1/* 2 * Copyright (c) 1997-2008, 2012 Apple Inc. All rights reserved. 3 * 4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@ 5 * 6 * This file contains Original Code and/or Modifications of Original Code 7 * as defined in and that are subject to the Apple Public Source License 8 * Version 2.0 (the 'License'). You may not use this file except in 9 * compliance with the License. The rights granted to you under the License 10 * may not be used to create, or enable the creation or redistribution of, 11 * unlawful or unlicensed copies of an Apple operating system, or to 12 * circumvent, violate, or enable the circumvention or violation of, any 13 * terms of an Apple operating system software license agreement. 14 * 15 * Please obtain a copy of the License at 16 * http://www.opensource.apple.com/apsl/ and read it before using this file. 17 * 18 * The Original Code and all software distributed under the License are 19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER 20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, 21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, 22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. 23 * Please see the License for the specific language governing rights and 24 * limitations under the License. 25 * 26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@ 27 */ 28/* 29 * @(#)ndrv.c 1.1 (MacOSX) 6/10/43 30 * Justin Walker, 970604 31 * AF_NDRV support 32 * 980130 - Cleanup, reorg, performance improvemements 33 * 000816 - Removal of Y adapter cruft 34 */ 35 36/* 37 * PF_NDRV allows raw access to a specified network device, directly 38 * with a socket. Expected use involves a socket option to request 39 * protocol packets. This lets ndrv_output() call ifnet_output(), and 40 * lets DLIL find the proper recipient for incoming packets. 41 * The purpose here is for user-mode protocol implementation. 42 * Note that "pure raw access" will still be accomplished with BPF. 43 * 44 * In addition to the former use, when combined with socket NKEs, 45 * PF_NDRV permits a fairly flexible mechanism for implementing 46 * strange protocol support. 47 */ 48#include <mach/mach_types.h> 49 50#include <sys/param.h> 51#include <sys/systm.h> 52#include <sys/kernel.h> 53#include <sys/malloc.h> 54#include <sys/mbuf.h> 55#include <sys/protosw.h> 56#include <sys/domain.h> 57#include <sys/socket.h> 58#include <sys/socketvar.h> 59#include <sys/ioctl.h> 60#include <sys/sysctl.h> 61#include <sys/errno.h> 62#include <sys/syslog.h> 63#include <sys/proc.h> 64 65#include <kern/queue.h> 66 67#include <net/ndrv.h> 68#include <net/route.h> 69#include <net/if_llc.h> 70#include <net/if_dl.h> 71#include <net/if_types.h> 72#include <net/ndrv_var.h> 73#include <net/dlil.h> 74 75#if INET 76#include <netinet/in.h> 77#include <netinet/in_var.h> 78#endif 79#include <netinet/if_ether.h> 80 81#include <machine/spl.h> 82 83static unsigned int ndrv_multi_max_count = NDRV_DMUX_MAX_DESCR; 84SYSCTL_UINT(_net, OID_AUTO, ndrv_multi_max_count, CTLFLAG_RW | CTLFLAG_LOCKED, 85 &ndrv_multi_max_count, 0, "Number of allowed multicast addresses per NRDV socket"); 86 87static int ndrv_do_detach(struct ndrv_cb *); 88static int ndrv_do_disconnect(struct ndrv_cb *); 89static struct ndrv_cb *ndrv_find_inbound(struct ifnet *ifp, u_int32_t protocol_family); 90static int ndrv_setspec(struct ndrv_cb *np, struct sockopt *sopt); 91static int ndrv_delspec(struct ndrv_cb *); 92static int ndrv_to_ifnet_demux(struct ndrv_demux_desc* ndrv, struct ifnet_demux_desc* ifdemux); 93static void