summaryrefslogtreecommitdiffstats
path: root/src/VBox/HostDrivers/VBoxNetFlt/VBoxNetFlt.c
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-07 16:49:04 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-07 16:49:04 +0000
commit16f504a9dca3fe3b70568f67b7d41241ae485288 (patch)
treec60f36ada0496ba928b7161059ba5ab1ab224f9d /src/VBox/HostDrivers/VBoxNetFlt/VBoxNetFlt.c
parentInitial commit. (diff)
downloadvirtualbox-16f504a9dca3fe3b70568f67b7d41241ae485288.tar.xz
virtualbox-16f504a9dca3fe3b70568f67b7d41241ae485288.zip
Adding upstream version 7.0.6-dfsg.upstream/7.0.6-dfsgupstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'src/VBox/HostDrivers/VBoxNetFlt/VBoxNetFlt.c')
-rw-r--r--src/VBox/HostDrivers/VBoxNetFlt/VBoxNetFlt.c1591
1 files changed, 1591 insertions, 0 deletions
diff --git a/src/VBox/HostDrivers/VBoxNetFlt/VBoxNetFlt.c b/src/VBox/HostDrivers/VBoxNetFlt/VBoxNetFlt.c
new file mode 100644
index 00000000..720fe0b8
--- /dev/null
+++ b/src/VBox/HostDrivers/VBoxNetFlt/VBoxNetFlt.c
@@ -0,0 +1,1591 @@
+/* $Id: VBoxNetFlt.c $ */
+/** @file
+ * VBoxNetFlt - Network Filter Driver (Host), Common Code.
+ */
+
+/*
+ * Copyright (C) 2008-2022 Oracle and/or its affiliates.
+ *
+ * This file is part of VirtualBox base platform packages, as
+ * available from https://www.virtualbox.org.
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation, in version 3 of the
+ * License.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, see <https://www.gnu.org/licenses>.
+ *
+ * The contents of this file may alternatively be used under the terms
+ * of the Common Development and Distribution License Version 1.0
+ * (CDDL), a copy of it is provided in the "COPYING.CDDL" file included
+ * in the VirtualBox distribution, in which case the provisions of the
+ * CDDL are applicable instead of those of the GPL.
+ *
+ * You may elect to license modified versions of this file under the
+ * terms and conditions of either the GPL or the CDDL or both.
+ *
+ * SPDX-License-Identifier: GPL-3.0-only OR CDDL-1.0
+ */
+
+/** @page pg_netflt VBoxNetFlt - Network Interface Filter
+ *
+ * This is a kernel module that attaches to a real interface on the host and
+ * filters and injects packets.
+ *
+ * In the big picture we're one of the three trunk interface on the internal
+ * network, the one named "NIC Filter Driver": @image html Networking_Overview.gif
+ *
+ *
+ * @section sec_netflt_locking Locking and Potential Races
+ *
+ * The main challenge here is to make sure the netfilter and internal network
+ * instances won't be destroyed while someone is calling into them.
+ *
+ * The main calls into or out of of the filter driver are:
+ * - Send.
+ * - Async send completion (not implemented yet)
+ * - Release by the internal network.
+ * - Receive.
+ * - Disappearance of the host networking interface.
+ * - Reappearance of the host networking interface.
+ *
+ * The latter two calls are can be caused by driver unloading/loading or the
+ * device being physical unplugged (e.g. a USB network device). Actually, the
+ * unload scenario must fervently be prevent as it will cause panics because the
+ * internal network will assume the trunk is around until it releases it.
+ * @todo Need to figure which host allow unloading and block/fix it.
+ *
+ * Currently the netfilter instance lives until the internal network releases
+ * it. So, it is the internal networks responsibility to make sure there are no
+ * active calls when it releases the trunk and destroys the network. The
+ * netfilter assists in this by providing INTNETTRUNKIFPORT::pfnSetState and
+ * INTNETTRUNKIFPORT::pfnWaitForIdle. The trunk state is used to enable/disable
+ * promiscuous mode on the hardware NIC (or similar activation) as well
+ * indicating that disconnect is imminent and no further calls shall be made
+ * into the internal network. After changing the state to disconnecting and
+ * prior to invoking INTNETTRUNKIFPORT::pfnDisconnectAndRelease, the internal
+ * network will use INTNETTRUNKIFPORT::pfnWaitForIdle to wait for any still
+ * active calls to complete.
+ *
+ * The netfilter employs a busy counter and an internal state in addition to the
+ * public trunk state. All these variables are protected using a spinlock.
+ *
+ *
+ * @section sec_netflt_msc Locking / Sequence Diagrams - OBSOLETE
+ *
+ * !OBSOLETE! - THIS WAS THE OLD APPROACH!
+ *
+ * This secion contains a few sequence diagrams describing the problematic
+ * transitions of a host interface filter instance.
+ *
+ * The thing that makes it all a bit problematic is that multiple events may
+ * happen at the same time, and that we have to be very careful to avoid
+ * deadlocks caused by mixing our locks with the ones in the host kernel. The
+ * main events are receive, send, async send completion, disappearance of the
+ * host networking interface and its reappearance. The latter two events are
+ * can be caused by driver unloading/loading or the device being physical
+ * unplugged (e.g. a USB network device).
+ *
+ * The strategy for dealing with these issues are:
+ * - Use a simple state machine.
+ * - Require the user (IntNet) to serialize all its calls to us,
+ * while at the same time not owning any lock used by any of the
+ * the callbacks we might call on receive and async send completion.
+ * - Make sure we're 100% idle before disconnecting, and have a
+ * disconnected status on both sides to fend off async calls.
+ * - Protect the host specific interface handle and the state variables
+ * using a spinlock.
+ *
+ *
+ * @subsection subsec_netflt_msc_dis_rel Disconnect from the network and release - OBSOLETE
+ *
+ * @msc
+ * VM, IntNet, NetFlt, Kernel, Wire;
+ *
+ * VM->IntNet [label="pkt0", linecolor="green", textcolor="green"];
+ * IntNet=>IntNet [label="Lock Network", linecolor="green", textcolor="green" ];
+ * IntNet=>IntNet [label="Route packet -> wire", linecolor="green", textcolor="green" ];
+ * IntNet=>IntNet [label="Unlock Network", linecolor="green", textcolor="green" ];
+ * IntNet=>NetFlt [label="pkt0 to wire", linecolor="green", textcolor="green" ];
+ * NetFlt=>Kernel [label="pkt0 to wire", linecolor="green", textcolor="green"];
+ * Kernel->Wire [label="pkt0 to wire", linecolor="green", textcolor="green"];
+ *
+ * --- [label="Suspending the trunk interface"];
+ * IntNet=>IntNet [label="Lock Network"];
+ *
+ * Wire->Kernel [label="pkt1 - racing us", linecolor="red", textcolor="red"];
+ * Kernel=>>NetFlt [label="pkt1 - racing us", linecolor="red", textcolor="red"];
+ * NetFlt=>>IntNet [label="pkt1 recv - blocks", linecolor="red", textcolor="red"];
+ *
+ * IntNet=>IntNet [label="Mark Trunk Suspended"];
+ * IntNet=>IntNet [label="Unlock Network"];
+ *
+ * IntNet=>NetFlt [label="pfnSetActive(false)"];
+ * NetFlt=>NetFlt [label="Mark inactive (atomic)"];
+ * IntNet<<NetFlt;
+ * IntNet=>NetFlt [label="pfnWaitForIdle(forever)"];
+ *
+ * IntNet=>>NetFlt [label="pkt1 to host", linecolor="red", textcolor="red"];
+ * NetFlt=>>Kernel [label="pkt1 to host", linecolor="red", textcolor="red"];
+ *
+ * Kernel<-Wire [label="pkt0 on wire", linecolor="green", textcolor="green"];
+ * NetFlt<<Kernel [label="pkt0 on wire", linecolor="green", textcolor="green"];
+ * IntNet<<=NetFlt [label="pfnSGRelease", linecolor="green", textcolor="green"];
+ * IntNet<<=IntNet [label="Lock Net, free SG, Unlock Net", linecolor="green", textcolor="green"];
+ * IntNet>>NetFlt [label="pfnSGRelease", linecolor="green", textcolor="green"];
+ * NetFlt<-NetFlt [label="idle", linecolor="green", textcolor="green"];
+ *
+ * IntNet<<NetFlt [label="idle (pfnWaitForIdle)"];
+ *
+ * Wire->Kernel [label="pkt2", linecolor="red", textcolor="red"];
+ * Kernel=>>NetFlt [label="pkt2", linecolor="red", textcolor="red"];
+ * NetFlt=>>Kernel [label="pkt2 to host", linecolor="red", textcolor="red"];
+ *
+ * VM->IntNet [label="pkt3", linecolor="green", textcolor="green"];
+ * IntNet=>IntNet [label="Lock Network", linecolor="green", textcolor="green" ];
+ * IntNet=>IntNet [label="Route packet -> drop", linecolor="green", textcolor="green" ];
+ * IntNet=>IntNet [label="Unlock Network", linecolor="green", textcolor="green" ];
+ *
+ * --- [label="The trunk interface is idle now, disconnect it"];
+ * IntNet=>IntNet [label="Lock Network"];
+ * IntNet=>IntNet [label="Unlink Trunk"];
+ * IntNet=>IntNet [label="Unlock Network"];
+ * IntNet=>NetFlt [label="pfnDisconnectAndRelease"];
+ * NetFlt=>Kernel [label="iflt_detach"];
+ * NetFlt<<=Kernel [label="iff_detached"];
+ * NetFlt>>Kernel [label="iff_detached"];
+ * NetFlt<<Kernel [label="iflt_detach"];
+ * NetFlt=>NetFlt [label="Release"];
+ * IntNet<<NetFlt [label="pfnDisconnectAndRelease"];
+ *
+ * @endmsc
+ *
+ *
+ *
+ * @subsection subsec_netflt_msc_hif_rm Host Interface Removal - OBSOLETE
+ *
+ * The ifnet_t (pIf) is a tricky customer as any reference to it can potentially
+ * race the filter detaching. The simple way of solving it on Darwin is to guard
+ * all access to the pIf member with a spinlock. The other host systems will
+ * probably have similar race conditions, so the spinlock is a generic thing.
