ip_helper_stream.c revision 8449:c68d58b57324 
1/*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21
22/*
23 * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
24 * Use is subject to license terms.
25 */
26
27#include <sys/types.h>
28#include <inet/ip.h>
29#include <inet/ip_impl.h>
30#include <inet/ipclassifier.h>
31#include <inet/proto_set.h>
32#include <sys/stream.h>
33#include <sys/strsubr.h>
34#include <sys/strsun.h>
35#include <sys/cmn_err.h>
36#include <sys/t_kuser.h>
37#include <sys/tihdr.h>
38#include <sys/pathname.h>
39#include <sys/sockio.h>
40#include <sys/vmem.h>
41#include <sys/disp.h>
42
43void ip_helper_wput(queue_t *q, mblk_t *mp);
44
45static int ip_helper_stream_close(queue_t *, int);
46
47static struct module_info ip_helper_stream_info =  {
48	0, "iphelper", IP_MOD_MINPSZ, IP_MOD_MAXPSZ, IP_MOD_HIWAT, IP_MOD_LOWAT
49};
50
51static struct qinit ip_helper_stream_rinit = {
52	NULL, NULL, NULL, ip_helper_stream_close, NULL,
53	&ip_helper_stream_info, NULL
54};
55
56static struct qinit ip_helper_stream_winit = {
57	(pfi_t)ip_helper_wput, (pfi_t)ip_wsrv, NULL, NULL, NULL,
58	&ip_helper_stream_info, NULL, NULL, NULL, STRUIOT_NONE
59};
60
61#define	IP_USE_HELPER_CACHE	(ip_helper_stream_cache != NULL)
62
63/*
64 * set the q_ptr of the 'q' to the conn_t pointer passed in
65 */
66static void
67ip_helper_share_conn(queue_t *q, mblk_t *mp)
68{
69	if (IP_USE_HELPER_CACHE) {
70		ip_helper_stream_info_t	*ip_helper_info;
71
72		ip_helper_info = *((ip_helper_stream_info_t **)
73		    mp->b_cont->b_rptr);
74		ip_helper_info->iphs_minfo = q->q_ptr;
75		ip_helper_info->iphs_rq = RD(q);
76		ip_helper_info->iphs_wq = WR(q);
77	} else {
78		conn_t *connp = *((conn_t **)mp->b_cont->b_rptr);
79
80		connp->conn_helper_info->iphs_minfo = q->q_ptr;
81		connp->conn_helper_info->iphs_rq = RD(q);
82		connp->conn_helper_info->iphs_wq = WR(q);
83		WR(q)->q_ptr = RD(q)->q_ptr = (void *)connp;
84		connp->conn_rq = RD(q);
85		connp->conn_wq = WR(q);
86	}
87	miocack(q, mp, 0, 0);
88}
89
90void
91ip_helper_wput(queue_t *q, mblk_t *mp)
92{
93	struct iocblk *iocp = (struct iocblk *)mp->b_rptr;
94	if (DB_TYPE(mp) == M_IOCTL &&
95	    iocp->ioc_cmd == SIOCSQPTR) {
96		ip_helper_share_conn(q, mp);
97	} else {
98		conn_t *connp = (conn_t *)q->q_ptr;
99
100		if (connp->conn_af_isv6) {
101			ip_wput_v6(q, mp);
102		} else {
103			ip_wput(q, mp);
104		}
105	}
106}
107
108/* ARGSUSED */
109int
110ip_helper_stream_setup(queue_t *q, dev_t *devp, int flag, int sflag,
111    cred_t *credp, boolean_t isv6)
112{
113	major_t			maj;
114	ip_helper_minfo_t	*ip_minfop;
115
116	ASSERT((flag & ~(FKLYR)) == IP_HELPER_STR);
117
118	ASSERT(RD(q) == q);
119
120	ip_minfop = kmem_alloc(sizeof (ip_helper_minfo_t), KM_NOSLEEP);
121	if (ip_minfop == NULL) {
122		return (ENOMEM);
123	}
124
125	ip_minfop->ip_minfo_dev = 0;
126	ip_minfop->ip_minfo_arena = NULL;
127
128	/*
129	 * Clone the device, allocate minor device number
130	 */
131	if (ip_minor_arena_la != NULL)
132		ip_minfop->ip_minfo_dev = inet_minor_alloc(ip_minor_arena_la);
133
134	if (ip_minfop->ip_minfo_dev == 0) {
135		/*
136		 * numbers in the large arena are exhausted
137		 * Try small arena.
