uipc_mbuf.c revision 153428
1/*- 2 * Copyright (c) 1982, 1986, 1988, 1991, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 4. Neither the name of the University nor the names of its contributors 14 * may be used to endorse or promote products derived from this software 15 * without specific prior written permission. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 * 29 * @(#)uipc_mbuf.c 8.2 (Berkeley) 1/4/94 30 */ 31 32#include <sys/cdefs.h> 33__FBSDID("$FreeBSD: head/sys/kern/uipc_mbuf.c 153428 2005-12-14 23:34:26Z emaste $"); 34 35#include "opt_mac.h" 36#include "opt_param.h" 37#include "opt_mbuf_stress_test.h" 38 39#include <sys/param.h> 40#include <sys/systm.h> 41#include <sys/kernel.h> 42#include <sys/limits.h> 43#include <sys/lock.h> 44#include <sys/mac.h> 45#include <sys/malloc.h> 46#include <sys/mbuf.h> 47#include <sys/sysctl.h> 48#include <sys/domain.h> 49#include <sys/protosw.h> 50#include <sys/uio.h> 51 52int max_linkhdr; 53int max_protohdr; 54int max_hdr; 55int max_datalen; 56#ifdef MBUF_STRESS_TEST 57int m_defragpackets; 58int m_defragbytes; 59int m_defraguseless; 60int m_defragfailure; 61int m_defragrandomfailures; 62#endif 63 64/* 65 * sysctl(8) exported objects 66 */ 67SYSCTL_DECL(_kern_ipc); 68SYSCTL_INT(_kern_ipc, KIPC_MAX_LINKHDR, max_linkhdr, CTLFLAG_RW, 69 &max_linkhdr, 0, ""); 70SYSCTL_INT(_kern_ipc, KIPC_MAX_PROTOHDR, max_protohdr, CTLFLAG_RW, 71 &max_protohdr, 0, ""); 72SYSCTL_INT(_kern_ipc, KIPC_MAX_HDR, max_hdr, CTLFLAG_RW, &max_hdr, 0, ""); 73SYSCTL_INT(_kern_ipc, KIPC_MAX_DATALEN, max_datalen, CTLFLAG_RW, 74 &max_datalen, 0, ""); 75#ifdef MBUF_STRESS_TEST 76SYSCTL_INT(_kern_ipc, OID_AUTO, m_defragpackets, CTLFLAG_RD, 77 &m_defragpackets, 0, ""); 78SYSCTL_INT(_kern_ipc, OID_AUTO, m_defragbytes, CTLFLAG_RD, 79 &m_defragbytes, 0, ""); 80SYSCTL_INT(_kern_ipc, OID_AUTO, m_defraguseless, CTLFLAG_RD, 81 &m_defraguseless, 0, ""); 82SYSCTL_INT(_kern_ipc, OID_AUTO, m_defragfailure, CTLFLAG_RD, 83 &m_defragfailure, 0, ""); 84SYSCTL_INT(_kern_ipc, OID_AUTO, m_defragrandomfailures, CTLFLAG_RW, 85 &m_defragrandomfailures, 0, ""); 86#endif 87 88/* 89 * Allocate a given length worth of mbufs and/or clusters (whatever fits 90 * best) and return a pointer to the top of the allocated chain. If an 91 * existing mbuf chain is provided, then we will append the new chain 92 * to the existing one but still return the top of the newly allocated 93 * chain. 94 */ 95struct mbuf * 96m_getm(struct mbuf *m, int len, int how, short type) 97{ 98 struct mbuf *mb, *top, *cur, *mtail; 99 int num, rem; 100 int i; 101 102 KASSERT(len >= 0, ("m_getm(): len is < 0")); 103 104 /* If m != NULL, we will append to the end of that chain. */ 105 if (m != NULL) 106 for (mtail = m; mtail->m_next != NULL; mtail = mtail->m_next); 107 else 108 mtail = NULL; 109 110 /* 111 * Calculate how many mbufs+clusters ("packets") we need and how much 112 * leftover there is after that and allocate the first mbuf+cluster 113 * if required. 114 */ 115 num = len / MCLBYTES; 116 rem = len % MCLBYTES; 117 top = cur = NULL; 118 if (num > 0) { 119 if ((top = cur = m_getcl(how, type, 0)) == NULL) 120 goto failed; 121 top->m_len = 0; 122 } 123 num--; 124 125 for (i = 0; i < num; i++) { 126 mb = m_getcl(how, type, 0); 127 if (mb == NULL) 128 goto failed; 129 mb->m_len = 0; 130 cur = (cur->m_next = mb); 131 } 132 if (rem > 0) { 133 mb = (rem > MINCLSIZE) ? 134 m_getcl(how, type, 0) : m_get(how, type); 135 if (mb == NULL) 136 goto failed; 137 mb->m_len = 0; 138 if (cur == NULL) 139 top = mb; 140 else 141 cur->m_next = mb; 142 } 143 144 if (mtail != NULL) 145 mtail->m_next = top; 146 return top; 147failed: 148 if (top != NULL) 149 m_freem(top); 150 return NULL; 151} 152 153/* 154 * Free an entire chain of mbufs and associated external buffers, if 155 * applicable. 156 */ 157void 158m_freem(struct mbuf *mb) 159{ 160 161 while (mb != NULL) 162 mb = m_free(mb); 163} 164 165/*- 166 * Configure a provided mbuf to refer to the provided external storage 167 * buffer and setup a reference count for said buffer. If the setting 168 * up of the reference count fails, the M_EXT bit will not be set. If 169 * successfull, the M_EXT bit is set in the mbuf's flags. 170 * 171 * Arguments: 172 * mb The existing mbuf to which to attach the provided buffer. 173 * buf The address of the provided external storage buffer. 174 * size The size of the provided buffer. 175 * freef A pointer to a routine that is responsible for freeing the 176 * provided external storage buffer. 177 * args A pointer to an argument structure (of any type) to be passed 178 * to the provided freef routine (may be NULL). 179 * flags Any other flags to be passed to the provided mbuf. 180 * type The type that the external storage buffer should be 181 * labeled with. 182 * 183 * Returns: 184 * Nothing. 185 */ 186void 187m_extadd(struct mbuf *mb, caddr_t buf, u_int size, 188 void (*freef)(void *, void *), void *args, int flags, int type) 189{ 190 KASSERT(type != EXT_CLUSTER, ("%s: EXT_CLUSTER not allowed", __func__)); 191 192 if (type != EXT_EXTREF) 193 mb->m_ext.ref_cnt = (u_int *)uma_zalloc(zone_ext_refcnt, M_NOWAIT); 194 if (mb->m_ext.ref_cnt != NULL) { 195 *(mb->m_ext.ref_cnt) = 1; 196 mb->m_flags |= (M_EXT | flags); 197 mb->m_ext.ext_buf = buf; 198 mb->m_data = mb->m_ext.ext_buf; 199 mb->m_ext.ext_size = size; 200 mb->m_ext.ext_free = freef; 201 mb->m_ext.ext_args = args; 202 mb->m_ext.ext_type = type; 203 } 204} 205 206/* 207 * Non-directly-exported function to clean up after mbufs with M_EXT 208 * storage attached to them if the reference count hits 1. 