2 * Copyright (c) 2004 Jeffrey M. Hsu. All rights reserved.
3 * Copyright (c) 2004 The DragonFly Project. All rights reserved.
5 * This code is derived from software contributed to The DragonFly Project
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 * 3. Neither the name of The DragonFly Project nor the names of its
17 * contributors may be used to endorse or promote products derived
18 * from this software without specific, prior written permission.
20 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
21 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
22 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
23 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
24 * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
25 * INCIDENTAL, SPECIAL, EXEMPLARY OR CONSEQUENTIAL DAMAGES (INCLUDING,
26 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
27 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
28 * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
29 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
30 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
35 * Copyright (c) 1982, 1986, 1991, 1993, 1995
36 * The Regents of the University of California. All rights reserved.
38 * Redistribution and use in source and binary forms, with or without
39 * modification, are permitted provided that the following conditions
41 * 1. Redistributions of source code must retain the above copyright
42 * notice, this list of conditions and the following disclaimer.
43 * 2. Redistributions in binary form must reproduce the above copyright
44 * notice, this list of conditions and the following disclaimer in the
45 * documentation and/or other materials provided with the distribution.
46 * 4. Neither the name of the University nor the names of its contributors
47 * may be used to endorse or promote products derived from this software
48 * without specific prior written permission.
50 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
51 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
52 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
53 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
54 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
55 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
56 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
57 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
58 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
59 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
62 * @(#)in_pcb.c 8.4 (Berkeley) 5/24/95
63 * $FreeBSD: src/sys/netinet/in_pcb.c,v 1.59.2.27 2004/01/02 04:06:42 ambrisko Exp $
66 #include "opt_ipsec.h"
67 #include "opt_inet6.h"
69 #include <sys/param.h>
70 #include <sys/systm.h>
71 #include <sys/malloc.h>
73 #include <sys/domain.h>
74 #include <sys/protosw.h>
75 #include <sys/socket.h>
76 #include <sys/socketvar.h>
80 #include <sys/kernel.h>
81 #include <sys/sysctl.h>
83 #include <sys/thread2.h>
84 #include <sys/socketvar2.h>
85 #include <sys/msgport2.h>
87 #include <machine/limits.h>
90 #include <net/if_types.h>
91 #include <net/route.h>
93 #include <netinet/in.h>
94 #include <netinet/in_pcb.h>
95 #include <netinet/in_var.h>
96 #include <netinet/ip_var.h>
98 #include <netinet/ip6.h>
99 #include <netinet6/ip6_var.h>
103 #include <netinet6/ipsec.h>
104 #include <netproto/key/key.h>
105 #include <netproto/ipsec/esp_var.h>
109 #if defined(IPSEC) || defined(IPSEC_ESP)
110 #error "Bad idea: don't compile with both IPSEC and FAST_IPSEC!"
113 #include <netproto/ipsec/ipsec.h>
114 #include <netproto/ipsec/key.h>
116 #endif /* FAST_IPSEC */
118 #define INP_LOCALGROUP_SIZMIN 8
119 #define INP_LOCALGROUP_SIZMAX 256
121 struct in_addr zeroin_addr;
124 * These configure the range of local port addresses assigned to
125 * "unspecified" outgoing connections/packets/whatever.
127 int ipport_lowfirstauto = IPPORT_RESERVED - 1; /* 1023 */
128 int ipport_lowlastauto = IPPORT_RESERVEDSTART; /* 600 */
130 int ipport_firstauto = IPPORT_RESERVED; /* 1024 */
131 int ipport_lastauto = IPPORT_USERRESERVED; /* 5000 */
133 int ipport_hifirstauto = IPPORT_HIFIRSTAUTO; /* 49152 */
134 int ipport_hilastauto = IPPORT_HILASTAUTO; /* 65535 */
136 #define RANGECHK(var, min, max) \
137 if ((var) < (min)) { (var) = (min); } \
138 else if ((var) > (max)) { (var) = (max); }
140 int udpencap_enable = 1; /* enabled by default */
141 int udpencap_port = 4500; /* triggers decapsulation */
144 sysctl_net_ipport_check(SYSCTL_HANDLER_ARGS)
148 error = sysctl_handle_int(oidp, oidp->oid_arg1, oidp->oid_arg2, req);
150 RANGECHK(ipport_lowfirstauto, 1, IPPORT_RESERVED - 1);
151 RANGECHK(ipport_lowlastauto, 1, IPPORT_RESERVED - 1);
153 RANGECHK(ipport_firstauto, IPPORT_RESERVED, USHRT_MAX);
154 RANGECHK(ipport_lastauto, IPPORT_RESERVED, USHRT_MAX);
156 RANGECHK(ipport_hifirstauto, IPPORT_RESERVED, USHRT_MAX);
157 RANGECHK(ipport_hilastauto, IPPORT_RESERVED, USHRT_MAX);
164 SYSCTL_NODE(_net_inet_ip, IPPROTO_IP, portrange, CTLFLAG_RW, 0, "IP Ports");
166 SYSCTL_PROC(_net_inet_ip_portrange, OID_AUTO, lowfirst, CTLTYPE_INT|CTLFLAG_RW,
167 &ipport_lowfirstauto, 0, &sysctl_net_ipport_check, "I", "");
168 SYSCTL_PROC(_net_inet_ip_portrange, OID_AUTO, lowlast, CTLTYPE_INT|CTLFLAG_RW,
169 &ipport_lowlastauto, 0, &sysctl_net_ipport_check, "I", "");
170 SYSCTL_PROC(_net_inet_ip_portrange, OID_AUTO, first, CTLTYPE_INT|CTLFLAG_RW,
171 &ipport_firstauto, 0, &sysctl_net_ipport_check, "I", "");
172 SYSCTL_PROC(_net_inet_ip_portrange, OID_AUTO, last, CTLTYPE_INT|CTLFLAG_RW,
173 &ipport_lastauto, 0, &sysctl_net_ipport_check, "I", "");
174 SYSCTL_PROC(_net_inet_ip_portrange, OID_AUTO, hifirst, CTLTYPE_INT|CTLFLAG_RW,
175 &ipport_hifirstauto, 0, &sysctl_net_ipport_check, "I", "");
176 SYSCTL_PROC(_net_inet_ip_portrange, OID_AUTO, hilast, CTLTYPE_INT|CTLFLAG_RW,
177 &ipport_hilastauto, 0, &sysctl_net_ipport_check, "I", "");
180 * in_pcb.c: manage the Protocol Control Blocks.
182 * NOTE: It is assumed that most of these functions will be called from
183 * a critical section. XXX - There are, unfortunately, a few exceptions
184 * to this rule that should be fixed.
186 * NOTE: The caller should initialize the cpu field to the cpu running the
187 * protocol stack associated with this inpcbinfo.
191 in_pcbinfo_init(struct inpcbinfo *pcbinfo)
193 LIST_INIT(&pcbinfo->pcblisthead);
195 pcbinfo->portsave = kmalloc(sizeof(*pcbinfo->portsave), M_PCB,
199 struct baddynamicports baddynamicports;
202 * Check if the specified port is invalid for dynamic allocation.
205 in_baddynamic(u_int16_t port, u_int16_t proto)
209 return (DP_ISSET(baddynamicports.tcp, port));
212 /* Cannot preset this as it is a sysctl */
213 if (port == udpencap_port)
216 return (DP_ISSET(baddynamicports.udp, port));
224 * Allocate a PCB and associate it with the socket.
