Re: ipf_inject_input return error 45
Re: ipf_inject_input return error 45
- Subject: Re: ipf_inject_input return error 45
- From: "Mike C." <email@hidden>
- Date: Sat, 17 Dec 2011 14:28:18 +0100
Hello again,
I solved my problem by copying the mbuf with mbuf_dup before returning
from the input_fn function. When I later inject that copy everything
works as expected. I probably misinterpreted the documentation of
ipf_input_func [1]. I thought returning EJUSTRETURN means that I can
hold on to the mbuf to reinject it later. But as it turns out, someone
is messing with the memory of that mbuf making the injection fail.
Copying the mbuf solved the problem.
Thanks again for your help!
Mike
[1] http://developer.apple.com/library/mac/#documentation/Darwin/Reference/KernelIOKitFramework/kpi_ipfilter_h/index.html#//apple_ref/c/tdef/ipf_input_func
2011/12/8 Vincent Lubet <email@hidden>:
> Mike,
>
> It's not clear to me what's going wrong but in case like these I use printf to show the detail of the mbuf. I would compare the saved_packet
> mbuf before calling ctl_enqueuembuf() and before ipf_inject_input().
>
> Vincent
>
> Le Dec 8, 2011 à 9:57 AM, Mike C. a écrit :
>
>> Hello Vincent,
>>
>> Thanks for your response!
>>
>> I am not modifying the mbuf captured in the input_fn function by the
>> IP filter in any way. In fact, if I re-inject the mbuf right after
>> capturing it while I am still in the input_fn function, everything
>> works out as expected. However, when I re-inject the same mbuf later
>> (after receiving the processing result from user mode) I get an
>> ENOTSUP error. Am I not allowed to hold on to the mbuf reference to
>> re-inject it later??
>>
>> Mike
>>
>> 2011/12/8 Vincent Lubet <email@hidden>:
>>> Mike,
>>>
>>> ENOTSUP is returned by ipf_inject_input() when the packet is not an IPv4 or IPv6 packet. You need to make sure the mbuf data pointer points to the start of the IPv4 or IPv6 packet.
>>>
>>> Vincent
>>>
>>> Le Dec 8, 2011 à 4:02 AM, Mike C. a écrit :
>>>
>>>> Hello,
>>>>
>>>> I am working on a Network Kernel Extension that re-injects packets
>>>> after they have been captured with an IP Filter. However, the
>>>> re-injection doesn't work. ipf_inject_input always returns error code
>>>> 45, which means "Operation not supported". What am I doing wrong? Here
>>>> is my setup and (simplified) code:
>>>>
>>>> mbuf_t *saved_packet = NULL;
>>>>
>>>> // function called by ip filter when new ip packet arrives
>>>> errno_t input_fn(void *cookie, mbuf_t *data, int offset, u_int8_t protocol) {
>>>>
>>>> // test, if packet is interesting for us
>>>> // [...]
>>>>
>>>> if (saved_packet != NULL) {
>>>> // Drop
>>>> return -1;
>>>> }
>>>>
>>>> // keep reference to packet for later injection
>>>> saved_packet = data;
>>>>
>>>> // send packet to usermode for further processing
>>>> mbuf_t new_mbuf;
>>>> mbuf_dup(*data, MBUF_WAITOK, &new_mbuf);
>>>> if (ctl_enqueuembuf(ctlref, ctrl_unit, new_mbuf, 0) != 0) {
>>>> // error, drop packet
>>>> saved_packet = NULL;
>>>> retrun -1;
>>>> }
>>>>
>>>> // EJUSTRETURN = the packet will not be freed
>>>> return EJUSTRETURN;
>>>> }
>>>>
>>>>
>>>> // function called when usermode sends processing result back
>>>> errno_t ctl_send_fn(kern_ctl_ref kctlref, u_int32_t unit, void
>>>> *unitinfo, mbuf_t m, int flags) {
>>>> int result;
>>>> mbuf_copydata(m, 0, sizeof(result), &result);
>>>>
>>>> if (result == 1) {
>>>>
>>>> // the following call returns 45 ("Operation not supported") - WHY??
>>>> errno_t errno = ipf_inject_input(*saved_packet, installed_filter);
>>>>
>>>> saved_packet = NULL;
>>>> } else {
>>>> // [...]
>>>> }
>>>>
>>>> return 0;
>>>> }
>>>>
>>>> Where is my mistake? Your help is greatly appreciated!
>>>
>
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Darwin-kernel mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden