root/net/inet/ip.c

/* */

DEFINITIONS

1. ip_print
2. ip_ioctl
3. strict_route
4. loose_route
5. print_ipprot
6. ip_route_check
7. build_options
8. ip_send
9. ip_build_header
10. do_options
11. ip_fast_csum
12. ip_compute_csum
13. ip_csum
14. ip_send_check
15. ip_frag_create
16. ip_find
17. ip_free
18. ip_expire
19. ip_create
20. ip_done
21. ip_glue
22. ip_defrag
23. ip_fragment
24. ip_forward
25. ip_rcv
26. ip_queue_xmit
27. ip_do_retransmit
28. ip_retransmit
29. ip_setsockopt
30. ip_getsockopt

   1 /*
   2  * INET         An implementation of the TCP/IP protocol suite for the LINUX
   3  *              operating system.  INET is implemented using the  BSD Socket
   4  *              interface as the means of communication with the user level.
   5  *
   6  *              The Internet Protocol (IP) module.
   7  *
   8  * Version:     @(#)ip.c        1.0.16b 9/1/93
   9  *
  10  * Authors:     Ross Biro, <bir7@leland.Stanford.Edu>
  11  *              Fred N. van Kempen, <waltje@uWalt.NL.Mugnet.ORG>
  12  *              Donald Becker, <becker@super.org>
  13  *
  14  * Fixes:
  15  *              Alan Cox        :       Commented a couple of minor bits of surplus code
  16  *              Alan Cox        :       Undefining IP_FORWARD doesn't include the code
  17  *                                      (just stops a compiler warning).
  18  *              Alan Cox        :       Frames with >=MAX_ROUTE record routes, strict routes or loose routes
  19  *                                      are junked rather than corrupting things.
  20  *              Alan Cox        :       Frames to bad broadcast subnets are dumped
  21  *                                      We used to process them non broadcast and
  22  *                                      boy could that cause havoc.
  23  *              Alan Cox        :       ip_forward sets the free flag on the 
  24  *                                      new frame it queues. Still crap because
  25  *                                      it copies the frame but at least it 
  26  *                                      doesn't eat memory too.
  27  *              Alan Cox        :       Generic queue code and memory fixes.
  28  *              Fred Van Kempen :       IP fragment support (borrowed from NET2E)
  29  *              Gerhard Koerting:       Forward fragmented frames correctly.
  30  *              Gerhard Koerting:       Fixes to my fix of the above 8-).
  31  *              Gerhard Koerting:       IP interface addressing fix.
  32  *              Linus Torvalds  :       More robustness checks
  33  *              Alan Cox        :       Even more checks: Still not as robust as it ought to be
  34  *              Alan Cox        :       Save IP header pointer for later
  35  *              Alan Cox        :       ip option setting
  36  *              Alan Cox        :       Use ip_tos/ip_ttl settings
  37  *
  38  * To Fix:
  39  *              IP option processing is mostly not needed. ip_forward needs to know about routing rules
  40  *              and time stamp but that's about all.
  41  *
  42  *              This program is free software; you can redistribute it and/or
  43  *              modify it under the terms of the GNU General Public License
  44  *              as published by the Free Software Foundation; either version
  45  *              2 of the License, or (at your option) any later version.
  46  */
  47 #include <asm/segment.h>
  48 #include <asm/system.h>
  49 #include <linux/types.h>
  50 #include <linux/kernel.h>
  51 #include <linux/sched.h>
  52 #include <linux/string.h>
  53 #include <linux/errno.h>
  54 #include <linux/socket.h>
  55 #include <linux/sockios.h>
  56 #include <linux/in.h>
  57 #include "inet.h"
  58 #include "dev.h"
  59 #include "eth.h"
  60 #include "ip.h"
  61 #include "protocol.h"
  62 #include "route.h"
  63 #include "tcp.h"
  64 #include "skbuff.h"
  65 #include "sock.h"
  66 #include "arp.h"
  67 #include "icmp.h"
  68 
  69 #define CONFIG_IP_FORWARD
  70 #define CONFIG_IP_DEFRAG
  71 
  72 extern int last_retran;
  73 extern void sort_send(struct sock *sk);
  74 
  75 #define min(a,b)        ((a)<(b)?(a):(b))
  76 
  77 void
  78 ip_print(struct iphdr *ip)
     /*  */
  79 {
  80   unsigned char buff[32];
  81   unsigned char *ptr;
  82   int addr, len, i;
  83 
  84   if (inet_debug != DBG_IP) return;
  85 
  86   /* Dump the IP header. */
  87   printk("IP: ihl=%d, version=%d, tos=%d, tot_len=%d\n",
  88            ip->ihl, ip->version, ip->tos, ntohs(ip->tot_len));
  89   printk("    id=%X, ttl=%d, prot=%d, check=%X\n",
  90            ip->id, ip->ttl, ip->protocol, ip->check);
  91   printk("    frag_off=%d\n", ip->frag_off);
  92   printk("    soucre=%s ", in_ntoa(ip->saddr));
  93   printk("dest=%s\n", in_ntoa(ip->daddr));
  94   printk("    ----\n");
  95 
  96   /* Dump the data. */
  97   ptr = (unsigned char *)(ip + 1);
  98   addr = 0;
  99   len = ntohs(ip->tot_len) - (4 * ip->ihl);
 100   while (len > 0) {
 101         printk("    %04X: ", addr);
 102         for(i = 0; i < 16; i++) {
 103                 if (len > 0) {
 104                         printk("%02X ", (*ptr & 0xFF));
 105                         buff[i] = *ptr++;
 106                         if (buff[i] < 32 || buff[i] > 126) buff[i] = '.';
 107                 } else {
 108                         printk("   ");
 109                         buff[i] = ' ';
 110                 }
 111                 addr++;
 112                 len--;
 113         };
 114         buff[i] = '\0';
 115         printk("  \"%s\"\n", buff);
 116   }
 117   printk("    ----\n\n");
 118 }
 119 
 120 
 121 int
 122 ip_ioctl(struct sock *sk, int cmd, unsigned long arg)
     /*  */
 123 {
 124   switch(cmd) {
 125         case DDIOCSDBG:
 126                 return(dbg_ioctl((void *) arg, DBG_IP));
 127         default:
 128                 return(-EINVAL);
 129   }
 130 }
 131 
 132 
 133 /* these two routines will do routining. */
 134 static void
 135 strict_route(struct iphdr *iph, struct options *opt)
     /*  */
 136 {
 137 }
 138 
 139 
 140 static void
 141 loose_route(struct iphdr *iph, struct options *opt)
     /*  */
 142 {
 143 }
 144 
 145 
 146 static void
 147 print_ipprot(struct inet_protocol *ipprot)
     /*  */
 148 {
 149   DPRINTF((DBG_IP, "handler = %X, protocol = %d, copy=%d \n",
 150            ipprot->handler, ipprot->protocol, ipprot->copy));
 151 }
 152 
 153 
 154 /* This routine will check to see if we have lost a gateway. */
 155 void
 156 ip_route_check(unsigned long daddr)
     /*  */
 157 {
 158 }
 159 
 160 
 161 #if 0
 162 /* this routine puts the options at the end of an ip header. */
 163 static int
 164 build_options(struct iphdr *iph, struct options *opt)
     /*  */
 165 {
 166   unsigned char *ptr;
 167   /* currently we don't support any options. */
 168   ptr = (unsigned char *)(iph+1);
 169   *ptr = 0;
 170   return (4);
 171 }
 172 #endif
 173 
 174 
 175 /* Take an skb, and fill in the MAC header. */
 176 static int
 177 ip_send(struct sk_buff *skb, unsigned long daddr, int len, struct device *dev,
     /*  */
 178         unsigned long saddr)
 179 {
 180   unsigned char *ptr;
 181   int mac;
 182 
 183   ptr = skb->data;
 184   mac = 0;
 185   skb->arp = 1;
 186   if (dev->hard_header) {
 187         mac = dev->hard_header(ptr, dev, ETH_P_IP, daddr, saddr, len);
 188   }
 189   if (mac < 0) {
 190         mac = -mac;
 191         skb->arp = 0;
 192   }
 193   skb->dev = dev;
 194   return(mac);
 195 }
 196 
 197 
 198 /*
 199  * This routine builds the appropriate hardware/IP headers for
 200  * the routine.  It assumes that if *dev != NULL then the
 201  * protocol knows what it's doing, otherwise it uses the
 202  * routing/ARP tables to select a device struct.