+ *
+ * @msc
+ * VM, IntNet, NetFlt, Kernel;
+ *
+ * VM->IntNet [label="pkt0", linecolor="green", textcolor="green"];
+ * IntNet=>IntNet [label="Lock Network", linecolor="green", textcolor="green" ];
+ * IntNet=>IntNet [label="Route packet -> wire", linecolor="green", textcolor="green" ];
+ * IntNet=>IntNet [label="Unlock Network", linecolor="green", textcolor="green" ];
+ * IntNet=>NetFlt [label="pkt0 to wire", linecolor="green", textcolor="green" ];
+ * NetFlt=>Kernel [label="ifnet_reference w/ spinlock", linecolor="green", textcolor="green" ];
+ * NetFlt<<Kernel [label="ifnet_reference", linecolor="green", textcolor="green" ];
+ * NetFlt=>Kernel [label="pkt0 to wire (blocks)", linecolor="green", textcolor="green" ];
+ *
+ * --- [label="The host interface is being disconnected"];
+ * Kernel->NetFlt [label="iff_detached"];
+ * NetFlt=>Kernel [label="ifnet_release w/ spinlock"];
+ * NetFlt<<Kernel [label="ifnet_release"];
+ * NetFlt=>NetFlt [label="fDisconnectedFromHost=true"];
+ * NetFlt>>Kernel [label="iff_detached"];
+ *
+ * NetFlt<<Kernel [label="dropped", linecolor="green", textcolor="green"];
+ * NetFlt=>NetFlt [label="Acquire spinlock", linecolor="green", textcolor="green"];
+ * NetFlt=>Kernel [label="ifnet_release", linecolor="green", textcolor="green"];
+ * NetFlt<<Kernel [label="ifnet_release", linecolor="green", textcolor="green"];
+ * NetFlt=>NetFlt [label="pIf=NULL", linecolor="green", textcolor="green"];
+ * NetFlt=>NetFlt [label="Release spinlock", linecolor="green", textcolor="green"];
+ * IntNet<=NetFlt [label="pfnSGRelease", linecolor="green", textcolor="green"];
+ * IntNet>>NetFlt [label="pfnSGRelease", linecolor="green", textcolor="green"];
+ * IntNet<<NetFlt [label="pkt0 to wire", linecolor="green", textcolor="green"];
+ *
+ * @endmsc
+ *
+ *
+ *
+ * @subsection subsec_netflt_msc_hif_rd Host Interface Rediscovery - OBSOLETE
+ *
+ * The rediscovery is performed when we receive a send request and a certain
+ * period have elapsed since the last attempt, i.e. we're polling it. We
+ * synchronize the rediscovery with disconnection from the internal network
+ * by means of the pfnWaitForIdle call, so no special handling is required.
+ *
+ * @msc
+ * VM2, VM1, IntNet, NetFlt, Kernel, Wire;
+ *
+ * --- [label="Rediscovery conditions are not met"];
+ * VM1->IntNet [label="pkt0"];
+ * IntNet=>IntNet [label="Lock Network"];
+ * IntNet=>IntNet [label="Route packet -> wire"];
+ * IntNet=>IntNet [label="Unlock Network"];
+ * IntNet=>NetFlt [label="pkt0 to wire"];
+ * NetFlt=>NetFlt [label="Read pIf(==NULL) w/ spinlock"];
+ * IntNet<<NetFlt [label="pkt0 to wire (dropped)"];
+ *
+ * --- [label="Rediscovery conditions"];
+ * VM1->IntNet [label="pkt1"];
+ * IntNet=>IntNet [label="Lock Network"];
+ * IntNet=>IntNet [label="Route packet -> wire"];
+ * IntNet=>IntNet [label="Unlock Network"];
+ * IntNet=>NetFlt [label="pkt1 to wire"];
+ * NetFlt=>NetFlt [label="Read pIf(==NULL) w/ spinlock"];
+ * NetFlt=>NetFlt [label="fRediscoveryPending=true w/ spinlock"];
+ * NetFlt=>Kernel [label="ifnet_find_by_name"];
+ * NetFlt<<Kernel [label="ifnet_find_by_name (success)"];
+ *
+ * VM2->IntNet [label="pkt2", linecolor="red", textcolor="red"];
+ * IntNet=>IntNet [label="Lock Network", linecolor="red", textcolor="red"];
+ * IntNet=>IntNet [label="Route packet -> wire", linecolor="red", textcolor="red"];
+ * IntNet=>IntNet [label="Unlock Network", linecolor="red", textcolor="red"];
+ * IntNet=>NetFlt [label="pkt2 to wire", linecolor="red", textcolor="red"];
+ * NetFlt=>NetFlt [label="!pIf || fRediscoveryPending (w/ spinlock)", linecolor="red", textcolor="red"];
+ * IntNet<<NetFlt [label="pkt2 to wire (dropped)", linecolor="red", textcolor="red"];
+
+ * NetFlt=>Kernel [label="iflt_attach"];
+ * NetFlt<<Kernel [label="iflt_attach (success)"];
+ * NetFlt=>NetFlt [label="Acquire spinlock"];
+ * NetFlt=>NetFlt [label="Set pIf and update flags"];
+ * NetFlt=>NetFlt [label="Release spinlock"];
+ *
+ * NetFlt=>Kernel [label="pkt1 to wire"];
+ * Kernel->Wire [label="pkt1 to wire"];
+ * NetFlt<<Kernel [label="pkt1 to wire"];
+ * IntNet<<NetFlt [label="pkt1 to wire"];
+ *
+ *
+ * @endmsc
+ *
+ */
+
+
+/*********************************************************************************************************************************
+* Header Files *
+*********************************************************************************************************************************/
+#define LOG_GROUP LOG_GROUP_NET_FLT_DRV
+#include "VBoxNetFltInternal.h"
+
+#include <VBox/sup.h>
+#include <VBox/log.h>
+#include <VBox/err.h>
+#include <iprt/assert.h>
+#include <iprt/string.h>
+#include <iprt/spinlock.h>
+#include <iprt/uuid.h>
+#include <iprt/mem.h>
+#include <iprt/time.h>
+#include <iprt/semaphore.h>
+#include <iprt/thread.h>
+
+
+/*********************************************************************************************************************************
+* Defined Constants And Macros *
+*********************************************************************************************************************************/
+#define IFPORT_2_VBOXNETFLTINS(pIfPort) \
+ ( (PVBOXNETFLTINS)((uint8_t *)(pIfPort) - RT_UOFFSETOF(VBOXNETFLTINS, MyPort)) )
+
+
+AssertCompileMemberSize(VBOXNETFLTINS, enmState, sizeof(uint32_t));
+
+/**
+ * Sets the enmState member atomically.
+ *
+ * Used for all updates.
+ *
+ * @param pThis The instance.
+ * @param enmNewState The new value.
+ */
+DECLINLINE(void) vboxNetFltSetState(PVBOXNETFLTINS pThis, VBOXNETFTLINSSTATE enmNewState)
+{
+ ASMAtomicWriteU32((uint32_t volatile *)&pThis->enmState, enmNewState);
+}
+
+
+/**
+ * Gets the enmState member atomically.
+ *
+ * Used for all reads.
+ *
+ * @returns The enmState value.
+ * @param pThis The instance.
+ */
+DECLINLINE(VBOXNETFTLINSSTATE) vboxNetFltGetState(PVBOXNETFLTINS pThis)
+{
+ return (VBOXNETFTLINSSTATE)ASMAtomicUoReadU32((uint32_t volatile *)&pThis->enmState);
+}
+
+
+/**
+ * Finds a instance by its name, the caller does the locking.
+ *
+ * @returns Pointer to the instance by the given name. NULL if not found.
+ * @param pGlobals The globals.
+ * @param pszName The name of the instance.
+ */
+static PVBOXNETFLTINS vboxNetFltFindInstanceLocked(PVBOXNETFLTGLOBALS pGlobals, const char *pszName)
+{
+ PVBOXNETFLTINS pCur;
+ for (pCur = pGlobals->pInstanceHead; pCur; pCur = pCur->pNext)
+ if (!strcmp(pszName, pCur->szName))
+ return pCur;
+ return NULL;
+}
+
+
+/**
+ * Finds a instance by its name, will request the mutex.
+ *
+ * No reference to the instance is retained, we're assuming the caller to
+ * already have one but just for some reason doesn't have the pointer to it.
+ *
+ * @returns Pointer to the instance by the given name. NULL if not found.
+ * @param pGlobals The globals.
+ * @param pszName The name of the instance.
+ */
+DECLHIDDEN(PVBOXNETFLTINS) vboxNetFltFindInstance(PVBOXNETFLTGLOBALS pGlobals, const char *pszName)
+{
+ PVBOXNETFLTINS pRet;
+ int rc = RTSemFastMutexRequest(pGlobals->hFastMtx);
+ AssertRCReturn(rc, NULL);
+
+ pRet = vboxNetFltFindInstanceLocked(pGlobals, pszName);
+
+ rc = RTSemFastMutexRelease(pGlobals->hFastMtx);
+ AssertRC(rc);
+ return pRet;
+}
+
+
+/**
+ * Unlinks an instance from the chain.
+ *
+ * @param pGlobals The globals.
+ * @param pToUnlink The instance to unlink.
+ */
+static void vboxNetFltUnlinkLocked(PVBOXNETFLTGLOBALS pGlobals, PVBOXNETFLTINS pToUnlink)
+{
+ if (pGlobals->pInstanceHead == pToUnlink)
+ pGlobals->pInstanceHead = pToUnlink->pNext;
+ else
+ {
+ PVBOXNETFLTINS pCur;
+ for (pCur = pGlobals->pInstanceHead; pCur; pCur = pCur->pNext)
+ if (pCur->pNext == pToUnlink)
+ {
+ pCur->pNext = pToUnlink->pNext;
+ break;
+ }
+ Assert(pCur);
+ }
+ pToUnlink->pNext = NULL;
+}
+
+
+/**
+ * Performs interface rediscovery if it was disconnected from the host.
+ *
+ * @returns true if successfully rediscovered and connected, false if not.
+ * @param pThis The instance.
+ */
+static bool vboxNetFltMaybeRediscovered(PVBOXNETFLTINS pThis)
+{
+ uint64_t Now;
+ bool fRediscovered;
+ bool fDoIt;
+
+ /*
+ * Don't do rediscovery if we're called with preemption disabled.
+ *
+ * Note! This may cause trouble if we're always called with preemption
+ * disabled and vboxNetFltOsMaybeRediscovered actually does some real
+ * work. For the time being though, only Darwin and FreeBSD depends
+ * on these call outs and neither supports sending with preemption
+ * disabled.
+ */
+ if (!RTThreadPreemptIsEnabled(NIL_RTTHREAD))
+ return false;
+
+ /*
+ * Rediscovered already? Time to try again?
+ */
+ Now = RTTimeNanoTS();
+ RTSpinlockAcquire(pThis->hSpinlock);
+
+ fRediscovered = !ASMAtomicUoReadBool(&pThis->fDisconnectedFromHost);
+ fDoIt = !fRediscovered
+ && !ASMAtomicUoReadBool(&pThis->fRediscoveryPending)
+ && Now - ASMAtomicUoReadU64(&pThis->NanoTSLastRediscovery) > UINT64_C(5000000000); /* 5 sec */
+ if (fDoIt)
+ ASMAtomicWriteBool(&pThis->fRediscoveryPending, true);
+
+ RTSpinlockRelease(pThis->hSpinlock);
+
+ /*
+ * Call the OS specific code to do the job.
+ * Update the state when the call returns, that is everything except for
+ * the fDisconnectedFromHost flag which the OS specific code shall set.
+ */
+ if (fDoIt)
+ {
+ fRediscovered = vboxNetFltOsMaybeRediscovered(pThis);
+
+ Assert(!fRediscovered || !ASMAtomicUoReadBool(&pThis->fDisconnectedFromHost));
+
+ ASMAtomicUoWriteU64(&pThis->NanoTSLastRediscovery, RTTimeNanoTS());
+ ASMAtomicWriteBool(&pThis->fRediscoveryPending, false);
+
+ if (fRediscovered)
+ /** @todo this isn't 100% serialized. */
+ vboxNetFltPortOsSetActive(pThis, pThis->enmTrunkState == INTNETTRUNKIFSTATE_ACTIVE);
+ }
+
+ return fRediscovered;
+}
+
+
+/**
+ * @copydoc INTNETTRUNKIFPORT::pfnXmit
+ */
+static DECLCALLBACK(int) vboxNetFltPortXmit(PINTNETTRUNKIFPORT pIfPort, void *pvIfData, PINTNETSG pSG, uint32_t fDst)
+{
+ PVBOXNETFLTINS pThis = IFPORT_2_VBOXNETFLTINS(pIfPort);
+ int rc = VINF_SUCCESS;
+
+ /*
+ * Input validation.
+ */
+ AssertPtr(pThis);
+ AssertPtr(pSG);
+ Assert(pThis->MyPort.u32Version == INTNETTRUNKIFPORT_VERSION);
+ AssertReturn(vboxNetFltGetState(pThis) == kVBoxNetFltInsState_Connected, VERR_INVALID_STATE);
+
+ /*
+ * Do a busy retain and then make sure we're connected to the interface
+ * before invoking the OS specific code.
+ */
+ if (RT_LIKELY(vboxNetFltTryRetainBusyActive(pThis)))
+ {
+ if ( !ASMAtomicUoReadBool(&pThis->fDisconnectedFromHost)
+ || vboxNetFltMaybeRediscovered(pThis))
+ rc = vboxNetFltPortOsXmit(pThis, pvIfData, pSG, fDst);
+ vboxNetFltRelease(pThis, true /* fBusy */);
+ }
+
+ return rc;
+}
+
+
+/**
+ * @copydoc INTNETTRUNKIFPORT::pfnWaitForIdle
+ */
+static DECLCALLBACK(int) vboxNetFltPortWaitForIdle(PINTNETTRUNKIFPORT pIfPort, uint32_t cMillies)
+{
+ PVBOXNETFLTINS pThis = IFPORT_2_VBOXNETFLTINS(pIfPort);
+ int rc;
+
+ /*
+ * Input validation.
+ */
+ AssertPtr(pThis);
+ Assert(pThis->MyPort.u32Version == INTNETTRUNKIFPORT_VERSION);
+ AssertReturn(vboxNetFltGetState(pThis) == kVBoxNetFltInsState_Connected, VERR_INVALID_STATE);
+ AssertReturn(pThis->enmTrunkState == INTNETTRUNKIFSTATE_DISCONNECTING, VERR_INVALID_STATE);
+
+ /*
+ * Go to sleep on the semaphore after checking the busy count.
+ */
+ vboxNetFltRetain(pThis, false /* fBusy */);
+
+ rc = VINF_SUCCESS;
+ while (pThis->cBusy && RT_SUCCESS(rc))
+ rc = RTSemEventWait(pThis->hEventIdle, cMillies); /** @todo make interruptible? */
+
+ vboxNetFltRelease(pThis, false /* fBusy */);
+
+ return rc;
+}
+
+
+/**
+ * @copydoc INTNETTRUNKIFPORT::pfnSetState
+ */
+static DECLCALLBACK(INTNETTRUNKIFSTATE) vboxNetFltPortSetState(PINTNETTRUNKIFPORT pIfPort, INTNETTRUNKIFSTATE enmState)
+{
+ PVBOXNETFLTINS pThis = IFPORT_2_VBOXNETFLTINS(pIfPort);
+ INTNETTRUNKIFSTATE enmOldTrunkState;
+
+ /*
+ * Input validation.
+ */
+ AssertPtr(pThis);
+ AssertPtr(pThis->pGlobals);
+ Assert(pThis->MyPort.u32Version == INTNETTRUNKIFPORT_VERSION);
+ AssertReturn(vboxNetFltGetState(pThis) == kVBoxNetFltInsState_Connected, INTNETTRUNKIFSTATE_INVALID);
+ AssertReturn(enmState > INTNETTRUNKIFSTATE_INVALID && enmState < INTNETTRUNKIFSTATE_END,
+ INTNETTRUNKIFSTATE_INVALID);
+
+ /*
+ * Take the lock and change the state.
+ */
+ RTSpinlockAcquire(pThis->hSpinlock);
+ enmOldTrunkState = pThis->enmTrunkState;
+ if (enmOldTrunkState != enmState)
+ ASMAtomicWriteU32((uint32_t volatile *)&pThis->enmTrunkState, enmState);
+ RTSpinlockRelease(pThis->hSpinlock);
+
+ /*
+ * If the state change indicates that the trunk has become active or
+ * inactive, call the OS specific part so they can work the promiscuous
+ * settings and such.
+ * Note! The caller makes sure there are no concurrent pfnSetState calls.
