Gitiles
Code Review Sign In
code.illumos.org / illumos-gate / de8c4a14ec9a49bad5e62b2cfa6c1ba21de1c708 / . / usr / src / uts / common / inet / ip / ip_helper_stream.c
blob: 6f5608e950320c4fb5d4d9494397f9a5b02302e6 [file] [log] [blame]
/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License (the "License").
* You may not use this file except in compliance with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* or http://www.opensolaris.org/os/licensing.
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information: Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*/
/*
* Copyright 2009 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*/
#include <sys/types.h>
#include <inet/ip.h>
#include <inet/ip_impl.h>
#include <inet/ipclassifier.h>
#include <inet/proto_set.h>
#include <sys/stream.h>
#include <sys/strsubr.h>
#include <sys/strsun.h>
#include <sys/cmn_err.h>
#include <sys/t_kuser.h>
#include <sys/tihdr.h>
#include <sys/pathname.h>
#include <sys/sockio.h>
#include <sys/vmem.h>
#include <sys/disp.h>
void ip_helper_wput(queue_t *q, mblk_t *mp);
static int ip_helper_stream_close(queue_t *, int);
static struct module_info ip_helper_stream_info = {
0, "iphelper", IP_MOD_MINPSZ, IP_MOD_MAXPSZ, IP_MOD_HIWAT, IP_MOD_LOWAT
};
static struct qinit ip_helper_stream_rinit = {
NULL, NULL, NULL, ip_helper_stream_close, NULL,
&ip_helper_stream_info, NULL
};
static struct qinit ip_helper_stream_winit = {
(pfi_t)ip_helper_wput, (pfi_t)ip_wsrv, NULL, NULL, NULL,
&ip_helper_stream_info, NULL, NULL, NULL, STRUIOT_NONE
};
#define IP_USE_HELPER_CACHE (ip_helper_stream_cache != NULL)
/*
* set the q_ptr of the 'q' to the conn_t pointer passed in
*/
static void
ip_helper_share_conn(queue_t *q, mblk_t *mp, cred_t *crp)
{
/*
* This operation is allowed only on helper streams with kcred
*/
if (kcred != crp || msgdsize(mp->b_cont) != sizeof (void *)) {
miocnak(q, mp, 0, EINVAL);
return;
}
if (IP_USE_HELPER_CACHE) {
ip_helper_stream_info_t *ip_helper_info;
ip_helper_info = *((ip_helper_stream_info_t **)
mp->b_cont->b_rptr);
ip_helper_info->iphs_minfo = q->q_ptr;
ip_helper_info->iphs_rq = RD(q);
ip_helper_info->iphs_wq = WR(q);
} else {
conn_t *connp = *((conn_t **)mp->b_cont->b_rptr);
connp->conn_helper_info->iphs_minfo = q->q_ptr;
connp->conn_helper_info->iphs_rq = RD(q);
connp->conn_helper_info->iphs_wq = WR(q);
WR(q)->q_ptr = RD(q)->q_ptr = (void *)connp;
connp->conn_rq = RD(q);
connp->conn_wq = WR(q);
}
miocack(q, mp, 0, 0);
}
void
ip_helper_wput(queue_t *q, mblk_t *mp)
{
struct iocblk *iocp = (struct iocblk *)mp->b_rptr;
if (DB_TYPE(mp) == M_IOCTL &&
iocp->ioc_cmd == SIOCSQPTR) {
ip_helper_share_conn(q, mp, iocp->ioc_cr);
} else {
conn_t *connp = (conn_t *)q->q_ptr;
if (connp->conn_af_isv6) {
ip_wput_v6(q, mp);
} else {
ip_wput(q, mp);
}
}
}
/* ARGSUSED */
int
ip_helper_stream_setup(queue_t *q, dev_t *devp, int flag, int sflag,
cred_t *credp, boolean_t isv6)
{
major_t maj;
ip_helper_minfo_t *ip_minfop;
ASSERT((flag & ~(FKLYR)) == IP_HELPER_STR);
ASSERT(RD(q) == q);
ip_minfop = kmem_alloc(sizeof (ip_helper_minfo_t), KM_NOSLEEP);
if (ip_minfop == NULL) {
return (ENOMEM);
}
ip_minfop->ip_minfo_dev = 0;
ip_minfop->ip_minfo_arena = NULL;
/*
* Clone the device, allocate minor device number
*/
if (ip_minor_arena_la != NULL)
ip_minfop->ip_minfo_dev = inet_minor_alloc(ip_minor_arena_la);
if (ip_minfop->ip_minfo_dev == 0) {
/*
* numbers in the large arena are exhausted
* Try small arena.
