0      stevel /*
     0      stevel  * CDDL HEADER START
     0      stevel  *
     0      stevel  * The contents of this file are subject to the terms of the
  1473     ja97890  * Common Development and Distribution License (the "License").
  1473     ja97890  * You may not use this file except in compliance with the License.
     0      stevel  *
     0      stevel  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
     0      stevel  * or http://www.opensolaris.org/os/licensing.
     0      stevel  * See the License for the specific language governing permissions
     0      stevel  * and limitations under the License.
     0      stevel  *
     0      stevel  * When distributing Covered Code, include this CDDL HEADER in each
     0      stevel  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
     0      stevel  * If applicable, add the following below this CDDL HEADER, with the
     0      stevel  * fields enclosed by brackets "[]" replaced with your own identifying
     0      stevel  * information: Portions Copyright [yyyy] [name of copyright owner]
     0      stevel  *
     0      stevel  * CDDL HEADER END
     0      stevel  */
     0      stevel /*
  8477         Rao  * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
     0      stevel  * Use is subject to license terms.
     0      stevel  */
     0      stevel /* Copyright (c) 1990 Mentat Inc. */
     0      stevel 
     0      stevel #include <sys/types.h>
     0      stevel #include <sys/stream.h>
     0      stevel #include <sys/stropts.h>
     0      stevel #include <sys/strlog.h>
     0      stevel #include <sys/strsun.h>
     0      stevel #define	_SUN_TPI_VERSION 2
     0      stevel #include <sys/tihdr.h>
     0      stevel #include <sys/timod.h>
     0      stevel #include <sys/ddi.h>
     0      stevel #include <sys/sunddi.h>
     0      stevel #include <sys/strsubr.h>
     0      stevel #include <sys/suntpi.h>
     0      stevel #include <sys/xti_inet.h>
     0      stevel #include <sys/kmem.h>
 11042        Erik #include <sys/cred_impl.h>
     0      stevel #include <sys/policy.h>
 11042        Erik #include <sys/priv.h>
     0      stevel #include <sys/ucred.h>
     0      stevel #include <sys/zone.h>
     0      stevel 
     0      stevel #include <sys/socket.h>
  8348        Eric #include <sys/socketvar.h>
   741    masputra #include <sys/sockio.h>
     0      stevel #include <sys/vtrace.h>
  2958    dr146992 #include <sys/sdt.h>
     0      stevel #include <sys/debug.h>
     0      stevel #include <sys/isa_defs.h>
     0      stevel #include <sys/random.h>
     0      stevel #include <netinet/in.h>
     0      stevel #include <netinet/ip6.h>
     0      stevel #include <netinet/icmp6.h>
     0      stevel #include <netinet/udp.h>
     0      stevel 
     0      stevel #include <inet/common.h>
     0      stevel #include <inet/ip.h>
   741    masputra #include <inet/ip_impl.h>
 11042        Erik #include <inet/ipsec_impl.h>
     0      stevel #include <inet/ip6.h>
     0      stevel #include <inet/ip_ire.h>
   741    masputra #include <inet/ip_if.h>
   741    masputra #include <inet/ip_multi.h>
  2535    sangeeta #include <inet/ip_ndp.h>
  8348        Eric #include <inet/proto_set.h>
     0      stevel #include <inet/mib2.h>
     0      stevel #include <inet/nd.h>
     0      stevel #include <inet/optcom.h>
     0      stevel #include <inet/snmpcom.h>
     0      stevel #include <inet/kstatcom.h>
   741    masputra #include <inet/ipclassifier.h>
  8275        Eric #include <sys/squeue_impl.h>
  8023        Phil #include <inet/ipnet.h>
  8485       Peter #include <sys/ethernet.h>
   741    masputra 
  1676         jpk #include <sys/tsol/label.h>
  1676         jpk #include <sys/tsol/tnet.h>
  1676         jpk #include <rpc/pmap_prot.h>
     0      stevel 
 11042        Erik #include <inet/udp_impl.h>
 11042        Erik 
     0      stevel /*
     0      stevel  * Synchronization notes:
     0      stevel  *
  5240    nordmark  * UDP is MT and uses the usual kernel synchronization primitives. There are 2
 11042        Erik  * locks, the fanout lock (uf_lock) and conn_lock. conn_lock
 11042        Erik  * protects the contents of the udp_t. uf_lock protects the address and the
 11042        Erik  * fanout information.
 11042        Erik  * The lock order is conn_lock -> uf_lock.
  5240    nordmark  *
  5240    nordmark  * The fanout lock uf_lock:
   741    masputra  * When a UDP endpoint is bound to a local port, it is inserted into
     0      stevel  * a bind hash list.  The list consists of an array of udp_fanout_t buckets.
     0      stevel  * The size of the array is controlled by the udp_bind_fanout_size variable.
     0      stevel  * This variable can be changed in /etc/system if the default value is
   741    masputra  * not large enough.  Each bind hash bucket is protected by a per bucket
   741    masputra  * lock.  It protects the udp_bind_hash and udp_ptpbhn fields in the udp_t
  5240    nordmark  * structure and a few other fields in the udp_t. A UDP endpoint is removed
  5240    nordmark  * from the bind hash list only when it is being unbound or being closed.
  5240    nordmark  * The per bucket lock also protects a UDP endpoint's state changes.
  5240    nordmark  *
   741    masputra  * Plumbing notes:
  5240    nordmark  * UDP is always a device driver. For compatibility with mibopen() code
  5240    nordmark  * it is possible to I_PUSH "udp", but that results in pushing a passthrough
  5240    nordmark  * dummy module.
  5240    nordmark  *
  5240    nordmark  * The above implies that we don't support any intermediate module to
   741    masputra  * reside in between /dev/ip and udp -- in fact, we never supported such
   741    masputra  * scenario in the past as the inter-layer communication semantics have
  5240    nordmark  * always been private.
  5240    nordmark  */
     0      stevel 
  3448    dh155122 /* For /etc/system control */
     0      stevel uint_t udp_bind_fanout_size = UDP_BIND_FANOUT_SIZE;
  1676         jpk 
     0      stevel static void	udp_addr_req(queue_t *q, mblk_t *mp);
  8348        Eric static void	udp_tpi_bind(queue_t *q, mblk_t *mp);
     0      stevel static void	udp_bind_hash_insert(udp_fanout_t *uf, udp_t *udp);
     0      stevel static void	udp_bind_hash_remove(udp_t *udp, boolean_t caller_holds_lock);
 11042        Erik static int	udp_build_hdr_template(conn_t *, const in6_addr_t *,
 11042        Erik     const in6_addr_t *, in_port_t, uint32_t);
     0      stevel static void	udp_capability_req(queue_t *q, mblk_t *mp);
  8348        Eric static int	udp_tpi_close(queue_t *q, int flags);
 11042        Erik static void	udp_close_free(conn_t *);
  8348        Eric static void	udp_tpi_connect(queue_t *q, mblk_t *mp);
  8348        Eric static void	udp_tpi_disconnect(queue_t *q, mblk_t *mp);
     0      stevel static void	udp_err_ack(queue_t *q, mblk_t *mp, t_scalar_t t_error,
 11042        Erik     int sys_error);
 11042        Erik static void	udp_err_ack_prim(queue_t *q, mblk_t *mp, t_scalar_t primitive,
 11042        Erik     t_scalar_t tlierr, int sys_error);
     0      stevel static int	udp_extra_priv_ports_get(queue_t *q, mblk_t *mp, caddr_t cp,
     0      stevel 		    cred_t *cr);
     0      stevel static int	udp_extra_priv_ports_add(queue_t *q, mblk_t *mp,
     0      stevel 		    char *value, caddr_t cp, cred_t *cr);
     0      stevel static int	udp_extra_priv_ports_del(queue_t *q, mblk_t *mp,
     0      stevel 		    char *value, caddr_t cp, cred_t *cr);
 11042        Erik static void	udp_icmp_input(void *, mblk_t *, void *, ip_recv_attr_t *);
 11042        Erik static void	udp_icmp_error_ipv6(conn_t *connp, mblk_t *mp,
 11042        Erik     ip_recv_attr_t *ira);
     0      stevel static void	udp_info_req(queue_t *q, mblk_t *mp);
 11042        Erik static void	udp_input(void *, mblk_t *, void *, ip_recv_attr_t *);
  5240    nordmark static void	udp_lrput(queue_t *, mblk_t *);
  5240    nordmark static void	udp_lwput(queue_t *, mblk_t *);
     0      stevel static int	udp_open(queue_t *q, dev_t *devp, int flag, int sflag,
  5240    nordmark 		    cred_t *credp, boolean_t isv6);
  5240    nordmark static int	udp_openv4(queue_t *q, dev_t *devp, int flag, int sflag,
  5240    nordmark 		    cred_t *credp);
  5240    nordmark static int	udp_openv6(queue_t *q, dev_t *devp, int flag, int sflag,
     0      stevel 		    cred_t *credp);
     0      stevel static boolean_t udp_opt_allow_udr_set(t_scalar_t level, t_scalar_t name);
 11042        Erik int		udp_opt_set(conn_t *connp, uint_t optset_context,
 11042        Erik 		    int level, int name, uint_t inlen,
 11042        Erik 		    uchar_t *invalp, uint_t *outlenp, uchar_t *outvalp,
 11042        Erik 		    void *thisdg_attrs, cred_t *cr);
 11042        Erik int		udp_opt_get(conn_t *connp, int level, int name,
 11042        Erik 		    uchar_t *ptr);
 11042        Erik static int	udp_output_connected(conn_t *connp, mblk_t *mp, cred_t *cr,
 11042        Erik 		    pid_t pid);
 11042        Erik static int	udp_output_lastdst(conn_t *connp, mblk_t *mp, cred_t *cr,
 11042        Erik     pid_t pid, ip_xmit_attr_t *ixa);
 11042        Erik static int	udp_output_newdst(conn_t *connp, mblk_t *data_mp, sin_t *sin,
 11042        Erik 		    sin6_t *sin6, ushort_t ipversion, cred_t *cr, pid_t,
 11042        Erik 		    ip_xmit_attr_t *ixa);
     0      stevel static int	udp_param_get(queue_t *q, mblk_t *mp, caddr_t cp, cred_t *cr);
  3448    dh155122 static boolean_t udp_param_register(IDP *ndp, udpparam_t *udppa, int cnt);
     0      stevel static int	udp_param_set(queue_t *q, mblk_t *mp, char *value, caddr_t cp,
     0      stevel 		    cred_t *cr);
 11042        Erik static mblk_t	*udp_prepend_hdr(conn_t *, ip_xmit_attr_t *, const ip_pkt_t *,
 11042        Erik     const in6_addr_t *, const in6_addr_t *, in_port_t, uint32_t, mblk_t *,
 11042        Erik     int *);
 11042        Erik static mblk_t	*udp_prepend_header_template(conn_t *, ip_xmit_attr_t *,
 11042        Erik     mblk_t *, const in6_addr_t *, in_port_t, uint32_t, int *);
 11042        Erik static void	udp_ud_err(queue_t *q, mblk_t *mp, t_scalar_t err);
 11042        Erik static void	udp_ud_err_connected(conn_t *, t_scalar_t);
  8348        Eric static void	udp_tpi_unbind(queue_t *q, mblk_t *mp);
  1676         jpk static in_port_t udp_update_next_port(udp_t *udp, in_port_t port,
  1676         jpk     boolean_t random);
     0      stevel static void	udp_wput_other(queue_t *q, mblk_t *mp);
     0      stevel static void	udp_wput_iocdata(queue_t *q, mblk_t *mp);
  8348        Eric static void	udp_wput_fallback(queue_t *q, mblk_t *mp);
   741    masputra static size_t	udp_set_rcv_hiwat(udp_t *udp, size_t size);
     0      stevel 
  3448    dh155122 static void	*udp_stack_init(netstackid_t stackid, netstack_t *ns);
  3448    dh155122 static void	udp_stack_fini(netstackid_t stackid, void *arg);
  3448    dh155122 
  3448    dh155122 static void	*udp_kstat_init(netstackid_t stackid);
  3448    dh155122 static void	udp_kstat_fini(netstackid_t stackid, kstat_t *ksp);
  3448    dh155122 static void	*udp_kstat2_init(netstackid_t, udp_stat_t *);
  3448    dh155122 static void	udp_kstat2_fini(netstackid_t, kstat_t *);
     0      stevel static int	udp_kstat_update(kstat_t *kp, int rw);
   741    masputra 
 11042        Erik 
 11042        Erik /* Common routines for TPI and socket module */
 11042        Erik static void	udp_ulp_recv(conn_t *, mblk_t *, uint_t, ip_recv_attr_t *);
  8348        Eric 
  8348        Eric /* Common routine for TPI and socket module */
  8348        Eric static conn_t	*udp_do_open(cred_t *, boolean_t, int);
  8348        Eric static void	udp_do_close(conn_t *);
  8348        Eric static int	udp_do_bind(conn_t *, struct sockaddr *, socklen_t, cred_t *,
  8348        Eric     boolean_t);
  8348        Eric static int	udp_do_unbind(conn_t *);
  8348        Eric 
  8348        Eric int		udp_getsockname(sock_lower_handle_t,
  8348        Eric     struct sockaddr *, socklen_t *, cred_t *);
  8348        Eric int		udp_getpeername(sock_lower_handle_t,
  8348        Eric     struct sockaddr *, socklen_t *, cred_t *);
  8778        Erik static int	udp_do_connect(conn_t *, const struct sockaddr *, socklen_t,
 11042        Erik     cred_t *, pid_t);
  8348        Eric 
   741    masputra #define	UDP_RECV_HIWATER	(56 * 1024)
   741    masputra #define	UDP_RECV_LOWATER	128
   741    masputra #define	UDP_XMIT_HIWATER	(56 * 1024)
   741    masputra #define	UDP_XMIT_LOWATER	1024
   741    masputra 
 11042        Erik #pragma inline(udp_output_connected, udp_output_newdst, udp_output_lastdst)
  8392     Huafeng 
  8392     Huafeng /*
  8392     Huafeng  * Checks if the given destination addr/port is allowed out.
  8392     Huafeng  * If allowed, registers the (dest_addr/port, node_ID) mapping at Cluster.
  8392     Huafeng  * Called for each connect() and for sendto()/sendmsg() to a different
  8392     Huafeng  * destination.
  8392     Huafeng  * For connect(), called in udp_connect().
 11042        Erik  * For sendto()/sendmsg(), called in udp_output_newdst().
  8392     Huafeng  *
  8392     Huafeng  * This macro assumes that the cl_inet_connect2 hook is not NULL.
  8392     Huafeng  * Please check this before calling this macro.
  8392     Huafeng  *
  8392     Huafeng  * void
  8392     Huafeng  * CL_INET_UDP_CONNECT(conn_t cp, udp_t *udp, boolean_t is_outgoing,
  8392     Huafeng  *     in6_addr_t *faddrp, in_port_t (or uint16_t) fport, int err);
  8392     Huafeng  */
 11042        Erik #define	CL_INET_UDP_CONNECT(cp, is_outgoing, faddrp, fport, err) {	\
  8392     Huafeng 	(err) = 0;							\
  8392     Huafeng 	/*								\
  8392     Huafeng 	 * Running in cluster mode - check and register active		\
  8392     Huafeng 	 * "connection" information					\
  8392     Huafeng 	 */								\
 11042        Erik 	if ((cp)->conn_ipversion == IPV4_VERSION)			\
  8392     Huafeng 		(err) = (*cl_inet_connect2)(				\
  8392     Huafeng 		    (cp)->conn_netstack->netstack_stackid,		\
  8392     Huafeng 		    IPPROTO_UDP, is_outgoing, AF_INET,			\
 11042        Erik 		    (uint8_t *)&((cp)->conn_laddr_v4),			\
 11042        Erik 		    (cp)->conn_lport,					\
 11042        Erik 		    (uint8_t *)&(V4_PART_OF_V6(*faddrp)),		\
  8392     Huafeng 		    (in_port_t)(fport), NULL);				\
  8392     Huafeng 	else								\
  8392     Huafeng 		(err) = (*cl_inet_connect2)(				\
  8392     Huafeng 		    (cp)->conn_netstack->netstack_stackid,		\
  8392     Huafeng 		    IPPROTO_UDP, is_outgoing, AF_INET6,			\
 11042        Erik 		    (uint8_t *)&((cp)->conn_laddr_v6),			\
 11042        Erik 		    (cp)->conn_lport,					\
  8392     Huafeng 		    (uint8_t *)(faddrp), (in_port_t)(fport), NULL);	\
  8392     Huafeng }
  8392     Huafeng 
  5240    nordmark static struct module_info udp_mod_info =  {
   741    masputra 	UDP_MOD_ID, UDP_MOD_NAME, 1, INFPSZ, UDP_RECV_HIWATER, UDP_RECV_LOWATER
   741    masputra };
   741    masputra 
  5240    nordmark /*
  5240    nordmark  * Entry points for UDP as a device.
  5240    nordmark  * We have separate open functions for the /dev/udp and /dev/udp6 devices.
  5240    nordmark  */
  5240    nordmark static struct qinit udp_rinitv4 = {
  9991      Anders 	NULL, NULL, udp_openv4, udp_tpi_close, NULL, &udp_mod_info, NULL
  5240    nordmark };
  5240    nordmark 
  5240    nordmark static struct qinit udp_rinitv6 = {
  9991      Anders 	NULL, NULL, udp_openv6, udp_tpi_close, NULL, &udp_mod_info, NULL
   741    masputra };
   741    masputra 
   741    masputra static struct qinit udp_winit = {
  9991      Anders 	(pfi_t)udp_wput, (pfi_t)ip_wsrv, NULL, NULL, NULL, &udp_mod_info
  5240    nordmark };
  5240    nordmark 
  8348        Eric /* UDP entry point during fallback */
  8348        Eric struct qinit udp_fallback_sock_winit = {
  8348        Eric 	(pfi_t)udp_wput_fallback, NULL, NULL, NULL, NULL, &udp_mod_info
  8348        Eric };
  8348        Eric 
  5240    nordmark /*
  5240    nordmark  * UDP needs to handle I_LINK and I_PLINK since ifconfig
  5240    nordmark  * likes to use it as a place to hang the various streams.
  5240    nordmark  */
  5240    nordmark static struct qinit udp_lrinit = {
  9991      Anders 	(pfi_t)udp_lrput, NULL, udp_openv4, udp_tpi_close, NULL, &udp_mod_info
  5240    nordmark };
  5240    nordmark 
  5240    nordmark static struct qinit udp_lwinit = {
  9991      Anders 	(pfi_t)udp_lwput, NULL, udp_openv4, udp_tpi_close, NULL, &udp_mod_info
  5240    nordmark };
  5240    nordmark 
  5240    nordmark /* For AF_INET aka /dev/udp */
  5240    nordmark struct streamtab udpinfov4 = {
  5240    nordmark 	&udp_rinitv4, &udp_winit, &udp_lrinit, &udp_lwinit
  5240    nordmark };
  5240    nordmark 
  5240    nordmark /* For AF_INET6 aka /dev/udp6 */
  5240    nordmark struct streamtab udpinfov6 = {
  5240    nordmark 	&udp_rinitv6, &udp_winit, &udp_lrinit, &udp_lwinit
     0      stevel };
     0      stevel 
     0      stevel static	sin_t	sin_null;	/* Zero address for quick clears */
     0      stevel static	sin6_t	sin6_null;	/* Zero address for quick clears */
     0      stevel 
   741    masputra #define	UDP_MAXPACKET_IPV4 (IP_MAXPACKET - UDPH_SIZE - IP_SIMPLE_HDR_LENGTH)
     0      stevel 
     0      stevel /* Default structure copied into T_INFO_ACK messages */
     0      stevel static struct T_info_ack udp_g_t_info_ack_ipv4 = {
     0      stevel 	T_INFO_ACK,
     0      stevel 	UDP_MAXPACKET_IPV4,	/* TSDU_size. Excl. headers */
     0      stevel 	T_INVALID,	/* ETSU_size.  udp does not support expedited data. */
     0      stevel 	T_INVALID,	/* CDATA_size. udp does not support connect data. */
     0      stevel 	T_INVALID,	/* DDATA_size. udp does not support disconnect data. */
     0      stevel 	sizeof (sin_t),	/* ADDR_size. */
     0      stevel 	0,		/* OPT_size - not initialized here */
     0      stevel 	UDP_MAXPACKET_IPV4,	/* TIDU_size.  Excl. headers */
     0      stevel 	T_CLTS,		/* SERV_type.  udp supports connection-less. */
     0      stevel 	TS_UNBND,	/* CURRENT_state.  This is set from udp_state. */
     0      stevel 	(XPG4_1|SENDZERO) /* PROVIDER_flag */
     0      stevel };
     0      stevel 
   741    masputra #define	UDP_MAXPACKET_IPV6 (IP_MAXPACKET - UDPH_SIZE - IPV6_HDR_LEN)
   741    masputra 
     0      stevel static	struct T_info_ack udp_g_t_info_ack_ipv6 = {
     0      stevel 	T_INFO_ACK,
     0      stevel 	UDP_MAXPACKET_IPV6,	/* TSDU_size.  Excl. headers */
     0      stevel 	T_INVALID,	/* ETSU_size.  udp does not support expedited data. */
     0      stevel 	T_INVALID,	/* CDATA_size. udp does not support connect data. */
     0      stevel 	T_INVALID,	/* DDATA_size. udp does not support disconnect data. */
     0      stevel 	sizeof (sin6_t), /* ADDR_size. */
     0      stevel 	0,		/* OPT_size - not initialized here */
     0      stevel 	UDP_MAXPACKET_IPV6,	/* TIDU_size. Excl. headers */
     0      stevel 	T_CLTS,		/* SERV_type.  udp supports connection-less. */
     0      stevel 	TS_UNBND,	/* CURRENT_state.  This is set from udp_state. */
     0      stevel 	(XPG4_1|SENDZERO) /* PROVIDER_flag */
     0      stevel };
     0      stevel 
     0      stevel /* largest UDP port number */
     0      stevel #define	UDP_MAX_PORT	65535
     0      stevel 
     0      stevel /*
  3448    dh155122  * Table of ND variables supported by udp.  These are loaded into us_nd
     0      stevel  * in udp_open.
     0      stevel  * All of these are alterable, within the min/max values given, at run time.
     0      stevel  */
   741    masputra /* BEGIN CSTYLED */
   741    masputra udpparam_t udp_param_arr[] = {
   741    masputra  /*min		max		value		name */
   741    masputra  { 0L,		256,		32,		"udp_wroff_extra" },
   741    masputra  { 1L,		255,		255,		"udp_ipv4_ttl" },
   741    masputra  { 0,		IPV6_MAX_HOPS,	IPV6_DEFAULT_HOPS, "udp_ipv6_hoplimit"},
   741    masputra  { 1024,	(32 * 1024),	1024,		"udp_smallest_nonpriv_port" },
   741    masputra  { 0,		1,		1,		"udp_do_checksum" },
   741    masputra  { 1024,	UDP_MAX_PORT,	(32 * 1024),	"udp_smallest_anon_port" },
   741    masputra  { 1024,	UDP_MAX_PORT,	UDP_MAX_PORT,	"udp_largest_anon_port" },
   741    masputra  { UDP_XMIT_LOWATER, (1<<30), UDP_XMIT_HIWATER,	"udp_xmit_hiwat"},
   741    masputra  { 0,		     (1<<30), UDP_XMIT_LOWATER, "udp_xmit_lowat"},
   741    masputra  { UDP_RECV_LOWATER, (1<<30), UDP_RECV_HIWATER,	"udp_recv_hiwat"},
   741    masputra  { 65536,	(1<<30),	2*1024*1024,	"udp_max_buf"},
 11042        Erik  { 0,		1,		0,		"udp_pmtu_discovery" },
 11042        Erik  { 0,		1,		0,		"udp_sendto_ignerr" },
   741    masputra };
   741    masputra /* END CSTYLED */
     0      stevel 
  3448    dh155122 /* Setable in /etc/system */
     0      stevel /* If set to 0, pick ephemeral port sequentially; otherwise randomly. */
     0      stevel uint32_t udp_random_anon_port = 1;
     0      stevel 
     0      stevel /*
     0      stevel  * Hook functions to enable cluster networking.
     0      stevel  * On non-clustered systems these vectors must always be NULL
     0      stevel  */
     0      stevel 
  8392     Huafeng void (*cl_inet_bind)(netstackid_t stack_id, uchar_t protocol,
  8392     Huafeng     sa_family_t addr_family, uint8_t *laddrp, in_port_t lport,
  8392     Huafeng     void *args) = NULL;
  8392     Huafeng void (*cl_inet_unbind)(netstackid_t stack_id, uint8_t protocol,
  8392     Huafeng     sa_family_t addr_family, uint8_t *laddrp, in_port_t lport,
  8392     Huafeng     void *args) = NULL;
   741    masputra 
   741    masputra typedef union T_primitives *t_primp_t;
   741    masputra 
     0      stevel /*
  1676         jpk  * Return the next anonymous port in the privileged port range for
     0      stevel  * bind checking.
  1676         jpk  *
  1676         jpk  * Trusted Extension (TX) notes: TX allows administrator to mark or
  1676         jpk  * reserve ports as Multilevel ports (MLP). MLP has special function
  1676         jpk  * on TX systems. Once a port is made MLP, it's not available as
  1676         jpk  * ordinary port. This creates "holes" in the port name space. It
  1676         jpk  * may be necessary to skip the "holes" find a suitable anon port.
     0      stevel  */
     0      stevel static in_port_t
  1676         jpk udp_get_next_priv_port(udp_t *udp)
     0      stevel {
     0      stevel 	static in_port_t next_priv_port = IPPORT_RESERVED - 1;
  1676         jpk 	in_port_t nextport;
  1676         jpk 	boolean_t restart = B_FALSE;
  3448    dh155122 	udp_stack_t *us = udp->udp_us;
  1676         jpk 
  1676         jpk retry:
  3448    dh155122 	if (next_priv_port < us->us_min_anonpriv_port ||
  1676         jpk 	    next_priv_port >= IPPORT_RESERVED) {
     0      stevel 		next_priv_port = IPPORT_RESERVED - 1;
  1676         jpk 		if (restart)
  1676         jpk 			return (0);
  1676         jpk 		restart = B_TRUE;
  1676         jpk 	}
  1676         jpk 
  1676         jpk 	if (is_system_labeled() &&
  1676         jpk 	    (nextport = tsol_next_port(crgetzone(udp->udp_connp->conn_cred),
  1676         jpk 	    next_priv_port, IPPROTO_UDP, B_FALSE)) != 0) {
  1676         jpk 		next_priv_port = nextport;
  1676         jpk 		goto retry;
  1676         jpk 	}
  1676         jpk 
     0      stevel 	return (next_priv_port--);
     0      stevel }
     0      stevel 
     0      stevel /*
     0      stevel  * Hash list removal routine for udp_t structures.
     0      stevel  */
     0      stevel static void
     0      stevel udp_bind_hash_remove(udp_t *udp, boolean_t caller_holds_lock)
     0      stevel {
 11042        Erik 	udp_t		*udpnext;
 11042        Erik 	kmutex_t	*lockp;
 11042        Erik 	udp_stack_t	*us = udp->udp_us;
 11042        Erik 	conn_t		*connp = udp->udp_connp;
     0      stevel 
     0      stevel 	if (udp->udp_ptpbhn == NULL)
     0      stevel 		return;
     0      stevel 
     0      stevel 	/*
     0      stevel 	 * Extract the lock pointer in case there are concurrent
     0      stevel 	 * hash_remove's for this instance.
     0      stevel 	 */
 11042        Erik 	ASSERT(connp->conn_lport != 0);
     0      stevel 	if (!caller_holds_lock) {
 11042        Erik 		lockp = &us->us_bind_fanout[UDP_BIND_HASH(connp->conn_lport,
  4987      danmcd 		    us->us_bind_fanout_size)].uf_lock;
     0      stevel 		ASSERT(lockp != NULL);
     0      stevel 		mutex_enter(lockp);
     0      stevel 	}
     0      stevel 	if (udp->udp_ptpbhn != NULL) {
     0      stevel 		udpnext = udp->udp_bind_hash;
     0      stevel 		if (udpnext != NULL) {
     0      stevel 			udpnext->udp_ptpbhn = udp->udp_ptpbhn;
     0      stevel 			udp->udp_bind_hash = NULL;
     0      stevel 		}
     0      stevel 		*udp->udp_ptpbhn = udpnext;
     0      stevel 		udp->udp_ptpbhn = NULL;
     0      stevel 	}
     0      stevel 	if (!caller_holds_lock) {
     0      stevel 		mutex_exit(lockp);
     0      stevel 	}
     0      stevel }
     0      stevel 
     0      stevel static void
     0      stevel udp_bind_hash_insert(udp_fanout_t *uf, udp_t *udp)
     0      stevel {
 11042        Erik 	conn_t	*connp = udp->udp_connp;
     0      stevel 	udp_t	**udpp;
     0      stevel 	udp_t	*udpnext;
 11042        Erik 	conn_t	*connext;
     0      stevel 
     0      stevel 	ASSERT(MUTEX_HELD(&uf->uf_lock));
  5240    nordmark 	ASSERT(udp->udp_ptpbhn == NULL);
     0      stevel 	udpp = &uf->uf_udp;
     0      stevel 	udpnext = udpp[0];
     0      stevel 	if (udpnext != NULL) {
     0      stevel 		/*
     0      stevel 		 * If the new udp bound to the INADDR_ANY address
     0      stevel 		 * and the first one in the list is not bound to
     0      stevel 		 * INADDR_ANY we skip all entries until we find the
     0      stevel 		 * first one bound to INADDR_ANY.
     0      stevel 		 * This makes sure that applications binding to a
     0      stevel 		 * specific address get preference over those binding to
     0      stevel 		 * INADDR_ANY.
     0      stevel 		 */
 11042        Erik 		connext = udpnext->udp_connp;
 11042        Erik 		if (V6_OR_V4_INADDR_ANY(connp->conn_bound_addr_v6) &&
 11042        Erik 		    !V6_OR_V4_INADDR_ANY(connext->conn_bound_addr_v6)) {
     0      stevel 			while ((udpnext = udpp[0]) != NULL &&
 11042        Erik 			    !V6_OR_V4_INADDR_ANY(connext->conn_bound_addr_v6)) {
     0      stevel 				udpp = &(udpnext->udp_bind_hash);
     0      stevel 			}
     0      stevel 			if (udpnext != NULL)
     0      stevel 				udpnext->udp_ptpbhn = &udp->udp_bind_hash;
     0      stevel 		} else {
     0      stevel 			udpnext->udp_ptpbhn = &udp->udp_bind_hash;
     0      stevel 		}
     0      stevel 	}
     0      stevel 	udp->udp_bind_hash = udpnext;
     0      stevel 	udp->udp_ptpbhn = udpp;
     0      stevel 	udpp[0] = udp;
     0      stevel }
     0      stevel 
     0      stevel /*
     0      stevel  * This routine is called to handle each O_T_BIND_REQ/T_BIND_REQ message
     0      stevel  * passed to udp_wput.
     0      stevel  * It associates a port number and local address with the stream.
 11042        Erik  * It calls IP to verify the local IP address, and calls IP to insert
 11042        Erik  * the conn_t in the fanout table.
 11042        Erik  * If everything is ok it then sends the T_BIND_ACK back up.
     0      stevel  *
     0      stevel  * Note that UDP over IPv4 and IPv6 sockets can use the same port number
     0      stevel  * without setting SO_REUSEADDR. This is needed so that they
     0      stevel  * can be viewed as two independent transport protocols.
     0      stevel  * However, anonymouns ports are allocated from the same range to avoid
  3448    dh155122  * duplicating the us->us_next_port_to_try.
     0      stevel  */
     0      stevel static void
  8348        Eric udp_tpi_bind(queue_t *q, mblk_t *mp)
     0      stevel {
     0      stevel 	sin_t		*sin;
     0      stevel 	sin6_t		*sin6;
     0      stevel 	mblk_t		*mp1;
     0      stevel 	struct T_bind_req *tbr;
   741    masputra 	conn_t		*connp;
   741    masputra 	udp_t		*udp;
  8348        Eric 	int		error;
  8348        Eric 	struct sockaddr	*sa;
  8778        Erik 	cred_t		*cr;
  8778        Erik 
  8778        Erik 	/*
  8778        Erik 	 * All Solaris components should pass a db_credp
  8778        Erik 	 * for this TPI message, hence we ASSERT.
  8778        Erik 	 * But in case there is some other M_PROTO that looks
  8778        Erik 	 * like a TPI message sent by some other kernel
  8778        Erik 	 * component, we check and return an error.
  8778        Erik 	 */
  8778        Erik 	cr = msg_getcred(mp, NULL);
  8778        Erik 	ASSERT(cr != NULL);
  8778        Erik 	if (cr == NULL) {
  8778        Erik 		udp_err_ack(q, mp, TSYSERR, EINVAL);
  8778        Erik 		return;
  8778        Erik 	}
   741    masputra 
   741    masputra 	connp = Q_TO_CONN(q);
   741    masputra 	udp = connp->conn_udp;
     0      stevel 	if ((mp->b_wptr - mp->b_rptr) < sizeof (*tbr)) {
     0      stevel 		(void) mi_strlog(q, 1, SL_ERROR|SL_TRACE,
     0      stevel 		    "udp_bind: bad req, len %u",
     0      stevel 		    (uint_t)(mp->b_wptr - mp->b_rptr));
     0      stevel 		udp_err_ack(q, mp, TPROTO, 0);
     0      stevel 		return;
     0      stevel 	}
     0      stevel 	if (udp->udp_state != TS_UNBND) {
     0      stevel 		(void) mi_strlog(q, 1, SL_ERROR|SL_TRACE,
     0      stevel 		    "udp_bind: bad state, %u", udp->udp_state);
     0      stevel 		udp_err_ack(q, mp, TOUTSTATE, 0);
     0      stevel 		return;
     0      stevel 	}
     0      stevel 	/*
     0      stevel 	 * Reallocate the message to make sure we have enough room for an
 11042        Erik 	 * address.
 11042        Erik 	 */
 11042        Erik 	mp1 = reallocb(mp, sizeof (struct T_bind_ack) + sizeof (sin6_t), 1);
 11042        Erik 	if (mp1 == NULL) {
     0      stevel 		udp_err_ack(q, mp, TSYSERR, ENOMEM);
     0      stevel 		return;
     0      stevel 	}
     0      stevel 
     0      stevel 	mp = mp1;
  8348        Eric 
  8348        Eric 	/* Reset the message type in preparation for shipping it back. */
  8348        Eric 	DB_TYPE(mp) = M_PCPROTO;
  8348        Eric 
     0      stevel 	tbr = (struct T_bind_req *)mp->b_rptr;
     0      stevel 	switch (tbr->ADDR_length) {
     0      stevel 	case 0:			/* Request for a generic port */
     0      stevel 		tbr->ADDR_offset = sizeof (struct T_bind_req);
 11042        Erik 		if (connp->conn_family == AF_INET) {
     0      stevel 			tbr->ADDR_length = sizeof (sin_t);
     0      stevel 			sin = (sin_t *)&tbr[1];
     0      stevel 			*sin = sin_null;
     0      stevel 			sin->sin_family = AF_INET;
     0      stevel 			mp->b_wptr = (uchar_t *)&sin[1];
  8348        Eric 			sa = (struct sockaddr *)sin;
     0      stevel 		} else {
 11042        Erik 			ASSERT(connp->conn_family == AF_INET6);
     0      stevel 			tbr->ADDR_length = sizeof (sin6_t);
     0      stevel 			sin6 = (sin6_t *)&tbr[1];
     0      stevel 			*sin6 = sin6_null;
     0      stevel 			sin6->sin6_family = AF_INET6;
     0      stevel 			mp->b_wptr = (uchar_t *)&sin6[1];
  8348        Eric 			sa = (struct sockaddr *)sin6;
  8348        Eric 		}
     0      stevel 		break;
     0      stevel 
     0      stevel 	case sizeof (sin_t):	/* Complete IPv4 address */
  8348        Eric 		sa = (struct sockaddr *)mi_offset_param(mp, tbr->ADDR_offset,
     0      stevel 		    sizeof (sin_t));
  8348        Eric 		if (sa == NULL || !OK_32PTR((char *)sa)) {
     0      stevel 			udp_err_ack(q, mp, TSYSERR, EINVAL);
     0      stevel 			return;
     0      stevel 		}
 11042        Erik 		if (connp->conn_family != AF_INET ||
  8348        Eric 		    sa->sa_family != AF_INET) {
     0      stevel 			udp_err_ack(q, mp, TSYSERR, EAFNOSUPPORT);
     0      stevel 			return;
     0      stevel 		}
     0      stevel 		break;
     0      stevel 
     0      stevel 	case sizeof (sin6_t):	/* complete IPv6 address */
  8348        Eric 		sa = (struct sockaddr *)mi_offset_param(mp, tbr->ADDR_offset,
     0      stevel 		    sizeof (sin6_t));
  8348        Eric 		if (sa == NULL || !OK_32PTR((char *)sa)) {
     0      stevel 			udp_err_ack(q, mp, TSYSERR, EINVAL);
     0      stevel 			return;
     0      stevel 		}
 11042        Erik 		if (connp->conn_family != AF_INET6 ||
  8348        Eric 		    sa->sa_family != AF_INET6) {
     0      stevel 			udp_err_ack(q, mp, TSYSERR, EAFNOSUPPORT);
     0      stevel 			return;
     0      stevel 		}
     0      stevel 		break;
     0      stevel 
     0      stevel 	default:		/* Invalid request */
     0      stevel 		(void) mi_strlog(q, 1, SL_ERROR|SL_TRACE,
     0      stevel 		    "udp_bind: bad ADDR_length length %u", tbr->ADDR_length);
     0      stevel 		udp_err_ack(q, mp, TBADADDR, 0);
     0      stevel 		return;
     0      stevel 	}
     0      stevel 
  8348        Eric 	error = udp_do_bind(connp, sa, tbr->ADDR_length, cr,
  8348        Eric 	    tbr->PRIM_type != O_T_BIND_REQ);
  8348        Eric 
  8348        Eric 	if (error != 0) {
  8348        Eric 		if (error > 0) {
     0      stevel 			udp_err_ack(q, mp, TSYSERR, error);
  8348        Eric 		} else {
  8348        Eric 			udp_err_ack(q, mp, -error, 0);
  8348        Eric 		}
  8348        Eric 	} else {
  8348        Eric 		tbr->PRIM_type = T_BIND_ACK;
  8348        Eric 		qreply(q, mp);
  8348        Eric 	}
     0      stevel }
     0      stevel 
     0      stevel /*
     0      stevel  * This routine handles each T_CONN_REQ message passed to udp.  It
     0      stevel  * associates a default destination address with the stream.
     0      stevel  *
 11042        Erik  * After various error checks are completed, udp_connect() lays
 11042        Erik  * the target address and port into the composite header template.
 11042        Erik  * Then we ask IP for information, including a source address if we didn't
 11042        Erik  * already have one. Finally we send up the T_OK_ACK reply message.
     0      stevel  */
     0      stevel static void
  8348        Eric udp_tpi_connect(queue_t *q, mblk_t *mp)
  8348        Eric {
  8348        Eric 	conn_t	*connp = Q_TO_CONN(q);
  8348        Eric 	int	error;
  8348        Eric 	socklen_t	len;
  8348        Eric 	struct sockaddr		*sa;
     0      stevel 	struct T_conn_req	*tcr;
  8778        Erik 	cred_t		*cr;
 11042        Erik 	pid_t		pid;
  8778        Erik 	/*
  8778        Erik 	 * All Solaris components should pass a db_credp
  8778        Erik 	 * for this TPI message, hence we ASSERT.
  8778        Erik 	 * But in case there is some other M_PROTO that looks
  8778        Erik 	 * like a TPI message sent by some other kernel
  8778        Erik 	 * component, we check and return an error.
  8778        Erik 	 */
 11042        Erik 	cr = msg_getcred(mp, &pid);
  8778        Erik 	ASSERT(cr != NULL);
  8778        Erik 	if (cr == NULL) {
  8778        Erik 		udp_err_ack(q, mp, TSYSERR, EINVAL);
  8778        Erik 		return;
  8778        Erik 	}
  5240    nordmark 
     0      stevel 	tcr = (struct T_conn_req *)mp->b_rptr;
     0      stevel 
     0      stevel 	/* A bit of sanity checking */
     0      stevel 	if ((mp->b_wptr - mp->b_rptr) < sizeof (struct T_conn_req)) {
     0      stevel 		udp_err_ack(q, mp, TPROTO, 0);
     0      stevel 		return;
     0      stevel 	}
     0      stevel 
     0      stevel 	if (tcr->OPT_length != 0) {
     0      stevel 		udp_err_ack(q, mp, TBADOPT, 0);
     0      stevel 		return;
     0      stevel 	}
     0      stevel 
     0      stevel 	/*
     0      stevel 	 * Determine packet type based on type of address passed in
     0      stevel 	 * the request should contain an IPv4 or IPv6 address.
     0      stevel 	 * Make sure that address family matches the type of
 11042        Erik 	 * family of the address passed down.
     0      stevel 	 */
  8348        Eric 	len = tcr->DEST_length;
     0      stevel 	switch (tcr->DEST_length) {
     0      stevel 	default:
     0      stevel 		udp_err_ack(q, mp, TBADADDR, 0);
     0      stevel 		return;
     0      stevel 
     0      stevel 	case sizeof (sin_t):
  8348        Eric 		sa = (struct sockaddr *)mi_offset_param(mp, tcr->DEST_offset,
     0      stevel 		    sizeof (sin_t));
     0      stevel 		break;
     0      stevel 
     0      stevel 	case sizeof (sin6_t):
  8348        Eric 		sa = (struct sockaddr *)mi_offset_param(mp, tcr->DEST_offset,
     0      stevel 		    sizeof (sin6_t));
  8348        Eric 		break;
  8348        Eric 	}
  8348        Eric 
 11042        Erik 	error = proto_verify_ip_addr(connp->conn_family, sa, len);
  8348        Eric 	if (error != 0) {
  8348        Eric 		udp_err_ack(q, mp, TSYSERR, error);
  8348        Eric 		return;
  8348        Eric 	}
  8348        Eric 
 11042        Erik 	error = udp_do_connect(connp, sa, len, cr, pid);
  8348        Eric 	if (error != 0) {
  8348        Eric 		if (error < 0)
  8348        Eric 			udp_err_ack(q, mp, -error, 0);
  8348        Eric 		else
  8348        Eric 			udp_err_ack(q, mp, TSYSERR, error);
  8348        Eric 	} else {
  9142         Rao 		mblk_t	*mp1;
  9142         Rao 		/*
  9142         Rao 		 * We have to send a connection confirmation to
  9142         Rao 		 * keep TLI happy.
  9142         Rao 		 */
 11042        Erik 		if (connp->conn_family == AF_INET) {
  9142         Rao 			mp1 = mi_tpi_conn_con(NULL, (char *)sa,
  9142         Rao 			    sizeof (sin_t), NULL, 0);
  9142         Rao 		} else {
  9142         Rao 			mp1 = mi_tpi_conn_con(NULL, (char *)sa,
  9142         Rao 			    sizeof (sin6_t), NULL, 0);
  9142         Rao 		}
  9142         Rao 		if (mp1 == NULL) {
  9142         Rao 			udp_err_ack(q, mp, TSYSERR, ENOMEM);
  9142         Rao 			return;
  9142         Rao 		}
  9142         Rao 
  9142         Rao 		/*
  9142         Rao 		 * Send ok_ack for T_CONN_REQ
  9142         Rao 		 */
  8873         Rao 		mp = mi_tpi_ok_ack_alloc(mp);
  9142         Rao 		if (mp == NULL) {
  9142         Rao 			/* Unable to reuse the T_CONN_REQ for the ack. */
  9142         Rao 			udp_err_ack_prim(q, mp1, T_CONN_REQ, TSYSERR, ENOMEM);
  9142         Rao 			return;
  9142         Rao 		}
  9142         Rao 
  8348        Eric 		putnext(connp->conn_rq, mp);
  8348        Eric 		putnext(connp->conn_rq, mp1);
  8348        Eric 	}
  8348        Eric }
  8348        Eric 
  8348        Eric static int
  8348        Eric udp_tpi_close(queue_t *q, int flags)
  8348        Eric {
  8348        Eric 	conn_t	*connp;
  8348        Eric 
  8348        Eric 	if (flags & SO_FALLBACK) {
  8348        Eric 		/*
  8348        Eric 		 * stream is being closed while in fallback
  8348        Eric 		 * simply free the resources that were allocated
  8348        Eric 		 */
  8348        Eric 		inet_minor_free(WR(q)->q_ptr, (dev_t)(RD(q)->q_ptr));
  8348        Eric 		qprocsoff(q);
  8348        Eric 		goto done;
  8348        Eric 	}
  8348        Eric 
  8348        Eric 	connp = Q_TO_CONN(q);
  8348        Eric 	udp_do_close(connp);
  8348        Eric done:
  5240    nordmark 	q->q_ptr = WR(q)->q_ptr = NULL;
  5240    nordmark 	return (0);
  5240    nordmark }
  5240    nordmark 
 11042        Erik static void
   741    masputra udp_close_free(conn_t *connp)
   741    masputra {
   741    masputra 	udp_t *udp = connp->conn_udp;
   741    masputra 
     0      stevel 	/* If there are any options associated with the stream, free them. */
 11042        Erik 	if (udp->udp_recv_ipp.ipp_fields != 0)
 11042        Erik 		ip_pkt_free(&udp->udp_recv_ipp);
  5330    nordmark 
  5330    nordmark 	/*
  5330    nordmark 	 * Clear any fields which the kmem_cache constructor clears.
  5330    nordmark 	 * Only udp_connp needs to be preserved.
  5330    nordmark 	 * TBD: We should make this more efficient to avoid clearing
  5330    nordmark 	 * everything.
  5330    nordmark 	 */
  5330    nordmark 	ASSERT(udp->udp_connp == connp);
  5330    nordmark 	bzero(udp, sizeof (udp_t));
  5330    nordmark 	udp->udp_connp = connp;
     0      stevel }
     0      stevel 
  8348        Eric static int
  8348        Eric udp_do_disconnect(conn_t *connp)
     0      stevel {
  5240    nordmark 	udp_t	*udp;
     0      stevel 	udp_fanout_t *udpf;
  3448    dh155122 	udp_stack_t *us;
  8348        Eric 	int	error;
  5240    nordmark 
  5240    nordmark 	udp = connp->conn_udp;
  3448    dh155122 	us = udp->udp_us;
 11042        Erik 	mutex_enter(&connp->conn_lock);
 11042        Erik 	if (udp->udp_state != TS_DATA_XFER) {
 11042        Erik 		mutex_exit(&connp->conn_lock);
  8348        Eric 		return (-TOUTSTATE);
     0      stevel 	}
 11042        Erik 	udpf = &us->us_bind_fanout[UDP_BIND_HASH(connp->conn_lport,
  3448    dh155122 	    us->us_bind_fanout_size)];
     0      stevel 	mutex_enter(&udpf->uf_lock);
 11042        Erik 	if (connp->conn_mcbc_bind)
 11042        Erik 		connp->conn_saddr_v6 = ipv6_all_zeros;
 11042        Erik 	else
 11042        Erik 		connp->conn_saddr_v6 = connp->conn_bound_addr_v6;
 11042        Erik 	connp->conn_laddr_v6 = connp->conn_bound_addr_v6;
 11042        Erik 	connp->conn_faddr_v6 = ipv6_all_zeros;
 11042        Erik 	connp->conn_fport = 0;
     0      stevel 	udp->udp_state = TS_IDLE;
     0      stevel 	mutex_exit(&udpf->uf_lock);
     0      stevel 
 11042        Erik 	/* Remove any remnants of mapped address binding */
 11042        Erik 	if (connp->conn_family == AF_INET6)
 11042        Erik 		connp->conn_ipversion = IPV6_VERSION;
 11042        Erik 
 11042        Erik 	connp->conn_v6lastdst = ipv6_all_zeros;
 11042        Erik 	error = udp_build_hdr_template(connp, &connp->conn_saddr_v6,
 11042        Erik 	    &connp->conn_faddr_v6, connp->conn_fport, connp->conn_flowinfo);
 11042        Erik 	mutex_exit(&connp->conn_lock);
 11042        Erik 	if (error != 0)
 11042        Erik 		return (error);
 11042        Erik 
 11042        Erik 	/*
 11042        Erik 	 * Tell IP to remove the full binding and revert
 11042        Erik 	 * to the local address binding.
 11042        Erik 	 */
 11042        Erik 	return (ip_laddr_fanout_insert(connp));
 11042        Erik }
  8348        Eric 
  8348        Eric static void
  8348        Eric udp_tpi_disconnect(queue_t *q, mblk_t *mp)
  8348        Eric {
  8348        Eric 	conn_t	*connp = Q_TO_CONN(q);
  8348        Eric 	int	error;
  8348        Eric 
  8348        Eric 	/*
  8348        Eric 	 * Allocate the largest primitive we need to send back
  8348        Eric 	 * T_error_ack is > than T_ok_ack
  8348        Eric 	 */
  8348        Eric 	mp = reallocb(mp, sizeof (struct T_error_ack), 1);
  8348        Eric 	if (mp == NULL) {
  8348        Eric 		/* Unable to reuse the T_DISCON_REQ for the ack. */
  8348        Eric 		udp_err_ack_prim(q, mp, T_DISCON_REQ, TSYSERR, ENOMEM);
  8348        Eric 		return;
  8348        Eric 	}
  8348        Eric 
  8348        Eric 	error = udp_do_disconnect(connp);
  8348        Eric 
  8348        Eric 	if (error != 0) {
  8348        Eric 		if (error < 0) {
  8348        Eric 			udp_err_ack(q, mp, -error, 0);
  8348        Eric 		} else {
  8348        Eric 			udp_err_ack(q, mp, TSYSERR, error);
  8348        Eric 		}
  8348        Eric 	} else {
  8348        Eric 		mp = mi_tpi_ok_ack_alloc(mp);
  8348        Eric 		ASSERT(mp != NULL);
  8348        Eric 		qreply(q, mp);
  8348        Eric 	}
  8348        Eric }
  8348        Eric 
  8348        Eric int
  8348        Eric udp_disconnect(conn_t *connp)
  8348        Eric {
  8348        Eric 	int error;
 11042        Erik 
 11042        Erik 	connp->conn_dgram_errind = B_FALSE;
  8348        Eric 	error = udp_do_disconnect(connp);
  8348        Eric 	if (error < 0)
  8348        Eric 		error = proto_tlitosyserr(-error);
  8348        Eric 
  8348        Eric 	return (error);
     0      stevel }
     0      stevel 
     0      stevel /* This routine creates a T_ERROR_ACK message and passes it upstream. */
     0      stevel static void
     0      stevel udp_err_ack(queue_t *q, mblk_t *mp, t_scalar_t t_error, int sys_error)
     0      stevel {
     0      stevel 	if ((mp = mi_tpi_err_ack_alloc(mp, t_error, sys_error)) != NULL)
  5240    nordmark 		qreply(q, mp);
     0      stevel }
     0      stevel 
     0      stevel /* Shorthand to generate and send TPI error acks to our client */
     0      stevel static void
 11042        Erik udp_err_ack_prim(queue_t *q, mblk_t *mp, t_scalar_t primitive,
 11042        Erik     t_scalar_t t_error, int sys_error)
     0      stevel {
     0      stevel 	struct T_error_ack	*teackp;
     0      stevel 
     0      stevel 	if ((mp = tpi_ack_alloc(mp, sizeof (struct T_error_ack),
     0      stevel 	    M_PCPROTO, T_ERROR_ACK)) != NULL) {
     0      stevel 		teackp = (struct T_error_ack *)mp->b_rptr;
     0      stevel 		teackp->ERROR_prim = primitive;
     0      stevel 		teackp->TLI_error = t_error;
     0      stevel 		teackp->UNIX_error = sys_error;
  5240    nordmark 		qreply(q, mp);
     0      stevel 	}
     0      stevel }
     0      stevel 
 11042        Erik /*ARGSUSED2*/
     0      stevel static int
     0      stevel udp_extra_priv_ports_get(queue_t *q, mblk_t *mp, caddr_t cp, cred_t *cr)
     0      stevel {
     0      stevel 	int i;
  3448    dh155122 	udp_t		*udp = Q_TO_UDP(q);
  3448    dh155122 	udp_stack_t *us = udp->udp_us;
  3448    dh155122 
  3448    dh155122 	for (i = 0; i < us->us_num_epriv_ports; i++) {
  3448    dh155122 		if (us->us_epriv_ports[i] != 0)
  3448    dh155122 			(void) mi_mpprintf(mp, "%d ", us->us_epriv_ports[i]);
     0      stevel 	}
     0      stevel 	return (0);
     0      stevel }
     0      stevel 
 11042        Erik /* ARGSUSED1 */
     0      stevel static int
     0      stevel udp_extra_priv_ports_add(queue_t *q, mblk_t *mp, char *value, caddr_t cp,
     0      stevel     cred_t *cr)
     0      stevel {
     0      stevel 	long	new_value;
     0      stevel 	int	i;
  3448    dh155122 	udp_t		*udp = Q_TO_UDP(q);
  3448    dh155122 	udp_stack_t *us = udp->udp_us;
     0      stevel 
     0      stevel 	/*
     0      stevel 	 * Fail the request if the new value does not lie within the
     0      stevel 	 * port number limits.
     0      stevel 	 */
     0      stevel 	if (ddi_strtol(value, NULL, 10, &new_value) != 0 ||
     0      stevel 	    new_value <= 0 || new_value >= 65536) {
     0      stevel 		return (EINVAL);
     0      stevel 	}
     0      stevel 
     0      stevel 	/* Check if the value is already in the list */
  3448    dh155122 	for (i = 0; i < us->us_num_epriv_ports; i++) {
  3448    dh155122 		if (new_value == us->us_epriv_ports[i]) {
     0      stevel 			return (EEXIST);
     0      stevel 		}
     0      stevel 	}
     0      stevel 	/* Find an empty slot */
  3448    dh155122 	for (i = 0; i < us->us_num_epriv_ports; i++) {
  3448    dh155122 		if (us->us_epriv_ports[i] == 0)
  3448    dh155122 			break;
  3448    dh155122 	}
  3448    dh155122 	if (i == us->us_num_epriv_ports) {
     0      stevel 		return (EOVERFLOW);
     0      stevel 	}
     0      stevel 
     0      stevel 	/* Set the new value */
  3448    dh155122 	us->us_epriv_ports[i] = (in_port_t)new_value;
   741    masputra 	return (0);
   741    masputra }
   741    masputra 
 11042        Erik /* ARGSUSED1 */
     0      stevel static int
     0      stevel udp_extra_priv_ports_del(queue_t *q, mblk_t *mp, char *value, caddr_t cp,
     0      stevel     cred_t *cr)
     0      stevel {
     0      stevel 	long	new_value;
     0      stevel 	int	i;
  3448    dh155122 	udp_t		*udp = Q_TO_UDP(q);
  3448    dh155122 	udp_stack_t *us = udp->udp_us;
     0      stevel 
     0      stevel 	/*
     0      stevel 	 * Fail the request if the new value does not lie within the
     0      stevel 	 * port number limits.
     0      stevel 	 */
     0      stevel 	if (ddi_strtol(value, NULL, 10, &new_value) != 0 ||
     0      stevel 	    new_value <= 0 || new_value >= 65536) {
     0      stevel 		return (EINVAL);
     0      stevel 	}
     0      stevel 
     0      stevel 	/* Check that the value is already in the list */
  3448    dh155122 	for (i = 0; i < us->us_num_epriv_ports; i++) {
  3448    dh155122 		if (us->us_epriv_ports[i] == new_value)
  3448    dh155122 			break;
  3448    dh155122 	}
  3448    dh155122 	if (i == us->us_num_epriv_ports) {
     0      stevel 		return (ESRCH);
     0      stevel 	}
     0      stevel 
     0      stevel 	/* Clear the value */
  3448    dh155122 	us->us_epriv_ports[i] = 0;
     0      stevel 	return (0);
     0      stevel }
     0      stevel 
     0      stevel /* At minimum we need 4 bytes of UDP header */
     0      stevel #define	ICMP_MIN_UDP_HDR	4
     0      stevel 
     0      stevel /*
 11042        Erik  * udp_icmp_input is called as conn_recvicmp to process ICMP messages.
     0      stevel  * Generates the appropriate T_UDERROR_IND for permanent (non-transient) errors.
     0      stevel  * Assumes that IP has pulled up everything up to and including the ICMP header.
     0      stevel  */
 11042        Erik /* ARGSUSED2 */
 11042        Erik static void
 11042        Erik udp_icmp_input(void *arg1, mblk_t *mp, void *arg2, ip_recv_attr_t *ira)
 11042        Erik {
 11042        Erik 	conn_t		*connp = (conn_t *)arg1;
 11042        Erik 	icmph_t		*icmph;
 11042        Erik 	ipha_t		*ipha;
 11042        Erik 	int		iph_hdr_length;
 11042        Erik 	udpha_t		*udpha;
 11042        Erik 	sin_t		sin;
 11042        Erik 	sin6_t		sin6;
 11042        Erik 	mblk_t		*mp1;
 11042        Erik 	int		error = 0;
 11042        Erik 	udp_t		*udp = connp->conn_udp;
 11042        Erik 
     0      stevel 	ipha = (ipha_t *)mp->b_rptr;
  5240    nordmark 
  5240    nordmark 	ASSERT(OK_32PTR(mp->b_rptr));
  5240    nordmark 
  5240    nordmark 	if (IPH_HDR_VERSION(ipha) != IPV4_VERSION) {
  5240    nordmark 		ASSERT(IPH_HDR_VERSION(ipha) == IPV6_VERSION);
 11042        Erik 		udp_icmp_error_ipv6(connp, mp, ira);
     0      stevel 		return;
  5240    nordmark 	}
  5240    nordmark 	ASSERT(IPH_HDR_VERSION(ipha) == IPV4_VERSION);
     0      stevel 
     0      stevel 	/* Skip past the outer IP and ICMP headers */
 11042        Erik 	ASSERT(IPH_HDR_LENGTH(ipha) == ira->ira_ip_hdr_length);
 11042        Erik 	iph_hdr_length = ira->ira_ip_hdr_length;
     0      stevel 	icmph = (icmph_t *)&mp->b_rptr[iph_hdr_length];
 11042        Erik 	ipha = (ipha_t *)&icmph[1];	/* Inner IP header */
     0      stevel 
     0      stevel 	/* Skip past the inner IP and find the ULP header */
     0      stevel 	iph_hdr_length = IPH_HDR_LENGTH(ipha);
     0      stevel 	udpha = (udpha_t *)((char *)ipha + iph_hdr_length);
     0      stevel 
     0      stevel 	switch (icmph->icmph_type) {
     0      stevel 	case ICMP_DEST_UNREACHABLE:
     0      stevel 		switch (icmph->icmph_code) {
 11042        Erik 		case ICMP_FRAGMENTATION_NEEDED: {
 11042        Erik 			ipha_t		*ipha;
 11042        Erik 			ip_xmit_attr_t	*ixa;
     0      stevel 			/*
     0      stevel 			 * IP has already adjusted the path MTU.
 11042        Erik 			 * But we need to adjust DF for IPv4.
 11042        Erik 			 */
 11042        Erik 			if (connp->conn_ipversion != IPV4_VERSION)
 11042        Erik 				break;
 11042        Erik 
 11042        Erik 			ixa = conn_get_ixa(connp, B_FALSE);
 11042        Erik 			if (ixa == NULL || ixa->ixa_ire == NULL) {
 11042        Erik 				/*
 11042        Erik 				 * Some other thread holds conn_ixa. We will
 11042        Erik 				 * redo this on the next ICMP too big.
 11042        Erik 				 */
 11042        Erik 				if (ixa != NULL)
 11042        Erik 					ixa_refrele(ixa);
 11042        Erik 				break;
 11042        Erik 			}
 11042        Erik 			(void) ip_get_pmtu(ixa);
 11042        Erik 
 11042        Erik 			mutex_enter(&connp->conn_lock);
 11042        Erik 			ipha = (ipha_t *)connp->conn_ht_iphc;
 11042        Erik 			if (ixa->ixa_flags & IXAF_PMTU_IPV4_DF) {
 11042        Erik 				ipha->ipha_fragment_offset_and_flags |=
 11042        Erik 				    IPH_DF_HTONS;
 11042        Erik 			} else {
 11042        Erik 				ipha->ipha_fragment_offset_and_flags &=
 11042        Erik 				    ~IPH_DF_HTONS;
 11042        Erik 			}
 11042        Erik 			mutex_exit(&connp->conn_lock);
 11042        Erik 			ixa_refrele(ixa);
 11042        Erik 			break;
 11042        Erik 		}
     0      stevel 		case ICMP_PORT_UNREACHABLE:
     0      stevel 		case ICMP_PROTOCOL_UNREACHABLE:
     0      stevel 			error = ECONNREFUSED;
     0      stevel 			break;
     0      stevel 		default:
     0      stevel 			/* Transient errors */
     0      stevel 			break;
     0      stevel 		}
     0      stevel 		break;
     0      stevel 	default:
     0      stevel 		/* Transient errors */
     0      stevel 		break;
     0      stevel 	}
     0      stevel 	if (error == 0) {
  5240    nordmark 		freemsg(mp);
  5240    nordmark 		return;
  5240    nordmark 	}
  5240    nordmark 
  5240    nordmark 	/*
  5240    nordmark 	 * Deliver T_UDERROR_IND when the application has asked for it.
  5240    nordmark 	 * The socket layer enables this automatically when connected.
  5240    nordmark 	 */
 11042        Erik 	if (!connp->conn_dgram_errind) {
 11042        Erik 		freemsg(mp);
 11042        Erik 		return;
 11042        Erik 	}
 11042        Erik 
 11042        Erik 	switch (connp->conn_family) {
     0      stevel 	case AF_INET:
     0      stevel 		sin = sin_null;
     0      stevel 		sin.sin_family = AF_INET;
     0      stevel 		sin.sin_addr.s_addr = ipha->ipha_dst;
     0      stevel 		sin.sin_port = udpha->uha_dst_port;
  8348        Eric 		if (IPCL_IS_NONSTR(connp)) {
 11042        Erik 			mutex_enter(&connp->conn_lock);
  8348        Eric 			if (udp->udp_state == TS_DATA_XFER) {
 11042        Erik 				if (sin.sin_port == connp->conn_fport &&
  8348        Eric 				    sin.sin_addr.s_addr ==
 11042        Erik 				    connp->conn_faddr_v4) {
 11042        Erik 					mutex_exit(&connp->conn_lock);
  8348        Eric 					(*connp->conn_upcalls->su_set_error)
  8348        Eric 					    (connp->conn_upper_handle, error);
  8348        Eric 					goto done;
  8348        Eric 				}
  8348        Eric 			} else {
  8348        Eric 				udp->udp_delayed_error = error;
  8348        Eric 				*((sin_t *)&udp->udp_delayed_addr) = sin;
  8348        Eric 			}
 11042        Erik 			mutex_exit(&connp->conn_lock);
  8348        Eric 		} else {
  8348        Eric 			mp1 = mi_tpi_uderror_ind((char *)&sin, sizeof (sin_t),
  8348        Eric 			    NULL, 0, error);
 11042        Erik 			if (mp1 != NULL)
 11042        Erik 				putnext(connp->conn_rq, mp1);
  8348        Eric 		}
     0      stevel 		break;
     0      stevel 	case AF_INET6:
     0      stevel 		sin6 = sin6_null;
     0      stevel 		sin6.sin6_family = AF_INET6;
     0      stevel 		IN6_IPADDR_TO_V4MAPPED(ipha->ipha_dst, &sin6.sin6_addr);
     0      stevel 		sin6.sin6_port = udpha->uha_dst_port;
  8348        Eric 		if (IPCL_IS_NONSTR(connp)) {
 11042        Erik 			mutex_enter(&connp->conn_lock);
  8348        Eric 			if (udp->udp_state == TS_DATA_XFER) {
 11042        Erik 				if (sin6.sin6_port == connp->conn_fport &&
  8348        Eric 				    IN6_ARE_ADDR_EQUAL(&sin6.sin6_addr,
 11042        Erik 				    &connp->conn_faddr_v6)) {
 11042        Erik 					mutex_exit(&connp->conn_lock);
  8348        Eric 					(*connp->conn_upcalls->su_set_error)
  8348        Eric 					    (connp->conn_upper_handle, error);
  8348        Eric 					goto done;
  8348        Eric 				}
  8348        Eric 			} else {
  8348        Eric 				udp->udp_delayed_error = error;
  8348        Eric 				*((sin6_t *)&udp->udp_delayed_addr) = sin6;
  8348        Eric 			}
 11042        Erik 			mutex_exit(&connp->conn_lock);
  8348        Eric 		} else {
  8348        Eric 			mp1 = mi_tpi_uderror_ind((char *)&sin6, sizeof (sin6_t),
  8348        Eric 			    NULL, 0, error);
 11042        Erik 			if (mp1 != NULL)
 11042        Erik 				putnext(connp->conn_rq, mp1);
 11042        Erik 		}
 11042        Erik 		break;
 11042        Erik 	}
  8348        Eric done:
     0      stevel 	freemsg(mp);
     0      stevel }
     0      stevel 
     0      stevel /*
     0      stevel  * udp_icmp_error_ipv6 is called by udp_icmp_error to process ICMP for IPv6.
     0      stevel  * Generates the appropriate T_UDERROR_IND for permanent (non-transient) errors.
     0      stevel  * Assumes that IP has pulled up all the extension headers as well as the
     0      stevel  * ICMPv6 header.
     0      stevel  */
     0      stevel static void
 11042        Erik udp_icmp_error_ipv6(conn_t *connp, mblk_t *mp, ip_recv_attr_t *ira)
     0      stevel {
     0      stevel 	icmp6_t		*icmp6;
     0      stevel 	ip6_t		*ip6h, *outer_ip6h;
  5240    nordmark 	uint16_t	iph_hdr_length;
     0      stevel 	uint8_t		*nexthdrp;
     0      stevel 	udpha_t		*udpha;
     0      stevel 	sin6_t		sin6;
     0      stevel 	mblk_t		*mp1;
     0      stevel 	int		error = 0;
  8348        Eric 	udp_t		*udp = connp->conn_udp;
  5240    nordmark 	udp_stack_t	*us = udp->udp_us;
     0      stevel 
     0      stevel 	outer_ip6h = (ip6_t *)mp->b_rptr;
 11042        Erik #ifdef DEBUG
  5240    nordmark 	if (outer_ip6h->ip6_nxt != IPPROTO_ICMPV6)
  5240    nordmark 		iph_hdr_length = ip_hdr_length_v6(mp, outer_ip6h);
  5240    nordmark 	else
  5240    nordmark 		iph_hdr_length = IPV6_HDR_LEN;
 11042        Erik 	ASSERT(iph_hdr_length == ira->ira_ip_hdr_length);
 11042        Erik #endif
 11042        Erik 	/* Skip past the outer IP and ICMP headers */
 11042        Erik 	iph_hdr_length = ira->ira_ip_hdr_length;
  5240    nordmark 	icmp6 = (icmp6_t *)&mp->b_rptr[iph_hdr_length];
 11042        Erik 
 11042        Erik 	/* Skip past the inner IP and find the ULP header */
 11042        Erik 	ip6h = (ip6_t *)&icmp6[1];	/* Inner IP header */
  5240    nordmark 	if (!ip_hdr_length_nexthdr_v6(mp, ip6h, &iph_hdr_length, &nexthdrp)) {
  5240    nordmark 		freemsg(mp);
  5240    nordmark 		return;
  5240    nordmark 	}
  5240    nordmark 	udpha = (udpha_t *)((char *)ip6h + iph_hdr_length);
     0      stevel 
     0      stevel 	switch (icmp6->icmp6_type) {
     0      stevel 	case ICMP6_DST_UNREACH:
     0      stevel 		switch (icmp6->icmp6_code) {
     0      stevel 		case ICMP6_DST_UNREACH_NOPORT:
     0      stevel 			error = ECONNREFUSED;
     0      stevel 			break;
     0      stevel 		case ICMP6_DST_UNREACH_ADMIN:
     0      stevel 		case ICMP6_DST_UNREACH_NOROUTE:
     0      stevel 		case ICMP6_DST_UNREACH_BEYONDSCOPE:
     0      stevel 		case ICMP6_DST_UNREACH_ADDR:
     0      stevel 			/* Transient errors */
     0      stevel 			break;
     0      stevel 		default:
     0      stevel 			break;
     0      stevel 		}
     0      stevel 		break;
     0      stevel 	case ICMP6_PACKET_TOO_BIG: {
     0      stevel 		struct T_unitdata_ind	*tudi;
     0      stevel 		struct T_opthdr		*toh;
     0      stevel 		size_t			udi_size;
     0      stevel 		mblk_t			*newmp;
     0      stevel 		t_scalar_t		opt_length = sizeof (struct T_opthdr) +
     0      stevel 		    sizeof (struct ip6_mtuinfo);
     0      stevel 		sin6_t			*sin6;
     0      stevel 		struct ip6_mtuinfo	*mtuinfo;
     0      stevel 
     0      stevel 		/*
     0      stevel 		 * If the application has requested to receive path mtu
     0      stevel 		 * information, send up an empty message containing an
     0      stevel 		 * IPV6_PATHMTU ancillary data item.
     0      stevel 		 */
 11042        Erik 		if (!connp->conn_ipv6_recvpathmtu)
     0      stevel 			break;
     0      stevel 
     0      stevel 		udi_size = sizeof (struct T_unitdata_ind) + sizeof (sin6_t) +
     0      stevel 		    opt_length;
     0      stevel 		if ((newmp = allocb(udi_size, BPRI_MED)) == NULL) {
  5240    nordmark 			BUMP_MIB(&us->us_udp_mib, udpInErrors);
     0      stevel 			break;
     0      stevel 		}
     0      stevel 
     0      stevel 		/*
     0      stevel 		 * newmp->b_cont is left to NULL on purpose.  This is an
     0      stevel 		 * empty message containing only ancillary data.
     0      stevel 		 */
     0      stevel 		newmp->b_datap->db_type = M_PROTO;
     0      stevel 		tudi = (struct T_unitdata_ind *)newmp->b_rptr;
     0      stevel 		newmp->b_wptr = (uchar_t *)tudi + udi_size;
     0      stevel 		tudi->PRIM_type = T_UNITDATA_IND;
     0      stevel 		tudi->SRC_length = sizeof (sin6_t);
     0      stevel 		tudi->SRC_offset = sizeof (struct T_unitdata_ind);
     0      stevel 		tudi->OPT_offset = tudi->SRC_offset + sizeof (sin6_t);
     0      stevel 		tudi->OPT_length = opt_length;
     0      stevel 
     0      stevel 		sin6 = (sin6_t *)&tudi[1];
     0      stevel 		bzero(sin6, sizeof (sin6_t));
     0      stevel 		sin6->sin6_family = AF_INET6;
 11042        Erik 		sin6->sin6_addr = connp->conn_faddr_v6;
     0      stevel 
     0      stevel 		toh = (struct T_opthdr *)&sin6[1];
     0      stevel 		toh->level = IPPROTO_IPV6;
     0      stevel 		toh->name = IPV6_PATHMTU;
     0      stevel 		toh->len = opt_length;
     0      stevel 		toh->status = 0;
     0      stevel 
     0      stevel 		mtuinfo = (struct ip6_mtuinfo *)&toh[1];
     0      stevel 		bzero(mtuinfo, sizeof (struct ip6_mtuinfo));
     0      stevel 		mtuinfo->ip6m_addr.sin6_family = AF_INET6;
     0      stevel 		mtuinfo->ip6m_addr.sin6_addr = ip6h->ip6_dst;
     0      stevel 		mtuinfo->ip6m_mtu = icmp6->icmp6_mtu;
     0      stevel 		/*
     0      stevel 		 * We've consumed everything we need from the original
     0      stevel 		 * message.  Free it, then send our empty message.
     0      stevel 		 */
     0      stevel 		freemsg(mp);
 11042        Erik 		udp_ulp_recv(connp, newmp, msgdsize(newmp), ira);
     0      stevel 		return;
     0      stevel 	}
     0      stevel 	case ICMP6_TIME_EXCEEDED:
     0      stevel 		/* Transient errors */
     0      stevel 		break;
     0      stevel 	case ICMP6_PARAM_PROB:
     0      stevel 		/* If this corresponds to an ICMP_PROTOCOL_UNREACHABLE */
     0      stevel 		if (icmp6->icmp6_code == ICMP6_PARAMPROB_NEXTHEADER &&
     0      stevel 		    (uchar_t *)ip6h + icmp6->icmp6_pptr ==
     0      stevel 		    (uchar_t *)nexthdrp) {
     0      stevel 			error = ECONNREFUSED;
     0      stevel 			break;
     0      stevel 		}
     0      stevel 		break;
     0      stevel 	}
     0      stevel 	if (error == 0) {
     0      stevel 		freemsg(mp);
     0      stevel 		return;
     0      stevel 	}
     0      stevel 
  5240    nordmark 	/*
  5240    nordmark 	 * Deliver T_UDERROR_IND when the application has asked for it.
  5240    nordmark 	 * The socket layer enables this automatically when connected.
  5240    nordmark 	 */
 11042        Erik 	if (!connp->conn_dgram_errind) {
  5240    nordmark 		freemsg(mp);
  5240    nordmark 		return;
  5240    nordmark 	}
  5240    nordmark 
     0      stevel 	sin6 = sin6_null;
     0      stevel 	sin6.sin6_family = AF_INET6;
     0      stevel 	sin6.sin6_addr = ip6h->ip6_dst;
     0      stevel 	sin6.sin6_port = udpha->uha_dst_port;
     0      stevel 	sin6.sin6_flowinfo = ip6h->ip6_vcf & ~IPV6_VERS_AND_FLOW_MASK;
     0      stevel 
  8348        Eric 	if (IPCL_IS_NONSTR(connp)) {
 11042        Erik 		mutex_enter(&connp->conn_lock);
  8348        Eric 		if (udp->udp_state == TS_DATA_XFER) {
 11042        Erik 			if (sin6.sin6_port == connp->conn_fport &&
  8348        Eric 			    IN6_ARE_ADDR_EQUAL(&sin6.sin6_addr,
 11042        Erik 			    &connp->conn_faddr_v6)) {
 11042        Erik 				mutex_exit(&connp->conn_lock);
  8348        Eric 				(*connp->conn_upcalls->su_set_error)
  8348        Eric 				    (connp->conn_upper_handle, error);
  8348        Eric 				goto done;
  8348        Eric 			}
  8348        Eric 		} else {
  8348        Eric 			udp->udp_delayed_error = error;
  8348        Eric 			*((sin6_t *)&udp->udp_delayed_addr) = sin6;
  8348        Eric 		}
 11042        Erik 		mutex_exit(&connp->conn_lock);
  8348        Eric 	} else {
  8348        Eric 		mp1 = mi_tpi_uderror_ind((char *)&sin6, sizeof (sin6_t),
  8348        Eric 		    NULL, 0, error);
  8348        Eric 		if (mp1 != NULL)
  8348        Eric 			putnext(connp->conn_rq, mp1);
  8348        Eric 	}
  8348        Eric done:
     0      stevel 	freemsg(mp);
     0      stevel }
     0      stevel 
     0      stevel /*
     0      stevel  * This routine responds to T_ADDR_REQ messages.  It is called by udp_wput.
     0      stevel  * The local address is filled in if endpoint is bound. The remote address
     0      stevel  * is filled in if remote address has been precified ("connected endpoint")
     0      stevel  * (The concept of connected CLTS sockets is alien to published TPI
     0      stevel  *  but we support it anyway).
     0      stevel  */
     0      stevel static void
     0      stevel udp_addr_req(queue_t *q, mblk_t *mp)
     0      stevel {
 11042        Erik 	struct sockaddr *sa;
     0      stevel 	mblk_t	*ackmp;
     0      stevel 	struct T_addr_ack *taa;
   741    masputra 	udp_t	*udp = Q_TO_UDP(q);
 11042        Erik 	conn_t	*connp = udp->udp_connp;
 11042        Erik 	uint_t	addrlen;
     0      stevel 
     0      stevel 	/* Make it large enough for worst case */
     0      stevel 	ackmp = reallocb(mp, sizeof (struct T_addr_ack) +
     0      stevel 	    2 * sizeof (sin6_t), 1);
     0      stevel 	if (ackmp == NULL) {
     0      stevel 		udp_err_ack(q, mp, TSYSERR, ENOMEM);
     0      stevel 		return;
     0      stevel 	}
     0      stevel 	taa = (struct T_addr_ack *)ackmp->b_rptr;
     0      stevel 
     0      stevel 	bzero(taa, sizeof (struct T_addr_ack));
     0      stevel 	ackmp->b_wptr = (uchar_t *)&taa[1];
     0      stevel 
     0      stevel 	taa->PRIM_type = T_ADDR_ACK;
     0      stevel 	ackmp->b_datap->db_type = M_PCPROTO;
 11042        Erik 
 11042        Erik 	if (connp->conn_family == AF_INET)
 11042        Erik 		addrlen = sizeof (sin_t);
 11042        Erik 	else
 11042        Erik 		addrlen = sizeof (sin6_t);
 11042        Erik 
 11042        Erik 	mutex_enter(&connp->conn_lock);
     0      stevel 	/*
     0      stevel 	 * Note: Following code assumes 32 bit alignment of basic
     0      stevel 	 * data structures like sin_t and struct T_addr_ack.
     0      stevel 	 */
     0      stevel 	if (udp->udp_state != TS_UNBND) {
     0      stevel 		/*
     0      stevel 		 * Fill in local address first
     0      stevel 		 */
     0      stevel 		taa->LOCADDR_offset = sizeof (*taa);
 11042        Erik 		taa->LOCADDR_length = addrlen;
 11042        Erik 		sa = (struct sockaddr *)&taa[1];
 11042        Erik 		(void) conn_getsockname(connp, sa, &addrlen);
 11042        Erik 		ackmp->b_wptr += addrlen;
 11042        Erik 	}
 11042        Erik 	if (udp->udp_state == TS_DATA_XFER) {
 11042        Erik 		/*
 11042        Erik 		 * connected, fill remote address too
 11042        Erik 		 */
 11042        Erik 		taa->REMADDR_length = addrlen;
 11042        Erik 		/* assumed 32-bit alignment */
 11042        Erik 		taa->REMADDR_offset = taa->LOCADDR_offset + taa->LOCADDR_length;
 11042        Erik 		sa = (struct sockaddr *)(ackmp->b_rptr + taa->REMADDR_offset);
 11042        Erik 		(void) conn_getpeername(connp, sa, &addrlen);
 11042        Erik 		ackmp->b_wptr += addrlen;
 11042        Erik 	}
 11042        Erik 	mutex_exit(&connp->conn_lock);
     0      stevel 	ASSERT(ackmp->b_wptr <= ackmp->b_datap->db_lim);
  5240    nordmark 	qreply(q, ackmp);
     0      stevel }
     0      stevel 
     0      stevel static void
     0      stevel udp_copy_info(struct T_info_ack *tap, udp_t *udp)
     0      stevel {
 11042        Erik 	conn_t		*connp = udp->udp_connp;
 11042        Erik 
 11042        Erik 	if (connp->conn_family == AF_INET) {
     0      stevel 		*tap = udp_g_t_info_ack_ipv4;
     0      stevel 	} else {
     0      stevel 		*tap = udp_g_t_info_ack_ipv6;
     0      stevel 	}
     0      stevel 	tap->CURRENT_state = udp->udp_state;
     0      stevel 	tap->OPT_size = udp_max_optsize;
     0      stevel }
     0      stevel 
  8348        Eric static void
  8348        Eric udp_do_capability_ack(udp_t *udp, struct T_capability_ack *tcap,
  8348        Eric     t_uscalar_t cap_bits1)
  8348        Eric {
  8348        Eric 	tcap->CAP_bits1 = 0;
  8348        Eric 
  8348        Eric 	if (cap_bits1 & TC1_INFO) {
  8348        Eric 		udp_copy_info(&tcap->INFO_ack, udp);
  8348        Eric 		tcap->CAP_bits1 |= TC1_INFO;
  8348        Eric 	}
  8348        Eric }
  8348        Eric 
     0      stevel /*
     0      stevel  * This routine responds to T_CAPABILITY_REQ messages.  It is called by
     0      stevel  * udp_wput.  Much of the T_CAPABILITY_ACK information is copied from
     0      stevel  * udp_g_t_info_ack.  The current state of the stream is copied from
     0      stevel  * udp_state.
     0      stevel  */
     0      stevel static void
     0      stevel udp_capability_req(queue_t *q, mblk_t *mp)
     0      stevel {
     0      stevel 	t_uscalar_t		cap_bits1;
     0      stevel 	struct T_capability_ack	*tcap;
   741    masputra 	udp_t	*udp = Q_TO_UDP(q);
     0      stevel 
     0      stevel 	cap_bits1 = ((struct T_capability_req *)mp->b_rptr)->CAP_bits1;
     0      stevel 
     0      stevel 	mp = tpi_ack_alloc(mp, sizeof (struct T_capability_ack),
     0      stevel 	    mp->b_datap->db_type, T_CAPABILITY_ACK);
     0      stevel 	if (!mp)
     0      stevel 		return;
     0      stevel 
     0      stevel 	tcap = (struct T_capability_ack *)mp->b_rptr;
  8348        Eric 	udp_do_capability_ack(udp, tcap, cap_bits1);
     0      stevel 
  5240    nordmark 	qreply(q, mp);
     0      stevel }
     0      stevel 
     0      stevel /*
     0      stevel  * This routine responds to T_INFO_REQ messages.  It is called by udp_wput.
     0      stevel  * Most of the T_INFO_ACK information is copied from udp_g_t_info_ack.
     0      stevel  * The current state of the stream is copied from udp_state.
     0      stevel  */
     0      stevel static void
     0      stevel udp_info_req(queue_t *q, mblk_t *mp)
     0      stevel {
   741    masputra 	udp_t *udp = Q_TO_UDP(q);
     0      stevel 
     0      stevel 	/* Create a T_INFO_ACK message. */
     0      stevel 	mp = tpi_ack_alloc(mp, sizeof (struct T_info_ack), M_PCPROTO,
     0      stevel 	    T_INFO_ACK);
     0      stevel 	if (!mp)
     0      stevel 		return;
     0      stevel 	udp_copy_info((struct T_info_ack *)mp->b_rptr, udp);
  5240    nordmark 	qreply(q, mp);
     0      stevel }
     0      stevel 
  5240    nordmark /* For /dev/udp aka AF_INET open */
  5240    nordmark static int
  5240    nordmark udp_openv4(queue_t *q, dev_t *devp, int flag, int sflag, cred_t *credp)
  5240    nordmark {
  5240    nordmark 	return (udp_open(q, devp, flag, sflag, credp, B_FALSE));
  5240    nordmark }
  5240    nordmark 
  5240    nordmark /* For /dev/udp6 aka AF_INET6 open */
  5240    nordmark static int
  5240    nordmark udp_openv6(queue_t *q, dev_t *devp, int flag, int sflag, cred_t *credp)
  5240    nordmark {
  5240    nordmark 	return (udp_open(q, devp, flag, sflag, credp, B_TRUE));
  5240    nordmark }
  5240    nordmark 
     0      stevel /*
     0      stevel  * This is the open routine for udp.  It allocates a udp_t structure for
     0      stevel  * the stream and, on the first open of the module, creates an ND table.
     0      stevel  */
  5240    nordmark static int
  5240    nordmark udp_open(queue_t *q, dev_t *devp, int flag, int sflag, cred_t *credp,
  5240    nordmark     boolean_t isv6)
     0      stevel {
  5815    gt145670 	udp_t		*udp;
  5815    gt145670 	conn_t		*connp;
  5815    gt145670 	dev_t		conn_dev;
  5815    gt145670 	vmem_t		*minor_arena;
     0      stevel 
     0      stevel 	/* If the stream is already open, return immediately. */
     0      stevel 	if (q->q_ptr != NULL)
     0      stevel 		return (0);
     0      stevel 
  5240    nordmark 	if (sflag == MODOPEN)
     0      stevel 		return (EINVAL);
  3448    dh155122 
  5815    gt145670 	if ((ip_minor_arena_la != NULL) && (flag & SO_SOCKSTR) &&
  5815    gt145670 	    ((conn_dev = inet_minor_alloc(ip_minor_arena_la)) != 0)) {
  5815    gt145670 		minor_arena = ip_minor_arena_la;
  5815    gt145670 	} else {
  5815    gt145670 		/*
  5815    gt145670 		 * Either minor numbers in the large arena were exhausted
  5815    gt145670 		 * or a non socket application is doing the open.
  5815    gt145670 		 * Try to allocate from the small arena.
  5815    gt145670 		 */
  8348        Eric 		if ((conn_dev = inet_minor_alloc(ip_minor_arena_sa)) == 0)
  5815    gt145670 			return (EBUSY);
  8348        Eric 
  5815    gt145670 		minor_arena = ip_minor_arena_sa;
  5815    gt145670 	}
  5815    gt145670 
  8348        Eric 	if (flag & SO_FALLBACK) {
  8348        Eric 		/*
  8348        Eric 		 * Non streams socket needs a stream to fallback to
  8348        Eric 		 */
  8348        Eric 		RD(q)->q_ptr = (void *)conn_dev;
  8348        Eric 		WR(q)->q_qinfo = &udp_fallback_sock_winit;
  8348        Eric 		WR(q)->q_ptr = (void *)minor_arena;
  8348        Eric 		qprocson(q);
  8348        Eric 		return (0);
  8348        Eric 	}
  8348        Eric 
  8348        Eric 	connp = udp_do_open(credp, isv6, KM_SLEEP);
  8348        Eric 	if (connp == NULL) {
  8348        Eric 		inet_minor_free(minor_arena, conn_dev);
  8348        Eric 		return (ENOMEM);
  8348        Eric 	}
  8348        Eric 	udp = connp->conn_udp;
  8348        Eric 
  5240    nordmark 	*devp = makedevice(getemajor(*devp), (minor_t)conn_dev);
  5240    nordmark 	connp->conn_dev = conn_dev;
  5815    gt145670 	connp->conn_minor_arena = minor_arena;
   741    masputra 
   741    masputra 	/*
   741    masputra 	 * Initialize the udp_t structure for this stream.
   741    masputra 	 */
  5240    nordmark 	q->q_ptr = connp;
  5240    nordmark 	WR(q)->q_ptr = connp;
  5240    nordmark 	connp->conn_rq = q;
  5240    nordmark 	connp->conn_wq = WR(q);
  5240    nordmark 
 11042        Erik 	/*
 11042        Erik 	 * Since this conn_t/udp_t is not yet visible to anybody else we don't
 11042        Erik 	 * need to lock anything.
 11042        Erik 	 */
 11042        Erik 	ASSERT(connp->conn_proto == IPPROTO_UDP);
  5240    nordmark 	ASSERT(connp->conn_udp == udp);
  5240    nordmark 	ASSERT(udp->udp_connp == connp);
     0      stevel 
  5240    nordmark 	if (flag & SO_SOCKSTR) {
   741    masputra 		udp->udp_issocket = B_TRUE;
   741    masputra 	}
  1676         jpk 
 11042        Erik 	WR(q)->q_hiwat = connp->conn_sndbuf;
 11042        Erik 	WR(q)->q_lowat = connp->conn_sndlowat;
     0      stevel 
  8348        Eric 	qprocson(q);
  8348        Eric 
  8348        Eric 	/* Set the Stream head write offset and high watermark. */
 11042        Erik 	(void) proto_set_tx_wroff(q, connp, connp->conn_wroff);
 11042        Erik 	(void) proto_set_rx_hiwat(q, connp,
 11042        Erik 	    udp_set_rcv_hiwat(udp, connp->conn_rcvbuf));
  5240    nordmark 
  5240    nordmark 	mutex_enter(&connp->conn_lock);
  5240    nordmark 	connp->conn_state_flags &= ~CONN_INCIPIENT;
  5240    nordmark 	mutex_exit(&connp->conn_lock);
   741    masputra 	return (0);
     0      stevel }
     0      stevel 
     0      stevel /*
     0      stevel  * Which UDP options OK to set through T_UNITDATA_REQ...
     0      stevel  */
     0      stevel /* ARGSUSED */
     0      stevel static boolean_t
     0      stevel udp_opt_allow_udr_set(t_scalar_t level, t_scalar_t name)
     0      stevel {
     0      stevel 	return (B_TRUE);
     0      stevel }
     0      stevel 
     0      stevel /*
     0      stevel  * This routine gets default values of certain options whose default
     0      stevel  * values are maintained by protcol specific code
     0      stevel  */
     0      stevel int
  5240    nordmark udp_opt_default(queue_t *q, t_scalar_t level, t_scalar_t name, uchar_t *ptr)
     0      stevel {
  3448    dh155122 	udp_t		*udp = Q_TO_UDP(q);
  3448    dh155122 	udp_stack_t *us = udp->udp_us;
     0      stevel 	int *i1 = (int *)ptr;
     0      stevel 
     0      stevel 	switch (level) {
     0      stevel 	case IPPROTO_IP:
     0      stevel 		switch (name) {
     0      stevel 		case IP_MULTICAST_TTL:
     0      stevel 			*ptr = (uchar_t)IP_DEFAULT_MULTICAST_TTL;
     0      stevel 			return (sizeof (uchar_t));
     0      stevel 		case IP_MULTICAST_LOOP:
     0      stevel 			*ptr = (uchar_t)IP_DEFAULT_MULTICAST_LOOP;
     0      stevel 			return (sizeof (uchar_t));
     0      stevel 		}
     0      stevel 		break;
     0      stevel 	case IPPROTO_IPV6:
     0      stevel 		switch (name) {
     0      stevel 		case IPV6_MULTICAST_HOPS:
     0      stevel 			*i1 = IP_DEFAULT_MULTICAST_TTL;
     0      stevel 			return (sizeof (int));
     0      stevel 		case IPV6_MULTICAST_LOOP:
     0      stevel 			*i1 = IP_DEFAULT_MULTICAST_LOOP;
     0      stevel 			return (sizeof (int));
     0      stevel 		case IPV6_UNICAST_HOPS:
  3448    dh155122 			*i1 = us->us_ipv6_hoplimit;
     0      stevel 			return (sizeof (int));
     0      stevel 		}
     0      stevel 		break;
     0      stevel 	}
     0      stevel 	return (-1);
     0      stevel }
     0      stevel 
     0      stevel /*
  5240    nordmark  * This routine retrieves the current status of socket options.
 11042        Erik  * It returns the size of the option retrieved, or -1.
 11042        Erik  */
 11042        Erik int
 11042        Erik udp_opt_get(conn_t *connp, t_scalar_t level, t_scalar_t name,
 11042        Erik     uchar_t *ptr)
 11042        Erik {
  8348        Eric 	int		*i1 = (int *)ptr;
 11042        Erik 	udp_t		*udp = connp->conn_udp;
  8348        Eric 	int		len;
 11042        Erik 	conn_opt_arg_t	coas;
 11042        Erik 	int		retval;
 11042        Erik 
 11042        Erik 	coas.coa_connp = connp;
 11042        Erik 	coas.coa_ixa = connp->conn_ixa;
 11042        Erik 	coas.coa_ipp = &connp->conn_xmit_ipp;
 11042        Erik 	coas.coa_ancillary = B_FALSE;
 11042        Erik 	coas.coa_changed = 0;
 11042        Erik 
 11042        Erik 	/*
 11042        Erik 	 * We assume that the optcom framework has checked for the set
 11042        Erik 	 * of levels and names that are supported, hence we don't worry
 11042        Erik 	 * about rejecting based on that.
 11042        Erik 	 * First check for UDP specific handling, then pass to common routine.
 11042        Erik 	 */
 11042        Erik 	switch (level) {
 11042        Erik 	case IPPROTO_IP:
 11042        Erik 		/*
 11042        Erik 		 * Only allow IPv4 option processing on IPv4 sockets.
 11042        Erik 		 */
 11042        Erik 		if (connp->conn_family != AF_INET)
 11042        Erik 			return (-1);
 11042        Erik 
 11042        Erik 		switch (name) {
 11042        Erik 		case IP_OPTIONS:
 11042        Erik 		case T_IP_OPTIONS:
 11042        Erik 			mutex_enter(&connp->conn_lock);
 11042        Erik 			if (!(udp->udp_recv_ipp.ipp_fields &
 11042        Erik 			    IPPF_IPV4_OPTIONS)) {
 11042        Erik 				mutex_exit(&connp->conn_lock);
 11042        Erik 				return (0);
 11042        Erik 			}
 11042        Erik 
 11042        Erik 			len = udp->udp_recv_ipp.ipp_ipv4_options_len;
 11042        Erik 			ASSERT(len != 0);
 11042        Erik 			bcopy(udp->udp_recv_ipp.ipp_ipv4_options, ptr, len);
 11042        Erik 			mutex_exit(&connp->conn_lock);
 11042        Erik 			return (len);
 11042        Erik 		}
 11042        Erik 		break;
 11042        Erik 	case IPPROTO_UDP:
 11042        Erik 		switch (name) {
 11042        Erik 		case UDP_NAT_T_ENDPOINT:
 11042        Erik 			mutex_enter(&connp->conn_lock);
 11042        Erik 			*i1 = udp->udp_nat_t_endpoint;
 11042        Erik 			mutex_exit(&connp->conn_lock);
 11042        Erik 			return (sizeof (int));
 11042        Erik 		case UDP_RCVHDR:
 11042        Erik 			mutex_enter(&connp->conn_lock);
 11042        Erik 			*i1 = udp->udp_rcvhdr ? 1 : 0;
 11042        Erik 			mutex_exit(&connp->conn_lock);
 11042        Erik 			return (sizeof (int));
 11042        Erik 		}
 11042        Erik 	}
 11042        Erik 	mutex_enter(&connp->conn_lock);
 11042        Erik 	retval = conn_opt_get(&coas, level, name, ptr);
 11042        Erik 	mutex_exit(&connp->conn_lock);
 11042        Erik 	return (retval);
 11042        Erik }
 11042        Erik 
 11042        Erik /*
 11042        Erik  * This routine retrieves the current status of socket options.
 11042        Erik  * It returns the size of the option retrieved, or -1.
 11042        Erik  */
 11042        Erik int
 11042        Erik udp_tpi_opt_get(queue_t *q, t_scalar_t level, t_scalar_t name, uchar_t *ptr)
 11042        Erik {
 11042        Erik 	conn_t		*connp = Q_TO_CONN(q);
 11042        Erik 	int		err;
 11042        Erik 
 11042        Erik 	err = udp_opt_get(connp, level, name, ptr);
 11042        Erik 	return (err);
 11042        Erik }
 11042        Erik 
 11042        Erik /*
 11042        Erik  * This routine sets socket options.
 11042        Erik  */
 11042        Erik int
 11042        Erik udp_do_opt_set(conn_opt_arg_t *coa, int level, int name,
 11042        Erik     uint_t inlen, uchar_t *invalp, cred_t *cr, boolean_t checkonly)
 11042        Erik {
 11042        Erik 	conn_t		*connp = coa->coa_connp;
 11042        Erik 	ip_xmit_attr_t	*ixa = coa->coa_ixa;
 11042        Erik 	udp_t		*udp = connp->conn_udp;
 11042        Erik 	udp_stack_t	*us = udp->udp_us;
 11042        Erik 	int		*i1 = (int *)invalp;
 11042        Erik 	boolean_t 	onoff = (*i1 == 0) ? 0 : 1;
 11042        Erik 	int		error;
 11042        Erik 
 11042        Erik 	ASSERT(MUTEX_NOT_HELD(&coa->coa_connp->conn_lock));
 11042        Erik 	/*
 11042        Erik 	 * First do UDP specific sanity checks and handle UDP specific
 11042        Erik 	 * options. Note that some IPPROTO_UDP options are handled
 11042        Erik 	 * by conn_opt_set.
 11042        Erik 	 */
     0      stevel 	switch (level) {
     0      stevel 	case SOL_SOCKET:
     0      stevel 		switch (name) {
     0      stevel 		case SO_SNDBUF:
  3448    dh155122 			if (*i1 > us->us_max_buf) {
     0      stevel 				return (ENOBUFS);
     0      stevel 			}
     0      stevel 			break;
     0      stevel 		case SO_RCVBUF:
  3448    dh155122 			if (*i1 > us->us_max_buf) {
     0      stevel 				return (ENOBUFS);
     0      stevel 			}
 11042        Erik 			break;
 11042        Erik 
  1676         jpk 		case SCM_UCRED: {
  1676         jpk 			struct ucred_s *ucr;
 11042        Erik 			cred_t *newcr;
  1676         jpk 			ts_label_t *tsl;
  1676         jpk 
  1676         jpk 			/*
  1676         jpk 			 * Only sockets that have proper privileges and are
  1676         jpk 			 * bound to MLPs will have any other value here, so
  1676         jpk 			 * this implicitly tests for privilege to set label.
  1676         jpk 			 */
  1676         jpk 			if (connp->conn_mlp_type == mlptSingle)
  1676         jpk 				break;
 11042        Erik 
  1676         jpk 			ucr = (struct ucred_s *)invalp;
 11134      Casper 			if (inlen < sizeof (*ucr) + sizeof (bslabel_t) ||
  1676         jpk 			    ucr->uc_labeloff < sizeof (*ucr) ||
  1676         jpk 			    ucr->uc_labeloff + sizeof (bslabel_t) > inlen)
  1676         jpk 				return (EINVAL);
  1676         jpk 			if (!checkonly) {
 11042        Erik 				/*
 11042        Erik 				 * Set ixa_tsl to the new label.
 11042        Erik 				 * We assume that crgetzoneid doesn't change
 11042        Erik 				 * as part of the SCM_UCRED.
 11042        Erik 				 */
  1676         jpk 				ASSERT(cr != NULL);
  1676         jpk 				if ((tsl = crgetlabel(cr)) == NULL)
  1676         jpk 					return (EINVAL);
  1676         jpk 				newcr = copycred_from_bslabel(cr, UCLABEL(ucr),
  1676         jpk 				    tsl->tsl_doi, KM_NOSLEEP);
  1676         jpk 				if (newcr == NULL)
  1676         jpk 					return (ENOSR);
 11042        Erik 				ASSERT(newcr->cr_label != NULL);
 11042        Erik 				/*
 11042        Erik 				 * Move the hold on the cr_label to ixa_tsl by
 11042        Erik 				 * setting cr_label to NULL. Then release newcr.
 11042        Erik 				 */
 11042        Erik 				ip_xmit_attr_replace_tsl(ixa, newcr->cr_label);
 11042        Erik 				ixa->ixa_flags |= IXAF_UCRED_TSL;
 11042        Erik 				newcr->cr_label = NULL;
  1676         jpk 				crfree(newcr);
 11042        Erik 				coa->coa_changed |= COA_HEADER_CHANGED;
 11042        Erik 				coa->coa_changed |= COA_WROFF_CHANGED;
 11042        Erik 			}
 11042        Erik 			/* Fully handled this option. */
 11042        Erik 			return (0);
 11042        Erik 		}
 11042        Erik 		}
 11042        Erik 		break;
     0      stevel 	case IPPROTO_UDP:
     0      stevel 		switch (name) {
  4987      danmcd 		case UDP_NAT_T_ENDPOINT:
  4987      danmcd 			if ((error = secpolicy_ip_config(cr, B_FALSE)) != 0) {
  4987      danmcd 				return (error);
  4987      danmcd 			}
  4987      danmcd 
  4987      danmcd 			/*
 11042        Erik 			 * Use conn_family instead so we can avoid ambiguitites
  4987      danmcd 			 * with AF_INET6 sockets that may switch from IPv4
  4987      danmcd 			 * to IPv6.
  4987      danmcd 			 */
 11042        Erik 			if (connp->conn_family != AF_INET) {
  4987      danmcd 				return (EAFNOSUPPORT);
  4987      danmcd 			}
  4987      danmcd 
  4987      danmcd 			if (!checkonly) {
 11042        Erik 				mutex_enter(&connp->conn_lock);
  4987      danmcd 				udp->udp_nat_t_endpoint = onoff;
 11042        Erik 				mutex_exit(&connp->conn_lock);
 11042        Erik 				coa->coa_changed |= COA_HEADER_CHANGED;
 11042        Erik 				coa->coa_changed |= COA_WROFF_CHANGED;
 11042        Erik 			}
 11042        Erik 			/* Fully handled this option. */
 11042        Erik 			return (0);
 11042        Erik 		case UDP_RCVHDR:
 11042        Erik 			mutex_enter(&connp->conn_lock);
 11042        Erik 			udp->udp_rcvhdr = onoff;
 11042        Erik 			mutex_exit(&connp->conn_lock);
 11042        Erik 			return (0);
 11042        Erik 		}
 11042        Erik 		break;
 11042        Erik 	}
 11042        Erik 	error = conn_opt_set(coa, level, name, inlen, invalp,
 11042        Erik 	    checkonly, cr);
 11042        Erik 	return (error);
 11042        Erik }
 11042        Erik 
 11042        Erik /*
 11042        Erik  * This routine sets socket options.
 11042        Erik  */
 11042        Erik int
 11042        Erik udp_opt_set(conn_t *connp, uint_t optset_context, int level,
 11042        Erik     int name, uint_t inlen, uchar_t *invalp, uint_t *outlenp,
 11042        Erik     uchar_t *outvalp, void *thisdg_attrs, cred_t *cr)
 11042        Erik {
 11042        Erik 	udp_t		*udp = connp->conn_udp;
 11042        Erik 	int		err;
 11042        Erik 	conn_opt_arg_t	coas, *coa;
  8348        Eric 	boolean_t	checkonly;
 11042        Erik 	udp_stack_t	*us = udp->udp_us;
 11042        Erik 
  8348        Eric 	switch (optset_context) {
  8348        Eric 	case SETFN_OPTCOM_CHECKONLY:
  8348        Eric 		checkonly = B_TRUE;
  8348        Eric 		/*
  8348        Eric 		 * Note: Implies T_CHECK semantics for T_OPTCOM_REQ
  8348        Eric 		 * inlen != 0 implies value supplied and
  8348        Eric 		 * 	we have to "pretend" to set it.
  8348        Eric 		 * inlen == 0 implies that there is no
  8348        Eric 		 * 	value part in T_CHECK request and just validation
  8348        Eric 		 * done elsewhere should be enough, we just return here.
  8348        Eric 		 */
  8348        Eric 		if (inlen == 0) {
  8348        Eric 			*outlenp = 0;
 11042        Erik 			return (0);
  8348        Eric 		}
  8348        Eric 		break;
  8348        Eric 	case SETFN_OPTCOM_NEGOTIATE:
  8348        Eric 		checkonly = B_FALSE;
  8348        Eric 		break;
  8348        Eric 	case SETFN_UD_NEGOTIATE:
  8348        Eric 	case SETFN_CONN_NEGOTIATE:
  8348        Eric 		checkonly = B_FALSE;
  8348        Eric 		/*
  8348        Eric 		 * Negotiating local and "association-related" options
  8348        Eric 		 * through T_UNITDATA_REQ.
  8348        Eric 		 *
  8348        Eric 		 * Following routine can filter out ones we do not
  8348        Eric 		 * want to be "set" this way.
  8348        Eric 		 */
  8348        Eric 		if (!udp_opt_allow_udr_set(level, name)) {
  8348        Eric 			*outlenp = 0;
 11042        Erik 			return (EINVAL);
  8348        Eric 		}
  8348        Eric 		break;
  8348        Eric 	default:
  8348        Eric 		/*
  8348        Eric 		 * We should never get here
  8348        Eric 		 */
  8348        Eric 		*outlenp = 0;
 11042        Erik 		return (EINVAL);
  8348        Eric 	}
  8348        Eric 
  8348        Eric 	ASSERT((optset_context != SETFN_OPTCOM_CHECKONLY) ||
  8348        Eric 	    (optset_context == SETFN_OPTCOM_CHECKONLY && inlen != 0));
  8348        Eric 
 11042        Erik 	if (thisdg_attrs != NULL) {
 11042        Erik 		/* Options from T_UNITDATA_REQ */
 11042        Erik 		coa = (conn_opt_arg_t *)thisdg_attrs;
 11042        Erik 		ASSERT(coa->coa_connp == connp);
 11042        Erik 		ASSERT(coa->coa_ixa != NULL);
 11042        Erik 		ASSERT(coa->coa_ipp != NULL);
 11042        Erik 		ASSERT(coa->coa_ancillary);
 11042        Erik 	} else {
 11042        Erik 		coa = &coas;
 11042        Erik 		coas.coa_connp = connp;
 11042        Erik 		/* Get a reference on conn_ixa to prevent concurrent mods */
 11042        Erik 		coas.coa_ixa = conn_get_ixa(connp, B_TRUE);
 11042        Erik 		if (coas.coa_ixa == NULL) {
 11042        Erik 			*outlenp = 0;
 11042        Erik 			return (ENOMEM);
 11042        Erik 		}
 11042        Erik 		coas.coa_ipp = &connp->conn_xmit_ipp;
 11042        Erik 		coas.coa_ancillary = B_FALSE;
 11042        Erik 		coas.coa_changed = 0;
 11042        Erik 	}
 11042        Erik 
 11042        Erik 	err = udp_do_opt_set(coa, level, name, inlen, invalp,
 11042        Erik 	    cr, checkonly);
 11042        Erik 	if (err != 0) {
 11042        Erik errout:
 11042        Erik 		if (!coa->coa_ancillary)
 11042        Erik 			ixa_refrele(coa->coa_ixa);
 11042        Erik 		*outlenp = 0;
 11042        Erik 		return (err);
 11042        Erik 	}
 11042        Erik 	/* Handle DHCPINIT here outside of lock */
 11042        Erik 	if (level == IPPROTO_IP && name == IP_DHCPINIT_IF) {
 11042        Erik 		uint_t	ifindex;
 11042        Erik 		ill_t	*ill;
 11042        Erik 
 11042        Erik 		ifindex = *(uint_t *)invalp;
 11042        Erik 		if (ifindex == 0) {
 11042        Erik 			ill = NULL;
 11042        Erik 		} else {
 11042        Erik 			ill = ill_lookup_on_ifindex(ifindex, B_FALSE,
 11042        Erik 			    coa->coa_ixa->ixa_ipst);
 11042        Erik 			if (ill == NULL) {
 11042        Erik 				err = ENXIO;
 11042        Erik 				goto errout;
 11042        Erik 			}
 11042        Erik 
 11042        Erik 			mutex_enter(&ill->ill_lock);
 11042        Erik 			if (ill->ill_state_flags & ILL_CONDEMNED) {
 11042        Erik 				mutex_exit(&ill->ill_lock);
 11042        Erik 				ill_refrele(ill);
 11042        Erik 				err = ENXIO;
 11042        Erik 				goto errout;
 11042        Erik 			}
 11042        Erik 			if (IS_VNI(ill)) {
 11042        Erik 				mutex_exit(&ill->ill_lock);
 11042        Erik 				ill_refrele(ill);
 11042        Erik 				err = EINVAL;
 11042        Erik 				goto errout;
 11042        Erik 			}
 11042        Erik 		}
 11042        Erik 		mutex_enter(&connp->conn_lock);
 11042        Erik 
 11042        Erik 		if (connp->conn_dhcpinit_ill != NULL) {
 11042        Erik 			/*
 11042        Erik 			 * We've locked the conn so conn_cleanup_ill()
 11042        Erik 			 * cannot clear conn_dhcpinit_ill -- so it's
 11042        Erik 			 * safe to access the ill.
 11042        Erik 			 */
 11042        Erik 			ill_t *oill = connp->conn_dhcpinit_ill;
 11042        Erik 
 11042        Erik 			ASSERT(oill->ill_dhcpinit != 0);
 11042        Erik 			atomic_dec_32(&oill->ill_dhcpinit);
 11042        Erik 			ill_set_inputfn(connp->conn_dhcpinit_ill);
 11042        Erik 			connp->conn_dhcpinit_ill = NULL;
 11042        Erik 		}
 11042        Erik 
 11042        Erik 		if (ill != NULL) {
 11042        Erik 			connp->conn_dhcpinit_ill = ill;
 11042        Erik 			atomic_inc_32(&ill->ill_dhcpinit);
 11042        Erik 			ill_set_inputfn(ill);
 11042        Erik 			mutex_exit(&connp->conn_lock);
 11042        Erik 			mutex_exit(&ill->ill_lock);
 11042        Erik 			ill_refrele(ill);
 11042        Erik 		} else {
 11042        Erik 			mutex_exit(&connp->conn_lock);
 11042        Erik 		}
 11042        Erik 	}
 11042        Erik 
 11042        Erik 	/*
 11042        Erik 	 * Common case of OK return with outval same as inval.
 11042        Erik 	 */
 11042        Erik 	if (invalp != outvalp) {
 11042        Erik 		/* don't trust bcopy for identical src/dst */
 11042        Erik 		(void) bcopy(invalp, outvalp, inlen);
 11042        Erik 	}
 11042        Erik 	*outlenp = inlen;
 11042        Erik 
 11042        Erik 	/*
 11042        Erik 	 * If this was not ancillary data, then we rebuild the headers,
 11042        Erik 	 * update the IRE/NCE, and IPsec as needed.
 11042        Erik 	 * Since the label depends on the destination we go through
 11042        Erik 	 * ip_set_destination first.
 11042        Erik 	 */
 11042        Erik 	if (coa->coa_ancillary) {
 11042        Erik 		return (0);
 11042        Erik 	}
 11042        Erik 
 11042        Erik 	if (coa->coa_changed & COA_ROUTE_CHANGED) {
 11042        Erik 		in6_addr_t saddr, faddr, nexthop;
 11042        Erik 		in_port_t fport;
 11042        Erik 
 11042        Erik 		/*
 11042        Erik 		 * We clear lastdst to make sure we pick up the change
 11042        Erik 		 * next time sending.
 11042        Erik 		 * If we are connected we re-cache the information.
 11042        Erik 		 * We ignore errors to preserve BSD behavior.
 11042        Erik 		 * Note that we don't redo IPsec policy lookup here
 11042        Erik 		 * since the final destination (or source) didn't change.
 11042        Erik 		 */
 11042        Erik 		mutex_enter(&connp->conn_lock);
 11042        Erik 		connp->conn_v6lastdst = ipv6_all_zeros;
 11042        Erik 
 11042        Erik 		ip_attr_nexthop(coa->coa_ipp, coa->coa_ixa,
 11042        Erik 		    &connp->conn_faddr_v6, &nexthop);
 11042        Erik 		saddr = connp->conn_saddr_v6;
 11042        Erik 		faddr = connp->conn_faddr_v6;
 11042        Erik 		fport = connp->conn_fport;
 11042        Erik 		mutex_exit(&connp->conn_lock);
 11042        Erik 
 11042        Erik 		if (!IN6_IS_ADDR_UNSPECIFIED(&faddr) &&
 11042        Erik 		    !IN6_IS_ADDR_V4MAPPED_ANY(&faddr)) {
 11042        Erik 			(void) ip_attr_connect(connp, coa->coa_ixa,
 11042        Erik 			    &saddr, &faddr, &nexthop, fport, NULL, NULL,
 11042        Erik 			    IPDF_ALLOW_MCBC | IPDF_VERIFY_DST);
 11042        Erik 		}
 11042        Erik 	}
 11042        Erik 
 11042        Erik 	ixa_refrele(coa->coa_ixa);
 11042        Erik 
 11042        Erik 	if (coa->coa_changed & COA_HEADER_CHANGED) {
 11042        Erik 		/*
 11042        Erik 		 * Rebuild the header template if we are connected.
 11042        Erik 		 * Otherwise clear conn_v6lastdst so we rebuild the header
 11042        Erik 		 * in the data path.
 11042        Erik 		 */
 11042        Erik 		mutex_enter(&connp->conn_lock);
 11042        Erik 		if (!IN6_IS_ADDR_UNSPECIFIED(&connp->conn_faddr_v6) &&
 11042        Erik 		    !IN6_IS_ADDR_V4MAPPED_ANY(&connp->conn_faddr_v6)) {
 11042        Erik 			err = udp_build_hdr_template(connp,
 11042        Erik 			    &connp->conn_saddr_v6, &connp->conn_faddr_v6,
 11042        Erik 			    connp->conn_fport, connp->conn_flowinfo);
 11042        Erik 			if (err != 0) {
 11042        Erik 				mutex_exit(&connp->conn_lock);
 11042        Erik 				return (err);
 11042        Erik 			}
 11042        Erik 		} else {
 11042        Erik 			connp->conn_v6lastdst = ipv6_all_zeros;
 11042        Erik 		}
 11042        Erik 		mutex_exit(&connp->conn_lock);
 11042        Erik 	}
 11042        Erik 	if (coa->coa_changed & COA_RCVBUF_CHANGED) {
 11042        Erik 		(void) proto_set_rx_hiwat(connp->conn_rq, connp,
 11042        Erik 		    connp->conn_rcvbuf);
 11042        Erik 	}
 11042        Erik 	if ((coa->coa_changed & COA_SNDBUF_CHANGED) && !IPCL_IS_NONSTR(connp)) {
 11042        Erik 		connp->conn_wq->q_hiwat = connp->conn_sndbuf;
 11042        Erik 	}
 11042        Erik 	if (coa->coa_changed & COA_WROFF_CHANGED) {
 11042        Erik 		/* Increase wroff if needed */
 11042        Erik 		uint_t wroff;
 11042        Erik 
 11042        Erik 		mutex_enter(&connp->conn_lock);
 11042        Erik 		wroff = connp->conn_ht_iphc_allocated + us->us_wroff_extra;
 11042        Erik 		if (udp->udp_nat_t_endpoint)
 11042        Erik 			wroff += sizeof (uint32_t);
 11042        Erik 		if (wroff > connp->conn_wroff) {
 11042        Erik 			connp->conn_wroff = wroff;
 11042        Erik 			mutex_exit(&connp->conn_lock);
 11042        Erik 			(void) proto_set_tx_wroff(connp->conn_rq, connp, wroff);
 11042        Erik 		} else {
 11042        Erik 			mutex_exit(&connp->conn_lock);
 11042        Erik 		}
 11042        Erik 	}
 11042        Erik 	return (err);
 11042        Erik }
 11042        Erik 
 11042        Erik /* This routine sets socket options. */
  8348        Eric int
  8348        Eric udp_tpi_opt_set(queue_t *q, uint_t optset_context, int level, int name,
  8348        Eric     uint_t inlen, uchar_t *invalp, uint_t *outlenp, uchar_t *outvalp,
 11042        Erik     void *thisdg_attrs, cred_t *cr)
 11042        Erik {
 11042        Erik 	conn_t	*connp = Q_TO_CONN(q);
  8348        Eric 	int error;
 11042        Erik 
  8348        Eric 	error = udp_opt_set(connp, optset_context, level, name, inlen, invalp,
  8348        Eric 	    outlenp, outvalp, thisdg_attrs, cr);
 11042        Erik 	return (error);
 11042        Erik }
 11042        Erik 
 11042        Erik /*
 11042        Erik  * Setup IP and UDP headers.
 11042        Erik  * Returns NULL on allocation failure, in which case data_mp is freed.
 11042        Erik  */
 11042        Erik mblk_t *
 11042        Erik udp_prepend_hdr(conn_t *connp, ip_xmit_attr_t *ixa, const ip_pkt_t *ipp,
 11042        Erik     const in6_addr_t *v6src, const in6_addr_t *v6dst, in_port_t dstport,
 11042        Erik     uint32_t flowinfo, mblk_t *data_mp, int *errorp)
 11042        Erik {
 11042        Erik 	mblk_t		*mp;
 11042        Erik 	udpha_t		*udpha;
 11042        Erik 	udp_stack_t	*us = connp->conn_netstack->netstack_udp;
 11042        Erik 	uint_t		data_len;
 11042        Erik 	uint32_t	cksum;
 11042        Erik 	udp_t		*udp = connp->conn_udp;
 11042        Erik 	boolean_t	insert_spi = udp->udp_nat_t_endpoint;
 11042        Erik 	uint_t		ulp_hdr_len;
 11042        Erik 
 11042        Erik 	data_len = msgdsize(data_mp);
 11042        Erik 	ulp_hdr_len = UDPH_SIZE;
 11042        Erik 	if (insert_spi)
 11042        Erik 		ulp_hdr_len += sizeof (uint32_t);
 11042        Erik 
 11042        Erik 	mp = conn_prepend_hdr(ixa, ipp, v6src, v6dst, IPPROTO_UDP, flowinfo,
 11042        Erik 	    ulp_hdr_len, data_mp, data_len, us->us_wroff_extra, &cksum, errorp);
 11042        Erik 	if (mp == NULL) {
 11042        Erik 		ASSERT(*errorp != 0);
 11042        Erik 		return (NULL);
 11042        Erik 	}
 11042        Erik 
 11042        Erik 	data_len += ulp_hdr_len;
 11042        Erik 	ixa->ixa_pktlen = data_len + ixa->ixa_ip_hdr_length;
 11042        Erik 
 11042        Erik 	udpha = (udpha_t *)(mp->b_rptr + ixa->ixa_ip_hdr_length);
 11042        Erik 	udpha->uha_src_port = connp->conn_lport;
 11042        Erik 	udpha->uha_dst_port = dstport;
 11042        Erik 	udpha->uha_checksum = 0;
 11042        Erik 	udpha->uha_length = htons(data_len);
 11042        Erik 
 11042        Erik 	/*
 11042        Erik 	 * If there was a routing option/header then conn_prepend_hdr
 11042        Erik 	 * has massaged it and placed the pseudo-header checksum difference
 11042        Erik 	 * in the cksum argument.
 11042        Erik 	 *
 11042        Erik 	 * Setup header length and prepare for ULP checksum done in IP.
 11042        Erik 	 *
 11042        Erik 	 * We make it easy for IP to include our pseudo header
 11042        Erik 	 * by putting our length in uha_checksum.
 11042        Erik 	 * The IP source, destination, and length have already been set by
 11042        Erik 	 * conn_prepend_hdr.
 11042        Erik 	 */
 11042        Erik 	cksum += data_len;
 11042        Erik 	cksum = (cksum >> 16) + (cksum & 0xFFFF);
 11042        Erik 	ASSERT(cksum < 0x10000);
 11042        Erik 
 11042        Erik 	if (ixa->ixa_flags & IXAF_IS_IPV4) {
 11042        Erik 		ipha_t	*ipha = (ipha_t *)mp->b_rptr;
 11042        Erik 
 11042        Erik 		ASSERT(ntohs(ipha->ipha_length) == ixa->ixa_pktlen);
 11042        Erik 
 11042        Erik 		/* IP does the checksum if uha_checksum is non-zero */
 11042        Erik 		if (us->us_do_checksum) {
 11042        Erik 			if (cksum == 0)
 11042        Erik 				udpha->uha_checksum = 0xffff;
 11042        Erik 			else
 11042        Erik 				udpha->uha_checksum = htons(cksum);
 11042        Erik 		} else {
 11042        Erik 			udpha->uha_checksum = 0;
 11042        Erik 		}
 11042        Erik 	} else {
 11042        Erik 		ip6_t *ip6h = (ip6_t *)mp->b_rptr;
 11042        Erik 
 11042        Erik 		ASSERT(ntohs(ip6h->ip6_plen) + IPV6_HDR_LEN == ixa->ixa_pktlen);
 11042        Erik 		if (cksum == 0)
 11042        Erik 			udpha->uha_checksum = 0xffff;
 11042        Erik 		else
 11042        Erik 			udpha->uha_checksum = htons(cksum);
 11042        Erik 	}
 11042        Erik 
 11042        Erik 	/* Insert all-0s SPI now. */
 11042        Erik 	if (insert_spi)
 11042        Erik 		*((uint32_t *)(udpha + 1)) = 0;
 11042        Erik 
 11042        Erik 	return (mp);
 11042        Erik }
 11042        Erik 
 11042        Erik static int
 11042        Erik udp_build_hdr_template(conn_t *connp, const in6_addr_t *v6src,
 11042        Erik     const in6_addr_t *v6dst, in_port_t dstport, uint32_t flowinfo)
 11042        Erik {
 11042        Erik 	udpha_t		*udpha;
 11042        Erik 	int		error;
 11042        Erik 
 11042        Erik 	ASSERT(MUTEX_HELD(&connp->conn_lock));
 11042        Erik 	/*
 11042        Erik 	 * We clear lastdst to make sure we don't use the lastdst path
 11042        Erik 	 * next time sending since we might not have set v6dst yet.
 11042        Erik 	 */
 11042        Erik 	connp->conn_v6lastdst = ipv6_all_zeros;
 11042        Erik 
 11042        Erik 	error = conn_build_hdr_template(connp, UDPH_SIZE, 0, v6src, v6dst,
 11042        Erik 	    flowinfo);
 11042        Erik 	if (error != 0)
 11042        Erik 		return (error);
 11042        Erik 
 11042        Erik 	/*
 11042        Erik 	 * Any routing header/option has been massaged. The checksum difference
 11042        Erik 	 * is stored in conn_sum.
 11042        Erik 	 */
 11042        Erik 	udpha = (udpha_t *)connp->conn_ht_ulp;
 11042        Erik 	udpha->uha_src_port = connp->conn_lport;
 11042        Erik 	udpha->uha_dst_port = dstport;
 11042        Erik 	udpha->uha_checksum = 0;
 11042        Erik 	udpha->uha_length = htons(UDPH_SIZE);	/* Filled in later */
     0      stevel 	return (0);
     0      stevel }
     0      stevel 
     0      stevel /*
     0      stevel  * This routine retrieves the value of an ND variable in a udpparam_t
     0      stevel  * structure.  It is called through nd_getset when a user reads the
     0      stevel  * variable.
     0      stevel  */
     0      stevel /* ARGSUSED */
     0      stevel static int
     0      stevel udp_param_get(queue_t *q, mblk_t *mp, caddr_t cp, cred_t *cr)
     0      stevel {
     0      stevel 	udpparam_t *udppa = (udpparam_t *)cp;
     0      stevel 
     0      stevel 	(void) mi_mpprintf(mp, "%d", udppa->udp_param_value);
     0      stevel 	return (0);
     0      stevel }
     0      stevel 
     0      stevel /*
     0      stevel  * Walk through the param array specified registering each element with the
     0      stevel  * named dispatch (ND) handler.
     0      stevel  */
     0      stevel static boolean_t
  3448    dh155122 udp_param_register(IDP *ndp, udpparam_t *udppa, int cnt)
     0      stevel {
     0      stevel 	for (; cnt-- > 0; udppa++) {
     0      stevel 		if (udppa->udp_param_name && udppa->udp_param_name[0]) {
  3448    dh155122 			if (!nd_load(ndp, udppa->udp_param_name,
     0      stevel 			    udp_param_get, udp_param_set,
     0      stevel 			    (caddr_t)udppa)) {
  3448    dh155122 				nd_free(ndp);
     0      stevel 				return (B_FALSE);
     0      stevel 			}
     0      stevel 		}
     0      stevel 	}
  3448    dh155122 	if (!nd_load(ndp, "udp_extra_priv_ports",
     0      stevel 	    udp_extra_priv_ports_get, NULL, NULL)) {
  3448    dh155122 		nd_free(ndp);
     0      stevel 		return (B_FALSE);
     0      stevel 	}
  3448    dh155122 	if (!nd_load(ndp, "udp_extra_priv_ports_add",
     0      stevel 	    NULL, udp_extra_priv_ports_add, NULL)) {
  3448    dh155122 		nd_free(ndp);
     0      stevel 		return (B_FALSE);
     0      stevel 	}
  3448    dh155122 	if (!nd_load(ndp, "udp_extra_priv_ports_del",
     0      stevel 	    NULL, udp_extra_priv_ports_del, NULL)) {
  3448    dh155122 		nd_free(ndp);
     0      stevel 		return (B_FALSE);
     0      stevel 	}
     0      stevel 	return (B_TRUE);
     0      stevel }
     0      stevel 
     0      stevel /* This routine sets an ND variable in a udpparam_t structure. */
     0      stevel /* ARGSUSED */
     0      stevel static int
     0      stevel udp_param_set(queue_t *q, mblk_t *mp, char *value, caddr_t cp, cred_t *cr)
     0      stevel {
     0      stevel 	long		new_value;
     0      stevel 	udpparam_t	*udppa = (udpparam_t *)cp;
     0      stevel 
     0      stevel 	/*
     0      stevel 	 * Fail the request if the new value does not lie within the
     0      stevel 	 * required bounds.
     0      stevel 	 */
     0      stevel 	if (ddi_strtol(value, NULL, 10, &new_value) != 0 ||
     0      stevel 	    new_value < udppa->udp_param_min ||
     0      stevel 	    new_value > udppa->udp_param_max) {
     0      stevel 		return (EINVAL);
     0      stevel 	}
     0      stevel 
     0      stevel 	/* Set the new value */
     0      stevel 	udppa->udp_param_value = new_value;
     0      stevel 	return (0);
  1676         jpk }
  1676         jpk 
  8963      Anders static mblk_t *
  8348        Eric udp_queue_fallback(udp_t *udp, mblk_t *mp)
  8348        Eric {
  8348        Eric 	ASSERT(MUTEX_HELD(&udp->udp_recv_lock));
  8348        Eric 	if (IPCL_IS_NONSTR(udp->udp_connp)) {
  8348        Eric 		/*
  8348        Eric 		 * fallback has started but messages have not been moved yet
  8348        Eric 		 */
  8348        Eric 		if (udp->udp_fallback_queue_head == NULL) {
  8348        Eric 			ASSERT(udp->udp_fallback_queue_tail == NULL);
  8348        Eric 			udp->udp_fallback_queue_head = mp;
  8348        Eric 			udp->udp_fallback_queue_tail = mp;
  8348        Eric 		} else {
  8348        Eric 			ASSERT(udp->udp_fallback_queue_tail != NULL);
  8348        Eric 			udp->udp_fallback_queue_tail->b_next = mp;
  8348        Eric 			udp->udp_fallback_queue_tail = mp;
  8348        Eric 		}
  8963      Anders 		return (NULL);
  8963      Anders 	} else {
  8963      Anders 		/*
  8963      Anders 		 * Fallback completed, let the caller putnext() the mblk.
  8963      Anders 		 */
  8963      Anders 		return (mp);
  8963      Anders 	}
  8963      Anders }
  8963      Anders 
  8963      Anders /*
  8963      Anders  * Deliver data to ULP. In case we have a socket, and it's falling back to
  8963      Anders  * TPI, then we'll queue the mp for later processing.
  8963      Anders  */
  8963      Anders static void
 11042        Erik udp_ulp_recv(conn_t *connp, mblk_t *mp, uint_t len, ip_recv_attr_t *ira)
  8963      Anders {
  8963      Anders 	if (IPCL_IS_NONSTR(connp)) {
  8963      Anders 		udp_t *udp = connp->conn_udp;
  8963      Anders 		int error;
  8963      Anders 
 11042        Erik 		ASSERT(len == msgdsize(mp));
  8963      Anders 		if ((*connp->conn_upcalls->su_recv)
 11042        Erik 		    (connp->conn_upper_handle, mp, len, 0, &error, NULL) < 0) {
  8963      Anders 			mutex_enter(&udp->udp_recv_lock);
  8963      Anders 			if (error == ENOSPC) {
  8963      Anders 				/*
  8963      Anders 				 * let's confirm while holding the lock
  8963      Anders 				 */
  8963      Anders 				if ((*connp->conn_upcalls->su_recv)
  8963      Anders 				    (connp->conn_upper_handle, NULL, 0, 0,
  8963      Anders 				    &error, NULL) < 0) {
  8963      Anders 					ASSERT(error == ENOSPC);
  8963      Anders 					if (error == ENOSPC) {
  8963      Anders 						connp->conn_flow_cntrld =
  8963      Anders 						    B_TRUE;
  8963      Anders 					}
  8963      Anders 				}
  8963      Anders 				mutex_exit(&udp->udp_recv_lock);
  8963      Anders 			} else {
  8963      Anders 				ASSERT(error == EOPNOTSUPP);
  8963      Anders 				mp = udp_queue_fallback(udp, mp);
  8963      Anders 				mutex_exit(&udp->udp_recv_lock);
  8963      Anders 				if (mp != NULL)
  8963      Anders 					putnext(connp->conn_rq, mp);
  8963      Anders 			}
  8963      Anders 		}
  8963      Anders 		ASSERT(MUTEX_NOT_HELD(&udp->udp_recv_lock));
  8963      Anders 	} else {
 11042        Erik 		if (is_system_labeled()) {
 11042        Erik 			ASSERT(ira->ira_cred != NULL);
 11042        Erik 			/*
 11042        Erik 			 * Provide for protocols above UDP such as RPC
 11042        Erik 			 * NOPID leaves db_cpid unchanged.
 11042        Erik 			 */
 11042        Erik 			mblk_setcred(mp, ira->ira_cred, NOPID);
 11042        Erik 		}
 11042        Erik 
  8963      Anders 		putnext(connp->conn_rq, mp);
  5240    nordmark 	}
  5240    nordmark }
  5240    nordmark 
 11042        Erik /*
 11042        Erik  * This is the inbound data path.
 11042        Erik  * IP has already pulled up the IP plus UDP headers and verified alignment
 11042        Erik  * etc.
 11042        Erik  */
  5240    nordmark /* ARGSUSED2 */
  5240    nordmark static void
 11042        Erik udp_input(void *arg1, mblk_t *mp, void *arg2, ip_recv_attr_t *ira)
 11042        Erik {
 11042        Erik 	conn_t			*connp = (conn_t *)arg1;
     0      stevel 	struct T_unitdata_ind	*tudi;
   741    masputra 	uchar_t			*rptr;		/* Pointer to IP header */
   741    masputra 	int			hdr_length;	/* Length of IP+UDP headers */
     0      stevel 	int			udi_size;	/* Size of T_unitdata_ind */
 11042        Erik 	int			pkt_len;
     0      stevel 	udp_t			*udp;
     0      stevel 	udpha_t			*udpha;
 11042        Erik 	ip_pkt_t		ipps;
     0      stevel 	ip6_t			*ip6h;
     0      stevel 	mblk_t			*mp1;
 11042        Erik 	uint32_t		udp_ipv4_options_len;
 11042        Erik 	crb_t			recv_ancillary;
 11042        Erik 	udp_stack_t		*us;
     0      stevel 
  5240    nordmark 	ASSERT(connp->conn_flags & IPCL_UDPCONN);
     0      stevel 
   741    masputra 	udp = connp->conn_udp;
  3448    dh155122 	us = udp->udp_us;
     0      stevel 	rptr = mp->b_rptr;
 11042        Erik 
 11042        Erik 	ASSERT(DB_TYPE(mp) == M_DATA);
   741    masputra 	ASSERT(OK_32PTR(rptr));
 11042        Erik 	ASSERT(ira->ira_pktlen == msgdsize(mp));
 11042        Erik 	pkt_len = ira->ira_pktlen;
 11042        Erik 
 11042        Erik 	/*
 11042        Erik 	 * Get a snapshot of these and allow other threads to change
 11042        Erik 	 * them after that. We need the same recv_ancillary when determining
 11042        Erik 	 * the size as when adding the ancillary data items.
 11042        Erik 	 */
 11042        Erik 	mutex_enter(&connp->conn_lock);
 11042        Erik 	udp_ipv4_options_len = udp->udp_recv_ipp.ipp_ipv4_options_len;
 11042        Erik 	recv_ancillary = connp->conn_recv_ancillary;
 11042        Erik 	mutex_exit(&connp->conn_lock);
 11042        Erik 
 11042        Erik 	hdr_length = ira->ira_ip_hdr_length;
     0      stevel 
     0      stevel 	/*
     0      stevel 	 * IP inspected the UDP header thus all of it must be in the mblk.
     0      stevel 	 * UDP length check is performed for IPv6 packets and IPv4 packets
  5240    nordmark 	 * to check if the size of the packet as specified
 11042        Erik 	 * by the UDP header is the same as the length derived from the IP
 11042        Erik 	 * header.
 11042        Erik 	 */
 11042        Erik 	udpha = (udpha_t *)(rptr + hdr_length);
 11042        Erik 	if (pkt_len != ntohs(udpha->uha_length) + hdr_length)
     0      stevel 		goto tossit;
 11042        Erik 
 11042        Erik 	hdr_length += UDPH_SIZE;
 11042        Erik 	ASSERT(MBLKL(mp) >= hdr_length);	/* IP did a pullup */
 11042        Erik 
 11042        Erik 	/* Initialize regardless of IP version */
 11042        Erik 	ipps.ipp_fields = 0;
 11042        Erik 
 11042        Erik 	if (((ira->ira_flags & IRAF_IPV4_OPTIONS) ||
 11042        Erik 	    udp_ipv4_options_len > 0) &&
 11042        Erik 	    connp->conn_family == AF_INET) {
 11042        Erik 		int	err;
 11042        Erik 
 11042        Erik 		/*
 11042        Erik 		 * Record/update udp_recv_ipp with the lock
 11042        Erik 		 * held. Not needed for AF_INET6 sockets
 11042        Erik 		 * since they don't support a getsockopt of IP_OPTIONS.
 11042        Erik 		 */
 11042        Erik 		mutex_enter(&connp->conn_lock);
 11042        Erik 		err = ip_find_hdr_v4((ipha_t *)rptr, &udp->udp_recv_ipp,
 11042        Erik 		    B_TRUE);
 11042        Erik 		if (err != 0) {
 11042        Erik 			/* Allocation failed. Drop packet */
 11042        Erik 			mutex_exit(&connp->conn_lock);
 11042        Erik 			freemsg(mp);
 11042        Erik 			BUMP_MIB(&us->us_udp_mib, udpInErrors);
 11042        Erik 			return;
 11042        Erik 		}
 11042        Erik 		mutex_exit(&connp->conn_lock);
 11042        Erik 	}
 11042        Erik 
 11042        Erik 	if (recv_ancillary.crb_all != 0) {
 11042        Erik 		/*
 11042        Erik 		 * Record packet information in the ip_pkt_t
 11042        Erik 		 */
 11042        Erik 		if (ira->ira_flags & IRAF_IS_IPV4) {
 11042        Erik 			ASSERT(IPH_HDR_VERSION(rptr) == IPV4_VERSION);
 11042        Erik 			ASSERT(MBLKL(mp) >= sizeof (ipha_t));
 11042        Erik 			ASSERT(((ipha_t *)rptr)->ipha_protocol == IPPROTO_UDP);
 11042        Erik 			ASSERT(ira->ira_ip_hdr_length == IPH_HDR_LENGTH(rptr));
 11042        Erik 
 11042        Erik 			(void) ip_find_hdr_v4((ipha_t *)rptr, &ipps, B_FALSE);
 11042        Erik 		} else {
 11042        Erik 			uint8_t nexthdrp;
 11042        Erik 
 11042        Erik 			ASSERT(IPH_HDR_VERSION(rptr) == IPV6_VERSION);
 11042        Erik 			/*
 11042        Erik 			 * IPv6 packets can only be received by applications
 11042        Erik 			 * that are prepared to receive IPv6 addresses.
 11042        Erik 			 * The IP fanout must ensure this.
 11042        Erik 			 */
 11042        Erik 			ASSERT(connp->conn_family == AF_INET6);
 11042        Erik 
 11042        Erik 			ip6h = (ip6_t *)rptr;
 11042        Erik 
 11042        Erik 			/* We don't care about the length, but need the ipp */
 11042        Erik 			hdr_length = ip_find_hdr_v6(mp, ip6h, B_TRUE, &ipps,
 11042        Erik 			    &nexthdrp);
 11042        Erik 			ASSERT(hdr_length == ira->ira_ip_hdr_length);
 11042        Erik 			/* Restore */
 11042        Erik 			hdr_length = ira->ira_ip_hdr_length + UDPH_SIZE;
 11042        Erik 			ASSERT(nexthdrp == IPPROTO_UDP);
 11042        Erik 		}
   741    masputra 	}
     0      stevel 
     0      stevel 	/*
     0      stevel 	 * This is the inbound data path.  Packets are passed upstream as
 11042        Erik 	 * T_UNITDATA_IND messages.
 11042        Erik 	 */
 11042        Erik 	if (connp->conn_family == AF_INET) {
     0      stevel 		sin_t *sin;
     0      stevel 
     0      stevel 		ASSERT(IPH_HDR_VERSION((ipha_t *)rptr) == IPV4_VERSION);
     0      stevel 
     0      stevel 		/*
  5240    nordmark 		 * Normally only send up the source address.
 11042        Erik 		 * If any ancillary data items are wanted we add those.
     0      stevel 		 */
     0      stevel 		udi_size = sizeof (struct T_unitdata_ind) + sizeof (sin_t);
 11042        Erik 		if (recv_ancillary.crb_all != 0) {
 11042        Erik 			udi_size += conn_recvancillary_size(connp,
 11042        Erik 			    recv_ancillary, ira, mp, &ipps);
  1673    gt145670 		}
     0      stevel 
     0      stevel 		/* Allocate a message block for the T_UNITDATA_IND structure. */
     0      stevel 		mp1 = allocb(udi_size, BPRI_MED);
     0      stevel 		if (mp1 == NULL) {
     0      stevel 			freemsg(mp);
  5240    nordmark 			BUMP_MIB(&us->us_udp_mib, udpInErrors);
     0      stevel 			return;
     0      stevel 		}
     0      stevel 		mp1->b_cont = mp;
 11042        Erik 		mp1->b_datap->db_type = M_PROTO;
 11042        Erik 		tudi = (struct T_unitdata_ind *)mp1->b_rptr;
 11042        Erik 		mp1->b_wptr = (uchar_t *)tudi + udi_size;
     0      stevel 		tudi->PRIM_type = T_UNITDATA_IND;
     0      stevel 		tudi->SRC_length = sizeof (sin_t);
     0      stevel 		tudi->SRC_offset = sizeof (struct T_unitdata_ind);
     0      stevel 		tudi->OPT_offset = sizeof (struct T_unitdata_ind) +
     0      stevel 		    sizeof (sin_t);
     0      stevel 		udi_size -= (sizeof (struct T_unitdata_ind) + sizeof (sin_t));
     0      stevel 		tudi->OPT_length = udi_size;
     0      stevel 		sin = (sin_t *)&tudi[1];
     0      stevel 		sin->sin_addr.s_addr = ((ipha_t *)rptr)->ipha_src;
     0      stevel 		sin->sin_port =	udpha->uha_src_port;
 11042        Erik 		sin->sin_family = connp->conn_family;
     0      stevel 		*(uint32_t *)&sin->sin_zero[0] = 0;
     0      stevel 		*(uint32_t *)&sin->sin_zero[4] = 0;
     0      stevel 
     0      stevel 		/*
     0      stevel 		 * Add options if IP_RECVDSTADDR, IP_RECVIF, IP_RECVSLLA or
     0      stevel 		 * IP_RECVTTL has been set.
     0      stevel 		 */
     0      stevel 		if (udi_size != 0) {
 11042        Erik 			conn_recvancillary_add(connp, recv_ancillary, ira,
 11042        Erik 			    &ipps, (uchar_t *)&sin[1], udi_size);
     0      stevel 		}
     0      stevel 	} else {
     0      stevel 		sin6_t *sin6;
     0      stevel 
     0      stevel 		/*
     0      stevel 		 * Handle both IPv4 and IPv6 packets for IPv6 sockets.
     0      stevel 		 *
     0      stevel 		 * Normally we only send up the address. If receiving of any
     0      stevel 		 * optional receive side information is enabled, we also send
     0      stevel 		 * that up as options.
     0      stevel 		 */
     0      stevel 		udi_size = sizeof (struct T_unitdata_ind) + sizeof (sin6_t);
     0      stevel 
 11042        Erik 		if (recv_ancillary.crb_all != 0) {
 11042        Erik 			udi_size += conn_recvancillary_size(connp,
 11042        Erik 			    recv_ancillary, ira, mp, &ipps);
   741    masputra 		}
     0      stevel 
     0      stevel 		mp1 = allocb(udi_size, BPRI_MED);
     0      stevel 		if (mp1 == NULL) {
     0      stevel 			freemsg(mp);
  5240    nordmark 			BUMP_MIB(&us->us_udp_mib, udpInErrors);
     0      stevel 			return;
     0      stevel 		}
     0      stevel 		mp1->b_cont = mp;
 11042        Erik 		mp1->b_datap->db_type = M_PROTO;
 11042        Erik 		tudi = (struct T_unitdata_ind *)mp1->b_rptr;
 11042        Erik 		mp1->b_wptr = (uchar_t *)tudi + udi_size;
     0      stevel 		tudi->PRIM_type = T_UNITDATA_IND;
     0      stevel 		tudi->SRC_length = sizeof (sin6_t);
     0      stevel 		tudi->SRC_offset = sizeof (struct T_unitdata_ind);
     0      stevel 		tudi->OPT_offset = sizeof (struct T_unitdata_ind) +
     0      stevel 		    sizeof (sin6_t);
     0      stevel 		udi_size -= (sizeof (struct T_unitdata_ind) + sizeof (sin6_t));
     0      stevel 		tudi->OPT_length = udi_size;
     0      stevel 		sin6 = (sin6_t *)&tudi[1];
 11042        Erik 		if (ira->ira_flags & IRAF_IS_IPV4) {
     0      stevel 			in6_addr_t v6dst;
     0      stevel 
     0      stevel 			IN6_IPADDR_TO_V4MAPPED(((ipha_t *)rptr)->ipha_src,
     0      stevel 			    &sin6->sin6_addr);
     0      stevel 			IN6_IPADDR_TO_V4MAPPED(((ipha_t *)rptr)->ipha_dst,
     0      stevel 			    &v6dst);
     0      stevel 			sin6->sin6_flowinfo = 0;
     0      stevel 			sin6->sin6_scope_id = 0;
     0      stevel 			sin6->__sin6_src_id = ip_srcid_find_addr(&v6dst,
 11042        Erik 			    IPCL_ZONEID(connp), us->us_netstack);
 11042        Erik 		} else {
 11042        Erik 			ip6h = (ip6_t *)rptr;
 11042        Erik 
     0      stevel 			sin6->sin6_addr = ip6h->ip6_src;
     0      stevel 			/* No sin6_flowinfo per API */
     0      stevel 			sin6->sin6_flowinfo = 0;
 11042        Erik 			/* For link-scope pass up scope id */
 11042        Erik 			if (IN6_IS_ADDR_LINKSCOPE(&ip6h->ip6_src))
 11042        Erik 				sin6->sin6_scope_id = ira->ira_ruifindex;
     0      stevel 			else
     0      stevel 				sin6->sin6_scope_id = 0;
   741    masputra 			sin6->__sin6_src_id = ip_srcid_find_addr(
 11042        Erik 			    &ip6h->ip6_dst, IPCL_ZONEID(connp),
  3448    dh155122 			    us->us_netstack);
     0      stevel 		}
     0      stevel 		sin6->sin6_port = udpha->uha_src_port;
 11042        Erik 		sin6->sin6_family = connp->conn_family;
     0      stevel 
     0      stevel 		if (udi_size != 0) {
 11042        Erik 			conn_recvancillary_add(connp, recv_ancillary, ira,
 11042        Erik 			    &ipps, (uchar_t *)&sin6[1], udi_size);
 11042        Erik 		}
 11042        Erik 	}
 11042        Erik 
 11042        Erik 	/* Walk past the headers unless IP_RECVHDR was set. */
 11042        Erik 	if (!udp->udp_rcvhdr) {
 11042        Erik 		mp->b_rptr = rptr + hdr_length;
 11042        Erik 		pkt_len -= hdr_length;
     0      stevel 	}
     0      stevel 
  5240    nordmark 	BUMP_MIB(&us->us_udp_mib, udpHCInDatagrams);
 11042        Erik 	udp_ulp_recv(connp, mp1, pkt_len, ira);
   741    masputra 	return;
   741    masputra 
   741    masputra tossit:
   741    masputra 	freemsg(mp);
  5240    nordmark 	BUMP_MIB(&us->us_udp_mib, udpInErrors);
  5240    nordmark }
  5240    nordmark 
  5240    nordmark /*
  5240    nordmark  * return SNMP stuff in buffer in mpdata. We don't hold any lock and report
  5240    nordmark  * information that can be changing beneath us.
  5240    nordmark  */
  5240    nordmark mblk_t *
     0      stevel udp_snmp_get(queue_t *q, mblk_t *mpctl)
     0      stevel {
     0      stevel 	mblk_t			*mpdata;
     0      stevel 	mblk_t			*mp_conn_ctl;
  1676         jpk 	mblk_t			*mp_attr_ctl;
     0      stevel 	mblk_t			*mp6_conn_ctl;
  1676         jpk 	mblk_t			*mp6_attr_ctl;
  1676         jpk 	mblk_t			*mp_conn_tail;
  1676         jpk 	mblk_t			*mp_attr_tail;
  1676         jpk 	mblk_t			*mp6_conn_tail;
  1676         jpk 	mblk_t			*mp6_attr_tail;
     0      stevel 	struct opthdr		*optp;
     0      stevel 	mib2_udpEntry_t		ude;
     0      stevel 	mib2_udp6Entry_t	ude6;
  1676         jpk 	mib2_transportMLPEntry_t mlp;
     0      stevel 	int			state;
     0      stevel 	zoneid_t		zoneid;
   741    masputra 	int			i;
   741    masputra 	connf_t			*connfp;
   741    masputra 	conn_t			*connp = Q_TO_CONN(q);
  1676         jpk 	int			v4_conn_idx;
  1676         jpk 	int			v6_conn_idx;
  1676         jpk 	boolean_t		needattr;
  5240    nordmark 	udp_t			*udp;
  3448    dh155122 	ip_stack_t		*ipst = connp->conn_netstack->netstack_ip;
  5240    nordmark 	udp_stack_t		*us = connp->conn_netstack->netstack_udp;
  5240    nordmark 	mblk_t			*mp2ctl;
  5240    nordmark 
  5240    nordmark 	/*
  5240    nordmark 	 * make a copy of the original message
  5240    nordmark 	 */
  5240    nordmark 	mp2ctl = copymsg(mpctl);
  1676         jpk 
  1676         jpk 	mp_conn_ctl = mp_attr_ctl = mp6_conn_ctl = NULL;
     0      stevel 	if (mpctl == NULL ||
     0      stevel 	    (mpdata = mpctl->b_cont) == NULL ||
     0      stevel 	    (mp_conn_ctl = copymsg(mpctl)) == NULL ||
  1676         jpk 	    (mp_attr_ctl = copymsg(mpctl)) == NULL ||
  1676         jpk 	    (mp6_conn_ctl = copymsg(mpctl)) == NULL ||
  1676         jpk 	    (mp6_attr_ctl = copymsg(mpctl)) == NULL) {
     0      stevel 		freemsg(mp_conn_ctl);
  1676         jpk 		freemsg(mp_attr_ctl);
  1676         jpk 		freemsg(mp6_conn_ctl);
  5240    nordmark 		freemsg(mpctl);
  5240    nordmark 		freemsg(mp2ctl);
     0      stevel 		return (0);
     0      stevel 	}
     0      stevel 
   741    masputra 	zoneid = connp->conn_zoneid;
     0      stevel 
     0      stevel 	/* fixed length structure for IPv4 and IPv6 counters */
  5240    nordmark 	SET_MIB(us->us_udp_mib.udpEntrySize, sizeof (mib2_udpEntry_t));
  5240    nordmark 	SET_MIB(us->us_udp_mib.udp6EntrySize, sizeof (mib2_udp6Entry_t));
  3284    apersson 	/* synchronize 64- and 32-bit counters */
  5240    nordmark 	SYNC32_MIB(&us->us_udp_mib, udpInDatagrams, udpHCInDatagrams);
  5240    nordmark 	SYNC32_MIB(&us->us_udp_mib, udpOutDatagrams, udpHCOutDatagrams);
  3284    apersson 
     0      stevel 	optp = (struct opthdr *)&mpctl->b_rptr[sizeof (struct T_optmgmt_ack)];
     0      stevel 	optp->level = MIB2_UDP;
     0      stevel 	optp->name = 0;
  5240    nordmark 	(void) snmp_append_data(mpdata, (char *)&us->us_udp_mib,
  5240    nordmark 	    sizeof (us->us_udp_mib));
     0      stevel 	optp->len = msgdsize(mpdata);
     0      stevel 	qreply(q, mpctl);
     0      stevel 
  1676         jpk 	mp_conn_tail = mp_attr_tail = mp6_conn_tail = mp6_attr_tail = NULL;
  1676         jpk 	v4_conn_idx = v6_conn_idx = 0;
  1676         jpk 
   741    masputra 	for (i = 0; i < CONN_G_HASH_SIZE; i++) {
  3448    dh155122 		connfp = &ipst->ips_ipcl_globalhash_fanout[i];
   741    masputra 		connp = NULL;
   741    masputra 
   741    masputra 		while ((connp = ipcl_get_next_conn(connfp, connp,
  5240    nordmark 		    IPCL_UDPCONN))) {
   741    masputra 			udp = connp->conn_udp;
   741    masputra 			if (zoneid != connp->conn_zoneid)
   741    masputra 				continue;
   741    masputra 
   741    masputra 			/*
   741    masputra 			 * Note that the port numbers are sent in
   741    masputra 			 * host byte order
   741    masputra 			 */
   741    masputra 
   741    masputra 			if (udp->udp_state == TS_UNBND)
   741    masputra 				state = MIB2_UDP_unbound;
   741    masputra 			else if (udp->udp_state == TS_IDLE)
   741    masputra 				state = MIB2_UDP_idle;
   741    masputra 			else if (udp->udp_state == TS_DATA_XFER)
   741    masputra 				state = MIB2_UDP_connected;
   741    masputra 			else
   741    masputra 				state = MIB2_UDP_unknown;
  1676         jpk 
  1676         jpk 			needattr = B_FALSE;
  1676         jpk 			bzero(&mlp, sizeof (mlp));
  1676         jpk 			if (connp->conn_mlp_type != mlptSingle) {
  1676         jpk 				if (connp->conn_mlp_type == mlptShared ||
  1676         jpk 				    connp->conn_mlp_type == mlptBoth)
  1676         jpk 					mlp.tme_flags |= MIB2_TMEF_SHARED;
  1676         jpk 				if (connp->conn_mlp_type == mlptPrivate ||
  1676         jpk 				    connp->conn_mlp_type == mlptBoth)
  1676         jpk 					mlp.tme_flags |= MIB2_TMEF_PRIVATE;
  1676         jpk 				needattr = B_TRUE;
  1676         jpk 			}
  9710         Ken 			if (connp->conn_anon_mlp) {
  9710         Ken 				mlp.tme_flags |= MIB2_TMEF_ANONMLP;
  9710         Ken 				needattr = B_TRUE;
  9710         Ken 			}
 10934  sommerfeld 			switch (connp->conn_mac_mode) {
 10934  sommerfeld 			case CONN_MAC_DEFAULT:
 10934  sommerfeld 				break;
 10934  sommerfeld 			case CONN_MAC_AWARE:
  9710         Ken 				mlp.tme_flags |= MIB2_TMEF_MACEXEMPT;
  9710         Ken 				needattr = B_TRUE;
 10934  sommerfeld 				break;
 10934  sommerfeld 			case CONN_MAC_IMPLICIT:
 10934  sommerfeld 				mlp.tme_flags |= MIB2_TMEF_MACIMPLICIT;
 10934  sommerfeld 				needattr = B_TRUE;
 10934  sommerfeld 				break;
  9710         Ken 			}
 11042        Erik 			mutex_enter(&connp->conn_lock);
 11042        Erik 			if (udp->udp_state == TS_DATA_XFER &&
 11042        Erik 			    connp->conn_ixa->ixa_tsl != NULL) {
 11042        Erik 				ts_label_t *tsl;
 11042        Erik 
 11042        Erik 				tsl = connp->conn_ixa->ixa_tsl;
 11042        Erik 				mlp.tme_flags |= MIB2_TMEF_IS_LABELED;
 11042        Erik 				mlp.tme_doi = label2doi(tsl);
 11042        Erik 				mlp.tme_label = *label2bslabel(tsl);
 11042        Erik 				needattr = B_TRUE;
 11042        Erik 			}
 11042        Erik 			mutex_exit(&connp->conn_lock);
   741    masputra 
   741    masputra 			/*
   741    masputra 			 * Create an IPv4 table entry for IPv4 entries and also
   741    masputra 			 * any IPv6 entries which are bound to in6addr_any
   741    masputra 			 * (i.e. anything a IPv4 peer could connect/send to).
   741    masputra 			 */
 11042        Erik 			if (connp->conn_ipversion == IPV4_VERSION ||
   741    masputra 			    (udp->udp_state <= TS_IDLE &&
 11042        Erik 			    IN6_IS_ADDR_UNSPECIFIED(&connp->conn_laddr_v6))) {
   741    masputra 				ude.udpEntryInfo.ue_state = state;
   741    masputra 				/*
   741    masputra 				 * If in6addr_any this will set it to
   741    masputra 				 * INADDR_ANY
   741    masputra 				 */
 11042        Erik 				ude.udpLocalAddress = connp->conn_laddr_v4;
 11042        Erik 				ude.udpLocalPort = ntohs(connp->conn_lport);
   741    masputra 				if (udp->udp_state == TS_DATA_XFER) {
   741    masputra 					/*
   741    masputra 					 * Can potentially get here for
   741    masputra 					 * v6 socket if another process
   741    masputra 					 * (say, ping) has just done a
   741    masputra 					 * sendto(), changing the state
   741    masputra 					 * from the TS_IDLE above to
   741    masputra 					 * TS_DATA_XFER by the time we hit
   741    masputra 					 * this part of the code.
   741    masputra 					 */
   741    masputra 					ude.udpEntryInfo.ue_RemoteAddress =
 11042        Erik 					    connp->conn_faddr_v4;
   741    masputra 					ude.udpEntryInfo.ue_RemotePort =
 11042        Erik 					    ntohs(connp->conn_fport);
   741    masputra 				} else {
   741    masputra 					ude.udpEntryInfo.ue_RemoteAddress = 0;
   741    masputra 					ude.udpEntryInfo.ue_RemotePort = 0;
   741    masputra 				}
  3284    apersson 
  3284    apersson 				/*
  3284    apersson 				 * We make the assumption that all udp_t
  3284    apersson 				 * structs will be created within an address
  3284    apersson 				 * region no larger than 32-bits.
  3284    apersson 				 */
  3284    apersson 				ude.udpInstance = (uint32_t)(uintptr_t)udp;
  3284    apersson 				ude.udpCreationProcess =
 11042        Erik 				    (connp->conn_cpid < 0) ?
  3284    apersson 				    MIB2_UNKNOWN_PROCESS :
 11042        Erik 				    connp->conn_cpid;
 11042        Erik 				ude.udpCreationTime = connp->conn_open_time;
  3284    apersson 
  1676         jpk 				(void) snmp_append_data2(mp_conn_ctl->b_cont,
   741    masputra 				    &mp_conn_tail, (char *)&ude, sizeof (ude));
  1676         jpk 				mlp.tme_connidx = v4_conn_idx++;
  1676         jpk 				if (needattr)
  1676         jpk 					(void) snmp_append_data2(
  1676         jpk 					    mp_attr_ctl->b_cont, &mp_attr_tail,
  1676         jpk 					    (char *)&mlp, sizeof (mlp));
   741    masputra 			}
 11042        Erik 			if (connp->conn_ipversion == IPV6_VERSION) {
   741    masputra 				ude6.udp6EntryInfo.ue_state  = state;
 11042        Erik 				ude6.udp6LocalAddress = connp->conn_laddr_v6;
 11042        Erik 				ude6.udp6LocalPort = ntohs(connp->conn_lport);
 11042        Erik 				mutex_enter(&connp->conn_lock);
 11042        Erik 				if (connp->conn_ixa->ixa_flags &
 11042        Erik 				    IXAF_SCOPEID_SET) {
 11042        Erik 					ude6.udp6IfIndex =
 11042        Erik 					    connp->conn_ixa->ixa_scopeid;
 11042        Erik 				} else {
 11042        Erik 					ude6.udp6IfIndex = connp->conn_bound_if;
 11042        Erik 				}
 11042        Erik 				mutex_exit(&connp->conn_lock);
   741    masputra 				if (udp->udp_state == TS_DATA_XFER) {
   741    masputra 					ude6.udp6EntryInfo.ue_RemoteAddress =
 11042        Erik 					    connp->conn_faddr_v6;
   741    masputra 					ude6.udp6EntryInfo.ue_RemotePort =
 11042        Erik 					    ntohs(connp->conn_fport);
   741    masputra 				} else {
   741    masputra 					ude6.udp6EntryInfo.ue_RemoteAddress =
   741    masputra 					    sin6_null.sin6_addr;
   741    masputra 					ude6.udp6EntryInfo.ue_RemotePort = 0;
   741    masputra 				}
  3284    apersson 				/*
  3284    apersson 				 * We make the assumption that all udp_t
  3284    apersson 				 * structs will be created within an address
  3284    apersson 				 * region no larger than 32-bits.
  3284    apersson 				 */
  3284    apersson 				ude6.udp6Instance = (uint32_t)(uintptr_t)udp;
  3284    apersson 				ude6.udp6CreationProcess =
 11042        Erik 				    (connp->conn_cpid < 0) ?
  3284    apersson 				    MIB2_UNKNOWN_PROCESS :
 11042        Erik 				    connp->conn_cpid;
 11042        Erik 				ude6.udp6CreationTime = connp->conn_open_time;
  3284    apersson 
  1676         jpk 				(void) snmp_append_data2(mp6_conn_ctl->b_cont,
   741    masputra 				    &mp6_conn_tail, (char *)&ude6,
   741    masputra 				    sizeof (ude6));
  1676         jpk 				mlp.tme_connidx = v6_conn_idx++;
  1676         jpk 				if (needattr)
  1676         jpk 					(void) snmp_append_data2(
  1676         jpk 					    mp6_attr_ctl->b_cont,
  1676         jpk 					    &mp6_attr_tail, (char *)&mlp,
  1676         jpk 					    sizeof (mlp));
   741    masputra 			}
   741    masputra 		}
   741    masputra 	}
     0      stevel 
     0      stevel 	/* IPv4 UDP endpoints */
     0      stevel 	optp = (struct opthdr *)&mp_conn_ctl->b_rptr[
     0      stevel 	    sizeof (struct T_optmgmt_ack)];
     0      stevel 	optp->level = MIB2_UDP;
     0      stevel 	optp->name = MIB2_UDP_ENTRY;
  1676         jpk 	optp->len = msgdsize(mp_conn_ctl->b_cont);
     0      stevel 	qreply(q, mp_conn_ctl);
  1676         jpk 
  1676         jpk 	/* table of MLP attributes... */
  1676         jpk 	optp = (struct opthdr *)&mp_attr_ctl->b_rptr[
  1676         jpk 	    sizeof (struct T_optmgmt_ack)];
  1676         jpk 	optp->level = MIB2_UDP;
  1676         jpk 	optp->name = EXPER_XPORT_MLP;
  1676         jpk 	optp->len = msgdsize(mp_attr_ctl->b_cont);
  1676         jpk 	if (optp->len == 0)
  1676         jpk 		freemsg(mp_attr_ctl);
  1676         jpk 	else
  1676         jpk 		qreply(q, mp_attr_ctl);
     0      stevel 
     0      stevel 	/* IPv6 UDP endpoints */
     0      stevel 	optp = (struct opthdr *)&mp6_conn_ctl->b_rptr[
     0      stevel 	    sizeof (struct T_optmgmt_ack)];
     0      stevel 	optp->level = MIB2_UDP6;
     0      stevel 	optp->name = MIB2_UDP6_ENTRY;
  1676         jpk 	optp->len = msgdsize(mp6_conn_ctl->b_cont);
     0      stevel 	qreply(q, mp6_conn_ctl);
  1676         jpk 
  1676         jpk 	/* table of MLP attributes... */
  1676         jpk 	optp = (struct opthdr *)&mp6_attr_ctl->b_rptr[
  1676         jpk 	    sizeof (struct T_optmgmt_ack)];
  1676         jpk 	optp->level = MIB2_UDP6;
  1676         jpk 	optp->name = EXPER_XPORT_MLP;
  1676         jpk 	optp->len = msgdsize(mp6_attr_ctl->b_cont);
  1676         jpk 	if (optp->len == 0)
  1676         jpk 		freemsg(mp6_attr_ctl);
  1676         jpk 	else
  1676         jpk 		qreply(q, mp6_attr_ctl);
     0      stevel 
  5240    nordmark 	return (mp2ctl);
     0      stevel }
     0      stevel 
     0      stevel /*
     0      stevel  * Return 0 if invalid set request, 1 otherwise, including non-udp requests.
     0      stevel  * NOTE: Per MIB-II, UDP has no writable data.
     0      stevel  * TODO:  If this ever actually tries to set anything, it needs to be
     0      stevel  * to do the appropriate locking.
     0      stevel  */
     0      stevel /* ARGSUSED */
   741    masputra int
     0      stevel udp_snmp_set(queue_t *q, t_scalar_t level, t_scalar_t name,
     0      stevel     uchar_t *ptr, int len)
     0      stevel {
     0      stevel 	switch (level) {
     0      stevel 	case MIB2_UDP:
     0      stevel 		return (0);
     0      stevel 	default:
     0      stevel 		return (1);
     0      stevel 	}
     0      stevel }
     0      stevel 
     0      stevel /*
     0      stevel  * This routine creates a T_UDERROR_IND message and passes it upstream.
     0      stevel  * The address and options are copied from the T_UNITDATA_REQ message
     0      stevel  * passed in mp.  This message is freed.
     0      stevel  */
     0      stevel static void
 11042        Erik udp_ud_err(queue_t *q, mblk_t *mp, t_scalar_t err)
   741    masputra {
   741    masputra 	struct T_unitdata_req *tudr;
     0      stevel 	mblk_t	*mp1;
 11042        Erik 	uchar_t *destaddr;
 11042        Erik 	t_scalar_t destlen;
   741    masputra 	uchar_t	*optaddr;
   741    masputra 	t_scalar_t optlen;
   741    masputra 
 11042        Erik 	if ((mp->b_wptr < mp->b_rptr) ||
 11042        Erik 	    (MBLKL(mp)) < sizeof (struct T_unitdata_req)) {
 11042        Erik 		goto done;
 11042        Erik 	}
 11042        Erik 	tudr = (struct T_unitdata_req *)mp->b_rptr;
 11042        Erik 	destaddr = mp->b_rptr + tudr->DEST_offset;
 11042        Erik 	if (destaddr < mp->b_rptr || destaddr >= mp->b_wptr ||
 11042        Erik 	    destaddr + tudr->DEST_length < mp->b_rptr ||
 11042        Erik 	    destaddr + tudr->DEST_length > mp->b_wptr) {
 11042        Erik 		goto done;
 11042        Erik 	}
 11042        Erik 	optaddr = mp->b_rptr + tudr->OPT_offset;
 11042        Erik 	if (optaddr < mp->b_rptr || optaddr >= mp->b_wptr ||
 11042        Erik 	    optaddr + tudr->OPT_length < mp->b_rptr ||
 11042        Erik 	    optaddr + tudr->OPT_length > mp->b_wptr) {
 11042        Erik 		goto done;
 11042        Erik 	}
 11042        Erik 	destlen = tudr->DEST_length;
 11042        Erik 	optlen = tudr->OPT_length;
   741    masputra 
   741    masputra 	mp1 = mi_tpi_uderror_ind((char *)destaddr, destlen,
   741    masputra 	    (char *)optaddr, optlen, err);
   741    masputra 	if (mp1 != NULL)
  5240    nordmark 		qreply(q, mp1);
     0      stevel 
     0      stevel done:
     0      stevel 	freemsg(mp);
     0      stevel