]> git.proxmox.com Git - mirror_edk2.git/blame - NetworkPkg/Ip4Dxe/Ip4Input.c
projects / mirror_edk2.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
NetworkPkg/Ip4Dxe: Check the received package length (CVE-2019-14559).
[mirror_edk2.git] / NetworkPkg / Ip4Dxe / Ip4Input.c
CommitLineData
772db4bb 1/** @file\r
3e8c18da 2 IP4 input process.\r
d1102dba 3\r
578bcdc2 4Copyright (c) 2005 - 2020, Intel Corporation. All rights reserved.<BR>\r
c79de074
SEHM		 5(C) Copyright 2015 Hewlett-Packard Development Company, L.P.<BR>\r
6\r
9d510e61 7SPDX-License-Identifier: BSD-2-Clause-Patent\r
772db4bb 8\r
772db4bb 9**/\r
10\r
11#include "Ip4Impl.h"\r
12\r
13\r
14/**\r
96e1079f 15 Create an empty assemble entry for the packet identified by\r
772db4bb 16 (Dst, Src, Id, Protocol). The default life for the packet is\r
17 120 seconds.\r
18\r
3e8c18da 19 @param[in] Dst The destination address\r
20 @param[in] Src The source address\r
21 @param[in] Id The ID field in IP header\r
22 @param[in] Protocol The protocol field in IP header\r
772db4bb 23\r
24 @return NULL if failed to allocate memory for the entry, otherwise\r
3e8c18da 25 the point to just created reassemble entry.\r
772db4bb 26\r
27**/\r
772db4bb 28IP4_ASSEMBLE_ENTRY *\r
29Ip4CreateAssembleEntry (\r
30 IN IP4_ADDR Dst,\r
31 IN IP4_ADDR Src,\r
32 IN UINT16 Id,\r
33 IN UINT8 Protocol\r
34 )\r
35{\r
36\r
37 IP4_ASSEMBLE_ENTRY *Assemble;\r
38\r
e48e37fc 39 Assemble = AllocatePool (sizeof (IP4_ASSEMBLE_ENTRY));\r
772db4bb 40\r
41 if (Assemble == NULL) {\r
42 return NULL;\r
43 }\r
44\r
e48e37fc 45 InitializeListHead (&Assemble->Link);\r
46 InitializeListHead (&Assemble->Fragments);\r
772db4bb 47\r
48 Assemble->Dst = Dst;\r
49 Assemble->Src = Src;\r
50 Assemble->Id = Id;\r
51 Assemble->Protocol = Protocol;\r
52 Assemble->TotalLen = 0;\r
53 Assemble->CurLen = 0;\r
54 Assemble->Head = NULL;\r
55 Assemble->Info = NULL;\r
56 Assemble->Life = IP4_FRAGMENT_LIFE;\r
57\r
58 return Assemble;\r
59}\r
60\r
61\r
62/**\r
96e1079f 63 Release all the fragments of a packet, then free the assemble entry.\r
772db4bb 64\r
3e8c18da 65 @param[in] Assemble The assemble entry to free\r
772db4bb 66\r
67**/\r
772db4bb 68VOID\r
69Ip4FreeAssembleEntry (\r
70 IN IP4_ASSEMBLE_ENTRY *Assemble\r
71 )\r
72{\r
e48e37fc 73 LIST_ENTRY *Entry;\r
74 LIST_ENTRY *Next;\r
772db4bb 75 NET_BUF *Fragment;\r
76\r
77 NET_LIST_FOR_EACH_SAFE (Entry, Next, &Assemble->Fragments) {\r
78 Fragment = NET_LIST_USER_STRUCT (Entry, NET_BUF, List);\r
79\r
e48e37fc 80 RemoveEntryList (Entry);\r
772db4bb 81 NetbufFree (Fragment);\r
82 }\r
83\r
766c7483 84 FreePool (Assemble);\r
772db4bb 85}\r
86\r
87\r
88/**\r
89 Initialize an already allocated assemble table. This is generally\r
90 the assemble table embedded in the IP4 service instance.\r
91\r
3e8c18da 92 @param[in, out] Table The assemble table to initialize.\r
772db4bb 93\r
94**/\r
95VOID\r
96Ip4InitAssembleTable (\r
96e1079f 97 IN OUT IP4_ASSEMBLE_TABLE *Table\r
772db4bb 98 )\r
99{\r
100 UINT32 Index;\r
101\r
102 for (Index = 0; Index < IP4_ASSEMLE_HASH_SIZE; Index++) {\r
e48e37fc 103 InitializeListHead (&Table->Bucket[Index]);\r
772db4bb 104 }\r
105}\r
106\r
107\r
108/**\r
109 Clean up the assemble table: remove all the fragments\r
110 and assemble entries.\r
111\r
3e8c18da 112 @param[in] Table The assemble table to clean up\r
772db4bb 113\r
114**/\r
115VOID\r
116Ip4CleanAssembleTable (\r
117 IN IP4_ASSEMBLE_TABLE *Table\r
118 )\r
119{\r
e48e37fc 120 LIST_ENTRY *Entry;\r
121 LIST_ENTRY *Next;\r
772db4bb 122 IP4_ASSEMBLE_ENTRY *Assemble;\r
123 UINT32 Index;\r
124\r
125 for (Index = 0; Index < IP4_ASSEMLE_HASH_SIZE; Index++) {\r
126 NET_LIST_FOR_EACH_SAFE (Entry, Next, &Table->Bucket[Index]) {\r
127 Assemble = NET_LIST_USER_STRUCT (Entry, IP4_ASSEMBLE_ENTRY, Link);\r
128\r
e48e37fc 129 RemoveEntryList (Entry);\r
772db4bb 130 Ip4FreeAssembleEntry (Assemble);\r
131 }\r
132 }\r
133}\r
134\r
135\r
136/**\r
137 Trim the packet to fit in [Start, End), and update the per\r
138 packet information.\r
139\r
140 @param Packet Packet to trim\r
141 @param Start The sequence of the first byte to fit in\r
142 @param End One beyond the sequence of last byte to fit in.\r
143\r
772db4bb 144**/\r
772db4bb 145VOID\r
146Ip4TrimPacket (\r
96e1079f 147 IN OUT NET_BUF *Packet,\r
148 IN INTN Start,\r
149 IN INTN End\r
772db4bb 150 )\r
151{\r
152 IP4_CLIP_INFO *Info;\r
153 INTN Len;\r
154\r
155 Info = IP4_GET_CLIP_INFO (Packet);\r
156\r
157 ASSERT (Info->Start + Info->Length == Info->End);\r
158 ASSERT ((Info->Start < End) && (Start < Info->End));\r
159\r
160 if (Info->Start < Start) {\r
161 Len = Start - Info->Start;\r
162\r
163 NetbufTrim (Packet, (UINT32) Len, NET_BUF_HEAD);\r
164 Info->Start = Start;\r
165 Info->Length -= Len;\r
166 }\r
167\r
168 if (End < Info->End) {\r
169 Len = End - Info->End;\r
170\r
171 NetbufTrim (Packet, (UINT32) Len, NET_BUF_TAIL);\r
172 Info->End = End;\r
173 Info->Length -= Len;\r
174 }\r
175}\r
176\r
177\r
178/**\r
179 Release all the fragments of the packet. This is the callback for\r
180 the assembled packet's OnFree. It will free the assemble entry,\r
181 which in turn will free all the fragments of the packet.\r
182\r
3e8c18da 183 @param[in] Arg The assemble entry to free\r
772db4bb 184\r
185**/\r
772db4bb 186VOID\r
e798cd87 187EFIAPI\r
772db4bb 188Ip4OnFreeFragments (\r
189 IN VOID *Arg\r
190 )\r
191{\r
192 Ip4FreeAssembleEntry ((IP4_ASSEMBLE_ENTRY *) Arg);\r
193}\r
194\r
195\r
196/**\r
197 Reassemble the IP fragments. If all the fragments of the packet\r
198 have been received, it will wrap the packet in a net buffer then\r
199 return it to caller. If the packet can't be assembled, NULL is\r
200 return.\r
201\r
96e1079f 202 @param Table The assemble table used. New assemble entry will be created\r
203 if the Packet is from a new chain of fragments.\r
204 @param Packet The fragment to assemble. It might be freed if the fragment\r
205 can't be re-assembled.\r
772db4bb 206\r
207 @return NULL if the packet can't be reassemble. The point to just assembled\r
96e1079f 208 packet if all the fragments of the packet have arrived.\r
772db4bb 209\r
210**/\r
772db4bb 211NET_BUF *\r
212Ip4Reassemble (\r
96e1079f 213 IN OUT IP4_ASSEMBLE_TABLE *Table,\r
214 IN OUT NET_BUF *Packet\r
