/*++ Copyright (c) 1990-2000 Microsoft Corporation Module Name: ipxmit.c - IP transmit routines. Abstract: This module contains all transmit related IP routines. Author: [Environment:] kernel mode only [Notes:] optional-notes Revision History: --*/ #include "precomp.h" #include "info.h" #include "iproute.h" #include "iprtdef.h" #include "arpdef.h" #include "tcpipbuf.h" #include "mdlpool.h" #include "tcp.h" #include "tcpsend.h" #if DBG ulong DbgIPSendHwChkSum = 0; uint dbg_hdrincl = 0; #endif extern uint IPSecStatus; extern IPSecQStatusRtn IPSecQueryStatusPtr; extern Interface *IFList; extern NetTableEntry **NewNetTableList; // hash table for NTEs extern uint NET_TABLE_SIZE; extern NetTableEntry *LoopNTE; // Pointer to loopback NTE. extern RefPtr DHCPRefPtr; // Referenced pointer to NTE // currently being DHCP'd. extern ulong TimeStamp; // Starting timestamp. extern ulong TSFlag; // Mask to use on this. extern uint NumNTE; IPID_CACHE_LINE IPIDCacheLine; // Global variables for buffers and packets. HANDLE IpHeaderPool; // // the global address for unnumbered interfaces // extern IPAddr g_ValidAddr; BufferReference *GetBufferReference(void); IP_STATUS ARPResolve(IPAddr DestAddress, IPAddr SourceAddress, ARPControlBlock *ControlBlock, ArpRtn Callback); NDIS_STATUS ARPResolveIP(void *Context, IPAddr Destination, ARPControlBlock *ArpContB); IP_STATUS SendICMPIPSecErr(IPAddr, IPHeader UNALIGNED *, uchar, uchar, ulong); int ReferenceBuffer(BufferReference * BR, int Count); extern Interface LoopInterface; extern uint NumIF; NDIS_HANDLE NdisPacketPool = NULL; NDIS_HANDLE BufferPool; #define BCAST_IF_CTXT (Interface *)-1 uint PacketPoolSizeMin = PACKET_GROW_COUNT; uint PacketPoolSizeMax = SMALL_POOL; //** GetIPID - Routine to get IP identification // // Input: None // // Returns: IPID+1 // ushort GetIPID() { return((ushort)InterlockedExchangeAdd((PLONG) &IPIDCacheLine.Value, 1)); } //** FreeIPHdrBuffer - Free a buffer back to the pool. // // Input: Buffer - Hdr buffer to be freed. // // Returns: Nothing. // __inline VOID FreeIPHdrBuffer(PNDIS_BUFFER Buffer) { MdpFree(Buffer); } //** FreeIPBufferChain - Free a chain of IP buffers. // // This routine takes a chain of NDIS_BUFFERs, and frees them all. // // Entry: Buffer - Pointer to buffer chain to be freed. // // Returns: Nothing. // void FreeIPBufferChain(PNDIS_BUFFER Buffer) { PNDIS_BUFFER NextBuffer; while (Buffer != (PNDIS_BUFFER) NULL) { NdisGetNextBuffer(Buffer, &NextBuffer); NdisFreeBuffer(Buffer); Buffer = NextBuffer; } } //** Free payload mdl // // Input: Buffer - Bufferchain which has ip allocated ndis_buffer // OriginalBuffer - Original buffer which needs to be restored // // Returns: Nothing. // __inline VOID FreeIPPayloadBuffer(PNDIS_BUFFER Buffer, PNDIS_BUFFER OrgBuffer) { PNDIS_BUFFER PayloadBuffer; PayloadBuffer = NDIS_BUFFER_LINKAGE(Buffer); NDIS_BUFFER_LINKAGE(Buffer) = OrgBuffer; ASSERT(NDIS_BUFFER_LINKAGE(OrgBuffer) == NDIS_BUFFER_LINKAGE(PayloadBuffer)); //KdPrint(("sendbcast restoring hdrincl %x %x\n",OrgBuffer,PayloadBuffer)); NDIS_BUFFER_LINKAGE(PayloadBuffer) = NULL; NdisFreeBuffer(PayloadBuffer); } //** RestoreUserBuffer - Restores original user supplied buffer // // Takes orginal buffer and chains it back in the packet, // freeing the one allocated by the stack. // // Entry: Packet // // Returns: Nothing. // void RestoreUserBuffer(PNDIS_PACKET Packet) { PNDIS_BUFFER NextBuffer; PacketContext *pc = (PacketContext *) Packet->ProtocolReserved; PNDIS_BUFFER OrgBuffer, FirewallBuffer, Buffer; BufferReference *BufRef; BufRef = pc->pc_br; FirewallBuffer = pc->pc_firewall; OrgBuffer = pc->pc_hdrincl; ASSERT(OrgBuffer != NULL); pc->pc_hdrincl = NULL; NdisQueryPacket(Packet, NULL, NULL, &NextBuffer, NULL); if (!FirewallBuffer) { // Firewall didn't munge the buffer: apply the normal stuff // if bufref is true, IPFrag was called. // buffer chain will be at ->br_buffer. if (BufRef == (BufferReference *) NULL) { Buffer = NDIS_BUFFER_LINKAGE(NextBuffer); if (pc->pc_common.pc_flags & PACKET_FLAG_OPTIONS) { Buffer = NDIS_BUFFER_LINKAGE(Buffer); } } else { Buffer = BufRef->br_buffer; } FreeIPPayloadBuffer(Buffer, OrgBuffer); } else { if (BufRef == NULL) { Buffer = FirewallBuffer; if (pc->pc_common.pc_flags & PACKET_FLAG_OPTIONS) { Buffer = NDIS_BUFFER_LINKAGE(Buffer); } FreeIPPayloadBuffer(Buffer, OrgBuffer); } } } //* FreeIPPacket - Free an IP packet when we're done with it. // // Called when a send completes and a packet needs to be freed. We look at the // packet, decide what to do with it, and free the appropriate components. // // Entry: Packet - Packet to be freed. // FixHdrs - If true, restores headers changed by IPSec/firewall and // header-include processing before freeing the packet. // Status - final status from packet-processing. // // Returns: Pointer to next unfreed buffer on packet, or NULL if all buffers // freed (i.e. this was a fragmented packet). // PNDIS_BUFFER FreeIPPacket(PNDIS_PACKET Packet, BOOLEAN FixHdrs, IP_STATUS Status) { PNDIS_BUFFER NextBuffer, OldBuffer; PacketContext *pc = (PacketContext *) Packet->ProtocolReserved; PNDIS_BUFFER FirewallBuffer = NULL; FWContext *FWC = (FWContext *) Packet->ProtocolReserved; BufferReference *BufRef; // Buffer reference, if any. BOOLEAN InitFirewallContext = FALSE; NDIS_PER_PACKET_INFO_FROM_PACKET(Packet, ClassificationHandlePacketInfo) = NULL; NdisClearPacketFlags(Packet, (NDIS_FLAGS_DONT_LOOPBACK | NDIS_FLAGS_LOOPBACK_ONLY)); #if !MILLEN // ndis 5.1 feature NDIS_SET_PACKET_CANCEL_ID(Packet, NULL); #endif NdisQueryPacket(Packet, NULL, NULL, &NextBuffer, NULL); if ((pc->pc_common.pc_flags & PACKET_FLAG_FW) && FWC->fc_bufown) { //Pkt forwarded thru buffer owner ship ASSERT(pc->pc_firewall == NULL); return NextBuffer; } BufRef = pc->pc_br; // Restore the original buffer and MDL chain back. // We should restore the reverse order in which the input Buffer was // modified. // Order of modification: hdr_incl -> firewall -> ipsec // Order of restoration: ipsec -> firewall -> hdr_incl // // See if IPSEC has to fix up anything // if (FixHdrs && pc->pc_common.pc_IpsecCtx) { PNDIS_BUFFER NewBuffer; if (!BufRef || (pc->pc_ipsec_flags & IPSEC_FLAG_FRAG_DONE)) { ASSERT(IPSecSendCmpltPtr); (*IPSecSendCmpltPtr) (Packet, NextBuffer, pc->pc_common.pc_IpsecCtx, Status, &NewBuffer); pc->pc_common.pc_IpsecCtx = NULL; if (NewBuffer) { NextBuffer = NewBuffer; } else { // // Reinjected packet, no IP resources to free // pc->pc_firewall = NULL; pc->pc_firewall2 = NULL; NdisFreePacket(Packet); return NULL; } } else { pc->pc_common.pc_IpsecCtx = NULL; } } // // FirewallBuffer will point to the input buffer which was passed to the // firewall hook it will be non-NULL only if hook touched the packet // FirewallBuffer = pc->pc_firewall; // // Check if the buffers were munged by the firewall: FirewallBuffer != NULL // If yes, restore original buffer // if (FixHdrs && FirewallBuffer) { PNDIS_BUFFER NewBuffer; PNDIS_BUFFER TmpBuffer; if (BufRef == NULL) { // Non fragmentation path // if bufref is true means // IPFrag was called buffer chain will. // be at ->br_buffer. // restoration will be done in ipsendcomplete when last fragment // send completes NewBuffer = NextBuffer; if (!((pc->pc_common.pc_flags & PACKET_FLAG_IPHDR) || (pc->pc_common.pc_flags & PACKET_FLAG_OPTIONS))) { // neither header nor option buffer NdisReinitializePacket(Packet); NdisChainBufferAtBack(Packet, FirewallBuffer); NextBuffer = FirewallBuffer; } else if ((pc->pc_common.pc_flags & PACKET_FLAG_IPHDR) && (pc->pc_common.pc_flags & PACKET_FLAG_OPTIONS)) { // both header and option buffer ASSERT(NewBuffer != NULL); NewBuffer = NDIS_BUFFER_LINKAGE(NewBuffer); // skip hdr buffer ASSERT(NewBuffer != NULL); TmpBuffer = NewBuffer; NewBuffer = NDIS_BUFFER_LINKAGE(NewBuffer); // skip options buffer NDIS_BUFFER_LINKAGE(TmpBuffer) = FirewallBuffer; } else { // just header buffer ASSERT(pc->pc_common.pc_flags & PACKET_FLAG_IPHDR); ASSERT(!(pc->pc_common.pc_flags & PACKET_FLAG_OPTIONS)); ASSERT(NewBuffer != NULL); TmpBuffer = NewBuffer; NewBuffer = NDIS_BUFFER_LINKAGE(NewBuffer); // skip the header buffer NDIS_BUFFER_LINKAGE(TmpBuffer) = FirewallBuffer; } // // At this point NewBuffer points to the MDL chain allocated by // the firewall. WE have already restored the original chain back // FreeIPBufferChain(NewBuffer); pc->pc_firewall = NULL; // // We have to free OutRcvBuf chain we allocated and passed to // firewall. This is the completion point, so we should free this // chain here // ASSERT(pc->pc_firewall2); IPFreeBuff(pc->pc_firewall2); pc->pc_firewall2 = NULL; } else { // bufref != NULL // Firewall Headers are restored in IPSendComplete // or in completion path that is executed when // bufrefcnt is zero. // These paths have already captured pc_firewall pointer. // Initialize the packetcontext after calling RestoreUserBuffer // below. InitFirewallContext = TRUE; } } // If users header is used as IP header, restore it. if (FixHdrs && pc->pc_hdrincl) { RestoreUserBuffer(Packet); } if (InitFirewallContext) { pc->pc_firewall = NULL; pc->pc_firewall2 = NULL; } // If there's no IP header on this packet, we have nothing else to do. if (!(pc->pc_common.pc_flags & (PACKET_FLAG_IPHDR | PACKET_FLAG_FW))) { pc->pc_firewall = NULL; pc->pc_firewall2 = NULL; NdisFreePacket(Packet); return NextBuffer; } pc->pc_common.pc_flags &= ~PACKET_FLAG_IPHDR; OldBuffer = NextBuffer; ASSERT(OldBuffer != NULL); NextBuffer = NDIS_BUFFER_LINKAGE(NextBuffer); if (pc->pc_common.pc_flags & PACKET_FLAG_OPTIONS) { // Have options with this packet. PNDIS_BUFFER OptBuffer; void *Options; uint OptSize; OptBuffer = NextBuffer; ASSERT(OptBuffer != NULL); NdisGetNextBuffer(OptBuffer, &NextBuffer); ASSERT(NextBuffer != NULL); TcpipQueryBuffer(OptBuffer, &Options, &OptSize, HighPagePriority); // If this is a FW packet, the options don't really belong to us, so // don't free them. if (!(pc->pc_common.pc_flags & PACKET_FLAG_FW)) { if (Options != NULL) { CTEFreeMem(Options); } // Else leak Options b/c we can't get virtual address. } NdisFreeBuffer(OptBuffer); pc->pc_common.pc_flags &= ~PACKET_FLAG_OPTIONS; } if (pc->pc_common.pc_flags & PACKET_FLAG_IPBUF) { // This packet is all // IP buffers. (void)FreeIPBufferChain(NextBuffer); NextBuffer = (PNDIS_BUFFER) NULL; pc->pc_common.pc_flags &= ~PACKET_FLAG_IPBUF; } if (!(pc->pc_common.pc_flags & PACKET_FLAG_FW)) { FreeIPHdrBuffer(OldBuffer); pc->pc_firewall = NULL; pc->pc_firewall2 = NULL; NdisFreePacket(Packet); } return NextBuffer; } //** AllocIPPacketList - Allocate the packet pool // // Called during initialization to allocate the packet pool // // Input: Nothing. // // Returns: TRUE if it succeeds, FALSE otherwise // BOOLEAN AllocIPPacketList(void) { NDIS_STATUS Status; // // Determine the size of the machine and allocate the packet pool accordingly // #if MILLEN PacketPoolSizeMax = SMALL_POOL; #else // MILLEN switch (MmQuerySystemSize()) { case MmSmallSystem: PacketPoolSizeMax = SMALL_POOL; break; case MmMediumSystem: PacketPoolSizeMax = MEDIUM_POOL; break; case MmLargeSystem: PacketPoolSizeMax = LARGE_POOL; break; } #endif // !MILLEN NdisAllocatePacketPoolEx(&Status, &NdisPacketPool, PacketPoolSizeMin, PacketPoolSizeMax-PacketPoolSizeMin, sizeof(PacketContext)); if (Status == NDIS_STATUS_SUCCESS) { NdisSetPacketPoolProtocolId(NdisPacketPool, NDIS_PROTOCOL_ID_TCP_IP); } return ((BOOLEAN) (NdisPacketPool != NULL)); } //** GetIPPacket - Get an NDIS packet to use. // // A routine to allocate an NDIS packet. // // Entry: Nothing. // // Returns: Pointer to NDIS_PACKET if allocated, or NULL. // PNDIS_PACKET GetIPPacket(void) { PNDIS_PACKET Packet; NDIS_STATUS Status; NdisAllocatePacket(&Status, &Packet, NdisPacketPool); if (Packet != NULL) { PNDIS_PACKET_EXTENSION PktExt; PacketContext * pc; PktExt = NDIS_PACKET_EXTENSION_FROM_PACKET(Packet); PktExt->NdisPacketInfo[TcpIpChecksumPacketInfo] = NULL; PktExt->NdisPacketInfo[IpSecPacketInfo] = NULL; PktExt->NdisPacketInfo[TcpLargeSendPacketInfo] = NULL; PktExt->NdisPacketInfo[ClassificationHandlePacketInfo] = NULL; NdisClearPacketFlags(Packet, (NDIS_FLAGS_DONT_LOOPBACK | NDIS_FLAGS_LOOPBACK_ONLY)); pc = (PacketContext *)Packet->ProtocolReserved; pc->pc_if = NULL; pc->pc_iflink = NULL; pc->pc_common.pc_flags = 0; pc->pc_common.pc_owner = PACKET_OWNER_IP; pc->pc_hdrincl = 0; pc->pc_common.pc_IpsecCtx = NULL; } return Packet; } //** GetIPHdrBuffer - Get an IP header buffer. // // A routine to allocate an IP header buffer, with an NDIS buffer. // // Entry: Nothing. // // Returns: Pointer to NDIS_BUFFER if allocated, or NULL. // __inline PNDIS_BUFFER GetIPHdrBuffer(IPHeader **Header) { return MdpAllocate(IpHeaderPool, Header); } //** GetIPHeader - Get a header buffer and packet. // // Called when we need to get a header buffer and packet. We allocate both, // and chain them together. // // Input: Pointer to where to store packet. // // Returns: Pointer to IP header. // IPHeader * GetIPHeader(PNDIS_PACKET *PacketPtr) { PNDIS_BUFFER Buffer; PNDIS_PACKET Packet; IPHeader *pIph; Packet = GetIPPacket(); if (Packet != NULL) { Buffer = GetIPHdrBuffer(&pIph); if (Buffer != NULL) { PacketContext *PC = (PacketContext *) Packet->ProtocolReserved; PC->pc_common.pc_flags |= PACKET_FLAG_IPHDR; NdisChainBufferAtBack(Packet, Buffer); *PacketPtr = Packet; return pIph; } FreeIPPacket(Packet, TRUE, IP_NO_RESOURCES); } return NULL; } //** ReferenceBuffer - Reference a buffer. // // Called when we need to update the count of a BufferReference strucutre, either // by a positive or negative value. If the count goes to 0, we'll free the buffer // reference and return success. Otherwise we'll return pending. // // Entry: BR - Pointer to buffer reference. // Count - Amount to adjust refcount by. // // Returns: Success, or pending. // int ReferenceBuffer(BufferReference * BR, int Count) { CTELockHandle handle; int NewCount; if (BR == NULL) { return 0; } CTEGetLock(&BR->br_lock, &handle); BR->br_refcount += Count; NewCount = BR->br_refcount; CTEFreeLock(&BR->br_lock, handle); return NewCount; } //* IPSendComplete - IP send complete handler. // // Called by the link layer when a send completes. We're given a pointer to a // net structure, as well as the completing send packet and the final status of // the send. // // Entry: Context - Context we gave to the link layer. // Packet - Completing send packet. // Status - Final status of send. // // Returns: Nothing. // void __stdcall IPSendComplete(void *Context, PNDIS_PACKET Packet, NDIS_STATUS Status) { PacketContext *PContext = (PacketContext *) Packet->ProtocolReserved; void (*xmitdone) (void *, PNDIS_BUFFER, IP_STATUS); void *UContext; // Upper layer context. BufferReference *BufRef; // Buffer reference, if any. PNDIS_BUFFER Buffer; PNDIS_PACKET_EXTENSION PktExt; Interface *IF; // The interface on which this completed. BOOLEAN fIpsec = (BOOLEAN) (PContext->pc_common.pc_IpsecCtx != NULL); PNDIS_BUFFER PC_firewall; struct IPRcvBuf *PC_firewall2; PNDIS_BUFFER PC_hdrincl; LinkEntry *Link; IP_STATUS SendStatus; UNREFERENCED_PARAMETER(Context); // Copy useful information from packet. xmitdone = PContext->pc_pi->pi_xmitdone; UContext = PContext->pc_context; BufRef = PContext->pc_br; PC_firewall = PContext->pc_firewall; PC_firewall2 = PContext->pc_firewall2; PC_hdrincl = PContext->pc_hdrincl; IF = PContext->pc_if; Link = PContext->pc_iflink; SendStatus = (Status == NDIS_STATUS_FAILURE) ? IP_GENERAL_FAILURE : IP_SUCCESS; PktExt = NDIS_PACKET_EXTENSION_FROM_PACKET(Packet); if (PtrToUlong(PktExt->NdisPacketInfo[TcpLargeSendPacketInfo])) { //We are sure that this is tcp. // get its context and pass on this info. ((SendCmpltContext *) UContext)->scc_ByteSent = PtrToUlong(PktExt->NdisPacketInfo[TcpLargeSendPacketInfo]); } if (BufRef == (BufferReference *) NULL) { // If this is a header include packet // make sure that duped data part is // freed here. Buffer = FreeIPPacket(Packet, TRUE, SendStatus); if (!Buffer) { // // if NULL was returned by IPSEC, it is ok since IPSEC // might have released all the MDLs. // if (fIpsec) { // We're done with the packet now, we may need to dereference // the interface. if (Link) { DerefLink(Link); } if (IF) { DerefIF(IF); } return; } else { ASSERT(FALSE); } } ASSERT(Buffer); (*xmitdone) (UContext, Buffer, SendStatus); } else { // Check if this is the last refcnt on this buffer. // Decrement this reference only after all the operations are // done on this packet. if (ReferenceBuffer(BufRef, -1) == 0) { PContext->pc_ipsec_flags |= IPSEC_FLAG_FRAG_DONE; // Check for header include option on the packet. // If true, then original buffer needs to be hooked // back in to the chain freeing the one allocated by us. // Note that this pc_hdrincl will be true only if the packet // traversed thru slow path in ipxmit. FreeIPPacket(Packet, TRUE, SendStatus); Buffer = BufRef->br_buffer; if (!Buffer) { // // if NULL was returned by IPSEC, it is ok since IPSEC // might have released all the MDLs. // if (fIpsec) { // We're done with the packet now, we may need to dereference // the interface. if (Link) { DerefLink(Link); } if (IF) { DerefIF(IF); } CTEFreeMem(BufRef); return; } else { ASSERT(FALSE); } } ASSERT(Buffer); if (PC_firewall) { PNDIS_BUFFER FirewallBuffer; FirewallBuffer = PC_firewall; FreeIPBufferChain(Buffer); Buffer = FirewallBuffer; ASSERT(PC_firewall2); IPFreeBuff(PC_firewall2); if (PC_hdrincl) { FreeIPPayloadBuffer(Buffer,PC_hdrincl); } } CTEFreeMem(BufRef); (*xmitdone) (UContext, Buffer, SendStatus); } else { // Since there are more outstanding packets using the headers // in attached to this packet, do not restore them now. Buffer = FreeIPPacket(Packet, FALSE, SendStatus); // We're not done with the send yet, so NULL the IF to // prevent dereferencing it. IF = NULL; Link = NULL; } } // We're done with the packet now, we may need to dereference // the interface. if (Link != NULL) { DerefLink(Link); } if (IF == NULL) { return; } else { DerefIF(IF); } } #if DBG ULONG DebugLockdown = 0; #endif //** SendIPPacket - Send an IP packet. // // Called when we have a filled in IP packet we need to send. Basically, we // compute the xsum and send the thing. // // Entry: IF - Interface to send it on. // FirstHop - First hop address to send it to. // Packet - Packet to be sent. // Buffer - Buffer to be sent. // Header - Pointer to IP Header of packet. // Options - Pointer to option buffer. // OptionLength - Length of options. // // Returns: IP_STATUS of attempt to send. IP_STATUS SendIPPacket(Interface * IF, IPAddr FirstHop, PNDIS_PACKET Packet, PNDIS_BUFFER Buffer, IPHeader * Header, uchar * Options, uint OptionSize, BOOLEAN IPSeced, void *ArpCtxt, BOOLEAN DontFreePacket) { ulong csum; NDIS_STATUS Status; IP_STATUS SendStatus; #if DBG // // If DebugLockdown is set to 1, this means no unicast packets with // protocol other than AH or ESP can be sent out; and we assert if so. // if (DebugLockdown) { USHORT *pPort = NULL; ULONG Length = 0; USHORT IsakmpPort = net_short(500); USHORT KerberosPort = net_short(88); NdisQueryBuffer(Buffer, &pPort, &Length); if (pPort && Header->iph_protocol != PROTOCOL_AH && Header->iph_protocol != PROTOCOL_ESP && IPGetAddrType(Header->iph_dest) == DEST_REMOTE) { // // We assert here unless this is exempt traffic. // ASSERT(Header->iph_protocol == PROTOCOL_RSVP || (Header->iph_protocol == PROTOCOL_UDP && (pPort[1] == IsakmpPort || pPort[0] == KerberosPort || pPort[1] == KerberosPort)) || (Header->iph_protocol == PROTOCOL_TCP && (pPort[0] == KerberosPort || pPort[1] == KerberosPort))); } } #endif ASSERT(IF->if_refcount != 0); DEBUGMSG(DBG_TRACE && DBG_IP && DBG_TX, (DTEXT("+SendIPPacket(%x, %x, %x, %x, %x, %x, %x, %X, %X, %x)\n"), IF, FirstHop, Packet, Buffer, Header, Options, OptionSize, IPSeced, ArpCtxt, DontFreePacket)); // // If we IPSECed this buffer, then the packet is ready to go courtesy IPSEC // if (!IPSeced) { csum = xsum(Header, sizeof(IPHeader)); if (Options) { // We have options, oh boy. PNDIS_BUFFER OptBuffer; PacketContext *pc = (PacketContext *) Packet->ProtocolReserved; NdisAllocateBuffer(&Status, &OptBuffer, BufferPool, Options, OptionSize); if (Status != NDIS_STATUS_SUCCESS) { // Couldn't get the needed // option buffer. CTEFreeMem(Options); if (!DontFreePacket) { NdisChainBufferAtBack(Packet, Buffer); FreeIPPacket(Packet, TRUE, IP_NO_RESOURCES); } return IP_NO_RESOURCES; } pc->pc_common.pc_flags |= PACKET_FLAG_OPTIONS; NdisChainBufferAtBack(Packet, OptBuffer); csum += xsum(Options, OptionSize); csum = (csum >> 16) + (csum & 0xffff); csum += (csum >> 16); } Header->iph_xsum = ~(ushort) csum; NdisChainBufferAtBack(Packet, Buffer); } else { // Make sure that packet tail is pointing to the // last MDL. PNDIS_BUFFER tmp = Buffer; if (tmp) { while(NDIS_BUFFER_LINKAGE(tmp)) { tmp = NDIS_BUFFER_LINKAGE(tmp); } Packet->Private.Tail = tmp; } } if (CLASSD_ADDR(Header->iph_dest)) { IF->if_OutMcastPkts++; IF->if_OutMcastOctets += net_short(Header->iph_length) - sizeof(IPHeader); } Status = (*(IF->if_xmit)) (IF->if_lcontext, &Packet, 1, FirstHop, NULL, ArpCtxt); if (Status == NDIS_STATUS_PENDING) { return IP_PENDING; } // Status wasn't pending. Map the status, and free the packet. if (Status == NDIS_STATUS_SUCCESS) SendStatus = IP_SUCCESS; else { if (Status == NDIS_STATUS_FAILURE) SendStatus = IP_GENERAL_FAILURE; else SendStatus = IP_HW_ERROR; } if (!DontFreePacket) FreeIPPacket(Packet, TRUE, SendStatus); return SendStatus; } //* SendDHCPPacket - Send a broadcast for DHCP. // // Called when somebody is sending a broadcast packet with a NULL source // address. We assume this means they're sending a DHCP packet. We loop // through the NTE table, and when we find an entry that's not valid we // send out the interface associated with that entry. // // Input: Dest - Destination of packet. // Packet - Packet to be send. // Buffer - Buffer chain to be sent. // Header - Pointer to header buffer being sent. // // Return: Status of send attempt. // IP_STATUS SendDHCPPacket(IPAddr Dest, PNDIS_PACKET Packet, PNDIS_BUFFER Buffer, IPHeader * IPH, void *ArpCtxt) { if (RefPtrValid(&DHCPRefPtr)) { NetTableEntry* DHCPNTE = AcquireRefPtr(&DHCPRefPtr); if (DHCPNTE->nte_flags & NTE_ACTIVE) { IP_STATUS Status; // The DHCP NTE is currently invalid, and active. Send on that // interface. Status = SendIPPacket(DHCPNTE->nte_if, Dest, Packet, Buffer, IPH, NULL, 0, (BOOLEAN) (IPSecHandlerPtr != NULL), ArpCtxt, FALSE); ReleaseRefPtr(&DHCPRefPtr); return Status; } ReleaseRefPtr(&DHCPRefPtr); } // Didn't find an invalid NTE! Free the resources, and return the failure. FreeIPPacket(Packet, TRUE, IP_DEST_HOST_UNREACHABLE); IPSInfo.ipsi_outdiscards++; return IP_DEST_HOST_UNREACHABLE; } //* IPCopyBuffer - Copy an NDIS buffer chain at a specific offset. // // This is the IP version of the function NdisCopyBuffer, which didn't // get done properly in NDIS3. We take in an NDIS buffer chain, an offset, // and a length, and produce a buffer chain describing that subset of the // input buffer chain. // // This routine is not particularly efficient. Since only IPFragment uses // it currently, it might be better to just incorporate this functionality // directly into IPFragment. // // Input: OriginalBuffer - Original buffer chain to copy from. // Offset - Offset from start to dup. // Length - Length in bytes to dup. // // Returns: Pointer to new chain if we can make one, NULL if we can't. // PNDIS_BUFFER IPCopyBuffer(PNDIS_BUFFER OriginalBuffer, uint Offset, uint Length) { PNDIS_BUFFER CurrentBuffer; // Pointer to current buffer. PNDIS_BUFFER *NewBuffer = NULL; // Pointer to pointer to current new buffer. PNDIS_BUFFER FirstBuffer; // First buffer in new chain. UINT CopyLength; // Length of current copy. NDIS_STATUS NewStatus; // Status of NdisAllocateBuffer operation. PVOID pvBuffer; // First skip over the number of buffers we need to to reach Offset. CurrentBuffer = OriginalBuffer; while (Offset >= NdisBufferLength(CurrentBuffer)) { Offset -= NdisBufferLength(CurrentBuffer); CurrentBuffer = NDIS_BUFFER_LINKAGE(CurrentBuffer); if (CurrentBuffer == (PNDIS_BUFFER) NULL) return NULL; } // Now CurrentBuffer is the buffer from which we start building the new chain, and // Offset is the offset into CurrentBuffer from which to start. FirstBuffer = NULL; NewBuffer = &FirstBuffer; do { CopyLength = MIN(Length, NdisBufferLength(CurrentBuffer) - Offset); pvBuffer = TcpipBufferVirtualAddress(CurrentBuffer, NormalPagePriority); if (pvBuffer == NULL) { break; } NdisAllocateBuffer(&NewStatus, NewBuffer, BufferPool, ((uchar *) pvBuffer) + Offset, CopyLength); if (NewStatus != NDIS_STATUS_SUCCESS) break; Offset = 0; // No offset from next buffer. NewBuffer = &(NDIS_BUFFER_LINKAGE(*NewBuffer)); CurrentBuffer = NDIS_BUFFER_LINKAGE(CurrentBuffer); Length -= CopyLength; } while (Length != 0 && CurrentBuffer != (PNDIS_BUFFER) NULL); if (Length == 0) { // We succeeded return FirstBuffer; } else { // We exited the loop because of an error. // We need to free any allocated buffers, and return. CurrentBuffer = FirstBuffer; while (CurrentBuffer != (PNDIS_BUFFER) NULL) { PNDIS_BUFFER Temp = CurrentBuffer; CurrentBuffer = NDIS_BUFFER_LINKAGE(CurrentBuffer); NdisFreeBuffer(Temp); } return NULL; } } //** IPFragment - Fragment and send an IP datagram. // // Called when an outgoing datagram is larger than the local MTU, and needs // to be fragmented. This is a somewhat complicated operation. The caller // gives us a prebuilt IP header, packet, and options. We use the header and // packet on the last fragment of the send, as the passed in header already // has the more fragments bit set correctly for the last fragment. // // The basic idea is to figure out the maximum size which we can send as a // multiple of 8. Then, while we can send a maximum size fragment we'll // allocate a header, packet, etc. and send it. At the end we'll send the // final fragment using the provided header and packet. // // Entry: DestIF - Outbound interface of datagram. // MTU - MTU to use in transmitting. // FirstHop - First (or next) hop for this datagram. // Packet - Packet to be sent. // Header - Prebuilt IP header. // Buffer - Buffer chain for data to be sent. // DataSize - Size in bytes of data. // Options - Pointer to option buffer, if any. // OptionSize - Size in bytes of option buffer. // SentCount - Pointer to where to return pending send count (may be NULL). // bDontLoopback - Determines whether NDIS_FLAGS_DONT_LOOPBACK needs // to be set // // Returns: IP_STATUS of send. // IP_STATUS IPFragment(Interface * DestIF, uint MTU, IPAddr FirstHop, PNDIS_PACKET Packet, IPHeader * Header, PNDIS_BUFFER Buffer, uint DataSize, uchar * Options, uint OptionSize, int *SentCount, BOOLEAN bDontLoopback, void *ArpCtxt) { BufferReference *BR; // Buffer reference we'll use. PacketContext *PContext = (PacketContext *) Packet->ProtocolReserved; FWContext *FWC = (FWContext *) Packet->ProtocolReserved; PacketContext *CurrentContext; // Current Context in use. uint MaxSend; // Maximum size (in bytes) we can send here. uint PendingSends = 0; // Counter of how many pending sends we have. PNDIS_BUFFER CurrentBuffer; // Current buffer to be sent. PNDIS_PACKET CurrentPacket; // Current packet we're using. IP_STATUS SendStatus; // Status of send command. IPHeader *CurrentHeader; // Current header buffer we're using. ushort Offset = 0; // Current offset into fragmented packet. ushort StartOffset; // Starting offset of packet. ushort RealOffset; // Offset of new fragment. uint FragOptSize = 0; // Size (in bytes) of fragment options. uchar FragmentOptions[MAX_OPT_SIZE]; // Master copy of options sent for fragments. uchar Error = FALSE; // Set if we get an error in our main loop. BOOLEAN NukeFwPktOptions = FALSE; PNDIS_BUFFER HdrIncl = NULL; uint FirewallMode = 0; PNDIS_BUFFER TempBuffer, PC_Firewall; struct IPRcvBuf *PC_Firewall2; PNDIS_PACKET LastPacket = NULL; PIPSEC_SEND_COMPLETE_CONTEXT pIpsecCtx; BOOLEAN PC_reinject = FALSE; PVOID PC_context = NULL; void (*xmitdone) (void *, PNDIS_BUFFER, IP_STATUS); xmitdone = NULL; MaxSend = (MTU - OptionSize) & ~7; // Determine max send size. ASSERT(MaxSend < DataSize); BR = PContext->pc_br; // Get the buffer reference we'll need. ASSERT(BR); FirewallMode = ProcessFirewallQ(); TempBuffer = BR->br_buffer; PC_Firewall = PContext->pc_firewall; PC_Firewall2 = PContext->pc_firewall2; pIpsecCtx = PContext->pc_common.pc_IpsecCtx; if (pIpsecCtx && (pIpsecCtx->Flags & SCF_FLUSH)) { PC_reinject = TRUE; PC_context = PContext->pc_context; } HdrIncl = PContext->pc_hdrincl; xmitdone = PContext->pc_pi->pi_xmitdone; if (Header->iph_offset & IP_DF_FLAG) { // Don't fragment flag set. // Error out. // // If options are already linked in, dont free them. FreeIPPacket will. // if (Options && !(PContext->pc_common.pc_flags & PACKET_FLAG_OPTIONS)) { CTEFreeMem(Options); } PContext->pc_ipsec_flags |= (IPSEC_FLAG_FRAG_DONE | IPSEC_FLAG_FLUSH); FreeIPPacket(Packet, FALSE, IP_PACKET_TOO_BIG); if (SentCount == (int *)NULL) { // // Only non-bcast call instance of IPFragment // calls with SentCount == NULL and we need // to do the cleanup in this case. // Also BR count will be zero in this case. // if (ReferenceBuffer(BR, PendingSends) == 0) { if (!PC_reinject) { // // Need to undo ipsec, firewall and then // header include changes to the buffer list. // if (pIpsecCtx) { (*IPSecSendCmpltPtr)(NULL, TempBuffer, pIpsecCtx, IP_PACKET_TOO_BIG, &TempBuffer); } // // If this is user header include packet, // relink the original user buffer if necessary // if (PC_Firewall) { BR->br_buffer = PC_Firewall; } if (BR->br_userbuffer) { FreeIPPayloadBuffer(BR->br_buffer, BR->br_userbuffer); } } if (FirewallMode && PC_Firewall) { // // Free the mdl chain // allocated in firewall path. // FreeIPBufferChain(TempBuffer); IPFreeBuff(PC_Firewall2); } CTEFreeMem(BR); } else { ASSERT(FALSE); } } IPSInfo.ipsi_fragfails++; return IP_PACKET_TOO_BIG; } #if DBG && GPC if (PtrToUlong(NDIS_PER_PACKET_INFO_FROM_PACKET(Packet, ClassificationHandlePacketInfo))) { IF_IPDBG(IP_DEBUG_GPC) KdPrintEx((DPFLTR_TCPIP_ID, DPFLTR_INFO_LEVEL,"IPFrag: Packet %p with CH\n", Packet)); } #endif StartOffset = Header->iph_offset & IP_OFFSET_MASK; StartOffset = net_short(StartOffset) * 8; // If we have any options, copy the ones that need to be copied, and figure // out the size of these new copied options. if (Options != (uchar *) NULL) { // We have options. uchar *TempOptions = Options; const uchar *EndOptions = (const uchar *)(Options + OptionSize); // Copy the options into the fragment options buffer. NdisFillMemory(FragmentOptions, MAX_OPT_SIZE, IP_OPT_EOL); while ((TempOptions < EndOptions) && (TempOptions[IP_OPT_TYPE] != IP_OPT_EOL)) { if (TempOptions[IP_OPT_TYPE] & IP_OPT_COPIED) { // This option needs to be copied. uint TempOptSize; TempOptSize = TempOptions[IP_OPT_LENGTH]; RtlCopyMemory(&FragmentOptions[FragOptSize], TempOptions, TempOptSize); FragOptSize += TempOptSize; TempOptions += TempOptSize; } else { // A non-copied option, just skip over it. if (TempOptions[IP_OPT_TYPE] == IP_OPT_NOP) TempOptions++; else TempOptions += TempOptions[IP_OPT_LENGTH]; } } // Round the copied size up to a multiple of 4. FragOptSize = ((FragOptSize & 3) ? ((FragOptSize & ~3) + 4) : FragOptSize); //Is this from FW path? if (PContext->pc_common.pc_flags & PACKET_FLAG_FW) { //Nuke PContext->fc_options after first IpsendPacket //To prevent double freeing of option buffer NukeFwPktOptions = TRUE; } } PContext->pc_common.pc_flags |= PACKET_FLAG_IPBUF; // Now, while we can build maximum size fragments, do so. do { PVOID CancelId; uchar Owner; if ((CurrentHeader = GetIPHeader(&CurrentPacket)) == (IPHeader *) NULL) { // Couldn't get a buffer. Break out, since no point in sending others. SendStatus = IP_NO_RESOURCES; Error = TRUE; break; } NDIS_PER_PACKET_INFO_FROM_PACKET(CurrentPacket, ClassificationHandlePacketInfo) = NDIS_PER_PACKET_INFO_FROM_PACKET(Packet, ClassificationHandlePacketInfo); #if !MILLEN // Set the cancel requestID from parent packet. CancelId = NDIS_GET_PACKET_CANCEL_ID(Packet); NDIS_SET_PACKET_CANCEL_ID(CurrentPacket, CancelId); #endif // Copy the buffer into a new one, if we can. CurrentBuffer = IPCopyBuffer(Buffer, Offset, MaxSend); if (CurrentBuffer == NULL) { // No buffer, free resources and // break. // header cleanup will be done in error handling // routine SendStatus = IP_NO_RESOURCES; FreeIPPacket(CurrentPacket, FALSE, SendStatus); Error = TRUE; break; } // // Options for this send are set up when we get here, either from the // entry from the loop, or from the allocation below. // We have all the pieces we need. Put the packet together and send it. // CurrentContext = (PacketContext *) CurrentPacket->ProtocolReserved; Owner = CurrentContext->pc_common.pc_owner; *CurrentContext = *PContext; CurrentContext->pc_common.pc_owner = Owner; *CurrentHeader = *Header; CurrentContext->pc_common.pc_flags &= ~PACKET_FLAG_FW; CurrentHeader->iph_verlen = (UCHAR) (IP_VERSION + ((OptionSize + (uint) sizeof(IPHeader)) >> 2)); CurrentHeader->iph_length = net_short(MaxSend + OptionSize + sizeof(IPHeader)); RealOffset = (StartOffset + Offset) >> 3; CurrentHeader->iph_offset = net_short(RealOffset) | IP_MF_FLAG; if (bDontLoopback) { NdisSetPacketFlags(CurrentPacket, NDIS_FLAGS_DONT_LOOPBACK); } else { if (CurrentHeader->iph_ttl == 0) { NdisSetPacketFlags(CurrentPacket, NDIS_FLAGS_LOOPBACK_ONLY); } } // Clear Options flag if we are not sending any options if (Options == NULL) { CurrentContext->pc_common.pc_flags &= ~PACKET_FLAG_OPTIONS; } // Do not free the packet in SendIPPacket, as we may need // to chain the buffer in case of IP_NO_RESOURCES SendStatus = SendIPPacket(DestIF, FirstHop, CurrentPacket, CurrentBuffer, CurrentHeader, Options, OptionSize, FALSE, ArpCtxt, TRUE); if (SendStatus == IP_PENDING) { PendingSends++; } else { if(SendStatus == IP_NO_RESOURCES) { // SendIPPacket has not chained the buffer.. NdisChainBufferAtBack(CurrentPacket, CurrentBuffer); } FreeIPPacket(CurrentPacket, FALSE, SendStatus); } IPSInfo.ipsi_fragcreates++; Offset = Offset + (USHORT) MaxSend; DataSize -= MaxSend; if (NukeFwPktOptions) { //This is to avoid double frees of option // in IpFreepacket and Freefwpacket. FWC->fc_options = (uchar *) NULL; FWC->fc_optlength = 0; NukeFwPktOptions = FALSE; } // If we have any fragmented options, set up to use them next time. if (FragOptSize) { Options = CTEAllocMemN(OptionSize = FragOptSize, 'qiCT'); if (Options == (uchar *) NULL) { // Can't get an option buffer. SendStatus = IP_NO_RESOURCES; Error = TRUE; break; } RtlCopyMemory(Options, FragmentOptions, OptionSize); } else { Options = (uchar *) NULL; OptionSize = 0; } } while (DataSize > MaxSend); // Clear Options flag if we are not sending any options if (Options == NULL) { PContext->pc_common.pc_flags &= ~PACKET_FLAG_OPTIONS; } // // We've sent all of the previous fragments, now send the last one. We // already have the packet and header buffer, as well as options if there // are any - we need to copy the appropriate data. // if (!Error) { // Everything went OK above. CurrentBuffer = IPCopyBuffer(Buffer, Offset, DataSize); if (CurrentBuffer == NULL) { // No buffer, free resources // // If options are already linked in, dont free them. FreeIPPacket will. // if (Options && !