2 * Copyright (c) 2004 Jeffrey M. Hsu. All rights reserved.
3 * Copyright (c) 2004 The DragonFly Project. All rights reserved.
5 * This code is derived from software contributed to The DragonFly Project
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 * 3. Neither the name of The DragonFly Project nor the names of its
17 * contributors may be used to endorse or promote products derived
18 * from this software without specific, prior written permission.
20 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
21 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
22 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
23 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
24 * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
25 * INCIDENTAL, SPECIAL, EXEMPLARY OR CONSEQUENTIAL DAMAGES (INCLUDING,
26 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
27 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
28 * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
29 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
30 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
35 * Copyright (c) 1982, 1986, 1991, 1993, 1995
36 * The Regents of the University of California. All rights reserved.
38 * Redistribution and use in source and binary forms, with or without
39 * modification, are permitted provided that the following conditions
41 * 1. Redistributions of source code must retain the above copyright
42 * notice, this list of conditions and the following disclaimer.
43 * 2. Redistributions in binary form must reproduce the above copyright
44 * notice, this list of conditions and the following disclaimer in the
45 * documentation and/or other materials provided with the distribution.
46 * 3. Neither the name of the University nor the names of its contributors
47 * may be used to endorse or promote products derived from this software
48 * without specific prior written permission.
50 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
51 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
52 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
53 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
54 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
55 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
56 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
57 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
58 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
59 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
62 * @(#)in_pcb.c 8.4 (Berkeley) 5/24/95
63 * $FreeBSD: src/sys/netinet/in_pcb.c,v 1.59.2.27 2004/01/02 04:06:42 ambrisko Exp $
66 #include "opt_inet6.h"
68 #include <sys/param.h>
69 #include <sys/systm.h>
70 #include <sys/malloc.h>
72 #include <sys/domain.h>
73 #include <sys/protosw.h>
74 #include <sys/socket.h>
75 #include <sys/socketvar.h>
79 #include <sys/kernel.h>
80 #include <sys/sysctl.h>
82 #include <sys/socketvar2.h>
83 #include <sys/msgport2.h>
85 #include <machine/limits.h>
88 #include <net/if_types.h>
89 #include <net/route.h>
90 #include <net/netisr2.h>
91 #include <net/toeplitz2.h>
93 #include <netinet/in.h>
94 #include <netinet/in_pcb.h>
95 #include <netinet/in_var.h>
96 #include <netinet/ip_var.h>
98 #include <netinet/ip6.h>
99 #include <netinet6/ip6_var.h>
102 #define INP_LOCALGROUP_SIZMIN 8
103 #define INP_LOCALGROUP_SIZMAX 256
105 static struct inpcb *in_pcblookup_local(struct inpcbporthead *porthash,
106 struct in_addr laddr, u_int lport_arg, int wild_okay,
109 struct in_addr zeroin_addr;
112 * These configure the range of local port addresses assigned to
113 * "unspecified" outgoing connections/packets/whatever.
115 int ipport_lowfirstauto = IPPORT_RESERVED - 1; /* 1023 */
116 int ipport_lowlastauto = IPPORT_RESERVEDSTART; /* 600 */
118 int ipport_firstauto = IPPORT_RESERVED; /* 1024 */
119 int ipport_lastauto = IPPORT_USERRESERVED; /* 5000 */
121 int ipport_hifirstauto = IPPORT_HIFIRSTAUTO; /* 49152 */
122 int ipport_hilastauto = IPPORT_HILASTAUTO; /* 65535 */
124 #define RANGECHK(var, min, max) \
125 if ((var) < (min)) { (var) = (min); } \
126 else if ((var) > (max)) { (var) = (max); }
128 int udpencap_enable = 1; /* enabled by default */
129 int udpencap_port = 4500; /* triggers decapsulation */
132 * Per-netisr inpcb markers.
133 * NOTE: they should only be used in netisrs.
135 static struct inpcb *in_pcbmarkers;
136 static struct inpcontainer *in_pcbcontainer_markers;
139 sysctl_net_ipport_check(SYSCTL_HANDLER_ARGS)
143 error = sysctl_handle_int(oidp, oidp->oid_arg1, oidp->oid_arg2, req);
145 RANGECHK(ipport_lowfirstauto, 1, IPPORT_RESERVED - 1);
146 RANGECHK(ipport_lowlastauto, 1, IPPORT_RESERVED - 1);
148 RANGECHK(ipport_firstauto, IPPORT_RESERVED, USHRT_MAX);
149 RANGECHK(ipport_lastauto, IPPORT_RESERVED, USHRT_MAX);
151 RANGECHK(ipport_hifirstauto, IPPORT_RESERVED, USHRT_MAX);
152 RANGECHK(ipport_hilastauto, IPPORT_RESERVED, USHRT_MAX);
159 SYSCTL_NODE(_net_inet_ip, IPPROTO_IP, portrange, CTLFLAG_RW, 0, "IP Ports");
161 SYSCTL_PROC(_net_inet_ip_portrange, OID_AUTO, lowfirst, CTLTYPE_INT|CTLFLAG_RW,
162 &ipport_lowfirstauto, 0, &sysctl_net_ipport_check, "I", "");
163 SYSCTL_PROC(_net_inet_ip_portrange, OID_AUTO, lowlast, CTLTYPE_INT|CTLFLAG_RW,
164 &ipport_lowlastauto, 0, &sysctl_net_ipport_check, "I", "");
165 SYSCTL_PROC(_net_inet_ip_portrange, OID_AUTO, first, CTLTYPE_INT|CTLFLAG_RW,
166 &ipport_firstauto, 0, &sysctl_net_ipport_check, "I", "");
167 SYSCTL_PROC(_net_inet_ip_portrange, OID_AUTO, last, CTLTYPE_INT|CTLFLAG_RW,
168 &ipport_lastauto, 0, &sysctl_net_ipport_check, "I", "");
169 SYSCTL_PROC(_net_inet_ip_portrange, OID_AUTO, hifirst, CTLTYPE_INT|CTLFLAG_RW,
170 &ipport_hifirstauto, 0, &sysctl_net_ipport_check, "I", "");
171 SYSCTL_PROC(_net_inet_ip_portrange, OID_AUTO, hilast, CTLTYPE_INT|CTLFLAG_RW,
172 &ipport_hilastauto, 0, &sysctl_net_ipport_check, "I", "");
174 /* Initialized by ip_init() */
175 int ip_porthash_trycount;
176 SYSCTL_INT(_net_inet_ip, OID_AUTO, porthash_trycount, CTLFLAG_RW,
177 &ip_porthash_trycount, 0,
178 "Number of tries to find local port matching hash of 4-tuple");
181 * in_pcb.c: manage the Protocol Control Blocks.
183 * NOTE: It is assumed that most of these functions will be called from
184 * a critical section. XXX - There are, unfortunately, a few exceptions
185 * to this rule that should be fixed.
187 * NOTE: The caller should initialize the cpu field to the cpu running the
188 * protocol stack associated with this inpcbinfo.
192 in_pcbinfo_init(struct inpcbinfo *pcbinfo, int cpu, boolean_t shared)
194 KASSERT(cpu >= 0 && cpu < netisr_ncpus, ("invalid cpu%d", cpu));
197 LIST_INIT(&pcbinfo->pcblisthead);
198 pcbinfo->portsave = kmalloc(sizeof(*pcbinfo->portsave), M_PCB,
202 pcbinfo->infotoken = kmalloc(sizeof(struct lwkt_token),
204 lwkt_token_init(pcbinfo->infotoken, "infotoken");
206 pcbinfo->infotoken = NULL;
211 in_pcbportinfo_set(struct inpcbinfo *pcbinfo, struct inpcbportinfo *portinfo,
215 KASSERT(portinfo_cnt > 0, ("invalid portinfo_cnt %d", portinfo_cnt));
216 pcbinfo->portinfo = portinfo;
217 pcbinfo->portinfo_cnt = portinfo_cnt;
220 struct baddynamicports baddynamicports;
223 * Check if the specified port is invalid for dynamic allocation.
226 in_baddynamic(u_int16_t port, u_int16_t proto)
230 return (DP_ISSET(baddynamicports.tcp, port));
232 return (DP_ISSET(baddynamicports.udp, port));
239 in_pcbonlist(struct inpcb *inp)
241 struct inpcbinfo *pcbinfo = inp->inp_pcbinfo;
243 KASSERT(&curthread->td_msgport == netisr_cpuport(pcbinfo->cpu),
244 ("not in the correct netisr"));
245 KASSERT((inp->inp_flags & INP_ONLIST) == 0, ("already on pcblist"));
246 inp->inp_flags |= INP_ONLIST;
248 GET_PCBINFO_TOKEN(pcbinfo);
249 LIST_INSERT_HEAD(&pcbinfo->pcblisthead, inp, inp_list);
250 pcbinfo->ipi_count++;
251 REL_PCBINFO_TOKEN(pcbinfo);
255 in_pcbofflist(struct inpcb *inp)
257 struct inpcbinfo *pcbinfo = inp->inp_pcbinfo;
259 KASSERT(&curthread->td_msgport == netisr_cpuport(pcbinfo->cpu),
260 ("not in the correct netisr"));
261 KASSERT(inp->inp_flags & INP_ONLIST, ("not on pcblist"));
262 inp->inp_flags &= ~INP_ONLIST;
264 GET_PCBINFO_TOKEN(pcbinfo);
265 LIST_REMOVE(inp, inp_list);
266 KASSERT(pcbinfo->ipi_count > 0,
267 ("invalid inpcb count %d", pcbinfo->ipi_count));
268 pcbinfo->ipi_count--;
269 REL_PCBINFO_TOKEN(pcbinfo);
273 * Allocate a PCB and associate it with the socket.
