search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
hammer2 - Fix flush issues with unmounted PFSs and shutdown panic
[dragonfly.git] / sys / net / ipfw3 / ip_fw3_sync.c
blob52be7a09fd96bb1f383eaf5562703a7d3593ec7d
1 /*
2 * Copyright (c) 2016 The DragonFly Project. All rights reserved.
3 *
4 * This code is derived from software contributed to The DragonFly Project
5 * by Bill Yuan <bycn82@dragonflybsd.org>
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 *
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in
15 * the documentation and/or other materials provided with the
16 * distribution.
17 * 3. Neither the name of The DragonFly Project nor the names of its
18 * contributors may be used to endorse or promote products derived
19 * from this software without specific, prior written permission.
20 *
21 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
22 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
23 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
24 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
25 * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
26 * INCIDENTAL, SPECIAL, EXEMPLARY OR CONSEQUENTIAL DAMAGES (INCLUDING,
27 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
28 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
29 * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
30 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
31 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32 * SUCH DAMAGE.
33 *
34 */
35
36 #include <sys/types.h>
37 #include <sys/param.h>
38 #include <sys/systm.h>
39 #include <sys/malloc.h>
40 #include <sys/mbuf.h>
41 #include <sys/kernel.h>
42 #include <sys/proc.h>
43 #include <sys/socket.h>
44 #include <sys/socketvar.h>
45 #include <sys/socketvar2.h>
46 #include <sys/socketops.h>
47 #include <sys/sysctl.h>
48 #include <sys/syslog.h>
49 #include <sys/ucred.h>
50 #include <sys/in_cksum.h>
51 #include <sys/lock.h>
52 #include <sys/kthread.h>
53 #include <sys/thread2.h>
54 #include <sys/mplock2.h>
55
56 #include <netinet/in.h>
57 #include <netinet/in_systm.h>
58 #include <netinet/in_var.h>
59 #include <netinet/in_pcb.h>
60 #include <netinet/ip.h>
61 #include <netinet/ip_var.h>
62 #include <netinet/ip_icmp.h>
63 #include <netinet/tcp.h>
64 #include <netinet/tcp_timer.h>
65 #include <netinet/tcp_var.h>
66 #include <netinet/tcpip.h>
67 #include <netinet/udp.h>
68 #include <netinet/udp_var.h>
69 #include <netinet/ip_divert.h>
70 #include <netinet/if_ether.h>
71
72 #include <net/if.h>
73 #include <net/route.h>
74 #include <net/pfil.h>
75 #include <net/netmsg2.h>
76 #include <net/ethernet.h>
77
78 #include <net/ipfw3/ip_fw.h>
79 #include <net/ipfw3/ip_fw3_sync.h>
80
81 MALLOC_DEFINE(M_IPFW3_SYNC, "IPFW3_SYNC", "mem for ipfw3sync");
82
83 extern struct ipfw_context *ipfw_ctx[MAXCPU];
84 extern struct ipfw_sync_context sync_ctx;
85 ipfw_sync_send_state_t *ipfw_sync_send_state_prt = NULL;
86 ipfw_sync_install_state_t *ipfw_sync_install_state_prt = NULL;
87
88 /*
89 * ipfw3sync show config
90 */
91 int
92 ipfw_ctl_sync_show_conf(struct sockopt *sopt)
93 {
94 struct ipfw_ioc_sync_context *tmp_sync_ctx;
95 int size;
96
97 size = 3 * sizeof(int) + sync_ctx.count * sizeof(struct ipfw_sync_edge);
98 if (sopt->sopt_valsize < size) {
99 /* sopt_val is not big enough */