(PContext->pc_common.pc_flags & PACKET_FLAG_OPTIONS)) { CTEFreeMem(Options); } if (PC_reinject) LastPacket = Packet; else FreeIPPacket(Packet, FALSE, IP_NO_RESOURCES); IPSInfo.ipsi_outdiscards++; } else { // Everything's OK, send it. Header->iph_verlen = (UCHAR) (IP_VERSION + ((OptionSize + (uint) sizeof(IPHeader)) >> 2)); Header->iph_length = net_short(DataSize + OptionSize + sizeof(IPHeader)); RealOffset = (StartOffset + Offset) >> 3; Header->iph_offset = net_short(RealOffset) | (Header->iph_offset & IP_MF_FLAG); if (bDontLoopback) { NdisSetPacketFlags(Packet, NDIS_FLAGS_DONT_LOOPBACK); } else { if (Header->iph_ttl == 0) { NdisSetPacketFlags(Packet, NDIS_FLAGS_LOOPBACK_ONLY); } } // Do not free the packet in SendIPPacket, as we may need // to chain the buffer in case of IP_NO_RESOURCES SendStatus = SendIPPacket(DestIF, FirstHop, Packet, CurrentBuffer, Header, Options, OptionSize, FALSE, ArpCtxt, TRUE); if (SendStatus == IP_PENDING) { PendingSends++; } else if (PC_reinject) { LastPacket = Packet; } else { if (SendStatus == IP_NO_RESOURCES) { // SendIPPacket has not chained the buffer.. NdisChainBufferAtBack(Packet, CurrentBuffer); } FreeIPPacket(Packet, FALSE, SendStatus); } IPSInfo.ipsi_fragcreates++; IPSInfo.ipsi_fragoks++; } } else { // We had some sort of error. // Free resources. // // If options are already linked in, dont free them. FreeIPPacket will. // if (Options && !(PContext->pc_common.pc_flags & PACKET_FLAG_OPTIONS)) { CTEFreeMem(Options); } if (PC_reinject) LastPacket = Packet; else FreeIPPacket(Packet, FALSE, SendStatus); IPSInfo.ipsi_outdiscards++; } // Now, figure out what error code to return and whether or not we need to // free the BufferReference. if (SentCount == (int *)NULL) { // No sent count is to be // returned. if (ReferenceBuffer(BR, PendingSends) == 0) { if (PC_reinject) { if (LastPacket) { PacketContext *pc = (PacketContext *) LastPacket->ProtocolReserved; pc->pc_ipsec_flags |= (IPSEC_FLAG_FRAG_DONE | IPSEC_FLAG_FLUSH); // This is the last packet that is being freed // Fixup ipsec/firewall/hdrincl headers, if any FreeIPPacket(LastPacket, TRUE, IP_SUCCESS); } else if (PendingSends) { // // IPSEC reinject and last packet is NULL, but we still // return success !!!! // Also, pendingsends is +ve =>ipsendcomplete already // called in same thread somebody has to free IPSEC's buffer // freeippacket has been called by ipsendcomplete // the only remaining way is calling xmitdone // since ipsendcomplete won't have called xmit done as // refcount would be -ve // (*IPSecSendCmpltPtr)(NULL, TempBuffer, pIpsecCtx, IP_SUCCESS, &TempBuffer); (*xmitdone)(PC_context, TempBuffer, IP_SUCCESS); } } else { // Need to undo ipsec, firewall and then // header include changes to teh buffer list. if (pIpsecCtx) { (*IPSecSendCmpltPtr)(NULL, TempBuffer, pIpsecCtx, IP_SUCCESS, &TempBuffer); } // If this is user header include packet, // relink the original user buffer if necessary if (PC_Firewall) { BR->br_buffer = PC_Firewall; } if (BR->br_userbuffer) { FreeIPPayloadBuffer(BR->br_buffer, BR->br_userbuffer); } } CTEFreeMem(BR); if (FirewallMode && PC_Firewall) { FreeIPBufferChain(TempBuffer); // free the mdl chain // allocated in firewall path IPFreeBuff(PC_Firewall2); // free the rcvbuf chain } return IP_SUCCESS; } // // This send is still pending. Call freepacket without setting // pc_ipsec flag // if (LastPacket) FreeIPPacket(LastPacket, FALSE, IP_PENDING); return IP_PENDING; } else *SentCount += PendingSends; // Just free the packet. Headers will be restored when the last packet completes. if (LastPacket) FreeIPPacket(LastPacket, FALSE, IP_PENDING); return IP_PENDING; } //* UpdateRouteOption - Update a SR or RR options. // // Called by UpdateOptions when it needs to update a route option. // // Input: RTOption - Pointer to route option to be updated. // Address - Address to update with. // // Returns: TRUE if we updated, FALSE if we didn't. // uchar UpdateRouteOption(uchar * RTOption, IPAddr Address) { uchar Pointer; // Pointer value of option. Pointer = RTOption[IP_OPT_PTR] - 1; if (Pointer < RTOption[IP_OPT_LENGTH]) { if ((RTOption[IP_OPT_LENGTH] - Pointer) < sizeof(IPAddr)) { return FALSE; } *(IPAddr UNALIGNED *) & RTOption[Pointer] = Address; RTOption[IP_OPT_PTR] += sizeof(IPAddr); } return TRUE; } //* UpdateOptions - Update an options buffer. // // Called when we need to update an options buffer outgoing. We stamp the indicated // options with our local address. // // Input: Options - Pointer to options buffer to be updated. // Index - Pointer to information about which ones to update. // Address - Local address with which to update the options. // // Returns: Index of option causing the error, or MAX_OPT_SIZE if all goes well. // uchar UpdateOptions(uchar * Options, OptIndex * Index, IPAddr Address) { uchar *LocalOption; uchar LocalIndex; // If we have both options and an index, update the options. if (Options != (uchar *) NULL && Index != (OptIndex *) NULL) { // // If we have a source route to update, update it. If this // fails return the index of the source route. // LocalIndex = Index->oi_srindex; if (LocalIndex != MAX_OPT_SIZE) if (!UpdateRouteOption(Options + LocalIndex, Address)) return LocalIndex; // Do the same thing for any record route option. LocalIndex = Index->oi_rrindex; if (LocalIndex != MAX_OPT_SIZE) if (!UpdateRouteOption(Options + LocalIndex, Address)) return LocalIndex; // Now handle timestamp. if ((LocalIndex = Index->oi_tsindex) != MAX_OPT_SIZE) { uchar Flags, Length, Pointer; LocalOption = Options + LocalIndex; Pointer = LocalOption[IP_OPT_PTR] - 1; Flags = LocalOption[IP_TS_OVFLAGS] & IP_TS_FLMASK; // If we have room in the option, update it. if (Pointer < (Length = LocalOption[IP_OPT_LENGTH])) { ulong Now; ulong UNALIGNED *TSPtr; // // Get the current time as milliseconds from midnight GMT, // mod the number of milliseconds in 24 hours. // Now = ((TimeStamp + CTESystemUpTime()) | TSFlag) % (24 * 3600 * 1000); Now = net_long(Now); TSPtr = (ulong UNALIGNED *) & LocalOption[Pointer]; switch (Flags) { // // Just record the TS. If there is some room but not // enough for an IP // address we have an error. // case TS_REC_TS: if ((Length - Pointer) < sizeof(IPAddr)) return LocalIndex; // Error - not enough room. *TSPtr = Now; LocalOption[IP_OPT_PTR] += sizeof(ulong); break; // Record only matching addresses. case TS_REC_SPEC: // // If we're not the specified address, break out, else // fall through to the record address case. // if (*(IPAddr UNALIGNED *) TSPtr != Address) break; // // Record an address and timestamp pair. If there is some // room but not enough for the address/timestamp pait, we // have an error, so bail out. // case TS_REC_ADDR: if ((Length - Pointer) < (sizeof(IPAddr) + sizeof(ulong))) return LocalIndex; // Not enough room. *(IPAddr UNALIGNED *) TSPtr = Address; // Store the address. TSPtr++; // Update to where to put TS. *TSPtr = Now; // Store TS LocalOption[IP_OPT_PTR] += (sizeof(ulong) + sizeof(IPAddr)); break; default: // Unknown flag type. Just ignore it. break; } } else { // Have overflow. // // We have an overflow. If the overflow field isn't maxed, // increment it. If it is maxed we have an error. // if ((LocalOption[IP_TS_OVFLAGS] & IP_TS_OVMASK) != IP_TS_MAXOV) // This is not maxed, so increment it. LocalOption[IP_TS_OVFLAGS] += IP_TS_INC; else return LocalIndex; // Would have overflowed. } } } return MAX_OPT_SIZE; } typedef struct { IPAddr bsl_addr; Interface *bsl_if; uint bsl_mtu; ushort bsl_flags; ushort bsl_if_refs; } BCastSendList; VOID FreeBCastSendList(BCastSendList * SendList, uint SendListSize) { uint i; CTELockHandle LockHandle; CTEGetLock(&RouteTableLock.Lock, &LockHandle); for (i = 0; i < SendListSize / sizeof(BCastSendList); i++) { if (SendList[i].bsl_if) { LockedDerefIF(SendList[i].bsl_if); } } CTEFreeLock(&RouteTableLock.Lock, LockHandle); CTEFreeMem(SendList); } //** SendIPBcast - Send a local BCast IP packet. // // This routine is called when we need to send a bcast packet. This may // involve sending on multiple interfaces. We figure out which interfaces // to send on, then loop through sending on them. // // Some care is needed to avoid sending the packet onto the same physical media // multiple times. What we do is loop through the NTE table, deciding in we // should send on the interface. As we go through we build up a list of // interfaces to send on. Then we loop through this list, sending on each // interface. This is a little cumbersome, but allows us to localize the // decision on where to send datagrams into one spot. If SendOnSource is FALSE // coming in we assume we've already sent on the specified source NTE and // initialize data structures accordingly. This feature is used in routing // datagrams. // // Entry: SrcNTE - NTE for source of send (unused if SendOnSource == TRUE). // Destination - Destination address // Packet - Prebuilt packet to broadcast. // IPH - Pointer to header buffer // Buffer - Buffer of data to be sent. // DataSize - Size of data to be sent. // Options - Pointer to options buffer. // OptionSize - Size in bytes of options. // SendOnSource - Indicator of whether or not this should be sent on the source net. // Index - Pointer to opt index array; may be NULL; // // Returns: Status of attempt to send. // IP_STATUS SendIPBCast(NetTableEntry * SrcNTE, IPAddr Destination, PNDIS_PACKET Packet, IPHeader * IPH, PNDIS_BUFFER Buffer, uint DataSize, uchar * Options, uint OptionSize, uchar SendOnSource, OptIndex * Index) { BufferReference *BR; // Buffer reference to use for this // buffer. PacketContext *PContext = (PacketContext *) Packet->ProtocolReserved; NetTableEntry *TempNTE; uint i, j; uint NeedFragment; // TRUE if we think we'll need to // fragment. int Sent = 0; // Count of how many we've sent. IP_STATUS Status = IP_SUCCESS; uchar *NewOptions; // Options we'll use on each send. IPHeader *NewHeader; PNDIS_BUFFER NewUserBuffer; PNDIS_PACKET NewPacket; BCastSendList *SendList; uint NetsToSend; IPAddr SrcAddr; Interface *SrcIF; IPHeader *Temp = NULL; FORWARD_ACTION Action = FORWARD; IPPacketFilterPtr FilterPtr; PNDIS_BUFFER TempBuffer, PC_Firewall = NULL; struct IPRcvBuf *PC_Firewall2; PIPSEC_SEND_COMPLETE_CONTEXT pIpsecCtx = NULL; BOOLEAN PC_reinject = FALSE; PVOID PC_context = NULL; void (*xmitdone) (void *, PNDIS_BUFFER, IP_STATUS); uint mtu; uchar *NewOptions2; // Options we'll use on each send. IPHeader *NewHeader2; PNDIS_BUFFER NewUserBuffer2; PNDIS_PACKET NewPacket2; CTELockHandle LockHandle; uint SendListSize = sizeof(BCastSendList) * NumNTE; uint k; uchar PacketOwner; PVOID pvBuffer; xmitdone = NULL; SendList = CTEAllocMemN(SendListSize, 'riCT'); if (SendList == NULL) { if (PContext->pc_hdrincl) { NdisChainBufferAtBack(Packet,Buffer); FreeIPPacket(Packet, TRUE, IP_NO_RESOURCES); } return IP_NO_RESOURCES; } RtlZeroMemory(SendList, SendListSize); // If SendOnSource, initalize SrcAddr and SrcIF to be non-matching. // Otherwise initialize them to the masked source address and source // interface. if (SendOnSource != DisableSendOnSource) { SrcAddr = NULL_IP_ADDR; SrcIF = NULL; } else { ASSERT(SrcNTE != NULL); SrcAddr = (SrcNTE->nte_addr & SrcNTE->nte_mask); SrcIF = SrcNTE->nte_if; } CTEGetLock(&RouteTableLock.Lock, &LockHandle); NeedFragment = FALSE; // Loop through the NTE table, making a list of interfaces and // corresponding addresses to send on. NetsToSend = 0; for (k = 0; k < NET_TABLE_SIZE; k++) { for (TempNTE = NewNetTableList[k]; TempNTE != NULL; TempNTE = TempNTE->nte_next) { IPAddr TempAddr; // Don't send through invalid or the loopback NTE. if (!(TempNTE->nte_flags & NTE_VALID) || TempNTE == LoopNTE) continue; // If the broadcast-mode is source-only, skip all NTEs // other than the source-NTE. if (SendOnSource == OnlySendOnSource && !IP_ADDR_EQUAL(TempNTE->nte_addr, IPH->iph_src)) continue; TempAddr = TempNTE->nte_addr & TempNTE->nte_mask; // If he matches the source address or SrcIF, skip him. if (IP_ADDR_EQUAL(TempAddr, SrcAddr) || TempNTE->nte_if == SrcIF) continue; // If the destination isn't a broadcast on this NTE, skip him. if (!IS_BCAST_DEST(IsBCastOnNTE(Destination, TempNTE))) continue; // if this NTE is P2P then always add him to bcast list. if ((TempNTE->nte_if)->if_flags & IF_FLAGS_P2P) { j = NetsToSend; } else { // // Go through the list we've already build, looking for a match. // for (j = 0; j < NetsToSend; j++) { // // if P2P NTE then skip it - we want to send bcasts to all // P2P interfaces in addition to 1 non P2P interface even // if they are on the same subnet. // if ((SendList[j].bsl_if)->if_flags & IF_FLAGS_P2P) continue; if ((SendList[j].bsl_if)->if_flags & IF_FLAGS_P2MP) continue; if (IP_ADDR_EQUAL(SendList[j].bsl_addr & TempNTE->nte_mask, TempAddr) || SendList[j].bsl_if == TempNTE->nte_if) { // He matches this send list element. Shrink the MSS if // we need to, and then break out. SendList[j].bsl_mtu = MIN(SendList[j].bsl_mtu, TempNTE->nte_mss); if ((DataSize + OptionSize) > SendList[j].bsl_mtu) NeedFragment = TRUE; break; } } } if (j == NetsToSend) { // This is a new one. Fill him in, and bump NetsToSend. SendList[j].bsl_addr = TempNTE->nte_addr; SendList[j].bsl_if = TempNTE->nte_if; SendList[j].bsl_mtu = TempNTE->nte_mss; SendList[j].bsl_flags = TempNTE->nte_flags; SendList[j].bsl_if_refs++; ASSERT(SendList[j].bsl_if_refs <= 1); LOCKED_REFERENCE_IF(TempNTE->nte_if); if ((DataSize + OptionSize) > SendList[j].bsl_mtu) NeedFragment = TRUE; NetsToSend++; } } } CTEFreeLock(&RouteTableLock.Lock, LockHandle); if (NetsToSend == 0) { CTEFreeMem(SendList); if (PContext->pc_hdrincl) { NdisChainBufferAtBack(Packet,Buffer); FreeIPPacket(Packet, TRUE, IP_SUCCESS); } return IP_SUCCESS; // Nothing to send on. } // OK, we've got the list. If we've got more than one interface to send // on or we need to fragment, get a BufferReference. if (NetsToSend > 1 || NeedFragment) { if ((BR = CTEAllocMemN(sizeof(BufferReference), 'siCT')) == (BufferReference *) NULL) { FreeBCastSendList(SendList, SendListSize); if (PContext->pc_hdrincl) { NdisChainBufferAtBack(Packet,Buffer); FreeIPPacket(Packet, TRUE, IP_NO_RESOURCES); } return IP_NO_RESOURCES; } BR->br_buffer = Buffer; BR->br_refcount = 0; CTEInitLock(&BR->br_lock); PContext->pc_br = BR; BR->br_userbuffer = PContext->pc_hdrincl; TempBuffer = BR->br_buffer; PC_Firewall = PContext->pc_firewall; PC_Firewall2 = PContext->pc_firewall2; pIpsecCtx = PContext->pc_common.pc_IpsecCtx; if (pIpsecCtx && (pIpsecCtx->Flags & SCF_FLUSH)) { PC_reinject = TRUE; PC_context = PContext->pc_context; } xmitdone = PContext->pc_pi->pi_xmitdone; } else { BR = NULL; PContext->pc_br = NULL; } // // We need to pass up the options and IP hdr in a contiguous buffer. // Allocate the buffer once and re-use later. // if (RefPtrValid(&FilterRefPtr)) { if (Options == NULL) { #if FWD_DBG DbgPrint("Options==NULL\n"); #endif Temp = IPH; } else { Temp = CTEAllocMemN(sizeof(IPHeader) + OptionSize, 'tiCT'); if (Temp == NULL) { FreeBCastSendList(SendList, SendListSize); if (PContext->pc_hdrincl) { NdisChainBufferAtBack(Packet,Buffer); FreeIPPacket(Packet, TRUE, IP_NO_RESOURCES); } return IP_NO_RESOURCES; } *Temp = *IPH; #if FWD_DBG DbgPrint("Options!