4 Copyright (c) 2005 - 2020, Intel Corporation. All rights reserved.<BR>
5 (C) Copyright 2015 Hewlett-Packard Development Company, L.P.<BR>
7 SPDX-License-Identifier: BSD-2-Clause-Patent
14 Create an empty assemble entry for the packet identified by
15 (Dst, Src, Id, Protocol). The default life for the packet is
18 @param[in] Dst The destination address
19 @param[in] Src The source address
20 @param[in] Id The ID field in IP header
21 @param[in] Protocol The protocol field in IP header
23 @return NULL if failed to allocate memory for the entry, otherwise
24 the point to just created reassemble entry.
28 Ip4CreateAssembleEntry (
35 IP4_ASSEMBLE_ENTRY
*Assemble
;
37 Assemble
= AllocatePool (sizeof (IP4_ASSEMBLE_ENTRY
));
39 if (Assemble
== NULL
) {
43 InitializeListHead (&Assemble
->Link
);
44 InitializeListHead (&Assemble
->Fragments
);
49 Assemble
->Protocol
= Protocol
;
50 Assemble
->TotalLen
= 0;
52 Assemble
->Head
= NULL
;
53 Assemble
->Info
= NULL
;
54 Assemble
->Life
= IP4_FRAGMENT_LIFE
;
60 Release all the fragments of a packet, then free the assemble entry.
62 @param[in] Assemble The assemble entry to free
66 Ip4FreeAssembleEntry (
67 IN IP4_ASSEMBLE_ENTRY
*Assemble
74 NET_LIST_FOR_EACH_SAFE (Entry
, Next
, &Assemble
->Fragments
) {
75 Fragment
= NET_LIST_USER_STRUCT (Entry
, NET_BUF
, List
);
77 RemoveEntryList (Entry
);
78 NetbufFree (Fragment
);
85 Initialize an already allocated assemble table. This is generally
86 the assemble table embedded in the IP4 service instance.
88 @param[in, out] Table The assemble table to initialize.
92 Ip4InitAssembleTable (
93 IN OUT IP4_ASSEMBLE_TABLE
*Table
98 for (Index
= 0; Index
< IP4_ASSEMLE_HASH_SIZE
; Index
++) {
99 InitializeListHead (&Table
->Bucket
[Index
]);
104 Clean up the assemble table: remove all the fragments
105 and assemble entries.
107 @param[in] Table The assemble table to clean up
111 Ip4CleanAssembleTable (
112 IN IP4_ASSEMBLE_TABLE
*Table
117 IP4_ASSEMBLE_ENTRY
*Assemble
;
120 for (Index
= 0; Index
< IP4_ASSEMLE_HASH_SIZE
; Index
++) {
121 NET_LIST_FOR_EACH_SAFE (Entry
, Next
, &Table
->Bucket
[Index
]) {
122 Assemble
= NET_LIST_USER_STRUCT (Entry
, IP4_ASSEMBLE_ENTRY
, Link
);
124 RemoveEntryList (Entry
);
125 Ip4FreeAssembleEntry (Assemble
);
131 Trim the packet to fit in [Start, End), and update the per
134 @param Packet Packet to trim
135 @param Start The sequence of the first byte to fit in
136 @param End One beyond the sequence of last byte to fit in.
141 IN OUT NET_BUF
*Packet
,
149 Info
= IP4_GET_CLIP_INFO (Packet
);
151 ASSERT (Info
->Start
+ Info
->Length
== Info
->End
);
152 ASSERT ((Info
->Start
< End
) && (Start
< Info
->End
));
154 if (Info
->Start
< Start
) {
155 Len
= Start
- Info
->Start
;
157 NetbufTrim (Packet
, (UINT32
)Len
, NET_BUF_HEAD
);
162 if (End
< Info
->End
) {
163 Len
= End
- Info
->End
;
165 NetbufTrim (Packet
, (UINT32
)Len
, NET_BUF_TAIL
);
172 Release all the fragments of the packet. This is the callback for
173 the assembled packet's OnFree. It will free the assemble entry,
174 which in turn will free all the fragments of the packet.
176 @param[in] Arg The assemble entry to free
185 Ip4FreeAssembleEntry ((IP4_ASSEMBLE_ENTRY
*)Arg
);
189 Reassemble the IP fragments. If all the fragments of the packet
190 have been received, it will wrap the packet in a net buffer then
191 return it to caller. If the packet can't be assembled, NULL is
194 @param Table The assemble table used. New assemble entry will be created
195 if the Packet is from a new chain of fragments.
196 @param Packet The fragment to assemble. It might be freed if the fragment
197 can't be re-assembled.
199 @return NULL if the packet can't be reassemble. The point to just assembled
200 packet if all the fragments of the packet have arrived.
205 IN OUT IP4_ASSEMBLE_TABLE
*Table
,
206 IN OUT NET_BUF
*Packet
212 IP4_ASSEMBLE_ENTRY
*Assemble
;
220 IpHead
= Packet
->Ip
.Ip4
;
221 This
= IP4_GET_CLIP_INFO (Packet
);
223 ASSERT (IpHead
!= NULL
);
226 // First: find the related assemble entry
229 Index
= IP4_ASSEMBLE_HASH (IpHead
->Dst
, IpHead
->Src
, IpHead
->Id
, IpHead
->Protocol
);
231 NET_LIST_FOR_EACH (Cur
, &Table
->Bucket
[Index
]) {
232 Assemble
= NET_LIST_USER_STRUCT (Cur
, IP4_ASSEMBLE_ENTRY
, Link
);
234 if ((Assemble
->Dst
== IpHead
->Dst
) && (Assemble
->Src
== IpHead
->Src
) &&
235 (Assemble
->Id
== IpHead
->Id
) && (Assemble
->Protocol
== IpHead
->Protocol
))
242 // Create a new assemble entry if no assemble entry is related to this packet
244 if (Cur
== &Table
->Bucket
[Index
]) {
245 Assemble
= Ip4CreateAssembleEntry (
252 if (Assemble
== NULL
) {
256 InsertHeadList (&Table
->Bucket
[Index
], &Assemble
->Link
);
260 // Assemble shouldn't be NULL here
262 ASSERT (Assemble
!= NULL
);
265 // Find the point to insert the packet: before the first
266 // fragment with THIS.Start < CUR.Start. the previous one
267 // has PREV.Start <= THIS.Start < CUR.Start.
