int
mpw_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data)
{
struct ifreq *ifr = (struct ifreq *) data;
struct mpw_softc *sc = ifp->if_softc;
struct sockaddr_in *sin;
struct sockaddr_in *sin_nexthop;
int error = 0;
int s;
struct ifmpwreq imr;
switch (cmd) {
case SIOCSIFMTU:
if (ifr->ifr_mtu < MPE_MTU_MIN ||
ifr->ifr_mtu > MPE_MTU_MAX)
error = EINVAL;
else
ifp->if_mtu = ifr->ifr_mtu;
break;
case SIOCSIFFLAGS:
if ((ifp->if_flags & IFF_UP))
ifp->if_flags |= IFF_RUNNING;
else
ifp->if_flags &= ~IFF_RUNNING;
break;
case SIOCSETMPWCFG:
error = suser(curproc, 0);
if (error != 0)
break;
error = copyin(ifr->ifr_data, &imr, sizeof(imr));
if (error != 0)
break;
/* Teardown all configuration if got no nexthop */
sin = (struct sockaddr_in *) &imr.imr_nexthop;
if (sin->sin_addr.s_addr == 0) {
s = splsoftnet();
if (rt_ifa_del(&sc->sc_ifa, RTF_MPLS,
smplstosa(&sc->sc_smpls)) == 0)
sc->sc_smpls.smpls_label = 0;
splx(s);
memset(&sc->sc_rshim, 0, sizeof(sc->sc_rshim));
memset(&sc->sc_nexthop, 0, sizeof(sc->sc_nexthop));
sc->sc_flags = 0;
sc->sc_type = 0;
break;
}
/* Validate input */
if (sin->sin_family != AF_INET ||
imr.imr_lshim.shim_label > MPLS_LABEL_MAX ||
imr.imr_lshim.shim_label <= MPLS_LABEL_RESERVED_MAX ||
imr.imr_rshim.shim_label > MPLS_LABEL_MAX ||
imr.imr_rshim.shim_label <= MPLS_LABEL_RESERVED_MAX) {
error = EINVAL;
break;
}
/* Setup labels and create inbound route */
imr.imr_lshim.shim_label =
htonl(imr.imr_lshim.shim_label << MPLS_LABEL_OFFSET);
imr.imr_rshim.shim_label =
htonl(imr.imr_rshim.shim_label << MPLS_LABEL_OFFSET);
if (sc->sc_smpls.smpls_label != imr.imr_lshim.shim_label) {
s = splsoftnet();
if (sc->sc_smpls.smpls_label)
rt_ifa_del(&sc->sc_ifa, RTF_MPLS,
smplstosa(&sc->sc_smpls));
sc->sc_smpls.smpls_label = imr.imr_lshim.shim_label;
error = rt_ifa_add(&sc->sc_ifa, RTF_MPLS,
smplstosa(&sc->sc_smpls));
splx(s);
if (error != 0) {
sc->sc_smpls.smpls_label = 0;
break;
}
}
/* Apply configuration */
sc->sc_flags = imr.imr_flags;
sc->sc_type = imr.imr_type;
sc->sc_rshim.shim_label = imr.imr_rshim.shim_label;
sc->sc_rshim.shim_label |= MPLS_BOS_MASK;
memset(&sc->sc_nexthop, 0, sizeof(sc->sc_nexthop));
sin_nexthop = (struct sockaddr_in *) &sc->sc_nexthop;
sin_nexthop->sin_family = sin->sin_family;
sin_nexthop->sin_len = sizeof(struct sockaddr_in);
sin_nexthop->sin_addr.s_addr = sin->sin_addr.s_addr;
break;
case SIOCGETMPWCFG:
imr.imr_flags = sc->sc_flags;
imr.imr_type = sc->sc_type;
imr.imr_lshim.shim_label =
((ntohl(sc->sc_smpls.smpls_label & MPLS_LABEL_MASK)) >>
MPLS_LABEL_OFFSET);
imr.imr_rshim.shim_label =
((ntohl(sc->sc_rshim.shim_label & MPLS_LABEL_MASK)) >>
MPLS_LABEL_OFFSET);
memcpy(&imr.imr_nexthop, &sc->sc_nexthop,
sizeof(imr.imr_nexthop));
error = copyout(&imr, ifr->ifr_data, sizeof(imr));
break;
default:
error = ENOTTY;
break;
}
return (error);
}
/*
* Add an mfc entry
*/
int
add_m6fc(struct mf6cctl *mfccp)
{
struct mf6c *rt;
u_long hash;
struct rtdetq *rte;
u_short nstl;
char orig[INET6_ADDRSTRLEN], mcast[INET6_ADDRSTRLEN];
int s;
MF6CFIND(mfccp->mf6cc_origin.sin6_addr,
mfccp->mf6cc_mcastgrp.sin6_addr, rt);
/* If an entry already exists, just update the fields */
if (rt) {
#ifdef MRT6DEBUG
if (mrt6debug & DEBUG_MFC) {
log(LOG_DEBUG,"add_m6fc update o %s g %s p %x\n",
inet_ntop(AF_INET6,
&mfccp->mf6cc_origin.sin6_addr,
orig, sizeof(orig)),
inet_ntop(AF_INET6,
&mfccp->mf6cc_mcastgrp.sin6_addr,
mcast, sizeof(mcast)),
mfccp->mf6cc_parent);
}
#endif
s = splsoftnet();
rt->mf6c_parent = mfccp->mf6cc_parent;
rt->mf6c_ifset = mfccp->mf6cc_ifset;
splx(s);
return 0;
}
/*
* Find the entry for which the upcall was made and update
*/
s = splsoftnet();
hash = MF6CHASH(mfccp->mf6cc_origin.sin6_addr,
mfccp->mf6cc_mcastgrp.sin6_addr);
for (rt = mf6ctable[hash], nstl = 0; rt; rt = rt->mf6c_next) {
if (IN6_ARE_ADDR_EQUAL(&rt->mf6c_origin.sin6_addr,
&mfccp->mf6cc_origin.sin6_addr) &&
IN6_ARE_ADDR_EQUAL(&rt->mf6c_mcastgrp.sin6_addr,
&mfccp->mf6cc_mcastgrp.sin6_addr) &&
(rt->mf6c_stall != NULL)) {
if (nstl++)
log(LOG_ERR,
"add_m6fc: %s o %s g %s p %x dbx %p\n",
"multiple kernel entries",
inet_ntop(AF_INET6,
&mfccp->mf6cc_origin.sin6_addr,
orig, sizeof(orig)),
inet_ntop(AF_INET6,
&mfccp->mf6cc_mcastgrp.sin6_addr,
mcast, sizeof(mcast)),
mfccp->mf6cc_parent, rt->mf6c_stall);
#ifdef MRT6DEBUG
if (mrt6debug & DEBUG_MFC)
log(LOG_DEBUG,
"add_m6fc o %s g %s p %x dbg %x\n",
inet_ntop(AF_INET6,
&mfccp->mf6cc_origin.sin6_addr,