138		 * Or this is a 32 bit system, 32 bit systems do not have
139		 * ip_minor_arena_la
140		 */
141		ip_minfop->ip_minfo_dev = inet_minor_alloc(ip_minor_arena_sa);
142		if (ip_minfop->ip_minfo_dev == 0) {
143			return (EBUSY);
144		}
145		ip_minfop->ip_minfo_arena = ip_minor_arena_sa;
146	} else {
147		ip_minfop->ip_minfo_arena = ip_minor_arena_la;
148	}
149
150
151	ASSERT(ip_minfop->ip_minfo_dev != 0);
152	ASSERT(ip_minfop->ip_minfo_arena != NULL);
153
154	RD(q)->q_ptr = WR(q)->q_ptr = ip_minfop;
155
156	maj = getemajor(*devp);
157	*devp = makedevice(maj, (ulong_t)(ip_minfop->ip_minfo_dev));
158
159	q->q_qinfo = &ip_helper_stream_rinit;
160	WR(q)->q_qinfo = &ip_helper_stream_winit;
161	qprocson(q);
162	return (0);
163}
164
165/* ARGSUSED */
166static int
167ip_helper_stream_close(queue_t *q, int flag)
168{
169	ip_helper_minfo_t *ip_minfop;
170
171	qprocsoff(q);
172	ip_minfop = (q)->q_ptr;
173	inet_minor_free(ip_minfop->ip_minfo_arena,
174	    ip_minfop->ip_minfo_dev);
175	kmem_free(ip_minfop, sizeof (ip_helper_minfo_t));
176	RD(q)->q_ptr = NULL;
177	WR(q)->q_ptr = NULL;
178	return (0);
179}
180
181/*
182 * Public interface for creating an IP stream with shared conn_t
183 */
184/* ARGSUSED */
185int
186ip_create_helper_stream(conn_t *connp, ldi_ident_t li)
187{
188	int	error;
189	int	ret;
190
191	ASSERT(!servicing_interrupt());
192
193	error = 0;
194	if (IP_USE_HELPER_CACHE) {
195		queue_t	*rq, *wq;
196
197		connp->conn_helper_info = kmem_cache_alloc(
198		    ip_helper_stream_cache, KM_NOSLEEP);
199		if (connp->conn_helper_info == NULL)
200			return (EAGAIN);
201		rq = connp->conn_helper_info->iphs_rq;
202		wq = connp->conn_helper_info->iphs_wq;
203		/*
204		 * Doesn't need to hold the QLOCK for there is no one else
205		 * should have a pointer to this queue.
206		 */
207		rq->q_flag |= QWANTR;
208		wq->q_flag |= QWANTR;
209
210		connp->conn_rq = rq;
211		connp->conn_wq = wq;
212		rq->q_ptr = (void *)connp;
213		wq->q_ptr = (void *)connp;
214	} else {
215		ASSERT(connp->conn_helper_info == NULL);
216		connp->conn_helper_info = kmem_alloc(
217		    sizeof (ip_helper_stream_info_t), KM_SLEEP);
218		/*
219		 * open ip device via the layered interface.
220		 * pass in kcred as some threads do not have the
221		 * priviledge to open /dev/ip and the check in
222		 * secpolicy_spec_open() will fail the open
223		 */
224		error = ldi_open_by_name(connp->conn_af_isv6 ?