=NULL : alloced temp @ %lx\n", Temp); #endif // // done later... // RtlCopyMemory((uchar *)(Temp + 1), Options, OptionSize); } } // Now, loop through the list. For each entry, send. // Header fixup is needed in FreeIPPacket called within this loop // If number of nets is one for (i = 0; i < NetsToSend; i++) { // // For all nets except the last one we're going to send on we need // to make a copy of the header, packet, buffers, and any options. // On the last net we'll use the user provided information. // if (i != (NetsToSend - 1)) { PVOID CancelId; if ((NewHeader = GetIPHeader(&NewPacket)) == (IPHeader *) NULL) { IPSInfo.ipsi_outdiscards++; continue; // Couldn't get a header, skip this send. } NewUserBuffer = IPCopyBuffer(Buffer, 0, DataSize); if (NewUserBuffer == NULL) { // Couldn't get user buffer copied. FreeIPPacket(NewPacket, FALSE, IP_NO_RESOURCES); IPSInfo.ipsi_outdiscards++; continue; } PacketOwner = ((PacketContext *) NewPacket->ProtocolReserved)->pc_common.pc_owner; *(PacketContext *) NewPacket->ProtocolReserved = *PContext; *NewHeader = *IPH; (*(PacketContext *) NewPacket->ProtocolReserved).pc_common.pc_flags |= PACKET_FLAG_IPBUF; (*(PacketContext *) NewPacket->ProtocolReserved).pc_common.pc_flags &= ~PACKET_FLAG_FW; (*(PacketContext *) NewPacket->ProtocolReserved).pc_common.pc_flags &= ~PACKET_FLAG_OPTIONS; (*(PacketContext *) NewPacket->ProtocolReserved).pc_common.pc_owner = PacketOwner; if (Options) { // We have options, make a copy. if ((NewOptions = CTEAllocMemN(OptionSize, 'uiCT')) == (uchar *) NULL) { FreeIPBufferChain(NewUserBuffer); FreeIPPacket(NewPacket, FALSE, IP_NO_RESOURCES); IPSInfo.ipsi_outdiscards++; continue; } RtlCopyMemory(NewOptions, Options, OptionSize); } else { NewOptions = NULL; } #if !MILLEN // Set the cancel requestID from parent packet. CancelId = NDIS_GET_PACKET_CANCEL_ID(Packet); NDIS_SET_PACKET_CANCEL_ID(NewPacket, CancelId); #endif } else { NewHeader = IPH; NewPacket = Packet; NewOptions = Options; NewUserBuffer = Buffer; } UpdateOptions(NewOptions, Index, SendList[i].bsl_addr); // See if we need to filter this packet. If we // do, call the filter routine to see if it's // OK to send it. if (RefPtrValid(&FilterRefPtr)) { // // Copy over the options. // if (NewOptions) { RtlCopyMemory((uchar *) (Temp + 1), NewOptions, OptionSize); } pvBuffer = TcpipBufferVirtualAddress(NewUserBuffer, NormalPagePriority); if (pvBuffer == NULL) { if (i != (NetsToSend - 1)) { FreeIPBufferChain(NewUserBuffer); IPSInfo.ipsi_outdiscards++; if (NewOptions) { CTEFreeMem(NewOptions); } } FreeIPPacket(NewPacket, FALSE, IP_GENERAL_FAILURE); continue; } if ((SendList[i].bsl_if)->if_flags & IF_FLAGS_P2MP) { if ((SendList[i].bsl_if)->if_flags & IF_FLAGS_NOLINKBCST) { // what filtercontext to use ? #if FWD_DBG DbgPrint("FilterPtr not called for IF %lx since IF_FLAGS_NOLINKBCST not set\n", SendList[i].bsl_if); #endif Action = FORWARD; } else { //scan all the links on this interface and deliver them to the forwardfilter Interface *IF = SendList[i].bsl_if; LinkEntry *tmpLink = IF->if_link; // ASSERT(tmpLink); while (tmpLink) { tmpLink->link_Action = FORWARD; FilterPtr = AcquireRefPtr(&FilterRefPtr); Action = (*FilterPtr) (Temp, pvBuffer, NdisBufferLength(NewUserBuffer), INVALID_IF_INDEX, IF->if_index, NULL_IP_ADDR, tmpLink->link_NextHop); ReleaseRefPtr(&FilterRefPtr); tmpLink->link_Action = Action; tmpLink = tmpLink->link_next; } } } else { FilterPtr = AcquireRefPtr(&FilterRefPtr); Action = (*FilterPtr) (Temp, pvBuffer, NdisBufferLength(NewUserBuffer), INVALID_IF_INDEX, SendList[i].bsl_if->if_index, NULL_IP_ADDR, NULL_IP_ADDR); ReleaseRefPtr(&FilterRefPtr); } #if FWD_DBG DbgPrint("FilterPtr: %lx, FORWARD is %lx\n", Action, FORWARD); #endif if (!(SendList[i].bsl_if->if_flags & IF_FLAGS_P2MP) || (SendList[i].bsl_if->if_flags & IF_FLAGS_P2MP) && (SendList[i].bsl_if->if_flags & IF_FLAGS_NOLINKBCST)) { if (Action != FORWARD) { if (i != (NetsToSend - 1)) { FreeIPBufferChain(NewUserBuffer); if (NewOptions) { CTEFreeMem(NewOptions); } } FreeIPPacket(NewPacket, FALSE, IP_GENERAL_FAILURE); continue; } } } if ((SendList[i].bsl_if->if_flags & IF_FLAGS_P2MP) && (SendList[i].bsl_if->if_flags & IF_FLAGS_NOLINKBCST)) { //Determine the minimum MTU Interface *tmpIF = SendList[i].bsl_if; LinkEntry *tmpLink = tmpIF->if_link; // int mtu; if (!tmpLink) { if (i != (NetsToSend - 1)) { FreeIPBufferChain(NewUserBuffer); if (NewOptions) { CTEFreeMem(NewOptions); } } FreeIPPacket(NewPacket, FALSE, IP_GENERAL_FAILURE); continue; } ASSERT(tmpLink); mtu = tmpLink->link_mtu; while (tmpLink) { if (tmpLink->link_mtu < mtu) mtu = tmpLink->link_mtu; tmpLink = tmpLink->link_next; } if ((DataSize + OptionSize) > mtu) { // This is too big // // Don't need to update Sent when fragmenting, as IPFragment // will update the br_refcount field itself. It will also free // the option buffer. // Status = IPFragment(SendList[i].bsl_if, mtu, Destination, NewPacket, NewHeader, NewUserBuffer, DataSize, NewOptions, OptionSize, &Sent, FALSE, NULL); // // IPFragment is done with the descriptor chain, so if this is // a locally allocated chain free it now. // if (i != (NetsToSend - 1)) FreeIPBufferChain(NewUserBuffer); } else { NewHeader->iph_xsum = 0; // Do not free the packet in SendIPPacket, as we may need // to chain the buffer in case of IP_NO_RESOURCES Status = SendIPPacket(SendList[i].bsl_if, Destination, NewPacket, NewUserBuffer, NewHeader, NewOptions, OptionSize, FALSE, NULL, TRUE); if (Status == IP_PENDING) { Sent++; } else { if (Status == IP_NO_RESOURCES) { // SendIPPacket has not chained the buffer.. NdisChainBufferAtBack(NewPacket, NewUserBuffer); } if (NetsToSend == 1) { FreeIPPacket(NewPacket, TRUE, Status); } else { FreeIPPacket(NewPacket, FALSE, Status); } } } } else if (SendList[i].bsl_if->if_flags & IF_FLAGS_P2MP) { // broadcast on all the links Interface *tmpIF = SendList[i].bsl_if; LinkEntry *tmpLink = tmpIF->if_link; ASSERT(!(SendList[i].bsl_if->if_flags & IF_FLAGS_NOLINKBCST)); if (!tmpLink) { if (i != (NetsToSend - 1)) { FreeIPBufferChain(NewUserBuffer); if (NewOptions) { CTEFreeMem(NewOptions); } } FreeIPPacket(NewPacket, FALSE, IP_GENERAL_FAILURE); continue; } ASSERT(tmpLink); while (tmpLink) { // //Go thru the send motion for all the links //Passing the link context and checking whether it was //forward for that link. For all link except the last one //we're going to send on we need to make a copy of the header, //packet, buffers, and any options. // On the last net we'll use the user provided information. // if (tmpLink->link_next) { if ((NewHeader2 = GetIPHeader(&NewPacket2)) == (IPHeader *) NULL) { IPSInfo.ipsi_outdiscards++; // free the packet etc. we made for the interface if (i != (NetsToSend - 1)) { FreeIPBufferChain(NewUserBuffer); if (NewOptions) { CTEFreeMem(NewOptions); } } FreeIPPacket(NewPacket, FALSE, IP_NO_RESOURCES); tmpLink = tmpLink->link_next; continue; // Couldn't get a header, skip this send. } NewUserBuffer2 = IPCopyBuffer(Buffer, 0, DataSize); if (NewUserBuffer2 == NULL) { // Couldn't get user buffer copied. FreeIPPacket(NewPacket2, FALSE, IP_NO_RESOURCES); IPSInfo.ipsi_outdiscards++; if (i != (NetsToSend - 1)) { FreeIPBufferChain(NewUserBuffer); if (NewOptions) { CTEFreeMem(NewOptions); } } tmpLink = tmpLink->link_next; continue; } PacketOwner = ((PacketContext *) NewPacket2->ProtocolReserved)->pc_common.pc_owner; *(PacketContext *) NewPacket2->ProtocolReserved = *PContext; *NewHeader2 = *IPH; (*(PacketContext *) NewPacket2->ProtocolReserved).pc_common.pc_flags |= PACKET_FLAG_IPBUF; (*(PacketContext *) NewPacket2->ProtocolReserved).pc_common.pc_flags &= ~PACKET_FLAG_FW; (*(PacketContext *) NewPacket2->ProtocolReserved).pc_common.pc_owner = PacketOwner; if (Options) { // We have options, make a copy. if ((NewOptions2 = CTEAllocMemN(OptionSize, 'viCT')) == (uchar *) NULL) { FreeIPBufferChain(NewUserBuffer2); FreeIPPacket(NewPacket2, FALSE, IP_NO_RESOURCES); IPSInfo.ipsi_outdiscards++; if (i != (NetsToSend - 1)) { FreeIPBufferChain(NewUserBuffer); if (NewOptions) { CTEFreeMem(NewOptions); } } tmpLink = tmpLink->link_next; continue; } RtlCopyMemory(NewOptions2, Options, OptionSize); } else { NewOptions2 = NULL; } } else { // last link NewHeader2 = NewHeader; NewPacket2 = NewPacket; NewOptions2 = NewOptions; NewUserBuffer2 = NewUserBuffer; } UpdateOptions(NewOptions2, Index, SendList[i].bsl_addr); if (tmpLink->link_Action) { if ((DataSize + OptionSize) > tmpLink->link_mtu) { // // This is too big // Don't need to update Sent when fragmenting, as // IPFragment will update the br_refcount field itself. // It will also free the option buffer. // Status = IPFragment(SendList[i].bsl_if, tmpLink->link_mtu, Destination, NewPacket2, NewHeader2, NewUserBuffer2, DataSize, NewOptions2, OptionSize, &Sent, FALSE, tmpLink->link_arpctxt); // // IPFragment is done with the descriptor chain, so // if this is a locally allocated chain free it now. // if ((i != (NetsToSend - 1)) || (tmpLink->link_next)) FreeIPBufferChain(NewUserBuffer2); } else { NewHeader2->iph_xsum = 0; // Do not free the packet in SendIPPacket, as we may need // to chain the buffer in case of IP_NO_RESOURCES Status = SendIPPacket(SendList[i].bsl_if, Destination, NewPacket2, NewUserBuffer2, NewHeader2, NewOptions2, OptionSize, FALSE, tmpLink->link_arpctxt, TRUE); if (Status == IP_PENDING) { Sent++; } else { if (Status == IP_NO_RESOURCES) { // SendIPPacket has not chained the buffer.. NdisChainBufferAtBack(NewPacket2, NewUserBuffer2); } if (NetsToSend == 1) { FreeIPPacket(NewPacket2, TRUE, Status); } else { FreeIPPacket(NewPacket2, FALSE, Status); } } } } else { // Action != FORWARD if ((i != (NetsToSend - 1)) || (tmpLink->link_next)) { FreeIPBufferChain(NewUserBuffer2); if (NewOptions2) { CTEFreeMem(NewOptions2); } } tmpLink = tmpLink->link_next; continue; } tmpLink = tmpLink->link_next; } } else { // Normal path if ((DataSize + OptionSize) > SendList[i].bsl_mtu) { // // This is too big // Don't need to update Sent when fragmenting, as IPFragment // will update the br_refcount field itself. It will also free // the option buffer. // Status = IPFragment(SendList[i].bsl_if, SendList[i].bsl_mtu, Destination, NewPacket, NewHeader, NewUserBuffer, DataSize, NewOptions, OptionSize, &Sent, FALSE, NULL); // // IPFragment is done with the descriptor chain, so if this is // a locally allocated chain free it now. // if (i != (NetsToSend - 1)) { FreeIPBufferChain(NewUserBuffer); } } else { NewHeader->iph_xsum = 0; // Do not free the packet in SendIPPacket, as we may need // to chain the buffer in case of IP_NO_RESOURCES Status = SendIPPacket(SendList[i].bsl_if, Destination, NewPacket, NewUserBuffer, NewHeader, NewOptions, OptionSize, FALSE, NULL, TRUE); if (Status == IP_PENDING) { Sent++; } else { if (Status == IP_NO_RESOURCES) { // SendIPPacket has not chained the buffer.. NdisChainBufferAtBack(NewPacket, NewUserBuffer); } if (NetsToSend == 1) { FreeIPPacket(NewPacket, TRUE, Status); } else { FreeIPPacket(NewPacket, FALSE, Status); } } } } } if (Temp && Temp != IPH) { CTEFreeMem(Temp); } // // Alright, we've sent everything we need to. We'll adjust the reference // count by the number we've sent. IPFragment may also have put some // references on it. If the reference count goes to 0, we're done and // we'll free the BufferReference structure. // if (BR != NULL) { if (ReferenceBuffer(BR, Sent) == 0) { FreeBCastSendList(SendList, SendListSize); // Need to undo ipsec/firewall/Hdrincl header munging if (PC_reinject) { // // the only remaining way is calling xmitdone // since ipsendcomplete won't have called xmit done as // refcount would be -ve // (*IPSecSendCmpltPtr)(NULL, TempBuffer, pIpsecCtx, IP_SUCCESS, &TempBuffer); (*xmitdone) (PC_context, TempBuffer, IP_SUCCESS); } else { // Need to undo ipsec, firewall and then // header include changes to the buffer list. if (pIpsecCtx) { (*IPSecSendCmpltPtr)(NULL, TempBuffer, pIpsecCtx, IP_SUCCESS, &TempBuffer); } // If this is user header include packet, // relink the original user buffer if necessary if (PC_Firewall) { BR->br_buffer = PC_Firewall; } if (BR->br_userbuffer) { FreeIPPayloadBuffer(BR->br_buffer, BR->br_userbuffer); } } CTEFreeMem(BR); // Reference is 0, free the BR structure. return IP_SUCCESS; } else { FreeBCastSendList(SendList, SendListSize); return IP_PENDING; } } else { // Had only one I/F to send on. Just return the status. FreeBCastSendList(SendList, SendListSize); return Status; } } //** IPCancelPacket - Cancels packets that are pending // // Called by upper layer, when a send request is cancelled. // Check for validity of the interface and call link layer // cancel routine, if it is registered. // // Entry: IPIF - Interface on which the cancel needs to be issued // Ctxt - Pointer to the cancel ID. // // Returns: None // VOID IPCancelPackets(void *IPIF, void * Ctxt) { Interface *IF; CTELockHandle Handle; CTEGetLock(&RouteTableLock.Lock, &Handle); if ((Interface *)IPIF != NULL) { IF = IFList; if (IPIF != BCAST_IF_CTXT) { while(IF && (IF != IPIF)) { IF= IF->if_next; } if (IF && !