2 * Copyright (c) 2015 Dmitry Vagin <daemon.hammer@ya.ru>
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
15 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
16 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
17 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
18 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
19 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
20 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
21 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
22 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
23 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
28 #include <sys/cdefs.h>
30 #include "opt_inet6.h"
32 #include <sys/param.h>
33 #include <sys/systm.h>
34 #include <sys/kernel.h>
35 #include <sys/endian.h>
36 #include <sys/malloc.h>
38 #include <sys/socket.h>
41 #include <net/ethernet.h>
43 #include <net/if_vlan_var.h>
45 #include <netinet/in.h>
46 #include <netinet/ip.h>
47 #include <netinet/ip6.h>
48 #include <netinet/tcp.h>
49 #include <netinet/udp.h>
50 #include <machine/in_cksum.h>
52 #include <netgraph/ng_message.h>
53 #include <netgraph/ng_parse.h>
54 #include <netgraph/netgraph.h>
56 #include <netgraph/ng_checksum.h>
59 struct ng_checksum_priv {
62 uint8_t dlt; /* DLT_XXX from bpf.h */
63 struct ng_checksum_config *conf;
64 struct ng_checksum_stats stats;
67 typedef struct ng_checksum_priv *priv_p;
69 /* Netgraph methods */
70 static ng_constructor_t ng_checksum_constructor;
71 static ng_rcvmsg_t ng_checksum_rcvmsg;
72 static ng_shutdown_t ng_checksum_shutdown;
73 static ng_newhook_t ng_checksum_newhook;
74 static ng_rcvdata_t ng_checksum_rcvdata;
75 static ng_disconnect_t ng_checksum_disconnect;
76 #define ERROUT(x) { error = (x); goto done; }
78 static const struct ng_parse_struct_field ng_checksum_config_type_fields[]
79 = NG_CHECKSUM_CONFIG_TYPE;
80 static const struct ng_parse_type ng_checksum_config_type = {
81 &ng_parse_struct_type,
82 &ng_checksum_config_type_fields
85 static const struct ng_parse_struct_field ng_checksum_stats_fields[]
86 = NG_CHECKSUM_STATS_TYPE;
87 static const struct ng_parse_type ng_checksum_stats_type = {
88 &ng_parse_struct_type,
89 &ng_checksum_stats_fields
92 static const struct ng_cmdlist ng_checksum_cmdlist[] = {
104 &ng_parse_uint8_type,
109 NGM_CHECKSUM_GETCONFIG,
112 &ng_checksum_config_type
116 NGM_CHECKSUM_SETCONFIG,
118 &ng_checksum_config_type,
123 NGM_CHECKSUM_GET_STATS,
126 &ng_checksum_stats_type
130 NGM_CHECKSUM_CLR_STATS,
137 NGM_CHECKSUM_GETCLR_STATS,
140 &ng_checksum_stats_type
145 static struct ng_type typestruct = {
146 .version = NG_ABI_VERSION,
147 .name = NG_CHECKSUM_NODE_TYPE,
148 .constructor = ng_checksum_constructor,
149 .rcvmsg = ng_checksum_rcvmsg,
150 .shutdown = ng_checksum_shutdown,
151 .newhook = ng_checksum_newhook,
152 .rcvdata = ng_checksum_rcvdata,
153 .disconnect = ng_checksum_disconnect,
154 .cmdlist = ng_checksum_cmdlist,
157 NETGRAPH_INIT(checksum, &typestruct);
