VirtualBox

Ticket #2885: VBoxNetFlt-linux.c

File VBoxNetFlt-linux.c, 35.5 KB (added by Aleksey Ilyushin, 16 years ago)

The latest and greatest version. It hopefully solves both OOPS issues: NULL derefernce and skb_over_panic.

Line 
1/* $Id: VBoxNetFlt-linux.c 41636 2009-01-15 21:22:17Z aleksey $ */
2/** @file
3 * VBoxNetFlt - Network Filter Driver (Host), Linux Specific Code.
4 */
5
6/*
7 * Copyright (C) 2006-2008 Sun Microsystems, Inc.
8 *
9 * This file is part of VirtualBox Open Source Edition (OSE), as
10 * available from http://www.virtualbox.org. This file is free software;
11 * you can redistribute it and/or modify it under the terms of the GNU
12 * General Public License (GPL) as published by the Free Software
13 * Foundation, in version 2 as it comes in the "COPYING" file of the
14 * VirtualBox OSE distribution. VirtualBox OSE is distributed in the
15 * hope that it will be useful, but WITHOUT ANY WARRANTY of any kind.
16 *
17 * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa
18 * Clara, CA 95054 USA or visit http://www.sun.com if you need
19 * additional information or have any questions.
20 */
21
22/*******************************************************************************
23* Header Files *
24*******************************************************************************/
25#include "the-linux-kernel.h"
26#include "version-generated.h"
27#include <linux/netdevice.h>
28#include <linux/etherdevice.h>
29#include <linux/rtnetlink.h>
30
31#define LOG_GROUP LOG_GROUP_NET_FLT_DRV
32#include <VBox/log.h>
33#include <VBox/err.h>
34#include <iprt/alloca.h>
35#include <iprt/assert.h>
36#include <iprt/spinlock.h>
37#include <iprt/semaphore.h>
38#include <iprt/initterm.h>
39#include <iprt/process.h>
40#include <iprt/mem.h>
41#include <iprt/log.h>
42#include <iprt/mp.h>
43#include <iprt/mem.h>
44#include <iprt/time.h>
45
46#define VBOXNETFLT_OS_SPECFIC 1
47#include "../VBoxNetFltInternal.h"
48
49#define VBOX_FLT_NB_TO_INST(pNB) ((PVBOXNETFLTINS)((uint8_t *)pNB - \
50 RT_OFFSETOF(VBOXNETFLTINS, u.s.Notifier)))
51#define VBOX_FLT_PT_TO_INST(pPT) ((PVBOXNETFLTINS)((uint8_t *)pPT - \
52 RT_OFFSETOF(VBOXNETFLTINS, u.s.PacketType)))
53#define VBOX_FLT_XT_TO_INST(pXT) ((PVBOXNETFLTINS)((uint8_t *)pXT - \
54 RT_OFFSETOF(VBOXNETFLTINS, u.s.XmitTask)))
55
56#define VBOX_GET_PCOUNT(pDev) (pDev->promiscuity)
57
58#if LINUX_VERSION_CODE >= KERNEL_VERSION(2, 6, 22)
59# define VBOX_SKB_RESET_NETWORK_HDR(skb) skb_reset_network_header(skb)
60# define VBOX_SKB_RESET_MAC_HDR(skb) skb_reset_mac_header(skb)
61#else /* LINUX_VERSION_CODE < KERNEL_VERSION(2, 6, 22) */
62# define VBOX_SKB_RESET_NETWORK_HDR(skb) skb->nh.raw = skb->data
63# define VBOX_SKB_RESET_MAC_HDR(skb) skb->mac.raw = skb->data
64#endif /* LINUX_VERSION_CODE < KERNEL_VERSION(2, 6, 22) */
65
66#if LINUX_VERSION_CODE >= KERNEL_VERSION(2, 6, 19)
67# define VBOX_SKB_CHECKSUM_HELP(skb) skb_checksum_help(skb)
68#else /* LINUX_VERSION_CODE < KERNEL_VERSION(2, 6, 19) */
69# define CHECKSUM_PARTIAL CHECKSUM_HW
70# if LINUX_VERSION_CODE >= KERNEL_VERSION(2, 6, 10)
71# define VBOX_SKB_CHECKSUM_HELP(skb) skb_checksum_help(skb, 0)
72# else /* LINUX_VERSION_CODE < KERNEL_VERSION(2, 6, 10) */
73# if LINUX_VERSION_CODE >= KERNEL_VERSION(2, 6, 7)
74# define VBOX_SKB_CHECKSUM_HELP(skb) skb_checksum_help(&skb, 0)
75# else /* LINUX_VERSION_CODE < KERNEL_VERSION(2, 6, 7) */
76# define VBOX_SKB_CHECKSUM_HELP(skb) (!skb_checksum_help(skb))
77# endif /* LINUX_VERSION_CODE < KERNEL_VERSION(2, 6, 7) */
78# endif /* LINUX_VERSION_CODE < KERNEL_VERSION(2, 6, 10) */
79#endif /* LINUX_VERSION_CODE < KERNEL_VERSION(2, 6, 19) */
80
81#if LINUX_VERSION_CODE >= KERNEL_VERSION(2, 6, 18)
82# define VBOX_SKB_IS_GSO(skb) skb_is_gso(skb)
83 /* No features, very dumb device */
84# define VBOX_SKB_GSO_SEGMENT(skb) skb_gso_segment(skb, 0)
85#else /* LINUX_VERSION_CODE < KERNEL_VERSION(2, 6, 18) */
86# define VBOX_SKB_IS_GSO(skb) false
87# define VBOX_SKB_GSO_SEGMENT(skb) NULL
88#endif /* LINUX_VERSION_CODE < KERNEL_VERSION(2, 6, 18) */
89
90#ifndef NET_IP_ALIGN
91# define NET_IP_ALIGN 2
92#endif
93
94#if LINUX_VERSION_CODE < KERNEL_VERSION(2, 6, 12)
95unsigned dev_get_flags(const struct net_device *dev)
96{
97 unsigned flags;
98
99 flags = (dev->flags & ~(IFF_PROMISC |
100 IFF_ALLMULTI |
101 IFF_RUNNING)) |
102 (dev->gflags & (IFF_PROMISC |
103 IFF_ALLMULTI));
104
105 if (netif_running(dev) && netif_carrier_ok(dev))
106 flags |= IFF_RUNNING;
107
108 return flags;
109}
110#endif /* LINUX_VERSION_CODE < KERNEL_VERSION(2, 6, 12) */
111
112/*******************************************************************************
113* Internal Functions *
114*******************************************************************************/
115static int VBoxNetFltLinuxInit(void);
116static void VBoxNetFltLinuxUnload(void);
117
118
119/*******************************************************************************
120* Global Variables *
121*******************************************************************************/
122/**
123 * The (common) global data.
