blob: 8845bbc2e0c3aad11ec00b1dce4c4f956e0dc3d9 [file] [log] [blame] [raw]
/*
* Copyright (C) 1993-2001, 2003 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*
* Copyright 2008 Sun Microsystems, Inc.
*/
#if defined(KERNEL) || defined(_KERNEL)
# undef KERNEL
# undef _KERNEL
# define KERNEL 1
# define _KERNEL 1
#endif
#if defined(__osf__)
# define _PROTO_NET_H_
#endif
#include <sys/errno.h>
#include <sys/types.h>
#include <sys/param.h>
#include <sys/file.h>
#if !defined(_KERNEL) && !defined(__KERNEL__)
# include <stdio.h>
# include <stdlib.h>
# include <string.h>
# define _KERNEL
# ifdef __OpenBSD__
struct file;
# endif
# include <sys/uio.h>
# undef _KERNEL
#else
# include <sys/systm.h>
# if defined(NetBSD) && (__NetBSD_Version__ >= 104000000)
# include <sys/proc.h>
# endif
#endif
#include <sys/time.h>
#if defined(_KERNEL) && !defined(SOLARIS2)
# include <sys/mbuf.h>
#endif
#if defined(__SVR4) || defined(__svr4__)
# include <sys/byteorder.h>
# ifdef _KERNEL
# include <sys/dditypes.h>
# endif
# include <sys/stream.h>
# include <sys/kmem.h>
#endif
#if defined(__FreeBSD_version) && (__FreeBSD_version >= 300000)
# include <sys/malloc.h>
#endif
#include <sys/socket.h>
#include <net/if.h>
#include <netinet/in.h>
#include "netinet/ip_compat.h"
#include "netinet/ip_fil.h"
#include "netinet/ip_pool.h"
#include "radix_ipf.h"
/* END OF INCLUDES */
#if !defined(lint)
static const char sccsid[] = "@(#)ip_fil.c 2.41 6/5/96 (C) 1993-2000 Darren Reed";
static const char rcsid[] = "@(#)$Id$";
#endif
#ifdef IPFILTER_LOOKUP
static void ip_pool_clearnodes __P((ip_pool_t *));
static void *ip_pool_exists __P((int, char *));
ip_pool_stat_t ipoolstat;
ipfrwlock_t ip_poolrw;
ip_pool_t *ip_pool_list[IPL_LOGSIZE] = { NULL, NULL, NULL, NULL,
NULL, NULL, NULL, NULL };
#ifdef TEST_POOL
void treeprint __P((ip_pool_t *));
int
main(argc, argv)
int argc;
char *argv[];
{
addrfamily_t a, b;
iplookupop_t op;
ip_pool_t *ipo;
i6addr_t ip;
RWLOCK_INIT(&ip_poolrw, "poolrw");
ip_pool_init();
bzero((char *)&a, sizeof(a));
bzero((char *)&b, sizeof(b));
bzero((char *)&ip, sizeof(ip));
bzero((char *)&op, sizeof(op));
strcpy(op.iplo_name, "0");
if (ip_pool_create(&op) == 0)
ipo = ip_pool_exists(0, "0");
a.adf_addr.in4.s_addr = 0x0a010203;
b.adf_addr.in4.s_addr = 0xffffffff;
ip_pool_insert(ipo, &a.adf_addr, &b.adf_addr, 1);
ip_pool_insert(ipo, &a.adf_addr, &b.adf_addr, 1);
a.adf_addr.in4.s_addr = 0x0a000000;
b.adf_addr.in4.s_addr = 0xff000000;
ip_pool_insert(ipo, &a.adf_addr, &b.adf_addr, 0);
ip_pool_insert(ipo, &a.adf_addr, &b.adf_addr, 0);
a.adf_addr.in4.s_addr = 0x0a010100;
b.adf_addr.in4.s_addr = 0xffffff00;
ip_pool_insert(ipo, &a.adf_addr, &b.adf_addr, 1);
ip_pool_insert(ipo, &a.adf_addr, &b.adf_addr, 1);
a.adf_addr.in4.s_addr = 0x0a010200;
b.adf_addr.in4.s_addr = 0xffffff00;
ip_pool_insert(ipo, &a.adf_addr, &b.adf_addr, 0);
ip_pool_insert(ipo, &a.adf_addr, &b.adf_addr, 0);
a.adf_addr.in4.s_addr = 0x0a010000;
b.adf_addr.in4.s_addr = 0xffff0000;
ip_pool_insert(ipo, &a.adf_addr, &b.adf_addr, 1);
ip_pool_insert(ipo, &a.adf_addr, &b.adf_addr, 1);
a.adf_addr.in4.s_addr = 0x0a01020f;
b.adf_addr.in4.s_addr = 0xffffffff;
ip_pool_insert(ipo, &a.adf_addr, &b.adf_addr, 1);
ip_pool_insert(ipo, &a.adf_addr, &b.adf_addr, 1);
#ifdef DEBUG_POOL
treeprint(ipo);
#endif
ip.in4.s_addr = 0x0a00aabb;
printf("search(%#x) = %d (0)\n", ip.in4.s_addr,
ip_pool_search(ipo, 4, &ip));
ip.in4.s_addr = 0x0a000001;
printf("search(%#x) = %d (0)\n", ip.in4.s_addr,
