1
2/*
3 * ng_bpf.c
4 *
5 * Copyright (c) 1999 Whistle Communications, Inc.
6 * All rights reserved.
7 *
8 * Subject to the following obligations and disclaimer of warranty, use and
9 * redistribution of this software, in source or object code forms, with or
10 * without modifications are expressly permitted by Whistle Communications;
11 * provided, however, that:
12 * 1. Any and all reproductions of the source or object code must include the
13 * copyright notice above and the following disclaimer of warranties; and
14 * 2. No rights are granted, in any manner or form, to use Whistle
15 * Communications, Inc. trademarks, including the mark "WHISTLE
16 * COMMUNICATIONS" on advertising, endorsements, or otherwise except as
17 * such appears in the above copyright notice or in the software.
18 *
19 * THIS SOFTWARE IS BEING PROVIDED BY WHISTLE COMMUNICATIONS "AS IS", AND
20 * TO THE MAXIMUM EXTENT PERMITTED BY LAW, WHISTLE COMMUNICATIONS MAKES NO
21 * REPRESENTATIONS OR WARRANTIES, EXPRESS OR IMPLIED, REGARDING THIS SOFTWARE,
22 * INCLUDING WITHOUT LIMITATION, ANY AND ALL IMPLIED WARRANTIES OF
23 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT.
24 * WHISTLE COMMUNICATIONS DOES NOT WARRANT, GUARANBPF, OR MAKE ANY
25 * REPRESENTATIONS REGARDING THE USE OF, OR THE RESULTS OF THE USE OF THIS
26 * SOFTWARE IN TERMS OF ITS CORRECTNESS, ACCURACY, RELIABILITY OR OTHERWISE.
27 * IN NO EVENT SHALL WHISTLE COMMUNICATIONS BE LIABLE FOR ANY DAMAGES
28 * RESULTING FROM OR ARISING OUT OF ANY USE OF THIS SOFTWARE, INCLUDING
29 * WITHOUT LIMITATION, ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
30 * PUNITIVE, OR CONSEQUENTIAL DAMAGES, PROCUREMENT OF SUBSTITUTE GOODS OR
31 * SERVICES, LOSS OF USE, DATA OR PROFITS, HOWEVER CAUSED AND UNDER ANY
32 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
33 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
34 * THIS SOFTWARE, EVEN IF WHISTLE COMMUNICATIONS IS ADVISED OF THE POSSIBILITY
35 * OF SUCH DAMAGE.
36 *
37 * Author: Archie Cobbs <archie@freebsd.org>
38 *
| 1
2/*
3 * ng_bpf.c
4 *
5 * Copyright (c) 1999 Whistle Communications, Inc.
6 * All rights reserved.
7 *
8 * Subject to the following obligations and disclaimer of warranty, use and
9 * redistribution of this software, in source or object code forms, with or
10 * without modifications are expressly permitted by Whistle Communications;
11 * provided, however, that:
12 * 1. Any and all reproductions of the source or object code must include the
13 * copyright notice above and the following disclaimer of warranties; and
14 * 2. No rights are granted, in any manner or form, to use Whistle
15 * Communications, Inc. trademarks, including the mark "WHISTLE
16 * COMMUNICATIONS" on advertising, endorsements, or otherwise except as
17 * such appears in the above copyright notice or in the software.
18 *
19 * THIS SOFTWARE IS BEING PROVIDED BY WHISTLE COMMUNICATIONS "AS IS", AND
20 * TO THE MAXIMUM EXTENT PERMITTED BY LAW, WHISTLE COMMUNICATIONS MAKES NO
21 * REPRESENTATIONS OR WARRANTIES, EXPRESS OR IMPLIED, REGARDING THIS SOFTWARE,
22 * INCLUDING WITHOUT LIMITATION, ANY AND ALL IMPLIED WARRANTIES OF
23 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT.
24 * WHISTLE COMMUNICATIONS DOES NOT WARRANT, GUARANBPF, OR MAKE ANY
25 * REPRESENTATIONS REGARDING THE USE OF, OR THE RESULTS OF THE USE OF THIS
26 * SOFTWARE IN TERMS OF ITS CORRECTNESS, ACCURACY, RELIABILITY OR OTHERWISE.
27 * IN NO EVENT SHALL WHISTLE COMMUNICATIONS BE LIABLE FOR ANY DAMAGES
28 * RESULTING FROM OR ARISING OUT OF ANY USE OF THIS SOFTWARE, INCLUDING
29 * WITHOUT LIMITATION, ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
30 * PUNITIVE, OR CONSEQUENTIAL DAMAGES, PROCUREMENT OF SUBSTITUTE GOODS OR
31 * SERVICES, LOSS OF USE, DATA OR PROFITS, HOWEVER CAUSED AND UNDER ANY
32 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
33 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
34 * THIS SOFTWARE, EVEN IF WHISTLE COMMUNICATIONS IS ADVISED OF THE POSSIBILITY
35 * OF SUCH DAMAGE.
36 *
37 * Author: Archie Cobbs <archie@freebsd.org>
38 *
|
39 * $FreeBSD: head/sys/netgraph/ng_bpf.c 68876 2000-11-18 15:17:43Z dwmalone $
| 39 * $FreeBSD: head/sys/netgraph/ng_bpf.c 69922 2000-12-12 18:52:14Z julian $
|
40 * $Whistle: ng_bpf.c,v 1.3 1999/12/03 20:30:23 archie Exp $
41 */
42
43/*
44 * BPF NETGRAPH NODE TYPE
45 *
46 * This node type accepts any number of hook connections. With each hook
47 * is associated a bpf(4) filter program, and two hook names (each possibly
48 * the empty string). Incoming packets are compared against the filter;
49 * matching packets are delivered out the first named hook (or dropped if
50 * the empty string), and non-matching packets are delivered out the second
51 * named hook (or dropped if the empty string).
52 *
53 * Each hook also keeps statistics about how many packets have matched, etc.
54 */
55
56#include <sys/param.h>
57#include <sys/systm.h>
58#include <sys/errno.h>
59#include <sys/kernel.h>
60#include <sys/malloc.h>
61#include <sys/mbuf.h>
62
63#include <net/bpf.h>
64
65#include <netgraph/ng_message.h>
66#include <netgraph/netgraph.h>
67#include <netgraph/ng_parse.h>
68#include <netgraph/ng_bpf.h>
69
70#define OFFSETOF(s, e) ((char *)&((s *)0)->e - (char *)((s *)0))
71
72#define ERROUT(x) do { error = (x); goto done; } while (0)
73
74/* Per hook private info */
75struct ng_bpf_hookinfo {
76 node_p node;
77 hook_p hook;
78 struct ng_bpf_hookprog *prog;
79 struct ng_bpf_hookstat stats;
80};
81typedef struct ng_bpf_hookinfo *hinfo_p;
82
83/* Netgraph methods */
84static ng_constructor_t ng_bpf_constructor;
85static ng_rcvmsg_t ng_bpf_rcvmsg;
86static ng_shutdown_t ng_bpf_rmnode;
87static ng_newhook_t ng_bpf_newhook;
88static ng_rcvdata_t ng_bpf_rcvdata;
89static ng_disconnect_t ng_bpf_disconnect;
90
91/* Internal helper functions */
92static int ng_bpf_setprog(hook_p hook, const struct ng_bpf_hookprog *hp);
93
94/* Parse type for one struct bfp_insn */
95static const struct ng_parse_struct_info ng_bpf_insn_type_info = {
96 {
97 { "code", &ng_parse_hint16_type },
98 { "jt", &ng_parse_uint8_type },
99 { "jf", &ng_parse_uint8_type },
100 { "k", &ng_parse_uint32_type },
101 { NULL }
102 }
103};
104static const struct ng_parse_type ng_bpf_insn_type = {
105 &ng_parse_struct_type,
106 &ng_bpf_insn_type_info
107};
108
109/* Parse type for the field 'bpf_prog' in struct ng_bpf_hookprog */
110static int
111ng_bpf_hookprogary_getLength(const struct ng_parse_type *type,
112 const u_char *start, const u_char *buf)
113{
114 const struct ng_bpf_hookprog *hp;
115
116 hp = (const struct ng_bpf_hookprog *)
117 (buf - OFFSETOF(struct ng_bpf_hookprog, bpf_prog));
118 return hp->bpf_prog_len;
119}
120
121static const struct ng_parse_array_info ng_bpf_hookprogary_info = {
122 &ng_bpf_insn_type,
123 &ng_bpf_hookprogary_getLength,
124 NULL
125};
126static const struct ng_parse_type ng_bpf_hookprogary_type = {
127 &ng_parse_array_type,
128 &ng_bpf_hookprogary_info
129};
130
131/* Parse type for struct ng_bpf_hookprog */
132static const struct ng_parse_struct_info ng_bpf_hookprog_type_info
133 = NG_BPF_HOOKPROG_TYPE_INFO(&ng_bpf_hookprogary_type);
134static const struct ng_parse_type ng_bpf_hookprog_type = {
135 &ng_parse_struct_type,