(IF->if_flags & IF_FLAGS_DELETING) && IF->if_cancelpackets) { LOCKED_REFERENCE_IF(IF); CTEFreeLock(&RouteTableLock.Lock, Handle); (*(IF->if_cancelpackets)) (IF->if_lcontext, Ctxt); DerefIF(IF); } else { CTEFreeLock(&RouteTableLock.Lock, Handle); } } else { //Bcast cancel!. Issue cancel on all interfaces uint CancelListSize, CancelIFs,i=0; Interface **CancelList; CancelListSize = sizeof(Interface *)*(NumIF +1); CancelList = CTEAllocMemN(CancelListSize, 'riCT'); if (!CancelList) { CTEFreeLock(&RouteTableLock.Lock, Handle); return; } //refcnt valid interfaces while(IF){ if (IF->if_refcount && IF->if_cancelpackets) { LOCKED_REFERENCE_IF(IF); CancelList[++i] = IF; } IF = IF->if_next; } CTEFreeLock(&RouteTableLock.Lock, Handle); //call cancel and deref if CancelIFs = i; while (i) { (*(CancelList[i]->if_cancelpackets))(CancelList[i]->if_lcontext, Ctxt); i--; } while (CancelIFs) { DerefIF(CancelList[CancelIFs]); CancelIFs--; } CTEFreeMem(CancelList); } } else { CTEFreeLock(&RouteTableLock.Lock, Handle); } } IP_STATUS ARPResolve(IPAddr Dest, IPAddr Source, ARPControlBlock * controlBlock, ArpRtn Callback) { NDIS_STATUS status; Interface *DestIF; IPAddr NextHop; uint MTU, size; status = IP_DEST_HOST_UNREACHABLE; DestIF = LookupNextHop(Dest, Source, &NextHop, &MTU); if (DestIF == &LoopInterface) { Interface *IF = NULL; NetTableEntry *NTE; NetTableEntry *NetTableList = NewNetTableList[NET_TABLE_HASH(Dest)]; for (NTE = NetTableList; NTE != NULL; NTE = NTE->nte_next) { if (NTE != LoopNTE && IP_ADDR_EQUAL(NTE->nte_addr, Dest)) { // Found one. Save it and break out. IF = NTE->nte_if; break; } } if (IF) { if (controlBlock->PhyAddrLen < IF->if_addrlen) { size = controlBlock->PhyAddrLen; status = IP_NO_RESOURCES; } else { size = IF->if_addrlen; status = IP_SUCCESS; } // // Update the address length. // controlBlock->PhyAddrLen = size; RtlCopyMemory(controlBlock->PhyAddr, IF->if_addr, size); } DerefIF(DestIF); return status; } controlBlock->CompletionRtn = Callback; if (DestIF != NULL) { if (!DestIF->if_arpresolveip) { DerefIF(DestIF); return IP_GENERAL_FAILURE; } if (!IP_ADDR_EQUAL(NextHop, Dest)) { //We do not arp on non local address(via gateway) DerefIF(DestIF); return IP_BAD_DESTINATION; } status = (*(DestIF->if_arpresolveip)) (DestIF->if_lcontext, Dest, controlBlock); if (NDIS_STATUS_PENDING == status) { status = IP_PENDING; } else if (NDIS_STATUS_SUCCESS == status) { status = IP_SUCCESS; } else { status = IP_GENERAL_FAILURE; } DerefIF(DestIF); } return status; } //** IPLargeXmit - Large Send // // This is the main transmit routine called by the upper layer. Conceptually, // we process any options, look up the route to the destination, fragment the // packet if needed, and send it. In reality, we use an RCE to cache the best // route, and we have special case code here for dealing with the common // case of no options, with everything fitting into one buffer. // // Entry: Context - Pointer to ProtInfo struc for protocol. // SendContext - User provided send context, passed back on send cmplt. // Protocol - Protocol field for packet. // Buffer - NDIS_BUFFER chain of data to be sent. // DataSize - Size in bytes of data to be sent. // OptInfo - Pointer to optinfo structure. // Dest - Destination to send to. // Source - Source address to use. // RCE - Pointer to an RCE structure that caches info. about path. // SentBytes - pointer to return the number of bytes xmited // // Returns: Status of transmit command. // IP_STATUS IPLargeXmit(void *Context, void *SendContext, PNDIS_BUFFER Buffer, uint DataSize, IPAddr Dest, IPAddr Source, IPOptInfo * OptInfo, RouteCacheEntry * RCE, uchar Protocol, ulong * SentBytes, ulong mss) { ProtInfo *PInfo = (ProtInfo *) Context; PacketContext *pc; Interface *DestIF; // Outgoing interface to use. IPAddr FirstHop; // First hop address of // destination. NDIS_STATUS Status = IP_GENERAL_FAILURE; IPHeader *IPH; PNDIS_PACKET Packet; PNDIS_BUFFER HeaderBuffer; PNDIS_BUFFER OptBuffer = NULL; CTELockHandle LockHandle; uchar *Options; uint OptionSize = 0; RouteTableEntry *RTE; IP_STATUS SendStatus; uint FirewallMode = 0; IPSInfo.ipsi_outrequests++; // // Allocate a packet that we need for all cases, and fill // in the common stuff. If everything goes well, we'll send it // here. Otherwise we'll break out into special case code for // broadcasts, fragments, etc. // // Make sure that we have an RCE, that it's valid, etc. FirewallMode = ProcessFirewallQ(); if (RefPtrValid(&FilterRefPtr) || FirewallMode) { return Status; } if (RCE != NULL) { // We have an RCE. Make sure it's valid. if ((Packet = GetIPPacket()) != (PNDIS_PACKET) NULL) { // Got a packet. PNDIS_PACKET_EXTENSION PktExt; pc = (PacketContext *) Packet->ProtocolReserved; pc->pc_br = (BufferReference *) NULL; pc->pc_pi = PInfo; pc->pc_context = SendContext; ASSERT(pc->pc_if == NULL); ASSERT(pc->pc_iflink == NULL); CTEGetLock(&RCE->rce_lock, &LockHandle); if (RCE->rce_flags == RCE_ALL_VALID) { // The RTE is valid. CTEInterlockedIncrementLong(&RCE->rce_usecnt); RTE = RCE->rce_rte; FirstHop = ADDR_FROM_RTE(RTE, Dest); DestIF = IF_FROM_RTE(RTE); CTEFreeLock(&RCE->rce_lock, LockHandle); if (RCE->rce_dtype != DEST_BCAST) { if (!OptInfo->ioi_options) { // Construct the IP header in the backfill space // provided by the transport NdisAdjustBufferLength(Buffer, NdisBufferLength(Buffer) + sizeof(IPHeader)); NdisChainBufferAtBack(Packet, Buffer); IPH = (IPHeader *)TcpipBufferVirtualAddress(Buffer, NormalPagePriority); } else { // Allocate a separate buffer for the IP header // and chain to it the packet, followed by a separate // buffer allocated for the packet's IP options. OptionSize = OptInfo->ioi_optlength; HeaderBuffer = GetIPHdrBuffer(&IPH); if (HeaderBuffer) { pc->pc_common.pc_flags |= PACKET_FLAG_IPHDR; NdisChainBufferAtBack(Packet, HeaderBuffer); Options = CTEAllocMemN(OptionSize, 'xiCT'); if (!Options) { IPH = NULL; } else { NDIS_STATUS Status; // Copy the options to the allocated block // and obtain an NDIS_BUFFER to map the block. RtlCopyMemory(Options, OptInfo->ioi_options, OptionSize); NdisAllocateBuffer(&Status, &OptBuffer, BufferPool, Options, OptionSize); if (Status != NDIS_STATUS_SUCCESS) { CTEFreeMem(Options); IPH = NULL; } else { uchar* ULData; // Mark the packet as carrying options, // and chain both the options-buffer and // the application data to the packet. pc->pc_common.pc_flags |= PACKET_FLAG_OPTIONS; NdisChainBufferAtBack(Packet, OptBuffer); // Copy the upper layer data forward. // Note that the upper-layer header is // assumed to be in non-paged pool, so // TcpipBufferVirtualAddress cannot fail. ULData = TcpipBufferVirtualAddress(Buffer, NormalPagePriority); RtlMoveMemory(ULData, ULData + sizeof(IPHeader), NdisBufferLength(Buffer)); NdisChainBufferAtBack(Packet, Buffer); } } } } if (IPH == NULL) { FreeIPPacket(Packet, TRUE, IP_NO_RESOURCES); IPSInfo.ipsi_outdiscards++; CTEInterlockedDecrementLong(&RCE->rce_usecnt); return IP_NO_RESOURCES; } IPH->iph_protocol = Protocol; IPH->iph_xsum = 0; if (IP_ADDR_EQUAL(OptInfo->ioi_addr, NULL_IP_ADDR)) { IPH->iph_dest = Dest; } else { IPH->iph_dest = OptInfo->ioi_addr; } IPH->iph_src = Source; IPH->iph_ttl = OptInfo->ioi_ttl; if (OptInfo->ioi_ttl == 0) { NdisSetPacketFlags(Packet, NDIS_FLAGS_LOOPBACK_ONLY); } else if (!DestIF->if_promiscuousmode) { // Set DONT_LOOPBACK flags for unicast packets // to save few cycles in ndis NdisSetPacketFlags(Packet, NDIS_FLAGS_DONT_LOOPBACK); } IPH->iph_tos = OptInfo->ioi_tos; IPH->iph_offset = net_short((OptInfo->ioi_flags & IP_FLAG_DF) << 13); IPH->iph_id = (ushort) InterlockedExchangeAdd( (PLONG) &IPIDCacheLine.Value, (DataSize + mss - 1) / mss); IPH->iph_id = net_short(IPH->iph_id); IPH->iph_verlen = (UCHAR) (IP_VERSION + ((OptionSize + (uint) sizeof(IPHeader)) >> 2)); IPH->iph_length = net_short(DataSize + OptionSize + sizeof(IPHeader)); PktExt = NDIS_PACKET_EXTENSION_FROM_PACKET(Packet); PktExt->NdisPacketInfo[TcpLargeSendPacketInfo] = UlongToPtr(mss); #if GPC if (OptInfo->ioi_GPCHandle) { PktExt->NdisPacketInfo[ClassificationHandlePacketInfo] = IntToPtr(OptInfo->ioi_GPCHandle); } #endif Status = (*(DestIF->if_xmit)) (DestIF->if_lcontext, &Packet, 1, FirstHop, RCE, NULL); CTEInterlockedDecrementLong(&RCE->rce_usecnt); if (Status != NDIS_STATUS_PENDING) { *SentBytes = PtrToUlong(PktExt->NdisPacketInfo[TcpLargeSendPacketInfo]); KdPrintEx((DPFLTR_TCPIP_ID, DPFLTR_INFO_LEVEL,"Largesend status not pending!\n")); SendStatus = (Status == NDIS_STATUS_SUCCESS) ? IP_SUCCESS : IP_GENERAL_FAILURE; FreeIPPacket(Packet, TRUE, SendStatus); return SendStatus; } else { return IP_PENDING; } } CTEInterlockedDecrementLong(&RCE->rce_usecnt); } else { // // Large send is not possible. // CTEFreeLock(&RCE->rce_lock, LockHandle); } Status = IP_GENERAL_FAILURE; FreeIPPacket(Packet, TRUE, Status); } else { // // Could not get the packet. // Status = IP_NO_RESOURCES; } } //RCE NULL return Status; } #define FREE_RESOURCES(status) \ if (pc->pc_hdrincl) { \ NdisChainBufferAtBack(Packet, Buffer); \ } \ FreeIPPacket(Packet, TRUE, status);\ if (Link) { \ DerefLink(Link); \ } \ if (RoutedIF != NULL) { \ DerefIF(RoutedIF); \ } else { \ ASSERT(RoutedRCE); \ CTEInterlockedDecrementLong(&RoutedRCE->rce_usecnt); \ } \ if (Options) { \ CTEFreeMem(Options); \ } \ if (IPSecHandlerPtr && OptBuffer) { \ NdisFreeBuffer(OptBuffer); \ } \ IPSInfo.ipsi_outdiscards++; \ //** IPTransmit - Transmit a packet. // // This is the main transmit routine called by the upper layer. Conceptually, // we process any options, look up the route to the destination, fragment the // packet if needed, and send it. In reality, we use an RCE to cache the best // route, and we have special case code here for dealing with the common // case of no options, with everything fitting into one buffer. // // Entry: Context - Pointer to ProtInfo struc for protocol. // SendContext - User provided send context, passed back on send cmplt. // Protocol - Protocol field for packet. // Buffer - NDIS_BUFFER chain of data to be sent. // DataSize - Size in bytes of data to be sent. // OptInfo - Pointer to optinfo structure. // Dest - Destination to send to. // Source - Source address to use. // RCE - Pointer to an RCE structure that caches info. about path. // Protocol - Transport layer protcol number // Irp - Pointer to Irp which generated this request, used // for cancellation purpose // // Returns: Status of transmit command. // IP_STATUS IPTransmit(void *Context, void *SendContext, PNDIS_BUFFER Buffer, uint DataSize, IPAddr Dest, IPAddr Source, IPOptInfo *OptInfo, RouteCacheEntry *RCE, uchar Protocol, IRP *Irp) { ProtInfo *PInfo = (ProtInfo *) Context; PacketContext *pc; Interface *DestIF = NULL; // Outgoing interface to use. IPAddr FirstHop; // First hop address of destination. uint MTU = 0; // MTU of route. NDIS_STATUS Status; IPHeader *IPH; UCHAR saveIPH[MAX_IP_HDR_SIZE + ICMP_HEADER_SIZE]; IPAddr SrcRouteOrigDest = 0; IPAddr SrcRouteFirstHop = 0; BOOLEAN fSrcRoute = FALSE; ULONG ipsecFlags = 0; PNDIS_PACKET Packet; PNDIS_BUFFER HeaderBuffer = NULL; PNDIS_BUFFER OptBuffer = NULL; CTELockHandle LockHandle; uchar *Options = NULL; uint OptionSize = 0; BufferReference *BR; RouteTableEntry *RTE; uchar DType = 0; IP_STATUS SendStatus; Interface *RoutedIF; BOOLEAN fIpsec; // is this an IPSEC generated packet? FORWARD_ACTION Action = FORWARD; IPPacketFilterPtr FilterPtr; ULONG ipsecByteCount = 0; ULONG ipsecMTU; PNDIS_BUFFER newBuf = NULL; IPRcvBuf *pInRcvBuf = NULL; uint FirewallMode = 0; uint FirewallRef; Queue* FirewallQ; uint BufferChanged = 0; // used by firewall UINT HdrInclOptions = FALSE; LinkEntry *Link = NULL; IPAddr LinkNextHop; void *ArpCtxt = NULL; RouteCacheEntry *RoutedRCE = NULL; void *pvTmpBuffer; uint ConstrainIF; IPSInfo.ipsi_outrequests++; // Check the request length. If it is > max that can be sent // in IP fail this request. if (OptInfo->ioi_hdrincl) { // // In the case of header include, DataSize includes // IP header length and option length. // if ((int)DataSize > MAX_TOTAL_LENGTH) { IPSInfo.ipsi_outdiscards++; return IP_PACKET_TOO_BIG; } } else if ((int)DataSize > (MAX_TOTAL_LENGTH - (sizeof(IPHeader) + (OptInfo->ioi_options ? OptInfo->ioi_optlength : 0)))) { IPSInfo.ipsi_outdiscards++; return IP_PACKET_TOO_BIG; } if ((DataSize == 0) && OptInfo->ioi_hdrincl) { // There is nothing to send, not even just IP header! IPSInfo.ipsi_outdiscards++; return IP_SUCCESS; } FirewallMode = ProcessFirewallQ(); DEBUGMSG(DBG_TRACE && DBG_IP && DBG_TX, (DTEXT("+IPTransmit(%x, %x, %x, %d, %x, %x, %x, %x, %x)\n"), Context, SendContext, Buffer, DataSize, Dest, Source, OptInfo, RCE, Protocol)); // // fIpsec is set if and only if this is called by IPSec driver. // fIpsec = (OptInfo->ioi_flags & IP_FLAG_IPSEC); // // Allocate a packet that we need for all cases, and fill // in the common stuff. If everything goes well, we'll send it // here. Otherwise we'll break out into special case code for // broadcasts, fragments, etc. // Packet = GetIPPacket(); if (Packet == NULL) { // Need to call ipsec's xmitdone since it expects us to do so if (fIpsec) { (PInfo->pi_xmitdone)(SendContext, Buffer, IP_NO_RESOURCES); } IPSInfo.ipsi_outdiscards++; return IP_NO_RESOURCES; } #if !MILLEN //Enable this in Millennium when ndis5.1 is checked in SET_CANCELID(Irp, Packet); #endif pc = (PacketContext *) Packet->ProtocolReserved; ASSERT(pc->pc_firewall == NULL); ASSERT(pc->pc_firewall2 == NULL); pc->pc_br = (BufferReference *) NULL; pc->pc_pi = PInfo; pc->pc_context = SendContext; ASSERT(pc->pc_if == NULL); ASSERT(pc->pc_iflink == NULL); pc->pc_firewall = NULL; pc->pc_firewall2 = NULL; pc->pc_ipsec_flags = 0; pc->pc_hdrincl = NULL; // // This might be called from IPSEC also; in this case, Protocol will // indicate so. The entire IP packet is in Buffer and all we need to // do is find the best route and ship it. // if (fIpsec) { ULONG len; ASSERT(Context); DEBUGMSG(DBG_INFO && DBG_IP && DBG_TX, (DTEXT("IPTransmit: ipsec....\n"))); pc->pc_common.pc_IpsecCtx = SendContext; pc->pc_common.pc_flags |= PACKET_FLAG_IPHDR; FirstHop = NULL_IP_ADDR; // // IPH is at head of first buffer // TcpipQueryBuffer(Buffer, (PVOID) & IPH, (PUINT) &len, NormalPagePriority); if (IPH == NULL) { FreeIPPacket(Packet, TRUE, IP_NO_RESOURCES); return IP_NO_RESOURCES; } NdisChainBufferAtBack(Packet, Buffer); // // Save packet header in the reinject case for potential // Path MTU discovery use. We need to save the original IPH since // the header can be modified when going through IPSEC again. // if (IPH->iph_offset & IP_DF_FLAG) { PUCHAR pTpt; ULONG tptLen; ULONG HeaderLength; *((IPHeader *) saveIPH) = *IPH; HeaderLength = (IPH->iph_verlen & (uchar) ~ IP_VER_FLAG) << 2; if (HeaderLength > sizeof(IPHeader)) { TcpipQueryBuffer(NDIS_BUFFER_LINKAGE(NDIS_BUFFER_LINKAGE(Buffer)), &pTpt, (PUINT) &tptLen, NormalPagePriority); } else { TcpipQueryBuffer(NDIS_BUFFER_LINKAGE(Buffer), &pTpt, (PUINT) &tptLen, NormalPagePriority); } if (pTpt == NULL) { FreeIPPacket(Packet, TRUE, IP_NO_RESOURCES); return IP_NO_RESOURCES; } // // Copy Options if any. // if (OptInfo->ioi_options) { ASSERT(HeaderLength == (sizeof(IPHeader) + OptInfo->ioi_optlength)); RtlCopyMemory(saveIPH + sizeof(IPHeader), OptInfo->ioi_options, OptInfo->ioi_optlength); } RtlCopyMemory((PUCHAR) saveIPH + HeaderLength, pTpt, MIN(ICMP_HEADER_SIZE, tptLen)); } // // Attach the IPSecPktInfo and/or TcpipPktInfo passed in to Packet's // NDIS extension structure. // if (OptInfo->ioi_options) { PNDIS_PACKET_EXTENSION PktExt; PktExt = NDIS_PACKET_EXTENSION_FROM_PACKET(Packet); PktExt->NdisPacketInfo[IpSecPacketInfo] = ((PNDIS_PACKET_EXTENSION) OptInfo->ioi_options)-> NdisPacketInfo[IpSecPacketInfo]; PktExt->NdisPacketInfo[TcpIpChecksumPacketInfo] = ((PNDIS_PACKET_EXTENSION) OptInfo->ioi_options)-> NdisPacketInfo[TcpIpChecksumPacketInfo]; OptInfo->ioi_options = NULL; } goto ipsec_jump; } else { pc->pc_common.pc_IpsecCtx = NULL; } // Make sure that we have an RCE, that it's valid, etc. #if GPC // Check GPC handle if (OptInfo->ioi_GPCHandle) { NDIS_PER_PACKET_INFO_FROM_PACKET(Packet, ClassificationHandlePacketInfo) = IntToPtr(OptInfo->ioi_GPCHandle); //tos info is handled in protocol } #endif if ((RCE != NULL) && !(RCE->rce_flags & RCE_LINK_DELETED)) { DEBUGMSG(DBG_INFO && DBG_IP && DBG_TX, (DTEXT("IPTransmit: RCE %x\n"), RCE)); // We have an RCE. Make sure it's valid. CTEGetLock(&RCE->rce_lock, &LockHandle); if (RCE->rce_flags == RCE_ALL_VALID) { ASSERT(RCE->rce_cnt > 0); // The RTE is valid. CTEInterlockedIncrementLong(&RCE->rce_usecnt); RTE = RCE->rce_rte; FirstHop = ADDR_FROM_RTE(RTE, Dest); DestIF = IF_FROM_RTE(RTE); RoutedRCE = RCE; if (DestIF->if_flags & IF_FLAGS_P2MP) { Link = RTE->rte_link; if (!Link) { ASSERT(Link); CTEFreeLock(&RCE->rce_lock, LockHandle); FreeIPPacket(Packet, TRUE, IP_GENERAL_FAILURE); CTEInterlockedDecrementLong(&RCE->rce_usecnt); return IP_GENERAL_FAILURE; } ArpCtxt = Link->link_arpctxt; MTU = MIN(Link->link_mtu, DestIF->if_mtu); // pc_iflink stores a pointer to Link since sendcomplete // has to deref it // pc->pc_iflink = Link; CTEInterlockedIncrementLong(&Link->link_refcount); } else { MTU = MTU_FROM_RTE(RTE); } CTEFreeLock(&RCE->rce_lock, LockHandle); // // Check that we have no options, this isn't a broadcast, and // that everything will fit into one link level MTU. If this // is the case, we'll send it in a hurry. // if FirewallMode is set, bail out to slow path. The reason // is that if firewall hook adds options or increases the // buffer size to more than MTU in fast path, we have to go to // slow path and things becomes messy. // if ((OptInfo->ioi_options == (uchar *) NULL) && (!(*IPSecQueryStatusPtr)(OptInfo->ioi_GPCHandle)) && (!FirewallMode)) { if (!IS_BCAST_DEST(RCE->rce_dtype)) { if (DataSize <= MTU) { // update mcast counters if (IS_MCAST_DEST(RCE->rce_dtype)){ DestIF->if_OutMcastPkts++; DestIF->if_OutMcastOctets += DataSize; } else if (OptInfo->ioi_ttl && !DestIF->if_promiscuousmode) { // Tell NDIS not to loop the packet back to us // on our binding, since: // * it's a unicast transmission // * its TTL is non-zero // * its outgoing interface is not in promiscuous // mode. NdisSetPacketFlags(Packet, NDIS_FLAGS_DONT_LOOPBACK); } // Check if user is supplying the IP header if (!OptInfo->ioi_hdrincl) { NdisAdjustBufferLength(Buffer, NdisBufferLength(Buffer) + sizeof(IPHeader)); NdisChainBufferAtBack(Packet, Buffer); IPH = (IPHeader *) TcpipBufferVirtualAddress(Buffer, NormalPagePriority); if (IPH == NULL) { FreeIPPacket(Packet, TRUE, IP_NO_RESOURCES); if (Link) { DerefLink(Link); } CTEInterlockedDecrementLong(&RCE->rce_usecnt); return IP_NO_RESOURCES; } IPH->iph_protocol = Protocol; IPH->iph_xsum = 0; IPH->iph_dest = Dest; IPH->iph_src = Source; IPH->iph_ttl = OptInfo->ioi_ttl; if (OptInfo->ioi_ttl == 0) { NdisSetPacketFlags(Packet, NDIS_FLAGS_LOOPBACK_ONLY); } IPH->iph_tos = OptInfo->ioi_tos; IPH->iph_offset = net_short((OptInfo->ioi_flags & IP_FLAG_DF) << 13); IPH->iph_id = (ushort) InterlockedExchangeAdd( (PLONG) &IPIDCacheLine.Value, 1); IPH->iph_id = net_short(IPH->iph_id); IPH->iph_verlen = DEFAULT_VERLEN; IPH->iph_length = net_short(DataSize + sizeof(IPHeader)); if (!IPSecStatus) { RCE->rce_OffloadFlags = DestIF->if_OffloadFlags; } else { RCE->rce_OffloadFlags = 0; } if (IPSecStatus || !