Home | History | Annotate | Line # | Download | only in config
      1 /*	$NetBSD: ndbootd-bpf.c,v 1.8 2004/12/01 23:18:20 christos Exp $	*/
      2 
      3 /* ndbootd-bpf.c - the Sun Network Disk (nd) daemon BPF component: */
      4 
      5 /*
      6  * Copyright (c) 2001 Matthew Fredette.  All rights reserved.
      7  *
      8  * Redistribution and use in source and binary forms, with or without
      9  * modification, are permitted provided that the following conditions
     10  * are met:
     11  *   1. Redistributions of source code must retain the above copyright
     12  *      notice, this list of conditions and the following disclaimer.
     13  *   2. Redistributions in binary form must reproduce the above copyright
     14  *      notice, this list of conditions and the following disclaimer in the
     15  *      documentation and/or other materials provided with the distribution.
     16  *   3. All advertising materials mentioning features or use of this software
     17  *      must display the following acknowledgement:
     18  *        This product includes software developed by Matthew Fredette.
     19  *   4. The name of Matthew Fredette may not be used to endorse or promote
     20  *      products derived from this software without specific prior written
     21  *      permission.
     22  *
     23  * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
     24  * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
     25  * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
     26  */
     27 
     28 /* <<Header: /data/home/fredette/project/THE-WEIGHT-CVS/ndbootd/config/ndbootd-bpf.c,v 1.4 2001/05/23 02:35:49 fredette Exp >> */
     29 
     30 /*
     31  * <<Log: ndbootd-bpf.c,v >>
     32  * Revision 1.4  2001/05/23 02:35:49  fredette
     33  * Changed many debugging printfs to compile quietly on the
     34  * alpha.  Patch from Andrew Brown <atatat (at) atatdot.net>.
     35  *
     36  * Revision 1.3  2001/05/22 13:13:24  fredette
     37  * Ran indent(1) with NetBSD's KNF-approximating profile.
     38  *
     39  * Revision 1.2  2001/05/09 20:50:46  fredette
     40  * Removed an unnecessary comment.
     41  *
     42  * Revision 1.1  2001/01/29 15:12:13  fredette
     43  * Added.
     44  *
     45  */
     46 
     47 #include <sys/cdefs.h>
     48 #if o
     49 static const char _ndbootd_bpf_c_rcsid[] = "<<Id: ndbootd-bpf.c,v 1.4 2001/05/23 02:35:49 fredette Exp >>";
     50 #else
     51 __RCSID("$NetBSD: ndbootd-bpf.c,v 1.8 2004/12/01 23:18:20 christos Exp $");
     52 #endif
     53 
     54 /* includes: */
     55 #include <sys/poll.h>
     56 #include <net/bpf.h>
     57 #include <paths.h>
     58 
     59 /* structures: */
     60 struct _ndbootd_interface_bpf {
     61 
     62 	/* the size of the packet buffer for the interface: */
     63 	size_t _ndbootd_interface_bpf_buffer_size;
     64 
     65 	/* the packet buffer for the interface: */
     66 	char *_ndbootd_interface_bpf_buffer;
     67 
     68 	/* the next offset within the packet buffer, and the end of the data
     69 	 * in the packet buffer: */
     70 	size_t _ndbootd_interface_bpf_buffer_offset;
     71 	size_t _ndbootd_interface_bpf_buffer_end;
     72 };
     73 
     74 /* the BPF program to capture ND packets: */
     75 static struct bpf_insn ndboot_bpf_filter[] = {
     76 
     77 	/* drop this packet if its ethertype isn't ETHERTYPE_IP: */
     78 	BPF_STMT(BPF_LD + BPF_H + BPF_ABS, NDBOOTD_OFFSETOF(struct ether_header, ether_type)),
     79 	BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, ETHERTYPE_IP, 0, 9),