+ */
+ if ((enmOldTrunkState == INTNETTRUNKIFSTATE_ACTIVE) != (enmState == INTNETTRUNKIFSTATE_ACTIVE))
+ vboxNetFltPortOsSetActive(pThis, (enmState == INTNETTRUNKIFSTATE_ACTIVE));
+
+ return enmOldTrunkState;
+}
+
+
+/**
+ * @copydoc INTNETTRUNKIFPORT::pfnNotifyMacAddress
+ */
+static DECLCALLBACK(void) vboxNetFltPortNotifyMacAddress(PINTNETTRUNKIFPORT pIfPort, void *pvIfData, PCRTMAC pMac)
+{
+ PVBOXNETFLTINS pThis = IFPORT_2_VBOXNETFLTINS(pIfPort);
+
+ /*
+ * Input validation.
+ */
+ AssertPtr(pThis);
+ Assert(pThis->MyPort.u32Version == INTNETTRUNKIFPORT_VERSION);
+
+ vboxNetFltRetain(pThis, false /* fBusy */);
+ vboxNetFltPortOsNotifyMacAddress(pThis, pvIfData, pMac);
+ vboxNetFltRelease(pThis, false /* fBusy */);
+}
+
+
+/**
+ * @copydoc INTNETTRUNKIFPORT::pfnConnectInterface
+ */
+static DECLCALLBACK(int) vboxNetFltPortConnectInterface(PINTNETTRUNKIFPORT pIfPort, void *pvIf, void **ppvIfData)
+{
+ PVBOXNETFLTINS pThis = IFPORT_2_VBOXNETFLTINS(pIfPort);
+ int rc;
+
+ /*
+ * Input validation.
+ */
+ AssertPtr(pThis);
+ Assert(pThis->MyPort.u32Version == INTNETTRUNKIFPORT_VERSION);
+
+ vboxNetFltRetain(pThis, false /* fBusy */);
+ rc = vboxNetFltPortOsConnectInterface(pThis, pvIf, ppvIfData);
+ vboxNetFltRelease(pThis, false /* fBusy */);
+
+ return rc;
+}
+
+
+/**
+ * @copydoc INTNETTRUNKIFPORT::pfnDisconnectInterface
+ */
+static DECLCALLBACK(void) vboxNetFltPortDisconnectInterface(PINTNETTRUNKIFPORT pIfPort, void *pvIfData)
+{
+ PVBOXNETFLTINS pThis = IFPORT_2_VBOXNETFLTINS(pIfPort);
+ int rc;
+
+ /*
+ * Input validation.
+ */
+ AssertPtr(pThis);
+ Assert(pThis->MyPort.u32Version == INTNETTRUNKIFPORT_VERSION);
+
+ vboxNetFltRetain(pThis, false /* fBusy */);
+ rc = vboxNetFltPortOsDisconnectInterface(pThis, pvIfData);
+ vboxNetFltRelease(pThis, false /* fBusy */);
+ AssertRC(rc); /** @todo fix vboxNetFltPortOsDisconnectInterface. */
+}
+
+
+/**
+ * @copydoc INTNETTRUNKIFPORT::pfnDisconnectAndRelease
+ */
+static DECLCALLBACK(void) vboxNetFltPortDisconnectAndRelease(PINTNETTRUNKIFPORT pIfPort)
+{
+ PVBOXNETFLTINS pThis = IFPORT_2_VBOXNETFLTINS(pIfPort);
+
+ /*
+ * Serious paranoia.
+ */
+ AssertPtr(pThis);
+ Assert(pThis->MyPort.u32Version == INTNETTRUNKIFPORT_VERSION);
+ Assert(pThis->MyPort.u32VersionEnd == INTNETTRUNKIFPORT_VERSION);
+ AssertPtr(pThis->pGlobals);
+ Assert(pThis->hEventIdle != NIL_RTSEMEVENT);
+ Assert(pThis->hSpinlock != NIL_RTSPINLOCK);
+ Assert(pThis->szName[0]);
+
+ Assert(vboxNetFltGetState(pThis) == kVBoxNetFltInsState_Connected);
+ Assert(pThis->enmTrunkState == INTNETTRUNKIFSTATE_DISCONNECTING);
+ Assert(!pThis->fRediscoveryPending);
+ Assert(!pThis->cBusy);
+
+ /*
+ * Disconnect and release it.
+ */
+ RTSpinlockAcquire(pThis->hSpinlock);
+ vboxNetFltSetState(pThis, kVBoxNetFltInsState_Disconnecting);
+ RTSpinlockRelease(pThis->hSpinlock);
+
+ vboxNetFltOsDisconnectIt(pThis);
+ pThis->pSwitchPort = NULL;
+
+#ifdef VBOXNETFLT_STATIC_CONFIG
+ RTSpinlockAcquire(pThis->hSpinlock);
+ vboxNetFltSetState(pThis, kVBoxNetFltInsState_Unconnected);
+ RTSpinlockRelease(pThis->hSpinlock);
+#endif
+
+ vboxNetFltRelease(pThis, false /* fBusy */);
+}
+
+
+/**
+ * Destroy a device that has been disconnected from the switch.
+ *
+ * @returns true if the instance is destroyed, false otherwise.
+ * @param pThis The instance to be destroyed. This is
+ * no longer valid when this function returns.
+ */
+static bool vboxNetFltDestroyInstance(PVBOXNETFLTINS pThis)
+{
+ PVBOXNETFLTGLOBALS pGlobals = pThis->pGlobals;
+ uint32_t cRefs = ASMAtomicUoReadU32((uint32_t volatile *)&pThis->cRefs);
+ int rc;
+ LogFlow(("vboxNetFltDestroyInstance: pThis=%p (%s)\n", pThis, pThis->szName));
+
+ /*
+ * Validate the state.
+ */
+#ifdef VBOXNETFLT_STATIC_CONFIG
+ Assert( vboxNetFltGetState(pThis) == kVBoxNetFltInsState_Disconnecting
+ || vboxNetFltGetState(pThis) == kVBoxNetFltInsState_Unconnected);
+#else
+ Assert(vboxNetFltGetState(pThis) == kVBoxNetFltInsState_Disconnecting);
+#endif
+ Assert(pThis->enmTrunkState == INTNETTRUNKIFSTATE_DISCONNECTING);
+ Assert(!pThis->fRediscoveryPending);
+ Assert(!pThis->cRefs);
+ Assert(!pThis->cBusy);
+ Assert(!pThis->pSwitchPort);
+
+ /*
+ * Make sure the state is 'disconnecting' / 'destroying' and let the OS
+ * specific code do its part of the cleanup outside the mutex.
+ */
+ rc = RTSemFastMutexRequest(pGlobals->hFastMtx); AssertRC(rc);
+ vboxNetFltSetState(pThis, kVBoxNetFltInsState_Disconnecting);
+ RTSemFastMutexRelease(pGlobals->hFastMtx);
+
+ vboxNetFltOsDeleteInstance(pThis);
+
+ /*
+ * Unlink the instance and free up its resources.
+ */
+ rc = RTSemFastMutexRequest(pGlobals->hFastMtx); AssertRC(rc);
+ vboxNetFltSetState(pThis, kVBoxNetFltInsState_Destroyed);
+ vboxNetFltUnlinkLocked(pGlobals, pThis);
+ RTSemFastMutexRelease(pGlobals->hFastMtx);
+
+ RTSemEventDestroy(pThis->hEventIdle);
+ pThis->hEventIdle = NIL_RTSEMEVENT;
+ RTSpinlockDestroy(pThis->hSpinlock);
+ pThis->hSpinlock = NIL_RTSPINLOCK;
+ RTMemFree(pThis);
+
+ NOREF(cRefs);
+
+ return true;
+}
+
+
+/**
+ * Releases a reference to the specified instance.
+ *
+ * This method will destroy the instance when the count reaches 0.
+ * It will also take care of decrementing the counter and idle wakeup.
+ *
+ * @param pThis The instance.
+ * @param fBusy Whether the busy counter should be decremented too.
+ */
+DECLHIDDEN(void) vboxNetFltRelease(PVBOXNETFLTINS pThis, bool fBusy)
+{
+ uint32_t cRefs;
+
+ /*
+ * Paranoid Android.
+ */
+ AssertPtr(pThis);
+ Assert(pThis->MyPort.u32Version == INTNETTRUNKIFPORT_VERSION);
+ Assert(pThis->MyPort.u32VersionEnd == INTNETTRUNKIFPORT_VERSION);
+ Assert( vboxNetFltGetState(pThis) > kVBoxNetFltInsState_Invalid
+ && vboxNetFltGetState(pThis) < kVBoxNetFltInsState_Destroyed);
+ AssertPtr(pThis->pGlobals);
+ Assert(pThis->hEventIdle != NIL_RTSEMEVENT);
+ Assert(pThis->hSpinlock != NIL_RTSPINLOCK);
+ Assert(pThis->szName[0]);
+
+ /*
+ * Work the busy counter.