(DestIF->if_OffloadFlags & IP_XMT_CHECKSUM_OFFLOAD)) { IPH->iph_xsum = ~xsum(IPH, sizeof(IPHeader)); } if (!IPSecStatus && ((DestIF->if_OffloadFlags & IP_XMT_CHECKSUM_OFFLOAD) || (DestIF->if_OffloadFlags & TCP_XMT_CHECKSUM_OFFLOAD))) { PNDIS_PACKET_EXTENSION PktExt; NDIS_TCP_IP_CHECKSUM_PACKET_INFO ChksumPktInfo; PktExt = NDIS_PACKET_EXTENSION_FROM_PACKET(Packet); ChksumPktInfo.Value = 0; ChksumPktInfo.Transmit.NdisPacketChecksumV4 = 1; if (DestIF->if_OffloadFlags & IP_XMT_CHECKSUM_OFFLOAD) { ChksumPktInfo.Transmit.NdisPacketIpChecksum = 1; } if (OptInfo->ioi_TcpChksum) { ChksumPktInfo.Transmit.NdisPacketTcpChecksum = 1; } PktExt->NdisPacketInfo[TcpIpChecksumPacketInfo] = UlongToPtr(ChksumPktInfo.Value); #if DBG DbgIPSendHwChkSum++; #endif } } else { //hdrincl PNDIS_BUFFER UserBuffer; uint len; NdisChainBufferAtBack(Packet, Buffer); UserBuffer = NDIS_BUFFER_LINKAGE(Buffer); DataSize -= NdisBufferLength(Buffer); ASSERT((long)DataSize >= 0); NdisAdjustBufferLength(Buffer, 0); ASSERT(UserBuffer != NULL); IPH = (IPHeader *) TcpipBufferVirtualAddress(UserBuffer, NormalPagePriority); if (IPH != NULL && DataSize >= sizeof(IPHeader) && ((len = IPH->iph_verlen & 0xf)*4) <= DataSize ) { if (!IPH->iph_id) { IPH->iph_id = (ushort)InterlockedExchangeAdd( (PLONG) &IPIDCacheLine.Value, 1); IPH->iph_id = net_short(IPH->iph_id); } IPH->iph_length = net_short(DataSize); IPH->iph_tos = OptInfo->ioi_tos; IPH->iph_xsum = 0; IPH->iph_xsum = ~xsum(IPH, len * 4); } else { SendStatus = (IPH == NULL) ? IP_NO_RESOURCES : IP_GENERAL_FAILURE; FreeIPPacket(Packet, TRUE, SendStatus); if (Link) { DerefLink(Link); } CTEInterlockedDecrementLong(&RCE->rce_usecnt); return SendStatus; } IPH->iph_id = (ushort)InterlockedExchangeAdd( (PLONG) &IPIDCacheLine.Value, 1); IPH->iph_id = net_short(IPH->iph_id); len = IPH->iph_verlen & 0xf; ((IPHeader UNALIGNED*)IPH)->iph_length = net_short(DataSize); IPH->iph_tos = OptInfo->ioi_tos; ((IPHeader UNALIGNED*)IPH)->iph_xsum = 0; ((IPHeader UNALIGNED*)IPH)->iph_xsum = ~xsum(IPH, len * 4); ASSERT(!dbg_hdrincl); } // See if we need to filter this packet. If we // do, call the filter routine to see if it's // OK to send it. if (!RefPtrValid(&FilterRefPtr)) { // Set the cancellation context // Once link level call is made, // Irp can go away any time SET_CANCEL_CONTEXT(Irp, DestIF); Status = (*(DestIF->if_xmit)) (DestIF->if_lcontext, &Packet, 1, FirstHop, RCE, ArpCtxt); CTEInterlockedDecrementLong(&RCE->rce_usecnt); if (Status != NDIS_STATUS_PENDING) { SendStatus = (Status == NDIS_STATUS_FAILURE) ? IP_GENERAL_FAILURE : IP_SUCCESS; FreeIPPacket(Packet, TRUE, SendStatus); if (Link) { DerefLink(Link); } return SendStatus; } return IP_PENDING; } else { PNDIS_BUFFER pDataBuffer; PVOID pvBuf = NULL; ULONG cbBuf = 0; if (DestIF->if_flags & IF_FLAGS_P2MP) { LinkNextHop = Link->link_NextHop; } else { LinkNextHop = NULL_IP_ADDR; } // // There are three cases which need to be // taken care of here: // 1) Normal path. Buffer contains both // IPHeader and header from TCP/UDP, etc. // 2) Raw. Buffer contains IPHeader only. // Need to get next data in chain from // linked buffer. // 3) Raw - iphdrinclude. Buffer length is // 0. Need to get IPHeader and next // header from linked buffer. // // Use the byte count of the first buffer // to determine the case to handle. // if (NdisBufferLength(Buffer) > sizeof(IPHeader)) { // Case 1. pvBuf = (PVOID) (IPH + 1); cbBuf = NdisBufferLength(Buffer) - sizeof(IPHeader); } else { // Need to skip to the next buffer. NdisGetNextBuffer(Buffer, &pDataBuffer); if (pDataBuffer) { if (NdisBufferLength(Buffer) == 0) { // Case 3. cbBuf = NdisBufferLength(pDataBuffer) - sizeof(IPHeader); pvBuf = (PVOID) (IPH + 1); } else { // Case 2. ASSERT(NdisBufferLength(Buffer) == sizeof(IPHeader)); cbBuf = NdisBufferLength(pDataBuffer); pvBuf = TcpipBufferVirtualAddress( pDataBuffer, NormalPagePriority); } } else { // Should always have two buffers in // chain at this point! ASSERT(FALSE); } } if (pvBuf == NULL) { IPSInfo.ipsi_outdiscards++; FreeIPPacket(Packet, TRUE, IP_NO_RESOURCES); if (Link) { DerefLink(Link); } CTEInterlockedDecrementLong(&RCE->rce_usecnt); return IP_NO_RESOURCES; } FilterPtr = AcquireRefPtr(&FilterRefPtr); Action = (*FilterPtr) (IPH, pvBuf, cbBuf, INVALID_IF_INDEX, DestIF->if_index, NULL_IP_ADDR, LinkNextHop); ReleaseRefPtr(&FilterRefPtr); if (Action == FORWARD) { // Set the cancellation context // Once link level call is made, // Irp can go away any time SET_CANCEL_CONTEXT(Irp, DestIF); Status = (*(DestIF->if_xmit)) ( DestIF->if_lcontext, &Packet, 1, FirstHop, RCE, ArpCtxt); } else { Status = NDIS_STATUS_SUCCESS; IPSInfo.ipsi_outdiscards++; } // if (Action == FORWARD) CTEInterlockedDecrementLong(&RCE->rce_usecnt); if (Status != NDIS_STATUS_PENDING) { SendStatus = (Status == NDIS_STATUS_FAILURE) ? IP_GENERAL_FAILURE : IP_SUCCESS; FreeIPPacket(Packet, TRUE, SendStatus); if (Link) { DerefLink(Link); } return SendStatus; } return IP_PENDING; } } } } if (RCE && IPSecStatus) { RCE->rce_OffloadFlags = 0; } // CTEInterlockedDecrementLong(&RCE->rce_usecnt); DType = RCE->rce_dtype; } else { uint IPHdrSize, BufLength; IPHdrSize = sizeof(IPHeader); //If user supplied header, account for it. //This is to satisfy DoDcallout //may not be necessary... if (OptInfo->ioi_hdrincl) { IPHdrSize = 0; } // We have an RCE, but there is no RTE for it. Call the // routing code to fix this. CTEFreeLock(&RCE->rce_lock, LockHandle); BufLength = NdisBufferLength(Buffer); if ((BufLength == 0) && DataSize) { PNDIS_BUFFER NextBuffer = NULL; // Get the virtual address of user buffer // which is after null transport header NdisGetNextBuffer(Buffer, &NextBuffer); ASSERT(NextBuffer != NULL); pvTmpBuffer = TcpipBufferVirtualAddress(NextBuffer, NormalPagePriority); BufLength = NdisBufferLength(NextBuffer); // Since this is raw socket, just pass the raw data // to Dod Callout, instead of pointing beyond header // size. IPHdrSize = 0; } else { pvTmpBuffer = TcpipBufferVirtualAddress(Buffer, NormalPagePriority); BufLength = NdisBufferLength(Buffer); } if (pvTmpBuffer == NULL) { IPSInfo.ipsi_outdiscards++; FreeIPPacket(Packet, TRUE, IP_NO_RESOURCES); return IP_NO_RESOURCES; } if (!AttachRCEToRTE(RCE, Protocol, (uchar *) pvTmpBuffer + IPHdrSize, BufLength)) { IPSInfo.ipsi_outnoroutes++; FreeIPPacket(Packet, TRUE, IP_DEST_HOST_UNREACHABLE); return IP_DEST_HOST_UNREACHABLE; } // See if the RCE is now valid. CTEGetLock(&RCE->rce_lock, &LockHandle); if (RCE->rce_flags == RCE_ALL_VALID) { // The RCE is now valid, so use his info. RTE = RCE->rce_rte; FirstHop = ADDR_FROM_RTE(RTE, Dest); DestIF = IF_FROM_RTE(RTE); RoutedRCE = RCE; CTEInterlockedIncrementLong(&RCE->rce_usecnt); if (DestIF->if_flags & IF_FLAGS_P2MP) { LinkEntry* PrevLink; PrevLink = Link; Link = RTE->rte_link; if (!Link) { ASSERT(Link); CTEFreeLock(&RCE->rce_lock, LockHandle); FreeIPPacket(Packet, TRUE, IP_GENERAL_FAILURE); if (RoutedRCE) { CTEInterlockedDecrementLong(&RoutedRCE->rce_usecnt); } // // Dereferenc previous link before we return. // if (PrevLink) { DerefLink(PrevLink); } return IP_GENERAL_FAILURE; } ArpCtxt = Link->link_arpctxt; MTU = MIN(Link->link_mtu, DestIF->if_mtu); pc->pc_iflink = Link; CTEInterlockedIncrementLong(&Link->link_refcount); } else { MTU = MTU_FROM_RTE(RTE); } DType = RCE->rce_dtype; if (RTE->rte_if) { RCE->rce_TcpDelAckTicks = RTE->rte_if->if_TcpDelAckTicks; RCE->rce_TcpAckFrequency = RTE->rte_if->if_TcpAckFrequency; } else { RCE->rce_TcpDelAckTicks = 0; RCE->rce_TcpAckFrequency = 0; } if (!IPSecStatus) { RCE->rce_OffloadFlags = RTE->rte_if->if_OffloadFlags; } else { RCE->rce_OffloadFlags = 0; } } else FirstHop = NULL_IP_ADDR; CTEFreeLock(&RCE->rce_lock, LockHandle); } } else { // We had no RCE, so we'll have to look it up the hard way. FirstHop = NULL_IP_ADDR; } DEBUGMSG(DBG_INFO && DBG_IP && DBG_TX, (DTEXT("IPTransmit: Bailed to slow path.\n"))); // We bailed out of the fast path for some reason. Allocate a header // buffer, and copy the data in the first buffer forward. Then figure // out why we're off the fast path, and deal with it. If we don't have // the next hop info, look it up now. //If user has supplied the IP header, assume that he is taken care //of options too. NdisReinitializePacket(Packet); if (!OptInfo->ioi_hdrincl) { HeaderBuffer = GetIPHdrBuffer(&IPH); if (HeaderBuffer == NULL) { FreeIPPacket(Packet, TRUE, IP_NO_RESOURCES); if (Link) { DerefLink(Link); } IPSInfo.ipsi_outdiscards++; if (RoutedRCE) { CTEInterlockedDecrementLong(&RoutedRCE->rce_usecnt); } DEBUGMSG(DBG_WARN && DBG_IP && DBG_TX, (DTEXT("IPTransmit: failure to allocate IP hdr.\n"))); return IP_NO_RESOURCES; } else { uchar *Temp1, *Temp2; // Got a buffer, copy the upper layer data forward. Temp1 = TcpipBufferVirtualAddress(Buffer, NormalPagePriority); if (Temp1 == NULL) { FreeIPHdrBuffer(HeaderBuffer); FreeIPPacket(Packet, TRUE, IP_NO_RESOURCES); if (Link) { DerefLink(Link); } IPSInfo.ipsi_outdiscards++; if (RoutedRCE) { CTEInterlockedDecrementLong(&RoutedRCE->rce_usecnt); } return IP_NO_RESOURCES; } Temp2 = Temp1 + sizeof(IPHeader); RtlMoveMemory(Temp1, Temp2, NdisBufferLength(Buffer)); } DEBUGMSG(DBG_INFO && DBG_IP && DBG_TX, (DTEXT("IPTransmit: Pkt %x IPBuf %x IPH %x\n"), Packet, HeaderBuffer, IPH)); NdisChainBufferAtBack(Packet, HeaderBuffer); IPH->iph_protocol = Protocol; IPH->iph_xsum = 0; IPH->iph_src = Source; IPH->iph_ttl = OptInfo->ioi_ttl; if (OptInfo->ioi_ttl == 0) { NdisSetPacketFlags(Packet, NDIS_FLAGS_LOOPBACK_ONLY); } IPH->iph_tos = OptInfo->ioi_tos; IPH->iph_offset = net_short((OptInfo->ioi_flags & IP_FLAG_DF) << 13); IPH->iph_id = (ushort) InterlockedExchangeAdd( (PLONG) &IPIDCacheLine.Value, 1); IPH->iph_id = net_short(IPH->iph_id); pc = (PacketContext *) Packet->ProtocolReserved; pc->pc_common.pc_flags |= PACKET_FLAG_IPHDR; if (IP_ADDR_EQUAL(OptInfo->ioi_addr, NULL_IP_ADDR)) { IPH->iph_dest = Dest; } else { if (IPSecHandlerPtr) { UCHAR Length; ULONG Index = 0; PUCHAR pOptions = OptInfo->ioi_options; // // Search for the last hop gateway address in strict // or loose source routing option. // while (Index < OptInfo->ioi_optlength) { switch (*pOptions) { case IP_OPT_EOL: Index = OptInfo->ioi_optlength; break; case IP_OPT_NOP: Index++; pOptions++; break; case IP_OPT_LSRR: case IP_OPT_SSRR: Length = pOptions[IP_OPT_LENGTH]; pOptions += Length; fSrcRoute = TRUE; SrcRouteOrigDest = *((IPAddr UNALIGNED *)(pOptions - sizeof(IPAddr))); Index = OptInfo->ioi_optlength; break; case IP_OPT_RR: case IP_OPT_TS: case IP_OPT_ROUTER_ALERT: case IP_OPT_SECURITY: default: Length = pOptions[IP_OPT_LENGTH]; Index += Length; pOptions += Length; break; } } } // // We have a source route, so we need to redo the // destination and first hop information. // Dest = OptInfo->ioi_addr; IPH->iph_dest = Dest; if (RCE != NULL) { // We have an RCE. Make sure it's valid. CTEGetLock(&RCE->rce_lock, &LockHandle); if (RCE->rce_flags == RCE_ALL_VALID) { // The RTE is valid. RTE = RCE->rce_rte; FirstHop = ADDR_FROM_RTE(RTE, Dest); DestIF = IF_FROM_RTE(RTE); if (!RoutedRCE) { CTEInterlockedIncrementLong(&RCE->rce_usecnt); RoutedRCE = RCE; } if (DestIF->if_flags & IF_FLAGS_P2MP) { LinkEntry* PrevLink; PrevLink = Link; Link = RTE->rte_link; if (!Link) { ASSERT(Link); CTEFreeLock(&RCE->rce_lock, LockHandle); FreeIPPacket(Packet, TRUE, IP_GENERAL_FAILURE); if (RoutedRCE) { CTEInterlockedDecrementLong(&RoutedRCE->rce_usecnt); } if (PrevLink) { DerefLink(PrevLink); } return IP_GENERAL_FAILURE; } ArpCtxt = Link->link_arpctxt; MTU = MIN(Link->link_mtu, DestIF->if_mtu); pc->pc_iflink = Link; CTEInterlockedIncrementLong(&Link->link_refcount); } else { MTU = MTU_FROM_RTE(RTE); } } else { FirstHop = NULL_IP_ADDR; } CTEFreeLock(&RCE->rce_lock, LockHandle); } } } else { //hdrincl option PNDIS_BUFFER UserBuffer, NewBuffer = NULL, NextBuf = NULL; uint len; NDIS_STATUS NewStatus; UserBuffer = NDIS_BUFFER_LINKAGE(Buffer); ASSERT(UserBuffer != NULL); HeaderBuffer = GetIPHdrBuffer(&IPH); if (HeaderBuffer == NULL) { FreeIPPacket(Packet, TRUE, IP_NO_RESOURCES); if (Link) { DerefLink(Link); } IPSInfo.ipsi_outdiscards++; if (RoutedRCE) { CTEInterlockedDecrementLong(&RoutedRCE->rce_usecnt); } return IP_NO_RESOURCES; } else { uchar *UserData; // Got a buffer, copy the upper layer data forward. UserData = TcpipBufferVirtualAddress(UserBuffer, NormalPagePriority); if (UserData == NULL || (DataSize < sizeof(IPHeader))) { FreeIPHdrBuffer(HeaderBuffer); FreeIPPacket(Packet, TRUE, IP_NO_RESOURCES); if (Link) { DerefLink(Link); } IPSInfo.ipsi_outdiscards++; if (RoutedRCE) { CTEInterlockedDecrementLong(&RoutedRCE->rce_usecnt); } return IP_NO_RESOURCES; } RtlCopyMemory(IPH, UserData, sizeof(IPHeader)); NdisAdjustBufferLength(HeaderBuffer, sizeof(IPHeader)); } pc = (PacketContext *) Packet->ProtocolReserved; pc->pc_common.pc_flags |= PACKET_FLAG_IPHDR; NdisChainBufferAtBack(Packet, HeaderBuffer); // find the header length (in bytes) specified in IPHeader len = (IPH->iph_verlen & 0xf) << 2; if (len < sizeof(IPHeader)) { // Fixup of headers is not needed as this is headerinclude // packet and header include operation is not done yet FreeIPPacket(Packet, FALSE, IP_GENERAL_FAILURE); if (Link) { DerefLink(Link); } IPSInfo.ipsi_outdiscards++; if (RoutedRCE) { CTEInterlockedDecrementLong(&RoutedRCE->rce_usecnt); } return IP_GENERAL_FAILURE; } if (len > sizeof(IPHeader)) { uchar *Temp1; // we have options in HDR_INCL HdrInclOptions = TRUE; // find the length of options. OptionSize = len - sizeof(IPHeader); Options = CTEAllocMemN(OptionSize, 'wiCT'); if (Options == (uchar *) NULL) { FreeIPPacket(Packet, TRUE, IP_NO_RESOURCES); if (Link) { DerefLink(Link); } IPSInfo.ipsi_outdiscards++; if (RoutedRCE) { CTEInterlockedDecrementLong(&RoutedRCE->rce_usecnt); } return IP_NO_RESOURCES; } // Got a buffer, copy the options in Options Buffer Temp1 = TcpipBufferVirtualAddress(UserBuffer, NormalPagePriority); // Assume first user buffer contains complete IP header if (Temp1 == NULL || NdisBufferLength(UserBuffer) < len) { SendStatus = (Temp1 == NULL) ? IP_NO_RESOURCES : IP_GENERAL_FAILURE; FreeIPPacket(Packet, TRUE, SendStatus); if (Link) { DerefLink(Link); } CTEFreeMem(Options); IPSInfo.ipsi_outdiscards++; if (RoutedRCE) { CTEInterlockedDecrementLong(&RoutedRCE->rce_usecnt); } return SendStatus; } RtlCopyMemory(Options, Temp1 + sizeof(IPHeader), OptionSize); } DataSize -= NdisBufferLength(Buffer) + len; // // Map out the post-IP header portion // pvTmpBuffer = TcpipBufferVirtualAddress(UserBuffer, NormalPagePriority); if (pvTmpBuffer == NULL) { NewStatus = NDIS_STATUS_RESOURCES; } else { // If user header buffer is just the length of IP header // check for NextBuf NextBuf = NDIS_BUFFER_LINKAGE(UserBuffer); if ((NdisBufferLength(UserBuffer) - len)) { NdisAllocateBuffer(&NewStatus, &NewBuffer, BufferPool, ((uchar *) pvTmpBuffer) + len, NdisBufferLength(UserBuffer) - len); } else { if (NextBuf) { pvTmpBuffer = TcpipBufferVirtualAddress(NextBuf, NormalPagePriority); if (!pvTmpBuffer) { NewStatus = NDIS_STATUS_RESOURCES; } else { NdisAllocateBuffer(&NewStatus, &NewBuffer, BufferPool, ((uchar *) pvTmpBuffer), NdisBufferLength(NextBuf)); // // Advance the NextBuf pointer to next buffer in chain. // NextBuf = NDIS_BUFFER_LINKAGE(NextBuf); } } else { NewStatus = NDIS_STATUS_FAILURE; } } } if (NewStatus != NDIS_STATUS_SUCCESS) { FreeIPPacket(Packet, TRUE, IP_NO_RESOURCES); if (Link) { DerefLink(Link); } if (HdrInclOptions) { CTEFreeMem(Options); } IPSInfo.ipsi_outdiscards++; if (RoutedRCE) { CTEInterlockedDecrementLong(&RoutedRCE->rce_usecnt); } return IP_NO_RESOURCES; } // Remember the orignal usermdl // Once this ip allocated mdl is chained, // original chain needs to be restored // in all the completion paths. pc->pc_hdrincl = UserBuffer; NDIS_BUFFER_LINKAGE(Buffer) = NewBuffer; NDIS_BUFFER_LINKAGE(NewBuffer) = NextBuf; NdisAdjustBufferLength(Buffer, 0); if (!IPH->iph_id) { IPH->iph_id = (ushort) InterlockedExchangeAdd( (PLONG) &IPIDCacheLine.Value, 1); IPH->iph_id = net_short(IPH->iph_id); } IPH->iph_length = net_short(DataSize + len); IPH->iph_tos = OptInfo->ioi_tos; IPH->iph_xsum = 0; ASSERT(!dbg_hdrincl); } ipsec_jump: if (RCE) { #if 0 // //If we take slow path for TCP, offload is meaningless //let this packet go with xsum error //rexmitted packet will be okay, if it takes slow path again. // RCE->rce_OffloadFlags = 0; #else if (!fIpsec && OptInfo->ioi_TcpChksum && (RCE->rce_OffloadFlags & TCP_XMT_CHECKSUM_OFFLOAD)) { PNDIS_PACKET_EXTENSION PktExt = NDIS_PACKET_EXTENSION_FROM_PACKET(Packet); PNDIS_TCP_IP_CHECKSUM_PACKET_INFO ChksumPktInfo = (PNDIS_TCP_IP_CHECKSUM_PACKET_INFO) &PktExt->NdisPacketInfo[TcpIpChecksumPacketInfo]; ChksumPktInfo->Value = 0; ChksumPktInfo->Transmit.NdisPacketChecksumV4 = 1; ChksumPktInfo->Transmit.NdisPacketTcpChecksum = 1; } #endif } if (IP_ADDR_EQUAL(FirstHop, NULL_IP_ADDR)) { if (OptInfo->ioi_mcastif) { // // mcastif is set to unnumbered interface, we won't do any // lookup in this case // CTELockHandle TableLock; // Lock handle for routing table. Interface *pIf; CTEGetLock(&RouteTableLock.Lock, &TableLock); for (pIf = IFList; pIf != NULL; pIf = pIf->if_next) { if ((pIf->if_refcount != 0) && (pIf->if_index == OptInfo->ioi_mcastif)) break; } if (pIf && !