1/* $KAME: uipc_mbuf2.c,v 1.31 2001/11/28 11:08:53 itojun Exp $ */ 2/* $NetBSD: uipc_mbuf.c,v 1.40 1999/04/01 00:23:25 thorpej Exp $ */ 3 4/*- 5 * Copyright (C) 1999 WIDE Project. 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. Neither the name of the project nor the names of its contributors 17 * may be used to endorse or promote products derived from this software 18 * without specific prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30 * SUCH DAMAGE. 31 */ 32/*- 33 * Copyright (c) 1982, 1986, 1988, 1991, 1993 34 * The Regents of the University of California. All rights reserved. 35 * 36 * Redistribution and use in source and binary forms, with or without 37 * modification, are permitted provided that the following conditions 38 * are met: 39 * 1. Redistributions of source code must retain the above copyright 40 * notice, this list of conditions and the following disclaimer. 41 * 2. Redistributions in binary form must reproduce the above copyright 42 * notice, this list of conditions and the following disclaimer in the 43 * documentation and/or other materials provided with the distribution. 44 * 4. Neither the name of the University nor the names of its contributors 45 * may be used to endorse or promote products derived from this software 46 * without specific prior written permission. 47 * 48 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 49 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 50 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 51 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 52 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 53 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 54 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 55 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 56 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 57 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 58 * SUCH DAMAGE. 59 * 60 * @(#)uipc_mbuf.c 8.4 (Berkeley) 2/14/95 61 */ 62 63#include <sys/cdefs.h> 64__FBSDID("$FreeBSD: stable/11/sys/kern/uipc_mbuf2.c 356449 2020-01-07 16:49:56Z bz $"); 65 66/*#define PULLDOWN_DEBUG*/ 67 68#include <sys/param.h> 69#include <sys/systm.h> 70#include <sys/kernel.h> 71#include <sys/lock.h> 72#include <sys/malloc.h> 73#include <sys/mbuf.h> 74#include <sys/mutex.h> 75 76#include <security/mac/mac_framework.h> 77 78static MALLOC_DEFINE(M_PACKET_TAGS, MBUF_TAG_MEM_NAME, 79 "packet-attached information"); 80 81/* can't call it m_dup(), as freebsd[34] uses m_dup() with different arg */ 82static struct mbuf *m_dup1(struct mbuf *, int, int, int); 83 84/* 85 * ensure that [off, off + len) is contiguous on the mbuf chain "m". 86 * packet chain before "off" is kept untouched. 87 * if offp == NULL, the target will start at <retval, 0> on resulting chain. 88 * if offp != NULL, the target will start at <retval, *offp> on resulting chain. 89 * 90 * on error return (NULL return value), original "m" will be freed. 