2 * Copyright (c) 1982, 1986, 1988, 1991, 1993
3 * The Regents of the University of California. All rights reserved.
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 * 4. Neither the name of the University nor the names of its contributors
14 * may be used to endorse or promote products derived from this software
15 * without specific prior written permission.
17 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29 * @(#)uipc_mbuf.c 8.2 (Berkeley) 1/4/94
32 #include <sys/cdefs.h>
33 __FBSDID("$FreeBSD$");
36 #include "opt_param.h"
37 #include "opt_mbuf_stress_test.h"
39 #include <sys/param.h>
40 #include <sys/systm.h>
41 #include <sys/kernel.h>
42 #include <sys/limits.h>
45 #include <sys/malloc.h>
47 #include <sys/sysctl.h>
48 #include <sys/domain.h>
49 #include <sys/protosw.h>
56 #ifdef MBUF_STRESS_TEST
61 int m_defragrandomfailures;
65 * sysctl(8) exported objects
67 SYSCTL_DECL(_kern_ipc);
68 SYSCTL_INT(_kern_ipc, KIPC_MAX_LINKHDR, max_linkhdr, CTLFLAG_RW,
70 SYSCTL_INT(_kern_ipc, KIPC_MAX_PROTOHDR, max_protohdr, CTLFLAG_RW,
71 &max_protohdr, 0, "");
72 SYSCTL_INT(_kern_ipc, KIPC_MAX_HDR, max_hdr, CTLFLAG_RW, &max_hdr, 0, "");
73 SYSCTL_INT(_kern_ipc, KIPC_MAX_DATALEN, max_datalen, CTLFLAG_RW,
75 #ifdef MBUF_STRESS_TEST
76 SYSCTL_INT(_kern_ipc, OID_AUTO, m_defragpackets, CTLFLAG_RD,
77 &m_defragpackets, 0, "");
78 SYSCTL_INT(_kern_ipc, OID_AUTO, m_defragbytes, CTLFLAG_RD,
79 &m_defragbytes, 0, "");
80 SYSCTL_INT(_kern_ipc, OID_AUTO, m_defraguseless, CTLFLAG_RD,
81 &m_defraguseless, 0, "");
82 SYSCTL_INT(_kern_ipc, OID_AUTO, m_defragfailure, CTLFLAG_RD,
83 &m_defragfailure, 0, "");
84 SYSCTL_INT(_kern_ipc, OID_AUTO, m_defragrandomfailures, CTLFLAG_RW,
85 &m_defragrandomfailures, 0, "");
89 * Allocate a given length worth of mbufs and/or clusters (whatever fits
90 * best) and return a pointer to the top of the allocated chain. If an
91 * existing mbuf chain is provided, then we will append the new chain
92 * to the existing one but still return the top of the newly allocated
96 m_getm(struct mbuf *m, int len, int how, short type)
98 struct mbuf *mb, *top, *cur, *mtail;
102 KASSERT(len >= 0, ("m_getm(): len is < 0"));
104 /* If m != NULL, we will append to the end of that chain. */
106 for (mtail = m; mtail->m_next != NULL; mtail = mtail->m_next);
111 * Calculate how many mbufs+clusters ("packets") we need and how much
112 * leftover there is after that and allocate the first mbuf+cluster
115 num = len / MCLBYTES;
116 rem = len % MCLBYTES;
119 if ((top = cur = m_getcl(how, type, 0)) == NULL)
125 for (i = 0; i < num; i++) {
126 mb = m_getcl(how, type, 0);
130 cur = (cur->m_next = mb);
133 mb = (rem > MINCLSIZE) ?
134 m_getcl(how, type, 0) : m_get(how, type);
154 * Free an entire chain of mbufs and associated external buffers, if
158 m_freem(struct mbuf *mb)
166 * Configure a provided mbuf to refer to the provided external storage
167 * buffer and setup a reference count for said buffer. If the setting
168 * up of the reference count fails, the M_EXT bit will not be set. If
169 * successfull, the M_EXT bit is set in the mbuf's flags.
172 * mb The existing mbuf to which to attach the provided buffer.
173 * buf The address of the provided external storage buffer.
174 * size The size of the provided buffer.
175 * freef A pointer to a routine that is responsible for freeing the
176 * provided external storage buffer.
177 * args A pointer to an argument structure (of any type) to be passed
178 * to the provided freef routine (may be NULL).
179 * flags Any other flags to be passed to the provided mbuf.
180 * type The type that the external storage buffer should be
187 m_extadd(struct mbuf *mb, caddr_t buf, u_int size,
188 void (*freef)(void *, void *), void *args, int flags, int type)
190 KASSERT(type != EXT_CLUSTER, ("%s: EXT_CLUSTER not allowed", __func__));
192 if (type != EXT_EXTREF)
193 mb->m_ext.ref_cnt = (u_int *)uma_zalloc(zone_ext_refcnt, M_NOWAIT);
194 if (mb->m_ext.ref_cnt != NULL) {
195 *(mb->m_ext.ref_cnt) = 1;
196 mb->m_flags |= (M_EXT | flags);
197 mb->m_ext.ext_buf = buf;
198 mb->m_data = mb->m_ext.ext_buf;
199 mb->m_ext.ext_size = size;
200 mb->m_ext.ext_free = freef;
201 mb->m_ext.ext_args = args;
202 mb->m_ext.ext_type = type;
207 * Non-directly-exported function to clean up after mbufs with M_EXT
208 * storage attached to them if the reference count hits 1.
