1 | /* $NetBSD: ip_pool.c,v 1.5 2016/06/09 04:43:46 pgoyette Exp $ */ |
2 | |
3 | /* |
4 | * Copyright (C) 2012 by Darren Reed. |
5 | * |
6 | * See the IPFILTER.LICENCE file for details on licencing. |
7 | */ |
8 | #if defined(KERNEL) || defined(_KERNEL) |
9 | # undef KERNEL |
10 | # undef _KERNEL |
11 | # define KERNEL 1 |
12 | # define _KERNEL 1 |
13 | #endif |
14 | #if defined(__osf__) |
15 | # define _PROTO_NET_H_ |
16 | #endif |
17 | #include <sys/errno.h> |
18 | #include <sys/types.h> |
19 | #include <sys/param.h> |
20 | #if defined(__NetBSD__) |
21 | # if (NetBSD >= 199905) && !defined(IPFILTER_LKM) && defined(_KERNEL) |
22 | # if (__NetBSD_Version__ >= 799003000) |
23 | # if defined(_KERNEL_OPT) |
24 | # include "opt_ipfilter.h" |
25 | # endif |
26 | # else |
27 | # include "opt_ipfilter.h" |
28 | # endif |
29 | # endif |
30 | #endif |
31 | #include <sys/file.h> |
32 | #if !defined(_KERNEL) && !defined(__KERNEL__) |
33 | # include <stdio.h> |
34 | # include <stdlib.h> |
35 | # include <string.h> |
36 | # define _KERNEL |
37 | # ifdef __OpenBSD__ |
38 | struct file; |
39 | # endif |
40 | # include <sys/uio.h> |
41 | # undef _KERNEL |
42 | #else |
43 | # include <sys/systm.h> |
44 | # if defined(NetBSD) && (__NetBSD_Version__ >= 104000000) |
45 | # include <sys/proc.h> |
46 | # endif |
47 | #endif |
48 | #include <sys/time.h> |
49 | #if defined(_KERNEL) && !defined(SOLARIS2) |
50 | # include <sys/mbuf.h> |
51 | #endif |
52 | #if defined(__SVR4) || defined(__svr4__) |
53 | # include <sys/byteorder.h> |
54 | # ifdef _KERNEL |
55 | # include <sys/dditypes.h> |
56 | # endif |
57 | # include <sys/stream.h> |
58 | # include <sys/kmem.h> |
59 | #endif |
60 | #if defined(__FreeBSD_version) && (__FreeBSD_version >= 300000) |
61 | # include <sys/malloc.h> |
62 | #endif |
63 | |
64 | #include <sys/socket.h> |
65 | #include <net/if.h> |
66 | #include <netinet/in.h> |
67 | #if !defined(_KERNEL) |
68 | # include "ipf.h" |
69 | #endif |
70 | |
71 | #include "netinet/ip_compat.h" |
72 | #include "netinet/ip_fil.h" |
73 | #include "netinet/ip_pool.h" |
74 | #include "netinet/radix_ipf.h" |
75 | |
76 | /* END OF INCLUDES */ |
77 | |
78 | #if !defined(lint) |
79 | #if defined(__NetBSD__) |
80 | #include <sys/cdefs.h> |
81 | __KERNEL_RCSID(0, "$NetBSD: ip_pool.c,v 1.5 2016/06/09 04:43:46 pgoyette Exp $" ); |
82 | #else |
83 | static const char sccsid[] = "@(#)ip_fil.c 2.41 6/5/96 (C) 1993-2000 Darren Reed" ; |
84 | static const char rcsid[] = "@(#)Id: ip_pool.c,v 1.1.1.2 2012/07/22 13:45:31 darrenr Exp" ; |
85 | #endif |
86 | #endif |
87 | |
88 | typedef struct ipf_pool_softc_s { |
89 | void *ipf_radix; |
90 | ip_pool_t *ipf_pool_list[LOOKUP_POOL_SZ]; |
91 | ipf_pool_stat_t ipf_pool_stats; |
92 | ip_pool_node_t *ipf_node_explist; |
93 | } ipf_pool_softc_t; |
94 | |
95 | |
96 | static void ipf_pool_clearnodes(ipf_main_softc_t *, ipf_pool_softc_t *, |
97 | ip_pool_t *); |
98 | static int ipf_pool_create(ipf_main_softc_t *, ipf_pool_softc_t *, iplookupop_t *); |
99 | static int ipf_pool_deref(ipf_main_softc_t *, void *, void *); |
100 | static int ipf_pool_destroy(ipf_main_softc_t *, ipf_pool_softc_t *, int, char *); |
101 | static void *ipf_pool_exists(ipf_pool_softc_t *, int, char *); |
102 | static void *ipf_pool_find(void *, int, char *); |
103 | static ip_pool_node_t *ipf_pool_findeq(ipf_pool_softc_t *, ip_pool_t *, |
104 | addrfamily_t *, addrfamily_t *); |
105 | static void ipf_pool_free(ipf_main_softc_t *, ipf_pool_softc_t *, ip_pool_t *); |
106 | static int ipf_pool_insert_node(ipf_main_softc_t *, ipf_pool_softc_t *, |
107 | ip_pool_t *, struct ip_pool_node *); |
108 | static int ipf_pool_iter_deref(ipf_main_softc_t *, void *, int, int, void *); |
109 | static int ipf_pool_iter_next(ipf_main_softc_t *, void *, ipftoken_t *, |
110 | ipflookupiter_t *); |
111 | static size_t ipf_pool_flush(ipf_main_softc_t *, void *, iplookupflush_t *); |
112 | static int ipf_pool_node_add(ipf_main_softc_t *, void *, iplookupop_t *, |
113 | int); |
114 | static int ipf_pool_node_del(ipf_main_softc_t *, void *, iplookupop_t *, |
115 | int); |
116 | static void ipf_pool_node_deref(ipf_pool_softc_t *, ip_pool_node_t *); |
117 | static int ipf_pool_remove_node(ipf_main_softc_t *, ipf_pool_softc_t *, |
118 | ip_pool_t *, ip_pool_node_t *); |
119 | static int ipf_pool_search(ipf_main_softc_t *, void *, int, |
120 | void *, u_int); |
121 | static void *ipf_pool_soft_create(ipf_main_softc_t *); |
122 | static void ipf_pool_soft_destroy(ipf_main_softc_t *, void *); |
123 | static void ipf_pool_soft_fini(ipf_main_softc_t *, void *); |
124 | static int ipf_pool_soft_init(ipf_main_softc_t *, void *); |
125 | static int ipf_pool_stats_get(ipf_main_softc_t *, void *, iplookupop_t *); |
126 | static int ipf_pool_table_add(ipf_main_softc_t *, void *, iplookupop_t *); |
127 | static int ipf_pool_table_del(ipf_main_softc_t *, void *, iplookupop_t *); |
128 | static void *ipf_pool_select_add_ref(void *, int, char *); |
129 | static void ipf_pool_expire(ipf_main_softc_t *, void *); |
130 | |
131 | ipf_lookup_t ipf_pool_backend = { |
132 | IPLT_POOL, |
133 | ipf_pool_soft_create, |
134 | ipf_pool_soft_destroy, |
135 | ipf_pool_soft_init, |
136 | ipf_pool_soft_fini, |
137 | ipf_pool_search, |
138 | ipf_pool_flush, |
139 | ipf_pool_iter_deref, |
140 | ipf_pool_iter_next, |
141 | ipf_pool_node_add, |
142 | ipf_pool_node_del, |
143 | ipf_pool_stats_get, |
144 | ipf_pool_table_add, |
145 | ipf_pool_table_del, |
146 | ipf_pool_deref, |
147 | ipf_pool_find, |
148 | ipf_pool_select_add_ref, |
149 | NULL, |
150 | ipf_pool_expire, |
151 | NULL |
152 | }; |
153 | |
154 | |
155 | #ifdef TEST_POOL |
156 | void treeprint(ip_pool_t *); |
157 | |
158 | int |
159 | main(argc, argv) |
160 | int argc; |
161 | char *argv[]; |
162 | { |
163 | ip_pool_node_t node; |
164 | addrfamily_t a, b; |
165 | iplookupop_t op; |
166 | ip_pool_t *ipo; |
167 | i6addr_t ip; |
168 | |
169 | RWLOCK_INIT(softc->ipf_poolrw, "poolrw" ); |
170 | ipf_pool_init(); |
171 | |
172 | bzero((char *)&ip, sizeof(ip)); |
173 | bzero((char *)&op, sizeof(op)); |
174 | bzero((char *)&node, sizeof(node)); |
175 | strlcpy(op.iplo_name, "0" , sizeof(op.iplo_name)); |
176 | |
177 | if (ipf_pool_create(&op) == 0) |