124 */
125static VBOXNETFLTGLOBALS g_VBoxNetFltGlobals;
126
127module_init(VBoxNetFltLinuxInit);
128module_exit(VBoxNetFltLinuxUnload);
129
130MODULE_AUTHOR("Sun Microsystems, Inc.");
131MODULE_DESCRIPTION("VirtualBox Network Filter Driver");
132MODULE_LICENSE("GPL");
133#ifdef MODULE_VERSION
134# define xstr(s) str(s)
135# define str(s) #s
136MODULE_VERSION(VBOX_VERSION_STRING " (" xstr(INTNETTRUNKIFPORT_VERSION) ")");
137#endif
138
139/**
140 * The (common) global data.
141 */
142static VBOXNETFLTGLOBALS g_VBoxNetFltGlobals;
143
144
145/**
146 * Initialize module.
147 *
148 * @returns appropriate status code.
149 */
150static int __init VBoxNetFltLinuxInit(void)
151{
152 int rc;
153 Log(("VBoxNetFltLinuxInit\n"));
154
155 /*
156 * Initialize IPRT.
157 */
158 rc = RTR0Init(0);
159 if (RT_SUCCESS(rc))
160 {
161 /*
162 * Initialize the globals and connect to the support driver.
163 *
164 * This will call back vboxNetFltOsOpenSupDrv (and maybe vboxNetFltOsCloseSupDrv)
165 * for establishing the connect to the support driver.
166 */
167 memset(&g_VBoxNetFltGlobals, 0, sizeof(g_VBoxNetFltGlobals));
168 rc = vboxNetFltInitGlobals(&g_VBoxNetFltGlobals);
169 if (RT_SUCCESS(rc))
170 {
171 LogRel(("VBoxNetFlt: Successfully started.\n"));
172 return 0;
173 }
174
175 LogRel(("VBoxNetFlt: failed to initialize device extension (rc=%d)\n", rc));
176 RTR0Term();
177 }
178 else
179 LogRel(("VBoxNetFlt: failed to initialize IPRT (rc=%d)\n", rc));
180
181 memset(&g_VBoxNetFltGlobals, 0, sizeof(g_VBoxNetFltGlobals));
182 return -RTErrConvertToErrno(rc);
183}
184
185
186/**
187 * Unload the module.
188 *
189 * @todo We have to prevent this if we're busy!
190 */
191static void __exit VBoxNetFltLinuxUnload(void)
192{
193 int rc;
194 Log(("VBoxNetFltLinuxUnload\n"));
195 Assert(vboxNetFltCanUnload(&g_VBoxNetFltGlobals));
196
197 /*
198 * Undo the work done during start (in reverse order).
199 */
200 rc = vboxNetFltTryDeleteGlobals(&g_VBoxNetFltGlobals);
201 AssertRC(rc); NOREF(rc);
202
203 RTR0Term();
204
205 memset(&g_VBoxNetFltGlobals, 0, sizeof(g_VBoxNetFltGlobals));
206
207 Log(("VBoxNetFltLinuxUnload - done\n"));
208}
209
210
211/**
212 * Reads and retains the host interface handle.
213 *
214 * @returns The handle, NULL if detached.
215 * @param pThis
216 */
217DECLINLINE(struct net_device *) vboxNetFltLinuxRetainNetDev(PVBOXNETFLTINS pThis)
218{
219#if 0
220 RTSPINLOCKTMP Tmp = RTSPINLOCKTMP_INITIALIZER;
221 struct net_device *pDev = NULL;
222
223 Log(("vboxNetFltLinuxRetainNetDev\n"));
224 /*
225 * Be careful here to avoid problems racing the detached callback.
226 */
227 RTSpinlockAcquire(pThis->hSpinlock, &Tmp);
228 if (!ASMAtomicUoReadBool(&pThis->fDisconnectedFromHost))
229 {
230 pDev = (struct net_device *)ASMAtomicUoReadPtr((void * volatile *)&pThis->u.s.pDev);
231 if (pDev)
232 {
233 dev_hold(pDev);
234 Log(("vboxNetFltLinuxRetainNetDev: Device %p(%s) retained. ref=%d\n", pDev, pDev->name, atomic_read(&pDev->refcnt)));
235 }
236 }
237 RTSpinlockRelease(pThis->hSpinlock, &Tmp);
238
239 Log(("vboxNetFltLinuxRetainNetDev - done\n"));
240 return pDev;
241#else
242 return (struct net_device *)ASMAtomicUoReadPtr((void * volatile *)&pThis->u.s.pDev);
243#endif
244}
245
246
247/**
248 * Release the host interface handle previously retained
249 * by vboxNetFltLinuxRetainNetDev.
250 *
251 * @param pThis The instance.
252 * @param pDev The vboxNetFltLinuxRetainNetDev
253 * return value, NULL is fine.
254 */
255DECLINLINE(void) vboxNetFltLinuxReleaseNetDev(PVBOXNETFLTINS pThis, struct net_device *pDev)
256{
257#if 0
258 Log(("vboxNetFltLinuxReleaseNetDev\n"));
259 NOREF(pThis);
260 if (pDev)
261 {
262 dev_put(pDev);
263 Log(("vboxNetFltLinuxReleaseNetDev: Device %p(%s) released. ref=%d\n", pDev, pDev->name, atomic_read(&pDev->refcnt)));
264 }
265 Log(("vboxNetFltLinuxReleaseNetDev - done\n"));
266#endif
267}
268
269#define VBOXNETFLT_CB_TAG 0xA1C9D7C3
270#define VBOXNETFLT_SKB_CB(skb) (*(uint32_t*)&((skb)->cb[0]))
271
272/**
273 * Checks whether this is an mbuf created by vboxNetFltLinuxMBufFromSG,
274 * i.e. a buffer which we're pushing and should be ignored by the filter callbacks.
275 *
276 * @returns true / false accordingly.