276 in_pcballoc(struct socket *so, struct inpcbinfo *pcbinfo)
280 inp = kmalloc(pcbinfo->ipi_size, M_PCB, M_WAITOK|M_ZERO|M_NULLOK);
283 inp->inp_lgrpindex = -1;
284 inp->inp_gencnt = ++pcbinfo->ipi_gencnt;
285 inp->inp_pcbinfo = pcbinfo;
286 inp->inp_socket = so;
288 if (INP_CHECK_SOCKAF(so, AF_INET6)) {
289 if (ip6_auto_flowlabel)
290 inp->inp_flags |= IN6P_AUTOFLOWLABEL;
291 inp->inp_af = AF_INET6;
294 inp->inp_af = AF_INET;
303 * Unlink a pcb with the intention of moving it to another cpu with a
304 * different pcbinfo. While unlinked nothing should attempt to dereference
305 * inp_pcbinfo, NULL it out so we assert if it does.
308 in_pcbunlink_flags(struct inpcb *inp, struct inpcbinfo *pcbinfo, int flags)
310 KASSERT(inp->inp_pcbinfo == pcbinfo, ("pcbinfo mismatch"));
311 KASSERT((inp->inp_flags & (flags | INP_CONNECTED)) == 0,
315 inp->inp_pcbinfo = NULL;
319 in_pcbunlink(struct inpcb *inp, struct inpcbinfo *pcbinfo)
321 in_pcbunlink_flags(inp, pcbinfo, INP_WILDCARD);
325 * Relink a pcb into a new pcbinfo.
328 in_pcblink_flags(struct inpcb *inp, struct inpcbinfo *pcbinfo, int flags)
330 KASSERT(inp->inp_pcbinfo == NULL, ("has pcbinfo"));
331 KASSERT((inp->inp_flags & (flags | INP_CONNECTED)) == 0,
334 inp->inp_pcbinfo = pcbinfo;
339 in_pcblink(struct inpcb *inp, struct inpcbinfo *pcbinfo)
341 return in_pcblink_flags(inp, pcbinfo, INP_WILDCARD);
345 in_pcbporthash_update(struct inpcbportinfo *portinfo,
346 struct inpcb *inp, u_short lport, struct ucred *cred, int wild)
348 struct inpcbporthead *porthash;
351 * This has to be atomic. If the porthash is shared across multiple
352 * protocol threads, e.g. tcp and udp, then the token must be held.
354 porthash = in_pcbporthash_head(portinfo, lport);
355 GET_PORTHASH_TOKEN(porthash);
357 if (in_pcblookup_local(porthash, inp->inp_laddr, lport, wild, cred)) {
358 REL_PORTHASH_TOKEN(porthash);
361 inp->inp_lport = lport;
362 in_pcbinsporthash(porthash, inp);
364 REL_PORTHASH_TOKEN(porthash);
369 in_pcbsetlport(struct inpcb *inp, int wild, struct ucred *cred)
371 struct inpcbinfo *pcbinfo = inp->inp_pcbinfo;
372 struct inpcbportinfo *portinfo;
373 u_short first, last, lport, step, first0, last0;
375 int portinfo_first, portinfo_idx;
378 inp->inp_flags |= INP_ANONPORT;
380 step = pcbinfo->portinfo_cnt;
381 portinfo_first = mycpuid % pcbinfo->portinfo_cnt;
382 portinfo_idx = portinfo_first;
384 if (inp->inp_flags & INP_HIGHPORT) {
385 first0 = ipport_hifirstauto; /* sysctl */
386 last0 = ipport_hilastauto;
387 } else if (inp->inp_flags & INP_LOWPORT) {
390 priv_check_cred(cred, PRIV_NETINET_RESERVEDPORT, 0))) {
391 inp->inp_laddr.s_addr = INADDR_ANY;
394 first0 = ipport_lowfirstauto; /* 1023 */
395 last0 = ipport_lowlastauto; /* 600 */
397 first0 = ipport_firstauto; /* sysctl */
398 last0 = ipport_lastauto;
400 if (first0 > last0) {
405 KKASSERT(last0 >= first0);
409 portinfo = &pcbinfo->portinfo[portinfo_idx];
414 * Simple check to ensure all ports are not used up causing
417 in_pcbportrange(&last, &first, portinfo->offset, step);
418 lport = last - first;
419 count = lport / step;
421 lport = rounddown(cut % lport, step) + first;
422 KKASSERT(lport % step == portinfo->offset);
425 if (count-- < 0) { /* completely used? */
426 error = EADDRNOTAVAIL;
430 if (__predict_false(lport < first || lport > last)) {
432 KKASSERT(lport % step == portinfo->offset);
435 if (in_pcbporthash_update(portinfo, inp, htons(lport),
442 KKASSERT(lport % step == portinfo->offset);
446 /* Try next portinfo */
448 portinfo_idx %= pcbinfo->portinfo_cnt;
449 if (portinfo_idx != portinfo_first)
451 inp->inp_laddr.s_addr = INADDR_ANY;
457 in_pcbbind(struct inpcb *inp, struct sockaddr *nam, struct thread *td)
459 struct socket *so = inp->inp_socket;
460 struct sockaddr_in jsin;
461 struct ucred *cred = NULL;
464 if (TAILQ_EMPTY(&in_ifaddrheads[mycpuid])) /* XXX broken! */
465 return (EADDRNOTAVAIL);
466 if (inp->inp_lport != 0 || inp->inp_laddr.s_addr != INADDR_ANY)
467 return (EINVAL); /* already bound */
469 if (!(so->so_options & (SO_REUSEADDR|SO_REUSEPORT)))
470 wild = 1; /* neither SO_REUSEADDR nor SO_REUSEPORT is set */
472 cred = td->td_proc->p_ucred;
475 struct sockaddr_in *sin = (struct sockaddr_in *)nam;
476 struct inpcbinfo *pcbinfo;
477 struct inpcbportinfo *portinfo;
478 struct inpcbporthead *porthash;
480 u_short lport, lport_ho;
481 int reuseport = (so->so_options & SO_REUSEPORT);
484 if (nam->sa_len != sizeof *sin)
488 * We should check the family, but old programs
489 * incorrectly fail to initialize it.
491 if (sin->sin_family != AF_INET)
492 return (EAFNOSUPPORT);
494 if (!prison_replace_wildcards(td, nam))
497 lport = sin->sin_port;
498 if (IN_MULTICAST(ntohl(sin->sin_addr.s_addr))) {
500 * Treat SO_REUSEADDR as SO_REUSEPORT for multicast;
501 * allow complete duplication of binding if
502 * SO_REUSEPORT is set, or if SO_REUSEADDR is set
503 * and a multicast address is bound on both
504 * new and duplicated sockets.
506 if (so->so_options & SO_REUSEADDR)
507 reuseport = SO_REUSEADDR | SO_REUSEPORT;
508 } else if (sin->sin_addr.s_addr != INADDR_ANY) {
509 sin->sin_port = 0; /* yech... */
510 bzero(&sin->sin_zero, sizeof sin->sin_zero);
511 if (ifa_ifwithaddr((struct sockaddr *)sin) == NULL)
512 return (EADDRNOTAVAIL);
515 inp->inp_laddr = sin->sin_addr;
517 jsin.sin_family = AF_INET;
518 jsin.sin_addr.s_addr = inp->inp_laddr.s_addr;
519 if (!prison_replace_wildcards(td, (struct sockaddr *)&jsin)) {
520 inp->inp_laddr.s_addr = INADDR_ANY;
523 inp->inp_laddr.s_addr = jsin.sin_addr.s_addr;
526 /* Auto-select local port */
527 return in_pcbsetlport(inp, wild, cred);
529 lport_ho = ntohs(lport);
532 if (lport_ho < IPPORT_RESERVED && cred &&
534 priv_check_cred(cred, PRIV_NETINET_RESERVEDPORT, 0))) {
535 inp->inp_laddr.s_addr = INADDR_ANY;
540 * Locate the proper portinfo based on lport
542 pcbinfo = inp->inp_pcbinfo;
544 &pcbinfo->portinfo[lport_ho % pcbinfo->portinfo_cnt];
545 KKASSERT((lport_ho % pcbinfo->portinfo_cnt) ==
549 * This has to be atomic. If the porthash is shared across
550 * multiple protocol threads, e.g. tcp and udp then the token
553 porthash = in_pcbporthash_head(portinfo, lport);
554 GET_PORTHASH_TOKEN(porthash);
556 if (so->so_cred->cr_uid != 0 &&
557 !IN_MULTICAST(ntohl(sin->sin_addr.s_addr))) {
558 t = in_pcblookup_local(porthash, sin->sin_addr, lport,
559 INPLOOKUP_WILDCARD, cred);
561 (so->so_cred->cr_uid !=
562 t->inp_socket->so_cred->cr_uid)) {
563 inp->inp_laddr.s_addr = INADDR_ANY;
568 if (cred && !prison_replace_wildcards(td, nam)) {
569 inp->inp_laddr.s_addr = INADDR_ANY;
570 error = EADDRNOTAVAIL;
575 * When binding to a local port if the best match is against
576 * an accepted socket we generally want to allow the binding.
577 * This means that there is no longer any specific socket
578 * bound or bound for listening.
580 t = in_pcblookup_local(porthash, sin->sin_addr, lport,
583 (reuseport & t->inp_socket->so_options) == 0 &&
584 (t->inp_socket->so_state & SS_ACCEPTMECH) == 0) {
585 inp->inp_laddr.s_addr = INADDR_ANY;
589 inp->inp_lport = lport;
590 in_pcbinsporthash(porthash, inp);
593 REL_PORTHASH_TOKEN(porthash);
596 jsin.sin_family = AF_INET;
597 jsin.sin_addr.s_addr = inp->inp_laddr.s_addr;
598 if (!prison_replace_wildcards(td, (struct sockaddr *)&jsin)) {
599 inp->inp_laddr.s_addr = INADDR_ANY;
602 inp->inp_laddr.s_addr = jsin.sin_addr.s_addr;
604 return in_pcbsetlport(inp, wild, cred);
609 * Lookup a PCB based on the local and remote address and port.
611 * This function is only used when scanning for a free port.
613 static struct inpcb *
614 in_pcblookup_localremote(struct inpcbporthead *porthash, struct in_addr laddr,
615 u_short lport, struct in_addr faddr, u_short fport,
619 struct inpcbport *phd;
620 struct inpcb *match = NULL;
621 struct prison *pscan;
625 * If the porthashbase is shared across several cpus, it must
628 ASSERT_PORTHASH_TOKEN_HELD(porthash);
631 * Best fit PCB lookup.
633 * First see if this local port is in use by looking on the
636 LIST_FOREACH(phd, porthash, phd_hash) {
637 if (phd->phd_port == lport)
641 pr = cred ? cred->cr_prison : NULL;
643 LIST_FOREACH(inp, &phd->phd_pcblist, inp_portlist) {
645 if (!INP_ISIPV4(inp))
648 if (inp->inp_laddr.s_addr == INADDR_ANY) {
649 if (inp->inp_socket && inp->inp_socket->so_cred)
650 pscan = inp->inp_socket->so_cred->cr_prison;
656 if (inp->inp_laddr.s_addr != laddr.s_addr)
660 if (inp->inp_faddr.s_addr != INADDR_ANY &&
661 inp->inp_faddr.s_addr != faddr.s_addr)
664 if (inp->inp_fport != 0 && inp->inp_fport != fport)
675 in_pcbporthash_update4(struct inpcbportinfo *portinfo, struct inpcb *inp,
676 u_short lport, const struct sockaddr_in *sin,
679 struct inpcbporthead *porthash;
682 * This has to be atomic. If the porthash is shared across multiple
683 * protocol threads, e.g. tcp and udp, then the token must be held.
685 porthash = in_pcbporthash_head(portinfo, lport);
686 GET_PORTHASH_TOKEN(porthash);
688 if (in_pcblookup_localremote(porthash, inp->inp_laddr, lport,
689 sin->sin_addr, sin->sin_port, cred)) {
690 REL_PORTHASH_TOKEN(porthash);
693 inp->inp_lport = lport;
694 in_pcbinsporthash(porthash, inp);
696 REL_PORTHASH_TOKEN(porthash);
701 in_pcbbind_remote(struct inpcb *inp, const struct sockaddr *remote,
704 struct proc *p = td->td_proc;
705 const struct sockaddr_in *sin = (const struct sockaddr_in *)remote;
706 struct sockaddr_in jsin;
707 struct inpcbinfo *pcbinfo = inp->inp_pcbinfo;
708 struct ucred *cred = NULL;
709 u_short first, last, lport;
710 int count, hash_count;
711 int error, selfconn = 0;
713 uint32_t hash_base = 0, hash;
715 ASSERT_NETISR_NCPUS(cpuid);
717 if (TAILQ_EMPTY(&in_ifaddrheads[cpuid])) /* XXX broken! */
718 return (EADDRNOTAVAIL);
720 KKASSERT(inp->inp_laddr.s_addr != INADDR_ANY);
721 if (inp->inp_lport != 0)
722 return (EINVAL); /* already bound */
727 jsin.sin_family = AF_INET;
728 jsin.sin_addr.s_addr = inp->inp_laddr.s_addr;
729 if (!prison_replace_wildcards(td, (struct sockaddr *)&jsin)) {
730 inp->inp_laddr.s_addr = INADDR_ANY;
733 inp->inp_laddr.s_addr = jsin.sin_addr.s_addr;
735 hash_count = ip_porthash_trycount;
736 if (hash_count > 0) {
737 hash_base = toeplitz_piecemeal_addr(sin->sin_addr.s_addr) ^
738 toeplitz_piecemeal_addr(inp->inp_laddr.s_addr) ^
739 toeplitz_piecemeal_port(sin->sin_port);
744 inp->inp_flags |= INP_ANONPORT;
746 if (inp->inp_flags & INP_HIGHPORT) {
747 first = ipport_hifirstauto; /* sysctl */
748 last = ipport_hilastauto;
749 } else if (inp->inp_flags & INP_LOWPORT) {
752 priv_check_cred(cred, PRIV_NETINET_RESERVEDPORT, 0))) {
753 inp->inp_laddr.s_addr = INADDR_ANY;
756 first = ipport_lowfirstauto; /* 1023 */
757 last = ipport_lowlastauto; /* 600 */
759 first = ipport_firstauto; /* sysctl */
760 last = ipport_lastauto;
767 KKASSERT(last >= first);
769 count = last - first;
770 lport = (karc4random() % count) + first;
774 * Simple check to ensure all ports are not used up causing
780 if (count-- < 0) { /* completely used? */
781 error = EADDRNOTAVAIL;
785 if (__predict_false(lport < first || lport > last))
787 lport_no = htons(lport);
789 /* This could happen on loopback interface */
790 if (__predict_false(sin->sin_port == lport_no &&
791 sin->sin_addr.s_addr == inp->inp_laddr.s_addr)) {
793 ++count; /* don't count this try */
802 toeplitz_piecemeal_port(lport_no);
803 if (netisr_hashcpu(hash) != cpuid && hash_count)
807 if (in_pcbporthash_update4(
808 &pcbinfo->portinfo[lport % pcbinfo->portinfo_cnt],
809 inp, lport_no, sin, cred)) {
818 inp->inp_laddr.s_addr = INADDR_ANY;
823 * Figure out the local interface address to pair against the requested
824 * target address, as well as validate the target address.
827 in_pcbladdr_find(struct inpcb *inp, struct sockaddr *nam,
828 struct sockaddr_in **plocal_sin, struct thread *td, int find)
830 struct in_ifaddr_container *iac;
831 struct in_ifaddr *ia;
832 struct ucred *cred = NULL;
833 struct sockaddr_in *sin = (struct sockaddr_in *)nam;
834 struct sockaddr *jsin;
839 if (nam->sa_len != sizeof *sin)
841 if (sin->sin_family != AF_INET)
842 return (EAFNOSUPPORT);
843 if (sin->sin_port == 0)
844 return (EADDRNOTAVAIL);
850 if (td && td->td_proc && td->td_proc->p_ucred)
851 cred = td->td_proc->p_ucred;
853 pr = cred->cr_prison;
856 * If the destination address is INADDR_ANY then use the primary
859 * If the supplied address is INADDR_BROADCAST, and the primary
860 * interface supports broadcast, choose the broadcast address for
863 * If jailed, locate an interface address acceptable to the jail.
865 if (sin->sin_addr.s_addr == INADDR_ANY) {
866 TAILQ_FOREACH(iac, &in_ifaddrheads[mycpuid], ia_link) {
869 jailed_ip(pr, sintosa(&ia->ia_addr))) {
870 sin->sin_addr = IA_SIN(ia)->sin_addr;
874 } else if (sin->sin_addr.s_addr == (u_long)INADDR_BROADCAST) {
875 TAILQ_FOREACH(iac, &in_ifaddrheads[mycpuid], ia_link) {
878 jailed_ip(pr, sintosa(&ia->ia_addr))) &&
879 (iac->ia->ia_ifp->if_flags & IFF_BROADCAST)) {
881 satosin(&ia->ia_broadaddr)->sin_addr;
888 * If asked to do a search, use the cached route or do a route table
889 * lookup to try to find an acceptable local interface IP.
897 * If we have a cached route, check to see if it is acceptable.
900 ro = &inp->inp_route;
902 (!(ro->ro_rt->rt_flags & RTF_UP) ||
903 ro->ro_dst.sa_family != AF_INET ||
904 satosin(&ro->ro_dst)->sin_addr.s_addr !=
905 sin->sin_addr.s_addr ||
906 inp->inp_socket->so_options & SO_DONTROUTE)) {
912 * If we do not have a route, construct one and do a lookup,
913 * unless we are forbidden to do so.
915 * Note that we should check the address family of the cached
916 * destination, in case of sharing the cache with IPv6.
