1 /* 2 * Copyright (c) 2000-2024 Apple Inc. All rights reserved. 3 * 4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@ 5 * 6 * This file contains Original Code and/or Modifications of Original Code 7 * as defined in and that are subject to the Apple Public Source License 8 * Version 2.0 (the 'License'). You may not use this file except in 9 * compliance with the License. The rights granted to you under the License 10 * may not be used to create, or enable the creation or redistribution of, 11 * unlawful or unlicensed copies of an Apple operating system, or to 12 * circumvent, violate, or enable the circumvention or violation of, any 13 * terms of an Apple operating system software license agreement. 14 * 15 * Please obtain a copy of the License at 16 * http://www.opensource.apple.com/apsl/ and read it before using this file. 17 * 18 * The Original Code and all software distributed under the License are 19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER 20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, 21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, 22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. 23 * Please see the License for the specific language governing rights and 24 * limitations under the License. 25 * 26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@ 27 */ 28 /* 29 * Copyright (c) 1982, 1986, 1990, 1993 30 * The Regents of the University of California. All rights reserved. 31 * 32 * Redistribution and use in source and binary forms, with or without 33 * modification, are permitted provided that the following conditions 34 * are met: 35 * 1. Redistributions of source code must retain the above copyright 36 * notice, this list of conditions and the following disclaimer. 37 * 2. Redistributions in binary form must reproduce the above copyright 38 * notice, this list of conditions and the following disclaimer in the 39 * documentation and/or other materials provided with the distribution. 40 * 3. All advertising materials mentioning features or use of this software 41 * must display the following acknowledgement: 42 * This product includes software developed by the University of 43 * California, Berkeley and its contributors. 44 * 4. Neither the name of the University nor the names of its contributors 45 * may be used to endorse or promote products derived from this software 46 * without specific prior written permission. 47 * 48 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 49 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 50 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 51 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 52 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 53 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 54 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 55 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 56 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 57 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 58 * SUCH DAMAGE. 59 * 60 * @(#)in_pcb.h 8.1 (Berkeley) 6/10/93 61 * $FreeBSD: src/sys/netinet/in_pcb.h,v 1.32.2.4 2001/08/13 16:26:17 ume Exp $ 62 */ 63 /* 64 * NOTICE: This file was modified by SPARTA, Inc. in 2007 to introduce 65 * support for mandatory and extensible security protections. This notice 66 * is included in support of clause 2.2 (b) of the Apple Public License, 67 * Version 2.0. 68 */ 69 70 #ifndef _NETINET_IN_PCB_H_ 71 #define _NETINET_IN_PCB_H_ 72 #include <sys/appleapiopts.h> 73 74 #include <netinet/in.h> 75 #include <sys/socketvar.h> 76 #include <sys/types.h> 77 #include <sys/queue.h> 78 #ifdef BSD_KERNEL_PRIVATE 79 #include <sys/bitstring.h> 80 #include <sys/tree.h> 81 #include <kern/locks.h> 82 #include <kern/zalloc.h> 83 #include <netinet/in_stat.h> 84 #include <net/if_ports_used.h> 85 #endif /* BSD_KERNEL_PRIVATE */ 86 #if !KERNEL 87 #include <TargetConditionals.h> 88 #endif 89 90 #if IPSEC 91 #include <netinet6/ipsec.h> /* for IPSEC */ 92 #endif /* IPSEC */ 93 94 #if NECP 95 #include <net/necp.h> 96 #endif 97 98 #if SKYWALK 99 #include <skywalk/namespace/netns.h> 100 #endif /* SKYWALK */ 101 102 #ifdef BSD_KERNEL_PRIVATE 103 /* 104 * struct inpcb is the common protocol control block structure used in most 105 * IP transport protocols. 106 * 107 * Pointers to local and foreign host table entries, local and foreign socket 108 * numbers, and pointers up (to a socket structure) and down (to a 109 * protocol-specific control block) are stored here. 110 */ 111 LIST_HEAD(inpcbhead, inpcb); 112 LIST_HEAD(inpcbporthead, inpcbport); 113 #endif /* BSD_KERNEL_PRIVATE */ 114 typedef u_quad_t inp_gen_t; 115 116 /* 117 * PCB with AF_INET6 null bind'ed laddr can receive AF_INET input packet. 