| blob | addbd2e395adc508e8d4b50d0c18fc7894fa9158 |
1 /*-
2 * Copyright (c) 2002, 2003 Sam Leffler, Errno Consulting
3 * All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 *
14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
15 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
16 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
17 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
18 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
19 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
20 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
21 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
22 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
23 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
24 * SUCH DAMAGE.
25 *
26 * $FreeBSD: src/sys/netipsec/ipsec_mbuf.c,v 1.5.2.2 2003/03/28 20:32:53 sam Exp $
27 * $DragonFly: src/sys/netproto/ipsec/ipsec_mbuf.c,v 1.7 2006/12/22 23:57:54 swildner Exp $
28 */
30 /*
31 * IPsec-specific mbuf routines.
32 */
36 #include <sys/param.h>
37 #include <sys/systm.h>
38 #include <sys/mbuf.h>
39 #include <sys/socket.h>
41 #include <net/route.h>
42 #include <netinet/in.h>
44 #include <netproto/ipsec/ipsec.h>
48 /*
49 * Create a writable copy of the mbuf chain. While doing this
50 * we compact the chain with a goal of producing a chain with
51 * at most two mbufs. The second mbuf in this chain is likely
52 * to be a cluster. The primary purpose of this work is to create
53 * a writable packet for encryption, compression, etc. The
54 * secondary goal is to linearize the data so the data can be
55 * passed to crypto hardware in the most efficient manner possible.
56 */
59 {
68 /*
69 * Regular mbufs are ignored unless there's a cluster
70 * in front of it that we can use to coalesce. We do
71 * the latter mainly so later clusters can be coalesced
72 * also w/o having to handle them specially (i.e. convert
73 * mbuf+cluster -> cluster). This optimization is heavily
74 * influenced by the assumption that we're running over
75 * Ethernet where MCLBYTES is large enough that the max
76 * packet size will permit lots of coalescing into a
77 * single cluster. This in turn permits efficient
78 * crypto operations, especially when using hardware.
79 */
83 /* XXX: this ignores mbuf types */
92 }
94 }
95 /*
96 * Writable mbufs are left alone (for now). Note
97 * that for 4.x systems it's not possible to identify
98 * whether or not mbufs with external buffers are
99 * writable unless they use clusters.
100 */
104 }
106 /*
107 * Not writable, replace with a copy or coalesce with
108 * the previous mbuf if possible (since we have to copy
109 * it anyway, we try to reduce the number of mbufs and
110 * clusters so that future work is easier).
111 */
114 /* NB: we only coalesce into a cluster or larger */
117 /* XXX: this ignores mbuf types */
125 }
127 /*
128 * Allocate new space to hold the copy...
129 */
130 /* XXX why can M_PKTHDR be set past the first mbuf? */
132 /*
133 * NB: if a packet header is present we must
134 * allocate the mbuf separately from any cluster
135 * because M_MOVE_PKTHDR will smash the data
136 * pointer and drop the M_EXT marker.
137 */
142 }
149 }
155 }
156 }
157 /*
158 * ... and copy the data. We deal with jumbo mbufs
159 * (i.e. m_len > MCLBYTES) by splitting them into
160 * clusters. We could just malloc a buffer and make
161 * it external but too many device drivers don't know
162 * how to break up the non-contiguous memory when
163 * doing DMA.
164 */
188 }
189 }
193 else
197 }
199 }
201 /*
202 * Make space for a new header of length hlen at skip bytes
203 * into the packet. When doing this we allocate new mbufs only
204 * when absolutely necessary. The mbuf where the new header
205 * is to go is returned together with an offset into the mbuf.
206 * If NULL is returned then the mbuf chain may have been modified;
207 * the caller is assumed to always free the chain.
208 */
211 {
222 /*
223 * At this point skip is the offset into the mbuf m
224 * where the new header should be placed. Figure out
225 * if there's space to insert the new header. If so,
226 * and copying the remainder makese sense then do so.
227 * Otherwise insert a new mbuf in the chain, splitting
228 * the contents of m as needed.
229 */
234 /* XXX code doesn't handle clusters XXX */
237 /*
238 * Not enough space in m, split the contents
239 * of m, inserting new mbufs as required.
240 *
241 * NB: this ignores mbuf types.
242 */
250 /*
251 * New header fits in the old mbuf if we copy
252 * the remainder; just do the copy to the new
253 * mbuf and we're good to go.
254 */
261 /*
262 * No space in the old mbuf for the new header.
263 * Make space in the new mbuf and check the
264 * remainder'd data fits too. If not then we
265 * must allocate an additional mbuf (yech).
266 */
272 /* NB: new mbuf is on chain, let caller free */
279 /* splice in second mbuf */
287 }
292 }
294 /*
295 * Copy the remainder to the back of the mbuf
296 * so there's space to write the new header.
297 */
298 /* XXX can this be memcpy? does it handle overlap? */
303 }
306 }
308 /*
309 * m_pad(m, n) pads <m> with <n> bytes at the end. The packet header
310 * length is updated, and a pointer to the first byte of the padding
311 * (which is guaranteed to be all in one mbuf) is returned.
312 */
313 caddr_t
315 {
318 caddr_t retval;
324 }
334 }
342 }
344 /* Check for zero-length trailing mbufs, and find the last one. */
354 }
357 }
360 /* Add an mbuf to the chain. */
366 }
371 }
378 }
380 /*
381 * Remove hlen data at offset skip in the packet. This is used by
382 * the protocols strip protocol headers and associated data (e.g. IV,
383 * authenticator) on input.
384 */
385 int
387 {
391 /* Find beginning of header */
396 /* Remove the header and associated data from the mbuf. */
398 /* The header was at the beginning of the mbuf */
406 /*
407 * Part or all of the header is at the end of this mbuf,
408 * so first let's remove the remainder of the header from
409 * the beginning of the remainder of the mbuf chain, if any.
410 */
413 /* Adjust the next mbuf by the remainder */
416 /* The second mbuf is guaranteed not to have a pkthdr... */
418 }
420 /* Now, let's unlink the mbuf chain for a second...*/
424 /* ...and trim the end of the first part of the chain...sick */
429 /* Finally, let's relink */
432 /*
433 * The header lies in the "middle" of the mbuf; copy
434 * the remainder of the mbuf down over the header.
435 */
442 }
444 }
446 /*
447 * Diagnostic routine to check mbuf alignment as required by the
448 * crypto device drivers (that use DMA).
449 */
450 void
452 {
455 caddr_t addr;
467 }
475 }
482 }