211 mb_free_ext(struct mbuf *m)
213 KASSERT((m->m_flags & M_EXT) == M_EXT, ("%s: M_EXT not set", __func__));
214 KASSERT(m->m_ext.ref_cnt != NULL, ("%s: ref_cnt not set", __func__));
216 /* Free attached storage if this mbuf is the only reference to it. */
217 if (*(m->m_ext.ref_cnt) == 1 ||
218 atomic_fetchadd_int(m->m_ext.ref_cnt, -1) == 0) {
219 switch (m->m_ext.ext_type) {
220 case EXT_CLUSTER: /* The packet zone is special. */
221 if (*(m->m_ext.ref_cnt) == 0)
222 *(m->m_ext.ref_cnt) = 1;
223 uma_zfree(zone_pack, m);
224 return; /* Job done. */
227 uma_zfree(zone_jumbo9, m->m_ext.ext_buf);
230 uma_zfree(zone_jumbo16, m->m_ext.ext_buf);
236 *(m->m_ext.ref_cnt) = 0;
237 uma_zfree(zone_ext_refcnt, __DEVOLATILE(u_int *,
241 KASSERT(m->m_ext.ext_free != NULL,
242 ("%s: ext_free not set", __func__));
243 (*(m->m_ext.ext_free))(m->m_ext.ext_buf,
247 KASSERT(m->m_ext.ext_type == 0,
248 ("%s: unknown ext_type", __func__));
252 * Free this mbuf back to the mbuf zone with all m_ext
253 * information purged.
255 m->m_ext.ext_buf = NULL;
256 m->m_ext.ext_free = NULL;
257 m->m_ext.ext_args = NULL;
258 m->m_ext.ref_cnt = NULL;
259 m->m_ext.ext_size = 0;
260 m->m_ext.ext_type = 0;
261 m->m_flags &= ~M_EXT;
262 uma_zfree(zone_mbuf, m);
266 * Attach the the cluster from *m to *n, set up m_ext in *n
267 * and bump the refcount of the cluster.
270 mb_dupcl(struct mbuf *n, struct mbuf *m)
272 KASSERT((m->m_flags & M_EXT) == M_EXT, ("%s: M_EXT not set", __func__));
273 KASSERT(m->m_ext.ref_cnt != NULL, ("%s: ref_cnt not set", __func__));
274 KASSERT((n->m_flags & M_EXT) == 0, ("%s: M_EXT set", __func__));
276 if (*(m->m_ext.ref_cnt) == 1)
277 *(m->m_ext.ref_cnt) += 1;
279 atomic_add_int(m->m_ext.ref_cnt, 1);
280 n->m_ext.ext_buf = m->m_ext.ext_buf;
281 n->m_ext.ext_free = m->m_ext.ext_free;
282 n->m_ext.ext_args = m->m_ext.ext_args;
283 n->m_ext.ext_size = m->m_ext.ext_size;
284 n->m_ext.ref_cnt = m->m_ext.ref_cnt;
285 n->m_ext.ext_type = m->m_ext.ext_type;
290 * Clean up mbuf (chain) from any tags and packet headers.
291 * If "all" is set then the first mbuf in the chain will be
295 m_demote(struct mbuf *m0, int all)
299 for (m = all ? m0 : m0->m_next; m != NULL; m = m->m_next) {
300 if (m->m_flags & M_PKTHDR) {
301 m_tag_delete_chain(m, NULL);
302 m->m_flags &= ~M_PKTHDR;
303 bzero(&m->m_pkthdr, sizeof(struct pkthdr));
305 if (m->m_type == MT_HEADER)
307 if (m != m0 && m->m_nextpkt != NULL)
309 m->m_flags = m->m_flags & (M_EXT|M_EOR|M_RDONLY|M_FREELIST);
314 * Sanity checks on mbuf (chain) for use in KASSERT() and general
316 * Returns 0 or panics when bad and 1 on all tests passed.
317 * Sanitize, 0 to run M_SANITY_ACTION, 1 to garble things so they
321 m_sanity(struct mbuf *m0, int sanitize)
327 #define M_SANITY_ACTION(s) return (0)
328 /* #define M_SANITY_ACTION(s) panic("mbuf %p: " s, m) */
330 for (m = m0; m != NULL; m = m->m_next) {
332 * Basic pointer checks. If any of these fails then some
333 * unrelated kernel memory before or after us is trashed.
334 * No way to recover from that.