118 * So, AF_INET6 null laddr is also used as AF_INET null laddr, by utilizing 119 * the following structure. 120 */ 121 struct in_addr_4in6 { 122 u_int32_t ia46_pad32[3]; 123 struct in_addr ia46_addr4; 124 }; 125 126 #ifdef BSD_KERNEL_PRIVATE 127 /* 128 * NB: the zone allocator is type-stable EXCEPT FOR THE FIRST TWO LONGS 129 * of the structure. Therefore, it is important that the members in 130 * that position not contain any information which is required to be 131 * stable. 132 */ 133 struct icmp6_filter; 134 struct ifnet; 135 136 struct inp_stat { 137 u_int64_t rxpackets; 138 u_int64_t rxbytes; 139 u_int64_t txpackets; 140 u_int64_t txbytes; 141 }; 142 143 typedef enum { 144 stats_functional_type_none = 0, 145 stats_functional_type_cell = 1, 146 stats_functional_type_wifi = 2, 147 stats_functional_type_wired = 3, 148 stats_functional_type_bluetooth = 4 149 } stats_functional_type; 150 151 struct inp_necp_attributes { 152 char *inp_domain __null_terminated; 153 char *inp_account __null_terminated; 154 char *inp_domain_owner __null_terminated; 155 char *inp_tracker_domain __null_terminated; 156 char *inp_domain_context __null_terminated; 157 }; 158 159 /* 160 * struct inpcb captures the network layer state for TCP, UDP and raw IPv6 161 * and IPv6 sockets. In the case of TCP, further per-connection state is 162 * hung off of inp_ppcb most of the time. 163 */ 164 struct inpcb { 165 decl_lck_mtx_data(, inpcb_mtx); /* inpcb per-socket mutex */ 166 LIST_ENTRY(inpcb) inp_hash; /* hash list */ 167 LIST_ENTRY(inpcb) inp_list; /* list for all PCBs of this proto */ 168 void *inp_ppcb; /* pointer to per-protocol pcb */ 169 struct inpcbinfo *inp_pcbinfo; /* PCB list info */ 170 struct socket *inp_socket; /* back pointer to socket */ 171 LIST_ENTRY(inpcb) inp_portlist; /* list for this PCB's local port */ 172 RB_ENTRY(inpcb) infc_link; /* link for flowhash RB tree */ 173 struct inpcbport *inp_phd; /* head of this list */ 174 inp_gen_t inp_gencnt; /* generation count of this instance */ 175 int inp_hash_element; /* array index of pcb's hash list */ 176 int inp_wantcnt; /* wanted count; atomically updated */ 177 int inp_state; /* state (INUSE/CACHED/DEAD) */ 178 u_short inp_fport; /* foreign port */ 179 u_short inp_lport; /* local port */ 180 uint32_t inp_flags; /* generic IP/datagram flags */ 181 uint32_t inp_flags2; /* generic IP/datagram flags #2 */ 182 uint32_t inp_log_flags; 183 uint32_t inp_flow; /* IPv6 flow information */ 184 uint32_t inp_lifscope; /* IPv6 scope ID of the local address */ 185 uint32_t inp_fifscope; /* IPv6 scope ID of the foreign address */ 186 187 uint32_t inp_sndingprog_waiters;/* waiters for outstanding send */ 188 u_char inp_sndinprog_cnt; /* outstanding send operations */ 189 u_char inp_vflag; /* INP_IPV4 or INP_IPV6 */ 190 191 u_char inp_ip_ttl; /* time to live proto */ 192 u_char inp_ip_p; /* protocol proto */ 193 194 struct ifnet *inp_boundifp; /* interface for INP_BOUND_IF */ 195 struct ifnet *inp_last_outifp; /* last known outgoing interface */ 196 uint32_t inp_flowhash; /* flow hash */ 197 198 /* Protocol-dependent part */ 199 union { 200 /* foreign host table entry */ 201 struct in_addr_4in6 inp46_foreign; 202 struct in6_addr inp6_foreign; 203 } inp_dependfaddr; 204 union { 205 /* local host table entry */ 206 struct in_addr_4in6 inp46_local; 207 struct in6_addr inp6_local; 208 } inp_dependladdr; 209 union { 210 /* placeholder for routing entry */ 211 struct route inp4_route; 212 struct route_in6 inp6_route; 213 } inp_dependroute; 214 struct { 215 /* type of service proto */ 216 u_char inp4_ip_tos; 217 /* IP options */ 218 struct mbuf *inp4_options; 219 /* IP multicast options */ 220 struct ip_moptions *inp4_moptions; 221 } inp_depend4; 222 struct { 223 /* IP options */ 224 struct mbuf *inp6_options; 225 /* IP6 options for outgoing packets */ 226 struct ip6_pktopts *inp6_outputopts; 227 /* IP multicast options */ 228 struct ip6_moptions *inp6_moptions; 229 /* ICMPv6 code type filter */ 230 struct icmp6_filter *inp6_icmp6filt; 231 /* IPV6_CHECKSUM setsockopt */ 232 int inp6_cksum; 233 short inp6_hops; 234 } inp_depend6; 235 236 uint64_t inp_fadv_total_time; 237 uint64_t inp_fadv_start_time; 238 uint64_t inp_fadv_cnt; 239 240 caddr_t inp_saved_ppcb; /* place to save pointer while cached */ 241 #if IPSEC 242 struct inpcbpolicy *inp_sp; /* for IPsec */ 243 #endif /* IPSEC */ 244 #if NECP 245 struct inp_necp_attributes inp_necp_attributes; 246 struct necp_inpcb_result inp_policyresult; 247 uuid_t necp_client_uuid; 248 necp_client_flow_cb necp_cb; 249 size_t inp_resolver_signature_length; 250 uint8_t *inp_resolver_signature __sized_by(inp_resolver_signature_length); 251 #endif 252 #if SKYWALK 253 netns_token inp_netns_token; /* shared namespace state */ 254 /* optional IPv4 wildcard namespace reservation for an IPv6 socket */ 255 netns_token inp_wildcard_netns_token; 256 #endif /* SKYWALK */ 257 u_char *__sized_by(inp_keepalive_datalen) inp_keepalive_data; /* for keepalive offload */ 258 uint8_t inp_keepalive_datalen; /* keepalive data length */ 259 uint8_t inp_keepalive_type; /* type of application */ 260 uint16_t inp_keepalive_interval; /* keepalive interval */ 261 uint32_t inp_nstat_refcnt __attribute__((aligned(4))); 262 struct inp_stat *inp_stat; 263 struct inp_stat *inp_cstat; /* cellular data */ 264 struct inp_stat *inp_wstat; /* Wi-Fi data */ 265 struct inp_stat *inp_Wstat; /* Wired data */ 266 struct inp_stat *inp_btstat; /* Bluetooth data */ 267 uint8_t inp_stat_store[sizeof(struct inp_stat) + sizeof(u_int64_t)]; 268 uint8_t inp_cstat_store[sizeof(struct inp_stat) + sizeof(u_int64_t)]; 269 uint8_t inp_wstat_store[sizeof(struct inp_stat) + sizeof(u_int64_t)]; 270 uint8_t inp_Wstat_store[sizeof(struct inp_stat) + sizeof(u_int64_t)]; 271 uint8_t inp_btstat_store[sizeof(struct inp_stat) + sizeof(u_int64_t)]; 272 activity_bitmap_t inp_nw_activity; 273 uint64_t inp_start_timestamp; 274 uint64_t inp_connect_timestamp; 275 276 char inp_last_proc_name[MAXCOMLEN + 1]; 277 char inp_e_proc_name[MAXCOMLEN + 1]; 278 }; 279 280 #define IFNET_COUNT_TYPE(_ifp) \ 281 IFNET_IS_CELLULAR(_ifp) ? stats_functional_type_cell: \ 282 IFNET_IS_WIFI(_ifp) ? stats_functional_type_wifi: \ 283 IFNET_IS_WIRED(_ifp) ? stats_functional_type_wired: \ 284 IFNET_IS_COMPANION_LINK_BLUETOOTH(_ifp)? stats_functional_type_bluetooth: stats_functional_type_none; 285 286 #define INP_ADD_STAT(_inp, _stats_functional_type, _a, _n) \ 287 do { \ 288 locked_add_64(&((_inp)->inp_stat->_a), (_n)); \ 289 switch(_stats_functional_type) { \ 290 case stats_functional_type_cell: \ 291 locked_add_64(&((_inp)->inp_cstat->_a), (_n)); \ 292 break; \ 293 case stats_functional_type_wifi: \ 294 locked_add_64(&((_inp)->inp_wstat->_a), (_n)); \ 295 break; \ 296 case stats_functional_type_wired: \ 297 locked_add_64(&((_inp)->inp_Wstat->_a), (_n)); \ 298 break; \ 299 case stats_functional_type_bluetooth: \ 300 locked_add_64(&((_inp)->inp_btstat->_a), (_n)); \ 301 break; \ 302 default: \ 303 break; \ 304 }; \ 305 } while (0); 306 307 #endif /* BSD_KERNEL_PRIVATE */ 308 309 /* 310 * Interface exported to userland by various protocols which use 311 * inpcbs. Hack alert -- only define if struct xsocket is in scope. 312 */ 313 #pragma pack(4) 314 315 #if defined(__LP64__) 316 struct _inpcb_list_entry { 317 u_int32_t le_next; 318 u_int32_t le_prev; 319 }; 320 #define _INPCB_PTR(x) u_int32_t 321 #define _INPCB_LIST_ENTRY(x) struct _inpcb_list_entry 322 #else /* !__LP64__ */ 323 #define _INPCB_PTR(x) x 324 #define _INPCB_LIST_ENTRY(x) LIST_ENTRY(x) 325 #endif /* !__LP64__ */ 326 327 #ifdef XNU_KERNEL_PRIVATE 328 /* 329 * This is a copy of the inpcb as it shipped in Panther. This structure 330 * is filled out in a copy function. This allows the inpcb to change 331 * without breaking userland tools. 332 * 333 * CAUTION: Many fields may not be filled out. Fewer may be filled out 334 * in the future. Code defensively. 335 */ 336 struct inpcb_compat { 337 #else 338 struct inpcbinfo; 339 struct inpcbport; 340 struct mbuf; 341 struct ip6_pktopts; 342 struct ip6_moptions; 343 struct icmp6_filter; 344 struct inpcbpolicy; 345 346 struct inpcb { 347 #endif /* KERNEL_PRIVATE */ 348 _INPCB_LIST_ENTRY(inpcb) inp_hash; /* hash list */ 349 struct in_addr reserved1; /* reserved */ 350 struct in_addr reserved2; /* reserved */ 351 u_short inp_fport; /* foreign port */ 352 u_short inp_lport; /* local port */ 353 _INPCB_LIST_ENTRY(inpcb) inp_list; /* list for all peer PCBs */ 354 _INPCB_PTR(caddr_t) inp_ppcb; /* per-protocol pcb */ 355 _INPCB_PTR(struct inpcbinfo *) inp_pcbinfo; /* PCB list info */ 356 _INPCB_PTR(void *) inp_socket; /* back pointer to socket */ 357 u_char nat_owner; /* Used to NAT TCP/UDP traffic */ 358 u_int32_t nat_cookie; /* Cookie stored and returned to NAT */ 359 _INPCB_LIST_ENTRY(inpcb) inp_portlist; /* this PCB's local port list */ 360 _INPCB_PTR(struct inpcbport *) inp_phd; /* head of this list */ 361 inp_gen_t inp_gencnt; /* generation count of this instance */ 362 int inp_flags; /* generic IP/datagram flags */ 363 u_int32_t inp_flow; 364 365 u_char inp_vflag; 366 367 u_char inp_ip_ttl; /* time to live proto */ 368 u_char inp_ip_p; /* protocol proto */ 369 /* protocol dependent part */ 370 union { 371 /* foreign host table entry */ 372 struct in_addr_4in6 inp46_foreign; 373 struct in6_addr