178 | ipo = ipf_pool_exists(0, "0" ); |
179 | |
180 | node.ipn_addr.adf_family = AF_INET; |
181 | |
182 | node.ipn_addr.adf_addr.in4.s_addr = 0x0a010203; |
183 | node.ipn_mask.adf_addr.in4.s_addr = 0xffffffff; |
184 | node.ipn_info = 1; |
185 | ipf_pool_insert_node(ipo, &node); |
186 | |
187 | node.ipn_addr.adf_addr.in4.s_addr = 0x0a000000; |
188 | node.ipn_mask.adf_addr.in4.s_addr = 0xff000000; |
189 | node.ipn_info = 0; |
190 | ipf_pool_insert_node(ipo, &node); |
191 | |
192 | node.ipn_addr.adf_addr.in4.s_addr = 0x0a010100; |
193 | node.ipn_mask.adf_addr.in4.s_addr = 0xffffff00; |
194 | node.ipn_info = 1; |
195 | ipf_pool_insert_node(ipo, &node); |
196 | |
197 | node.ipn_addr.adf_addr.in4.s_addr = 0x0a010200; |
198 | node.ipn_mask.adf_addr.in4.s_addr = 0xffffff00; |
199 | node.ipn_info = 0; |
200 | ipf_pool_insert_node(ipo, &node); |
201 | |
202 | node.ipn_addr.adf_addr.in4.s_addr = 0x0a010000; |
203 | node.ipn_mask.adf_addr.in4.s_addr = 0xffff0000; |
204 | node.ipn_info = 1; |
205 | ipf_pool_insert_node(ipo, &node); |
206 | |
207 | node.ipn_addr.adf_addr.in4.s_addr = 0x0a01020f; |
208 | node.ipn_mask.adf_addr.in4.s_addr = 0xffffffff; |
209 | node.ipn_info = 1; |
210 | ipf_pool_insert_node(ipo, &node); |
211 | #ifdef DEBUG_POOL |
212 | treeprint(ipo); |
213 | #endif |
214 | ip.in4.s_addr = 0x0a00aabb; |
215 | printf("search(%#x) = %d (0)\n" , ip.in4.s_addr, |
216 | ipf_pool_search(ipo, 4, &ip, 1)); |
217 | |
218 | ip.in4.s_addr = 0x0a000001; |
219 | printf("search(%#x) = %d (0)\n" , ip.in4.s_addr, |
220 | ipf_pool_search(ipo, 4, &ip, 1)); |
221 | |
222 | ip.in4.s_addr = 0x0a000101; |
223 | printf("search(%#x) = %d (0)\n" , ip.in4.s_addr, |
224 | ipf_pool_search(ipo, 4, &ip, 1)); |
225 | |
226 | ip.in4.s_addr = 0x0a010001; |
227 | printf("search(%#x) = %d (1)\n" , ip.in4.s_addr, |
228 | ipf_pool_search(ipo, 4, &ip, 1)); |
229 | |
230 | ip.in4.s_addr = 0x0a010101; |
231 | printf("search(%#x) = %d (1)\n" , ip.in4.s_addr, |
232 | ipf_pool_search(ipo, 4, &ip, 1)); |
233 | |
234 | ip.in4.s_addr = 0x0a010201; |
235 | printf("search(%#x) = %d (0)\n" , ip.in4.s_addr, |
236 | ipf_pool_search(ipo, 4, &ip, 1)); |
237 | |
238 | ip.in4.s_addr = 0x0a010203; |
239 | printf("search(%#x) = %d (1)\n" , ip.in4.s_addr, |
240 | ipf_pool_search(ipo, 4, &ip, 1)); |
241 | |
242 | ip.in4.s_addr = 0x0a01020f; |
243 | printf("search(%#x) = %d (1)\n" , ip.in4.s_addr, |
244 | ipf_pool_search(ipo, 4, &ip, 1)); |
245 | |
246 | ip.in4.s_addr = 0x0b00aabb; |
247 | printf("search(%#x) = %d (-1)\n" , ip.in4.s_addr, |
248 | ipf_pool_search(ipo, 4, &ip, 1)); |
249 | |
250 | #ifdef DEBUG_POOL |
251 | treeprint(ipo); |
252 | #endif |
253 | |
254 | ipf_pool_fini(); |
255 | |
256 | return 0; |
257 | } |
258 | |
259 | |
260 | void |
261 | treeprint(ipo) |
262 | ip_pool_t *ipo; |
263 | { |
264 | ip_pool_node_t *c; |
265 | |
266 | for (c = ipo->ipo_list; c != NULL; c = c->ipn_next) |
267 | printf("Node %p(%s) (%#x/%#x) = %d hits %lu\n" , |
268 | c, c->ipn_name, c->ipn_addr.adf_addr.in4.s_addr, |
269 | c->ipn_mask.adf_addr.in4.s_addr, |
270 | c->ipn_info, c->ipn_hits); |
271 | } |
272 | #endif /* TEST_POOL */ |
273 | |
274 | |
275 | /* ------------------------------------------------------------------------ */ |
276 | /* Function: ipf_pool_soft_create */ |
277 | /* Returns: void * - NULL = failure, else pointer to local context */ |
278 | /* Parameters: softc(I) - pointer to soft context main structure */ |
279 | /* */ |
280 | /* Initialise the routing table data structures where required. */ |
281 | /* ------------------------------------------------------------------------ */ |
282 | static void * |
283 | ipf_pool_soft_create(ipf_main_softc_t *softc) |
284 | { |
285 | ipf_pool_softc_t *softp; |
286 | |
287 | KMALLOC(softp, ipf_pool_softc_t *); |
288 | if (softp == NULL) { |
289 | IPFERROR(70032); |
290 | return NULL; |
291 | } |
292 | |
293 | bzero((char *)softp, sizeof(*softp)); |
294 | |
295 | softp->ipf_radix = ipf_rx_create(); |
296 | if (softp->ipf_radix == NULL) { |
297 | IPFERROR(70033); |
298 | KFREE(softp); |
299 | return NULL; |
300 | } |
301 | |
302 | return softp; |
303 | } |
304 | |
305 | |
306 | /* ------------------------------------------------------------------------ */ |
307 | /* Function: ipf_pool_soft_init */ |
308 | /* Returns: int - 0 = success, else error */ |
309 | /* Parameters: softc(I) - pointer to soft context main structure */ |
310 | /* arg(I) - pointer to local context to use */ |
311 | /* */ |
312 | /* Initialise the routing table data structures where required. */ |
313 | /* ------------------------------------------------------------------------ */ |
314 | static int |
315 | ipf_pool_soft_init(ipf_main_softc_t *softc, void *arg) |
316 | { |
317 | ipf_pool_softc_t *softp = arg; |
318 | |
319 | ipf_rx_init(softp->ipf_radix); |
320 | |
321 | return 0; |
322 | } |
323 | |
324 | |
325 | /* ------------------------------------------------------------------------ */ |
326 | /* Function: ipf_pool_soft_fini */ |
327 | /* Returns: Nil */ |
328 | /* Parameters: softc(I) - pointer to soft context main structure */ |
329 | /* arg(I) - pointer to local context to use */ |
330 | /* Locks: WRITE(ipf_global) */ |
331 | /* */ |
332 | /* Clean up all the pool data structures allocated and call the cleanup */ |
333 | /* function for the radix tree that supports the pools. ipf_pool_destroy is */ |
334 | /* used to delete the pools one by one to ensure they're properly freed up. */ |
335 | /* ------------------------------------------------------------------------ */ |
336 | static void |
337 | ipf_pool_soft_fini(ipf_main_softc_t *softc, void *arg) |
338 | { |
339 | ipf_pool_softc_t *softp = arg; |
340 | ip_pool_t *p, *q; |
341 | int i; |
342 | |
343 | softc = arg; |
344 | |
345 | for (i = -1; i <= IPL_LOGMAX; i++) { |
346 | for (q = softp->ipf_pool_list[i + 1]; (p = q) != NULL; ) { |
347 | q = p->ipo_next; |
348 | (void) ipf_pool_destroy(softc, arg, i, p->ipo_name); |
349 | } |
350 | } |
351 | } |
352 | |
353 | |
354 | /* ------------------------------------------------------------------------ */ |
355 | /* Function: ipf_pool_soft_destroy */ |
356 | /* Returns: Nil */ |
357 | /* Parameters: softc(I) - pointer to soft context main structure */ |