227 in_pcballoc(struct socket *so, struct inpcbinfo *pcbinfo)
234 inp = kmalloc(pcbinfo->ipi_size, M_PCB, M_WAITOK|M_ZERO);
235 inp->inp_gencnt = ++pcbinfo->ipi_gencnt;
236 inp->inp_pcbinfo = inp->inp_cpcbinfo = pcbinfo;
237 inp->inp_socket = so;
239 error = ipsec_init_policy(so, &inp->inp_sp);
246 if (INP_SOCKAF(so) == AF_INET6 && ip6_v6only)
247 inp->inp_flags |= IN6P_IPV6_V6ONLY;
248 if (ip6_auto_flowlabel)
249 inp->inp_flags |= IN6P_AUTOFLOWLABEL;
253 LIST_INSERT_HEAD(&pcbinfo->pcblisthead, inp, inp_list);
254 pcbinfo->ipi_count++;
259 * Unlink a pcb with the intention of moving it to another cpu with a
260 * different pcbinfo. While unlinked nothing should attempt to dereference
261 * inp_pcbinfo, NULL it out so we assert if it does.
264 in_pcbunlink(struct inpcb *inp, struct inpcbinfo *pcbinfo)
266 KKASSERT(inp->inp_pcbinfo == pcbinfo);
268 LIST_REMOVE(inp, inp_list);
269 pcbinfo->ipi_count--;
270 inp->inp_pcbinfo = NULL;
274 * Relink a pcb into a new pcbinfo.
277 in_pcblink(struct inpcb *inp, struct inpcbinfo *pcbinfo)
279 KKASSERT(inp->inp_pcbinfo == NULL);
280 inp->inp_pcbinfo = pcbinfo;
281 LIST_INSERT_HEAD(&pcbinfo->pcblisthead, inp, inp_list);
282 pcbinfo->ipi_count++;
286 in_pcbbind(struct inpcb *inp, struct sockaddr *nam, struct thread *td)
288 struct socket *so = inp->inp_socket;
289 unsigned short *lastport;
290 struct sockaddr_in *sin;
291 struct sockaddr_in jsin;
292 struct inpcbinfo *pcbinfo = inp->inp_pcbinfo;
293 struct ucred *cred = NULL;
295 int wild = 0, reuseport = (so->so_options & SO_REUSEPORT);
298 if (TAILQ_EMPTY(&in_ifaddrheads[mycpuid])) /* XXX broken! */
299 return (EADDRNOTAVAIL);
300 if (inp->inp_lport != 0 || inp->inp_laddr.s_addr != INADDR_ANY)
301 return (EINVAL); /* already bound */
303 if (!(so->so_options & (SO_REUSEADDR|SO_REUSEPORT)))
304 wild = 1; /* neither SO_REUSEADDR nor SO_REUSEPORT is set */
306 cred = td->td_proc->p_ucred;
309 * This has to be atomic. If the porthash is shared across multiple
310 * protocol threads (aka tcp) then the token will be non-NULL.
312 if (pcbinfo->porttoken)
313 lwkt_gettoken(pcbinfo->porttoken);
316 sin = (struct sockaddr_in *)nam;
317 if (nam->sa_len != sizeof *sin) {
323 * We should check the family, but old programs
324 * incorrectly fail to initialize it.
326 if (sin->sin_family != AF_INET) {
327 error = EAFNOSUPPORT;
331 if (!prison_replace_wildcards(td, nam)) {
335 lport = sin->sin_port;
336 if (IN_MULTICAST(ntohl(sin->sin_addr.s_addr))) {
338 * Treat SO_REUSEADDR as SO_REUSEPORT for multicast;
339 * allow complete duplication of binding if
340 * SO_REUSEPORT is set, or if SO_REUSEADDR is set
341 * and a multicast address is bound on both
342 * new and duplicated sockets.
344 if (so->so_options & SO_REUSEADDR)
345 reuseport = SO_REUSEADDR | SO_REUSEPORT;
346 } else if (sin->sin_addr.s_addr != INADDR_ANY) {
347 sin->sin_port = 0; /* yech... */
348 bzero(&sin->sin_zero, sizeof sin->sin_zero);
349 if (ifa_ifwithaddr((struct sockaddr *)sin) == NULL) {
350 error = EADDRNOTAVAIL;
358 if (ntohs(lport) < IPPORT_RESERVED &&
360 priv_check_cred(cred, PRIV_NETINET_RESERVEDPORT, 0)) {
364 if (so->so_cred->cr_uid != 0 &&
365 !IN_MULTICAST(ntohl(sin->sin_addr.s_addr))) {
366 t = in_pcblookup_local(pcbinfo,
372 (!in_nullhost(sin->sin_addr) ||
373 !in_nullhost(t->inp_laddr) ||
374 (t->inp_socket->so_options &
375 SO_REUSEPORT) == 0) &&
376 (so->so_cred->cr_uid !=
377 t->inp_socket->so_cred->cr_uid)) {
379 if (!in_nullhost(sin->sin_addr) ||
380 !in_nullhost(t->inp_laddr) ||
382 INP_SOCKAF(t->inp_socket))
390 if (cred && !prison_replace_wildcards(td, nam)) {
391 error = EADDRNOTAVAIL;
394 t = in_pcblookup_local(pcbinfo, sin->sin_addr, lport,
396 if (t && !(reuseport & t->inp_socket->so_options)) {
398 if (!in_nullhost(sin->sin_addr) ||
399 !in_nullhost(t->inp_laddr) ||
400 INP_SOCKAF(so) == INP_SOCKAF(t->inp_socket))
408 inp->inp_laddr = sin->sin_addr;
414 jsin.sin_family = AF_INET;
415 jsin.sin_addr.s_addr = inp->inp_laddr.s_addr;
416 if (!prison_replace_wildcards(td, (struct sockaddr *)&jsin)) {
417 inp->inp_laddr.s_addr = INADDR_ANY;
421 inp->inp_laddr.s_addr = jsin.sin_addr.s_addr;
423 inp->inp_flags |= INP_ANONPORT;
425 if (inp->inp_flags & INP_HIGHPORT) {
426 first = ipport_hifirstauto; /* sysctl */
427 last = ipport_hilastauto;
428 lastport = &pcbinfo->lasthi;
429 } else if (inp->inp_flags & INP_LOWPORT) {
431 (error = priv_check_cred(cred, PRIV_NETINET_RESERVEDPORT, 0))) {
432 inp->inp_laddr.s_addr = INADDR_ANY;
435 first = ipport_lowfirstauto; /* 1023 */
436 last = ipport_lowlastauto; /* 600 */
437 lastport = &pcbinfo->lastlow;
439 first = ipport_firstauto; /* sysctl */
440 last = ipport_lastauto;
441 lastport = &pcbinfo->lastport;
444 * Simple check to ensure all ports are not used up causing
447 * We split the two cases (up and down) so that the direction
448 * is not being tested on each round of the loop.
