1/* 2 * Copyright (c) 1997-2014 Apple Inc. All rights reserved. 3 * 4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@ 5 * 6 * This file contains Original Code and/or Modifications of Original Code 7 * as defined in and that are subject to the Apple Public Source License 8 * Version 2.0 (the 'License'). You may not use this file except in 9 * compliance with the License. The rights granted to you under the License 10 * may not be used to create, or enable the creation or redistribution of, 11 * unlawful or unlicensed copies of an Apple operating system, or to 12 * circumvent, violate, or enable the circumvention or violation of, any 13 * terms of an Apple operating system software license agreement. 14 * 15 * Please obtain a copy of the License at 16 * http://www.opensource.apple.com/apsl/ and read it before using this file. 17 * 18 * The Original Code and all software distributed under the License are 19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER 20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, 21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, 22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. 23 * Please see the License for the specific language governing rights and 24 * limitations under the License. 25 * 26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@ 27 */ 28/* 29 * @(#)ndrv.c 1.1 (MacOSX) 6/10/43 30 * Justin Walker, 970604 31 * AF_NDRV support 32 * 980130 - Cleanup, reorg, performance improvemements 33 * 000816 - Removal of Y adapter cruft 34 */ 35 36/* 37 * PF_NDRV allows raw access to a specified network device, directly 38 * with a socket. Expected use involves a socket option to request 39 * protocol packets. This lets ndrv_output() call ifnet_output(), and 40 * lets DLIL find the proper recipient for incoming packets. 41 * The purpose here is for user-mode protocol implementation. 42 * Note that "pure raw access" will still be accomplished with BPF. 43 * 44 * In addition to the former use, when combined with socket NKEs, 45 * PF_NDRV permits a fairly flexible mechanism for implementing 46 * strange protocol support. 47 */ 48#include <mach/mach_types.h> 49 50#include <sys/param.h> 51#include <sys/systm.h> 52#include <sys/kernel.h> 53#include <sys/malloc.h> 54#include <sys/mbuf.h> 55#include <sys/protosw.h> 56#include <sys/domain.h> 57#include <sys/socket.h> 58#include <sys/socketvar.h> 59#include <sys/ioctl.h> 60#include <sys/sysctl.h> 61#include <sys/errno.h> 62#include <sys/syslog.h> 63#include <sys/proc.h> 64 65#include <kern/queue.h> 66 67#include <net/ndrv.h> 68#include <net/route.h> 69#include <net/if_llc.h> 70#include <net/if_dl.h> 71#include <net/if_types.h> 72#include <net/ndrv_var.h> 73#include <net/dlil.h> 74 75#if INET 76#include <netinet/in.h> 77#include <netinet/in_var.h> 78#endif 79#include <netinet/if_ether.h> 80 81#include <machine/spl.h> 82 83static unsigned int ndrv_multi_max_count = NDRV_DMUX_MAX_DESCR; 84SYSCTL_UINT(_net, OID_AUTO, ndrv_multi_max_count, CTLFLAG_RW | CTLFLAG_LOCKED, 85 &ndrv_multi_max_count, 0, "Number of allowed multicast addresses per NRDV socket"); 86 87static int ndrv_do_detach(struct ndrv_cb *); 88static int ndrv_do_disconnect(struct ndrv_cb *); 89static struct ndrv_cb *ndrv_find_inbound(struct ifnet *ifp, u_int32_t protocol_family); 90static int ndrv_setspec(struct ndrv_cb *np, struct sockopt *sopt); 91static int ndrv_delspec(struct ndrv_cb *); 92static int ndrv_to_ifnet_demux(struct ndrv_demux_desc* ndrv, struct ifnet_demux_desc* ifdemux); 93static void ndrv_handle_ifp_detach(u_int32_t family, short unit); 