(pIf->if_iftype & DONT_ALLOW_MCAST)) { LOCKED_REFERENCE_IF(pIf); FirstHop = Dest; MTU = pIf->if_mtu; Link = NULL; DestIF = pIf; } else { DestIF = NULL; } CTEFreeLock(&RouteTableLock.Lock, TableLock); } else { pvTmpBuffer = TcpipBufferVirtualAddress(Buffer, NormalPagePriority); if (pvTmpBuffer == NULL) { if (pc->pc_hdrincl) { NdisChainBufferAtBack(Packet, Buffer); } FreeIPPacket(Packet, TRUE, IP_NO_RESOURCES); if (HdrInclOptions) CTEFreeMem(Options); IPSInfo.ipsi_outdiscards++; return IP_NO_RESOURCES; } // Decide whether to do a strong or weak host lookup ConstrainIF = GetIfConstraint(Dest, Source, OptInfo, fIpsec); DestIF = LookupNextHopWithBuffer(Dest, Source, &FirstHop, &MTU, PInfo->pi_protocol, (uchar *) NdisBufferVirtualAddress(Buffer), NdisBufferLength(Buffer), NULL, &Link, Source, ConstrainIF); DEBUGMSG(DBG_INFO && DBG_IP && DBG_TX, (DTEXT("IPTransmit: LookupNextHopWithBuffer returned %x\n"), DestIF)); } pc->pc_if = DestIF; RoutedIF = DestIF; if (DestIF == NULL) { // Lookup failed. Return an error. if (pc->pc_hdrincl) { NdisChainBufferAtBack(Packet, Buffer); } FreeIPPacket(Packet, TRUE, IP_DEST_HOST_UNREACHABLE); if (HdrInclOptions) CTEFreeMem(Options); IPSInfo.ipsi_outnoroutes++; return IP_DEST_HOST_UNREACHABLE; } if (DestIF->if_flags & IF_FLAGS_P2MP) { if (!Link) { if (pc->pc_hdrincl) { NdisChainBufferAtBack(Packet, Buffer); } FreeIPPacket(Packet, TRUE, IP_GENERAL_FAILURE); if (HdrInclOptions) CTEFreeMem(Options); DerefIF(DestIF); return IP_GENERAL_FAILURE; } // NextHopCtxt = Link->link_NextHop; ArpCtxt = Link->link_arpctxt; pc->pc_iflink = Link; } if (!OptInfo->ioi_hdrincl) { if ((DestIF->if_flags & IF_FLAGS_NOIPADDR) && IP_ADDR_EQUAL(Source, NULL_IP_ADDR)) { IPH->iph_src = g_ValidAddr; if (IP_ADDR_EQUAL(g_ValidAddr, NULL_IP_ADDR)) { FreeIPPacket(Packet, TRUE, IP_DEST_HOST_UNREACHABLE); if (HdrInclOptions) CTEFreeMem(Options); if (Link) { DerefLink(Link); } DerefIF(DestIF); IPSInfo.ipsi_outnoroutes++; return IP_DEST_HOST_UNREACHABLE; } } else { IPH->iph_src = Source; } } DType = GetAddrType(Dest); ASSERT(DType != DEST_INVALID); } else { RoutedIF = NULL; } // // See if we have any options. If we do, copy them now. // // // If user is giving us IP hdr, just assume he has done Options too. // if ((!OptInfo->ioi_hdrincl && (OptInfo->ioi_options != NULL) && OptInfo->ioi_optlength) || HdrInclOptions) { // if HdrInclOptions is TRUE we have already created Options Buffer if (!HdrInclOptions) { // // If we have a SSRR, make sure that we're sending straight to // the first hop. // if (OptInfo->ioi_flags & IP_FLAG_SSRR) { if (!IP_ADDR_EQUAL(Dest, FirstHop)) { FreeIPPacket(Packet, TRUE, IP_DEST_HOST_UNREACHABLE); if (Link) { DerefLink(Link); } if (RoutedIF != NULL) { DerefIF(RoutedIF); } else { ASSERT(RoutedRCE); CTEInterlockedDecrementLong(&RoutedRCE->rce_usecnt); } IPSInfo.ipsi_outnoroutes++; return IP_DEST_HOST_UNREACHABLE; } } Options = CTEAllocMemN(OptionSize = OptInfo->ioi_optlength, 'xiCT'); if (Options == (uchar *) NULL) { FreeIPPacket(Packet, TRUE, IP_NO_RESOURCES); if (Link) { DerefLink(Link); } if (RoutedIF != NULL) { DerefIF(RoutedIF); } else { ASSERT(RoutedRCE); CTEInterlockedDecrementLong(&RoutedRCE->rce_usecnt); } IPSInfo.ipsi_outdiscards++; return IP_NO_RESOURCES; } RtlCopyMemory(Options, OptInfo->ioi_options, OptionSize); } // // Allocate the MDL for options too // if (IPSecHandlerPtr) { NdisAllocateBuffer(&Status, &OptBuffer, BufferPool, Options, OptionSize); if (Status != NDIS_STATUS_SUCCESS) { // Couldn't get the // needed option buffer. CTEFreeMem(Options); FreeIPPacket(Packet, TRUE, IP_NO_RESOURCES); if (Link) { DerefLink(Link); } if (RoutedIF != NULL) { DerefIF(RoutedIF); } else { ASSERT(RoutedRCE); CTEInterlockedDecrementLong(&RoutedRCE->rce_usecnt); } IPSInfo.ipsi_outdiscards++; return IP_NO_RESOURCES; } } } else { Options = (uchar *) NULL; OptionSize = 0; } if (!OptInfo->ioi_hdrincl) { if (!fIpsec) { // // The options have been taken care of. Now see if it's some // sort of broadcast. // IPH->iph_verlen = (UCHAR) (IP_VERSION + ((OptionSize + (uint) sizeof(IPHeader)) >> 2)); IPH->iph_length = net_short(DataSize + OptionSize + sizeof(IPHeader)); } } // Call the firewall hooks if (FirewallMode) { IPRcvBuf *pRcvBuf, *tmpRcvBuf; IPRcvBuf *pOutRcvBuf; FIREWALL_CONTEXT_T FrCtx; PNDIS_BUFFER pBuf; Queue *CurrQ; FIREWALL_HOOK *CurrHook; uint SrcIFIndex = LOCAL_IF_INDEX; uint DestIFIndex = DestIF->if_index; uchar DestinationType = DType; IPHeader *Temp; KIRQL OldIrql; BOOLEAN SkipHeader = TRUE; PNDIS_PACKET_EXTENSION PktExt = NDIS_PACKET_EXTENSION_FROM_PACKET(Packet); PNDIS_TCP_IP_CHECKSUM_PACKET_INFO ChksumPktInfo = (PNDIS_TCP_IP_CHECKSUM_PACKET_INFO) &PktExt->NdisPacketInfo[TcpIpChecksumPacketInfo]; // // Temp will be used to contain complete IPHeader (including // options) When we pass the RcvBuf chain to Firewall hook, its // assumed that whole IPHeader is contained in the first buffer // Temp = CTEAllocMemN(sizeof(IPHeader) + OptionSize, 'yiCT'); if (Temp == NULL) { FREE_RESOURCES(IP_NO_RESOURCES); return IP_NO_RESOURCES; } *Temp = *IPH; if (Options) { RtlCopyMemory((uchar *) (Temp + 1), Options, OptionSize); } // the context we pass to the firewall hook FrCtx.Direction = IP_TRANSMIT; FrCtx.NTE = NULL; //not required FrCtx.LinkCtxt = NULL; // // Convert MDL chain to IPRcvBuf chain // and pass it to the firewall hook // // attach the IP header pRcvBuf = (IPRcvBuf *) (CTEAllocMemN(sizeof(IPRcvBuf), 'ziCT')); if (!pRcvBuf) { CTEFreeMem(Temp); FREE_RESOURCES(IP_NO_RESOURCES); return IP_NO_RESOURCES; } RtlZeroMemory(pRcvBuf, sizeof(IPRcvBuf)); pRcvBuf->ipr_buffer = (uchar *) Temp; pRcvBuf->ipr_size = sizeof(IPHeader) + OptionSize; pRcvBuf->ipr_owner = IPR_OWNER_IP; if (ChksumPktInfo->Value) { pRcvBuf->ipr_flags |= IPR_FLAG_CHECKSUM_OFFLOAD; } pInRcvBuf = pRcvBuf; // convert the MDL chain of buffers to RcvBuf chain // firewall hook understands RcvBuf chain only for (pBuf = Buffer; pBuf != NULL; pBuf = pBuf->Next) { IPRcvBuf *tmpRcvBuf; if (fIpsec && SkipHeader) { // // The first buffer contains IPHeader. // In ipsec re-inject case, pRcvBuf already // points to this. So, skip the first buffer // in Buffer chain. // SkipHeader = FALSE; continue; } if (NdisBufferLength(pBuf) == 0) continue; tmpRcvBuf = (IPRcvBuf *) (CTEAllocMemN(sizeof(IPRcvBuf), '1iCT')); if (!tmpRcvBuf) { IPFreeBuff(pInRcvBuf); CTEFreeMem(Temp); FREE_RESOURCES(IP_NO_RESOURCES); return IP_NO_RESOURCES; } RtlZeroMemory(tmpRcvBuf, sizeof(IPRcvBuf)); tmpRcvBuf->ipr_buffer = TcpipBufferVirtualAddress(pBuf, NormalPagePriority); if (tmpRcvBuf->ipr_buffer == NULL) { CTEFreeMem(tmpRcvBuf); IPFreeBuff(pInRcvBuf); CTEFreeMem(Temp); FREE_RESOURCES(IP_NO_RESOURCES); return IP_NO_RESOURCES; } pRcvBuf->ipr_next = tmpRcvBuf; tmpRcvBuf->ipr_size = NdisBufferLength(pBuf); ASSERT(tmpRcvBuf->ipr_buffer != NULL); ASSERT(tmpRcvBuf->ipr_size != 0); tmpRcvBuf->ipr_owner = IPR_OWNER_IP; if (ChksumPktInfo->Value) { tmpRcvBuf->ipr_flags |= IPR_FLAG_CHECKSUM_OFFLOAD; } pRcvBuf = tmpRcvBuf; } pRcvBuf->ipr_next = NULL; pOutRcvBuf = NULL; pc = (PacketContext *) Packet->ProtocolReserved; // scan the Queue from rear // we scannned the Queue from front in rcv path #if MILLEN KeRaiseIrql(DISPATCH_LEVEL, &OldIrql); #else // MILLEN OldIrql = KeRaiseIrqlToDpcLevel(); #endif // MILLEN FirewallRef = RefFirewallQ(&FirewallQ); CurrQ = QPREV(FirewallQ); while (CurrQ != QEND(FirewallQ)) { CurrHook = QSTRUCT(FIREWALL_HOOK, CurrQ, hook_q); // pOutRcvBuf has to be NULL before we call the firewallhook // pInRcvBuf contains the input buffer chain pOutRcvBuf = NULL; if (fIpsec) { pInRcvBuf->ipr_flags |= IPR_FLAG_IPSEC_TRANSFORMED; } Action = (*CurrHook->hook_Ptr) (&pInRcvBuf, SrcIFIndex, &DestIFIndex, &DestinationType, &FrCtx, sizeof(FrCtx), &pOutRcvBuf); if (Action == DROP) { DerefFirewallQ(FirewallRef); KeLowerIrql(OldIrql); IPSInfo.ipsi_outdiscards++; if (pInRcvBuf != NULL) { IPFreeBuff(pInRcvBuf); } if (pOutRcvBuf != NULL) { IPFreeBuff(pOutRcvBuf); } CTEFreeMem(Temp); FREE_RESOURCES(IP_DEST_HOST_UNREACHABLE); return IP_DEST_HOST_UNREACHABLE; } else { ASSERT(Action == FORWARD); if (pOutRcvBuf != NULL) { // free the old buffer if non NULL if (pInRcvBuf != NULL) { IPFreeBuff(pInRcvBuf); } pInRcvBuf = pOutRcvBuf; BufferChanged = 1; } } // Action == FORWARD CurrQ = QPREV(CurrQ); } DerefFirewallQ(FirewallRef); KeLowerIrql(OldIrql); ASSERT(Action == FORWARD); if (BufferChanged) { // At least one of the firewall hook touched the buffer PNDIS_BUFFER CurrentBuffer; PNDIS_BUFFER tmpBuffer; int Status; uint hlen; // // It is assumed that if first buffer contained just ipheader // before the hook is called, this holds after firewall also // ASSERT(pInRcvBuf->ipr_buffer != NULL); RtlCopyMemory((uchar *) IPH, pInRcvBuf->ipr_buffer, sizeof(IPHeader)); // // we recompute it later on anyway: so if firewall has // recomputed make it 0 // IPH->iph_xsum = 0; // // find the header length (in bytes) specified in IPHeader // hlen = (IPH->iph_verlen & 0xf) << 2; ASSERT(pInRcvBuf->ipr_size == hlen); OptionSize = hlen - sizeof(IPHeader); if (Options) { // we will allocate a new one anyway CTEFreeMem(Options); if (IPSecHandlerPtr) { NdisFreeBuffer(OptBuffer); OptBuffer = NULL; } } if (OptionSize) { Options = CTEAllocMemN(OptionSize, '2iCT'); if (Options == NULL) { if (pc->pc_hdrincl) { NdisChainBufferAtBack(Packet, Buffer); } FreeIPPacket(Packet, TRUE, IP_NO_RESOURCES); CTEFreeMem(Temp); IPFreeBuff(pInRcvBuf); if (Link) { DerefLink(Link); } if (RoutedIF != NULL) { DerefIF(RoutedIF); } else { ASSERT(RoutedRCE); CTEInterlockedDecrementLong(&RoutedRCE->rce_usecnt); } IPSInfo.ipsi_outdiscards++; return IP_NO_RESOURCES; } RtlCopyMemory(Options, pInRcvBuf->ipr_buffer + sizeof(IPHeader), OptionSize); if (IPSecHandlerPtr) { NdisAllocateBuffer(&Status, &OptBuffer, BufferPool, Options, OptionSize); // // If we couldn't get the needed options buffer // if (Status != NDIS_STATUS_SUCCESS) { CTEFreeMem(Options); if (pc->pc_hdrincl) { NdisChainBufferAtBack(Packet, Buffer); } FreeIPPacket(Packet, TRUE, IP_NO_RESOURCES); CTEFreeMem(Temp); IPFreeBuff(pInRcvBuf); if (Link) { DerefLink(Link); } if (RoutedIF != NULL) { DerefIF(RoutedIF); } else { ASSERT(RoutedRCE); CTEInterlockedDecrementLong(&RoutedRCE->rce_usecnt); } IPSInfo.ipsi_outdiscards++; return IP_NO_RESOURCES; } } } else { Options = NULL; } // if packet touched compute the new length: DataSize DataSize = 0; tmpRcvBuf = pInRcvBuf->ipr_next; // First buffer contains // header + options while (tmpRcvBuf != NULL) { ASSERT(tmpRcvBuf->ipr_buffer != NULL); DataSize += tmpRcvBuf->ipr_size; tmpRcvBuf = tmpRcvBuf->ipr_next; } // Convert the IPRcvBuf chain to MDL chain // form the buffer chain again tmpRcvBuf = pInRcvBuf->ipr_next; // first buffer contains // just IP Header + // options, if any ASSERT(tmpRcvBuf->ipr_buffer != NULL); ASSERT(tmpRcvBuf->ipr_size != 0); NdisAllocateBuffer(&Status, &tmpBuffer, BufferPool, tmpRcvBuf->ipr_buffer, tmpRcvBuf->ipr_size); if (Status != NDIS_STATUS_SUCCESS) { if (Options) { // option buffer. CTEFreeMem(Options); if (IPSecHandlerPtr) { NdisFreeBuffer(OptBuffer); } } IPFreeBuff(pInRcvBuf); if (pc->pc_hdrincl) { NdisChainBufferAtBack(Packet, Buffer); } FreeIPPacket(Packet, TRUE, IP_NO_RESOURCES); CTEFreeMem(Temp); if (Link) { DerefLink(Link); } if (RoutedIF != NULL) { DerefIF(RoutedIF); } else { ASSERT(RoutedRCE); CTEInterlockedDecrementLong(&RoutedRCE->rce_usecnt); } IPSInfo.ipsi_outdiscards++; return IP_NO_RESOURCES; } tmpBuffer->Next = (PNDIS_BUFFER) NULL; // // save these 2 in the packet context: will be used in // freeippacket/ipsendcomplete // pc->pc_firewall = Buffer; pc->pc_firewall2 = pInRcvBuf; // Convert the RcvBuf chain back to MDL chain Buffer = tmpBuffer; CurrentBuffer = Buffer; for (tmpRcvBuf = tmpRcvBuf->ipr_next; tmpRcvBuf != NULL; tmpRcvBuf = tmpRcvBuf->ipr_next) { ASSERT(tmpRcvBuf->ipr_buffer != NULL); ASSERT(tmpRcvBuf->ipr_size != 0); if (tmpRcvBuf->ipr_size == 0) continue; NdisAllocateBuffer(&Status, &tmpBuffer, BufferPool, tmpRcvBuf->ipr_buffer, tmpRcvBuf->ipr_size); if (Status != NDIS_STATUS_SUCCESS) { if (Options) { // option buffer. CTEFreeMem(Options); if (IPSecHandlerPtr) { NdisFreeBuffer(OptBuffer); } } CTEFreeMem(Temp); if (pc->pc_hdrincl) { NdisChainBufferAtBack(Packet, Buffer); } else { FreeIPBufferChain(Buffer); } FreeIPPacket(Packet, TRUE, IP_NO_RESOURCES); if (Link) { DerefLink(Link); } if (RoutedIF != NULL) { DerefIF(RoutedIF); } else { ASSERT(RoutedRCE); CTEInterlockedDecrementLong(&RoutedRCE->rce_usecnt); } IPSInfo.ipsi_outdiscards++; return IP_NO_RESOURCES; } CurrentBuffer->Next = tmpBuffer; CurrentBuffer = tmpBuffer; CurrentBuffer->Next = (PNDIS_BUFFER) NULL; } ASSERT(CurrentBuffer->Next == NULL); if (DestinationType == DEST_INVALID) { // recompute DestIF by doing a lookup again Dest = IPH->iph_dest; // Decide whether to do a strong or weak host lookup ConstrainIF = GetIfConstraint(Dest, Source, OptInfo, fIpsec); if (!ConstrainIF) { // // if this option is set, we want to send on the // address we are bound to so don't recompute the // Source address from IP header // Source = IPH->iph_src; } DType = GetAddrType(Dest); if (Link) { DerefLink(Link); // Make sure that pc_iflink is also initialized pc->pc_iflink = NULL; Link = NULL; } if (RoutedIF != NULL) { DerefIF(DestIF); } else { ASSERT(RoutedRCE); CTEInterlockedDecrementLong(&RoutedRCE->rce_usecnt); RoutedRCE = NULL; } pvTmpBuffer = TcpipBufferVirtualAddress(Buffer, NormalPagePriority); if (pvTmpBuffer == NULL) { if (Options) { CTEFreeMem(Options); } if (pc->pc_hdrincl) { NdisChainBufferAtBack(Packet, Buffer); } else { if (BufferChanged) { FreeIPBufferChain(Buffer); } } FreeIPPacket(Packet, TRUE, IP_NO_RESOURCES); IPSInfo.ipsi_outdiscards++; return IP_NO_RESOURCES; } // Decide whether to do a strong or weak host lookup ConstrainIF = GetIfConstraint(Dest, Source, OptInfo, fIpsec); DestIF = LookupNextHopWithBuffer(Dest, Source, &FirstHop, &MTU, PInfo->pi_protocol, (uchar *) NdisBufferVirtualAddress(Buffer), NdisBufferLength(Buffer), NULL, &Link, Source, ConstrainIF); pc->pc_if = DestIF; RoutedIF = DestIF; if (DestIF == NULL) { // Lookup failed. Return an error. if (Options) { CTEFreeMem(Options); } if (IPSecHandlerPtr && OptBuffer) { NdisFreeBuffer(OptBuffer); } if (pc->pc_hdrincl) { NdisChainBufferAtBack(Packet, Buffer); } else { if (BufferChanged) { FreeIPBufferChain(Buffer); } } FreeIPPacket(Packet, TRUE, IP_DEST_HOST_UNREACHABLE); IPSInfo.ipsi_outnoroutes++; return IP_DEST_HOST_UNREACHABLE; } if (DestIF->if_flags & IF_FLAGS_P2MP) { if (!Link) { ASSERT(Link); if (pc->pc_hdrincl) { NdisChainBufferAtBack(Packet, Buffer); } if (Options) { CTEFreeMem(Options); } if (IPSecHandlerPtr && OptBuffer) { NdisFreeBuffer(OptBuffer); } FreeIPPacket(Packet, TRUE, IP_GENERAL_FAILURE); if (HdrInclOptions) { CTEFreeMem(Options); } DerefIF(DestIF); return IP_GENERAL_FAILURE; } // NextHopCtxt = Link->link_NextHop; ArpCtxt = Link->link_arpctxt; pc->pc_iflink = Link; } } // Finally, clear the checksum-request option in the packet, // if it was set. The firewall-hook is responsible for ensuring // that the checksum has now been computed correctly. ChksumPktInfo->Value = 0; } // BufferChanged else { // Buffer not changed if (pInRcvBuf != NULL) { IPFreeBuff(pInRcvBuf); } } CTEFreeMem(Temp); } if (RefPtrValid(&FilterRefPtr)) { IPHeader *Temp; PNDIS_BUFFER pDataBuffer; PVOID pvBuf = NULL; ULONG cbBuf = 0; // // See if we need to filter this packet. If we // do, call the filter routine to see