136 &ng_bpf_hookprog_type_info
137};
138
139/* Parse type for struct ng_bpf_hookstat */
140static const struct ng_parse_struct_info
141 ng_bpf_hookstat_type_info = NG_BPF_HOOKSTAT_TYPE_INFO;
142static const struct ng_parse_type ng_bpf_hookstat_type = {
143 &ng_parse_struct_type,
144 &ng_bpf_hookstat_type_info
145};
146
147/* List of commands and how to convert arguments to/from ASCII */
148static const struct ng_cmdlist ng_bpf_cmdlist[] = {
149 {
150 NGM_BPF_COOKIE,
151 NGM_BPF_SET_PROGRAM,
152 "setprogram",
153 &ng_bpf_hookprog_type,
154 NULL
155 },
156 {
157 NGM_BPF_COOKIE,
158 NGM_BPF_GET_PROGRAM,
159 "getprogram",
160 &ng_parse_hookbuf_type,
161 &ng_bpf_hookprog_type
162 },
163 {
164 NGM_BPF_COOKIE,
165 NGM_BPF_GET_STATS,
166 "getstats",
167 &ng_parse_hookbuf_type,
168 &ng_bpf_hookstat_type
169 },
170 {
171 NGM_BPF_COOKIE,
172 NGM_BPF_CLR_STATS,
173 "clrstats",
174 &ng_parse_hookbuf_type,
175 NULL
176 },
177 {
178 NGM_BPF_COOKIE,
179 NGM_BPF_GETCLR_STATS,
180 "getclrstats",
181 &ng_parse_hookbuf_type,
182 &ng_bpf_hookstat_type
183 },
184 { 0 }
185};
186
187/* Netgraph type descriptor */
188static struct ng_type typestruct = {
189 NG_VERSION,
190 NG_BPF_NODE_TYPE,
191 NULL,
192 ng_bpf_constructor,
193 ng_bpf_rcvmsg,
194 ng_bpf_rmnode,
195 ng_bpf_newhook,
196 NULL,
197 NULL,
198 ng_bpf_rcvdata,
| 40 * $Whistle: ng_bpf.c,v 1.3 1999/12/03 20:30:23 archie Exp $
41 */
42
43/*
44 * BPF NETGRAPH NODE TYPE
45 *
46 * This node type accepts any number of hook connections. With each hook
47 * is associated a bpf(4) filter program, and two hook names (each possibly
48 * the empty string). Incoming packets are compared against the filter;
49 * matching packets are delivered out the first named hook (or dropped if
50 * the empty string), and non-matching packets are delivered out the second
51 * named hook (or dropped if the empty string).
52 *
53 * Each hook also keeps statistics about how many packets have matched, etc.
54 */
55
56#include <sys/param.h>
57#include <sys/systm.h>
58#include <sys/errno.h>
59#include <sys/kernel.h>
60#include <sys/malloc.h>
61#include <sys/mbuf.h>
62
63#include <net/bpf.h>
64
65#include <netgraph/ng_message.h>
66#include <netgraph/netgraph.h>
67#include <netgraph/ng_parse.h>
68#include <netgraph/ng_bpf.h>
69
70#define OFFSETOF(s, e) ((char *)&((s *)0)->e - (char *)((s *)0))
71
72#define ERROUT(x) do { error = (x); goto done; } while (0)
73
74/* Per hook private info */
75struct ng_bpf_hookinfo {
76 node_p node;
77 hook_p hook;
78 struct ng_bpf_hookprog *prog;
79 struct ng_bpf_hookstat stats;
80};
81typedef struct ng_bpf_hookinfo *hinfo_p;
82
83/* Netgraph methods */
84static ng_constructor_t ng_bpf_constructor;
85static ng_rcvmsg_t ng_bpf_rcvmsg;
86static ng_shutdown_t ng_bpf_rmnode;
87static ng_newhook_t ng_bpf_newhook;
88static ng_rcvdata_t ng_bpf_rcvdata;
89static ng_disconnect_t ng_bpf_disconnect;
90
91/* Internal helper functions */
92static int ng_bpf_setprog(hook_p hook, const struct ng_bpf_hookprog *hp);
93
94/* Parse type for one struct bfp_insn */
95static const struct ng_parse_struct_info ng_bpf_insn_type_info = {
96 {
97 { "code", &ng_parse_hint16_type },
98 { "jt", &ng_parse_uint8_type },
99 { "jf", &ng_parse_uint8_type },