94static int ndrv_do_add_multicast(struct ndrv_cb *np, struct sockopt *sopt); 95static int ndrv_do_remove_multicast(struct ndrv_cb *np, struct sockopt *sopt); 96static struct ndrv_multiaddr* ndrv_have_multicast(struct ndrv_cb *np, struct sockaddr* addr); 97static void ndrv_remove_all_multicast(struct ndrv_cb *np); 98static void ndrv_dominit(struct domain *); 99 100u_int32_t ndrv_sendspace = NDRVSNDQ; 101u_int32_t ndrv_recvspace = NDRVRCVQ; 102TAILQ_HEAD(, ndrv_cb) ndrvl = TAILQ_HEAD_INITIALIZER(ndrvl); 103 104static struct domain *ndrvdomain = NULL; 105extern struct domain ndrvdomain_s; 106 107#define NDRV_PROTODEMUX_COUNT 10 108 109/* 110 * Verify these values match. 111 * To keep clients from including dlil.h, we define 112 * these values independently in ndrv.h. They must 113 * match or a conversion function must be written. 114 */ 115#if NDRV_DEMUXTYPE_ETHERTYPE != DLIL_DESC_ETYPE2 116#error NDRV_DEMUXTYPE_ETHERTYPE must match DLIL_DESC_ETYPE2 117#endif 118#if NDRV_DEMUXTYPE_SAP != DLIL_DESC_SAP 119#error NDRV_DEMUXTYPE_SAP must match DLIL_DESC_SAP 120#endif 121#if NDRV_DEMUXTYPE_SNAP != DLIL_DESC_SNAP 122#error NDRV_DEMUXTYPE_SNAP must match DLIL_DESC_SNAP 123#endif 124 125/* 126 * Protocol output - Called to output a raw network packet directly 127 * to the driver. 128 */ 129static int 130ndrv_output(struct mbuf *m, struct socket *so) 131{ 132 struct ndrv_cb *np = sotondrvcb(so); 133 struct ifnet *ifp = np->nd_if; 134 int result = 0; 135 136#if NDRV_DEBUG 137 kprintf("NDRV output: %x, %x, %x\n", m, so, np); 138#endif 139 140 /* 141 * No header is a format error 142 */ 143 if ((m->m_flags&M_PKTHDR) == 0) 144 return(EINVAL); 145 146 /* Unlock before calling ifnet_output */ 147 socket_unlock(so, 0); 148 149 /* 150 * Call DLIL if we can. DLIL is much safer than calling the 151 * ifp directly. 152 */ 153 result = ifnet_output_raw(ifp, np->nd_proto_family, m); 154 155 socket_lock(so, 0); 156 157 return (result); 158} 159 160/* Our input routine called from DLIL */ 161static errno_t 162ndrv_input( 163 ifnet_t ifp, 164 protocol_family_t proto_family, 165 mbuf_t m, 166 char *frame_header) 167{ 168 struct socket *so; 169 struct sockaddr_dl ndrvsrc; 170 struct ndrv_cb *np; 171 int error = 0; 172 173 ndrvsrc.sdl_len = sizeof (struct sockaddr_dl); 174 ndrvsrc.sdl_family = AF_NDRV; 175 ndrvsrc.sdl_index = 0; 176 177 /* move packet from if queue to socket */ 178 /* Should be media-independent */ 179 ndrvsrc.sdl_type = IFT_ETHER; 180 ndrvsrc.sdl_nlen = 0; 181 ndrvsrc.sdl_alen = 6; 182 ndrvsrc.sdl_slen = 0; 183 bcopy(frame_header, &ndrvsrc.sdl_data, 6); 184 185 np = ndrv_find_inbound(ifp, proto_family); 186 if (np == NULL) 187 { 188 return(ENOENT); 189 } 190 so = np->nd_socket; 191 /* prepend the frame header */ 192 m = m_prepend(m, ifnet_hdrlen(ifp), M_NOWAIT); 193 if (m == NULL) 194 return EJUSTRETURN; 195 bcopy(frame_header, m->m_data, ifnet_hdrlen(ifp)); 196 197 lck_mtx_assert(ndrvdomain->dom_mtx, LCK_MTX_ASSERT_NOTOWNED); 198 lck_mtx_lock(ndrvdomain->dom_mtx); 199 if (sbappendaddr(&(so->so_rcv), (struct sockaddr *)&ndrvsrc, 200 m, (struct mbuf *)0, &error) != 0) { 201 sorwakeup(so); 202 } 203 lck_mtx_unlock(ndrvdomain->dom_mtx); 204 return 0; /* radar 4030377 - always return 0 */ 205} 206 207/* 208 * Allocate an ndrv control block and some buffer space for the socket 209 */ 210static int 211ndrv_attach(struct socket *so, int proto, __unused struct proc *p) 212{ 213 int error; 214 struct ndrv_cb *np = sotondrvcb(so); 215 216 if ((so->so_state & SS_PRIV) == 0) 217 return(EPERM); 218 219#if NDRV_DEBUG 220 kprintf("NDRV