+ */
+ if (fBusy)
+ {
+ cRefs = ASMAtomicDecU32(&pThis->cBusy);
+ if (!cRefs)
+ {
+ int rc = RTSemEventSignal(pThis->hEventIdle);
+ AssertRC(rc);
+ }
+ else
+ Assert(cRefs < UINT32_MAX / 2);
+ }
+
+ /*
+ * The object reference counting.
+ */
+ cRefs = ASMAtomicDecU32(&pThis->cRefs);
+ if (!cRefs)
+ vboxNetFltDestroyInstance(pThis);
+ else
+ Assert(cRefs < UINT32_MAX / 2);
+}
+
+
+/**
+ * @copydoc INTNETTRUNKIFPORT::pfnRelease
+ */
+static DECLCALLBACK(void) vboxNetFltPortRelease(PINTNETTRUNKIFPORT pIfPort)
+{
+ PVBOXNETFLTINS pThis = IFPORT_2_VBOXNETFLTINS(pIfPort);
+ vboxNetFltRelease(pThis, false /* fBusy */);
+}
+
+
+/**
+ * @callback_method_impl{FNINTNETTRUNKIFPORTRELEASEBUSY}
+ */
+DECL_HIDDEN_CALLBACK(void) vboxNetFltPortReleaseBusy(PINTNETTRUNKIFPORT pIfPort)
+{
+ PVBOXNETFLTINS pThis = IFPORT_2_VBOXNETFLTINS(pIfPort);
+ vboxNetFltRelease(pThis, true /*fBusy*/);
+}
+
+
+/**
+ * Retains a reference to the specified instance and a busy reference too.
+ *
+ * @param pThis The instance.
+ * @param fBusy Whether the busy counter should be incremented as well.
+ */
+DECLHIDDEN(void) vboxNetFltRetain(PVBOXNETFLTINS pThis, bool fBusy)
+{
+ uint32_t cRefs;
+
+ /*
+ * Paranoid Android.
+ */
+ AssertPtr(pThis);
+ Assert(pThis->MyPort.u32Version == INTNETTRUNKIFPORT_VERSION);
+ Assert(pThis->MyPort.u32VersionEnd == INTNETTRUNKIFPORT_VERSION);
+ Assert( vboxNetFltGetState(pThis) > kVBoxNetFltInsState_Invalid
+ && vboxNetFltGetState(pThis) < kVBoxNetFltInsState_Destroyed);
+ AssertPtr(pThis->pGlobals);
+ Assert(pThis->hEventIdle != NIL_RTSEMEVENT);
+ Assert(pThis->hSpinlock != NIL_RTSPINLOCK);
+ Assert(pThis->szName[0]);
+
+ /*
+ * Retain the object.
+ */
+ cRefs = ASMAtomicIncU32(&pThis->cRefs);
+ Assert(cRefs > 1 && cRefs < UINT32_MAX / 2);
+
+ /*
+ * Work the busy counter.
+ */
+ if (fBusy)
+ {
+ cRefs = ASMAtomicIncU32(&pThis->cBusy);
+ Assert(cRefs > 0 && cRefs < UINT32_MAX / 2);
+ }
+
+ NOREF(cRefs);
+}
+
+
+/**
+ * Tries to retain the device as busy if the trunk is active.
+ *
+ * This is used before calling pfnRecv or pfnPreRecv.
+ *
+ * @returns true if we succeeded in retaining a busy reference to the active
+ * device. false if we failed.
+ * @param pThis The instance.
+ */
+DECLHIDDEN(bool) vboxNetFltTryRetainBusyActive(PVBOXNETFLTINS pThis)
+{
+ uint32_t cRefs;
+ bool fRc;
+
+ /*
+ * Paranoid Android.
+ */
+ AssertPtr(pThis);
+ Assert(pThis->MyPort.u32Version == INTNETTRUNKIFPORT_VERSION);
+ Assert(pThis->MyPort.u32VersionEnd == INTNETTRUNKIFPORT_VERSION);
+ Assert( vboxNetFltGetState(pThis) > kVBoxNetFltInsState_Invalid
+ && vboxNetFltGetState(pThis) < kVBoxNetFltInsState_Destroyed);
+ AssertPtr(pThis->pGlobals);
+ Assert(pThis->hEventIdle != NIL_RTSEMEVENT);
+ Assert(pThis->hSpinlock != NIL_RTSPINLOCK);
+ Assert(pThis->szName[0]);
+
+ /*
+ * Do the retaining and checking behind the spinlock.
+ */
+ RTSpinlockAcquire(pThis->hSpinlock);
+ fRc = pThis->enmTrunkState == INTNETTRUNKIFSTATE_ACTIVE;
+ if (fRc)
+ {
+ cRefs = ASMAtomicIncU32(&pThis->cRefs);
+ AssertMsg(cRefs > 1 && cRefs < UINT32_MAX / 2, ("%d\n", cRefs)); NOREF(cRefs);
+
+ cRefs = ASMAtomicIncU32(&pThis->cBusy);
+ AssertMsg(cRefs >= 1 && cRefs < UINT32_MAX / 2, ("%d\n", cRefs)); NOREF(cRefs);
+ }
+ RTSpinlockRelease(pThis->hSpinlock);
+
+ return fRc;
+}
+
+
+/**
+ * Tries to retain the device as busy if the trunk is not disconnecting.
+ *
+ * This is used before reporting stuff to the internal network.
+ *
+ * @returns true if we succeeded in retaining a busy reference to the active
+ * device. false if we failed.
+ * @param pThis The instance.
+ */
+DECLHIDDEN(bool) vboxNetFltTryRetainBusyNotDisconnected(PVBOXNETFLTINS pThis)
+{
+ uint32_t cRefs;
+ bool fRc;
+
+ /*
+ * Paranoid Android.
+ */
+ AssertPtr(pThis);
+ Assert(pThis->MyPort.u32Version == INTNETTRUNKIFPORT_VERSION);
+ Assert(pThis->MyPort.u32VersionEnd == INTNETTRUNKIFPORT_VERSION);
+ Assert( vboxNetFltGetState(pThis) > kVBoxNetFltInsState_Invalid
+ && vboxNetFltGetState(pThis) < kVBoxNetFltInsState_Destroyed);
+ AssertPtr(pThis->pGlobals);
+ Assert(pThis->hEventIdle != NIL_RTSEMEVENT);
+ Assert(pThis->hSpinlock != NIL_RTSPINLOCK);
+ Assert(pThis->szName[0]);
+
+ /*
+ * Do the retaining and checking behind the spinlock.
+ */
+ RTSpinlockAcquire(pThis->hSpinlock);
+ fRc = pThis->enmTrunkState == INTNETTRUNKIFSTATE_ACTIVE
+ || pThis->enmTrunkState == INTNETTRUNKIFSTATE_INACTIVE;
+ if (fRc)
+ {
+ cRefs = ASMAtomicIncU32(&pThis->cRefs);
+ AssertMsg(cRefs > 1 && cRefs < UINT32_MAX / 2, ("%d\n", cRefs)); NOREF(cRefs);
+
+ cRefs = ASMAtomicIncU32(&pThis->cBusy);
+ AssertMsg(cRefs >= 1 && cRefs < UINT32_MAX / 2, ("%d\n", cRefs)); NOREF(cRefs);
+ }
+ RTSpinlockRelease(pThis->hSpinlock);
+
+ return fRc;
+}
+
+
+/**
+ * @copydoc INTNETTRUNKIFPORT::pfnRetain
+ */
+static DECLCALLBACK(void) vboxNetFltPortRetain(PINTNETTRUNKIFPORT pIfPort)
+{
+ PVBOXNETFLTINS pThis = IFPORT_2_VBOXNETFLTINS(pIfPort);
+ vboxNetFltRetain(pThis, false /* fBusy */);
+}
+
+
+/**
+ * Connects the instance to the specified switch port.
+ *
+ * Called while owning the lock. We're ASSUMING that the internal
+ * networking code is already owning an recursive mutex, so, there
+ * will be no deadlocks when vboxNetFltOsConnectIt calls back into
+ * it for setting preferences.
+ *
+ * @returns VBox status code.
+ * @param pThis The instance.
+ * @param pSwitchPort The port on the internal network 'switch'.
+ * @param ppIfPort Where to return our port interface.
+ */
+static int vboxNetFltConnectIt(PVBOXNETFLTINS pThis, PINTNETTRUNKSWPORT pSwitchPort, PINTNETTRUNKIFPORT *ppIfPort)
+{
+ int rc;
+
+ /*
+ * Validate state.
+ */
+ Assert(!pThis->fRediscoveryPending);
+ Assert(!pThis->cBusy);
+#ifdef VBOXNETFLT_STATIC_CONFIG
+ Assert(vboxNetFltGetState(pThis) == kVBoxNetFltInsState_Unconnected);
+#else
+ Assert(vboxNetFltGetState(pThis) == kVBoxNetFltInsState_Initializing);
+#endif
+ Assert(pThis->enmTrunkState == INTNETTRUNKIFSTATE_INACTIVE);
+
+ /*
+ * Do the job.
+ * Note that we're calling the os stuff while owning the semaphore here.