269 Head
= &Assemble
->Fragments
;
271 NET_LIST_FOR_EACH (Cur
, Head
) {
272 Fragment
= NET_LIST_USER_STRUCT (Cur
, NET_BUF
, List
);
274 if (This
->Start
< IP4_GET_CLIP_INFO (Fragment
)->Start
) {
280 // Check whether the current fragment overlaps with the previous one.
281 // It holds that: PREV.Start <= THIS.Start < THIS.End. Only need to
282 // check whether THIS.Start < PREV.End for overlap. If two fragments
283 // overlaps, trim the overlapped part off THIS fragment.
285 if ((Prev
= Cur
->BackLink
) != Head
) {
286 Fragment
= NET_LIST_USER_STRUCT (Prev
, NET_BUF
, List
);
287 Node
= IP4_GET_CLIP_INFO (Fragment
);
289 if (This
->Start
< Node
->End
) {
290 if (This
->End
<= Node
->End
) {
295 Ip4TrimPacket (Packet
, Node
->End
, This
->End
);
300 // Insert the fragment into the packet. The fragment may be removed
301 // from the list by the following checks.
303 NetListInsertBefore (Cur
, &Packet
->List
);
306 // Check the packets after the insert point. It holds that:
307 // THIS.Start <= NODE.Start < NODE.End. The equality holds
308 // if PREV and NEXT are continuous. THIS fragment may fill
309 // several holes. Remove the completely overlapped fragments
311 while (Cur
!= Head
) {
312 Fragment
= NET_LIST_USER_STRUCT (Cur
, NET_BUF
, List
);
313 Node
= IP4_GET_CLIP_INFO (Fragment
);
316 // Remove fragments completely overlapped by this fragment
318 if (Node
->End
<= This
->End
) {
319 Cur
= Cur
->ForwardLink
;
321 RemoveEntryList (&Fragment
->List
);
322 Assemble
->CurLen
-= Node
->Length
;
324 NetbufFree (Fragment
);
329 // The conditions are: THIS.Start <= NODE.Start, and THIS.End <
330 // NODE.End. Two fragments overlaps if NODE.Start < THIS.End.
331 // If two fragments start at the same offset, remove THIS fragment
332 // because ((THIS.Start == NODE.Start) && (THIS.End < NODE.End)).
334 if (Node
->Start
< This
->End
) {
335 if (This
->Start
== Node
->Start
) {
336 RemoveEntryList (&Packet
->List
);
340 Ip4TrimPacket (Packet
, This
->Start
, Node
->Start
);
347 // Update the assemble info: increase the current length. If it is
348 // the frist fragment, update the packet's IP head and per packet
349 // info. If it is the last fragment, update the total length.
351 Assemble
->CurLen
+= This
->Length
;
353 if (This
->Start
== 0) {
355 // Once the first fragment is enqueued, it can't be removed
356 // from the fragment list. So, Assemble->Head always point
357 // to valid memory area.
359 ASSERT (Assemble
->Head
== NULL
);
361 Assemble
->Head
= IpHead
;
362 Assemble
->Info
= IP4_GET_CLIP_INFO (Packet
);
366 // Don't update the length more than once.
368 if (IP4_LAST_FRAGMENT (IpHead
->Fragment
) && (Assemble
->TotalLen
== 0)) {
369 Assemble
->TotalLen
= This
->End
;
373 // Deliver the whole packet if all the fragments received.
374 // All fragments received if:
375 // 1. received the last one, so, the total length is know
376 // 2. received all the data. If the last fragment on the
377 // queue ends at the total length, all data is received.
379 if ((Assemble
->TotalLen
!= 0) && (Assemble
->CurLen
>= Assemble
->TotalLen
)) {
380 RemoveEntryList (&Assemble
->Link
);
383 // If the packet is properly formatted, the last fragment's End
384 // equals to the packet's total length. Otherwise, the packet
385 // is a fake, drop it now.
387 Fragment
= NET_LIST_USER_STRUCT (Head
->BackLink
, NET_BUF
, List
);
389 if (IP4_GET_CLIP_INFO (Fragment
)->End
!= Assemble
->TotalLen
) {
390 Ip4FreeAssembleEntry (Assemble
);
395 // Wrap the packet in a net buffer then deliver it up
397 NewPacket
= NetbufFromBufList (
398 &Assemble
->Fragments
,
405 if (NewPacket
== NULL
) {
406 Ip4FreeAssembleEntry (Assemble
);
410 NewPacket
->Ip
.Ip4
= Assemble
->Head
;
412 ASSERT (Assemble
->Info
!= NULL
);
415 IP4_GET_CLIP_INFO (NewPacket
),
417 sizeof (*IP4_GET_CLIP_INFO (NewPacket
))
431 The callback function for the net buffer which wraps the packet processed by
432 IPsec. It releases the wrap packet and also signals IPsec to free the resources.
434 @param[in] Arg The wrap context
443 IP4_IPSEC_WRAP
*Wrap
;
445 Wrap
= (IP4_IPSEC_WRAP
*)Arg
;
447 if (Wrap
->IpSecRecycleSignal
!= NULL
) {
448 gBS
->SignalEvent (Wrap
->IpSecRecycleSignal
);
451 NetbufFree (Wrap
->Packet
);
459 The work function to locate IPsec protocol to process the inbound or
460 outbound IP packets. The process routine handls the packet with following
461 actions: bypass the packet, discard the packet, or protect the packet.