225		    DEV_IP6 : DEV_IP, IP_HELPER_STR,
226		    kcred, &connp->conn_helper_info->iphs_handle, li);
227
228		if (error != 0) {
229			kmem_free(connp->conn_helper_info,
230			    (sizeof (ip_helper_stream_info_t)));
231			connp->conn_helper_info = NULL;
232			return (error);
233		}
234		/*
235		 * Share connp with the helper stream
236		 */
237		error = ldi_ioctl(connp->conn_helper_info->iphs_handle,
238		    SIOCSQPTR, (intptr_t)connp, FKIOCTL, kcred, &ret);
239
240		if (error != 0) {
241			/*
242			 * Passing in a zero flag indicates that an error
243			 * occured and stream was not shared
244			 */
245			(void) ldi_close(connp->conn_helper_info->iphs_handle,
246			    0, kcred);
247			kmem_free(connp->conn_helper_info,
248			    (sizeof (ip_helper_stream_info_t)));
249			connp->conn_helper_info = NULL;
250		}
251	}
252	return (error);
253}
254
255/*
256 * Public interface for closing the shared IP stream
257 */
258/* ARGSUSED */
259void
260ip_close_helper_stream(conn_t *connp)
261{
262	ASSERT(!servicing_interrupt());
263	if (IP_USE_HELPER_CACHE) {
264
265		if (connp->conn_helper_info == NULL)
266			return;
267		ASSERT(connp->conn_helper_info->iphs_rq != NULL);
268		ASSERT(connp->conn_helper_info->iphs_wq != NULL);
269
270		/* Prevent service procedures from being called */
271		disable_svc(connp->conn_helper_info->iphs_rq);
272
273		/* Wait until service procedure of each queue is run */
274		wait_svc(connp->conn_helper_info->iphs_rq);
275
276		/* Cleanup any pending ioctls */
277		conn_ioctl_cleanup(connp);
278
279		/* Allow service procedures to be called again */
280		enable_svc(connp->conn_helper_info->iphs_rq);
281
282		/* Flush the queues */
283		flushq(connp->conn_helper_info->iphs_rq, FLUSHALL);
284		flushq(connp->conn_helper_info->iphs_wq, FLUSHALL);
285
286		connp->conn_helper_info->iphs_rq->q_ptr = NULL;
287		connp->conn_helper_info->iphs_wq->q_ptr = NULL;
288
289		kmem_cache_free(ip_helper_stream_cache,
290		    connp->conn_helper_info);
291	} else {
292		ASSERT(
293		    connp->conn_helper_info->iphs_handle != NULL);
294
295		connp->conn_helper_info->iphs_rq->q_ptr =
296		    connp->conn_helper_info->iphs_wq->q_ptr =
297		    connp->conn_helper_info->iphs_minfo;
298		(void) ldi_close(connp->conn_helper_info->iphs_handle,
299		    IP_HELPER_STR, kcred);
300		kmem_free(connp->conn_helper_info,
301		    sizeof (ip_helper_stream_info_t));
302	}
303	connp->conn_helper_info = NULL;
304}
305
306/*
307 * create a T_SVR4_OPTMGMT_REQ TPI message and send down the IP stream
308 */
309static int
310ip_send_option_request(conn_t *connp, uint_t optset_context, int level,
311    int option_name, const void *optval, t_uscalar_t optlen, cred_t *cr)
312{
313	struct T_optmgmt_req	*optmgmt_reqp;
314	struct opthdr		*ohp;
315	ssize_t			size;
316	mblk_t			*mp;
317
318	size = sizeof (struct T_optmgmt_req) + sizeof (struct opthdr) + optlen;
319	mp = allocb_cred(size, cr);
320	if (mp == NULL)
321		return (ENOMEM);
322
323	mp->b_datap->db_type = M_PROTO;
324	optmgmt_reqp = (struct T_optmgmt_req *)mp->b_wptr;
325
326	optmgmt_reqp->PRIM_type = T_SVR4_OPTMGMT_REQ;
327	optmgmt_reqp->MGMT_flags = optset_context;
328	optmgmt_reqp->OPT_length = (t_scalar_t)sizeof (struct opthdr) + optlen;
329	optmgmt_reqp->OPT_offset = (t_scalar_t)sizeof (struct T_optmgmt_req);
330
331	mp->b_wptr += sizeof (struct T_optmgmt_req);
332
333	ohp = (struct opthdr *)mp->b_wptr;
334
335	ohp->level = level;
336	ohp->name = option_name;
337	ohp->len = optlen;
338
339	mp->b_wptr += sizeof (struct opthdr);
340