454 count = first - last;
457 if (count-- < 0) { /* completely used? */
458 inp->inp_laddr.s_addr = INADDR_ANY;
459 error = EADDRNOTAVAIL;
463 if (*lastport > first || *lastport < last)
465 lport = htons(*lastport);
466 } while (in_pcblookup_local(pcbinfo, inp->inp_laddr,
472 count = last - first;
475 if (count-- < 0) { /* completely used? */
476 inp->inp_laddr.s_addr = INADDR_ANY;
477 error = EADDRNOTAVAIL;
481 if (*lastport < first || *lastport > last)
483 lport = htons(*lastport);
484 } while (in_pcblookup_local(pcbinfo, inp->inp_laddr,
488 inp->inp_lport = lport;
490 jsin.sin_family = AF_INET;
491 jsin.sin_addr.s_addr = inp->inp_laddr.s_addr;
492 if (!prison_replace_wildcards(td, (struct sockaddr*)&jsin)) {
493 inp->inp_laddr.s_addr = INADDR_ANY;
498 inp->inp_laddr.s_addr = jsin.sin_addr.s_addr;
500 if (in_pcbinsporthash(inp) != 0) {
501 inp->inp_laddr.s_addr = INADDR_ANY;
508 if (pcbinfo->porttoken)
509 lwkt_reltoken(pcbinfo->porttoken);
513 static struct inpcb *
514 in_pcblookup_addrport(struct inpcbinfo *pcbinfo, struct in_addr laddr,
515 u_short lport, struct in_addr faddr, u_short fport, struct ucred *cred)
518 struct inpcbporthead *porthash;
519 struct inpcbport *phd;
520 struct inpcb *match = NULL;
523 * If the porthashbase is shared across several cpus we need
526 if (pcbinfo->porttoken)
527 lwkt_gettoken(pcbinfo->porttoken);
530 * Best fit PCB lookup.
532 * First see if this local port is in use by looking on the
535 porthash = &pcbinfo->porthashbase[
536 INP_PCBPORTHASH(lport, pcbinfo->porthashmask)];
537 LIST_FOREACH(phd, porthash, phd_hash) {
538 if (phd->phd_port == lport)
542 LIST_FOREACH(inp, &phd->phd_pcblist, inp_portlist) {
544 if ((inp->inp_vflag & INP_IPV4) == 0)
547 if (inp->inp_laddr.s_addr != INADDR_ANY &&
548 inp->inp_laddr.s_addr != laddr.s_addr)
551 if (inp->inp_faddr.s_addr != INADDR_ANY &&
552 inp->inp_faddr.s_addr != faddr.s_addr)
555 if (inp->inp_fport != 0 && inp->inp_fport != fport)
560 inp->inp_socket->so_cred->cr_prison) {
566 if (pcbinfo->porttoken)
567 lwkt_reltoken(pcbinfo->porttoken);
572 in_pcbconn_bind(struct inpcb *inp, const struct sockaddr *nam,
575 struct proc *p = td->td_proc;
576 unsigned short *lastport;
577 const struct sockaddr_in *sin = (const struct sockaddr_in *)nam;
578 struct sockaddr_in jsin;
579 struct inpcbinfo *pcbinfo = inp->inp_pcbinfo;
580 struct ucred *cred = NULL;
583 int count, error, dup = 0;
585 if (TAILQ_EMPTY(&in_ifaddrheads[mycpuid])) /* XXX broken! */
586 return (EADDRNOTAVAIL);
588 KKASSERT(inp->inp_laddr.s_addr != INADDR_ANY);
589 if (inp->inp_lport != 0)
590 return (EINVAL); /* already bound */
596 * This has to be atomic. If the porthash is shared across multiple
597 * protocol threads (aka tcp) then the token will be non-NULL.
599 if (pcbinfo->porttoken)
600 lwkt_gettoken(pcbinfo->porttoken);
602 jsin.sin_family = AF_INET;
603 jsin.sin_addr.s_addr = inp->inp_laddr.s_addr;
604 if (!prison_replace_wildcards(td, (struct sockaddr *)&jsin)) {
605 inp->inp_laddr.s_addr = INADDR_ANY;
609 inp->inp_laddr.s_addr = jsin.sin_addr.s_addr;
611 inp->inp_flags |= INP_ANONPORT;
613 if (inp->inp_flags & INP_HIGHPORT) {
614 first = ipport_hifirstauto; /* sysctl */
615 last = ipport_hilastauto;
616 lastport = &pcbinfo->lasthi;
617 } else if (inp->inp_flags & INP_LOWPORT) {
619 (error = priv_check_cred(cred, PRIV_NETINET_RESERVEDPORT, 0))) {
620 inp->inp_laddr.s_addr = INADDR_ANY;
623 first = ipport_lowfirstauto; /* 1023 */
624 last = ipport_lowlastauto; /* 600 */
625 lastport = &pcbinfo->lastlow;
627 first = ipport_firstauto; /* sysctl */
628 last = ipport_lastauto;
629 lastport = &pcbinfo->lastport;
634 * Simple check to ensure all ports are not used up causing
637 * We split the two cases (up and down) so that the direction
638 * is not being tested on each round of the loop.
644 count = first - last;
647 if (count-- < 0) { /* completely used? */
648 inp->inp_laddr.s_addr = INADDR_ANY;
649 error = EADDRNOTAVAIL;
653 if (*lastport > first || *lastport < last)
655 lport = htons(*lastport);
656 } while (in_pcblookup_addrport(pcbinfo, inp->inp_laddr, lport,
657 sin->sin_addr, sin->sin_port, cred));
662 count = last - first;
665 if (count-- < 0) { /* completely used? */
666 inp->inp_laddr.s_addr = INADDR_ANY;
667 error = EADDRNOTAVAIL;
671 if (*lastport < first || *lastport > last)
673 lport = htons(*lastport);
674 } while (in_pcblookup_addrport(pcbinfo, inp->inp_laddr, lport,
675 sin->sin_addr, sin->sin_port, cred));
678 /* This could happen on loopback interface */
679 if (sin->sin_port == lport &&
680 sin->sin_addr.s_addr == inp->inp_laddr.s_addr) {
683 * Duplicate again; give up
685 inp->inp_laddr.s_addr = INADDR_ANY;
686 error = EADDRNOTAVAIL;
692 inp->inp_lport = lport;
694 jsin.sin_family = AF_INET;
695 jsin.sin_addr.s_addr = inp->inp_laddr.s_addr;
696 if (!prison_replace_wildcards(td, (struct sockaddr*)&jsin)) {
697 inp->inp_laddr.s_addr = INADDR_ANY;
702 inp->inp_laddr.s_addr = jsin.sin_addr.s_addr;
704 if (in_pcbinsporthash(inp) != 0) {
705 inp->inp_laddr.s_addr = INADDR_ANY;
712 if (pcbinfo->porttoken)
713 lwkt_reltoken(pcbinfo->porttoken);
718 * Transform old in_pcbconnect() into an inner subroutine for new
719 * in_pcbconnect(): Do some validity-checking on the remote
720 * address (in mbuf 'nam') and then determine local host address
721 * (i.e., which interface) to use to access that remote host.
723 * This preserves definition of in_pcbconnect(), while supporting a
724 * slightly different version for T/TCP. (This is more than
725 * a bit of a kludge, but cleaning up the internal interfaces would
726 * have forced minor changes in every protocol).
