1 /*
2 * Copyright (c) 2000-2024 Apple Inc. All rights reserved.
3 *
4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. The rights granted to you under the License
10 * may not be used to create, or enable the creation or redistribution of,
11 * unlawful or unlicensed copies of an Apple operating system, or to
12 * circumvent, violate, or enable the circumvention or violation of, any
13 * terms of an Apple operating system software license agreement.
14 *
15 * Please obtain a copy of the License at
16 * http://www.opensource.apple.com/apsl/ and read it before using this file.
17 *
18 * The Original Code and all software distributed under the License are
19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23 * Please see the License for the specific language governing rights and
24 * limitations under the License.
25 *
26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
27 */
28 /*
29 * Copyright (c) 1982, 1986, 1993
30 * The Regents of the University of California. All rights reserved.
31 *
32 * Redistribution and use in source and binary forms, with or without
33 * modification, are permitted provided that the following conditions
34 * are met:
35 * 1. Redistributions of source code must retain the above copyright
36 * notice, this list of conditions and the following disclaimer.
37 * 2. Redistributions in binary form must reproduce the above copyright
38 * notice, this list of conditions and the following disclaimer in the
39 * documentation and/or other materials provided with the distribution.
40 * 3. All advertising materials mentioning features or use of this software
41 * must display the following acknowledgement:
42 * This product includes software developed by the University of
43 * California, Berkeley and its contributors.
44 * 4. Neither the name of the University nor the names of its contributors
45 * may be used to endorse or promote products derived from this software
46 * without specific prior written permission.
47 *
48 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
49 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
50 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
51 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
52 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
53 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
54 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
55 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
56 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
57 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
58 * SUCH DAMAGE.
59 *
60 * @(#)in_proto.c 8.2 (Berkeley) 2/9/95
61 */
62
63 #include <sys/param.h>
64 #include <sys/kernel.h>
65 #include <sys/socket.h>
66 #include <sys/domain.h>
67 #include <sys/protosw.h>
68 #include <sys/queue.h>
69 #include <sys/sysctl.h>
70 #include <sys/mbuf.h>
71
72 #include <kern/debug.h>
73
74 #include <net/if.h>
75 #include <net/route.h>
76 #include <net/kpi_protocol.h>
77
78 #include <netinet/in.h>
79 #include <netinet/in_var.h>
80 #include <netinet/in_systm.h>
81 #include <netinet/ip.h>
82 #include <netinet/ip_var.h>
83 #include <netinet/ip_icmp.h>
84 #include <netinet/igmp_var.h>
85 #include <netinet/tcp.h>
86 #include <netinet/tcp_timer.h>
87 #include <netinet/tcp_var.h>
88 #include <netinet/tcpip.h>
89 #include <netinet/udp.h>
90 #include <netinet/udp_var.h>
91 #include <netinet/ip_encap.h>
92
93 /*
94 * TCP/IP protocol family: IP, ICMP, UDP, TCP.
95 */
96
97 #if IPSEC
98 #include <netinet6/ipsec.h>
99 #include <netinet6/ah.h>
100 #if IPSEC_ESP
101 #include <netinet6/esp.h>
102 #endif
103 #endif /* IPSEC */
104