918 if (!(inp->inp_socket->so_options & SO_DONTROUTE) && /*XXX*/
919 (ro->ro_rt == NULL || ro->ro_rt->rt_ifp == NULL)) {
920 bzero(&ro->ro_dst, sizeof(struct sockaddr_in));
921 ro->ro_dst.sa_family = AF_INET;
922 ro->ro_dst.sa_len = sizeof(struct sockaddr_in);
923 ((struct sockaddr_in *)&ro->ro_dst)->sin_addr = sin->sin_addr;
929 * If we found a route, use the address corresponding to the
930 * outgoing interface.
932 * If jailed, try to find a compatible address on the outgoing
936 ia = ifatoia(ro->ro_rt->rt_ifa);
939 if (jailed_ip(pr, sintosa(&ia->ia_addr)))
941 TAILQ_FOREACH(iac, &in_ifaddrheads[mycpuid], ia_link) {
942 if (iac->ia->ia_ifp != ia->ia_ifp)
945 if (jailed_ip(pr, sintosa(&ia->ia_addr)))
953 * If the route didn't work or there was no route,
954 * fall-back to the first address in in_ifaddrheads[].
956 * If jailed and this address is not available for
957 * the jail, leave ia set to NULL.
960 u_short fport = sin->sin_port;
963 ia = ifatoia(ifa_ifwithdstaddr(sintosa(sin)));
964 if (ia && pr && !jailed_ip(pr, sintosa(&ia->ia_addr)))
968 ia = ifatoia(ifa_ifwithnet(sintosa(sin)));
969 if (ia && pr && !jailed_ip(pr, sintosa(&ia->ia_addr)))
972 sin->sin_port = fport;
973 if (ia == NULL && !TAILQ_EMPTY(&in_ifaddrheads[mycpuid]))
974 ia = TAILQ_FIRST(&in_ifaddrheads[mycpuid])->ia;
976 if (ia && pr && !jailed_ip(pr, sintosa(&ia->ia_addr)))
979 if (pr == NULL && ia == NULL)
984 * If the destination address is multicast and an outgoing
985 * interface has been set as a multicast option, use the
986 * address of that interface as our source address.
988 if (pr == NULL && IN_MULTICAST(ntohl(sin->sin_addr.s_addr)) &&
989 inp->inp_moptions != NULL) {
990 struct ip_moptions *imo;
993 imo = inp->inp_moptions;
994 if ((ifp = imo->imo_multicast_ifp) != NULL) {
995 struct in_ifaddr_container *iac;
998 TAILQ_FOREACH(iac, &in_ifaddrheads[mycpuid], ia_link) {
999 if (iac->ia->ia_ifp == ifp) {
1010 * If we still don't have a local address, and are jailed,
1011 * use the jail's first non-localhost IP. If there isn't
1012 * one, use the jail's first localhost IP.
1014 * Don't do pcblookup call here; return interface in plocal_sin
1015 * and exit to caller, that will do the lookup.
1017 if (ia == NULL && pr) {
1018 jsin = prison_get_nonlocal(cred->cr_prison, AF_INET, NULL);
1020 jsin = prison_get_local(cred->cr_prison, AF_INET, NULL);
1022 *plocal_sin = satosin(jsin);
1026 *plocal_sin = &ia->ia_addr;
1033 in_pcbresetroute(inp);
1034 return (EADDRNOTAVAIL);
1038 in_pcbladdr(struct inpcb *inp, struct sockaddr *nam,
1039 struct sockaddr_in **plocal_sin, struct thread *td)
1041 return in_pcbladdr_find(inp, nam, plocal_sin, td,
1042 (inp->inp_laddr.s_addr == INADDR_ANY));
1047 * Connect from a socket to a specified address.
1048 * Both address and port must be specified in argument sin.
1049 * If don't have a local address for this socket yet,
1053 in_pcbconnect(struct inpcb *inp, struct sockaddr *nam, struct thread *td)
1055 struct sockaddr_in *if_sin;
1056 struct sockaddr_in *sin = (struct sockaddr_in *)nam;
1059 if_sin = NULL; /* avoid gcc warnings */
1061 /* Call inner routine to assign local interface address. */
1062 if ((error = in_pcbladdr(inp, nam, &if_sin, td)) != 0)
1065 if (in_pcblookup_hash(inp->inp_pcbinfo, sin->sin_addr, sin->sin_port,
1066 inp->inp_laddr.s_addr ?
1067 inp->inp_laddr : if_sin->sin_addr,
1068 inp->inp_lport, FALSE, NULL) != NULL) {
1069 return (EADDRINUSE);
1071 if (inp->inp_laddr.s_addr == INADDR_ANY) {
1072 if (inp->inp_lport == 0) {
1073 error = in_pcbbind(inp, NULL, td);
1077 inp->inp_laddr = if_sin->sin_addr;
1079 inp->inp_faddr = sin->sin_addr;
1080 inp->inp_fport = sin->sin_port;
1081 in_pcbinsconnhash(inp);
1086 in_pcbdisconnect(struct inpcb *inp)
1089 in_pcbremconnhash(inp);
1090 inp->inp_faddr.s_addr = INADDR_ANY;
1095 in_pcbdetach(struct inpcb *inp)
1097 struct socket *so = inp->inp_socket;
1098 struct inpcbinfo *ipi = inp->inp_pcbinfo;
1100 inp->inp_gencnt = ++ipi->ipi_gencnt;
1101 KKASSERT((so->so_state & SS_ASSERTINPROG) == 0);
1102 in_pcbremlists(inp);
1104 sofree(so); /* remove pcb ref */
1105 if (inp->inp_options)
1106 m_free(inp->inp_options);
1107 if (inp->inp_route.ro_rt)
1108 rtfree(inp->inp_route.ro_rt);
1109 ip_freemoptions(inp->inp_moptions);
1114 * The socket may have an invalid PCB, i.e. NULL. For example, a TCP
1115 * socket received RST.
1118 in_setsockaddr(struct socket *so, struct sockaddr **nam)
1121 struct sockaddr_in *sin;
1123 KASSERT(curthread->td_type == TD_TYPE_NETISR, ("not in netisr"));
1126 return (ECONNRESET);
1128 sin = kmalloc(sizeof *sin, M_SONAME, M_WAITOK | M_ZERO);
1129 sin->sin_family = AF_INET;
1130 sin->sin_len = sizeof *sin;
1131 sin->sin_port = inp->inp_lport;
1132 sin->sin_addr = inp->inp_laddr;
1134 *nam = (struct sockaddr *)sin;
1139 in_setsockaddr_dispatch(netmsg_t msg)
1143 error = in_setsockaddr(msg->base.nm_so, msg->peeraddr.nm_nam);
1144 lwkt_replymsg(&msg->lmsg, error);
1148 * The socket may have an invalid PCB, i.e. NULL. For example, a TCP
1149 * socket received RST.
1152 in_setpeeraddr(struct socket *so, struct sockaddr **nam)
1155 struct sockaddr_in *sin;
1157 KASSERT(curthread->td_type == TD_TYPE_NETISR, ("not in netisr"));
1160 return (ECONNRESET);
1162 sin = kmalloc(sizeof *sin, M_SONAME, M_WAITOK | M_ZERO);
1163 sin->sin_family = AF_INET;
1164 sin->sin_len = sizeof *sin;
1165 sin->sin_port = inp->inp_fport;
1166 sin->sin_addr = inp->inp_faddr;
1168 *nam = (struct sockaddr *)sin;
1173 in_setpeeraddr_dispatch(netmsg_t msg)
1177 error = in_setpeeraddr(msg->base.nm_so, msg->peeraddr.nm_nam);
1178 lwkt_replymsg(&msg->lmsg, error);
1182 in_pcbnotifyall(struct inpcbinfo *pcbinfo, struct in_addr faddr, int err,
1183 inp_notify_t notify)
1185 struct inpcb *inp, *marker;
1187 KASSERT(&curthread->td_msgport == netisr_cpuport(pcbinfo->cpu),
1188 ("not in the correct netisr"));
1189 marker = in_pcbmarker();
1193 * - If INP_PLACEMARKER is set we must ignore the rest of the
1194 * structure and skip it.
1195 * - It is safe to nuke inpcbs here, since we are in their own
1198 GET_PCBINFO_TOKEN(pcbinfo);
1200 LIST_INSERT_HEAD(&pcbinfo->pcblisthead, marker, inp_list);
1201 while ((inp = LIST_NEXT(marker, inp_list)) != NULL) {
1202 LIST_REMOVE(marker, inp_list);
1203 LIST_INSERT_AFTER(inp, marker, inp_list);
1205 if (inp->inp_flags & INP_PLACEMARKER)
1208 if (!INP_ISIPV4(inp))
1211 if (inp->inp_faddr.s_addr != faddr.s_addr ||
1212 inp->inp_socket == NULL)
1214 (*notify)(inp, err); /* can remove inp from list! */
1216 LIST_REMOVE(marker, inp_list);
1218 REL_PCBINFO_TOKEN(pcbinfo);
1222 in_pcbpurgeif0(struct inpcbinfo *pcbinfo, struct ifnet *ifp)
1224 struct inpcb *inp, *marker;
1227 * We only need to make sure that we are in netisr0, where all
1228 * multicast operation happen. We could check inpcbinfo which
1229 * does not belong to netisr0 by holding the inpcbinfo's token.
