From owner-p4-projects@FreeBSD.ORG Sun Mar 21 23:48:52 2010 Return-Path: Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id BE3C61065673; Sun, 21 Mar 2010 23:48:52 +0000 (UTC) Delivered-To: perforce@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 80597106566B for ; Sun, 21 Mar 2010 23:48:52 +0000 (UTC) (envelope-from anchie@FreeBSD.org) Received: from repoman.freebsd.org (repoman.freebsd.org [IPv6:2001:4f8:fff6::29]) by mx1.freebsd.org (Postfix) with ESMTP id 6DE338FC17 for ; Sun, 21 Mar 2010 23:48:52 +0000 (UTC) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.14.3/8.14.3) with ESMTP id o2LNmqYg010110 for ; Sun, 21 Mar 2010 23:48:52 GMT (envelope-from anchie@FreeBSD.org) Received: (from perforce@localhost) by repoman.freebsd.org (8.14.3/8.14.3/Submit) id o2LNmqRp010108 for perforce@freebsd.org; Sun, 21 Mar 2010 23:48:52 GMT (envelope-from anchie@FreeBSD.org) Date: Sun, 21 Mar 2010 23:48:52 GMT Message-Id: <201003212348.o2LNmqRp010108@repoman.freebsd.org> X-Authentication-Warning: repoman.freebsd.org: perforce set sender to anchie@FreeBSD.org using -f From: Ana Kukec To: Perforce Change Reviews Precedence: bulk Cc: Subject: PERFORCE change 175921 for review X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.5 List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 21 Mar 2010 23:48:53 -0000 http://p4web.freebsd.org/chv.cgi?CH=175921 Change 175921 by anchie@anchie_malimis on 2010/03/21 23:48:18 Initial framework for SEND socket for SEND API. Affected files ... .. //depot/projects/soc2009/anchie_send/src/sys/netinet/in.h#4 edit .. //depot/projects/soc2009/anchie_send/src/sys/netinet/ip_var.h#6 edit .. //depot/projects/soc2009/anchie_send/src/sys/netinet/raw_ip.c#5 edit .. //depot/projects/soc2009/anchie_send/src/sys/netinet6/icmp6.c#31 edit .. //depot/projects/soc2009/anchie_send/src/sys/netinet6/nd6.c#23 edit .. //depot/projects/soc2009/anchie_send/src/sys/netinet6/send.c#33 edit .. //depot/projects/soc2009/anchie_send/src/sys/netinet6/send.h#17 edit Differences ... ==== //depot/projects/soc2009/anchie_send/src/sys/netinet/in.h#4 (text+ko) ==== @@ -251,6 +251,7 @@ /* Only used internally, so can be outside the range of valid IP protocols. */ #define IPPROTO_DIVERT 258 /* divert pseudo-protocol */ +#define IPPROTO_SEND 259 /* SeND socket pseudo-proto */ /* * Defined to avoid confusion. The master value is defined by ==== //depot/projects/soc2009/anchie_send/src/sys/netinet/ip_var.h#6 (text+ko) ==== @@ -184,6 +184,7 @@ VNET_DECLARE(int, rsvp_on); VNET_DECLARE(struct socket *, ip_rsvpd); /* reservation protocol daemon*/ VNET_DECLARE(struct socket *, ip_mrouter); /* multicast routing daemon */ +VNET_DECLARE(struct socket *, send_so); /* SeND daemon */ #define V_ipstat VNET(ipstat) #define V_ip_id VNET(ip_id) @@ -195,6 +196,7 @@ #define V_rsvp_on VNET(rsvp_on) #define V_ip_rsvpd VNET(ip_rsvpd) #define V_ip_mrouter VNET(ip_mrouter) +#define V_send_so VNET(send_so) extern u_char ip_protox[]; extern int (*legal_vif_num)(int); ==== //depot/projects/soc2009/anchie_send/src/sys/netinet/raw_ip.c#5 (text+ko) ==== @@ -104,6 +104,11 @@ VNET_DEFINE(struct socket *, ip_mrouter); /* + * The socket used to communicate with the SeND daemon. + */ +VNET_DEFINE(struct socket *, send_so); + +/* * The various mrouter and rsvp functions. */ int (*ip_mrouter_set)(struct socket *, struct sockopt *); ==== //depot/projects/soc2009/anchie_send/src/sys/netinet6/icmp6.c#31 (text+ko) ==== ==== //depot/projects/soc2009/anchie_send/src/sys/netinet6/nd6.c#23 (text+ko) ==== @@ -62,6 +62,7 @@ #include #include +#include #include #define L3_ADDR_SIN6(le) ((struct sockaddr_in6 *) L3_ADDR(le)) #include @@ -114,6 +115,7 @@ int (*send_input_hook)(struct mbuf *, struct ifnet *, int, int); int (*send_output_hook)(struct mbuf *, struct ifnet *, int); +int (*send_sendso_input_hook)(struct socket *, struct mbuf *, int, int); static int nd6_is_new_addr_neighbor __P((struct sockaddr_in6 *, struct