358 | /* arg(I) - pointer to local context to use */ |
359 | /* */ |
360 | /* Clean up the pool by free'ing the radix tree associated with it and free */ |
361 | /* up the pool context too. */ |
362 | /* ------------------------------------------------------------------------ */ |
363 | static void |
364 | ipf_pool_soft_destroy(ipf_main_softc_t *softc, void *arg) |
365 | { |
366 | ipf_pool_softc_t *softp = arg; |
367 | |
368 | ipf_rx_destroy(softp->ipf_radix); |
369 | |
370 | KFREE(softp); |
371 | } |
372 | |
373 | |
374 | /* ------------------------------------------------------------------------ */ |
375 | /* Function: ipf_pool_node_add */ |
376 | /* Returns: int - 0 = success, else error */ |
377 | /* Parameters: softc(I) - pointer to soft context main structure */ |
378 | /* arg(I) - pointer to local context to use */ |
379 | /* op(I) - pointer to lookup operatin data */ |
380 | /* */ |
381 | /* When adding a new node, a check is made to ensure that the address/mask */ |
382 | /* pair supplied has been appropriately prepared by applying the mask to */ |
383 | /* the address prior to calling for the pair to be added. */ |
384 | /* ------------------------------------------------------------------------ */ |
385 | static int |
386 | ipf_pool_node_add(ipf_main_softc_t *softc, void *arg, iplookupop_t *op, int uid) |
387 | { |
388 | ip_pool_node_t node, *m; |
389 | ip_pool_t *p; |
390 | int err; |
391 | |
392 | if (op->iplo_size != sizeof(node)) { |
393 | IPFERROR(70014); |
394 | return EINVAL; |
395 | } |
396 | |
397 | err = COPYIN(op->iplo_struct, &node, sizeof(node)); |
398 | if (err != 0) { |
399 | IPFERROR(70015); |
400 | return EFAULT; |
401 | } |
402 | |
403 | p = ipf_pool_find(arg, op->iplo_unit, op->iplo_name); |
404 | if (p == NULL) { |
405 | IPFERROR(70017); |
406 | return ESRCH; |
407 | } |
408 | |
409 | if (node.ipn_addr.adf_family == AF_INET) { |
410 | if (node.ipn_addr.adf_len != offsetof(addrfamily_t, adf_addr) + |
411 | sizeof(struct in_addr)) { |
412 | IPFERROR(70028); |
413 | return EINVAL; |
414 | } |
415 | } |
416 | #ifdef USE_INET6 |
417 | else if (node.ipn_addr.adf_family == AF_INET6) { |
418 | if (node.ipn_addr.adf_len != offsetof(addrfamily_t, adf_addr) + |
419 | sizeof(struct in6_addr)) { |
420 | IPFERROR(70034); |
421 | return EINVAL; |
422 | } |
423 | } |
424 | #endif |
425 | if (node.ipn_mask.adf_len != node.ipn_addr.adf_len) { |
426 | IPFERROR(70029); |
427 | return EINVAL; |
428 | } |
429 | |
430 | /* |
431 | * Check that the address/mask pair works. |
432 | */ |
433 | if (node.ipn_addr.adf_family == AF_INET) { |
434 | if ((node.ipn_addr.adf_addr.in4.s_addr & |
435 | node.ipn_mask.adf_addr.in4.s_addr) != |
436 | node.ipn_addr.adf_addr.in4.s_addr) { |
437 | IPFERROR(70035); |
438 | return EINVAL; |
439 | } |
440 | } |
441 | #ifdef USE_INET6 |
442 | else if (node.ipn_addr.adf_family == AF_INET6) { |
443 | if (IP6_MASKNEQ(&node.ipn_addr.adf_addr.in6, |
444 | &node.ipn_mask.adf_addr.in6, |
445 | &node.ipn_addr.adf_addr.in6)) { |
446 | IPFERROR(70036); |
447 | return EINVAL; |
448 | } |
449 | } |
450 | #endif |
451 | |
452 | /* |
453 | * add an entry to a pool - return an error if it already |
454 | * exists remove an entry from a pool - if it exists |
455 | * - in both cases, the pool *must* exist! |
456 | */ |
457 | m = ipf_pool_findeq(arg, p, &node.ipn_addr, &node.ipn_mask); |
458 | if (m != NULL) { |
459 | IPFERROR(70018); |
460 | return EEXIST; |
461 | } |
462 | err = ipf_pool_insert_node(softc, arg, p, &node); |
463 | |
464 | return err; |
465 | } |
466 | |
467 | |
468 | /* ------------------------------------------------------------------------ */ |
469 | /* Function: ipf_pool_node_del */ |
470 | /* Returns: int - 0 = success, else error */ |
471 | /* Parameters: softc(I) - pointer to soft context main structure */ |
472 | /* arg(I) - pointer to local context to use */ |
473 | /* op(I) - pointer to lookup operatin data */ |
474 | /* */ |
475 | /* ------------------------------------------------------------------------ */ |
476 | static int |
477 | ipf_pool_node_del(ipf_main_softc_t *softc, void *arg, iplookupop_t *op, int uid) |
478 | { |
479 | ip_pool_node_t node, *m; |
480 | ip_pool_t *p; |
481 | int err; |
482 | |
483 | |
484 | if (op->iplo_size != sizeof(node)) { |
485 | IPFERROR(70019); |
486 | return EINVAL; |
487 | } |
488 | node.ipn_uid = uid; |
489 | |
490 | err = COPYIN(op->iplo_struct, &node, sizeof(node)); |
491 | if (err != 0) { |
492 | IPFERROR(70020); |
493 | return EFAULT; |
494 | } |
495 | |
496 | if (node.ipn_addr.adf_family == AF_INET) { |
497 | if (node.ipn_addr.adf_len != offsetof(addrfamily_t, adf_addr) + |
498 | sizeof(struct in_addr)) { |
499 | IPFERROR(70030); |
500 | return EINVAL; |
501 | } |
502 | } |
503 | #ifdef USE_INET6 |
504 | else if (node.ipn_addr.adf_family == AF_INET6) { |
505 | if (node.ipn_addr.adf_len != offsetof(addrfamily_t, adf_addr) + |
506 | sizeof(struct in6_addr)) { |
507 | IPFERROR(70037); |
508 | return EINVAL; |
509 | } |
510 | } |
511 | #endif |
512 | if (node.ipn_mask.adf_len != node.ipn_addr.adf_len) { |
513 | IPFERROR(70031); |
514 | return EINVAL; |
515 | } |
516 | |
517 | p = ipf_pool_find(arg, op->iplo_unit, op->iplo_name); |
518 | if (p == NULL) { |
519 | IPFERROR(70021); |
520 | return ESRCH; |
521 | } |
522 | |
523 | m = ipf_pool_findeq(arg, p, &node.ipn_addr, &node.ipn_mask); |
524 | if (m == NULL) { |
525 | IPFERROR(70022); |
526 | return ENOENT; |
527 | } |
528 | |
529 | if ((uid != 0) && (uid != m->ipn_uid)) { |
530 | IPFERROR(70024); |
531 | return EACCES; |
532 | } |
533 | |
534 | err = ipf_pool_remove_node(softc, arg, p, m); |
535 | |
536 | return err; |
537 | } |
538 | |
539 | |
540 | /* ------------------------------------------------------------------------ */ |
541 | /* Function: ipf_pool_table_add */ |
542 | /* Returns: int - 0 = success, else error */ |
543 | /* Parameters: softc(I) - pointer to soft context main structure */ |
544 | /* arg(I) - pointer to local context to use */ |
545 | /* op(I) - pointer to lookup operatin data */ |
546 | /* */ |
547 | /* ------------------------------------------------------------------------ */ |
548 | static int |