1230 * In this case, the pcbinfo must be able to be shared, i.e.
1231 * pcbinfo->infotoken is not NULL.
1234 KASSERT(pcbinfo->cpu == 0 || pcbinfo->infotoken != NULL,
1235 ("pcbinfo could not be shared"));
1238 * Get a marker for the current netisr (netisr0).
1240 * It is possible that the multicast address deletion blocks,
1241 * which could cause temporary token releasing. So we use
1242 * inpcb marker here to get a coherent view of the inpcb list.
1244 * While, on the other hand, moptions are only added and deleted
1245 * in netisr0, so we would not see staled moption or miss moption
1246 * even if the token was released due to the blocking multicast
1249 marker = in_pcbmarker();
1251 GET_PCBINFO_TOKEN(pcbinfo);
1253 LIST_INSERT_HEAD(&pcbinfo->pcblisthead, marker, inp_list);
1254 while ((inp = LIST_NEXT(marker, inp_list)) != NULL) {
1255 struct ip_moptions *imo;
1257 LIST_REMOVE(marker, inp_list);
1258 LIST_INSERT_AFTER(inp, marker, inp_list);
1260 if (inp->inp_flags & INP_PLACEMARKER)
1262 imo = inp->inp_moptions;
1263 if (INP_ISIPV4(inp) && imo != NULL) {
1267 * Unselect the outgoing interface if it is being
1270 if (imo->imo_multicast_ifp == ifp)
1271 imo->imo_multicast_ifp = NULL;
1274 * Drop multicast group membership if we joined
1275 * through the interface being detached.
1277 for (i = 0, gap = 0; i < imo->imo_num_memberships;
1279 if (imo->imo_membership[i]->inm_ifp == ifp) {
1282 * This could block and the pcbinfo
1283 * token could be passively released.
1285 in_delmulti(imo->imo_membership[i]);
1287 } else if (gap != 0)
1288 imo->imo_membership[i - gap] =
1289 imo->imo_membership[i];
1291 imo->imo_num_memberships -= gap;
1294 LIST_REMOVE(marker, inp_list);
1296 REL_PCBINFO_TOKEN(pcbinfo);
1300 * Check for alternatives when higher level complains
1301 * about service problems. For now, invalidate cached
1302 * routing information. If the route was created dynamically
1303 * (by a redirect), time to try a default gateway again.
1306 in_losing(struct inpcb *inp)
1309 struct rt_addrinfo rtinfo;
1311 if ((rt = inp->inp_route.ro_rt)) {
1312 bzero(&rtinfo, sizeof(struct rt_addrinfo));
1313 rtinfo.rti_info[RTAX_DST] = rt_key(rt);
1314 rtinfo.rti_info[RTAX_GATEWAY] = rt->rt_gateway;
1315 rtinfo.rti_info[RTAX_NETMASK] = rt_mask(rt);
1316 rtinfo.rti_flags = rt->rt_flags;
1317 rt_missmsg(RTM_LOSING, &rtinfo, rt->rt_flags, 0);
1318 if (rt->rt_flags & RTF_DYNAMIC) {
1319 rtrequest(RTM_DELETE, rt_key(rt), rt->rt_gateway,
1320 rt_mask(rt), rt->rt_flags, NULL);
1322 inp->inp_route.ro_rt = NULL;
1325 * A new route can be allocated
1326 * the next time output is attempted.
1332 * After a routing change, flush old routing
1333 * and allocate a (hopefully) better one.
1336 in_rtchange(struct inpcb *inp, int err)
1338 if (inp->inp_route.ro_rt) {
1339 rtfree(inp->inp_route.ro_rt);
1340 inp->inp_route.ro_rt = NULL;
1342 * A new route can be allocated the next time
1343 * output is attempted.
1349 * Lookup a PCB based on the local address and port.
1351 * This function is only used when scanning for a free port.
1353 static struct inpcb *
1354 in_pcblookup_local(struct inpcbporthead *porthash, struct in_addr laddr,
1355 u_int lport_arg, int wild_okay, struct ucred *cred)
1357 struct prison *pscan;
1360 int matchwild = 3, wildcard;
1361 u_short lport = lport_arg;
1362 struct inpcbport *phd;
1363 struct inpcb *match = NULL;
1366 * If the porthashbase is shared across several cpus, it must
1369 ASSERT_PORTHASH_TOKEN_HELD(porthash);
1372 * Best fit PCB lookup.
1374 * First see if this local port is in use by looking on the
1377 LIST_FOREACH(phd, porthash, phd_hash) {
1378 if (phd->phd_port == lport)
1382 pr = cred ? cred->cr_prison : NULL;
1385 * Port is in use by one or more PCBs. Look for best
1388 * If in a prison we may wish to allow the jail to override
1389 * a wildcard listen on the host. Since the jail forces its
1390 * own wildcard listens to a specific set of jail IPs, this
1391 * override allows most services on the host to remain as
1392 * they were and still be 'jail friendly'.
1394 LIST_FOREACH(inp, &phd->phd_pcblist, inp_portlist) {
1397 if (!INP_ISIPV4(inp))
1400 if (inp->inp_faddr.s_addr != INADDR_ANY)
1404 * Prison are independent of each other in terms
1405 * of allowing bindings. This can result in multiple
1406 * overloaded bindings which in_pcblookup_pkthash()
1407 * will have to sort out.
1409 * Allow wildcarded entries to co-exist with specific
1410 * entries. Specific entries override wildcarded
1413 if (inp->inp_socket && inp->inp_socket->so_cred)
1414 pscan = inp->inp_socket->so_cred->cr_prison;
1419 if (inp->inp_laddr.s_addr == INADDR_ANY) {
1420 if (laddr.s_addr != INADDR_ANY)
1423 if (laddr.s_addr == INADDR_ANY)
1425 else if (inp->inp_laddr.s_addr != laddr.s_addr)
1428 if (wildcard && !wild_okay)
1430 if (wildcard < matchwild) {
1432 matchwild = wildcard;
1442 in_pcblocalgroup_last(const struct inpcbinfo *pcbinfo,
1443 const struct inpcb *inp)
1445 const struct inp_localgrphead *hdr;
1446 const struct inp_localgroup *grp;
1449 if (pcbinfo->localgrphashbase == NULL)
1452 GET_PCBINFO_TOKEN(pcbinfo);
1454 hdr = &pcbinfo->localgrphashbase[
1455 INP_PCBLOCALGRPHASH(inp->inp_lport, pcbinfo->localgrphashmask)];
1457 LIST_FOREACH(grp, hdr, il_list) {
1458 if (grp->il_af == inp->inp_af &&
1459 grp->il_lport == inp->inp_lport &&
1460 memcmp(&grp->il_dependladdr,
1461 &inp->inp_inc.inc_ie.ie_dependladdr,
1462 sizeof(grp->il_dependladdr)) == 0) {
1466 if (grp == NULL || grp->il_inpcnt == 1) {
1467 REL_PCBINFO_TOKEN(pcbinfo);
1471 KASSERT(grp->il_inpcnt >= 2,
1472 ("invalid localgroup inp count %d", grp->il_inpcnt));
1473 for (i = 0; i < grp->il_inpcnt; ++i) {
1474 if (grp->il_inp[i] == inp) {
1475 int last = grp->il_inpcnt - 1;
1478 last = grp->il_inpcnt - 2;
1479 REL_PCBINFO_TOKEN(pcbinfo);
1480 return grp->il_inp[last];
1483 REL_PCBINFO_TOKEN(pcbinfo);
1487 static struct inpcb *
1488 inp_localgroup_lookup(const struct inpcbinfo *pcbinfo,
1489 struct in_addr laddr, uint16_t lport, uint32_t pkt_hash)
1491 struct inpcb *local_wild;
1493 struct inpcb *jinp_wild;
1495 const struct inp_localgrphead *hdr;
1496 const struct inp_localgroup *grp;
1497 struct sockaddr_in jsin;
1501 int net_listen_ov_local;
1502 int net_listen_ov_wild;
1504 ASSERT_PCBINFO_TOKEN_HELD(pcbinfo);
1506 hdr = &pcbinfo->localgrphashbase[
1507 INP_PCBLOCALGRPHASH(lport, pcbinfo->localgrphashmask)];
1510 * Order of socket selection:
1514 * NOTE: Local group does not contain jailed sockets
1516 jsin.sin_family = AF_INET;
1517 jsin.sin_addr.s_addr = laddr.s_addr;
1522 net_listen_ov_local = 0;
1523 net_listen_ov_wild = 0;
1525 LIST_FOREACH(grp, hdr, il_list) {
1527 if (grp->il_af != AF_INET)
1530 if (grp->il_lport != lport)
1536 idx = netisr_hashlsb(pkt_hash) % grp->il_inpcnt;
1537 inp = grp->il_inp[idx];
1540 * Modulo-N is used here, which greatly reduces
1541 * completion queue token contention, thus more
1542 * cpu time is saved.