772db4bb 215 )\r
216{\r
217 IP4_HEAD *IpHead;\r
218 IP4_CLIP_INFO *This;\r
219 IP4_CLIP_INFO *Node;\r
220 IP4_ASSEMBLE_ENTRY *Assemble;\r
e48e37fc 221 LIST_ENTRY *Head;\r
222 LIST_ENTRY *Prev;\r
223 LIST_ENTRY *Cur;\r
772db4bb 224 NET_BUF *Fragment;\r
225 NET_BUF *NewPacket;\r
226 INTN Index;\r
227\r
f6b7393c 228 IpHead = Packet->Ip.Ip4;\r
772db4bb 229 This = IP4_GET_CLIP_INFO (Packet);\r
230\r
231 ASSERT (IpHead != NULL);\r
232\r
233 //\r
234 // First: find the related assemble entry\r
235 //\r
236 Assemble = NULL;\r
237 Index = IP4_ASSEMBLE_HASH (IpHead->Dst, IpHead->Src, IpHead->Id, IpHead->Protocol);\r
238\r
239 NET_LIST_FOR_EACH (Cur, &Table->Bucket[Index]) {\r
240 Assemble = NET_LIST_USER_STRUCT (Cur, IP4_ASSEMBLE_ENTRY, Link);\r
241\r
242 if ((Assemble->Dst == IpHead->Dst) && (Assemble->Src == IpHead->Src) &&\r
243 (Assemble->Id == IpHead->Id) && (Assemble->Protocol == IpHead->Protocol)) {\r
244 break;\r
245 }\r
246 }\r
247\r
248 //\r
249 // Create a new assemble entry if no assemble entry is related to this packet\r
250 //\r
251 if (Cur == &Table->Bucket[Index]) {\r
252 Assemble = Ip4CreateAssembleEntry (\r
253 IpHead->Dst,\r
254 IpHead->Src,\r
255 IpHead->Id,\r
256 IpHead->Protocol\r
257 );\r
258\r
259 if (Assemble == NULL) {\r
260 goto DROP;\r
261 }\r
262\r
e48e37fc 263 InsertHeadList (&Table->Bucket[Index], &Assemble->Link);\r
772db4bb 264 }\r
894d038a 265 //\r
266 // Assemble shouldn't be NULL here\r
267 //\r
268 ASSERT (Assemble != NULL);\r
772db4bb 269\r
270 //\r
271 // Find the point to insert the packet: before the first\r
272 // fragment with THIS.Start < CUR.Start. the previous one\r
273 // has PREV.Start <= THIS.Start < CUR.Start.\r
274 //\r
275 Head = &Assemble->Fragments;\r
276\r
277 NET_LIST_FOR_EACH (Cur, Head) {\r
278 Fragment = NET_LIST_USER_STRUCT (Cur, NET_BUF, List);\r
279\r
280 if (This->Start < IP4_GET_CLIP_INFO (Fragment)->Start) {\r
281 break;\r
282 }\r
283 }\r
284\r
285 //\r
286 // Check whether the current fragment overlaps with the previous one.\r
287 // It holds that: PREV.Start <= THIS.Start < THIS.End. Only need to\r
288 // check whether THIS.Start < PREV.End for overlap. If two fragments\r
289 // overlaps, trim the overlapped part off THIS fragment.\r
290 //\r
cc0b145e 291 if ((Prev = Cur->BackLink) != Head) {\r
772db4bb 292 Fragment = NET_LIST_USER_STRUCT (Prev, NET_BUF, List);\r
293 Node = IP4_GET_CLIP_INFO (Fragment);\r
294\r
295 if (This->Start < Node->End) {\r
296 if (This->End <= Node->End) {\r
297 NetbufFree (Packet);\r
298 return NULL;\r
299 }\r
300\r
301 Ip4TrimPacket (Packet, Node->End, This->End);\r
302 }\r
303 }\r
304\r
305 //\r
306 // Insert the fragment into the packet. The fragment may be removed\r
307 // from the list by the following checks.\r
308 //\r
309 NetListInsertBefore (Cur, &Packet->List);\r
310\r
311 //\r
312 // Check the packets after the insert point. It holds that:\r
313 // THIS.Start <= NODE.Start < NODE.End. The equality holds\r
314 // if PREV and NEXT are continuous. THIS fragment may fill\r
315 // several holes. Remove the completely overlapped fragments\r
316 //\r
317 while (Cur != Head) {\r
318 Fragment = NET_LIST_USER_STRUCT (Cur, NET_BUF, List);\r
319 Node = IP4_GET_CLIP_INFO (Fragment);\r
320\r
321 //\r
322 // Remove fragments completely overlapped by this fragment\r
323 //\r
324 if (Node->End <= This->End) {\r
325 Cur = Cur->ForwardLink;\r
326\r
e48e37fc 327 RemoveEntryList (&Fragment->List);\r
772db4bb 328 Assemble->CurLen -= Node->Length;\r
329\r
330 NetbufFree (Fragment);\r
331 continue;\r
332 }\r
333\r
334 //\r
335 // The conditions are: THIS.Start <= NODE.Start, and THIS.End <\r
336 // NODE.End. Two fragments overlaps if NODE.Start < THIS.End.\r
337 // If two fragments start at the same offset, remove THIS fragment\r
338 // because ((THIS.Start == NODE.Start) && (THIS.End < NODE.End)).\r
339 //\r
340 if (Node->Start < This->End) {\r
341 if (This->Start == Node->Start) {\r
e48e37fc 342 RemoveEntryList (&Packet->List);\r
772db4bb 343 goto DROP;\r
344 }\r
345\r
346 Ip4TrimPacket (Packet, This->Start, Node->Start);\r
347 }\r
348\r
349 break;\r
350 }\r
351\r
352 //\r
353 // Update the assemble info: increase the current length. If it is\r
354 // the frist fragment, update the packet's IP head and per packet\r
355 // info. If it is the last fragment, update the total length.\r
356 //\r
357 Assemble->CurLen += This->Length;\r
358\r
359 if (This->Start == 0) {\r
360 //\r
361 // Once the first fragment is enqueued, it can't be removed\r
362 // from the fragment list. So, Assemble->Head always point\r
363 // to valid memory area.\r
364 //\r
365 ASSERT (Assemble->Head == NULL);\r
366\r
367 Assemble->Head = IpHead;\r
368 Assemble->Info = IP4_GET_CLIP_INFO (Packet);\r
369 }\r
370\r
371 //\r
372 // Don't update the length more than once.\r
373 //\r
374 if (IP4_LAST_FRAGMENT (IpHead->Fragment) && (Assemble->TotalLen == 0)) {\r
375 Assemble->TotalLen = This->End;\r
376 }\r
377\r
378 //\r
379 // Deliver the whole packet if all the fragments received.\r
380 // All fragments received if:\r
96e1079f 381 // 1. received the last one, so, the total length is know\r
772db4bb 382 // 2. received all the data. If the last fragment on the\r
383 // queue ends at the total length, all data is received.\r
384 //\r
385 if ((Assemble->TotalLen != 0) && (Assemble->CurLen >= Assemble->TotalLen)) {\r
386\r
e48e37fc 387 RemoveEntryList (&Assemble->Link);\r
772db4bb 388\r
389 //\r
6c585b52 390 // If the packet is properly formatted, the last fragment's End\r
772db4bb 391 // equals to the packet's total length. Otherwise, the packet\r
392 // is a fake, drop it now.\r
393 //\r
394 Fragment = NET_LIST_USER_STRUCT (Head->BackLink, NET_BUF, List);\r
395\r
396 if (IP4_GET_CLIP_INFO (Fragment)->End != Assemble->TotalLen) {\r
397 Ip4FreeAssembleEntry (Assemble);\r
398 return NULL;\r
399 }\r
400\r
401 //\r
402 // Wrap the packet in a net buffer then deliver it up\r
403 //\r
404 NewPacket = NetbufFromBufList (\r
405 &Assemble->Fragments,\r
406 0,\r
407 0,\r
408 Ip4OnFreeFragments,\r
409 Assemble\r
410 );\r
411\r
412 if (NewPacket == NULL) {\r
413 Ip4FreeAssembleEntry (Assemble);\r
414 return NULL;\r
415 }\r
416\r
f6b7393c 417 NewPacket->Ip.Ip4 = Assemble->Head;\r
04eb20aa
ED		 418\r
