The Design and Implementation of the FreeBSD Operating System, Second Edition
Now available: The Design and Implementation of the FreeBSD Operating System (Second Edition)


[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]

FreeBSD/Linux Kernel Cross Reference
sys/netgraph/ng_bpf.c

Version: -  FREEBSD  -  FREEBSD-12-STABLE  -  FREEBSD-12-0  -  FREEBSD-11-STABLE  -  FREEBSD-11-2  -  FREEBSD-11-1  -  FREEBSD-11-0  -  FREEBSD-10-STABLE  -  FREEBSD-10-4  -  FREEBSD-10-3  -  FREEBSD-10-2  -  FREEBSD-10-1  -  FREEBSD-10-0  -  FREEBSD-9-STABLE  -  FREEBSD-9-3  -  FREEBSD-9-2  -  FREEBSD-9-1  -  FREEBSD-9-0  -  FREEBSD-8-STABLE  -  FREEBSD-8-4  -  FREEBSD-8-3  -  FREEBSD-8-2  -  FREEBSD-8-1  -  FREEBSD-8-0  -  FREEBSD-7-STABLE  -  FREEBSD-7-4  -  FREEBSD-7-3  -  FREEBSD-7-2  -  FREEBSD-7-1  -  FREEBSD-7-0  -  FREEBSD-6-STABLE  -  FREEBSD-6-4  -  FREEBSD-6-3  -  FREEBSD-6-2  -  FREEBSD-6-1  -  FREEBSD-6-0  -  FREEBSD-5-STABLE  -  FREEBSD-5-5  -  FREEBSD-5-4  -  FREEBSD-5-3  -  FREEBSD-5-2  -  FREEBSD-5-1  -  FREEBSD-5-0  -  FREEBSD-4-STABLE  -  FREEBSD-3-STABLE  -  FREEBSD22  -  linux-2.6  -  linux-2.4.22  -  MK83  -  MK84  -  PLAN9  -  DFBSD  -  NETBSD  -  NETBSD5  -  NETBSD4  -  NETBSD3  -  NETBSD20  -  OPENBSD  -  xnu-517  -  xnu-792  -  xnu-792.6.70  -  xnu-1228  -  xnu-1456.1.26  -  xnu-1699.24.8  -  xnu-2050.18.24  -  OPENSOLARIS  -  minix-3-1-1 
SearchContext: -  none  -  3  -  10 

    1 
    2 /*
    3  * ng_bpf.c
    4  *
    5  * Copyright (c) 1999 Whistle Communications, Inc.
    6  * All rights reserved.
    7  * 
    8  * Subject to the following obligations and disclaimer of warranty, use and
    9  * redistribution of this software, in source or object code forms, with or
   10  * without modifications are expressly permitted by Whistle Communications;
   11  * provided, however, that:
   12  * 1. Any and all reproductions of the source or object code must include the
   13  *    copyright notice above and the following disclaimer of warranties; and
   14  * 2. No rights are granted, in any manner or form, to use Whistle
   15  *    Communications, Inc. trademarks, including the mark "WHISTLE
   16  *    COMMUNICATIONS" on advertising, endorsements, or otherwise except as
   17  *    such appears in the above copyright notice or in the software.
   18  * 
   19  * THIS SOFTWARE IS BEING PROVIDED BY WHISTLE COMMUNICATIONS "AS IS", AND
   20  * TO THE MAXIMUM EXTENT PERMITTED BY LAW, WHISTLE COMMUNICATIONS MAKES NO
   21  * REPRESENTATIONS OR WARRANTIES, EXPRESS OR IMPLIED, REGARDING THIS SOFTWARE,
   22  * INCLUDING WITHOUT LIMITATION, ANY AND ALL IMPLIED WARRANTIES OF
   23  * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT.
   24  * WHISTLE COMMUNICATIONS DOES NOT WARRANT, GUARANBPF, OR MAKE ANY
   25  * REPRESENTATIONS REGARDING THE USE OF, OR THE RESULTS OF THE USE OF THIS
   26  * SOFTWARE IN TERMS OF ITS CORRECTNESS, ACCURACY, RELIABILITY OR OTHERWISE.
   27  * IN NO EVENT SHALL WHISTLE COMMUNICATIONS BE LIABLE FOR ANY DAMAGES
   28  * RESULTING FROM OR ARISING OUT OF ANY USE OF THIS SOFTWARE, INCLUDING
   29  * WITHOUT LIMITATION, ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
   30  * PUNITIVE, OR CONSEQUENTIAL DAMAGES, PROCUREMENT OF SUBSTITUTE GOODS OR
   31  * SERVICES, LOSS OF USE, DATA OR PROFITS, HOWEVER CAUSED AND UNDER ANY
   32  * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
   33  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
   34  * THIS SOFTWARE, EVEN IF WHISTLE COMMUNICATIONS IS ADVISED OF THE POSSIBILITY
   35  * OF SUCH DAMAGE.