inp6_foreign; 374 } inp_dependfaddr; 375 union { 376 /* local host table entry */ 377 struct in_addr_4in6 inp46_local; 378 struct in6_addr inp6_local; 379 } inp_dependladdr; 380 union { 381 /* placeholder for routing entry */ 382 u_char inp4_route[20]; 383 u_char inp6_route[32]; 384 } inp_dependroute; 385 struct { 386 /* type of service proto */ 387 u_char inp4_ip_tos; 388 /* IP options */ 389 _INPCB_PTR(struct mbuf *) inp4_options; 390 /* IP multicast options */ 391 _INPCB_PTR(struct ip_moptions *) inp4_moptions; 392 } inp_depend4; 393 394 struct { 395 /* IP options */ 396 _INPCB_PTR(struct mbuf *) inp6_options; 397 u_int8_t inp6_hlim; 398 u_int8_t unused_uint8_1; 399 ushort unused_uint16_1; 400 /* IP6 options for outgoing packets */ 401 _INPCB_PTR(struct ip6_pktopts *) inp6_outputopts; 402 /* IP multicast options */ 403 _INPCB_PTR(struct ip6_moptions *) inp6_moptions; 404 /* ICMPv6 code type filter */ 405 _INPCB_PTR(struct icmp6_filter *) inp6_icmp6filt; 406 /* IPV6_CHECKSUM setsockopt */ 407 int inp6_cksum; 408 u_short inp6_ifindex; 409 short inp6_hops; 410 } inp_depend6; 411 412 int hash_element; /* Array index of pcb's hash list */ 413 _INPCB_PTR(caddr_t) inp_saved_ppcb; /* pointer while cached */ 414 _INPCB_PTR(struct inpcbpolicy *) inp_sp; 415 u_int32_t reserved[3]; /* reserved */ 416 }; 417 418 struct xinpcb { 419 u_int32_t xi_len; /* length of this structure */ 420 #ifdef XNU_KERNEL_PRIVATE 421 struct inpcb_compat xi_inp; 422 #else 423 struct inpcb xi_inp; 424 #endif 425 struct xsocket xi_socket; 426 u_quad_t xi_alignment_hack; 427 }; 428 429 #if XNU_TARGET_OS_OSX || KERNEL || !(TARGET_OS_IPHONE && !TARGET_OS_SIMULATOR) 430 struct inpcb64_list_entry { 431 u_int64_t le_next; 432 u_int64_t le_prev; 433 }; 434 435 struct xinpcb64 { 436 u_int64_t xi_len; /* length of this structure */ 437 u_int64_t xi_inpp; 438 u_short inp_fport; /* foreign port */ 439 u_short inp_lport; /* local port */ 440 struct inpcb64_list_entry inp_list; /* list for all PCBs */ 441 u_int64_t inp_ppcb; /* ptr to per-protocol PCB */ 442 u_int64_t inp_pcbinfo; /* PCB list info */ 443 struct inpcb64_list_entry inp_portlist; /* this PCB's local port list */ 444 u_int64_t inp_phd; /* head of this list */ 445 inp_gen_t inp_gencnt; /* current generation count */ 446 int inp_flags; /* generic IP/datagram flags */ 447 u_int32_t inp_flow; 448 u_char inp_vflag; 449 u_char inp_ip_ttl; /* time to live */ 450 u_char inp_ip_p; /* protocol */ 451 union { /* foreign host table entry */ 452 struct in_addr_4in6 inp46_foreign; 453 struct in6_addr inp6_foreign; 454 } inp_dependfaddr; 455 union { /* local host table entry */ 456 struct in_addr_4in6 inp46_local; 457 struct in6_addr inp6_local; 458 } inp_dependladdr; 459 struct { 460 u_char inp4_ip_tos; /* type of service */ 461 } inp_depend4; 462 struct { 463 u_int8_t inp6_hlim; 464 int inp6_cksum; 465 u_short inp6_ifindex; 466 short inp6_hops; 467 } inp_depend6; 468 struct xsocket64 xi_socket; 469 u_quad_t xi_alignment_hack; 470 }; 471 #endif /* XNU_TARGET_OS_OSX || KERNEL || !(TARGET_OS_IPHONE && !TARGET_OS_SIMULATOR) */ 472 473 #ifdef PRIVATE 474 struct xinpcb_list_entry { 475 u_int64_t le_next; 476 u_int64_t le_prev; 477 }; 478 479 struct xinpcb_n { 480 u_int32_t xi_len; /* length of this structure */ 481 u_int32_t xi_kind; /* XSO_INPCB */ 482 u_int64_t xi_inpp; 483 u_short inp_fport; /* foreign port */ 484 u_short inp_lport; /* local port */ 485 u_int64_t inp_ppcb; /* pointer to per-protocol pcb */ 486 inp_gen_t inp_gencnt; /* generation count of this instance */ 487 int inp_flags; /* generic IP/datagram flags */ 488 u_int32_t inp_flow; 489 u_char inp_vflag; 490 u_char inp_ip_ttl; /* time to live */ 491 u_char inp_ip_p; /* protocol */ 492 union { /* foreign host table entry */ 493 struct in_addr_4in6 inp46_foreign; 494 struct in6_addr inp6_foreign; 495 } inp_dependfaddr; 496 union { /* local host table entry */ 497 struct in_addr_4in6 inp46_local; 498 struct in6_addr inp6_local; 499 } inp_dependladdr; 500 struct { 501 u_char inp4_ip_tos; /* type of service */ 502 } inp_depend4; 503 struct { 504 u_int8_t inp6_hlim; 505 int inp6_cksum; 506 u_short inp6_ifindex; 507 short inp6_hops; 508 } inp_depend6; 509 u_int32_t inp_flowhash; 510 u_int32_t inp_flags2; 511 }; 512 #endif /* PRIVATE */ 513 514 struct xinpgen { 515 u_int32_t xig_len; /* length of this structure */ 516 u_int xig_count; /* number of PCBs at this time */ 517 inp_gen_t xig_gen; /* generation count at this time */ 518 so_gen_t xig_sogen; /* current socket generation count */ 519 }; 520 521 #pragma pack() 522 523 /* 524 * These defines are for use with the inpcb. 