ndrv_handle_ifp_detach(u_int32_t family, short unit); 94static int ndrv_do_add_multicast(struct ndrv_cb *np, struct sockopt *sopt); 95static int ndrv_do_remove_multicast(struct ndrv_cb *np, struct sockopt *sopt); 96static struct ndrv_multiaddr* ndrv_have_multicast(struct ndrv_cb *np, struct sockaddr* addr); 97static void ndrv_remove_all_multicast(struct ndrv_cb *np); 98static void ndrv_dominit(void) __attribute__((section("__TEXT, initcode"))); 99 100u_int32_t ndrv_sendspace = NDRVSNDQ; 101u_int32_t ndrv_recvspace = NDRVRCVQ; 102TAILQ_HEAD(, ndrv_cb) ndrvl = TAILQ_HEAD_INITIALIZER(ndrvl); 103 104extern struct domain ndrvdomain; 105extern struct protosw ndrvsw; 106 107#define NDRV_PROTODEMUX_COUNT 10 108 109/* 110 * Verify these values match. 111 * To keep clients from including dlil.h, we define 112 * these values independently in ndrv.h. They must 113 * match or a conversion function must be written. 114 */ 115#if NDRV_DEMUXTYPE_ETHERTYPE != DLIL_DESC_ETYPE2 116#error NDRV_DEMUXTYPE_ETHERTYPE must match DLIL_DESC_ETYPE2 117#endif 118#if NDRV_DEMUXTYPE_SAP != DLIL_DESC_SAP 119#error NDRV_DEMUXTYPE_SAP must match DLIL_DESC_SAP 120#endif 121#if NDRV_DEMUXTYPE_SNAP != DLIL_DESC_SNAP 122#error NDRV_DEMUXTYPE_SNAP must match DLIL_DESC_SNAP 123#endif 124 125/* 126 * Protocol output - Called to output a raw network packet directly 127 * to the driver. 128 */ 129static int 130ndrv_output(struct mbuf *m, struct socket *so) 131{ 132 struct ndrv_cb *np = sotondrvcb(so); 133 struct ifnet *ifp = np->nd_if; 134 int result = 0; 135 136#if NDRV_DEBUG 137 kprintf("NDRV output: %x, %x, %x\n", m, so, np); 138#endif 139 140 /* 141 * No header is a format error 142 */ 143 if ((m->m_flags&M_PKTHDR) == 0) 144 return(EINVAL); 145 146 /* Unlock before calling ifnet_output */ 147 socket_unlock(so, 0); 148 149 /* 150 * Call DLIL if we can. DLIL is much safer than calling the 151 * ifp directly. 152 */ 153 result = ifnet_output_raw(ifp, np->nd_proto_family, m); 154 155 socket_lock(so, 0); 156 157 return (result); 158} 159 160/* Our input routine called from DLIL */ 161static errno_t 162ndrv_input( 163 ifnet_t ifp, 164 protocol_family_t proto_family, 165 mbuf_t m, 166 char *frame_header) 167{ 168 struct socket *so; 169 struct sockaddr_dl ndrvsrc; 170 struct ndrv_cb *np; 171 int error = 0; 172 173 ndrvsrc.sdl_len = sizeof (struct sockaddr_dl); 174 ndrvsrc.sdl_family = AF_NDRV; 175 ndrvsrc.sdl_index = 0; 176 177 /* move packet from if queue to socket */ 178 /* Should be media-independent */ 179 ndrvsrc.sdl_type = IFT_ETHER; 180 ndrvsrc.sdl_nlen = 0; 181 ndrvsrc.sdl_alen = 6; 182 ndrvsrc.sdl_slen = 0; 183 bcopy(frame_header, &ndrvsrc.sdl_data, 6); 184 185 np = ndrv_find_inbound(ifp, proto_family); 186 if (np == NULL) 187 { 188 return(ENOENT); 189 } 190 so = np->nd_socket; 191 /* prepend the frame header */ 192 m = m_prepend(m, ifnet_hdrlen(ifp), M_NOWAIT); 193 if (m == NULL) 194 return EJUSTRETURN; 195 bcopy(frame_header, m->m_data, ifnet_hdrlen(ifp)); 196 197 lck_mtx_assert(so->so_proto->pr_domain->dom_mtx, LCK_MTX_ASSERT_NOTOWNED); 198 lck_mtx_lock(so->so_proto->pr_domain->dom_mtx); 199 if (sbappendaddr(&(so->so_rcv), (struct sockaddr *)&ndrvsrc, 200 m, (struct mbuf *)0, &error) != 0) { 201 sorwakeup(so); 202 } 203 lck_mtx_unlock(so->so_proto->pr_domain->dom_mtx); 204 return 0; /* radar 4030377 - always return 0 */ 205} 206 207/* 208 * Allocate an ndrv control block and some buffer space for the socket 209 */ 210static int 211ndrv_attach(struct socket *so, int proto, __unused struct proc *p) 212{ 213 int error; 214 