attach: %x, %x, %x\n", so, proto, np); 221#endif 222 223 if ((error = soreserve(so, ndrv_sendspace, ndrv_recvspace))) 224 return(error); 225 226 MALLOC(np, struct ndrv_cb *, sizeof(*np), M_PCB, M_WAITOK); 227 if (np == NULL) 228 return (ENOMEM); 229 so->so_pcb = (caddr_t)np; 230 bzero(np, sizeof(*np)); 231#if NDRV_DEBUG 232 kprintf("NDRV attach: %x, %x, %x\n", so, proto, np); 233#endif 234 TAILQ_INIT(&np->nd_dlist); 235 np->nd_signature = NDRV_SIGNATURE; 236 np->nd_socket = so; 237 np->nd_proto.sp_family = SOCK_DOM(so); 238 np->nd_proto.sp_protocol = proto; 239 np->nd_if = NULL; 240 np->nd_proto_family = 0; 241 np->nd_family = 0; 242 np->nd_unit = 0; 243 TAILQ_INSERT_TAIL(&ndrvl, np, nd_next); 244 return(0); 245} 246 247/* 248 * Destroy state just before socket deallocation. 249 * Flush data or not depending on the options. 250 */ 251 252static int 253ndrv_detach(struct socket *so) 254{ 255 struct ndrv_cb *np = sotondrvcb(so); 256 257 if (np == 0) 258 return EINVAL; 259 return ndrv_do_detach(np); 260} 261 262 263/* 264 * If a socket isn't bound to a single address, 265 * the ndrv input routine will hand it anything 266 * within that protocol family (assuming there's 267 * nothing else around it should go to). 268 * 269 * Don't expect this to be used. 270 */ 271 272static int 273ndrv_connect(struct socket *so, struct sockaddr *nam, __unused struct proc *p) 274{ 275 struct ndrv_cb *np = sotondrvcb(so); 276 277 if (np == 0) 278 return EINVAL; 279 280 if (np->nd_faddr) 281 return EISCONN; 282 283 /* Allocate memory to store the remote address */ 284 MALLOC(np->nd_faddr, struct sockaddr_ndrv*, 285 nam->sa_len, M_IFADDR, M_WAITOK); 286 if (np->nd_faddr == NULL) 287 return ENOMEM; 288 289 bcopy((caddr_t) nam, (caddr_t) np->nd_faddr, nam->sa_len); 290 soisconnected(so); 291 return 0; 292} 293 294static void 295ndrv_event(struct ifnet *ifp, __unused protocol_family_t protocol, 296 const struct kev_msg *event) 297{ 298 if (event->vendor_code == KEV_VENDOR_APPLE && 299 event->kev_class == KEV_NETWORK_CLASS && 300 event->kev_subclass == KEV_DL_SUBCLASS && 301 event->event_code == KEV_DL_IF_DETACHING) { 302 lck_mtx_assert(ndrvdomain->dom_mtx, LCK_MTX_ASSERT_NOTOWNED); 303 lck_mtx_lock(ndrvdomain->dom_mtx); 304 ndrv_handle_ifp_detach(ifnet_family(ifp), ifnet_unit(ifp)); 305 lck_mtx_unlock(ndrvdomain->dom_mtx); 306 } 307} 308 309static int name_cmp(struct ifnet *, char *); 310 311/* 312 * This is the "driver open" hook - we 'bind' to the 313 * named driver. 314 * Here's where we latch onto the driver. 315 */ 316static int 317ndrv_bind(struct socket *so, struct sockaddr *nam, __unused struct proc *p) 318{ 319 struct sockaddr_ndrv *sa = (struct sockaddr_ndrv *) nam; 320 char *dname; 321 struct ndrv_cb *np; 322 struct ifnet *ifp; 323 int result; 324 325 if TAILQ_EMPTY(&ifnet_head) 326 return(EADDRNOTAVAIL); /* Quick sanity check */ 327 np = sotondrvcb(so); 328 if (np == 0) 329 return EINVAL; 330 331 if (np->nd_laddr) 332 return EINVAL; /* XXX */ 333 334 /* I think we just latch onto a copy here; the caller frees */ 335 np->nd_laddr = _MALLOC(sizeof(struct sockaddr_ndrv), M_IFADDR, M_WAITOK); 336 if (np->nd_laddr == NULL) 337 return(ENOMEM); 338 bcopy((caddr_t) sa, (caddr_t) np->nd_laddr, sizeof(struct sockaddr_ndrv)); 339 dname = (char *) sa->snd_name; 340 if (*dname == '\0') 341 return(EINVAL); 342#if NDRV_DEBUG 343 kprintf("NDRV bind: %x, %x, %s\n", so, np, dname); 344#endif 345 /* Track down the driver and its ifnet structure. 