100 bzero(sopt->sopt_val, sopt->sopt_valsize);
101 return 0;
102 }
103 tmp_sync_ctx = (struct ipfw_ioc_sync_context *)sopt->sopt_val;
104 tmp_sync_ctx->edge_port = sync_ctx.edge_port;
105 tmp_sync_ctx->hw_same = sync_ctx.hw_same;
106 tmp_sync_ctx->count = sync_ctx.count;
107 bcopy(sync_ctx.edges, tmp_sync_ctx->edges,
108 sync_ctx.count * sizeof(struct ipfw_sync_edge));
109 sopt->sopt_valsize = size;
110 return 0;
111 }
112
113 /*
114 * ipfw3sync show status
115 */
116 int
117 ipfw_ctl_sync_show_status(struct sockopt *sopt)
118 {
119 int *running;
120 running = (int *)sopt->sopt_val;
121 *running = sync_ctx.running;
122 sopt->sopt_valsize = sizeof(int);
123 return 0;
124 }
125 /*
126 * ipfw3sync config centre
127 */
128 int
129 ipfw_ctl_sync_centre_conf(struct sockopt *sopt)
130 {
131 struct ipfw_ioc_sync_centre *ioc_centre;
132 int size;
133
134 ioc_centre = sopt->sopt_val;
135 size = ioc_centre->count * sizeof(struct ipfw_sync_edge);
136 if (sync_ctx.count == 0) {
137 sync_ctx.edges = kmalloc(size, M_IPFW3_SYNC, M_NOWAIT | M_ZERO);
138 } else {
139 sync_ctx.edges = krealloc(sync_ctx.edges,
140 size, M_TEMP, M_WAITOK);
141 }
142 sync_ctx.count = ioc_centre->count;
143 bcopy(ioc_centre->edges, sync_ctx.edges,
144 ioc_centre->count * sizeof(struct ipfw_sync_edge));
145 return 0;
146 }
147
148 /*
149 * ipfw3sync config edge
150 */
151 int
152 ipfw_ctl_sync_edge_conf(struct sockopt *sopt)
153 {
154 struct ipfw_ioc_sync_edge *ioc_edge;
155 struct thread *td;
156 size_t size;
157 int error;
158
159 size = sopt->sopt_valsize;
160 ioc_edge = sopt->sopt_val;
161 if (size != sizeof(struct ipfw_ioc_sync_edge)) {
162 return EINVAL;
163 }
164 sync_ctx.edge_port = ioc_edge->port;
165 sync_ctx.hw_same = ioc_edge->hw_same;
166
167 td = curthread->td_proc ? curthread : &thread0;
168 error = socreate(AF_INET, &sync_ctx.edge_sock,
169 SOCK_DGRAM, IPPROTO_UDP, td);
170 if (error) {
171 kprintf("ipfw3sync edge socreate failed: %d\n", error);
172 return (error);
173 }
174 return 0;
175 }
176
177 void
178 sync_edge_socket_handler(void *dummy)
179 {
180 struct socket *so;
181 struct sockbuf sio;
182 struct sockaddr_in sin;
183 struct mbuf *m;
184 struct sockaddr *sa;
185 int error, flags, *type;
186
187 so = sync_ctx.edge_sock;
188 flags = MSG_FBLOCKING;
189
190 bzero(&sin, sizeof(struct sockaddr_in));
191 sin.sin_family = AF_INET;
192 sin.sin_port = htons(sync_ctx.edge_port);
193 sin.sin_len = sizeof(struct sockaddr_in);
194 sa = (struct sockaddr *)&sin;
195 while (sync_ctx.running & 1) {
196 sbinit(&sio, 1000000000);
197 error = so_pru_soreceive(so, NULL, NULL, &sio, NULL, &flags);
198 if (error)
199 break;
200 m = sio.sb_mb;
201 type = (int *)m->m_data;
202 if (*type == SYNC_TYPE_SEND_TEST) {
203 struct cmd_send_test *cmd;
204 cmd = (struct cmd_send_test *)m->m_data;
205 kprintf("test received %d\n", cmd->num);
206 } else if (*type == SYNC_TYPE_SEND_STATE) {
207 struct cmd_send_state *cmd;
208 cmd = (struct cmd_send_state *)m->m_data;
209 if (ipfw_sync_install_state_prt != NULL) {
210 (*ipfw_sync_install_state_prt)(cmd);
211 }
212 } else if (*type == SYNC_TYPE_SEND_NAT) {
213 /* TODO sync NAT records */
214 kprintf("nat received\n");
215 } else {
216 kprintf("Error ignore\n");
217 }
218 }
219 soshutdown(sync_ctx.edge_sock, SHUT_RD);
220 sofree(sync_ctx.edge_sock);
221 kthread_exit();
222 }
223
224 int