orig, sizeof(orig)),
inet_ntop(AF_INET6,
&mfccp->mf6cc_mcastgrp.sin6_addr,
mcast, sizeof(mcast)),
mfccp->mf6cc_parent, rt->mf6c_stall);
#endif
rt->mf6c_origin = mfccp->mf6cc_origin;
rt->mf6c_mcastgrp = mfccp->mf6cc_mcastgrp;
rt->mf6c_parent = mfccp->mf6cc_parent;
rt->mf6c_ifset = mfccp->mf6cc_ifset;
/* initialize pkt counters per src-grp */
rt->mf6c_pkt_cnt = 0;
rt->mf6c_byte_cnt = 0;
rt->mf6c_wrong_if = 0;
rt->mf6c_expire = 0; /* Don't clean this guy up */
n6expire[hash]--;
/* free packets Qed at the end of this entry */
for (rte = rt->mf6c_stall; rte != NULL; ) {
struct rtdetq *n = rte->next;
if (rte->ifp) {
ip6_mdq(rte->m, rte->ifp, rt);
}
m_freem(rte->m);
free(rte, M_MRTABLE, 0);
rte = n;
}
rt->mf6c_stall = NULL;
}
}
/*
* It is possible that an entry is being inserted without an upcall
*/
if (nstl == 0) {
#ifdef MRT6DEBUG
if (mrt6debug & DEBUG_MFC)
log(LOG_DEBUG,
"add_m6fc no upcall h %d o %s g %s p %x\n",
hash,
inet_ntop(AF_INET6,
&mfccp->mf6cc_origin.sin6_addr,
orig, sizeof(orig)),
inet_ntop(AF_INET6,
&mfccp->mf6cc_mcastgrp.sin6_addr,
mcast, sizeof(mcast)),
mfccp->mf6cc_parent);
#endif
for (rt = mf6ctable[hash]; rt; rt = rt->mf6c_next) {
if (IN6_ARE_ADDR_EQUAL(&rt->mf6c_origin.sin6_addr,
&mfccp->mf6cc_origin.sin6_addr)&&
IN6_ARE_ADDR_EQUAL(&rt->mf6c_mcastgrp.sin6_addr,
&mfccp->mf6cc_mcastgrp.sin6_addr)) {
rt->mf6c_origin = mfccp->mf6cc_origin;
rt->mf6c_mcastgrp = mfccp->mf6cc_mcastgrp;
rt->mf6c_parent = mfccp->mf6cc_parent;
rt->mf6c_ifset = mfccp->mf6cc_ifset;
/* initialize pkt counters per src-grp */
rt->mf6c_pkt_cnt = 0;
rt->mf6c_byte_cnt = 0;
rt->mf6c_wrong_if = 0;
if (rt->mf6c_expire)
n6expire[hash]--;
rt->mf6c_expire = 0;
}
}
if (rt == NULL) {
/* no upcall, so make a new entry */
rt = (struct mf6c *)malloc(sizeof(*rt), M_MRTABLE,
M_NOWAIT);
if (rt == NULL) {
splx(s);
return ENOBUFS;
}
/* insert new entry at head of hash chain */
rt->mf6c_origin = mfccp->mf6cc_origin;
rt->mf6c_mcastgrp = mfccp->mf6cc_mcastgrp;
rt->mf6c_parent = mfccp->mf6cc_parent;
rt->mf6c_ifset = mfccp->mf6cc_ifset;
/* initialize pkt counters per src-grp */
rt->mf6c_pkt_cnt = 0;
rt->mf6c_byte_cnt = 0;
rt->mf6c_wrong_if = 0;
rt->mf6c_expire = 0;
rt->mf6c_stall = NULL;
/* link into table */
rt->mf6c_next = mf6ctable[hash];
mf6ctable[hash] = rt;
}
}
splx(s);
return 0;
}
int
pfi_dynaddr_setup(struct pf_addr_wrap *aw, sa_family_t af)
{
struct pfi_dynaddr *dyn;
char tblname[PF_TABLE_NAME_SIZE];
struct pf_ruleset *ruleset = NULL;
int s, rv = 0;
if (aw->type != PF_ADDR_DYNIFTL)
return (0);
if ((dyn = pool_get(&pfi_addr_pl, PR_NOWAIT)) == NULL)
return (1);
bzero(dyn, sizeof(*dyn));
s = splsoftnet();
if (!strcmp(aw->v.ifname, "self"))
dyn->pfid_kif = pfi_kif_get(IFG_ALL);
else
dyn->pfid_kif = pfi_kif_get(aw->v.ifname);
if (dyn->pfid_kif == NULL) {
rv = 1;
goto _bad;
}
pfi_kif_ref(dyn->pfid_kif, PFI_KIF_REF_RULE);
dyn->pfid_net = pfi_unmask(&aw->v.a.mask);
if (af == AF_INET && dyn->pfid_net == 32)
dyn->pfid_net = 128;
strlcpy(tblname, aw->v.ifname, sizeof(tblname));
if (aw->iflags & PFI_AFLAG_NETWORK)
strlcat(tblname, ":network", sizeof(tblname));
if (aw->iflags & PFI_AFLAG_BROADCAST)
strlcat(tblname, ":broadcast", sizeof(tblname));
if (aw->iflags & PFI_AFLAG_PEER)
strlcat(tblname, ":peer", sizeof(tblname));
if (aw->iflags & PFI_AFLAG_NOALIAS)
strlcat(tblname, ":0", sizeof(tblname));
if (dyn->pfid_net != 128)
snprintf(tblname + strlen(tblname),
sizeof(tblname) - strlen(tblname), "/%d", dyn->pfid_net);
if ((ruleset = pf_find_or_create_ruleset(PF_RESERVED_ANCHOR)) == NULL) {
rv = 1;
goto _bad;
}
if ((dyn->pfid_kt = pfr_attach_table(ruleset, tblname)) == NULL) {
rv = 1;
goto _bad;
}
dyn->pfid_kt->pfrkt_flags |= PFR_TFLAG_ACTIVE;
dyn->pfid_iflags = aw->iflags;
dyn->pfid_af = af;
TAILQ_INSERT_TAIL(&dyn->pfid_kif->pfik_dynaddrs, dyn, entry);
aw->p.dyn = dyn;
pfi_kif_update(dyn->pfid_kif);
splx(s);
return (0);
_bad:
if (dyn->pfid_kt != NULL)
pfr_detach_table(dyn->pfid_kt);
if (ruleset != NULL)
pf_remove_if_empty_ruleset(ruleset);
if (dyn->pfid_kif != NULL)
pfi_kif_unref(dyn->pfid_kif, PFI_KIF_REF_RULE);
pool_put(&pfi_addr_pl, dyn);
splx(s);
return (rv);
}
/*
* Disable multicast routing
*/
int
ip6_mrouter_done(void)
{
mifi_t mifi;
int i;
struct ifnet *ifp;
struct in6_ifreq ifr;
struct mf6c *rt;
struct rtdetq *rte;
int s;
s = splsoftnet();
/*
* For each phyint in use, disable promiscuous reception of all IPv6
* multicasts.