729 in_pcbladdr(struct inpcb *inp, struct sockaddr *nam,
730 struct sockaddr_in **plocal_sin, struct thread *td)
732 struct in_ifaddr *ia;
733 struct ucred *cred = NULL;
734 struct sockaddr_in *sin = (struct sockaddr_in *)nam;
735 struct sockaddr *jsin;
736 int jailed = 0, alloc_route = 0;
738 if (nam->sa_len != sizeof *sin)
740 if (sin->sin_family != AF_INET)
741 return (EAFNOSUPPORT);
742 if (sin->sin_port == 0)
743 return (EADDRNOTAVAIL);
744 if (td && td->td_proc && td->td_proc->p_ucred)
745 cred = td->td_proc->p_ucred;
746 if (cred && cred->cr_prison)
748 if (!TAILQ_EMPTY(&in_ifaddrheads[mycpuid])) {
749 ia = TAILQ_FIRST(&in_ifaddrheads[mycpuid])->ia;
751 * If the destination address is INADDR_ANY,
752 * use the primary local address.
753 * If the supplied address is INADDR_BROADCAST,
754 * and the primary interface supports broadcast,
755 * choose the broadcast address for that interface.
757 if (sin->sin_addr.s_addr == INADDR_ANY)
758 sin->sin_addr = IA_SIN(ia)->sin_addr;
759 else if (sin->sin_addr.s_addr == (u_long)INADDR_BROADCAST &&
760 (ia->ia_ifp->if_flags & IFF_BROADCAST))
761 sin->sin_addr = satosin(&ia->ia_broadaddr)->sin_addr;
763 if (inp->inp_laddr.s_addr == INADDR_ANY) {
768 * If route is known or can be allocated now,
769 * our src addr is taken from the i/f, else punt.
770 * Note that we should check the address family of the cached
771 * destination, in case of sharing the cache with IPv6.
773 ro = &inp->inp_route;
775 (!(ro->ro_rt->rt_flags & RTF_UP) ||
776 ro->ro_dst.sa_family != AF_INET ||
777 satosin(&ro->ro_dst)->sin_addr.s_addr !=
778 sin->sin_addr.s_addr ||
779 inp->inp_socket->so_options & SO_DONTROUTE)) {
783 if (!(inp->inp_socket->so_options & SO_DONTROUTE) && /*XXX*/
784 (ro->ro_rt == NULL ||
785 ro->ro_rt->rt_ifp == NULL)) {
786 /* No route yet, so try to acquire one */
787 bzero(&ro->ro_dst, sizeof(struct sockaddr_in));
788 ro->ro_dst.sa_family = AF_INET;
789 ro->ro_dst.sa_len = sizeof(struct sockaddr_in);
790 ((struct sockaddr_in *) &ro->ro_dst)->sin_addr =
796 * If we found a route, use the address
797 * corresponding to the outgoing interface
798 * unless it is the loopback (in case a route
799 * to our address on another net goes to loopback).
801 if (ro->ro_rt && !(ro->ro_rt->rt_ifp->if_flags & IFF_LOOPBACK)) {
803 if (jailed_ip(cred->cr_prison,
804 ro->ro_rt->rt_ifa->ifa_addr)) {
805 ia = ifatoia(ro->ro_rt->rt_ifa);
808 ia = ifatoia(ro->ro_rt->rt_ifa);
812 u_short fport = sin->sin_port;
815 ia = ifatoia(ifa_ifwithdstaddr(sintosa(sin)));
816 if (ia && jailed && !jailed_ip(cred->cr_prison,
817 sintosa(&ia->ia_addr)))
820 ia = ifatoia(ifa_ifwithnet(sintosa(sin)));
821 if (ia && jailed && !jailed_ip(cred->cr_prison,
822 sintosa(&ia->ia_addr)))
824 sin->sin_port = fport;
826 !TAILQ_EMPTY(&in_ifaddrheads[mycpuid]))
827 ia = TAILQ_FIRST(&in_ifaddrheads[mycpuid])->ia;
828 if (ia && jailed && !jailed_ip(cred->cr_prison,
829 sintosa(&ia->ia_addr)))
832 if (!jailed && ia == NULL)
836 * If the destination address is multicast and an outgoing
837 * interface has been set as a multicast option, use the
838 * address of that interface as our source address.
840 if (!jailed && IN_MULTICAST(ntohl(sin->sin_addr.s_addr)) &&
841 inp->inp_moptions != NULL) {
842 struct ip_moptions *imo;
845 imo = inp->inp_moptions;
846 if (imo->imo_multicast_ifp != NULL) {
847 struct in_ifaddr_container *iac;
849 ifp = imo->imo_multicast_ifp;
852 &in_ifaddrheads[mycpuid], ia_link) {
853 if (iac->ia->ia_ifp == ifp) {
863 * Don't do pcblookup call here; return interface in plocal_sin
864 * and exit to caller, that will do the lookup.
866 if (ia == NULL && jailed) {
867 if ((jsin = prison_get_nonlocal(cred->cr_prison, AF_INET, NULL)) != NULL ||
868 (jsin = prison_get_local(cred->cr_prison, AF_INET, NULL)) != NULL) {
869 *plocal_sin = satosin(jsin);
875 *plocal_sin = &ia->ia_addr;
881 struct route *ro = &inp->inp_route;
883 if (ro->ro_rt != NULL)
885 bzero(ro, sizeof(*ro));
887 return (EADDRNOTAVAIL);
892 * Connect from a socket to a specified address.
893 * Both address and port must be specified in argument sin.
894 * If don't have a local address for this socket yet,
898 in_pcbconnect(struct inpcb *inp, struct sockaddr *nam, struct thread *td)
900 struct sockaddr_in *if_sin;
901 struct sockaddr_in *sin = (struct sockaddr_in *)nam;
904 /* Call inner routine to assign local interface address. */
905 if ((error = in_pcbladdr(inp, nam, &if_sin, td)) != 0)
908 if (in_pcblookup_hash(inp->inp_cpcbinfo, sin->sin_addr, sin->sin_port,
909 inp->inp_laddr.s_addr ?
910 inp->inp_laddr : if_sin->sin_addr,
911 inp->inp_lport, FALSE, NULL) != NULL) {
914 if (inp->inp_laddr.s_addr == INADDR_ANY) {
915 if (inp->inp_lport == 0) {
916 error = in_pcbbind(inp, NULL, td);
920 inp->inp_laddr = if_sin->sin_addr;
922 inp->inp_faddr = sin->sin_addr;
923 inp->inp_fport = sin->sin_port;
924 in_pcbinsconnhash(inp);
929 in_pcbdisconnect(struct inpcb *inp)
932 inp->inp_faddr.s_addr = INADDR_ANY;
934 in_pcbremconnhash(inp);
935 if (inp->inp_socket->so_state & SS_NOFDREF)
940 in_pcbdetach(struct inpcb *inp)
942 struct socket *so = inp->inp_socket;
943 struct inpcbinfo *ipi = inp->inp_pcbinfo;
946 ipsec4_delete_pcbpolicy(inp);
948 inp->inp_gencnt = ++ipi->ipi_gencnt;
949 KKASSERT((so->so_state & SS_ASSERTINPROG) == 0);
952 sofree(so); /* remove pcb ref */
953 if (inp->inp_options)
954 m_free(inp->inp_options);
955 if (inp->inp_route.ro_rt)
956 rtfree(inp->inp_route.ro_rt);
957 ip_freemoptions(inp->inp_moptions);
963 * The calling convention of in_setsockaddr() and in_setpeeraddr() was
964 * modified to match the pru_sockaddr() and pru_peeraddr() entry points
965 * in struct pr_usrreqs, so that protocols can just reference then directly
966 * without the need for a wrapper function. The socket must have a valid
967 * (i.e., non-nil) PCB, but it should be impossible to get an invalid one
968 * except through a kernel programming error, so it is acceptable to panic
969 * (or in this case trap) if the PCB is invalid. (Actually, we don't trap
970 * because there actually /is/ a programming error somewhere... XXX)
973 in_setsockaddr(struct socket *so, struct sockaddr **nam)
976 struct sockaddr_in *sin;
979 * Do the malloc first in case it blocks.