ip_pool_search(ipo, 4, &ip));
ip.in4.s_addr = 0x0a000101;
printf("search(%#x) = %d (0)\n", ip.in4.s_addr,
ip_pool_search(ipo, 4, &ip));
ip.in4.s_addr = 0x0a010001;
printf("search(%#x) = %d (1)\n", ip.in4.s_addr,
ip_pool_search(ipo, 4, &ip));
ip.in4.s_addr = 0x0a010101;
printf("search(%#x) = %d (1)\n", ip.in4.s_addr,
ip_pool_search(ipo, 4, &ip));
ip.in4.s_addr = 0x0a010201;
printf("search(%#x) = %d (0)\n", ip.in4.s_addr,
ip_pool_search(ipo, 4, &ip));
ip.in4.s_addr = 0x0a010203;
printf("search(%#x) = %d (1)\n", ip.in4.s_addr,
ip_pool_search(ipo, 4, &ip));
ip.in4.s_addr = 0x0a01020f;
printf("search(%#x) = %d (1)\n", ip.in4.s_addr,
ip_pool_search(ipo, 4, &ip));
ip.in4.s_addr = 0x0b00aabb;
printf("search(%#x) = %d (-1)\n", ip.in4.s_addr,
ip_pool_search(ipo, 4, &ip));
#ifdef DEBUG_POOL
treeprint(ipo);
#endif
ip_pool_fini();
return 0;
}
void
treeprint(ipo)
ip_pool_t *ipo;
{
ip_pool_node_t *c;
for (c = ipo->ipo_list; c != NULL; c = c->ipn_next)
printf("Node %p(%s) (%#x/%#x) = %d hits %lu\n",
c, c->ipn_name, c->ipn_addr.adf_addr.in4.s_addr,
c->ipn_mask.adf_addr.in4.s_addr,
c->ipn_info, c->ipn_hits);
}
#endif /* TEST_POOL */
/* ------------------------------------------------------------------------ */
/* Function: ip_pool_init */
/* Returns: int - 0 = success, else error */
/* */
/* Initialise the routing table data structures where required. */
/* ------------------------------------------------------------------------ */
int ip_pool_init()
{
bzero((char *)&ipoolstat, sizeof(ipoolstat));
ipf_rx_init(ipf_rx_create());
return 0;
}
/* ------------------------------------------------------------------------ */
/* Function: ip_pool_fini */
/* Returns: int - 0 = success, else error */
/* Locks: WRITE(ipf_global) */
/* */
/* Clean up all the pool data structures allocated and call the cleanup */
/* function for the radix tree that supports the pools. ip_pool_destroy() is*/
/* used to delete the pools one by one to ensure they're properly freed up. */
/* ------------------------------------------------------------------------ */
void ip_pool_fini()
{
ip_pool_t *p, *q;
int i;
for (i = 0; i <= IPL_LOGMAX; i++) {
for (q = ip_pool_list[i]; (p = q) != NULL; ) {
q = p->ipo_next;
(void) ip_pool_destroy(i, p->ipo_name);
}
}
}
/* ------------------------------------------------------------------------ */
/* Function: ip_pool_statistics */
/* Returns: int - 0 = success, else error */
/* Parameters: op(I) - pointer to lookup operation arguments */
/* */
/* Copy the current statistics out into user space, collecting pool list */
/* pointers as appropriate for later use. */
/* ------------------------------------------------------------------------ */
int ip_pool_statistics(op)
iplookupop_t *op;
{
ip_pool_stat_t stats;
int unit, i, err = 0;
if (op->iplo_size != sizeof(ipoolstat))
return EINVAL;
bcopy((char *)&ipoolstat, (char *)&stats, sizeof(stats));
unit = op->iplo_unit;
if (unit == IPL_LOGALL) {
for (i = 0; i < IPL_LOGSIZE; i++)
stats.ipls_list[i] = ip_pool_list[i];
} else if (unit >= 0 && unit < IPL_LOGSIZE) {
if (op->iplo_name[0] != '\0')
stats.ipls_list[unit] = ip_pool_exists(unit,
op->iplo_name);
else
stats.ipls_list[unit] = ip_pool_list[unit];
} else
err = EINVAL;
if (err == 0)
err = COPYOUT(&stats, op->iplo_struct, sizeof(stats));
return err;
}
/* ------------------------------------------------------------------------ */
/* Function: ip_pool_exists */
/* Returns: int - 0 = success, else error */