209 */ 210void 211mb_free_ext(struct mbuf *m) 212{ 213 KASSERT((m->m_flags & M_EXT) == M_EXT, ("%s: M_EXT not set", __func__)); 214 KASSERT(m->m_ext.ref_cnt != NULL, ("%s: ref_cnt not set", __func__)); 215 216 /* Free attached storage if this mbuf is the only reference to it. */ 217 if (*(m->m_ext.ref_cnt) == 1 || 218 atomic_fetchadd_int(m->m_ext.ref_cnt, -1) == 0) { 219 switch (m->m_ext.ext_type) { 220 case EXT_PACKET: /* The packet zone is special. */ 221 if (*(m->m_ext.ref_cnt) == 0) 222 *(m->m_ext.ref_cnt) = 1; 223 uma_zfree(zone_pack, m); 224 return; /* Job done. */ 225 case EXT_CLUSTER: 226 uma_zfree(zone_clust, m->m_ext.ext_buf); 227 break; 228 case EXT_JUMBO4: 229 uma_zfree(zone_jumbo4, m->m_ext.ext_buf); 230 break; 231 case EXT_JUMBO9: 232 uma_zfree(zone_jumbo9, m->m_ext.ext_buf); 233 break; 234 case EXT_JUMBO16: 235 uma_zfree(zone_jumbo16, m->m_ext.ext_buf); 236 break; 237 case EXT_SFBUF: 238 case EXT_NET_DRV: 239 case EXT_MOD_TYPE: 240 case EXT_DISPOSABLE: 241 *(m->m_ext.ref_cnt) = 0; 242 uma_zfree(zone_ext_refcnt, __DEVOLATILE(u_int *, 243 m->m_ext.ref_cnt)); 244 /* FALLTHROUGH */ 245 case EXT_EXTREF: 246 KASSERT(m->m_ext.ext_free != NULL, 247 ("%s: ext_free not set", __func__)); 248 (*(m->m_ext.ext_free))(m->m_ext.ext_buf, 249 m->m_ext.ext_args); 250 break; 251 default: 252 KASSERT(m->m_ext.ext_type == 0, 253 ("%s: unknown ext_type", __func__)); 254 } 255 } 256 /* 257 * Free this mbuf back to the mbuf zone with all m_ext 258 * information purged. 259 */ 260 m->m_ext.ext_buf = NULL; 261 m->m_ext.ext_free = NULL; 262 m->m_ext.ext_args = NULL; 263 m->m_ext.ref_cnt = NULL; 264 m->m_ext.ext_size = 0; 265 m->m_ext.ext_type = 0; 266 m->m_flags &= ~M_EXT; 267 uma_zfree(zone_mbuf, m); 268} 269 270/* 271 * Attach the the cluster from *m to *n, set up m_ext in *n 272 * and bump the refcount of the cluster. 273 */ 274static void 275mb_dupcl(struct mbuf *n, struct mbuf *m) 276{ 277 KASSERT((m->m_flags & M_EXT) == M_EXT, ("%s: M_EXT not set", __func__)); 278 KASSERT(m->m_ext.ref_cnt != NULL, ("%s: ref_cnt not set", __func__)); 279 KASSERT((n->m_flags & M_EXT) == 0, ("%s: M_EXT set", __func__)); 280 281 if (*(m->m_ext.ref_cnt) == 1) 282 *(m->m_ext.ref_cnt) += 1; 283 else 284 atomic_add_int(m->m_ext.ref_cnt, 1); 285 n->m_ext.ext_buf = m->m_ext.ext_buf; 286 n->m_ext.ext_free = m->m_ext.ext_free; 287 n->m_ext.ext_args = m->m_ext.ext_args; 288 n->m_ext.ext_size = m->m_ext.ext_size; 289 n->m_ext.ref_cnt = m->m_ext.ref_cnt; 290 n->m_ext.ext_type = m->m_ext.ext_type; 291 n->m_flags |= M_EXT; 292} 293 294/* 295 * Clean up mbuf (chain) from any tags and packet headers. 296 * If "all" is set then the first mbuf in the chain will be 297 * cleaned too. 298 */ 299void 300m_demote(struct mbuf *m0, int all) 301{ 302 struct mbuf *m; 303 304 for (m = all ? m0 : m0->m_next; m != NULL; m = m->m_next) { 305 if (m->m_flags & M_PKTHDR) { 306 m_tag_delete_chain(m, NULL); 307 m->m_flags &= ~M_PKTHDR; 308 bzero(&m->m_pkthdr, sizeof(struct pkthdr)); 309 } 310 if (m->m_type == MT_HEADER) 311 m->m_type = MT_DATA; 312 if (m != m0 && m->m_nextpkt != NULL) 313 m->m_nextpkt = NULL; 314 m->m_flags = m->m_flags & (M_EXT|M_EOR|M_RDONLY|M_FREELIST); 315 } 316} 317 318/* 319 * Sanity checks on mbuf (chain) for use in KASSERT() and general 320 * debugging. 321 * Returns 0 or panics when bad and 1 on all tests passed. 322 * Sanitize, 0 to run M_SANITY_ACTION, 1 to garble things so they 323 * blow up later. 324 */ 325int 326m_sanity(struct mbuf *m0, int sanitize) 327{ 328 struct mbuf *m; 329 caddr_t a, b; 330 int pktlen = 0; 331 332#define M_SANITY_ACTION(s) return (0) 333/* #define M_SANITY_ACTION(s) panic("mbuf %p: " s, m) */ 334 335 for (m = m0; m != NULL; m = m->m_next) { 336 /* 337 * Basic pointer checks. If any of these fails then some 338 * unrelated kernel memory before or after us is trashed. 339 * No way to recover from that. 340 */ 341 a = ((m->m_flags & M_EXT) ? m->m_ext.ext_buf : 342 ((m->m_flags & M_PKTHDR) ? (caddr_t)(&m->m_pktdat) : 343 (caddr_t)(&m->m_dat)) ); 344 b = (caddr_t)(a + (m->m_flags & M_EXT ? m->m_ext.ext_size : 345 ((m->m_flags & M_PKTHDR) ? MHLEN : MLEN))); 346 if ((caddr_t)m->m_data < a) 347 M_SANITY_ACTION("m_data outside mbuf data range left"); 348 if ((caddr_t)m->m_data > b) 349 M_SANITY_ACTION("m_data outside mbuf data range right"); 350 if ((caddr_t)m->m_data + m->m_len > b) 351 M_SANITY_ACTION("m_data + m_len exeeds mbuf space"); 352 if ((m->m_flags & M_PKTHDR) && m->m_pkthdr.header) { 353 if ((caddr_t)m->m_pkthdr.header < a || 354 (caddr_t)m->m_pkthdr.header > b) 355 M_SANITY_ACTION("m_pkthdr.header outside mbuf data range"); 356 } 357 358 /* m->m_nextpkt may only be set on first mbuf in chain. */ 359 if (m != m0 && m->m_nextpkt != NULL) { 360 if (sanitize) { 361 m_freem(m->m_nextpkt); 362 m->m_nextpkt = (struct mbuf *)0xDEADC0DE; 363 } else 364 M_SANITY_ACTION("m->m_nextpkt on in-chain mbuf"); 365 } 366 367 /* correct type correlations. */ 368 if (m->m_type == MT_HEADER && !(m->m_flags & M_PKTHDR)) { 369 if (sanitize) 370 m->m_type = MT_DATA; 371 else 372 M_SANITY_ACTION("MT_HEADER set but not M_PKTHDR"); 373 } 374 375 /* packet length (not mbuf length!) calculation */ 376 if (m0->m_flags & M_PKTHDR) 377 pktlen += m->m_len; 378 379 /* m_tags may only be attached to first mbuf in chain. */ 380 if (m != m0 && m->m_flags & M_PKTHDR && 381 !SLIST_EMPTY(&m->m_pkthdr.tags)) { 382 if (sanitize) { 383 m_tag_delete_chain(m, NULL); 384 /* put in 0xDEADC0DE perhaps? */ 385 } else 386 M_SANITY_ACTION("m_tags on in-chain mbuf"); 387 } 388 389 /* M_PKTHDR may only be set on first mbuf in chain */ 390 if (m != m0 && m->m_flags & M_PKTHDR) { 391 if (sanitize) { 392 bzero(&m->m_pkthdr, sizeof(m->m_pkthdr)); 393 m->m_flags &= ~M_PKTHDR; 394 /* put in 0xDEADCODE and leave hdr flag in */ 395 } else 396 M_SANITY_ACTION("M_PKTHDR on in-chain mbuf"); 397 } 398 } 399 m = m0; 400 if (pktlen && pktlen != m->m_pkthdr.len) { 401 if (sanitize) 402 m->m_pkthdr.len = 0; 403 else 404 M_SANITY_ACTION("m_pkthdr.len != mbuf chain length"); 405 } 406 return 1; 407 408#undef M_SANITY_ACTION 409} 410 411 412/* 413 * "Move" mbuf pkthdr from "from" to "to". 414 * "from" must have M_PKTHDR set, and "to" must be empty. 415 */ 416void 417m_move_pkthdr(struct mbuf *to, struct mbuf *from) 418{ 419 420#if 0 421 /* see below for why these are not enabled */ 422 M_ASSERTPKTHDR(to); 423 /* Note: with MAC, this may not be a good assertion. */ 424 KASSERT(SLIST_EMPTY(&to->m_pkthdr.tags), 425 ("m_move_pkthdr: to has tags")); 426#endif 427#ifdef MAC 428 /* 429 * XXXMAC: It could be this should also occur for non-MAC? 430 */ 431 if (to->m_flags & M_PKTHDR) 432 m_tag_delete_chain(to, NULL); 433#endif 434 to->m_flags = (from->m_flags & M_COPYFLAGS) | (to->m_flags & M_EXT); 435 if ((to->m_flags & M_EXT) == 0) 436 to->m_data = to->m_pktdat; 437 to->m_pkthdr = from->m_pkthdr; /* especially tags */ 438 SLIST_INIT(&from->m_pkthdr.tags); /* purge tags from src */ 439 from->m_flags &= ~M_PKTHDR; 440} 441 442/* 443 * Duplicate "from"'s mbuf pkthdr in "to". 444 * "from" must have M_PKTHDR set, and "to" must be empty. 445 * In particular, this does a deep copy of the packet tags. 446 */ 447int 448m_dup_pkthdr(struct mbuf *to, struct mbuf *from, int how) 449{ 450 451#if 0 452 /* 453 * The mbuf allocator only initializes the pkthdr 454 * when the mbuf is allocated with MGETHDR. Many users 455 * (e.g. m_copy*, m_prepend) use MGET and then 456 * smash the pkthdr as needed causing these 457 * assertions to trip. For now just disable them. 458 */ 459 M_ASSERTPKTHDR(to); 460 /* Note: with MAC, this may not be a good assertion. */ 461 KASSERT(SLIST_EMPTY(&to->m_pkthdr.tags), ("m_dup_pkthdr: to has tags")); 462#endif 463 MBUF_CHECKSLEEP(how); 464#ifdef MAC 465 if (to->m_flags & M_PKTHDR) 466 m_tag_delete_chain(to, NULL); 467#endif 468 to->m_flags = (from->m_flags & M_COPYFLAGS) | (to->m_flags & M_EXT); 469 if ((to->m_flags & M_EXT) == 0) 470 to->m_data = to->m_pktdat; 471 to->m_pkthdr = from->m_pkthdr; 472 SLIST_INIT(&to->m_pkthdr.tags); 473 return (m_tag_copy_chain(to, from, MBTOM(how))); 474} 475 476/* 477 * Lesser-used path for M_PREPEND: 478 * allocate new mbuf to prepend to chain, 479 * copy junk along. 480 */ 481struct mbuf * 482m_prepend(struct mbuf *m, int len, int how) 483{ 484 struct mbuf *mn; 485 486 if (m->m_flags & M_PKTHDR) 487 MGETHDR(mn, how, m->m_type); 488 else 489 MGET(mn, how, m->m_type); 490 if (mn == NULL) { 491 m_freem(m); 492 return (NULL); 493 } 494 if (m->m_flags & M_PKTHDR) 495 M_MOVE_PKTHDR(mn, m); 496 mn->m_next = m; 497 m = mn; 498 if (len < MHLEN) 499 MH_ALIGN(m, len); 500 m->m_len = len; 501 return (m); 502} 503 504/* 505 * Make a copy of an mbuf chain starting "off0" bytes from the beginning, 506 * continuing for "len" bytes. If len is M_COPYALL, copy to end of mbuf. 507 * The wait parameter is a choice of M_TRYWAIT/M_DONTWAIT from caller. 508 * Note that the copy is read-only, because clusters are not copied, 509 * only their reference counts are incremented. 510 */ 511struct mbuf * 512m_copym(struct mbuf *m, int off0, int len, int wait) 513{ 514 struct mbuf *n, **np; 515 int off = off0; 516 struct mbuf *top; 517 int copyhdr = 0; 518 519 KASSERT(off >= 0, ("m_copym, negative off %d", off)); 520 KASSERT(len >= 0, ("m_copym, negative len %d", len)); 521 MBUF_CHECKSLEEP(wait); 522 if (off == 0 && m->m_flags & M_PKTHDR) 523 copyhdr = 1; 524 while (off > 0) { 525 KASSERT(m != NULL, ("m_copym, offset > size of mbuf chain")); 526 if (off < m->m_len) 527 break; 528 off -= m->m_len; 529 m = m->m_next; 530 } 531 np = ⊤ 532 top = 0; 533 while (len > 0) { 534 if (m == NULL) { 535 KASSERT(len == M_COPYALL, 536 ("m_copym, length > size of mbuf chain")); 537 break; 538 } 539 if (copyhdr) 540 MGETHDR(n, wait, m->m_type); 541 else 542 MGET(n, wait, m->m_type); 543 *np = n; 544 if (n == NULL) 545 goto nospace; 546 if (copyhdr) { 547 if (!m_dup_pkthdr(n, m, wait)) 548 goto nospace; 549 if (len == M_COPYALL) 550 n->m_pkthdr.len -= off0; 551 else 552 n->m_pkthdr.len = len; 553 copyhdr = 0; 554 } 555 n->m_len = min(len, m->m_len - off); 556 if (m->m_flags & M_EXT) { 557 n->m_data = m->m_data + off; 558 mb_dupcl(n, m); 559 } else 560 bcopy(mtod(m, caddr_t)+off, mtod(n, caddr_t), 561 (u_int)n->m_len); 562 if (len != M_COPYALL) 563 len -= n->m_len; 564 off = 0; 565 m = m->m_next; 566 np = &n->m_next; 567 } 568 if (top == NULL) 569 mbstat.m_mcfail++; /* XXX: No consistency. */ 570 571 return (top); 572nospace: 573 m_freem(top); 574 mbstat.m_mcfail++; /* XXX: No consistency. */ 575 return (NULL); 576} 577 578/* 579 * Returns mbuf chain with new head for the prepending case. 580 * Copies from mbuf (chain) n from off for len to mbuf (chain) m 581 * either prepending or appending the data. 582 * The resulting mbuf (chain) m is fully writeable. 