525 */ 526 #define INP_IPV4 0x1 527 #define INP_IPV6 0x2 528 #define INP_V4MAPPEDV6 0x4 529 #define inp_faddr inp_dependfaddr.inp46_foreign.ia46_addr4 530 #define inp_laddr inp_dependladdr.inp46_local.ia46_addr4 531 #define in6p_faddr inp_dependfaddr.inp6_foreign 532 #define in6p_laddr inp_dependladdr.inp6_local 533 534 #ifdef BSD_KERNEL_PRIVATE 535 #define inp_route inp_dependroute.inp4_route 536 #define inp_ip_tos inp_depend4.inp4_ip_tos 537 #define inp_options inp_depend4.inp4_options 538 #define inp_moptions inp_depend4.inp4_moptions 539 #define in6p_route inp_dependroute.inp6_route 540 #define in6p_ip6_hlim inp_depend6.inp6_hlim 541 #define in6p_hops inp_depend6.inp6_hops /* default hop limit */ 542 #define in6p_ip6_nxt inp_ip_p 543 #define in6p_vflag inp_vflag 544 #define in6p_options inp_depend6.inp6_options 545 #define in6p_outputopts inp_depend6.inp6_outputopts 546 #define in6p_moptions inp_depend6.inp6_moptions 547 #define in6p_icmp6filt inp_depend6.inp6_icmp6filt 548 #define in6p_cksum inp_depend6.inp6_cksum 549 #define in6p_ifindex inp_depend6.inp6_ifindex 550 #define in6p_flags inp_flags 551 #define in6p_flags2 inp_flags2 552 #define in6p_socket inp_socket 553 #define in6p_lport inp_lport 554 #define in6p_fport inp_fport 555 #define in6p_ppcb inp_ppcb 556 #define in6p_state inp_state 557 #define in6p_wantcnt inp_wantcnt 558 #define in6p_last_outifp inp_last_outifp 559 #define in6pcb inpcb 560 #if IPSEC 561 #define in6p_sp inp_sp 562 #endif /* IPSEC */ 563 #define INP_INC_IFNET_STAT(_inp_, _stat_) { \ 564 if ((_inp_)->inp_last_outifp != NULL) { \ 565 if ((_inp_)->inp_vflag & INP_IPV6) { \ 566 (_inp_)->inp_last_outifp->if_ipv6_stat->_stat_++;\ 567 } else { \ 568 (_inp_)->inp_last_outifp->if_ipv4_stat->_stat_++;\ 569 }\ 570 }\ 571 } 572 573 struct inpcbport { 574 LIST_ENTRY(inpcbport) phd_hash; 575 struct inpcbhead phd_pcblist; 576 u_short phd_port; 577 }; 578 579 struct intimercount { 580 u_int32_t intimer_lazy; /* lazy requests for timer scheduling */ 581 u_int32_t intimer_fast; /* fast requests, can be coalesced */ 582 u_int32_t intimer_nodelay; /* fast requests, never coalesced */ 583 }; 584 585 typedef void (*inpcb_timer_func_t)(struct inpcbinfo *); 586 587 /* 588 * Global data structure for each high-level protocol (UDP, TCP, ...) in both 589 * IPv4 and IPv6. Holds inpcb lists and information for managing them. Each 590 * pcbinfo is protected by a RW lock: ipi_lock. 591 * 592 * All INPCB pcbinfo entries are linked together via ipi_entry. 593 */ 594 struct inpcbinfo { 595 /* 596 * Glue to all PCB infos, as well as garbage collector and 597 * timer callbacks, protected by inpcb_lock. Callout request 598 * counts are atomically updated. 599 */ 600 TAILQ_ENTRY(inpcbinfo) ipi_entry; 601 inpcb_timer_func_t ipi_gc; 602 inpcb_timer_func_t ipi_timer; 603 struct intimercount ipi_gc_req; 604 struct intimercount ipi_timer_req; 605 606 /* 607 * Per-protocol lock protecting pcb list, pcb count, etc. 608 */ 609 lck_rw_t ipi_lock; 610 611 /* 612 * List and count of pcbs on the protocol. 613 */ 614 struct inpcbhead *ipi_listhead; 615 uint32_t ipi_count; 616 617 /* 618 * Count of pcbs marked with INP2_TIMEWAIT flag. 619 */ 620 uint32_t ipi_twcount; 621 622 /* 623 * Generation count -- incremented each time a connection is 624 * allocated or freed. 625 */ 626 uint64_t ipi_gencnt; 627 628 /* 629 * Fields associated with port lookup and allocation. 630 */ 631 uint16_t ipi_lastport; 632 uint16_t ipi_lastlow; 633 uint16_t ipi_lasthi; 634 635 /* 636 * Zone from which inpcbs are allocated for this protocol. 637 */ 638 #if BSD_KERNEL_PRIVATE 639 kalloc_type_view_t ipi_zone; 640 #else 641 struct zone *ipi_zone; 642 #endif 643 644 /* 645 * Per-protocol hash of pcbs, hashed by local and foreign 646 * addresses and port numbers. 647 */ 648 struct inpcbhead *__counted_by(ipi_hashbase_count) ipi_hashbase; 649 size_t ipi_hashbase_count; 650 u_long ipi_hashmask; 651 652 /* 653 * Per-protocol hash of pcbs, hashed by only local port number. 654 */ 655 struct inpcbporthead *__counted_by(ipi_porthashbase_count) ipi_porthashbase; 656 size_t ipi_porthashbase_count; 657 u_long ipi_porthashmask; 658 659 /* 660 * Misc. 661 */ 662 lck_attr_t ipi_lock_attr; 663 lck_grp_t *ipi_lock_grp; 664 665 #define INPCBINFO_UPDATE_MSS 0x1 666 #define INPCBINFO_HANDLE_LQM_ABORT 0x2 667 u_int32_t ipi_flags; 668 }; 669 670 #define INP_PCBHASH(faddr, lport, fport, mask) \ 671 (((faddr) ^ ((faddr) >> 16) ^ ntohs((lport) ^ (fport))) & (mask)) 672 #define INP_PCBPORTHASH(lport, mask) \ 673 (ntohs((lport)) & (mask)) 674 675 /* 676 * The following macro need to return a bool value 677 */ 678 #define INP_IS_FLOW_CONTROLLED(_inp_) \ 679 (((_inp_)->inp_flags & INP_FLOW_CONTROLLED) ? true : false) 680 #define