981 sin = kmalloc(sizeof *sin, M_SONAME, M_WAITOK | M_ZERO);
982 sin->sin_family = AF_INET;
983 sin->sin_len = sizeof *sin;
989 kfree(sin, M_SONAME);
992 sin->sin_port = inp->inp_lport;
993 sin->sin_addr = inp->inp_laddr;
996 *nam = (struct sockaddr *)sin;
1001 in_setsockaddr_dispatch(netmsg_t msg)
1005 error = in_setsockaddr(msg->base.nm_so, msg->peeraddr.nm_nam);
1006 lwkt_replymsg(&msg->lmsg, error);
1010 in_setpeeraddr(struct socket *so, struct sockaddr **nam)
1013 struct sockaddr_in *sin;
1016 * Do the malloc first in case it blocks.
1018 sin = kmalloc(sizeof *sin, M_SONAME, M_WAITOK | M_ZERO);
1019 sin->sin_family = AF_INET;
1020 sin->sin_len = sizeof *sin;
1026 kfree(sin, M_SONAME);
1027 return (ECONNRESET);
1029 sin->sin_port = inp->inp_fport;
1030 sin->sin_addr = inp->inp_faddr;
1033 *nam = (struct sockaddr *)sin;
1038 in_setpeeraddr_dispatch(netmsg_t msg)
1042 error = in_setpeeraddr(msg->base.nm_so, msg->peeraddr.nm_nam);
1043 lwkt_replymsg(&msg->lmsg, error);
1047 in_pcbnotifyall(struct inpcbhead *head, struct in_addr faddr, int err,
1048 void (*notify)(struct inpcb *, int))
1050 struct inpcb *inp, *ninp;
1053 * note: if INP_PLACEMARKER is set we must ignore the rest of
1054 * the structure and skip it.
1057 LIST_FOREACH_MUTABLE(inp, head, inp_list, ninp) {
1058 if (inp->inp_flags & INP_PLACEMARKER)
1061 if (!(inp->inp_vflag & INP_IPV4))
1064 if (inp->inp_faddr.s_addr != faddr.s_addr ||
1065 inp->inp_socket == NULL)
1067 (*notify)(inp, err); /* can remove inp from list! */
1073 in_pcbpurgeif0(struct inpcb *head, struct ifnet *ifp)
1076 struct ip_moptions *imo;
1079 for (inp = head; inp != NULL; inp = LIST_NEXT(inp, inp_list)) {
1080 if (inp->inp_flags & INP_PLACEMARKER)
1082 imo = inp->inp_moptions;
1083 if ((inp->inp_vflag & INP_IPV4) && imo != NULL) {
1085 * Unselect the outgoing interface if it is being
1088 if (imo->imo_multicast_ifp == ifp)
1089 imo->imo_multicast_ifp = NULL;
1092 * Drop multicast group membership if we joined
1093 * through the interface being detached.
1095 for (i = 0, gap = 0; i < imo->imo_num_memberships;
1097 if (imo->imo_membership[i]->inm_ifp == ifp) {
1098 in_delmulti(imo->imo_membership[i]);
1100 } else if (gap != 0)
1101 imo->imo_membership[i - gap] =
1102 imo->imo_membership[i];
1104 imo->imo_num_memberships -= gap;
1110 * Check for alternatives when higher level complains
1111 * about service problems. For now, invalidate cached
1112 * routing information. If the route was created dynamically
1113 * (by a redirect), time to try a default gateway again.
1116 in_losing(struct inpcb *inp)
1119 struct rt_addrinfo rtinfo;
1121 if ((rt = inp->inp_route.ro_rt)) {
1122 bzero(&rtinfo, sizeof(struct rt_addrinfo));
1123 rtinfo.rti_info[RTAX_DST] = rt_key(rt);
1124 rtinfo.rti_info[RTAX_GATEWAY] = rt->rt_gateway;
1125 rtinfo.rti_info[RTAX_NETMASK] = rt_mask(rt);
1126 rtinfo.rti_flags = rt->rt_flags;
1127 rt_missmsg(RTM_LOSING, &rtinfo, rt->rt_flags, 0);
1128 if (rt->rt_flags & RTF_DYNAMIC)
1129 rtrequest1_global(RTM_DELETE, &rtinfo, NULL, NULL);
1130 inp->inp_route.ro_rt = NULL;
1133 * A new route can be allocated
1134 * the next time output is attempted.
1140 * After a routing change, flush old routing
1141 * and allocate a (hopefully) better one.
1144 in_rtchange(struct inpcb *inp, int err)
1146 if (inp->inp_route.ro_rt) {
1147 rtfree(inp->inp_route.ro_rt);
1148 inp->inp_route.ro_rt = NULL;
1150 * A new route can be allocated the next time
1151 * output is attempted.
1157 * Lookup a PCB based on the local address and port.
1160 in_pcblookup_local(struct inpcbinfo *pcbinfo, struct in_addr laddr,
1161 u_int lport_arg, int wild_okay, struct ucred *cred)
1164 int matchwild = 3, wildcard;
1165 u_short lport = lport_arg;
1166 struct inpcbporthead *porthash;
1167 struct inpcbport *phd;
1168 struct inpcb *match = NULL;
1171 * If the porthashbase is shared across several cpus we need
1174 if (pcbinfo->porttoken)
1175 lwkt_gettoken(pcbinfo->porttoken);
1178 * Best fit PCB lookup.