583 * m is destination (is made writeable) 584 * n is source, off is offset in source, len is len from offset 585 * dir, 0 append, 1 prepend 586 * how, wait or nowait 587 */ 588 589static int 590m_bcopyxxx(void *s, void *t, u_int len) 591{ 592 bcopy(s, t, (size_t)len); 593 return 0; 594} 595 596struct mbuf * 597m_copymdata(struct mbuf *m, struct mbuf *n, int off, int len, 598 int prep, int how) 599{ 600 struct mbuf *mm, *x, *z, *prev = NULL; 601 caddr_t p; 602 int i, nlen = 0; 603 caddr_t buf[MLEN]; 604 605 KASSERT(m != NULL && n != NULL, ("m_copymdata, no target or source")); 606 KASSERT(off >= 0, ("m_copymdata, negative off %d", off)); 607 KASSERT(len >= 0, ("m_copymdata, negative len %d", len)); 608 KASSERT(prep == 0 || prep == 1, ("m_copymdata, unknown direction %d", prep)); 609 610 mm = m; 611 if (!prep) { 612 while(mm->m_next) { 613 prev = mm; 614 mm = mm->m_next; 615 } 616 } 617 for (z = n; z != NULL; z = z->m_next) 618 nlen += z->m_len; 619 if (len == M_COPYALL) 620 len = nlen - off; 621 if (off + len > nlen || len < 1) 622 return NULL; 623 624 if (!M_WRITABLE(mm)) { 625 /* XXX: Use proper m_xxx function instead. */ 626 x = m_getcl(how, MT_DATA, mm->m_flags); 627 if (x == NULL) 628 return NULL; 629 bcopy(mm->m_ext.ext_buf, x->m_ext.ext_buf, x->m_ext.ext_size); 630 p = x->m_ext.ext_buf + (mm->m_data - mm->m_ext.ext_buf); 631 x->m_data = p; 632 mm->m_next = NULL; 633 if (mm != m) 634 prev->m_next = x; 635 m_free(mm); 636 mm = x; 637 } 638 639 /* 640 * Append/prepend the data. Allocating mbufs as necessary. 641 */ 642 /* Shortcut if enough free space in first/last mbuf. */ 643 if (!prep && M_TRAILINGSPACE(mm) >= len) { 644 m_apply(n, off, len, m_bcopyxxx, mtod(mm, caddr_t) + 645 mm->m_len); 646 mm->m_len += len; 647 mm->m_pkthdr.len += len; 648 return m; 649 } 650 if (prep && M_LEADINGSPACE(mm) >= len) { 651 mm->m_data = mtod(mm, caddr_t) - len; 652 m_apply(n, off, len, m_bcopyxxx, mtod(mm, caddr_t)); 653 mm->m_len += len; 654 mm->m_pkthdr.len += len; 655 return mm; 656 } 657 658 /* Expand first/last mbuf to cluster if possible. */ 659 if (!prep && !(mm->m_flags & M_EXT) && len > M_TRAILINGSPACE(mm)) { 660 bcopy(mm->m_data, &buf, mm->m_len); 661 m_clget(mm, how); 662 if (!(mm->m_flags & M_EXT)) 663 return NULL; 664 bcopy(&buf, mm->m_ext.ext_buf, mm->m_len); 665 mm->m_data = mm->m_ext.ext_buf; 666 mm->m_pkthdr.header = NULL; 667 } 668 if (prep && !(mm->m_flags & M_EXT) && len > M_LEADINGSPACE(mm)) { 669 bcopy(mm->m_data, &buf, mm->m_len); 670 m_clget(mm, how); 671 if (!(mm->m_flags & M_EXT)) 672 return NULL; 673 bcopy(&buf, (caddr_t *)mm->m_ext.ext_buf + 674 mm->m_ext.ext_size - mm->m_len, mm->m_len); 675 mm->m_data = (caddr_t)mm->m_ext.ext_buf + 676 mm->m_ext.ext_size - mm->m_len; 677 mm->m_pkthdr.header = NULL; 678 } 679 680 /* Append/prepend as many mbuf (clusters) as necessary to fit len. */ 681 if (!prep && len > M_TRAILINGSPACE(mm)) { 682 if (!m_getm(mm, len - M_TRAILINGSPACE(mm), how, MT_DATA)) 683 return NULL; 684 } 685 if (prep && len > M_LEADINGSPACE(mm)) { 686 if (!(z = m_getm(NULL, len - M_LEADINGSPACE(mm), how, MT_DATA))) 687 return NULL; 688 i = 0; 689 for (x = z; x != NULL; x = x->m_next) { 690 i += x->m_flags & M_EXT ? x->m_ext.ext_size : 691 (x->m_flags & M_PKTHDR ? MHLEN : MLEN); 692 if (!x->m_next) 693 break; 694 } 695 z->m_data += i - len; 696 m_move_pkthdr(mm, z); 697 x->m_next = mm; 698 mm = z; 699 } 700 701 /* Seek to start position in source mbuf. Optimization for long chains. */ 702 while (off > 0) { 703 if (off < n->m_len) 704 break; 705 off -= n->m_len; 706 n = n->m_next; 707 } 708 709 /* Copy data into target mbuf. */ 710 z = mm; 711 while (len > 0) { 712 KASSERT(z != NULL, ("m_copymdata, falling off target edge")); 713 i = M_TRAILINGSPACE(z); 714 m_apply(n, off, i, m_bcopyxxx, mtod(z, caddr_t) + z->m_len); 715 z->m_len += i; 716 /* fixup pkthdr.len if necessary */ 717 if ((prep ? mm : m)->m_flags & M_PKTHDR) 718 (prep ? mm : m)->m_pkthdr.len += i; 719 off += i; 720 len -= i; 721 z = z->m_next; 722 } 723 return (prep ? mm : m); 724} 725 726/* 727 * Copy an entire packet, including header (which must be present). 728 * An optimization of the common case `m_copym(m, 0, M_COPYALL, how)'. 729 * Note that the copy is read-only, because clusters are not copied, 730 * only their reference counts are incremented. 731 * Preserve alignment of the first mbuf so if the creator has left 732 * some room at the beginning (e.g. for inserting protocol headers) 733 * the copies still have the room available. 734 */ 735struct mbuf * 736m_copypacket(struct mbuf *m, int how) 737{ 738 struct mbuf *top, *n, *o; 739 740 MBUF_CHECKSLEEP(how); 741 MGET(n, how, m->m_type); 742 top = n; 743 if (n == NULL) 744 goto nospace; 745 746 if (!m_dup_pkthdr(n, m, how)) 747 goto nospace; 748 n->m_len = m->m_len; 749 if (m->m_flags & M_EXT) { 750 n->m_data = m->m_data; 751 mb_dupcl(n, m); 752 } else { 753 n->m_data = n->m_pktdat + (m->m_data - m->m_pktdat ); 754 bcopy(mtod(m, char *), mtod(n, char *), n->m_len); 755 } 756 757 m = m->m_next; 758 while (m) { 759 MGET(o, how, m->m_type); 760 if (o == NULL) 761 goto nospace; 762 763 n->m_next = o; 764 n = n->m_next; 765 766 n->m_len = m->m_len; 767 if (m->m_flags & M_EXT) { 768 n->m_data = m->m_data; 769 mb_dupcl(n, m); 770 } else { 771 bcopy(mtod(m, char *), mtod(n, char *), n->m_len); 772 } 773 774 m = m->m_next; 775 } 776 return top; 777nospace: 778 m_freem(top); 779 mbstat.m_mcfail++; /* XXX: No consistency. */ 780 return (NULL); 781} 782 783/* 784 * Copy data from an mbuf chain starting "off" bytes from the beginning, 785 * continuing for "len" bytes, into the indicated buffer. 