277 * @param pBuf The sk_buff.
278 */
279DECLINLINE(bool) vboxNetFltLinuxSkBufIsOur(struct sk_buff *pBuf)
280{
281 return VBOXNETFLT_SKB_CB(pBuf) == VBOXNETFLT_CB_TAG ;
282}
283
284
285/**
286 * Internal worker that create a linux sk_buff for a
287 * (scatter/)gather list.
288 *
289 * @returns Pointer to the sk_buff.
290 * @param pThis The instance.
291 * @param pSG The (scatter/)gather list.
292 */
293static struct sk_buff *vboxNetFltLinuxSkBufFromSG(PVBOXNETFLTINS pThis, PINTNETSG pSG, bool fDstWire)
294{
295 struct sk_buff *pPkt;
296 struct net_device *pDev;
297 /*
298 * Because we're lazy, we will ASSUME that all SGs coming from INTNET
299 * will only contain one single segment.
300 */
301 if (pSG->cSegsUsed != 1 || pSG->cbTotal != pSG->aSegs[0].cb)
302 {
303 LogRel(("VBoxNetFlt: Dropped multi-segment(%d) packet coming from internal network.\n", pSG->cSegsUsed));
304 return NULL;
305 }
306 if (pSG->cbTotal == 0)
307 {
308 LogRel(("VBoxNetFlt: Dropped empty packet coming from internal network.\n"));
309 return NULL;
310 }
311
312 /*
313 * Allocate a packet and copy over the data.
314 *
315 */
316 pDev = (struct net_device *)ASMAtomicUoReadPtr((void * volatile *)&pThis->u.s.pDev);
317 pPkt = dev_alloc_skb(pSG->cbTotal + NET_IP_ALIGN);
318 if (pPkt)
319 {
320 pPkt->dev = pDev;
321 /* Align IP header on 16-byte boundary: 2 + 14 (ethernet hdr size). */
322 skb_reserve(pPkt, NET_IP_ALIGN);
323 skb_put(pPkt, pSG->cbTotal);
324 memcpy(pPkt->data, pSG->aSegs[0].pv, pSG->cbTotal);
325 /* Set protocol and packet_type fields. */
326 pPkt->protocol = eth_type_trans(pPkt, pDev);
327 pPkt->ip_summed = CHECKSUM_NONE;
328 if (fDstWire)
329 {
330 VBOX_SKB_RESET_NETWORK_HDR(pPkt);
331 /* Restore ethernet header back. */
332 skb_push(pPkt, ETH_HLEN);
333 VBOX_SKB_RESET_MAC_HDR(pPkt);
334 }
335 VBOXNETFLT_SKB_CB(pPkt) = VBOXNETFLT_CB_TAG;
336
337 return pPkt;
338 }
339 else
340 Log(("vboxNetFltLinuxSkBufFromSG: Failed to allocate sk_buff(%u).\n", pSG->cbTotal));
341 pSG->pvUserData = NULL;
342
343 return NULL;
344}
345
346
347/**
348 * Initializes a SG list from an sk_buff.
349 *
350 * @returns Number of segments.
351 * @param pThis The instance.
352 * @param pBuf The sk_buff.
353 * @param pSG The SG.
354 * @param pvFrame The frame pointer, optional.
355 * @param cSegs The number of segments allocated for the SG.
356 * This should match the number in the mbuf exactly!
357 * @param fSrc The source of the frame.
358 */
359DECLINLINE(void) vboxNetFltLinuxSkBufToSG(PVBOXNETFLTINS pThis, struct sk_buff *pBuf, PINTNETSG pSG, unsigned cSegs, uint32_t fSrc)
360{
361 int i;
362 NOREF(pThis);
363
364 Assert(!skb_shinfo(pBuf)->frag_list);
365 pSG->pvOwnerData = NULL;
366 pSG->pvUserData = NULL;
367 pSG->pvUserData2 = NULL;
368 pSG->cUsers = 1;
369 pSG->fFlags = INTNETSG_FLAGS_TEMP;
370 pSG->cSegsAlloc = cSegs;
371
372 if (fSrc & INTNETTRUNKDIR_WIRE)
373 {
374 /*
375 * The packet came from wire, ethernet header was removed by device driver.
376 * Restore it.
377 */
378 skb_push(pBuf, ETH_HLEN);
379 }
380 pSG->cbTotal = pBuf->len;
381#ifdef VBOXNETFLT_SG_SUPPORT
382 pSG->aSegs[0].cb = skb_headlen(pBuf);
383 pSG->aSegs[0].pv = pBuf->data;
384 pSG->aSegs[0].Phys = NIL_RTHCPHYS;
385
386 for (i = 0; i < skb_shinfo(pBuf)->nr_frags; i++)
387 {
388 skb_frag_t *pFrag = &skb_shinfo(pBuf)->frags[i];
389 pSG->aSegs[i+1].cb = pFrag->size;
390 pSG->aSegs[i+1].pv = kmap(pFrag->page);
391 printk("%p = kmap()\n", pSG->aSegs[i+1].pv);
392 pSG->aSegs[i+1].Phys = NIL_RTHCPHYS;
393 }
394 pSG->cSegsUsed = ++i;
395#else
396 pSG->aSegs[0].cb = pBuf->len;
397 pSG->aSegs[0].pv = pBuf->data;
398 pSG->aSegs[0].Phys = NIL_RTHCPHYS;
399 pSG->cSegsUsed = i = 1;
400#endif
401
402
403#ifdef PADD_RUNT_FRAMES_FROM_HOST
404 /*
405 * Add a trailer if the frame is too small.
406 *
407 * Since we're getting to the packet before it is framed, it has not
408 * yet been padded. The current solution is to add a segment pointing
409 * to a buffer containing all zeros and pray that works for all frames...