1180 * First see if this local port is in use by looking on the
1183 porthash = &pcbinfo->porthashbase[
1184 INP_PCBPORTHASH(lport, pcbinfo->porthashmask)];
1185 LIST_FOREACH(phd, porthash, phd_hash) {
1186 if (phd->phd_port == lport)
1191 * Port is in use by one or more PCBs. Look for best
1194 LIST_FOREACH(inp, &phd->phd_pcblist, inp_portlist) {
1197 if ((inp->inp_vflag & INP_IPV4) == 0)
1200 if (inp->inp_faddr.s_addr != INADDR_ANY)
1202 if (inp->inp_laddr.s_addr != INADDR_ANY) {
1203 if (laddr.s_addr == INADDR_ANY)
1205 else if (inp->inp_laddr.s_addr != laddr.s_addr)
1208 if (laddr.s_addr != INADDR_ANY)
1211 if (wildcard && !wild_okay)
1213 if (wildcard < matchwild &&
1216 inp->inp_socket->so_cred->cr_prison)) {
1218 matchwild = wildcard;
1219 if (matchwild == 0) {
1225 if (pcbinfo->porttoken)
1226 lwkt_reltoken(pcbinfo->porttoken);
1230 static struct inpcb *
1231 inp_localgroup_lookup(const struct inpcbinfo *pcbinfo,
1232 struct in_addr laddr, uint16_t lport, uint32_t pkt_hash)
1234 struct inpcb *local_wild = NULL;
1235 const struct inp_localgrphead *hdr;
1236 const struct inp_localgroup *grp;
1238 hdr = &pcbinfo->localgrphashbase[
1239 INP_PCBLOCALGRPHASH(lport, pcbinfo->localgrphashmask)];
1240 pkt_hash >>= ncpus2_shift;
1243 * Order of socket selection:
1248 * - Local group does not contain jailed sockets
1249 * - Local group does not contain IPv4 mapped INET6 wild sockets
1251 LIST_FOREACH(grp, hdr, il_list) {
1253 if (!(grp->il_vflag & INP_IPV4))
1256 if (grp->il_lport == lport) {
1259 idx = pkt_hash / grp->il_factor;
1260 KASSERT(idx < grp->il_inpcnt && idx >= 0,
1261 ("invalid hash %04x, cnt %d or fact %d",
1262 pkt_hash, grp->il_inpcnt, grp->il_factor));
1264 if (grp->il_laddr.s_addr == laddr.s_addr)
1265 return grp->il_inp[idx];
1266 else if (grp->il_laddr.s_addr == INADDR_ANY)
1267 local_wild = grp->il_inp[idx];
1270 if (local_wild != NULL)
1276 * Lookup PCB in hash list.
1279 in_pcblookup_pkthash(struct inpcbinfo *pcbinfo, struct in_addr faddr,
1280 u_int fport_arg, struct in_addr laddr, u_int lport_arg,
1281 boolean_t wildcard, struct ifnet *ifp, const struct mbuf *m)
1283 struct inpcbhead *head;
1284 struct inpcb *inp, *jinp=NULL;
1285 u_short fport = fport_arg, lport = lport_arg;
1288 * First look for an exact match.
1290 head = &pcbinfo->hashbase[INP_PCBCONNHASH(faddr.s_addr, fport,
1291 laddr.s_addr, lport, pcbinfo->hashmask)];
1292 LIST_FOREACH(inp, head, inp_hash) {
1294 if (!(inp->inp_vflag & INP_IPV4))
1297 if (in_hosteq(inp->inp_faddr, faddr) &&
1298 in_hosteq(inp->inp_laddr, laddr) &&
1299 inp->inp_fport == fport && inp->inp_lport == lport) {
1301 if (inp->inp_socket == NULL ||
1302 inp->inp_socket->so_cred->cr_prison == NULL) {
1313 struct inpcb *local_wild = NULL;
1314 struct inpcb *jinp_wild = NULL;
1316 struct inpcb *local_wild_mapped = NULL;
1318 struct inpcontainer *ic;
1319 struct inpcontainerhead *chead;
1320 struct sockaddr_in jsin;
1324 * Check local group first
1326 if (pcbinfo->localgrphashbase != NULL &&
1327 m != NULL && (m->m_flags & M_HASH) &&
1328 !(ifp && ifp->if_type == IFT_FAITH)) {
1329 inp = inp_localgroup_lookup(pcbinfo,
1330 laddr, lport, m->m_pkthdr.hash);
1336 * Order of socket selection:
1337 * 1. non-jailed, non-wild.
1338 * 2. non-jailed, wild.
1339 * 3. jailed, non-wild.
1342 jsin.sin_family = AF_INET;
1343 chead = &pcbinfo->wildcardhashbase[
1344 INP_PCBWILDCARDHASH(lport, pcbinfo->wildcardhashmask)];
1345 LIST_FOREACH(ic, chead, ic_list) {
1347 jsin.sin_addr.s_addr = laddr.s_addr;
1349 if (!(inp->inp_vflag & INP_IPV4))
1352 if (inp->inp_socket != NULL)
1353 cred = inp->inp_socket->so_cred;
1356 if (cred != NULL && jailed(cred)) {
1360 if (!jailed_ip(cred->cr_prison,
1361 (struct sockaddr *)&jsin))
1364 if (inp->inp_lport == lport) {
1365 if (ifp && ifp->if_type == IFT_FAITH &&
1366 !(inp->inp_flags & INP_FAITH))
1368 if (inp->inp_laddr.s_addr == laddr.s_addr) {
1369 if (cred != NULL && jailed(cred))
1374 if (inp->inp_laddr.s_addr == INADDR_ANY) {
1376 if (INP_CHECK_SOCKAF(inp->inp_socket,
1378 local_wild_mapped = inp;
1389 if (local_wild != NULL)
1390 return (local_wild);
1392 if (local_wild_mapped != NULL)
1393 return (local_wild_mapped);
1407 in_pcblookup_hash(struct inpcbinfo *pcbinfo, struct in_addr faddr,
1408 u_int fport_arg, struct in_addr laddr, u_int lport_arg,
1409 boolean_t wildcard, struct ifnet *ifp)
1411 return in_pcblookup_pkthash(pcbinfo, faddr, fport_arg,
1412 laddr, lport_arg, wildcard, ifp, NULL);
1416 * Insert PCB into connection hash table.
1419 in_pcbinsconnhash(struct inpcb *inp)
1421 struct inpcbinfo *pcbinfo = inp->inp_cpcbinfo;
1422 struct inpcbhead *bucket;
1423 u_int32_t hashkey_faddr, hashkey_laddr;
1426 if (inp->inp_vflag & INP_IPV6) {
1427 hashkey_faddr = inp->in6p_faddr.s6_addr32[3] /* XXX JH */;
1428 hashkey_laddr = inp->in6p_laddr.s6_addr32[3] /* XXX JH */;
1431 hashkey_faddr = inp->inp_faddr.s_addr;
1432 hashkey_laddr = inp->inp_laddr.s_addr;
1437 KASSERT(!(inp->inp_flags & INP_WILDCARD),
1438 ("already on wildcardhash"));
1439 KASSERT(!(inp->inp_flags & INP_CONNECTED),
1440 ("already on connhash"));
1441 inp->inp_flags |= INP_CONNECTED;
1444 * Insert into the connection hash table.
1446 bucket = &pcbinfo->hashbase[INP_PCBCONNHASH(hashkey_faddr,
1447 inp->inp_fport, hashkey_laddr, inp->inp_lport, pcbinfo->hashmask)];
1448 LIST_INSERT_HEAD(bucket, inp, inp_hash);
1452 * Remove PCB from connection hash table.
1455 in_pcbremconnhash(struct inpcb *inp)
1457 KASSERT(inp->inp_flags & INP_CONNECTED, ("inp not connected"));
1458 LIST_REMOVE(inp, inp_hash);
1459 inp->inp_flags &= ~INP_CONNECTED;
1463 * Insert PCB into port hash table.
1466 in_pcbinsporthash(struct inpcb *inp)
1468 struct inpcbinfo *pcbinfo = inp->inp_pcbinfo;
1469 struct inpcbporthead *pcbporthash;
1470 struct inpcbport *phd;
1473 * If the porthashbase is shared across several cpus we need
1476 if (pcbinfo->porttoken)
1477 lwkt_gettoken(pcbinfo->porttoken);
1480 * Insert into the port hash table.