336 a = ((m->m_flags & M_EXT) ? m->m_ext.ext_buf :
337 ((m->m_flags & M_PKTHDR) ? (caddr_t)(&m->m_pktdat) :
338 (caddr_t)(&m->m_dat)) );
339 b = (caddr_t)(a + (m->m_flags & M_EXT ? m->m_ext.ext_size :
340 ((m->m_flags & M_PKTHDR) ? MHLEN : MLEN)));
341 if ((caddr_t)m->m_data < a)
342 M_SANITY_ACTION("m_data outside mbuf data range left");
343 if ((caddr_t)m->m_data > b)
344 M_SANITY_ACTION("m_data outside mbuf data range right");
345 if ((caddr_t)m->m_data + m->m_len > b)
346 M_SANITY_ACTION("m_data + m_len exeeds mbuf space");
347 if ((m->m_flags & M_PKTHDR) && m->m_pkthdr.header) {
348 if ((caddr_t)m->m_pkthdr.header < a ||
349 (caddr_t)m->m_pkthdr.header > b)
350 M_SANITY_ACTION("m_pkthdr.header outside mbuf data range");
353 /* m->m_nextpkt may only be set on first mbuf in chain. */
354 if (m != m0 && m->m_nextpkt != NULL) {
356 m_freem(m->m_nextpkt);
357 m->m_nextpkt = (struct mbuf *)0xDEADC0DE;
359 M_SANITY_ACTION("m->m_nextpkt on in-chain mbuf");
362 /* correct type correlations. */
363 if (m->m_type == MT_HEADER && !(m->m_flags & M_PKTHDR)) {
367 M_SANITY_ACTION("MT_HEADER set but not M_PKTHDR");
370 /* packet length (not mbuf length!) calculation */
371 if (m0->m_flags & M_PKTHDR)
374 /* m_tags may only be attached to first mbuf in chain. */
375 if (m != m0 && m->m_flags & M_PKTHDR &&
376 !SLIST_EMPTY(&m->m_pkthdr.tags)) {
378 m_tag_delete_chain(m, NULL);
379 /* put in 0xDEADC0DE perhaps? */
381 M_SANITY_ACTION("m_tags on in-chain mbuf");
384 /* M_PKTHDR may only be set on first mbuf in chain */
385 if (m != m0 && m->m_flags & M_PKTHDR) {
387 bzero(&m->m_pkthdr, sizeof(m->m_pkthdr));
388 m->m_flags &= ~M_PKTHDR;
389 /* put in 0xDEADCODE and leave hdr flag in */
391 M_SANITY_ACTION("M_PKTHDR on in-chain mbuf");
395 if (pktlen && pktlen != m->m_pkthdr.len) {
399 M_SANITY_ACTION("m_pkthdr.len != mbuf chain length");
403 #undef M_SANITY_ACTION
408 * "Move" mbuf pkthdr from "from" to "to".
409 * "from" must have M_PKTHDR set, and "to" must be empty.
412 m_move_pkthdr(struct mbuf *to, struct mbuf *from)
416 /* see below for why these are not enabled */
418 /* Note: with MAC, this may not be a good assertion. */
419 KASSERT(SLIST_EMPTY(&to->m_pkthdr.tags),
420 ("m_move_pkthdr: to has tags"));
424 * XXXMAC: It could be this should also occur for non-MAC?
426 if (to->m_flags & M_PKTHDR)
427 m_tag_delete_chain(to, NULL);
429 to->m_flags = (from->m_flags & M_COPYFLAGS) | (to->m_flags & M_EXT);
430 if ((to->m_flags & M_EXT) == 0)
431 to->m_data = to->m_pktdat;
432 to->m_pkthdr = from->m_pkthdr; /* especially tags */
433 SLIST_INIT(&from->m_pkthdr.tags); /* purge tags from src */
434 from->m_flags &= ~M_PKTHDR;
438 * Duplicate "from"'s mbuf pkthdr in "to".
439 * "from" must have M_PKTHDR set, and "to" must be empty.
440 * In particular, this does a deep copy of the packet tags.
443 m_dup_pkthdr(struct mbuf *to, struct mbuf *from, int how)
448 * The mbuf allocator only initializes the pkthdr
449 * when the mbuf is allocated with MGETHDR. Many users
450 * (e.g. m_copy*, m_prepend) use MGET and then
451 * smash the pkthdr as needed causing these
452 * assertions to trip. For now just disable them.
455 /* Note: with MAC, this may not be a good assertion. */
456 KASSERT(SLIST_EMPTY(&to->m_pkthdr.tags), ("m_dup_pkthdr: to has tags"));
458 MBUF_CHECKSLEEP(how);
460 if (to->m_flags & M_PKTHDR)
461 m_tag_delete_chain(to, NULL);
463 to->m_flags = (from->m_flags & M_COPYFLAGS) | (to->m_flags & M_EXT);
464 if ((to->m_flags & M_EXT) == 0)
465 to->m_data = to->m_pktdat;
466 to->m_pkthdr = from->m_pkthdr;
467 SLIST_INIT(&to->m_pkthdr.tags);
468 return (m_tag_copy_chain(to, from, MBTOM(how)));
472 * Lesser-used path for M_PREPEND:
473 * allocate new mbuf to prepend to chain,
477 m_prepend(struct mbuf *m, int len, int how)
481 if (m->m_flags & M_PKTHDR)
482 MGETHDR(mn, how, m->m_type);
484 MGET(mn, how, m->m_type);
489 if (m->m_flags & M_PKTHDR)
490 M_MOVE_PKTHDR(mn, m);
500 * Make a copy of an mbuf chain starting "off0" bytes from the beginning,
501 * continuing for "len" bytes. If len is M_COPYALL, copy to end of mbuf.