160 ng_checksum_constructor(node_p node)
164 priv = malloc(sizeof(*priv), M_NETGRAPH, M_WAITOK|M_ZERO);
167 NG_NODE_SET_PRIVATE(node, priv);
173 ng_checksum_newhook(node_p node, hook_p hook, const char *name)
175 const priv_p priv = NG_NODE_PRIVATE(node);
177 if (strncmp(name, NG_CHECKSUM_HOOK_IN, strlen(NG_CHECKSUM_HOOK_IN)) == 0) {
179 } else if (strncmp(name, NG_CHECKSUM_HOOK_OUT, strlen(NG_CHECKSUM_HOOK_OUT)) == 0) {
188 ng_checksum_rcvmsg(node_p node, item_p item, hook_p lasthook)
190 const priv_p priv = NG_NODE_PRIVATE(node);
191 struct ng_checksum_config *conf, *newconf;
193 struct ng_mesg *resp = NULL;
196 NGI_GET_MSG(item, msg);
198 if (msg->header.typecookie != NGM_CHECKSUM_COOKIE)
201 switch (msg->header.cmd)
203 case NGM_CHECKSUM_GETDLT:
204 NG_MKRESPONSE(resp, msg, sizeof(uint8_t), M_WAITOK);
209 *((uint8_t *) resp->data) = priv->dlt;
213 case NGM_CHECKSUM_SETDLT:
214 if (msg->header.arglen != sizeof(uint8_t))
217 switch (*(uint8_t *) msg->data)
221 priv->dlt = *(uint8_t *) msg->data;
230 case NGM_CHECKSUM_GETCONFIG:
231 if (priv->conf == NULL)
234 NG_MKRESPONSE(resp, msg, sizeof(struct ng_checksum_config), M_WAITOK);
239 bcopy(priv->conf, resp->data, sizeof(struct ng_checksum_config));
243 case NGM_CHECKSUM_SETCONFIG:
244 conf = (struct ng_checksum_config *) msg->data;
246 if (msg->header.arglen != sizeof(struct ng_checksum_config))
249 conf->csum_flags &= NG_CHECKSUM_CSUM_IPV4|NG_CHECKSUM_CSUM_IPV6;
250 conf->csum_offload &= NG_CHECKSUM_CSUM_IPV4|NG_CHECKSUM_CSUM_IPV6;
252 newconf = malloc(sizeof(struct ng_checksum_config), M_NETGRAPH, M_WAITOK|M_ZERO);
254 bcopy(conf, newconf, sizeof(struct ng_checksum_config));
257 free(priv->conf, M_NETGRAPH);
259 priv->conf = newconf;
263 case NGM_CHECKSUM_GET_STATS:
264 case NGM_CHECKSUM_CLR_STATS:
265 case NGM_CHECKSUM_GETCLR_STATS:
266 if (msg->header.cmd != NGM_CHECKSUM_CLR_STATS) {
267 NG_MKRESPONSE(resp, msg, sizeof(struct ng_checksum_stats), M_WAITOK);
272 bcopy(&(priv->stats), resp->data, sizeof(struct ng_checksum_stats));
275 if (msg->header.cmd != NGM_CHECKSUM_GET_STATS)
276 bzero(&(priv->stats), sizeof(struct ng_checksum_stats));
285 NG_RESPOND_MSG(error, node, item, resp);
291 #define PULLUP_CHECK(mbuf, length) do { \
292 pullup_len += length; \
293 if (((mbuf)->m_pkthdr.len < pullup_len) || \
294 (pullup_len > MHLEN)) { \
297 if ((mbuf)->m_len < pullup_len && \
298 (((mbuf) = m_pullup((mbuf), pullup_len)) == NULL)) { \
305 checksum_ipv4(priv_p priv, struct mbuf *m, int l3_offset)
312 pullup_len = l3_offset;
314 PULLUP_CHECK(m, sizeof(struct ip));
315 ip4 = (struct ip *) mtodo(m, l3_offset);
317 if (ip4->ip_v != IPVERSION)
320 hlen = ip4->ip_hl << 2;
321 plen = ntohs(ip4->ip_len);
323 if (hlen < sizeof(struct ip) || m->m_pkthdr.len < l3_offset + plen)
326 if (m->m_pkthdr.csum_flags & CSUM_IP) {
329 if ((priv->conf->csum_offload & CSUM_IP) == 0) {
330 if (hlen == sizeof(struct ip))
331 ip4->ip_sum = in_cksum_hdr(ip4);
333 ip4->ip_sum = in_cksum_skip(m, l3_offset + hlen, l3_offset);