+ */
+ pThis->pSwitchPort = pSwitchPort;
+ rc = vboxNetFltOsConnectIt(pThis);
+ if (RT_SUCCESS(rc))
+ {
+ vboxNetFltSetState(pThis, kVBoxNetFltInsState_Connected);
+ *ppIfPort = &pThis->MyPort;
+ }
+ else
+ pThis->pSwitchPort = NULL;
+
+ Assert(pThis->enmTrunkState == INTNETTRUNKIFSTATE_INACTIVE);
+ return rc;
+}
+
+
+/**
+ * Creates a new instance.
+ *
+ * The new instance will be in the suspended state in a dynamic config and in
+ * the inactive in a static one.
+ *
+ * Called without owning the lock, but will request is several times.
+ *
+ * @returns VBox status code.
+ * @param pGlobals The globals.
+ * @param pszName The instance name.
+ * @param pSwitchPort The port on the switch that we're connected with (dynamic only).
+ * @param fNoPromisc Do not attempt going into promiscuous mode.
+ * @param pvContext Context argument for vboxNetFltOsInitInstance.
+ * @param ppIfPort Where to store the pointer to our port interface (dynamic only).
+ */
+static int vboxNetFltNewInstance(PVBOXNETFLTGLOBALS pGlobals, const char *pszName, PINTNETTRUNKSWPORT pSwitchPort,
+ bool fNoPromisc, void *pvContext, PINTNETTRUNKIFPORT *ppIfPort)
+{
+ /*
+ * Allocate and initialize a new instance before requesting the mutex.
+ * Note! That in a static config we'll initialize the trunk state to
+ * disconnecting and flip it in vboxNetFltFactoryCreateAndConnect
+ * later on. This better reflext the state and it works better with
+ * assertions in the destruction path.
+ */
+ int rc;
+ size_t const cchName = strlen(pszName);
+ PVBOXNETFLTINS pNew = (PVBOXNETFLTINS)RTMemAllocZVar(RT_UOFFSETOF_DYN(VBOXNETFLTINS, szName[cchName + 1]));
+ if (!pNew)
+ return VERR_INTNET_FLT_IF_FAILED;
+ AssertMsg(((uintptr_t)pNew & 7) == 0, ("%p LB %#x\n", pNew, RT_UOFFSETOF_DYN(VBOXNETFLTINS, szName[cchName + 1])));
+ pNew->pNext = NULL;
+ pNew->MyPort.u32Version = INTNETTRUNKIFPORT_VERSION;
+ pNew->MyPort.pfnRetain = vboxNetFltPortRetain;
+ pNew->MyPort.pfnRelease = vboxNetFltPortRelease;
+ pNew->MyPort.pfnDisconnectAndRelease= vboxNetFltPortDisconnectAndRelease;
+ pNew->MyPort.pfnSetState = vboxNetFltPortSetState;
+ pNew->MyPort.pfnWaitForIdle = vboxNetFltPortWaitForIdle;
+ pNew->MyPort.pfnXmit = vboxNetFltPortXmit;
+ pNew->MyPort.pfnNotifyMacAddress = vboxNetFltPortNotifyMacAddress;
+ pNew->MyPort.pfnConnectInterface = vboxNetFltPortConnectInterface;
+ pNew->MyPort.pfnDisconnectInterface = vboxNetFltPortDisconnectInterface;
+ pNew->MyPort.u32VersionEnd = INTNETTRUNKIFPORT_VERSION;
+ pNew->pSwitchPort = pSwitchPort;
+ pNew->pGlobals = pGlobals;
+ pNew->hSpinlock = NIL_RTSPINLOCK;
+ pNew->enmState = kVBoxNetFltInsState_Initializing;
+#ifdef VBOXNETFLT_STATIC_CONFIG
+ pNew->enmTrunkState = INTNETTRUNKIFSTATE_DISCONNECTING;
+#else
+ pNew->enmTrunkState = INTNETTRUNKIFSTATE_INACTIVE;
+#endif
+ pNew->fDisconnectedFromHost = false;
+ pNew->fRediscoveryPending = false;
+ pNew->fDisablePromiscuous = fNoPromisc;
+ pNew->NanoTSLastRediscovery = INT64_MAX;
+ pNew->cRefs = 1;
+ pNew->cBusy = 0;
+ pNew->hEventIdle = NIL_RTSEMEVENT;
+ memcpy(pNew->szName, pszName, cchName + 1);
+
+ rc = RTSpinlockCreate(&pNew->hSpinlock, RTSPINLOCK_FLAGS_INTERRUPT_SAFE, "VBoxNetFltNewInstance");
+ if (RT_SUCCESS(rc))
+ {
+ rc = RTSemEventCreate(&pNew->hEventIdle);
+ if (RT_SUCCESS(rc))
+ {
+ rc = vboxNetFltOsPreInitInstance(pNew);
+ if (RT_SUCCESS(rc))
+ {
+ /*
+ * Insert the instance into the chain, checking for
+ * duplicates first of course (race).
+ */
+ rc = RTSemFastMutexRequest(pGlobals->hFastMtx);
+ if (RT_SUCCESS(rc))
+ {
+ if (!vboxNetFltFindInstanceLocked(pGlobals, pszName))
+ {
+ pNew->pNext = pGlobals->pInstanceHead;
+ pGlobals->pInstanceHead = pNew;
+ RTSemFastMutexRelease(pGlobals->hFastMtx);
+
+ /*
+ * Call the OS specific initialization code.
+ */
+ rc = vboxNetFltOsInitInstance(pNew, pvContext);
+ RTSemFastMutexRequest(pGlobals->hFastMtx);
+ if (RT_SUCCESS(rc))
+ {
+#ifdef VBOXNETFLT_STATIC_CONFIG
+ /*
+ * Static instances are unconnected at birth.
+ */
+ Assert(!pSwitchPort);
+ pNew->enmState = kVBoxNetFltInsState_Unconnected;
+ RTSemFastMutexRelease(pGlobals->hFastMtx);
+ *ppIfPort = &pNew->MyPort;
+ return rc;
+
+#else /* !VBOXNETFLT_STATIC_CONFIG */
+ /*
+ * Connect it as well, the OS specific bits has to be done outside
+ * the lock as they may call back to into intnet.
+ */
+ rc = vboxNetFltConnectIt(pNew, pSwitchPort, ppIfPort);
+ if (RT_SUCCESS(rc))
+ {
+ RTSemFastMutexRelease(pGlobals->hFastMtx);
+ Assert(*ppIfPort == &pNew->MyPort);
+ return rc;
+ }
+
+ /* Bail out (failed). */
+ vboxNetFltOsDeleteInstance(pNew);
+#endif /* !VBOXNETFLT_STATIC_CONFIG */
+ }
+ vboxNetFltUnlinkLocked(pGlobals, pNew);
+ }
+ else
+ rc = VERR_INTNET_FLT_IF_BUSY;
+ RTSemFastMutexRelease(pGlobals->hFastMtx);
+ }
+ }
+ RTSemEventDestroy(pNew->hEventIdle);
+ }
+ RTSpinlockDestroy(pNew->hSpinlock);
+ }
+
+ RTMemFree(pNew);
+ return rc;
+}
+
+
+#ifdef VBOXNETFLT_STATIC_CONFIG
+/**
+ * Searches for the NetFlt instance by its name and creates the new one if not found.
+ *
+ * @returns VBox status code.
+ * @retval VINF_SUCCESS and *ppInstance if a new instance was created.
+ * @retval VINF_ALREADY_INITIALIZED and *ppInstance if an instance already exists.
+ *
+ * @param pGlobal Pointer to the globals.
+ * @param pszName The instance name.
+ * @param ppInstance Where to return the instance pointer on success.
+ * @param pvContext Context which needs to be passed along to vboxNetFltOsInitInstance.
+ */
+DECLHIDDEN(int) vboxNetFltSearchCreateInstance(PVBOXNETFLTGLOBALS pGlobals, const char *pszName, PVBOXNETFLTINS *ppInstance, void *pvContext)
+{
+ PINTNETTRUNKIFPORT pIfPort;
+ PVBOXNETFLTINS pCur;
+ VBOXNETFTLINSSTATE enmState;
+ int rc;
+
+ *ppInstance = NULL;
+ rc = RTSemFastMutexRequest(pGlobals->hFastMtx);
+ AssertRCReturn(rc, rc);
+
+ /*
+ * Look for an existing instance in the list.
+ *
+ * There might be an existing one in the list if the driver was unbound
+ * while it was connected to an internal network. We're running into
+ * a destruction race that is a bit similar to the one in
+ * vboxNetFltFactoryCreateAndConnect, only the roles are reversed
+ * and we're not in a position to back down. Instead of backing down
+ * we'll delay a bit giving the other thread time to complete the
+ * destructor.
+ */
+ pCur = vboxNetFltFindInstanceLocked(pGlobals, pszName);
+ while (pCur)
+ {
+ uint32_t cRefs = ASMAtomicIncU32(&pCur->cRefs);
+ if (cRefs > 1)
+ {
+ enmState = vboxNetFltGetState(pCur);
+ switch (enmState)
+ {
+ case kVBoxNetFltInsState_Unconnected:
+ case kVBoxNetFltInsState_Connected:
+ case kVBoxNetFltInsState_Disconnecting:
+ if (pCur->fDisconnectedFromHost)
+ {
+ /* Wait for it to exit the transitional disconnecting
+ state. It might otherwise be running the risk of
+ upsetting the OS specific code... */
+ /** @todo This reconnect stuff should be serialized correctly for static
+ * devices. Shouldn't it? In the dynamic case we're using the INTNET
+ * outbound thunk lock, but that doesn't quite cut it here, or does
+ * it? We could either transition to initializing or make a callback
+ * while owning the mutex here... */
+ if (enmState == kVBoxNetFltInsState_Disconnecting)
+ {
+ do
+ {
+ RTSemFastMutexRelease(pGlobals->hFastMtx);
+ RTThreadSleep(2); /* (2ms) */
+ RTSemFastMutexRequest(pGlobals->hFastMtx);
+ enmState = vboxNetFltGetState(pCur);
+ }
+ while (enmState == kVBoxNetFltInsState_Disconnecting);
+ AssertMsg(enmState == kVBoxNetFltInsState_Unconnected, ("%d\n", enmState));
+ Assert(pCur->fDisconnectedFromHost);
+ }
+
+ RTSemFastMutexRelease(pGlobals->hFastMtx);
+ *ppInstance = pCur;
+ return VINF_ALREADY_INITIALIZED;
+ }
+ /* fall thru */
+
+ default:
+ {
+ bool fDfH = pCur->fDisconnectedFromHost;
+ RTSemFastMutexRelease(pGlobals->hFastMtx);
+ vboxNetFltRelease(pCur, false /* fBusy */);
+ LogRel(("VBoxNetFlt: Huh? An instance of '%s' already exists! [pCur=%p cRefs=%d fDfH=%RTbool enmState=%d]\n",
+ pszName, pCur, cRefs - 1, fDfH, enmState));
+ *ppInstance = NULL;
+ return VERR_INTNET_FLT_IF_BUSY;
+ }
+ }
+ }
+
+ /* Zero references, it's being destroyed. Delay a bit so the destructor
+ can finish its work and try again. (vboxNetFltNewInstance will fail
+ with duplicate name if we don't.) */
+# ifdef RT_STRICT
+ Assert(cRefs == 1);
+ enmState = vboxNetFltGetState(pCur);
+ AssertMsg( enmState == kVBoxNetFltInsState_Unconnected
+ || enmState == kVBoxNetFltInsState_Disconnecting
+ || enmState == kVBoxNetFltInsState_Destroyed, ("%d\n", enmState));
+# endif
+ ASMAtomicDecU32(&pCur->cRefs);
+ RTSemFastMutexRelease(pGlobals->hFastMtx);
+ RTThreadSleep(2); /* (2ms) */
+ rc = RTSemFastMutexRequest(pGlobals->hFastMtx);
+ AssertRCReturn(rc, rc);
+
+ /* try again */
+ pCur = vboxNetFltFindInstanceLocked(pGlobals, pszName);
+ }
+
+ RTSemFastMutexRelease(pGlobals->hFastMtx);
+
+ /*
+ * Try create a new instance.
+ * (fNoPromisc is overridden in the vboxNetFltFactoryCreateAndConnect path, so pass true here.)
+ */
+ rc = vboxNetFltNewInstance(pGlobals, pszName, NULL, true /* fNoPromisc */, pvContext, &pIfPort);
+ if (RT_SUCCESS(rc))
+ *ppInstance = IFPORT_2_VBOXNETFLTINS(pIfPort);
+ else
+ *ppInstance = NULL;
+
+ return rc;
+}
+#endif /* VBOXNETFLT_STATIC_CONFIG */
+
+
+/**
+ * @copydoc INTNETTRUNKFACTORY::pfnCreateAndConnect
+ */
+static DECLCALLBACK(int) vboxNetFltFactoryCreateAndConnect(PINTNETTRUNKFACTORY pIfFactory, const char *pszName,
+ PINTNETTRUNKSWPORT pSwitchPort, uint32_t fFlags,
+ PINTNETTRUNKIFPORT *ppIfPort)
+{
+ PVBOXNETFLTGLOBALS pGlobals = (PVBOXNETFLTGLOBALS)((uint8_t *)pIfFactory - RT_UOFFSETOF(VBOXNETFLTGLOBALS, TrunkFactory));
+ PVBOXNETFLTINS pCur;
+ int rc;
+
+ LogFlow(("vboxNetFltFactoryCreateAndConnect: pszName=%p:{%s} fFlags=%#x\n", pszName, pszName, fFlags));
+ Assert(pGlobals->cFactoryRefs > 0);
+ AssertMsgReturn(!(fFlags & ~(INTNETTRUNKFACTORY_FLAG_NO_PROMISC)),
+ ("%#x\n", fFlags), VERR_INVALID_PARAMETER);
+
+ /*
+ * Static: Find instance, check if busy, connect if not.
+ * Dynamic: Check for duplicate / busy interface instance.
+ */
+ rc = RTSemFastMutexRequest(pGlobals->hFastMtx);
+ AssertRCReturn(rc, rc);
+
+//#if defined(VBOXNETADP) && defined(RT_OS_WINDOWS)
+// /* temporary hack to pick up the first adapter */
+// pCur = pGlobals->pInstanceHead; /** @todo Don't for get to remove this temporary hack... :-) */
+//#else
+ pCur = vboxNetFltFindInstanceLocked(pGlobals, pszName);
+//#endif
+ if (pCur)
+ {
+#ifdef VBOXNETFLT_STATIC_CONFIG
+ /* Try grab a reference. If the count had already reached zero we're racing the
+ destructor code and must back down. */
+ uint32_t cRefs = ASMAtomicIncU32(&pCur->cRefs);
+ if (cRefs > 1)
+ {
+ if (vboxNetFltGetState(pCur) == kVBoxNetFltInsState_Unconnected)
+ {
+ pCur->enmTrunkState = INTNETTRUNKIFSTATE_INACTIVE; /** @todo protect me? */
+ pCur->fDisablePromiscuous = !!(fFlags & INTNETTRUNKFACTORY_FLAG_NO_PROMISC);
+ rc = vboxNetFltConnectIt(pCur, pSwitchPort, ppIfPort);
+ if (RT_SUCCESS(rc))
+ pCur = NULL; /* Don't release it, reference given to the caller. */
+ else
+ pCur->enmTrunkState = INTNETTRUNKIFSTATE_DISCONNECTING;
+ }
+ else
+ rc = VERR_INTNET_FLT_IF_BUSY;
+ }
+ else
+ {
+ Assert(cRefs == 1);
+ ASMAtomicDecU32(&pCur->cRefs);
+ pCur = NULL; /* nothing to release */
+ rc = VERR_INTNET_FLT_IF_NOT_FOUND;
+ }
+
+ RTSemFastMutexRelease(pGlobals->hFastMtx);
+ if (pCur)
+ vboxNetFltRelease(pCur, false /* fBusy */);
+#else
+ rc = VERR_INTNET_FLT_IF_BUSY;
+ RTSemFastMutexRelease(pGlobals->hFastMtx);
+#endif
+ LogFlow(("vboxNetFltFactoryCreateAndConnect: returns %Rrc\n", rc));
+ return rc;
+ }
+
+ RTSemFastMutexRelease(pGlobals->hFastMtx);
+
+#ifdef VBOXNETFLT_STATIC_CONFIG
+ rc = VERR_INTNET_FLT_IF_NOT_FOUND;
+#else
+ /*
+ * Dynamically create a new instance.
+ */
+ rc = vboxNetFltNewInstance(pGlobals,
+ pszName,
+ pSwitchPort,
+ !!(fFlags & INTNETTRUNKFACTORY_FLAG_NO_PROMISC),
+ NULL,
+ ppIfPort);
+#endif
+ LogFlow(("vboxNetFltFactoryCreateAndConnect: returns %Rrc\n", rc));
+ return rc;
+}
+
+
+/**
+ * @copydoc INTNETTRUNKFACTORY::pfnRelease
+ */
+static DECLCALLBACK(void) vboxNetFltFactoryRelease(PINTNETTRUNKFACTORY pIfFactory)
+{
+ PVBOXNETFLTGLOBALS pGlobals = (PVBOXNETFLTGLOBALS)((uint8_t *)pIfFactory - RT_UOFFSETOF(VBOXNETFLTGLOBALS, TrunkFactory));
+
+ int32_t cRefs = ASMAtomicDecS32(&pGlobals->cFactoryRefs);
+ Assert(cRefs >= 0); NOREF(cRefs);
+ LogFlow(("vboxNetFltFactoryRelease: cRefs=%d (new)\n", cRefs));
+}
+
+
+/**
+ * Implements the SUPDRV component factor interface query method.
+ *
+ * @returns Pointer to an interface. NULL if not supported.
+ *
+ * @param pSupDrvFactory Pointer to the component factory registration structure.
+ * @param pSession The session - unused.
+ * @param pszInterfaceUuid The factory interface id.