346 * There's no internal call for this so we have to dup the code 347 * in if.c/ifconf() 348 */ 349 ifnet_head_lock_shared(); 350 TAILQ_FOREACH(ifp, &ifnet_head, if_link) { 351 if (name_cmp(ifp, dname) == 0) 352 break; 353 } 354 ifnet_head_done(); 355 356 if (ifp == NULL) 357 return(EADDRNOTAVAIL); 358 359 // PPP doesn't support PF_NDRV. 360 if (ifnet_family(ifp) != APPLE_IF_FAM_PPP) 361 { 362 /* NDRV on this interface */ 363 struct ifnet_attach_proto_param ndrv_proto; 364 result = 0; 365 bzero(&ndrv_proto, sizeof(ndrv_proto)); 366 ndrv_proto.event = ndrv_event; 367 368 /* We aren't worried about double attaching, that should just return an error */ 369 socket_unlock(so, 0); 370 result = ifnet_attach_protocol(ifp, PF_NDRV, &ndrv_proto); 371 socket_lock(so, 0); 372 if (result && result != EEXIST) { 373 return result; 374 } 375 np->nd_proto_family = PF_NDRV; 376 } 377 else { 378 np->nd_proto_family = 0; 379 } 380 381 np->nd_if = ifp; 382 np->nd_family = ifnet_family(ifp); 383 np->nd_unit = ifnet_unit(ifp); 384 385 return(0); 386} 387 388static int 389ndrv_disconnect(struct socket *so) 390{ 391 struct ndrv_cb *np = sotondrvcb(so); 392 393 if (np == 0) 394 return EINVAL; 395 396 if (np->nd_faddr == 0) 397 return ENOTCONN; 398 399 ndrv_do_disconnect(np); 400 return 0; 401} 402 403/* 404 * Mark the connection as being incapable of further input. 405 */ 406static int 407ndrv_shutdown(struct socket *so) 408{ 409 lck_mtx_assert(ndrvdomain->dom_mtx, LCK_MTX_ASSERT_OWNED); 410 socantsendmore(so); 411 return 0; 412} 413 414/* 415 * Ship a packet out. The ndrv output will pass it 416 * to the appropriate driver. The really tricky part 417 * is the destination address... 418 */ 419static int 420ndrv_send(struct socket *so, __unused int flags, struct mbuf *m, 421 __unused struct sockaddr *addr, struct mbuf *control, 422 __unused struct proc *p) 423{ 424 int error; 425 426 if (control) 427 return EOPNOTSUPP; 428 429 error = ndrv_output(m, so); 430 m = NULL; 431 return error; 432} 433 434 435static int 436ndrv_abort(struct socket *so) 437{ 438 struct ndrv_cb *np = sotondrvcb(so); 439 440 if (np == 0) 441 return EINVAL; 442 443 ndrv_do_disconnect(np); 444 return 0; 445} 446 447static int 448ndrv_sockaddr(struct socket *so, struct sockaddr **nam) 449{ 450 struct ndrv_cb *np = sotondrvcb(so); 451 int len; 452 453 if (np == 0) 454 return EINVAL; 455 456 if (np->nd_laddr == 0) 457 return EINVAL; 458 459 len = np->nd_laddr->snd_len; 460 MALLOC(*nam, struct sockaddr *, len, M_SONAME, M_WAITOK); 461 if (*nam == NULL) 462 return ENOMEM; 463 bcopy((caddr_t)np->nd_laddr, *nam, 464 (unsigned)len); 465 return 0; 466} 467 468 469static int 470ndrv_peeraddr(struct socket *so, struct sockaddr **nam) 471{ 472 struct ndrv_cb *np = sotondrvcb(so); 473 int len; 474 475 if (np == 0) 476 return EINVAL; 477 478 if (np->nd_faddr == 0) 479 return ENOTCONN; 480 481 len = np->nd_faddr->snd_len; 482 MALLOC(*nam, struct sockaddr *, len, M_SONAME, M_WAITOK); 483 if (*nam == NULL) 484 return ENOMEM; 485 bcopy((caddr_t)np->nd_faddr, *nam, 486 (unsigned)len); 487 return 0; 488} 489 490 491/* Control output */ 492 493static int 494ndrv_ctloutput(struct socket *so, struct sockopt *sopt) 495{ 496 struct ndrv_cb *np = sotondrvcb(so); 497 int error = 0; 498 499 switch(sopt->sopt_name) 500 { 501 case NDRV_DELDMXSPEC: /* Delete current spec */ 502 /* Verify no parameter was passed */ 503 if (sopt->sopt_val != 0 || sopt->sopt_valsize != 0) { 504 /* 505 * We don't support deleting a specific demux, it's 506 * all or nothing. 