1 /**
2 * @file
3 * Packet buffer management
4 */
5
6 /**
7 * @defgroup pbuf Packet buffers (PBUF)
8 * @ingroup infrastructure
9 *
10 * Packets are built from the pbuf data structure. It supports dynamic
11 * memory allocation for packet contents or can reference externally
12 * managed packet contents both in RAM and ROM. Quick allocation for
13 * incoming packets is provided through pools with fixed sized pbufs.
14 *
15 * A packet may span over multiple pbufs, chained as a singly linked
16 * list. This is called a "pbuf chain".
17 *
18 * Multiple packets may be queued, also using this singly linked list.
19 * This is called a "packet queue".
20 *
21 * So, a packet queue consists of one or more pbuf chains, each of
22 * which consist of one or more pbufs. CURRENTLY, PACKET QUEUES ARE
23 * NOT SUPPORTED!!! Use helper structs to queue multiple packets.
24 *
25 * The differences between a pbuf chain and a packet queue are very
26 * precise but subtle.
27 *
28 * The last pbuf of a packet has a ->tot_len field that equals the
29 * ->len field. It can be found by traversing the list. If the last
30 * pbuf of a packet has a ->next field other than NULL, more packets
31 * are on the queue.
32 *
33 * Therefore, looping through a pbuf of a single packet, has an
34 * loop end condition (tot_len == p->len), NOT (next == NULL).
35 *
36 * Example of custom pbuf usage: @ref zerocopyrx
37 */
38
39 /*
40 * Copyright (c) 2001-2004 Swedish Institute of Computer Science.
41 * All rights reserved.
42 *
43 * Redistribution and use in source and binary forms, with or without modification,
44 * are permitted provided that the following conditions are met:
45 *
46 * 1. Redistributions of source code must retain the above copyright notice,
47 * this list of conditions and the following disclaimer.
48 * 2. Redistributions in binary form must reproduce the above copyright notice,
49 * this list of conditions and the following disclaimer in the documentation
50 * and/or other materials provided with the distribution.
51 * 3. The name of the author may not be used to endorse or promote products
52 * derived from this software without specific prior written permission.
53 *
54 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED
55 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
56 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT
57 * SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
58 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
59 * OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
60 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
61 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
62 * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY
63 * OF SUCH DAMAGE.
64 *
65 * This file is part of the lwIP TCP/IP stack.
66 *
67 * Author: Adam Dunkels <adam@sics.se>
68 *
69 */
70
71 #include "lwip/opt.h"
72
73 #include "lwip/pbuf.h"
74 #include "lwip/stats.h"
75 #include "lwip/def.h"
76 #include "lwip/mem.h"
77 #include "lwip/memp.h"
78 #include "lwip/sys.h"
79 #include "lwip/netif.h"
80 #if LWIP_TCP && TCP_QUEUE_OOSEQ
81 #include "lwip/priv/tcp_priv.h"
82 #endif
83 #if LWIP_CHECKSUM_ON_COPY
84 #include "lwip/inet_chksum.h"
85 #endif
86
87 #include <string.h>
88
89 #define SIZEOF_STRUCT_PBUF LWIP_MEM_ALIGN_SIZE(sizeof(struct pbuf))
90 /* Since the pool is created in memp, PBUF_POOL_BUFSIZE will be automatically
91 aligned there. Therefore, PBUF_POOL_BUFSIZE_ALIGNED can be used here. */
92 #define PBUF_POOL_BUFSIZE_ALIGNED LWIP_MEM_ALIGN_SIZE(PBUF_POOL_BUFSIZE)
93
94 static const struct pbuf *
95 pbuf_skip_const(const struct pbuf *in, u16_t in_offset, u16_t *out_offset);
96
97 #if !LWIP_TCP || !TCP_QUEUE_OOSEQ || !PBUF_POOL_FREE_OOSEQ
98 #define PBUF_POOL_IS_EMPTY()
99 #else /* !LWIP_TCP || !TCP_QUEUE_OOSEQ || !PBUF_POOL_FREE_OOSEQ */
100
101 #if !NO_SYS
102 #ifndef PBUF_POOL_FREE_OOSEQ_QUEUE_CALL
103 #include "lwip/tcpip.h"
104 #define PBUF_POOL_FREE_OOSEQ_QUEUE_CALL() do { \
105 if (tcpip_try_callback(pbuf_free_ooseq_callback, NULL) != ERR_OK) { \
106 SYS_ARCH_PROTECT(old_level); \
107 pbuf_free_ooseq_pending = 0; \
108 SYS_ARCH_UNPROTECT(old_level); \
109 } } while(0)
110 #endif /* PBUF_POOL_FREE_OOSEQ_QUEUE_CALL */
111 #endif /* !NO_SYS */
112
113 volatile u8_t pbuf_free_ooseq_pending;
114 #define PBUF_POOL_IS_EMPTY() pbuf_pool_is_empty()
115
116 /**
117 * Attempt to reclaim some memory from queued out-of-sequence TCP segments
118 * if we run out of pool pbufs. It's better to give priority to new packets
119 * if we're running out.
120 *
121 * This must be done in the correct thread context therefore this function
122 * can only be used with NO_SYS=0 and through tcpip_callback.
123 */
124 #if !NO_SYS
125 static
126 #endif /* !NO_SYS */
127 void
pbuf_free_ooseq(void)128 pbuf_free_ooseq(void)
129 {
130 struct tcp_pcb *pcb;
131 SYS_ARCH_SET(pbuf_free_ooseq_pending, 0);
132
133 for (pcb = tcp_active_pcbs; NULL != pcb; pcb = pcb->next) {
134 if (pcb->ooseq != NULL) {
135 /** Free the ooseq pbufs of one PCB only */
136 LWIP_DEBUGF(PBUF_DEBUG | LWIP_DBG_TRACE, ("pbuf_free_ooseq: freeing out-of-sequence pbufs\n"));
137 tcp_free_ooseq(pcb);
138 return;
139 }
140 }
141 }
142
143 #if !NO_SYS
144 /**
145 * Just a callback function for tcpip_callback() that calls pbuf_free_ooseq().
146 */
147 static void
pbuf_free_ooseq_callback(void * arg)148 pbuf_free_ooseq_callback(void *arg)
149 {
150 LWIP_UNUSED_ARG(arg);
151 pbuf_free_ooseq();
152 }
153 #endif /* !NO_SYS */
154
155 /** Queue a call to pbuf_free_ooseq if not already queued. */
156 static void
pbuf_pool_is_empty(void)157 pbuf_pool_is_empty(void)
158 {
159 #ifndef PBUF_POOL_FREE_OOSEQ_QUEUE_CALL
160 SYS_ARCH_SET(pbuf_free_ooseq_pending, 1);
161 #else /* PBUF_POOL_FREE_OOSEQ_QUEUE_CALL */
162 u8_t queued;
163 SYS_ARCH_DECL_PROTECT(old_level);
164 SYS_ARCH_PROTECT(old_level);
165 queued = pbuf_free_ooseq_pending;
166 pbuf_free_ooseq_pending = 1;
167 SYS_ARCH_UNPROTECT(old_level);
168
169 if (!queued) {
170 /* queue a call to pbuf_free_ooseq if not already queued */
171 PBUF_POOL_FREE_OOSEQ_QUEUE_CALL();
172 }
173 #endif /* PBUF_POOL_FREE_OOSEQ_QUEUE_CALL */
174 }
175 #endif /* !LWIP_TCP || !TCP_QUEUE_OOSEQ || !PBUF_POOL_FREE_OOSEQ */
176
177 /* Initialize members of struct pbuf after allocation */
178 static void
pbuf_init_alloced_pbuf(struct pbuf * p,void * payload,u16_t tot_len,u16_t len,pbuf_type type,u8_t flags)179 pbuf_init_alloced_pbuf(struct pbuf *p, void *payload, u16_t tot_len, u16_t len, pbuf_type type, u8_t flags)
180 {
181 p->next = NULL;
182 p->payload = payload;
183 p->tot_len = tot_len;
184 p->len = len;
185 p->type_internal = (u8_t)type;
186 p->flags = flags;
187 p->ref = 1;
188 p->if_idx = NETIF_NO_INDEX;
189
190 LWIP_PBUF_CUSTOM_DATA_INIT(p);
191 }
192
193 /**
194 * @ingroup pbuf
195 * Allocates a pbuf of the given type (possibly a chain for PBUF_POOL type).
196 *
197 * The actual memory allocated for the pbuf is determined by the
198 * layer at which the pbuf is allocated and the requested size
199 * (from the size parameter).
200 *
201 * @param layer header size
202 * @param length size of the pbuf's payload
203 * @param type this parameter decides how and where the pbuf
204 * should be allocated as follows:
205 *
206 * - PBUF_RAM: buffer memory for pbuf is allocated as one large
207 * chunk. This includes protocol headers as well.
208 * - PBUF_ROM: no buffer memory is allocated for the pbuf, even for
209 * protocol headers. Additional headers must be prepended
210 * by allocating another pbuf and chain in to the front of
211 * the ROM pbuf. It is assumed that the memory used is really
212 * similar to ROM in that it is immutable and will not be
213 * changed. Memory which is dynamic should generally not
214 * be attached to PBUF_ROM pbufs. Use PBUF_REF instead.
215 * - PBUF_REF: no buffer memory is allocated for the pbuf, even for
216 * protocol headers. It is assumed that the pbuf is only
217 * being used in a single thread. If the pbuf gets queued,
218 * then pbuf_take should be called to copy the buffer.
219 * - PBUF_POOL: the pbuf is allocated as a pbuf chain, with pbufs from
220 * the pbuf pool that is allocated during pbuf_init().
221 *
222 * @return the allocated pbuf. If multiple pbufs where allocated, this
223 * is the first pbuf of a pbuf chain.
224 */
225 struct pbuf *
pbuf_alloc(pbuf_layer layer,u16_t length,pbuf_type type)226 pbuf_alloc(pbuf_layer layer, u16_t length, pbuf_type type)
227 {
228 struct pbuf *p;
229 u16_t offset = (u16_t)layer;
230 LWIP_DEBUGF(PBUF_DEBUG | LWIP_DBG_TRACE, ("pbuf_alloc(length=%"U16_F")\n", length));
231
232 switch (type) {
233 case PBUF_REF: /* fall through */
234 case PBUF_ROM:
235 p = pbuf_alloc_reference(NULL, length, type);
236 break;
237 case PBUF_POOL: {
238 struct pbuf *q, *last;
239 u16_t rem_len; /* remaining length */
240 p = NULL;
241 last = NULL;
242 rem_len = length;
243 do {
244 u16_t qlen;
245 q = (struct pbuf *)memp_malloc(MEMP_PBUF_POOL);
246 if (q == NULL) {
247 PBUF_POOL_IS_EMPTY();
248 /* free chain so far allocated */
249 if (p) {
250 pbuf_free(p);
251 }
252 /* bail out unsuccessfully */
253 return NULL;
254 }
255 qlen = LWIP_MIN(rem_len, (u16_t)(PBUF_POOL_BUFSIZE_ALIGNED - LWIP_MEM_ALIGN_SIZE(offset)));
256 pbuf_init_alloced_pbuf(q, LWIP_MEM_ALIGN((void *)((u8_t *)q + SIZEOF_STRUCT_PBUF + offset)),
257 rem_len, qlen, type, 0);
258 LWIP_ASSERT("pbuf_alloc: pbuf q->payload properly aligned",
259 ((mem_ptr_t)q->payload % MEM_ALIGNMENT) == 0);
260 LWIP_ASSERT("PBUF_POOL_BUFSIZE must be bigger than MEM_ALIGNMENT",
261 (PBUF_POOL_BUFSIZE_ALIGNED - LWIP_MEM_ALIGN_SIZE(offset)) > 0 );
262 if (p == NULL) {
263 /* allocated head of pbuf chain (into p) */
264 p = q;
265 } else {
266 /* make previous pbuf point to this pbuf */
267 last->next = q;
268 }
269 last = q;
270 rem_len = (u16_t)(rem_len - qlen);
271 offset = 0;
272 } while (rem_len > 0);
273 break;
274 }
275 case PBUF_RAM: {
276 mem_size_t payload_len = (mem_size_t)(LWIP_MEM_ALIGN_SIZE(offset) + LWIP_MEM_ALIGN_SIZE(length));
277 mem_size_t alloc_len = (mem_size_t)(LWIP_MEM_ALIGN_SIZE(SIZEOF_STRUCT_PBUF) + payload_len);
278
279 /* bug #50040: Check for integer overflow when calculating alloc_len */
280 if ((payload_len < LWIP_MEM_ALIGN_SIZE(length)) ||
281 (alloc_len < LWIP_MEM_ALIGN_SIZE(length))) {
282 return NULL;
283 }
284
285 /* If pbuf is to be allocated in RAM, allocate memory for it. */
286 p = (struct pbuf *)mem_malloc(alloc_len);
287 if (p == NULL) {
288 return NULL;
289 }
290 pbuf_init_alloced_pbuf(p, LWIP_MEM_ALIGN((void *)((u8_t *)p + SIZEOF_STRUCT_PBUF + offset)),
291 length, length, type, 0);
292 LWIP_ASSERT("pbuf_alloc: pbuf->payload properly aligned",
293 ((mem_ptr_t)p->payload % MEM_ALIGNMENT) == 0);
294 break;
295 }
296 default:
297 LWIP_ASSERT("pbuf_alloc: erroneous type", 0);
298 return NULL;
299 }
300 LWIP_DEBUGF(PBUF_DEBUG | LWIP_DBG_TRACE, ("pbuf_alloc(length=%"U16_F") == %p\n", length, (void *)p));
301 return p;
302 }
303
304 /**
305 * @ingroup pbuf
306 * Allocates a pbuf for referenced data.
307 * Referenced data can be volatile (PBUF_REF) or long-lived (PBUF_ROM).
308 *
309 * The actual memory allocated for the pbuf is determined by the
310 * layer at which the pbuf is allocated and the requested size
311 * (from the size parameter).
312 *
313 * @param payload referenced payload
314 * @param length size of the pbuf's payload
315 * @param type this parameter decides how and where the pbuf
316 * should be allocated as follows:
317 *
318 * - PBUF_ROM: It is assumed that the memory used is really
319 * similar to ROM in that it is immutable and will not be
320 * changed. Memory which is dynamic should generally not
321 * be attached to PBUF_ROM pbufs. Use PBUF_REF instead.
322 * - PBUF_REF: It is assumed that the pbuf is only
323 * being used in a single thread. If the pbuf gets queued,
324 * then pbuf_take should be called to copy the buffer.
325 *
326 * @return the allocated pbuf.
327 */
328 struct pbuf *
pbuf_alloc_reference(void * payload,u16_t length,pbuf_type type)329 pbuf_alloc_reference(void *payload, u16_t length, pbuf_type type)
330 {
331 struct pbuf *p;
332 LWIP_ASSERT("invalid pbuf_type", (type == PBUF_REF) || (type == PBUF_ROM));
333 /* only allocate memory for the pbuf structure */
334 p = (struct pbuf *)memp_malloc(MEMP_PBUF);
335 if (p == NULL) {
336 LWIP_DEBUGF(PBUF_DEBUG | LWIP_DBG_LEVEL_SERIOUS,
337 ("pbuf_alloc_reference: Could not allocate MEMP_PBUF for PBUF_%s.\n",
338 (type == PBUF_ROM) ? "ROM" : "REF"));
339 return NULL;
340 }
341 pbuf_init_alloced_pbuf(p, payload, length, length, type, 0);
342 return p;
343 }
344
345
346 #if LWIP_SUPPORT_CUSTOM_PBUF
347 /**
348 * @ingroup pbuf
349 * Initialize a custom pbuf (already allocated).
350 * Example of custom pbuf usage: @ref zerocopyrx
351 *
352 * @param l header size
353 * @param length size of the pbuf's payload
354 * @param type type of the pbuf (only used to treat the pbuf accordingly, as
355 * this function allocates no memory)
356 * @param p pointer to the custom pbuf to initialize (already allocated)
357 * @param payload_mem pointer to the buffer that is used for payload and headers,
358 * must be at least big enough to hold 'length' plus the header size,
359 * may be NULL if set later.
360 * ATTENTION: The caller is responsible for correct alignment of this buffer!!
361 * @param payload_mem_len the size of the 'payload_mem' buffer, must be at least
362 * big enough to hold 'length' plus the header size
363 */
364 struct pbuf *
pbuf_alloced_custom(pbuf_layer l,u16_t length,pbuf_type type,struct pbuf_custom * p,void * payload_mem,u16_t payload_mem_len)365 pbuf_alloced_custom(pbuf_layer l, u16_t length, pbuf_type type, struct pbuf_custom *p,
366 void *payload_mem, u16_t payload_mem_len)
367 {
368 u16_t offset = (u16_t)l;
369 void *payload;
370 LWIP_DEBUGF(PBUF_DEBUG | LWIP_DBG_TRACE, ("pbuf_alloced_custom(length=%"U16_F")\n", length));
371
372 if (LWIP_MEM_ALIGN_SIZE(offset) + length > payload_mem_len) {
373 LWIP_DEBUGF(PBUF_DEBUG | LWIP_DBG_LEVEL_WARNING, ("pbuf_alloced_custom(length=%"U16_F") buffer too short\n", length));
374 return NULL;
375 }
376
377 if (payload_mem != NULL) {
378 payload = (u8_t *)payload_mem + LWIP_MEM_ALIGN_SIZE(offset);
379 } else {
380 payload = NULL;
381 }
382 pbuf_init_alloced_pbuf(&p->pbuf, payload, length, length, type, PBUF_FLAG_IS_CUSTOM);
383 return &p->pbuf;
384 }
385 #endif /* LWIP_SUPPORT_CUSTOM_PBUF */
386
387 /**
388 * @ingroup pbuf
389 * Shrink a pbuf chain to a desired length.
390 *
391 * @param p pbuf to shrink.
392 * @param new_len desired new length of pbuf chain
393 *
394 * Depending on the desired length, the first few pbufs in a chain might
395 * be skipped and left unchanged. The new last pbuf in the chain will be
396 * resized, and any remaining pbufs will be freed.
397 *
398 * @note If the pbuf is ROM/REF, only the ->tot_len and ->len fields are adjusted.
399 * @note May not be called on a packet queue.
400 *
401 * @note Despite its name, pbuf_realloc cannot grow the size of a pbuf (chain).
402 */
403 void
pbuf_realloc(struct pbuf * p,u16_t new_len)404 pbuf_realloc(struct pbuf *p, u16_t new_len)
405 {
406 struct pbuf *q;
407 u16_t rem_len; /* remaining length */
408 u16_t shrink;
409
410 LWIP_ASSERT("pbuf_realloc: p != NULL", p != NULL);
411
412 /* desired length larger than current length? */
413 if (new_len >= p->tot_len) {
414 /* enlarging not yet supported */
415 return;
416 }
417
418 /* the pbuf chain grows by (new_len - p->tot_len) bytes
419 * (which may be negative in case of shrinking) */
420 shrink = (u16_t)(p->tot_len - new_len);
421
422 /* first, step over any pbufs that should remain in the chain */
423 rem_len = new_len;
424 q = p;
425 /* should this pbuf be kept? */
426 while (rem_len > q->len) {
427 /* decrease remaining length by pbuf length */
428 rem_len = (u16_t)(rem_len - q->len);
429 /* decrease total length indicator */
430 q->tot_len = (u16_t)(q->tot_len - shrink);
431 /* proceed to next pbuf in chain */
432 q = q->next;
433 LWIP_ASSERT("pbuf_realloc: q != NULL", q != NULL);
434 }
435 /* we have now reached the new last pbuf (in q) */
436 /* rem_len == desired length for pbuf q */
437
438 /* shrink allocated memory for PBUF_RAM */
439 /* (other types merely adjust their length fields */
440 if (pbuf_match_allocsrc(q, PBUF_TYPE_ALLOC_SRC_MASK_STD_HEAP) && (rem_len != q->len)
441 #if LWIP_SUPPORT_CUSTOM_PBUF
442 && ((q->flags & PBUF_FLAG_IS_CUSTOM) == 0)
443 #endif /* LWIP_SUPPORT_CUSTOM_PBUF */
444 ) {
445 /* reallocate and adjust the length of the pbuf that will be split */
446 struct pbuf *r = (struct pbuf *)mem_trim(q, (mem_size_t)(((u8_t *)q->payload - (u8_t *)q) + rem_len));
447 LWIP_ASSERT("mem_trim returned r == NULL", r != NULL);
448 /* help to detect faulty overridden implementation of mem_trim */
449 LWIP_ASSERT("mem_trim returned r != q", r == q);
450 LWIP_UNUSED_ARG(r);
451 }
452 /* adjust length fields for new last pbuf */
453 q->len = rem_len;
454 q->tot_len = q->len;
455
456 /* any remaining pbufs in chain? */
457 if (q->next != NULL) {
458 /* free remaining pbufs in chain */
459 pbuf_free(q->next);
460 }
461 /* q is last packet in chain */
462 q->next = NULL;
463
464 }
465
466 /**
467 * Adjusts the payload pointer to reveal headers in the payload.
468 * @see pbuf_add_header.
469 *
470 * @param p pbuf to change the header size.
471 * @param header_size_increment Number of bytes to increment header size.
472 * @param force Allow 'header_size_increment > 0' for PBUF_REF/PBUF_ROM types
473 *
474 * @return non-zero on failure, zero on success.
475 *
476 */
477 static u8_t
pbuf_add_header_impl(struct pbuf * p,size_t header_size_increment,u8_t force)478 pbuf_add_header_impl(struct pbuf *p, size_t header_size_increment, u8_t force)
479 {
480 u16_t type_internal;
481 void *payload;
482 u16_t increment_magnitude;
483
484 LWIP_ASSERT("p != NULL", p != NULL);
485 if ((p == NULL) || (header_size_increment > 0xFFFF)) {
486 return 1;
487 }
488 if (header_size_increment == 0) {
489 return 0;
490 }
491
492 increment_magnitude = (u16_t)header_size_increment;
493 /* Do not allow tot_len to wrap as a result. */
494 if ((u16_t)(increment_magnitude + p->tot_len) < increment_magnitude) {
495 return 1;
496 }
497
498 type_internal = p->type_internal;
499
500 /* pbuf types containing payloads? */
501 if (type_internal & PBUF_TYPE_FLAG_STRUCT_DATA_CONTIGUOUS) {
502 /* set new payload pointer */
503 payload = (u8_t *)p->payload - header_size_increment;
504 /* boundary check fails? */
505 if ((u8_t *)payload < (u8_t *)p + SIZEOF_STRUCT_PBUF) {
506 LWIP_DEBUGF( PBUF_DEBUG | LWIP_DBG_TRACE,
507 ("pbuf_add_header: failed as %p < %p (not enough space for new header size)\n",
508 (void *)payload, (void *)((u8_t *)p + SIZEOF_STRUCT_PBUF)));
509 /* bail out unsuccessfully */
510 return 1;
511 }
512 /* pbuf types referring to external payloads? */
513 } else {
514 /* hide a header in the payload? */
515 if (force) {
516 payload = (u8_t *)p->payload - header_size_increment;
517 } else {
518 /* cannot expand payload to front (yet!)
519 * bail out unsuccessfully */
520 return 1;
521 }
522 }
523 LWIP_DEBUGF(PBUF_DEBUG | LWIP_DBG_TRACE, ("pbuf_add_header: old %p new %p (%"U16_F")\n",
524 (void *)p->payload, (void *)payload, increment_magnitude));
525
526 /* modify pbuf fields */
527 p->payload = payload;
528 p->len = (u16_t)(p->len + increment_magnitude);
529 p->tot_len = (u16_t)(p->tot_len + increment_magnitude);
530
531
532 return 0;
533 }
534
535 /**
536 * Adjusts the payload pointer to reveal headers in the payload.
537 *
538 * Adjusts the ->payload pointer so that space for a header
539 * appears in the pbuf payload.
540 *
541 * The ->payload, ->tot_len and ->len fields are adjusted.
542 *
543 * @param p pbuf to change the header size.
544 * @param header_size_increment Number of bytes to increment header size which
545 * increases the size of the pbuf. New space is on the front.
546 * If header_size_increment is 0, this function does nothing and returns successful.
547 *
548 * PBUF_ROM and PBUF_REF type buffers cannot have their sizes increased, so
549 * the call will fail. A check is made that the increase in header size does
550 * not move the payload pointer in front of the start of the buffer.
551 *
552 * @return non-zero on failure, zero on success.
553 *
554 */
555 u8_t
pbuf_add_header(struct pbuf * p,size_t header_size_increment)556 pbuf_add_header(struct pbuf *p, size_t header_size_increment)
557 {
558 return pbuf_add_header_impl(p, header_size_increment, 0);
559 }
560
561 /**
562 * Same as @ref pbuf_add_header but does not check if 'header_size > 0' is allowed.
563 * This is used internally only, to allow PBUF_REF for RX.
564 */
565 u8_t
pbuf_add_header_force(struct pbuf * p,size_t header_size_increment)566 pbuf_add_header_force(struct pbuf *p, size_t header_size_increment)
567 {
568 return pbuf_add_header_impl(p, header_size_increment, 1);
569 }
570
571 /**
572 * Adjusts the payload pointer to hide headers in the payload.
573 *
574 * Adjusts the ->payload pointer so that space for a header
575 * disappears in the pbuf payload.
576 *
577 * The ->payload, ->tot_len and ->len fields are adjusted.
578 *
579 * @param p pbuf to change the header size.
580 * @param header_size_decrement Number of bytes to decrement header size which
581 * decreases the size of the pbuf.
582 * If header_size_decrement is 0, this function does nothing and returns successful.
583 * @return non-zero on failure, zero on success.
584 *
585 */
586 u8_t
pbuf_remove_header(struct pbuf * p,size_t header_size_decrement)587 pbuf_remove_header(struct pbuf *p, size_t header_size_decrement)
588 {
589 void *payload;
590 u16_t increment_magnitude;
591
592 LWIP_ASSERT("p != NULL", p != NULL);
593 if ((p == NULL) || (header_size_decrement > 0xFFFF)) {
594 return 1;
595 }
596 if (header_size_decrement == 0) {
597 return 0;
598 }
599
600 increment_magnitude = (u16_t)header_size_decrement;
601 /* Check that we aren't going to move off the end of the pbuf */
602 LWIP_ERROR("increment_magnitude <= p->len", (increment_magnitude <= p->len), return 1;);
603
604 /* remember current payload pointer */
605 payload = p->payload;
606 LWIP_UNUSED_ARG(payload); /* only used in LWIP_DEBUGF below */
607
608 /* increase payload pointer (guarded by length check above) */
609 p->payload = (u8_t *)p->payload + header_size_decrement;
610 /* modify pbuf length fields */
611 p->len = (u16_t)(p->len - increment_magnitude);
612 p->tot_len = (u16_t)(p->tot_len - increment_magnitude);
613
614 LWIP_DEBUGF(PBUF_DEBUG | LWIP_DBG_TRACE, ("pbuf_remove_header: old %p new %p (%"U16_F")\n",
615 (void *)payload, (void *)p->payload, increment_magnitude));
616
617 return 0;
618 }
619
620 static u8_t
pbuf_header_impl(struct pbuf * p,s16_t header_size_increment,u8_t force)621 pbuf_header_impl(struct pbuf *p, s16_t header_size_increment, u8_t force)
622 {
623 if (header_size_increment < 0) {
624 return pbuf_remove_header(p, (size_t) - header_size_increment);
625 } else {
626 return pbuf_add_header_impl(p, (size_t)header_size_increment, force);
627 }
628 }
629
630 /**
631 * Adjusts the payload pointer to hide or reveal headers in the payload.
632 *
633 * Adjusts the ->payload pointer so that space for a header
634 * (dis)appears in the pbuf payload.
635 *
636 * The ->payload, ->tot_len and ->len fields are adjusted.
637 *
638 * @param p pbuf to change the header size.
639 * @param header_size_increment Number of bytes to increment header size which
640 * increases the size of the pbuf. New space is on the front.
641 * (Using a negative value decreases the header size.)
642 * If header_size_increment is 0, this function does nothing and returns successful.
643 *
644 * PBUF_ROM and PBUF_REF type buffers cannot have their sizes increased, so
645 * the call will fail. A check is made that the increase in header size does
646 * not move the payload pointer in front of the start of the buffer.
647 * @return non-zero on failure, zero on success.
648 *
649 */
650 u8_t
pbuf_header(struct pbuf * p,s16_t header_size_increment)651 pbuf_header(struct pbuf *p, s16_t header_size_increment)
652 {
653 return pbuf_header_impl(p, header_size_increment, 0);
654 }
655
656 /**
657 * Same as pbuf_header but does not check if 'header_size > 0' is allowed.
658 * This is used internally only, to allow PBUF_REF for RX.
659 */
660 u8_t
pbuf_header_force(struct pbuf * p,s16_t header_size_increment)661 pbuf_header_force(struct pbuf *p, s16_t header_size_increment)
662 {
663 return pbuf_header_impl(p, header_size_increment, 1);
664 }
665
666 /** Similar to pbuf_header(-size) but de-refs header pbufs for (size >= p->len)
667 *
668 * @param q pbufs to operate on
669 * @param size The number of bytes to remove from the beginning of the pbuf list.
670 * While size >= p->len, pbufs are freed.
671 * ATTENTION: this is the opposite direction as @ref pbuf_header, but
672 * takes an u16_t not s16_t!
673 * @return the new head pbuf
674 */
675 struct pbuf *
pbuf_free_header(struct pbuf * q,u16_t size)676 pbuf_free_header(struct pbuf *q, u16_t size)
677 {
678 struct pbuf *p = q;
679 u16_t free_left = size;
680 while (free_left && p) {
681 if (free_left >= p->len) {
682 struct pbuf *f = p;
683 free_left = (u16_t)(free_left - p->len);
684 p = p->next;
685 f->next = NULL;
686 pbuf_free(f);
687 } else {
688 pbuf_remove_header(p, free_left);
689 free_left = 0;
690 }
691 }
692 return p;
693 }
694
695 /**
696 * @ingroup pbuf
697 * Dereference a pbuf chain or queue and deallocate any no-longer-used
698 * pbufs at the head of this chain or queue.
699 *
700 * Decrements the pbuf reference count. If it reaches zero, the pbuf is
701 * deallocated.
702 *
703 * For a pbuf chain, this is repeated for each pbuf in the chain,
704 * up to the first pbuf which has a non-zero reference count after
705 * decrementing. So, when all reference counts are one, the whole
706 * chain is free'd.
707 *
708 * @param p The pbuf (chain) to be dereferenced.
709 *
710 * @return the number of pbufs that were de-allocated
711 * from the head of the chain.
712 *
713 * @note the reference counter of a pbuf equals the number of pointers
714 * that refer to the pbuf (or into the pbuf).
715 *
716 * @internal examples:
717 *
718 * Assuming existing chains a->b->c with the following reference
719 * counts, calling pbuf_free(a) results in:
720 *
721 * 1->2->3 becomes ...1->3
722 * 3->3->3 becomes 2->3->3
723 * 1->1->2 becomes ......1
724 * 2->1->1 becomes 1->1->1
725 * 1->1->1 becomes .......
726 *
727 */
728 u8_t
pbuf_free(struct pbuf * p)729 pbuf_free(struct pbuf *p)
730 {
731 u8_t alloc_src;
732 struct pbuf *q;
733 u8_t count;
734
735 if (p == NULL) {
736 LWIP_ASSERT("p != NULL", p != NULL);
737 /* if assertions are disabled, proceed with debug output */
738 LWIP_DEBUGF(PBUF_DEBUG | LWIP_DBG_LEVEL_SERIOUS,
739 ("pbuf_free(p == NULL) was called.\n"));
740 return 0;
741 }
742 LWIP_DEBUGF(PBUF_DEBUG | LWIP_DBG_TRACE, ("pbuf_free(%p)\n", (void *)p));
743
744 PERF_START;
745
746 count = 0;
747 /* de-allocate all consecutive pbufs from the head of the chain that
748 * obtain a zero reference count after decrementing*/
749 while (p != NULL) {
750 LWIP_PBUF_REF_T ref;
751 SYS_ARCH_DECL_PROTECT(old_level);
752 /* Since decrementing ref cannot be guaranteed to be a single machine operation
753 * we must protect it. We put the new ref into a local variable to prevent
754 * further protection. */
755 SYS_ARCH_PROTECT(old_level);
756 /* all pbufs in a chain are referenced at least once */
757 LWIP_ASSERT("pbuf_free: p->ref > 0", p->ref > 0);
758 /* decrease reference count (number of pointers to pbuf) */
759 ref = --(p->ref);
760 SYS_ARCH_UNPROTECT(old_level);
761 /* this pbuf is no longer referenced to? */
762 if (ref == 0) {
763 /* remember next pbuf in chain for next iteration */
764 q = p->next;
765 LWIP_DEBUGF( PBUF_DEBUG | LWIP_DBG_TRACE, ("pbuf_free: deallocating %p\n", (void *)p));
766 alloc_src = pbuf_get_allocsrc(p);
767 #if LWIP_SUPPORT_CUSTOM_PBUF
768 /* is this a custom pbuf? */
769 if ((p->flags & PBUF_FLAG_IS_CUSTOM) != 0) {
770 struct pbuf_custom *pc = (struct pbuf_custom *)p;
771 LWIP_ASSERT("pc->custom_free_function != NULL", pc->custom_free_function != NULL);
772 pc->custom_free_function(p);
773 } else
774 #endif /* LWIP_SUPPORT_CUSTOM_PBUF */
775 {
776 /* is this a pbuf from the pool? */
777 if (alloc_src == PBUF_TYPE_ALLOC_SRC_MASK_STD_MEMP_PBUF_POOL) {
778 memp_free(MEMP_PBUF_POOL, p);
779 /* is this a ROM or RAM referencing pbuf? */
780 } else if (alloc_src == PBUF_TYPE_ALLOC_SRC_MASK_STD_MEMP_PBUF) {
781 memp_free(MEMP_PBUF, p);
782 /* type == PBUF_RAM */
783 } else if (alloc_src == PBUF_TYPE_ALLOC_SRC_MASK_STD_HEAP) {
784 mem_free(p);
785 } else {
786 /* @todo: support freeing other types */
787 LWIP_ASSERT("invalid pbuf type", 0);
788 }
789 }
790 count++;
791 /* proceed to next pbuf */
792 p = q;
793 /* p->ref > 0, this pbuf is still referenced to */
794 /* (and so the remaining pbufs in chain as well) */
795 } else {
796 LWIP_DEBUGF( PBUF_DEBUG | LWIP_DBG_TRACE, ("pbuf_free: %p has ref %"U16_F", ending here.\n", (void *)p, (u16_t)ref));
797 /* stop walking through the chain */
798 p = NULL;
799 }
800 }
801 PERF_STOP("pbuf_free");
802 /* return number of de-allocated pbufs */
803 return count;
804 }
805
806 /**
807 * Count number of pbufs in a chain
808 *
809 * @param p first pbuf of chain
810 * @return the number of pbufs in a chain
811 */
812 u16_t
pbuf_clen(const struct pbuf * p)813 pbuf_clen(const struct pbuf *p)
814 {
815 u16_t len;
816
817 len = 0;
818 while (p != NULL) {
819 ++len;
820 p = p->next;
821 }
822 return len;
823 }
824
825 /**
826 * @ingroup pbuf
827 * Increment the reference count of the pbuf.
