1994-05-24 10:09:53 +00:00
|
|
|
/*
|
1995-09-22 19:56:26 +00:00
|
|
|
* Copyright (c) 1982, 1986, 1988, 1990, 1993, 1995
|
1994-05-24 10:09:53 +00:00
|
|
|
* The Regents of the University of California. All rights reserved.
|
|
|
|
*
|
|
|
|
* Redistribution and use in source and binary forms, with or without
|
|
|
|
* modification, are permitted provided that the following conditions
|
|
|
|
* are met:
|
|
|
|
* 1. Redistributions of source code must retain the above copyright
|
|
|
|
* notice, this list of conditions and the following disclaimer.
|
|
|
|
* 2. Redistributions in binary form must reproduce the above copyright
|
|
|
|
* notice, this list of conditions and the following disclaimer in the
|
|
|
|
* documentation and/or other materials provided with the distribution.
|
|
|
|
* 3. All advertising materials mentioning features or use of this software
|
|
|
|
* must display the following acknowledgement:
|
|
|
|
* This product includes software developed by the University of
|
|
|
|
* California, Berkeley and its contributors.
|
|
|
|
* 4. Neither the name of the University nor the names of its contributors
|
|
|
|
* may be used to endorse or promote products derived from this software
|
|
|
|
* without specific prior written permission.
|
|
|
|
*
|
|
|
|
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
|
|
|
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
|
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
|
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
|
|
|
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
|
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
|
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
|
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
|
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
|
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
|
|
* SUCH DAMAGE.
|
|
|
|
*
|
1995-09-22 19:56:26 +00:00
|
|
|
* @(#)udp_usrreq.c 8.6 (Berkeley) 5/23/95
|
1999-08-28 01:08:13 +00:00
|
|
|
* $FreeBSD$
|
1994-05-24 10:09:53 +00:00
|
|
|
*/
|
|
|
|
|
1999-12-22 19:13:38 +00:00
|
|
|
#include "opt_ipsec.h"
|
1999-12-07 17:39:16 +00:00
|
|
|
#include "opt_inet6.h"
|
|
|
|
|
1994-05-24 10:09:53 +00:00
|
|
|
#include <sys/param.h>
|
1994-05-25 09:21:21 +00:00
|
|
|
#include <sys/systm.h>
|
1997-02-24 20:31:25 +00:00
|
|
|
#include <sys/kernel.h>
|
1994-05-24 10:09:53 +00:00
|
|
|
#include <sys/malloc.h>
|
|
|
|
#include <sys/mbuf.h>
|
1999-12-07 17:39:16 +00:00
|
|
|
#include <sys/domain.h>
|
1999-07-11 18:32:46 +00:00
|
|
|
#include <sys/proc.h>
|
1994-05-24 10:09:53 +00:00
|
|
|
#include <sys/protosw.h>
|
|
|
|
#include <sys/socket.h>
|
|
|
|
#include <sys/socketvar.h>
|
1995-03-16 18:17:34 +00:00
|
|
|
#include <sys/sysctl.h>
|
1996-04-04 10:46:44 +00:00
|
|
|
#include <sys/syslog.h>
|
2001-02-21 06:39:57 +00:00
|
|
|
#include <sys/jail.h>
|
1998-03-28 10:18:26 +00:00
|
|
|
|
1998-03-24 18:06:34 +00:00
|
|
|
#include <vm/vm_zone.h>
|
1994-05-24 10:09:53 +00:00
|
|
|
|
|
|
|
#include <net/if.h>
|
|
|
|
#include <net/route.h>
|
|
|
|
|
|
|
|
#include <netinet/in.h>
|
|
|
|
#include <netinet/in_systm.h>
|
|
|
|
#include <netinet/ip.h>
|
1999-12-07 17:39:16 +00:00
|
|
|
#ifdef INET6
|
|
|
|
#include <netinet/ip6.h>
|
|
|
|
#endif
|
1994-05-24 10:09:53 +00:00
|
|
|
#include <netinet/in_pcb.h>
|
1995-03-16 18:17:34 +00:00
|
|
|
#include <netinet/in_var.h>
|
1994-05-24 10:09:53 +00:00
|
|
|
#include <netinet/ip_var.h>
|
1999-12-07 17:39:16 +00:00
|
|
|
#ifdef INET6
|
|
|
|
#include <netinet6/ip6_var.h>
|
|
|
|
#endif
|
1994-05-24 10:09:53 +00:00
|
|
|
#include <netinet/ip_icmp.h>
|
1998-12-03 20:23:21 +00:00
|
|
|
#include <netinet/icmp_var.h>
|
1994-05-24 10:09:53 +00:00
|
|
|
#include <netinet/udp.h>
|
|
|
|
#include <netinet/udp_var.h>
|
|
|
|
|
1999-12-07 17:39:16 +00:00
|
|
|
#ifdef IPSEC
|
|
|
|
#include <netinet6/ipsec.h>
|
|
|
|
#endif /*IPSEC*/
|
|
|
|
|
2000-03-27 19:14:27 +00:00
|
|
|
#include <machine/in_cksum.h>
|
|
|
|
|
1994-05-24 10:09:53 +00:00
|
|
|
/*
|
|
|
|
* UDP protocol implementation.
|
|
|
|
* Per RFC 768, August, 1980.
|
|
|
|
*/
|
|
|
|
#ifndef COMPAT_42
|
1995-11-14 20:34:56 +00:00
|
|
|
static int udpcksum = 1;
|
1994-05-24 10:09:53 +00:00
|
|
|
#else
|
1995-11-14 20:34:56 +00:00
|
|
|
static int udpcksum = 0; /* XXX */
|
1994-05-24 10:09:53 +00:00
|
|
|
#endif
|
1995-11-14 20:34:56 +00:00
|
|
|
SYSCTL_INT(_net_inet_udp, UDPCTL_CHECKSUM, checksum, CTLFLAG_RW,
|
|
|
|
&udpcksum, 0, "");
|
1994-05-24 10:09:53 +00:00
|
|
|
|
1999-11-05 14:41:39 +00:00
|
|
|
int log_in_vain = 0;
|
1996-04-04 10:46:44 +00:00
|
|
|
SYSCTL_INT(_net_inet_udp, OID_AUTO, log_in_vain, CTLFLAG_RW,
|
1999-05-03 23:57:32 +00:00
|
|
|
&log_in_vain, 0, "Log all incoming UDP packets");
|
1996-04-04 10:46:44 +00:00
|
|
|
|
1999-11-05 14:41:39 +00:00
|
|
|
static int blackhole = 0;
|
1999-08-17 12:17:53 +00:00
|
|
|
SYSCTL_INT(_net_inet_udp, OID_AUTO, blackhole, CTLFLAG_RW,
|
|
|
|
&blackhole, 0, "Do not send port unreachables for refused connects");
|
|
|
|
|
1999-11-05 14:41:39 +00:00
|
|
|
struct inpcbhead udb; /* from udp_var.h */
|
1999-12-07 17:39:16 +00:00
|
|
|
#define udb6 udb /* for KAME src sync over BSD*'s */
|
1999-11-05 14:41:39 +00:00
|
|
|
struct inpcbinfo udbinfo;
|
1995-04-09 01:29:31 +00:00
|
|
|
|
|
|
|
#ifndef UDBHASHSIZE
|
Improved connection establishment performance by doing local port lookups via
a hashed port list. In the new scheme, in_pcblookup() goes away and is
replaced by a new routine, in_pcblookup_local() for doing the local port
check. Note that this implementation is space inefficient in that the PCB
struct is now too large to fit into 128 bytes. I might deal with this in the
future by using the new zone allocator, but I wanted these changes to be
extensively tested in their current form first.
Also:
1) Fixed off-by-one errors in the port lookup loops in in_pcbbind().
2) Got rid of some unneeded rehashing. Adding a new routine, in_pcbinshash()
to do the initialial hash insertion.
3) Renamed in_pcblookuphash() to in_pcblookup_hash() for easier readability.
4) Added a new routine, in_pcbremlists() to remove the PCB from the various
hash lists.
5) Added/deleted comments where appropriate.
6) Removed unnecessary splnet() locking. In general, the PCB functions should
be called at splnet()...there are unfortunately a few exceptions, however.
7) Reorganized a few structs for better cache line behavior.
8) Killed my TCP_ACK_HACK kludge. It may come back in a different form in
the future, however.
These changes have been tested on wcarchive for more than a month. In tests
done here, connection establishment overhead is reduced by more than 50
times, thus getting rid of one of the major networking scalability problems.