INP_IS_FLOW_SUSPENDED(_inp_) \ 681 ((((_inp_)->inp_flags & INP_FLOW_SUSPENDED) || \ 682 ((_inp_)->inp_socket->so_flags & SOF_SUSPENDED)) ? true : false) 683 #define INP_WAIT_FOR_IF_FEEDBACK(_inp_) \ 684 (((_inp_)->inp_flags & (INP_FLOW_CONTROLLED | INP_FLOW_SUSPENDED)) != 0) 685 686 #define INP_NO_CELLULAR(_inp) \ 687 (((_inp)->inp_flags & INP_NO_IFT_CELLULAR) ? true : false) 688 #define INP_NO_EXPENSIVE(_inp) \ 689 (((_inp)->inp_flags2 & INP2_NO_IFF_EXPENSIVE) ? true : false) 690 #define INP_NO_CONSTRAINED(_inp) \ 691 (((_inp)->inp_flags2 & INP2_NO_IFF_CONSTRAINED) ? true : false) 692 #define INP_AWDL_UNRESTRICTED(_inp) \ 693 (((_inp)->inp_flags2 & INP2_AWDL_UNRESTRICTED) ? true : false) 694 #define INP_INTCOPROC_ALLOWED(_inp) \ 695 (((_inp)->inp_flags2 & INP2_INTCOPROC_ALLOWED) ? true : false) 696 /* A process that can access the INTCOPROC interface can also access the MANAGEMENT interface */ 697 #define INP_MANAGEMENT_ALLOWED(_inp) \ 698 (((_inp)->inp_flags2 & (INP2_MANAGEMENT_ALLOWED | INP2_INTCOPROC_ALLOWED)) ? true : false) 699 #define INP_ULTRA_CONSTRAINED_ALLOWED(_inp) \ 700 (((_inp)->inp_flags2 & INP2_ULTRA_CONSTRAINED_ALLOWED) ? true : false) 701 702 #endif /* BSD_KERNEL_PRIVATE */ 703 704 /* 705 * Flags for inp_flags. 706 * 707 * Some of these are publicly defined for legacy reasons, as they are 708 * (unfortunately) used by certain applications to determine, at compile 709 * time, whether or not the OS supports certain features. 710 */ 711 #ifdef BSD_KERNEL_PRIVATE 712 #define INP_RECVOPTS 0x00000001 /* receive incoming IP options */ 713 #define INP_RECVRETOPTS 0x00000002 /* receive IP options for reply */ 714 #define INP_RECVDSTADDR 0x00000004 /* receive IP dst address */ 715 #define INP_HDRINCL 0x00000008 /* user supplies entire IP header */ 716 #define INP_HIGHPORT 0x00000010 /* user wants "high" port binding */ 717 #define INP_LOWPORT 0x00000020 /* user wants "low" port binding */ 718 #endif /* BSD_KERNEL_PRIVATE */ 719 720 #define INP_ANONPORT 0x00000040 /* port chosen for user */ 721 722 #ifdef BSD_KERNEL_PRIVATE 723 #define INP_RECVIF 0x00000080 /* receive incoming interface */ 724 #define INP_MTUDISC 0x00000100 /* unused */ 725 #define INP_STRIPHDR 0x00000200 /* strip hdrs in raw_ip (for OT) */ 726 #define INP_RECV_ANYIF 0x00000400 /* don't restrict inbound iface */ 727 #define INP_INADDR_ANY 0x00000800 /* local address wasn't specified */ 728 #define INP_IN6ADDR_ANY INP_INADDR_ANY 729 #define INP_RECVTTL 0x00001000 /* receive incoming IP TTL */ 730 #define INP_UDP_NOCKSUM 0x00002000 /* turn off outbound UDP checksum */ 731 #define INP_BOUND_IF 0x00004000 /* bind socket to an interface */ 732 #endif /* BSD_KERNEL_PRIVATE */ 733 734 #define IN6P_IPV6_V6ONLY 0x00008000 /* restrict AF_INET6 socket for v6 */ 735 736 #ifdef BSD_KERNEL_PRIVATE 737 #define IN6P_PKTINFO 0x00010000 /* receive IP6 dst and I/F */ 738 #define IN6P_HOPLIMIT 0x00020000 /* receive hoplimit */ 739 #define IN6P_HOPOPTS 0x00040000 /* receive hop-by-hop options */ 740 #define IN6P_DSTOPTS 0x00080000 /* receive dst options after rthdr */ 741 #define IN6P_RTHDR 0x00100000 /* receive routing header */ 742 #define IN6P_RTHDRDSTOPTS 0x00200000 /* receive dstoptions before rthdr */ 743 #define IN6P_TCLASS 0x00400000 /* receive traffic class value */ 744 #define INP_RECVTOS IN6P_TCLASS /* receive incoming IP TOS */ 745 #define IN6P_AUTOFLOWLABEL 0x00800000 /* attach flowlabel automatically */ 746 #endif /* BSD_KERNEL_PRIVATE */ 747 748 #define IN6P_BINDV6ONLY 0x01000000 /* do not grab IPv4 traffic */ 749 750 #ifdef BSD_KERNEL_PRIVATE 751 #define IN6P_RFC2292 0x02000000 /* used RFC2292 API on the socket */ 752 #define IN6P_MTU 0x04000000 /* receive path MTU for IPv6 */ 753 #define INP_PKTINFO 0x08000000 /* rcv and snd PKTINFO for IPv4 */ 754 #define INP_FLOW_SUSPENDED 0x10000000 /* flow suspended */ 755 #define INP_NO_IFT_CELLULAR 0x20000000 /* do not use cellular interface */ 756 #define INP_FLOW_CONTROLLED 0x40000000 /* flow controlled */ 757 #define INP_FC_FEEDBACK 0x80000000 /* got interface flow adv feedback */ 758 759 #define INP_CONTROLOPTS \ 760 (INP_RECVOPTS|INP_RECVRETOPTS|INP_RECVDSTADDR|INP_RECVIF|INP_RECVTTL| \ 761 INP_PKTINFO|IN6P_PKTINFO|IN6P_HOPLIMIT|IN6P_HOPOPTS|IN6P_DSTOPTS| \ 762 IN6P_RTHDR|IN6P_RTHDRDSTOPTS|IN6P_TCLASS|IN6P_RFC2292|IN6P_MTU) 763 764 #define INP_UNMAPPABLEOPTS \ 765 (IN6P_HOPOPTS|IN6P_DSTOPTS|IN6P_RTHDR|IN6P_AUTOFLOWLABEL) 766 767 /* 768 * Flags for inp_flags2. 769 * 770 * Overflowed INP flags; use INP2 prefix to avoid misuse. 