419 ASSERT (Assemble->Info != NULL);\r
420\r
421 CopyMem (\r
422 IP4_GET_CLIP_INFO (NewPacket),\r
423 Assemble->Info,\r
424 sizeof (*IP4_GET_CLIP_INFO (NewPacket))\r
425 );\r
426\r
772db4bb 427 return NewPacket;\r
428 }\r
429\r
430 return NULL;\r
431\r
432DROP:\r
433 NetbufFree (Packet);\r
434 return NULL;\r
435}\r
436\r
a1503a32 437/**\r
d1102dba
LG		 438 The callback function for the net buffer which wraps the packet processed by\r
439 IPsec. It releases the wrap packet and also signals IPsec to free the resources.\r
a1503a32 440\r
441 @param[in] Arg The wrap context\r
442\r
443**/\r
444VOID\r
e798cd87 445EFIAPI\r
a1503a32 446Ip4IpSecFree (\r
447 IN VOID *Arg\r
448 )\r
449{\r
450 IP4_IPSEC_WRAP *Wrap;\r
451\r
452 Wrap = (IP4_IPSEC_WRAP *) Arg;\r
453\r
454 if (Wrap->IpSecRecycleSignal != NULL) {\r
455 gBS->SignalEvent (Wrap->IpSecRecycleSignal);\r
456 }\r
457\r
458 NetbufFree (Wrap->Packet);\r
459\r
460 FreePool (Wrap);\r
461\r
462 return;\r
463}\r
464\r
465/**\r
d1102dba 466 The work function to locate IPsec protocol to process the inbound or\r
a1503a32 467 outbound IP packets. The process routine handls the packet with following\r
d1102dba 468 actions: bypass the packet, discard the packet, or protect the packet.\r
a1503a32 469\r
705f53a9 470 @param[in] IpSb The IP4 service instance.\r
6c585b52 471 @param[in, out] Head The caller supplied IP4 header.\r
705f53a9 472 @param[in, out] Netbuf The IP4 packet to be processed by IPsec.\r
473 @param[in, out] Options The caller supplied options.\r
474 @param[in, out] OptionsLen The length of the option.\r
d1102dba 475 @param[in] Direction The directionality in an SPD entry,\r
705f53a9 476 EfiIPsecInBound or EfiIPsecOutBound.\r
477 @param[in] Context The token's wrap.\r
a1503a32 478\r
479 @retval EFI_SUCCESS The IPsec protocol is not available or disabled.\r
480 @retval EFI_SUCCESS The packet was bypassed and all buffers remain the same.\r
481 @retval EFI_SUCCESS The packet was protected.\r
d1102dba 482 @retval EFI_ACCESS_DENIED The packet was discarded.\r
6c585b52 483 @retval EFI_OUT_OF_RESOURCES There is no sufficient resource to complete the operation.\r
d1102dba 484 @retval EFI_BUFFER_TOO_SMALL The number of non-empty block is bigger than the\r
a1503a32 485 number of input data blocks when build a fragment table.\r
486\r
487**/\r
488EFI_STATUS\r
489Ip4IpSecProcessPacket (\r
705f53a9 490 IN IP4_SERVICE *IpSb,\r
491 IN OUT IP4_HEAD **Head,\r
492 IN OUT NET_BUF **Netbuf,\r
493 IN OUT UINT8 **Options,\r
494 IN OUT UINT32 *OptionsLen,\r
495 IN EFI_IPSEC_TRAFFIC_DIR Direction,\r
496 IN VOID *Context\r
a1503a32 497 )\r
498{\r
499 NET_FRAGMENT *FragmentTable;\r
705f53a9 500 NET_FRAGMENT *OriginalFragmentTable;\r
a1503a32 501 UINT32 FragmentCount;\r
705f53a9 502 UINT32 OriginalFragmentCount;\r
a1503a32 503 EFI_EVENT RecycleEvent;\r
504 NET_BUF *Packet;\r
505 IP4_TXTOKEN_WRAP *TxWrap;\r
506 IP4_IPSEC_WRAP *IpSecWrap;\r
507 EFI_STATUS Status;\r
705f53a9 508 IP4_HEAD ZeroHead;\r
a1503a32 509\r
510 Status = EFI_SUCCESS;\r
c79de074
SEHM		 511\r
512 if (!mIpSec2Installed) {\r
513 goto ON_EXIT;\r
514 }\r
5aae2d35 515 ASSERT (mIpSec != NULL);\r
d1102dba 516\r
a1503a32 517 Packet = *Netbuf;\r
518 RecycleEvent = NULL;\r
519 IpSecWrap = NULL;\r
520 FragmentTable = NULL;\r
d1102dba 521 TxWrap = (IP4_TXTOKEN_WRAP *) Context;\r
a1503a32 522 FragmentCount = Packet->BlockOpNum;\r
705f53a9 523\r
524 ZeroMem (&ZeroHead, sizeof (IP4_HEAD));\r
a1503a32 525\r
a1503a32 526 //\r
527 // Check whether the IPsec enable variable is set.\r
528 //\r
529 if (mIpSec->DisabledFlag) {\r
530 //\r
531 // If IPsec is disabled, restore the original MTU\r
d1102dba 532 //\r
a1503a32 533 IpSb->MaxPacketSize = IpSb->OldMaxPacketSize;\r
534 goto ON_EXIT;\r
535 } else {\r
536 //\r
d1102dba 537 // If IPsec is enabled, use the MTU which reduce the IPsec header length.\r
a1503a32 538 //\r
d1102dba 539 IpSb->MaxPacketSize = IpSb->OldMaxPacketSize - IP4_MAX_IPSEC_HEADLEN;\r
a1503a32 540 }\r
541\r
542 //\r
543 // Rebuild fragment table from netbuf to ease IPsec process.\r
544 //\r
545 FragmentTable = AllocateZeroPool (FragmentCount * sizeof (NET_FRAGMENT));\r
546\r
547 if (FragmentTable == NULL) {\r
548 Status = EFI_OUT_OF_RESOURCES;\r
549 goto ON_EXIT;\r
550 }\r
d1102dba 551\r
a1503a32 552 Status = NetbufBuildExt (Packet, FragmentTable, &FragmentCount);\r
d1102dba 553\r
705f53a9 554 //\r
555 // Record the original FragmentTable and count.\r
556 //\r
557 OriginalFragmentTable = FragmentTable;\r
558 OriginalFragmentCount = FragmentCount;\r
a1503a32 559\r
560 if (EFI_ERROR (Status)) {\r
561 FreePool (FragmentTable);\r
562 goto ON_EXIT;\r
563 }\r
564\r
565 //\r
566 // Convert host byte order to network byte order\r
567 //\r
705f53a9 568 Ip4NtohHead (*Head);\r
d1102dba 569\r
705f53a9 570 Status = mIpSec->ProcessExt (\r
a1503a32 571 mIpSec,\r
572 IpSb->Controller,\r
573 IP_VERSION_4,\r
705f53a9 574 (VOID *) (*Head),\r
575 &(*Head)->Protocol,\r
da7ff698 576 (VOID **) Options,\r
705f53a9 577 OptionsLen,\r
a1503a32 578 (EFI_IPSEC_FRAGMENT_DATA **) (&FragmentTable),\r
579 &FragmentCount,\r
580 Direction,\r
581 &RecycleEvent\r
582 );\r
583 //\r
584 // Convert back to host byte order\r
585 //\r
705f53a9 586 Ip4NtohHead (*Head);\r
d1102dba 587\r
a1503a32 588 if (EFI_ERROR (Status)) {\r
94b928ca 589 FreePool (OriginalFragmentTable);\r
a1503a32 590 goto ON_EXIT;\r
591 }\r
592\r
705f53a9 593 if (OriginalFragmentTable == FragmentTable && OriginalFragmentCount == FragmentCount) {\r
94b928ca 594 //\r
595 // For ByPass Packet\r
596 //\r
597 FreePool (FragmentTable);\r
705f53a9 598 goto ON_EXIT;\r
94b928ca 599 } else {\r
600 //\r
601 // Free the FragmentTable which allocated before calling the IPsec.\r
602 //\r
603 FreePool (OriginalFragmentTable);\r
705f53a9 604 }\r
605\r
a1503a32 606 if (Direction == EfiIPsecOutBound && TxWrap != NULL) {\r
d1102dba 607\r
a1503a32 608 TxWrap->IpSecRecycleSignal = RecycleEvent;\r
609 TxWrap->Packet = NetbufFromExt (\r
610 FragmentTable,\r
611 FragmentCount,\r
612 IP4_MAX_HEADLEN,\r
613 0,\r
614 Ip4FreeTxToken,\r
615 TxWrap\r
616 );\r
617 if (TxWrap->Packet == NULL) {\r
94b928ca 618 //\r
619 // Recover the TxWrap->Packet, if meet a error, and the caller will free\r
620 // the TxWrap.\r
621 //\r
622 TxWrap->Packet = *Netbuf;\r