507 */ 508 return EINVAL; 509 } 510 error = ndrv_delspec(np); 511 break; 512 case NDRV_SETDMXSPEC: /* Set protocol spec */ 513 error = ndrv_setspec(np, sopt); 514 break; 515 case NDRV_ADDMULTICAST: 516 error = ndrv_do_add_multicast(np, sopt); 517 break; 518 case NDRV_DELMULTICAST: 519 error = ndrv_do_remove_multicast(np, sopt); 520 break; 521 default: 522 error = ENOTSUP; 523 } 524#ifdef NDRV_DEBUG 525 log(LOG_WARNING, "NDRV CTLOUT: %x returns %d\n", sopt->sopt_name, 526 error); 527#endif 528 return(error); 529} 530 531static int 532ndrv_do_detach(struct ndrv_cb *np) 533{ 534 struct ndrv_cb* cur_np = NULL; 535 struct socket *so = np->nd_socket; 536 int error = 0; 537 struct ifnet * ifp; 538 539#if NDRV_DEBUG 540 kprintf("NDRV detach: %x, %x\n", so, np); 541#endif 542 ndrv_remove_all_multicast(np); 543 544 ifp = np->nd_if; 545 /* Remove from the linked list of control blocks */ 546 TAILQ_REMOVE(&ndrvl, np, nd_next); 547 if (ifp != NULL) { 548 u_int32_t proto_family = np->nd_proto_family; 549 550 if (proto_family != PF_NDRV && proto_family != 0) { 551 socket_unlock(so, 0); 552 ifnet_detach_protocol(ifp, proto_family); 553 socket_lock(so, 0); 554 } 555 556 /* Check if this is the last socket attached to this interface */ 557 TAILQ_FOREACH(cur_np, &ndrvl, nd_next) { 558 if (cur_np->nd_family == np->nd_family && 559 cur_np->nd_unit == np->nd_unit) { 560 break; 561 } 562 } 563 564 /* If there are no other interfaces, detach PF_NDRV from the interface */ 565 if (cur_np == NULL) { 566 socket_unlock(so, 0); 567 ifnet_detach_protocol(ifp, PF_NDRV); 568 socket_lock(so, 0); 569 } 570 } 571 if (np->nd_laddr != NULL) { 572 FREE((caddr_t)np->nd_laddr, M_IFADDR); 573 np->nd_laddr = NULL; 574 } 575 FREE((caddr_t)np, M_PCB); 576 so->so_pcb = 0; 577 so->so_flags |= SOF_PCBCLEARING; 578 sofree(so); 579 return error; 580} 581 582static int 583ndrv_do_disconnect(struct ndrv_cb *np) 584{ 585 struct socket * so = np->nd_socket; 586#if NDRV_DEBUG 587 kprintf("NDRV disconnect: %x\n", np); 588#endif 589 if (np->nd_faddr) 590 { 591 FREE(np->nd_faddr, M_IFADDR); 592 np->nd_faddr = 0; 593 } 594 /* 595 * A multipath subflow socket would have its SS_NOFDREF set by default, 596 * so check for SOF_MP_SUBFLOW socket flag before detaching the PCB; 597 * when the socket is closed for real, SOF_MP_SUBFLOW would be cleared. 598 */ 599 if (!(so->so_flags & SOF_MP_SUBFLOW) && (so->so_state & SS_NOFDREF)) 600 ndrv_do_detach(np); 601 soisdisconnected(so); 602 return(0); 603} 604 605/* Hackery - return a string version of a decimal number */ 606static void 607sprint_d(u_int n, char *buf, int buflen) 608{ char dbuf[IFNAMSIZ]; 609 char *cp = dbuf+IFNAMSIZ-1; 610 611 *cp = 0; 612 do { buflen--; 613 cp--; 614 *cp = "0123456789"[n % 10]; 615 n /= 10; 616 } while (n != 0 && buflen > 0); 617 strlcpy(buf, cp, IFNAMSIZ-buflen); 618 return; 619} 620 621/* 622 * Try to compare a device name (q) with one of the funky ifnet 623 * device names (ifp). 624 */ 625static int name_cmp(struct ifnet *ifp, char *q) 626{ char *r; 627 int len; 628 char buf[IFNAMSIZ]; 629 630 r = buf; 631 len = strlen(ifnet_name(ifp)); 632 strlcpy(r, ifnet_name(ifp), IFNAMSIZ); 633 r += len; 634 sprint_d(ifnet_unit(ifp), r, IFNAMSIZ-(r-buf)); 635#if NDRV_DEBUG 636 kprintf("Comparing %s, %s\n", buf, q); 637#endif 638 return(strncmp(buf, q, IFNAMSIZ)); 639} 640 641#if 0 642//### Not used 643/* 644 * When closing, dump any enqueued mbufs. 