 203  */
 204 int
 205 ip_build_header(struct sk_buff *skb, unsigned long saddr, unsigned long daddr,
     /*  */
 206                 struct device **dev, int type, struct options *opt, int len, int tos, int ttl)
 207 {
 208   static struct options optmem;
 209   struct iphdr *iph;
 210   struct rtable *rt;
 211   unsigned char *buff;
 212   unsigned long raddr;
 213   static int count = 0;
 214   int tmp;
 215 
 216   if (saddr == 0) 
 217         saddr = my_addr();
 218         
 219   DPRINTF((DBG_IP, "ip_build_header (skb=%X, saddr=%X, daddr=%X, *dev=%X,\n"
 220            "                 type=%d, opt=%X, len = %d)\n",
 221            skb, saddr, daddr, *dev, type, opt, len));
 222            
 223   buff = skb->data;
 224 
 225   /* See if we need to look up the device. */
 226   if (*dev == NULL) {
 227         rt = rt_route(daddr, &optmem);
 228         if (rt == NULL) 
 229                 return(-ENETUNREACH);
 230 
 231         *dev = rt->rt_dev;
 232         if (saddr == 0x0100007FL && daddr != 0x0100007FL) 
 233                 saddr = rt->rt_dev->pa_addr;
 234         raddr = rt->rt_gateway;
 235 
 236         DPRINTF((DBG_IP, "ip_build_header: saddr set to %s\n", in_ntoa(saddr)));
 237         opt = &optmem;
 238   } else {
 239         /* We still need the address of the first hop. */
 240         rt = rt_route(daddr, &optmem);
 241         raddr = (rt == NULL) ? 0 : rt->rt_gateway;
 242   }
 243   if (raddr == 0)
 244         raddr = daddr;
 245 
 246   /* Now build the MAC header. */
 247   tmp = ip_send(skb, raddr, len, *dev, saddr);
 248   buff += tmp;
 249   len -= tmp;
 250 
 251   skb->dev = *dev;
 252   skb->saddr = saddr;
 253   if (skb->sk) skb->sk->saddr = saddr;
 254 
 255   /* Now build the IP header. */
 256 
 257   /* If we are using IPPROTO_RAW, then we don't need an IP header, since
 258      one is being supplied to us by the user */
 259 
 260   if(type == IPPROTO_RAW) return (tmp);
 261 
 262   iph = (struct iphdr *)buff;
 263   iph->version  = 4;
 264   iph->tos      = tos;
 265   iph->frag_off = 0;
 266   iph->ttl      = ttl;
 267   iph->daddr    = daddr;
 268   iph->saddr    = saddr;
 269   iph->protocol = type;
 270   iph->ihl      = 5;
 271   iph->id       = htons(count++);
 272 
 273   /* Setup the IP options. */
 274 #ifdef Not_Yet_Avail
 275   build_options(iph, opt);
 276 #endif
 277 
 278   return(20 + tmp);     /* IP header plus MAC header size */
 279 }
 280 
 281 
 282 static int
 283 do_options(struct iphdr *iph, struct options *opt)
     /*  */
 284 {
 285   unsigned char *buff;
 286   int done = 0;
 287   int i, len = sizeof(struct iphdr);
 288 
 289   /* Zero out the options. */
 290   opt->record_route.route_size = 0;
 291   opt->loose_route.route_size  = 0;
 292   opt->strict_route.route_size = 0;
 293   opt->tstamp.ptr              = 0;
 294   opt->security                = 0;
 295   opt->compartment             = 0;
 296   opt->handling                = 0;
 297   opt->stream                  = 0;
 298   opt->tcc                     = 0;
 299   return(0);
 300 
 301   /* Advance the pointer to start at the options. */
 302   buff = (unsigned char *)(iph + 1);
 303 
 304   /* Now start the processing. */
 305   while (!done && len < iph->ihl*4) switch(*buff) {
 306         case IPOPT_END:
 307                 done = 1;
 308                 break;
 309         case IPOPT_NOOP:
 310                 buff++;
 311                 len++;
 312                 break;
 313         case IPOPT_SEC:
 314                 buff++;
 315                 if (*buff != 11) return(1);
 316                 buff++;
 317                 opt->security = ntohs(*(unsigned short *)buff);
 318                 buff += 2;
 319                 opt->compartment = ntohs(*(unsigned short *)buff);
 320                 buff += 2;
 321                 opt->handling = ntohs(*(unsigned short *)buff);
 322                 buff += 2;
 323                 opt->tcc = ((*buff) << 16) + ntohs(*(unsigned short *)(buff+1));
 324                 buff += 3;
 325                 len += 11;
 326                 break;
 327         case IPOPT_LSRR:
 328                 buff++;
 329                 if ((*buff - 3)% 4 != 0) return(1);
 330                 len += *buff;
 331                 opt->loose_route.route_size = (*buff -3)/4;
 332                 buff++;
 333                 if (*buff % 4 != 0) return(1);
 334                 opt->loose_route.pointer = *buff/4 - 1;
 335                 buff++;
 336                 buff++;
 337                 for (i = 0; i < opt->loose_route.route_size; i++) {
 338                         if(i>=MAX_ROUTE)
 339                                 return(1);
 340                         opt->loose_route.route[i] = *(unsigned long *)buff;
 341                         buff += 4;
 342                 }
 343                 break;
 344         case IPOPT_SSRR:
 345                 buff++;
 346                 if ((*buff - 3)% 4 != 0) return(1);
 347                 len += *buff;
 348                 opt->strict_route.route_size = (*buff -3)/4;
 349                 buff++;
 350                 if (*buff % 4 != 0) return(1);
 351                 opt->strict_route.pointer = *buff/4 - 1;
 352                 buff++;
 353                 buff++;
 354                 for (i = 0; i < opt->strict_route.route_size; i++) {
 355                         if(i>=MAX_ROUTE)
 356                                 return(1);
 357                         opt->strict_route.route[i] = *(unsigned long *)buff;
 358                         buff += 4;
 359                 }
 360                 break;
 361         case IPOPT_RR:
 362                 buff++;
 363                 if ((*buff - 3)% 4 != 0) return(1);
 364                 len += *buff;
 365                 opt->record_route.route_size = (*buff -3)/4;
 366                 buff++;
 367                 if (*buff % 4 != 0) return(1);
 368                 opt->record_route.pointer = *buff/4 - 1;
 369                 buff++;
 370                 buff++;
 371                 for (i = 0; i < opt->record_route.route_size; i++) {
 372                         if(i>=MAX_ROUTE)
 373                                 return 1;
 374                         opt->record_route.route[i] = *(unsigned long *)buff;
 375                         buff += 4;
 376                 }
 377                 break;
 378         case IPOPT_SID:
 379                 len += 4;
 380                 buff +=2;
 381                 opt->stream = *(unsigned short *)buff;
 382                 buff += 2;
 383                 break;
 384         case IPOPT_TIMESTAMP:
 385                 buff++;