410 */
411 if (pSG->cbTotal < 60 && (fSrc & INTNETTRUNKDIR_HOST))
412 {
413 static uint8_t const s_abZero[128] = {0};
414
415 AssertReturnVoid(i < cSegs);
416
417 pSG->aSegs[i].Phys = NIL_RTHCPHYS;
418 pSG->aSegs[i].pv = (void *)&s_abZero[0];
419 pSG->aSegs[i].cb = 60 - pSG->cbTotal;
420 pSG->cbTotal = 60;
421 pSG->cSegsUsed++;
422 }
423#endif
424 Log2(("vboxNetFltLinuxSkBufToSG: allocated=%d, segments=%d frags=%d next=%p frag_list=%p pkt_type=%x fSrc=%x\n",
425 pSG->cSegsAlloc, pSG->cSegsUsed, skb_shinfo(pBuf)->nr_frags, pBuf->next, skb_shinfo(pBuf)->frag_list, pBuf->pkt_type, fSrc));
426 for (i = 0; i < pSG->cSegsUsed; i++)
427 Log2(("vboxNetFltLinuxSkBufToSG: #%d: cb=%d pv=%p\n",
428 i, pSG->aSegs[i].cb, pSG->aSegs[i].pv));
429}
430
431/**
432 * Packet handler,
433 *
434 * @returns 0 or EJUSTRETURN.
435 * @param pThis The instance.
436 * @param pMBuf The mbuf.
437 * @param pvFrame The start of the frame, optional.
438 * @param fSrc Where the packet (allegedly) comes from, one INTNETTRUNKDIR_* value.
439 * @param eProtocol The protocol.
440 */
441#if LINUX_VERSION_CODE >= KERNEL_VERSION(2, 6, 14)
442static int vboxNetFltLinuxPacketHandler(struct sk_buff *pBuf,
443 struct net_device *pSkbDev,
444 struct packet_type *pPacketType,
445 struct net_device *pOrigDev)
446#else
447static int vboxNetFltLinuxPacketHandler(struct sk_buff *pBuf,
448 struct net_device *pSkbDev,
449 struct packet_type *pPacketType)
450#endif
451{
452 PVBOXNETFLTINS pThis;
453 struct net_device *pDev;
454#if LINUX_VERSION_CODE >= KERNEL_VERSION(2, 6, 14)
455 Log2(("vboxNetFltLinuxPacketHandler: pBuf=%p pSkbDev=%p pPacketType=%p pOrigDev=%p\n",
456 pBuf, pSkbDev, pPacketType, pOrigDev));
457#else
458 Log2(("vboxNetFltLinuxPacketHandler: pBuf=%p pSkbDev=%p pPacketType=%p\n",
459 pBuf, pSkbDev, pPacketType));
460#endif
461 /*
462 * Drop it immediately?
463 */
464 if (!pBuf)
465 return 0;
466 pThis = VBOX_FLT_PT_TO_INST(pPacketType);
467 pDev = (struct net_device *)ASMAtomicUoReadPtr((void * volatile *)&pThis->u.s.pDev);
468 if (pThis->u.s.pDev != pSkbDev)
469 {
470 Log(("vboxNetFltLinuxPacketHandler: Devices do not match, pThis may be wrong! pThis=%p\n", pThis));
471 return 0;
472 }
473
474 if (vboxNetFltLinuxSkBufIsOur(pBuf))
475 {
476 dev_kfree_skb(pBuf);
477 return 0;
478 }
479
480#ifndef VBOXNETFLT_SG_SUPPORT
481 {
482 /*
483 * Get rid of fragmented packets, they cause too much trouble.
484 */
485 struct sk_buff *pCopy = skb_copy(pBuf, GFP_ATOMIC);
486 kfree_skb(pBuf);
487 if (!pCopy)
488 {
489 LogRel(("VBoxNetFlt: Failed to allocate packet buffer, dropping the packet.\n"));
490 return 0;
491 }
492 pBuf = pCopy;
493 }
494#endif
495
496 /* Add the packet to transmit queue and schedule the bottom half. */
497 skb_queue_tail(&pThis->u.s.XmitQueue, pBuf);
498 schedule_work(&pThis->u.s.XmitTask);
499 Log2(("vboxNetFltLinuxPacketHandler: scheduled work %p for sk_buff %p\n",
500 &pThis->u.s.XmitTask, pBuf));
501 /* It does not really matter what we return, it is ignored by the kernel. */
502 return 0;
503}
504
505static unsigned vboxNetFltLinuxSGSegments(PVBOXNETFLTINS pThis, struct sk_buff *pBuf)
506{
507#ifdef VBOXNETFLT_SG_SUPPORT
508 unsigned cSegs = 1 + skb_shinfo(pBuf)->nr_frags;
509#else
510 unsigned cSegs = 1;
511#endif
512#ifdef PADD_RUNT_FRAMES_FROM_HOST
513 /*
514 * Add a trailer if the frame is too small.
515 */
516 if (pBuf->len < 60)
517 cSegs++;
518#endif
519 return cSegs;
520}
521
522/* WARNING! This function should only be called after vboxNetFltLinuxSkBufToSG()! */
523static void vboxNetFltLinuxFreeSkBuff(struct sk_buff *pBuf, PINTNETSG pSG)
524{
525#ifdef VBOXNETFLT_SG_SUPPORT
526 int i;
527
528 for (i = 0; i < skb_shinfo(pBuf)->nr_frags; i++)
529 {
530 printk("kunmap(%p)\n", pSG->aSegs[i+1].pv);
531 kunmap(pSG->aSegs[i+1].pv);
532 }
533#endif
534
535 dev_kfree_skb(pBuf);
536}
537
538static int vboxNetFltLinuxForwardSegment(PVBOXNETFLTINS pThis, struct sk_buff *pBuf, uint32_t fSrc)
539{
540 unsigned cSegs = vboxNetFltLinuxSGSegments(pThis, pBuf);
541 if (cSegs < MAX_SKB_FRAGS)
542 {
543 uint8_t *pTmp;