a1503a32 623 Status = EFI_OUT_OF_RESOURCES;\r
624 goto ON_EXIT;\r
625 }\r
626\r
705f53a9 627 //\r
6c585b52 628 // Free original Netbuf.\r
705f53a9 629 //\r
630 NetIpSecNetbufFree (*Netbuf);\r
a1503a32 631 *Netbuf = TxWrap->Packet;\r
d1102dba 632\r
a1503a32 633 } else {\r
d1102dba 634\r
a1503a32 635 IpSecWrap = AllocateZeroPool (sizeof (IP4_IPSEC_WRAP));\r
d1102dba 636\r
a1503a32 637 if (IpSecWrap == NULL) {\r
94b928ca 638 Status = EFI_OUT_OF_RESOURCES;\r
639 gBS->SignalEvent (RecycleEvent);\r
a1503a32 640 goto ON_EXIT;\r
641 }\r
d1102dba 642\r
a1503a32 643 IpSecWrap->IpSecRecycleSignal = RecycleEvent;\r
644 IpSecWrap->Packet = Packet;\r
645 Packet = NetbufFromExt (\r
d1102dba
LG		 646 FragmentTable,\r
647 FragmentCount,\r
648 IP4_MAX_HEADLEN,\r
649 0,\r
650 Ip4IpSecFree,\r
a1503a32 651 IpSecWrap\r
652 );\r
d1102dba 653\r
a1503a32 654 if (Packet == NULL) {\r
94b928ca 655 Packet = IpSecWrap->Packet;\r
656 gBS->SignalEvent (RecycleEvent);\r
657 FreePool (IpSecWrap);\r
a1503a32 658 Status = EFI_OUT_OF_RESOURCES;\r
659 goto ON_EXIT;\r
660 }\r
661\r
705f53a9 662 if (Direction == EfiIPsecInBound && 0 != CompareMem (*Head, &ZeroHead, sizeof (IP4_HEAD))) {\r
663 Ip4PrependHead (Packet, *Head, *Options, *OptionsLen);\r
a1503a32 664 Ip4NtohHead (Packet->Ip.Ip4);\r
705f53a9 665 NetbufTrim (Packet, ((*Head)->HeadLen << 2), TRUE);\r
a1503a32 666\r
667 CopyMem (\r
668 IP4_GET_CLIP_INFO (Packet),\r
669 IP4_GET_CLIP_INFO (IpSecWrap->Packet),\r
670 sizeof (IP4_CLIP_INFO)\r
671 );\r
672 }\r
a1503a32 673 *Netbuf = Packet;\r
674 }\r
675\r
676ON_EXIT:\r
677 return Status;\r
678}\r
772db4bb 679\r
680/**\r
705f53a9 681 Pre-process the IPv4 packet. First validates the IPv4 packet, and\r
682 then reassembles packet if it is necessary.\r
d1102dba 683\r
705f53a9 684 @param[in] IpSb Pointer to IP4_SERVICE.\r
685 @param[in, out] Packet Pointer to the Packet to be processed.\r
686 @param[in] Head Pointer to the IP4_HEAD.\r
687 @param[in] Option Pointer to a buffer which contains the IPv4 option.\r
688 @param[in] OptionLen The length of Option in bytes.\r
689 @param[in] Flag The link layer flag for the packet received, such\r
690 as multicast.\r
772db4bb 691\r
6c585b52
AC		 692 @retval EFI_SUCCESS The received packet is in well form.\r
693 @retval EFI_INVALID_PARAMETER The received packet is malformed.\r
772db4bb 694\r
695**/\r
705f53a9 696EFI_STATUS\r
697Ip4PreProcessPacket (\r
698 IN IP4_SERVICE *IpSb,\r
699 IN OUT NET_BUF **Packet,\r
700 IN IP4_HEAD *Head,\r
701 IN UINT8 *Option,\r
d1102dba 702 IN UINT32 OptionLen,\r
705f53a9 703 IN UINT32 Flag\r
d1102dba 704 )\r
772db4bb 705{\r
772db4bb 706 IP4_CLIP_INFO *Info;\r
772db4bb 707 UINT32 HeadLen;\r
772db4bb 708 UINT32 TotalLen;\r
709 UINT16 Checksum;\r
772db4bb 710\r
711 //\r
216f7970 712 // Check if the IP4 header is correctly formatted.\r
772db4bb 713 //\r
772db4bb 714 HeadLen = (Head->HeadLen << 2);\r
715 TotalLen = NTOHS (Head->TotalLen);\r
716\r
717 //\r
718 // Mnp may deliver frame trailer sequence up, trim it off.\r
719 //\r
705f53a9 720 if (TotalLen < (*Packet)->TotalSize) {\r
721 NetbufTrim (*Packet, (*Packet)->TotalSize - TotalLen, FALSE);\r
772db4bb 722 }\r
723\r
724 if ((Head->Ver != 4) || (HeadLen < IP4_MIN_HEADLEN) ||\r
705f53a9 725 (TotalLen < HeadLen) || (TotalLen != (*Packet)->TotalSize)) {\r
726 return EFI_INVALID_PARAMETER;\r
772db4bb 727 }\r
728\r
729 //\r
730 // Some OS may send IP packets without checksum.\r
731 //\r
687a2e5f 732 Checksum = (UINT16) (~NetblockChecksum ((UINT8 *) Head, HeadLen));\r
772db4bb 733\r
734 if ((Head->Checksum != 0) && (Checksum != 0)) {\r
705f53a9 735 return EFI_INVALID_PARAMETER;\r
772db4bb 736 }\r
737\r
738 //\r
739 // Convert the IP header to host byte order, then get the per packet info.\r
740 //\r
705f53a9 741 (*Packet)->Ip.Ip4 = Ip4NtohHead (Head);\r
772db4bb 742\r
705f53a9 743 Info = IP4_GET_CLIP_INFO (*Packet);\r
772db4bb 744 Info->LinkFlag = Flag;\r
745 Info->CastType = Ip4GetHostCast (IpSb, Head->Dst, Head->Src);\r
746 Info->Start = (Head->Fragment & IP4_HEAD_OFFSET_MASK) << 3;\r
747 Info->Length = Head->TotalLen - HeadLen;\r
748 Info->End = Info->Start + Info->Length;\r
749 Info->Status = EFI_SUCCESS;\r
750\r
751 //\r
752 // The packet is destinated to us if the CastType is non-zero.\r
753 //\r
754 if ((Info->CastType == 0) || (Info->End > IP4_MAX_PACKET_SIZE)) {\r
705f53a9 755 return EFI_INVALID_PARAMETER;\r
772db4bb 756 }\r
757\r
758 //\r
759 // Validate the options. Don't call the Ip4OptionIsValid if\r
760 // there is no option to save some CPU process.\r
761 //\r
d1102dba 762\r
705f53a9 763 if ((OptionLen > 0) && !Ip4OptionIsValid (Option, OptionLen, TRUE)) {\r
764 return EFI_INVALID_PARAMETER;\r
772db4bb 765 }\r
766\r
767 //\r
216f7970 768 // Trim the head off, after this point, the packet is headless,\r
772db4bb 769 // and Packet->TotalLen == Info->Length.\r
770 //\r
705f53a9 771 NetbufTrim (*Packet, HeadLen, TRUE);\r
772db4bb 772\r
773 //\r
774 // Reassemble the packet if this is a fragment. The packet is a\r
775 // fragment if its head has MF (more fragment) set, or it starts\r
776 // at non-zero byte.\r
777 //\r
b2c0a175 778 if (((Head->Fragment & IP4_HEAD_MF_MASK) != 0) || (Info->Start != 0)) {\r
772db4bb 779 //\r
780 // Drop the fragment if DF is set but it is fragmented. Gateway\r
781 // need to send a type 4 destination unreache ICMP message here.\r
782 //\r
b2c0a175 783 if ((Head->Fragment & IP4_HEAD_DF_MASK) != 0) {\r
705f53a9 784 return EFI_INVALID_PARAMETER;\r
772db4bb 785 }\r
786\r
787 //\r
788 // The length of all but the last fragments is in the unit of 8 bytes.\r
789 //\r
b2c0a175 790 if (((Head->Fragment & IP4_HEAD_MF_MASK) != 0) && (Info->Length % 8 != 0)) {\r
705f53a9 791 return EFI_INVALID_PARAMETER;\r
772db4bb 792 }\r
793\r
705f53a9 794 *Packet = Ip4Reassemble (&IpSb->Assemble, *Packet);\r
772db4bb 795\r
796 //\r
797 // Packet assembly isn't complete, start receive more packet.\r
798 //\r
705f53a9 799 if (*Packet == NULL) {\r
800 return EFI_INVALID_PARAMETER;\r
772db4bb 801 }\r
802 }\r
d1102dba 803\r
705f53a9 804 return EFI_SUCCESS;\r
805}\r
806\r
578bcdc2
JW		 807/**\r
808 This function checks the IPv4 packet length.\r
809\r
810 @param[in] Packet Pointer to the IPv4 Packet to be checked.\r
811\r