463 @param[in] IpSb The IP4 service instance.
464 @param[in, out] Head The caller supplied IP4 header.
465 @param[in, out] Netbuf The IP4 packet to be processed by IPsec.
466 @param[in, out] Options The caller supplied options.
467 @param[in, out] OptionsLen The length of the option.
468 @param[in] Direction The directionality in an SPD entry,
469 EfiIPsecInBound or EfiIPsecOutBound.
470 @param[in] Context The token's wrap.
472 @retval EFI_SUCCESS The IPsec protocol is not available or disabled.
473 @retval EFI_SUCCESS The packet was bypassed and all buffers remain the same.
474 @retval EFI_SUCCESS The packet was protected.
475 @retval EFI_ACCESS_DENIED The packet was discarded.
476 @retval EFI_OUT_OF_RESOURCES There is no sufficient resource to complete the operation.
477 @retval EFI_BUFFER_TOO_SMALL The number of non-empty block is bigger than the
478 number of input data blocks when build a fragment table.
482 Ip4IpSecProcessPacket (
483 IN IP4_SERVICE
*IpSb
,
484 IN OUT IP4_HEAD
**Head
,
485 IN OUT NET_BUF
**Netbuf
,
486 IN OUT UINT8
**Options
,
487 IN OUT UINT32
*OptionsLen
,
488 IN EFI_IPSEC_TRAFFIC_DIR Direction
,
492 NET_FRAGMENT
*FragmentTable
;
493 NET_FRAGMENT
*OriginalFragmentTable
;
494 UINT32 FragmentCount
;
495 UINT32 OriginalFragmentCount
;
496 EFI_EVENT RecycleEvent
;
498 IP4_TXTOKEN_WRAP
*TxWrap
;
499 IP4_IPSEC_WRAP
*IpSecWrap
;
503 Status
= EFI_SUCCESS
;
505 if (!mIpSec2Installed
) {
509 ASSERT (mIpSec
!= NULL
);
514 FragmentTable
= NULL
;
515 TxWrap
= (IP4_TXTOKEN_WRAP
*)Context
;
516 FragmentCount
= Packet
->BlockOpNum
;
518 ZeroMem (&ZeroHead
, sizeof (IP4_HEAD
));
521 // Check whether the IPsec enable variable is set.
523 if (mIpSec
->DisabledFlag
) {
525 // If IPsec is disabled, restore the original MTU
527 IpSb
->MaxPacketSize
= IpSb
->OldMaxPacketSize
;
531 // If IPsec is enabled, use the MTU which reduce the IPsec header length.
533 IpSb
->MaxPacketSize
= IpSb
->OldMaxPacketSize
- IP4_MAX_IPSEC_HEADLEN
;
537 // Rebuild fragment table from netbuf to ease IPsec process.
539 FragmentTable
= AllocateZeroPool (FragmentCount
* sizeof (NET_FRAGMENT
));
541 if (FragmentTable
== NULL
) {
542 Status
= EFI_OUT_OF_RESOURCES
;
546 Status
= NetbufBuildExt (Packet
, FragmentTable
, &FragmentCount
);
549 // Record the original FragmentTable and count.
551 OriginalFragmentTable
= FragmentTable
;
552 OriginalFragmentCount
= FragmentCount
;
554 if (EFI_ERROR (Status
)) {
555 FreePool (FragmentTable
);
560 // Convert host byte order to network byte order
564 Status
= mIpSec
->ProcessExt (
572 (EFI_IPSEC_FRAGMENT_DATA
**)(&FragmentTable
),
578 // Convert back to host byte order
582 if (EFI_ERROR (Status
)) {
583 FreePool (OriginalFragmentTable
);
587 if ((OriginalFragmentTable
== FragmentTable
) && (OriginalFragmentCount
== FragmentCount
)) {
591 FreePool (FragmentTable
);
595 // Free the FragmentTable which allocated before calling the IPsec.
597 FreePool (OriginalFragmentTable
);
600 if ((Direction
== EfiIPsecOutBound
) && (TxWrap
!= NULL
)) {
601 TxWrap
->IpSecRecycleSignal
= RecycleEvent
;
602 TxWrap
->Packet
= NetbufFromExt (
610 if (TxWrap
->Packet
== NULL
) {
612 // Recover the TxWrap->Packet, if meet a error, and the caller will free
615 TxWrap
->Packet
= *Netbuf
;
616 Status
= EFI_OUT_OF_RESOURCES
;
621 // Free original Netbuf.