struct ndrv_cb *np = sotondrvcb(so); 215 216 if ((so->so_state & SS_PRIV) == 0) 217 return(EPERM); 218 219#if NDRV_DEBUG 220 kprintf("NDRV attach: %x, %x, %x\n", so, proto, np); 221#endif 222 223 if ((error = soreserve(so, ndrv_sendspace, ndrv_recvspace))) 224 return(error); 225 226 MALLOC(np, struct ndrv_cb *, sizeof(*np), M_PCB, M_WAITOK); 227 if (np == NULL) 228 return (ENOMEM); 229 so->so_pcb = (caddr_t)np; 230 bzero(np, sizeof(*np)); 231#if NDRV_DEBUG 232 kprintf("NDRV attach: %x, %x, %x\n", so, proto, np); 233#endif 234 TAILQ_INIT(&np->nd_dlist); 235 np->nd_signature = NDRV_SIGNATURE; 236 np->nd_socket = so; 237 np->nd_proto.sp_family = so->so_proto->pr_domain->dom_family; 238 np->nd_proto.sp_protocol = proto; 239 np->nd_if = NULL; 240 np->nd_proto_family = 0; 241 np->nd_family = 0; 242 np->nd_unit = 0; 243 TAILQ_INSERT_TAIL(&ndrvl, np, nd_next); 244 return(0); 245} 246 247/* 248 * Destroy state just before socket deallocation. 249 * Flush data or not depending on the options. 250 */ 251 252static int 253ndrv_detach(struct socket *so) 254{ 255 struct ndrv_cb *np = sotondrvcb(so); 256 257 if (np == 0) 258 return EINVAL; 259 return ndrv_do_detach(np); 260} 261 262 263/* 264 * If a socket isn't bound to a single address, 265 * the ndrv input routine will hand it anything 266 * within that protocol family (assuming there's 267 * nothing else around it should go to). 268 * 269 * Don't expect this to be used. 270 */ 271 272static int 273ndrv_connect(struct socket *so, struct sockaddr *nam, __unused struct proc *p) 274{ 275 struct ndrv_cb *np = sotondrvcb(so); 276 277 if (np == 0) 278 return EINVAL; 279 280 if (np->nd_faddr) 281 return EISCONN; 282 283 /* Allocate memory to store the remote address */ 284 MALLOC(np->nd_faddr, struct sockaddr_ndrv*, 285 nam->sa_len, M_IFADDR, M_WAITOK); 286 if (np->nd_faddr == NULL) 287 return ENOMEM; 288 289 bcopy((caddr_t) nam, (caddr_t) np->nd_faddr, nam->sa_len); 290 soisconnected(so); 291 return 0; 292} 293 294static void 295ndrv_event(struct ifnet *ifp, __unused protocol_family_t protocol, 296 const struct kev_msg *event) 297{ 298 if (event->vendor_code == KEV_VENDOR_APPLE && 299 event->kev_class == KEV_NETWORK_CLASS && 300 event->kev_subclass == KEV_DL_SUBCLASS && 301 event->event_code == KEV_DL_IF_DETACHING) { 302 lck_mtx_assert(ndrvdomain.dom_mtx, LCK_MTX_ASSERT_NOTOWNED); 303 lck_mtx_lock(ndrvdomain.dom_mtx); 304 ndrv_handle_ifp_detach(ifnet_family(ifp), ifnet_unit(ifp)); 305 lck_mtx_unlock(ndrvdomain.dom_mtx); 306 } 307} 308 309static int name_cmp(struct ifnet *, char *); 310 311/* 312 * This is the "driver open" hook - we 'bind' to the 313 * named driver. 314 * Here's where we latch onto the driver. 315 */ 316static int 317ndrv_bind(struct socket *so, struct sockaddr *nam, __unused struct proc *p) 318{ 319 struct sockaddr_ndrv *sa = (struct sockaddr_ndrv *) nam; 320 char *dname; 321 struct ndrv_cb *np; 322 struct ifnet *ifp; 323 int result; 324 325 if TAILQ_EMPTY(&ifnet_head) 326 return(EADDRNOTAVAIL); /* Quick sanity check */ 327 np = sotondrvcb(so); 328 if (np == 0) 329 return EINVAL; 330 331 if (np->nd_laddr) 332 return EINVAL; /* XXX */ 333 334 /* I think we just latch onto a copy here; the caller frees */ 335 np->nd_laddr = _MALLOC(sizeof(struct sockaddr_ndrv), M_IFADDR, M_WAITOK); 336 if (np->nd_laddr == NULL) 337 return(ENOMEM); 338 bcopy((caddr_t) sa, (caddr_t) np->nd_laddr, sizeof(struct sockaddr_ndrv)); 339 dname = (char *) sa->snd_name; 340 if (*dname == '\0') 341 return(EINVAL); 342#if NDRV_DEBUG 343 kprintf("NDRV bind: %x, %x, %s\n", so, np, dname); 344#endif 345 /* Track down the driver and its ifnet structure. 