812 @retval TRUE The input IPv4 packet length is valid.\r
813 @retval FALSE The input IPv4 packet length is invalid.\r
814\r
815**/\r
816BOOLEAN\r
817Ip4IsValidPacketLength (\r
818 IN NET_BUF *Packet\r
819 )\r
820{\r
821 //\r
822 // Check the IP4 packet length.\r
823 //\r
824 if (Packet->TotalSize < IP4_MIN_HEADLEN) {\r
825 return FALSE;\r
826 }\r
827\r
828 return TRUE;\r
829}\r
830\r
705f53a9 831/**\r
832 The IP4 input routine. It is called by the IP4_INTERFACE when a\r
833 IP4 fragment is received from MNP.\r
834\r
835 @param[in] Ip4Instance The IP4 child that request the receive, most like\r
836 it is NULL.\r
837 @param[in] Packet The IP4 packet received.\r
838 @param[in] IoStatus The return status of receive request.\r
839 @param[in] Flag The link layer flag for the packet received, such\r
840 as multicast.\r
841 @param[in] Context The IP4 service instance that own the MNP.\r
842\r
843**/\r
844VOID\r
845Ip4AccpetFrame (\r
846 IN IP4_PROTOCOL *Ip4Instance,\r
847 IN NET_BUF *Packet,\r
848 IN EFI_STATUS IoStatus,\r
849 IN UINT32 Flag,\r
850 IN VOID *Context\r
851 )\r
852{\r
853 IP4_SERVICE *IpSb;\r
854 IP4_HEAD *Head;\r
855 EFI_STATUS Status;\r
856 IP4_HEAD ZeroHead;\r
857 UINT8 *Option;\r
858 UINT32 OptionLen;\r
d1102dba 859\r
705f53a9 860 IpSb = (IP4_SERVICE *) Context;\r
861 Option = NULL;\r
862\r
75dce340 863 if (EFI_ERROR (IoStatus) || (IpSb->State == IP4_SERVICE_DESTROY)) {\r
705f53a9 864 goto DROP;\r
865 }\r
866\r
578bcdc2
JW		 867 if (!Ip4IsValidPacketLength (Packet)) {\r
868 goto RESTART;\r
869 }\r
870\r
a56b6e03
ED		 871 Head = (IP4_HEAD *) NetbufGetByte (Packet, 0, NULL);\r
872 ASSERT (Head != NULL);\r
705f53a9 873 OptionLen = (Head->HeadLen << 2) - IP4_MIN_HEADLEN;\r
874 if (OptionLen > 0) {\r
875 Option = (UINT8 *) (Head + 1);\r
876 }\r
877\r
878 //\r
879 // Validate packet format and reassemble packet if it is necessary.\r
880 //\r
881 Status = Ip4PreProcessPacket (\r
d1102dba
LG		 882 IpSb,\r
883 &Packet,\r
884 Head,\r
705f53a9 885 Option,\r
d1102dba 886 OptionLen,\r
705f53a9 887 Flag\r
888 );\r
889\r
890 if (EFI_ERROR (Status)) {\r
891 goto RESTART;\r
892 }\r
772db4bb 893\r
894 //\r
a1503a32 895 // After trim off, the packet is a esp/ah/udp/tcp/icmp6 net buffer,\r
896 // and no need consider any other ahead ext headers.\r
897 //\r
898 Status = Ip4IpSecProcessPacket (\r
94b928ca 899 IpSb,\r
900 &Head,\r
901 &Packet,\r
705f53a9 902 &Option,\r
94b928ca 903 &OptionLen,\r
a1503a32 904 EfiIPsecInBound,\r
905 NULL\r
906 );\r
907\r
705f53a9 908 if (EFI_ERROR (Status)) {\r
a1503a32 909 goto RESTART;\r
910 }\r
d1102dba 911\r
705f53a9 912 //\r
913 // If the packet is protected by tunnel mode, parse the inner Ip Packet.\r
914 //\r
915 ZeroMem (&ZeroHead, sizeof (IP4_HEAD));\r
916 if (0 == CompareMem (Head, &ZeroHead, sizeof (IP4_HEAD))) {\r
578bcdc2
JW		 917 // Packet may have been changed. Head, HeadLen, TotalLen, and\r
918 // info must be reloaded before use. The ownership of the packet\r
919 // is transferred to the packet process logic.\r
920 //\r
921 if (!Ip4IsValidPacketLength (Packet)) {\r
922 goto RESTART;\r
923 }\r
924\r
705f53a9 925 Head = (IP4_HEAD *) NetbufGetByte (Packet, 0, NULL);\r
a56b6e03 926 ASSERT (Head != NULL);\r
705f53a9 927 Status = Ip4PreProcessPacket (\r
94b928ca 928 IpSb,\r
929 &Packet,\r
930 Head,\r
705f53a9 931 Option,\r
94b928ca 932 OptionLen,\r
705f53a9 933 Flag\r
934 );\r
935 if (EFI_ERROR (Status)) {\r
936 goto RESTART;\r
937 }\r
938 }\r
d1102dba 939\r
fbe12b79 940 ASSERT (Packet != NULL);\r
f6b7393c 941 Head = Packet->Ip.Ip4;\r
772db4bb 942 IP4_GET_CLIP_INFO (Packet)->Status = EFI_SUCCESS;\r
943\r
944 switch (Head->Protocol) {\r
f6b7393c 945 case EFI_IP_PROTO_ICMP:\r
772db4bb 946 Ip4IcmpHandle (IpSb, Head, Packet);\r
947 break;\r
948\r
949 case IP4_PROTO_IGMP:\r
950 Ip4IgmpHandle (IpSb, Head, Packet);\r
951 break;\r
952\r
953 default:\r
216f7970 954 Ip4Demultiplex (IpSb, Head, Packet, Option, OptionLen);\r
772db4bb 955 }\r
956\r
957 Packet = NULL;\r
958\r
36ee91ca 959 //\r
960 // Dispatch the DPCs queued by the NotifyFunction of the rx token's events\r
961 // which are signaled with received data.\r
962 //\r
d8d26fb2 963 DispatchDpc ();\r
36ee91ca 964\r
772db4bb 965RESTART:\r
966 Ip4ReceiveFrame (IpSb->DefaultInterface, NULL, Ip4AccpetFrame, IpSb);\r
967\r
968DROP:\r
969 if (Packet != NULL) {\r
970 NetbufFree (Packet);\r
971 }\r
972\r
973 return ;\r
974}\r
975\r
976\r
977/**\r
978 Check whether this IP child accepts the packet.\r
979\r
3e8c18da 980 @param[in] IpInstance The IP child to check\r
981 @param[in] Head The IP header of the packet\r
982 @param[in] Packet The data of the packet\r
772db4bb 983\r
96e1079f 984 @retval TRUE If the child wants to receive the packet.\r
985 @retval FALSE Otherwise.\r
772db4bb 986\r
987**/\r
988BOOLEAN\r
989Ip4InstanceFrameAcceptable (\r
990 IN IP4_PROTOCOL *IpInstance,\r
991 IN IP4_HEAD *Head,\r
992 IN NET_BUF *Packet\r
993 )\r
994{\r
995 IP4_ICMP_ERROR_HEAD Icmp;\r
996 EFI_IP4_CONFIG_DATA *Config;\r
997 IP4_CLIP_INFO *Info;\r
998 UINT16 Proto;\r
999 UINT32 Index;\r
1000\r
1001 Config = &IpInstance->ConfigData;\r
1002\r
1003 //\r
6c585b52 1004 // Dirty trick for the Tiano UEFI network stack implementation. If\r
772db4bb 1005 // ReceiveTimeout == -1, the receive of the packet for this instance\r
96e1079f 1006 // is disabled. The UEFI spec don't have such capability. We add\r
772db4bb 1007 // this to improve the performance because IP will make a copy of\r
1008 // the received packet for each accepting instance. Some IP instances\r
1009 // used by UDP/TCP only send packets, they don't wants to receive.\r
1010 //\r
1011 if (Config->ReceiveTimeout == (UINT32)(-1)) {\r
1012 return FALSE;\r
1013 }\r
1014\r
1015 if (Config->AcceptPromiscuous) {\r
1016 return TRUE;\r
1017 }\r
1018\r
1019 //\r
1020 // Use protocol from the IP header embedded in the ICMP error\r
1021 // message to filter, instead of ICMP itself. ICMP handle will\r
9899d8b6 1022 // call Ip4Demultiplex to deliver ICMP errors.\r
772db4bb 1023 //\r
1024 Proto = Head->Protocol;\r
1025\r
9899d8b6 1026 if ((Proto == EFI_IP_PROTO_ICMP) && (!Config->AcceptAnyProtocol) && (Proto != Config->DefaultProtocol)) {\r
772db4bb 1027 NetbufCopy (Packet, 0, sizeof (Icmp.Head), (UINT8 *) &Icmp.Head);\r
1028\r