Still to do: make tcp_fastimo/tcp_slowtimo scale well for systems with a
large number of connections. tcp_fastimo is easy; tcp_slowtimo is difficult.
WARNING: Anything that knows about inpcb and tcpcb structs will have to be
recompiled; at the very least, this includes netstat(1).
1998-01-27 09:15:13 +00:00
|
|
|
#define UDBHASHSIZE 16
|
1995-04-09 01:29:31 +00:00
|
|
|
#endif
|
|
|
|
|
1999-11-05 14:41:39 +00:00
|
|
|
struct udpstat udpstat; /* from udp_var.h */
|
1995-11-14 20:34:56 +00:00
|
|
|
SYSCTL_STRUCT(_net_inet_udp, UDPCTL_STATS, stats, CTLFLAG_RD,
|
1999-05-03 23:57:32 +00:00
|
|
|
&udpstat, udpstat, "UDP statistics (struct udpstat, netinet/udp_var.h)");
|
1995-02-16 00:27:47 +00:00
|
|
|
|
1995-11-14 20:34:56 +00:00
|
|
|
static struct sockaddr_in udp_in = { sizeof(udp_in), AF_INET };
|
1999-12-07 17:39:16 +00:00
|
|
|
#ifdef INET6
|
|
|
|
struct udp_in6 {
|
|
|
|
struct sockaddr_in6 uin6_sin;
|
|
|
|
u_char uin6_init_done : 1;
|
|
|
|
} udp_in6 = {
|
|
|
|
{ sizeof(udp_in6.uin6_sin), AF_INET6 },
|
|
|
|
0
|
|
|
|
};
|
|
|
|
struct udp_ip6 {
|
|
|
|
struct ip6_hdr uip6_ip6;
|
|
|
|
u_char uip6_init_done : 1;
|
|
|
|
} udp_ip6;
|
|
|
|
#endif /* INET6 */
|
|
|
|
|
|
|
|
static void udp_append __P((struct inpcb *last, struct ip *ip,
|
|
|
|
struct mbuf *n, int off));
|
|
|
|
#ifdef INET6
|
|
|
|
static void ip_2_ip6_hdr __P((struct ip6_hdr *ip6, struct ip *ip));
|
|
|
|
#endif
|
1994-05-24 10:09:53 +00:00
|
|
|
|
1999-12-07 17:39:16 +00:00
|
|
|
static int udp_detach __P((struct socket *so));
|
1997-08-16 19:16:27 +00:00
|
|
|
static int udp_output __P((struct inpcb *, struct mbuf *, struct sockaddr *,
|
1997-04-27 20:01:29 +00:00
|
|
|
struct mbuf *, struct proc *));
|
1994-05-24 10:09:53 +00:00
|
|
|
|
|
|
|
void
|
|
|
|
udp_init()
|
|
|
|
{
|
1995-04-09 01:29:31 +00:00
|
|
|
LIST_INIT(&udb);
|
|
|
|
udbinfo.listhead = &udb;
|
1997-03-03 09:23:37 +00:00
|
|
|
udbinfo.hashbase = hashinit(UDBHASHSIZE, M_PCB, &udbinfo.hashmask);
|
1998-03-28 10:18:26 +00:00
|
|
|
udbinfo.porthashbase = hashinit(UDBHASHSIZE, M_PCB,
|
|
|
|
&udbinfo.porthashmask);
|
1998-05-15 20:11:40 +00:00
|
|
|
udbinfo.ipi_zone = zinit("udpcb", sizeof(struct inpcb), maxsockets,
|
1998-03-28 10:18:26 +00:00
|
|
|
ZONE_INTERRUPT, 0);
|
1994-05-24 10:09:53 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
void
|
1999-12-07 17:39:16 +00:00
|
|
|
udp_input(m, off, proto)
|
1994-05-24 10:09:53 +00:00
|
|
|
register struct mbuf *m;
|
1999-12-07 17:39:16 +00:00
|
|
|
int off, proto;
|
1994-05-24 10:09:53 +00:00
|
|
|
{
|
1999-12-07 17:39:16 +00:00
|
|
|
int iphlen = off;
|
1994-05-24 10:09:53 +00:00
|
|
|
register struct ip *ip;
|
|
|
|
register struct udphdr *uh;
|
|
|
|
register struct inpcb *inp;
|
|
|
|
struct mbuf *opts = 0;
|
|
|
|
int len;
|
|
|
|
struct ip save_ip;
|
1999-12-07 17:39:16 +00:00
|
|
|
struct sockaddr *append_sa;
|
1994-05-24 10:09:53 +00:00
|
|
|
|
|
|
|
udpstat.udps_ipackets++;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Strip IP options, if any; should skip this,
|
|
|
|
* make available to user, and use on returned packets,
|
|
|
|
* but we don't yet have a way to check the checksum
|
|
|
|
* with options still present.
|
|
|
|
*/
|
|
|
|
if (iphlen > sizeof (struct ip)) {
|
|
|
|
ip_stripoptions(m, (struct mbuf *)0);
|
|
|
|
iphlen = sizeof(struct ip);
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Get IP and UDP header together in first mbuf.
|
|
|
|
*/
|
|
|
|
ip = mtod(m, struct ip *);
|
|
|
|
if (m->m_len < iphlen + sizeof(struct udphdr)) {
|
|
|
|
if ((m = m_pullup(m, iphlen + sizeof(struct udphdr))) == 0) {
|
|
|
|
udpstat.udps_hdrops++;
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
ip = mtod(m, struct ip *);
|
|
|
|
}
|
|
|
|
uh = (struct udphdr *)((caddr_t)ip + iphlen);
|
|
|
|
|
2000-07-04 16:35:15 +00:00
|
|
|
/* destination port of 0 is illegal, based on RFC768. */
|
|
|
|
if (uh->uh_dport == 0)
|
|
|
|
goto bad;
|
|
|
|
|
1994-05-24 10:09:53 +00:00
|
|
|
/*
|
|
|
|
* Make mbuf data length reflect UDP length.
|
|
|
|
* If not enough data to reflect UDP length, drop.
|
|
|
|
*/
|
|
|
|
len = ntohs((u_short)uh->uh_ulen);
|
|
|
|
if (ip->ip_len != len) {
|
1995-08-17 22:09:14 +00:00
|
|
|
if (len > ip->ip_len || len < sizeof(struct udphdr)) {
|
1994-05-24 10:09:53 +00:00
|
|
|
udpstat.udps_badlen++;
|
|
|
|
goto bad;
|
|
|
|
}
|
|
|
|
m_adj(m, len - ip->ip_len);
|
|
|
|
/* ip->ip_len = len; */
|
|
|
|
}
|
|
|
|
/*
|
|
|
|
* Save a copy of the IP header in case we want restore it
|
|
|
|
* for sending an ICMP error message in response.
|
|
|
|
*/
|
2000-10-31 09:13:02 +00:00
|
|
|
if (!blackhole)
|
|
|
|
save_ip = *ip;
|
1994-05-24 10:09:53 +00:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Checksum extended UDP header and data.
|
|
|
|
*/
|
1995-09-22 19:56:26 +00:00
|
|
|
if (uh->uh_sum) {
|
2000-03-27 19:14:27 +00:00
|
|
|
if (m->m_pkthdr.csum_flags & CSUM_DATA_VALID) {
|
|
|
|
if (m->m_pkthdr.csum_flags & CSUM_PSEUDO_HDR)
|
|
|
|
uh->uh_sum = m->m_pkthdr.csum_data;
|
|
|
|
else
|
|
|
|
uh->uh_sum = in_pseudo(ip->ip_src.s_addr,
|
2000-11-01 16:56:33 +00:00
|
|
|
ip->ip_dst.s_addr, htonl((u_short)len +
|
2000-03-27 19:14:27 +00:00
|
|
|
m->m_pkthdr.csum_data + IPPROTO_UDP));
|
|
|
|
uh->uh_sum ^= 0xffff;
|
|
|
|
} else {
|
|
|
|
bzero(((struct ipovly *)ip)->ih_x1, 9);
|
|
|
|
((struct ipovly *)ip)->ih_len = uh->uh_ulen;
|
|
|
|
uh->uh_sum = in_cksum(m, len + sizeof (struct ip));
|
|
|
|
}
|
1994-10-02 17:48:58 +00:00
|
|
|
if (uh->uh_sum) {
|
1994-05-24 10:09:53 +00:00
|
|
|
udpstat.udps_badsum++;
|
|
|
|
m_freem(m);
|
|
|
|
return;
|
|
|
|
}
|
2001-03-13 13:26:06 +00:00
|
|
|
} else
|
|
|
|
udpstat.udps_nosum++;
|
1994-05-24 10:09:53 +00:00
|
|
|
|
|
|
|
if (IN_MULTICAST(ntohl(ip->ip_dst.s_addr)) ||
|
|
|
|
in_broadcast(ip->ip_dst, m->m_pkthdr.rcvif)) {
|
1996-11-11 04:56:32 +00:00
|
|
|
struct inpcb *last;
|
1994-05-24 10:09:53 +00:00
|
|
|
/*
|
|
|
|
* Deliver a multicast or broadcast datagram to *all* sockets
|
|
|
|
* for which the local and remote addresses and ports match
|
|
|
|
* those of the incoming datagram. This allows more than
|
|
|
|
* one process to receive multi/broadcasts on the same port.
