) ) freePacket(nm);
nm=NULL;
return NULL;
copy_packet:
if (mbuf_dup(m, MBUF_WAITOK , &nm)!=0)
{
if (m!=NULL)
if (!(mbuf_type(m) == MBUF_TYPE_FREE)) freePacket(m);
m=NULL;
return NULL;
}
if (m!=NULL)
if (!(mbuf_type(m) == MBUF_TYPE_FREE) ) freePacket(m);
m=NULL;
return nm;
//return copyPacket(m, 0);
}
static inline bool analyseSegments(
mbuf_t packet, /* input packet mbuf */
const UInt32 mbufsInCache, /* number of entries in segsPerMBuf[] */
const UInt32 segsPerMBuf[], /* segments required per mbuf */
SInt32 numSegs, /* total number of segments */
const UInt32 maxSegs) /* max controller segments per mbuf */
{
mbuf_t newPacket; // output mbuf chain.
mbuf_t out; // current output mbuf link.
SInt32 outSize; // size of current output mbuf link.
SInt32 outSegs; // segments for current output mbuf link.
SInt32 doneSegs; // segments for output mbuf chain.
SInt32 outLen; // remaining length of input buffer.
mbuf_t in = packet; // save the original input packet pointer.
UInt32 inIndex = 0;
const uint32_t c_mlen = mbuf_get_mlen();
// Allocate a mbuf (non header mbuf) to begin the output mbuf chain.
if(mbuf_get(MBUF_DONTWAIT, MT_DATA, &newPacket))
{
ERROR_LOG("analyseSegments: MGET() 1 error\n");
return false;
}
/* Initialise outgoing packet controls */
out = newPacket;
outSize = c_mlen;
doneSegs = outSegs = outLen = 0;
// numSegs stores the delta between the total and the max. For each
// input mbuf consumed, we decrement numSegs.
//
numSegs -= maxSegs;
// Loop through the input packet mbuf 'in' and construct a new mbuf chain
// large enough to make (numSegs + doneSegs + outSegs) less than or
// equal to zero.
//
do {
uintptr_t vmo;
outLen += mbuf_len(in);
while (outLen > outSize) {
// Oh dear the current outgoing length is too big.
if (outSize != MCLBYTES) {
// Current mbuf is not yet a cluster so promote, then
// check for error.
if(mbuf_mclget(MBUF_DONTWAIT, MT_DATA, &out) || !(mbuf_flags(out) & MBUF_EXT) )
{
ERROR_LOG("analyseSegments: MCLGET() error\n");
goto bombAnalysis;
}
outSize = MCLBYTES;
continue;
}
vmo = (uintptr_t)mbuf_data(out);
mbuf_setlen(out, MCLBYTES); /* Fill in target copy size */
doneSegs += (round_page(vmo + MCLBYTES) - trunc_page(vmo))
/ PAGE_SIZE;
// If the number of segments of the output chain, plus
// the segment for the mbuf we are about to allocate is greater
// than maxSegs, then abort.
//
if (doneSegs + 1 > (int) maxSegs) {
ERROR_LOG("analyseSegments: maxSegs limit 1 reached! %ld %ld\n",
doneSegs, maxSegs);
goto bombAnalysis;
}
mbuf_t tempmbuf;
if(mbuf_get(MBUF_DONTWAIT, MT_DATA, &tempmbuf))
{
ERROR_LOG("analyseSegments: MGET() error\n");
goto bombAnalysis;
}
mbuf_setnext(out, tempmbuf);
out = tempmbuf;
outSize = c_mlen;
outLen -= MCLBYTES;
}
// Compute number of segment in current outgoing mbuf.
vmo = (uintptr_t)mbuf_data(out);
outSegs = ((SInt32)round_page(vmo + outLen) - (SInt32)trunc_page(vmo)) / (SInt32)PAGE_SIZE;
if (doneSegs + outSegs > (int) maxSegs) {
ERROR_LOG("analyseSegments: maxSegs limit 2 reached! %ld %ld %ld\n",
doneSegs, outSegs, maxSegs);
goto bombAnalysis;
}
// Get the number of segments in the current inbuf
if (inIndex < mbufsInCache)
numSegs -= segsPerMBuf[inIndex]; // Yeah, in cache
else {
// Hmm, we have to recompute from scratch. Copy code from genPhys.
int thisLen = 0, mbufLen;
vmo = (uintptr_t)mbuf_data(in);
for (mbufLen = (SInt32)mbuf_len(in); mbufLen; mbufLen -= thisLen) {
thisLen = MIN((SInt32)next_page(vmo), (SInt32)(vmo + mbufLen)) - (SInt32)vmo;
vmo += thisLen;
numSegs--;
}
}
// Walk the incoming buffer on one.
in = mbuf_next(in);
inIndex++;
// continue looping until the total number of segments has dropped
// to an acceptable level, or if we ran out of mbuf links.
} while (in && ((numSegs + doneSegs + outSegs) > 0));
if ( (int) (numSegs + doneSegs + outSegs) <= 0) { // success
mbuf_setlen(out, outLen); // Set last mbuf with the remaining length.
// The amount to copy is determine by the segment length in each
// mbuf linked to newPacket. The sum can be smaller than
// packet->pkthdr.len;
//
coalesceSegments(packet, newPacket);
// The initial header mbuf is preserved, its length set to zero, and
// linked to the new packet chain.
// coalesceSegments() has already freed the mbufs that it coalesced into the newPacket chain.
// It also hooked the remaining chain pointed to by "in" to the end of the newPacket chain.
// All that remains is to set packet's len to 0 (to "free" the contents that coalesceSegments copied out)
// and make it the head of the new chain.
mbuf_setlen(packet , 0 );
mbuf_setnext(packet, newPacket);
return true;
}
bombAnalysis:
mbuf_freem(newPacket);
return false;
}