1029 if (mIcmpClass[Icmp.Head.Type].IcmpClass == ICMP_ERROR_MESSAGE) {\r
1030 if (!Config->AcceptIcmpErrors) {\r
1031 return FALSE;\r
1032 }\r
1033\r
1034 NetbufCopy (Packet, 0, sizeof (Icmp), (UINT8 *) &Icmp);\r
1035 Proto = Icmp.IpHead.Protocol;\r
1036 }\r
1037 }\r
1038\r
1039 //\r
1040 // Match the protocol\r
1041 //\r
1042 if (!Config->AcceptAnyProtocol && (Proto != Config->DefaultProtocol)) {\r
1043 return FALSE;\r
1044 }\r
1045\r
1046 //\r
1047 // Check for broadcast, the caller has computed the packet's\r
1048 // cast type for this child's interface.\r
1049 //\r
1050 Info = IP4_GET_CLIP_INFO (Packet);\r
1051\r
1052 if (IP4_IS_BROADCAST (Info->CastType)) {\r
1053 return Config->AcceptBroadcast;\r
1054 }\r
1055\r
1056 //\r
1057 // If it is a multicast packet, check whether we are in the group.\r
1058 //\r
1059 if (Info->CastType == IP4_MULTICAST) {\r
1060 //\r
1061 // Receive the multicast if the instance wants to receive all packets.\r
1062 //\r
1063 if (!IpInstance->ConfigData.UseDefaultAddress && (IpInstance->Interface->Ip == 0)) {\r
1064 return TRUE;\r
1065 }\r
1066\r
1067 for (Index = 0; Index < IpInstance->GroupCount; Index++) {\r
1068 if (IpInstance->Groups[Index] == HTONL (Head->Dst)) {\r
1069 break;\r
1070 }\r
1071 }\r
1072\r
1073 return (BOOLEAN)(Index < IpInstance->GroupCount);\r
1074 }\r
1075\r
1076 return TRUE;\r
1077}\r
1078\r
1079\r
1080/**\r
1081 Enqueue a shared copy of the packet to the IP4 child if the\r
1082 packet is acceptable to it. Here the data of the packet is\r
1083 shared, but the net buffer isn't.\r
1084\r
3e8c18da 1085 @param[in] IpInstance The IP4 child to enqueue the packet to\r
1086 @param[in] Head The IP header of the received packet\r
1087 @param[in] Packet The data of the received packet\r
772db4bb 1088\r
1089 @retval EFI_NOT_STARTED The IP child hasn't been configured.\r
1090 @retval EFI_INVALID_PARAMETER The child doesn't want to receive the packet\r
1091 @retval EFI_OUT_OF_RESOURCES Failed to allocate some resource\r
1092 @retval EFI_SUCCESS A shared copy the packet is enqueued to the child.\r
1093\r
1094**/\r
1095EFI_STATUS\r
1096Ip4InstanceEnquePacket (\r
1097 IN IP4_PROTOCOL *IpInstance,\r
1098 IN IP4_HEAD *Head,\r
1099 IN NET_BUF *Packet\r
1100 )\r
1101{\r
1102 IP4_CLIP_INFO *Info;\r
1103 NET_BUF *Clone;\r
1104\r
1105 //\r
1106 // Check whether the packet is acceptable to this instance.\r
1107 //\r
1108 if (IpInstance->State != IP4_STATE_CONFIGED) {\r
1109 return EFI_NOT_STARTED;\r
1110 }\r
1111\r
1112 if (!Ip4InstanceFrameAcceptable (IpInstance, Head, Packet)) {\r
1113 return EFI_INVALID_PARAMETER;\r
1114 }\r
1115\r
1116 //\r
6c585b52 1117 // Enqueue a shared copy of the packet.\r
772db4bb 1118 //\r
1119 Clone = NetbufClone (Packet);\r
1120\r
1121 if (Clone == NULL) {\r
1122 return EFI_OUT_OF_RESOURCES;\r
1123 }\r
1124\r
1125 //\r
1126 // Set the receive time out for the assembled packet. If it expires,\r
1127 // packet will be removed from the queue.\r
1128 //\r
1129 Info = IP4_GET_CLIP_INFO (Clone);\r
1130 Info->Life = IP4_US_TO_SEC (IpInstance->ConfigData.ReceiveTimeout);\r
1131\r
e48e37fc 1132 InsertTailList (&IpInstance->Received, &Clone->List);\r
772db4bb 1133 return EFI_SUCCESS;\r
1134}\r
1135\r
1136\r
1137/**\r
1138 The signal handle of IP4's recycle event. It is called back\r
1139 when the upper layer release the packet.\r
1140\r
3e8c18da 1141 @param Event The IP4's recycle event.\r
1142 @param Context The context of the handle, which is a\r
1143 IP4_RXDATA_WRAP\r
772db4bb 1144\r
1145**/\r
772db4bb 1146VOID\r
1147EFIAPI\r
1148Ip4OnRecyclePacket (\r
1149 IN EFI_EVENT Event,\r
1150 IN VOID *Context\r
1151 )\r
1152{\r
1153 IP4_RXDATA_WRAP *Wrap;\r
1154\r
1155 Wrap = (IP4_RXDATA_WRAP *) Context;\r
1156\r
e48e37fc 1157 EfiAcquireLockOrFail (&Wrap->IpInstance->RecycleLock);\r
1158 RemoveEntryList (&Wrap->Link);\r
1159 EfiReleaseLock (&Wrap->IpInstance->RecycleLock);\r
772db4bb 1160\r
1161 ASSERT (!NET_BUF_SHARED (Wrap->Packet));\r
1162 NetbufFree (Wrap->Packet);\r
1163\r
1164 gBS->CloseEvent (Wrap->RxData.RecycleSignal);\r
766c7483 1165 FreePool (Wrap);\r
772db4bb 1166}\r
1167\r
1168\r
1169/**\r
1170 Wrap the received packet to a IP4_RXDATA_WRAP, which will be\r
1171 delivered to the upper layer. Each IP4 child that accepts the\r
1172 packet will get a not-shared copy of the packet which is wrapped\r
1173 in the IP4_RXDATA_WRAP. The IP4_RXDATA_WRAP->RxData is passed\r
1174 to the upper layer. Upper layer will signal the recycle event in\r
1175 it when it is done with the packet.\r
1176\r
216f7970 1177 @param[in] IpInstance The IP4 child to receive the packet.\r
1178 @param[in] Packet The packet to deliver up.\r
772db4bb 1179\r
3e8c18da 1180 @retval Wrap if warp the packet succeed.\r
1181 @retval NULL failed to wrap the packet .\r
772db4bb 1182\r
1183**/\r
1184IP4_RXDATA_WRAP *\r
1185Ip4WrapRxData (\r
1186 IN IP4_PROTOCOL *IpInstance,\r
1187 IN NET_BUF *Packet\r
1188 )\r
1189{\r
1190 IP4_RXDATA_WRAP *Wrap;\r
1191 EFI_IP4_RECEIVE_DATA *RxData;\r
1192 EFI_STATUS Status;\r
216f7970 1193 BOOLEAN RawData;\r
772db4bb 1194\r
e48e37fc 1195 Wrap = AllocatePool (IP4_RXDATA_WRAP_SIZE (Packet->BlockOpNum));\r
772db4bb 1196\r
1197 if (Wrap == NULL) {\r
1198 return NULL;\r
1199 }\r
1200\r
e48e37fc 1201 InitializeListHead (&Wrap->Link);\r
772db4bb 1202\r
1203 Wrap->IpInstance = IpInstance;\r
1204 Wrap->Packet = Packet;\r
1205 RxData = &Wrap->RxData;\r
1206\r
216f7970 1207 ZeroMem (RxData, sizeof (EFI_IP4_RECEIVE_DATA));\r
772db4bb 1208\r
1209 Status = gBS->CreateEvent (\r
1210 EVT_NOTIFY_SIGNAL,\r
e48e37fc 1211 TPL_NOTIFY,\r
772db4bb 1212 Ip4OnRecyclePacket,\r
1213 Wrap,\r
1214 &RxData->RecycleSignal\r
1215 );\r
1216\r
1217 if (EFI_ERROR (Status)) {\r
766c7483 1218 FreePool (Wrap);\r
772db4bb 1219 return NULL;\r
1220 }\r
1221\r
f6b7393c 1222 ASSERT (Packet->Ip.Ip4 != NULL);\r
772db4bb 1223\r
216f7970 1224 ASSERT (IpInstance != NULL);\r
1225 RawData = IpInstance->ConfigData.RawData;\r
1226\r
772db4bb 1227 //\r
1228 // The application expects a network byte order header.\r
1229 //\r
216f7970 1230 if (!RawData) {\r
1231 RxData->HeaderLength = (Packet->Ip.Ip4->HeadLen << 2);\r
1232 RxData->Header = (EFI_IP4_HEADER *) Ip4NtohHead (Packet->Ip.Ip4);\r
1233 RxData->OptionsLength = RxData->HeaderLength - IP4_MIN_HEADLEN;\r