771 */ 772 #define INP2_TIMEWAIT 0x00000001 /* in TIMEWAIT */ 773 #define INP2_IN_FCTREE 0x00000002 /* in inp_fc_tree */ 774 #define INP2_WANT_APP_POLICY 0x00000004 /* necp app policy check is desired */ 775 #define INP2_NO_IFF_EXPENSIVE 0x00000008 /* do not use expensive interface */ 776 #define INP2_INHASHLIST 0x00000010 /* pcb is in inp_hash list */ 777 #define INP2_AWDL_UNRESTRICTED 0x00000020 /* AWDL restricted mode allowed */ 778 #define INP2_KEEPALIVE_OFFLOAD 0x00000040 /* Enable UDP or TCP keepalive offload */ 779 #define INP2_INTCOPROC_ALLOWED 0x00000080 /* Allow communication via internal co-processor interfaces */ 780 #define INP2_CONNECT_IN_PROGRESS 0x00000100 /* A connect call is in progress, so binds are intermediate steps */ 781 #define INP2_CLAT46_FLOW 0x00000200 /* The flow is going to use CLAT46 path */ 782 #define INP2_EXTERNAL_PORT 0x00000400 /* The port is registered externally, for NECP listeners */ 783 #define INP2_NO_IFF_CONSTRAINED 0x00000800 /* do not use constrained interface */ 784 #define INP2_DONTFRAG 0x00001000 /* mark the DF bit in the IP header to avoid fragmentation */ 785 #define INP2_SCOPED_BY_NECP 0x00002000 /* NECP scoped the pcb */ 786 #define INP2_LOGGING_ENABLED 0x00004000 /* logging enabled for the socket */ 787 #define INP2_LOGGED_SUMMARY 0x00008000 /* logged: the final summary */ 788 #define INP2_MANAGEMENT_ALLOWED 0x00010000 /* Allow communication over a management interface */ 789 #define INP2_MANAGEMENT_CHECKED 0x00020000 /* Checked entitlements for a management interface */ 790 #define INP2_BIND_IN_PROGRESS 0x00040000 /* A bind call is in progress */ 791 #define INP2_LAST_ROUTE_LOCAL 0x00080000 /* Last used route was local */ 792 #define INP2_ULTRA_CONSTRAINED_ALLOWED 0x00100000 /* Allow communication over ultra-constrained interfaces */ 793 #define INP2_ULTRA_CONSTRAINED_CHECKED 0x00200000 /* Checked entitlements for ultra-constrained interfaces */ 794 795 /* 796 * Flags passed to in_pcblookup*() functions. 797 */ 798 #define INPLOOKUP_WILDCARD 1 799 800 #define sotoinpcb(so) ((struct inpcb *)(so)->so_pcb) 801 #define sotoin6pcb(so) sotoinpcb(so) 802 803 struct sysctl_req; 804 805 extern int ipport_lowfirstauto; 806 extern int ipport_lowlastauto; 807 extern int ipport_firstauto; 808 extern int ipport_lastauto; 809 extern int ipport_hifirstauto; 810 extern int ipport_hilastauto; 811 extern int allow_udp_port_exhaustion; 812 #define UDP_RANDOM_PORT_RESERVE 4096 813 814 /* freshly allocated PCB, it's in use */ 815 #define INPCB_STATE_INUSE 0x1 816 /* this pcb is sitting in a a cache */ 817 #define INPCB_STATE_CACHED 0x2 818 /* should treat as gone, will be garbage collected and freed */ 819 #define INPCB_STATE_DEAD 0x3 820 821 /* marked as ready to be garbaged collected, should be treated as not found */ 822 #define WNT_STOPUSING 0xffff 823 /* that pcb is being acquired, do not recycle this time */ 824 #define WNT_ACQUIRE 0x1 825 /* release acquired mode, can be garbage collected when wantcnt is null */ 826 #define WNT_RELEASE 0x2 827 828 extern void in_pcbinit(void); 829 extern void in_pcbinfo_attach(struct inpcbinfo *); 830 extern int in_pcbinfo_detach(struct inpcbinfo *); 831 832 /* type of timer to be scheduled by inpcb_gc_sched and inpcb_timer_sched */ 833 enum { 834 INPCB_TIMER_LAZY = 0x1, 835 INPCB_TIMER_FAST, 836 INPCB_TIMER_NODELAY 837 }; 838 extern void inpcb_gc_sched(struct inpcbinfo *, u_int32_t type); 839 extern void inpcb_timer_sched(struct inpcbinfo *, u_int32_t type); 840 841 extern void in_losing(struct inpcb *); 842 extern void in_rtchange(struct inpcb *, int); 843 extern int in_pcballoc(struct socket *, struct inpcbinfo *, struct proc *); 844 extern int in_pcbbind(struct inpcb *, struct sockaddr *, struct sockaddr *, struct proc *); 845 extern int in_pcbconnect(struct inpcb *, struct sockaddr *, struct proc *, 846 unsigned int, struct ifnet **); 847 extern void in_pcbdetach(struct inpcb *); 848 extern void in_pcbdispose(struct inpcb *); 849 extern void in_pcbdisconnect(struct inpcb *); 850 extern int in_pcbinshash(struct inpcb *, struct sockaddr *, int); 851 extern int in_pcbladdr(struct inpcb *, struct sockaddr *, struct in_addr *, 852 unsigned int, struct ifnet **, int); 853 extern struct inpcb *in_pcblookup_local(struct inpcbinfo *, struct in_addr, 854 u_int, int); 855 extern struct inpcb *in_pcblookup_local_and_cleanup(struct inpcbinfo *, 856 struct in_addr, u_int, int); 857 extern struct inpcb *in_pcblookup_hash(struct inpcbinfo *, struct in_addr, 858 u_int, struct in_addr, u_int, int, struct ifnet *); 859 extern int in_pcblookup_hash_exists(struct inpcbinfo *, struct in_addr, 860 u_int, struct in_addr, u_int, int, uid_t *, gid_t *, struct ifnet *); 861 extern void in_pcbnotifyall(struct inpcbinfo *, struct in_addr, int, 862 void (*)(struct inpcb *, int)); 863 extern void in_pcbrehash(struct