502 * The wait parameter is a choice of M_TRYWAIT/M_DONTWAIT from caller.
503 * Note that the copy is read-only, because clusters are not copied,
504 * only their reference counts are incremented.
507 m_copym(struct mbuf *m, int off0, int len, int wait)
509 struct mbuf *n, **np;
514 KASSERT(off >= 0, ("m_copym, negative off %d", off));
515 KASSERT(len >= 0, ("m_copym, negative len %d", len));
516 MBUF_CHECKSLEEP(wait);
517 if (off == 0 && m->m_flags & M_PKTHDR)
520 KASSERT(m != NULL, ("m_copym, offset > size of mbuf chain"));
530 KASSERT(len == M_COPYALL,
531 ("m_copym, length > size of mbuf chain"));
535 MGETHDR(n, wait, m->m_type);
537 MGET(n, wait, m->m_type);
542 if (!m_dup_pkthdr(n, m, wait))
544 if (len == M_COPYALL)
545 n->m_pkthdr.len -= off0;
547 n->m_pkthdr.len = len;
550 n->m_len = min(len, m->m_len - off);
551 if (m->m_flags & M_EXT) {
552 n->m_data = m->m_data + off;
555 bcopy(mtod(m, caddr_t)+off, mtod(n, caddr_t),
557 if (len != M_COPYALL)
564 mbstat.m_mcfail++; /* XXX: No consistency. */
569 mbstat.m_mcfail++; /* XXX: No consistency. */
574 * Returns mbuf chain with new head for the prepending case.
575 * Copies from mbuf (chain) n from off for len to mbuf (chain) m
576 * either prepending or appending the data.
577 * The resulting mbuf (chain) m is fully writeable.
578 * m is destination (is made writeable)
579 * n is source, off is offset in source, len is len from offset
580 * dir, 0 append, 1 prepend
581 * how, wait or nowait
585 m_bcopyxxx(void *s, void *t, u_int len)
587 bcopy(s, t, (size_t)len);
592 m_copymdata(struct mbuf *m, struct mbuf *n, int off, int len,
595 struct mbuf *mm, *x, *z, *prev = NULL;
600 KASSERT(m != NULL && n != NULL, ("m_copymdata, no target or source"));
601 KASSERT(off >= 0, ("m_copymdata, negative off %d", off));
602 KASSERT(len >= 0, ("m_copymdata, negative len %d", len));
603 KASSERT(prep == 0 || prep == 1, ("m_copymdata, unknown direction %d", prep));
612 for (z = n; z != NULL; z = z->m_next)
614 if (len == M_COPYALL)
616 if (off + len > nlen || len < 1)
619 if (!M_WRITABLE(mm)) {
620 /* XXX: Use proper m_xxx function instead. */
621 x = m_getcl(how, MT_DATA, mm->m_flags);
624 bcopy(mm->m_ext.ext_buf, x->m_ext.ext_buf, x->m_ext.ext_size);
625 p = x->m_ext.ext_buf + (mm->m_data - mm->m_ext.ext_buf);
635 * Append/prepend the data. Allocating mbufs as necessary.
637 /* Shortcut if enough free space in first/last mbuf. */
638 if (!prep && M_TRAILINGSPACE(mm) >= len) {
639 m_apply(n, off, len, m_bcopyxxx, mtod(mm, caddr_t) +
642 mm->m_pkthdr.len += len;
645 if (prep && M_LEADINGSPACE(mm) >= len) {
646 mm->m_data = mtod(mm, caddr_t) - len;
647 m_apply(n, off, len, m_bcopyxxx, mtod(mm, caddr_t));
649 mm->m_pkthdr.len += len;
653 /* Expand first/last mbuf to cluster if possible. */
654 if (!prep && !(mm->m_flags & M_EXT) && len > M_TRAILINGSPACE(mm)) {
655 bcopy(mm->m_data, &buf, mm->m_len);
657 if (!(mm->m_flags & M_EXT))
659 bcopy(&buf, mm->m_ext.ext_buf, mm->m_len);
660 mm->m_data = mm->m_ext.ext_buf;
661 mm->m_pkthdr.header = NULL;
663 if (prep && !(mm->m_flags & M_EXT) && len > M_LEADINGSPACE(mm)) {
664 bcopy(mm->m_data, &buf, mm->m_len);
666 if (!(mm->m_flags & M_EXT))
668 bcopy(&buf, (caddr_t *)mm->m_ext.ext_buf +
669 mm->m_ext.ext_size - mm->m_len, mm->m_len);
670 mm->m_data = (caddr_t)mm->m_ext.ext_buf +
671 mm->m_ext.ext_size - mm->m_len;
672 mm->m_pkthdr.header = NULL;
675 /* Append/prepend as many mbuf (clusters) as necessary to fit len. */
676 if (!prep && len > M_TRAILINGSPACE(mm)) {
677 if (!m_getm(mm, len - M_TRAILINGSPACE(mm), how, MT_DATA))
680 if (prep && len > M_LEADINGSPACE(mm)) {
681 if (!(z = m_getm(NULL, len - M_LEADINGSPACE(mm), how, MT_DATA)))
684 for (x = z; x != NULL; x = x->m_next) {
685 i += x->m_flags & M_EXT ? x->m_ext.ext_size :
686 (x->m_flags & M_PKTHDR ? MHLEN : MLEN);
690 z->m_data += i - len;
691 m_move_pkthdr(mm, z);
696 /* Seek to start position in source mbuf. Optimization for long chains. */
704 /* Copy data into target mbuf. */
707 KASSERT(z != NULL, ("m_copymdata, falling off target edge"));
708 i = M_TRAILINGSPACE(z);
709 m_apply(n, off, i, m_bcopyxxx, mtod(z, caddr_t) + z->m_len);
711 /* fixup pkthdr.len if necessary */
712 if ((prep ? mm : m)->m_flags & M_PKTHDR)
713 (prep ? mm : m)->m_pkthdr.len += i;
718 return (prep ? mm : m);
722 * Copy an entire packet, including header (which must be present).
723 * An optimization of the common case `m_copym(m, 0, M_COPYALL, how)'.
724 * Note that the copy is read-only, because clusters are not copied,
725 * only their reference counts are incremented.
726 * Preserve alignment of the first mbuf so if the creator has left
727 * some room at the beginning (e.g. for inserting protocol headers)
728 * the copies still have the room available.
731 m_copypacket(struct mbuf *m, int how)
733 struct mbuf *top, *n, *o;
735 MBUF_CHECKSLEEP(how);
736 MGET(n, how, m->m_type);
741 if (!m_dup_pkthdr(n, m, how))
744 if (m->m_flags & M_EXT) {
745 n->m_data = m->m_data;
748 n->m_data = n->m_pktdat + (m->m_data - m->m_pktdat );
749 bcopy(mtod(m, char *), mtod(n, char *), n->m_len);
754 MGET(o, how, m->m_type);
762 if (m->m_flags & M_EXT) {
763 n->m_data = m->m_data;
766 bcopy(mtod(m, char *), mtod(n, char *), n->m_len);
774 mbstat.m_mcfail++; /* XXX: No consistency. */
779 * Copy data from an mbuf chain starting "off" bytes from the beginning,
780 * continuing for "len" bytes, into the indicated buffer.
783 m_copydata(const struct mbuf *m, int off, int len, caddr_t cp)
787 KASSERT(off >= 0, ("m_copydata, negative off %d", off));
788 KASSERT(len >= 0, ("m_copydata, negative len %d", len));
790 KASSERT(m != NULL, ("m_copydata, offset > size of mbuf chain"));
797 KASSERT(m != NULL, ("m_copydata, length > size of mbuf chain"));
798 count = min(m->m_len - off, len);
799 bcopy(mtod(m, caddr_t) + off, cp, count);
808 * Copy a packet header mbuf chain into a completely new chain, including
809 * copying any mbuf clusters. Use this instead of m_copypacket() when
810 * you need a writable copy of an mbuf chain.
813 m_dup(struct mbuf *m, int how)
815 struct mbuf **p, *top = NULL;
816 int remain, moff, nsize;
818 MBUF_CHECKSLEEP(how);
824 /* While there's more data, get a new mbuf, tack it on, and fill it */
825 remain = m->m_pkthdr.len;
828 while (remain > 0 || top == NULL) { /* allow m->m_pkthdr.len == 0 */
831 /* Get the next new mbuf */
832 if (remain >= MINCLSIZE) {
833 n = m_getcl(how, m->m_type, 0);
836 n = m_get(how, m->m_type);
842 if (top == NULL) { /* First one, must be PKTHDR */
843 if (!m_dup_pkthdr(n, m, how)) {
851 /* Link it into the new chain */
855 /* Copy data from original mbuf(s) into new mbuf */
856 while (n->m_len < nsize && m != NULL) {
857 int chunk = min(nsize - n->m_len, m->m_len - moff);
859 bcopy(m->m_data + moff, n->m_data + n->m_len, chunk);
863 if (moff == m->m_len) {
869 /* Check correct total mbuf length */
870 KASSERT((remain > 0 && m != NULL) || (remain == 0 && m == NULL),
871 ("%s: bogus m_pkthdr.len", __func__));
877 mbstat.m_mcfail++; /* XXX: No consistency. */
882 * Concatenate mbuf chain n to m.
883 * Both chains must be of the same type (e.g. MT_DATA).
884 * Any m_pkthdr is not updated.
887 m_cat(struct mbuf *m, struct mbuf *n)
892 if (m->m_flags & M_EXT ||
893 m->m_data + m->m_len + n->m_len >= &m->m_dat[MLEN]) {
894 /* just join the two chains */
898 /* splat the data from one into the other */
899 bcopy(mtod(n, caddr_t), mtod(m, caddr_t) + m->m_len,
901 m->m_len += n->m_len;
907 m_adj(struct mbuf *mp, int req_len)
913 if ((m = mp) == NULL)
919 while (m != NULL && len > 0) {
920 if (m->m_len <= len) {
931 if (mp->m_flags & M_PKTHDR)
932 m->m_pkthdr.len -= (req_len - len);
935 * Trim from tail. Scan the mbuf chain,
936 * calculating its length and finding the last mbuf.
937 * If the adjustment only affects this mbuf, then just
938 * adjust and return. Otherwise, rescan and truncate
939 * after the remaining size.
945 if (m->m_next == (struct mbuf *)0)
949 if (m->m_len >= len) {
951 if (mp->m_flags & M_PKTHDR)
952 mp->m_pkthdr.len -= len;
959 * Correct length for chain is "count".
960 * Find the mbuf with last data, adjust its length,
961 * and toss data from remaining mbufs on chain.
964 if (m->m_flags & M_PKTHDR)
965 m->m_pkthdr.len = count;
966 for (; m; m = m->m_next) {
967 if (m->m_len >= count) {
969 if (m->m_next != NULL) {
981 * Rearange an mbuf chain so that len bytes are contiguous
982 * and in the data area of an mbuf (so that mtod and dtom
983 * will work for a structure of size len). Returns the resulting
984 * mbuf chain on success, frees it and returns null on failure.
985 * If there is room, it will add up to max_protohdr-len extra bytes to the
986 * contiguous region in an attempt to avoid being called next time.
989 m_pullup(struct mbuf *n, int len)
996 * If first mbuf has no cluster, and has room for len bytes
997 * without shifting current data, pullup into it,
998 * otherwise allocate a new mbuf to prepend to the chain.
1000 if ((n->m_flags & M_EXT) == 0 &&
1001 n->m_data + len < &n->m_dat[MLEN] && n->m_next) {
1002 if (n->m_len >= len)
1010 MGET(m, M_DONTWAIT, n->m_type);
1014 if (n->m_flags & M_PKTHDR)
1015 M_MOVE_PKTHDR(m, n);
1017 space = &m->m_dat[MLEN] - (m->m_data + m->m_len);
1019 count = min(min(max(len, max_protohdr), space), n->m_len);
1020 bcopy(mtod(n, caddr_t), mtod(m, caddr_t) + m->m_len,
1030 } while (len > 0 && n);
1039 mbstat.m_mpfail++; /* XXX: No consistency. */
1044 * Like m_pullup(), except a new mbuf is always allocated, and we allow
1045 * the amount of empty space before the data in the new mbuf to be specified
1046 * (in the event that the caller expects to prepend later).
1051 m_copyup(struct mbuf *n, int len, int dstoff)
1056 if (len > (MHLEN - dstoff))
1058 MGET(m, M_DONTWAIT, n->m_type);
1062 if (n->m_flags & M_PKTHDR)
1063 M_MOVE_PKTHDR(m, n);
1064 m->m_data += dstoff;
1065 space = &m->m_dat[MLEN] - (m->m_data + m->m_len);
1067 count = min(min(max(len, max_protohdr), space), n->m_len);
1068 memcpy(mtod(m, caddr_t) + m->m_len, mtod(n, caddr_t),
1078 } while (len > 0 && n);
1092 * Partition an mbuf chain in two pieces, returning the tail --
1093 * all but the first len0 bytes. In case of failure, it returns NULL and
1094 * attempts to restore the chain to its original state.
1096 * Note that the resulting mbufs might be read-only, because the new
1097 * mbuf can end up sharing an mbuf cluster with the original mbuf if
1098 * the "breaking point" happens to lie within a cluster mbuf. Use the
1099 * M_WRITABLE() macro to check for this case.
1102 m_split(struct mbuf *m0, int len0, int wait)
1105 u_int len = len0, remain;
1107 MBUF_CHECKSLEEP(wait);
1108 for (m = m0; m && len > m->m_len; m = m->m_next)
1112 remain = m->m_len - len;
1113 if (m0->m_flags & M_PKTHDR) {
1114 MGETHDR(n, wait, m0->m_type);
1117 n->m_pkthdr.rcvif = m0->m_pkthdr.rcvif;
1118 n->m_pkthdr.len = m0->m_pkthdr.len - len0;
1119 m0->m_pkthdr.len = len0;
1120 if (m->m_flags & M_EXT)
1122 if (remain > MHLEN) {
1123 /* m can't be the lead packet */
1125 n->m_next = m_split(m, len, wait);
1126 if (n->m_next == NULL) {
1134 MH_ALIGN(n, remain);
1135 } else if (remain == 0) {
1140 MGET(n, wait, m->m_type);
1146 if (m->m_flags & M_EXT) {
1147 n->m_data = m->m_data + len;
1150 bcopy(mtod(m, caddr_t) + len, mtod(n, caddr_t), remain);
1154 n->m_next = m->m_next;
1159 * Routine to copy from device local memory into mbufs.
1160 * Note that `off' argument is offset into first mbuf of target chain from
1161 * which to begin copying the data to.
1164 m_devget(char *buf, int totlen, int off, struct ifnet *ifp,
1165 void (*copy)(char *from, caddr_t to, u_int len))
1168 struct mbuf *top = NULL, **mp = ⊤
1171 if (off < 0 || off > MHLEN)
1174 while (totlen > 0) {
1175 if (top == NULL) { /* First one, must be PKTHDR */
1176 if (totlen + off >= MINCLSIZE) {
1177 m = m_getcl(M_DONTWAIT, MT_DATA, M_PKTHDR);
1180 m = m_gethdr(M_DONTWAIT, MT_DATA);
1183 /* Place initial small packet/header at end of mbuf */
1184 if (m && totlen + off + max_linkhdr <= MLEN) {
1185 m->m_data += max_linkhdr;
1191 m->m_pkthdr.rcvif = ifp;
1192 m->m_pkthdr.len = totlen;
1194 if (totlen + off >= MINCLSIZE) {
1195 m = m_getcl(M_DONTWAIT, MT_DATA, 0);
1198 m = m_get(M_DONTWAIT, MT_DATA);
1211 m->m_len = len = min(totlen, len);
1213 copy(buf, mtod(m, caddr_t), (u_int)len);
1215 bcopy(buf, mtod(m, caddr_t), (u_int)len);
1225 * Copy data from a buffer back into the indicated mbuf chain,
1226 * starting "off" bytes from the beginning, extending the mbuf
1227 * chain if necessary.
1230 m_copyback(struct mbuf *m0, int off, int len, c_caddr_t cp)
1233 struct mbuf *m = m0, *n;
1238 while (off > (mlen = m->m_len)) {
1241 if (m->m_next == NULL) {
1242 n = m_get(M_DONTWAIT, m->m_type);
1245 bzero(mtod(n, caddr_t), MLEN);
1246 n->m_len = min(MLEN, len + off);
1252 mlen = min (m->m_len - off, len);
1253 bcopy(cp, off + mtod(m, caddr_t), (u_int)mlen);
1261 if (m->m_next == NULL) {
1262 n = m_get(M_DONTWAIT, m->m_type);
1265 n->m_len = min(MLEN, len);
1270 out: if (((m = m0)->m_flags & M_PKTHDR) && (m->m_pkthdr.len < totlen))
1271 m->m_pkthdr.len = totlen;
1275 * Append the specified data to the indicated mbuf chain,
1276 * Extend the mbuf chain if the new data does not fit in
1279 * Return 1 if able to complete the job; otherwise 0.
1282 m_append(struct mbuf *m0, int len, c_caddr_t cp)
1285 int remainder, space;
1287 for (m = m0; m->m_next != NULL; m = m->m_next)
1290 space = M_TRAILINGSPACE(m);
1293 * Copy into available space.
1295 if (space > remainder)
1297 bcopy(cp, mtod(m, caddr_t) + m->m_len, space);
1299 cp += space, remainder -= space;
1301 while (remainder > 0) {
1303 * Allocate a new mbuf; could check space
1304 * and allocate a cluster instead.
1306 n = m_get(M_DONTWAIT, m->m_type);
1309 n->m_len = min(MLEN, remainder);
1310 bcopy(cp, mtod(n, caddr_t), n->m_len);
1311 cp += n->m_len, remainder -= n->m_len;
1315 if (m0->m_flags & M_PKTHDR)
1316 m0->m_pkthdr.len += len - remainder;
1317 return (remainder == 0);
1321 * Apply function f to the data in an mbuf chain starting "off" bytes from
1322 * the beginning, continuing for "len" bytes.
1325 m_apply(struct mbuf *m, int off, int len,
1326 int (*f)(void *, void *, u_int), void *arg)
1331 KASSERT(off >= 0, ("m_apply, negative off %d", off));
1332 KASSERT(len >= 0, ("m_apply, negative len %d", len));
1334 KASSERT(m != NULL, ("m_apply, offset > size of mbuf chain"));
1341 KASSERT(m != NULL, ("m_apply, offset > size of mbuf chain"));
1342 count = min(m->m_len - off, len);
1343 rval = (*f)(arg, mtod(m, caddr_t) + off, count);
1354 * Return a pointer to mbuf/offset of location in mbuf chain.
1357 m_getptr(struct mbuf *m, int loc, int *off)
1361 /* Normal end of search. */
1362 if (m->m_len > loc) {
1367 if (m->m_next == NULL) {
1369 /* Point at the end of valid data. */
1382 m_print(const struct mbuf *m, int maxlen)
1386 const struct mbuf *m2;
1388 if (m->m_flags & M_PKTHDR)
1389 len = m->m_pkthdr.len;
1393 while (m2 != NULL && (len == -1 || len)) {
1395 if (maxlen != -1 && pdata > maxlen)
1397 printf("mbuf: %p len: %d, next: %p, %b%s", m2, m2->m_len,
1398 m2->m_next, m2->m_flags, "\20\20freelist\17skipfw"
1399 "\11proto5\10proto4\7proto3\6proto2\5proto1\4rdonly"
1400 "\3eor\2pkthdr\1ext", pdata ? "" : "\n");
1402 printf(", %*D\n", m2->m_len, (u_char *)m2->m_data, "-");
1408 printf("%d bytes unaccounted for.\n", len);
1413 m_fixhdr(struct mbuf *m0)
1417 len = m_length(m0, NULL);
1418 m0->m_pkthdr.len = len;
1423 m_length(struct mbuf *m0, struct mbuf **last)
1429 for (m = m0; m != NULL; m = m->m_next) {
1431 if (m->m_next == NULL)
1440 * Defragment a mbuf chain, returning the shortest possible
1441 * chain of mbufs and clusters. If allocation fails and
1442 * this cannot be completed, NULL will be returned, but
1443 * the passed in chain will be unchanged. Upon success,
1444 * the original chain will be freed, and the new chain
1447 * If a non-packet header is passed in, the original
1448 * mbuf (chain?) will be returned unharmed.
1451 m_defrag(struct mbuf *m0, int how)
1453 struct mbuf *m_new = NULL, *m_final = NULL;
1454 int progress = 0, length;
1456 MBUF_CHECKSLEEP(how);
1457 if (!(m0->m_flags & M_PKTHDR))
1460 m_fixhdr(m0); /* Needed sanity check */
1462 #ifdef MBUF_STRESS_TEST
1463 if (m_defragrandomfailures) {
1464 int temp = arc4random() & 0xff;
1470 if (m0->m_pkthdr.len > MHLEN)
1471 m_final = m_getcl(how, MT_DATA, M_PKTHDR);
1473 m_final = m_gethdr(how, MT_DATA);
1475 if (m_final == NULL)
1478 if (m_dup_pkthdr(m_final, m0, how) == 0)
1483 while (progress < m0->m_pkthdr.len) {
1484 length = m0->m_pkthdr.len - progress;
1485 if (length > MCLBYTES)
1488 if (m_new == NULL) {
1490 m_new = m_getcl(how, MT_DATA, 0);
1492 m_new = m_get(how, MT_DATA);
1497 m_copydata(m0, progress, length, mtod(m_new, caddr_t));
1499 m_new->m_len = length;
1500 if (m_new != m_final)
1501 m_cat(m_final, m_new);
1504 #ifdef MBUF_STRESS_TEST
1505 if (m0->m_next == NULL)
1510 #ifdef MBUF_STRESS_TEST
1512 m_defragbytes += m0->m_pkthdr.len;
1516 #ifdef MBUF_STRESS_TEST
1524 #ifdef MBUF_STRESS_TEST
1527 * Fragment an mbuf chain. There's no reason you'd ever want to do
1528 * this in normal usage, but it's great for stress testing various
1531 * If fragmentation is not possible, the original chain will be
1534 * Possible length values:
1535 * 0 no fragmentation will occur
1536 * > 0 each fragment will be of the specified length
1537 * -1 each fragment will be the same random value in length
1538 * -2 each fragment's length will be entirely random
1539 * (Random values range from 1 to 256)
1542 m_fragment(struct mbuf *m0, int how, int length)
1544 struct mbuf *m_new = NULL, *m_final = NULL;
1547 if (!(m0->m_flags & M_PKTHDR))
1550 if ((length == 0) || (length < -2))
1553 m_fixhdr(m0); /* Needed sanity check */
1555 m_final = m_getcl(how, MT_DATA, M_PKTHDR);
1557 if (m_final == NULL)
1560 if (m_dup_pkthdr(m_final, m0, how) == 0)
1566 length = 1 + (arc4random() & 255);
1568 while (progress < m0->m_pkthdr.len) {
1574 fraglen = 1 + (arc4random() & 255);
1575 if (fraglen > m0->m_pkthdr.len - progress)
1576 fraglen = m0->m_pkthdr.len - progress;
1578 if (fraglen > MCLBYTES)
1581 if (m_new == NULL) {
1582 m_new = m_getcl(how, MT_DATA, 0);
1587 m_copydata(m0, progress, fraglen, mtod(m_new, caddr_t));
1588 progress += fraglen;
1589 m_new->m_len = fraglen;
1590 if (m_new != m_final)
1591 m_cat(m_final, m_new);
1600 /* Return the original chain on failure */
1607 m_uiotombuf(struct uio *uio, int how, int len, int align)
1609 struct mbuf *m_new = NULL, *m_final = NULL;
1610 int progress = 0, error = 0, length, total;
1613 total = min(uio->uio_resid, len);
1615 total = uio->uio_resid;
1618 if (total + align > MHLEN)
1619 m_final = m_getcl(how, MT_DATA, M_PKTHDR);
1621 m_final = m_gethdr(how, MT_DATA);
1622 if (m_final == NULL)
1624 m_final->m_data += align;
1626 while (progress < total) {
1627 length = total - progress;
1628 if (length > MCLBYTES)
1630 if (m_new == NULL) {
1632 m_new = m_getcl(how, MT_DATA, 0);
1634 m_new = m_get(how, MT_DATA);
1638 error = uiomove(mtod(m_new, void *), length, uio);
1642 m_new->m_len = length;
1643 if (m_new != m_final)
1644 m_cat(m_final, m_new);
1658 * Set the m_data pointer of a newly-allocated mbuf
1659 * to place an object of the specified size at the
1660 * end of the mbuf, longword aligned.
1663 m_align(struct mbuf *m, int len)
1667 if (m->m_flags & M_EXT)
1668 adjust = m->m_ext.ext_size - len;
1669 else if (m->m_flags & M_PKTHDR)
1670 adjust = MHLEN - len;
1672 adjust = MLEN - len;
1673 m->m_data += adjust &~ (sizeof(long)-1);
projects / FreeBSD / FreeBSD.git / blob