/* Parameters: ipo(I) - pointer to the pool getting the new node. */
/* */
/* Find a matching pool inside the collection of pools for a particular */
/* device, indicated by the unit number. */
/* ------------------------------------------------------------------------ */
static void *ip_pool_exists(unit, name)
int unit;
char *name;
{
ip_pool_t *p;
for (p = ip_pool_list[unit]; p != NULL; p = p->ipo_next)
if (strncmp(p->ipo_name, name, sizeof(p->ipo_name)) == 0)
break;
return p;
}
/* ------------------------------------------------------------------------ */
/* Function: ip_pool_find */
/* Returns: int - 0 = success, else error */
/* Parameters: ipo(I) - pointer to the pool getting the new node. */
/* */
/* Find a matching pool inside the collection of pools for a particular */
/* device, indicated by the unit number. If it is marked for deletion then */
/* pretend it does not exist. */
/* ------------------------------------------------------------------------ */
void *ip_pool_find(unit, name)
int unit;
char *name;
{
ip_pool_t *p;
p = ip_pool_exists(unit, name);
if ((p != NULL) && (p->ipo_flags & IPOOL_DELETE))
return NULL;
return p;
}
/* ------------------------------------------------------------------------ */
/* Function: ip_pool_findeq */
/* Returns: int - 0 = success, else error */
/* Parameters: ipo(I) - pointer to the pool getting the new node. */
/* addr(I) - pointer to address information to delete */
/* mask(I) - */
/* */
/* Searches for an exact match of an entry in the pool. */
/* ------------------------------------------------------------------------ */
ip_pool_node_t *ip_pool_findeq(ipo, addr, mask)
ip_pool_t *ipo;
addrfamily_t *addr, *mask;
{
ipf_rdx_node_t *n;
SPL_INT(s);
SPL_NET(s);
RADIX_NODE_HEAD_LOCK(ipo->ipo_head);
n = ipo->ipo_head->lookup(ipo->ipo_head, addr, mask);
RADIX_NODE_HEAD_UNLOCK(ipo->ipo_head);
SPL_X(s);
return (ip_pool_node_t *)n;
}
/* ------------------------------------------------------------------------ */
/* Function: ip_pool_search */
/* Returns: int - 0 == +ve match, -1 == error, 1 == -ve/no match */
/* Parameters: tptr(I) - pointer to the pool to search */
/* version(I) - IP protocol version (4 or 6) */
/* dptr(I) - pointer to address information */
/* */
/* Search the pool for a given address and return a search result. */
/* ------------------------------------------------------------------------ */
int ip_pool_search(tptr, ipversion, dptr)
void *tptr;
int ipversion;
void *dptr;
{
ipf_rdx_node_t *rn;
ip_pool_node_t *m;
i6addr_t *addr;
addrfamily_t v;
ip_pool_t *ipo;
int rv;
ipo = tptr;
if (ipo == NULL)
return -1;
rv = 1;
m = NULL;
addr = (i6addr_t *)dptr;
bzero(&v, sizeof(v));
v.adf_len = offsetof(addrfamily_t, adf_addr);
if (ipversion == 4) {
v.adf_len += sizeof(addr->in4);
v.adf_addr.in4 = addr->in4;
#ifdef USE_INET6
} else if (ipversion == 6) {
v.adf_len += sizeof(addr->in6);
v.adf_addr.in6 = addr->in6;
#endif
} else
return -1;
READ_ENTER(&ip_poolrw);
RADIX_NODE_HEAD_LOCK(ipo->ipo_head);
rn = ipo->ipo_head->matchaddr(ipo->ipo_head, &v);
RADIX_NODE_HEAD_UNLOCK(ipo->ipo_head);
if ((rn != NULL) && (rn->root == 0)) {
m = (ip_pool_node_t *)rn;
ipo->ipo_hits++;
m->ipn_hits++;
rv = m->ipn_info;
}
RWLOCK_EXIT(&ip_poolrw);
return rv;
}
/* ------------------------------------------------------------------------ */
/* Function: ip_pool_insert */
/* Returns: int - 0 = success, else error */
/* Parameters: ipo(I) - pointer to the pool getting the new node. */
/* addr(I) - address being added as a node */