91 * 92 * XXX: M_TRAILINGSPACE/M_LEADINGSPACE only permitted on writable ext_buf. 93 */ 94struct mbuf * 95m_pulldown(struct mbuf *m, int off, int len, int *offp) 96{ 97 struct mbuf *n, *o; 98 int hlen, tlen, olen; 99 int writable; 100 101 /* check invalid arguments. */ 102 KASSERT(m != NULL, ("%s: fix caller: m is NULL off %d len %d offp %p\n", 103 __func__, off, len, offp)); 104 if (len > MCLBYTES) { 105 m_freem(m); 106 return NULL; /* impossible */ 107 } 108 109#ifdef PULLDOWN_DEBUG 110 { 111 struct mbuf *t; 112 printf("before:"); 113 for (t = m; t; t = t->m_next) 114 printf(" %d", t->m_len); 115 printf("\n"); 116 } 117#endif 118 n = m; 119 while (n != NULL && off > 0) { 120 if (n->m_len > off) 121 break; 122 off -= n->m_len; 123 n = n->m_next; 124 } 125 /* be sure to point non-empty mbuf */ 126 while (n != NULL && n->m_len == 0) 127 n = n->m_next; 128 if (!n) { 129 m_freem(m); 130 return NULL; /* mbuf chain too short */ 131 } 132 133 /* 134 * The following comment is dated but still partially applies: 135 * 136 * XXX: This code is flawed because it considers a "writable" mbuf 137 * data region to require all of the following: 138 * (i) mbuf _has_ to have M_EXT set; if it is just a regular 139 * mbuf, it is still not considered "writable." 140 * (ii) since mbuf has M_EXT, the ext_type _has_ to be 141 * EXT_CLUSTER. Anything else makes it non-writable. 142 * (iii) M_WRITABLE() must evaluate true. 143 * Ideally, the requirement should only be (iii). 144 * 145 * If we're writable, we're sure we're writable, because the ref. count 146 * cannot increase from 1, as that would require possession of mbuf 147 * n by someone else (which is impossible). However, if we're _not_ 148 * writable, we may eventually become writable )if the ref. count drops 149 * to 1), but we'll fail to notice it unless we re-evaluate 150 * M_WRITABLE(). For now, we only evaluate once at the beginning and 151 * live with this. 152 */ 153 writable = 0; 154 if ((n->m_flags & M_EXT) == 0 || 155 (n->m_ext.ext_type == EXT_CLUSTER && M_WRITABLE(n))) 156 writable = 1; 157 158 /* 159 * the target data is on <n, off>. 160 * if we got enough data on the mbuf "n", we're done. 161 */ 162 if ((off == 0 || offp) && len <= n->m_len - off) 163 goto ok; 164 165 /* 166 * when len <= n->m_len - off and off != 0, it is a special case. 167 * len bytes from <n, off> sits in single mbuf, but the caller does 168 * not like the starting position (off). 169 * chop the current mbuf into two pieces, set off to 0. 170 */ 171 if (len <= n->m_len - off) { 172 o = m_dup1(n, off, n->m_len - off, M_NOWAIT); 173 if (o == NULL) { 174 m_freem(m); 175 return NULL; /* ENOBUFS */ 176 } 177 n->m_len = off; 178 o->m_next = n->m_next; 179 n->m_next = o; 180 n = n->m_next; 181 off = 0; 182 goto ok; 183 } 184 185 /* 186 * we need to take hlen from <n, off> and tlen from <n->m_next, 0>, 187 * and construct contiguous mbuf with m_len == len. 188 * note that hlen + tlen == len, and tlen > 0. 189 */ 190 hlen = n->m_len - off; 191 tlen = len - hlen; 192 193 /* 194 * ensure that we have enough trailing data on mbuf chain. 195 * if not, we can do nothing about the chain. 196 */ 197 olen = 0; 198 for (o = n->m_next; o != NULL; o = o->m_next) 199 olen += o->m_len; 200 if (hlen + olen < len) { 201 m_freem(m); 202 return NULL; /* mbuf chain too short */ 203 } 204 205 /* 206 * easy cases first. 