*/
#ifdef MROUTING
/*
* If there is still IPv4 multicast routing daemon,
* we remain interfaces to receive all muliticasted packets.
* XXX: there may be an interface in which the IPv4 multicast
* daemon is not interested...
*/
if (!ip_mrouter)
#endif
{
for (mifi = 0; mifi < nummifs; mifi++) {
if (mif6table[mifi].m6_ifp &&
!(mif6table[mifi].m6_flags & MIFF_REGISTER)) {
memset(&ifr, 0, sizeof(ifr));
ifr.ifr_addr.sin6_family = AF_INET6;
ifr.ifr_addr.sin6_addr= in6addr_any;
ifp = mif6table[mifi].m6_ifp;
(*ifp->if_ioctl)(ifp, SIOCDELMULTI,
(caddr_t)&ifr);
}
}
}
#ifdef notyet
bzero((caddr_t)qtable, sizeof(qtable));
bzero((caddr_t)tbftable, sizeof(tbftable));
#endif
bzero((caddr_t)mif6table, sizeof(mif6table));
nummifs = 0;
pim6 = 0; /* used to stub out/in pim specific code */
timeout_del(&expire_upcalls6_ch);
/*
* Free all multicast forwarding cache entries.
*/
for (i = 0; i < MF6CTBLSIZ; i++) {
rt = mf6ctable[i];
while (rt) {
struct mf6c *frt;
for (rte = rt->mf6c_stall; rte != NULL; ) {
struct rtdetq *n = rte->next;
m_freem(rte->m);
free(rte, M_MRTABLE, 0);
rte = n;
}
frt = rt;
rt = rt->mf6c_next;
free(frt, M_MRTABLE, 0);
}
}
bzero((caddr_t)mf6ctable, sizeof(mf6ctable));
/*
* Reset de-encapsulation cache
*/
reg_mif_num = -1;
ip6_mrouter = NULL;
ip6_mrouter_ver = 0;
splx(s);
#ifdef MRT6DEBUG
if (mrt6debug)
log(LOG_DEBUG, "ip6_mrouter_done\n");
#endif
return 0;
}
/*
* Add a mif to the mif table
*/
int
add_m6if(struct mif6ctl *mifcp)
{
struct mif6 *mifp;
struct ifnet *ifp;
struct in6_ifreq ifr;
int error, s;
#ifdef notyet
struct tbf *m_tbf = tbftable + mifcp->mif6c_mifi;
#endif
if (mifcp->mif6c_mifi >= MAXMIFS)
return EINVAL;
mifp = mif6table + mifcp->mif6c_mifi;
if (mifp->m6_ifp)
return EADDRINUSE; /* XXX: is it appropriate? */
ifp = if_get(mifcp->mif6c_pifi);
if (!ifp)
return ENXIO;
if (mifcp->mif6c_flags & MIFF_REGISTER) {
if (reg_mif_num == (mifi_t)-1) {
strlcpy(multicast_register_if.if_xname,
"register_mif",
sizeof multicast_register_if.if_xname); /* XXX */
multicast_register_if.if_flags |= IFF_LOOPBACK;
multicast_register_if.if_index = mifcp->mif6c_mifi;
reg_mif_num = mifcp->mif6c_mifi;
}
if_put(ifp);
ifp = if_ref(&multicast_register_if);
} /* if REGISTER */
else {
/* Make sure the interface supports multicast */
if ((ifp->if_flags & IFF_MULTICAST) == 0) {
if_put(ifp);
return EOPNOTSUPP;
}
s = splsoftnet();
/*
* Enable promiscuous reception of all IPv6 multicasts
* from the interface.
*/
memset(&ifr, 0, sizeof(ifr));
ifr.ifr_addr.sin6_family = AF_INET6;
ifr.ifr_addr.sin6_addr = in6addr_any;
error = (*ifp->if_ioctl)(ifp, SIOCADDMULTI, (caddr_t)&ifr);
splx(s);
if (error) {
if_put(ifp);
return error;
}
}
s = splsoftnet();
mifp->m6_flags = mifcp->mif6c_flags;
mifp->m6_ifp = ifp;
#ifdef notyet
/* scaling up here allows division by 1024 in critical code */
mifp->m6_rate_limit = mifcp->mif6c_rate_limit * 1024 / 1000;
#endif
/* initialize per mif pkt counters */
mifp->m6_pkt_in = 0;
mifp->m6_pkt_out = 0;
mifp->m6_bytes_in = 0;
mifp->m6_bytes_out = 0;
splx(s);
/* Adjust nummifs up if the mifi is higher than nummifs */
if (nummifs <= mifcp->mif6c_mifi)
nummifs = mifcp->mif6c_mifi + 1;
#ifdef MRT6DEBUG
if (mrt6debug)
log(LOG_DEBUG,
"add_mif #%d, phyint %s\n",
mifcp->mif6c_mifi,
ifp->if_xname);
#endif
if_put(ifp);
return 0;
}
void
nfs_decode_args(struct nfsmount *nmp, struct nfs_args *argp, struct lwp *l)
{
int s;
int adjsock;
int maxio;
s = splsoftnet();
/*
* Silently clear NFSMNT_NOCONN if it's a TCP mount, it makes
* no sense in that context.
*/
if (argp->sotype == SOCK_STREAM)
argp->flags &= ~NFSMNT_NOCONN;
/*
* Cookie translation is not needed for v2, silently ignore it.