105 static void in_dinit(struct domain *);
106
107 extern struct domain inetdomain_s;
108 static struct pr_usrreqs nousrreqs;
109 extern struct pr_usrreqs icmp_dgram_usrreqs;
110 extern int icmp_dgram_ctloutput(struct socket *, struct sockopt *);
111
112 struct domain *inetdomain = NULL;
113
114 /* Thanks to PPP, this still needs to be exported */
115 lck_mtx_t *inet_domain_mutex;
116
117 static struct protosw inetsw[] = {
118 {
119 .pr_type = 0,
120 .pr_protocol = 0,
121 .pr_init = ip_init,
122 .pr_drain = ip_drain,
123 .pr_usrreqs = &nousrreqs,
124 },
125 {
126 .pr_type = SOCK_DGRAM,
127 .pr_protocol = IPPROTO_UDP,
128 .pr_flags = PR_ATOMIC | PR_ADDR | PR_PROTOLOCK | PR_PCBLOCK |
129 PR_EVCONNINFO | PR_PRECONN_WRITE,
130 .pr_input = udp_input,
131 .pr_ctlinput = udp_ctlinput,
132 .pr_ctloutput = udp_ctloutput,
133 .pr_init = udp_init,
134 .pr_usrreqs = &udp_usrreqs,
135 .pr_lock = udp_lock,
136 .pr_unlock = udp_unlock,
137 .pr_getlock = udp_getlock,
138 .pr_update_last_owner = inp_update_last_owner,
139 .pr_copy_last_owner = inp_copy_last_owner,
140 },
141 {
142 .pr_type = SOCK_STREAM,
143 .pr_protocol = IPPROTO_TCP,
144 .pr_flags = PR_CONNREQUIRED | PR_WANTRCVD | PR_PCBLOCK |
145 PR_PROTOLOCK | PR_DISPOSE | PR_EVCONNINFO |
146 PR_PRECONN_WRITE | PR_DATA_IDEMPOTENT,
147 .pr_input = tcp_input,
148 .pr_ctlinput = tcp_ctlinput,
149 .pr_ctloutput = tcp_ctloutput,
150 .pr_init = tcp_init,
151 .pr_drain = tcp_drain,
152 .pr_usrreqs = &tcp_usrreqs,
153 .pr_lock = tcp_lock,
154 .pr_unlock = tcp_unlock,
155 .pr_getlock = tcp_getlock,
156 .pr_update_last_owner = inp_update_last_owner,
157 .pr_copy_last_owner = inp_copy_last_owner,
158 },
159 {
160 .pr_type = SOCK_RAW,
161 .pr_protocol = IPPROTO_RAW,
162 .pr_flags = PR_ATOMIC | PR_ADDR,
163 .pr_input = rip_input,
164 .pr_ctlinput = rip_ctlinput,
165 .pr_ctloutput = rip_ctloutput,
166 .pr_usrreqs = &rip_usrreqs,
167 .pr_unlock = rip_unlock,
168 .pr_update_last_owner = inp_update_last_owner,
169 .pr_copy_last_owner = inp_copy_last_owner,
170 },
171 {
172 .pr_type = SOCK_RAW,
173 .pr_protocol = IPPROTO_ICMP,
174 .pr_flags = PR_ATOMIC | PR_ADDR | PR_LASTHDR,
175 .pr_input = icmp_input,
176 .pr_ctloutput = rip_ctloutput,
177 .pr_usrreqs = &rip_usrreqs,
178 .pr_unlock = rip_unlock,
179 .pr_update_last_owner = inp_update_last_owner,
180 .pr_copy_last_owner = inp_copy_last_owner,
181 },
182 {
183 .pr_type = SOCK_DGRAM,
184 .pr_protocol = IPPROTO_ICMP,
185 .pr_flags = PR_ATOMIC | PR_ADDR | PR_LASTHDR,
186 .pr_input = icmp_input,
187 .pr_ctloutput = icmp_dgram_ctloutput,
188 .pr_usrreqs = &icmp_dgram_usrreqs,
189 .pr_unlock = rip_unlock,
190 .pr_update_last_owner = inp_update_last_owner,
191 .pr_copy_last_owner = inp_copy_last_owner,
192 },
193 {
194 .pr_type = SOCK_RAW,
195 .pr_protocol = IPPROTO_IGMP,
196 .pr_flags = PR_ATOMIC | PR_ADDR | PR_LASTHDR,
197 .pr_input = igmp_input,
198 .pr_ctloutput = rip_ctloutput,
199 .pr_init = igmp_init,
200 .pr_usrreqs = &rip_usrreqs,
201 .pr_unlock = rip_unlock,
202 .pr_update_last_owner = inp_update_last_owner,
203 .pr_copy_last_owner = inp_copy_last_owner,
204 },
205 {
206 .pr_type = SOCK_RAW,
207 .pr_protocol = IPPROTO_GRE,
208 .pr_flags = PR_ATOMIC | PR_ADDR,
209 .pr_input = gre_input,
210 .pr_ctlinput = rip_ctlinput,
211 .pr_ctloutput = rip_ctloutput,
212 .pr_usrreqs = &rip_usrreqs,
213 .pr_unlock = rip_unlock,
214 .pr_update_last_owner = inp_update_last_owner,
215 .pr_copy_last_owner = inp_copy_last_owner,
216 },
217 #if IPSEC
218 {
219 .pr_type = SOCK_RAW,
220 .pr_protocol = IPPROTO_AH,
221 .pr_flags = PR_ATOMIC | PR_ADDR | PR_PROTOLOCK,
222 .pr_input = ah4_input,
223 .pr_usrreqs = &nousrreqs,
224 },