1234 RxData->Options = NULL;\r
772db4bb 1235\r
216f7970 1236 if (RxData->OptionsLength != 0) {\r
1237 RxData->Options = (VOID *) (RxData->Header + 1);\r
1238 }\r
772db4bb 1239 }\r
1240\r
1241 RxData->DataLength = Packet->TotalSize;\r
1242\r
1243 //\r
1244 // Build the fragment table to be delivered up.\r
1245 //\r
1246 RxData->FragmentCount = Packet->BlockOpNum;\r
1247 NetbufBuildExt (Packet, (NET_FRAGMENT *) RxData->FragmentTable, &RxData->FragmentCount);\r
1248\r
1249 return Wrap;\r
1250}\r
1251\r
1252\r
1253/**\r
1254 Deliver the received packets to upper layer if there are both received\r
1255 requests and enqueued packets. If the enqueued packet is shared, it will\r
1256 duplicate it to a non-shared packet, release the shared packet, then\r
1257 deliver the non-shared packet up.\r
1258\r
3e8c18da 1259 @param[in] IpInstance The IP child to deliver the packet up.\r
772db4bb 1260\r
1261 @retval EFI_OUT_OF_RESOURCES Failed to allocate resources to deliver the\r
1262 packets.\r
1263 @retval EFI_SUCCESS All the enqueued packets that can be delivered\r
1264 are delivered up.\r
1265\r
1266**/\r
1267EFI_STATUS\r
1268Ip4InstanceDeliverPacket (\r
1269 IN IP4_PROTOCOL *IpInstance\r
1270 )\r
1271{\r
1272 EFI_IP4_COMPLETION_TOKEN *Token;\r
1273 IP4_RXDATA_WRAP *Wrap;\r
1274 NET_BUF *Packet;\r
1275 NET_BUF *Dup;\r
1276 UINT8 *Head;\r
216f7970 1277 UINT32 HeadLen;\r
772db4bb 1278\r
1279 //\r
1280 // Deliver a packet if there are both a packet and a receive token.\r
1281 //\r
e48e37fc 1282 while (!IsListEmpty (&IpInstance->Received) &&\r
772db4bb 1283 !NetMapIsEmpty (&IpInstance->RxTokens)) {\r
1284\r
1285 Packet = NET_LIST_HEAD (&IpInstance->Received, NET_BUF, List);\r
1286\r
1287 if (!NET_BUF_SHARED (Packet)) {\r
1288 //\r
1289 // If this is the only instance that wants the packet, wrap it up.\r
1290 //\r
1291 Wrap = Ip4WrapRxData (IpInstance, Packet);\r
1292\r
1293 if (Wrap == NULL) {\r
1294 return EFI_OUT_OF_RESOURCES;\r
1295 }\r
1296\r
e48e37fc 1297 RemoveEntryList (&Packet->List);\r
772db4bb 1298\r
1299 } else {\r
1300 //\r
1301 // Create a duplicated packet if this packet is shared\r
1302 //\r
216f7970 1303 if (IpInstance->ConfigData.RawData) {\r
1304 HeadLen = 0;\r
1305 } else {\r
1306 HeadLen = IP4_MAX_HEADLEN;\r
1307 }\r
1308\r
1309 Dup = NetbufDuplicate (Packet, NULL, HeadLen);\r
772db4bb 1310\r
1311 if (Dup == NULL) {\r
1312 return EFI_OUT_OF_RESOURCES;\r
1313 }\r
1314\r
216f7970 1315 if (!IpInstance->ConfigData.RawData) {\r
1316 //\r
1317 // Copy the IP head over. The packet to deliver up is\r
1318 // headless. Trim the head off after copy. The IP head\r
1319 // may be not continuous before the data.\r
1320 //\r
1321 Head = NetbufAllocSpace (Dup, IP4_MAX_HEADLEN, NET_BUF_HEAD);\r
1322 ASSERT (Head != NULL);\r
d1102dba 1323\r
216f7970 1324 Dup->Ip.Ip4 = (IP4_HEAD *) Head;\r
1325\r
1326 CopyMem (Head, Packet->Ip.Ip4, Packet->Ip.Ip4->HeadLen << 2);\r
1327 NetbufTrim (Dup, IP4_MAX_HEADLEN, TRUE);\r
1328 }\r
772db4bb 1329\r
1330 Wrap = Ip4WrapRxData (IpInstance, Dup);\r
1331\r
1332 if (Wrap == NULL) {\r
1333 NetbufFree (Dup);\r
1334 return EFI_OUT_OF_RESOURCES;\r
1335 }\r
1336\r
e48e37fc 1337 RemoveEntryList (&Packet->List);\r
772db4bb 1338 NetbufFree (Packet);\r
1339\r
1340 Packet = Dup;\r
1341 }\r
1342\r
1343 //\r
1344 // Insert it into the delivered packet, then get a user's\r
1345 // receive token, pass the wrapped packet up.\r
1346 //\r
e48e37fc 1347 EfiAcquireLockOrFail (&IpInstance->RecycleLock);\r
1348 InsertHeadList (&IpInstance->Delivered, &Wrap->Link);\r
1349 EfiReleaseLock (&IpInstance->RecycleLock);\r
772db4bb 1350\r
1351 Token = NetMapRemoveHead (&IpInstance->RxTokens, NULL);\r
1352 Token->Status = IP4_GET_CLIP_INFO (Packet)->Status;\r
1353 Token->Packet.RxData = &Wrap->RxData;\r
1354\r
1355 gBS->SignalEvent (Token->Event);\r
1356 }\r
1357\r
1358 return EFI_SUCCESS;\r
1359}\r
1360\r
1361\r
1362/**\r
1363 Enqueue a received packet to all the IP children that share\r
1364 the same interface.\r
1365\r
216f7970 1366 @param[in] IpSb The IP4 service instance that receive the packet.\r
1367 @param[in] Head The header of the received packet.\r
1368 @param[in] Packet The data of the received packet.\r
1369 @param[in] Option Point to the IP4 packet header options.\r
d1102dba 1370 @param[in] OptionLen Length of the IP4 packet header options.\r
216f7970 1371 @param[in] IpIf The interface to enqueue the packet to.\r
772db4bb 1372\r
1373 @return The number of the IP4 children that accepts the packet\r
1374\r
1375**/\r
1376INTN\r
1377Ip4InterfaceEnquePacket (\r
1378 IN IP4_SERVICE *IpSb,\r
1379 IN IP4_HEAD *Head,\r
1380 IN NET_BUF *Packet,\r
216f7970 1381 IN UINT8 *Option,\r
1382 IN UINT32 OptionLen,\r
772db4bb 1383 IN IP4_INTERFACE *IpIf\r
1384 )\r
1385{\r
1386 IP4_PROTOCOL *IpInstance;\r
1387 IP4_CLIP_INFO *Info;\r
e48e37fc 1388 LIST_ENTRY *Entry;\r
772db4bb 1389 INTN Enqueued;\r
1390 INTN LocalType;\r
1391 INTN SavedType;\r
1392\r
1393 //\r
1394 // First, check that the packet is acceptable to this interface\r
1395 // and find the local cast type for the interface. A packet sent\r
6c585b52 1396 // to say 192.168.1.1 should NOT be deliver to 10.0.0.1 unless\r
772db4bb 1397 // promiscuous receiving.\r
1398 //\r
1399 LocalType = 0;\r
1400 Info = IP4_GET_CLIP_INFO (Packet);\r
1401\r
1402 if ((Info->CastType == IP4_MULTICAST) || (Info->CastType == IP4_LOCAL_BROADCAST)) {\r
1403 //\r
1404 // If the CastType is multicast, don't need to filter against\r
1405 // the group address here, Ip4InstanceFrameAcceptable will do\r
1406 // that later.\r
1407 //\r
1408 LocalType = Info->CastType;\r
1409\r
1410 } else {\r
1411 //\r
6c585b52 1412 // Check the destination against local IP. If the station\r
772db4bb 1413 // address is 0.0.0.0, it means receiving all the IP destined\r
1414 // to local non-zero IP. Otherwise, it is necessary to compare\r
1415 // the destination to the interface's IP address.\r
1416 //\r
1417 if (IpIf->Ip == IP4_ALLZERO_ADDRESS) {\r
1418 LocalType = IP4_LOCAL_HOST;\r
1419\r
1420 } else {\r
1421 LocalType = Ip4GetNetCast (Head->Dst, IpIf);\r
1422\r
1423 if ((LocalType == 0) && IpIf->PromiscRecv) {\r
1424 LocalType = IP4_PROMISCUOUS;\r
1425 }\r
1426 }\r
1427 }\r
1428\r