|
|
|
|
* (This really ought to be done for unicast datagrams as
|
|
|
|
* well, but that would cause problems with existing
|
|
|
|
* applications that open both address-specific sockets and
|
|
|
|
* a wildcard socket listening to the same port -- they would
|
|
|
|
* end up receiving duplicates of every unicast datagram.
|
|
|
|
* Those applications open the multiple sockets to overcome an
|
|
|
|
* inadequacy of the UDP socket interface, but for backwards
|
|
|
|
* compatibility we avoid the problem here rather than
|
|
|
|
* fixing the interface. Maybe 4.5BSD will remedy this?)
|
|
|
|
*/
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Construct sockaddr format source address.
|
|
|
|
*/
|
|
|
|
udp_in.sin_port = uh->uh_sport;
|
|
|
|
udp_in.sin_addr = ip->ip_src;
|
|
|
|
/*
|
|
|
|
* Locate pcb(s) for datagram.
|
|
|
|
* (Algorithm copied from raw_intr().)
|
|
|
|
*/
|
|
|
|
last = NULL;
|
1999-12-07 17:39:16 +00:00
|
|
|
#ifdef INET6
|
|
|
|
udp_in6.uin6_init_done = udp_ip6.uip6_init_done = 0;
|
|
|
|
#endif
|
|
|
|
LIST_FOREACH(inp, &udb, inp_list) {
|
|
|
|
#ifdef INET6
|
1999-12-21 11:14:12 +00:00
|
|
|
if ((inp->inp_vflag & INP_IPV4) == 0)
|
1999-12-07 17:39:16 +00:00
|
|
|
continue;
|
|
|
|
#endif
|
1994-05-24 10:09:53 +00:00
|
|
|
if (inp->inp_lport != uh->uh_dport)
|
|
|
|
continue;
|
|
|
|
if (inp->inp_laddr.s_addr != INADDR_ANY) {
|
|
|
|
if (inp->inp_laddr.s_addr !=
|
|
|
|
ip->ip_dst.s_addr)
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
if (inp->inp_faddr.s_addr != INADDR_ANY) {
|
|
|
|
if (inp->inp_faddr.s_addr !=
|
|
|
|
ip->ip_src.s_addr ||
|
|
|
|
inp->inp_fport != uh->uh_sport)
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (last != NULL) {
|
|
|
|
struct mbuf *n;
|
|
|
|
|
1999-12-07 17:39:16 +00:00
|
|
|
#ifdef IPSEC
|
|
|
|
/* check AH/ESP integrity. */
|
|
|
|
if (ipsec4_in_reject_so(m, last->inp_socket))
|
|
|
|
ipsecstat.in_polvio++;
|
|
|
|
/* do not inject data to pcb */
|
|
|
|
else
|
|
|
|
#endif /*IPSEC*/
|
|
|
|
if ((n = m_copy(m, 0, M_COPYALL)) != NULL)
|
|
|
|
udp_append(last, ip, n,
|
|
|
|
iphlen +
|
|
|
|
sizeof(struct udphdr));
|
1994-05-24 10:09:53 +00:00
|
|
|
}
|
1996-11-11 04:56:32 +00:00
|
|
|
last = inp;
|
1994-05-24 10:09:53 +00:00
|
|
|
/*
|
|
|
|
* Don't look for additional matches if this one does
|
|
|
|
* not have either the SO_REUSEPORT or SO_REUSEADDR
|
|
|
|
* socket options set. This heuristic avoids searching
|
|
|
|
* through all pcbs in the common case of a non-shared
|
|
|
|
* port. It * assumes that an application will never
|
|
|
|
* clear these options after setting them.
|
|
|
|
*/
|
1998-01-25 17:25:41 +00:00
|
|
|
if ((last->inp_socket->so_options&(SO_REUSEPORT|SO_REUSEADDR)) == 0)
|
1994-05-24 10:09:53 +00:00
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (last == NULL) {
|
|
|
|
/*
|
|
|
|
* No matching pcb found; discard datagram.
|
|
|
|
* (No need to send an ICMP Port Unreachable
|
|
|
|
* for a broadcast or multicast datgram.)
|
|
|
|
*/
|
|
|
|
udpstat.udps_noportbcast++;
|
|
|
|
goto bad;
|
|
|
|
}
|
1999-12-07 17:39:16 +00:00
|
|
|
#ifdef IPSEC
|
|
|
|
/* check AH/ESP integrity. */
|
|
|
|
if (ipsec4_in_reject_so(m, last->inp_socket)) {
|
|
|
|
ipsecstat.in_polvio++;
|
1994-05-24 10:09:53 +00:00
|
|
|
goto bad;
|
|
|
|
}
|
1999-12-07 17:39:16 +00:00
|
|
|
#endif /*IPSEC*/
|
|
|
|
udp_append(last, ip, m, iphlen + sizeof(struct udphdr));
|
1994-05-24 10:09:53 +00:00
|
|
|
return;
|
|
|
|
}
|
|
|
|
/*
|
1996-10-07 19:06:12 +00:00
|
|
|
* Locate pcb for datagram.
|
1994-05-24 10:09:53 +00:00
|
|
|
*/
|
Improved connection establishment performance by doing local port lookups via
a hashed port list. In the new scheme, in_pcblookup() goes away and is
replaced by a new routine, in_pcblookup_local() for doing the local port
check. Note that this implementation is space inefficient in that the PCB
struct is now too large to fit into 128 bytes. I might deal with this in the
future by using the new zone allocator, but I wanted these changes to be
extensively tested in their current form first.
Also:
1) Fixed off-by-one errors in the port lookup loops in in_pcbbind().
2) Got rid of some unneeded rehashing. Adding a new routine, in_pcbinshash()
to do the initialial hash insertion.
3) Renamed in_pcblookuphash() to in_pcblookup_hash() for easier readability.
4) Added a new routine, in_pcbremlists() to remove the PCB from the various
hash lists.
5) Added/deleted comments where appropriate.
6) Removed unnecessary splnet() locking. In general, the PCB functions should
be called at splnet()...there are unfortunately a few exceptions, however.
7) Reorganized a few structs for better cache line behavior.
8) Killed my TCP_ACK_HACK kludge. It may come back in a different form in
the future, however.
These changes have been tested on wcarchive for more than a month. In tests
done here, connection establishment overhead is reduced by more than 50
times, thus getting rid of one of the major networking scalability problems.
Still to do: make tcp_fastimo/tcp_slowtimo scale well for systems with a
large number of connections. tcp_fastimo is easy; tcp_slowtimo is difficult.
WARNING: Anything that knows about inpcb and tcpcb structs will have to be
recompiled; at the very least, this includes netstat(1).