786 */ 787void 788m_copydata(const struct mbuf *m, int off, int len, caddr_t cp) 789{ 790 u_int count; 791 792 KASSERT(off >= 0, ("m_copydata, negative off %d", off)); 793 KASSERT(len >= 0, ("m_copydata, negative len %d", len)); 794 while (off > 0) { 795 KASSERT(m != NULL, ("m_copydata, offset > size of mbuf chain")); 796 if (off < m->m_len) 797 break; 798 off -= m->m_len; 799 m = m->m_next; 800 } 801 while (len > 0) { 802 KASSERT(m != NULL, ("m_copydata, length > size of mbuf chain")); 803 count = min(m->m_len - off, len); 804 bcopy(mtod(m, caddr_t) + off, cp, count); 805 len -= count; 806 cp += count; 807 off = 0; 808 m = m->m_next; 809 } 810} 811 812/* 813 * Copy a packet header mbuf chain into a completely new chain, including 814 * copying any mbuf clusters. Use this instead of m_copypacket() when 815 * you need a writable copy of an mbuf chain. 816 */ 817struct mbuf * 818m_dup(struct mbuf *m, int how) 819{ 820 struct mbuf **p, *top = NULL; 821 int remain, moff, nsize; 822 823 MBUF_CHECKSLEEP(how); 824 /* Sanity check */ 825 if (m == NULL) 826 return (NULL); 827 M_ASSERTPKTHDR(m); 828 829 /* While there's more data, get a new mbuf, tack it on, and fill it */ 830 remain = m->m_pkthdr.len; 831 moff = 0; 832 p = ⊤ 833 while (remain > 0 || top == NULL) { /* allow m->m_pkthdr.len == 0 */ 834 struct mbuf *n; 835 836 /* Get the next new mbuf */ 837 if (remain >= MINCLSIZE) { 838 n = m_getcl(how, m->m_type, 0); 839 nsize = MCLBYTES; 840 } else { 841 n = m_get(how, m->m_type); 842 nsize = MLEN; 843 } 844 if (n == NULL) 845 goto nospace; 846 847 if (top == NULL) { /* First one, must be PKTHDR */ 848 if (!m_dup_pkthdr(n, m, how)) { 849 m_free(n); 850 goto nospace; 851 } 852 if ((n->m_flags & M_EXT) == 0) 853 nsize = MHLEN; 854 } 855 n->m_len = 0; 856 857 /* Link it into the new chain */ 858 *p = n; 859 p = &n->m_next; 860 861 /* Copy data from original mbuf(s) into new mbuf */ 862 while (n->m_len < nsize && m != NULL) { 863 int chunk = min(nsize - n->m_len, m->m_len - moff); 864 865 bcopy(m->m_data + moff, n->m_data + n->m_len, chunk); 866 moff += chunk; 867 n->m_len += chunk; 868 remain -= chunk; 869 if (moff == m->m_len) { 870 m = m->m_next; 871 moff = 0; 872 } 873 } 874 875 /* Check correct total mbuf length */ 876 KASSERT((remain > 0 && m != NULL) || (remain == 0 && m == NULL), 877 ("%s: bogus m_pkthdr.len", __func__)); 878 } 879 return (top); 880 881nospace: 882 m_freem(top); 883 mbstat.m_mcfail++; /* XXX: No consistency. */ 884 return (NULL); 885} 886 887/* 888 * Concatenate mbuf chain n to m. 889 * Both chains must be of the same type (e.g. MT_DATA). 890 * Any m_pkthdr is not updated. 891 */ 892void 893m_cat(struct mbuf *m, struct mbuf *n) 894{ 895 while (m->m_next) 896 m = m->m_next; 897 while (n) { 898 if (m->m_flags & M_EXT || 899 m->m_data + m->m_len + n->m_len >= &m->m_dat[MLEN]) { 900 /* just join the two chains */ 901 m->m_next = n; 902 return; 903 } 904 /* splat the data from one into the other */ 905 bcopy(mtod(n, caddr_t), mtod(m, caddr_t) + m->m_len, 906 (u_int)n->m_len); 907 m->m_len += n->m_len; 908 n = m_free(n); 909 } 910} 911 912void 913m_adj(struct mbuf *mp, int req_len) 914{ 915 int len = req_len; 916 struct mbuf *m; 917 int count; 918 919 if ((m = mp) == NULL) 920 return; 921 if (len >= 0) { 922 /* 923 * Trim from head. 924 */ 925 while (m != NULL && len > 0) { 926 if (m->m_len <= len) { 927 len -= m->m_len; 928 m->m_len = 0; 929 m = m->m_next; 930 } else { 931 m->m_len -= len; 932 m->m_data += len; 933 len = 0; 934 } 935 } 936 m = mp; 937 if (mp->m_flags & M_PKTHDR) 938 m->m_pkthdr.len -= (req_len - len); 939 } else { 940 /* 941 * Trim from tail. Scan the mbuf chain, 942 * calculating its length and finding the last mbuf. 943 * If the adjustment only affects this mbuf, then just 944 * adjust and return. Otherwise, rescan and truncate 945 * after the remaining size. 946 */ 947 len = -len; 948 count = 0; 949 for (;;) { 950 count += m->m_len; 951 if (m->m_next == (struct mbuf *)0) 952 break; 953 m = m->m_next; 954 } 955 if (m->m_len >= len) { 956 m->m_len -= len; 957 if (mp->m_flags & M_PKTHDR) 958 mp->m_pkthdr.len -= len; 959 return; 960 } 961 count -= len; 962 if (count < 0) 963 count = 0; 964 /* 965 * Correct length for chain is "count". 966 * Find the mbuf with last data, adjust its length, 967 * and toss data from remaining mbufs on chain. 968 */ 969 m = mp; 970 if (m->m_flags & M_PKTHDR) 971 m->m_pkthdr.len = count; 972 for (; m; m = m->m_next) { 973 if (m->m_len >= count) { 974 m->m_len = count; 975 if (m->m_next != NULL) { 976 m_freem(m->m_next); 977 m->m_next = NULL; 978 } 979 break; 980 } 981 count -= m->m_len; 982 } 983 } 984} 985 986/* 987 * Rearange an mbuf chain so that len bytes are contiguous 988 * and in the data area of an mbuf (so that mtod and dtom 989 * will work for a structure of size len). Returns the resulting 990 * mbuf chain on success, frees it and returns null on failure. 991 * If there is room, it will add up to max_protohdr-len extra bytes to the 992 * contiguous region in an attempt to avoid being called next time. 993 */ 994struct mbuf * 995m_pullup(struct mbuf *n, int len) 996{ 997 struct mbuf *m; 998 int count; 999 int space; 1000 1001 /* 1002 * If first mbuf has no cluster, and has room for len bytes 1003 * without shifting current data, pullup into it, 1004 * otherwise allocate a new mbuf to prepend to the chain. 