+ */
+static DECLCALLBACK(void *) vboxNetFltQueryFactoryInterface(PCSUPDRVFACTORY pSupDrvFactory, PSUPDRVSESSION pSession,
+ const char *pszInterfaceUuid)
+{
+ PVBOXNETFLTGLOBALS pGlobals = (PVBOXNETFLTGLOBALS)((uint8_t *)pSupDrvFactory - RT_UOFFSETOF(VBOXNETFLTGLOBALS, SupDrvFactory));
+
+ /*
+ * Convert the UUID strings and compare them.
+ */
+ RTUUID UuidReq;
+ int rc = RTUuidFromStr(&UuidReq, pszInterfaceUuid);
+ if (RT_SUCCESS(rc))
+ {
+ if (!RTUuidCompareStr(&UuidReq, INTNETTRUNKFACTORY_UUID_STR))
+ {
+ ASMAtomicIncS32(&pGlobals->cFactoryRefs);
+ return &pGlobals->TrunkFactory;
+ }
+#ifdef LOG_ENABLED
+ /* log legacy queries */
+ /* else if (!RTUuidCompareStr(&UuidReq, INTNETTRUNKFACTORY_V1_UUID_STR))
+ Log(("VBoxNetFlt: V1 factory query\n"));
+ */
+ else
+ Log(("VBoxNetFlt: unknown factory interface query (%s)\n", pszInterfaceUuid));
+#endif
+ }
+ else
+ Log(("VBoxNetFlt: rc=%Rrc, uuid=%s\n", rc, pszInterfaceUuid));
+
+ RT_NOREF1(pSession);
+ return NULL;
+}
+
+
+/**
+ * Checks whether the VBoxNetFlt wossname can be unloaded.
+ *
+ * This will return false if someone is currently using the module.
+ *
+ * @returns true if it's relatively safe to unload it, otherwise false.
+ * @param pGlobals Pointer to the globals.
+ */
+DECLHIDDEN(bool) vboxNetFltCanUnload(PVBOXNETFLTGLOBALS pGlobals)
+{
+ int rc = RTSemFastMutexRequest(pGlobals->hFastMtx);
+ bool fRc = !pGlobals->pInstanceHead
+ && pGlobals->cFactoryRefs <= 0;
+ RTSemFastMutexRelease(pGlobals->hFastMtx);
+ AssertRC(rc);
+ return fRc;
+}
+
+
+/**
+ * Try to close the IDC connection to SUPDRV if established.
+ *
+ * @returns VBox status code.
+ * @retval VINF_SUCCESS on success.
+ * @retval VERR_WRONG_ORDER if we're busy.
+ *
+ * @param pGlobals Pointer to the globals.
+ *
+ * @sa vboxNetFltTryDeleteIdcAndGlobals()
+ */
+DECLHIDDEN(int) vboxNetFltTryDeleteIdc(PVBOXNETFLTGLOBALS pGlobals)
+{
+ int rc;
+
+ Assert(pGlobals->hFastMtx != NIL_RTSEMFASTMUTEX);
+
+ /*
+ * Check before trying to deregister the factory.
+ */
+ if (!vboxNetFltCanUnload(pGlobals))
+ return VERR_WRONG_ORDER;
+
+ if (!pGlobals->fIDCOpen)
+ rc = VINF_SUCCESS;
+ else
+ {
+ /*
+ * Disconnect from SUPDRV and check that nobody raced us,
+ * reconnect if that should happen.
+ */
+ rc = SUPR0IdcComponentDeregisterFactory(&pGlobals->SupDrvIDC, &pGlobals->SupDrvFactory);
+ AssertRC(rc);
+ if (!vboxNetFltCanUnload(pGlobals))
+ {
+ rc = SUPR0IdcComponentRegisterFactory(&pGlobals->SupDrvIDC, &pGlobals->SupDrvFactory);
+ AssertRC(rc);
+ return VERR_WRONG_ORDER;
+ }
+
+ SUPR0IdcClose(&pGlobals->SupDrvIDC);
+ pGlobals->fIDCOpen = false;
+ }
+
+ return rc;
+}
+
+
+/**
+ * Establishes the IDC connection to SUPDRV and registers our component factory.
+ *
+ * @returns VBox status code.
+ * @param pGlobals Pointer to the globals.
+ * @sa vboxNetFltInitGlobalsAndIdc().
+ */
+DECLHIDDEN(int) vboxNetFltInitIdc(PVBOXNETFLTGLOBALS pGlobals)
+{
+ int rc;
+ Assert(!pGlobals->fIDCOpen);
+
+ /*
+ * Establish a connection to SUPDRV and register our component factory.
+ */
+ rc = SUPR0IdcOpen(&pGlobals->SupDrvIDC, 0 /* iReqVersion = default */, 0 /* iMinVersion = default */, NULL, NULL, NULL);
+ if (RT_SUCCESS(rc))
+ {
+ rc = SUPR0IdcComponentRegisterFactory(&pGlobals->SupDrvIDC, &pGlobals->SupDrvFactory);
+ if (RT_SUCCESS(rc))
+ {
+ pGlobals->fIDCOpen = true;
+ Log(("VBoxNetFlt: pSession=%p\n", SUPR0IdcGetSession(&pGlobals->SupDrvIDC)));
+ return rc;
+ }
+
+ /* bail out. */
+ LogRel(("VBoxNetFlt: Failed to register component factory, rc=%Rrc\n", rc));
+ SUPR0IdcClose(&pGlobals->SupDrvIDC);
+ }
+
+ return rc;
+}
+
+
+/**
+ * Deletes the globals.
+ *
+ * This must be called after the IDC connection has been closed,
+ * see vboxNetFltTryDeleteIdc().
+ *
+ * @param pGlobals Pointer to the globals.
+ * @sa vboxNetFltTryDeleteIdcAndGlobals()
+ */
+DECLHIDDEN(void) vboxNetFltDeleteGlobals(PVBOXNETFLTGLOBALS pGlobals)
+{
+ Assert(!pGlobals->fIDCOpen);
+
+ /*
+ * Release resources.
+ */
+ RTSemFastMutexDestroy(pGlobals->hFastMtx);
+ pGlobals->hFastMtx = NIL_RTSEMFASTMUTEX;
+}
+
+
+/**
+ * Initializes the globals.
+ *
+ * @returns VBox status code.
+ * @param pGlobals Pointer to the globals.
+ * @sa vboxNetFltInitGlobalsAndIdc().
+ */
+DECLHIDDEN(int) vboxNetFltInitGlobals(PVBOXNETFLTGLOBALS pGlobals)
+{
+ /*
+ * Initialize the common portions of the structure.
+ */
+ int rc = RTSemFastMutexCreate(&pGlobals->hFastMtx);
+ if (RT_SUCCESS(rc))
+ {
+ pGlobals->pInstanceHead = NULL;
+
+ pGlobals->TrunkFactory.pfnRelease = vboxNetFltFactoryRelease;
+ pGlobals->TrunkFactory.pfnCreateAndConnect = vboxNetFltFactoryCreateAndConnect;
+#if defined(RT_OS_WINDOWS) && defined(VBOXNETADP)
+ memcpy(pGlobals->SupDrvFactory.szName, "VBoxNetAdp", sizeof("VBoxNetAdp"));
+#else
+ memcpy(pGlobals->SupDrvFactory.szName, "VBoxNetFlt", sizeof("VBoxNetFlt"));
+#endif
+ pGlobals->SupDrvFactory.pfnQueryFactoryInterface = vboxNetFltQueryFactoryInterface;
+ pGlobals->fIDCOpen = false;
+
+ return rc;
+ }
+
+ return rc;
+}
+
+
+/**
+ * Called by the native part when the OS wants the driver to unload.
+ *
+ * @returns VINF_SUCCESS on success, VERR_WRONG_ORDER if we're busy.
+ *
+ * @param pGlobals Pointer to the globals.
+ */
+DECLHIDDEN(int) vboxNetFltTryDeleteIdcAndGlobals(PVBOXNETFLTGLOBALS pGlobals)
+{
+ int rc = vboxNetFltTryDeleteIdc(pGlobals);
+ if (RT_SUCCESS(rc))
+ vboxNetFltDeleteGlobals(pGlobals);
+ return rc;
+}
+
+
+/**
+ * Called by the native driver/kext module initialization routine.
+ *
+ * It will initialize the common parts of the globals, assuming the caller
+ * has already taken care of the OS specific bits, and establish the IDC
+ * connection to SUPDRV.
+ *
+ * @returns VBox status code.
+ * @param pGlobals Pointer to the globals.
+ */
+DECLHIDDEN(int) vboxNetFltInitGlobalsAndIdc(PVBOXNETFLTGLOBALS pGlobals)
+{
+ /*
+ * Initialize the common portions of the structure.
+ */
+ int rc = vboxNetFltInitGlobals(pGlobals);
+ if (RT_SUCCESS(rc))
+ {
+ rc = vboxNetFltInitIdc(pGlobals);
+ if (RT_SUCCESS(rc))
+ return rc;
+
+ /* bail out. */
+ vboxNetFltDeleteGlobals(pGlobals);
+ }
+
+ return rc;
+}
+