1998-01-27 09:15:13 +00:00
|
|
|
inp = in_pcblookup_hash(&udbinfo, ip->ip_src, uh->uh_sport,
|
1999-12-07 17:39:16 +00:00
|
|
|
ip->ip_dst, uh->uh_dport, 1, m->m_pkthdr.rcvif);
|
1995-04-09 01:29:31 +00:00
|
|
|
if (inp == NULL) {
|
1996-04-27 18:19:12 +00:00
|
|
|
if (log_in_vain) {
|
1996-05-02 05:54:14 +00:00
|
|
|
char buf[4*sizeof "123"];
|
1996-04-27 18:19:12 +00:00
|
|
|
|
|
|
|
strcpy(buf, inet_ntoa(ip->ip_dst));
|
1997-12-19 23:46:21 +00:00
|
|
|
log(LOG_INFO,
|
|
|
|
"Connection attempt to UDP %s:%d from %s:%d\n",
|
|
|
|
buf, ntohs(uh->uh_dport), inet_ntoa(ip->ip_src),
|
|
|
|
ntohs(uh->uh_sport));
|
1996-04-27 18:19:12 +00:00
|
|
|
}
|
1994-05-24 10:09:53 +00:00
|
|
|
udpstat.udps_noport++;
|
|
|
|
if (m->m_flags & (M_BCAST | M_MCAST)) {
|
|
|
|
udpstat.udps_noportbcast++;
|
|
|
|
goto bad;
|
|
|
|
}
|
2001-02-11 07:39:51 +00:00
|
|
|
if (badport_bandlim(BANDLIM_ICMP_UNREACH) < 0)
|
1998-12-03 20:23:21 +00:00
|
|
|
goto bad;
|
2000-05-24 12:57:52 +00:00
|
|
|
if (blackhole)
|
1999-11-17 20:57:49 +00:00
|
|
|
goto bad;
|
Fixed broken ICMP error generation, unified conversion of IP header
fields between host and network byte order. The details:
o icmp_error() now does not add IP header length. This fixes the problem
when icmp_error() is called from ip_forward(). In this case the ip_len
of the original IP datagram returned with ICMP error was wrong.
o icmp_error() expects all three fields, ip_len, ip_id and ip_off in host
byte order, so DTRT and convert these fields back to network byte order
before sending a message. This fixes the problem described in PR 16240
and PR 20877 (ip_id field was returned in host byte order).
o ip_ttl decrement operation in ip_forward() was moved down to make sure
that it does not corrupt the copy of original IP datagram passed later
to icmp_error().
o A copy of original IP datagram in ip_forward() was made a read-write,
independent copy. This fixes the problem I first reported to Garrett
Wollman and Bill Fenner and later put in audit trail of PR 16240:
ip_output() (not always) converts fields of original datagram to network
byte order, but because copy (mcopy) and its original (m) most likely
share the same mbuf cluster, ip_output()'s manipulations on original
also corrupted the copy.
o ip_output() now expects all three fields, ip_len, ip_off and (what is
significant) ip_id in host byte order. It was a headache for years that
ip_id was handled differently. The only compatibility issue here is the
raw IP socket interface with IP_HDRINCL socket option set and a non-zero
ip_id field, but ip.4 manual page was unclear on whether in this case
ip_id field should be in host or network byte order.
2000-09-01 12:33:03 +00:00
|
|
|
*ip = save_ip;
|
|
|
|
ip->ip_len += iphlen;
|
2000-05-24 12:57:52 +00:00
|
|
|
icmp_error(m, ICMP_UNREACH, ICMP_UNREACH_PORT, 0, 0);
|
1994-05-24 10:09:53 +00:00
|
|
|
return;
|
|
|
|
}
|
1999-12-07 17:39:16 +00:00
|
|
|
#ifdef IPSEC
|
|
|
|
if (ipsec4_in_reject_so(m, inp->inp_socket)) {
|
|
|
|
ipsecstat.in_polvio++;
|
|
|
|
goto bad;
|
|
|
|
}
|
|
|
|
#endif /*IPSEC*/
|
1994-05-24 10:09:53 +00:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Construct sockaddr format source address.
|
|
|
|
* Stuff source address and datagram in user buffer.
|
|
|
|
*/
|
|
|
|
udp_in.sin_port = uh->uh_sport;
|
|
|
|
udp_in.sin_addr = ip->ip_src;
|
1996-05-09 20:15:26 +00:00
|
|
|
if (inp->inp_flags & INP_CONTROLOPTS
|
1999-12-07 17:39:16 +00:00
|
|
|
|| inp->inp_socket->so_options & SO_TIMESTAMP) {
|
|
|
|
#ifdef INET6
|
|
|
|
if (inp->inp_vflag & INP_IPV6) {
|
|
|
|
int savedflags;
|
|
|
|
|
|
|
|
ip_2_ip6_hdr(&udp_ip6.uip6_ip6, ip);
|
|
|
|
savedflags = inp->inp_flags;
|
|
|
|
inp->inp_flags &= ~INP_UNMAPPABLEOPTS;
|
|
|
|
ip6_savecontrol(inp, &opts, &udp_ip6.uip6_ip6, m);
|
|
|
|
inp->inp_flags = savedflags;
|
|
|
|
} else
|
|
|
|
#endif
|
1996-11-11 04:56:32 +00:00
|
|
|
ip_savecontrol(inp, &opts, ip, m);
|
1999-12-07 17:39:16 +00:00
|
|
|
}
|
1994-05-24 10:09:53 +00:00
|
|
|
iphlen += sizeof(struct udphdr);
|
1999-12-07 17:39:16 +00:00
|
|
|
m_adj(m, iphlen);
|
|
|
|
#ifdef INET6
|
|
|
|
if (inp->inp_vflag & INP_IPV6) {
|
|
|
|
in6_sin_2_v4mapsin6(&udp_in, &udp_in6.uin6_sin);
|
|
|
|
append_sa = (struct sockaddr *)&udp_in6;
|
|
|
|
} else
|
|
|
|
#endif
|
|
|
|
append_sa = (struct sockaddr *)&udp_in;
|
|
|
|
if (sbappendaddr(&inp->inp_socket->so_rcv, append_sa, m, opts) == 0) {
|
1994-05-24 10:09:53 +00:00
|
|
|
udpstat.udps_fullsock++;
|
|
|
|
goto bad;
|
|
|
|
}
|
|
|
|
sorwakeup(inp->inp_socket);
|
|
|
|
return;
|
|
|
|
bad:
|
|
|
|
m_freem(m);
|
|
|
|
if (opts)
|
|
|
|
m_freem(opts);
|
1999-12-07 17:39:16 +00:00
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
2000-07-04 16:35:15 +00:00
|
|
|
#ifdef INET6
|
1999-12-07 17:39:16 +00:00
|
|
|
static void
|
|
|
|
ip_2_ip6_hdr(ip6, ip)
|
|
|
|
struct ip6_hdr *ip6;
|
|
|
|
struct ip *ip;
|
|
|
|
{
|
|
|
|
bzero(ip6, sizeof(*ip6));
|
|
|
|
|
|
|
|
ip6->ip6_vfc = IPV6_VERSION;
|
|
|
|
ip6->ip6_plen = ip->ip_len;
|
|
|
|
ip6->ip6_nxt = ip->ip_p;
|
|
|
|
ip6->ip6_hlim = ip->ip_ttl;
|
|
|
|
ip6->ip6_src.s6_addr32[2] = ip6->ip6_dst.s6_addr32[2] =
|
|
|
|
IPV6_ADDR_INT32_SMP;
|
|
|
|
ip6->ip6_src.s6_addr32[3] = ip->ip_src.s_addr;
|
|
|
|
ip6->ip6_dst.s6_addr32[3] = ip->ip_dst.s_addr;
|
|
|
|
}
|
|
|
|
#endif
|
|
|
|
|
|
|
|
/*
|
|
|
|
* subroutine of udp_input(), mainly for source code readability.
|
|
|
|
* caller must properly init udp_ip6 and udp_in6 beforehand.
|
|
|
|
*/
|
|
|
|
static void
|
|
|
|
udp_append(last, ip, n, off)
|
|
|
|
struct inpcb *last;
|
|
|
|
struct ip *ip;
|
|
|
|
struct mbuf *n;
|
|
|
|
int off;
|
|
|
|
{
|
|
|
|
struct sockaddr *append_sa;
|
|
|
|
struct mbuf *opts = 0;
|
|
|
|
|
|
|
|
if (last->inp_flags & INP_CONTROLOPTS ||
|
|
|
|
last->inp_socket->so_options & SO_TIMESTAMP) {
|
|
|
|
#ifdef INET6
|
|
|
|
if (last->inp_vflag & INP_IPV6) {
|
|
|
|
int savedflags;
|
|
|
|
|
|
|
|
if (udp_ip6.uip6_init_done == 0) {
|
|
|
|
ip_2_ip6_hdr(&udp_ip6.uip6_ip6, ip);
|
|
|
|
udp_ip6.uip6_init_done = 1;
|
|
|
|
}
|
|
|
|
savedflags = last->inp_flags;
|
|
|
|
last->inp_flags &= ~INP_UNMAPPABLEOPTS;
|
|
|
|
ip6_savecontrol(last, &opts, &udp_ip6.uip6_ip6, n);
|
|
|
|
last->inp_flags = savedflags;
|
|
|
|
} else
|
|
|
|
#endif
|
|
|
|
ip_savecontrol(last, &opts, ip, n);
|
|
|
|
}
|
|
|
|
#ifdef INET6
|
|
|
|
if (last->inp_vflag & INP_IPV6) {
|
|
|
|
if (udp_in6.uin6_init_done == 0) {
|
|
|
|
in6_sin_2_v4mapsin6(&udp_in, &udp_in6.uin6_sin);
|
|
|
|
udp_in6.uin6_init_done = 1;
|
|
|
|
}
|
|
|
|
append_sa = (struct sockaddr *)&udp_in6.uin6_sin;
|
|
|
|
} else
|
|
|
|
#endif
|
|
|
|
append_sa = (struct sockaddr *)&udp_in;
|
|
|
|
m_adj(n, off);
|
|
|
|
if (sbappendaddr(&last->inp_socket->so_rcv, append_sa, n, opts) == 0) {
|
|
|
|
m_freem(n);
|
|
|
|
if (opts)
|
|
|
|
m_freem(opts);
|
|
|
|
udpstat.udps_fullsock++;
|
|
|
|
} else
|
|
|
|
sorwakeup(last->inp_socket);
|
1994-05-24 10:09:53 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Notify a udp user of an asynchronous error;
|
|
|
|
* just wake up so that he can collect error status.