341	if (optval != NULL) {
342		bcopy(optval, mp->b_wptr, optlen);
343	} else {
344		bzero(mp->b_wptr, optlen);
345	}
346	mp->b_wptr += optlen;
347
348	/*
349	 * Send down the primitive
350	 */
351	return (ldi_putmsg(connp->conn_helper_info->iphs_handle, mp));
352}
353
354/*
355 * wait/process the response to T_SVR4_OPTMGMT_REQ TPI message
356 */
357static int
358ip_get_option_response(conn_t *connp, uint_t optset_context, void *optval,
359    t_uscalar_t *optlenp)
360{
361	union T_primitives	*tpr;
362	int			error;
363	mblk_t			*mp;
364
365	mp = NULL;
366
367	ASSERT(optset_context == T_CHECK || optset_context == T_NEGOTIATE);
368	error = ldi_getmsg(connp->conn_helper_info->iphs_handle, &mp, NULL);
369	if (error != 0) {
370		return (error);
371	}
372
373	if (DB_TYPE(mp) != M_PCPROTO || MBLKL(mp) < sizeof (tpr->type)) {
374		error = EPROTO;
375		goto done;
376	}
377
378	tpr = (union T_primitives *)mp->b_rptr;
379
380	switch (tpr->type) {
381	case T_OPTMGMT_ACK:
382		if (MBLKL(mp) < TOPTMGMTACKSZ)
383			error = EPROTO;
384		break;
385	case T_ERROR_ACK:
386		if (MBLKL(mp) < TERRORACKSZ) {
387			error = EPROTO;
388			break;
389		}
390
391		if (tpr->error_ack.TLI_error == TSYSERR)
392			error = tpr->error_ack.UNIX_error;
393		else
394			error = proto_tlitosyserr(tpr->error_ack.TLI_error);
395		break;
396	default:
397		error = EPROTO;
398		break;
399	}
400
401	if ((optset_context == T_CHECK) && (error == 0)) {
402		struct opthdr		*opt_res;
403		t_uscalar_t		len;
404		t_uscalar_t		size;
405		t_uscalar_t		maxlen = *optlenp;
406		void			*option;
407		struct T_optmgmt_ack	*optmgmt_ack;
408
409		optmgmt_ack = (struct T_optmgmt_ack *)mp->b_rptr;
410		opt_res = (struct opthdr *)
411		    ((uintptr_t)mp->b_rptr +  optmgmt_ack->OPT_offset);
412		/*
413		 * Check mblk boundary
414		 */
415		if (!MBLKIN(mp, optmgmt_ack->OPT_offset,
416		    optmgmt_ack->OPT_length)) {
417			error = EPROTO;
418			goto done;
419		}
420
421		/*
422		 * Check alignment
423		 */
424		if ((((uintptr_t)opt_res) & (__TPI_ALIGN_SIZE - 1)) != 0) {
425			error = EPROTO;
426			goto done;
427		}
428
429		option = &opt_res[1];
430
431		/* check to ensure that the option is within bounds */
432		if ((((uintptr_t)option + opt_res->len) < (uintptr_t)option) ||
433		    !MBLKIN(mp, sizeof (struct opthdr), opt_res->len)) {
434			error = EPROTO;
435			goto done;
436		}
437
438		len = opt_res->len;
439		size = MIN(len, maxlen);
440
441		/*
442		 * Copy data
443		 */
444		bcopy(option, optval, size);
445		bcopy(&size, optlenp, sizeof (size));
446	}
447
448done:
449	freemsg(mp);
450	return (error);
451}
452
453/*
454 * Public interface to get socketoptions via the ip helper stream.
455 */
456int
457ip_get_options(conn_t *connp, int level, int option_name, void *optval,
458    t_uscalar_t *optlenp, cred_t *cr)
459{
460	int			error;
461
462	error = ip_send_option_request(connp, T_CHECK, level, option_name, NULL,
463	    *optlenp, cr);
464	if (error)
465		return (error);
466
467	return (ip_get_option_response(connp, T_CHECK, optval, optlenp));
468}
469
470/*
471 * Public interface to set socket options via the ip helper stream.
472 */
473int
474ip_set_options(conn_t *connp, int level, int option_name, const void *optval,
475    t_uscalar_t optlen, cred_t *cr)
476{
477
478	int	error;
479
480	error = ip_send_option_request(connp, T_NEGOTIATE, level, option_name,
481	    optval, optlen, cr);
482	if (error)
483		return (error);
484
485	return (ip_get_option_response(connp, T_NEGOTIATE, (void *)optval,
486	    &optlen));
487}
488