/* mask(I) - netmask to with the node being added */
/* info(I) - extra information to store in this node. */
/* Locks: WRITE(ip_poolrw) */
/* */
/* Add another node to the pool given by ipo. The three parameters passed */
/* in (addr, mask, info) shold all be stored in the node. */
/* ------------------------------------------------------------------------ */
int ip_pool_insert(ipo, addr, mask, info)
ip_pool_t *ipo;
i6addr_t *addr, *mask;
int info;
{
ipf_rdx_node_t *rn;
ip_pool_node_t *x;
KMALLOC(x, ip_pool_node_t *);
if (x == NULL) {
return ENOMEM;
}
bzero(x, sizeof(*x));
x->ipn_info = info;
(void)strncpy(x->ipn_name, ipo->ipo_name, sizeof(x->ipn_name));
bcopy(addr, &x->ipn_addr.adf_addr, sizeof(*addr));
x->ipn_addr.adf_len = sizeof(x->ipn_addr);
bcopy(mask, &x->ipn_mask.adf_addr, sizeof(*mask));
x->ipn_mask.adf_len = sizeof(x->ipn_mask);
RADIX_NODE_HEAD_LOCK(ipo->ipo_head);
rn = ipo->ipo_head->addaddr(ipo->ipo_head, &x->ipn_addr, &x->ipn_mask,
x->ipn_nodes);
RADIX_NODE_HEAD_UNLOCK(ipo->ipo_head);
#ifdef DEBUG_POOL
printf("Added %p at %p\n", x, rn);
#endif
if (rn == NULL) {
KFREE(x);
return ENOMEM;
}
x->ipn_ref = 1;
x->ipn_next = ipo->ipo_list;
x->ipn_pnext = &ipo->ipo_list;
if (ipo->ipo_list != NULL)
ipo->ipo_list->ipn_pnext = &x->ipn_next;
ipo->ipo_list = x;
ipoolstat.ipls_nodes++;
return 0;
}
/* ------------------------------------------------------------------------ */
/* Function: ip_pool_create */
/* Returns: int - 0 = success, else error */
/* Parameters: op(I) - pointer to iplookup struct with call details */
/* Locks: WRITE(ip_poolrw) */
/* */
/* Creates a new group according to the paramters passed in via the */
/* iplookupop structure. Does not check to see if the group already exists */
/* when being inserted - assume this has already been done. If the pool is */
/* marked as being anonymous, give it a new, unique, identifier. Call any */
/* other functions required to initialise the structure. */
/* */
/* If the structure is flagged for deletion then reset the flag and return, */
/* as this likely means we've tried to free a pool that is in use (flush) */
/* and now want to repopulate it with "new" data. */
/* ------------------------------------------------------------------------ */
int ip_pool_create(op)
iplookupop_t *op;
{
char name[FR_GROUPLEN];
int poolnum, unit;
ip_pool_t *h;
unit = op->iplo_unit;
if ((op->iplo_arg & LOOKUP_ANON) == 0) {
h = ip_pool_exists(unit, op->iplo_name);
if (h != NULL) {
if ((h->ipo_flags & IPOOL_DELETE) == 0)
return EEXIST;
h->ipo_flags &= ~IPOOL_DELETE;
return 0;
}
}
KMALLOC(h, ip_pool_t *);
if (h == NULL)
return ENOMEM;
bzero(h, sizeof(*h));
if (ipf_rx_inithead(&h->ipo_head,
offsetof(addrfamily_t, adf_addr) << 3) != 0) {
KFREE(h);
return ENOMEM;
}
if ((op->iplo_arg & LOOKUP_ANON) != 0) {
ip_pool_t *p;
h->ipo_flags |= IPOOL_ANON;
poolnum = LOOKUP_ANON;
#if defined(SNPRINTF) && defined(_KERNEL)
SNPRINTF(name, sizeof(name), "%x", poolnum);
#else
(void)sprintf(name, "%x", poolnum);
#endif
for (p = ip_pool_list[unit]; p != NULL; ) {
if (strncmp(name, p->ipo_name,
sizeof(p->ipo_name)) == 0) {
poolnum++;
#if defined(SNPRINTF) && defined(_KERNEL)
SNPRINTF(name, sizeof(name), "%x", poolnum);
#else
(void)sprintf(name, "%x", poolnum);
#endif
p = ip_pool_list[unit];
} else
p = p->ipo_next;
}
(void)strncpy(h->ipo_name, name, sizeof(h->ipo_name));
(void)strncpy(op->iplo_name, name, sizeof(op->iplo_name));
} else {
(void)strncpy(h->ipo_name, op->iplo_name, sizeof(h->ipo_name));
}
h->ipo_ref = 1;
h->ipo_list = NULL;
h->ipo_unit = unit;
h->ipo_next = ip_pool_list[unit];
if (ip_pool_list[unit] != NULL)
ip_pool_list[unit]->ipo_pnext = &h->ipo_next;
h->ipo_pnext = &ip_pool_list[unit];
ip_pool_list[unit] = h;
ipoolstat.ipls_pools++;
return 0;
}
/* ------------------------------------------------------------------------ */
/* Function: ip_pool_remove */
/* Returns: int - 0 = success, else error */
/* Parameters: ipo(I) - pointer to the pool to remove the node from. */
/* ipe(I) - address being deleted as a node */
/* Locks: WRITE(ip_poolrw) */
/* */
/* Remove a node from the pool given by ipo. */
/* ------------------------------------------------------------------------ */
int ip_pool_remove(ipo, ipe)
ip_pool_t *ipo;
ip_pool_node_t *ipe;
{
if (ipe->ipn_pnext != NULL)
*ipe->ipn_pnext = ipe->ipn_next;
if (ipe->ipn_next != NULL)
ipe->ipn_next->ipn_pnext = ipe->ipn_pnext;
RADIX_NODE_HEAD_LOCK(ipo->ipo_head);
ipo->ipo_head->deladdr(ipo->ipo_head, &ipe->ipn_addr, &ipe->ipn_mask);
RADIX_NODE_HEAD_UNLOCK(ipo->ipo_head);
ip_pool_node_deref(ipe);
return 0;
}
/* ------------------------------------------------------------------------ */
/* Function: ip_pool_destroy */
/* Returns: int - 0 = success, else error */
/* Parameters: op(I) - information about the pool to remove */
/* Locks: WRITE(ip_poolrw) or WRITE(ipf_global) */
/* */
/* Search for a pool using paramters passed in and if it's not otherwise */
/* busy, free it. If it is busy, clear all of its nodes, mark it for being */
/* deleted and return an error saying it is busy. */
/* */
/* NOTE: Because this function is called out of ipfdetach() where ip_poolrw */
/* may not be initialised, we can't use an ASSERT to enforce the locking */
/* assertion that one of the two (ip_poolrw,ipf_global) is held. */
/* ------------------------------------------------------------------------ */
int ip_pool_destroy(unit, name)
int unit;
char *name;
{
ip_pool_t *ipo;
ipo = ip_pool_exists(unit, name);
if (ipo == NULL)
return ESRCH;
if (ipo->ipo_ref != 1) {
ip_pool_clearnodes(ipo);
ipo->ipo_flags |= IPOOL_DELETE;
return 0;
}
ip_pool_free(ipo);
return 0;
}
/* ------------------------------------------------------------------------ */
/* Function: ip_pool_flush */
/* Returns: int - number of pools deleted */
/* Parameters: fp(I) - which pool(s) to flush */
/* Locks: WRITE(ip_poolrw) or WRITE(ipf_global) */
/* */
/* Free all pools associated with the device that matches the unit number */
/* passed in with operation. */
/* */
/* NOTE: Because this function is called out of ipfdetach() where ip_poolrw */
/* may not be initialised, we can't use an ASSERT to enforce the locking */
/* assertion that one of the two (ip_poolrw,ipf_global) is held. */
/* ------------------------------------------------------------------------ */
int ip_pool_flush(fp)
iplookupflush_t *fp;
{
int i, num = 0, unit, err;
ip_pool_t *p, *q;
iplookupop_t op;
unit = fp->iplf_unit;
for (i = 0; i <= IPL_LOGMAX; i++) {
if (unit != IPLT_ALL && i != unit)
continue;
for (q = ip_pool_list[i]; (p = q) != NULL; ) {
op.iplo_unit = i;
(void)strncpy(op.iplo_name, p->ipo_name,
sizeof(op.iplo_name));
q = p->ipo_next;
err = ip_pool_destroy(op.iplo_unit, op.iplo_name);
if (err == 0)
num++;
else
break;
}
}
return num;
}
/* ------------------------------------------------------------------------ */
/* Function: ip_pool_free */
/* Returns: void */
/* Parameters: ipo(I) - pointer to pool structure */
/* Locks: WRITE(ip_poolrw) or WRITE(ipf_global) */
/* */
/* Deletes the pool strucutre passed in from the list of pools and deletes */
/* all of the address information stored in it, including any tree data */
/* structures also allocated. */
/* */
/* NOTE: Because this function is called out of ipfdetach() where ip_poolrw */
/* may not be initialised, we can't use an ASSERT to enforce the locking */
/* assertion that one of the two (ip_poolrw,ipf_global) is held. */
/* ------------------------------------------------------------------------ */
void ip_pool_free(ipo)
ip_pool_t *ipo;
{
ip_pool_clearnodes(ipo);
if (ipo->ipo_next != NULL)
ipo->ipo_next->ipo_pnext = ipo->ipo_pnext;
*ipo->ipo_pnext = ipo->ipo_next;
ipf_rx_freehead(ipo->ipo_head);
KFREE(ipo);
ipoolstat.ipls_pools--;
}
/* ------------------------------------------------------------------------ */
/* Function: ip_pool_clearnodes */
/* Returns: void */
/* Parameters: ipo(I) - pointer to pool structure */
/* Locks: WRITE(ip_poolrw) or WRITE(ipf_global) */
/* */
/* Deletes all nodes stored in a pool structure. */
/* ------------------------------------------------------------------------ */
static void ip_pool_clearnodes(ipo)
ip_pool_t *ipo;
{
ip_pool_node_t *n;
RADIX_NODE_HEAD_LOCK(ipo->ipo_head);
while ((n = ipo->ipo_list) != NULL) {
ipo->ipo_head->deladdr(ipo->ipo_head, &n->ipn_addr,
&n->ipn_mask);
*n->ipn_pnext = n->ipn_next;
if (n->ipn_next)
n->ipn_next->ipn_pnext = n->ipn_pnext;
KFREE(n);
ipoolstat.ipls_nodes--;
}
RADIX_NODE_HEAD_UNLOCK(ipo->ipo_head);
ipo->ipo_list = NULL;
}
/* ------------------------------------------------------------------------ */
/* Function: ip_pool_deref */
/* Returns: void */
/* Parameters: ipo(I) - pointer to pool structure */
/* Locks: WRITE(ip_poolrw) */
/* */
/* Drop the number of known references to this pool structure by one and if */
/* we arrive at zero known references, free it. */
/* ------------------------------------------------------------------------ */
void ip_pool_deref(ipo)
ip_pool_t *ipo;
{
ipo->ipo_ref--;
if (ipo->ipo_ref == 0)
ip_pool_free(ipo);
else if ((ipo->ipo_ref == 1) && (ipo->ipo_flags & IPOOL_DELETE))
ip_pool_destroy(ipo->ipo_unit, ipo->ipo_name);
}
/* ------------------------------------------------------------------------ */
/* Function: ip_pool_node_deref */
/* Returns: void */
/* Parameters: ipn(I) - pointer to pool structure */
/* Locks: WRITE(ip_poolrw) */
/* */
/* Drop a reference to the pool node passed in and if we're the last, free */
/* it all up and adjust the stats accordingly. */
/* ------------------------------------------------------------------------ */
void ip_pool_node_deref(ipn)
ip_pool_node_t *ipn;
{
ipn->ipn_ref--;
if (ipn->ipn_ref == 0) {
KFREE(ipn);
ipoolstat.ipls_nodes--;
}
}
/* ------------------------------------------------------------------------ */
/* Function: ip_pool_getnext */
/* Returns: void */
/* Parameters: token(I) - pointer to pool structure */
/* ilp(IO) - pointer to pool iterating structure */
/* */
/* ------------------------------------------------------------------------ */
int ip_pool_getnext(token, ilp)
ipftoken_t *token;
ipflookupiter_t *ilp;
{
ip_pool_node_t *node, zn, *nextnode;
ip_pool_t *ipo, zp, *nextipo;
int err;
err = 0;
node = NULL;
nextnode = NULL;
ipo = NULL;
nextipo = NULL;
READ_ENTER(&ip_poolrw);
/*
* Get "previous" entry from token. Find next entry to process,
* and add reference to it and update the token.
*/
switch (ilp->ili_otype)
{
case IPFLOOKUPITER_LIST :
ipo = token->ipt_data;
if (ipo == NULL) {
nextipo = ip_pool_list[(int)ilp->ili_unit];
} else {
nextipo = ipo->ipo_next;
}
if (nextipo != NULL) {
ATOMIC_INC(nextipo->ipo_ref);
token->ipt_data = nextipo;
} else {
bzero((char *)&zp, sizeof(zp));
nextipo = &zp;
token->ipt_data = NULL;
}
break;
case IPFLOOKUPITER_NODE :
node = token->ipt_data;
if (node == NULL) {
ipo = ip_pool_exists(ilp->ili_unit, ilp->ili_name);
if (ipo == NULL)
err = ESRCH;
else {
nextnode = ipo->ipo_list;
ipo = NULL;
}
} else {
nextnode = node->ipn_next;
}
if (nextnode != NULL) {
ATOMIC_INC(nextnode->ipn_ref);
token->ipt_data = nextnode;
} else {
bzero((char *)&zn, sizeof(zn));
nextnode = &zn;
token->ipt_data = NULL;
}
break;
default :
err = EINVAL;
break;
}
/*
* Now that we have ref, it's save to give up lock.
*/
RWLOCK_EXIT(&ip_poolrw);
if (err != 0)
return err;
/*
* Copy out the data and update the references and token as needed.
*/
switch (ilp->ili_otype)
{
case IPFLOOKUPITER_LIST :
err = COPYOUT(nextipo, ilp->ili_data, sizeof(*nextipo));
if (err != 0)
err = EFAULT;
if (token->ipt_data != NULL) {
if (ipo != NULL) {
WRITE_ENTER(&ip_poolrw);
ip_pool_deref(ipo);
RWLOCK_EXIT(&ip_poolrw);
}
if (nextipo->ipo_next == NULL)
token->ipt_data = NULL;
}
break;
case IPFLOOKUPITER_NODE :
err = COPYOUT(nextnode, ilp->ili_data, sizeof(*nextnode));
if (err != 0)
err = EFAULT;
if (token->ipt_data != NULL) {
if (node != NULL) {
WRITE_ENTER(&ip_poolrw);
ip_pool_node_deref(node);
RWLOCK_EXIT(&ip_poolrw);
}
if (nextnode->ipn_next == NULL)
token->ipt_data = NULL;
}
break;
}
return err;
}
/* ------------------------------------------------------------------------ */
/* Function: ip_pool_iterderef */
/* Returns: void */
/* Parameters: ipn(I) - pointer to pool structure */
/* Locks: WRITE(ip_poolrw) */
/* */
/* ------------------------------------------------------------------------ */
void ip_pool_iterderef(otype, unit, data)
u_int otype;
int unit;
void *data;
{
if (data == NULL)
return;
if (unit < 0 || unit > IPL_LOGMAX)
return;
switch (otype)
{
case IPFLOOKUPITER_LIST :
WRITE_ENTER(&ip_poolrw);
ip_pool_deref((ip_pool_t *)data);
RWLOCK_EXIT(&ip_poolrw);
break;
case IPFLOOKUPITER_NODE :
WRITE_ENTER(&ip_poolrw);
ip_pool_node_deref((ip_pool_node_t *)data);
RWLOCK_EXIT(&ip_poolrw);
break;
default :
break;
}
}
#endif /* IPFILTER_LOOKUP */