FreeBSD/Linux Kernel Cross Reference
sys/netgraph/ng_bpf.c
1
2 /*
3 * ng_bpf.c
4 *
5 * Copyright (c) 1999 Whistle Communications, Inc.
6 * All rights reserved.
7 *
8 * Subject to the following obligations and disclaimer of warranty, use and
9 * redistribution of this software, in source or object code forms, with or
10 * without modifications are expressly permitted by Whistle Communications;
11 * provided, however, that:
12 * 1. Any and all reproductions of the source or object code must include the
13 * copyright notice above and the following disclaimer of warranties; and
14 * 2. No rights are granted, in any manner or form, to use Whistle
15 * Communications, Inc. trademarks, including the mark "WHISTLE
16 * COMMUNICATIONS" on advertising, endorsements, or otherwise except as
17 * such appears in the above copyright notice or in the software.
18 *
19 * THIS SOFTWARE IS BEING PROVIDED BY WHISTLE COMMUNICATIONS "AS IS", AND
20 * TO THE MAXIMUM EXTENT PERMITTED BY LAW, WHISTLE COMMUNICATIONS MAKES NO
21 * REPRESENTATIONS OR WARRANTIES, EXPRESS OR IMPLIED, REGARDING THIS SOFTWARE,
22 * INCLUDING WITHOUT LIMITATION, ANY AND ALL IMPLIED WARRANTIES OF
23 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT.
24 * WHISTLE COMMUNICATIONS DOES NOT WARRANT, GUARANBPF, OR MAKE ANY
25 * REPRESENTATIONS REGARDING THE USE OF, OR THE RESULTS OF THE USE OF THIS
26 * SOFTWARE IN TERMS OF ITS CORRECTNESS, ACCURACY, RELIABILITY OR OTHERWISE.
27 * IN NO EVENT SHALL WHISTLE COMMUNICATIONS BE LIABLE FOR ANY DAMAGES
28 * RESULTING FROM OR ARISING OUT OF ANY USE OF THIS SOFTWARE, INCLUDING
29 * WITHOUT LIMITATION, ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
30 * PUNITIVE, OR CONSEQUENTIAL DAMAGES, PROCUREMENT OF SUBSTITUTE GOODS OR
31 * SERVICES, LOSS OF USE, DATA OR PROFITS, HOWEVER CAUSED AND UNDER ANY
32 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
33 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
34 * THIS SOFTWARE, EVEN IF WHISTLE COMMUNICATIONS IS ADVISED OF THE POSSIBILITY
35 * OF SUCH DAMAGE.
36 *
37 * Author: Archie Cobbs <archie@freebsd.org>
38 *
39 * $FreeBSD$
40 * $Whistle: ng_bpf.c,v 1.3 1999/12/03 20:30:23 archie Exp $
41 */
42
43 /*
44 * BPF NETGRAPH NODE TYPE
45 *
46 * This node type accepts any number of hook connections. With each hook
47 * is associated a bpf(4) filter program, and two hook names (each possibly
48 * the empty string). Incoming packets are compared against the filter;
49 * matching packets are delivered out the first named hook (or dropped if
50 * the empty string), and non-matching packets are delivered out the second
51 * named hook (or dropped if the empty string).
52 *
53 * Each hook also keeps statistics about how many packets have matched, etc.
54 */
55
56 #include <sys/param.h>
57 #include <sys/systm.h>
58 #include <sys/errno.h>
59 #include <sys/kernel.h>
60 #include <sys/malloc.h>
61 #include <sys/mbuf.h>
62
63 #include <net/bpf.h>
64
65 #include <netgraph/ng_message.h>
66 #include <netgraph/netgraph.h>
67 #include <netgraph/ng_parse.h>
68 #include <netgraph/ng_bpf.h>
69
70 #define OFFSETOF(s, e) ((char *)&((s *)0)->e - (char *)((s *)0))
71
72 #define ERROUT(x) do { error = (x); goto done; } while (0)
73
74 /* Per hook private info */
75 struct ng_bpf_hookinfo {
76 node_p node;
77 hook_p hook;
78 struct ng_bpf_hookprog *prog;
79 struct ng_bpf_hookstat stats;
80 };
81 typedef struct ng_bpf_hookinfo *hinfo_p;
82
83 /* Netgraph methods */
84 static ng_constructor_t ng_bpf_constructor;
85 static ng_rcvmsg_t ng_bpf_rcvmsg;
86 static ng_shutdown_t ng_bpf_rmnode;
87 static ng_newhook_t ng_bpf_newhook;
88 static ng_rcvdata_t ng_bpf_rcvdata;
89 static ng_disconnect_t ng_bpf_disconnect;
90
91 /* Internal helper functions */
92 static int ng_bpf_setprog(hook_p hook, const struct ng_bpf_hookprog *hp);
93
94 /* Parse type for one struct bfp_insn */
95 static const struct ng_parse_struct_info ng_bpf_insn_type_info = {
96 {
97 { "code", &ng_parse_int16_type },
98 { "jt", &ng_parse_int8_type },
99 { "jf", &ng_parse_int8_type },
100 { "k", &ng_parse_int32_type },
101 { NULL }
102 }
103 };
104 static const struct ng_parse_type ng_bpf_insn_type = {
105 &ng_parse_struct_type,
106 &ng_bpf_insn_type_info
107 };
108
109 /* Parse type for the field 'bpf_prog' in struct ng_bpf_hookprog */
110 static int
111 ng_bpf_hookprogary_getLength(const struct ng_parse_type *type,
112 const u_char *start, const u_char *buf)
113 {
114 const struct ng_bpf_hookprog *hp;
115
116 hp = (const struct ng_bpf_hookprog *)
117 (buf - OFFSETOF(struct ng_bpf_hookprog, bpf_prog));
118 return hp->bpf_prog_len;
119 }
120
121 static const struct ng_parse_array_info ng_bpf_hookprogary_info = {
122 &ng_bpf_insn_type,
123 &ng_bpf_hookprogary_getLength,
124 NULL
125 };
126 static const struct ng_parse_type ng_bpf_hookprogary_type = {
127 &ng_parse_array_type,
128 &ng_bpf_hookprogary_info
129 };
130
131 /* Parse type for struct ng_bpf_hookprog */
132 static const struct ng_parse_struct_info ng_bpf_hookprog_type_info
133 = NG_BPF_HOOKPROG_TYPE_INFO(&ng_bpf_hookprogary_type);
134 static const struct ng_parse_type ng_bpf_hookprog_type = {
135 &ng_parse_struct_type,
136 &ng_bpf_hookprog_type_info
137 };
138
139 /* Parse type for struct ng_bpf_hookstat */
140 static const struct ng_parse_struct_info
141 ng_bpf_hookstat_type_info = NG_BPF_HOOKSTAT_TYPE_INFO;
142 static const struct ng_parse_type ng_bpf_hookstat_type = {
143 &ng_parse_struct_type,
144 &ng_bpf_hookstat_type_info
145 };
146
147 /* List of commands and how to convert arguments to/from ASCII */
148 static const struct ng_cmdlist ng_bpf_cmdlist[] = {
149 {
150 NGM_BPF_COOKIE,
151 NGM_BPF_SET_PROGRAM,
152 "setprogram",
153 &ng_bpf_hookprog_type,
154 NULL
155 },
156 {
157 NGM_BPF_COOKIE,
158 NGM_BPF_GET_PROGRAM,
159 "getprogram",
160 &ng_parse_hookbuf_type,
161 &ng_bpf_hookprog_type
162 },
163 {
164 NGM_BPF_COOKIE,
165 NGM_BPF_GET_STATS,
166 "getstats",
167 &ng_parse_hookbuf_type,
168 &ng_bpf_hookstat_type
169 },
170 {
171 NGM_BPF_COOKIE,
172 NGM_BPF_CLR_STATS,
173 "clrstats",
174 &ng_parse_hookbuf_type,
175 NULL
176 },
177 {
178 NGM_BPF_COOKIE,
179 NGM_BPF_GETCLR_STATS,
180 "getclrstats",
181 &ng_parse_hookbuf_type,
182 &ng_bpf_hookstat_type
183 },
184 { 0 }
185 };
186
187 /* Netgraph type descriptor */
188 static struct ng_type typestruct = {
189 NG_VERSION,
190 NG_BPF_NODE_TYPE,
191 NULL,
192 ng_bpf_constructor,
193 ng_bpf_rcvmsg,
194 ng_bpf_rmnode,
195 ng_bpf_newhook,
196 NULL,
197 NULL,
198 ng_bpf_rcvdata,
199 ng_bpf_rcvdata,
200 ng_bpf_disconnect,
201 ng_bpf_cmdlist
202 };
203 NETGRAPH_INIT(bpf, &typestruct);
204
205 /* Default BPF program for a hook that matches nothing */
