VirtualBox

source: vbox/trunk/src/VBox/Devices/Network/slirp/ip_icmpwin.c@ 74946

Last change on this file since 74946 was 73097, checked in by vboxsync, 7 years ago

*: Made RT_UOFFSETOF, RT_OFFSETOF, RT_UOFFSETOF_ADD and RT_OFFSETOF_ADD work like builtin_offsetof() and require compile time resolvable requests, adding RT_UOFFSETOF_DYN for the dynamic questions that can only be answered at runtime.

  • Property svn:eol-style set to native
  • Property svn:keywords set to Author Data Id Revision
File size: 14.5 KB
Line 
1/* $Id: ip_icmpwin.c 73097 2018-07-12 21:06:33Z vboxsync $ */
2/** @file
3 * NAT - Windows ICMP API based ping proxy.
4 */
5
6/*
7 * Copyright (C) 2006-2017 Oracle Corporation
8 *
9 * This file is part of VirtualBox Open Source Edition (OSE), as
10 * available from http://www.virtualbox.org. This file is free software;
11 * you can redistribute it and/or modify it under the terms of the GNU
12 * General Public License (GPL) as published by the Free Software
13 * Foundation, in version 2 as it comes in the "COPYING" file of the
14 * VirtualBox OSE distribution. VirtualBox OSE is distributed in the
15 * hope that it will be useful, but WITHOUT ANY WARRANTY of any kind.
16 */
17
18#include "slirp.h"
19#include "ip_icmp.h"
20
21#include <winternl.h> /* for PIO_APC_ROUTINE &c */
22#ifndef PIO_APC_ROUTINE_DEFINED
23# define PIO_APC_ROUTINE_DEFINED 1
24#endif
25#include <iprt/win/iphlpapi.h>
26#include <icmpapi.h>
27
28/*
29 * A header of ICMP ECHO. Intended for storage, unlike struct icmp
30 * which is intended to be overlayed onto a buffer.
31 */
32struct icmp_echo {
33 uint8_t icmp_type;
34 uint8_t icmp_code;
35 uint16_t icmp_cksum;
36 uint16_t icmp_echo_id;
37 uint16_t icmp_echo_seq;
38};
39
40AssertCompileSize(struct icmp_echo, 8);
41
42
43struct pong {
44 PNATState pData;
45
46 TAILQ_ENTRY(pong) queue_entry;
47
48 struct ip reqiph;
49 struct icmp_echo reqicmph;
50
51 size_t bufsize;
52 uint8_t buf[1];
53};
54
55
56static VOID WINAPI icmpwin_callback_apc(void *ctx, PIO_STATUS_BLOCK iob, ULONG reserved);
57static VOID WINAPI icmpwin_callback_old(void *ctx);
58
59static void icmpwin_callback(struct pong *pong);
60static void icmpwin_pong(struct pong *pong);
61
62static struct mbuf *icmpwin_get_error(struct pong *pong, int type, int code);
63static struct mbuf *icmpwin_get_mbuf(PNATState pData, size_t reqsize);
64
65
66/*
67 * On Windows XP and Windows Server 2003 IcmpSendEcho2() callback
68 * is FARPROC, but starting from Vista it's PIO_APC_ROUTINE with
69 * two extra arguments. Callbacks use WINAPI (stdcall) calling
70 * convention with callee responsible for popping the arguments,
71 * so to avoid stack corruption we check windows version at run
72 * time and provide correct callback.
73 *
74 * XXX: this is system-wide, but what about multiple NAT threads?