* Or this is a 32 bit system, 32 bit systems do not have
* ip_minor_arena_la
*/
ip_minfop->ip_minfo_dev = inet_minor_alloc(ip_minor_arena_sa);
if (ip_minfop->ip_minfo_dev == 0) {
return (EBUSY);
}
ip_minfop->ip_minfo_arena = ip_minor_arena_sa;
} else {
ip_minfop->ip_minfo_arena = ip_minor_arena_la;
}
ASSERT(ip_minfop->ip_minfo_dev != 0);
ASSERT(ip_minfop->ip_minfo_arena != NULL);
RD(q)->q_ptr = WR(q)->q_ptr = ip_minfop;
maj = getemajor(*devp);
*devp = makedevice(maj, (ulong_t)(ip_minfop->ip_minfo_dev));
q->q_qinfo = &ip_helper_stream_rinit;
WR(q)->q_qinfo = &ip_helper_stream_winit;
qprocson(q);
return (0);
}
/* ARGSUSED */
static int
ip_helper_stream_close(queue_t *q, int flag)
{
ip_helper_minfo_t *ip_minfop;
qprocsoff(q);
ip_minfop = (q)->q_ptr;
inet_minor_free(ip_minfop->ip_minfo_arena,
ip_minfop->ip_minfo_dev);
kmem_free(ip_minfop, sizeof (ip_helper_minfo_t));
RD(q)->q_ptr = NULL;
WR(q)->q_ptr = NULL;
return (0);
}
/*
* Public interface for creating an IP stream with shared conn_t
*/
/* ARGSUSED */
int
ip_create_helper_stream(conn_t *connp, ldi_ident_t li)
{
int error;
int ret;
ASSERT(!servicing_interrupt());
error = 0;
if (IP_USE_HELPER_CACHE) {
connp->conn_helper_info = kmem_cache_alloc(
ip_helper_stream_cache, KM_NOSLEEP);
if (connp->conn_helper_info == NULL)
return (EAGAIN);
connp->conn_rq = connp->conn_helper_info->iphs_rq;
connp->conn_wq = connp->conn_helper_info->iphs_wq;
/*
* Doesn't need to hold the QLOCK for there is no one else
* should have a pointer to this queue.
*/
connp->conn_rq->q_flag |= QWANTR;
connp->conn_wq->q_flag |= QWANTR;
connp->conn_rq->q_ptr = connp;
connp->conn_wq->q_ptr = connp;
} else {
ASSERT(connp->conn_helper_info == NULL);
connp->conn_helper_info = kmem_alloc(
sizeof (ip_helper_stream_info_t), KM_SLEEP);
/*
* open ip device via the layered interface.
* pass in kcred as some threads do not have the
* priviledge to open /dev/ip and the check in
* secpolicy_spec_open() will fail the open
*/
error = ldi_open_by_name(connp->conn_af_isv6 ?
DEV_IP6 : DEV_IP, IP_HELPER_STR,
kcred, &connp->conn_helper_info->iphs_handle, li);
if (error != 0) {
kmem_free(connp->conn_helper_info,
(sizeof (ip_helper_stream_info_t)));
connp->conn_helper_info = NULL;
return (error);
}
/*
* Share connp with the helper stream
*/
error = ldi_ioctl(connp->conn_helper_info->iphs_handle,
SIOCSQPTR, (intptr_t)connp, FKIOCTL, kcred, &ret);
if (error != 0) {
/*
* Passing in a zero flag indicates that an error
* occured and stream was not shared
*/
(void) ldi_close(connp->conn_helper_info->iphs_handle,
0, kcred);
kmem_free(connp->conn_helper_info,
(sizeof (ip_helper_stream_info_t)));
connp->conn_helper_info = NULL;
}
}
return (error);
}
/*
* Public interface for freeing IP helper stream
*/
/* ARGSUSED */
void
ip_free_helper_stream(conn_t *connp)
{
ASSERT(!servicing_interrupt());
if (IP_USE_HELPER_CACHE) {
if (connp->conn_helper_info == NULL)
return;
ASSERT(connp->conn_helper_info->iphs_rq != NULL);
ASSERT(connp->conn_helper_info->iphs_wq != NULL);
/* Prevent service procedures from being called */
disable_svc(connp->conn_helper_info->iphs_rq);
/* Wait until service procedure of each queue is run */
wait_svc(connp->conn_helper_info->iphs_rq);
/* Cleanup any pending ioctls */
conn_ioctl_cleanup(connp);
/* Allow service procedures to be called again */
enable_svc(connp->conn_helper_info->iphs_rq);
/* Flush the queues */
flushq(connp->conn_helper_info->iphs_rq, FLUSHALL);
flushq(connp->conn_helper_info->iphs_wq, FLUSHALL);
connp->conn_helper_info->iphs_rq->q_ptr = NULL;
connp->conn_helper_info->iphs_wq->q_ptr = NULL;
kmem_cache_free(ip_helper_stream_cache,
connp->conn_helper_info);
} else {
ASSERT(
connp->conn_helper_info->iphs_handle != NULL);
connp->conn_helper_info->iphs_rq->q_ptr =
connp->conn_helper_info->iphs_wq->q_ptr =
connp->conn_helper_info->iphs_minfo;
(void) ldi_close(connp->conn_helper_info->iphs_handle,
IP_HELPER_STR, kcred);
kmem_free(connp->conn_helper_info,