206 static const struct ng_bpf_hookprog ng_bpf_default_prog = {
207 { '\0' }, /* to be filled in at hook creation time */
208 { '\0' },
209 { '\0' },
210 1,
211 { BPF_STMT(BPF_RET+BPF_K, 0) }
212 };
213
214 /*
215 * Node constructor
216 *
217 * We don't keep any per-node private data
218 */
219 static int
220 ng_bpf_constructor(node_p *nodep)
221 {
222 int error = 0;
223
224 if ((error = ng_make_node_common(&typestruct, nodep)))
225 return (error);
226 (*nodep)->private = NULL;
227 return (0);
228 }
229
230 /*
231 * Add a hook
232 */
233 static int
234 ng_bpf_newhook(node_p node, hook_p hook, const char *name)
235 {
236 hinfo_p hip;
237 int error;
238
239 /* Create hook private structure */
240 MALLOC(hip, hinfo_p, sizeof(*hip), M_NETGRAPH, M_WAITOK);
241 if (hip == NULL)
242 return (ENOMEM);
243 bzero(hip, sizeof(*hip));
244 hip->hook = hook;
245 hook->private = hip;
246 hip->node = node;
247
248 /* Attach the default BPF program */
249 if ((error = ng_bpf_setprog(hook, &ng_bpf_default_prog)) != 0) {
250 FREE(hip, M_NETGRAPH);
251 hook->private = NULL;
252 return (error);
253 }
254
255 /* Set hook name */
256 strncpy(hip->prog->thisHook, name, sizeof(hip->prog->thisHook) - 1);
257 hip->prog->thisHook[sizeof(hip->prog->thisHook) - 1] = '\0';
258 return (0);
259 }
260
261 /*
262 * Receive a control message
263 */
264 static int
265 ng_bpf_rcvmsg(node_p node, struct ng_mesg *msg, const char *retaddr,
266 struct ng_mesg **rptr)
267 {
268 struct ng_mesg *resp = NULL;
269 int error = 0;
270
271 switch (msg->header.typecookie) {
272 case NGM_BPF_COOKIE:
273 switch (msg->header.cmd) {
274 case NGM_BPF_SET_PROGRAM:
275 {
276 struct ng_bpf_hookprog *const
277 hp = (struct ng_bpf_hookprog *)msg->data;
278 hook_p hook;
279
280 /* Sanity check */
281 if (msg->header.arglen < sizeof(*hp)
282 || msg->header.arglen
283 != NG_BPF_HOOKPROG_SIZE(hp->bpf_prog_len))
284 ERROUT(EINVAL);
285
286 /* Find hook */
287 if ((hook = ng_findhook(node, hp->thisHook)) == NULL)
288 ERROUT(ENOENT);
289
290 /* Set new program */
291 if ((error = ng_bpf_setprog(hook, hp)) != 0)
292 ERROUT(error);
293 break;
294 }
295
296 case NGM_BPF_GET_PROGRAM:
297 {
298 struct ng_bpf_hookprog *hp;
299 hook_p hook;
300
301 /* Sanity check */
302 if (msg->header.arglen == 0)
303 ERROUT(EINVAL);
304 msg->data[msg->header.arglen - 1] = '\0';
305
306 /* Find hook */
307 if ((hook = ng_findhook(node, msg->data)) == NULL)
308 ERROUT(ENOENT);
309
310 /* Build response */
311 hp = ((hinfo_p)hook->private)->prog;
312 NG_MKRESPONSE(resp, msg,
313 NG_BPF_HOOKPROG_SIZE(hp->bpf_prog_len), M_NOWAIT);
314 if (resp == NULL)
315 ERROUT(ENOMEM);
316 bcopy(hp, resp->data,
317 NG_BPF_HOOKPROG_SIZE(hp->bpf_prog_len));
318 break;
319 }
320
321 case NGM_BPF_GET_STATS:
322 case NGM_BPF_CLR_STATS:
323 case NGM_BPF_GETCLR_STATS:
324 {
325 struct ng_bpf_hookstat *stats;
326 hook_p hook;
327
328 /* Sanity check */
329 if (msg->header.arglen == 0)
330 ERROUT(EINVAL);
331 msg->data[msg->header.arglen - 1] = '\0';
332
333 /* Find hook */
334 if ((hook = ng_findhook(node, msg->data)) == NULL)
335 ERROUT(ENOENT);
336 stats = &((hinfo_p)hook->private)->stats;
337
338 /* Build response (if desired) */
339 if (msg->header.cmd != NGM_BPF_CLR_STATS) {
340 NG_MKRESPONSE(resp,
341 msg, sizeof(*stats), M_NOWAIT);
342 if (resp == NULL)
343 ERROUT(ENOMEM);
344 bcopy(stats, resp->data, sizeof(*stats));
345 }
346
347 /* Clear stats (if desired) */
348 if (msg->header.cmd != NGM_BPF_GET_STATS)
349 bzero(stats, sizeof(*stats));
350 break;
351 }
352
353 default:
354 error = EINVAL;
355 break;
356 }
357 break;
358 default:
359 error = EINVAL;
360 break;
361 }
362 if (rptr)
363 *rptr = resp;
364 else if (resp)
365 FREE(resp, M_NETGRAPH);
366
367 done:
368 FREE(msg, M_NETGRAPH);
369 return (error);
370 }
371
372 /*
373 * Receive data on a hook
374 *
375 * Apply the filter, and then drop or forward packet as appropriate.
376 */
377 static int
378 ng_bpf_rcvdata(hook_p hook, struct mbuf *m, meta_p meta)
379 {
380 const hinfo_p hip = hook->private;
381 int totlen = m->m_pkthdr.len;
382 int needfree = 0, error = 0;
383 u_char *data, buf[256];
384 hinfo_p dhip;
385 hook_p dest;
386 u_int len;
387
388 /* Update stats on incoming hook */
389 hip->stats.recvFrames++;
390 hip->stats.recvOctets += totlen;
391
392 /* Need to put packet in contiguous memory for bpf */
393 if (m->m_next != NULL) {
394 if (totlen > sizeof(buf)) {
395 MALLOC(data, u_char *, totlen, M_NETGRAPH, M_NOWAIT);
396 if (data == NULL) {
397 NG_FREE_DATA(m, meta);
398 return (ENOMEM);
399 }
400 needfree = 1;
401 } else
402 data = buf;
403 m_copydata(m, 0, totlen, (caddr_t)data);
404 } else
405 data = mtod(m, u_char *);
406
407 /* Run packet through filter */
408 len = bpf_filter(hip->prog->bpf_prog, data, totlen, totlen);
409 if (needfree)
410 FREE(data, M_NETGRAPH);
411
412 /* See if we got a match and find destination hook */
413 if (len > 0) {
414
415 /* Update stats */
416 hip->stats.recvMatchFrames++;
417 hip->stats.recvMatchOctets += totlen;
418
419 /* Truncate packet length if required by the filter */
420 if (len < totlen) {
421 m_adj(m, -(totlen - len));
422 totlen -= len;
423 }
424 dest = ng_findhook(hip->node, hip->prog->ifMatch);
425 } else
426 dest = ng_findhook(hip->node, hip->prog->ifNotMatch);
427 if (dest == NULL) {
428 NG_FREE_DATA(m, meta);
429 return (0);
430 }
431
432 /* Deliver frame out destination hook */
433 dhip = (hinfo_p)dest->private;
434 dhip->stats.xmitOctets += totlen;
435 dhip->stats.xmitFrames++;
436 NG_SEND_DATA(error, dest, m, meta);
437 return (error);
438 }
439
440 /*
441 * Shutdown processing
442 */
443 static int
444 ng_bpf_rmnode(node_p node)
445 {
446 node->flags |= NG_INVALID;
447 ng_cutlinks(node);
448 ng_unname(node);
449 ng_unref(node);
450 return (0);
451 }
452
453 /*
454 * Hook disconnection
455 */
456 static int
457 ng_bpf_disconnect(hook_p hook)
458 {
459 const hinfo_p hip = hook->private;
460
461 KASSERT(hip != NULL, ("%s: null info", __FUNCTION__));
462 FREE(hip->prog, M_NETGRAPH);
463 bzero(hip, sizeof(*hip));
464 FREE(hip, M_NETGRAPH);
465 hook->private = NULL; /* for good measure */
466 if (hook->node->numhooks == 0)
467 ng_rmnode(hook->node);
468 return (0);
469 }
470
471 /************************************************************************
472 HELPER STUFF
473 ************************************************************************/
474
475 /*
476 * Set the BPF program associated with a hook
477 */
478 static int
479 ng_bpf_setprog(hook_p hook, const struct ng_bpf_hookprog *hp0)
480 {
481 const hinfo_p hip = hook->private;
482 struct ng_bpf_hookprog *hp;
483 int size;
484
485 /* Check program for validity */
486 if (!bpf_validate(hp0->bpf_prog, hp0->bpf_prog_len))
487 return (EINVAL);
488
489 /* Make a copy of the program */
490 size = NG_BPF_HOOKPROG_SIZE(hp0->bpf_prog_len);
491 MALLOC(hp, struct ng_bpf_hookprog *, size, M_NETGRAPH, M_WAITOK);
492 if (hp == NULL)
493 return (ENOMEM);
494 bcopy(hp0, hp, size);
495
496 /* Free previous program, if any, and assign new one */
497 if (hip->prog != NULL)
498 FREE(hip->prog, M_NETGRAPH);
499 hip->prog = hp;
500 return (0);
501 }
502
Cache object: 5228d6ebb1abd7150b0ab313cdcc4f6d
|