623 NetIpSecNetbufFree (*Netbuf
);
624 *Netbuf
= TxWrap
->Packet
;
626 IpSecWrap
= AllocateZeroPool (sizeof (IP4_IPSEC_WRAP
));
628 if (IpSecWrap
== NULL
) {
629 Status
= EFI_OUT_OF_RESOURCES
;
630 gBS
->SignalEvent (RecycleEvent
);
634 IpSecWrap
->IpSecRecycleSignal
= RecycleEvent
;
635 IpSecWrap
->Packet
= Packet
;
636 Packet
= NetbufFromExt (
645 if (Packet
== NULL
) {
646 Packet
= IpSecWrap
->Packet
;
647 gBS
->SignalEvent (RecycleEvent
);
648 FreePool (IpSecWrap
);
649 Status
= EFI_OUT_OF_RESOURCES
;
653 if ((Direction
== EfiIPsecInBound
) && (0 != CompareMem (*Head
, &ZeroHead
, sizeof (IP4_HEAD
)))) {
654 Ip4PrependHead (Packet
, *Head
, *Options
, *OptionsLen
);
655 Ip4NtohHead (Packet
->Ip
.Ip4
);
656 NetbufTrim (Packet
, ((*Head
)->HeadLen
<< 2), TRUE
);
659 IP4_GET_CLIP_INFO (Packet
),
660 IP4_GET_CLIP_INFO (IpSecWrap
->Packet
),
661 sizeof (IP4_CLIP_INFO
)
673 Pre-process the IPv4 packet. First validates the IPv4 packet, and
674 then reassembles packet if it is necessary.
676 @param[in] IpSb Pointer to IP4_SERVICE.
677 @param[in, out] Packet Pointer to the Packet to be processed.
678 @param[in] Head Pointer to the IP4_HEAD.
679 @param[in] Option Pointer to a buffer which contains the IPv4 option.
680 @param[in] OptionLen The length of Option in bytes.
681 @param[in] Flag The link layer flag for the packet received, such
684 @retval EFI_SUCCESS The received packet is in well form.
685 @retval EFI_INVALID_PARAMETER The received packet is malformed.
689 Ip4PreProcessPacket (
690 IN IP4_SERVICE
*IpSb
,
691 IN OUT NET_BUF
**Packet
,
704 // Check if the IP4 header is correctly formatted.
706 HeadLen
= (Head
->HeadLen
<< 2);
707 TotalLen
= NTOHS (Head
->TotalLen
);
710 // Mnp may deliver frame trailer sequence up, trim it off.
712 if (TotalLen
< (*Packet
)->TotalSize
) {
713 NetbufTrim (*Packet
, (*Packet
)->TotalSize
- TotalLen
, FALSE
);
716 if ((Head
->Ver
!= 4) || (HeadLen
< IP4_MIN_HEADLEN
) ||
717 (TotalLen
< HeadLen
) || (TotalLen
!= (*Packet
)->TotalSize
))
719 return EFI_INVALID_PARAMETER
;
723 // Some OS may send IP packets without checksum.
725 Checksum
= (UINT16
)(~NetblockChecksum ((UINT8
*)Head
, HeadLen
));
727 if ((Head
->Checksum
!= 0) && (Checksum
!= 0)) {
728 return EFI_INVALID_PARAMETER
;
732 // Convert the IP header to host byte order, then get the per packet info.
734 (*Packet
)->Ip
.Ip4
= Ip4NtohHead (Head
);
736 Info
= IP4_GET_CLIP_INFO (*Packet
);
737 Info
->LinkFlag
= Flag
;
738 Info
->CastType
= Ip4GetHostCast (IpSb
, Head
->Dst
, Head
->Src
);
739 Info
->Start
= (Head
->Fragment
& IP4_HEAD_OFFSET_MASK
) << 3;
740 Info
->Length
= Head
->TotalLen
- HeadLen
;
741 Info
->End
= Info
->Start
+ Info
->Length
;
742 Info
->Status
= EFI_SUCCESS
;
745 // The packet is destinated to us if the CastType is non-zero.
747 if ((Info
->CastType
== 0) || (Info
->End
> IP4_MAX_PACKET_SIZE
)) {
748 return EFI_INVALID_PARAMETER
;
752 // Validate the options. Don't call the Ip4OptionIsValid if
753 // there is no option to save some CPU process.
756 if ((OptionLen
> 0) && !Ip4OptionIsValid (Option
, OptionLen
, TRUE
)) {
757 return EFI_INVALID_PARAMETER
;
761 // Trim the head off, after this point, the packet is headless,
762 // and Packet->TotalLen == Info->Length.
764 NetbufTrim (*Packet
, HeadLen
, TRUE
);
767 // Reassemble the packet if this is a fragment. The packet is a
768 // fragment if its head has MF (more fragment) set, or it starts
771 if (((Head
->Fragment
& IP4_HEAD_MF_MASK
) != 0) || (Info
->Start
!= 0)) {
773 // Drop the fragment if DF is set but it is fragmented. Gateway
774 // need to send a type 4 destination unreache ICMP message here.
776 if ((Head
->Fragment
& IP4_HEAD_DF_MASK
) != 0) {
777 return EFI_INVALID_PARAMETER
;
781 // The length of all but the last fragments is in the unit of 8 bytes.
783 if (((Head
->Fragment
& IP4_HEAD_MF_MASK
) != 0) && (Info
->Length
% 8 != 0)) {
784 return EFI_INVALID_PARAMETER
;
787 *Packet
= Ip4Reassemble (&IpSb
->Assemble
, *Packet
);
790 // Packet assembly isn't complete, start receive more packet.
792 if (*Packet
== NULL
) {
793 return EFI_INVALID_PARAMETER
;
801 This function checks the IPv4 packet length.
803 @param[in] Packet Pointer to the IPv4 Packet to be checked.
805 @retval TRUE The input IPv4 packet length is valid.
806 @retval FALSE The input IPv4 packet length is invalid.
810 Ip4IsValidPacketLength (
815 // Check the IP4 packet length.
817 if (Packet
->TotalSize
< IP4_MIN_HEADLEN
) {
825 The IP4 input routine. It is called by the IP4_INTERFACE when a
826 IP4 fragment is received from MNP.
828 @param[in] Ip4Instance The IP4 child that request the receive, most like
830 @param[in] Packet The IP4 packet received.
831 @param[in] IoStatus The return status of receive request.
832 @param[in] Flag The link layer flag for the packet received, such
834 @param[in] Context The IP4 service instance that own the MNP.
839 IN IP4_PROTOCOL
*Ip4Instance
,
841 IN EFI_STATUS IoStatus
,
853 IpSb
= (IP4_SERVICE
*)Context
;
856 if (EFI_ERROR (IoStatus
) || (IpSb
->State
== IP4_SERVICE_DESTROY
)) {
860 if (!Ip4IsValidPacketLength (Packet
)) {
864 Head
= (IP4_HEAD
*)NetbufGetByte (Packet
, 0, NULL
);
865 ASSERT (Head
!= NULL
);
866 OptionLen
= (Head
->HeadLen
<< 2) - IP4_MIN_HEADLEN
;
868 Option
= (UINT8
*)(Head
+ 1);
872 // Validate packet format and reassemble packet if it is necessary.
874 Status
= Ip4PreProcessPacket (
883 if (EFI_ERROR (Status
)) {
888 // After trim off, the packet is a esp/ah/udp/tcp/icmp6 net buffer,
889 // and no need consider any other ahead ext headers.
891 Status
= Ip4IpSecProcessPacket (
901 if (EFI_ERROR (Status
)) {
906 // If the packet is protected by tunnel mode, parse the inner Ip Packet.
908 ZeroMem (&ZeroHead
, sizeof (IP4_HEAD
));
909 if (0 == CompareMem (Head
, &ZeroHead
, sizeof (IP4_HEAD
))) {
910 // Packet may have been changed. Head, HeadLen, TotalLen, and
911 // info must be reloaded before use. The ownership of the packet
912 // is transferred to the packet process logic.
914 if (!Ip4IsValidPacketLength (Packet
)) {
918 Head
= (IP4_HEAD
*)NetbufGetByte (Packet
, 0, NULL
);
919 ASSERT (Head
!= NULL
);
920 Status
= Ip4PreProcessPacket (
928 if (EFI_ERROR (Status
)) {
933 ASSERT (Packet
!= NULL
);
934 Head
= Packet
->Ip
.Ip4
;
935 IP4_GET_CLIP_INFO (Packet
)->Status
= EFI_SUCCESS
;
937 switch (Head
->Protocol
) {
938 case EFI_IP_PROTO_ICMP
:
939 Ip4IcmpHandle (IpSb
, Head
, Packet
);
943 Ip4IgmpHandle (IpSb
, Head
, Packet
);
947 Ip4Demultiplex (IpSb
, Head
, Packet
, Option
, OptionLen
);
953 // Dispatch the DPCs queued by the NotifyFunction of the rx token's events
954 // which are signaled with received data.
959 Ip4ReceiveFrame (IpSb
->DefaultInterface
, NULL
, Ip4AccpetFrame
, IpSb
);
962 if (Packet
!= NULL
) {
970 Check whether this IP child accepts the packet.
972 @param[in] IpInstance The IP child to check
973 @param[in] Head The IP header of the packet
974 @param[in] Packet The data of the packet
976 @retval TRUE If the child wants to receive the packet.
977 @retval FALSE Otherwise.
981 Ip4InstanceFrameAcceptable (
982 IN IP4_PROTOCOL
*IpInstance
,
987 IP4_ICMP_ERROR_HEAD Icmp
;
988 EFI_IP4_CONFIG_DATA
*Config
;
993 Config
= &IpInstance
->ConfigData
;
996 // Dirty trick for the Tiano UEFI network stack implementation. If
997 // ReceiveTimeout == -1, the receive of the packet for this instance
998 // is disabled. The UEFI spec don't have such capability. We add
999 // this to improve the performance because IP will make a copy of
1000 // the received packet for each accepting instance. Some IP instances
1001 // used by UDP/TCP only send packets, they don't wants to receive.
1003 if (Config
->ReceiveTimeout
== (UINT32
)(-1)) {
1007 if (Config
->AcceptPromiscuous
) {
1012 // Use protocol from the IP header embedded in the ICMP error
1013 // message to filter, instead of ICMP itself. ICMP handle will
1014 // call Ip4Demultiplex to deliver ICMP errors.
1016 Proto
= Head
->Protocol
;
1018 if ((Proto
== EFI_IP_PROTO_ICMP
) && (!Config
->AcceptAnyProtocol
) && (Proto
!= Config
->DefaultProtocol
)) {
1019 NetbufCopy (Packet
, 0, sizeof (Icmp
.Head
), (UINT8
*)&Icmp
.Head
);
1021 if (mIcmpClass
[Icmp
.Head
.Type
].IcmpClass
== ICMP_ERROR_MESSAGE
) {
1022 if (!Config
->AcceptIcmpErrors
) {
1026 NetbufCopy (Packet
, 0, sizeof (Icmp
), (UINT8
*)&Icmp
);
1027 Proto
= Icmp
.IpHead
.Protocol
;
1032 // Match the protocol
1034 if (!Config
->AcceptAnyProtocol
&& (Proto
!= Config
->DefaultProtocol
)) {
1039 // Check for broadcast, the caller has computed the packet's
1040 // cast type for this child's interface.
1042 Info
= IP4_GET_CLIP_INFO (Packet
);
1044 if (IP4_IS_BROADCAST (Info
->CastType
)) {
1045 return Config
->AcceptBroadcast
;
1049 // If it is a multicast packet, check whether we are in the group.
1051 if (Info
->CastType
== IP4_MULTICAST
) {
1053 // Receive the multicast if the instance wants to receive all packets.
1055 if (!IpInstance
->ConfigData
.UseDefaultAddress
&& (IpInstance
->Interface
->Ip
== 0)) {
1059 for (Index
= 0; Index
< IpInstance
->GroupCount
; Index
++) {
1060 if (IpInstance
->Groups
[Index
] == HTONL (Head
->Dst
)) {
1065 return (BOOLEAN
)(Index
< IpInstance
->GroupCount
);
1072 Enqueue a shared copy of the packet to the IP4 child if the
1073 packet is acceptable to it. Here the data of the packet is
1074 shared, but the net buffer isn't.
1076 @param[in] IpInstance The IP4 child to enqueue the packet to
1077 @param[in] Head The IP header of the received packet
1078 @param[in] Packet The data of the received packet
1080 @retval EFI_NOT_STARTED The IP child hasn't been configured.
1081 @retval EFI_INVALID_PARAMETER The child doesn't want to receive the packet
1082 @retval EFI_OUT_OF_RESOURCES Failed to allocate some resource
1083 @retval EFI_SUCCESS A shared copy the packet is enqueued to the child.
1087 Ip4InstanceEnquePacket (
1088 IN IP4_PROTOCOL
*IpInstance
,
1093 IP4_CLIP_INFO
*Info
;
1097 // Check whether the packet is acceptable to this instance.
1099 if (IpInstance
->State
!= IP4_STATE_CONFIGED
) {
1100 return EFI_NOT_STARTED
;
1103 if (!Ip4InstanceFrameAcceptable (IpInstance
, Head
, Packet
)) {
1104 return EFI_INVALID_PARAMETER
;
1108 // Enqueue a shared copy of the packet.
1110 Clone
= NetbufClone (Packet
);
1112 if (Clone
== NULL
) {
1113 return EFI_OUT_OF_RESOURCES
;
1117 // Set the receive time out for the assembled packet. If it expires,
1118 // packet will be removed from the queue.
1120 Info
= IP4_GET_CLIP_INFO (Clone
);
1121 Info
->Life
= IP4_US_TO_SEC (IpInstance
->ConfigData
.ReceiveTimeout
);
1123 InsertTailList (&IpInstance
->Received
, &Clone
->List
);
1128 The signal handle of IP4's recycle event. It is called back
1129 when the upper layer release the packet.
1131 @param Event The IP4's recycle event.
1132 @param Context The context of the handle, which is a
1138 Ip4OnRecyclePacket (
1143 IP4_RXDATA_WRAP
*Wrap
;
1145 Wrap
= (IP4_RXDATA_WRAP
*)Context
;
1147 EfiAcquireLockOrFail (&Wrap
->IpInstance
->RecycleLock
);
1148 RemoveEntryList (&Wrap
->Link
);
1149 EfiReleaseLock (&Wrap
->IpInstance
->RecycleLock
);
1151 ASSERT (!NET_BUF_SHARED (Wrap
->Packet
));
1152 NetbufFree (Wrap
->Packet
);
1154 gBS
->CloseEvent (Wrap
->RxData
.RecycleSignal
);
1159 Wrap the received packet to a IP4_RXDATA_WRAP, which will be
1160 delivered to the upper layer. Each IP4 child that accepts the
1161 packet will get a not-shared copy of the packet which is wrapped
1162 in the IP4_RXDATA_WRAP. The IP4_RXDATA_WRAP->RxData is passed
1163 to the upper layer. Upper layer will signal the recycle event in
1164 it when it is done with the packet.
1166 @param[in] IpInstance The IP4 child to receive the packet.
1167 @param[in] Packet The packet to deliver up.
1169 @retval Wrap if warp the packet succeed.
1170 @retval NULL failed to wrap the packet .
1175 IN IP4_PROTOCOL
*IpInstance
,
1179 IP4_RXDATA_WRAP
*Wrap
;
1180 EFI_IP4_RECEIVE_DATA
*RxData
;
1184 Wrap
= AllocatePool (IP4_RXDATA_WRAP_SIZE (Packet
->BlockOpNum
));
1190 InitializeListHead (&Wrap
->Link
);
1192 Wrap
->IpInstance
= IpInstance
;
1193 Wrap
->Packet
= Packet
;
1194 RxData
= &Wrap
->RxData
;
1196 ZeroMem (RxData
, sizeof (EFI_IP4_RECEIVE_DATA
));
1198 Status
= gBS
->CreateEvent (
1203 &RxData
->RecycleSignal
1206 if (EFI_ERROR (Status
)) {
1211 ASSERT (Packet
->Ip
.Ip4
!= NULL
);
1213 ASSERT (IpInstance
!= NULL
);
1214 RawData
= IpInstance
->ConfigData
.RawData
;
1217 // The application expects a network byte order header.
1220 RxData
->HeaderLength
= (Packet
->Ip
.Ip4
->HeadLen
<< 2);
1221 RxData
->Header
= (EFI_IP4_HEADER
*)Ip4NtohHead (Packet
->Ip
.Ip4
);
1222 RxData
->OptionsLength
= RxData
->HeaderLength
- IP4_MIN_HEADLEN
;
1223 RxData
->Options
= NULL
;
1225 if (RxData
->OptionsLength
!= 0) {
1226 RxData
->Options
= (VOID
*)(RxData
->Header
+ 1);
1230 RxData
->DataLength
= Packet
->TotalSize
;
1233 // Build the fragment table to be delivered up.
1235 RxData
->FragmentCount
= Packet
->BlockOpNum
;
1236 NetbufBuildExt (Packet
, (NET_FRAGMENT
*)RxData
->FragmentTable
, &RxData
->FragmentCount
);
1242 Deliver the received packets to upper layer if there are both received
1243 requests and enqueued packets. If the enqueued packet is shared, it will
1244 duplicate it to a non-shared packet, release the shared packet, then
1245 deliver the non-shared packet up.
1247 @param[in] IpInstance The IP child to deliver the packet up.
1249 @retval EFI_OUT_OF_RESOURCES Failed to allocate resources to deliver the
1251 @retval EFI_SUCCESS All the enqueued packets that can be delivered
1256 Ip4InstanceDeliverPacket (
1257 IN IP4_PROTOCOL
*IpInstance
1260 EFI_IP4_COMPLETION_TOKEN
*Token
;
1261 IP4_RXDATA_WRAP
*Wrap
;
1268 // Deliver a packet if there are both a packet and a receive token.
1270 while (!IsListEmpty (&IpInstance
->Received
) &&
1271 !NetMapIsEmpty (&IpInstance
->RxTokens
))
1273 Packet
= NET_LIST_HEAD (&IpInstance
->Received
, NET_BUF
, List
);
1275 if (!NET_BUF_SHARED (Packet
)) {
1277 // If this is the only instance that wants the packet, wrap it up.
1279 Wrap
= Ip4WrapRxData (IpInstance
, Packet
);
1282 return EFI_OUT_OF_RESOURCES
;
1285 RemoveEntryList (&Packet
->List
);
1288 // Create a duplicated packet if this packet is shared
1290 if (IpInstance
->ConfigData
.RawData
) {
1293 HeadLen
= IP4_MAX_HEADLEN
;
1296 Dup
= NetbufDuplicate (Packet
, NULL
, HeadLen
);
1299 return EFI_OUT_OF_RESOURCES
;
1302 if (!IpInstance
->ConfigData
.RawData
) {
1304 // Copy the IP head over. The packet to deliver up is
1305 // headless. Trim the head off after copy. The IP head
1306 // may be not continuous before the data.
1308 Head
= NetbufAllocSpace (Dup
, IP4_MAX_HEADLEN
, NET_BUF_HEAD
);
1309 ASSERT (Head
!= NULL
);
1311 Dup
->Ip
.Ip4
= (IP4_HEAD
*)Head
;
1313 CopyMem (Head
, Packet
->Ip
.Ip4
, Packet
->Ip
.Ip4
->HeadLen
<< 2);
1314 NetbufTrim (Dup
, IP4_MAX_HEADLEN
, TRUE
);
1317 Wrap
= Ip4WrapRxData (IpInstance
, Dup
);
1321 return EFI_OUT_OF_RESOURCES
;
1324 RemoveEntryList (&Packet
->List
);
1325 NetbufFree (Packet
);
1331 // Insert it into the delivered packet, then get a user's
1332 // receive token, pass the wrapped packet up.
1334 EfiAcquireLockOrFail (&IpInstance
->RecycleLock
);
1335 InsertHeadList (&IpInstance
->Delivered
, &Wrap
->Link
);
1336 EfiReleaseLock (&IpInstance
->RecycleLock
);
1338 Token
= NetMapRemoveHead (&IpInstance
->RxTokens
, NULL
);
1339 Token
->Status
= IP4_GET_CLIP_INFO (Packet
)->Status
;
1340 Token
->Packet
.RxData
= &Wrap
->RxData
;
1342 gBS
->SignalEvent (Token
->Event
);
1349 Enqueue a received packet to all the IP children that share
1352 @param[in] IpSb The IP4 service instance that receive the packet.
1353 @param[in] Head The header of the received packet.
1354 @param[in] Packet The data of the received packet.
1355 @param[in] Option Point to the IP4 packet header options.
1356 @param[in] OptionLen Length of the IP4 packet header options.
1357 @param[in] IpIf The interface to enqueue the packet to.
1359 @return The number of the IP4 children that accepts the packet
1363 Ip4InterfaceEnquePacket (
1364 IN IP4_SERVICE
*IpSb
,
1368 IN UINT32 OptionLen
,
1369 IN IP4_INTERFACE
*IpIf
1372 IP4_PROTOCOL
*IpInstance
;
1373 IP4_CLIP_INFO
*Info
;
1380 // First, check that the packet is acceptable to this interface
1381 // and find the local cast type for the interface. A packet sent
1382 // to say 192.168.1.1 should NOT be deliver to 10.0.0.1 unless
1383 // promiscuous receiving.
1386 Info
= IP4_GET_CLIP_INFO (Packet
);
1388 if ((Info
->CastType
== IP4_MULTICAST
) || (Info
->CastType
== IP4_LOCAL_BROADCAST
)) {
1390 // If the CastType is multicast, don't need to filter against
1391 // the group address here, Ip4InstanceFrameAcceptable will do
1394 LocalType
= Info
->CastType
;
1397 // Check the destination against local IP. If the station
1398 // address is 0.0.0.0, it means receiving all the IP destined
1399 // to local non-zero IP. Otherwise, it is necessary to compare
1400 // the destination to the interface's IP address.
1402 if (IpIf
->Ip
== IP4_ALLZERO_ADDRESS
) {
1403 LocalType
= IP4_LOCAL_HOST
;
1405 LocalType
= Ip4GetNetCast (Head
->Dst
, IpIf
);
1407 if ((LocalType
== 0) && IpIf
->PromiscRecv
) {
1408 LocalType
= IP4_PROMISCUOUS
;
1413 if (LocalType
== 0) {
1418 // Iterate through the ip instances on the interface, enqueue
1419 // the packet if filter passed. Save the original cast type,
1420 // and pass the local cast type to the IP children on the
1421 // interface. The global cast type will be restored later.
1423 SavedType
= Info
->CastType
;
1424 Info
->CastType
= LocalType
;
1428 NET_LIST_FOR_EACH (Entry
, &IpIf
->IpInstances
) {
1429 IpInstance
= NET_LIST_USER_STRUCT (Entry
, IP4_PROTOCOL
, AddrLink
);
1430 NET_CHECK_SIGNATURE (IpInstance
, IP4_PROTOCOL_SIGNATURE
);
1433 // In RawData mode, add IPv4 headers and options back to packet.
1435 if ((IpInstance
->ConfigData
.RawData
) && (Option
!= NULL
) && (OptionLen
!= 0)) {
1436 Ip4PrependHead (Packet
, Head
, Option
, OptionLen
);
1439 if (Ip4InstanceEnquePacket (IpInstance
, Head
, Packet
) == EFI_SUCCESS
) {
1444 Info
->CastType
= SavedType
;
1449 Deliver the packet for each IP4 child on the interface.
1451 @param[in] IpSb The IP4 service instance that received the packet
1452 @param[in] IpIf The IP4 interface to deliver the packet.
1454 @retval EFI_SUCCESS It always returns EFI_SUCCESS now
1458 Ip4InterfaceDeliverPacket (
1459 IN IP4_SERVICE
*IpSb
,
1460 IN IP4_INTERFACE
*IpIf
1463 IP4_PROTOCOL
*Ip4Instance
;
1466 NET_LIST_FOR_EACH (Entry
, &IpIf
->IpInstances
) {
1467 Ip4Instance
= NET_LIST_USER_STRUCT (Entry
, IP4_PROTOCOL
, AddrLink
);
1468 Ip4InstanceDeliverPacket (Ip4Instance
);
1475 Demultiple the packet. the packet delivery is processed in two
1476 passes. The first pass will enqueue a shared copy of the packet
1477 to each IP4 child that accepts the packet. The second pass will
1478 deliver a non-shared copy of the packet to each IP4 child that
1479 has pending receive requests. Data is copied if more than one
1480 child wants to consume the packet because each IP child needs
1481 its own copy of the packet to make changes.
1483 @param[in] IpSb The IP4 service instance that received the packet.
1484 @param[in] Head The header of the received packet.
1485 @param[in] Packet The data of the received packet.
1486 @param[in] Option Point to the IP4 packet header options.
1487 @param[in] OptionLen Length of the IP4 packet header options.
1489 @retval EFI_NOT_FOUND No IP child accepts the packet.
1490 @retval EFI_SUCCESS The packet is enqueued or delivered to some IP
1496 IN IP4_SERVICE
*IpSb
,
1504 IP4_INTERFACE
*IpIf
;
1508 // Two pass delivery: first, enqueue a shared copy of the packet
1509 // to each instance that accept the packet.
1513 NET_LIST_FOR_EACH (Entry
, &IpSb
->Interfaces
) {
1514 IpIf
= NET_LIST_USER_STRUCT (Entry
, IP4_INTERFACE
, Link
);
1516 if (IpIf
->Configured
) {
1517 Enqueued
+= Ip4InterfaceEnquePacket (
1529 // Second: deliver a duplicate of the packet to each instance.
1530 // Release the local reference first, so that the last instance
1531 // getting the packet will not copy the data.
1533 NetbufFree (Packet
);
1535 if (Enqueued
== 0) {
1536 return EFI_NOT_FOUND
;
1539 NET_LIST_FOR_EACH (Entry
, &IpSb
->Interfaces
) {
1540 IpIf
= NET_LIST_USER_STRUCT (Entry
, IP4_INTERFACE
, Link
);
1542 if (IpIf
->Configured
) {
1543 Ip4InterfaceDeliverPacket (IpSb
, IpIf
);
1551 Timeout the fragment and enqueued packets.
1553 @param[in] IpSb The IP4 service instance to timeout
1557 Ip4PacketTimerTicking (
1558 IN IP4_SERVICE
*IpSb
1561 LIST_ENTRY
*InstanceEntry
;
1564 IP4_PROTOCOL
*IpInstance
;
1565 IP4_ASSEMBLE_ENTRY
*Assemble
;
1567 IP4_CLIP_INFO
*Info
;
1571 // First, time out the fragments. The packet's life is counting down
1572 // once the first-arrived fragment was received.
1574 for (Index
= 0; Index
< IP4_ASSEMLE_HASH_SIZE
; Index
++) {
1575 NET_LIST_FOR_EACH_SAFE (Entry
, Next
, &IpSb
->Assemble
.Bucket
[Index
]) {
1576 Assemble
= NET_LIST_USER_STRUCT (Entry
, IP4_ASSEMBLE_ENTRY
, Link
);
1578 if ((Assemble
->Life
> 0) && (--Assemble
->Life
== 0)) {
1579 RemoveEntryList (Entry
);
1580 Ip4FreeAssembleEntry (Assemble
);
1585 NET_LIST_FOR_EACH (InstanceEntry
, &IpSb
->Children
) {
1586 IpInstance
= NET_LIST_USER_STRUCT (InstanceEntry
, IP4_PROTOCOL
, Link
);
1589 // Second, time out the assembled packets enqueued on each IP child.
1591 NET_LIST_FOR_EACH_SAFE (Entry
, Next
, &IpInstance
->Received
) {
1592 Packet
= NET_LIST_USER_STRUCT (Entry
, NET_BUF
, List
);
1593 Info
= IP4_GET_CLIP_INFO (Packet
);
1595 if ((Info
->Life
> 0) && (--Info
->Life
== 0)) {
1596 RemoveEntryList (Entry
);
1597 NetbufFree (Packet
);
1602 // Third: time out the transmitted packets.
1604 NetMapIterate (&IpInstance
->TxTokens
, Ip4SentPacketTicking
, NULL
);