1544 if (grp->il_jailed) {
1545 if (inp->inp_socket == NULL)
1547 cred = inp->inp_socket->so_cred;
1550 pr = cred->cr_prison;
1553 if (!jailed_ip(pr, (struct sockaddr *)&jsin))
1555 if (grp->il_laddr.s_addr == laddr.s_addr) {
1557 if (PRISON_CAP_ISSET(pr->pr_caps, PRISON_CAP_NET_LISTEN_OVERRIDE))
1558 net_listen_ov_local = 1;
1560 } else if (grp->il_laddr.s_addr == INADDR_ANY &&
1561 jinp_wild == NULL) {
1563 if (PRISON_CAP_ISSET(pr->pr_caps, PRISON_CAP_NET_LISTEN_OVERRIDE))
1564 net_listen_ov_wild = 1;
1567 if (grp->il_laddr.s_addr == laddr.s_addr) {
1569 } else if (grp->il_laddr.s_addr == INADDR_ANY) {
1575 if (net_listen_ov_local)
1577 if (net_listen_ov_wild)
1580 return (local_wild);
1587 * Lookup PCB in hash list.
1589 * This is used to match incoming packets to a pcb
1592 in_pcblookup_pkthash(struct inpcbinfo *pcbinfo, struct in_addr faddr,
1593 u_int fport_arg, struct in_addr laddr, u_int lport_arg,
1594 boolean_t wildcard, struct ifnet *ifp, const struct mbuf *m)
1596 struct inpcbhead *head;
1597 struct inpcb *inp, *jinp=NULL;
1598 u_short fport = fport_arg, lport = lport_arg;
1601 * First look for an exact match.
1603 head = &pcbinfo->hashbase[INP_PCBCONNHASH(faddr.s_addr, fport,
1604 laddr.s_addr, lport,
1605 pcbinfo->hashmask)];
1606 LIST_FOREACH(inp, head, inp_hash) {
1608 if (!INP_ISIPV4(inp))
1611 if (in_hosteq(inp->inp_faddr, faddr) &&
1612 in_hosteq(inp->inp_laddr, laddr) &&
1613 inp->inp_fport == fport && inp->inp_lport == lport) {
1615 * Found specific address, host overrides jailed
1618 if (inp->inp_socket == NULL ||
1619 inp->inp_socket->so_cred->cr_prison == NULL) {
1630 * We generally get here for connections to wildcarded listeners.
1631 * Any wildcarded listeners in jails must be restricted to the
1635 struct inpcb *local_wild = NULL;
1636 struct inpcb *jinp_wild = NULL;
1637 struct inpcontainer *ic;
1638 struct inpcontainerhead *chead;
1639 struct sockaddr_in jsin;
1642 int net_listen_ov_local = 0;
1643 int net_listen_ov_wild = 0;
1645 GET_PCBINFO_TOKEN(pcbinfo);
1648 * Check local group first. When present, the localgroup
1649 * hash utilizes the same non-jailed-vs/jailed priortization
1650 * that the normal wildcardhash does.
1652 if (pcbinfo->localgrphashbase != NULL &&
1653 m != NULL && (m->m_flags & M_HASH)) {
1654 inp = inp_localgroup_lookup(pcbinfo, laddr, lport,
1657 REL_PCBINFO_TOKEN(pcbinfo);
1663 * Order of socket selection:
1665 * 1. non-jailed, non-wild.
1666 * 2. non-jailed, wild. (allow_listen_override on)
1667 * 3. jailed, non-wild.
1669 * 5. non-jailed, wild. (allow_listen_override off)
1671 * NOTE: jailed wildcards are still restricted to the jail
1674 * NOTE: (1) and (3) already handled above.
1676 jsin.sin_family = AF_INET;
1677 chead = &pcbinfo->wildcardhashbase[
1678 INP_PCBWILDCARDHASH(lport, pcbinfo->wildcardhashmask)];
1680 LIST_FOREACH(ic, chead, ic_list) {
1682 if (inp->inp_flags & INP_PLACEMARKER)
1689 if (!INP_ISIPV4(inp))
1692 if (inp->inp_lport != lport)
1696 * Calculate prison, setup jsin for jailed_ip()
1699 jsin.sin_addr.s_addr = laddr.s_addr;
1702 if (inp->inp_socket) {
1703 cred = inp->inp_socket->so_cred;
1705 pr = cred->cr_prison;
1709 * Assign jinp, jinp_wild, and local_wild as
1710 * appropriate, track whether the jail supports
1714 if (!jailed_ip(pr, (struct sockaddr *)&jsin))
1716 if (inp->inp_laddr.s_addr == laddr.s_addr &&
1719 if (PRISON_CAP_ISSET(pr->pr_caps, PRISON_CAP_NET_LISTEN_OVERRIDE))
1720 net_listen_ov_local = 1;
1722 if (inp->inp_laddr.s_addr == INADDR_ANY &&
1723 jinp_wild == NULL) {
1725 if (PRISON_CAP_ISSET(pr->pr_caps, PRISON_CAP_NET_LISTEN_OVERRIDE))
1726 net_listen_ov_wild = 1;
1729 if (inp->inp_laddr.s_addr == laddr.s_addr) {
1730 REL_PCBINFO_TOKEN(pcbinfo);
1733 if (inp->inp_laddr.s_addr == INADDR_ANY)
1738 REL_PCBINFO_TOKEN(pcbinfo);
1740 if (net_listen_ov_local)
1742 if (net_listen_ov_wild)
1745 return (local_wild);
1758 in_pcblookup_hash(struct inpcbinfo *pcbinfo, struct in_addr faddr,
1759 u_int fport_arg, struct in_addr laddr, u_int lport_arg,
1760 boolean_t wildcard, struct ifnet *ifp)
1762 return in_pcblookup_pkthash(pcbinfo, faddr, fport_arg,
1763 laddr, lport_arg, wildcard, ifp, NULL);
1767 * Insert PCB into connection hash table.
1770 in_pcbinsconnhash(struct inpcb *inp)
1772 struct inpcbinfo *pcbinfo = inp->inp_pcbinfo;
1773 struct inpcbhead *bucket;
1774 u_int32_t hashkey_faddr, hashkey_laddr;
1777 if (INP_ISIPV6(inp)) {
1778 hashkey_faddr = inp->in6p_faddr.s6_addr32[3] /* XXX JH */;
1779 hashkey_laddr = inp->in6p_laddr.s6_addr32[3] /* XXX JH */;
1782 hashkey_faddr = inp->inp_faddr.s_addr;
1783 hashkey_laddr = inp->inp_laddr.s_addr;
1788 KASSERT(&curthread->td_msgport == netisr_cpuport(pcbinfo->cpu),
1789 ("not in the correct netisr"));
1790 ASSERT_INP_NOTINHASH(inp);
1791 inp->inp_flags |= INP_CONNECTED;
1794 * Insert into the connection hash table.
1796 bucket = &pcbinfo->hashbase[INP_PCBCONNHASH(hashkey_faddr,
1797 inp->inp_fport, hashkey_laddr, inp->inp_lport, pcbinfo->hashmask)];
1798 LIST_INSERT_HEAD(bucket, inp, inp_hash);
1802 * Remove PCB from connection hash table.
1805 in_pcbremconnhash(struct inpcb *inp)
1807 struct inpcbinfo *pcbinfo __debugvar = inp->inp_pcbinfo;
1809 KASSERT(&curthread->td_msgport == netisr_cpuport(pcbinfo->cpu),
1810 ("not in the correct netisr"));
1811 KASSERT(inp->inp_flags & INP_CONNECTED, ("inp not connected"));
1813 LIST_REMOVE(inp, inp_hash);
1814 inp->inp_flags &= ~INP_CONNECTED;
1818 * Insert PCB into port hash table.
1821 in_pcbinsporthash(struct inpcbporthead *pcbporthash, struct inpcb *inp)
1823 struct inpcbinfo *pcbinfo = inp->inp_pcbinfo;
1824 struct inpcbport *phd;
1827 * If the porthashbase is shared across several cpus, it must
1830 ASSERT_PORTHASH_TOKEN_HELD(pcbporthash);
1833 * Insert into the port hash table.