346 * There's no internal call for this so we have to dup the code 347 * in if.c/ifconf() 348 */ 349 ifnet_head_lock_shared(); 350 TAILQ_FOREACH(ifp, &ifnet_head, if_link) { 351 if (name_cmp(ifp, dname) == 0) 352 break; 353 } 354 ifnet_head_done(); 355 356 if (ifp == NULL) 357 return(EADDRNOTAVAIL); 358 359 // PPP doesn't support PF_NDRV. 360 if (ifnet_family(ifp) != APPLE_IF_FAM_PPP) 361 { 362 /* NDRV on this interface */ 363 struct ifnet_attach_proto_param ndrv_proto; 364 result = 0; 365 bzero(&ndrv_proto, sizeof(ndrv_proto)); 366 ndrv_proto.event = ndrv_event; 367 368 /* We aren't worried about double attaching, that should just return an error */ 369 socket_unlock(so, 0); 370 result = ifnet_attach_protocol(ifp, PF_NDRV, &ndrv_proto); 371 socket_lock(so, 0); 372 if (result && result != EEXIST) { 373 return result; 374 } 375 np->nd_proto_family = PF_NDRV; 376 } 377 else { 378 np->nd_proto_family = 0; 379 } 380 381 np->nd_if = ifp; 382 np->nd_family = ifnet_family(ifp); 383 np->nd_unit = ifnet_unit(ifp); 384 385 return(0); 386} 387 388static int 389ndrv_disconnect(struct socket *so) 390{ 391 struct ndrv_cb *np = sotondrvcb(so); 392 393 if (np == 0) 394 return EINVAL; 395 396 if (np->nd_faddr == 0) 397 return ENOTCONN; 398 399 ndrv_do_disconnect(np); 400 return 0; 401} 402 403/* 404 * Mark the connection as being incapable of further input. 405 */ 406static int 407ndrv_shutdown(struct socket *so) 408{ 409 lck_mtx_assert(so->so_proto->pr_domain->dom_mtx, LCK_MTX_ASSERT_OWNED); 410 socantsendmore(so); 411 return 0; 412} 413 414/* 415 * Ship a packet out. The ndrv output will pass it 416 * to the appropriate driver. The really tricky part 417 * is the destination address... 418 */ 419static int 420ndrv_send(struct socket *so, __unused int flags, struct mbuf *m, 421 __unused struct sockaddr *addr, struct mbuf *control, 422 __unused struct proc *p) 423{ 424 int error; 425 426 if (control) 427 return EOPNOTSUPP; 428 429 error = ndrv_output(m, so); 430 m = NULL; 431 return error; 432} 433 434 435static int 436ndrv_abort(struct socket *so) 437{ 438 struct ndrv_cb *np = sotondrvcb(so); 439 440 if (np == 0) 441 return EINVAL; 442 443 ndrv_do_disconnect(np); 444 return 0; 445} 446 447static int 448ndrv_sockaddr(struct socket *so, struct sockaddr **nam) 449{ 450 struct ndrv_cb *np = sotondrvcb(so); 451 int len; 452 453 if (np == 0) 454 return EINVAL; 455 456 if (np->nd_laddr == 0) 457 return EINVAL; 458 459 len = np->nd_laddr->snd_len; 460 MALLOC(*nam, struct sockaddr *, len, M_SONAME, M_WAITOK); 461 if (*nam == NULL) 462 return ENOMEM; 463 bcopy((caddr_t)np->nd_laddr, *nam, 464 (unsigned)len); 465 return 0; 466} 467 468 469static int 470ndrv_peeraddr(struct socket *so, struct sockaddr **nam) 471{ 472 struct ndrv_cb *np = sotondrvcb(so); 473 int len; 474 475 if (np == 0) 476 return EINVAL; 477 478 if (np->nd_faddr == 0) 479 return ENOTCONN; 480 481 len = np->nd_faddr->snd_len; 482 MALLOC(*nam, struct sockaddr *, len, M_SONAME, M_WAITOK); 483 if (*nam == NULL) 484 return ENOMEM; 485 bcopy((caddr_t)np->nd_faddr, *nam, 486 (unsigned)len); 487 return 0; 488} 489 490 491/* Control output */ 492 493static int 494ndrv_ctloutput(struct socket *so, struct sockopt *sopt) 495{ 496 struct ndrv_cb *np = sotondrvcb(so); 497 int error = 0; 498 499 switch(sopt->sopt_name) 500 { 501 case NDRV_DELDMXSPEC: /* Delete current spec */ 502 /* Verify no parameter was passed */ 503 if (sopt->sopt_val != 0 || sopt->sopt_valsize != 0) { 504 /* 505 * We don't support deleting a specific demux, it's 506 * all or nothing. 