     80 
     81 	/* drop this packet if its IP protocol isn't IPPROTO_ND: */
     82 	BPF_STMT(BPF_LD + BPF_B + BPF_ABS, sizeof(struct ether_header) + NDBOOTD_OFFSETOF(struct ip, ip_p)),
     83 	BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, IPPROTO_ND, 0, 7),
     84 
     85 	/* drop this packet if it's a fragment: */
     86 	BPF_STMT(BPF_LD + BPF_H + BPF_ABS, sizeof(struct ether_header) + NDBOOTD_OFFSETOF(struct ip, ip_off)),
     87 	BPF_JUMP(BPF_JMP + BPF_JSET + BPF_K, 0x3fff, 5, 0),
     88 
     89 	/* drop this packet if it is carrying data (we only want requests,
     90 	 * which have no data): */
     91 	BPF_STMT(BPF_LD + BPF_H + BPF_ABS, sizeof(struct ether_header) + NDBOOTD_OFFSETOF(struct ip, ip_len)),
     92 	BPF_STMT(BPF_LDX + BPF_B + BPF_MSH, sizeof(struct ether_header)),
     93 	BPF_STMT(BPF_ALU + BPF_SUB + BPF_X, 0),
     94 	BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, sizeof(struct ndboot_packet), 0, 1),
     95 
     96 	/* accept this packet: */
     97 	BPF_STMT(BPF_RET + BPF_K, (u_int) -1),
     98 
     99 	/* drop this packet: */
    100 	BPF_STMT(BPF_RET + BPF_K, 0),
    101 };
    102 
    103 /* this opens a raw socket using BPF. */
    104 int
    105 ndbootd_raw_open(struct ndbootd_interface * interface)
    106 {
    107 	int network_fd;
    108 	int saved_errno;
    109 	u_int bufsize;
    110 	u_int bpf_opt;
    111 	struct bpf_version version;
    112 	u_int packet_buffer_size;
    113 	struct bpf_program program;
    114 	struct _ndbootd_interface_bpf *interface_bpf;
    115 	const char *dev_bpf_filename = _PATH_BPF;
    116 
    117 	/* loop trying to open the /dev/bpf device: */
    118 	if ((network_fd = open(dev_bpf_filename, O_RDWR)) < 0) {
    119 		/* we have failed: */
    120 		_NDBOOTD_DEBUG((fp, "bpf: failed to open %s: %s", dev_bpf_filename, strerror(errno)));
    121 		return (-1);
    122 	}
    123 	_NDBOOTD_DEBUG((fp, "bpf: opened %s", dev_bpf_filename));
    124 
    125 	/* this macro helps in closing the BPF socket on error: */
    126 #define _NDBOOTD_RAW_OPEN_ERROR(x) saved_errno = errno; x; errno = saved_errno
    127 
    128 	/* check the BPF version: */
    129 	if (ioctl(network_fd, BIOCVERSION, &version) < 0) {
    130 		_NDBOOTD_DEBUG((fp, "bpf: failed to get the BPF version on %s: %s",
    131 			dev_bpf_filename, strerror(errno)));
    132 		_NDBOOTD_RAW_OPEN_ERROR(close(network_fd));
    133 		return (-1);
    134 	}
    135 	if (version.bv_major != BPF_MAJOR_VERSION
    136 	    || version.bv_minor < BPF_MINOR_VERSION) {
    137 		_NDBOOTD_DEBUG((fp, "bpf: kernel BPF version is %d.%d, my BPF version is %d.%d",
    138 			version.bv_major, version.bv_minor,
    139 			BPF_MAJOR_VERSION, BPF_MINOR_VERSION));
    140 		close(network_fd);
    141 		errno = ENXIO;
    142 		return (-1);
    143 	}
    144 	/* put the BPF device into immediate mode: */
    145 	bpf_opt = TRUE;
    146 	if (ioctl(network_fd, BIOCIMMEDIATE, &bpf_opt) < 0) {
    147 		_NDBOOTD_DEBUG((fp, "bpf: failed to put %s into immediate mode: %s",
    148 			dev_bpf_filename, strerror(errno)));
    149 		_NDBOOTD_RAW_OPEN_ERROR(close(network_fd));
    150 		return (-1);
    151 	}
    152 	/* set a reasonable sized buffer for the BPF device */
    153 	bufsize = 32768;
    154 	if (ioctl(network_fd, BIOCSBLEN, &bufsize) < 0) {
    155 		_NDBOOTD_DEBUG((fp, "bpf: failed set buffer size to %d: %s",
    156 			bufsize, strerror(errno)));
    157 	}
    158 	/* tell the BPF device we're providing complete Ethernet headers: */
    159 	bpf_opt = TRUE;