*/
if ((argp->flags & (NFSMNT_XLATECOOKIE|NFSMNT_NFSV3)) ==
NFSMNT_XLATECOOKIE)
argp->flags &= ~NFSMNT_XLATECOOKIE;
/* Re-bind if rsrvd port requested and wasn't on one */
adjsock = !(nmp->nm_flag & NFSMNT_RESVPORT)
&& (argp->flags & NFSMNT_RESVPORT);
/* Also re-bind if we're switching to/from a connected UDP socket */
adjsock |= ((nmp->nm_flag & NFSMNT_NOCONN) !=
(argp->flags & NFSMNT_NOCONN));
/* Update flags. */
nmp->nm_flag = argp->flags;
splx(s);
if ((argp->flags & NFSMNT_TIMEO) && argp->timeo > 0) {
nmp->nm_timeo = (argp->timeo * NFS_HZ + 5) / 10;
if (nmp->nm_timeo < NFS_MINTIMEO)
nmp->nm_timeo = NFS_MINTIMEO;
else if (nmp->nm_timeo > NFS_MAXTIMEO)
nmp->nm_timeo = NFS_MAXTIMEO;
}
if ((argp->flags & NFSMNT_RETRANS) && argp->retrans > 1) {
nmp->nm_retry = argp->retrans;
if (nmp->nm_retry > NFS_MAXREXMIT)
nmp->nm_retry = NFS_MAXREXMIT;
}
#ifndef NFS_V2_ONLY
if (argp->flags & NFSMNT_NFSV3) {
if (argp->sotype == SOCK_DGRAM)
maxio = NFS_MAXDGRAMDATA;
else
maxio = NFS_MAXDATA;
} else
#endif
maxio = NFS_V2MAXDATA;
if ((argp->flags & NFSMNT_WSIZE) && argp->wsize > 0) {
int osize = nmp->nm_wsize;
nmp->nm_wsize = argp->wsize;
/* Round down to multiple of blocksize */
nmp->nm_wsize &= ~(NFS_FABLKSIZE - 1);
if (nmp->nm_wsize <= 0)
nmp->nm_wsize = NFS_FABLKSIZE;
adjsock |= (nmp->nm_wsize != osize);
}
if (nmp->nm_wsize > maxio)
nmp->nm_wsize = maxio;
if (nmp->nm_wsize > MAXBSIZE)
nmp->nm_wsize = MAXBSIZE;
if ((argp->flags & NFSMNT_RSIZE) && argp->rsize > 0) {
int osize = nmp->nm_rsize;
nmp->nm_rsize = argp->rsize;
/* Round down to multiple of blocksize */
nmp->nm_rsize &= ~(NFS_FABLKSIZE - 1);
if (nmp->nm_rsize <= 0)
nmp->nm_rsize = NFS_FABLKSIZE;
adjsock |= (nmp->nm_rsize != osize);
}
if (nmp->nm_rsize > maxio)
nmp->nm_rsize = maxio;
if (nmp->nm_rsize > MAXBSIZE)
nmp->nm_rsize = MAXBSIZE;
if ((argp->flags & NFSMNT_READDIRSIZE) && argp->readdirsize > 0) {
nmp->nm_readdirsize = argp->readdirsize;
/* Round down to multiple of minimum blocksize */
nmp->nm_readdirsize &= ~(NFS_DIRFRAGSIZ - 1);
if (nmp->nm_readdirsize < NFS_DIRFRAGSIZ)
nmp->nm_readdirsize = NFS_DIRFRAGSIZ;
/* Bigger than buffer size makes no sense */
if (nmp->nm_readdirsize > NFS_DIRBLKSIZ)
nmp->nm_readdirsize = NFS_DIRBLKSIZ;
} else if (argp->flags & NFSMNT_RSIZE)
nmp->nm_readdirsize = nmp->nm_rsize;
if (nmp->nm_readdirsize > maxio)
nmp->nm_readdirsize = maxio;
if ((argp->flags & NFSMNT_MAXGRPS) && argp->maxgrouplist >= 0 &&
argp->maxgrouplist <= NFS_MAXGRPS)
nmp->nm_numgrps = argp->maxgrouplist;
if ((argp->flags & NFSMNT_READAHEAD) && argp->readahead >= 0 &&
argp->readahead <= NFS_MAXRAHEAD)
nmp->nm_readahead = argp->readahead;
if ((argp->flags & NFSMNT_DEADTHRESH) && argp->deadthresh >= 1 &&
argp->deadthresh <= NFS_NEVERDEAD)
nmp->nm_deadthresh = argp->deadthresh;
adjsock |= ((nmp->nm_sotype != argp->sotype) ||
(nmp->nm_soproto != argp->proto));
nmp->nm_sotype = argp->sotype;
nmp->nm_soproto = argp->proto;
if (nmp->nm_so && adjsock) {
nfs_safedisconnect(nmp);
if (nmp->nm_sotype == SOCK_DGRAM)
while (nfs_connect(nmp, (struct nfsreq *)0, l)) {
printf("nfs_args: retrying connect\n");
kpause("nfscn3", false, hz, NULL);
}
}
}
int
ip6_mforward(struct ip6_hdr *ip6, struct ifnet *ifp, struct mbuf *m)
{
struct mf6c *rt;
struct mif6 *mifp;
struct mbuf *mm;
int s;
mifi_t mifi;
struct sockaddr_in6 sin6;
char src[INET6_ADDRSTRLEN], dst[INET6_ADDRSTRLEN];
inet_ntop(AF_INET6, &ip6->ip6_src, src, sizeof(src));
inet_ntop(AF_INET6, &ip6->ip6_dst, dst, sizeof(dst));
#ifdef MRT6DEBUG
if (mrt6debug & DEBUG_FORWARD)
log(LOG_DEBUG, "ip6_mforward: src %s, dst %s, ifindex %d\n",
src, dst, ifp->if_index);
#endif
/*
* Don't forward a packet with Hop limit of zero or one,
* or a packet destined to a local-only group.
*/
if (ip6->ip6_hlim <= 1 || IN6_IS_ADDR_MC_INTFACELOCAL(&ip6->ip6_dst) ||
IN6_IS_ADDR_MC_LINKLOCAL(&ip6->ip6_dst))
return 0;
ip6->ip6_hlim--;
/*
* Source address check: do not forward packets with unspecified
* source. It was discussed in July 2000, on ipngwg mailing list.
* This is rather more serious than unicast cases, because some
* MLD packets can be sent with the unspecified source address
* (although such packets must normally set 1 to the hop limit field).
*/
if (IN6_IS_ADDR_UNSPECIFIED(&ip6->ip6_src)) {
ip6stat.ip6s_cantforward++;
if (ip6_log_time + ip6_log_interval < time_second) {
ip6_log_time = time_second;
log(LOG_DEBUG,
"cannot forward "
"from %s to %s nxt %d received on interface %u\n",
src, dst,
ip6->ip6_nxt,
m->m_pkthdr.ph_ifidx);
}
return 0;
}
/*
* Determine forwarding mifs from the forwarding cache table
*/
s = splsoftnet();
MF6CFIND(ip6->ip6_src, ip6->ip6_dst, rt);
/* Entry exists, so forward if necessary */
if (rt) {
splx(s);
return (ip6_mdq(m, ifp, rt));
} else {
/*
* If we don't have a route for packet's origin,
* Make a copy of the packet &
* send message to routing daemon
*/
struct mbuf *mb0;
struct rtdetq *rte;
u_long hash;
mrt6stat.mrt6s_no_route++;
#ifdef MRT6DEBUG
if (mrt6debug & (DEBUG_FORWARD | DEBUG_MFC))
log(LOG_DEBUG, "ip6_mforward: no rte s %s g %s\n",
src, dst);
#endif
/*
* Allocate mbufs early so that we don't do extra work if we
* are just going to fail anyway.
*/
rte = (struct rtdetq *)malloc(sizeof(*rte), M_MRTABLE,
M_NOWAIT);
if (rte == NULL) {
splx(s);
return ENOBUFS;
}
mb0 = m_copym(m, 0, M_COPYALL, M_NOWAIT);
/*
* Pullup packet header if needed before storing it,
* as other references may modify it in the meantime.
*/
if (mb0 &&
(M_READONLY(mb0) || mb0->m_len < sizeof(struct ip6_hdr)))
mb0 = m_pullup(mb0, sizeof(struct ip6_hdr));
if (mb0 == NULL) {
free(rte, M_MRTABLE, 0);
splx(s);
return ENOBUFS;
}
/* is there an upcall waiting for this packet? */
hash = MF6CHASH(ip6->ip6_src, ip6->ip6_dst);
for (rt = mf6ctable[hash]; rt; rt = rt->mf6c_next) {
if (IN6_ARE_ADDR_EQUAL(&ip6->ip6_src,
&rt->mf6c_origin.sin6_addr) &&
IN6_ARE_ADDR_EQUAL(&ip6->ip6_dst,
&rt->mf6c_mcastgrp.sin6_addr) &&
(rt->mf6c_stall != NULL))
break;
}
if (rt == NULL) {
struct mrt6msg *im;
/* no upcall, so make a new entry */
rt = (struct mf6c *)malloc(sizeof(*rt), M_MRTABLE,
M_NOWAIT);
if (rt == NULL) {
free(rte, M_MRTABLE, 0);
m_freem(mb0);
splx(s);
return ENOBUFS;
}
/*
* Make a copy of the header to send to the user
* level process
*/
mm = m_copym(mb0, 0, sizeof(struct ip6_hdr), M_NOWAIT);
if (mm == NULL) {
free(rte, M_MRTABLE, 0);
m_freem(mb0);
free(rt, M_MRTABLE, 0);
splx(s);
return ENOBUFS;
}
/*
* Send message to routing daemon
*/
(void)memset(&sin6, 0, sizeof(sin6));
sin6.sin6_len = sizeof(sin6);
sin6.sin6_family = AF_INET6;
sin6.sin6_addr = ip6->ip6_src;
im = NULL;
switch (ip6_mrouter_ver) {
case MRT6_INIT:
im = mtod(mm, struct mrt6msg *);
im->im6_msgtype = MRT6MSG_NOCACHE;
im->im6_mbz = 0;
break;
default:
free(rte, M_MRTABLE, 0);
m_freem(mb0);
free(rt, M_MRTABLE, 0);
splx(s);
return EINVAL;
}
#ifdef MRT6DEBUG
if (mrt6debug & DEBUG_FORWARD)
log(LOG_DEBUG,
"getting the iif info in the kernel\n");
#endif
for (mifp = mif6table, mifi = 0;
mifi < nummifs && mifp->m6_ifp != ifp;
mifp++, mifi++)
;
switch (ip6_mrouter_ver) {
case MRT6_INIT:
im->im6_mif = mifi;
break;
}
if (socket6_send(ip6_mrouter, mm, &sin6) < 0) {
log(LOG_WARNING, "ip6_mforward: ip6_mrouter "
"socket queue full\n");
mrt6stat.mrt6s_upq_sockfull++;
free(rte, M_MRTABLE, 0);
m_freem(mb0);
free(rt, M_MRTABLE, 0);
splx(s);
return ENOBUFS;
}
mrt6stat.mrt6s_upcalls++;
/* insert new entry at head of hash chain */
bzero(rt, sizeof(*rt));
rt->mf6c_origin.sin6_family = AF_INET6;
rt->mf6c_origin.sin6_len = sizeof(struct sockaddr_in6);
rt->mf6c_origin.sin6_addr = ip6->ip6_src;
rt->mf6c_mcastgrp.sin6_family = AF_INET6;
rt->mf6c_mcastgrp.sin6_len = sizeof(struct sockaddr_in6);
rt->mf6c_mcastgrp.sin6_addr = ip6->ip6_dst;
rt->mf6c_expire = UPCALL_EXPIRE;
n6expire[hash]++;
rt->mf6c_parent = MF6C_INCOMPLETE_PARENT;
/* link into table */
rt->mf6c_next = mf6ctable[hash];
mf6ctable[hash] = rt;
/* Add this entry to the end of the queue */
rt->mf6c_stall = rte;
} else {
/* determine if q has overflowed */
struct rtdetq **p;
int npkts = 0;
for (p = &rt->mf6c_stall; *p != NULL; p = &(*p)->next)
if (++npkts > MAX_UPQ6) {
mrt6stat.mrt6s_upq_ovflw++;
free(rte, M_MRTABLE, 0);
m_freem(mb0);
splx(s);
return 0;
}
/* Add this entry to the end of the queue */
*p = rte;
}
rte->next = NULL;
rte->m = mb0;
rte->ifp = ifp;
splx(s);
return 0;
}
/*
* ESP input callback from the crypto driver.
*/
static int
esp_input_cb(struct cryptop *crp)
{
u_int8_t lastthree[3], aalg[AH_HMAC_HASHLEN];
int s, hlen, skip, protoff, error;
struct mbuf *m;
struct cryptodesc *crd;
struct auth_hash *esph;
struct enc_xform *espx;
struct tdb_crypto *tc;
struct m_tag *mtag;
struct secasvar *sav;
struct secasindex *saidx;
void *ptr;
u_int16_t dport = 0;
u_int16_t sport = 0;
#ifdef IPSEC_NAT_T
struct m_tag * tag = NULL;
#endif
crd = crp->crp_desc;
IPSEC_ASSERT(crd != NULL, ("esp_input_cb: null crypto descriptor!"));
tc = (struct tdb_crypto *) crp->crp_opaque;
IPSEC_ASSERT(tc != NULL, ("esp_input_cb: null opaque crypto data area!"));
skip = tc->tc_skip;
protoff = tc->tc_protoff;
mtag = (struct m_tag *) tc->tc_ptr;
m = (struct mbuf *) crp->crp_buf;
#ifdef IPSEC_NAT_T
/* find the source port for NAT-T */
if ((tag = m_tag_find(m, PACKET_TAG_IPSEC_NAT_T_PORTS, NULL))) {
sport = ((u_int16_t *)(tag + 1))[0];
dport = ((u_int16_t *)(tag + 1))[1];
}
#endif
s = splsoftnet();
sav = KEY_ALLOCSA(&tc->tc_dst, tc->tc_proto, tc->tc_spi, sport, dport);
if (sav == NULL) {
ESP_STATINC(ESP_STAT_NOTDB);
DPRINTF(("esp_input_cb: SA expired while in crypto "
"(SA %s/%08lx proto %u)\n", ipsec_address(&tc->tc_dst),
(u_long) ntohl(tc->tc_spi), tc->tc_proto));
error = ENOBUFS; /*XXX*/
goto bad;
}
saidx = &sav->sah->saidx;
IPSEC_ASSERT(saidx->dst.sa.sa_family == AF_INET ||
saidx->dst.sa.sa_family == AF_INET6,
("ah_input_cb: unexpected protocol family %u",
saidx->dst.sa.sa_family));
esph = sav->tdb_authalgxform;
espx = sav->tdb_encalgxform;
/* Check for crypto errors */
if (crp->crp_etype) {
/* Reset the session ID */
if (sav->tdb_cryptoid != 0)
sav->tdb_cryptoid = crp->crp_sid;
if (crp->crp_etype == EAGAIN) {
KEY_FREESAV(&sav);
splx(s);
return crypto_dispatch(crp);
}
ESP_STATINC(ESP_STAT_NOXFORM);
DPRINTF(("esp_input_cb: crypto error %d\n", crp->crp_etype));
error = crp->crp_etype;
goto bad;
}
/* Shouldn't happen... */
if (m == NULL) {
ESP_STATINC(ESP_STAT_CRYPTO);
DPRINTF(("esp_input_cb: bogus returned buffer from crypto\n"));
error = EINVAL;
goto bad;
}
ESP_STATINC(ESP_STAT_HIST + sav->alg_enc);
/* If authentication was performed, check now. */
if (esph != NULL) {
/*
* If we have a tag, it means an IPsec-aware NIC did
* the verification for us. Otherwise we need to
* check the authentication calculation.