507 */ 508 return EINVAL; 509 } 510 error = ndrv_delspec(np); 511 break; 512 case NDRV_SETDMXSPEC: /* Set protocol spec */ 513 error = ndrv_setspec(np, sopt); 514 break; 515 case NDRV_ADDMULTICAST: 516 error = ndrv_do_add_multicast(np, sopt); 517 break; 518 case NDRV_DELMULTICAST: 519 error = ndrv_do_remove_multicast(np, sopt); 520 break; 521 default: 522 error = ENOTSUP; 523 } 524#ifdef NDRV_DEBUG 525 log(LOG_WARNING, "NDRV CTLOUT: %x returns %d\n", sopt->sopt_name, 526 error); 527#endif 528 return(error); 529} 530 531static int 532ndrv_do_detach(struct ndrv_cb *np) 533{ 534 struct ndrv_cb* cur_np = NULL; 535 struct socket *so = np->nd_socket; 536 int error = 0; 537 struct ifnet * ifp; 538 539#if NDRV_DEBUG 540 kprintf("NDRV detach: %x, %x\n", so, np); 541#endif 542 ndrv_remove_all_multicast(np); 543 544 ifp = np->nd_if; 545 /* Remove from the linked list of control blocks */ 546 TAILQ_REMOVE(&ndrvl, np, nd_next); 547 if (ifp != NULL) { 548 u_int32_t proto_family = np->nd_proto_family; 549 550 if (proto_family != PF_NDRV && proto_family != 0) { 551 socket_unlock(so, 0); 552 ifnet_detach_protocol(ifp, proto_family); 553 socket_lock(so, 0); 554 } 555 556 /* Check if this is the last socket attached to this interface */ 557 TAILQ_FOREACH(cur_np, &ndrvl, nd_next) { 558 if (cur_np->nd_family == np->nd_family && 559 cur_np->nd_unit == np->nd_unit) { 560 break; 561 } 562 } 563 564 /* If there are no other interfaces, detach PF_NDRV from the interface */ 565 if (cur_np == NULL) { 566 socket_unlock(so, 0); 567 ifnet_detach_protocol(ifp, PF_NDRV); 568 socket_lock(so, 0); 569 } 570 } 571 if (np->nd_laddr != NULL) { 572 FREE((caddr_t)np->nd_laddr, M_IFADDR); 573 np->nd_laddr = NULL; 574 } 575 FREE((caddr_t)np, M_PCB); 576 so->so_pcb = 0; 577 so->so_flags |= SOF_PCBCLEARING; 578 sofree(so); 579 return error; 580} 581 582static int 583ndrv_do_disconnect(struct ndrv_cb *np) 584{ 585 struct socket * so = np->nd_socket; 586#if NDRV_DEBUG 587 kprintf("NDRV disconnect: %x\n", np); 588#endif 589 if (np->nd_faddr) 590 { 591 FREE(np->nd_faddr, M_IFADDR); 592 np->nd_faddr = 0; 593 } 594 if (so->so_state & SS_NOFDREF) 595 ndrv_do_detach(np); 596 soisdisconnected(so); 597 return(0); 598} 599 600/* Hackery - return a string version of a decimal number */ 601static void 602sprint_d(u_int n, char *buf, int buflen) 603{ char dbuf[IFNAMSIZ]; 604 char *cp = dbuf+IFNAMSIZ-1; 605 606 *cp = 0; 607 do { buflen--; 608 cp--; 609 *cp = "0123456789"[n % 10]; 610 n /= 10; 611 } while (n != 0 && buflen > 0); 612 strncpy(buf, cp, IFNAMSIZ-buflen); 613 return; 614} 615 616/* 617 * Try to compare a device name (q) with one of the funky ifnet 618 * device names (ifp). 619 */ 620static int name_cmp(struct ifnet *ifp, char *q) 621{ char *r; 622 int len; 623 char buf[IFNAMSIZ]; 624 625 r = buf; 626 len = strlen(ifnet_name(ifp)); 627 strncpy(r, ifnet_name(ifp), IFNAMSIZ); 628 r += len; 629 sprint_d(ifnet_unit(ifp), r, IFNAMSIZ-(r-buf)); 630#if NDRV_DEBUG 631 kprintf("Comparing %s, %s\n", buf, q); 632#endif 633 return(strncmp(buf, q, IFNAMSIZ)); 634} 635 636#if 0 637//### Not used 638/* 639 * When closing, dump any enqueued mbufs. 