75 */
76static PIO_APC_ROUTINE g_pfnIcmpCallback;
77
78
79int
80icmpwin_init(PNATState pData)
81{
82 if (g_pfnIcmpCallback == NULL)
83 {
84 OSVERSIONINFO osvi;
85 int status;
86
87 ZeroMemory(&osvi, sizeof(OSVERSIONINFO));
88 osvi.dwOSVersionInfoSize = sizeof(OSVERSIONINFO);
89 status = GetVersionEx(&osvi);
90 if (status == 0)
91 return 1;
92
93 if (osvi.dwMajorVersion >= 6)
94 g_pfnIcmpCallback = icmpwin_callback_apc;
95 else
96 g_pfnIcmpCallback = (PIO_APC_ROUTINE)icmpwin_callback_old;
97 }
98
99 TAILQ_INIT(&pData->pongs_expected);
100 TAILQ_INIT(&pData->pongs_received);
101
102 pData->icmp_socket.sh = IcmpCreateFile();
103 pData->phEvents[VBOX_ICMP_EVENT_INDEX] = CreateEvent(NULL, FALSE, FALSE, NULL);
104
105 return 0;
106}
107
108
109void
110icmpwin_finit(PNATState pData)
111{
112 IcmpCloseHandle(pData->icmp_socket.sh);
113
114 while (!TAILQ_EMPTY(&pData->pongs_received)) {
115 struct pong *pong = TAILQ_FIRST(&pData->pongs_received);
116 TAILQ_REMOVE(&pData->pongs_received, pong, queue_entry);
117 RTMemFree(pong);
118 }
119
120 /* this should be empty */
121 while (!TAILQ_EMPTY(&pData->pongs_expected)) {
122 struct pong *pong = TAILQ_FIRST(&pData->pongs_expected);
123 TAILQ_REMOVE(&pData->pongs_expected, pong, queue_entry);
124 pong->pData = NULL;
125 }
126}
127
128
129/*
130 * Outgoing ping from guest.
131 */
132void
133icmpwin_ping(PNATState pData, struct mbuf *m, int hlen)
134{
135 struct ip *ip = mtod(m, struct ip *);
136 size_t reqsize, pongsize;
137 uint8_t ttl;
138 size_t bufsize;
139 struct pong *pong;
140 IPAddr dst;
141 IP_OPTION_INFORMATION opts;
142 void *reqdata;
143 int status;
144
145 ttl = ip->ip_ttl;
146 AssertReturnVoid(ttl > 0);
147
148 reqsize = ip->ip_len - hlen - sizeof(struct icmp_echo);
149
150 bufsize = sizeof(ICMP_ECHO_REPLY);
151 if (reqsize < sizeof(IO_STATUS_BLOCK) + sizeof(struct icmp_echo))
152 bufsize += sizeof(IO_STATUS_BLOCK) + sizeof(struct icmp_echo);
153 else
154 bufsize += reqsize;
155 bufsize += 16; /* whatever that is; empirically at least XP needs it */
156
157 pongsize = RT_UOFFSETOF(struct pong, buf) + bufsize;
158 if (pData->cbIcmpPending + pongsize > 1024 * 1024)
159 return;
160
161 pong = RTMemAlloc(pongsize);
162 if (RT_UNLIKELY(pong == NULL))
163 return;
164
165 pong->pData = pData;
166 pong->bufsize = bufsize;
167 m_copydata(m, 0, hlen, (caddr_t)&pong->reqiph);
168 m_copydata(m, hlen, sizeof(struct icmp_echo), (caddr_t)&pong->reqicmph);
169 AssertReturnVoid(pong->reqicmph.icmp_type == ICMP_ECHO);
170
171 if (m->m_next == NULL)
172 {
173 /* already in single contiguous buffer */
174 reqdata = mtod(m, char *) + sizeof(struct ip) + sizeof(struct icmp_echo);
175 }
176 else
177 {
178 /* use reply buffer as temporary storage */
179 reqdata = pong->buf;
180 m_copydata(m, sizeof(struct ip) + sizeof(struct icmp_echo),
181 (int)reqsize, reqdata);
182 }
183
184 dst = ip->ip_dst.s_addr;
185
186 opts.Ttl = ttl;
187 opts.Tos = ip->ip_tos; /* affected by DisableUserTOSSetting key */
188 opts.Flags = (ip->ip_off & IP_DF) != 0 ? IP_FLAG_DF : 0;
189 opts.OptionsSize = 0;
190 opts.OptionsData = 0;
191
192
193 status = IcmpSendEcho2(pData->icmp_socket.sh, NULL,
194 g_pfnIcmpCallback, pong,