*/
AH_STATINC(AH_STAT_HIST + sav->alg_auth);
if (mtag == NULL) {
/* Copy the authenticator from the packet */
m_copydata(m, m->m_pkthdr.len - esph->authsize,
esph->authsize, aalg);
ptr = (tc + 1);
/* Verify authenticator */
if (bcmp(ptr, aalg, esph->authsize) != 0) {
DPRINTF(("esp_input_cb: "
"authentication hash mismatch for packet in SA %s/%08lx\n",
ipsec_address(&saidx->dst),
(u_long) ntohl(sav->spi)));
ESP_STATINC(ESP_STAT_BADAUTH);
error = EACCES;
goto bad;
}
}
/* Remove trailing authenticator */
m_adj(m, -(esph->authsize));
}
/* Release the crypto descriptors */
free(tc, M_XDATA), tc = NULL;
crypto_freereq(crp), crp = NULL;
/*
* Packet is now decrypted.
*/
m->m_flags |= M_DECRYPTED;
/*
* Update replay sequence number, if appropriate.
*/
if (sav->replay) {
u_int32_t seq;
m_copydata(m, skip + offsetof(struct newesp, esp_seq),
sizeof (seq), &seq);
if (ipsec_updatereplay(ntohl(seq), sav)) {
DPRINTF(("%s: packet replay check for %s\n", __func__,
ipsec_logsastr(sav)));
ESP_STATINC(ESP_STAT_REPLAY);
error = ENOBUFS;
goto bad;
}
}
int
sys_accept(struct proc *p, void *v, register_t *retval)
{
struct sys_accept_args /* {
syscallarg(int) s;
syscallarg(struct sockaddr *) name;
syscallarg(socklen_t *) anamelen;
} */ *uap = v;
struct file *fp, *headfp;
struct mbuf *nam;
socklen_t namelen;
int error, s, tmpfd;
struct socket *head, *so;
int nflag;
if (SCARG(uap, name) && (error = copyin(SCARG(uap, anamelen),
&namelen, sizeof (namelen))))
return (error);
if ((error = getsock(p->p_fd, SCARG(uap, s), &fp)) != 0)
return (error);
headfp = fp;
s = splsoftnet();
head = fp->f_data;
redo:
if ((head->so_options & SO_ACCEPTCONN) == 0) {
error = EINVAL;
goto bad;
}
if ((head->so_state & SS_NBIO) && head->so_qlen == 0) {
if (head->so_state & SS_CANTRCVMORE)
error = ECONNABORTED;
else
error = EWOULDBLOCK;
goto bad;
}
while (head->so_qlen == 0 && head->so_error == 0) {
if (head->so_state & SS_CANTRCVMORE) {
head->so_error = ECONNABORTED;
break;
}
error = tsleep(&head->so_timeo, PSOCK | PCATCH, "netcon", 0);
if (error) {
goto bad;
}
}
if (head->so_error) {
error = head->so_error;
head->so_error = 0;
goto bad;
}
/* Take note if socket was non-blocking. */
nflag = (headfp->f_flag & FNONBLOCK);
fdplock(p->p_fd);
error = falloc(p, &fp, &tmpfd);
fdpunlock(p->p_fd);
if (error != 0) {
/*
* Probably ran out of file descriptors. Wakeup
* so some other process might have a chance at it.
*/
wakeup_one(&head->so_timeo);
goto bad;
}
nam = m_get(M_WAIT, MT_SONAME);
/*
* Check whether the queue emptied while we slept: falloc() or
* m_get() may have blocked, allowing the connection to be reset
* or another thread or process to accept it. If so, start over.
*/
if (head->so_qlen == 0) {
m_freem(nam);
fdplock(p->p_fd);
fdremove(p->p_fd, tmpfd);
closef(fp, p);
fdpunlock(p->p_fd);
goto redo;
}
/*
* Do not sleep after we have taken the socket out of the queue.
*/
so = TAILQ_FIRST(&head->so_q);
if (soqremque(so, 1) == 0)
panic("accept");
/* connection has been removed from the listen queue */
KNOTE(&head->so_rcv.sb_sel.si_note, 0);
fp->f_type = DTYPE_SOCKET;
fp->f_flag = FREAD | FWRITE | nflag;
fp->f_ops = &socketops;
fp->f_data = so;
error = soaccept(so, nam);
if (!error && SCARG(uap, name)) {
error = copyaddrout(p, nam, SCARG(uap, name), namelen,
SCARG(uap, anamelen));
}
if (error) {
/* if an error occurred, free the file descriptor */
fdplock(p->p_fd);
fdremove(p->p_fd, tmpfd);
closef(fp, p);
fdpunlock(p->p_fd);
} else {
FILE_SET_MATURE(fp, p);
*retval = tmpfd;
}
m_freem(nam);
bad:
splx(s);
FRELE(headfp, p);
return (error);
}
static int
bsd_accept(cyg_file *fp, cyg_file *new_fp,
struct sockaddr *name, socklen_t *anamelen)
{
socklen_t namelen = 0;
int error = 0, s;
struct socket *head, *so;
struct sockaddr *sa;
if( anamelen != NULL)
namelen = *anamelen;
s = splsoftnet();
head = (struct socket *)fp->f_data;
if ((head->so_options & SO_ACCEPTCONN) == 0) {
splx(s);
return (EINVAL);
}
if ((head->so_state & SS_NBIO) && TAILQ_EMPTY(&head->so_comp)) {
splx(s);
return (EWOULDBLOCK);
}
while (TAILQ_EMPTY(&head->so_comp) && head->so_error == 0) {
if (head->so_state & SS_CANTRCVMORE) {
head->so_error = ECONNABORTED;
break;
}
error = tsleep((caddr_t)&head->so_timeo, PSOCK | PCATCH,
"netcon", 0);
if (error) {
splx(s);
return (error);
}
}
if (head->so_error) {
error = head->so_error;
head->so_error = 0;
splx(s);
return (error);
}
/*
* At this point we know that there is at least one connection
* ready to be accepted. Remove it from the queue prior to
* allocating the file descriptor for it since falloc() may
* block allowing another process to accept the connection
* instead.
*/
so = TAILQ_FIRST(&head->so_comp);
TAILQ_REMOVE(&head->so_comp, so, so_list);
head->so_qlen--;
#if 0 // FIXME
fflag = lfp->f_flag;
error = falloc(p, &nfp, &fd);
if (error) {
/*
* Probably ran out of file descriptors. Put the
* unaccepted connection back onto the queue and
* do another wakeup so some other process might
* have a chance at it.