   36  *
   37  * Author: Archie Cobbs <archie@freebsd.org>
   38  *
   39  * $FreeBSD: stable/3/sys/netgraph/ng_bpf.c 67532 2000-10-24 22:45:12Z julian $
   40  * $Whistle: ng_bpf.c,v 1.3 1999/12/03 20:30:23 archie Exp $
   41  */
   42 
   43 /*
   44  * BPF NETGRAPH NODE TYPE
   45  *
   46  * This node type accepts any number of hook connections.  With each hook
   47  * is associated a bpf(4) filter program, and two hook names (each possibly
   48  * the empty string).  Incoming packets are compared against the filter;
   49  * matching packets are delivered out the first named hook (or dropped if
   50  * the empty string), and non-matching packets are delivered out the second
   51  * named hook (or dropped if the empty string).
   52  *
   53  * Each hook also keeps statistics about how many packets have matched, etc.
   54  */
   55 
   56 #include <sys/param.h>
   57 #include <sys/systm.h>
   58 #include <sys/errno.h>
   59 #include <sys/kernel.h>
   60 #include <sys/malloc.h>
   61 #include <sys/mbuf.h>
   62 
   63 #include <net/bpf.h>
   64 
   65 #include <netgraph/ng_message.h>
   66 #include <netgraph/netgraph.h>
   67 #include <netgraph/ng_parse.h>
   68 #include <netgraph/ng_bpf.h>
   69 
   70 #define OFFSETOF(s, e) ((char *)&((s *)0)->e - (char *)((s *)0))
   71 
   72 #define ERROUT(x)       do { error = (x); goto done; } while (0)
   73 
   74 /* Per hook private info */
   75 struct ng_bpf_hookinfo {
   76         node_p                  node;
   77         hook_p                  hook;
   78         struct ng_bpf_hookprog  *prog;
   79         struct ng_bpf_hookstat  stats;
   80 };
   81 typedef struct ng_bpf_hookinfo *hinfo_p;
   82 
   83 /* Netgraph methods */
   84 static ng_constructor_t ng_bpf_constructor;
   85 static ng_rcvmsg_t      ng_bpf_rcvmsg;
   86 static ng_shutdown_t    ng_bpf_rmnode;
   87 static ng_newhook_t     ng_bpf_newhook;
   88 static ng_rcvdata_t     ng_bpf_rcvdata;
   89 static ng_disconnect_t  ng_bpf_disconnect;
   90 
   91 /* Internal helper functions */
   92 static int      ng_bpf_setprog(hook_p hook, const struct ng_bpf_hookprog *hp);
   93 
   94 /* Parse type for one struct bfp_insn */
   95 static const struct ng_parse_struct_info ng_bpf_insn_type_info = {
   96     {
   97         { "code",       &ng_parse_int16_type    },
   98         { "jt",         &ng_parse_int8_type     },
   99         { "jf",         &ng_parse_int8_type     },
  100         { "k",          &ng_parse_int32_type    },
  101         { NULL }
  102     }
  103 };
  104 static const struct ng_parse_type ng_bpf_insn_type = {
  105         &ng_parse_struct_type,
  106         &ng_bpf_insn_type_info
  107 };
  108 
  109 /* Parse type for the field 'bpf_prog' in struct ng_bpf_hookprog */
  110 static int
  111 ng_bpf_hookprogary_getLength(const struct ng_parse_type *type,
  112         const u_char *start, const u_char *buf)
  113 {
  114         const struct ng_bpf_hookprog *hp;
  115 
  116         hp = (const struct ng_bpf_hookprog *)
  117             (buf - OFFSETOF(struct ng_bpf_hookprog, bpf_prog));
  118         return hp->bpf_prog_len;
  119 }
  120 
  121 static const struct ng_parse_array_info ng_bpf_hookprogary_info = {
  122         &ng_bpf_insn_type,
  123         &ng_bpf_hookprogary_getLength,
  124         NULL
  125 };
  126 static const struct ng_parse_type ng_bpf_hookprogary_type = {
  127         &ng_parse_array_type,
  128         &ng_bpf_hookprogary_info
  129 };
  130 
  131 /* Parse type for struct ng_bpf_hookprog */
  132 static const struct ng_parse_struct_info ng_bpf_hookprog_type_info
  133         = NG_BPF_HOOKPROG_TYPE_INFO(&ng_bpf_hookprogary_type);
  134 static const struct ng_parse_type ng_bpf_hookprog_type = {
  135         &ng_parse_struct_type,
  136         &ng_bpf_hookprog_type_info
  137 };
  138 
  139 /* Parse type for struct ng_bpf_hookstat */
  140 static const struct ng_parse_struct_info
  141         ng_bpf_hookstat_type_info = NG_BPF_HOOKSTAT_TYPE_INFO;
  142 static const struct ng_parse_type ng_bpf_hookstat_type = {
  143         &ng_parse_struct_type,
  144         &ng_bpf_hookstat_type_info