|
|
|
|
*/
|
1999-11-05 14:41:39 +00:00
|
|
|
void
|
1994-05-24 10:09:53 +00:00
|
|
|
udp_notify(inp, errno)
|
|
|
|
register struct inpcb *inp;
|
|
|
|
int errno;
|
|
|
|
{
|
|
|
|
inp->inp_socket->so_error = errno;
|
|
|
|
sorwakeup(inp->inp_socket);
|
|
|
|
sowwakeup(inp->inp_socket);
|
|
|
|
}
|
|
|
|
|
|
|
|
void
|
1995-12-16 02:14:44 +00:00
|
|
|
udp_ctlinput(cmd, sa, vip)
|
1994-05-24 10:09:53 +00:00
|
|
|
int cmd;
|
|
|
|
struct sockaddr *sa;
|
1995-12-16 02:14:44 +00:00
|
|
|
void *vip;
|
1994-05-24 10:09:53 +00:00
|
|
|
{
|
2001-02-26 21:19:47 +00:00
|
|
|
struct ip *ip = vip;
|
|
|
|
struct udphdr *uh;
|
2001-02-22 21:23:45 +00:00
|
|
|
void (*notify) __P((struct inpcb *, int)) = udp_notify;
|
2001-02-26 21:19:47 +00:00
|
|
|
struct in_addr faddr;
|
|
|
|
struct inpcb *inp;
|
|
|
|
int s;
|
|
|
|
|
|
|
|
faddr = ((struct sockaddr_in *)sa)->sin_addr;
|
|
|
|
if (sa->sa_family != AF_INET || faddr.s_addr == INADDR_ANY)
|
|
|
|
return;
|
1994-05-24 10:09:53 +00:00
|
|
|
|
2001-02-22 21:23:45 +00:00
|
|
|
if (PRC_IS_REDIRECT(cmd)) {
|
|
|
|
ip = 0;
|
|
|
|
notify = in_rtchange;
|
|
|
|
} else if (cmd == PRC_HOSTDEAD)
|
|
|
|
ip = 0;
|
|
|
|
else if ((unsigned)cmd >= PRC_NCMDS || inetctlerrmap[cmd] == 0)
|
1994-05-24 10:09:53 +00:00
|
|
|
return;
|
|
|
|
if (ip) {
|
2001-02-26 21:19:47 +00:00
|
|
|
s = splnet();
|
1994-05-24 10:09:53 +00:00
|
|
|
uh = (struct udphdr *)((caddr_t)ip + (ip->ip_hl << 2));
|
2001-02-26 21:19:47 +00:00
|
|
|
inp = in_pcblookup_hash(&udbinfo, faddr, uh->uh_dport,
|
|
|
|
ip->ip_src, uh->uh_sport, 0, NULL);
|
|
|
|
if (inp != NULL && inp->inp_socket != NULL)
|
|
|
|
(*notify)(inp, inetctlerrmap[cmd]);
|
|
|
|
splx(s);
|
1994-05-24 10:09:53 +00:00
|
|
|
} else
|
2001-02-26 21:19:47 +00:00
|
|
|
in_pcbnotifyall(&udb, faddr, inetctlerrmap[cmd], notify);
|
1994-05-24 10:09:53 +00:00
|
|
|
}
|
|
|
|
|
1998-05-15 20:11:40 +00:00
|
|
|
static int
|
2000-07-04 11:25:35 +00:00
|
|
|
udp_pcblist(SYSCTL_HANDLER_ARGS)
|
1998-05-15 20:11:40 +00:00
|
|
|
{
|
|
|
|
int error, i, n, s;
|
|
|
|
struct inpcb *inp, **inp_list;
|
|
|
|
inp_gen_t gencnt;
|
|
|
|
struct xinpgen xig;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* The process of preparing the TCB list is too time-consuming and
|
|
|
|
* resource-intensive to repeat twice on every request.
|
|
|
|
*/
|
|
|
|
if (req->oldptr == 0) {
|
|
|
|
n = udbinfo.ipi_count;
|
|
|
|
req->oldidx = 2 * (sizeof xig)
|
|
|
|
+ (n + n/8) * sizeof(struct xinpcb);
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (req->newptr != 0)
|
|
|
|
return EPERM;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* OK, now we're committed to doing something.
|
|
|
|
*/
|
|
|
|
s = splnet();
|
|
|
|
gencnt = udbinfo.ipi_gencnt;
|
|
|
|
n = udbinfo.ipi_count;
|
|
|
|
splx(s);
|
|
|
|
|
|
|
|
xig.xig_len = sizeof xig;
|
|
|
|
xig.xig_count = n;
|
|
|
|
xig.xig_gen = gencnt;
|
|
|
|
xig.xig_sogen = so_gencnt;
|
|
|
|
error = SYSCTL_OUT(req, &xig, sizeof xig);
|
|
|
|
if (error)
|
|
|
|
return error;
|
|
|
|
|
|
|
|
inp_list = malloc(n * sizeof *inp_list, M_TEMP, M_WAITOK);
|
|
|
|
if (inp_list == 0)
|
|
|
|
return ENOMEM;
|
|
|
|
|
|
|
|
s = splnet();
|
2001-02-04 13:13:25 +00:00
|
|
|
for (inp = LIST_FIRST(udbinfo.listhead), i = 0; inp && i < n;
|
|
|
|
inp = LIST_NEXT(inp, inp_list)) {
|
This Implements the mumbled about "Jail" feature.
This is a seriously beefed up chroot kind of thing. The process
is jailed along the same lines as a chroot does it, but with
additional tough restrictions imposed on what the superuser can do.
For all I know, it is safe to hand over the root bit inside a
prison to the customer living in that prison, this is what
it was developed for in fact: "real virtual servers".
Each prison has an ip number associated with it, which all IP
communications will be coerced to use and each prison has its own
hostname.
Needless to say, you need more RAM this way, but the advantage is
that each customer can run their own particular version of apache
and not stomp on the toes of their neighbors.
It generally does what one would expect, but setting up a jail
still takes a little knowledge.
A few notes:
I have no scripts for setting up a jail, don't ask me for them.
The IP number should be an alias on one of the interfaces.
mount a /proc in each jail, it will make ps more useable.
/proc/<pid>/status tells the hostname of the prison for
jailed processes.
Quotas are only sensible if you have a mountpoint per prison.
There are no privisions for stopping resource-hogging.
Some "#ifdef INET" and similar may be missing (send patches!)
If somebody wants to take it from here and develop it into
more of a "virtual machine" they should be most welcome!
Tools, comments, patches & documentation most welcome.
Have fun...