1429 if (LocalType == 0) {\r
1430 return 0;\r
1431 }\r
1432\r
1433 //\r
1434 // Iterate through the ip instances on the interface, enqueue\r
1435 // the packet if filter passed. Save the original cast type,\r
1436 // and pass the local cast type to the IP children on the\r
1437 // interface. The global cast type will be restored later.\r
1438 //\r
1439 SavedType = Info->CastType;\r
1440 Info->CastType = LocalType;\r
1441\r
1442 Enqueued = 0;\r
1443\r
1444 NET_LIST_FOR_EACH (Entry, &IpIf->IpInstances) {\r
1445 IpInstance = NET_LIST_USER_STRUCT (Entry, IP4_PROTOCOL, AddrLink);\r
1446 NET_CHECK_SIGNATURE (IpInstance, IP4_PROTOCOL_SIGNATURE);\r
1447\r
216f7970 1448 //\r
1449 // In RawData mode, add IPv4 headers and options back to packet.\r
1450 //\r
1451 if ((IpInstance->ConfigData.RawData) && (Option != NULL) && (OptionLen != 0)){\r
1452 Ip4PrependHead (Packet, Head, Option, OptionLen);\r
1453 }\r
1454\r
772db4bb 1455 if (Ip4InstanceEnquePacket (IpInstance, Head, Packet) == EFI_SUCCESS) {\r
1456 Enqueued++;\r
1457 }\r
1458 }\r
1459\r
1460 Info->CastType = SavedType;\r
1461 return Enqueued;\r
1462}\r
1463\r
1464\r
1465/**\r
1466 Deliver the packet for each IP4 child on the interface.\r
1467\r
3e8c18da 1468 @param[in] IpSb The IP4 service instance that received the packet\r
1469 @param[in] IpIf The IP4 interface to deliver the packet.\r
772db4bb 1470\r
1471 @retval EFI_SUCCESS It always returns EFI_SUCCESS now\r
1472\r
1473**/\r
1474EFI_STATUS\r
1475Ip4InterfaceDeliverPacket (\r
1476 IN IP4_SERVICE *IpSb,\r
1477 IN IP4_INTERFACE *IpIf\r
1478 )\r
1479{\r
1480 IP4_PROTOCOL *Ip4Instance;\r
e48e37fc 1481 LIST_ENTRY *Entry;\r
772db4bb 1482\r
1483 NET_LIST_FOR_EACH (Entry, &IpIf->IpInstances) {\r
1484 Ip4Instance = NET_LIST_USER_STRUCT (Entry, IP4_PROTOCOL, AddrLink);\r
1485 Ip4InstanceDeliverPacket (Ip4Instance);\r
1486 }\r
1487\r
1488 return EFI_SUCCESS;\r
1489}\r
1490\r
1491\r
1492/**\r
1493 Demultiple the packet. the packet delivery is processed in two\r
6c585b52 1494 passes. The first pass will enqueue a shared copy of the packet\r
772db4bb 1495 to each IP4 child that accepts the packet. The second pass will\r
1496 deliver a non-shared copy of the packet to each IP4 child that\r
1497 has pending receive requests. Data is copied if more than one\r
96e1079f 1498 child wants to consume the packet because each IP child needs\r
772db4bb 1499 its own copy of the packet to make changes.\r
1500\r
216f7970 1501 @param[in] IpSb The IP4 service instance that received the packet.\r
1502 @param[in] Head The header of the received packet.\r
1503 @param[in] Packet The data of the received packet.\r
1504 @param[in] Option Point to the IP4 packet header options.\r
1505 @param[in] OptionLen Length of the IP4 packet header options.\r
772db4bb 1506\r
216f7970 1507 @retval EFI_NOT_FOUND No IP child accepts the packet.\r
772db4bb 1508 @retval EFI_SUCCESS The packet is enqueued or delivered to some IP\r
1509 children.\r
1510\r
1511**/\r
1512EFI_STATUS\r
1513Ip4Demultiplex (\r
1514 IN IP4_SERVICE *IpSb,\r
1515 IN IP4_HEAD *Head,\r
216f7970 1516 IN NET_BUF *Packet,\r
1517 IN UINT8 *Option,\r
1518 IN UINT32 OptionLen\r
772db4bb 1519 )\r
1520{\r
e48e37fc 1521 LIST_ENTRY *Entry;\r
772db4bb 1522 IP4_INTERFACE *IpIf;\r
1523 INTN Enqueued;\r
1524\r
1525 //\r
6c585b52 1526 // Two pass delivery: first, enqueue a shared copy of the packet\r
772db4bb 1527 // to each instance that accept the packet.\r
1528 //\r
1529 Enqueued = 0;\r
1530\r
1531 NET_LIST_FOR_EACH (Entry, &IpSb->Interfaces) {\r
1532 IpIf = NET_LIST_USER_STRUCT (Entry, IP4_INTERFACE, Link);\r
1533\r
1534 if (IpIf->Configured) {\r
216f7970 1535 Enqueued += Ip4InterfaceEnquePacket (\r
1536 IpSb,\r
1537 Head,\r
1538 Packet,\r
1539 Option,\r
1540 OptionLen,\r
1541 IpIf\r
1542 );\r
772db4bb 1543 }\r
1544 }\r
1545\r
1546 //\r
1547 // Second: deliver a duplicate of the packet to each instance.\r
1548 // Release the local reference first, so that the last instance\r
1549 // getting the packet will not copy the data.\r
1550 //\r
1551 NetbufFree (Packet);\r
1552\r
1553 if (Enqueued == 0) {\r
1554 return EFI_NOT_FOUND;\r
1555 }\r
1556\r
1557 NET_LIST_FOR_EACH (Entry, &IpSb->Interfaces) {\r
1558 IpIf = NET_LIST_USER_STRUCT (Entry, IP4_INTERFACE, Link);\r
1559\r
1560 if (IpIf->Configured) {\r
1561 Ip4InterfaceDeliverPacket (IpSb, IpIf);\r
1562 }\r
1563 }\r
1564\r
1565 return EFI_SUCCESS;\r
1566}\r
1567\r
1568\r
1569/**\r
1570 Timeout the fragment and enqueued packets.\r
1571\r
3e8c18da 1572 @param[in] IpSb The IP4 service instance to timeout\r
772db4bb 1573\r
1574**/\r
1575VOID\r
1576Ip4PacketTimerTicking (\r
1577 IN IP4_SERVICE *IpSb\r
1578 )\r
1579{\r
e48e37fc 1580 LIST_ENTRY *InstanceEntry;\r
1581 LIST_ENTRY *Entry;\r
1582 LIST_ENTRY *Next;\r
772db4bb 1583 IP4_PROTOCOL *IpInstance;\r
1584 IP4_ASSEMBLE_ENTRY *Assemble;\r
1585 NET_BUF *Packet;\r
1586 IP4_CLIP_INFO *Info;\r
1587 UINT32 Index;\r
1588\r
1589 //\r
1590 // First, time out the fragments. The packet's life is counting down\r
1591 // once the first-arrived fragment was received.\r
1592 //\r
1593 for (Index = 0; Index < IP4_ASSEMLE_HASH_SIZE; Index++) {\r
1594 NET_LIST_FOR_EACH_SAFE (Entry, Next, &IpSb->Assemble.Bucket[Index]) {\r
1595 Assemble = NET_LIST_USER_STRUCT (Entry, IP4_ASSEMBLE_ENTRY, Link);\r
1596\r
1597 if ((Assemble->Life > 0) && (--Assemble->Life == 0)) {\r
e48e37fc 1598 RemoveEntryList (Entry);\r
772db4bb 1599 Ip4FreeAssembleEntry (Assemble);\r
1600 }\r
1601 }\r
1602 }\r
1603\r
1604 NET_LIST_FOR_EACH (InstanceEntry, &IpSb->Children) {\r
1605 IpInstance = NET_LIST_USER_STRUCT (InstanceEntry, IP4_PROTOCOL, Link);\r
1606\r
1607 //\r
1608 // Second, time out the assembled packets enqueued on each IP child.\r
1609 //\r
1610 NET_LIST_FOR_EACH_SAFE (Entry, Next, &IpInstance->Received) {\r
1611 Packet = NET_LIST_USER_STRUCT (Entry, NET_BUF, List);\r
1612 Info = IP4_GET_CLIP_INFO (Packet);\r
1613\r
1614 if ((Info->Life > 0) && (--Info->Life == 0)) {\r
e48e37fc 1615 RemoveEntryList (Entry);\r
772db4bb 1616 NetbufFree (Packet);\r
1617 }\r
1618 }\r
1619\r
1620 //\r
1621 // Third: time out the transmitted packets.\r
1622 //\r
1623 NetMapIterate (&IpInstance->TxTokens, Ip4SentPacketTicking, NULL);\r
1624 }\r
1625}\r
EFI Development Kit II mirror for PVE