if it's // OK to send it. // if (Options == NULL) { Temp = IPH; } else { Temp = CTEAllocMemN(sizeof(IPHeader) + OptionSize, '3iCT'); if (Temp == NULL) { if (pc->pc_hdrincl) { NdisChainBufferAtBack(Packet, Buffer); } else { if (BufferChanged) { FreeIPBufferChain(Buffer); } } FreeIPPacket(Packet, TRUE, IP_NO_RESOURCES); if (Link) { DerefLink(Link); } if (RoutedIF != NULL) { DerefIF(RoutedIF); } else { ASSERT(RoutedRCE); CTEInterlockedDecrementLong(&RoutedRCE->rce_usecnt); } CTEFreeMem(Options); if (IPSecHandlerPtr && OptBuffer) { NdisFreeBuffer(OptBuffer); } IPSInfo.ipsi_outdiscards++; return IP_NO_RESOURCES; } *Temp = *IPH; RtlCopyMemory((uchar *) (Temp + 1), Options, OptionSize); } if (DestIF->if_flags & IF_FLAGS_P2MP) { LinkNextHop = Link->link_NextHop; } else { LinkNextHop = NULL_IP_ADDR; } // // There are some cases where the first buffer in the chain // of data does not contain any data. This includes ICMP, // and iphdrinclude. If the first buffer is zero length, // then we skip and give the second buffer. Really the // filter api should take an MDL chain. // // Also, in the case of Ipsec Re-inject path, need to skip // the first buffer as IPH is already pointing to it. // if ((NdisBufferLength(Buffer) == 0) || fIpsec) { NdisGetNextBuffer(Buffer, &pDataBuffer); if (pDataBuffer) { cbBuf = NdisBufferLength(pDataBuffer); pvBuf = TcpipBufferVirtualAddress(pDataBuffer, NormalPagePriority); } } else { pvBuf = TcpipBufferVirtualAddress(Buffer, NormalPagePriority); cbBuf = NdisBufferLength(Buffer); } if (pvBuf == NULL) { if (Options) { CTEFreeMem(Options); } if (IPSecHandlerPtr && OptBuffer) { NdisFreeBuffer(OptBuffer); } // Need to chain buffers correctly to packet before calling // FreeIPPacket. if (pc->pc_hdrincl) { NdisChainBufferAtBack(Packet, Buffer); } else { if (BufferChanged) { FreeIPBufferChain(Buffer); } } FreeIPPacket(Packet, TRUE, IP_NO_RESOURCES); if (Link) { DerefLink(Link); } if (RoutedIF != NULL) { DerefIF(RoutedIF); } else { ASSERT(RoutedRCE); CTEInterlockedDecrementLong(&RoutedRCE->rce_usecnt); } IPSInfo.ipsi_outdiscards++; return IP_NO_RESOURCES; } FilterPtr = AcquireRefPtr(&FilterRefPtr); Action = (*FilterPtr) (Temp, pvBuf, cbBuf, INVALID_IF_INDEX, DestIF->if_index, NULL_IP_ADDR, LinkNextHop); ReleaseRefPtr(&FilterRefPtr); if (Options != NULL) { CTEFreeMem(Temp); } if (Action != FORWARD) { // // If this is a bcast pkt, dont fail the send here since we might // send this pkt over some other NTE; instead, let SendIPBCast // deal with the Filtering for broadcast pkts. // // NOTE: We shd actually not call into FilterPtr here at // all since we deal with it in BCast, but we do so in order to // avoid a check above and hence // take a double call hit in the bcast case. // if (DType != DEST_BCAST) { if (Options) { CTEFreeMem(Options); } if (IPSecHandlerPtr && OptBuffer) { NdisFreeBuffer(OptBuffer); } // Need to chain buffers correctly to packet before calling // FreeIPPacket. if (pc->pc_hdrincl) { NdisChainBufferAtBack(Packet, Buffer); } else { if (BufferChanged) { FreeIPBufferChain(Buffer); } } FreeIPPacket(Packet, TRUE, IP_DEST_HOST_UNREACHABLE); if (Link) { DerefLink(Link); } if (RoutedIF != NULL) { DerefIF(RoutedIF); } else { ASSERT(RoutedRCE); CTEInterlockedDecrementLong(&RoutedRCE->rce_usecnt); } IPSInfo.ipsi_outdiscards++; return IP_DEST_HOST_UNREACHABLE; } #if FWD_DBG else { DbgPrint("IPTransmit: ignoring return %lx\n", Action); } #endif } } if (IPSecHandlerPtr) { // // See if IPSEC is enabled, see if it needs to do anything with this // packet - we need to construct the full IP header in the first MDL // before we call out to IPSEC. // IPSEC_ACTION Action; ulong csum; PacketContext *pc = (PacketContext *) Packet->ProtocolReserved; // // dont re-xsum if this came from IPSEC. // if (fIpsec) { HeaderBuffer = Buffer; if (OptBuffer) { NdisFreeBuffer(OptBuffer); } OptBuffer = NULL; } else { IPH->iph_xsum = 0; csum = xsum(IPH, sizeof(IPHeader)); // // Link the header buffer to the options buffer before we // indicate to IPSEC // if (OptBuffer) { NDIS_BUFFER_LINKAGE(HeaderBuffer) = OptBuffer; NDIS_BUFFER_LINKAGE(OptBuffer) = Buffer; // // update the xsum in the IP header // pc->pc_common.pc_flags |= PACKET_FLAG_OPTIONS; csum += xsum(Options, OptionSize); csum = (csum >> 16) + (csum & 0xffff); csum += (csum >> 16); } else { NDIS_BUFFER_LINKAGE(HeaderBuffer) = Buffer; } IPH->iph_xsum = ~(ushort) csum; } if ((DataSize + OptionSize) < MTU) { ipsecByteCount = MTU - (DataSize + OptionSize); } ipsecMTU = MTU; // // Pass the original dest address if source routing. // if (fSrcRoute) { SrcRouteFirstHop = IPH->iph_dest; IPH->iph_dest = SrcRouteOrigDest; ipsecFlags |= IPSEC_FLAG_SSRR; } if (DestIF == &LoopInterface) { ipsecFlags |= IPSEC_FLAG_LOOPBACK; } Action = (*IPSecHandlerPtr) ((PUCHAR) IPH, (PVOID) HeaderBuffer, DestIF, Packet, &ipsecByteCount, &ipsecMTU, (PVOID) & newBuf, &ipsecFlags, DType); // // Put back the dest address for source routing. // if (fSrcRoute) { IPH->iph_dest = SrcRouteFirstHop; } if (Action != eFORWARD) { IP_STATUS ipStatus; // // If this is a bcast pkt, dont fail the send here since we // might send this pkt over some other NTE; instead, let // SendIPBCast deal with the Filtering // for broadcast pkts. // Since Options are linked already, FreeIPPacket will do // the right thing. // if (ipsecMTU) { ipStatus = IP_PACKET_TOO_BIG; FreeIPPacket(Packet, TRUE, ipStatus); KdPrintEx((DPFLTR_TCPIP_ID, DPFLTR_INFO_LEVEL,"IPTransmit: MTU %lx, ipsecMTU %lx\n", MTU, ipsecMTU)); if (fIpsec) { SendICMPIPSecErr(DestIF->if_nte->nte_addr, (IPHeader *) saveIPH, ICMP_DEST_UNREACH, FRAG_NEEDED, net_long(ipsecMTU + sizeof(IPHeader))); KdPrintEx((DPFLTR_TCPIP_ID, DPFLTR_INFO_LEVEL,"IPTransmit: Sent ICMP frag_needed to %lx, " "from src: %lx\n", ((IPHeader *) saveIPH)->iph_src, DestIF->if_nte->nte_addr)); } else if (RCE) { RCE->rce_newmtu = ipsecMTU; } } else { if (Action == eABSORB && Protocol == PROTOCOL_ICMP) { ipStatus = IP_NEGOTIATING_IPSEC; } else { ipStatus = IP_DEST_HOST_UNREACHABLE; } FreeIPPacket(Packet, TRUE, ipStatus); } if (Link) { DerefLink(Link); } if (RoutedIF != NULL) { DerefIF(RoutedIF); } else { ASSERT(RoutedRCE); CTEInterlockedDecrementLong(&RoutedRCE->rce_usecnt); } IPSInfo.ipsi_outdiscards++; return ipStatus; } else { // // Reset newmtu if we don't need IPSec. Otherwise if this RCE // was applied IPSec previously but not now and link MTU gets // changed, we won't be able to adjust MTU anymore in TCPSend. // if (!pc->pc_common.pc_IpsecCtx && RCE) { RCE->rce_newmtu = 0; } // // Use the new buffer chain - IPSEC will restore the old one // on send complete // if (newBuf) { NdisReinitializePacket(Packet); NdisChainBufferAtBack(Packet, newBuf); } DataSize += ipsecByteCount; } } // // If this is a broadcast address, call our broadcast send handler // to deal with this. The broadcast address handler will free the // option buffer for us, if needed. Otherwise if it's a fragment, call // the fragmentation handler. // if (DType == DEST_BCAST) { DEBUGMSG(DBG_INFO && DBG_IP && DBG_TX, (DTEXT("IPTransmit: DEST_BCAST, source %x\n"), Source)); //Note the fact that this is bcast pkt,in the irp, //used for cancelling the requests //Irp can go away any time SET_CANCEL_CONTEXT(Irp, BCAST_IF_CTXT); if (IP_ADDR_EQUAL(Source, NULL_IP_ADDR)) { SendStatus = SendDHCPPacket(Dest, Packet, Buffer, IPH, ArpCtxt); if ((Link) && (SendStatus != IP_PENDING)) { DerefLink(Link); } if (SendStatus != IP_PENDING && RoutedIF != NULL) { DerefIF(RoutedIF); } if (RoutedRCE) { CTEInterlockedDecrementLong(&RoutedRCE->rce_usecnt); } return SendStatus; } else { SendStatus = SendIPBCast(NULL, Dest, Packet, IPH, Buffer, DataSize, Options, OptionSize, OptInfo->ioi_limitbcasts, NULL); if ((Link) && (SendStatus != IP_PENDING)) { DerefLink(Link); } if (SendStatus != IP_PENDING && RoutedIF != NULL) { DerefIF(RoutedIF); } if (RoutedRCE) { CTEInterlockedDecrementLong(&RoutedRCE->rce_usecnt); } // In the case of header include, SendIPBcast will handle // the cleanup. return SendStatus; } } // Not a broadcast. If it needs to be fragmented, call our // fragmenter to do it. The fragmentation routine needs a // BufferReference structure, so we'll need one of those first. if ((DataSize + OptionSize) > MTU) { DEBUGMSG(DBG_INFO && DBG_IP && DBG_TX, (DTEXT("IPTransmit: fragmentation needed.\n"))); BR = CTEAllocMemN(sizeof(BufferReference), '4iCT'); if (BR == (BufferReference *) NULL) { // Couldn't get a BufferReference // // If options are already linked in, dont free them. // FreeIPPacket will. // if (Options) { if (!(pc->pc_common.pc_flags & PACKET_FLAG_OPTIONS)) { CTEFreeMem(Options); } else if (newBuf) { // // Option has been copied by IPSEC (in the tunneling // case); free the original option and clear the // FLAG_OPTIONS so that FreeIPPacket will not try to // free options again. // ASSERT(IPSecHandlerPtr); NdisFreeBuffer(OptBuffer); CTEFreeMem(Options); pc->pc_common.pc_flags &= ~PACKET_FLAG_OPTIONS; } } // // Just before caling ipsec we had chained // the Buffer to the Packet. If this is not // ipsec case chain it here before calling FreeIPPacket, // which will free the firewall and hdrincl buffers. // if (!IPSecHandlerPtr) { NdisChainBufferAtBack(Packet, Buffer); } FreeIPPacket(Packet, TRUE, IP_NO_RESOURCES); if (Link) { DerefLink(Link); } if (RoutedIF != NULL) { DerefIF(RoutedIF); } if (RoutedRCE) { CTEInterlockedDecrementLong(&RoutedRCE->rce_usecnt); } IPSInfo.ipsi_outdiscards++; return IP_NO_RESOURCES; } BR->br_buffer = Buffer; BR->br_refcount = 0; CTEInitLock(&BR->br_lock); pc->pc_br = BR; BR->br_userbuffer = pc->pc_hdrincl; // // setup so IPSEC headers appear just as first part of the data. // if (IPSecHandlerPtr) { // // If this is a reinjected packet from IPSEC, then, allocate // another IP header here. // // This is to ensure that in fragmented packets, the send // completes happen properly vis-a-vis IPSEC. // // When packet comes in it looks like this: [IP]->[ULP] // We allocate another IP header [IP'] and nuke [IP] length // to 0 so that it is ignored and [IP'] is used instead. // if (fIpsec) { PNDIS_BUFFER UserBuffer; int hdrLen; UserBuffer = Buffer; HeaderBuffer = GetIPHdrBuffer(&IPH); if (HeaderBuffer == NULL) { pc->pc_common.pc_flags &= ~PACKET_FLAG_IPHDR; pc->pc_ipsec_flags |= (IPSEC_FLAG_FRAG_DONE | IPSEC_FLAG_FLUSH); if (pc->pc_hdrincl) { NdisChainBufferAtBack(Packet, Buffer); } FreeIPPacket(Packet, TRUE, IP_NO_RESOURCES); CTEFreeMem(BR); if (Link) { DerefLink(Link); } if (RoutedIF != NULL) { DerefIF(RoutedIF); } if (RoutedRCE) { CTEInterlockedDecrementLong(&RoutedRCE->rce_usecnt); } IPSInfo.ipsi_outdiscards++; return IP_NO_RESOURCES; } else { uchar *UserData; // Got a buffer, copy the upper layer data forward. UserData = TcpipBufferVirtualAddress(UserBuffer, NormalPagePriority); if (UserData == NULL) { FreeIPHdrBuffer(HeaderBuffer); pc->pc_common.pc_flags &= ~PACKET_FLAG_IPHDR; pc->pc_ipsec_flags |= (IPSEC_FLAG_FRAG_DONE | IPSEC_FLAG_FLUSH); if (pc->pc_hdrincl) { NdisChainBufferAtBack(Packet, Buffer); } FreeIPPacket(Packet, TRUE, IP_NO_RESOURCES); CTEFreeMem(BR); if (Link) { DerefLink(Link); } if (RoutedIF != NULL) { DerefIF(RoutedIF); } if (RoutedRCE) { CTEInterlockedDecrementLong(&RoutedRCE->rce_usecnt); } IPSInfo.ipsi_outdiscards++; return IP_NO_RESOURCES; } RtlCopyMemory(IPH, UserData, sizeof(IPHeader)); NdisAdjustBufferLength(HeaderBuffer, sizeof(IPHeader)); } pc = (PacketContext *) Packet->ProtocolReserved; pc->pc_common.pc_flags |= PACKET_FLAG_IPHDR; NdisAdjustBufferLength(Buffer, 0); // // Handle options by using the same method as above: // i.e. link our own options buffer; copy out the input // options and nuke the input buffer. // hdrLen = (IPH->iph_verlen & (uchar) ~ IP_VER_FLAG) << 2; if (hdrLen > sizeof(IPHeader)) { PNDIS_BUFFER InOptionBuf; ULONG InOptionSize; PUCHAR InOptions; InOptionBuf = NDIS_BUFFER_LINKAGE(UserBuffer); ASSERT(InOptionBuf); TcpipQueryBuffer(InOptionBuf, &InOptions, (PUINT) &InOptionSize, NormalPagePriority); Options = CTEAllocMemN(InOptionSize, '5iCT'); if (Options == NULL || InOptions == NULL) { pc->pc_common.pc_flags &= ~PACKET_FLAG_IPHDR; if (Options) { CTEFreeMem(Options); } pc->pc_ipsec_flags |= (IPSEC_FLAG_FRAG_DONE | IPSEC_FLAG_FLUSH); if (pc->pc_hdrincl) { NdisChainBufferAtBack(Packet, Buffer); } FreeIPPacket(Packet, TRUE, IP_NO_RESOURCES); CTEFreeMem(BR); if (Link) { DerefLink(Link); } if (RoutedIF != NULL) { DerefIF(RoutedIF); } if (RoutedRCE) { CTEInterlockedDecrementLong(&RoutedRCE->rce_usecnt); } IPSInfo.ipsi_outdiscards++; return IP_NO_RESOURCES; } // // Got a buffer, copy the options. // OptionSize = InOptionSize; RtlCopyMemory(Options, InOptions, OptionSize); NdisAdjustBufferLength(InOptionBuf, 0); } } else { Buffer = NDIS_BUFFER_LINKAGE(HeaderBuffer); // // This is to ensure that options are freed appropriately. // In the fragment code, the first fragment inherits the // options of the entire packet; but these packets have // no IPSEC context, hence cannot be freed appropriately. // So, we allocate temporary options here and use these to // represent the real options. // These are freed when the first fragment is freed and // the real options are freed here. // if (Options) { PUCHAR tmpOptions; if (newBuf) { // // if a new buffer chain was returned above by // IPSEC, then it is most prob. a tunnel => // options were copied, hence get rid of ours. // NdisFreeBuffer(OptBuffer); CTEFreeMem(Options); Options = NULL; OptionSize = 0; } else { Buffer = NDIS_BUFFER_LINKAGE(OptBuffer); tmpOptions = CTEAllocMemN(OptionSize, '6iCT'); if (!tmpOptions) { if (pc->pc_hdrincl) { NdisChainBufferAtBack(Packet, Buffer); } FreeIPPacket(Packet, TRUE, IP_NO_RESOURCES); CTEFreeMem(BR); if (Link) { DerefLink(Link); } if (RoutedIF != NULL) { DerefIF(RoutedIF); } if (RoutedRCE) { CTEInterlockedDecrementLong(&RoutedRCE->rce_usecnt); } IPSInfo.ipsi_outdiscards++; return IP_NO_RESOURCES; } NdisFreeBuffer(OptBuffer); RtlCopyMemory(tmpOptions, Options, OptionSize); CTEFreeMem(Options); Options = tmpOptions; } pc->pc_common.pc_flags &= ~PACKET_FLAG_OPTIONS; } } NDIS_BUFFER_LINKAGE(HeaderBuffer) = NULL; NdisReinitializePacket(Packet); NdisChainBufferAtBack(Packet, HeaderBuffer); IPH->iph_xsum = 0; } // Mark Irp with the destif // Once link level call is made, // Irp can go away any time SET_CANCEL_CONTEXT(Irp, DestIF); SendStatus = IPFragment(DestIF, MTU, FirstHop, Packet, IPH, Buffer, DataSize, Options, OptionSize, NULL, FALSE, ArpCtxt); // // If IPFragment returns IP_PACKET_TOO_BIG (meaning DF bit is set) // and we are in the IPSEC reinject path, send an ICMP error // message including the MTU back so the source host can perform // Path MTU discovery. // if ((SendStatus == IP_PACKET_TOO_BIG) && fIpsec) { ASSERT(IPSecHandlerPtr); SendICMPIPSecErr(DestIF->if_nte->nte_addr, (IPHeader *) saveIPH, ICMP_DEST_UNREACH, FRAG_NEEDED, net_long(MTU + sizeof(IPHeader))); KdPrintEx((DPFLTR_TCPIP_ID, DPFLTR_INFO_LEVEL,"IPTransmit: Sent ICMP frag_needed to %lx, " "from src: %lx\n", ((IPHeader *) saveIPH)->iph_src, DestIF->if_nte->nte_addr)); } if ((Link) && (SendStatus != IP_PENDING)) { DerefLink(Link); } if (SendStatus != IP_PENDING && RoutedIF != NULL) { DerefIF(RoutedIF); } if (RoutedRCE) { CTEInterlockedDecrementLong(&RoutedRCE->rce_usecnt); } // If this is a headerinclude packet and status != pending, IPFragment takes // care of clean up. return SendStatus; } DEBUGMSG(DBG_INFO && DBG_IP && DBG_TX, (DTEXT("IPTransmit: Calling SendIPPacket...\n"))); // // If we've reached here, we aren't sending a broadcast and don't // need to fragment anything. Presumably we got here because we have // options. In any case, we're ready now. // if (IPH->iph_ttl == 0) { NdisSetPacketFlags(Packet, NDIS_FLAGS_LOOPBACK_ONLY); } // Mark Irp with outgoing interface // Once link level call is made, // Irp can go away any time SET_CANCEL_CONTEXT(Irp, DestIF); // Do not free the packet in SendIPPacket, as we may need // to chain the buffer in case of IP_NO_RESOURCES SendStatus = SendIPPacket(DestIF, FirstHop, Packet, Buffer, IPH, Options, OptionSize, (BOOLEAN) (IPSecHandlerPtr != NULL), ArpCtxt, TRUE); if ((Link) && (SendStatus != IP_PENDING)) { DerefLink(Link); } if (SendStatus != IP_PENDING && RoutedIF != NULL) { DerefIF(RoutedIF); } if (RoutedRCE) { CTEInterlockedDecrementLong(&RoutedRCE->rce_usecnt); } if (SendStatus != IP_PENDING) { if (SendStatus == IP_NO_RESOURCES) { NdisChainBufferAtBack(Packet, Buffer); } FreeIPPacket(Packet, TRUE, SendStatus); } return SendStatus; }