544 PINTNETSG pSG = (PINTNETSG)alloca(RT_OFFSETOF(INTNETSG, aSegs[cSegs]));
545 if (!pSG)
546 {
547 Log(("VBoxNetFlt: Failed to allocate SG buffer.\n"));
548 return VERR_NO_MEMORY;
549 }
550 vboxNetFltLinuxSkBufToSG(pThis, pBuf, pSG, cSegs, fSrc);
551
552 pTmp = pSG->aSegs[0].pv;
553 Log(("VBoxNetFlt: (int)%02x:%02x:%02x:%02x:%02x:%02x"
554 " <-- (%s)%02x:%02x:%02x:%02x:%02x:%02x (%u bytes)\n",
555 pTmp[0], pTmp[1], pTmp[2], pTmp[3], pTmp[4], pTmp[5],
556 (fSrc & INTNETTRUNKDIR_HOST) ? "host" : "wire",
557 pTmp[6], pTmp[7], pTmp[8], pTmp[9], pTmp[10], pTmp[11],
558 pSG->cbTotal));
559 pThis->pSwitchPort->pfnRecv(pThis->pSwitchPort, pSG, fSrc);
560 Log2(("VBoxNetFlt: Dropping the sk_buff.\n"));
561 vboxNetFltLinuxFreeSkBuff(pBuf, pSG);
562 }
563
564 return VINF_SUCCESS;
565}
566
567static void vboxNetFltLinuxForwardToIntNet(PVBOXNETFLTINS pThis, struct sk_buff *pBuf)
568{
569 uint32_t fSrc = pBuf->pkt_type == PACKET_OUTGOING ? INTNETTRUNKDIR_HOST : INTNETTRUNKDIR_WIRE;
570
571 if (VBOX_SKB_IS_GSO(pBuf))
572 {
573 /* Need to segment the packet */
574 struct sk_buff *pNext, *pSegment;
575 //Log2(("vboxNetFltLinuxForwardToIntNet: cb=%u gso_size=%u gso_segs=%u gso_type=%u\n",
576 // pBuf->len, skb_shinfo(pBuf)->gso_size, skb_shinfo(pBuf)->gso_segs, skb_shinfo(pBuf)->gso_type));
577
578 for (pSegment = VBOX_SKB_GSO_SEGMENT(pBuf); pSegment; pSegment = pNext)
579 {
580 pNext = pSegment->next;
581 pSegment->next = 0;
582 vboxNetFltLinuxForwardSegment(pThis, pSegment, fSrc);
583 }
584 dev_kfree_skb(pBuf);
585 }
586 else
587 {
588 if (pBuf->ip_summed == CHECKSUM_PARTIAL)
589 if (VBOX_SKB_CHECKSUM_HELP(pBuf))
590 {
591 LogRel(("VBoxNetFlt: Failed to compute checksum, dropping the packet.\n"));
592 dev_kfree_skb(pBuf);
593 return;
594 }
595 vboxNetFltLinuxForwardSegment(pThis, pBuf, fSrc);
596 }
597 /*
598 * Create a (scatter/)gather list for the sk_buff and feed it to the internal network.
599 */
600}
601
602#if LINUX_VERSION_CODE >= KERNEL_VERSION(2, 6, 20)
603static void vboxNetFltLinuxXmitTask(struct work_struct *pWork)
604#else
605static void vboxNetFltLinuxXmitTask(void *pWork)
606#endif
607{
608 struct sk_buff *pBuf;
609 bool fActive;
610 PVBOXNETFLTINS pThis;
611 RTSPINLOCKTMP Tmp = RTSPINLOCKTMP_INITIALIZER;
612
613 Log2(("vboxNetFltLinuxXmitTask: Got work %p.\n", pWork));
614 pThis = VBOX_FLT_XT_TO_INST(pWork);
615 /*
616 * Active? Retain the instance and increment the busy counter.
617 */
618 RTSpinlockAcquire(pThis->hSpinlock, &Tmp);
619 fActive = ASMAtomicUoReadBool(&pThis->fActive);
620 if (fActive)
621 vboxNetFltRetain(pThis, true /* fBusy */);
622 RTSpinlockRelease(pThis->hSpinlock, &Tmp);
623 if (!fActive)
624 return;
625
626 while ((pBuf = skb_dequeue(&pThis->u.s.XmitQueue)) != 0)
627 vboxNetFltLinuxForwardToIntNet(pThis, pBuf);
628
629 vboxNetFltRelease(pThis, true /* fBusy */);
630}
631
632/**
633 * Internal worker for vboxNetFltOsInitInstance and vboxNetFltOsMaybeRediscovered.
634 *
635 * @returns VBox status code.
636 * @param pThis The instance.
637 * @param fRediscovery If set we're doing a rediscovery attempt, so, don't
638 * flood the release log.
639 */
640static int vboxNetFltLinuxAttachToInterface(PVBOXNETFLTINS pThis, struct net_device *pDev)
641{
642 struct packet_type *pt;
643 RTSPINLOCKTMP Tmp = RTSPINLOCKTMP_INITIALIZER;
644
645 LogFlow(("vboxNetFltLinuxAttachToInterface: pThis=%p (%s)\n", pThis, pThis->szName));
646
647 if (!pDev)
648 {
649 Log(("VBoxNetFlt: failed to find device '%s'\n", pThis->szName));
650 return VERR_INTNET_FLT_IF_NOT_FOUND;
651 }
652
653 dev_hold(pDev);
654 RTSpinlockAcquire(pThis->hSpinlock, &Tmp);
655 ASMAtomicUoWritePtr((void * volatile *)&pThis->u.s.pDev, pDev);
656 RTSpinlockRelease(pThis->hSpinlock, &Tmp);
657
658 Log(("vboxNetFltLinuxAttachToInterface: Device %p(%s) retained. ref=%d\n", pDev, pDev->name, atomic_read(&pDev->refcnt)));
659 Log(("vboxNetFltLinuxAttachToInterface: Got pDev=%p pThis=%p pThis->u.s.pDev=%p\n", pDev, pThis, ASMAtomicUoReadPtr((void * volatile *)&pThis->u.s.pDev)));
660 /*
661 * Get the mac address while we still have a valid ifnet reference.