1005 */ 1006 if ((n->m_flags & M_EXT) == 0 && 1007 n->m_data + len < &n->m_dat[MLEN] && n->m_next) { 1008 if (n->m_len >= len) 1009 return (n); 1010 m = n; 1011 n = n->m_next; 1012 len -= m->m_len; 1013 } else { 1014 if (len > MHLEN) 1015 goto bad; 1016 MGET(m, M_DONTWAIT, n->m_type); 1017 if (m == NULL) 1018 goto bad; 1019 m->m_len = 0; 1020 if (n->m_flags & M_PKTHDR) 1021 M_MOVE_PKTHDR(m, n); 1022 } 1023 space = &m->m_dat[MLEN] - (m->m_data + m->m_len); 1024 do { 1025 count = min(min(max(len, max_protohdr), space), n->m_len); 1026 bcopy(mtod(n, caddr_t), mtod(m, caddr_t) + m->m_len, 1027 (u_int)count); 1028 len -= count; 1029 m->m_len += count; 1030 n->m_len -= count; 1031 space -= count; 1032 if (n->m_len) 1033 n->m_data += count; 1034 else 1035 n = m_free(n); 1036 } while (len > 0 && n); 1037 if (len > 0) { 1038 (void) m_free(m); 1039 goto bad; 1040 } 1041 m->m_next = n; 1042 return (m); 1043bad: 1044 m_freem(n); 1045 mbstat.m_mpfail++; /* XXX: No consistency. */ 1046 return (NULL); 1047} 1048 1049/* 1050 * Like m_pullup(), except a new mbuf is always allocated, and we allow 1051 * the amount of empty space before the data in the new mbuf to be specified 1052 * (in the event that the caller expects to prepend later). 1053 */ 1054int MSFail; 1055 1056struct mbuf * 1057m_copyup(struct mbuf *n, int len, int dstoff) 1058{ 1059 struct mbuf *m; 1060 int count, space; 1061 1062 if (len > (MHLEN - dstoff)) 1063 goto bad; 1064 MGET(m, M_DONTWAIT, n->m_type); 1065 if (m == NULL) 1066 goto bad; 1067 m->m_len = 0; 1068 if (n->m_flags & M_PKTHDR) 1069 M_MOVE_PKTHDR(m, n); 1070 m->m_data += dstoff; 1071 space = &m->m_dat[MLEN] - (m->m_data + m->m_len); 1072 do { 1073 count = min(min(max(len, max_protohdr), space), n->m_len); 1074 memcpy(mtod(m, caddr_t) + m->m_len, mtod(n, caddr_t), 1075 (unsigned)count); 1076 len -= count; 1077 m->m_len += count; 1078 n->m_len -= count; 1079 space -= count; 1080 if (n->m_len) 1081 n->m_data += count; 1082 else 1083 n = m_free(n); 1084 } while (len > 0 && n); 1085 if (len > 0) { 1086 (void) m_free(m); 1087 goto bad; 1088 } 1089 m->m_next = n; 1090 return (m); 1091 bad: 1092 m_freem(n); 1093 MSFail++; 1094 return (NULL); 1095} 1096 1097/* 1098 * Partition an mbuf chain in two pieces, returning the tail -- 1099 * all but the first len0 bytes. In case of failure, it returns NULL and 1100 * attempts to restore the chain to its original state. 1101 * 1102 * Note that the resulting mbufs might be read-only, because the new 1103 * mbuf can end up sharing an mbuf cluster with the original mbuf if 1104 * the "breaking point" happens to lie within a cluster mbuf. Use the 1105 * M_WRITABLE() macro to check for this case. 1106 */ 1107struct mbuf * 1108m_split(struct mbuf *m0, int len0, int wait) 1109{ 1110 struct mbuf *m, *n; 1111 u_int len = len0, remain; 1112 1113 MBUF_CHECKSLEEP(wait); 1114 for (m = m0; m && len > m->m_len; m = m->m_next) 1115 len -= m->m_len; 1116 if (m == NULL) 1117 return (NULL); 1118 remain = m->m_len - len; 1119 if (m0->m_flags & M_PKTHDR) { 1120 MGETHDR(n, wait, m0->m_type); 1121 if (n == NULL) 1122 return (NULL); 1123 n->m_pkthdr.rcvif = m0->m_pkthdr.rcvif; 1124 n->m_pkthdr.len = m0->m_pkthdr.len - len0; 1125 m0->m_pkthdr.len = len0; 1126 if (m->m_flags & M_EXT) 1127 goto extpacket; 1128 if (remain > MHLEN) { 1129 /* m can't be the lead packet */ 1130 MH_ALIGN(n, 0); 1131 n->m_next = m_split(m, len, wait); 1132 if (n->m_next == NULL) { 1133 (void) m_free(n); 1134 return (NULL); 1135 } else { 1136 n->m_len = 0; 1137 return (n); 1138 } 1139 } else 1140 MH_ALIGN(n, remain); 1141 } else if (remain == 0) { 1142 n = m->m_next; 1143 m->m_next = NULL; 1144 return (n); 1145 } else { 1146 MGET(n, wait, m->m_type); 1147 if (n == NULL) 1148 return (NULL); 1149 M_ALIGN(n, remain); 1150 } 1151extpacket: 1152 if (m->m_flags & M_EXT) { 1153 n->m_data = m->m_data + len; 1154 mb_dupcl(n, m); 1155 } else { 1156 bcopy(mtod(m, caddr_t) + len, mtod(n, caddr_t), remain); 1157 } 1158 n->m_len = remain; 1159 m->m_len = len; 1160 n->m_next = m->m_next; 1161 m->m_next = NULL; 1162 return (n); 1163} 1164/* 1165 * Routine to copy from device local memory into mbufs. 1166 * Note that `off' argument is offset into first mbuf of target chain from 1167 * which to begin copying the data to. 1168 */ 1169struct mbuf * 1170m_devget(char *buf, int totlen, int off, struct ifnet *ifp, 1171 void (*copy)(char *from, caddr_t to, u_int len)) 1172{ 1173 struct mbuf *m; 1174 struct mbuf *top = NULL, **mp = ⊤ 1175 int len; 1176 1177 if (off < 0 || off > MHLEN) 1178 return (NULL); 1179 1180 while (totlen > 0) { 1181 if (top == NULL) { /* First one, must be PKTHDR */ 1182 if (totlen + off >= MINCLSIZE) { 1183 m = m_getcl(M_DONTWAIT, MT_DATA, M_PKTHDR); 1184 len = MCLBYTES; 1185 } else { 1186 m = m_gethdr(M_DONTWAIT, MT_DATA); 1187 len = MHLEN; 1188 1189 /* Place initial small packet/header at end of mbuf */ 1190 if (m && totlen + off + max_linkhdr <= MLEN) { 1191 m->m_data += max_linkhdr; 1192 len -= max_linkhdr; 1193 } 1194 } 1195 if (m == NULL) 1196 return NULL; 1197 m->m_pkthdr.rcvif = ifp; 1198 m->m_pkthdr.len = totlen; 1199 } else { 1200 if (totlen + off >= MINCLSIZE) { 1201 m = m_getcl(M_DONTWAIT, MT_DATA, 0); 1202 len = MCLBYTES; 1203 } else { 1204 m = m_get(M_DONTWAIT, MT_DATA); 1205 len = MLEN; 1206 } 1207 if (m == NULL) { 1208 m_freem(top); 1209 return NULL; 1210 } 1211 } 1212 if (off) { 1213 m->m_data += off; 1214 len -= off; 1215 off = 0; 1216 } 1217 m->m_len = len = min(totlen, len); 1218 if (copy) 1219 copy(buf, mtod(m, caddr_t), (u_int)len); 1220 else 1221 bcopy(buf, mtod(m, caddr_t), (u_int)len); 1222 buf += len; 1223 *mp = m; 1224 mp = &m->m_next; 1225 totlen -= len; 1226 } 1227 return (top); 1228} 1229 1230/* 1231 * Copy data from a buffer back into the indicated mbuf chain, 1232 * starting "off" bytes from the beginning, extending the mbuf 1233 * chain if necessary. 