645 */ 646void 647ndrv_flushq(struct ifqueue *q) 648{ 649 struct mbuf *m; 650 for (;;) 651 { 652 IF_DEQUEUE(q, m); 653 if (m == NULL) 654 break; 655 IF_DROP(q); 656 if (m) 657 m_freem(m); 658 } 659} 660#endif 661 662int 663ndrv_setspec(struct ndrv_cb *np, struct sockopt *sopt) 664{ 665 struct ifnet_attach_proto_param proto_param; 666 struct ndrv_protocol_desc ndrvSpec; 667 struct ndrv_demux_desc* ndrvDemux = NULL; 668 int error = 0; 669 struct socket * so = np->nd_socket; 670 user_addr_t user_addr; 671 672 /* Sanity checking */ 673 if (np->nd_proto_family != PF_NDRV) 674 return EBUSY; 675 if (np->nd_if == NULL) 676 return EINVAL; 677 678 /* Copy the ndrvSpec */ 679 if (proc_is64bit(sopt->sopt_p)) { 680 struct ndrv_protocol_desc64 ndrvSpec64; 681 682 if (sopt->sopt_valsize != sizeof(ndrvSpec64)) 683 return EINVAL; 684 685 error = sooptcopyin(sopt, &ndrvSpec64, sizeof(ndrvSpec64), sizeof(ndrvSpec64)); 686 if (error != 0) 687 return error; 688 689 ndrvSpec.version = ndrvSpec64.version; 690 ndrvSpec.protocol_family = ndrvSpec64.protocol_family; 691 ndrvSpec.demux_count = ndrvSpec64.demux_count; 692 693 user_addr = ndrvSpec64.demux_list; 694 } 695 else { 696 struct ndrv_protocol_desc32 ndrvSpec32; 697 698 if (sopt->sopt_valsize != sizeof(ndrvSpec32)) 699 return EINVAL; 700 701 error = sooptcopyin(sopt, &ndrvSpec32, sizeof(ndrvSpec32), sizeof(ndrvSpec32)); 702 if (error != 0) 703 return error; 704 705 ndrvSpec.version = ndrvSpec32.version; 706 ndrvSpec.protocol_family = ndrvSpec32.protocol_family; 707 ndrvSpec.demux_count = ndrvSpec32.demux_count; 708 709 user_addr = CAST_USER_ADDR_T(ndrvSpec32.demux_list); 710 } 711 712 /* Verify the parameter */ 713 if (ndrvSpec.version > NDRV_PROTOCOL_DESC_VERS) 714 return ENOTSUP; // version is too new! 715 else if (ndrvSpec.version < 1) 716 return EINVAL; // version is not valid 717 else if (ndrvSpec.demux_count > NDRV_PROTODEMUX_COUNT || ndrvSpec.demux_count == 0) 718 return EINVAL; // demux_count is not valid 719 720 bzero(&proto_param, sizeof(proto_param)); 721 proto_param.demux_count = ndrvSpec.demux_count; 722 723 /* Allocate storage for demux array */ 724 MALLOC(ndrvDemux, struct ndrv_demux_desc*, proto_param.demux_count * 725 sizeof(struct ndrv_demux_desc), M_TEMP, M_WAITOK); 726 if (ndrvDemux == NULL) 727 return ENOMEM; 728 729 /* Allocate enough ifnet_demux_descs */ 730 MALLOC(proto_param.demux_array, struct ifnet_demux_desc*, 731 sizeof(*proto_param.demux_array) * ndrvSpec.demux_count, 732 M_TEMP, M_WAITOK); 733 if (proto_param.demux_array == NULL) 734 error = ENOMEM; 735 736 if (error == 0) 737 { 738 /* Copy the ndrv demux array from userland */ 739 error = copyin(user_addr, ndrvDemux, 740 ndrvSpec.demux_count * sizeof(struct ndrv_demux_desc)); 741 ndrvSpec.demux_list = ndrvDemux; 742 } 743 744 if (error == 0) 745 { 746 /* At this point, we've at least got enough bytes to start looking around */ 747 u_int32_t demuxOn = 0; 748 749 proto_param.demux_count = ndrvSpec.demux_count; 750 proto_param.input = ndrv_input; 751 proto_param.event = ndrv_event; 752 753 for (demuxOn = 0; demuxOn < ndrvSpec.demux_count; demuxOn++) 754 { 755 /* Convert an ndrv_demux_desc to a ifnet_demux_desc */ 756 error = ndrv_to_ifnet_demux(&ndrvSpec.demux_list[demuxOn], 757 &proto_param.demux_array[demuxOn]); 758 if (error) 759 break; 760 } 761 } 762 763 if (error == 0) 764 { 765 /* We've got all our ducks lined up...lets attach! */ 766 socket_unlock(so, 0); 767 error = ifnet_attach_protocol(np->nd_if, ndrvSpec.protocol_family, 768 &proto_param); 769 socket_lock(so, 0); 770 if (error == 0) 771 np->nd_proto_family = ndrvSpec.protocol_family; 772 } 773 774 /* Free any memory we've allocated */ 775 if (proto_param.demux_array) 776 FREE(proto_param.demux_array, M_TEMP); 777 if (ndrvDemux) 778 FREE(ndrvDemux, M_TEMP); 779 780 return error; 781} 782 783 784int 785ndrv_to_ifnet_demux(struct ndrv_demux_desc* ndrv, struct ifnet_demux_desc* ifdemux) 786{ 787 bzero(ifdemux, sizeof(*ifdemux)); 788 789 if (ndrv->type < DLIL_DESC_ETYPE2) 790 { 791 /* using old "type", not supported */ 792 return ENOTSUP; 793 } 794 795 if (ndrv->length > 28) 796 { 797 return EINVAL; 798 } 799 800 ifdemux->type = ndrv->type; 801 ifdemux->data = ndrv->data.other; 802 ifdemux->datalen = ndrv->length; 803 804 return 0; 805} 806 807int 808ndrv_delspec(struct ndrv_cb *np) 809{ 810 int result = 0; 811 812 if (np->nd_proto_family == PF_NDRV || 813 np->nd_proto_family == 0) 814 return EINVAL; 815 816 /* Detach the protocol */ 817 result = ifnet_detach_protocol(np->nd_if, np->nd_proto_family); 818 np->nd_proto_family = PF_NDRV; 819 820 return result; 821} 822 823struct ndrv_cb * 824ndrv_find_inbound(struct ifnet *ifp, u_int32_t protocol) 825{ 826 struct ndrv_cb* np; 827 828 if (protocol == PF_NDRV) return NULL; 829 830 TAILQ_FOREACH(np, &ndrvl, nd_next) { 831 if (np->nd_proto_family == protocol && 832 np->nd_if == ifp) { 833 return np; 834 } 835 } 836 837 return NULL; 838} 839 840static void 841ndrv_handle_ifp_detach(u_int32_t family, short unit) 842{ 843 struct ndrv_cb* np; 844 struct ifnet *ifp = NULL; 845 struct socket *so; 846 847 /* Find all sockets using this interface. */ 848 TAILQ_FOREACH(np, &ndrvl, nd_next) { 849 if (np->nd_family == family && 850 np->nd_unit == unit) 851 { 852 /* This cb is using the detaching interface, but not for long. */ 853 /* Let the protocol go */ 854 ifp = np->nd_if; 855 if (np->nd_proto_family != 0) 856 ndrv_delspec(np); 857 858 /* Delete the multicasts first */ 859 ndrv_remove_all_multicast(np); 860 861 /* Disavow all knowledge of the ifp */ 862 np->nd_if = NULL; 863 np->nd_unit = 0; 864 np->nd_family = 0; 865 866 so = np->nd_socket; 867 /* Make sure sending returns an error */ 868 lck_mtx_assert(ndrvdomain->dom_mtx, LCK_MTX_ASSERT_OWNED); 869 socantsendmore(so); 870 socantrcvmore(so); 871 } 872 } 873 874 /* Unregister our protocol */ 875 if (ifp) { 876 ifnet_detach_protocol(ifp, PF_NDRV); 877 } 878} 879 880static int 881ndrv_do_add_multicast(struct ndrv_cb *np, struct sockopt *sopt) 882{ 883 struct ndrv_multiaddr* ndrv_multi; 884 int result; 885 886 if (sopt->sopt_val == 0 || sopt->sopt_valsize < 2 || 887 sopt->sopt_level != SOL_NDRVPROTO || sopt->sopt_valsize > SOCK_MAXADDRLEN) 888 return EINVAL; 889 if (np->nd_if == NULL) 890 return ENXIO; 891 if (!(np->nd_dlist_cnt < ndrv_multi_max_count)) 892 return EPERM; 893 894 // Allocate storage 895 MALLOC(ndrv_multi, struct ndrv_multiaddr*, sizeof(struct ndrv_multiaddr) - 896 sizeof(struct sockaddr) + sopt->sopt_valsize, M_IFADDR, M_WAITOK); 897 if (ndrv_multi == NULL) 898 return ENOMEM; 899 900 // Copy in the address 901 result = copyin(sopt->sopt_val, &ndrv_multi->addr, sopt->sopt_valsize); 902 903 // Validate the sockaddr 904 if (result == 0 && sopt->sopt_valsize != ndrv_multi->addr.sa_len) 905 result = EINVAL; 906 907 if (result == 0 && ndrv_have_multicast(np, &ndrv_multi->addr)) 908 result = EEXIST; 909 910 if (result == 0) 911 { 912 // Try adding the multicast 913 result = ifnet_add_multicast(np->nd_if, &ndrv_multi->addr, 914 &ndrv_multi->ifma); 915 } 916 917 if (result == 0) 918 { 919 // Add to our linked list 920 ndrv_multi->next = np->nd_multiaddrs; 921 np->nd_multiaddrs = ndrv_multi; 922 np->nd_dlist_cnt++; 923 } 924 else 925 { 926 // Free up the memory, something went wrong 927 FREE(ndrv_multi, M_IFADDR); 928 } 929 930 return result; 931} 932 933static int 934ndrv_do_remove_multicast(struct ndrv_cb *np, struct sockopt *sopt) 935{ 936 struct sockaddr* multi_addr; 937 struct ndrv_multiaddr* ndrv_entry = NULL; 938 int result; 939 940 if (sopt->sopt_val == 0 || sopt->sopt_valsize < 2 || 941 sopt->sopt_level != SOL_NDRVPROTO) 942 return EINVAL; 943 if (np->nd_if == NULL || np->nd_dlist_cnt == 0) 944 return ENXIO; 945 946 // Allocate storage 947 MALLOC(multi_addr, struct sockaddr*, sopt->sopt_valsize, 948 M_TEMP, M_WAITOK); 949 if (multi_addr == NULL) 950 return ENOMEM; 951 952 // Copy in the address 953 result = copyin(sopt->sopt_val, multi_addr, sopt->sopt_valsize); 954 955 // Validate the sockaddr 956 if (result == 0 && sopt->sopt_valsize != multi_addr->sa_len) 957 result = EINVAL; 958 959 if (result == 0) 960 { 961 /* Find the old entry */ 962 ndrv_entry = ndrv_have_multicast(np, multi_addr); 963 964 if (ndrv_entry == NULL) 965 result = ENOENT; 966 } 967 968 if (result == 0) 969 { 970 // Try deleting the multicast 971 result = ifnet_remove_multicast(ndrv_entry->ifma); 972 } 973 974 if (result == 0) 975 { 976 // Remove from our linked list 977 struct ndrv_multiaddr* cur = np->nd_multiaddrs; 978 979 ifmaddr_release(ndrv_entry->ifma); 980 981 if (cur == ndrv_entry) 982 { 983 np->nd_multiaddrs = cur->next; 984 } 985 else 986 { 987 for (cur = cur->next; cur != NULL; cur = cur->next) 988 { 989 if (cur->next == ndrv_entry) 990 { 991 cur->next = cur->next->next; 992 break; 993 } 994 } 995 } 996 997 np->nd_dlist_cnt--; 998 999 // Free the memory 1000 FREE(ndrv_entry, M_IFADDR); 1001 } 1002 FREE(multi_addr, M_TEMP); 1003 1004 return result; 1005} 1006 1007static struct ndrv_multiaddr* 1008ndrv_have_multicast(struct ndrv_cb *np, struct sockaddr* inAddr) 1009{ 1010 struct ndrv_multiaddr* cur; 1011 for (cur = np->nd_multiaddrs; cur != NULL; cur = cur->next) 1012 { 1013 1014 if ((inAddr->sa_len == cur->addr.sa_len) && 1015 (bcmp(&cur->addr, inAddr, inAddr->sa_len) == 0)) 1016 { 1017 // Found a match 1018 return cur; 1019 } 1020 } 1021 1022 return NULL; 1023} 1024 1025static void 1026ndrv_remove_all_multicast(struct ndrv_cb* np) 1027{ 1028 struct ndrv_multiaddr* cur; 1029 1030 if (np->nd_if != NULL) 1031 { 1032 while (np->nd_multiaddrs != NULL) 1033 { 1034 cur = np->nd_multiaddrs; 1035 np->nd_multiaddrs = cur->next; 1036 1037 ifnet_remove_multicast(cur->ifma); 1038 ifmaddr_release(cur->ifma); 1039 FREE(cur, M_IFADDR); 1040 } 1041 } 1042} 1043 1044static struct pr_usrreqs ndrv_usrreqs = { 1045 .pru_abort = ndrv_abort, 1046 .pru_attach = ndrv_attach, 1047 .pru_bind = ndrv_bind, 1048 .pru_connect = ndrv_connect, 1049 .pru_detach = ndrv_detach, 1050 .pru_disconnect = ndrv_disconnect, 1051 .pru_peeraddr = ndrv_peeraddr, 1052 .pru_send = ndrv_send, 1053 .pru_shutdown = ndrv_shutdown, 1054 .pru_sockaddr = ndrv_sockaddr, 1055 .pru_sosend = sosend, 1056 .pru_soreceive = soreceive, 1057}; 1058 1059static struct protosw ndrvsw[] = { 1060{ 1061 .pr_type = SOCK_RAW, 1062 .pr_protocol = NDRVPROTO_NDRV, 1063 .pr_flags = PR_ATOMIC|PR_ADDR, 1064 .pr_output = ndrv_output, 1065 .pr_ctloutput = ndrv_ctloutput, 1066 .pr_usrreqs = &ndrv_usrreqs, 1067} 1068}; 1069 1070static int ndrv_proto_count = (sizeof (ndrvsw) / sizeof (struct protosw)); 1071 1072struct domain ndrvdomain_s = { 1073 .dom_family = PF_NDRV, 1074 .dom_name = "NetDriver", 1075 .dom_init = ndrv_dominit, 1076}; 1077 1078static void 1079ndrv_dominit(struct domain *dp) 1080{ 1081 struct protosw *pr; 1082 int i; 1083 1084 VERIFY(!(dp->dom_flags & DOM_INITIALIZED)); 1085 VERIFY(ndrvdomain == NULL); 1086 1087 ndrvdomain = dp; 1088 1089 for (i = 0, pr = &ndrvsw[0]; i < ndrv_proto_count; i++, pr++) 1090 net_add_proto(pr, dp, 1); 1091} 1092