1836 /* Go through port list and look for a head for this lport. */
1837 LIST_FOREACH(phd, pcbporthash, phd_hash) {
1838 if (phd->phd_port == inp->inp_lport)
1842 /* If none exists, use saved one and tack it on. */
1844 KKASSERT(pcbinfo->portsave != NULL);
1845 phd = pcbinfo->portsave;
1846 pcbinfo->portsave = NULL;
1847 phd->phd_port = inp->inp_lport;
1848 LIST_INIT(&phd->phd_pcblist);
1849 LIST_INSERT_HEAD(pcbporthash, phd, phd_hash);
1852 inp->inp_porthash = pcbporthash;
1854 LIST_INSERT_HEAD(&phd->phd_pcblist, inp, inp_portlist);
1857 * Malloc one inpcbport for later use. It is safe to use
1858 * "wait" malloc here (port token would be released, if
1859 * malloc ever blocked), since all changes to the porthash
1862 if (pcbinfo->portsave == NULL) {
1863 pcbinfo->portsave = kmalloc(sizeof(*pcbinfo->portsave),
1864 M_PCB, M_INTWAIT | M_ZERO);
1869 in_pcbinsporthash_lport(struct inpcb *inp)
1871 struct inpcbinfo *pcbinfo = inp->inp_pcbinfo;
1872 struct inpcbportinfo *portinfo;
1873 struct inpcbporthead *porthash;
1876 /* Locate the proper portinfo based on lport */
1877 lport_ho = ntohs(inp->inp_lport);
1878 portinfo = &pcbinfo->portinfo[lport_ho % pcbinfo->portinfo_cnt];
1879 KKASSERT((lport_ho % pcbinfo->portinfo_cnt) == portinfo->offset);
1881 porthash = in_pcbporthash_head(portinfo, inp->inp_lport);
1882 GET_PORTHASH_TOKEN(porthash);
1883 in_pcbinsporthash(porthash, inp);
1884 REL_PORTHASH_TOKEN(porthash);
1888 in_pcbremporthash(struct inpcb *inp)
1890 struct inpcbporthead *porthash;
1891 struct inpcbport *phd;
1893 if (inp->inp_phd == NULL)
1895 KASSERT(inp->inp_lport != 0, ("inpcb has no lport"));
1897 porthash = inp->inp_porthash;
1898 KASSERT(porthash != NULL, ("no porthash"));
1900 GET_PORTHASH_TOKEN(porthash);
1903 LIST_REMOVE(inp, inp_portlist);
1904 if (LIST_FIRST(&phd->phd_pcblist) == NULL) {
1905 LIST_REMOVE(phd, phd_hash);
1909 REL_PORTHASH_TOKEN(porthash);
1911 inp->inp_phd = NULL;
1912 /* NOTE: Don't whack inp_lport, which may be used later */
1915 static struct inp_localgroup *
1916 inp_localgroup_alloc(u_char af, uint16_t port,
1917 const union in_dependaddr *addr, int size)
1919 struct inp_localgroup *grp;
1921 grp = kmalloc(__offsetof(struct inp_localgroup, il_inp[size]),
1922 M_TEMP, M_INTWAIT | M_ZERO);
1924 grp->il_lport = port;
1925 grp->il_dependladdr = *addr;
1926 grp->il_inpsiz = size;
1932 inp_localgroup_free(struct inp_localgroup *grp)
1938 inp_localgroup_destroy(struct inp_localgroup *grp)
1940 LIST_REMOVE(grp, il_list);
1941 inp_localgroup_free(grp);
1945 inp_localgroup_copy(struct inp_localgroup *grp,
1946 const struct inp_localgroup *old_grp)
1950 KASSERT(old_grp->il_inpcnt < grp->il_inpsiz,
1951 ("invalid new local group size %d and old local group count %d",
1952 grp->il_inpsiz, old_grp->il_inpcnt));
1953 for (i = 0; i < old_grp->il_inpcnt; ++i)
1954 grp->il_inp[i] = old_grp->il_inp[i];
1955 grp->il_inpcnt = old_grp->il_inpcnt;
1959 in_pcbinslocalgrphash_oncpu(struct inpcb *inp, struct inpcbinfo *pcbinfo)
1961 struct inp_localgrphead *hdr;
1962 struct inp_localgroup *grp, *grp_alloc = NULL;
1966 ASSERT_PCBINFO_TOKEN_HELD(pcbinfo);
1968 if (pcbinfo->localgrphashbase == NULL)
1972 * Further separate groups by whether the inp is jailed or not.
1973 * This allows the inp_localgroup_lookup() code to manage port
1974 * overloading between jails and non-jails.
1976 * XXX all jails are collected into one group, which works fine
1977 * as we expect the jails to be listening on different addresses.
1978 * If this changes in the future we may have to break the groups
1979 * up by prison pointer as well.
1981 if (inp->inp_socket && inp->inp_socket->so_cred)
1982 isjailed = jailed(inp->inp_socket->so_cred);
1986 hdr = &pcbinfo->localgrphashbase[
1987 INP_PCBLOCALGRPHASH(inp->inp_lport, pcbinfo->localgrphashmask)];
1990 LIST_FOREACH(grp, hdr, il_list) {
1991 if (grp->il_af == inp->inp_af &&
1992 grp->il_lport == inp->inp_lport &&
1993 grp->il_jailed == isjailed &&
1994 memcmp(&grp->il_dependladdr,
1995 &inp->inp_inc.inc_ie.ie_dependladdr,
1996 sizeof(grp->il_dependladdr)) == 0) {
2002 * Create a new local group
2004 if (grp_alloc == NULL) {
2005 grp_alloc = inp_localgroup_alloc(inp->inp_af,
2006 inp->inp_lport, &inp->inp_inc.inc_ie.ie_dependladdr,
2007 INP_LOCALGROUP_SIZMIN);
2009 * Local group allocation could block and the
2010 * local group w/ the same property might have
2011 * been added by others when we were blocked;
2016 /* Local group has been allocated; link it */
2018 grp->il_jailed = isjailed;
2020 LIST_INSERT_HEAD(hdr, grp, il_list);
2022 } else if (grp->il_inpcnt == grp->il_inpsiz) {
2025 * REMOVED - Ensure that all entries are placed in the
2026 * localgroup so jail operations can be
2027 * deterministic on a il_lport basis.
2029 if (grp->il_inpsiz >= INP_LOCALGROUP_SIZMAX) {
2030 static int limit_logged = 0;
2032 if (!limit_logged) {
2034 kprintf("local group port %d, "
2035 "limit reached\n", ntohs(grp->il_lport));
2037 if (grp_alloc != NULL) {
2039 * This would happen if the local group
2040 * w/ the same property was expanded when
2041 * our local group allocation blocked.
2043 inp_localgroup_free(grp_alloc);
2050 * Expand this local group
2052 if (grp_alloc == NULL ||
2053 grp->il_inpcnt >= grp_alloc->il_inpsiz) {
2054 if (grp_alloc != NULL)
2055 inp_localgroup_free(grp_alloc);
2056 grp_alloc = inp_localgroup_alloc(grp->il_af,
2057 grp->il_lport, &grp->il_dependladdr,
2058 grp->il_inpsiz * 2);
2060 * Local group allocation could block and the
2061 * local group w/ the same property might have
2062 * been expanded by others when we were blocked;
2069 * Save the old local group, link the new one, and then
2070 * destroy the old local group
2072 inp_localgroup_copy(grp_alloc, grp);
2073 LIST_INSERT_HEAD(hdr, grp_alloc, il_list);
2074 inp_localgroup_destroy(grp);
2077 grp->il_jailed = isjailed;
2081 * Found the local group
2083 if (grp_alloc != NULL) {
2085 * This would happen if the local group w/ the
2086 * same property was added or expanded when our
2087 * local group allocation blocked.
2089 inp_localgroup_free(grp_alloc);
2094 KASSERT(grp->il_inpcnt < grp->il_inpsiz,
2095 ("invalid local group size %d and count %d",
2096 grp->il_inpsiz, grp->il_inpcnt));
2099 * Keep the local group sorted by the inpcb local group index
2100 * in ascending order.
2102 * This eases the multi-process userland application which uses
2103 * SO_REUSEPORT sockets and binds process to the owner cpu of
2104 * the SO_REUSEPORT socket:
2105 * If we didn't sort the local group by the inpcb local group
2106 * index and one of the process owning an inpcb in this local
2107 * group restarted, e.g. crashed and restarted by watchdog,
2108 * other processes owning a inpcb in this local group would have
2109 * to detect that event, refetch its socket's owner cpu, and
2112 idx = grp->il_inpcnt;
2113 for (i = 0; i < idx; ++i) {
2114 struct inpcb *oinp = grp->il_inp[i];
2116 if (oinp->inp_lgrpindex > i) {
2117 if (inp->inp_lgrpindex < 0) {
2118 inp->inp_lgrpindex = i;
2119 } else if (inp->inp_lgrpindex != i) {
2121 kprintf("inp %p: grpidx %d, "
2122 "assigned to %d, cpu%d\n",
2123 inp, inp->inp_lgrpindex, i,
2127 grp->il_inp[i] = inp;
2129 /* Pull down inpcbs */
2130 for (; i < grp->il_inpcnt; ++i) {
2131 struct inpcb *oinp1 = grp->il_inp[i + 1];
2133 grp->il_inp[i + 1] = oinp;
2141 if (inp->inp_lgrpindex < 0) {
2142 inp->inp_lgrpindex = idx;
2143 } else if (inp->inp_lgrpindex != idx) {
2145 kprintf("inp %p: grpidx %d, assigned to %d, cpu%d\n",
2146 inp, inp->inp_lgrpindex, idx, mycpuid);
2149 grp->il_inp[idx] = inp;
2154 in_pcbinswildcardhash_oncpu(struct inpcb *inp, struct inpcbinfo *pcbinfo)
2156 struct inpcontainer *ic;
2157 struct inpcontainerhead *bucket;
2159 GET_PCBINFO_TOKEN(pcbinfo);
2161 in_pcbinslocalgrphash_oncpu(inp, pcbinfo);
2163 bucket = &pcbinfo->wildcardhashbase[
2164 INP_PCBWILDCARDHASH(inp->inp_lport, pcbinfo->wildcardhashmask)];
2166 ic = kmalloc(sizeof(struct inpcontainer), M_TEMP, M_INTWAIT);
2168 LIST_INSERT_HEAD(bucket, ic, ic_list);
2170 REL_PCBINFO_TOKEN(pcbinfo);
2174 * Insert PCB into wildcard hash table.