    160 	if (ioctl(network_fd, BIOCSHDRCMPLT, &bpf_opt) < 0) {
    161 		_NDBOOTD_DEBUG((fp, "bpf: failed to put %s into complete-headers mode: %s",
    162 			dev_bpf_filename, strerror(errno)));
    163 		_NDBOOTD_RAW_OPEN_ERROR(close(network_fd));
    164 		return (-1);
    165 	}
    166 	/* point the BPF device at the interface we're using: */
    167 	if (ioctl(network_fd, BIOCSETIF, interface->ndbootd_interface_ifreq) < 0) {
    168 		_NDBOOTD_DEBUG((fp, "bpf: failed to point BPF socket at %s: %s",
    169 			interface->ndbootd_interface_ifreq->ifr_name, strerror(errno)));
    170 		saved_errno = errno;
    171 		close(network_fd);
    172 		errno = saved_errno;
    173 		return (-1);
    174 	}
    175 	/* set the filter on the BPF device: */
    176 	program.bf_len = sizeof(ndboot_bpf_filter) / sizeof(ndboot_bpf_filter[0]);
    177 	program.bf_insns = ndboot_bpf_filter;
    178 	if (ioctl(network_fd, BIOCSETF, &program) < 0) {
    179 		_NDBOOTD_DEBUG((fp, "bpf: failed to set the filter on %s: %s",
    180 			dev_bpf_filename, strerror(errno)));
    181 		_NDBOOTD_RAW_OPEN_ERROR(close(network_fd));
    182 		return (-1);
    183 	}
    184 	/* get the BPF read buffer size: */
    185 	if (ioctl(network_fd, BIOCGBLEN, &packet_buffer_size) < 0) {
    186 		_NDBOOTD_DEBUG((fp, "bpf: failed to read the buffer size for %s: %s",
    187 			dev_bpf_filename, strerror(errno)));
    188 		_NDBOOTD_RAW_OPEN_ERROR(close(network_fd));
    189 		return (-1);
    190 	}
    191 	_NDBOOTD_DEBUG((fp, "bpf: buffer size for %s is %u",
    192 		dev_bpf_filename, packet_buffer_size));
    193 
    194 	/* allocate our private interface information and we're done: */
    195 	interface->ndbootd_interface_fd = network_fd;
    196 	interface_bpf = ndbootd_new0(struct _ndbootd_interface_bpf, 1);
    197 	interface_bpf->_ndbootd_interface_bpf_buffer_size = packet_buffer_size;
    198 	interface_bpf->_ndbootd_interface_bpf_buffer = ndbootd_new(char, packet_buffer_size);
    199 	interface->_ndbootd_interface_raw_private = interface_bpf;
    200 	return (0);
    201 #undef _NDBOOTD_RAW_OPEN_ERROR
    202 }
    203 
    204 /* this reads a raw packet: */
    205 int
    206 ndbootd_raw_read(struct ndbootd_interface * interface, void *packet_buffer, size_t packet_buffer_size)
    207 {
    208 	struct _ndbootd_interface_bpf *interface_bpf;
    209 	ssize_t buffer_end;
    210 	struct bpf_hdr the_bpf_header;
    211 	struct pollfd set[1];
    212 
    213 	/* recover our state: */
    214 	interface_bpf = (struct _ndbootd_interface_bpf *) interface->_ndbootd_interface_raw_private;
    215 
    216 	/* loop until we have something to return: */
    217 	set[0].fd = interface->ndbootd_interface_fd;
    218 	set[0].events = POLLIN;
    219 	for (;;) {
    220 
    221 		/* if the buffer is empty, fill it: */
    222 		if (interface_bpf->_ndbootd_interface_bpf_buffer_offset
    223 		    >= interface_bpf->_ndbootd_interface_bpf_buffer_end) {
    224 
    225 			/* poll on the BPF socket: */
    226 			_NDBOOTD_DEBUG((fp, "bpf: calling poll"));
    227 			switch (poll(set, 1, INFTIM)) {
    228 			case 0:
    229 				_NDBOOTD_DEBUG((fp, "bpf: poll returned zero"));
    230 				continue;
    231 			case 1:
    232 				break;
    233 			default:
    234 				if (errno == EINTR) {
    235 					_NDBOOTD_DEBUG((fp, "bpf: poll got EINTR"));
    236 					continue;
    237 				}
    238 				_NDBOOTD_DEBUG((fp, "bpf: poll failed: %s", strerror(errno)));
    239 				return (-1);
    240 			}
    241 			assert(set[0].revents & POLLIN);
    242 