662 */
663 memcpy(&pThis->u.s.Mac, pDev->dev_addr, sizeof(pThis->u.s.Mac));
664
665 pt = &pThis->u.s.PacketType;
666 pt->type = __constant_htons(ETH_P_ALL);
667 pt->dev = pDev;
668 pt->func = vboxNetFltLinuxPacketHandler;
669 dev_add_pack(pt);
670 RTSpinlockAcquire(pThis->hSpinlock, &Tmp);
671 pDev = (struct net_device *)ASMAtomicUoReadPtr((void * volatile *)&pThis->u.s.pDev);
672 if (pDev)
673 {
674 ASMAtomicUoWriteBool(&pThis->fDisconnectedFromHost, false);
675 ASMAtomicUoWriteBool(&pThis->u.s.fRegistered, true);
676 pDev = NULL; /* don't dereference it */
677 }
678 RTSpinlockRelease(pThis->hSpinlock, &Tmp);
679 Log(("vboxNetFltLinuxAttachToInterface: this=%p: Packet handler installed.\n", pThis));
680
681 /* Release the interface on failure. */
682 if (pDev)
683 {
684 RTSpinlockAcquire(pThis->hSpinlock, &Tmp);
685 ASMAtomicUoWritePtr((void * volatile *)&pThis->u.s.pDev, NULL);
686 RTSpinlockRelease(pThis->hSpinlock, &Tmp);
687 dev_put(pDev);
688 Log(("vboxNetFltLinuxAttachToInterface: Device %p(%s) released. ref=%d\n", pDev, pDev->name, atomic_read(&pDev->refcnt)));
689 }
690
691 LogRel(("VBoxNetFlt: attached to '%s' / %.*Rhxs\n", pThis->szName, sizeof(pThis->u.s.Mac), &pThis->u.s.Mac));
692 return VINF_SUCCESS;
693}
694
695
696static int vboxNetFltLinuxUnregisterDevice(PVBOXNETFLTINS pThis, struct net_device *pDev)
697{
698 RTSPINLOCKTMP Tmp = RTSPINLOCKTMP_INITIALIZER;
699
700 Assert(!pThis->fDisconnectedFromHost);
701 RTSpinlockAcquire(pThis->hSpinlock, &Tmp);
702 ASMAtomicWriteBool(&pThis->u.s.fRegistered, false);
703 ASMAtomicWriteBool(&pThis->fDisconnectedFromHost, true);
704 ASMAtomicUoWritePtr((void * volatile *)&pThis->u.s.pDev, NULL);
705 RTSpinlockRelease(pThis->hSpinlock, &Tmp);
706
707 dev_remove_pack(&pThis->u.s.PacketType);
708 skb_queue_purge(&pThis->u.s.XmitQueue);
709 Log(("vboxNetFltLinuxUnregisterDevice: this=%p: Packet handler removed, xmit queue purged.\n", pThis));
710 Log(("vboxNetFltLinuxUnregisterDevice: Device %p(%s) released. ref=%d\n", pDev, pDev->name, atomic_read(&pDev->refcnt)));
711 dev_put(pDev);
712
713 return NOTIFY_OK;
714}
715
716static int vboxNetFltLinuxDeviceIsUp(PVBOXNETFLTINS pThis, struct net_device *pDev)
717{
718 /* Check if we are not suspended and promiscuous mode has not been set. */
719 if (ASMAtomicUoReadBool(&pThis->fActive) && !ASMAtomicUoReadBool(&pThis->u.s.fPromiscuousSet))
720 {
721 /* Note that there is no need for locking as the kernel got hold of the lock already. */
722 dev_set_promiscuity(pDev, 1);
723 ASMAtomicWriteBool(&pThis->u.s.fPromiscuousSet, true);
724 Log(("vboxNetFltLinuxDeviceIsUp: enabled promiscuous mode on %s (%d)\n", pThis->szName, VBOX_GET_PCOUNT(pDev)));
725 }
726 else
727 Log(("vboxNetFltLinuxDeviceIsUp: no need to enable promiscuous mode on %s (%d)\n", pThis->szName, VBOX_GET_PCOUNT(pDev)));
728 return NOTIFY_OK;
729}
730
731static int vboxNetFltLinuxDeviceGoingDown(PVBOXNETFLTINS pThis, struct net_device *pDev)
732{
733 /* Undo promiscuous mode if we has set it. */
734 if (ASMAtomicUoReadBool(&pThis->u.s.fPromiscuousSet))
735 {
736 /* Note that there is no need for locking as the kernel got hold of the lock already. */
737 dev_set_promiscuity(pDev, -1);
738 ASMAtomicWriteBool(&pThis->u.s.fPromiscuousSet, false);
739 Log(("vboxNetFltLinuxDeviceGoingDown: disabled promiscuous mode on %s (%d)\n", pThis->szName, VBOX_GET_PCOUNT(pDev)));
740 }
741 else
742 Log(("vboxNetFltLinuxDeviceGoingDown: no need to disable promiscuous mode on %s (%d)\n", pThis->szName, VBOX_GET_PCOUNT(pDev)));
743 return NOTIFY_OK;
744}
745
746static int vboxNetFltLinuxNotifierCallback(struct notifier_block *self, unsigned long ulEventType, void *ptr)
747
748{
749 int rc = NOTIFY_OK;
750#ifdef DEBUG
751 char *pszEvent = "<unknown>";
752#endif
753 struct net_device *pDev = (struct net_device *)ptr;
754 PVBOXNETFLTINS pThis = VBOX_FLT_NB_TO_INST(self);
755
756#ifdef DEBUG
757 switch (ulEventType)
758 {
759 case NETDEV_REGISTER: pszEvent = "NETDEV_REGISTER"; break;
760 case NETDEV_UNREGISTER: pszEvent = "NETDEV_UNREGISTER"; break;
761 case NETDEV_UP: pszEvent = "NETDEV_UP"; break;
762 case NETDEV_DOWN: pszEvent = "NETDEV_DOWN"; break;
763 case NETDEV_REBOOT: pszEvent = "NETDEV_REBOOT"; break;
764 case NETDEV_CHANGENAME: pszEvent = "NETDEV_CHANGENAME"; break;
765 case NETDEV_CHANGE: pszEvent = "NETDEV_CHANGE"; break;
766 case NETDEV_CHANGEMTU: pszEvent = "NETDEV_CHANGEMTU"; break;
767 case NETDEV_CHANGEADDR: pszEvent = "NETDEV_CHANGEADDR"; break;
768 case NETDEV_GOING_DOWN: pszEvent = "NETDEV_GOING_DOWN"; break;
769 }
770 Log(("VBoxNetFlt: got event %s(0x%lx) on %s, pDev=%p pThis=%p pThis->u.s.pDev=%p\n",
771 pszEvent, ulEventType, pDev->name, pDev, pThis, ASMAtomicUoReadPtr((void * volatile *)&pThis->u.s.pDev)));
772#endif
773 if (ulEventType == NETDEV_REGISTER && !strcmp(pDev->name, pThis->szName))
774 {
775 vboxNetFltLinuxAttachToInterface(pThis, pDev);
776 }
777 else
778 {
779 pDev = (struct net_device *)ASMAtomicUoReadPtr((void * volatile *)&pThis->u.s.pDev);
780 if (pDev != ptr)
781 return NOTIFY_OK;
782 rc = NOTIFY_OK;
783 switch (ulEventType)
784 {
785 case NETDEV_UNREGISTER:
786 rc = vboxNetFltLinuxUnregisterDevice(pThis, pDev);
787 break;
788 case NETDEV_UP:
789 rc = vboxNetFltLinuxDeviceIsUp(pThis, pDev);
790 break;
791 case NETDEV_GOING_DOWN:
792 rc = vboxNetFltLinuxDeviceGoingDown(pThis, pDev);
793 break;
794 case NETDEV_CHANGENAME:
795 break;
796 }
797 }
798
799 return rc;
800}
801
802bool vboxNetFltOsMaybeRediscovered(PVBOXNETFLTINS pThis)
803{
804 return !ASMAtomicUoReadBool(&pThis->fDisconnectedFromHost);
805}
806
807
808int vboxNetFltPortOsXmit(PVBOXNETFLTINS pThis, PINTNETSG pSG, uint32_t fDst)
809{
810 uint8_t *pTmp;
811 struct net_device * pDev;
812 int err;
813 int rc = VINF_SUCCESS;
814
815 LogFlow(("vboxNetFltPortOsXmit: pThis=%p (%s)\n", pThis, pThis->szName));
816
817 pTmp = pSG->aSegs[0].pv;
818
819 pDev = vboxNetFltLinuxRetainNetDev(pThis);
820 if (pDev)
821 {
822 /*
823 * Create a sk_buff for the gather list and push it onto the wire.