ifnet *)); @@ -1987,7 +1989,14 @@ if (mtag != NULL) { skip = 1; nd_type = (unsigned short *)(mtag + 1); +#if 0 + XXX-AK: send_input_hook(m, ifp, SND_OUT, ip6len); +#endif + /* Use the SEND socket */ + printf("send_sendso_input_hook\n"); + error = send_sendso_input_hook(V_send_so, m, SND_OUT, ip6len); + return error; } } ==== //depot/projects/soc2009/anchie_send/src/sys/netinet6/send.c#33 (text+ko) ==== @@ -29,12 +29,17 @@ #include #include #include +#include #include +#include +#include +#include #include #include #include +#include #include #include @@ -189,26 +194,144 @@ } static int +send_uattach(struct socket *so, int proto, struct thread *td) +{ + int error = 0; + + printf("send_uattach: proto = %d\n", proto); + V_send_so = so; + /* V_send_so se ko arguement predaje send_sendso_output() funkciji */ + + return error; +} + +/* + * Send a message to the SEND daemon on the SEND socket. + */ +static int +send_sendso_input(struct socket *s, struct mbuf *m, int direction, int msglen) +{ + u_int len; + void *data; + struct ip6_hdr *ip6; + + /* + * Make sure to clear any possible internally embedded scope before + * passing the packet to userspace for SeND cryptographic signature + * validation to succeed. + */ + ip6 = mtod(m, struct ip6_hdr *); + in6_clearscope(&ip6->ip6_src); + in6_clearscope(&ip6->ip6_dst); + + len = m_length(m, NULL); + if (len != msglen) + printf("XXX-BZ %s: (m)len=%u (ip6)msglen=%d", __func__, len, msglen); + + /* + * XXX-BZ we can save the alloc/free here if not relying on rtsock.c:rt_msg3() + * but using a version operating on mbuf-to-mbuf copy. + */ + data = malloc(msglen, M_SEND, M_NOWAIT); + if (data == NULL) { + m_freem(m); + return (ENOBUFS); + } + + m_copydata(m, 0, msglen, data); + + /* + * Send incoming or outgoing traffic to the user space either to be + * protected (outgoing) or validated (incoming) according to rfc3971. */ + + if (s) { +#if 0 + SOCKBUF_LOCK(&s->so_rcv); + sbappendrecord_locked(&s->so_rcv, m); + sorwakeup_locked(s); + //SOCKBUF_UNLOCK(&s->so_rcv); +#endif + + struct sockaddr_in6 fromsa; + + bzero(&fromsa, sizeof(fromsa)); + fromsa.sin6_family = AF_INET6; + fromsa.sin6_len = sizeof(fromsa); + fromsa.sin6_addr = ip6->ip6_src; + SOCKBUF_LOCK(&s->so_rcv); + if (sbappendaddr_locked(&s->so_rcv, (struct sockaddr *)&fromsa, + m, (struct mbuf *)0) == 0) { + SOCKBUF_UNLOCK(&s->so_rcv); + } else { + sorwakeup_locked(s); + } + + return 0; + } + + m_freem(m); + free(data, M_SEND); + + return -1; +} + +static void +send_close(struct socket *so) +{ + + V_send_so = NULL; + printf("pru_detach: send_close\n"); + //soisdisconnected(so); +} + +struct pr_usrreqs send_usrreqs = { + // Read sys/kern/uipc_socket.c + .pru_attach = send_uattach, + //.pru_sosend = sosend_sndpacket, + .pru_detach = send_close +}; + +struct protosw send_protosw = { + .pr_type = SOCK_RAW, + .pr_protocol = IPPROTO_SEND, + .pr_usrreqs = &send_usrreqs +}; + +static int send_modevent(module_t mod, int type, void *unused) { + int error = 0; /* Add locking? icmp6.c and nd6.c are maybe using hooks.. */ switch (type) { case MOD_LOAD: + error = pf_proto_register(PF_INET, &send_protosw); + if (error != 0) + break; +printf("pf_proto_register() OK\n"); + send_output_hook = send_output; send_input_hook = send_input; + + send_sendso_input_hook = send_sendso_input; break; case MOD_UNLOAD: + if (V_send_so != NULL) + return (EINVAL); + error = pf_proto_unregister(PF_INET, IPPROTO_SEND, SOCK_RAW); send_input_hook = NULL; send_output_hook = NULL; + + send_sendso_input_hook = NULL; break; + default: break; } - return (0); + return (error); } static moduledata_t sendmod = { ==== //depot/projects/soc2009/anchie_send/src/sys/netinet6/send.h#17 (text+ko) ==== @@ -33,3 +33,4 @@ extern int (*send_input_hook)(struct mbuf *, struct ifnet *, int, int); extern int (*send_output_hook)(struct mbuf *, struct ifnet *, int); +extern int (*send_sendso_input_hook)(struct socket *, struct mbuf *, int, int);