Sponsored by: http://www.rndassociates.com/
Run for almost a year by: http://www.servetheweb.com/
1999-04-28 11:38:52 +00:00
|
|
|
if (inp->inp_gencnt <= gencnt && !prison_xinpcb(req->p, inp))
|
1998-05-15 20:11:40 +00:00
|
|
|
inp_list[i++] = inp;
|
|
|
|
}
|
|
|
|
splx(s);
|
|
|
|
n = i;
|
|
|
|
|
|
|
|
error = 0;
|
|
|
|
for (i = 0; i < n; i++) {
|
|
|
|
inp = inp_list[i];
|
|
|
|
if (inp->inp_gencnt <= gencnt) {
|
|
|
|
struct xinpcb xi;
|
|
|
|
xi.xi_len = sizeof xi;
|
|
|
|
/* XXX should avoid extra copy */
|
|
|
|
bcopy(inp, &xi.xi_inp, sizeof *inp);
|
|
|
|
if (inp->inp_socket)
|
|
|
|
sotoxsocket(inp->inp_socket, &xi.xi_socket);
|
|
|
|
error = SYSCTL_OUT(req, &xi, sizeof xi);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if (!error) {
|
|
|
|
/*
|
|
|
|
* Give the user an updated idea of our state.
|
|
|
|
* If the generation differs from what we told
|
|
|
|
* her before, she knows that something happened
|
|
|
|
* while we were processing this request, and it
|
|
|
|
* might be necessary to retry.
|
|
|
|
*/
|
|
|
|
s = splnet();
|
|
|
|
xig.xig_gen = udbinfo.ipi_gencnt;
|
|
|
|
xig.xig_sogen = so_gencnt;
|
|
|
|
xig.xig_count = udbinfo.ipi_count;
|
|
|
|
splx(s);
|
|
|
|
error = SYSCTL_OUT(req, &xig, sizeof xig);
|
|
|
|
}
|
|
|
|
free(inp_list, M_TEMP);
|
|
|
|
return error;
|
|
|
|
}
|
|
|
|
|
|
|
|
SYSCTL_PROC(_net_inet_udp, UDPCTL_PCBLIST, pcblist, CTLFLAG_RD, 0, 0,
|
|
|
|
udp_pcblist, "S,xinpcb", "List of active UDP sockets");
|
|
|
|
|
1999-07-11 18:32:46 +00:00
|
|
|
static int
|
2000-07-04 11:25:35 +00:00
|
|
|
udp_getcred(SYSCTL_HANDLER_ARGS)
|
1999-07-11 18:32:46 +00:00
|
|
|
{
|
2001-02-18 13:30:20 +00:00
|
|
|
struct xucred xuc;
|
1999-07-11 18:32:46 +00:00
|
|
|
struct sockaddr_in addrs[2];
|
|
|
|
struct inpcb *inp;
|
|
|
|
int error, s;
|
|
|
|
|
|
|
|
error = suser(req->p);
|
|
|
|
if (error)
|
|
|
|
return (error);
|
|
|
|
error = SYSCTL_IN(req, addrs, sizeof(addrs));
|
|
|
|
if (error)
|
|
|
|
return (error);
|
|
|
|
s = splnet();
|
|
|
|
inp = in_pcblookup_hash(&udbinfo, addrs[1].sin_addr, addrs[1].sin_port,
|
1999-12-07 17:39:16 +00:00
|
|
|
addrs[0].sin_addr, addrs[0].sin_port, 1, NULL);
|
1999-09-19 02:17:02 +00:00
|
|
|
if (inp == NULL || inp->inp_socket == NULL) {
|
1999-07-11 18:32:46 +00:00
|
|
|
error = ENOENT;
|
|
|
|
goto out;
|
|
|
|
}
|
2001-02-18 13:30:20 +00:00
|
|
|
bzero(&xuc, sizeof(xuc));
|
|
|
|
xuc.cr_uid = inp->inp_socket->so_cred->cr_uid;
|
|
|
|
xuc.cr_ngroups = inp->inp_socket->so_cred->cr_ngroups;
|
|
|
|
bcopy(inp->inp_socket->so_cred->cr_groups, xuc.cr_groups,
|
|
|
|
sizeof(xuc.cr_groups));
|
|
|
|
error = SYSCTL_OUT(req, &xuc, sizeof(struct xucred));
|
1999-07-11 18:32:46 +00:00
|
|
|
out:
|
|
|
|
splx(s);
|
|
|
|
return (error);
|
|
|
|
}
|
|
|
|
|
|
|
|
SYSCTL_PROC(_net_inet_udp, OID_AUTO, getcred, CTLTYPE_OPAQUE|CTLFLAG_RW,
|
2001-02-18 13:30:20 +00:00
|
|
|
0, 0, udp_getcred, "S,xucred", "Get the xucred of a UDP connection");
|
1999-07-11 18:32:46 +00:00
|
|
|
|
1995-11-14 20:34:56 +00:00
|
|
|
static int
|
1997-04-27 20:01:29 +00:00
|
|
|
udp_output(inp, m, addr, control, p)
|
1994-05-24 10:09:53 +00:00
|
|
|
register struct inpcb *inp;
|
1999-12-19 01:55:37 +00:00
|
|
|
struct mbuf *m;
|
1997-08-16 19:16:27 +00:00
|
|
|
struct sockaddr *addr;
|
|
|
|
struct mbuf *control;
|
1997-04-27 20:01:29 +00:00
|
|
|
struct proc *p;
|
1994-05-24 10:09:53 +00:00
|
|
|
{
|
|
|
|
register struct udpiphdr *ui;
|
|
|
|
register int len = m->m_pkthdr.len;
|
|
|
|
struct in_addr laddr;
|
This Implements the mumbled about "Jail" feature.
This is a seriously beefed up chroot kind of thing. The process
is jailed along the same lines as a chroot does it, but with
additional tough restrictions imposed on what the superuser can do.
For all I know, it is safe to hand over the root bit inside a
prison to the customer living in that prison, this is what
it was developed for in fact: "real virtual servers".
Each prison has an ip number associated with it, which all IP
communications will be coerced to use and each prison has its own
hostname.
Needless to say, you need more RAM this way, but the advantage is
that each customer can run their own particular version of apache
and not stomp on the toes of their neighbors.
It generally does what one would expect, but setting up a jail
still takes a little knowledge.
A few notes:
I have no scripts for setting up a jail, don't ask me for them.
The IP number should be an alias on one of the interfaces.
mount a /proc in each jail, it will make ps more useable.
/proc/<pid>/status tells the hostname of the prison for
jailed processes.
Quotas are only sensible if you have a mountpoint per prison.
There are no privisions for stopping resource-hogging.
Some "#ifdef INET" and similar may be missing (send patches!)
If somebody wants to take it from here and develop it into
more of a "virtual machine" they should be most welcome!
Tools, comments, patches & documentation most welcome.
Have fun...
Sponsored by: http://www.rndassociates.com/
Run for almost a year by: http://www.servetheweb.com/
1999-04-28 11:38:52 +00:00
|
|
|
struct sockaddr_in *sin;
|
1994-05-25 09:21:21 +00:00
|
|
|
int s = 0, error = 0;
|
1994-05-24 10:09:53 +00:00
|
|
|
|
|
|
|
if (control)
|
|
|
|
m_freem(control); /* XXX */
|
|
|
|
|
1996-10-25 17:57:53 +00:00
|
|
|
if (len + sizeof(struct udpiphdr) > IP_MAXPACKET) {
|
|
|
|
error = EMSGSIZE;
|
|
|
|
goto release;
|
|
|
|
}
|
|
|
|
|
1994-05-24 10:09:53 +00:00
|
|
|
if (addr) {
|
This Implements the mumbled about "Jail" feature.
This is a seriously beefed up chroot kind of thing. The process
is jailed along the same lines as a chroot does it, but with
additional tough restrictions imposed on what the superuser can do.
For all I know, it is safe to hand over the root bit inside a
prison to the customer living in that prison, this is what
it was developed for in fact: "real virtual servers".
Each prison has an ip number associated with it, which all IP
communications will be coerced to use and each prison has its own
hostname.
Needless to say, you need more RAM this way, but the advantage is
that each customer can run their own particular version of apache
and not stomp on the toes of their neighbors.
It generally does what one would expect, but setting up a jail
still takes a little knowledge.
A few notes:
I have no scripts for setting up a jail, don't ask me for them.
The IP number should be an alias on one of the interfaces.
mount a /proc in each jail, it will make ps more useable.
/proc/<pid>/status tells the hostname of the prison for
jailed processes.
Quotas are only sensible if you have a mountpoint per prison.
There are no privisions for stopping resource-hogging.
Some "#ifdef INET" and similar may be missing (send patches!)
If somebody wants to take it from here and develop it into
more of a "virtual machine" they should be most welcome!
Tools, comments, patches & documentation most welcome.
Have fun...