824 */
825 if (fDst & INTNETTRUNKDIR_WIRE)
826 {
827 struct sk_buff *pBuf = vboxNetFltLinuxSkBufFromSG(pThis, pSG, true);
828 if (pBuf)
829 {
830 Log(("VBoxNetFlt: (int)%02x:%02x:%02x:%02x:%02x:%02x"
831 " --> (wire)%02x:%02x:%02x:%02x:%02x:%02x (%u bytes)\n",
832 pTmp[6], pTmp[7], pTmp[8], pTmp[9], pTmp[10], pTmp[11],
833 pTmp[0], pTmp[1], pTmp[2], pTmp[3], pTmp[4], pTmp[5],
834 pSG->cbTotal));
835 err = dev_queue_xmit(pBuf);
836 if (err)
837 rc = RTErrConvertFromErrno(err);
838 }
839 else
840 rc = VERR_NO_MEMORY;
841 }
842
843 /*
844 * Create a sk_buff for the gather list and push it onto the host stack.
845 */
846 if (fDst & INTNETTRUNKDIR_HOST)
847 {
848 struct sk_buff *pBuf = vboxNetFltLinuxSkBufFromSG(pThis, pSG, false);
849 if (pBuf)
850 {
851 Log(("VBoxNetFlt: (int)%02x:%02x:%02x:%02x:%02x:%02x"
852 " --> (host)%02x:%02x:%02x:%02x:%02x:%02x (%u bytes)\n",
853 pTmp[6], pTmp[7], pTmp[8], pTmp[9], pTmp[10], pTmp[11],
854 pTmp[0], pTmp[1], pTmp[2], pTmp[3], pTmp[4], pTmp[5],
855 pSG->cbTotal));
856 err = netif_rx_ni(pBuf);
857 if (err)
858 rc = RTErrConvertFromErrno(err);
859 }
860 else
861 rc = VERR_NO_MEMORY;
862 }
863
864 vboxNetFltLinuxReleaseNetDev(pThis, pDev);
865 }
866
867 return rc;
868}
869
870
871bool vboxNetFltPortOsIsPromiscuous(PVBOXNETFLTINS pThis)
872{
873 bool fRc = false;
874 struct net_device * pDev = vboxNetFltLinuxRetainNetDev(pThis);
875 if (pDev)
876 {
877 fRc = !!(pDev->promiscuity - (ASMAtomicUoReadBool(&pThis->u.s.fPromiscuousSet) & 1));
878 Log(("vboxNetFltPortOsIsPromiscuous: returns %d, pDev->promiscuity=%d, fPromiscuousSet=%d\n",
879 fRc, pDev->promiscuity, pThis->u.s.fPromiscuousSet));
880 vboxNetFltLinuxReleaseNetDev(pThis, pDev);
881 }
882 return fRc;
883}
884
885
886void vboxNetFltPortOsGetMacAddress(PVBOXNETFLTINS pThis, PRTMAC pMac)
887{
888 *pMac = pThis->u.s.Mac;
889}
890
891
892bool vboxNetFltPortOsIsHostMac(PVBOXNETFLTINS pThis, PCRTMAC pMac)
893{
894 /* ASSUMES that the MAC address never changes. */
895 return pThis->u.s.Mac.au16[0] == pMac->au16[0]
896 && pThis->u.s.Mac.au16[1] == pMac->au16[1]
897 && pThis->u.s.Mac.au16[2] == pMac->au16[2];
898}
899
900
901void vboxNetFltPortOsSetActive(PVBOXNETFLTINS pThis, bool fActive)
902{
903 struct net_device * pDev;
904
905 LogFlow(("vboxNetFltPortOsSetActive: pThis=%p (%s), fActive=%s\n",
906 pThis, pThis->szName, fActive?"true":"false"));
907
908 pDev = vboxNetFltLinuxRetainNetDev(pThis);
909 if (pDev)
910 {
911 /*
912 * This api is a bit weird, the best reference is the code.
913 *
914 * Also, we have a bit or race conditions wrt the maintance of
915 * host the interface promiscuity for vboxNetFltPortOsIsPromiscuous.
916 */
917 u_int16_t fIf;
918#ifdef LOG_ENABLED
919 unsigned const cPromiscBefore = VBOX_GET_PCOUNT(pDev);
920#endif
921 if (fActive)
922 {
923 Assert(!pThis->u.s.fPromiscuousSet);
924
925#if 0
926 /*
927 * Try bring the interface up and running if it's down.
928 */
929 fIf = dev_get_flags(pDev);
930 if ((fIf & (IFF_UP | IFF_RUNNING)) != (IFF_UP | IFF_RUNNING))
931 {
932 rtnl_lock();
933 int err = dev_change_flags(pDev, fIf | IFF_UP);
934 rtnl_unlock();
935 fIf = dev_get_flags(pDev);
936 }
937
938 /*
939 * Is it already up? If it isn't, leave it to the link event or
940 * we'll upset if_pcount (as stated above, ifnet_set_promiscuous is weird).