  145 };
  146 
  147 /* List of commands and how to convert arguments to/from ASCII */
  148 static const struct ng_cmdlist ng_bpf_cmdlist[] = {
  149         {
  150           NGM_BPF_COOKIE,
  151           NGM_BPF_SET_PROGRAM,
  152           "setprogram",
  153           &ng_bpf_hookprog_type,
  154           NULL
  155         },
  156         {
  157           NGM_BPF_COOKIE,
  158           NGM_BPF_GET_PROGRAM,
  159           "getprogram",
  160           &ng_parse_hookbuf_type,
  161           &ng_bpf_hookprog_type
  162         },
  163         {
  164           NGM_BPF_COOKIE,
  165           NGM_BPF_GET_STATS,
  166           "getstats",
  167           &ng_parse_hookbuf_type,
  168           &ng_bpf_hookstat_type
  169         },
  170         {
  171           NGM_BPF_COOKIE,
  172           NGM_BPF_CLR_STATS,
  173           "clrstats",
  174           &ng_parse_hookbuf_type,
  175           NULL
  176         },
  177         {
  178           NGM_BPF_COOKIE,
  179           NGM_BPF_GETCLR_STATS,
  180           "getclrstats",
  181           &ng_parse_hookbuf_type,
  182           &ng_bpf_hookstat_type
  183         },
  184         { 0 }
  185 };
  186 
  187 /* Netgraph type descriptor */
  188 static struct ng_type typestruct = {
  189         NG_VERSION,
  190         NG_BPF_NODE_TYPE,
  191         NULL,
  192         ng_bpf_constructor,
  193         ng_bpf_rcvmsg,
  194         ng_bpf_rmnode,
  195         ng_bpf_newhook,
  196         NULL,
  197         NULL,
  198         ng_bpf_rcvdata,
  199         ng_bpf_rcvdata,
  200         ng_bpf_disconnect,
  201         ng_bpf_cmdlist
  202 };
  203 NETGRAPH_INIT(bpf, &typestruct);
  204 
  205 /* Default BPF program for a hook that matches nothing */
  206 static const struct ng_bpf_hookprog ng_bpf_default_prog = {
  207         { '\0' },               /* to be filled in at hook creation time */
  208         { '\0' },
  209         { '\0' },
  210         1,
  211         { BPF_STMT(BPF_RET+BPF_K, 0) }
  212 };
  213 
  214 /*
  215  * Node constructor
  216  *
  217  * We don't keep any per-node private data
  218  */
  219 static int
  220 ng_bpf_constructor(node_p *nodep)
  221 {
  222         int error = 0;
  223 
  224         if ((error = ng_make_node_common(&typestruct, nodep)))
  225                 return (error);
  226         (*nodep)->private = NULL;
  227         return (0);
  228 }
  229 
  230 /*
  231  * Add a hook
  232  */
  233 static int
  234 ng_bpf_newhook(node_p node, hook_p hook, const char *name)
  235 {
  236         hinfo_p hip;
  237         int error;
  238 
  239         /* Create hook private structure */
  240         MALLOC(hip, hinfo_p, sizeof(*hip), M_NETGRAPH, M_WAITOK);
  241         if (hip == NULL)
  242                 return (ENOMEM);
  243         bzero(hip, sizeof(*hip));
  244         hip->hook = hook;
  245         hook->private = hip;
  246         hip->node = node;
  247 
  248         /* Attach the default BPF program */
  249         if ((error = ng_bpf_setprog(hook, &ng_bpf_default_prog)) != 0) {
  250                 FREE(hip, M_NETGRAPH);
  251                 hook->private = NULL;
  252                 return (error);
  253         }
  254 
  255         /* Set hook name */
  256         strncpy(hip->prog->thisHook, name, sizeof(hip->prog->thisHook) - 1);
  257         hip->prog->thisHook[sizeof(hip->prog->thisHook) - 1] = '\0';
  258         return (0);
  259 }
  260 
  261 /*
  262  * Receive a control message
  263  */
  264 static int
  265 ng_bpf_rcvmsg(node_p node, struct ng_mesg *msg, const char *retaddr,
  266            struct ng_mesg **rptr)
  267 {
  268         struct ng_mesg *resp = NULL;
  269         int error = 0;
  270 
  271         switch (msg->header.typecookie) {
  272         case NGM_BPF_COOKIE:
  273                 switch (msg->header.cmd) {
  274                 case NGM_BPF_SET_PROGRAM:
  275                     {
  276                         struct ng_bpf_hookprog *const
  277                             hp = (struct ng_bpf_hookprog *)msg->data;
  278                         hook_p hook;
  279 
  280                         /* Sanity check */
  281                         if (msg->header.arglen < sizeof(*hp)
  282                             || msg->header.arglen
  283                               != NG_BPF_HOOKPROG_SIZE(hp->bpf_prog_len))
  284                                 ERROUT(EINVAL);
  285 
  286                         /* Find hook */
  287                         if ((hook = ng_findhook(node, hp->thisHook)) == NULL)
  288                                 ERROUT(ENOENT);
  289 
  290                         /* Set new program */
  291                         if ((error = ng_bpf_setprog(hook, hp)) != 0)
  292                                 ERROUT(error);
  293                         break;
  294                     }
  295 
  296                 case NGM_BPF_GET_PROGRAM:
  297                     {
  298                         struct ng_bpf_hookprog *hp;
  299                         hook_p hook;
  300 
  301                         /* Sanity check */
  302                         if (msg->header.arglen == 0)
  303                                 ERROUT(EINVAL);
  304                         msg->data[msg->header.arglen - 1] = '\0';
  305 
  306                         /* Find hook */
  307                         if ((hook = ng_findhook(node, msg->data)) == NULL)
  308                                 ERROUT(ENOENT);
  309 
  310                         /* Build response */
  311                         hp = ((hinfo_p)hook->private)->prog;
  312                         NG_MKRESPONSE(resp, msg,
  313                             NG_BPF_HOOKPROG_SIZE(hp->bpf_prog_len), M_NOWAIT);
  314                         if (resp == NULL)
  315                                 ERROUT(ENOMEM);
  316                         bcopy(hp, resp->data,
  317                            NG_BPF_HOOKPROG_SIZE(hp->bpf_prog_len));
  318                         break;
  319                     }
  320 
  321                 case NGM_BPF_GET_STATS:
  322                 case NGM_BPF_CLR_STATS:
  323                 case NGM_BPF_GETCLR_STATS:
  324                     {
  325                         struct ng_bpf_hookstat *stats;
  326                         hook_p hook;
  327 
  328                         /* Sanity check */
  329                         if (msg->header.arglen == 0)
  330                                 ERROUT(EINVAL);
  331                         msg->data[msg->header.arglen - 1] = '\0';
  332 
  333                         /* Find hook */
  334                         if ((hook = ng_findhook(node, msg->data)) == NULL)
  335                                 ERROUT(ENOENT);
  336                         stats = &((hinfo_p)hook->private)->stats;
  337 
  338                         /* Build response (if desired) */
  339                         if (msg->header.cmd != NGM_BPF_CLR_STATS) {
  340                                 NG_MKRESPONSE(resp,
  341                                     msg, sizeof(*stats), M_NOWAIT);
  342                                 if (resp == NULL)
  343                                         ERROUT(ENOMEM);
  344                                 bcopy(stats, resp->data, sizeof(*stats));
  345                         }
  346 
  347                         /* Clear stats (if desired) */
  348                         if (msg->header.cmd != NGM_BPF_GET_STATS)
  349                                 bzero(stats, sizeof(*stats));
  350                         break;
  351                     }
  352 
  353                 default:
  354                         error = EINVAL;
  355                         break;
  356                 }
  357                 break;
  358         default:
  359                 error = EINVAL;
  360                 break;
  361         }
  362         if (rptr)
  363                 *rptr = resp;
  364         else if (resp)
  365                 FREE(resp, M_NETGRAPH);
  366 
  367 done:
  368         FREE(msg, M_NETGRAPH);
  369         return (error);
  370 }
  371 
  372 /*
  373  * Receive data on a hook
  374  *
  375  * Apply the filter, and then drop or forward packet as appropriate.
  376  */
  377 static int
  378 ng_bpf_rcvdata(hook_p hook, struct mbuf *m, meta_p meta)
  379 {
  380         const hinfo_p hip = hook->private;
  381         int totlen = m->m_pkthdr.len;
  382         int needfree = 0, error = 0;
  383         u_char *data, buf[256];
  384         hinfo_p dhip;
  385         hook_p dest;
  386         u_int len;
  387 
  388         /* Update stats on incoming hook */
  389         hip->stats.recvFrames++;
  390         hip->stats.recvOctets += totlen;
  391 
  392         /* Need to put packet in contiguous memory for bpf */
  393         if (m->m_next != NULL) {
  394                 if (totlen > sizeof(buf)) {
  395                         MALLOC(data, u_char *, totlen, M_NETGRAPH, M_NOWAIT);
  396                         if (data == NULL) {
  397                                 NG_FREE_DATA(m, meta);
  398                                 return (ENOMEM);
  399                         }
  400                         needfree = 1;
  401                 } else
  402                         data = buf;
  403                 m_copydata(m, 0, totlen, (caddr_t)data);
  404         } else
  405                 data = mtod(m, u_char *);
  406 
  407         /* Run packet through filter */
  408         len = bpf_filter(hip->prog->bpf_prog, data, totlen, totlen);
  409         if (needfree)
  410                 FREE(data, M_NETGRAPH);
  411 
  412         /* See if we got a match and find destination hook */
  413         if (len > 0) {
  414 
  415                 /* Update stats */
  416                 hip->stats.recvMatchFrames++;
  417                 hip->stats.recvMatchOctets += totlen;
  418 
  419                 /* Truncate packet length if required by the filter */
  420                 if (len < totlen) {
  421                         m_adj(m, -(totlen - len));
  422                         totlen -= len;
  423                 }
  424                 dest = ng_findhook(hip->node, hip->prog->ifMatch);
  425         } else
  426                 dest = ng_findhook(hip->node, hip->prog->ifNotMatch);
  427         if (dest == NULL) {
  428                 NG_FREE_DATA(m, meta);
  429                 return (0);
  430         }
  431 
  432         /* Deliver frame out destination hook */
  433         dhip = (hinfo_p)dest->private;
  434         dhip->stats.xmitOctets += totlen;
  435         dhip->stats.xmitFrames++;
  436         NG_SEND_DATA(error, dest, m, meta);
  437         return (error);
  438 }
  439 
  440 /*
  441  * Shutdown processing
  442  */
  443 static int
  444 ng_bpf_rmnode(node_p node)
  445 {
  446         node->flags |= NG_INVALID;
  447         ng_cutlinks(node);
  448         ng_unname(node);
  449         ng_unref(node);
  450         return (0);
  451 }
  452 
  453 /*
  454  * Hook disconnection
  455  */
  456 static int
  457 ng_bpf_disconnect(hook_p hook)
  458 {
  459         const hinfo_p hip = hook->private;
  460 
  461         KASSERT(hip != NULL, ("%s: null info", __FUNCTION__));
  462         FREE(hip->prog, M_NETGRAPH);
  463         bzero(hip, sizeof(*hip));
  464         FREE(hip, M_NETGRAPH);
  465         hook->private = NULL;                   /* for good measure */
  466         if (hook->node->numhooks == 0)
  467                 ng_rmnode(hook->node);
  468         return (0);
  469 }
  470 
  471 /************************************************************************
  472                         HELPER STUFF
  473  ************************************************************************/
  474 
  475 /*
  476  * Set the BPF program associated with a hook
  477  */
  478 static int
  479 ng_bpf_setprog(hook_p hook, const struct ng_bpf_hookprog *hp0)
  480 {
  481         const hinfo_p hip = hook->private;
  482         struct ng_bpf_hookprog *hp;
  483         int size;
  484 
  485         /* Check program for validity */
  486         if (!bpf_validate(hp0->bpf_prog, hp0->bpf_prog_len))
  487                 return (EINVAL);
  488 
  489         /* Make a copy of the program */
  490         size = NG_BPF_HOOKPROG_SIZE(hp0->bpf_prog_len);
  491         MALLOC(hp, struct ng_bpf_hookprog *, size, M_NETGRAPH, M_WAITOK);
  492         if (hp == NULL)
  493                 return (ENOMEM);
  494         bcopy(hp0, hp, size);
  495 
  496         /* Free previous program, if any, and assign new one */
  497         if (hip->prog != NULL)
  498                 FREE(hip->prog, M_NETGRAPH);
  499         hip->prog = hp;
  500         return (0);
  501 }
  502 

Cache object: 5228d6ebb1abd7150b0ab313cdcc4f6d


[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]


This page is part of the FreeBSD/Linux Linux Kernel Cross-Reference, and was automatically generated using a modified version of the LXR engine.