100 { "k", &ng_parse_uint32_type },
101 { NULL }
102 }
103};
104static const struct ng_parse_type ng_bpf_insn_type = {
105 &ng_parse_struct_type,
106 &ng_bpf_insn_type_info
107};
108
109/* Parse type for the field 'bpf_prog' in struct ng_bpf_hookprog */
110static int
111ng_bpf_hookprogary_getLength(const struct ng_parse_type *type,
112 const u_char *start, const u_char *buf)
113{
114 const struct ng_bpf_hookprog *hp;
115
116 hp = (const struct ng_bpf_hookprog *)
117 (buf - OFFSETOF(struct ng_bpf_hookprog, bpf_prog));
118 return hp->bpf_prog_len;
119}
120
121static const struct ng_parse_array_info ng_bpf_hookprogary_info = {
122 &ng_bpf_insn_type,
123 &ng_bpf_hookprogary_getLength,
124 NULL
125};
126static const struct ng_parse_type ng_bpf_hookprogary_type = {
127 &ng_parse_array_type,
128 &ng_bpf_hookprogary_info
129};
130
131/* Parse type for struct ng_bpf_hookprog */
132static const struct ng_parse_struct_info ng_bpf_hookprog_type_info
133 = NG_BPF_HOOKPROG_TYPE_INFO(&ng_bpf_hookprogary_type);
134static const struct ng_parse_type ng_bpf_hookprog_type = {
135 &ng_parse_struct_type,
136 &ng_bpf_hookprog_type_info
137};
138
139/* Parse type for struct ng_bpf_hookstat */
140static const struct ng_parse_struct_info
141 ng_bpf_hookstat_type_info = NG_BPF_HOOKSTAT_TYPE_INFO;
142static const struct ng_parse_type ng_bpf_hookstat_type = {
143 &ng_parse_struct_type,
144 &ng_bpf_hookstat_type_info
145};
146
147/* List of commands and how to convert arguments to/from ASCII */
148static const struct ng_cmdlist ng_bpf_cmdlist[] = {
149 {
150 NGM_BPF_COOKIE,
151 NGM_BPF_SET_PROGRAM,
152 "setprogram",
153 &ng_bpf_hookprog_type,
154 NULL
155 },
156 {
157 NGM_BPF_COOKIE,
158 NGM_BPF_GET_PROGRAM,
159 "getprogram",
160 &ng_parse_hookbuf_type,
161 &ng_bpf_hookprog_type
162 },
163 {
164 NGM_BPF_COOKIE,
165 NGM_BPF_GET_STATS,
166 "getstats",
167 &ng_parse_hookbuf_type,
168 &ng_bpf_hookstat_type
169 },
170 {
171 NGM_BPF_COOKIE,
172 NGM_BPF_CLR_STATS,
173 "clrstats",
174 &ng_parse_hookbuf_type,
175 NULL
176 },
177 {
178 NGM_BPF_COOKIE,
179 NGM_BPF_GETCLR_STATS,
180 "getclrstats",
181 &ng_parse_hookbuf_type,
182 &ng_bpf_hookstat_type
183 },
184 { 0 }
185};
186
187/* Netgraph type descriptor */
188static struct ng_type typestruct = {
189 NG_VERSION,
190 NG_BPF_NODE_TYPE,
191 NULL,
192 ng_bpf_constructor,
193 ng_bpf_rcvmsg,
194 ng_bpf_rmnode,
195 ng_bpf_newhook,
196 NULL,
197 NULL,
198 ng_bpf_rcvdata,
|
199 ng_bpf_rcvdata,
| |
200 ng_bpf_disconnect,
201 ng_bpf_cmdlist
202};
203NETGRAPH_INIT(bpf, &typestruct);
204
205/* Default BPF program for a hook that matches nothing */
206static const struct ng_bpf_hookprog ng_bpf_default_prog = {
207 { '\0' }, /* to be filled in at hook creation time */
208 { '\0' },
209 { '\0' },
210 1,
211 { BPF_STMT(BPF_RET+BPF_K, 0) }
212};
213
214/*
215 * Node constructor
216 *
217 * We don't keep any per-node private data
218 */
219static int
220ng_bpf_constructor(node_p *nodep)
221{
222 int error = 0;
223
224 if ((error = ng_make_node_common(&typestruct, nodep)))
225 return (error);
226 (*nodep)->private = NULL;
227 return (0);
228}
229
230/*
231 * Add a hook
232 */
233static int
234ng_bpf_newhook(node_p node, hook_p hook, const char *name)
235{
236 hinfo_p hip;
237 int error;