2177 in_pcbinswildcardhash(struct inpcb *inp)
2179 struct inpcbinfo *pcbinfo = inp->inp_pcbinfo;
2181 KASSERT(&curthread->td_msgport == netisr_cpuport(pcbinfo->cpu),
2182 ("not in correct netisr"));
2183 ASSERT_INP_NOTINHASH(inp);
2184 inp->inp_flags |= INP_WILDCARD;
2186 in_pcbinswildcardhash_oncpu(inp, pcbinfo);
2190 in_pcbremlocalgrphash_oncpu(struct inpcb *inp, struct inpcbinfo *pcbinfo)
2192 struct inp_localgrphead *hdr;
2193 struct inp_localgroup *grp;
2195 ASSERT_PCBINFO_TOKEN_HELD(pcbinfo);
2197 if (pcbinfo->localgrphashbase == NULL)
2200 hdr = &pcbinfo->localgrphashbase[
2201 INP_PCBLOCALGRPHASH(inp->inp_lport, pcbinfo->localgrphashmask)];
2203 LIST_FOREACH(grp, hdr, il_list) {
2206 for (i = 0; i < grp->il_inpcnt; ++i) {
2207 if (grp->il_inp[i] != inp)
2210 if (grp->il_inpcnt == 1) {
2211 /* Destroy this local group */
2212 inp_localgroup_destroy(grp);
2214 /* Pull up inpcbs */
2215 for (; i + 1 < grp->il_inpcnt; ++i)
2216 grp->il_inp[i] = grp->il_inp[i + 1];
2225 in_pcbremwildcardhash_oncpu(struct inpcb *inp, struct inpcbinfo *pcbinfo)
2227 struct inpcontainer *ic;
2228 struct inpcontainerhead *head;
2230 GET_PCBINFO_TOKEN(pcbinfo);
2232 in_pcbremlocalgrphash_oncpu(inp, pcbinfo);
2235 head = &pcbinfo->wildcardhashbase[
2236 INP_PCBWILDCARDHASH(inp->inp_lport, pcbinfo->wildcardhashmask)];
2238 LIST_FOREACH(ic, head, ic_list) {
2239 if (ic->ic_inp == inp)
2242 REL_PCBINFO_TOKEN(pcbinfo);
2243 return; /* not found! */
2246 LIST_REMOVE(ic, ic_list); /* remove container from bucket chain */
2247 REL_PCBINFO_TOKEN(pcbinfo);
2248 kfree(ic, M_TEMP); /* deallocate container */
2252 * Remove PCB from wildcard hash table.
2255 in_pcbremwildcardhash(struct inpcb *inp)
2257 struct inpcbinfo *pcbinfo = inp->inp_pcbinfo;
2259 KASSERT(&curthread->td_msgport == netisr_cpuport(pcbinfo->cpu),
2260 ("not in correct netisr"));
2261 KASSERT(inp->inp_flags & INP_WILDCARD, ("inp not wildcard"));
2263 in_pcbremwildcardhash_oncpu(inp, pcbinfo);
2264 inp->inp_lgrpindex = -1;
2265 inp->inp_flags &= ~INP_WILDCARD;
2269 * Remove PCB from various lists.
2272 in_pcbremlists(struct inpcb *inp)
2274 in_pcbremporthash(inp);
2275 if (inp->inp_flags & INP_WILDCARD) {
2276 in_pcbremwildcardhash(inp);
2277 } else if (inp->inp_flags & INP_CONNECTED) {
2278 in_pcbremconnhash(inp);
2281 if (inp->inp_flags & INP_ONLIST)
2286 prison_xinpcb(struct thread *td, struct inpcb *inp)
2290 if (td->td_proc == NULL)
2292 cr = td->td_proc->p_ucred;
2293 if (cr->cr_prison == NULL)
2295 if (inp->inp_socket && inp->inp_socket->so_cred &&
2296 inp->inp_socket->so_cred->cr_prison &&
2297 cr->cr_prison == inp->inp_socket->so_cred->cr_prison)
2303 in_pcblist_range(SYSCTL_HANDLER_ARGS)
2305 struct inpcbinfo *pcbinfo_arr = arg1;
2306 int pcbinfo_arrlen = arg2;
2307 struct inpcb *marker;
2311 KASSERT(pcbinfo_arrlen <= netisr_ncpus && pcbinfo_arrlen >= 1,
2312 ("invalid pcbinfo count %d", pcbinfo_arrlen));
2315 * The process of preparing the TCB list is too time-consuming and
2316 * resource-intensive to repeat twice on every request.
2319 if (req->oldptr == NULL) {
2320 for (cpu = 0; cpu < pcbinfo_arrlen; ++cpu)
2321 n += pcbinfo_arr[cpu].ipi_count;
2322 req->oldidx = (n + n/8 + 10) * sizeof(struct xinpcb);
2326 if (req->newptr != NULL)
2329 marker = kmalloc(sizeof(struct inpcb), M_TEMP, M_WAITOK|M_ZERO);
2330 marker->inp_flags |= INP_PLACEMARKER;
2333 * OK, now we're committed to doing something. Re-fetch ipi_count
2334 * after obtaining the generation count.
2338 for (cpu = 0; cpu < pcbinfo_arrlen && error == 0; ++cpu) {
2339 struct inpcbinfo *pcbinfo = &pcbinfo_arr[cpu];
2344 lwkt_migratecpu(cpu);
2346 GET_PCBINFO_TOKEN(pcbinfo);
2348 n = pcbinfo->ipi_count;
2350 LIST_INSERT_HEAD(&pcbinfo->pcblisthead, marker, inp_list);
2352 while ((inp = LIST_NEXT(marker, inp_list)) != NULL && i < n) {
2353 LIST_REMOVE(marker, inp_list);
2354 LIST_INSERT_AFTER(inp, marker, inp_list);
2356 if (inp->inp_flags & INP_PLACEMARKER)
2358 if (prison_xinpcb(req->td, inp))
2361 bzero(&xi, sizeof xi);
2362 xi.xi_len = sizeof xi;
2363 bcopy(inp, &xi.xi_inp, sizeof *inp);
2364 if (inp->inp_socket)
2365 sotoxsocket(inp->inp_socket, &xi.xi_socket);
2366 if ((error = SYSCTL_OUT(req, &xi, sizeof xi)) != 0)
2370 LIST_REMOVE(marker, inp_list);
2372 REL_PCBINFO_TOKEN(pcbinfo);
2374 if (error == 0 && i < n) {
2375 bzero(&xi, sizeof xi);
2376 xi.xi_len = sizeof xi;
2378 error = SYSCTL_OUT(req, &xi, sizeof xi);
2386 lwkt_migratecpu(origcpu);
2387 kfree(marker, M_TEMP);
2392 in_pcblist_ncpus(SYSCTL_HANDLER_ARGS)
2395 return (in_pcblist_range(oidp, arg1, netisr_ncpus, req));
2399 in_savefaddr(struct socket *so, const struct sockaddr *faddr)
2401 struct sockaddr_in *sin;
2403 KASSERT(faddr->sa_family == AF_INET,
2404 ("not AF_INET faddr %d", faddr->sa_family));
2406 sin = kmalloc(sizeof(*sin), M_SONAME, M_WAITOK | M_ZERO);
2407 sin->sin_family = AF_INET;
2408 sin->sin_len = sizeof(*sin);
2409 sin->sin_port = ((const struct sockaddr_in *)faddr)->sin_port;
2410 sin->sin_addr = ((const struct sockaddr_in *)faddr)->sin_addr;
2412 so->so_faddr = (struct sockaddr *)sin;
2416 in_pcbportinfo_init(struct inpcbportinfo *portinfo, int hashsize,
2419 memset(portinfo, 0, sizeof(*portinfo));
2421 portinfo->offset = offset;
2422 portinfo->porthashbase = phashinit(hashsize, M_PCB,
2423 &portinfo->porthashcnt);
2427 in_pcbportrange(u_short *hi0, u_short *lo0, u_short ofs, u_short step)
2437 hi = rounddown(hi, step);
2442 lo = roundup(lo, step);
2452 in_pcbglobalinit(void)
2456 in_pcbmarkers = kmalloc(netisr_ncpus * sizeof(struct inpcb), M_PCB,
2458 in_pcbcontainer_markers =
2459 kmalloc(netisr_ncpus * sizeof(struct inpcontainer), M_PCB,
2462 for (cpu = 0; cpu < netisr_ncpus; ++cpu) {
2463 struct inpcontainer *ic = &in_pcbcontainer_markers[cpu];
2464 struct inpcb *marker = &in_pcbmarkers[cpu];
2466 marker->inp_flags |= INP_PLACEMARKER;
2467 ic->ic_inp = marker;
2475 ASSERT_NETISR_NCPUS(mycpuid);
2476 return &in_pcbmarkers[mycpuid];
2479 struct inpcontainer *
2480 in_pcbcontainer_marker(void)
2483 ASSERT_NETISR_NCPUS(mycpuid);
2484 return &in_pcbcontainer_markers[mycpuid];
2488 in_pcbresetroute(struct inpcb *inp)
2490 struct route *ro = &inp->inp_route;
2492 if (ro->ro_rt != NULL)
2494 bzero(ro, sizeof(*ro));