335 m->m_pkthdr.csum_flags &= ~CSUM_IP;
341 pullup_len = l3_offset + hlen;
343 /* We can not calculate a checksum fragmented packets */
344 if (ip4->ip_off & htons(IP_MF|IP_OFFMASK)) {
345 m->m_pkthdr.csum_flags &= ~(CSUM_TCP|CSUM_UDP);
352 if (m->m_pkthdr.csum_flags & CSUM_TCP) {
355 PULLUP_CHECK(m, sizeof(struct tcphdr));
356 th = (struct tcphdr *) mtodo(m, l3_offset + hlen);
358 th->th_sum = in_pseudo(ip4->ip_src.s_addr,
359 ip4->ip_dst.s_addr, htons(ip4->ip_p + plen - hlen));
361 if ((priv->conf->csum_offload & CSUM_TCP) == 0) {
362 th->th_sum = in_cksum_skip(m, l3_offset + plen, l3_offset + hlen);
363 m->m_pkthdr.csum_flags &= ~CSUM_TCP;
369 m->m_pkthdr.csum_flags &= ~CSUM_UDP;
373 if (m->m_pkthdr.csum_flags & CSUM_UDP) {
376 PULLUP_CHECK(m, sizeof(struct udphdr));
377 uh = (struct udphdr *) mtodo(m, l3_offset + hlen);
379 uh->uh_sum = in_pseudo(ip4->ip_src.s_addr,
380 ip4->ip_dst.s_addr, htons(ip4->ip_p + plen - hlen));
382 if ((priv->conf->csum_offload & CSUM_UDP) == 0) {
383 uh->uh_sum = in_cksum_skip(m,
384 l3_offset + plen, l3_offset + hlen);
389 m->m_pkthdr.csum_flags &= ~CSUM_UDP;
395 m->m_pkthdr.csum_flags &= ~CSUM_TCP;
399 m->m_pkthdr.csum_flags &= ~(CSUM_TCP|CSUM_UDP);
403 m->m_pkthdr.csum_flags &= ~NG_CHECKSUM_CSUM_IPV6;
406 priv->stats.processed++;
414 checksum_ipv6(priv_p priv, struct mbuf *m, int l3_offset)
417 struct ip6_ext *ip6e = NULL;
423 pullup_len = l3_offset;
425 PULLUP_CHECK(m, sizeof(struct ip6_hdr));
426 ip6 = (struct ip6_hdr *) mtodo(m, l3_offset);
428 if ((ip6->ip6_vfc & IPV6_VERSION_MASK) != IPV6_VERSION)
431 hlen = sizeof(struct ip6_hdr);
432 plen = ntohs(ip6->ip6_plen) + hlen;
434 if (m->m_pkthdr.len < l3_offset + plen)
442 case IPPROTO_DSTOPTS:
443 case IPPROTO_HOPOPTS:
444 case IPPROTO_ROUTING:
445 PULLUP_CHECK(m, sizeof(struct ip6_ext));
446 ip6e = (struct ip6_ext *) mtodo(m, l3_offset + hlen);
447 nxt = ip6e->ip6e_nxt;
448 hlen += (ip6e->ip6e_len + 1) << 3;
449 pullup_len = l3_offset + hlen;
453 PULLUP_CHECK(m, sizeof(struct ip6_ext));
454 ip6e = (struct ip6_ext *) mtodo(m, l3_offset + hlen);
455 nxt = ip6e->ip6e_nxt;
456 hlen += (ip6e->ip6e_len + 2) << 2;
457 pullup_len = l3_offset + hlen;
460 case IPPROTO_FRAGMENT:
461 /* We can not calculate a checksum fragmented packets */
462 m->m_pkthdr.csum_flags &= ~(CSUM_TCP_IPV6|CSUM_UDP_IPV6);
478 if (m->m_pkthdr.csum_flags & CSUM_TCP_IPV6) {
481 PULLUP_CHECK(m, sizeof(struct tcphdr));
482 th = (struct tcphdr *) mtodo(m, l3_offset + hlen);
484 th->th_sum = in6_cksum_pseudo(ip6, plen - hlen, nxt, 0);
486 if ((priv->conf->csum_offload & CSUM_TCP_IPV6) == 0) {
487 th->th_sum = in_cksum_skip(m, l3_offset + plen, l3_offset + hlen);
488 m->m_pkthdr.csum_flags &= ~CSUM_TCP_IPV6;
494 m->m_pkthdr.csum_flags &= ~CSUM_UDP_IPV6;
498 if (m->m_pkthdr.csum_flags & CSUM_UDP_IPV6) {
501 PULLUP_CHECK(m, sizeof(struct udphdr));
502 uh = (struct udphdr *) mtodo(m, l3_offset + hlen);
504 uh->uh_sum = in6_cksum_pseudo(ip6, plen - hlen, nxt, 0);