238
239 /* Create hook private structure */
240 MALLOC(hip, hinfo_p, sizeof(*hip), M_NETGRAPH, M_NOWAIT | M_ZERO);
241 if (hip == NULL)
242 return (ENOMEM);
243 hip->hook = hook;
244 hook->private = hip;
245 hip->node = node;
246
247 /* Attach the default BPF program */
248 if ((error = ng_bpf_setprog(hook, &ng_bpf_default_prog)) != 0) {
249 FREE(hip, M_NETGRAPH);
250 hook->private = NULL;
251 return (error);
252 }
253
254 /* Set hook name */
255 strncpy(hip->prog->thisHook, name, sizeof(hip->prog->thisHook) - 1);
256 hip->prog->thisHook[sizeof(hip->prog->thisHook) - 1] = '\0';
257 return (0);
258}
259
260/*
261 * Receive a control message
262 */
263static int
264ng_bpf_rcvmsg(node_p node, struct ng_mesg *msg, const char *retaddr,
265 struct ng_mesg **rptr, hook_p lasthook)
266{
267 struct ng_mesg *resp = NULL;
268 int error = 0;
269
270 switch (msg->header.typecookie) {
271 case NGM_BPF_COOKIE:
272 switch (msg->header.cmd) {
273 case NGM_BPF_SET_PROGRAM:
274 {
275 struct ng_bpf_hookprog *const
276 hp = (struct ng_bpf_hookprog *)msg->data;
277 hook_p hook;
278
279 /* Sanity check */
280 if (msg->header.arglen < sizeof(*hp)
281 || msg->header.arglen
282 != NG_BPF_HOOKPROG_SIZE(hp->bpf_prog_len))
283 ERROUT(EINVAL);
284
285 /* Find hook */
286 if ((hook = ng_findhook(node, hp->thisHook)) == NULL)
287 ERROUT(ENOENT);
288
289 /* Set new program */
290 if ((error = ng_bpf_setprog(hook, hp)) != 0)
291 ERROUT(error);
292 break;
293 }
294
295 case NGM_BPF_GET_PROGRAM:
296 {
297 struct ng_bpf_hookprog *hp;
298 hook_p hook;
299
300 /* Sanity check */
301 if (msg->header.arglen == 0)
302 ERROUT(EINVAL);
303 msg->data[msg->header.arglen - 1] = '\0';
304
305 /* Find hook */
306 if ((hook = ng_findhook(node, msg->data)) == NULL)
307 ERROUT(ENOENT);
308
309 /* Build response */
310 hp = ((hinfo_p)hook->private)->prog;
311 NG_MKRESPONSE(resp, msg,
312 NG_BPF_HOOKPROG_SIZE(hp->bpf_prog_len), M_NOWAIT);
313 if (resp == NULL)
314 ERROUT(ENOMEM);
315 bcopy(hp, resp->data,
316 NG_BPF_HOOKPROG_SIZE(hp->bpf_prog_len));
317 break;
318 }
319
320 case NGM_BPF_GET_STATS:
321 case NGM_BPF_CLR_STATS:
322 case NGM_BPF_GETCLR_STATS:
323 {
324 struct ng_bpf_hookstat *stats;
325 hook_p hook;
326
327 /* Sanity check */
328 if (msg->header.arglen == 0)
329 ERROUT(EINVAL);
330 msg->data[msg->header.arglen - 1] = '\0';
331
332 /* Find hook */
333 if ((hook = ng_findhook(node, msg->data)) == NULL)
334 ERROUT(ENOENT);
335 stats = &((hinfo_p)hook->private)->stats;
336
337 /* Build response (if desired) */
338 if (msg->header.cmd != NGM_BPF_CLR_STATS) {
339 NG_MKRESPONSE(resp,
340 msg, sizeof(*stats), M_NOWAIT);
341 if (resp == NULL)
342 ERROUT(ENOMEM);
343 bcopy(stats, resp->data, sizeof(*stats));
344 }
345
346 /* Clear stats (if desired) */
347 if (msg->header.cmd != NGM_BPF_GET_STATS)
348 bzero(stats, sizeof(*stats));
349 break;
350 }
351
352 default:
353 error = EINVAL;
354 break;
355 }
356 break;
357 default:
358 error = EINVAL;
359 break;
360 }
361 if (rptr)
362 *rptr = resp;
363 else if (resp)
364 FREE(resp, M_NETGRAPH);
365
366done:
367 FREE(msg, M_NETGRAPH);
368 return (error);
369}
370
371/*
372 * Receive data on a hook
373 *
374 * Apply the filter, and then drop or forward packet as appropriate.