549 | ipf_pool_table_add(ipf_main_softc_t *softc, void *arg, iplookupop_t *op) |
550 | { |
551 | int err; |
552 | |
553 | if (((op->iplo_arg & LOOKUP_ANON) == 0) && |
554 | (ipf_pool_find(arg, op->iplo_unit, op->iplo_name) != NULL)) { |
555 | IPFERROR(70023); |
556 | err = EEXIST; |
557 | } else { |
558 | err = ipf_pool_create(softc, arg, op); |
559 | } |
560 | |
561 | return err; |
562 | } |
563 | |
564 | |
565 | /* ------------------------------------------------------------------------ */ |
566 | /* Function: ipf_pool_table_del */ |
567 | /* Returns: int - 0 = success, else error */ |
568 | /* Parameters: softc(I) - pointer to soft context main structure */ |
569 | /* arg(I) - pointer to local context to use */ |
570 | /* op(I) - pointer to lookup operatin data */ |
571 | /* */ |
572 | /* ------------------------------------------------------------------------ */ |
573 | static int |
574 | ipf_pool_table_del(ipf_main_softc_t *softc, void *arg, iplookupop_t *op) |
575 | { |
576 | return ipf_pool_destroy(softc, arg, op->iplo_unit, op->iplo_name); |
577 | } |
578 | |
579 | |
580 | /* ------------------------------------------------------------------------ */ |
581 | /* Function: ipf_pool_statistics */ |
582 | /* Returns: int - 0 = success, else error */ |
583 | /* Parameters: softc(I) - pointer to soft context main structure */ |
584 | /* arg(I) - pointer to local context to use */ |
585 | /* op(I) - pointer to lookup operatin data */ |
586 | /* */ |
587 | /* Copy the current statistics out into user space, collecting pool list */ |
588 | /* pointers as appropriate for later use. */ |
589 | /* ------------------------------------------------------------------------ */ |
590 | static int |
591 | ipf_pool_stats_get(ipf_main_softc_t *softc, void *arg, iplookupop_t *op) |
592 | { |
593 | ipf_pool_softc_t *softp = arg; |
594 | ipf_pool_stat_t stats; |
595 | int unit, i, err = 0; |
596 | |
597 | if (op->iplo_size != sizeof(ipf_pool_stat_t)) { |
598 | IPFERROR(70001); |
599 | return EINVAL; |
600 | } |
601 | |
602 | bcopy((char *)&softp->ipf_pool_stats, (char *)&stats, sizeof(stats)); |
603 | unit = op->iplo_unit; |
604 | if (unit == IPL_LOGALL) { |
605 | for (i = 0; i <= LOOKUP_POOL_MAX; i++) |
606 | stats.ipls_list[i] = softp->ipf_pool_list[i]; |
607 | } else if (unit >= 0 && unit <= IPL_LOGMAX) { |
608 | unit++; /* -1 => 0 */ |
609 | if (op->iplo_name[0] != '\0') |
610 | stats.ipls_list[unit] = ipf_pool_exists(softp, unit - 1, |
611 | op->iplo_name); |
612 | else |
613 | stats.ipls_list[unit] = softp->ipf_pool_list[unit]; |
614 | } else { |
615 | IPFERROR(70025); |
616 | err = EINVAL; |
617 | } |
618 | if (err == 0) { |
619 | err = COPYOUT(&stats, op->iplo_struct, sizeof(stats)); |
620 | if (err != 0) { |
621 | IPFERROR(70026); |
622 | return EFAULT; |
623 | } |
624 | } |
625 | return 0; |
626 | } |
627 | |
628 | |
629 | /* ------------------------------------------------------------------------ */ |
630 | /* Function: ipf_pool_exists */ |
631 | /* Returns: int - 0 = success, else error */ |
632 | /* Parameters: softp(I) - pointer to soft context pool information */ |
633 | /* unit(I) - ipfilter device to which we are working on */ |
634 | /* name(I) - name of the pool */ |
635 | /* */ |
636 | /* Find a matching pool inside the collection of pools for a particular */ |
637 | /* device, indicated by the unit number. */ |
638 | /* ------------------------------------------------------------------------ */ |
639 | static void * |
640 | ipf_pool_exists(ipf_pool_softc_t *softp, int unit, char *name) |
641 | { |
642 | ip_pool_t *p; |
643 | int i; |
644 | |
645 | if (unit == IPL_LOGALL) { |
646 | for (i = 0; i <= LOOKUP_POOL_MAX; i++) { |
647 | for (p = softp->ipf_pool_list[i]; p != NULL; |
648 | p = p->ipo_next) { |
649 | if (strncmp(p->ipo_name, name, |
650 | sizeof(p->ipo_name)) == 0) |
651 | break; |
652 | } |
653 | if (p != NULL) |
654 | break; |
655 | } |
656 | } else { |
657 | for (p = softp->ipf_pool_list[unit + 1]; p != NULL; |
658 | p = p->ipo_next) |
659 | if (strncmp(p->ipo_name, name, |
660 | sizeof(p->ipo_name)) == 0) |
661 | break; |
662 | } |
663 | return p; |
664 | } |
665 | |
666 | |
667 | /* ------------------------------------------------------------------------ */ |
668 | /* Function: ipf_pool_find */ |
669 | /* Returns: int - 0 = success, else error */ |
670 | /* Parameters: arg(I) - pointer to local context to use */ |
671 | /* unit(I) - ipfilter device to which we are working on */ |
672 | /* name(I) - name of the pool */ |
673 | /* */ |
674 | /* Find a matching pool inside the collection of pools for a particular */ |
675 | /* device, indicated by the unit number. If it is marked for deletion then */ |
676 | /* pretend it does not exist. */ |
677 | /* ------------------------------------------------------------------------ */ |
678 | static void * |
679 | ipf_pool_find(void *arg, int unit, char *name) |
680 | { |
681 | ipf_pool_softc_t *softp = arg; |
682 | ip_pool_t *p; |
683 | |
684 | p = ipf_pool_exists(softp, unit, name); |
685 | if ((p != NULL) && (p->ipo_flags & IPOOL_DELETE)) |
686 | return NULL; |
687 | |
688 | return p; |
689 | } |
690 | |
691 | |
692 | /* ------------------------------------------------------------------------ */ |
693 | /* Function: ipf_pool_select_add_ref */ |
694 | /* Returns: int - 0 = success, else error */ |
695 | /* Parameters: arg(I) - pointer to local context to use */ |
696 | /* unit(I) - ipfilter device to which we are working on */ |
697 | /* name(I) - name of the pool */ |
698 | /* */ |
699 | /* ------------------------------------------------------------------------ */ |
700 | static void * |
701 | ipf_pool_select_add_ref(void *arg, int unit, char *name) |
702 | { |
703 | ip_pool_t *p; |
704 | |
705 | p = ipf_pool_find(arg, -1, name); |
706 | if (p == NULL) |
707 | p = ipf_pool_find(arg, unit, name); |
708 | if (p != NULL) { |
709 | ATOMIC_INC32(p->ipo_ref); |
710 | } |
711 | return p; |
712 | } |
713 | |
714 | |
715 | /* ------------------------------------------------------------------------ */ |
716 | /* Function: ipf_pool_findeq */ |
717 | /* Returns: int - 0 = success, else error */ |
718 | /* Parameters: softp(I) - pointer to soft context pool information */ |