1234 */ 1235void 1236m_copyback(struct mbuf *m0, int off, int len, c_caddr_t cp) 1237{ 1238 int mlen; 1239 struct mbuf *m = m0, *n; 1240 int totlen = 0; 1241 1242 if (m0 == NULL) 1243 return; 1244 while (off > (mlen = m->m_len)) { 1245 off -= mlen; 1246 totlen += mlen; 1247 if (m->m_next == NULL) { 1248 n = m_get(M_DONTWAIT, m->m_type); 1249 if (n == NULL) 1250 goto out; 1251 bzero(mtod(n, caddr_t), MLEN); 1252 n->m_len = min(MLEN, len + off); 1253 m->m_next = n; 1254 } 1255 m = m->m_next; 1256 } 1257 while (len > 0) { 1258 mlen = min (m->m_len - off, len); 1259 bcopy(cp, off + mtod(m, caddr_t), (u_int)mlen); 1260 cp += mlen; 1261 len -= mlen; 1262 mlen += off; 1263 off = 0; 1264 totlen += mlen; 1265 if (len == 0) 1266 break; 1267 if (m->m_next == NULL) { 1268 n = m_get(M_DONTWAIT, m->m_type); 1269 if (n == NULL) 1270 break; 1271 n->m_len = min(MLEN, len); 1272 m->m_next = n; 1273 } 1274 m = m->m_next; 1275 } 1276out: if (((m = m0)->m_flags & M_PKTHDR) && (m->m_pkthdr.len < totlen)) 1277 m->m_pkthdr.len = totlen; 1278} 1279 1280/* 1281 * Append the specified data to the indicated mbuf chain, 1282 * Extend the mbuf chain if the new data does not fit in 1283 * existing space. 1284 * 1285 * Return 1 if able to complete the job; otherwise 0. 1286 */ 1287int 1288m_append(struct mbuf *m0, int len, c_caddr_t cp) 1289{ 1290 struct mbuf *m, *n; 1291 int remainder, space; 1292 1293 for (m = m0; m->m_next != NULL; m = m->m_next) 1294 ; 1295 remainder = len; 1296 space = M_TRAILINGSPACE(m); 1297 if (space > 0) { 1298 /* 1299 * Copy into available space. 1300 */ 1301 if (space > remainder) 1302 space = remainder; 1303 bcopy(cp, mtod(m, caddr_t) + m->m_len, space); 1304 m->m_len += space; 1305 cp += space, remainder -= space; 1306 } 1307 while (remainder > 0) { 1308 /* 1309 * Allocate a new mbuf; could check space 1310 * and allocate a cluster instead. 1311 */ 1312 n = m_get(M_DONTWAIT, m->m_type); 1313 if (n == NULL) 1314 break; 1315 n->m_len = min(MLEN, remainder); 1316 bcopy(cp, mtod(n, caddr_t), n->m_len); 1317 cp += n->m_len, remainder -= n->m_len; 1318 m->m_next = n; 1319 m = n; 1320 } 1321 if (m0->m_flags & M_PKTHDR) 1322 m0->m_pkthdr.len += len - remainder; 1323 return (remainder == 0); 1324} 1325 1326/* 1327 * Apply function f to the data in an mbuf chain starting "off" bytes from 1328 * the beginning, continuing for "len" bytes. 1329 */ 1330int 1331m_apply(struct mbuf *m, int off, int len, 1332 int (*f)(void *, void *, u_int), void *arg) 1333{ 1334 u_int count; 1335 int rval; 1336 1337 KASSERT(off >= 0, ("m_apply, negative off %d", off)); 1338 KASSERT(len >= 0, ("m_apply, negative len %d", len)); 1339 while (off > 0) { 1340 KASSERT(m != NULL, ("m_apply, offset > size of mbuf chain")); 1341 if (off < m->m_len) 1342 break; 1343 off -= m->m_len; 1344 m = m->m_next; 1345 } 1346 while (len > 0) { 1347 KASSERT(m != NULL, ("m_apply, offset > size of mbuf chain")); 1348 count = min(m->m_len - off, len); 1349 rval = (*f)(arg, mtod(m, caddr_t) + off, count); 1350 if (rval) 1351 return (rval); 1352 len -= count; 1353 off = 0; 1354 m = m->m_next; 1355 } 1356 return (0); 1357} 1358 1359/* 1360 * Return a pointer to mbuf/offset of location in mbuf chain. 1361 */ 1362struct mbuf * 1363m_getptr(struct mbuf *m, int loc, int *off) 1364{ 1365 1366 while (loc >= 0) { 1367 /* Normal end of search. */ 1368 if (m->m_len > loc) { 1369 *off = loc; 1370 return (m); 1371 } else { 1372 loc -= m->m_len; 1373 if (m->m_next == NULL) { 1374 if (loc == 0) { 1375 /* Point at the end of valid data. */ 1376 *off = m->m_len; 1377 return (m); 1378 } 1379 return (NULL); 1380 } 1381 m = m->m_next; 1382 } 1383 } 1384 return (NULL); 1385} 1386 1387void 1388m_print(const struct mbuf *m, int maxlen) 1389{ 1390 int len; 1391 int pdata; 1392 const struct mbuf *m2; 1393 1394 if (m->m_flags & M_PKTHDR) 1395 len = m->m_pkthdr.len; 1396 else 1397 len = -1; 1398 m2 = m; 1399 while (m2 != NULL && (len == -1 || len)) { 1400 pdata = m2->m_len; 1401 if (maxlen != -1 && pdata > maxlen) 1402 pdata = maxlen; 1403 printf("mbuf: %p len: %d, next: %p, %b%s", m2, m2->m_len, 1404 m2->m_next, m2->m_flags, "\20\20freelist\17skipfw" 1405 "\11proto5\10proto4\7proto3\6proto2\5proto1\4rdonly" 1406 "\3eor\2pkthdr\1ext", pdata ? "" : "\n"); 1407 if (pdata) 1408 printf(", %*D\n", m2->m_len, (u_char *)m2->m_data, "-"); 1409 if (len != -1) 1410 len -= m2->m_len; 1411 m2 = m2->m_next; 1412 } 1413 if (len > 0) 1414 printf("%d bytes unaccounted for.\n", len); 1415 return; 1416} 1417 1418u_int 1419m_fixhdr(struct mbuf *m0) 1420{ 1421 u_int len; 1422 1423 len = m_length(m0, NULL); 1424 m0->m_pkthdr.len = len; 1425 return (len); 1426} 1427 1428u_int 1429m_length(struct mbuf *m0, struct mbuf **last) 1430{ 1431 struct mbuf *m; 1432 u_int len; 1433 1434 len = 0; 1435 for (m = m0; m != NULL; m = m->m_next) { 1436 len += m->m_len; 1437 if (m->m_next == NULL) 1438 break; 1439 } 1440 if (last != NULL) 1441 *last = m; 1442 return (len); 1443} 1444 1445/* 1446 * Defragment a mbuf chain, returning the shortest possible 1447 * chain of mbufs and clusters. If allocation fails and 1448 * this cannot be completed, NULL will be returned, but 1449 * the passed in chain will be unchanged. Upon success, 1450 * the original chain will be freed, and the new chain 1451 * will be returned. 