375 */
376static int
377ng_bpf_rcvdata(hook_p hook, struct mbuf *m, meta_p meta,
| 199 ng_bpf_disconnect,
200 ng_bpf_cmdlist
201};
202NETGRAPH_INIT(bpf, &typestruct);
203
204/* Default BPF program for a hook that matches nothing */
205static const struct ng_bpf_hookprog ng_bpf_default_prog = {
206 { '\0' }, /* to be filled in at hook creation time */
207 { '\0' },
208 { '\0' },
209 1,
210 { BPF_STMT(BPF_RET+BPF_K, 0) }
211};
212
213/*
214 * Node constructor
215 *
216 * We don't keep any per-node private data
217 */
218static int
219ng_bpf_constructor(node_p *nodep)
220{
221 int error = 0;
222
223 if ((error = ng_make_node_common(&typestruct, nodep)))
224 return (error);
225 (*nodep)->private = NULL;
226 return (0);
227}
228
229/*
230 * Add a hook
231 */
232static int
233ng_bpf_newhook(node_p node, hook_p hook, const char *name)
234{
235 hinfo_p hip;
236 int error;
237
238 /* Create hook private structure */
239 MALLOC(hip, hinfo_p, sizeof(*hip), M_NETGRAPH, M_NOWAIT | M_ZERO);
240 if (hip == NULL)
241 return (ENOMEM);
242 hip->hook = hook;
243 hook->private = hip;
244 hip->node = node;
245
246 /* Attach the default BPF program */
247 if ((error = ng_bpf_setprog(hook, &ng_bpf_default_prog)) != 0) {
248 FREE(hip, M_NETGRAPH);
249 hook->private = NULL;
250 return (error);
251 }
252
253 /* Set hook name */
254 strncpy(hip->prog->thisHook, name, sizeof(hip->prog->thisHook) - 1);
255 hip->prog->thisHook[sizeof(hip->prog->thisHook) - 1] = '\0';
256 return (0);
257}
258
259/*
260 * Receive a control message
261 */
262static int
263ng_bpf_rcvmsg(node_p node, struct ng_mesg *msg, const char *retaddr,
264 struct ng_mesg **rptr, hook_p lasthook)
265{
266 struct ng_mesg *resp = NULL;
267 int error = 0;
268
269 switch (msg->header.typecookie) {
270 case NGM_BPF_COOKIE:
271 switch (msg->header.cmd) {
272 case NGM_BPF_SET_PROGRAM:
273 {
274 struct ng_bpf_hookprog *const
275 hp = (struct ng_bpf_hookprog *)msg->data;
276 hook_p hook;
277
278 /* Sanity check */
279 if (msg->header.arglen < sizeof(*hp)
280 || msg->header.arglen
281 != NG_BPF_HOOKPROG_SIZE(hp->bpf_prog_len))
282 ERROUT(EINVAL);
283
284 /* Find hook */
285 if ((hook = ng_findhook(node, hp->thisHook)) == NULL)
286 ERROUT(ENOENT);
287
288 /* Set new program */
289 if ((error = ng_bpf_setprog(hook, hp)) != 0)
290 ERROUT(error);
291 break;
292 }
293
294 case NGM_BPF_GET_PROGRAM:
295 {
296 struct ng_bpf_hookprog *hp;
297 hook_p hook;
298
299 /* Sanity check */
300 if (msg->header.arglen == 0)
301 ERROUT(EINVAL);
302 msg->data[msg->header.arglen - 1] = '\0';
303
304 /* Find hook */
305 if ((hook = ng_findhook(node, msg->data)) == NULL)
306 ERROUT(ENOENT);
307
308 /* Build response */
309 hp = ((hinfo_p)hook->private)->prog;
310 NG_MKRESPONSE(resp, msg,
311 NG_BPF_HOOKPROG_SIZE(hp->bpf_prog_len), M_NOWAIT);
312 if (resp == NULL)
313 ERROUT(ENOMEM);
314 bcopy(hp, resp->data,
315 NG_BPF_HOOKPROG_SIZE(hp->bpf_prog_len));
316 break;
317 }
318
319 case NGM_BPF_GET_STATS:
320 case NGM_BPF_CLR_STATS:
321 case NGM_BPF_GETCLR_STATS:
322 {
323 struct ng_bpf_hookstat *stats;
324 hook_p hook;
325
326 /* Sanity check */
327 if (msg->header.arglen == 0)
328 ERROUT(EINVAL);
329 msg->data[msg->header.arglen - 1] = '\0';
330
331 /* Find hook */
332 if ((hook = ng_findhook(node, msg->data)) == NULL)
333 ERROUT(ENOENT);
334 stats = &((hinfo_p)hook->private)->stats;
335
336 /* Build response (if desired) */
337 if (msg->header.cmd != NGM_BPF_CLR_STATS) {
338 NG_MKRESPONSE(resp,
339 msg, sizeof(*stats), M_NOWAIT);
340 if (resp == NULL)
341 ERROUT(ENOMEM);
342 bcopy(stats, resp->data, sizeof(*stats));
343 }
344
345 /* Clear stats (if desired) */
346 if (msg->header.cmd != NGM_BPF_GET_STATS)
347 bzero(stats, sizeof(*stats));
348 break;
349 }
350
351 default:
352 error = EINVAL;
353 break;
354 }
355 break;
356 default:
357 error = EINVAL;
358 break;
359 }
360 if (rptr)
361 *rptr = resp;
362 else if (resp)
363 FREE(resp, M_NETGRAPH);
364
365done:
366 FREE(msg, M_NETGRAPH);
367 return (error);
368}
369
370/*
371 * Receive data on a hook
372 *
373 * Apply the filter, and then drop or forward packet as appropriate.