    243 			/* read the BPF socket: */
    244 			_NDBOOTD_DEBUG((fp, "bpf: calling read"));
    245 			buffer_end = read(interface->ndbootd_interface_fd,
    246 			    interface_bpf->_ndbootd_interface_bpf_buffer,
    247 			    interface_bpf->_ndbootd_interface_bpf_buffer_size);
    248 			if (buffer_end <= 0) {
    249 				_NDBOOTD_DEBUG((fp, "bpf: failed to read packets: %s", strerror(errno)));
    250 				return (-1);
    251 			}
    252 			_NDBOOTD_DEBUG((fp, "bpf: read %ld bytes of packets", (long) buffer_end));
    253 			interface_bpf->_ndbootd_interface_bpf_buffer_offset = 0;
    254 			interface_bpf->_ndbootd_interface_bpf_buffer_end = buffer_end;
    255 		}
    256 		/* if there's not enough for a BPF header, flush the buffer: */
    257 		if ((interface_bpf->_ndbootd_interface_bpf_buffer_offset
    258 			+ sizeof(the_bpf_header))
    259 		    > interface_bpf->_ndbootd_interface_bpf_buffer_end) {
    260 			_NDBOOTD_DEBUG((fp, "bpf: flushed garbage BPF header bytes"));
    261 			interface_bpf->_ndbootd_interface_bpf_buffer_end = 0;
    262 			continue;
    263 		}
    264 		/* get the BPF header and check it: */
    265 		memcpy(&the_bpf_header,
    266 		    interface_bpf->_ndbootd_interface_bpf_buffer
    267 		    + interface_bpf->_ndbootd_interface_bpf_buffer_offset,
    268 		    sizeof(the_bpf_header));
    269 		interface_bpf->_ndbootd_interface_bpf_buffer_offset += the_bpf_header.bh_hdrlen;
    270 
    271 		/* if we're missing some part of the packet: */
    272 		if (the_bpf_header.bh_caplen != the_bpf_header.bh_datalen
    273 		    || ((interface_bpf->_ndbootd_interface_bpf_buffer_offset + the_bpf_header.bh_datalen)
    274 			> interface_bpf->_ndbootd_interface_bpf_buffer_end)) {
    275 			_NDBOOTD_DEBUG((fp, "bpf: flushed truncated BPF packet"));
    276 			interface_bpf->_ndbootd_interface_bpf_buffer_offset += the_bpf_header.bh_datalen;
    277 			continue;
    278 		}
    279 		/* silently ignore packets that don't even have Ethernet
    280 		 * headers, and those packets that we transmitted: */
    281 		if (the_bpf_header.bh_datalen < sizeof(struct ether_header)
    282 		    || !memcmp(((struct ether_header *)
    283 			    (interface_bpf->_ndbootd_interface_bpf_buffer
    284 				+ interface_bpf->_ndbootd_interface_bpf_buffer_offset))->ether_shost,
    285 			interface->ndbootd_interface_ether,
    286 			ETHER_ADDR_LEN)) {
    287 			/* silently ignore packets from us: */
    288 			interface_bpf->_ndbootd_interface_bpf_buffer_offset += the_bpf_header.bh_datalen;
    289 			continue;
    290 		}
    291 		/* if the caller hasn't provided a large enough buffer: */
    292 		if (packet_buffer_size < the_bpf_header.bh_datalen) {
    293 			errno = EIO;
    294 			interface_bpf->_ndbootd_interface_bpf_buffer_offset += the_bpf_header.bh_datalen;
    295 			return (-1);
    296 		}
    297 		/* return this captured packet to the user: */
    298 		memcpy(packet_buffer,
    299 		    interface_bpf->_ndbootd_interface_bpf_buffer
    300 		    + interface_bpf->_ndbootd_interface_bpf_buffer_offset,
    301 		    the_bpf_header.bh_datalen);
    302 		interface_bpf->_ndbootd_interface_bpf_buffer_offset += the_bpf_header.bh_datalen;
    303 		return (the_bpf_header.bh_datalen);
    304 	}
    305 	/* NOTREACHED */
    306 }
    307 
    308 /* this writes a raw packet: */
    309 int
    310 ndbootd_raw_write(struct ndbootd_interface * interface, void *packet_buffer, size_t packet_buffer_size)
    311 {
    312 	return (write(interface->ndbootd_interface_fd, packet_buffer, packet_buffer_size));
    313 }
    314