 386                 len += *buff;
 387                 if (*buff % 4 != 0) return(1);
 388                 opt->tstamp.len = *buff / 4 - 1;
 389                 buff++;
 390                 if ((*buff - 1) % 4 != 0) return(1);
 391                 opt->tstamp.ptr = (*buff-1)/4;
 392                 buff++;
 393                 opt->tstamp.x.full_char = *buff;
 394                 buff++;
 395                 for (i = 0; i < opt->tstamp.len; i++) {
 396                         opt->tstamp.data[i] = *(unsigned long *)buff;
 397                         buff += 4;
 398                 }
 399                 break;
 400         default:
 401                 return(1);
 402   }
 403 
 404   if (opt->record_route.route_size == 0) {
 405         if (opt->strict_route.route_size != 0) {
 406                 memcpy(&(opt->record_route), &(opt->strict_route),
 407                                              sizeof(opt->record_route));
 408         } else if (opt->loose_route.route_size != 0) {
 409                 memcpy(&(opt->record_route), &(opt->loose_route),
 410                                              sizeof(opt->record_route));
 411         }
 412   }
 413 
 414   if (opt->strict_route.route_size != 0 &&
 415       opt->strict_route.route_size != opt->strict_route.pointer) {
 416         strict_route(iph, opt);
 417         return(0);
 418   }
 419 
 420   if (opt->loose_route.route_size != 0 &&
 421       opt->loose_route.route_size != opt->loose_route.pointer) {
 422         loose_route(iph, opt);
 423         return(0);
 424   }
 425 
 426   return(0);
 427 }
 428 
 429 /* This is a version of ip_compute_csum() optimized for IP headers, which
 430    always checksum on 4 octet boundaries. */
 431 static inline unsigned short
 432 ip_fast_csum(unsigned char * buff, int wlen)
     /*  */
 433 {
 434     unsigned long sum = 0;
 435 
 436     if (wlen) {
 437         unsigned long bogus;
 438          __asm__("clc\n"
 439                 "1:\t"
 440                 "lodsl\n\t"
 441                 "adcl %3, %0\n\t"
 442                 "decl %2\n\t"
 443                 "jne 1b\n\t"
 444                 "adcl $0, %0\n\t"
 445                 "movl %0, %3\n\t"
 446                 "shrl $16, %3\n\t"
 447                 "addw %w3, %w0\n\t"
 448                 "adcw $0, %w0"
 449             : "=r" (sum), "=S" (buff), "=r" (wlen), "=a" (bogus)
 450             : "0"  (sum),  "1" (buff),  "2" (wlen));
 451     }
 452     return (~sum) & 0xffff;
 453 }
 454 
 455 /*
 456  * This routine does all the checksum computations that don't
 457  * require anything special (like copying or special headers).
 458  */
 459 unsigned short
 460 ip_compute_csum(unsigned char * buff, int len)
     /*  */
 461 {
 462   unsigned long sum = 0;
 463 
 464   /* Do the first multiple of 4 bytes and convert to 16 bits. */
 465   if (len > 3) {
 466         __asm__("clc\n"
 467                 "1:\t"
 468                 "lodsl\n\t"
 469                 "adcl %%eax, %%ebx\n\t"
 470                 "loop 1b\n\t"
 471                 "adcl $0, %%ebx\n\t"
 472                 "movl %%ebx, %%eax\n\t"
 473                 "shrl $16, %%eax\n\t"
 474                 "addw %%ax, %%bx\n\t"
 475                 "adcw $0, %%bx"
 476                 : "=b" (sum) , "=S" (buff)
 477                 : "0" (sum), "c" (len >> 2) ,"1" (buff)
 478                 : "ax", "cx", "si", "bx" );
 479   }
 480   if (len & 2) {
 481         __asm__("lodsw\n\t"
 482                 "addw %%ax, %%bx\n\t"
 483                 "adcw $0, %%bx"
 484                 : "=b" (sum), "=S" (buff)
 485                 : "0" (sum), "1" (buff)
 486                 : "bx", "ax", "si");
 487   }
 488   if (len & 1) {
 489         __asm__("lodsb\n\t"
 490                 "movb $0, %%ah\n\t"
 491                 "addw %%ax, %%bx\n\t"
 492                 "adcw $0, %%bx"
 493                 : "=b" (sum), "=S" (buff)
 494                 : "0" (sum), "1" (buff)
 495                 : "bx", "ax", "si");
 496   }
 497   sum =~sum;
 498   return(sum & 0xffff);
 499 }
 500 
 501 /* Check the header of an incoming IP datagram.  This version is still used in slhc.c. */
 502 int
 503 ip_csum(struct iphdr *iph)
     /*  */
 504 {
 505   return ip_fast_csum((unsigned char *)iph, iph->ihl);
 506 }
 507 
 508 /* Generate a checksym for an outgoing IP datagram. */
 509 static void
 510 ip_send_check(struct iphdr *iph)
     /*  */
 511 {
 512    iph->check = 0;
 513    iph->check = ip_fast_csum((unsigned char *)iph, iph->ihl);
 514 }
 515 
 516 /************************ Fragment Handlers From NET2E not yet with tweaks to beat 4K **********************************/
 517 
 518 static struct ipq *ipqueue = NULL;              /* IP fragment queue    */
 519  /* Create a new fragment entry. */
 520 static struct ipfrag *ip_frag_create(int offset, int end, struct sk_buff *skb, unsigned char *ptr)
     /*  */
 521 {
 522         struct ipfrag *fp;
 523  
 524         fp = (struct ipfrag *) kmalloc(sizeof(struct ipfrag), GFP_ATOMIC);
 525         if (fp == NULL) 
 526         {
 527                 printk("IP: frag_create: no memory left !\n");
 528                 return(NULL);
 529         }
 530         memset(fp, 0, sizeof(struct ipfrag));
 531 
 532         /* Fill in the structure. */
 533         fp->offset = offset;
 534         fp->end = end;
 535         fp->len = end - offset;
 536         fp->skb = skb;
 537         fp->ptr = ptr;
 538  
 539         return(fp);
 540 }
 541  
 542  
 543 /*
 544  * Find the correct entry in the "incomplete datagrams" queue for
 545  * this IP datagram, and return the queue entry address if found.
 546  */
 547 static struct ipq *ip_find(struct iphdr *iph)
     /*  */
 548 {
 549         struct ipq *qp;
 550         struct ipq *qplast;
 551  
 552         cli();
 553         qplast = NULL;
 554         for(qp = ipqueue; qp != NULL; qplast = qp, qp = qp->next) 
 555         {
 556                 if (iph->id== qp->iph->id && iph->saddr == qp->iph->saddr &&
 557                         iph->daddr == qp->iph->daddr && iph->protocol == qp->iph->protocol) 
 558                 {
 559                         del_timer(&qp->timer);  /* So it doesnt vanish on us. The timer will be reset anyway */
 560                         sti();
 561                         return(qp);
 562                 }
 563         }
 564         sti();
 565         return(NULL);
 566 }
 567  
 568  
 569 /*
 570  * Remove an entry from the "incomplete datagrams" queue, either
 571  * because we completed, reassembled and processed it, or because
 572  * it timed out.
 573  */
 574 
 575 static void ip_free(struct ipq *qp)
     /*  */
 576 {
 577         struct ipfrag *fp;
 578         struct ipfrag *xp;
 579 
 580         /* Stop the timer for this entry. */
 581 /*      printk("ip_free\n");*/
 582         del_timer(&qp->timer);
 583 
 584         /* Remove this entry from the "incomplete datagrams" queue. */
 585         cli();
 586         if (qp->prev == NULL) 
 587         {
 588                 ipqueue = qp->next;
 589                 if (ipqueue != NULL) 
 590                         ipqueue->prev = NULL;
 591         } 
 592         else 
 593         {
 594                 qp->prev->next = qp->next;
 595                 if (qp->next != NULL) 
 596                         qp->next->prev = qp->prev;
 597         }
 598  
 599         /* Release all fragment data. */
 600 /*      printk("ip_free: kill frag data\n");*/
 601         fp = qp->fragments;
 602         while (fp != NULL) 
 603         {
 604                 xp = fp->next;
 605                 IS_SKB(fp->skb);
 606                 kfree_skb(fp->skb,FREE_READ);
 607                 kfree_s(fp, sizeof(struct ipfrag));
 608                 fp = xp;
 609         }
 610         
 611 /*      printk("ip_free: cleanup\n");*/
 612  
 613         /* Release the MAC header. */
 614         kfree_s(qp->mac, qp->maclen);
 615  
 616         /* Release the IP header. */
 617         kfree_s(qp->iph, qp->ihlen + 8);
 618  
 619         /* Finally, release the queue descriptor itself. */
 620         kfree_s(qp, sizeof(struct ipq));
 621 /*      printk("ip_free:done\n");*/
 622         sti();
 623  }
 624  
 625  
 626  /* Oops- a fragment queue timed out.  Kill it and send an ICMP reply. */
 627  
 628 static void ip_expire(unsigned long arg)
     /*  */
 629 {
 630         struct ipq *qp;
 631  
 632         qp = (struct ipq *)arg;
 633         DPRINTF((DBG_IP, "IP: queue_expire: fragment queue 0x%X timed out!\n", qp));
 634  
 635         /* Send an ICMP "Fragment Reassembly Timeout" message. */
 636 #if 0           
 637         icmp_send(qp->iph->ip_src.s_addr, ICMP_TIME_EXCEEDED,
 638                     ICMP_EXC_FRAGTIME, qp->iph);
 639 #endif           
 640         if(qp->fragments!=NULL)
 641                 icmp_send(qp->fragments->skb,ICMP_TIME_EXCEEDED,
 642                                 ICMP_EXC_FRAGTIME, qp->dev);
 643  
 644         /* Nuke the fragment queue. */
 645         ip_free(qp);
 646 }
 647  
 648  
 649 /*
 650  * Add an entry to the 'ipq' queue for a newly received IP datagram.
 651  * We will (hopefully :-) receive all other fragments of this datagram
 652  * in time, so we just create a queue for this datagram, in which we
 653  * will insert the received fragments at their respective positions.
 654  */
 655 
 656 static struct ipq *ip_create(struct sk_buff *skb, struct iphdr *iph, struct device *dev)
     /*  */
 657 {
 658         struct ipq *qp;
 659         int maclen;
 660         int ihlen;
 661 
 662         qp = (struct ipq *) kmalloc(sizeof(struct ipq), GFP_ATOMIC);
 663         if (qp == NULL) 
 664         {
 665                 printk("IP: create: no memory left !\n");
 666                 return(NULL);
 667         }
 668         memset(qp, 0, sizeof(struct ipq));
 669 
 670         /* Allocate memory for the MAC header. */
 671         maclen = ((unsigned long) iph) - ((unsigned long) skb->data);
 672         qp->mac = (unsigned char *) kmalloc(maclen, GFP_ATOMIC);
 673         if (qp->mac == NULL) 
 674         {
 675                 printk("IP: create: no memory left !\n");
 676                 kfree_s(qp, sizeof(struct ipq));
 677                 return(NULL);
 678         }
 679 
 680         /* Allocate memory for the IP header (plus 8 octects for ICMP). */
 681         ihlen = (iph->ihl * sizeof(unsigned long));
 682         qp->iph = (struct iphdr *) kmalloc(ihlen + 8, GFP_ATOMIC);
 683         if (qp->iph == NULL) 
 684         {
 685                 printk("IP: create: no memory left !\n");
 686                 kfree_s(qp->mac, maclen);
 687                 kfree_s(qp, sizeof(struct ipq));
 688                 return(NULL);
 689         }
 690 
 691         /* Fill in the structure. */
 692         memcpy(qp->mac, skb->data, maclen);
 693         memcpy(qp->iph, iph, ihlen + 8);
 694         qp->len = 0;
 695         qp->ihlen = ihlen;
 696         qp->maclen = maclen;
 697         qp->fragments = NULL;
 698         qp->dev = dev;
 699 /*      printk("Protocol = %d\n",qp->iph->protocol);*/
 700         
 701         /* Start a timer for this entry. */
 702         qp->timer.expires = IP_FRAG_TIME;               /* about 30 seconds     */
 703         qp->timer.data = (unsigned long) qp;            /* pointer to queue     */
 704         qp->timer.function = ip_expire;                 /* expire function      */
 705         add_timer(&qp->timer);
 706 
 707         /* Add this entry to the queue. */
 708         qp->prev = NULL;
 709         cli();
 710         qp->next = ipqueue;
 711         if (qp->next != NULL) 
 712                 qp->next->prev = qp;
 713         ipqueue = qp;
 714         sti();
 715         return(qp);
 716 }
 717  
 718  
 719  /* See if a fragment queue is complete. */
 720 static int ip_done(struct ipq *qp)
     /*  */
 721 {
 722         struct ipfrag *fp;
 723         int offset;
 724  
 725         /* Only possible if we received the final fragment. */
 726         if (qp->len == 0) 
 727                 return(0);
 728  
 729         /* Check all fragment offsets to see if they connect. */
 730         fp = qp->fragments;
 731         offset = 0;
 732         while (fp != NULL) 
 733         {
 734                 if (fp->offset > offset) 
 735                         return(0);      /* fragment(s) missing */
 736                 offset = fp->end;
 737                 fp = fp->next;
 738         }
 739  
 740         /* All fragments are present. */
 741         return(1);
 742  }
 743  
 744  
 745 /* Build a new IP datagram from all its fragments. */
 746 static struct sk_buff *ip_glue(struct ipq *qp)
     /*  */
 747 {
 748         struct sk_buff *skb;
 749         struct iphdr *iph;
 750         struct ipfrag *fp;
 751         unsigned char *ptr;
 752         int count, len;
 753  
 754         /* Allocate a new buffer for the datagram. */
 755         len = sizeof(struct sk_buff)+qp->maclen + qp->ihlen + qp->len;
 756         if ((skb = alloc_skb(len,GFP_ATOMIC)) == NULL) 
 757         {
 758                 printk("IP: queue_glue: no memory for glueing queue 0x%X\n", (int) qp);
 759                 ip_free(qp);
 760                 return(NULL);
 761         }
 762  
 763         /* Fill in the basic details. */
 764         skb->len = (len - qp->maclen);
 765         skb->h.raw = skb->data;
 766         skb->free = 1;
 767         skb->lock = 1;
 768  
 769         /* Copy the original MAC and IP headers into the new buffer. */
 770         ptr = (unsigned char *) skb->h.raw;
 771         memcpy(ptr, ((unsigned char *) qp->mac), qp->maclen);
 772 /*      printk("Copied %d bytes of mac header.\n",qp->maclen);*/
 773         ptr += qp->maclen;
 774         memcpy(ptr, ((unsigned char *) qp->iph), qp->ihlen);
 775 /*      printk("Copied %d byte of ip header.\n",qp->ihlen);*/
 776         ptr += qp->ihlen;
 777         skb->h.raw += qp->maclen;
 778         
 779 /*      printk("Protocol = %d\n",skb->h.iph->protocol);*/
 780         count = 0;
 781  
 782         /* Copy the data portions of all fragments into the new buffer. */
 783         fp = qp->fragments;
 784         while(fp != NULL) 
 785         {
 786                 if(count+fp->len>skb->len)
 787                 {
 788                         printk("Invalid fragment list: Fragment over size.\n");
 789                         kfree_skb(skb,FREE_WRITE);
 790                         return NULL;
 791                 }
 792 /*              printk("Fragment %d size %d\n",fp->offset,fp->len);*/
 793                 memcpy((ptr + fp->offset), fp->ptr, fp->len);
 794                 count += fp->len;
 795                 fp = fp->next;
 796         }
 797  
 798         /* We glued together all fragments, so remove the queue entry. */
 799         ip_free(qp);
 800  
 801         /* Done with all fragments. Fixup the new IP header. */
 802         iph = skb->h.iph;
 803         iph->frag_off = 0;
 804         iph->tot_len = htons((iph->ihl * sizeof(unsigned long)) + count);
 805         skb->ip_hdr = iph;
 806         return(skb);
 807 }
 808  
 809 
 810 /* Process an incoming IP datagram fragment. */
 811 static struct sk_buff *ip_defrag(struct iphdr *iph, struct sk_buff *skb, struct device *dev)
     /*  */
 812 {
 813         struct ipfrag *prev, *next;
 814         struct ipfrag *tfp;
 815         struct ipq *qp;
 816         struct sk_buff *skb2;
 817         unsigned char *ptr;
 818         int flags, offset;
 819         int i, ihl, end;
 820 
 821         /* Find the entry of this IP datagram in the "incomplete datagrams" queue. */
 822         qp = ip_find(iph);
 823  
 824         /* Is this a non-fragmented datagram? */
 825         offset = ntohs(iph->frag_off);
 826         flags = offset & ~IP_OFFSET;
 827         offset &= IP_OFFSET;
 828         if (((flags & IP_MF) == 0) && (offset == 0)) 
 829         {
 830                 if (qp != NULL) 
 831                         ip_free(qp);    /* Huh? How could this exist?? */
 832                 return(skb);
 833         }
 834         offset <<= 3;           /* offset is in 8-byte chunks */
 835  
 836         /*
 837          * If the queue already existed, keep restarting its timer as long
 838          * as we still are receiving fragments.  Otherwise, create a fresh
 839          * queue entry.
 840          */
 841         if (qp != NULL) 
 842         {
 843                 del_timer(&qp->timer);
 844                 qp->timer.expires = IP_FRAG_TIME;       /* about 30 seconds     */
 845                 qp->timer.data = (unsigned long) qp;    /* pointer to queue     */
 846                 qp->timer.function = ip_expire;         /* expire function      */
 847                 add_timer(&qp->timer);
 848         } 
 849         else 
 850         {
 851                 if ((qp = ip_create(skb, iph, dev)) == NULL) 
 852                         return(NULL);
 853         }
 854  
 855         /* Determine the position of this fragment. */
 856         ihl = (iph->ihl * sizeof(unsigned long));
 857         end = offset + ntohs(iph->tot_len) - ihl;
 858  
 859         /* Point into the IP datagram 'data' part. */
 860         ptr = skb->data + dev->hard_header_len + ihl;
 861  
 862         /* Is this the final fragment? */
 863         if ((flags & IP_MF) == 0) 
 864                 qp->len = end;
 865  
 866         /*
 867          * Find out which fragments are in front and at the back of us
 868          * in the chain of fragments so far.  We must know where to put
 869          * this fragment, right?
 870          */
 871         prev = NULL;
 872         for(next = qp->fragments; next != NULL; next = next->next) 
 873         {
 874                 if (next->offset > offset) 
 875                         break;  /* bingo! */
 876                 prev = next;
 877         }       
 878  
 879         /*
 880          * We found where to put this one.
 881          * Check for overlap with preceeding fragment, and, if needed,
 882          * align things so that any overlaps are eliminated.
 883          */
 884         if (prev != NULL && offset < prev->end) 
 885         {
 886                 i = prev->end - offset;
 887                 offset += i;    /* ptr into datagram */
 888                 ptr += i;       /* ptr into fragment data */
 889                 DPRINTF((DBG_IP, "IP: defrag: fixed low overlap %d bytes\n", i));
 890         }       
 891  
 892         /*
 893          * Look for overlap with succeeding segments.
 894          * If we can merge fragments, do it.
 895          */
 896    
 897         for(; next != NULL; next = tfp) 
 898         {
 899                 tfp = next->next;
 900                 if (next->offset >= end) 
 901                         break;          /* no overlaps at all */
 902  
 903                 i = end - next->offset;                 /* overlap is 'i' bytes */
 904                 next->len -= i;                         /* so reduce size of    */
 905                 next->offset += i;                      /* next fragment        */
 906                 next->ptr += i;
 907                 
 908                 /* If we get a frag size of <= 0, remove it. */
 909                 if (next->len <= 0) 
 910                 {
 911                         DPRINTF((DBG_IP, "IP: defrag: removing frag 0x%X (len %d)\n",
 912                                                         next, next->len));
 913                         if (next->prev != NULL) 
 914                                 next->prev->next = next->next;
 915                         else 
 916                                 qp->fragments = next->next;
 917                 
 918                         if (tfp->next != NULL) 
 919                                 next->next->prev = next->prev;
 920                         
 921                         kfree_s(next, sizeof(struct ipfrag));
 922                 }
 923                 DPRINTF((DBG_IP, "IP: defrag: fixed high overlap %d bytes\n", i));
 924         }
 925  
 926         /* Insert this fragment in the chain of fragments. */
 927         tfp = NULL;
 928         tfp = ip_frag_create(offset, end, skb, ptr);
 929         tfp->prev = prev;
 930         tfp->next = next;
 931         if (prev != NULL) 
 932                 prev->next = tfp;
 933         else 
 934                 qp->fragments = tfp;
 935    
 936         if (next != NULL) 
 937                 next->prev = tfp;
 938  
 939         /*
 940          * OK, so we inserted this new fragment into the chain.
 941          * Check if we now have a full IP datagram which we can
 942          * bump up to the IP layer...
 943          */
 944    
 945         if (ip_done(qp)) 
 946         {
 947                 skb2 = ip_glue(qp);             /* glue together the fragments */
 948                 return(skb2);
 949         }
 950         return(NULL);
 951  }
 952  
 953  
 954  /*
 955   * This IP datagram is too large to be sent in one piece.  Break it up into
 956   * smaller pieces (each of size equal to the MAC header plus IP header plus
 957   * a block of the data of the original IP data part) that will yet fit in a
 958   * single device frame, and queue such a frame for sending by calling the
 959   * ip_queue_xmit().  Note that this is recursion, and bad things will happen
 960   * if this function causes a loop...
 961   */
 962  void ip_fragment(struct sock *sk, struct sk_buff *skb, struct device *dev, int is_frag)
     /*  */
 963  {
 964         struct iphdr *iph;
 965         unsigned char *raw;
 966         unsigned char *ptr;
 967         struct sk_buff *skb2;
 968         int left, mtu, hlen, len;
 969         int offset;
 970  
 971         /* Point into the IP datagram header. */
 972         raw = skb->data;
 973         iph = (struct iphdr *) (raw + dev->hard_header_len);
 974         
 975         /* Setup starting values. */
 976         hlen = (iph->ihl * sizeof(unsigned long));
 977         left = ntohs(iph->tot_len) - hlen;
 978         hlen += dev->hard_header_len;
 979         mtu = (dev->mtu - hlen);
 980         ptr = (raw + hlen);
 981         
 982         DPRINTF((DBG_IP, "IP: Fragmentation Desired\n"));
 983         DPRINTF((DBG_IP, "    DEV=%s, MTU=%d, LEN=%d SRC=%s",
 984                 dev->name, dev->mtu, left, in_ntoa(iph->saddr)));
 985         DPRINTF((DBG_IP, " DST=%s\n", in_ntoa(iph->daddr)));
 986  
 987         /* Check for any "DF" flag. */
 988         if (ntohs(iph->frag_off) & IP_DF) 
 989         {
 990                 DPRINTF((DBG_IP, "IP: Fragmentation Desired, but DF set !\n"));
 991                 DPRINTF((DBG_IP, "    DEV=%s, MTU=%d, LEN=%d SRC=%s",
 992                         dev->name, dev->mtu, left, in_ntoa(iph->saddr)));
 993                 DPRINTF((DBG_IP, " DST=%s\n", in_ntoa(iph->daddr)));
 994  
 995                 /*
 996                  * FIXME:
 997                  * We should send an ICMP warning message here!
 998                  */
 999                  
1000                 icmp_send(skb,ICMP_DEST_UNREACH, ICMP_FRAG_NEEDED, dev); 
1001                 return;
1002         }
1003  
1004         /* Fragment the datagram. */
1005         if (is_frag & 2)
1006           offset = (ntohs(iph->frag_off) & 0x1fff) << 3;
1007         else
1008           offset = 0;
1009         while(left > 0) 
1010         {
1011                 len = left;
1012                 if (len+8 > mtu) 
1013                         len = (dev->mtu - hlen - 8);
1014                 if ((left - len) >= 8) 
1015                 {
1016                         len /= 8;
1017                         len *= 8;
1018                 }
1019                 DPRINTF((DBG_IP,"IP: frag: creating fragment of %d bytes (%d total)\n",
1020                                                         len, len + hlen));
1021  
1022                 /* Allocate buffer. */
1023                 if ((skb2 = alloc_skb(sizeof(struct sk_buff) + len + hlen,GFP_KERNEL)) == NULL) 
1024                 {
1025                         printk("IP: frag: no memory for new fragment!\n");
1026                         return;
1027                 }
1028                 skb2->arp = skb->arp;
1029                 skb2->free = skb->free;
1030                 skb2->len = len + hlen;
1031                 skb2->h.raw=(char *) skb2->data;
1032  
1033                 if (sk) 
1034                         sk->wmem_alloc += skb2->mem_len;
1035  
1036                 /* Copy the packet header into the new buffer. */
1037                 memcpy(skb2->h.raw, raw, hlen);
1038  
1039                 /* Copy a block of the IP datagram. */
1040                 memcpy(skb2->h.raw + hlen, ptr, len);
1041                 left -= len;
1042 
1043                 skb2->h.raw+=dev->hard_header_len; 
1044                 /* Fill in the new header fields. */
1045                 iph = (struct iphdr *)(skb2->h.raw/*+dev->hard_header_len*/);
1046                 iph->frag_off = htons((offset >> 3));
1047                 /* Added AC : If we are fragmenting a fragment thats not the
1048                    last fragment then keep MF on each bit */
1049                 if (left > 0 || (is_frag & 1)) 
1050                         iph->frag_off |= htons(IP_MF);
1051                 ptr += len;
1052                 offset += len;
1053 /*              printk("Queue frag\n");*/
1054  
1055                 /* Put this fragment into the sending queue. */
1056                 ip_queue_xmit(sk, dev, skb2, 1);
1057 /*              printk("Queued\n");*/
1058         }
1059  }
1060  
1061 
1062 
1063 #ifdef CONFIG_IP_FORWARD
1064 
1065 /* Forward an IP datagram to its next destination. */
1066 static void
1067 ip_forward(struct sk_buff *skb, struct device *dev, int is_frag)
     /*  */
1068 {
1069   struct device *dev2;
1070   struct iphdr *iph;
1071   struct sk_buff *skb2;
1072   struct rtable *rt;
1073   unsigned char *ptr;
1074   unsigned long raddr;
1075 
1076   /*
1077    * Only forward packets that were fired at us when we are in promiscuous
1078    * mode. In standard mode we rely on the driver to filter for us.
1079    */
1080    
1081   if(dev->flags&IFF_PROMISC)
1082   {
1083         if(memcmp((char *)&skb[1],dev->dev_addr,dev->addr_len))
1084                 return;
1085   }
1086   
1087   /*
1088    * According to the RFC, we must first decrease the TTL field. If
1089    * that reaches zero, we must reply an ICMP control message telling
1090    * that the packet's lifetime expired.
1091    */
1092   iph = skb->h.iph;
1093   iph->ttl--;
1094   if (iph->ttl <= 0) {
1095         DPRINTF((DBG_IP, "\nIP: *** datagram expired: TTL=0 (ignored) ***\n"));
1096         DPRINTF((DBG_IP, "    SRC = %s   ", in_ntoa(iph->saddr)));
1097         DPRINTF((DBG_IP, "    DST = %s (ignored)\n", in_ntoa(iph->daddr)));
1098 
1099         /* Tell the sender its packet died... */
1100         icmp_send(skb, ICMP_TIME_EXCEEDED, ICMP_EXC_TTL, dev);
1101         return;
1102   }
1103 
1104   /* Re-compute the IP header checksum. */
1105   ip_send_check(iph);
1106 
1107   /*
1108    * OK, the packet is still valid.  Fetch its destination address,
1109    * and give it to the IP sender for further processing.
1110    */
1111   rt = rt_route(iph->daddr, NULL);
1112   if (rt == NULL) {
1113         DPRINTF((DBG_IP, "\nIP: *** routing (phase I) failed ***\n"));
1114 
1115         /* Tell the sender its packet cannot be delivered... */
1116         icmp_send(skb, ICMP_DEST_UNREACH, ICMP_NET_UNREACH, dev);
1117         return;
1118   }
1119 
1120 
1121   /*
1122    * Gosh.  Not only is the packet valid; we even know how to
1123    * forward it onto its final destination.  Can we say this
1124    * is being plain lucky?
1125    * If the router told us that there is no GW, use the dest.
1126    * IP address itself- we seem to be connected directly...
1127    */
1128   raddr = rt->rt_gateway;
1129   if (raddr != 0) {
1130         rt = rt_route(raddr, NULL);
1131         if (rt == NULL) {
1132                 DPRINTF((DBG_IP, "\nIP: *** routing (phase II) failed ***\n"));
1133 
1134                 /* Tell the sender its packet cannot be delivered... */
1135                 icmp_send(skb, ICMP_DEST_UNREACH, ICMP_HOST_UNREACH, dev);
1136                 return;
1137         }
1138         if (rt->rt_gateway != 0) raddr = rt->rt_gateway;
1139   } else raddr = iph->daddr;
1140   dev2 = rt->rt_dev;
1141 
1142 
1143   if (dev == dev2)
1144         return;
1145   /*
1146    * We now allocate a new buffer, and copy the datagram into it.
1147    * If the indicated interface is up and running, kick it.
1148    */
1149   DPRINTF((DBG_IP, "\nIP: *** fwd %s -> ", in_ntoa(iph->saddr)));
1150   DPRINTF((DBG_IP, "%s (via %s), LEN=%d\n",
1151                         in_ntoa(raddr), dev2->name, skb->len));
1152 
1153   if (dev2->flags & IFF_UP) {
1154         skb2 = (struct sk_buff *) alloc_skb(sizeof(struct sk_buff) +
1155                        dev2->hard_header_len + skb->len, GFP_ATOMIC);
1156         if (skb2 == NULL) {
1157                 printk("\nIP: No memory available for IP forward\n");
1158                 return;
1159         }
1160         ptr = skb2->data;
1161         skb2->sk = NULL;
1162         skb2->free = 1;
1163         skb2->len = skb->len + dev2->hard_header_len;
1164         skb2->mem_addr = skb2;
1165         skb2->mem_len = sizeof(struct sk_buff) + skb2->len;
1166         skb2->next = NULL;
1167         skb2->h.raw = ptr;
1168 
1169         /* Copy the packet data into the new buffer. */
1170         memcpy(ptr + dev2->hard_header_len, skb->h.raw, skb->len);
1171                 
1172         /* Now build the MAC header. */
1173         (void) ip_send(skb2, raddr, skb->len, dev2, dev2->pa_addr);
1174 
1175         if(skb2->len > dev2->mtu)
1176         {
1177                 ip_fragment(NULL,skb2,dev2, is_frag);
1178                 kfree_skb(skb2,FREE_WRITE);
1179         }
1180         else
1181                 dev2->queue_xmit(skb2, dev2, SOPRI_NORMAL);
1182   }
1183 }
1184 
1185 
1186 #endif
1187 
1188 /* This function receives all incoming IP datagrams. */
1189 int
1190 ip_rcv(struct sk_buff *skb, struct device *dev, struct packet_type *pt)
     /*  */
1191 {
1192   struct iphdr *iph = skb->h.iph;
1193   unsigned char hash;
1194   unsigned char flag = 0;
1195   unsigned char opts_p = 0;     /* Set iff the packet has options. */
1196   struct inet_protocol *ipprot;
1197   static struct options opt; /* since we don't use these yet, and they
1198                                 take up stack space. */
1199   int brd;
1200   int is_frag=0;
1201 
1202   DPRINTF((DBG_IP, "<<\n"));
1203 
1204   skb->ip_hdr = iph;            /* Fragments can cause ICMP errors too! */
1205   /* Is the datagram acceptable? */
1206   if (skb->len<sizeof(struct iphdr) || iph->ihl<5 || iph->version != 4 || ip_fast_csum((unsigned char *)iph, iph->ihl) !=0) {
1207         DPRINTF((DBG_IP, "\nIP: *** datagram error ***\n"));
1208         DPRINTF((DBG_IP, "    SRC = %s   ", in_ntoa(iph->saddr)));
1209         DPRINTF((DBG_IP, "    DST = %s (ignored)\n", in_ntoa(iph->daddr)));
1210         skb->sk = NULL;
1211         kfree_skb(skb, FREE_WRITE);
1212         return(0);
1213   }
1214   
1215   if (iph->ihl != 5) {          /* Fast path for the typical optionless IP packet. */
1216       ip_print(iph);            /* Bogus, only for debugging. */
1217       memset((char *) &opt, 0, sizeof(opt));
1218       if (do_options(iph, &opt) != 0)
1219           return 0;
1220       opts_p = 1;
1221   }
1222 
1223   if (iph->frag_off & 0x0020)
1224         is_frag|=1;
1225   if (ntohs(iph->frag_off) & 0x1fff)
1226         is_frag|=2;
1227         
1228   /* Do any IP forwarding required.  chk_addr() is expensive -- avoid it someday. */
1229   if ((brd = chk_addr(iph->daddr)) == 0) {
1230 #ifdef CONFIG_IP_FORWARD
1231         ip_forward(skb, dev, is_frag);
1232 #else
1233         printk("Machine %x tried to use us as a forwarder to %x but we have forwarding disabled!\n",
1234                         iph->saddr,iph->daddr);
1235 #endif                  
1236         skb->sk = NULL;
1237         kfree_skb(skb, FREE_WRITE);
1238         return(0);
1239   }
1240 
1241   /*
1242    * Reassemble IP fragments. 
1243    */
1244 
1245   if(is_frag)
1246   {
1247 #ifdef CONFIG_IP_DEFRAG
1248         skb=ip_defrag(iph,skb,dev);
1249         if(skb==NULL)
1250         {
1251                 return 0;
1252         }
1253         iph=skb->h.iph;
1254 #else
1255         printk("\nIP: *** datagram fragmentation not yet implemented ***\n");
1256         printk("    SRC = %s   ", in_ntoa(iph->saddr));
1257         printk("    DST = %s (ignored)\n", in_ntoa(iph->daddr));
1258         icmp_send(skb, ICMP_DEST_UNREACH, ICMP_PROT_UNREACH, dev);
1259         skb->sk = NULL;
1260         kfree_skb(skb, FREE_WRITE);
1261         return(0);
1262 #endif
1263   }
1264 
1265 
1266 
1267   if(brd==IS_INVBCAST)
1268   {
1269 /*      printk("Invalid broadcast address from %x [target %x] (Probably they have a wrong netmask)\n",
1270                 iph->saddr,iph->daddr);*/
1271         skb->sk=NULL;
1272         kfree_skb(skb,FREE_WRITE);
1273         return(0);
1274   }
1275   
1276   /* Point into the IP datagram, just past the header. */
1277 
1278   skb->ip_hdr = iph;
1279   skb->h.raw += iph->ihl*4;
1280   hash = iph->protocol & (MAX_INET_PROTOS -1);
1281   for (ipprot = (struct inet_protocol *)inet_protos[hash];
1282        ipprot != NULL;
1283        ipprot=(struct inet_protocol *)ipprot->next)
1284     {
1285        struct sk_buff *skb2;
1286 
1287        if (ipprot->protocol != iph->protocol) continue;
1288        DPRINTF((DBG_IP, "Using protocol = %X:\n", ipprot));
1289        print_ipprot(ipprot);
1290 
1291        /*
1292         * See if we need to make a copy of it.  This will
1293         * only be set if more than one protocol wants it. 
1294         * and then not for the last one.
1295         */
1296        if (ipprot->copy) {
1297                 skb2 = alloc_skb(skb->mem_len, GFP_ATOMIC);
1298                 if (skb2 == NULL) 
1299                         continue;
1300                 memcpy(skb2, skb, skb->mem_len);
1301                 skb2->mem_addr = skb2;
1302                 skb2->ip_hdr = (struct iphdr *)(
1303                                 (unsigned long)skb2 +
1304                                 (unsigned long) skb->ip_hdr -
1305                                 (unsigned long)skb);
1306                 skb2->h.raw = (unsigned char *)(
1307                                 (unsigned long)skb2 +
1308                                 (unsigned long) skb->h.raw -
1309                                 (unsigned long)skb);
1310                 skb2->free=1;
1311         } else {
1312                 skb2 = skb;
1313         }
1314         flag = 1;
1315 
1316        /*
1317         * Pass on the datagram to each protocol that wants it,
1318         * based on the datagram protocol.  We should really
1319         * check the protocol handler's return values here...
1320         */
1321         ipprot->handler(skb2, dev, opts_p ? &opt : 0, iph->daddr,
1322                         (ntohs(iph->tot_len) - (iph->ihl * 4)),
1323                         iph->saddr, 0, ipprot);
1324 
1325   }
1326 
1327   /*
1328    * All protocols checked.
1329    * If this packet was a broadcast, we may *not* reply to it, since that
1330    * causes (proven, grin) ARP storms and a leakage of memory (i.e. all
1331    * ICMP reply messages get queued up for transmission...)
1332    */
1333   if (!flag) {
1334         if (brd != IS_BROADCAST)
1335                 icmp_send(skb, ICMP_DEST_UNREACH, ICMP_PROT_UNREACH, dev);
1336         skb->sk = NULL;
1337         kfree_skb(skb, FREE_WRITE);
1338   }
1339 
1340   return(0);
1341 }
1342 
1343 
1344 /*
1345  * Queues a packet to be sent, and starts the transmitter
1346  * if necessary.  if free = 1 then we free the block after
1347  * transmit, otherwise we don't.
1348  * This routine also needs to put in the total length, and
1349  * compute the checksum.
1350  */
1351 void
1352 ip_queue_xmit(struct sock *sk, struct device *dev, 
     /*  */
1353               struct sk_buff *skb, int free)
1354 {
1355   struct iphdr *iph;
1356   unsigned char *ptr;
1357 
1358   if (sk == NULL) free = 1;
1359   if (dev == NULL) {
1360         printk("IP: ip_queue_xmit dev = NULL\n");
1361         return;
1362   }
1363   IS_SKB(skb);
1364   skb->free = free;
1365   skb->dev = dev;
1366   skb->when = jiffies;
1367   
1368   DPRINTF((DBG_IP, ">>\n"));
1369   ptr = skb->data;
1370   ptr += dev->hard_header_len;
1371   iph = (struct iphdr *)ptr;
1372   iph->tot_len = ntohs(skb->len-dev->hard_header_len);
1373 
1374   if(skb->len > dev->mtu)
1375   {
1376 /*      printk("Fragment!\n");*/
1377         ip_fragment(sk,skb,dev,0);
1378         IS_SKB(skb);
1379         kfree_skb(skb,FREE_WRITE);
1380         return;
1381   }
1382   
1383   ip_send_check(iph);
1384   ip_print(iph);
1385   skb->next = NULL;
1386 
1387   /* See if this is the one trashing our queue. Ross? */
1388   skb->magic = 1;
1389   if (!free) {
1390         skb->link3 = NULL;
1391         sk->packets_out++;
1392         cli();
1393         if (sk->send_head == NULL) {
1394                 sk->send_tail = skb;
1395                 sk->send_head = skb;
1396         } else {
1397                 /* See if we've got a problem. */
1398                 if (sk->send_tail == NULL) {
1399                         printk("IP: ***bug sk->send_tail == NULL != sk->send_head\n");
1400                         sort_send(sk);
1401                 } else {
1402                         sk->send_tail->link3 = skb;
1403                         sk->send_tail = skb;
1404                 }
1405         }
1406         sti();
1407         reset_timer(sk, TIME_WRITE, sk->rto);
1408   } else {
1409         skb->sk = sk;
1410   }
1411 
1412   /* If the indicated interface is up and running, kick it. */
1413   if (dev->flags & IFF_UP) {
1414         if (sk != NULL) {
1415                 dev->queue_xmit(skb, dev, sk->priority);
1416         } 
1417         else {
1418                 dev->queue_xmit(skb, dev, SOPRI_NORMAL);
1419         }
1420   } else {
1421         if (free) kfree_skb(skb, FREE_WRITE);
1422   }
1423 }
1424 
1425 
1426 void
1427 ip_do_retransmit(struct sock *sk, int all)
     /*  */
1428 {
1429   struct sk_buff * skb;
1430   struct proto *prot;
1431   struct device *dev;
1432   int retransmits;
1433 
1434   prot = sk->prot;
1435   skb = sk->send_head;
1436   retransmits = sk->retransmits;
1437   while (skb != NULL) {
1438         dev = skb->dev;
1439         /* I know this can't happen but as it does.. */
1440         if(dev==NULL)
1441         {
1442                 printk("ip_retransmit: NULL device bug!\n");
1443                 goto oops;
1444         }
1445 
1446         IS_SKB(skb);
1447         
1448         /*
1449          * The rebuild_header function sees if the ARP is done.
1450          * If not it sends a new ARP request, and if so it builds
1451          * the header.
1452          */
1453         cli();  /* We might get interrupted by an arp reply here and fill
1454                    the frame in twice. Because of the technique used this
1455                    would be a little sad */
1456         if (!skb->arp) {
1457                 if (dev->rebuild_header(skb->data, dev)) {
1458                         sti();  /* Failed to rebuild - next */
1459                         if (!all) break;
1460                         skb = (struct sk_buff *)skb->link3;
1461                         continue;
1462                 }
1463         }
1464         skb->arp = 1;
1465         sti();
1466         skb->when = jiffies;
1467 
1468         /* If the interface is (still) up and running, kick it. */
1469         if (dev->flags & IFF_UP) {
1470                 if (sk && !skb_device_locked(skb))
1471                         dev->queue_xmit(skb, dev, sk->priority);
1472         /*        else dev->queue_xmit(skb, dev, SOPRI_NORMAL ); CANNOT HAVE SK=NULL HERE */
1473         }
1474 
1475 oops:   retransmits++;
1476         sk->prot->retransmits ++;
1477         if (!all) break;
1478 
1479         /* This should cut it off before we send too many packets. */
1480         if (sk->retransmits > sk->cong_window) break;
1481         skb = (struct sk_buff *)skb->link3;
1482   }
1483 }
1484 
1485 /*
1486  * This is the normal code called for timeouts.  It does the retransmission
1487  * and then does backoff.  ip_do_retransmit is separated out because
1488  * tcp_ack needs to send stuff from the retransmit queue without
1489  * initiating a backoff.
1490  */
1491 
1492 void
1493 ip_retransmit(struct sock *sk, int all)
     /*  */
1494 {
1495   ip_do_retransmit(sk, all);
1496 
1497   /*
1498    * Increase the timeout each time we retransmit.  Note that
1499    * we do not increase the rtt estimate.  rto is initialized
1500    * from rtt, but increases here.  Jacobson (SIGCOMM 88) suggests
1501    * that doubling rto each time is the least we can get away with.
1502    * In KA9Q, Karns uses this for the first few times, and then
1503    * goes to quadratic.  netBSD doubles, but only goes up to *64,
1504    * and clamps at 1 to 64 sec afterwards.  Note that 120 sec is
1505    * defined in the protocol as the maximum possible RTT.  I guess
1506    * we'll have to use something other than TCP to talk to the
1507    * University of Mars.
1508    */
1509 
1510   sk->retransmits++;
1511   sk->backoff++;
1512   sk->rto = min(sk->rto << 1, 120*HZ);
1513   reset_timer(sk, TIME_WRITE, sk->rto);
1514 }
1515 
1516 /*
1517  *      Socket option code for IP. This is the end of the line after any TCP,UDP etc options on
1518  *      an IP socket.
1519  */
1520  
1521 int ip_setsockopt(struct sock *sk, int level, int optname, char *optval, int optlen)
     /*  */
1522 {
1523         int val,err;
1524         
1525         if (optval == NULL) 
1526                 return(-EINVAL);
1527 
1528         err=verify_area(VERIFY_READ, optval, sizeof(int));
1529         if(err)
1530                 return err;
1531         
1532         val = get_fs_long((unsigned long *)optval);
1533 
1534         if(level!=SOL_IP)
1535                 return -EOPNOTSUPP;
1536 
1537         switch(optname)
1538         {
1539                 case IP_TOS:
1540                         if(val<0||val>255)
1541                                 return -EINVAL;
1542                         sk->ip_tos=val;
1543                         return 0;
1544                 case IP_TTL:
1545                         if(val<1||val>255)
1546                                 return -EINVAL;
1547                         sk->ip_ttl=val;
1548                         return 0;
1549                 /* IP_OPTIONS and friends go here eventually */
1550                 default:
1551                         return(-ENOPROTOOPT);
1552         }
1553 }
1554 
1555 int ip_getsockopt(struct sock *sk, int level, int optname, char *optval, int *optlen)
     /*  */
1556 {
1557         int val,err;
1558         
1559         if(level!=SOL_IP)
1560                 return -EOPNOTSUPP;
1561                 
1562         switch(optname)
1563         {
1564                 case IP_TOS:
1565                         val=sk->ip_tos;
1566                         break;
1567                 case IP_TTL:
1568                         val=sk->ip_ttl;
1569                         break;
1570                 default:
1571                         return(-ENOPROTOOPT);
1572         }
1573         err=verify_area(VERIFY_WRITE, optlen, sizeof(int));
1574         if(err)
1575                 return err;
1576         put_fs_long(sizeof(int),(unsigned long *) optlen);
1577 
1578         err=verify_area(VERIFY_WRITE, optval, sizeof(int));
1579         if(err)
1580                 return err;
1581         put_fs_long(val,(unsigned long *)optval);
1582 
1583         return(0);
1584 }

/* */