374 */
375static int
376ng_bpf_rcvdata(hook_p hook, struct mbuf *m, meta_p meta,
|
378 struct mbuf **ret_m, meta_p *ret_meta)
| 377 struct mbuf **ret_m, meta_p *ret_meta, struct ng_mesg **resp)
|
379{
380 const hinfo_p hip = hook->private;
381 int totlen = m->m_pkthdr.len;
382 int needfree = 0, error = 0;
383 u_char *data, buf[256];
384 hinfo_p dhip;
385 hook_p dest;
386 u_int len;
387
388 /* Update stats on incoming hook */
389 hip->stats.recvFrames++;
390 hip->stats.recvOctets += totlen;
391
392 /* Need to put packet in contiguous memory for bpf */
393 if (m->m_next != NULL) {
394 if (totlen > sizeof(buf)) {
395 MALLOC(data, u_char *, totlen, M_NETGRAPH, M_NOWAIT);
396 if (data == NULL) {
397 NG_FREE_DATA(m, meta);
398 return (ENOMEM);
399 }
400 needfree = 1;
401 } else
402 data = buf;
403 m_copydata(m, 0, totlen, (caddr_t)data);
404 } else
405 data = mtod(m, u_char *);
406
407 /* Run packet through filter */
408 len = bpf_filter(hip->prog->bpf_prog, data, totlen, totlen);
409 if (needfree)
410 FREE(data, M_NETGRAPH);
411
412 /* See if we got a match and find destination hook */
413 if (len > 0) {
414
415 /* Update stats */
416 hip->stats.recvMatchFrames++;
417 hip->stats.recvMatchOctets += totlen;
418
419 /* Truncate packet length if required by the filter */
420 if (len < totlen) {
421 m_adj(m, -(totlen - len));
422 totlen -= len;
423 }
424 dest = ng_findhook(hip->node, hip->prog->ifMatch);
425 } else
426 dest = ng_findhook(hip->node, hip->prog->ifNotMatch);
427 if (dest == NULL) {
428 NG_FREE_DATA(m, meta);
429 return (0);
430 }
431
432 /* Deliver frame out destination hook */
433 dhip = (hinfo_p)dest->private;
434 dhip->stats.xmitOctets += totlen;
435 dhip->stats.xmitFrames++;
436 NG_SEND_DATA(error, dest, m, meta);
437 return (error);
438}
439
440/*
441 * Shutdown processing
442 */
443static int
444ng_bpf_rmnode(node_p node)
445{
446 node->flags |= NG_INVALID;
447 ng_cutlinks(node);
448 ng_unname(node);
449 ng_unref(node);
450 return (0);
451}
452
453/*
454 * Hook disconnection
455 */
456static int
457ng_bpf_disconnect(hook_p hook)
458{
459 const hinfo_p hip = hook->private;
460
461 KASSERT(hip != NULL, ("%s: null info", __FUNCTION__));
462 FREE(hip->prog, M_NETGRAPH);
463 bzero(hip, sizeof(*hip));
464 FREE(hip, M_NETGRAPH);
465 hook->private = NULL; /* for good measure */
466 if (hook->node->numhooks == 0)
467 ng_rmnode(hook->node);
468 return (0);
469}
470
471/************************************************************************
472 HELPER STUFF
473 ************************************************************************/
474
475/*
476 * Set the BPF program associated with a hook
477 */
478static int
479ng_bpf_setprog(hook_p hook, const struct ng_bpf_hookprog *hp0)
480{
481 const hinfo_p hip = hook->private;
482 struct ng_bpf_hookprog *hp;
483 int size;
484
485 /* Check program for validity */
486 if (!bpf_validate(hp0->bpf_prog, hp0->bpf_prog_len))
487 return (EINVAL);
488
489 /* Make a copy of the program */
490 size = NG_BPF_HOOKPROG_SIZE(hp0->bpf_prog_len);
491 MALLOC(hp, struct ng_bpf_hookprog *, size, M_NETGRAPH, M_NOWAIT);
492 if (hp == NULL)
493 return (ENOMEM);
494 bcopy(hp0, hp, size);
495
496 /* Free previous program, if any, and assign new one */