225 #if IPSEC_ESP
226 {
227 .pr_type = SOCK_RAW,
228 .pr_protocol = IPPROTO_ESP,
229 .pr_flags = PR_ATOMIC | PR_ADDR | PR_PROTOLOCK,
230 .pr_input = esp4_input,
231 .pr_usrreqs = &nousrreqs,
232 },
233 #endif /* IPSEC_ESP */
234 #endif /* IPSEC */
235 {
236 .pr_type = SOCK_RAW,
237 .pr_protocol = IPPROTO_IPV4,
238 .pr_flags = PR_ATOMIC | PR_ADDR | PR_LASTHDR,
239 .pr_input = encap4_input,
240 .pr_ctloutput = rip_ctloutput,
241 .pr_usrreqs = &rip_usrreqs,
242 .pr_unlock = rip_unlock,
243 .pr_update_last_owner = inp_update_last_owner,
244 .pr_copy_last_owner = inp_copy_last_owner,
245 },
246 {
247 .pr_type = SOCK_RAW,
248 .pr_protocol = IPPROTO_IPV6,
249 .pr_flags = PR_ATOMIC | PR_ADDR | PR_LASTHDR,
250 .pr_input = encap4_input,
251 .pr_ctloutput = rip_ctloutput,
252 .pr_usrreqs = &rip_usrreqs,
253 .pr_unlock = rip_unlock,
254 .pr_update_last_owner = inp_update_last_owner,
255 .pr_copy_last_owner = inp_copy_last_owner,
256 },
257 /* raw wildcard */
258 {
259 .pr_type = SOCK_RAW,
260 .pr_flags = PR_ATOMIC | PR_ADDR | PR_LASTHDR,
261 .pr_input = rip_input,
262 .pr_ctloutput = rip_ctloutput,
263 .pr_init = rip_init,
264 .pr_usrreqs = &rip_usrreqs,
265 .pr_unlock = rip_unlock,
266 .pr_update_last_owner = inp_update_last_owner,
267 .pr_copy_last_owner = inp_copy_last_owner,
268 },
269 };
270
271 static int in_proto_count = (sizeof(inetsw) / sizeof(struct protosw));
272
273 struct domain inetdomain_s = {
274 .dom_family = PF_INET,
275 .dom_flags = DOM_REENTRANT,
276 .dom_name = "internet",
277 .dom_init = in_dinit,
278 .dom_rtattach = in_inithead,
279 .dom_rtoffset = 32,
280 .dom_maxrtkey = sizeof(struct sockaddr_in),
281 .dom_protohdrlen = sizeof(struct tcpiphdr),
282 };
283
284 /* Initialize the PF_INET domain, and add in the pre-defined protos */
285 void
in_dinit(struct domain * dp)286 in_dinit(struct domain *dp)
287 {
288 struct protosw *pr;
289 int i;
290 domain_unguard_t __single unguard;
291
292 VERIFY(!(dp->dom_flags & DOM_INITIALIZED));
293 VERIFY(inetdomain == NULL);
294
295 inetdomain = dp;
296
297 /*
298 * Verify that the maximum possible tcp/ip header will still
299 * fit in a small mbuf because m_pullup only puls into 256
300 * byte mbuf
301 */
302 static_assert((sizeof(struct tcpiphdr) + TCP_MAXOLEN) <= _MHLEN);
303
304 /*
305 * Attach first, then initialize; ip_init() needs raw IP handler.
306 */
307 for (i = 0, pr = &inetsw[0]; i < in_proto_count; i++, pr++) {
308 net_add_proto(pr, dp, 0);
309 }
310 for (i = 0, pr = &inetsw[0]; i < in_proto_count; i++, pr++) {
311 net_init_proto(pr, dp);
312 }
313
314 inet_domain_mutex = dp->dom_mtx;
315
316 unguard = domain_unguard_deploy();
317 i = proto_register_input(PF_INET, ip_proto_input, NULL, 1);
318 if (i != 0) {
319 panic("%s: failed to register PF_INET protocol: %d",
320 __func__, i);
321 /* NOTREACHED */
322 }
323 domain_unguard_release(unguard);
324 }
325
326 SYSCTL_NODE(_net, PF_INET, inet,
327 CTLFLAG_RW | CTLFLAG_LOCKED, 0, "Internet Family");
328
329 SYSCTL_NODE(_net_inet, IPPROTO_IP, ip,
330 CTLFLAG_RW | CTLFLAG_LOCKED, 0, "IP");
331 SYSCTL_NODE(_net_inet, IPPROTO_ICMP, icmp,
332 CTLFLAG_RW | CTLFLAG_LOCKED, 0, "ICMP");
333 SYSCTL_NODE(_net_inet, IPPROTO_UDP, udp,
334 CTLFLAG_RW | CTLFLAG_LOCKED, 0, "UDP");
335 SYSCTL_NODE(_net_inet, IPPROTO_TCP, tcp,
336 CTLFLAG_RW | CTLFLAG_LOCKED, 0, "TCP");
337 SYSCTL_NODE(_net_inet, IPPROTO_IGMP, igmp,
338 CTLFLAG_RW | CTLFLAG_LOCKED, 0, "IGMP");
339 #if IPSEC
340 SYSCTL_NODE(_net_inet, IPPROTO_AH, ipsec,
341 CTLFLAG_RW | CTLFLAG_LOCKED, 0, "IPSEC");
342 #endif /* IPSEC */
343 SYSCTL_NODE(_net_inet, IPPROTO_RAW, raw,
344 CTLFLAG_RW | CTLFLAG_LOCKED, 0, "RAW");
345