inpcb *); 864 extern int in_getpeeraddr(struct socket *, struct sockaddr **); 865 extern int in_getsockaddr(struct socket *, struct sockaddr **); 866 extern int in_getsockaddr_s(struct socket *, struct sockaddr_in *); 867 extern int in_pcb_checkstate(struct inpcb *, int, int); 868 extern void in_pcbremlists(struct inpcb *); 869 extern void inpcb_to_compat(struct inpcb *, struct inpcb_compat *); 870 #if XNU_TARGET_OS_OSX 871 extern void inpcb_to_xinpcb64(struct inpcb *, struct xinpcb64 *); 872 #endif /* XNU_TARGET_OS_OSX */ 873 874 extern int get_pcblist_n(short, struct sysctl_req *, struct inpcbinfo *); 875 876 extern void inpcb_get_ports_used(ifnet_t, int, u_int32_t, 877 bitstr_t *__counted_by(bitstr_size(IP_PORTRANGE_SIZE)), struct inpcbinfo *); 878 #define INPCB_OPPORTUNISTIC_THROTTLEON 0x0001 879 #define INPCB_OPPORTUNISTIC_SETCMD 0x0002 880 extern uint32_t inpcb_count_opportunistic(unsigned int, struct inpcbinfo *, 881 u_int32_t); 882 extern uint32_t inpcb_find_anypcb_byaddr(struct ifaddr *, struct inpcbinfo *); 883 extern void inp_route_copyout(struct inpcb *, struct route *); 884 extern void inp_route_copyin(struct inpcb *, struct route *); 885 extern int inp_bindif(struct inpcb *, unsigned int, struct ifnet **); 886 extern int inp_bindtodevice(struct inpcb *, const char *); 887 extern void inp_set_nocellular(struct inpcb *); 888 extern void inp_clear_nocellular(struct inpcb *); 889 extern void inp_set_noexpensive(struct inpcb *); 890 extern void inp_set_noconstrained(struct inpcb *); 891 extern void inp_set_awdl_unrestricted(struct inpcb *); 892 extern boolean_t inp_get_awdl_unrestricted(struct inpcb *); 893 extern void inp_clear_awdl_unrestricted(struct inpcb *); 894 extern void inp_set_intcoproc_allowed(struct inpcb *); 895 extern boolean_t inp_get_intcoproc_allowed(struct inpcb *); 896 extern void inp_clear_intcoproc_allowed(struct inpcb *); 897 extern void inp_set_management_allowed(struct inpcb *); 898 extern boolean_t inp_get_management_allowed(struct inpcb *); 899 extern void inp_clear_management_allowed(struct inpcb *); 900 extern void inp_set_ultra_constrained_allowed(struct inpcb *); 901 #if NECP 902 extern void inp_update_necp_policy(struct inpcb *, struct sockaddr *, struct sockaddr *, u_int); 903 extern void inp_set_want_app_policy(struct inpcb *); 904 extern void inp_clear_want_app_policy(struct inpcb *); 905 #endif /* NECP */ 906 extern u_int32_t inp_calc_flowhash(struct inpcb *); 907 extern void inp_reset_fc_state(struct inpcb *); 908 extern int inp_set_fc_state(struct inpcb *, int advcode); 909 extern void inp_fc_unthrottle_tcp(struct inpcb *); 910 extern void inp_fc_throttle_tcp(struct inpcb *inp); 911 extern void inp_flowadv(uint32_t); 912 extern int inp_flush(struct inpcb *, int); 913 extern int inp_findinpcb_procinfo(struct inpcbinfo *, uint32_t, struct so_procinfo *); 914 extern void inp_get_soprocinfo(struct inpcb *, struct so_procinfo *); 915 extern int inp_update_policy(struct inpcb *); 916 extern boolean_t inp_restricted_recv(struct inpcb *, struct ifnet *); 917 extern boolean_t inp_restricted_send(struct inpcb *, struct ifnet *); 918 extern void inp_incr_sndbytes_total(struct socket *, int); 919 extern void inp_decr_sndbytes_total(struct socket *, int); 920 extern void inp_count_sndbytes(struct inpcb *, u_int32_t); 921 extern void inp_incr_sndbytes_unsent(struct socket *, int32_t); 922 extern void inp_decr_sndbytes_unsent(struct socket *, int32_t); 923 extern int32_t inp_get_sndbytes_allunsent(struct socket *, u_int32_t); 924 extern void inp_decr_sndbytes_allunsent(struct socket *, u_int32_t); 925 extern void inp_set_activity_bitmap(struct inpcb *inp); 926 extern void inp_get_activity_bitmap(struct inpcb *inp, activity_bitmap_t *b); 927 extern void inp_update_last_owner(struct socket *so, struct proc *p, struct proc *ep); 928 extern void inp_copy_last_owner(struct socket *so, struct socket *head); 929 #if SKYWALK 930 extern void inp_update_netns_flags(struct socket *so); 931 #endif /* SKYWALK */ 932 #endif /* BSD_KERNEL_PRIVATE */ 933 #ifdef KERNEL_PRIVATE 934 /* exported for PPP */ 935 extern void inp_clear_INP_INADDR_ANY(struct socket *); 936 extern int inp_limit_companion_link(struct inpcbinfo *pcbinfo, u_int32_t limit); 937 extern int inp_recover_companion_link(struct inpcbinfo *pcbinfo); 938 extern void in_management_interface_check(void); 939 extern void in_pcb_check_management_entitled(struct inpcb *inp); 940 extern void in_pcb_check_ultra_constrained_entitled(struct inpcb *inp); 941 extern char *inp_snprintf_tuple(struct inpcb *, char *__sized_by(buflen) buf, size_t buflen); 942 #endif /* KERNEL_PRIVATE */ 943 #endif /* !_NETINET_IN_PCB_H_ */ 944