195 dst, reqdata, (WORD)reqsize, &opts,
196 pong->buf, (DWORD)pong->bufsize,
197 5 * 1000 /* ms */);
198
199 if (RT_UNLIKELY(status != 0))
200 {
201 Log2(("NAT: IcmpSendEcho2: unexpected status %d\n", status));
202 }
203 else if ((status = GetLastError()) != ERROR_IO_PENDING)
204 {
205 int code;
206
207 Log2(("NAT: IcmpSendEcho2: error %d\n", status));
208 switch (status) {
209 case ERROR_NETWORK_UNREACHABLE:
210 code = ICMP_UNREACH_NET;
211 break;
212 case ERROR_HOST_UNREACHABLE:
213 code = ICMP_UNREACH_HOST;
214 break;
215 default:
216 code = -1;
217 break;
218 }
219
220 if (code != -1) /* send icmp error */
221 {
222 struct mbuf *em = icmpwin_get_error(pong, ICMP_UNREACH, code);
223 if (em != NULL)
224 {
225 struct ip *eip = mtod(em, struct ip *);
226 eip->ip_src = alias_addr;
227 ip_output(pData, NULL, em);
228 }
229 }
230 }
231 else /* success */
232 {
233 Log2(("NAT: pong %p for ping %RTnaipv4 id 0x%04x seq %d len %zu (%zu)\n",
234 pong, dst,
235 RT_N2H_U16(pong->reqicmph.icmp_echo_id),
236 RT_N2H_U16(pong->reqicmph.icmp_echo_seq),
237 pongsize, reqsize));
238
239 pData->cbIcmpPending += pongsize;
240 TAILQ_INSERT_TAIL(&pData->pongs_expected, pong, queue_entry);
241 pong = NULL; /* callback owns it now */
242 }
243
244 if (pong != NULL)
245 RTMemFree(pong);
246}
247
248
249static VOID WINAPI
250icmpwin_callback_apc(void *ctx, PIO_STATUS_BLOCK iob, ULONG reserved)
251{
252 struct pong *pong = (struct pong *)ctx;
253 if (pong != NULL)
254 icmpwin_callback(pong);
255 RT_NOREF2(iob, reserved);
256}
257
258
259static VOID WINAPI
260icmpwin_callback_old(void *ctx)
261{
262 struct pong *pong = (struct pong *)ctx;
263 if (pong != NULL)
264 icmpwin_callback(pong);
265}
266
267
268/*
269 * Actual callback code for IcmpSendEcho2(). OS version specific
270 * trampoline will free "pong" argument for us.
271 *
272 * Since async callback can be called anytime the thread is alertable,
273 * it's not safe to do any processing here. Instead queue it and
274 * notify the main loop.
275 */
276static void
277icmpwin_callback(struct pong *pong)
278{
279 PNATState pData = pong->pData;
280
281 if (pData == NULL)
282 {
283 RTMemFree(pong);
284 return;
285 }
286
287#ifdef DEBUG
288 {
289 struct pong *expected, *already;
290
291 TAILQ_FOREACH(expected, &pData->pongs_expected, queue_entry)
292 {
293 if (expected == pong)
294 break;
295 }
296 Assert(expected);
297
298 TAILQ_FOREACH(already, &pData->pongs_received, queue_entry)
299 {
300 if (already == pong)
301 break;
302 }
303 Assert(!already);
304 }
305#endif
306
307 TAILQ_REMOVE(&pData->pongs_expected, pong, queue_entry);
308 TAILQ_INSERT_TAIL(&pData->pongs_received, pong, queue_entry);
309
310 WSASetEvent(pData->phEvents[VBOX_ICMP_EVENT_INDEX]);
311}
312
313
314void
315icmpwin_process(PNATState pData)
316{
317 struct pong_tailq pongs;
318
319 if (TAILQ_EMPTY(&pData->pongs_received))
320 return;
321
322 TAILQ_INIT(&pongs);
323 TAILQ_CONCAT(&pongs, &pData->pongs_received, queue_entry);
324
325 while (!TAILQ_EMPTY(&pongs)) {
326 struct pong *pong = TAILQ_FIRST(&pongs);
327 size_t sz;
328
329 sz = RT_UOFFSETOF(struct pong, buf) + pong->bufsize;
330 Assert(pData->cbIcmpPending >= sz);
331 pData->cbIcmpPending -= sz;