828 *
829 * @param p pbuf to increase reference counter of
830 *
831 */
832 void
pbuf_ref(struct pbuf * p)833 pbuf_ref(struct pbuf *p)
834 {
835 /* pbuf given? */
836 if (p != NULL) {
837 SYS_ARCH_SET(p->ref, (LWIP_PBUF_REF_T)(p->ref + 1));
838 LWIP_ASSERT("pbuf ref overflow", p->ref > 0);
839 }
840 }
841
842 /**
843 * @ingroup pbuf
844 * Concatenate two pbufs (each may be a pbuf chain) and take over
845 * the caller's reference of the tail pbuf.
846 *
847 * @note The caller MAY NOT reference the tail pbuf afterwards.
848 * Use pbuf_chain() for that purpose.
849 *
850 * This function explicitly does not check for tot_len overflow to prevent
851 * failing to queue too long pbufs. This can produce invalid pbufs, so
852 * handle with care!
853 *
854 * @see pbuf_chain()
855 */
856 void
pbuf_cat(struct pbuf * h,struct pbuf * t)857 pbuf_cat(struct pbuf *h, struct pbuf *t)
858 {
859 struct pbuf *p;
860
861 LWIP_ERROR("(h != NULL) && (t != NULL) (programmer violates API)",
862 ((h != NULL) && (t != NULL)), return;);
863 LWIP_ASSERT("Creating an infinite loop", h != t);
864
865 /* proceed to last pbuf of chain */
866 for (p = h; p->next != NULL; p = p->next) {
867 /* add total length of second chain to all totals of first chain */
868 p->tot_len = (u16_t)(p->tot_len + t->tot_len);
869 }
870 /* { p is last pbuf of first h chain, p->next == NULL } */
871 LWIP_ASSERT("p->tot_len == p->len (of last pbuf in chain)", p->tot_len == p->len);
872 LWIP_ASSERT("p->next == NULL", p->next == NULL);
873 /* add total length of second chain to last pbuf total of first chain */
874 p->tot_len = (u16_t)(p->tot_len + t->tot_len);
875 /* chain last pbuf of head (p) with first of tail (t) */
876 p->next = t;
877 /* p->next now references t, but the caller will drop its reference to t,
878 * so netto there is no change to the reference count of t.
879 */
880 }
881
882 /**
883 * @ingroup pbuf
884 * Chain two pbufs (or pbuf chains) together.
885 *
886 * The caller MUST call pbuf_free(t) once it has stopped
887 * using it. Use pbuf_cat() instead if you no longer use t.
888 *
889 * @param h head pbuf (chain)
890 * @param t tail pbuf (chain)
891 * @note The pbufs MUST belong to the same packet.
892 * @note MAY NOT be called on a packet queue.
893 *
894 * The ->tot_len fields of all pbufs of the head chain are adjusted.
895 * The ->next field of the last pbuf of the head chain is adjusted.
896 * The ->ref field of the first pbuf of the tail chain is adjusted.
897 *
898 */
899 void
pbuf_chain(struct pbuf * h,struct pbuf * t)900 pbuf_chain(struct pbuf *h, struct pbuf *t)
901 {
902 pbuf_cat(h, t);
903 /* t is now referenced by h */
904 pbuf_ref(t);
905 LWIP_DEBUGF(PBUF_DEBUG | LWIP_DBG_TRACE, ("pbuf_chain: %p references %p\n", (void *)h, (void *)t));
906 }
907
908 /**
909 * Dechains the first pbuf from its succeeding pbufs in the chain.
910 *
911 * Makes p->tot_len field equal to p->len.
912 * @param p pbuf to dechain
913 * @return remainder of the pbuf chain, or NULL if it was de-allocated.
914 * @note May not be called on a packet queue.
915 */
916 struct pbuf *
pbuf_dechain(struct pbuf * p)917 pbuf_dechain(struct pbuf *p)
918 {
919 struct pbuf *q;
920 u8_t tail_gone = 1;
921 /* tail */
922 q = p->next;
923 /* pbuf has successor in chain? */
924 if (q != NULL) {
925 /* assert tot_len invariant: (p->tot_len == p->len + (p->next? p->next->tot_len: 0) */
926 LWIP_ASSERT("p->tot_len == p->len + q->tot_len", q->tot_len == p->tot_len - p->len);
927 /* enforce invariant if assertion is disabled */
928 q->tot_len = (u16_t)(p->tot_len - p->len);
929 /* decouple pbuf from remainder */
930 p->next = NULL;
931 /* total length of pbuf p is its own length only */
932 p->tot_len = p->len;
933 /* q is no longer referenced by p, free it */
934 LWIP_DEBUGF(PBUF_DEBUG | LWIP_DBG_TRACE, ("pbuf_dechain: unreferencing %p\n", (void *)q));
935 tail_gone = pbuf_free(q);
936 if (tail_gone > 0) {
937 LWIP_DEBUGF(PBUF_DEBUG | LWIP_DBG_TRACE,
938 ("pbuf_dechain: deallocated %p (as it is no longer referenced)\n", (void *)q));
939 }
940 /* return remaining tail or NULL if deallocated */
941 }
942 /* assert tot_len invariant: (p->tot_len == p->len + (p->next? p->next->tot_len: 0) */
943 LWIP_ASSERT("p->tot_len == p->len", p->tot_len == p->len);
944 return ((tail_gone > 0) ? NULL : q);
945 }
946
947 /**
948 * @ingroup pbuf
949 * Copy the contents of one packet buffer into another.
950 *
951 * @note Only one packet is copied, no packet queue!
952 *
953 * @param p_to pbuf destination of the copy
954 * @param p_from pbuf source of the copy
955 *
956 * @return ERR_OK if pbuf was copied
957 * ERR_ARG if one of the pbufs is NULL or p_to is not big
958 * enough to hold p_from
959 * ERR_VAL if any of the pbufs are part of a queue
960 */
961 err_t
pbuf_copy(struct pbuf * p_to,const struct pbuf * p_from)962 pbuf_copy(struct pbuf *p_to, const struct pbuf *p_from)
963 {
964 LWIP_DEBUGF(PBUF_DEBUG | LWIP_DBG_TRACE, ("pbuf_copy(%p, %p)\n",
965 (const void *)p_to, (const void *)p_from));
966
967 LWIP_ERROR("pbuf_copy: invalid source", p_from != NULL, return ERR_ARG;);
968 return pbuf_copy_partial_pbuf(p_to, p_from, p_from->tot_len, 0);
969 }
970
971 /**
972 * @ingroup pbuf
973 * Copy part or all of one packet buffer into another, to a specified offset.
974 *
975 * @note Only data in one packet is copied, no packet queue!
976 * @note Argument order is shared with pbuf_copy, but different than pbuf_copy_partial.
977 *
978 * @param p_to pbuf destination of the copy
979 * @param p_from pbuf source of the copy
980 * @param copy_len number of bytes to copy
981 * @param offset offset in destination pbuf where to copy to
982 *
983 * @return ERR_OK if copy_len bytes were copied
984 * ERR_ARG if one of the pbufs is NULL or p_from is shorter than copy_len
985 * or p_to is not big enough to hold copy_len at offset
986 * ERR_VAL if any of the pbufs are part of a queue
987 */
988 err_t
pbuf_copy_partial_pbuf(struct pbuf * p_to,const struct pbuf * p_from,u16_t copy_len,u16_t offset)989 pbuf_copy_partial_pbuf(struct pbuf *p_to, const struct pbuf *p_from, u16_t copy_len, u16_t offset)
990 {
991 size_t offset_to = offset, offset_from = 0, len;
992
993 LWIP_DEBUGF(PBUF_DEBUG | LWIP_DBG_TRACE, ("pbuf_copy_partial_pbuf(%p, %p, %"U16_F", %"U16_F")\n",
994 (const void *)p_to, (const void *)p_from, copy_len, offset));
995
996 /* is the copy_len in range? */
997 LWIP_ERROR("pbuf_copy_partial_pbuf: copy_len bigger than source", ((p_from != NULL) &&
998 (p_from->tot_len >= copy_len)), return ERR_ARG;);
999 /* is the target big enough to hold the source? */
1000 LWIP_ERROR("pbuf_copy_partial_pbuf: target not big enough", ((p_to != NULL) &&
1001 (p_to->tot_len >= (offset + copy_len))), return ERR_ARG;);
1002
1003 /* iterate through pbuf chain */
1004 do {
1005 /* copy one part of the original chain */
1006 if ((p_to->len - offset_to) >= (p_from->len - offset_from)) {
1007 /* complete current p_from fits into current p_to */
1008 len = p_from->len - offset_from;
1009 } else {
1010 /* current p_from does not fit into current p_to */
1011 len = p_to->len - offset_to;
1012 }
1013 len = LWIP_MIN(copy_len, len);
1014 MEMCPY((u8_t *)p_to->payload + offset_to, (u8_t *)p_from->payload + offset_from, len);
1015 offset_to += len;
1016 offset_from += len;
1017 copy_len = (u16_t)(copy_len - len);
1018 LWIP_ASSERT("offset_to <= p_to->len", offset_to <= p_to->len);
1019 LWIP_ASSERT("offset_from <= p_from->len", offset_from <= p_from->len);
1020 if (offset_from >= p_from->len) {
1021 /* on to next p_from (if any) */
1022 offset_from = 0;
1023 p_from = p_from->next;
1024 LWIP_ERROR("p_from != NULL", (p_from != NULL) || (copy_len == 0), return ERR_ARG;);
1025 }
1026 if (offset_to == p_to->len) {
1027 /* on to next p_to (if any) */
1028 offset_to = 0;
1029 p_to = p_to->next;
1030 LWIP_ERROR("p_to != NULL", (p_to != NULL) || (copy_len == 0), return ERR_ARG;);
1031 }
1032
1033 if ((p_from != NULL) && (p_from->len == p_from->tot_len)) {
1034 /* don't copy more than one packet! */
1035 LWIP_ERROR("pbuf_copy_partial_pbuf() does not allow packet queues!",
1036 (p_from->next == NULL), return ERR_VAL;);
1037 }
1038 if ((p_to != NULL) && (p_to->len == p_to->tot_len)) {
1039 /* don't copy more than one packet! */
1040 LWIP_ERROR("pbuf_copy_partial_pbuf() does not allow packet queues!",
1041 (p_to->next == NULL), return ERR_VAL;);
1042 }
1043 } while (copy_len);
1044 LWIP_DEBUGF(PBUF_DEBUG | LWIP_DBG_TRACE, ("pbuf_copy_partial_pbuf: copy complete.\n"));
1045 return ERR_OK;
1046 }
1047
1048 /**
1049 * @ingroup pbuf
1050 * Copy (part of) the contents of a packet buffer
1051 * to an application supplied buffer.
1052 *
1053 * @param buf the pbuf from which to copy data
1054 * @param dataptr the application supplied buffer
1055 * @param len length of data to copy (dataptr must be big enough). No more
1056 * than buf->tot_len will be copied, irrespective of len
1057 * @param offset offset into the packet buffer from where to begin copying len bytes
1058 * @return the number of bytes copied, or 0 on failure
1059 */
1060 u16_t
pbuf_copy_partial(const struct pbuf * buf,void * dataptr,u16_t len,u16_t offset)1061 pbuf_copy_partial(const struct pbuf *buf, void *dataptr, u16_t len, u16_t offset)
1062 {
1063 const struct pbuf *p;
1064 u16_t left = 0;
1065 u16_t buf_copy_len;
1066 u16_t copied_total = 0;
1067
1068 LWIP_ERROR("pbuf_copy_partial: invalid buf", (buf != NULL), return 0;);
1069 LWIP_ERROR("pbuf_copy_partial: invalid dataptr", (dataptr != NULL), return 0;);
1070
1071 /* Note some systems use byte copy if dataptr or one of the pbuf payload pointers are unaligned. */
1072 for (p = buf; len != 0 && p != NULL; p = p->next) {
1073 if ((offset != 0) && (offset >= p->len)) {
1074 /* don't copy from this buffer -> on to the next */
1075 offset = (u16_t)(offset - p->len);
1076 } else {
1077 /* copy from this buffer. maybe only partially. */
1078 buf_copy_len = (u16_t)(p->len - offset);
1079 if (buf_copy_len > len) {
1080 buf_copy_len = len;
1081 }
1082 /* copy the necessary parts of the buffer */
1083 MEMCPY(&((char *)dataptr)[left], &((char *)p->payload)[offset], buf_copy_len);
1084 copied_total = (u16_t)(copied_total + buf_copy_len);
1085 left = (u16_t)(left + buf_copy_len);
1086 len = (u16_t)(len - buf_copy_len);
1087 offset = 0;
1088 }
1089 }
1090 return copied_total;
1091 }
1092
1093 /**
1094 * @ingroup pbuf
1095 * Get part of a pbuf's payload as contiguous memory. The returned memory is
1096 * either a pointer into the pbuf's payload or, if split over multiple pbufs,
1097 * a copy into the user-supplied buffer.
1098 *
1099 * @param p the pbuf from which to copy data
1100 * @param buffer the application supplied buffer. May be NULL if the caller does not
1101 * want to copy. In this case, offset + len should be checked against p->tot_len,
1102 * since there's no way for the caller to know why NULL is returned.
1103 * @param bufsize size of the application supplied buffer (when buffer is != NULL)
1104 * @param len length of data to copy (p and buffer must be big enough)
1105 * @param offset offset into the packet buffer from where to begin copying len bytes
1106 * @return - pointer into pbuf payload if that is already contiguous (no copy needed)
1107 * - pointer to 'buffer' if data was not contiguous and had to be copied
1108 * - NULL on error
1109 */
1110 void *
pbuf_get_contiguous(const struct pbuf * p,void * buffer,size_t bufsize,u16_t len,u16_t offset)1111 pbuf_get_contiguous(const struct pbuf *p, void *buffer, size_t bufsize, u16_t len, u16_t offset)
1112 {
1113 const struct pbuf *q;
1114 u16_t out_offset;
1115
1116 LWIP_ERROR("pbuf_get_contiguous: invalid buf", (p != NULL), return NULL;);
1117 LWIP_ERROR("pbuf_get_contiguous: invalid bufsize", (buffer == NULL) || (bufsize >= len), return NULL;);
1118
1119 q = pbuf_skip_const(p, offset, &out_offset);
1120 if (q != NULL) {
1121 if (q->len >= (out_offset + len)) {
1122 /* all data in this pbuf, return zero-copy */
1123 return (u8_t *)q->payload + out_offset;
1124 }
1125 if (buffer == NULL) {
1126 /* the caller does not want to copy */
1127 return NULL;
1128 }
1129 /* need to copy */
1130 if (pbuf_copy_partial(q, buffer, len, out_offset) != len) {
1131 /* copying failed: pbuf is too short */
1132 return NULL;
1133 }
1134 return buffer;
1135 }
1136 /* pbuf is too short (offset does not fit in) */
1137 return NULL;
1138 }
1139
1140 #if LWIP_TCP && TCP_QUEUE_OOSEQ && LWIP_WND_SCALE
1141 /**
1142 * This method modifies a 'pbuf chain', so that its total length is
1143 * smaller than 64K. The remainder of the original pbuf chain is stored
1144 * in *rest.
1145 * This function never creates new pbufs, but splits an existing chain
1146 * in two parts. The tot_len of the modified packet queue will likely be
1147 * smaller than 64K.
1148 * 'packet queues' are not supported by this function.
1149 *
1150 * @param p the pbuf queue to be split
1151 * @param rest pointer to store the remainder (after the first 64K)
1152 */
pbuf_split_64k(struct pbuf * p,struct pbuf ** rest)1153 void pbuf_split_64k(struct pbuf *p, struct pbuf **rest)
1154 {
1155 *rest = NULL;
1156 if ((p != NULL) && (p->next != NULL)) {
1157 u16_t tot_len_front = p->len;
1158 struct pbuf *i = p;
1159 struct pbuf *r = p->next;
1160
1161 /* continue until the total length (summed up as u16_t) overflows */
1162 while ((r != NULL) && ((u16_t)(tot_len_front + r->len) >= tot_len_front)) {
1163 tot_len_front = (u16_t)(tot_len_front + r->len);
1164 i = r;
1165 r = r->next;
1166 }
1167 /* i now points to last packet of the first segment. Set next
1168 pointer to NULL */
1169 i->next = NULL;
1170
1171 if (r != NULL) {
1172 /* Update the tot_len field in the first part */
1173 for (i = p; i != NULL; i = i->next) {
1174 i->tot_len = (u16_t)(i->tot_len - r->tot_len);
1175 LWIP_ASSERT("tot_len/len mismatch in last pbuf",
1176 (i->next != NULL) || (i->tot_len == i->len));
1177 }
1178 if (p->flags & PBUF_FLAG_TCP_FIN) {
1179 r->flags |= PBUF_FLAG_TCP_FIN;
1180 }
1181
1182 /* tot_len field in rest does not need modifications */
1183 /* reference counters do not need modifications */
1184 *rest = r;
1185 }
1186 }
1187 }
1188 #endif /* LWIP_TCP && TCP_QUEUE_OOSEQ && LWIP_WND_SCALE */
1189
1190 /* Actual implementation of pbuf_skip() but returning const pointer... */
1191 static const struct pbuf *
pbuf_skip_const(const struct pbuf * in,u16_t in_offset,u16_t * out_offset)1192 pbuf_skip_const(const struct pbuf *in, u16_t in_offset, u16_t *out_offset)
1193 {
1194 u16_t offset_left = in_offset;
1195 const struct pbuf *q = in;
1196
1197 /* get the correct pbuf */
1198 while ((q != NULL) && (q->len <= offset_left)) {
1199 offset_left = (u16_t)(offset_left - q->len);
1200 q = q->next;
1201 }
1202 if (out_offset != NULL) {
1203 *out_offset = offset_left;
1204 }
1205 return q;
1206 }
1207
1208 /**
1209 * @ingroup pbuf
1210 * Skip a number of bytes at the start of a pbuf
1211 *
1212 * @param in input pbuf
1213 * @param in_offset offset to skip
1214 * @param out_offset resulting offset in the returned pbuf
1215 * @return the pbuf in the queue where the offset is or NULL when the offset is too high
1216 */
1217 struct pbuf *
pbuf_skip(struct pbuf * in,u16_t in_offset,u16_t * out_offset)1218 pbuf_skip(struct pbuf *in, u16_t in_offset, u16_t *out_offset)
1219 {
1220 const struct pbuf *out = pbuf_skip_const(in, in_offset, out_offset);
1221 return LWIP_CONST_CAST(struct pbuf *, out);
1222 }
1223
1224 /**
1225 * @ingroup pbuf
1226 * Copy application supplied data into a pbuf.
1227 * This function can only be used to copy the equivalent of buf->tot_len data.
1228 *
1229 * @param buf pbuf to fill with data
1230 * @param dataptr application supplied data buffer
1231 * @param len length of the application supplied data buffer
1232 *
1233 * @return ERR_OK if successful, ERR_MEM if the pbuf is not big enough
1234 */
1235 err_t
pbuf_take(struct pbuf * buf,const void * dataptr,u16_t len)1236 pbuf_take(struct pbuf *buf, const void *dataptr, u16_t len)
1237 {
1238 struct pbuf *p;
1239 size_t buf_copy_len;
1240 size_t total_copy_len = len;
1241 size_t copied_total = 0;
1242
1243 LWIP_ERROR("pbuf_take: invalid buf", (buf != NULL), return ERR_ARG;);
1244 LWIP_ERROR("pbuf_take: invalid dataptr", (dataptr != NULL), return ERR_ARG;);
1245 LWIP_ERROR("pbuf_take: buf not large enough", (buf->tot_len >= len), return ERR_MEM;);
1246
1247 if ((buf == NULL) || (dataptr == NULL) || (buf->tot_len < len)) {
1248 return ERR_ARG;
1249 }
1250
1251 /* Note some systems use byte copy if dataptr or one of the pbuf payload pointers are unaligned. */
1252 for (p = buf; total_copy_len != 0; p = p->next) {
1253 LWIP_ASSERT("pbuf_take: invalid pbuf", p != NULL);
1254 buf_copy_len = total_copy_len;
1255 if (buf_copy_len > p->len) {
1256 /* this pbuf cannot hold all remaining data */
1257 buf_copy_len = p->len;
1258 }
1259 /* copy the necessary parts of the buffer */
1260 MEMCPY(p->payload, &((const char *)dataptr)[copied_total], buf_copy_len);
1261 total_copy_len -= buf_copy_len;
1262 copied_total += buf_copy_len;
1263 }
1264 LWIP_ASSERT("did not copy all data", total_copy_len == 0 && copied_total == len);
1265 return ERR_OK;
1266 }
1267
1268 /**
1269 * @ingroup pbuf
1270 * Same as pbuf_take() but puts data at an offset
1271 *
1272 * @param buf pbuf to fill with data
1273 * @param dataptr application supplied data buffer
1274 * @param len length of the application supplied data buffer
1275 * @param offset offset in pbuf where to copy dataptr to
1276 *
1277 * @return ERR_OK if successful, ERR_MEM if the pbuf is not big enough
1278 */
1279 err_t
pbuf_take_at(struct pbuf * buf,const void * dataptr,u16_t len,u16_t offset)1280 pbuf_take_at(struct pbuf *buf, const void *dataptr, u16_t len, u16_t offset)
1281 {
1282 u16_t target_offset;
1283 struct pbuf *q = pbuf_skip(buf, offset, &target_offset);
1284
1285 /* return requested data if pbuf is OK */
1286 if ((q != NULL) && (q->tot_len >= target_offset + len)) {
1287 u16_t remaining_len = len;
1288 const u8_t *src_ptr = (const u8_t *)dataptr;
1289 /* copy the part that goes into the first pbuf */
1290 u16_t first_copy_len;
1291 LWIP_ASSERT("check pbuf_skip result", target_offset < q->len);
1292 first_copy_len = (u16_t)LWIP_MIN(q->len - target_offset, len);
1293 MEMCPY(((u8_t *)q->payload) + target_offset, dataptr, first_copy_len);
1294 remaining_len = (u16_t)(remaining_len - first_copy_len);
1295 src_ptr += first_copy_len;
1296 if (remaining_len > 0) {
1297 return pbuf_take(q->next, src_ptr, remaining_len);
1298 }
1299 return ERR_OK;
1300 }
1301 return ERR_MEM;
1302 }
1303
1304 /**
1305 * @ingroup pbuf
1306 * Creates a single pbuf out of a queue of pbufs.
1307 *
1308 * @remark: Either the source pbuf 'p' is freed by this function or the original
1309 * pbuf 'p' is returned, therefore the caller has to check the result!
1310 *
1311 * @param p the source pbuf
1312 * @param layer pbuf_layer of the new pbuf
1313 *
1314 * @return a new, single pbuf (p->next is NULL)
1315 * or the old pbuf if allocation fails
1316 */
1317 struct pbuf *
pbuf_coalesce(struct pbuf * p,pbuf_layer layer)1318 pbuf_coalesce(struct pbuf *p, pbuf_layer layer)
1319 {
1320 struct pbuf *q;
1321 if (p->next == NULL) {
1322 return p;
1323 }
1324 q = pbuf_clone(layer, PBUF_RAM, p);
1325 if (q == NULL) {
1326 /* @todo: what do we do now? */
1327 return p;
1328 }
1329 pbuf_free(p);
1330 return q;
1331 }
1332
1333 /**
1334 * @ingroup pbuf
1335 * Allocates a new pbuf of same length (via pbuf_alloc()) and copies the source
1336 * pbuf into this new pbuf (using pbuf_copy()).