225 ipfw_ctl_sync_edge_start(struct sockopt *sopt)
226 {
227 struct sockaddr_in sin;
228 struct thread *td;
229 int error;
230
231 if (sync_ctx.running & 1) {
232 return 0;
233 }
234 td = curthread->td_proc ? curthread : &thread0;
235 bzero(&sin, sizeof(struct sockaddr_in));
236 sin.sin_family = AF_INET;
237 sin.sin_len = sizeof(struct sockaddr_in);
238 sin.sin_port = htons(sync_ctx.edge_port);
239 sin.sin_addr.s_addr = INADDR_ANY;
240 error = sobind(sync_ctx.edge_sock, (struct sockaddr *)&sin, td);
241 if (error) {
242 if (error != EADDRINUSE) {
243 kprintf("ipfw3sync edge sobind failed: %d\n", error);
244 } else {
245 kprintf("ipfw3sync edge address in use: %d\n", error);
246 }
247 return (error);
248 }
249
250 sync_ctx.running |= 1;
251 soreference(sync_ctx.edge_sock);
252 error = kthread_create(sync_edge_socket_handler, NULL,
253 &sync_ctx.edge_td, "sync_edge_thread");
254 if (error) {
255 panic("sync_edge_socket_handler:error %d",error);
256 }
257 return 0;
258 }
259
260 int
261 ipfw_ctl_sync_centre_start(struct sockopt *sopt)
262 {
263 struct sockaddr_in sin;
264 struct thread *td;
265 struct ipfw_sync_edge *edge;
266 int error, i;
267
268 sync_ctx.running |= 2;
269 td = curthread->td_proc ? curthread : &thread0;
270
271 for (i = 0; i < sync_ctx.count; i++) {
272 error = socreate(AF_INET, &sync_ctx.centre_socks[i],
273 SOCK_DGRAM, IPPROTO_UDP, td);
274 if (error) {
275 kprintf("ipfw3sync centre socreate failed: %d\n",
276 error);
277 return error;
278 }
279 edge = sync_ctx.edges;
280
281 bzero(&sin, sizeof(struct sockaddr_in));
282 sin.sin_family = AF_INET;
283 sin.sin_port = htons(edge->port);
284 sin.sin_addr.s_addr = edge->addr;
285 sin.sin_len = sizeof(struct sockaddr_in);
286 error = soconnect(sync_ctx.centre_socks[i],
287 (struct sockaddr *)&sin, td, TRUE);
288 if (error) {
289 kprintf("ipfw3sync: centre soconnect failed: %d\n",
290 error);
291 return error;
292 }
293 }
294
295 return 0;
296 }
297
298 int
299 ipfw_ctl_sync_edge_test(struct sockopt *sopt)
300 {
301 return 0;
302 }
303
304 int
305 ipfw_ctl_sync_centre_test(struct sockopt *sopt)
306 {
307 struct cmd_send_test cmd;
308 struct mbuf *m;
309 struct thread *td;
310 int error, i, len, nsize, *num;
311
312 if (sopt->sopt_valsize != sizeof(int)) {
313 kprintf("ipfw3sync: invalid centre test parameter\n");
314 return -1;
315 }
316 if ((sync_ctx.running & 2) == 0) {
317 kprintf("ipfw3sync: centre not running\n");
318 return -1;
319 }
320 num = sopt->sopt_val;
321 len = sizeof(struct cmd_send_test);
322 m = m_getl(len, M_WAITOK, MT_DATA, M_PKTHDR, &nsize);
323 if (m == NULL) {
324 kprintf("ipfw3sync: MGET failed\n");
325 return -1;
326 }
327 cmd.type = 0;
328 cmd.num = *num;
329 memcpy(m->m_data, &cmd, len);
330
331 m->m_len = len;
332 m->m_pkthdr.len = len;
333
334 td = curthread->td_proc ? curthread : &thread0;
335 for (i = 0; i < sync_ctx.count; i++) {
336 error = so_pru_sosend(sync_ctx.centre_socks[i],
337 NULL, NULL, m, NULL, 0 ,td);
338 if (error) {
339 kprintf("ipfw3sync: centre sosend failed: %d\n", error);
340 return -1;
341 }
342 }
343 m_free(m);
344 return 0;
345 }
346 int
347 ipfw_ctl_sync_edge_stop(struct sockopt *sopt)
348 {
349 if (sync_ctx.running & 1) {
350 sync_ctx.running &= 2;
351 soclose(sync_ctx.edge_sock, 0);
352 }
353 return 0;
354 }
355
356 int
357 ipfw_ctl_sync_centre_stop(struct sockopt *sopt)