Sponsored by: http://www.rndassociates.com/
Run for almost a year by: http://www.servetheweb.com/
1999-04-28 11:38:52 +00:00
|
|
|
sin = (struct sockaddr_in *)addr;
|
2001-02-21 06:39:57 +00:00
|
|
|
if (p && jailed(p->p_ucred))
|
|
|
|
prison_remote_ip(p->p_ucred, 0, &sin->sin_addr.s_addr);
|
1994-05-24 10:09:53 +00:00
|
|
|
laddr = inp->inp_laddr;
|
|
|
|
if (inp->inp_faddr.s_addr != INADDR_ANY) {
|
|
|
|
error = EISCONN;
|
|
|
|
goto release;
|
|
|
|
}
|
|
|
|
/*
|
|
|
|
* Must block input while temporarily connected.
|
|
|
|
*/
|
|
|
|
s = splnet();
|
1997-04-27 20:01:29 +00:00
|
|
|
error = in_pcbconnect(inp, addr, p);
|
1994-05-24 10:09:53 +00:00
|
|
|
if (error) {
|
|
|
|
splx(s);
|
|
|
|
goto release;
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
if (inp->inp_faddr.s_addr == INADDR_ANY) {
|
|
|
|
error = ENOTCONN;
|
|
|
|
goto release;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
/*
|
|
|
|
* Calculate data length and get a mbuf
|
|
|
|
* for UDP and IP headers.
|
|
|
|
*/
|
|
|
|
M_PREPEND(m, sizeof(struct udpiphdr), M_DONTWAIT);
|
|
|
|
if (m == 0) {
|
|
|
|
error = ENOBUFS;
|
1995-02-16 01:47:36 +00:00
|
|
|
if (addr)
|
|
|
|
splx(s);
|
1994-05-24 10:09:53 +00:00
|
|
|
goto release;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Fill in mbuf with extended UDP header
|
|
|
|
* and addresses and length put into network format.
|
|
|
|
*/
|
|
|
|
ui = mtod(m, struct udpiphdr *);
|
2000-03-27 19:14:27 +00:00
|
|
|
bzero(ui->ui_x1, sizeof(ui->ui_x1)); /* XXX still needed? */
|
1994-05-24 10:09:53 +00:00
|
|
|
ui->ui_pr = IPPROTO_UDP;
|
|
|
|
ui->ui_src = inp->inp_laddr;
|
|
|
|
ui->ui_dst = inp->inp_faddr;
|
|
|
|
ui->ui_sport = inp->inp_lport;
|
|
|
|
ui->ui_dport = inp->inp_fport;
|
2000-03-27 19:14:27 +00:00
|
|
|
ui->ui_ulen = htons((u_short)len + sizeof(struct udphdr));
|
1994-05-24 10:09:53 +00:00
|
|
|
|
|
|
|
/*
|
2000-03-27 19:14:27 +00:00
|
|
|
* Set up checksum and output datagram.
|
1994-05-24 10:09:53 +00:00
|
|
|
*/
|
|
|
|
if (udpcksum) {
|
2000-03-27 19:14:27 +00:00
|
|
|
ui->ui_sum = in_pseudo(ui->ui_src.s_addr, ui->ui_dst.s_addr,
|
|
|
|
htons((u_short)len + sizeof(struct udphdr) + IPPROTO_UDP));
|
|
|
|
m->m_pkthdr.csum_flags = CSUM_UDP;
|
|
|
|
m->m_pkthdr.csum_data = offsetof(struct udphdr, uh_sum);
|
|
|
|
} else {
|
|
|
|
ui->ui_sum = 0;
|
1994-05-24 10:09:53 +00:00
|
|
|
}
|
|
|
|
((struct ip *)ui)->ip_len = sizeof (struct udpiphdr) + len;
|
1997-04-03 05:14:45 +00:00
|
|
|
((struct ip *)ui)->ip_ttl = inp->inp_ip_ttl; /* XXX */
|
|
|
|
((struct ip *)ui)->ip_tos = inp->inp_ip_tos; /* XXX */
|
1994-05-24 10:09:53 +00:00
|
|
|
udpstat.udps_opackets++;
|
1999-12-07 17:39:16 +00:00
|
|
|
|
|
|
|
#ifdef IPSEC
|
2000-07-04 16:35:15 +00:00
|
|
|
ipsec_setsocket(m, inp->inp_socket);
|
1999-12-07 17:39:16 +00:00
|
|
|
#endif /*IPSEC*/
|
1994-05-24 10:09:53 +00:00
|
|
|
error = ip_output(m, inp->inp_options, &inp->inp_route,
|
2000-07-04 16:35:15 +00:00
|
|
|
(inp->inp_socket->so_options & (SO_DONTROUTE | SO_BROADCAST)),
|
1994-05-24 10:09:53 +00:00
|
|
|
inp->inp_moptions);
|
|
|
|
|
|
|
|
if (addr) {
|
|
|
|
in_pcbdisconnect(inp);
|
1997-08-16 19:16:27 +00:00
|
|
|
inp->inp_laddr = laddr; /* XXX rehash? */
|
1994-05-24 10:09:53 +00:00
|
|
|
splx(s);
|
|
|
|
}
|
|
|
|
return (error);
|
|
|
|
|
|
|
|
release:
|
|
|
|
m_freem(m);
|
|
|
|
return (error);
|
|
|
|
}
|
|
|
|
|
1999-11-05 14:41:39 +00:00
|
|
|
u_long udp_sendspace = 9216; /* really max datagram size */
|
1994-05-24 10:09:53 +00:00
|
|
|
/* 40 1K datagrams */
|
1995-11-14 20:34:56 +00:00
|
|
|
SYSCTL_INT(_net_inet_udp, UDPCTL_MAXDGRAM, maxdgram, CTLFLAG_RW,
|
1999-05-03 23:57:32 +00:00
|
|
|
&udp_sendspace, 0, "Maximum outgoing UDP datagram size");
|
1995-11-14 20:34:56 +00:00
|
|
|
|
1999-12-07 17:39:16 +00:00
|
|
|
u_long udp_recvspace = 40 * (1024 +
|
|
|
|
#ifdef INET6
|
|
|
|
sizeof(struct sockaddr_in6)
|
|
|
|
#else
|
|
|
|
sizeof(struct sockaddr_in)
|
|
|
|
#endif
|
|
|
|
);
|
1995-11-14 20:34:56 +00:00
|
|
|
SYSCTL_INT(_net_inet_udp, UDPCTL_RECVSPACE, recvspace, CTLFLAG_RW,
|
1999-05-03 23:57:32 +00:00
|
|
|
&udp_recvspace, 0, "Maximum incoming UDP datagram size");
|
1994-05-24 10:09:53 +00:00
|
|
|
|
1997-02-14 18:15:53 +00:00
|
|
|
static int
|
|
|
|
udp_abort(struct socket *so)
|
1994-05-24 10:09:53 +00:00
|
|
|
{
|
1997-02-14 18:15:53 +00:00
|
|
|
struct inpcb *inp;
|
1994-05-24 10:09:53 +00:00
|
|
|
int s;
|
|
|
|
|
1997-02-14 18:15:53 +00:00
|
|
|
inp = sotoinpcb(so);
|
|
|
|
if (inp == 0)
|
|
|
|
return EINVAL; /* ??? possible? panic instead? */
|
|
|
|
soisdisconnected(so);
|
|
|
|
s = splnet();
|
|
|
|
in_pcbdetach(inp);
|
|
|
|
splx(s);
|
|
|
|
return 0;
|
|
|
|
}
|
1994-05-24 10:09:53 +00:00
|
|
|
|
1997-02-14 18:15:53 +00:00
|
|
|
static int
|
1997-04-27 20:01:29 +00:00
|
|
|
udp_attach(struct socket *so, int proto, struct proc *p)
|
1997-02-14 18:15:53 +00:00
|
|
|
{
|
|
|
|
struct inpcb *inp;
|
|
|
|
int s, error;
|
1994-05-24 10:09:53 +00:00
|
|
|
|
1997-02-14 18:15:53 +00:00
|
|
|
inp = sotoinpcb(so);
|
|
|
|
if (inp != 0)
|
|
|
|
return EINVAL;
|
1994-05-24 10:09:53 +00:00
|
|
|
|
1999-12-07 17:39:16 +00:00
|
|
|
error = soreserve(so, udp_sendspace, udp_recvspace);
|
|
|
|
if (error)
|
|
|
|
return error;
|
1997-02-14 18:15:53 +00:00
|
|
|
s = splnet();
|
1997-04-27 20:01:29 +00:00
|
|
|
error = in_pcballoc(so, &udbinfo, p);
|
1997-02-14 18:15:53 +00:00
|
|
|
splx(s);
|
|
|
|
if (error)
|
|
|
|
return error;
|
1999-12-07 17:39:16 +00:00
|
|
|
|
|
|
|
inp = (struct inpcb *)so->so_pcb;
|
|
|
|
inp->inp_vflag |= INP_IPV4;
|
|
|
|
inp->inp_ip_ttl = ip_defttl;
|
|
|
|
#ifdef IPSEC
|
|
|
|
error = ipsec_init_policy(so, &inp->inp_sp);
|
|
|
|
if (error != 0) {
|
|
|
|
in_pcbdetach(inp);
|
1997-02-14 18:15:53 +00:00
|
|
|
return error;
|
1999-12-07 17:39:16 +00:00
|
|
|
}
|
|
|
|
#endif /*IPSEC*/
|
1997-02-14 18:15:53 +00:00
|
|
|
return 0;
|
|
|
|
}
|
1994-05-24 10:09:53 +00:00
|
|
|
|
1997-02-14 18:15:53 +00:00
|
|
|
static int
|
1997-08-16 19:16:27 +00:00
|
|
|
udp_bind(struct socket *so, struct sockaddr *nam, struct proc *p)
|
1997-02-14 18:15:53 +00:00
|
|
|
{
|
|
|
|
struct inpcb *inp;
|
|
|
|
int s, error;
|
1994-05-24 10:09:53 +00:00
|
|
|
|
1997-02-14 18:15:53 +00:00
|
|
|
inp = sotoinpcb(so);
|
|
|
|
if (inp == 0)
|
|
|
|
return EINVAL;
|
|
|
|
s = splnet();
|
1997-04-27 20:01:29 +00:00
|
|
|
error = in_pcbbind(inp, nam, p);
|
1997-02-14 18:15:53 +00:00
|
|
|
splx(s);
|
|
|
|
return error;
|
|
|
|
}
|
1994-05-24 10:09:53 +00:00
|
|
|
|
1997-02-14 18:15:53 +00:00
|
|
|
static int
|
1997-08-16 19:16:27 +00:00
|
|
|
udp_connect(struct socket *so, struct sockaddr *nam, struct proc *p)
|
1997-02-14 18:15:53 +00:00
|
|
|
{
|
|
|
|
struct inpcb *inp;
|
|
|
|
int s, error;
|
This Implements the mumbled about "Jail" feature.