*/
TAILQ_INSERT_HEAD(&head->so_comp, so, so_list);
head->so_qlen++;
wakeup_one(&head->so_timeo);
splx(s);
goto done;
}
fhold(nfp);
p->p_retval[0] = fd;
/* connection has been removed from the listen queue */
KNOTE(&head->so_rcv.sb_sel.si_note, 0);
#endif
so->so_state &= ~SS_COMP;
so->so_head = NULL;
cyg_selinit(&so->so_rcv.sb_sel);
cyg_selinit(&so->so_snd.sb_sel);
new_fp->f_type = DTYPE_SOCKET;
new_fp->f_flag |= FREAD|FWRITE;
new_fp->f_offset = 0;
new_fp->f_ops = &bsd_sock_fileops;
new_fp->f_data = (CYG_ADDRWORD)so;
new_fp->f_xops = (CYG_ADDRWORD)&bsd_sockops;
sa = 0;
error = soaccept(so, &sa);
if (error) {
/*
* return a namelen of zero for older code which might
* ignore the return value from accept.
*/
if (name != NULL) {
*anamelen = 0;
}
goto noconnection;
}
if (sa == NULL) {
namelen = 0;
if (name)
goto gotnoname;
splx(s);
error = 0;
goto done;
}
if (name) {
if (namelen > sa->sa_len)
namelen = sa->sa_len;
#ifdef COMPAT_OLDSOCK
if (compat)
((struct osockaddr *)sa)->sa_family = sa->sa_family;
#endif
error = copyout(sa, (caddr_t)name, namelen);
if (!error)
gotnoname:
*anamelen = namelen;
}
noconnection:
#if 0 // FIXME
/*
* close the new descriptor, assuming someone hasn't ripped it
* out from under us.
*/
if (error) {
if (fdp->fd_ofiles[fd] == nfp) {
fdp->fd_ofiles[fd] = NULL;
fdrop(nfp, p);
}
}
splx(s);
/*
* Release explicitly held references before returning.
*/
done:
if (nfp != NULL)
fdrop(nfp, p);
fdrop(lfp, p);
return (error);
m_freem(nam);
#else
done:
#endif
splx(s);
return (error);
}
/*
* Queue a packet. Start transmission if not active.
* Packet is placed in Information field of PPP frame.
*/
int
pppoutput(struct ifnet *ifp, struct mbuf *m0, struct sockaddr *dst,
struct rtentry *rtp)
{
struct ppp_softc *sc = ifp->if_softc;
int protocol, address, control;
u_char *cp;
int s, error;
struct ip *ip;
struct ifqueue *ifq;
enum NPmode mode;
int len;
if (sc->sc_devp == NULL || (ifp->if_flags & IFF_RUNNING) == 0
|| ((ifp->if_flags & IFF_UP) == 0 && dst->sa_family != AF_UNSPEC)) {
error = ENETDOWN; /* sort of */
goto bad;
}
#ifdef DIAGNOSTIC
if (ifp->if_rdomain != rtable_l2(m0->m_pkthdr.ph_rtableid)) {
printf("%s: trying to send packet on wrong domain. "
"if %d vs. mbuf %d, AF %d\n", ifp->if_xname, ifp->if_rdomain,
rtable_l2(m0->m_pkthdr.ph_rtableid), dst->sa_family);
}
#endif
/*
* Compute PPP header.
*/
m0->m_flags &= ~M_HIGHPRI;
switch (dst->sa_family) {
case AF_INET:
address = PPP_ALLSTATIONS;
control = PPP_UI;
protocol = PPP_IP;
mode = sc->sc_npmode[NP_IP];
/*
* If this packet has the "low delay" bit set in the IP header,
* put it on the fastq instead.
*/
ip = mtod(m0, struct ip *);
if (ip->ip_tos & IPTOS_LOWDELAY)
m0->m_flags |= M_HIGHPRI;
break;
case AF_UNSPEC:
address = PPP_ADDRESS(dst->sa_data);
control = PPP_CONTROL(dst->sa_data);
protocol = PPP_PROTOCOL(dst->sa_data);
mode = NPMODE_PASS;
break;
default:
printf("%s: af%d not supported\n", ifp->if_xname, dst->sa_family);
error = EAFNOSUPPORT;
goto bad;
}
/*
* Drop this packet, or return an error, if necessary.
*/
if (mode == NPMODE_ERROR) {
error = ENETDOWN;
goto bad;
}
if (mode == NPMODE_DROP) {
error = 0;
goto bad;
}
/*
* Add PPP header. If no space in first mbuf, allocate another.
* (This assumes M_LEADINGSPACE is always 0 for a cluster mbuf.)
*/
M_PREPEND(m0, PPP_HDRLEN, M_DONTWAIT);
if (m0 == NULL) {
error = ENOBUFS;
goto bad;
}
cp = mtod(m0, u_char *);
*cp++ = address;
*cp++ = control;
*cp++ = protocol >> 8;
*cp++ = protocol & 0xff;
if ((m0->m_flags & M_PKTHDR) == 0)
panic("mbuf packet without packet header!");
len = m0->m_pkthdr.len;
if (sc->sc_flags & SC_LOG_OUTPKT) {
printf("%s output: ", ifp->if_xname);
pppdumpm(m0);
}
if ((protocol & 0x8000) == 0) {
#if NBPFILTER > 0
/*
* Apply the pass and active filters to the packet,
* but only if it is a data packet.
*/
*mtod(m0, u_char *) = 1; /* indicates outbound */
if (sc->sc_pass_filt.bf_insns != 0
&& bpf_filter(sc->sc_pass_filt.bf_insns, (u_char *) m0,
len, 0) == 0) {
error = 0; /* drop this packet */
goto bad;
}
/*
* Update the time we sent the most recent packet.
*/
if (sc->sc_active_filt.bf_insns == 0
|| bpf_filter(sc->sc_active_filt.bf_insns, (u_char *) m0, len, 0))
sc->sc_last_sent = time_second;
*mtod(m0, u_char *) = address;
#else
/*
* Update the time we sent the most recent packet.
*/
sc->sc_last_sent = time_second;
#endif
}
#if NBPFILTER > 0
/*
* See if bpf wants to look at the packet.
*/
if (sc->sc_bpf)
bpf_mtap(sc->sc_bpf, m0, BPF_DIRECTION_OUT);
#endif
/*
* Put the packet on the appropriate queue.
*/
s = splsoftnet();
if (mode == NPMODE_QUEUE) {
/* XXX we should limit the number of packets on this queue */
*sc->sc_npqtail = m0;
m0->m_nextpkt = NULL;
sc->sc_npqtail = &m0->m_nextpkt;
} else {
if (m0->m_flags & M_HIGHPRI) {
ifq = &sc->sc_fastq;
if (IF_QFULL(ifq) && dst->sa_family != AF_UNSPEC) {
IF_DROP(ifq);
m_freem(m0);
error = ENOBUFS;
}
else {
IF_ENQUEUE(ifq, m0);
error = 0;
}
} else
IFQ_ENQUEUE(&sc->sc_if.if_snd, m0, NULL, error);
if (error) {
splx(s);
sc->sc_if.if_oerrors++;
sc->sc_stats.ppp_oerrors++;
return (error);
}
(*sc->sc_start)(sc);
}
ifp->if_opackets++;
ifp->if_obytes += len;
splx(s);
return (0);
bad:
m_freem(m0);
return (error);
}
/*
* Ioctl routine for generic ppp devices.
*/
int
pppioctl(struct ppp_softc *sc, u_long cmd, caddr_t data, int flag,
struct proc *p)
{
int s, error, flags, mru, npx;
u_int nb;
struct ppp_option_data *odp;
struct compressor **cp;
struct npioctl *npi;
time_t t;
#if NBPFILTER > 0
struct bpf_program *bp, *nbp;
struct bpf_insn *newcode, *oldcode;
int newcodelen;
#endif
#ifdef PPP_COMPRESS
u_char ccp_option[CCP_MAX_OPTION_LENGTH];
#endif
switch (cmd) {
case FIONREAD:
*(int *)data = mq_len(&sc->sc_inq);
break;
case PPPIOCGUNIT:
*(int *)data = sc->sc_unit; /* XXX */
break;
case PPPIOCGFLAGS:
*(u_int *)data = sc->sc_flags;
break;
case PPPIOCSFLAGS:
if ((error = suser(p, 0)) != 0)
return (error);
flags = *(int *)data & SC_MASK;
s = splsoftnet();
#ifdef PPP_COMPRESS
if (sc->sc_flags & SC_CCP_OPEN && !(flags & SC_CCP_OPEN))
ppp_ccp_closed(sc);
#endif
splnet();
sc->sc_flags = (sc->sc_flags & ~SC_MASK) | flags;
splx(s);
break;
case PPPIOCSMRU:
if ((error = suser(p, 0)) != 0)
return (error);
mru = *(int *)data;
if (mru >= PPP_MRU && mru <= PPP_MAXMRU)
sc->sc_mru = mru;
break;
case PPPIOCGMRU:
*(int *)data = sc->sc_mru;
break;
#ifdef VJC
case PPPIOCSMAXCID:
if ((error = suser(p, 0)) != 0)
return (error);
if (sc->sc_comp) {
s = splsoftnet();
sl_compress_setup(sc->sc_comp, *(int *)data);
splx(s);
}
break;
#endif
case PPPIOCXFERUNIT:
if ((error = suser(p, 0)) != 0)
return (error);
sc->sc_xfer = p->p_p->ps_pid;
break;
#ifdef PPP_COMPRESS
case PPPIOCSCOMPRESS:
if ((error = suser(p, 0)) != 0)
return (error);
odp = (struct ppp_option_data *) data;
nb = odp->length;
if (nb > sizeof(ccp_option))
nb = sizeof(ccp_option);
if ((error = copyin(odp->ptr, ccp_option, nb)) != 0)
return (error);
if (ccp_option[1] < 2) /* preliminary check on the length byte */
return (EINVAL);
for (cp = ppp_compressors; *cp != NULL; ++cp)
if ((*cp)->compress_proto == ccp_option[0]) {
/*
* Found a handler for the protocol - try to allocate
* a compressor or decompressor.
*/
error = 0;
if (odp->transmit) {
s = splsoftnet();
if (sc->sc_xc_state != NULL)
(*sc->sc_xcomp->comp_free)(sc->sc_xc_state);
sc->sc_xcomp = *cp;
sc->sc_xc_state = (*cp)->comp_alloc(ccp_option, nb);
if (sc->sc_xc_state == NULL) {
if (sc->sc_flags & SC_DEBUG)
printf("%s: comp_alloc failed\n",
sc->sc_if.if_xname);
error = ENOBUFS;
}
splnet();
sc->sc_flags &= ~SC_COMP_RUN;
splx(s);
} else {
s = splsoftnet();
if (sc->sc_rc_state != NULL)
(*sc->sc_rcomp->decomp_free)(sc->sc_rc_state);
sc->sc_rcomp = *cp;
sc->sc_rc_state = (*cp)->decomp_alloc(ccp_option, nb);
if (sc->sc_rc_state == NULL) {
if (sc->sc_flags & SC_DEBUG)
printf("%s: decomp_alloc failed\n",
sc->sc_if.if_xname);
error = ENOBUFS;
}
splnet();
sc->sc_flags &= ~SC_DECOMP_RUN;
splx(s);
}
return (error);
}
if (sc->sc_flags & SC_DEBUG)
printf("%s: no compressor for [%x %x %x], %x\n",
sc->sc_if.if_xname, ccp_option[0], ccp_option[1],
ccp_option[2], nb);
return (EINVAL); /* no handler found */
#endif /* PPP_COMPRESS */
case PPPIOCGNPMODE:
case PPPIOCSNPMODE:
npi = (struct npioctl *) data;
switch (npi->protocol) {
case PPP_IP:
npx = NP_IP;
break;
default:
return EINVAL;
}
if (cmd == PPPIOCGNPMODE) {
npi->mode = sc->sc_npmode[npx];
} else {
if ((error = suser(p, 0)) != 0)
return (error);
if (npi->mode != sc->sc_npmode[npx]) {
s = splsoftnet();
sc->sc_npmode[npx] = npi->mode;
if (npi->mode != NPMODE_QUEUE) {
ppp_requeue(sc);
(*sc->sc_start)(sc);
}
splx(s);
}
}
break;
case PPPIOCGIDLE:
s = splsoftnet();
t = time_second;
((struct ppp_idle *)data)->xmit_idle = t - sc->sc_last_sent;
((struct ppp_idle *)data)->recv_idle = t - sc->sc_last_recv;
splx(s);
break;
#if NBPFILTER > 0
case PPPIOCSPASS:
case PPPIOCSACTIVE:
nbp = (struct bpf_program *) data;
if ((unsigned) nbp->bf_len > BPF_MAXINSNS)
return EINVAL;
newcodelen = nbp->bf_len * sizeof(struct bpf_insn);
if (nbp->bf_len != 0) {
newcode = mallocarray(nbp->bf_len, sizeof(struct bpf_insn),
M_DEVBUF, M_WAITOK);
if ((error = copyin((caddr_t)nbp->bf_insns, (caddr_t)newcode,
newcodelen)) != 0) {
free(newcode, M_DEVBUF, 0);
return error;
}
if (!bpf_validate(newcode, nbp->bf_len)) {
free(newcode, M_DEVBUF, 0);
return EINVAL;
}
} else
newcode = 0;
bp = (cmd == PPPIOCSPASS)? &sc->sc_pass_filt: &sc->sc_active_filt;
oldcode = bp->bf_insns;
s = splnet();
bp->bf_len = nbp->bf_len;
bp->bf_insns = newcode;
splx(s);
if (oldcode != 0)
free(oldcode, M_DEVBUF, 0);
break;
#endif
default:
return (-1);
}
return (0);
}