358 {
359 int i;
360
361 if (sync_ctx.running & 2) {
362 sync_ctx.running &= 1;
363 for (i = 0; i < sync_ctx.count; i++) {
364 soclose(sync_ctx.centre_socks[i], 0);
365 }
366 }
367 return 0;
368 }
369
370 int
371 ipfw_ctl_sync_edge_clear(struct sockopt *sopt)
372 {
373 return 0;
374 }
375
376 int
377 ipfw_ctl_sync_centre_clear(struct sockopt *sopt)
378 {
379 return 0;
380 }
381
382 /*
383 * sockopt handler
384 */
385 int
386 ipfw_ctl_sync_sockopt(struct sockopt *sopt)
387 {
388 int error = 0;
389 switch (sopt->sopt_name) {
390 case IP_FW_SYNC_EDGE_CONF:
391 error = ipfw_ctl_sync_edge_conf(sopt);
392 break;
393 case IP_FW_SYNC_CENTRE_CONF:
394 error = ipfw_ctl_sync_centre_conf(sopt);
395 break;
396 case IP_FW_SYNC_SHOW_CONF:
397 error = ipfw_ctl_sync_show_conf(sopt);
398 break;
399 case IP_FW_SYNC_SHOW_STATUS:
400 error = ipfw_ctl_sync_show_status(sopt);
401 break;
402 case IP_FW_SYNC_EDGE_START:
403 error = ipfw_ctl_sync_edge_start(sopt);
404 break;
405 case IP_FW_SYNC_CENTRE_START:
406 error = ipfw_ctl_sync_centre_start(sopt);
407 break;
408 case IP_FW_SYNC_EDGE_STOP:
409 error = ipfw_ctl_sync_edge_stop(sopt);
410 break;
411 case IP_FW_SYNC_CENTRE_STOP:
412 error = ipfw_ctl_sync_centre_stop(sopt);
413 break;
414 case IP_FW_SYNC_EDGE_CLEAR:
415 error = ipfw_ctl_sync_edge_clear(sopt);
416 break;
417 case IP_FW_SYNC_CENTRE_CLEAR:
418 error = ipfw_ctl_sync_centre_clear(sopt);
419 break;
420 case IP_FW_SYNC_EDGE_TEST:
421 error = ipfw_ctl_sync_edge_test(sopt);
422 break;
423 case IP_FW_SYNC_CENTRE_TEST:
424 error = ipfw_ctl_sync_centre_test(sopt);
425 break;
426 default:
427 kprintf("ipfw3 sync invalid socket option %d\n",
428 sopt->sopt_name);
429 }
430 return error;
431 }
432
433 void
434 ipfw_sync_send_state(struct ip_fw_state *state, int cpu, int hash)
435 {
436 struct mbuf *m;
437 struct thread *td;
438 int error, i, len, nsize;
439 struct cmd_send_state cmd;
440
441 len = sizeof(struct cmd_send_state);
442 m = m_getl(len, M_WAITOK, MT_DATA, M_PKTHDR, &nsize);
443 if (m == NULL) {
444 kprintf("ipfw3sync: MGET failed\n");
445 return;
446 }
447
448 cmd.type = 1;
449 cmd.rulenum = state->stub->rulenum;
450 cmd.lifetime = state->lifetime;
451 cmd.expiry = state->expiry;
452 cmd.cpu = cpu;
453 cmd.hash = hash;
454
455 memcpy(&cmd.flow, &state->flow_id, sizeof(struct ipfw_flow_id));
456 memcpy(m->m_data, &cmd, len);
457
458 m->m_len = len;
459 m->m_pkthdr.len = len;
460
461 td = curthread->td_proc ? curthread : &thread0;
462 for (i = 0; i < sync_ctx.count; i++) {
463 error = so_pru_sosend(sync_ctx.centre_socks[i],
464 NULL, NULL, m, NULL, 0 ,td);
465 if (error) {
466 kprintf("ipfw3sync: centre sosend failed: %d\n", error);
467 return;
468 }
469 }
470 return;
471 }
472
473 void
474 ipfw3_sync_modevent(int type)
475 {
476 switch (type) {
477 case MOD_LOAD:
478 ipfw_sync_send_state_prt = ipfw_sync_send_state;
479 break;
480 case MOD_UNLOAD:
481 if (sync_ctx.edges != NULL) {
482 kfree(sync_ctx.edges, M_IPFW3_SYNC);
483 }
484 if (sync_ctx.running & 1) {
485 sync_ctx.running = 0;
486 soclose(sync_ctx.edge_sock, 0);
487 sync_ctx.edge_td = NULL;
488 }
489 if (sync_ctx.running & 2) {
490 int i;
491 for (i = 0; i < sync_ctx.count; i++) {
492 soclose(sync_ctx.centre_socks[i], 0);
493 }
494 }
495 break;
496 default:
497 break;
498 }
499 }
DragonFly BSD