/**
* Handle data on netgraph hooks.
* Frames processing is deferred to a taskqueue because this might
* be called with non-sleepable locks held and code paths inside
* the virtual switch might sleep.
*/
static int ng_vboxnetflt_rcvdata(hook_p hook, item_p item)
{
const node_p node = NG_HOOK_NODE(hook);
PVBOXNETFLTINS pThis = NG_NODE_PRIVATE(node);
struct ifnet *ifp = pThis->u.s.ifp;
struct mbuf *m;
struct m_tag *mtag;
bool fActive;
VBOXCURVNET_SET(ifp->if_vnet);
fActive = vboxNetFltTryRetainBusyActive(pThis);
NGI_GET_M(item, m);
NG_FREE_ITEM(item);
/* Locate tag to see if processing should be skipped for this frame */
mtag = m_tag_locate(m, MTAG_VBOX, PACKET_TAG_VBOX, NULL);
if (mtag != NULL)
{
m_tag_unlink(m, mtag);
m_tag_free(mtag);
}
/*
* Handle incoming hook. This is connected to the
* input path of the interface, thus handling incoming frames.
*/
if (pThis->u.s.input == hook)
{
if (mtag != NULL || !fActive)
{
ether_demux(ifp, m);
if (fActive)
vboxNetFltRelease(pThis, true /*fBusy*/);
VBOXCURVNET_RESTORE();
return (0);
}
mtx_lock_spin(&pThis->u.s.inq.ifq_mtx);
_IF_ENQUEUE(&pThis->u.s.inq, m);
mtx_unlock_spin(&pThis->u.s.inq.ifq_mtx);
taskqueue_enqueue_fast(taskqueue_fast, &pThis->u.s.tskin);
}
/*
* Handle mbufs on the outgoing hook, frames going to the interface
*/
else if (pThis->u.s.output == hook)
{
if (mtag != NULL || !fActive)
{
int rc = ether_output_frame(ifp, m);
if (fActive)
vboxNetFltRelease(pThis, true /*fBusy*/);
VBOXCURVNET_RESTORE();
return rc;
}
mtx_lock_spin(&pThis->u.s.outq.ifq_mtx);
_IF_ENQUEUE(&pThis->u.s.outq, m);
mtx_unlock_spin(&pThis->u.s.outq.ifq_mtx);
taskqueue_enqueue_fast(taskqueue_fast, &pThis->u.s.tskout);
}
else
{
m_freem(m);
}
if (fActive)
vboxNetFltRelease(pThis, true /*fBusy*/);
VBOXCURVNET_RESTORE();
return (0);
}
/**
* Internal worker for vboxNetFltDarwinIffInput and vboxNetFltDarwinIffOutput,
*
* @returns 0 or EJUSTRETURN.
* @param pThis The instance.
* @param pMBuf The mbuf.
* @param pvFrame The start of the frame, optional.
* @param fSrc Where the packet (allegedly) comes from, one INTNETTRUNKDIR_* value.
* @param eProtocol The protocol.
*/
static errno_t vboxNetFltDarwinIffInputOutputWorker(PVBOXNETFLTINS pThis, mbuf_t pMBuf, void *pvFrame,
uint32_t fSrc, protocol_family_t eProtocol)
{
/*
* Drop it immediately?
*/
Log2(("vboxNetFltDarwinIffInputOutputWorker: pThis=%p pMBuf=%p pvFrame=%p fSrc=%#x cbPkt=%x\n",
pThis, pMBuf, pvFrame, fSrc, pMBuf ? mbuf_pkthdr_len(pMBuf) : -1));
if (!pMBuf)
return 0;
#if 0 /* debugging lost icmp packets */
if (mbuf_pkthdr_len(pMBuf) > 0x300)
{
uint8_t *pb = (uint8_t *)(pvFrame ? pvFrame : mbuf_data(pMBuf));
Log3(("D=%.6Rhxs S=%.6Rhxs T=%04x IFF\n", pb, pb + 6, RT_BE2H_U16(*(uint16_t *)(pb + 12))));
}
#endif
if (vboxNetFltDarwinMBufIsOur(pThis, pMBuf, pvFrame))
return 0;
/*
* Active? Retain the instance and increment the busy counter.
*/
if (!vboxNetFltTryRetainBusyActive(pThis))
return 0;
/*
* Finalize out-bound packets since the stack puts off finalizing
* TCP/IP checksums as long as possible.
* ASSUMES this only applies to outbound IP packets.
*/
if ( (fSrc & INTNETTRUNKDIR_HOST)
&& eProtocol == PF_INET)
{
Assert(!pvFrame);
mbuf_outbound_finalize(pMBuf, eProtocol, sizeof(RTNETETHERHDR));
}
/*
* Create a (scatter/)gather list for the mbuf and feed it to the internal network.
*/
bool fDropIt = false;
unsigned cSegs = vboxNetFltDarwinMBufCalcSGSegs(pThis, pMBuf, pvFrame);
if (cSegs < VBOXNETFLT_DARWIN_MAX_SEGS)
{
PINTNETSG pSG = (PINTNETSG)alloca(RT_OFFSETOF(INTNETSG, aSegs[cSegs]));
vboxNetFltDarwinMBufToSG(pThis, pMBuf, pvFrame, pSG, cSegs, fSrc);
fDropIt = pThis->pSwitchPort->pfnRecv(pThis->pSwitchPort, NULL /* pvIf */, pSG, fSrc);
if (fDropIt)
{
/*
* Check if this interface is in promiscuous mode. We should not drop
* any packets before they get to the driver as it passes them to tap
* callbacks in order for BPF to work properly.
*/
if (vboxNetFltDarwinIsPromiscuous(pThis))
fDropIt = false;
else
mbuf_freem(pMBuf);
}
}
vboxNetFltRelease(pThis, true /* fBusy */);
return fDropIt ? EJUSTRETURN : 0;
}