941 */
942 if ((fIf & (IFF_UP | IFF_RUNNING)) == (IFF_UP | IFF_RUNNING)
943 && !ASMAtomicReadBool(&pThis->u.s.fPromiscuousSet))
944 {
945#endif
946 rtnl_lock();
947 dev_set_promiscuity(pDev, 1);
948 rtnl_unlock();
949 pThis->u.s.fPromiscuousSet = true;
950 Log(("vboxNetFltPortOsSetActive: enabled promiscuous mode on %s (%d)\n", pThis->szName, VBOX_GET_PCOUNT(pDev)));
951#if 0
952 /* check if it actually worked, this stuff is not always behaving well. */
953 if (!(dev_get_flags(pDev) & IFF_PROMISC))
954 {
955 err = dev_change_flags(pDev, fIf | IFF_PROMISC);
956 if (!err)
957 Log(("vboxNetFlt: fixed IFF_PROMISC on %s (%d->%d)\n", pThis->szName, cPromiscBefore, VBOX_GET_PCOUNT(pDev)));
958 else
959 Log(("VBoxNetFlt: failed to fix IFF_PROMISC on %s, err=%d (%d->%d)\n",
960 pThis->szName, err, cPromiscBefore, VBOX_GET_PCOUNT(pDev)));
961 }
962#endif
963#if 0
964 }
965 else if (!err)
966 Log(("VBoxNetFlt: Waiting for the link to come up... (%d->%d)\n", cPromiscBefore, VBOX_GET_PCOUNT(pDev)));
967 if (err)
968 LogRel(("VBoxNetFlt: Failed to put '%s' into promiscuous mode, err=%d (%d->%d)\n", pThis->szName, err, cPromiscBefore, VBOX_GET_PCOUNT(pDev)));
969#endif
970 }
971 else
972 {
973 if (pThis->u.s.fPromiscuousSet)
974 {
975 rtnl_lock();
976 dev_set_promiscuity(pDev, -1);
977 rtnl_unlock();
978 Log(("vboxNetFltPortOsSetActive: disabled promiscuous mode on %s (%d)\n", pThis->szName, VBOX_GET_PCOUNT(pDev)));
979 }
980 pThis->u.s.fPromiscuousSet = false;
981
982 fIf = dev_get_flags(pDev);
983 Log(("VBoxNetFlt: fIf=%#x; %d->%d\n", fIf, cPromiscBefore, VBOX_GET_PCOUNT(pDev)));
984 }
985
986 vboxNetFltLinuxReleaseNetDev(pThis, pDev);
987 }
988}
989
990
991int vboxNetFltOsDisconnectIt(PVBOXNETFLTINS pThis)
992{
993 /* Nothing to do here. */
994 return VINF_SUCCESS;
995}
996
997
998int vboxNetFltOsConnectIt(PVBOXNETFLTINS pThis)
999{
1000 /* Nothing to do here. */
1001 return VINF_SUCCESS;
1002}
1003
1004
1005void vboxNetFltOsDeleteInstance(PVBOXNETFLTINS pThis)
1006{
1007 struct net_device *pDev;
1008 bool fRegistered;
1009 RTSPINLOCKTMP Tmp = RTSPINLOCKTMP_INITIALIZER;
1010
1011 RTSpinlockAcquire(pThis->hSpinlock, &Tmp);
1012 pDev = (struct net_device *)ASMAtomicUoReadPtr((void * volatile *)&pThis->u.s.pDev);
1013 fRegistered = ASMAtomicUoReadBool(&pThis->u.s.fRegistered);
1014 RTSpinlockRelease(pThis->hSpinlock, &Tmp);
1015 if (fRegistered)
1016 {
1017 dev_remove_pack(&pThis->u.s.PacketType);
1018 skb_queue_purge(&pThis->u.s.XmitQueue);
1019 Log(("vboxNetFltOsDeleteInstance: this=%p: Packet handler removed, xmit queue purged.\n", pThis));
1020 Log(("vboxNetFltOsDeleteInstance: Device %p(%s) released. ref=%d\n", pDev, pDev->name, atomic_read(&pDev->refcnt)));
1021 dev_put(pDev);
1022 }
1023 Log(("vboxNetFltOsDeleteInstance: this=%p: Notifier removed.\n", pThis));
1024 unregister_netdevice_notifier(&pThis->u.s.Notifier);
1025}
1026
1027
1028int vboxNetFltOsInitInstance(PVBOXNETFLTINS pThis)
1029{
1030 int err;
1031 pThis->u.s.Notifier.notifier_call = vboxNetFltLinuxNotifierCallback;
1032 err = register_netdevice_notifier(&pThis->u.s.Notifier);
1033 if (err)
1034 return VERR_INTNET_FLT_IF_FAILED;
1035 if (!pThis->u.s.fRegistered)
1036 {
1037 unregister_netdevice_notifier(&pThis->u.s.Notifier);
1038 LogRel(("VBoxNetFlt: failed to find %s.\n", pThis->szName));
1039 return VERR_INTNET_FLT_IF_NOT_FOUND;
1040 }
1041 Log(("vboxNetFltOsInitInstance: this=%p: Notifier installed.\n", pThis));
1042 return pThis->fDisconnectedFromHost ? VERR_INTNET_FLT_IF_FAILED : VINF_SUCCESS;
1043}
1044
1045int vboxNetFltOsPreInitInstance(PVBOXNETFLTINS pThis)
1046{
1047 /*
1048 * Init the linux specific members.
1049 */
1050 pThis->u.s.pDev = NULL;
1051 pThis->u.s.fRegistered = false;
1052 pThis->u.s.fPromiscuousSet = false;
1053 memset(&pThis->u.s.PacketType, 0, sizeof(pThis->u.s.PacketType));
1054 skb_queue_head_init(&pThis->u.s.XmitQueue);
1055#if LINUX_VERSION_CODE >= KERNEL_VERSION(2, 6, 20)
1056 INIT_WORK(&pThis->u.s.XmitTask, vboxNetFltLinuxXmitTask);
1057#else
1058 INIT_WORK(&pThis->u.s.XmitTask, vboxNetFltLinuxXmitTask, &pThis->u.s.XmitTask);
1059#endif
1060
1061 return VINF_SUCCESS;
1062}
1063

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy