Subject: adding mbuf member
To: None <>
From: Jun-ichiro itojun Hagino <>
List: tech-net
Date: 01/29/2000 16:38:30
	For keeping IPsec decryption history and other information,
	I would like to add one variable into mbuf header (M_PKTHDR),
	like below.  this will let us attach extra mbuf chain to mbuf.

	What I need to put right now are:
	- outbound case: socket pointer passed down from transport layer to
	- inbound case: decrypt history.  when we do onion-peeling, we need
	  to collect information about headers prior to transport layer header.
	  for example,
	  - if a packet has AH and is authenticated by MD5 checksum,
	    we need to remember the fact until we reach tranpsort layer.
	    now KAME does it it by 1-bit mbuf flag but is not very sufficient
	    if we do iterated tunnels.
	  - if a packet was encrypted by ESP, we need to remember this as well.
	    this goes the same as AH case (using 1-bit mbuf flag) but is not
	    sufficient for tunnelled cases.

	we may be able to use the buffer to keep information for

	I'm still wondering what kind of format is good for "aux" portion.
	I'm thinking about tagging mbuf on "aux" chain with commonly formatted
	data item like:
		struct tag {
			u_int8_t proto;
			u_int8_t code;
	By searching through "aux" chain, we can use the variable across
	various protocol handlers (not only ipsec, but also some others like
	filters maybe?).

	m_freem() needs to call m_freem(m->m_pkthdr.aux) as well to
	avoid memory leakage.

	downside of this is, of course, MHLEN becomes smaller by addition
	of pointer item.  having generic data item to "aux", I hope to
	avoid future member addition to mbuf structure.

	If it is okay to add this member, first step would be to use "aux"
	just to avoid overloading of m->m_pkthdr.rcvif to help if_detach and
	packet filters.  then, we'll implement extra mbuf chain handling
	and put socket information and other things into "aux"chain.
	I'll test it in KAME tree and bring it into netbsd, hopefully very soon.


--- sys/sys/mbuf.h-	Sun Dec 12 21:38:25 1999
+++ sys/sys/mbuf.h	Sat Jan 29 16:25:04 2000
@@ -120,6 +120,7 @@
 struct	pkthdr {
 	struct	ifnet *rcvif;		/* rcv interface */
 	int	len;			/* total packet length */
+	struct mbuf *aux;		/* aux data buffer; ipsec and others */
 /* description of external storage mapped into mbuf, valid if M_EXT set */