506 if ((priv->conf->csum_offload & CSUM_UDP_IPV6) == 0) {
507 uh->uh_sum = in_cksum_skip(m,
508 l3_offset + plen, l3_offset + hlen);
513 m->m_pkthdr.csum_flags &= ~CSUM_UDP_IPV6;
519 m->m_pkthdr.csum_flags &= ~CSUM_TCP_IPV6;
523 m->m_pkthdr.csum_flags &= ~(CSUM_TCP_IPV6|CSUM_UDP_IPV6);
527 m->m_pkthdr.csum_flags &= ~NG_CHECKSUM_CSUM_IPV4;
530 priv->stats.processed++;
539 ng_checksum_rcvdata(hook_p hook, item_p item)
541 const priv_p priv = NG_NODE_PRIVATE(NG_HOOK_NODE(hook));
546 priv->stats.received++;
550 #define PULLUP_CHECK(mbuf, length) do { \
551 pullup_len += length; \
552 if (((mbuf)->m_pkthdr.len < pullup_len) || \
553 (pullup_len > MHLEN)) { \
557 if ((mbuf)->m_len < pullup_len && \
558 (((mbuf) = m_pullup((mbuf), pullup_len)) == NULL)) { \
564 if (!(priv->conf && hook == priv->in && m && (m->m_flags & M_PKTHDR)))
567 m->m_pkthdr.csum_flags |= priv->conf->csum_flags;
569 if (m->m_pkthdr.csum_flags & (NG_CHECKSUM_CSUM_IPV4|NG_CHECKSUM_CSUM_IPV6))
571 struct ether_header *eh;
572 struct ng_checksum_vlan_header *vh;
576 m = m_unshare(m, M_NOWAIT);
584 PULLUP_CHECK(m, sizeof(struct ether_header));
585 eh = mtod(m, struct ether_header *);
586 etype = ntohs(eh->ether_type);
588 for (;;) { /* QinQ support */
594 PULLUP_CHECK(m, sizeof(struct ng_checksum_vlan_header));
595 vh = (struct ng_checksum_vlan_header *) mtodo(m,
596 pullup_len - sizeof(struct ng_checksum_vlan_header));
597 etype = ntohs(vh->etype);
606 if (etype == ETHERTYPE_IP &&
607 (m->m_pkthdr.csum_flags & NG_CHECKSUM_CSUM_IPV4)) {
608 error = checksum_ipv4(priv, m, pullup_len);
609 if (error == ENOBUFS)
614 if (etype == ETHERTYPE_IPV6 &&
615 (m->m_pkthdr.csum_flags & NG_CHECKSUM_CSUM_IPV6)) {
616 error = checksum_ipv6(priv, m, pullup_len);
617 if (error == ENOBUFS)
622 m->m_pkthdr.csum_flags &=
623 ~(NG_CHECKSUM_CSUM_IPV4|NG_CHECKSUM_CSUM_IPV6);
630 if (m->m_pkthdr.csum_flags & NG_CHECKSUM_CSUM_IPV4)
632 error = checksum_ipv4(priv, m, pullup_len);
636 else if (error == ENOBUFS)
641 if (m->m_pkthdr.csum_flags & NG_CHECKSUM_CSUM_IPV6)
643 error = checksum_ipv6(priv, m, pullup_len);
647 else if (error == ENOBUFS)
652 m->m_pkthdr.csum_flags &=
653 ~(NG_CHECKSUM_CSUM_IPV4|NG_CHECKSUM_CSUM_IPV6);
667 if (hook == priv->in) {
668 /* return frames on 'in' hook if 'out' not connected */
669 out = priv->out ? priv->out : priv->in;
670 } else if (hook == priv->out && priv->in) {
671 /* pass frames on 'out' hook if 'in' connected */
678 NG_FWD_NEW_DATA(error, item, out, m);
687 priv->stats.dropped++;
693 ng_checksum_shutdown(node_p node)
695 const priv_p priv = NG_NODE_PRIVATE(node);
697 NG_NODE_SET_PRIVATE(node, NULL);
701 free(priv->conf, M_NETGRAPH);
703 free(priv, M_NETGRAPH);
709 ng_checksum_disconnect(hook_p hook)
713 priv = NG_NODE_PRIVATE(NG_HOOK_NODE(hook));
715 if (hook == priv->in)
718 if (hook == priv->out)
721 if (NG_NODE_NUMHOOKS(NG_HOOK_NODE(hook)) == 0 &&
722 NG_NODE_IS_VALID(NG_HOOK_NODE(hook))) /* already shutting down? */
723 ng_rmnode_self(NG_HOOK_NODE(hook));