207 * we need to use m_copydata() to get data from <n->m_next, 0>. 208 */ 209 if ((off == 0 || offp) && M_TRAILINGSPACE(n) >= tlen 210 && writable) { 211 m_copydata(n->m_next, 0, tlen, mtod(n, caddr_t) + n->m_len); 212 n->m_len += tlen; 213 m_adj(n->m_next, tlen); 214 goto ok; 215 } 216 if ((off == 0 || offp) && M_LEADINGSPACE(n->m_next) >= hlen 217 && writable && n->m_next->m_len >= tlen) { 218 n->m_next->m_data -= hlen; 219 n->m_next->m_len += hlen; 220 bcopy(mtod(n, caddr_t) + off, mtod(n->m_next, caddr_t), hlen); 221 n->m_len -= hlen; 222 n = n->m_next; 223 off = 0; 224 goto ok; 225 } 226 227 /* 228 * now, we need to do the hard way. don't m_copy as there's no room 229 * on both end. 230 */ 231 if (len > MLEN) 232 o = m_getcl(M_NOWAIT, m->m_type, 0); 233 else 234 o = m_get(M_NOWAIT, m->m_type); 235 if (!o) { 236 m_freem(m); 237 return NULL; /* ENOBUFS */ 238 } 239 /* get hlen from <n, off> into <o, 0> */ 240 o->m_len = hlen; 241 bcopy(mtod(n, caddr_t) + off, mtod(o, caddr_t), hlen); 242 n->m_len -= hlen; 243 /* get tlen from <n->m_next, 0> into <o, hlen> */ 244 m_copydata(n->m_next, 0, tlen, mtod(o, caddr_t) + o->m_len); 245 o->m_len += tlen; 246 m_adj(n->m_next, tlen); 247 o->m_next = n->m_next; 248 n->m_next = o; 249 n = o; 250 off = 0; 251 252ok: 253#ifdef PULLDOWN_DEBUG 254 { 255 struct mbuf *t; 256 printf("after:"); 257 for (t = m; t; t = t->m_next) 258 printf("%c%d", t == n ? '*' : ' ', t->m_len); 259 printf(" (off=%d)\n", off); 260 } 261#endif 262 if (offp) 263 *offp = off; 264 return n; 265} 266 267static struct mbuf * 268m_dup1(struct mbuf *m, int off, int len, int wait) 269{ 270 struct mbuf *n; 271 int copyhdr; 272 273 if (len > MCLBYTES) 274 return NULL; 275 if (off == 0 && (m->m_flags & M_PKTHDR) != 0) 276 copyhdr = 1; 277 else 278 copyhdr = 0; 279 if (len >= MINCLSIZE) { 280 if (copyhdr == 1) 281 n = m_getcl(wait, m->m_type, M_PKTHDR); 282 else 283 n = m_getcl(wait, m->m_type, 0); 284 } else { 285 if (copyhdr == 1) 286 n = m_gethdr(wait, m->m_type); 287 else 288 n = m_get(wait, m->m_type); 289 } 290 if (!n) 291 return NULL; /* ENOBUFS */ 292 293 if (copyhdr && !m_dup_pkthdr(n, m, wait)) { 294 m_free(n); 295 return NULL; 296 } 297 m_copydata(m, off, len, mtod(n, caddr_t)); 298 n->m_len = len; 299 return n; 300} 301 302/* Free a packet tag. */ 303void 304m_tag_free_default(struct m_tag *t) 305{ 306#ifdef MAC 307 if (t->m_tag_id == PACKET_TAG_MACLABEL) 308 mac_mbuf_tag_destroy(t); 309#endif 310 free(t, M_PACKET_TAGS); 311} 312 313/* Get a packet tag structure along with specified data following. */ 314struct m_tag * 315m_tag_alloc(uint32_t cookie, int type, int len, int wait) 316{ 317 struct m_tag *t; 318 319 MBUF_CHECKSLEEP(wait); 320 if (len < 0) 321 return NULL; 322 t = malloc(len + sizeof(struct m_tag), M_PACKET_TAGS, wait); 323 if (t == NULL) 324 return NULL; 325 m_tag_setup(t, cookie, type, len); 326 t->m_tag_free = m_tag_free_default; 327 return t; 328} 329 330/* Unlink and free a packet tag. */ 331void 332m_tag_delete(struct mbuf *m, struct m_tag *t) 333{ 334 335 KASSERT(m && t, ("m_tag_delete: null argument, m %p t %p", m, t)); 336 m_tag_unlink(m, t); 337 m_tag_free(t); 338} 339 340/* Unlink and free a packet tag chain, starting from given tag. */ 341void 342m_tag_delete_chain(struct mbuf *m, struct m_tag *t) 343{ 344 struct m_tag *p, *q; 345 346 KASSERT(m, ("m_tag_delete_chain: null mbuf")); 347 if (t != NULL) 348 p = t; 349 else 350 p = SLIST_FIRST(&m->m_pkthdr.tags); 351 if (p == NULL) 352 return; 353 while ((q = SLIST_NEXT(p, m_tag_link)) != NULL) 354 m_tag_delete(m, q); 355 m_tag_delete(m, p); 356} 357 358/* 359 * Strip off all tags that would normally vanish when 360 * passing through a network interface. Only persistent 361 * tags will exist after this; these are expected to remain 362 * so long as the mbuf chain exists, regardless of the 363 * path the mbufs take. 364 */ 365void 366m_tag_delete_nonpersistent(struct mbuf *m) 367{ 368 struct m_tag *p, *q; 369 370 SLIST_FOREACH_SAFE(p, &m->m_pkthdr.tags, m_tag_link, q) 371 if ((p->m_tag_id & MTAG_PERSISTENT) == 0) 372 m_tag_delete(m, p); 373} 374 375/* Find a tag, starting from a given position. */ 376struct m_tag * 377m_tag_locate(struct mbuf *m, uint32_t cookie, int type, struct m_tag *t) 378{ 379 struct m_tag *p; 380 381 KASSERT(m, ("m_tag_locate: null mbuf")); 382 if (t == NULL) 383 p = SLIST_FIRST(&m->m_pkthdr.tags); 384 else 385 p = SLIST_NEXT(t, m_tag_link); 386 while (p != NULL) { 387 if (p->m_tag_cookie == cookie && p->m_tag_id == type) 388 return p; 389 p = SLIST_NEXT(p, m_tag_link); 390 } 391 return NULL; 392} 393 394/* Copy a single tag. */ 395struct m_tag * 396m_tag_copy(struct m_tag *t, int how) 397{ 398 struct m_tag *p; 399 400 MBUF_CHECKSLEEP(how); 401 KASSERT(t, ("m_tag_copy: null tag")); 402 p = m_tag_alloc(t->m_tag_cookie, t->m_tag_id, t->m_tag_len, how); 403 if (p == NULL) 404 return (NULL); 405#ifdef MAC 406 /* 407 * XXXMAC: we should probably pass off the initialization, and 408 * copying here? can we hide that PACKET_TAG_MACLABEL is 409 * special from the mbuf code? 410 */ 411 if (t->m_tag_id == PACKET_TAG_MACLABEL) { 412 if (mac_mbuf_tag_init(p, how) != 0) { 413 m_tag_free(p); 414 return (NULL); 415 } 416 mac_mbuf_tag_copy(t, p); 417 } else 418#endif 419 bcopy(t + 1, p + 1, t->m_tag_len); /* Copy the data */ 420 return p; 421} 422 423/* 424 * Copy two tag chains. The destination mbuf (to) loses any attached 425 * tags even if the operation fails. This should not be a problem, as 426 * m_tag_copy_chain() is typically called with a newly-allocated 427 * destination mbuf. 428 */ 429int 430m_tag_copy_chain(struct mbuf *to, const struct mbuf *from, int how) 431{ 432 struct m_tag *p, *t, *tprev = NULL; 433 434 MBUF_CHECKSLEEP(how); 435 KASSERT(to && from, 436 ("m_tag_copy_chain: null argument, to %p from %p", to, from)); 437 m_tag_delete_chain(to, NULL); 438 SLIST_FOREACH(p, &from->m_pkthdr.tags, m_tag_link) { 439 t = m_tag_copy(p, how); 440 if (t == NULL) { 441 m_tag_delete_chain(to, NULL); 442 return 0; 443 } 444 if (tprev == NULL) 445 SLIST_INSERT_HEAD(&to->m_pkthdr.tags, t, m_tag_link); 446 else 447 SLIST_INSERT_AFTER(tprev, t, m_tag_link); 448 tprev = t; 449 } 450 return 1; 451} 452