xnu-4570.61.1

Imported from https://opensource.apple.com/tarballs/xnu/xnu-4570.61.1.tar.gz
kkpan11 · Dec 10, 2018 · 26f3aa4 · 26f3aa4
1 parent 5bbb823
commit 26f3aa4
Show file tree

Hide file tree

Showing 40 changed files with 466 additions and 74 deletions.
diff --git a/bsd/man/man2/getattrlist.2 b/bsd/man/man2/getattrlist.2
@@ -1698,6 +1698,10 @@ or
 .Em attrBuf
 points to an invalid address.
 .
+.It Bq Er ERANGE
+.Fa attrBufSize
+is too small to hold a u_int32_t.
+.
 .It Bq Er EINVAL
 The
 .Fa bitmapcount

diff --git a/bsd/net/dlil.c b/bsd/net/dlil.c
@@ -67,7 +67,9 @@
 
 #include <net/kpi_protocol.h>
 #include <net/if_types.h>
+#include <net/if_ipsec.h>
 #include <net/if_llreach.h>
+#include <net/if_utun.h>
 #include <net/kpi_interfacefilter.h>
 #include <net/classq/classq.h>
 #include <net/classq/classq_sfb.h>

diff --git a/bsd/net/if.c b/bsd/net/if.c
@@ -1139,7 +1139,26 @@ ifa_ifwithnet_common(const struct sockaddr *addr, unsigned int ifscope)
 
 /*
  * Find an interface address specific to an interface best matching
- * a given address.
+ * a given address applying same source address selection rules
+ * as done in the kernel for implicit source address binding
+ */
+struct ifaddr *
+ifaof_ifpforaddr_select(const struct sockaddr *addr, struct ifnet *ifp)
+{
+	u_int af = addr->sa_family;
+
+	if (af == AF_INET6)
+		return (in6_selectsrc_core_ifa(__DECONST(struct sockaddr_in6 *, addr), ifp, 0));
+
+	return (ifaof_ifpforaddr(addr, ifp));
+}
+
+/*
+ * Find an interface address specific to an interface best matching
+ * a given address without regards to source address selection.
+ *
+ * This is appropriate for use-cases where we just want to update/init
+ * some data structure like routing table entries.
  */
 struct ifaddr *
 ifaof_ifpforaddr(const struct sockaddr *addr, struct ifnet *ifp)
@@ -1311,6 +1330,7 @@ if_updown( struct ifnet *ifp, int up)
 	}
 
 	ifnet_touch_lastchange(ifp);
+	ifnet_touch_lastupdown(ifp);
 
 	/* Drop the lock to notify addresses and route */
 	ifnet_lock_done(ifp);

diff --git a/bsd/net/if_fake.c b/bsd/net/if_fake.c
@@ -508,6 +508,7 @@ copy_mbuf(struct mbuf *m)
 	}
 	mbuf_setlen(copy_m, pkt_len);
 	copy_m->m_pkthdr.len = pkt_len;
+	copy_m->m_pkthdr.pkt_svc = m->m_pkthdr.pkt_svc;
 	offset = 0;
 	while (m != NULL && offset < pkt_len) {
 		uint32_t	frag_len;

diff --git a/bsd/net/if_ipsec.c b/bsd/net/if_ipsec.c
@@ -196,7 +196,7 @@ struct ipsec_pcb {
 	u_int32_t			ipsec_tx_fsw_ring_size;
 	u_int32_t			ipsec_rx_fsw_ring_size;
 	bool				ipsec_use_netif;
-
+	bool				ipsec_needs_netagent;
 #endif // IPSEC_NEXUS
 };
 
@@ -370,6 +370,24 @@ ipsec_interface_isvalid (ifnet_t interface)
     return 1;
 }
 
+boolean_t
+ipsec_interface_needs_netagent(ifnet_t interface)
+{
+	struct ipsec_pcb *pcb = NULL;
+
+	if (interface == NULL) {
+		return (FALSE);
+	}
+
+	pcb = ifnet_softc(interface);
+
+	if (pcb == NULL) {
+		return (FALSE);
+	}
+
+	return (pcb->ipsec_needs_netagent == true);
+}
+
 static errno_t
 ipsec_ifnet_set_attrs(ifnet_t ifp)
 {
@@ -2755,9 +2773,11 @@ ipsec_ctl_setopt(__unused kern_ctl_ref	kctlref,
 			}
 
 			if (*(int *)data) {
-					if_add_netagent(pcb->ipsec_ifp, pcb->ipsec_nx.ms_agent);
+				if_add_netagent(pcb->ipsec_ifp, pcb->ipsec_nx.ms_agent);
+				pcb->ipsec_needs_netagent = true;
 			} else {
-					if_delete_netagent(pcb->ipsec_ifp, pcb->ipsec_nx.ms_agent);
+				pcb->ipsec_needs_netagent = false;
+				if_delete_netagent(pcb->ipsec_ifp, pcb->ipsec_nx.ms_agent);
 			}
 			break;
 		}

diff --git a/bsd/net/if_ipsec.h b/bsd/net/if_ipsec.h
@@ -40,6 +40,7 @@ errno_t ipsec_register_control(void);
 