1482 pcbporthash = &pcbinfo->porthashbase[
1483 INP_PCBPORTHASH(inp->inp_lport, pcbinfo->porthashmask)];
1485 /* Go through port list and look for a head for this lport. */
1486 LIST_FOREACH(phd, pcbporthash, phd_hash) {
1487 if (phd->phd_port == inp->inp_lport)
1491 /* If none exists, malloc one and tack it on. */
1493 KKASSERT(pcbinfo->portsave != NULL);
1494 phd = pcbinfo->portsave;
1495 pcbinfo->portsave = NULL;
1496 phd->phd_port = inp->inp_lport;
1497 LIST_INIT(&phd->phd_pcblist);
1498 LIST_INSERT_HEAD(pcbporthash, phd, phd_hash);
1502 LIST_INSERT_HEAD(&phd->phd_pcblist, inp, inp_portlist);
1504 if (pcbinfo->porttoken)
1505 lwkt_reltoken(pcbinfo->porttoken);
1506 if (pcbinfo->portsave == NULL) {
1507 pcbinfo->portsave = kmalloc(sizeof(*pcbinfo->portsave),
1508 M_PCB, M_INTWAIT | M_ZERO);
1513 static struct inp_localgroup *
1514 inp_localgroup_alloc(struct inp_localgrphead *hdr, u_char vflag,
1515 uint16_t port, const union in_dependaddr *addr, int size)
1517 struct inp_localgroup *grp;
1519 grp = kmalloc(__offsetof(struct inp_localgroup, il_inp[size]),
1520 M_TEMP, M_INTWAIT | M_ZERO);
1521 grp->il_vflag = vflag;
1522 grp->il_lport = port;
1523 grp->il_dependladdr = *addr;
1524 grp->il_inpsiz = size;
1526 LIST_INSERT_HEAD(hdr, grp, il_list);
1532 inp_localgroup_free(struct inp_localgroup *grp)
1534 LIST_REMOVE(grp, il_list);
1538 static struct inp_localgroup *
1539 inp_localgroup_resize(struct inp_localgrphead *hdr,
1540 struct inp_localgroup *old_grp, int size)
1542 struct inp_localgroup *grp;
1545 grp = inp_localgroup_alloc(hdr, old_grp->il_vflag,
1546 old_grp->il_lport, &old_grp->il_dependladdr, size);
1548 KASSERT(old_grp->il_inpcnt < grp->il_inpsiz,
1549 ("invalid new local group size %d and old local group count %d",
1550 grp->il_inpsiz, old_grp->il_inpcnt));
1551 for (i = 0; i < old_grp->il_inpcnt; ++i)
1552 grp->il_inp[i] = old_grp->il_inp[i];
1553 grp->il_inpcnt = old_grp->il_inpcnt;
1554 grp->il_factor = old_grp->il_factor;
1556 inp_localgroup_free(old_grp);
1562 inp_localgroup_factor(struct inp_localgroup *grp)
1565 ((uint32_t)(0xffff >> ncpus2_shift) / grp->il_inpcnt) + 1;
1566 KASSERT(grp->il_factor != 0, ("invalid local group factor, "
1567 "ncpus2_shift %d, inpcnt %d", ncpus2_shift, grp->il_inpcnt));
1571 in_pcbinslocalgrphash_oncpu(struct inpcb *inp, struct inpcbinfo *pcbinfo)
1573 struct inp_localgrphead *hdr;
1574 struct inp_localgroup *grp;
1577 if (pcbinfo->localgrphashbase == NULL)
1581 * XXX don't allow jailed socket to join local group
1583 if (inp->inp_socket != NULL)
1584 cred = inp->inp_socket->so_cred;
1587 if (cred != NULL && jailed(cred))
1592 * XXX don't allow IPv4 mapped INET6 wild socket
1594 if ((inp->inp_vflag & INP_IPV4) &&
1595 inp->inp_laddr.s_addr == INADDR_ANY &&
1596 INP_CHECK_SOCKAF(inp->inp_socket, AF_INET6))
1600 hdr = &pcbinfo->localgrphashbase[
1601 INP_PCBLOCALGRPHASH(inp->inp_lport, pcbinfo->localgrphashmask)];
1603 LIST_FOREACH(grp, hdr, il_list) {
1604 if (grp->il_vflag == inp->inp_vflag &&
1605 grp->il_lport == inp->inp_lport &&
1606 memcmp(&grp->il_dependladdr,
1607 &inp->inp_inc.inc_ie.ie_dependladdr,
1608 sizeof(grp->il_dependladdr)) == 0) {
1613 /* Create new local group */
1614 grp = inp_localgroup_alloc(hdr, inp->inp_vflag,
1615 inp->inp_lport, &inp->inp_inc.inc_ie.ie_dependladdr,
1616 INP_LOCALGROUP_SIZMIN);
1617 } else if (grp->il_inpcnt == grp->il_inpsiz) {
1618 if (grp->il_inpsiz >= INP_LOCALGROUP_SIZMAX) {
1619 static int limit_logged = 0;
1621 if (!limit_logged) {
1623 kprintf("local group port %d, "
1624 "limit reached\n", ntohs(grp->il_lport));
1629 /* Expand this local group */
1630 grp = inp_localgroup_resize(hdr, grp, grp->il_inpsiz * 2);
1633 KASSERT(grp->il_inpcnt < grp->il_inpsiz,
1634 ("invalid local group size %d and count %d",
1635 grp->il_inpsiz, grp->il_inpcnt));
1636 grp->il_inp[grp->il_inpcnt] = inp;
1638 inp_localgroup_factor(grp);
1642 in_pcbinswildcardhash_oncpu(struct inpcb *inp, struct inpcbinfo *pcbinfo)
1644 struct inpcontainer *ic;
1645 struct inpcontainerhead *bucket;
1647 in_pcbinslocalgrphash_oncpu(inp, pcbinfo);
1649 bucket = &pcbinfo->wildcardhashbase[
1650 INP_PCBWILDCARDHASH(inp->inp_lport, pcbinfo->wildcardhashmask)];
1652 ic = kmalloc(sizeof(struct inpcontainer), M_TEMP, M_INTWAIT);
1654 LIST_INSERT_HEAD(bucket, ic, ic_list);
1658 * Insert PCB into wildcard hash table.
1661 in_pcbinswildcardhash(struct inpcb *inp)
1663 struct inpcbinfo *pcbinfo = inp->inp_pcbinfo;
1665 KASSERT(!(inp->inp_flags & INP_CONNECTED),
1666 ("already on connhash"));
1667 KASSERT(!(inp->inp_flags & INP_WILDCARD),
1668 ("already on wildcardhash"));
1669 inp->inp_flags |= INP_WILDCARD;
1671 in_pcbinswildcardhash_oncpu(inp, pcbinfo);
1675 in_pcbremlocalgrphash_oncpu(struct inpcb *inp, struct inpcbinfo *pcbinfo)
1677 struct inp_localgrphead *hdr;
1678 struct inp_localgroup *grp;
1680 if (pcbinfo->localgrphashbase == NULL)
1683 hdr = &pcbinfo->localgrphashbase[
1684 INP_PCBLOCALGRPHASH(inp->inp_lport, pcbinfo->localgrphashmask)];
1686 LIST_FOREACH(grp, hdr, il_list) {
1689 for (i = 0; i < grp->il_inpcnt; ++i) {
1690 if (grp->il_inp[i] != inp)
1693 if (grp->il_inpcnt == 1) {
1694 /* Free this local group */
1695 inp_localgroup_free(grp);
1697 /* Pull up inpcbs */
1698 for (; i + 1 < grp->il_inpcnt; ++i)
1699 grp->il_inp[i] = grp->il_inp[i + 1];
1701 inp_localgroup_factor(grp);
1703 if (grp->il_inpsiz > INP_LOCALGROUP_SIZMIN &&
1704 grp->il_inpcnt <= (grp->il_inpsiz / 4)) {
1705 /* Shrink this local group */
1706 grp = inp_localgroup_resize(hdr, grp,
1707 grp->il_inpsiz / 2);
1716 in_pcbremwildcardhash_oncpu(struct inpcb *inp, struct inpcbinfo *pcbinfo)
1718 struct inpcontainer *ic;
1719 struct inpcontainerhead *head;
1721 in_pcbremlocalgrphash_oncpu(inp, pcbinfo);
1724 head = &pcbinfo->wildcardhashbase[
1725 INP_PCBWILDCARDHASH(inp->inp_lport, pcbinfo->wildcardhashmask)];
1727 LIST_FOREACH(ic, head, ic_list) {
1728 if (ic->ic_inp == inp)
1731 return; /* not found! */
1734 LIST_REMOVE(ic, ic_list); /* remove container from bucket chain */
1735 kfree(ic, M_TEMP); /* deallocate container */
1739 * Remove PCB from wildcard hash table.
1742 in_pcbremwildcardhash(struct inpcb *inp)
1744 struct inpcbinfo *pcbinfo = inp->inp_pcbinfo;
1746 KASSERT(inp->inp_flags & INP_WILDCARD, ("inp not wildcard"));
1747 in_pcbremwildcardhash_oncpu(inp, pcbinfo);
1748 inp->inp_flags &= ~INP_WILDCARD;
1752 * Remove PCB from various lists.
1755 in_pcbremlists(struct inpcb *inp)
1757 struct inpcbinfo *pcbinfo;
1759 if (inp->inp_lport) {
1760 struct inpcbport *phd;
1762 pcbinfo = inp->inp_pcbinfo;
1763 if (pcbinfo->porttoken)
1764 lwkt_gettoken(pcbinfo->porttoken);
1767 LIST_REMOVE(inp, inp_portlist);
1768 if (LIST_FIRST(&phd->phd_pcblist) == NULL) {
1769 LIST_REMOVE(phd, phd_hash);
1772 if (pcbinfo->porttoken)
1773 lwkt_reltoken(pcbinfo->porttoken);
1775 if (inp->inp_flags & INP_WILDCARD) {
1776 in_pcbremwildcardhash(inp);
1777 } else if (inp->inp_flags & INP_CONNECTED) {
1778 in_pcbremconnhash(inp);
1780 LIST_REMOVE(inp, inp_list);
1781 inp->inp_pcbinfo->ipi_count--;
1785 prison_xinpcb(struct thread *td, struct inpcb *inp)
1789 if (td->td_proc == NULL)
1791 cr = td->td_proc->p_ucred;
1792 if (cr->cr_prison == NULL)
1794 if (inp->inp_socket && inp->inp_socket->so_cred &&
1795 inp->inp_socket->so_cred->cr_prison &&
1796 cr->cr_prison == inp->inp_socket->so_cred->cr_prison)
1802 in_pcblist_global(SYSCTL_HANDLER_ARGS)
1804 struct inpcbinfo *pcbinfo = arg1;
1805 struct inpcb *inp, *marker;
1810 * The process of preparing the TCB list is too time-consuming and
1811 * resource-intensive to repeat twice on every request.
1813 if (req->oldptr == NULL) {
1814 n = pcbinfo->ipi_count;
1815 req->oldidx = (n + n/8 + 10) * sizeof(struct xinpcb);
1819 if (req->newptr != NULL)
1823 * OK, now we're committed to doing something. Re-fetch ipi_count
1824 * after obtaining the generation count.
1826 n = pcbinfo->ipi_count;
1828 marker = kmalloc(sizeof(struct inpcb), M_TEMP, M_WAITOK|M_ZERO);
1829 marker->inp_flags |= INP_PLACEMARKER;
1830 LIST_INSERT_HEAD(&pcbinfo->pcblisthead, marker, inp_list);
1835 while ((inp = LIST_NEXT(marker, inp_list)) != NULL && i < n) {
1836 LIST_REMOVE(marker, inp_list);
1837 LIST_INSERT_AFTER(inp, marker, inp_list);
1839 if (inp->inp_flags & INP_PLACEMARKER)
1841 if (prison_xinpcb(req->td, inp))
1843 bzero(&xi, sizeof xi);
1844 xi.xi_len = sizeof xi;
1845 bcopy(inp, &xi.xi_inp, sizeof *inp);
1846 if (inp->inp_socket)
1847 sotoxsocket(inp->inp_socket, &xi.xi_socket);
1848 if ((error = SYSCTL_OUT(req, &xi, sizeof xi)) != 0)
1852 LIST_REMOVE(marker, inp_list);
1853 if (error == 0 && i < n) {
1854 bzero(&xi, sizeof xi);
1855 xi.xi_len = sizeof xi;
1857 error = SYSCTL_OUT(req, &xi, sizeof xi);
1861 kfree(marker, M_TEMP);
1866 in_pcblist_global_nomarker(SYSCTL_HANDLER_ARGS, struct xinpcb **xi0, int *nxi0)
1868 struct inpcbinfo *pcbinfo = arg1;
1877 * The process of preparing the PCB list is too time-consuming and
1878 * resource-intensive to repeat twice on every request.
1880 if (req->oldptr == NULL) {
1881 int n = pcbinfo->ipi_count;
1883 req->oldidx = (n + n/8 + 10) * sizeof(struct xinpcb);
1887 if (req->newptr != NULL)
1890 if (pcbinfo->ipi_count == 0)
1894 xi = kmalloc(pcbinfo->ipi_count * sizeof(*xi), M_TEMP,
1895 M_WAITOK | M_ZERO | M_NULLOK);
1899 LIST_FOREACH(inp, &pcbinfo->pcblisthead, inp_list) {
1900 struct xinpcb *xi_ptr = &xi[nxi];
1902 if (prison_xinpcb(req->td, inp))
1905 xi_ptr->xi_len = sizeof(*xi_ptr);
1906 bcopy(inp, &xi_ptr->xi_inp, sizeof(*inp));
1907 if (inp->inp_socket)
1908 sotoxsocket(inp->inp_socket, &xi_ptr->xi_socket);
1924 in_savefaddr(struct socket *so, const struct sockaddr *faddr)
1926 struct sockaddr_in *sin;
1928 KASSERT(faddr->sa_family == AF_INET,
1929 ("not AF_INET faddr %d", faddr->sa_family));
1931 sin = kmalloc(sizeof(*sin), M_SONAME, M_WAITOK | M_ZERO);
1932 sin->sin_family = AF_INET;
1933 sin->sin_len = sizeof(*sin);
1934 sin->sin_port = ((const struct sockaddr_in *)faddr)->sin_port;
1935 sin->sin_addr = ((const struct sockaddr_in *)faddr)->sin_addr;
1937 so->so_faddr = (struct sockaddr *)sin;