1452 * 1453 * If a non-packet header is passed in, the original 1454 * mbuf (chain?) will be returned unharmed. 1455 */ 1456struct mbuf * 1457m_defrag(struct mbuf *m0, int how) 1458{ 1459 struct mbuf *m_new = NULL, *m_final = NULL; 1460 int progress = 0, length; 1461 1462 MBUF_CHECKSLEEP(how); 1463 if (!(m0->m_flags & M_PKTHDR)) 1464 return (m0); 1465 1466 m_fixhdr(m0); /* Needed sanity check */ 1467 1468#ifdef MBUF_STRESS_TEST 1469 if (m_defragrandomfailures) { 1470 int temp = arc4random() & 0xff; 1471 if (temp == 0xba) 1472 goto nospace; 1473 } 1474#endif 1475 1476 if (m0->m_pkthdr.len > MHLEN) 1477 m_final = m_getcl(how, MT_DATA, M_PKTHDR); 1478 else 1479 m_final = m_gethdr(how, MT_DATA); 1480 1481 if (m_final == NULL) 1482 goto nospace; 1483 1484 if (m_dup_pkthdr(m_final, m0, how) == 0) 1485 goto nospace; 1486 1487 m_new = m_final; 1488 1489 while (progress < m0->m_pkthdr.len) { 1490 length = m0->m_pkthdr.len - progress; 1491 if (length > MCLBYTES) 1492 length = MCLBYTES; 1493 1494 if (m_new == NULL) { 1495 if (length > MLEN) 1496 m_new = m_getcl(how, MT_DATA, 0); 1497 else 1498 m_new = m_get(how, MT_DATA); 1499 if (m_new == NULL) 1500 goto nospace; 1501 } 1502 1503 m_copydata(m0, progress, length, mtod(m_new, caddr_t)); 1504 progress += length; 1505 m_new->m_len = length; 1506 if (m_new != m_final) 1507 m_cat(m_final, m_new); 1508 m_new = NULL; 1509 } 1510#ifdef MBUF_STRESS_TEST 1511 if (m0->m_next == NULL) 1512 m_defraguseless++; 1513#endif 1514 m_freem(m0); 1515 m0 = m_final; 1516#ifdef MBUF_STRESS_TEST 1517 m_defragpackets++; 1518 m_defragbytes += m0->m_pkthdr.len; 1519#endif 1520 return (m0); 1521nospace: 1522#ifdef MBUF_STRESS_TEST 1523 m_defragfailure++; 1524#endif 1525 if (m_final) 1526 m_freem(m_final); 1527 return (NULL); 1528} 1529 1530#ifdef MBUF_STRESS_TEST 1531 1532/* 1533 * Fragment an mbuf chain. There's no reason you'd ever want to do 1534 * this in normal usage, but it's great for stress testing various 1535 * mbuf consumers. 1536 * 1537 * If fragmentation is not possible, the original chain will be 1538 * returned. 1539 * 1540 * Possible length values: 1541 * 0 no fragmentation will occur 1542 * > 0 each fragment will be of the specified length 1543 * -1 each fragment will be the same random value in length 1544 * -2 each fragment's length will be entirely random 1545 * (Random values range from 1 to 256) 1546 */ 1547struct mbuf * 1548m_fragment(struct mbuf *m0, int how, int length) 1549{ 1550 struct mbuf *m_new = NULL, *m_final = NULL; 1551 int progress = 0; 1552 1553 if (!(m0->m_flags & M_PKTHDR)) 1554 return (m0); 1555 1556 if ((length == 0) || (length < -2)) 1557 return (m0); 1558 1559 m_fixhdr(m0); /* Needed sanity check */ 1560 1561 m_final = m_getcl(how, MT_DATA, M_PKTHDR); 1562 1563 if (m_final == NULL) 1564 goto nospace; 1565 1566 if (m_dup_pkthdr(m_final, m0, how) == 0) 1567 goto nospace; 1568 1569 m_new = m_final; 1570 1571 if (length == -1) 1572 length = 1 + (arc4random() & 255); 1573 1574 while (progress < m0->m_pkthdr.len) { 1575 int fraglen; 1576 1577 if (length > 0) 1578 fraglen = length; 1579 else 1580 fraglen = 1 + (arc4random() & 255); 1581 if (fraglen > m0->m_pkthdr.len - progress) 1582 fraglen = m0->m_pkthdr.len - progress; 1583 1584 if (fraglen > MCLBYTES) 1585 fraglen = MCLBYTES; 1586 1587 if (m_new == NULL) { 1588 m_new = m_getcl(how, MT_DATA, 0); 1589 if (m_new == NULL) 1590 goto nospace; 1591 } 1592 1593 m_copydata(m0, progress, fraglen, mtod(m_new, caddr_t)); 1594 progress += fraglen; 1595 m_new->m_len = fraglen; 1596 if (m_new != m_final) 1597 m_cat(m_final, m_new); 1598 m_new = NULL; 1599 } 1600 m_freem(m0); 1601 m0 = m_final; 1602 return (m0); 1603nospace: 1604 if (m_final) 1605 m_freem(m_final); 1606 /* Return the original chain on failure */ 1607 return (m0); 1608} 1609 1610#endif 1611 1612struct mbuf * 1613m_uiotombuf(struct uio *uio, int how, int len, int align) 1614{ 1615 struct mbuf *m_new = NULL, *m_final = NULL; 1616 int progress = 0, error = 0, length, total; 1617 1618 if (len > 0) 1619 total = min(uio->uio_resid, len); 1620 else 1621 total = uio->uio_resid; 1622 if (align >= MHLEN) 1623 goto nospace; 1624 if (total + align > MHLEN) 1625 m_final = m_getcl(how, MT_DATA, M_PKTHDR); 1626 else 1627 m_final = m_gethdr(how, MT_DATA); 1628 if (m_final == NULL) 1629 goto nospace; 1630 m_final->m_data += align; 1631 m_new = m_final; 1632 while (progress < total) { 1633 length = total - progress; 1634 if (length > MCLBYTES) 1635 length = MCLBYTES; 1636 if (m_new == NULL) { 1637 if (length > MLEN) 1638 m_new = m_getcl(how, MT_DATA, 0); 1639 else 1640 m_new = m_get(how, MT_DATA); 1641 if (m_new == NULL) 1642 goto nospace; 1643 } 1644 error = uiomove(mtod(m_new, void *), length, uio); 1645 if (error) 1646 goto nospace; 1647 progress += length; 1648 m_new->m_len = length; 1649 if (m_new != m_final) 1650 m_cat(m_final, m_new); 1651 m_new = NULL; 1652 } 1653 m_fixhdr(m_final); 1654 return (m_final); 1655nospace: 1656 if (m_new) 1657 m_free(m_new); 1658 if (m_final) 1659 m_freem(m_final); 1660 return (NULL); 1661} 1662 1663/* 1664 * Set the m_data pointer of a newly-allocated mbuf 1665 * to place an object of the specified size at the 1666 * end of the mbuf, longword aligned. 1667 */ 1668void 1669m_align(struct mbuf *m, int len) 1670{ 1671 int adjust; 1672 1673 if (m->m_flags & M_EXT) 1674 adjust = m->m_ext.ext_size - len; 1675 else if (m->m_flags & M_PKTHDR) 1676 adjust = MHLEN - len; 1677 else 1678 adjust = MLEN - len; 1679 m->m_data += adjust &~ (sizeof(long)-1); 1680} 1681