640 */ 641void 642ndrv_flushq(struct ifqueue *q) 643{ 644 struct mbuf *m; 645 for (;;) 646 { 647 IF_DEQUEUE(q, m); 648 if (m == NULL) 649 break; 650 IF_DROP(q); 651 if (m) 652 m_freem(m); 653 } 654} 655#endif 656 657int 658ndrv_setspec(struct ndrv_cb *np, struct sockopt *sopt) 659{ 660 struct ifnet_attach_proto_param proto_param; 661 struct ndrv_protocol_desc ndrvSpec; 662 struct ndrv_demux_desc* ndrvDemux = NULL; 663 int error = 0; 664 struct socket * so = np->nd_socket; 665 user_addr_t user_addr; 666 667 /* Sanity checking */ 668 if (np->nd_proto_family != PF_NDRV) 669 return EBUSY; 670 if (np->nd_if == NULL) 671 return EINVAL; 672 673 /* Copy the ndrvSpec */ 674 if (proc_is64bit(sopt->sopt_p)) { 675 struct ndrv_protocol_desc64 ndrvSpec64; 676 677 if (sopt->sopt_valsize != sizeof(ndrvSpec64)) 678 return EINVAL; 679 680 error = sooptcopyin(sopt, &ndrvSpec64, sizeof(ndrvSpec64), sizeof(ndrvSpec64)); 681 if (error != 0) 682 return error; 683 684 ndrvSpec.version = ndrvSpec64.version; 685 ndrvSpec.protocol_family = ndrvSpec64.protocol_family; 686 ndrvSpec.demux_count = ndrvSpec64.demux_count; 687 688 user_addr = ndrvSpec64.demux_list; 689 } 690 else { 691 struct ndrv_protocol_desc32 ndrvSpec32; 692 693 if (sopt->sopt_valsize != sizeof(ndrvSpec32)) 694 return EINVAL; 695 696 error = sooptcopyin(sopt, &ndrvSpec32, sizeof(ndrvSpec32), sizeof(ndrvSpec32)); 697 if (error != 0) 698 return error; 699 700 ndrvSpec.version = ndrvSpec32.version; 701 ndrvSpec.protocol_family = ndrvSpec32.protocol_family; 702 ndrvSpec.demux_count = ndrvSpec32.demux_count; 703 704 user_addr = CAST_USER_ADDR_T(ndrvSpec32.demux_list); 705 } 706 707 /* Verify the parameter */ 708 if (ndrvSpec.version > NDRV_PROTOCOL_DESC_VERS) 709 return ENOTSUP; // version is too new! 710 else if (ndrvSpec.version < 1) 711 return EINVAL; // version is not valid 712 else if (ndrvSpec.demux_count > NDRV_PROTODEMUX_COUNT || ndrvSpec.demux_count == 0) 713 return EINVAL; // demux_count is not valid 714 715 bzero(&proto_param, sizeof(proto_param)); 716 proto_param.demux_count = ndrvSpec.demux_count; 717 718 /* Allocate storage for demux array */ 719 MALLOC(ndrvDemux, struct ndrv_demux_desc*, proto_param.demux_count * 720 sizeof(struct ndrv_demux_desc), M_TEMP, M_WAITOK); 721 if (ndrvDemux == NULL) 722 return ENOMEM; 723 724 /* Allocate enough ifnet_demux_descs */ 725 MALLOC(proto_param.demux_array, struct ifnet_demux_desc*, 726 sizeof(*proto_param.demux_array) * ndrvSpec.demux_count, 727 M_TEMP, M_WAITOK); 728 if (proto_param.demux_array == NULL) 729 error = ENOMEM; 730 731 if (error == 0) 732 { 733 /* Copy the ndrv demux array from userland */ 734 error = copyin(user_addr, ndrvDemux, 735 ndrvSpec.demux_count * sizeof(struct ndrv_demux_desc)); 736 ndrvSpec.demux_list = ndrvDemux; 737 } 738 739 if (error == 0) 740 { 741 /* At this point, we've at least got enough bytes to start looking around */ 742 u_int32_t demuxOn = 0; 743 744 proto_param.demux_count = ndrvSpec.demux_count; 745 proto_param.input = ndrv_input; 746 proto_param.event = ndrv_event; 747 748 for (demuxOn = 0; demuxOn < ndrvSpec.demux_count; demuxOn++) 749 { 750 /* Convert an ndrv_demux_desc to a ifnet_demux_desc */ 751 error = ndrv_to_ifnet_demux(&ndrvSpec.demux_list[demuxOn], 752 &proto_param.demux_array[demuxOn]); 753 if (error) 754 break; 755 } 756 } 757 758 if (error == 0) 759 { 760 /* We've got all our ducks lined up...lets attach! */ 761 socket_unlock(so, 0); 762 error = ifnet_attach_protocol(np->nd_if, ndrvSpec.protocol_family, 763 &proto_param); 764 socket_lock(so, 0); 765 if (error == 0) 766 np->nd_proto_family = ndrvSpec.protocol_family; 767 } 768 769 /* Free any memory we've allocated */ 770 if (proto_param.demux_array) 771 FREE(proto_param.demux_array, M_TEMP); 772 if (ndrvDemux) 773 FREE(ndrvDemux, M_TEMP); 774 775 return error; 776} 777 778 