This is a seriously beefed up chroot kind of thing. The process
is jailed along the same lines as a chroot does it, but with
additional tough restrictions imposed on what the superuser can do.
For all I know, it is safe to hand over the root bit inside a
prison to the customer living in that prison, this is what
it was developed for in fact: "real virtual servers".
Each prison has an ip number associated with it, which all IP
communications will be coerced to use and each prison has its own
hostname.
Needless to say, you need more RAM this way, but the advantage is
that each customer can run their own particular version of apache
and not stomp on the toes of their neighbors.
It generally does what one would expect, but setting up a jail
still takes a little knowledge.
A few notes:
I have no scripts for setting up a jail, don't ask me for them.
The IP number should be an alias on one of the interfaces.
mount a /proc in each jail, it will make ps more useable.
/proc/<pid>/status tells the hostname of the prison for
jailed processes.
Quotas are only sensible if you have a mountpoint per prison.
There are no privisions for stopping resource-hogging.
Some "#ifdef INET" and similar may be missing (send patches!)
If somebody wants to take it from here and develop it into
more of a "virtual machine" they should be most welcome!
Tools, comments, patches & documentation most welcome.
Have fun...
Sponsored by: http://www.rndassociates.com/
Run for almost a year by: http://www.servetheweb.com/
1999-04-28 11:38:52 +00:00
|
|
|
struct sockaddr_in *sin;
|
1997-02-14 18:15:53 +00:00
|
|
|
|
|
|
|
inp = sotoinpcb(so);
|
|
|
|
if (inp == 0)
|
|
|
|
return EINVAL;
|
|
|
|
if (inp->inp_faddr.s_addr != INADDR_ANY)
|
|
|
|
return EISCONN;
|
|
|
|
s = splnet();
|
2000-09-17 13:34:18 +00:00
|
|
|
sin = (struct sockaddr_in *)nam;
|
2001-02-21 06:39:57 +00:00
|
|
|
if (p && jailed(p->p_ucred))
|
|
|
|
prison_remote_ip(p->p_ucred, 0, &sin->sin_addr.s_addr);
|
2000-09-17 13:34:18 +00:00
|
|
|
error = in_pcbconnect(inp, nam, p);
|
1997-02-14 18:15:53 +00:00
|
|
|
splx(s);
|
|
|
|
if (error == 0)
|
|
|
|
soisconnected(so);
|
|
|
|
return error;
|
|
|
|
}
|
1994-05-24 10:09:53 +00:00
|
|
|
|
1997-02-14 18:15:53 +00:00
|
|
|
static int
|
|
|
|
udp_detach(struct socket *so)
|
|
|
|
{
|
|
|
|
struct inpcb *inp;
|
|
|
|
int s;
|
1994-05-24 10:09:53 +00:00
|
|
|
|
1997-02-14 18:15:53 +00:00
|
|
|
inp = sotoinpcb(so);
|
|
|
|
if (inp == 0)
|
|
|
|
return EINVAL;
|
|
|
|
s = splnet();
|
|
|
|
in_pcbdetach(inp);
|
|
|
|
splx(s);
|
|
|
|
return 0;
|
|
|
|
}
|
1994-05-24 10:09:53 +00:00
|
|
|
|
1997-02-14 18:15:53 +00:00
|
|
|
static int
|
|
|
|
udp_disconnect(struct socket *so)
|
|
|
|
{
|
|
|
|
struct inpcb *inp;
|
|
|
|
int s;
|
1994-05-24 10:09:53 +00:00
|
|
|
|
1997-02-14 18:15:53 +00:00
|
|
|
inp = sotoinpcb(so);
|
|
|
|
if (inp == 0)
|
|
|
|
return EINVAL;
|
|
|
|
if (inp->inp_faddr.s_addr == INADDR_ANY)
|
|
|
|
return ENOTCONN;
|
1994-05-24 10:09:53 +00:00
|
|
|
|
1997-02-14 18:15:53 +00:00
|
|
|
s = splnet();
|
|
|
|
in_pcbdisconnect(inp);
|
|
|
|
inp->inp_laddr.s_addr = INADDR_ANY;
|
|
|
|
splx(s);
|
|
|
|
so->so_state &= ~SS_ISCONNECTED; /* XXX */
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
static int
|
1997-08-16 19:16:27 +00:00
|
|
|
udp_send(struct socket *so, int flags, struct mbuf *m, struct sockaddr *addr,
|
1997-04-27 20:01:29 +00:00
|
|
|
struct mbuf *control, struct proc *p)
|
1997-02-14 18:15:53 +00:00
|
|
|
{
|
|
|
|
struct inpcb *inp;
|
|
|
|
|
|
|
|
inp = sotoinpcb(so);
|
|
|
|
if (inp == 0) {
|
1994-05-24 10:09:53 +00:00
|
|
|
m_freem(m);
|
1997-02-14 18:15:53 +00:00
|
|
|
return EINVAL;
|
|
|
|
}
|
1997-04-27 20:01:29 +00:00
|
|
|
return udp_output(inp, m, addr, control, p);
|
1994-05-24 10:09:53 +00:00
|
|
|
}
|
|
|
|
|
1999-11-05 14:41:39 +00:00
|
|
|
int
|
1997-02-14 18:15:53 +00:00
|
|
|
udp_shutdown(struct socket *so)
|
|
|
|
{
|
1994-05-24 10:09:53 +00:00
|
|
|
struct inpcb *inp;
|
1997-02-14 18:15:53 +00:00
|
|
|
|
|
|
|
inp = sotoinpcb(so);
|
|
|
|
if (inp == 0)
|
|
|
|
return EINVAL;
|
|
|
|
socantsendmore(so);
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
struct pr_usrreqs udp_usrreqs = {
|
1997-02-18 20:46:36 +00:00
|
|
|
udp_abort, pru_accept_notsupp, udp_attach, udp_bind, udp_connect,
|
|
|
|
pru_connect2_notsupp, in_control, udp_detach, udp_disconnect,
|
|
|
|
pru_listen_notsupp, in_setpeeraddr, pru_rcvd_notsupp,
|
|
|
|
pru_rcvoob_notsupp, udp_send, pru_sense_null, udp_shutdown,
|
1997-09-14 03:10:42 +00:00
|
|
|
in_setsockaddr, sosend, soreceive, sopoll
|
1997-02-14 18:15:53 +00:00
|
|
|
};
|