719 | /* ipo(I) - pointer to the pool getting the new node. */ |
720 | /* addr(I) - pointer to address information to match on */ |
721 | /* mask(I) - pointer to the address mask to match */ |
722 | /* */ |
723 | /* Searches for an exact match of an entry in the pool. */ |
724 | /* ------------------------------------------------------------------------ */ |
725 | extern void printhostmask(int, u_32_t *, u_32_t *); |
726 | static ip_pool_node_t * |
727 | ipf_pool_findeq(ipf_pool_softc_t *softp, ip_pool_t *ipo, addrfamily_t *addr, |
728 | addrfamily_t *mask) |
729 | { |
730 | ipf_rdx_node_t *n; |
731 | |
732 | n = ipo->ipo_head->lookup(ipo->ipo_head, addr, mask); |
733 | return (ip_pool_node_t *)n; |
734 | } |
735 | |
736 | |
737 | /* ------------------------------------------------------------------------ */ |
738 | /* Function: ipf_pool_search */ |
739 | /* Returns: int - 0 == +ve match, -1 == error, 1 == -ve/no match */ |
740 | /* Parameters: softc(I) - pointer to soft context main structure */ |
741 | /* tptr(I) - pointer to the pool to search */ |
742 | /* version(I) - IP protocol version (4 or 6) */ |
743 | /* dptr(I) - pointer to address information */ |
744 | /* bytes(I) - length of packet */ |
745 | /* */ |
746 | /* Search the pool for a given address and return a search result. */ |
747 | /* ------------------------------------------------------------------------ */ |
748 | static int |
749 | ipf_pool_search(ipf_main_softc_t *softc, void *tptr, int ipversion, void *dptr, |
750 | u_int bytes) |
751 | { |
752 | ipf_rdx_node_t *rn; |
753 | ip_pool_node_t *m; |
754 | i6addr_t *addr; |
755 | addrfamily_t v; |
756 | ip_pool_t *ipo; |
757 | int rv; |
758 | |
759 | ipo = tptr; |
760 | if (ipo == NULL) |
761 | return -1; |
762 | |
763 | rv = 1; |
764 | m = NULL; |
765 | addr = (i6addr_t *)dptr; |
766 | bzero(&v, sizeof(v)); |
767 | |
768 | if (ipversion == 4) { |
769 | v.adf_family = AF_INET; |
770 | v.adf_len = offsetof(addrfamily_t, adf_addr) + |
771 | sizeof(struct in_addr); |
772 | v.adf_addr.in4 = addr->in4; |
773 | #ifdef USE_INET6 |
774 | } else if (ipversion == 6) { |
775 | v.adf_family = AF_INET6; |
776 | v.adf_len = offsetof(addrfamily_t, adf_addr) + |
777 | sizeof(struct in6_addr); |
778 | v.adf_addr.in6 = addr->in6; |
779 | #endif |
780 | } else |
781 | return -1; |
782 | |
783 | READ_ENTER(&softc->ipf_poolrw); |
784 | |
785 | rn = ipo->ipo_head->matchaddr(ipo->ipo_head, &v); |
786 | |
787 | if ((rn != NULL) && (rn->root == 0)) { |
788 | m = (ip_pool_node_t *)rn; |
789 | ipo->ipo_hits++; |
790 | m->ipn_bytes += bytes; |
791 | m->ipn_hits++; |
792 | rv = m->ipn_info; |
793 | } |
794 | RWLOCK_EXIT(&softc->ipf_poolrw); |
795 | return rv; |
796 | } |
797 | |
798 | |
799 | /* ------------------------------------------------------------------------ */ |
800 | /* Function: ipf_pool_insert_node */ |
801 | /* Returns: int - 0 = success, else error */ |
802 | /* Parameters: softc(I) - pointer to soft context main structure */ |
803 | /* softp(I) - pointer to soft context pool information */ |
804 | /* ipo(I) - pointer to the pool getting the new node. */ |
805 | /* node(I) - structure with address/mask to add */ |
806 | /* Locks: WRITE(ipf_poolrw) */ |
807 | /* */ |
808 | /* Add another node to the pool given by ipo. The three parameters passed */ |
809 | /* in (addr, mask, info) shold all be stored in the node. */ |
810 | /* ------------------------------------------------------------------------ */ |
811 | static int |
812 | ipf_pool_insert_node(ipf_main_softc_t *softc, ipf_pool_softc_t *softp, |
813 | ip_pool_t *ipo, struct ip_pool_node *node) |
814 | { |
815 | ipf_rdx_node_t *rn; |
816 | ip_pool_node_t *x; |
817 | |
818 | if ((node->ipn_addr.adf_len > sizeof(*rn)) || |
819 | (node->ipn_addr.adf_len < 4)) { |
820 | IPFERROR(70003); |
821 | return EINVAL; |
822 | } |
823 | |
824 | if ((node->ipn_mask.adf_len > sizeof(*rn)) || |
825 | (node->ipn_mask.adf_len < 4)) { |
826 | IPFERROR(70004); |
827 | return EINVAL; |
828 | } |
829 | |
830 | KMALLOC(x, ip_pool_node_t *); |
831 | if (x == NULL) { |
832 | IPFERROR(70002); |
833 | return ENOMEM; |
834 | } |
835 | |
836 | *x = *node; |
837 | bzero((char *)x->ipn_nodes, sizeof(x->ipn_nodes)); |
838 | x->ipn_owner = ipo; |
839 | x->ipn_hits = 0; |
840 | x->ipn_next = NULL; |
841 | x->ipn_pnext = NULL; |
842 | x->ipn_dnext = NULL; |
843 | x->ipn_pdnext = NULL; |
844 | |
845 | if (x->ipn_die != 0) { |
846 | /* |
847 | * If the new node has a given expiration time, insert it |
848 | * into the list of expiring nodes with the ones to be |
849 | * removed first added to the front of the list. The |
850 | * insertion is O(n) but it is kept sorted for quick scans |
851 | * at expiration interval checks. |
852 | */ |
853 | ip_pool_node_t *n; |
854 | |
855 | x->ipn_die = softc->ipf_ticks + IPF_TTLVAL(x->ipn_die); |
856 | for (n = softp->ipf_node_explist; n != NULL; n = n->ipn_dnext) { |
857 | if (x->ipn_die < n->ipn_die) |
858 | break; |
859 | if (n->ipn_dnext == NULL) { |
860 | /* |
861 | * We've got to the last node and everything |
862 | * wanted to be expired before this new node, |
863 | * so we have to tack it on the end... |
864 | */ |
865 | n->ipn_dnext = x; |
866 | x->ipn_pdnext = &n->ipn_dnext; |
867 | n = NULL; |
868 | break; |
869 | } |
870 | } |
871 | |
872 | if (softp->ipf_node_explist == NULL) { |
873 | softp->ipf_node_explist = x; |
874 | x->ipn_pdnext = &softp->ipf_node_explist; |
875 | } else if (n != NULL) { |
876 | x->ipn_dnext = n; |
877 | x->ipn_pdnext = n->ipn_pdnext; |
878 | n->ipn_pdnext = &x->ipn_dnext; |
879 | } |
880 | } |
881 | |
882 | rn = ipo->ipo_head->addaddr(ipo->ipo_head, &x->ipn_addr, &x->ipn_mask, |
883 | x->ipn_nodes); |
884 | #ifdef DEBUG_POOL |
885 | printf("Added %p at %p\n" , x, rn); |
886 | #endif |
887 | |
888 | if (rn == NULL) { |
889 | KFREE(x); |
890 | IPFERROR(70005); |
891 | return ENOMEM; |
892 | } |
893 | |
894 | x->ipn_ref = 1; |
895 | x->ipn_pnext = ipo->ipo_tail; |
896 | *ipo->ipo_tail = x; |
897 | ipo->ipo_tail = &x->ipn_next; |
898 | |
899 | softp->ipf_pool_stats.ipls_nodes++; |
900 | |
901 | return 0; |
902 | } |
903 | |
904 | |
905 | /* ------------------------------------------------------------------------ */ |