 /* Helpers */
 int ipsec_interface_isvalid (ifnet_t interface);
+boolean_t ipsec_interface_needs_netagent(ifnet_t interface);
 
 errno_t ipsec_inject_inbound_packet(ifnet_t	interface, mbuf_t packet);
 

diff --git a/bsd/net/if_utun.c b/bsd/net/if_utun.c
@@ -114,6 +114,7 @@ struct utun_pcb {
 	u_int32_t		utun_tx_fsw_ring_size;
 	u_int32_t		utun_rx_fsw_ring_size;
 	bool			utun_use_netif;
+	bool			utun_needs_netagent;
 #endif // UTUN_NEXUS
 };
 
@@ -2083,7 +2084,9 @@ utun_ctl_setopt(__unused kern_ctl_ref kctlref,
 
 			if (*(int *)data) {
 				if_add_netagent(pcb->utun_ifp, pcb->utun_nx.ms_agent);
+				pcb->utun_needs_netagent = true;
 			} else {
+				pcb->utun_needs_netagent = false;
 				if_delete_netagent(pcb->utun_ifp, pcb->utun_nx.ms_agent);
 			}
 			break;
@@ -2794,6 +2797,23 @@ utun_register_nexus(void)
 	}
 	return (0);
 }
+boolean_t
+utun_interface_needs_netagent(ifnet_t interface)
+{
+	struct utun_pcb *pcb = NULL;
+
+	if (interface == NULL) {
+		return (FALSE);
+	}
+
+	pcb = ifnet_softc(interface);
+
+	if (pcb == NULL) {
+		return (FALSE);
+	}
+
+	return (pcb->utun_needs_netagent == true);
+}
 
 static errno_t
 utun_ifnet_set_attrs(ifnet_t ifp)

diff --git a/bsd/net/if_utun.h b/bsd/net/if_utun.h
@@ -37,6 +37,7 @@
 void* utun_alloc(size_t size);
 void utun_free(void *ptr);
 errno_t utun_register_control(void);
+boolean_t utun_interface_needs_netagent(ifnet_t interface);
 
 #endif
 

diff --git a/bsd/net/if_var.h b/bsd/net/if_var.h
@@ -688,6 +688,7 @@ struct if_data_internal {
 	u_int64_t	ifi_fpackets;	/* forwarded packets on interface */
 	u_int64_t	ifi_fbytes;	/* forwarded bytes on interface */
 	struct	timeval ifi_lastchange;	/* time of last administrative change */
+	struct	timeval ifi_lastupdown;	/* time of last up/down event */
 	u_int32_t	ifi_hwassist;	/* HW offload capabilities */
 	u_int32_t	ifi_tso_v4_mtu;	/* TCP Segment Offload IPv4 maximum segment size */
 	u_int32_t	ifi_tso_v6_mtu;	/* TCP Segment Offload IPv6 maximum segment size */
@@ -726,6 +727,7 @@ struct if_data_internal {
 #define	if_dt_bytes	if_data.ifi_dt_bytes
 #define	if_fpackets	if_data.ifi_fpackets
 #define	if_fbytes	if_data.ifi_fbytes
+#define	if_lastupdown	if_data.ifi_lastupdown
 #endif /* BSD_KERNEL_PRIVATE */
 
 #ifdef BSD_KERNEL_PRIVATE
@@ -1503,6 +1505,7 @@ extern struct	ifaddr *ifa_ifwithroute_locked(int, const struct sockaddr *,
     const struct sockaddr *);
 extern struct ifaddr *ifa_ifwithroute_scoped_locked(int,
     const struct sockaddr *, const struct sockaddr *, unsigned int);
+extern struct ifaddr *ifaof_ifpforaddr_select(const struct sockaddr *, struct ifnet *);
 extern struct ifaddr *ifaof_ifpforaddr(const struct sockaddr *, struct ifnet *);
 __private_extern__ struct ifaddr *ifa_ifpgetprimary(struct ifnet *, int);
 extern void ifa_addref(struct ifaddr *, int);

diff --git a/bsd/net/kpi_interface.c b/bsd/net/kpi_interface.c
@@ -1703,6 +1703,35 @@ ifnet_lastchange(ifnet_t interface, struct timeval *last_change)
 	return (0);
 }
 
+errno_t
+ifnet_touch_lastupdown(ifnet_t interface)
+{
+	if (interface == NULL) {
+		return (EINVAL);
+	}
+
+	TOUCHLASTCHANGE(&interface->if_lastupdown);
+
+	return (0);
+}
+
+errno_t
+ifnet_updown_delta(ifnet_t interface, struct timeval *updown_delta)
+{
+	if (interface == NULL) {
+		return (EINVAL);
+	}
+
+	/* Calculate the delta */
+	updown_delta->tv_sec = net_uptime();
+	if (updown_delta->tv_sec > interface->if_data.ifi_lastupdown.tv_sec) {
+		updown_delta->tv_sec -= interface->if_data.ifi_lastupdown.tv_sec;
+	}
+	updown_delta->tv_usec = 0;
+
+	return (0);
+}
+
 errno_t
 ifnet_get_address_list(ifnet_t interface, ifaddr_t **addresses)
 {
@@ -2441,7 +2470,7 @@ ifaddr_findbestforaddr(const struct sockaddr *addr, ifnet_t interface)
 	if (addr == NULL || interface == NULL)
 		return (NULL);
 
-	return (ifaof_ifpforaddr(addr, interface));
+	return (ifaof_ifpforaddr_select(addr, interface));
 }
 
 errno_t

diff --git a/bsd/net/kpi_interface.h b/bsd/net/kpi_interface.h
@@ -3556,6 +3556,23 @@ extern errno_t ifnet_get_buffer_status(const ifnet_t interface,
  */
 extern void ifnet_normalise_unsent_data(void);
 
+/*!
+ @function ifnet_touch_lastupdown
+ @discussion Updates the lastupdown value to now.
+ @param interface The interface.
+ @result 0 on success otherwise the errno error.
+ */
+extern errno_t ifnet_touch_lastupdown(ifnet_t interface);
+
+/*!
+ @function ifnet_updown_delta
+ @discussion Retrieves the difference between lastupdown and now.
+ @param interface The interface.
+ @param updown_delta A timeval struct to copy the delta between lastupdown and now.
+ to.
+ */
+extern errno_t ifnet_updown_delta(ifnet_t interface, struct timeval *updown_delta);
+
 #endif /* KERNEL_PRIVATE */
 
 __END_DECLS

diff --git a/bsd/net/necp.h b/bsd/net/necp.h
@@ -502,6 +502,7 @@ typedef struct necp_cache_buffer {
 #define	NECP_CLIENT_RESULT_TFO_COOKIE					13		// NECP_TFO_COOKIE_LEN_MAX
 #define	NECP_CLIENT_RESULT_TFO_FLAGS					14		// u_int8_t
 #define	NECP_CLIENT_RESULT_RECOMMENDED_MSS				15		// u_int8_t
+#define	NECP_CLIENT_RESULT_INTERFACE_TIME_DELTA			17		// u_int32_t, seconds since interface up/down
 
 #define	NECP_CLIENT_RESULT_NEXUS_INSTANCE				100		// uuid_t
 #define	NECP_CLIENT_RESULT_NEXUS_PORT					101		// u_int16_t

diff --git a/bsd/net/necp_client.c b/bsd/net/necp_client.c
@@ -177,6 +177,7 @@ SYSCTL_INT(_net_necp, NECPCTL_IF_FLOW_COUNT, if_flow_count, CTLFLAG_LOCKED | CTL
 SYSCTL_INT(_net_necp, NECPCTL_OBSERVER_MESSAGE_LIMIT, observer_message_limit, CTLFLAG_LOCKED | CTLFLAG_RW, &necp_observer_message_limit, 256, "");
 
 #define NECP_MAX_CLIENT_LIST_SIZE 		1024 * 1024 // 1MB
+#define NECP_MAX_AGENT_ACTION_SIZE 		256
 
 extern int tvtohz(struct timeval *);
 extern unsigned int get_maxmtu(struct rtentry *);
@@ -2347,6 +2348,16 @@ necp_update_client_result(proc_t proc,
 		interface_struct.generation = ifnet_get_generation(direct_interface);
 		cursor = necp_buffer_write_tlv_if_different(cursor, NECP_CLIENT_RESULT_INTERFACE, sizeof(interface_struct), &interface_struct, &updated,
 													client->result, sizeof(client->result));
+
+		// Set the delta time since interface up/down
+		struct timeval updown_delta = {};
+		if (ifnet_updown_delta(direct_interface, &updown_delta) == 0) {
+			u_int32_t delta = updown_delta.tv_sec;
+			bool ignore_updated = FALSE;
+			cursor = necp_buffer_write_tlv_if_different(cursor, NECP_CLIENT_RESULT_INTERFACE_TIME_DELTA,
+														sizeof(delta), &delta, &ignore_updated,
+														client->result, sizeof(client->result));
+		}
 	}
 	if (delegate_interface != NULL) {
 		struct necp_client_result_interface interface_struct;
@@ -4069,6 +4080,12 @@ necp_client_agent_action(struct necp_fd_data *fd_data, struct necp_client_action
 		goto done;
 	}
 
+	if (uap->buffer_size > NECP_MAX_AGENT_ACTION_SIZE) {
+		NECPLOG(LOG_ERR, "necp_client_agent_action invalid buffer size (>%u)", NECP_MAX_AGENT_ACTION_SIZE);
+		error = EINVAL;
+		goto done;
+	}
+
 	if ((parameters = _MALLOC(uap->buffer_size, M_NECP, M_WAITOK | M_ZERO)) == NULL) {
 		NECPLOG0(LOG_ERR, "necp_client_agent_action malloc failed");
 		error = ENOMEM;