497 if (hip->prog != NULL)
498 FREE(hip->prog, M_NETGRAPH);
499 hip->prog = hp;
500 return (0);
501}
502
| 378{
379 const hinfo_p hip = hook->private;
380 int totlen = m->m_pkthdr.len;
381 int needfree = 0, error = 0;
382 u_char *data, buf[256];
383 hinfo_p dhip;
384 hook_p dest;
385 u_int len;
386
387 /* Update stats on incoming hook */
388 hip->stats.recvFrames++;
389 hip->stats.recvOctets += totlen;
390
391 /* Need to put packet in contiguous memory for bpf */
392 if (m->m_next != NULL) {
393 if (totlen > sizeof(buf)) {
394 MALLOC(data, u_char *, totlen, M_NETGRAPH, M_NOWAIT);
395 if (data == NULL) {
396 NG_FREE_DATA(m, meta);
397 return (ENOMEM);
398 }
399 needfree = 1;
400 } else
401 data = buf;
402 m_copydata(m, 0, totlen, (caddr_t)data);
403 } else
404 data = mtod(m, u_char *);
405
406 /* Run packet through filter */
407 len = bpf_filter(hip->prog->bpf_prog, data, totlen, totlen);
408 if (needfree)
409 FREE(data, M_NETGRAPH);
410
411 /* See if we got a match and find destination hook */
412 if (len > 0) {
413
414 /* Update stats */
415 hip->stats.recvMatchFrames++;
416 hip->stats.recvMatchOctets += totlen;
417
418 /* Truncate packet length if required by the filter */
419 if (len < totlen) {
420 m_adj(m, -(totlen - len));
421 totlen -= len;
422 }
423 dest = ng_findhook(hip->node, hip->prog->ifMatch);
424 } else
425 dest = ng_findhook(hip->node, hip->prog->ifNotMatch);
426 if (dest == NULL) {
427 NG_FREE_DATA(m, meta);
428 return (0);
429 }
430
431 /* Deliver frame out destination hook */
432 dhip = (hinfo_p)dest->private;
433 dhip->stats.xmitOctets += totlen;
434 dhip->stats.xmitFrames++;
435 NG_SEND_DATA(error, dest, m, meta);
436 return (error);
437}
438
439/*
440 * Shutdown processing
441 */
442static int
443ng_bpf_rmnode(node_p node)
444{
445 node->flags |= NG_INVALID;
446 ng_cutlinks(node);
447 ng_unname(node);
448 ng_unref(node);
449 return (0);
450}
451
452/*
453 * Hook disconnection
454 */
455static int
456ng_bpf_disconnect(hook_p hook)
457{
458 const hinfo_p hip = hook->private;
459
460 KASSERT(hip != NULL, ("%s: null info", __FUNCTION__));
461 FREE(hip->prog, M_NETGRAPH);
462 bzero(hip, sizeof(*hip));
463 FREE(hip, M_NETGRAPH);
464 hook->private = NULL; /* for good measure */
465 if (hook->node->numhooks == 0)
466 ng_rmnode(hook->node);
467 return (0);
468}
469
470/************************************************************************
471 HELPER STUFF
472 ************************************************************************/
473
474/*
475 * Set the BPF program associated with a hook
476 */
477static int
478ng_bpf_setprog(hook_p hook, const struct ng_bpf_hookprog *hp0)
479{
480 const hinfo_p hip = hook->private;
481 struct ng_bpf_hookprog *hp;
482 int size;
483
484 /* Check program for validity */
485 if (!bpf_validate(hp0->bpf_prog, hp0->bpf_prog_len))
486 return (EINVAL);
487
488 /* Make a copy of the program */
489 size = NG_BPF_HOOKPROG_SIZE(hp0->bpf_prog_len);
490 MALLOC(hp, struct ng_bpf_hookprog *, size, M_NETGRAPH, M_NOWAIT);
491 if (hp == NULL)
492 return (ENOMEM);
493 bcopy(hp0, hp, size);
494
495 /* Free previous program, if any, and assign new one */
496 if (hip->prog != NULL)
497 FREE(hip->prog, M_NETGRAPH);
498 hip->prog = hp;
499 return (0);
500}
501
|