906 | /* Function: ipf_pool_create */ |
907 | /* Returns: int - 0 = success, else error */ |
908 | /* Parameters: softc(I) - pointer to soft context main structure */ |
909 | /* softp(I) - pointer to soft context pool information */ |
910 | /* op(I) - pointer to iplookup struct with call details */ |
911 | /* Locks: WRITE(ipf_poolrw) */ |
912 | /* */ |
913 | /* Creates a new group according to the paramters passed in via the */ |
914 | /* iplookupop structure. Does not check to see if the group already exists */ |
915 | /* when being inserted - assume this has already been done. If the pool is */ |
916 | /* marked as being anonymous, give it a new, unique, identifier. Call any */ |
917 | /* other functions required to initialise the structure. */ |
918 | /* */ |
919 | /* If the structure is flagged for deletion then reset the flag and return, */ |
920 | /* as this likely means we've tried to free a pool that is in use (flush) */ |
921 | /* and now want to repopulate it with "new" data. */ |
922 | /* ------------------------------------------------------------------------ */ |
923 | static int |
924 | ipf_pool_create(ipf_main_softc_t *softc, ipf_pool_softc_t *softp, |
925 | iplookupop_t *op) |
926 | { |
927 | char name[FR_GROUPLEN]; |
928 | int poolnum, unit; |
929 | ip_pool_t *h; |
930 | |
931 | unit = op->iplo_unit; |
932 | |
933 | if ((op->iplo_arg & LOOKUP_ANON) == 0) { |
934 | h = ipf_pool_exists(softp, unit, op->iplo_name); |
935 | if (h != NULL) { |
936 | if ((h->ipo_flags & IPOOL_DELETE) == 0) { |
937 | IPFERROR(70006); |
938 | return EEXIST; |
939 | } |
940 | h->ipo_flags &= ~IPOOL_DELETE; |
941 | return 0; |
942 | } |
943 | } |
944 | |
945 | KMALLOC(h, ip_pool_t *); |
946 | if (h == NULL) { |
947 | IPFERROR(70007); |
948 | return ENOMEM; |
949 | } |
950 | bzero(h, sizeof(*h)); |
951 | |
952 | if (ipf_rx_inithead(softp->ipf_radix, &h->ipo_head) != 0) { |
953 | KFREE(h); |
954 | IPFERROR(70008); |
955 | return ENOMEM; |
956 | } |
957 | |
958 | if ((op->iplo_arg & LOOKUP_ANON) != 0) { |
959 | ip_pool_t *p; |
960 | |
961 | h->ipo_flags |= IPOOL_ANON; |
962 | poolnum = LOOKUP_ANON; |
963 | |
964 | snprintf(name, sizeof(name), "%x" , poolnum); |
965 | |
966 | for (p = softp->ipf_pool_list[unit + 1]; p != NULL; ) { |
967 | if (strncmp(name, p->ipo_name, |
968 | sizeof(p->ipo_name)) == 0) { |
969 | poolnum++; |
970 | snprintf(name, sizeof(name), "%x" , poolnum); |
971 | p = softp->ipf_pool_list[unit + 1]; |
972 | } else |
973 | p = p->ipo_next; |
974 | } |
975 | |
976 | (void)strncpy(h->ipo_name, name, sizeof(h->ipo_name)); |
977 | (void)strncpy(op->iplo_name, name, sizeof(op->iplo_name)); |
978 | } else { |
979 | (void)strncpy(h->ipo_name, op->iplo_name, sizeof(h->ipo_name)); |
980 | } |
981 | |
982 | h->ipo_radix = softp->ipf_radix; |
983 | h->ipo_ref = 1; |
984 | h->ipo_list = NULL; |
985 | h->ipo_tail = &h->ipo_list; |
986 | h->ipo_unit = unit; |
987 | h->ipo_next = softp->ipf_pool_list[unit + 1]; |
988 | if (softp->ipf_pool_list[unit + 1] != NULL) |
989 | softp->ipf_pool_list[unit + 1]->ipo_pnext = &h->ipo_next; |
990 | h->ipo_pnext = &softp->ipf_pool_list[unit + 1]; |
991 | softp->ipf_pool_list[unit + 1] = h; |
992 | |
993 | softp->ipf_pool_stats.ipls_pools++; |
994 | |
995 | return 0; |
996 | } |
997 | |
998 | |
999 | /* ------------------------------------------------------------------------ */ |
1000 | /* Function: ipf_pool_remove_node */ |
1001 | /* Returns: int - 0 = success, else error */ |
1002 | /* Parameters: softc(I) - pointer to soft context main structure */ |
1003 | /* ipo(I) - pointer to the pool to remove the node from. */ |
1004 | /* ipe(I) - address being deleted as a node */ |
1005 | /* Locks: WRITE(ipf_poolrw) */ |
1006 | /* */ |
1007 | /* Remove a node from the pool given by ipo. */ |
1008 | /* ------------------------------------------------------------------------ */ |
1009 | static int |
1010 | ipf_pool_remove_node(ipf_main_softc_t *softc, ipf_pool_softc_t *softp, |
1011 | ip_pool_t *ipo, ip_pool_node_t *ipe) |
1012 | { |
1013 | void *ptr; |
1014 | |
1015 | if (ipo->ipo_tail == &ipe->ipn_next) |
1016 | ipo->ipo_tail = ipe->ipn_pnext; |
1017 | |
1018 | if (ipe->ipn_pnext != NULL) |
1019 | *ipe->ipn_pnext = ipe->ipn_next; |
1020 | if (ipe->ipn_next != NULL) |
1021 | ipe->ipn_next->ipn_pnext = ipe->ipn_pnext; |
1022 | |
1023 | if (ipe->ipn_pdnext != NULL) |
1024 | *ipe->ipn_pdnext = ipe->ipn_dnext; |
1025 | if (ipe->ipn_dnext != NULL) |
1026 | ipe->ipn_dnext->ipn_pdnext = ipe->ipn_pdnext; |
1027 | |
1028 | ptr = ipo->ipo_head->deladdr(ipo->ipo_head, &ipe->ipn_addr, |
1029 | &ipe->ipn_mask); |
1030 | |
1031 | if (ptr != NULL) { |
1032 | ipf_pool_node_deref(softp, ipe); |
1033 | return 0; |
1034 | } |
1035 | IPFERROR(70027); |
1036 | return ESRCH; |
1037 | } |
1038 | |
1039 | |
1040 | /* ------------------------------------------------------------------------ */ |
1041 | /* Function: ipf_pool_destroy */ |
1042 | /* Returns: int - 0 = success, else error */ |
1043 | /* Parameters: softc(I) - pointer to soft context main structure */ |
1044 | /* softp(I) - pointer to soft context pool information */ |
1045 | /* unit(I) - ipfilter device to which we are working on */ |
1046 | /* name(I) - name of the pool */ |
1047 | /* Locks: WRITE(ipf_poolrw) or WRITE(ipf_global) */ |
1048 | /* */ |
1049 | /* Search for a pool using paramters passed in and if it's not otherwise */ |
1050 | /* busy, free it. If it is busy, clear all of its nodes, mark it for being */ |
1051 | /* deleted and return an error saying it is busy. */ |
1052 | /* */ |
1053 | /* NOTE: Because this function is called out of ipfdetach() where ipf_poolrw*/ |
1054 | /* may not be initialised, we can't use an ASSERT to enforce the locking */ |
1055 | /* assertion that one of the two (ipf_poolrw,ipf_global) is held. */ |
1056 | /* ------------------------------------------------------------------------ */ |
1057 | static int |
1058 | ipf_pool_destroy(ipf_main_softc_t *softc, ipf_pool_softc_t *softp, int unit, |
1059 | char *name) |
1060 | { |
1061 | ip_pool_t *ipo; |
1062 | |
1063 | ipo = ipf_pool_exists(softp, unit, name); |
1064 | if (ipo == NULL) { |
1065 | IPFERROR(70009); |
1066 | return ESRCH; |
1067 | } |
1068 | |
1069 | if (ipo->ipo_ref != 1) { |
1070 | ipf_pool_clearnodes(softc, softp, ipo); |
1071 | ipo->ipo_flags |= IPOOL_DELETE; |
1072 | return 0; |
1073 | } |
1074 | |
1075 | ipf_pool_free(softc, softp, ipo); |
1076 | return 0; |
1077 | } |
1078 | |
1079 | |
1080 | /* ------------------------------------------------------------------------ */ |
1081 | /* Function: ipf_pool_flush */ |
1082 | /* Returns: int - number of pools deleted */ |
1083 | /* Parameters: softc(I) - pointer to soft context main structure */ |
1084 | /* arg(I) - pointer to local context to use */ |
1085 | /* fp(I) - which pool(s) to flush */ |
1086 | /* Locks: WRITE(ipf_poolrw) or WRITE(ipf_global) */ |
1087 | /* */ |
1088 | /* Free all pools associated with the device that matches the unit number */ |
1089 | /* passed in with operation. */ |
1090 | /* */ |
1091 | /* NOTE: Because this function is called out of ipfdetach() where ipf_poolrw*/ |
1092 | /* may not be initialised, we can't use an ASSERT to enforce the locking */ |
1093 | /* assertion that one of the two (ipf_poolrw,ipf_global) is held. */ |
1094 | /* ------------------------------------------------------------------------ */ |
1095 | static size_t |
1096 | ipf_pool_flush(ipf_main_softc_t *softc, void *arg, iplookupflush_t *fp) |
1097 | { |
1098 | ipf_pool_softc_t *softp = arg; |
1099 | int i, num = 0, unit, err; |
1100 | ip_pool_t *p, *q; |
1101 | |
1102 | unit = fp->iplf_unit; |
1103 | for (i = -1; i <= IPL_LOGMAX; i++) { |
1104 | if (unit != IPLT_ALL && i != unit) |
1105 | continue; |
1106 | for (q = softp->ipf_pool_list[i + 1]; (p = q) != NULL; ) { |
1107 | q = p->ipo_next; |
1108 | err = ipf_pool_destroy(softc, softp, i, p->ipo_name); |
1109 | if (err == 0) |
1110 | num++; |
1111 | } |
1112 | } |
1113 | return num; |
1114 | } |
1115 | |
1116 | |
1117 | /* ------------------------------------------------------------------------ */ |
1118 | /* Function: ipf_pool_free */ |
1119 | /* Returns: void */ |
1120 | /* Parameters: softc(I) - pointer to soft context main structure */ |
1121 | /* softp(I) - pointer to soft context pool information */ |
1122 | /* ipo(I) - pointer to pool structure */ |
1123 | /* Locks: WRITE(ipf_poolrw) or WRITE(ipf_global) */ |
1124 | /* */ |
1125 | /* Deletes the pool strucutre passed in from the list of pools and deletes */ |
1126 | /* all of the address information stored in it, including any tree data */ |
1127 | /* structures also allocated. */ |
1128 | /* */ |
1129 | /* NOTE: Because this function is called out of ipfdetach() where ipf_poolrw*/ |
1130 | /* may not be initialised, we can't use an ASSERT to enforce the locking */ |
1131 | /* assertion that one of the two (ipf_poolrw,ipf_global) is held. */ |
1132 | /* ------------------------------------------------------------------------ */ |
1133 | static void |
1134 | ipf_pool_free(ipf_main_softc_t *softc, ipf_pool_softc_t *softp, ip_pool_t *ipo) |
1135 | { |
1136 | |
1137 | ipf_pool_clearnodes(softc, softp, ipo); |
1138 | |
1139 | if (ipo->ipo_next != NULL) |
1140 | ipo->ipo_next->ipo_pnext = ipo->ipo_pnext; |
1141 | *ipo->ipo_pnext = ipo->ipo_next; |
1142 | ipf_rx_freehead(ipo->ipo_head); |
1143 | KFREE(ipo); |
1144 | |
1145 | softp->ipf_pool_stats.ipls_pools--; |
1146 | } |
1147 | |
1148 | |
1149 | /* ------------------------------------------------------------------------ */ |
1150 | /* Function: ipf_pool_clearnodes */ |
1151 | /* Returns: void */ |
1152 | /* Parameters: softc(I) - pointer to soft context main structure */ |
1153 | /* softp(I) - pointer to soft context pool information */ |
1154 | /* ipo(I) - pointer to pool structure */ |
1155 | /* Locks: WRITE(ipf_poolrw) or WRITE(ipf_global) */ |
1156 | /* */ |
1157 | /* Deletes all nodes stored in a pool structure. */ |
1158 | /* ------------------------------------------------------------------------ */ |
1159 | static void |
1160 | ipf_pool_clearnodes(ipf_main_softc_t *softc, ipf_pool_softc_t *softp, |
1161 | ip_pool_t *ipo) |
1162 | { |
1163 | ip_pool_node_t *n, **next; |
1164 | |
1165 | for (next = &ipo->ipo_list; (n = *next) != NULL; ) |
1166 | ipf_pool_remove_node(softc, softp, ipo, n); |
1167 | |
1168 | ipo->ipo_list = NULL; |
1169 | } |
1170 | |
1171 | |
1172 | /* ------------------------------------------------------------------------ */ |
1173 | /* Function: ipf_pool_deref */ |
1174 | /* Returns: void */ |
1175 | /* Parameters: softc(I) - pointer to soft context main structure */ |
1176 | /* arg(I) - pointer to local context to use */ |
1177 | /* pool(I) - pointer to pool structure */ |
1178 | /* Locks: WRITE(ipf_poolrw) */ |
1179 | /* */ |
1180 | /* Drop the number of known references to this pool structure by one and if */ |
1181 | /* we arrive at zero known references, free it. */ |
1182 | /* ------------------------------------------------------------------------ */ |
1183 | static int |
1184 | ipf_pool_deref(ipf_main_softc_t *softc, void *arg, void *pool) |
1185 | { |
1186 | ip_pool_t *ipo = pool; |
1187 | |
1188 | ipo->ipo_ref--; |
1189 | |
1190 | if (ipo->ipo_ref == 0) |
1191 | ipf_pool_free(softc, arg, ipo); |
1192 | |
1193 | else if ((ipo->ipo_ref == 1) && (ipo->ipo_flags & IPOOL_DELETE)) |
1194 | ipf_pool_destroy(softc, arg, ipo->ipo_unit, ipo->ipo_name); |
1195 | |
1196 | return 0; |
1197 | } |
1198 | |
1199 | |
1200 | /* ------------------------------------------------------------------------ */ |
1201 | /* Function: ipf_pool_node_deref */ |
1202 | /* Returns: void */ |
1203 | /* Parameters: softp(I) - pointer to soft context pool information */ |
1204 | /* ipn(I) - pointer to pool structure */ |
1205 | /* Locks: WRITE(ipf_poolrw) */ |
1206 | /* */ |
1207 | /* Drop a reference to the pool node passed in and if we're the last, free */ |
1208 | /* it all up and adjust the stats accordingly. */ |
1209 | /* ------------------------------------------------------------------------ */ |
1210 | static void |
1211 | ipf_pool_node_deref(ipf_pool_softc_t *softp, ip_pool_node_t *ipn) |
1212 | { |
1213 | |
1214 | ipn->ipn_ref--; |
1215 | |
1216 | if (ipn->ipn_ref == 0) { |
1217 | KFREE(ipn); |
1218 | softp->ipf_pool_stats.ipls_nodes--; |
1219 | } |
1220 | } |
1221 | |
1222 | |
1223 | /* ------------------------------------------------------------------------ */ |
1224 | /* Function: ipf_pool_iter_next */ |
1225 | /* Returns: void */ |
1226 | /* Parameters: softc(I) - pointer to soft context main structure */ |
1227 | /* arg(I) - pointer to local context to use */ |
1228 | /* token(I) - pointer to pool structure */ |
1229 | /* ilp(IO) - pointer to pool iterating structure */ |
1230 | /* */ |
1231 | /* ------------------------------------------------------------------------ */ |
1232 | static int |
1233 | ipf_pool_iter_next(ipf_main_softc_t *softc, void *arg, ipftoken_t *token, |
1234 | ipflookupiter_t *ilp) |
1235 | { |
1236 | ipf_pool_softc_t *softp = arg; |
1237 | ip_pool_node_t *node, zn, *nextnode; |
1238 | ip_pool_t *ipo, zp, *nextipo; |
1239 | void *pnext; |
1240 | int err; |
1241 | |
1242 | err = 0; |
1243 | node = NULL; |
1244 | nextnode = NULL; |
1245 | ipo = NULL; |
1246 | nextipo = NULL; |
1247 | |
1248 | READ_ENTER(&softc->ipf_poolrw); |
1249 | |
1250 | switch (ilp->ili_otype) |
1251 | { |
1252 | case IPFLOOKUPITER_LIST : |
1253 | ipo = token->ipt_data; |
1254 | if (ipo == NULL) { |
1255 | nextipo = softp->ipf_pool_list[(int)ilp->ili_unit + 1]; |
1256 | } else { |
1257 | nextipo = ipo->ipo_next; |
1258 | } |
1259 | |
1260 | if (nextipo != NULL) { |
1261 | ATOMIC_INC32(nextipo->ipo_ref); |
1262 | token->ipt_data = nextipo; |
1263 | } else { |
1264 | bzero((char *)&zp, sizeof(zp)); |
1265 | nextipo = &zp; |
1266 | token->ipt_data = NULL; |
1267 | } |
1268 | pnext = nextipo->ipo_next; |
1269 | break; |
1270 | |
1271 | case IPFLOOKUPITER_NODE : |
1272 | node = token->ipt_data; |
1273 | if (node == NULL) { |
1274 | ipo = ipf_pool_exists(arg, ilp->ili_unit, |
1275 | ilp->ili_name); |
1276 | if (ipo == NULL) { |
1277 | IPFERROR(70010); |
1278 | err = ESRCH; |
1279 | } else { |
1280 | nextnode = ipo->ipo_list; |
1281 | ipo = NULL; |
1282 | } |
1283 | } else { |
1284 | nextnode = node->ipn_next; |
1285 | } |
1286 | |
1287 | if (nextnode != NULL) { |
1288 | ATOMIC_INC32(nextnode->ipn_ref); |
1289 | token->ipt_data = nextnode; |
1290 | } else { |
1291 | bzero((char *)&zn, sizeof(zn)); |
1292 | nextnode = &zn; |
1293 | token->ipt_data = NULL; |
1294 | } |
1295 | pnext = nextnode->ipn_next; |
1296 | break; |
1297 | |
1298 | default : |
1299 | IPFERROR(70011); |
1300 | pnext = NULL; |
1301 | err = EINVAL; |
1302 | break; |
1303 | } |
1304 | |
1305 | RWLOCK_EXIT(&softc->ipf_poolrw); |
1306 | if (err != 0) |
1307 | return err; |
1308 | |
1309 | switch (ilp->ili_otype) |
1310 | { |
1311 | case IPFLOOKUPITER_LIST : |
1312 | err = COPYOUT(nextipo, ilp->ili_data, sizeof(*nextipo)); |
1313 | if (err != 0) { |
1314 | IPFERROR(70012); |
1315 | err = EFAULT; |
1316 | } |
1317 | if (ipo != NULL) { |
1318 | WRITE_ENTER(&softc->ipf_poolrw); |
1319 | ipf_pool_deref(softc, softp, ipo); |
1320 | RWLOCK_EXIT(&softc->ipf_poolrw); |
1321 | } |
1322 | break; |
1323 | |
1324 | case IPFLOOKUPITER_NODE : |
1325 | err = COPYOUT(nextnode, ilp->ili_data, sizeof(*nextnode)); |
1326 | if (err != 0) { |
1327 | IPFERROR(70013); |
1328 | err = EFAULT; |
1329 | } |
1330 | if (node != NULL) { |
1331 | WRITE_ENTER(&softc->ipf_poolrw); |
1332 | ipf_pool_node_deref(softp, node); |
1333 | RWLOCK_EXIT(&softc->ipf_poolrw); |
1334 | } |
1335 | break; |
1336 | } |
1337 | if (pnext == NULL) |
1338 | ipf_token_mark_complete(token); |
1339 | |
1340 | return err; |
1341 | } |
1342 | |
1343 | |
1344 | /* ------------------------------------------------------------------------ */ |
1345 | /* Function: ipf_pool_iterderef */ |
1346 | /* Returns: void */ |
1347 | /* Parameters: softc(I) - pointer to soft context main structure */ |
1348 | /* arg(I) - pointer to local context to use */ |
1349 | /* unit(I) - ipfilter device to which we are working on */ |
1350 | /* Locks: WRITE(ipf_poolrw) */ |
1351 | /* */ |
1352 | /* ------------------------------------------------------------------------ */ |
1353 | static int |
1354 | ipf_pool_iter_deref(ipf_main_softc_t *softc, void *arg, int otype, int unit, |
1355 | void *data) |
1356 | { |
1357 | ipf_pool_softc_t *softp = arg; |
1358 | |
1359 | if (data == NULL) |
1360 | return EINVAL; |
1361 | |
1362 | if (unit < 0 || unit > IPL_LOGMAX) |
1363 | return EINVAL; |
1364 | |
1365 | switch (otype) |
1366 | { |
1367 | case IPFLOOKUPITER_LIST : |
1368 | ipf_pool_deref(softc, softp, (ip_pool_t *)data); |
1369 | break; |
1370 | |
1371 | case IPFLOOKUPITER_NODE : |
1372 | ipf_pool_node_deref(softp, (ip_pool_node_t *)data); |
1373 | break; |
1374 | default : |
1375 | break; |
1376 | } |
1377 | |
1378 | return 0; |
1379 | } |
1380 | |
1381 | |
1382 | /* ------------------------------------------------------------------------ */ |
1383 | /* Function: ipf_pool_expire */ |
1384 | /* Returns: Nil */ |
1385 | /* Parameters: softc(I) - pointer to soft context main structure */ |
1386 | /* arg(I) - pointer to local context to use */ |
1387 | /* */ |
1388 | /* At present this function exists just to support temporary addition of */ |
1389 | /* nodes to the address pool. */ |
1390 | /* ------------------------------------------------------------------------ */ |
1391 | static void |
1392 | ipf_pool_expire(ipf_main_softc_t *softc, void *arg) |
1393 | { |
1394 | ipf_pool_softc_t *softp = arg; |
1395 | ip_pool_node_t *n; |
1396 | |
1397 | while ((n = softp->ipf_node_explist) != NULL) { |
1398 | /* |
1399 | * Because the list is kept sorted on insertion, the fist |
1400 | * one that dies in the future means no more work to do. |
1401 | */ |
1402 | if (n->ipn_die > softc->ipf_ticks) |
1403 | break; |
1404 | ipf_pool_remove_node(softc, softp, n->ipn_owner, n); |
1405 | } |
1406 | } |
1407 | |
1408 | |
1409 | |
1410 | |
1411 | #ifndef _KERNEL |
1412 | void |
1413 | ipf_pool_dump(softc, arg) |
1414 | ipf_main_softc_t *softc; |
1415 | void *arg; |
1416 | { |
1417 | ipf_pool_softc_t *softp = arg; |
1418 | ip_pool_t *ipl; |
1419 | int i; |
1420 | |
1421 | printf("List of configured pools\n" ); |
1422 | for (i = 0; i <= LOOKUP_POOL_MAX; i++) |
1423 | for (ipl = softp->ipf_pool_list[i]; ipl != NULL; |
1424 | ipl = ipl->ipo_next) |
1425 | printpool(ipl, bcopywrap, NULL, opts, NULL); |
1426 | } |
1427 | #endif |
1428 | |