779int 780ndrv_to_ifnet_demux(struct ndrv_demux_desc* ndrv, struct ifnet_demux_desc* ifdemux) 781{ 782 bzero(ifdemux, sizeof(*ifdemux)); 783 784 if (ndrv->type < DLIL_DESC_ETYPE2) 785 { 786 /* using old "type", not supported */ 787 return ENOTSUP; 788 } 789 790 if (ndrv->length > 28) 791 { 792 return EINVAL; 793 } 794 795 ifdemux->type = ndrv->type; 796 ifdemux->data = ndrv->data.other; 797 ifdemux->datalen = ndrv->length; 798 799 return 0; 800} 801 802int 803ndrv_delspec(struct ndrv_cb *np) 804{ 805 int result = 0; 806 807 if (np->nd_proto_family == PF_NDRV || 808 np->nd_proto_family == 0) 809 return EINVAL; 810 811 /* Detach the protocol */ 812 result = ifnet_detach_protocol(np->nd_if, np->nd_proto_family); 813 np->nd_proto_family = PF_NDRV; 814 815 return result; 816} 817 818struct ndrv_cb * 819ndrv_find_inbound(struct ifnet *ifp, u_int32_t protocol) 820{ 821 struct ndrv_cb* np; 822 823 if (protocol == PF_NDRV) return NULL; 824 825 TAILQ_FOREACH(np, &ndrvl, nd_next) { 826 if (np->nd_proto_family == protocol && 827 np->nd_if == ifp) { 828 return np; 829 } 830 } 831 832 return NULL; 833} 834 835static void ndrv_dominit(void) 836{ 837 static int ndrv_dominited = 0; 838 839 if (ndrv_dominited == 0 && 840 net_add_proto(&ndrvsw, &ndrvdomain) == 0) 841 ndrv_dominited = 1; 842} 843 844static void 845ndrv_handle_ifp_detach(u_int32_t family, short unit) 846{ 847 struct ndrv_cb* np; 848 struct ifnet *ifp = NULL; 849 struct socket *so; 850 851 /* Find all sockets using this interface. */ 852 TAILQ_FOREACH(np, &ndrvl, nd_next) { 853 if (np->nd_family == family && 854 np->nd_unit == unit) 855 { 856 /* This cb is using the detaching interface, but not for long. */ 857 /* Let the protocol go */ 858 ifp = np->nd_if; 859 if (np->nd_proto_family != 0) 860 ndrv_delspec(np); 861 862 /* Delete the multicasts first */ 863 ndrv_remove_all_multicast(np); 864 865 /* Disavow all knowledge of the ifp */ 866 np->nd_if = NULL; 867 np->nd_unit = 0; 868 np->nd_family = 0; 869 870 so = np->nd_socket; 871 /* Make sure sending returns an error */ 872 /* Is this safe? Will we drop the funnel? */ 873 lck_mtx_assert(so->so_proto->pr_domain->dom_mtx, LCK_MTX_ASSERT_OWNED); 874 socantsendmore(so); 875 socantrcvmore(so); 876 } 877 } 878 879 /* Unregister our protocol */ 880 if (ifp) { 881 ifnet_detach_protocol(ifp, PF_NDRV); 882 } 883} 884 885static int 886ndrv_do_add_multicast(struct ndrv_cb *np, struct sockopt *sopt) 887{ 888 struct ndrv_multiaddr* ndrv_multi; 889 int result; 890 891 if (sopt->sopt_val == 0 || sopt->sopt_valsize < 2 || 892 sopt->sopt_level != SOL_NDRVPROTO || sopt->sopt_valsize > SOCK_MAXADDRLEN) 893 return EINVAL; 894 if (np->nd_if == NULL) 895 return ENXIO; 896 if (!(np->nd_dlist_cnt < ndrv_multi_max_count)) 897 return EPERM; 898 899 // Allocate storage 900 MALLOC(ndrv_multi, struct ndrv_multiaddr*, sizeof(struct ndrv_multiaddr) - 901 sizeof(struct sockaddr) + sopt->sopt_valsize, M_IFADDR, M_WAITOK); 902 if (ndrv_multi == NULL) 903 return ENOMEM; 904 905 // Copy in the address 906 result = copyin(sopt->sopt_val, &ndrv_multi->addr, sopt->sopt_valsize); 907 908 // Validate the sockaddr 909 if (result == 0 && sopt->sopt_valsize != ndrv_multi->addr.sa_len) 910 result = EINVAL; 911 912 if (result == 0 && ndrv_have_multicast(np, &ndrv_multi->addr)) 913 result = EEXIST; 914 915 if (result == 0) 916 { 917 // Try adding the multicast 918 result = ifnet_add_multicast(np->nd_if, &ndrv_multi->addr, 919 &ndrv_multi->ifma); 920 } 921 922 if (result == 0) 923 { 924 // Add to our linked list 925 ndrv_multi->next = np->nd_multiaddrs; 926 np->nd_multiaddrs = ndrv_multi; 927 np->nd_dlist_cnt++; 928 } 929 else 930 { 931 // Free up the memory, something went wrong 932 FREE(ndrv_multi, M_IFADDR); 933 } 934 935 return result; 936} 937 938static int 939ndrv_do_remove_multicast(struct ndrv_cb *np, struct sockopt *sopt) 940{ 941 struct sockaddr* multi_addr; 942 struct ndrv_multiaddr* ndrv_entry = NULL; 943 int result; 944 945 if (sopt->sopt_val == 0 || sopt->sopt_valsize < 2 || 946 sopt->sopt_level != SOL_NDRVPROTO) 947 return EINVAL; 948 if (np->nd_if == NULL || np->nd_dlist_cnt == 0) 949 return ENXIO; 950 951 // Allocate storage 952 MALLOC(multi_addr, struct sockaddr*, sopt->sopt_valsize, 953 M_TEMP, M_WAITOK); 954 if (multi_addr == NULL) 955 return ENOMEM; 956 957 // Copy in the address 958 result = copyin(sopt->sopt_val, multi_addr, sopt->sopt_valsize); 959 960 // Validate the sockaddr 961 if (result == 0 && sopt->sopt_valsize != multi_addr->sa_len) 962 result = EINVAL; 963 964 if (result == 0) 965 { 966 /* Find the old entry */ 967 ndrv_entry = ndrv_have_multicast(np, multi_addr); 968 969 if (ndrv_entry == NULL) 970 result = ENOENT; 971 } 972 973 if (result == 0) 974 { 975 // Try deleting the multicast 976 result = ifnet_remove_multicast(ndrv_entry->ifma); 977 } 978 979 if (result == 0) 980 { 981 // Remove from our linked list 982 struct ndrv_multiaddr* cur = np->nd_multiaddrs; 983 984 ifmaddr_release(ndrv_entry->ifma); 985 986 if (cur == ndrv_entry) 987 { 988 np->nd_multiaddrs = cur->next; 989 } 990 else 991 { 992 for (cur = cur->next; cur != NULL; cur = cur->next) 993 { 994 if (cur->next == ndrv_entry) 995 { 996 cur->next = cur->next->next; 997 break; 998 } 999 } 1000 } 1001 1002 np->nd_dlist_cnt--; 1003 1004 // Free the memory 1005 FREE(ndrv_entry, M_IFADDR); 1006 } 1007 FREE(multi_addr, M_TEMP); 1008 1009 return result; 1010} 1011 1012static struct ndrv_multiaddr* 1013ndrv_have_multicast(struct ndrv_cb *np, struct sockaddr* inAddr) 1014{ 1015 struct ndrv_multiaddr* cur; 1016 for (cur = np->nd_multiaddrs; cur != NULL; cur = cur->next) 1017 { 1018 1019 if ((inAddr->sa_len == cur->addr.sa_len) && 1020 (bcmp(&cur->addr, inAddr, inAddr->sa_len) == 0)) 1021 { 1022 // Found a match 1023 return cur; 1024 } 1025 } 1026 1027 return NULL; 1028} 1029 1030static void 1031ndrv_remove_all_multicast(struct ndrv_cb* np) 1032{ 1033 struct ndrv_multiaddr* cur; 1034 1035 if (np->nd_if != NULL) 1036 { 1037 while (np->nd_multiaddrs != NULL) 1038 { 1039 cur = np->nd_multiaddrs; 1040 np->nd_multiaddrs = cur->next; 1041 1042 ifnet_remove_multicast(cur->ifma); 1043 ifmaddr_release(cur->ifma); 1044 FREE(cur, M_IFADDR); 1045 } 1046 } 1047} 1048 1049struct pr_usrreqs ndrv_usrreqs = { 1050 ndrv_abort, pru_accept_notsupp, ndrv_attach, ndrv_bind, 1051 ndrv_connect, pru_connect2_notsupp, pru_control_notsupp, ndrv_detach, 1052 ndrv_disconnect, pru_listen_notsupp, ndrv_peeraddr, pru_rcvd_notsupp, 1053 pru_rcvoob_notsupp, ndrv_send, pru_sense_null, ndrv_shutdown, 1054 ndrv_sockaddr, sosend, soreceive, pru_sopoll_notsupp 1055}; 1056 1057struct protosw ndrvsw = 1058{ SOCK_RAW, &ndrvdomain, NDRVPROTO_NDRV, PR_ATOMIC|PR_ADDR, 1059 NULL, ndrv_output, NULL, ndrv_ctloutput, 1060 NULL, 1061 NULL, NULL, NULL, NULL, NULL, 1062 &ndrv_usrreqs, 1063 NULL, NULL, NULL, 1064 { NULL, NULL}, NULL, 1065 { 0 } 1066}; 1067 1068struct domain ndrvdomain = 1069{ AF_NDRV, 1070 "NetDriver", 1071 ndrv_dominit, 1072 NULL, 1073 NULL, 1074 NULL, 1075 NULL, 1076 NULL, 1077 0, 1078 0, 1079 0, 1080 0, 1081 NULL, 1082 0, 1083 {0, 0} 1084}; 1085