sizeof (ip_helper_stream_info_t));
}
connp->conn_helper_info = NULL;
}
/*
* create a T_SVR4_OPTMGMT_REQ TPI message and send down the IP stream
*/
static int
ip_send_option_request(conn_t *connp, uint_t optset_context, int level,
int option_name, const void *optval, t_uscalar_t optlen, cred_t *cr)
{
struct T_optmgmt_req *optmgmt_reqp;
struct opthdr *ohp;
ssize_t size;
mblk_t *mp;
size = sizeof (struct T_optmgmt_req) + sizeof (struct opthdr) + optlen;
/* Not used to generate UCRED, thus don't need correct pid */
mp = allocb_cred(size, cr, NOPID);
if (mp == NULL)
return (ENOMEM);
mp->b_datap->db_type = M_PROTO;
optmgmt_reqp = (struct T_optmgmt_req *)mp->b_wptr;
optmgmt_reqp->PRIM_type = T_SVR4_OPTMGMT_REQ;
optmgmt_reqp->MGMT_flags = optset_context;
optmgmt_reqp->OPT_length = (t_scalar_t)sizeof (struct opthdr) + optlen;
optmgmt_reqp->OPT_offset = (t_scalar_t)sizeof (struct T_optmgmt_req);
mp->b_wptr += sizeof (struct T_optmgmt_req);
ohp = (struct opthdr *)mp->b_wptr;
ohp->level = level;
ohp->name = option_name;
ohp->len = optlen;
mp->b_wptr += sizeof (struct opthdr);
if (optval != NULL) {
bcopy(optval, mp->b_wptr, optlen);
} else {
bzero(mp->b_wptr, optlen);
}
mp->b_wptr += optlen;
/*
* Send down the primitive
*/
return (ldi_putmsg(connp->conn_helper_info->iphs_handle, mp));
}
/*
* wait/process the response to T_SVR4_OPTMGMT_REQ TPI message
*/
static int
ip_get_option_response(conn_t *connp, uint_t optset_context, void *optval,
t_uscalar_t *optlenp)
{
union T_primitives *tpr;
int error;
mblk_t *mp;
mp = NULL;
ASSERT(optset_context == T_CHECK || optset_context == T_NEGOTIATE);
error = ldi_getmsg(connp->conn_helper_info->iphs_handle, &mp, NULL);
if (error != 0) {
return (error);
}
if (DB_TYPE(mp) != M_PCPROTO || MBLKL(mp) < sizeof (tpr->type)) {
error = EPROTO;
goto done;
}
tpr = (union T_primitives *)mp->b_rptr;
switch (tpr->type) {
case T_OPTMGMT_ACK:
if (MBLKL(mp) < TOPTMGMTACKSZ)
error = EPROTO;
break;
case T_ERROR_ACK:
if (MBLKL(mp) < TERRORACKSZ) {
error = EPROTO;
break;
}
if (tpr->error_ack.TLI_error == TSYSERR)
error = tpr->error_ack.UNIX_error;
else
error = proto_tlitosyserr(tpr->error_ack.TLI_error);
break;
default:
error = EPROTO;
break;
}
if ((optset_context == T_CHECK) && (error == 0)) {
struct opthdr *opt_res;
t_uscalar_t len;
t_uscalar_t size;
t_uscalar_t maxlen = *optlenp;
void *option;
struct T_optmgmt_ack *optmgmt_ack;
optmgmt_ack = (struct T_optmgmt_ack *)mp->b_rptr;
opt_res = (struct opthdr *)
((uintptr_t)mp->b_rptr + optmgmt_ack->OPT_offset);
/*
* Check mblk boundary
*/
if (!MBLKIN(mp, optmgmt_ack->OPT_offset,
optmgmt_ack->OPT_length)) {
error = EPROTO;
goto done;
}
/*
* Check alignment
*/
if ((((uintptr_t)opt_res) & (__TPI_ALIGN_SIZE - 1)) != 0) {
error = EPROTO;
goto done;
}
option = &opt_res[1];
/* check to ensure that the option is within bounds */
if ((((uintptr_t)option + opt_res->len) < (uintptr_t)option) ||
!MBLKIN(mp, sizeof (struct opthdr), opt_res->len)) {
error = EPROTO;
goto done;
}
len = opt_res->len;
size = MIN(len, maxlen);
/*
* Copy data
*/
bcopy(option, optval, size);
bcopy(&size, optlenp, sizeof (size));
}
done:
freemsg(mp);
return (error);
}
/*
* Public interface to get socketoptions via the ip helper stream.
*/
int
ip_get_options(conn_t *connp, int level, int option_name, void *optval,
t_uscalar_t *optlenp, cred_t *cr)
{
int error;
error = ip_send_option_request(connp, T_CHECK, level, option_name, NULL,
*optlenp, cr);
if (error)
return (error);
return (ip_get_option_response(connp, T_CHECK, optval, optlenp));
}
/*
* Public interface to set socket options via the ip helper stream.
*/
int
ip_set_options(conn_t *connp, int level, int option_name, const void *optval,
t_uscalar_t optlen, cred_t *cr)
{
int error;
error = ip_send_option_request(connp, T_NEGOTIATE, level, option_name,
optval, optlen, cr);
if (error)
return (error);
return (ip_get_option_response(connp, T_NEGOTIATE, (void *)optval,
&optlen));
}