1337 *
1338 * @param layer pbuf_layer of the new pbuf
1339 * @param type this parameter decides how and where the pbuf should be allocated
1340 * (@see pbuf_alloc())
1341 * @param p the source pbuf
1342 *
1343 * @return a new pbuf or NULL if allocation fails
1344 */
1345 struct pbuf *
pbuf_clone(pbuf_layer layer,pbuf_type type,struct pbuf * p)1346 pbuf_clone(pbuf_layer layer, pbuf_type type, struct pbuf *p)
1347 {
1348 struct pbuf *q;
1349 err_t err;
1350 q = pbuf_alloc(layer, p->tot_len, type);
1351 if (q == NULL) {
1352 return NULL;
1353 }
1354 err = pbuf_copy(q, p);
1355 LWIP_UNUSED_ARG(err); /* in case of LWIP_NOASSERT */
1356 LWIP_ASSERT("pbuf_copy failed", err == ERR_OK);
1357 return q;
1358 }
1359
1360 #if LWIP_CHECKSUM_ON_COPY
1361 /**
1362 * Copies data into a single pbuf (*not* into a pbuf queue!) and updates
1363 * the checksum while copying
1364 *
1365 * @param p the pbuf to copy data into
1366 * @param start_offset offset of p->payload where to copy the data to
1367 * @param dataptr data to copy into the pbuf
1368 * @param len length of data to copy into the pbuf
1369 * @param chksum pointer to the checksum which is updated
1370 * @return ERR_OK if successful, another error if the data does not fit
1371 * within the (first) pbuf (no pbuf queues!)
1372 */
1373 err_t
pbuf_fill_chksum(struct pbuf * p,u16_t start_offset,const void * dataptr,u16_t len,u16_t * chksum)1374 pbuf_fill_chksum(struct pbuf *p, u16_t start_offset, const void *dataptr,
1375 u16_t len, u16_t *chksum)
1376 {
1377 u32_t acc;
1378 u16_t copy_chksum;
1379 char *dst_ptr;
1380 LWIP_ASSERT("p != NULL", p != NULL);
1381 LWIP_ASSERT("dataptr != NULL", dataptr != NULL);
1382 LWIP_ASSERT("chksum != NULL", chksum != NULL);
1383 LWIP_ASSERT("len != 0", len != 0);
1384
1385 if ((start_offset >= p->len) || (start_offset + len > p->len)) {
1386 return ERR_ARG;
1387 }
1388
1389 dst_ptr = ((char *)p->payload) + start_offset;
1390 copy_chksum = LWIP_CHKSUM_COPY(dst_ptr, dataptr, len);
1391 if ((start_offset & 1) != 0) {
1392 copy_chksum = SWAP_BYTES_IN_WORD(copy_chksum);
1393 }
1394 acc = *chksum;
1395 acc += copy_chksum;
1396 *chksum = FOLD_U32T(acc);
1397 return ERR_OK;
1398 }
1399 #endif /* LWIP_CHECKSUM_ON_COPY */
1400
1401 /**
1402 * @ingroup pbuf
1403 * Get one byte from the specified position in a pbuf
1404 * WARNING: returns zero for offset >= p->tot_len
1405 *
1406 * @param p pbuf to parse
1407 * @param offset offset into p of the byte to return
1408 * @return byte at an offset into p OR ZERO IF 'offset' >= p->tot_len
1409 */
1410 u8_t
pbuf_get_at(const struct pbuf * p,u16_t offset)1411 pbuf_get_at(const struct pbuf *p, u16_t offset)
1412 {
1413 int ret = pbuf_try_get_at(p, offset);
1414 if (ret >= 0) {
1415 return (u8_t)ret;
1416 }
1417 return 0;
1418 }
1419
1420 /**
1421 * @ingroup pbuf
1422 * Get one byte from the specified position in a pbuf
1423 *
1424 * @param p pbuf to parse
1425 * @param offset offset into p of the byte to return
1426 * @return byte at an offset into p [0..0xFF] OR negative if 'offset' >= p->tot_len
1427 */
1428 int
pbuf_try_get_at(const struct pbuf * p,u16_t offset)1429 pbuf_try_get_at(const struct pbuf *p, u16_t offset)
1430 {
1431 u16_t q_idx;
1432 const struct pbuf *q = pbuf_skip_const(p, offset, &q_idx);
1433
1434 /* return requested data if pbuf is OK */
1435 if ((q != NULL) && (q->len > q_idx)) {
1436 return ((u8_t *)q->payload)[q_idx];
1437 }
1438 return -1;
1439 }
1440
1441 /**
1442 * @ingroup pbuf
1443 * Put one byte to the specified position in a pbuf
1444 * WARNING: silently ignores offset >= p->tot_len
1445 *
1446 * @param p pbuf to fill
1447 * @param offset offset into p of the byte to write
1448 * @param data byte to write at an offset into p
1449 */
1450 void
pbuf_put_at(struct pbuf * p,u16_t offset,u8_t data)1451 pbuf_put_at(struct pbuf *p, u16_t offset, u8_t data)
1452 {
1453 u16_t q_idx;
1454 struct pbuf *q = pbuf_skip(p, offset, &q_idx);
1455
1456 /* write requested data if pbuf is OK */
1457 if ((q != NULL) && (q->len > q_idx)) {
1458 ((u8_t *)q->payload)[q_idx] = data;
1459 }
1460 }
1461
1462 /**
1463 * @ingroup pbuf
1464 * Compare pbuf contents at specified offset with memory s2, both of length n
1465 *
1466 * @param p pbuf to compare
1467 * @param offset offset into p at which to start comparing
1468 * @param s2 buffer to compare
1469 * @param n length of buffer to compare
1470 * @return zero if equal, nonzero otherwise
1471 * (0xffff if p is too short, diffoffset+1 otherwise)
1472 */
1473 u16_t
pbuf_memcmp(const struct pbuf * p,u16_t offset,const void * s2,u16_t n)1474 pbuf_memcmp(const struct pbuf *p, u16_t offset, const void *s2, u16_t n)
1475 {
1476 u16_t start = offset;
1477 const struct pbuf *q = p;
1478 u16_t i;
1479
1480 /* pbuf long enough to perform check? */
1481 if (p->tot_len < (offset + n)) {
1482 return 0xffff;
1483 }
1484
1485 /* get the correct pbuf from chain. We know it succeeds because of p->tot_len check above. */
1486 while ((q != NULL) && (q->len <= start)) {
1487 start = (u16_t)(start - q->len);
1488 q = q->next;
1489 }
1490
1491 /* return requested data if pbuf is OK */
1492 for (i = 0; i < n; i++) {
1493 /* We know pbuf_get_at() succeeds because of p->tot_len check above. */
1494 u8_t a = pbuf_get_at(q, (u16_t)(start + i));
1495 u8_t b = ((const u8_t *)s2)[i];
1496 if (a != b) {
1497 return (u16_t)LWIP_MIN(i + 1, 0xFFFF);
1498 }
1499 }
1500 return 0;
1501 }
1502
1503 /**
1504 * @ingroup pbuf
1505 * Find occurrence of mem (with length mem_len) in pbuf p, starting at offset
1506 * start_offset.
1507 *
1508 * @param p pbuf to search, maximum length is 0xFFFE since 0xFFFF is used as
1509 * return value 'not found'
1510 * @param mem search for the contents of this buffer
1511 * @param mem_len length of 'mem'
1512 * @param start_offset offset into p at which to start searching
1513 * @return 0xFFFF if substr was not found in p or the index where it was found
1514 */
1515 u16_t
pbuf_memfind(const struct pbuf * p,const void * mem,u16_t mem_len,u16_t start_offset)1516 pbuf_memfind(const struct pbuf *p, const void *mem, u16_t mem_len, u16_t start_offset)
1517 {
1518 u16_t i;
1519 u16_t max_cmp_start = (u16_t)(p->tot_len - mem_len);
1520 if (p->tot_len >= mem_len + start_offset) {
1521 for (i = start_offset; i <= max_cmp_start; i++) {
1522 u16_t plus = pbuf_memcmp(p, i, mem, mem_len);
1523 if (plus == 0) {
1524 return i;
1525 }
1526 }
1527 }
1528 return 0xFFFF;
1529 }
1530
1531 /**
1532 * Find occurrence of substr with length substr_len in pbuf p, start at offset
1533 * start_offset
1534 * WARNING: in contrast to strstr(), this one does not stop at the first \0 in
1535 * the pbuf/source string!
1536 *
1537 * @param p pbuf to search, maximum length is 0xFFFE since 0xFFFF is used as
1538 * return value 'not found'
1539 * @param substr string to search for in p, maximum length is 0xFFFE
1540 * @return 0xFFFF if substr was not found in p or the index where it was found
1541 */
1542 u16_t
pbuf_strstr(const struct pbuf * p,const char * substr)1543 pbuf_strstr(const struct pbuf *p, const char *substr)
1544 {
1545 size_t substr_len;
1546 if ((substr == NULL) || (substr[0] == 0) || (p->tot_len == 0xFFFF)) {
1547 return 0xFFFF;
1548 }
1549 substr_len = strlen(substr);
1550 if (substr_len >= 0xFFFF) {
1551 return 0xFFFF;
1552 }
1553 return pbuf_memfind(p, substr, (u16_t)substr_len, 0);
1554 }
1555