Date: Sat, 25 Jul 2009 00:15:13 +0200 From: Ana Kukec <anchie@fer.hr> To: soc-status@freebsd.org Cc: "Bjoern A. Zeeb" <bz@freebsd.org> Subject: Native kernel APIs for SeND - report 5 Message-ID: <4A6A3271.5010809@fer.hr>
next in thread | raw e-mail | index | archive | help
Hi, Before giving the bulleted list of things that i have implemented in last two weeks, i will give the brief reminder into the things that are already finished.The first step was to select just Neighbor Discovery (ND) packets and send them to the user space SEND implementation (send-0.2/sendd). Packets were taged with m_tag in netinet6/nd6.c, intercept in netinet6/nd6.c: nd6_output_lle(), from where they are passed to the SEND input hook (netinet6/send.c: send_input()). Opposite to the SEND input hook that is placed on the way through which ND packets flow from the kernel (actually wire) to the user space, the SEND output hook is placed on the way through which SEND packets flow from the user spaceto kernel and wire. During the last weeks i finished and tested the code that deals with outgoing packets and the output hook. I.e. the packets that have been cryptographically protected in SEND user space application, and are supposed to b e sent to the corresponding host. This includes: - modification of send-0.2/sendd in order to send the packet back to the kernel after doing the cryptographic processing (i.e. adding SEND-rfc3971 options).Instead of using the NgSendData() the packet is passed back to the kernelthrough the routing socket now. - extension of net/rtsock.c: route_output(). Function is now able to receive RTM_SND message from the SEND user space application. It passes the SEND protected packet to the SEND output hook (netinet6/send.c: send_output()). - implementation of the SEND output hook (netinet6/send.c) that receives SEND protected packets from the SEND user space application and sends it out directly using if_output(). Previous was tested through achieving SEND communication with the netgraph send-0.2 correspondent node. Since the code related to the outgoing packets (both the input and output hook) has been finished and tested, i started working on the incoming SEND packets: - extensions of netinet6/icmp6.c: icmp6_input() in order to pass the incoming SEND packet to SEND input hook. The input hook prepends to the message the if_announcemsghdr and sends it to the user space SEND implementation for SEND validation (i.e. trimming off SEND-rfc3971 options). Previous code introduced problems with mbuf handling. So, the next step is to debug this part of code and test it. Ana
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4A6A3271.5010809>