332
333 icmpwin_pong(pong);
334
335 TAILQ_REMOVE(&pongs, pong, queue_entry);
336 RTMemFree(pong);
337 }
338}
339
340
341void
342icmpwin_pong(struct pong *pong)
343{
344 PNATState pData;
345 DWORD nreplies;
346 ICMP_ECHO_REPLY *reply;
347 struct mbuf *m;
348 struct ip *ip;
349 struct icmp_echo *icmp;
350 size_t reqsize;
351
352 pData = pong->pData; /* to make slirp_state.h macro hackery work */
353
354 nreplies = IcmpParseReplies(pong->buf, (DWORD)pong->bufsize);
355 if (nreplies == 0)
356 {
357 DWORD error = GetLastError();
358 if (error == IP_REQ_TIMED_OUT)
359 Log2(("NAT: ping %p timed out\n", (void *)pong));
360 else
361 Log2(("NAT: ping %p: IcmpParseReplies: error %d\n",
362 (void *)pong, error));
363 return;
364 }
365
366 reply = (ICMP_ECHO_REPLY *)pong->buf;
367
368 if (reply->Status == IP_SUCCESS)
369 {
370 if (reply->Options.OptionsSize != 0) /* don't do options */
371 return;
372
373 /* need to remap &reply->Address ? */
374 if (/* not a mapped loopback */ 1)
375 {
376 if (reply->Options.Ttl <= 1)
377 return;
378 --reply->Options.Ttl;
379 }
380
381 reqsize = reply->DataSize;
382 if ( (reply->Options.Flags & IP_FLAG_DF) != 0
383 && sizeof(struct ip) + sizeof(struct icmp_echo) + reqsize > (size_t)if_mtu)
384 return;
385
386 m = icmpwin_get_mbuf(pData, reqsize);
387 if (m == NULL)
388 return;
389
390 ip = mtod(m, struct ip *);
391 icmp = (struct icmp_echo *)(mtod(m, char *) + sizeof(*ip));
392
393 /* fill in ip (ip_output0() does the boilerplate for us) */
394 ip->ip_tos = reply->Options.Tos;
395 ip->ip_len = sizeof(*ip) + sizeof(*icmp) + (int)reqsize;
396 ip->ip_off = 0;
397 ip->ip_ttl = reply->Options.Ttl;
398 ip->ip_p = IPPROTO_ICMP;
399 ip->ip_src.s_addr = reply->Address;
400 ip->ip_dst = pong->reqiph.ip_src;
401
402 icmp->icmp_type = ICMP_ECHOREPLY;
403 icmp->icmp_code = 0;
404 icmp->icmp_cksum = 0;
405 icmp->icmp_echo_id = pong->reqicmph.icmp_echo_id;
406 icmp->icmp_echo_seq = pong->reqicmph.icmp_echo_seq;
407
408 m_append(pData, m, (int)reqsize, reply->Data);
409
410 icmp->icmp_cksum = in_cksum_skip(m, ip->ip_len, sizeof(*ip));
411 }
412 else {
413 uint8_t type, code;
414
415 switch (reply->Status) {
416 case IP_DEST_NET_UNREACHABLE:
417 type = ICMP_UNREACH; code = ICMP_UNREACH_NET;
418 break;
419 case IP_DEST_HOST_UNREACHABLE:
420 type = ICMP_UNREACH; code = ICMP_UNREACH_HOST;
421 break;
422 case IP_DEST_PROT_UNREACHABLE:
423 type = ICMP_UNREACH; code = ICMP_UNREACH_PROTOCOL;
424 break;
425 case IP_PACKET_TOO_BIG:
426 type = ICMP_UNREACH; code = ICMP_UNREACH_NEEDFRAG;
427 break;
428 case IP_SOURCE_QUENCH:
429 type = ICMP_SOURCEQUENCH; code = 0;
430 break;
431 case IP_TTL_EXPIRED_TRANSIT:
432 type = ICMP_TIMXCEED; code = ICMP_TIMXCEED_INTRANS;
433 break;
434 case IP_TTL_EXPIRED_REASSEM:
435 type = ICMP_TIMXCEED; code = ICMP_TIMXCEED_REASS;
436 break;
437 default:
438 Log2(("NAT: ping reply status %d, dropped\n", reply->Status));
439 return;
440 }
441
442 Log2(("NAT: ping status %d -> type %d/code %d\n",
443 reply->Status, type, code));
444
445 /*
446 * XXX: we don't know the TTL of the request at the time this
447 * ICMP error was generated (we can guess it was 1 for ttl
448 * exceeded, but don't bother faking it).
449 */
450 m = icmpwin_get_error(pong, type, code);
451 if (m == NULL)
452 return;
453
454 ip = mtod(m, struct ip *);
455
456 ip->ip_tos = reply->Options.Tos;
457 ip->ip_ttl = reply->Options.Ttl; /* XXX: decrement */
458 ip->ip_src.s_addr = reply->Address;
459 }
460
461 Assert(ip->ip_len == m_length(m, NULL));
462 ip_output(pData, NULL, m);
463}
464
465
466/*
467 * Prepare mbuf with ICMP error type/code.
468 * IP source must be filled by the caller.
469 */
470static struct mbuf *
471icmpwin_get_error(struct pong *pong, int type, int code)
472{
473 PNATState pData = pong->pData;
474 struct mbuf *m;
475 struct ip *ip;
476 struct icmp_echo *icmp;
477 size_t reqsize;
478
479 Log2(("NAT: ping error type %d/code %d\n", type, code));
480
481 reqsize = sizeof(pong->reqiph) + sizeof(pong->reqicmph);
482
483 m = icmpwin_get_mbuf(pData, reqsize);
484 if (m == NULL)
485 return NULL;
486
487 ip = mtod(m, struct ip *);
488 icmp = (struct icmp_echo *)(mtod(m, char *) + sizeof(*ip));
489
490 ip->ip_tos = 0;
491 ip->ip_len = sizeof(*ip) + sizeof(*icmp) + (int)reqsize;
492 ip->ip_off = 0;
493 ip->ip_ttl = IPDEFTTL;
494 ip->ip_p = IPPROTO_ICMP;
495 ip->ip_src.s_addr = 0; /* NB */
496 ip->ip_dst = pong->reqiph.ip_src;
497
498 icmp->icmp_type = type;
499 icmp->icmp_code = code;
500 icmp->icmp_cksum = 0;
501 icmp->icmp_echo_id = 0;
502 icmp->icmp_echo_seq = 0;
503
504 m_append(pData, m, sizeof(pong->reqiph), (caddr_t)&pong->reqiph);
505 m_append(pData, m, sizeof(pong->reqicmph), (caddr_t)&pong->reqicmph);
506
507 icmp->icmp_cksum = in_cksum_skip(m, ip->ip_len, sizeof(*ip));
508
509 return m;
510}
511
512
513/*
514 * Replacing original simple slirp mbufs with real mbufs from freebsd
515 * was a bit messy since assumption are different. This leads to
516 * rather ugly code at times. Hide the gore here.
517 */
518static struct mbuf *
519icmpwin_get_mbuf(PNATState pData, size_t reqsize)
520{
521 struct mbuf *m;
522
523 reqsize += if_maxlinkhdr;
524 reqsize += sizeof(struct ip) + sizeof(struct icmp_echo);
525
526 if (reqsize <= MHLEN)
527 /* good pings come in small packets */
528 m = m_gethdr(pData, M_NOWAIT, MT_HEADER);
529 else
530 m = m_getjcl(pData, M_NOWAIT, MT_HEADER, M_PKTHDR, (int)slirp_size(pData));
531
532 if (m == NULL)
533 return NULL;
534
535 m->m_flags |= M_SKIP_FIREWALL;
536 m->m_data += if_maxlinkhdr; /* reserve leading space for ethernet header */
537
538 m->m_pkthdr.header = mtod(m, void *);
539 m->m_len = sizeof(struct ip) + sizeof(struct icmp_echo);
540
541 return m;
542}
543
Note: See TracBrowser for help on using the repository browser.

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette