npf_if.c revision 1.10
1 1.1 rmind /*- 2 1.1 rmind * Copyright (c) 2013 The NetBSD Foundation, Inc. 3 1.1 rmind * All rights reserved. 4 1.1 rmind * 5 1.1 rmind * This code is derived from software contributed to The NetBSD Foundation 6 1.1 rmind * by Mindaugas Rasiukevicius. 7 1.1 rmind * 8 1.1 rmind * Redistribution and use in source and binary forms, with or without 9 1.1 rmind * modification, are permitted provided that the following conditions 10 1.1 rmind * are met: 11 1.1 rmind * 1. Redistributions of source code must retain the above copyright 12 1.1 rmind * notice, this list of conditions and the following disclaimer. 13 1.1 rmind * 2. Redistributions in binary form must reproduce the above copyright 14 1.1 rmind * notice, this list of conditions and the following disclaimer in the 15 1.1 rmind * documentation and/or other materials provided with the distribution. 16 1.1 rmind * 17 1.1 rmind * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 18 1.1 rmind * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 19 1.1 rmind * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 20 1.1 rmind * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 21 1.1 rmind * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 22 1.1 rmind * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 23 1.1 rmind * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 24 1.1 rmind * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 25 1.1 rmind * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 26 1.1 rmind * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 27 1.1 rmind * POSSIBILITY OF SUCH DAMAGE. 28 1.1 rmind */ 29 1.1 rmind 30 1.1 rmind /* 31 1.1 rmind * NPF network interface handling module. 32 1.1 rmind * 33 1.1 rmind * NPF uses its own interface IDs (npf-if-id). When NPF configuration is 34 1.1 rmind * (re)loaded, each required interface name is registered and a matching 35 1.1 rmind * network interface gets an ID assigned. If an interface is not present, 36 1.5 rmind * it gets an ID on attach. 37 1.5 rmind * 38 1.5 rmind * IDs start from 1. Zero is reserved to indicate "no interface" case or 39 1.5 rmind * an interface of no interest (i.e. not registered). 40 1.1 rmind * 41 1.1 rmind * The IDs are mapped synchronously based on interface events which are 42 1.1 rmind * monitored using pfil(9) hooks. 43 1.1 rmind */ 44 1.1 rmind 45 1.7 christos #ifdef _KERNEL 46 1.1 rmind #include <sys/cdefs.h> 47 1.10 rmind __KERNEL_RCSID(0, "$NetBSD: npf_if.c,v 1.10 2019/08/11 20:26:33 rmind Exp $"); 48 1.1 rmind 49 1.1 rmind #include <sys/param.h> 50 1.1 rmind #include <sys/types.h> 51 1.1 rmind #include <sys/kmem.h> 52 1.1 rmind #include <net/if.h> 53 1.7 christos #endif 54 1.1 rmind 55 1.1 rmind #include "npf_impl.h" 56 1.1 rmind 57 1.7 christos typedef struct npf_ifmap { 58 1.1 rmind char n_ifname[IFNAMSIZ]; 59 1.1 rmind } npf_ifmap_t; 60 1.1 rmind 61 1.7 christos void 62 1.7 christos npf_ifmap_init(npf_t *npf, const npf_ifops_t *ifops) 63 1.7 christos { 64 1.7 christos const size_t nbytes = sizeof(npf_ifmap_t) * NPF_MAX_IFMAP; 65 1.7 christos 66 1.7 christos KASSERT(ifops != NULL); 67 1.7 christos ifops->flush((void *)(uintptr_t)0); 68 1.7 christos 69 1.7 christos npf->ifmap = kmem_zalloc(nbytes, KM_SLEEP); 70 1.7 christos npf->ifmap_cnt = 0; 71 1.7 christos npf->ifops = ifops; 72 1.7 christos } 73 1.7 christos 74 1.7 christos void 75 1.7 christos npf_ifmap_fini(npf_t *npf) 76 1.7 christos { 77 1.7 christos const size_t nbytes = sizeof(npf_ifmap_t) * NPF_MAX_IFMAP; 78 1.7 christos kmem_free(npf->ifmap, nbytes); 79 1.7 christos } 80 1.1 rmind 81 1.1 rmind static u_int 82 1.7 christos npf_ifmap_new(npf_t *npf) 83 1.1 rmind { 84 1.7 christos KASSERT(npf_config_locked_p(npf)); 85 1.1 rmind 86 1.7 christos for (u_int i = 0; i < npf->ifmap_cnt; i++) 87 1.7 christos if (npf->ifmap[i].n_ifname[0] == '\0') 88 1.1 rmind return i + 1; 89 1.1 rmind 90 1.7 christos if (npf->ifmap_cnt == NPF_MAX_IFMAP) { 91 1.1 rmind printf("npf_ifmap_new: out of slots; bump NPF_MAX_IFMAP\n"); 92 1.5 rmind return 0; 93 1.1 rmind } 94 1.7 christos return ++npf->ifmap_cnt; 95 1.1 rmind } 96 1.1 rmind 97 1.1 rmind static u_int 98 1.7 christos npf_ifmap_lookup(npf_t *npf, const char *ifname) 99 1.1 rmind { 100 1.7 christos KASSERT(npf_config_locked_p(npf)); 101 1.1 rmind 102 1.7 christos for (u_int i = 0; i < npf->ifmap_cnt; i++) { 103 1.7 christos npf_ifmap_t *nim = &npf->ifmap[i]; 104 1.1 rmind 105 1.2 martin if (nim->n_ifname[0] && strcmp(nim->n_ifname, ifname) == 0) 106 1.1 rmind return i + 1; 107 1.1 rmind } 108 1.5 rmind return 0; 109 1.1 rmind } 110 1.1 rmind 111 1.1 rmind u_int 112 1.7 christos npf_ifmap_register(npf_t *npf, const char *ifname) 113 1.1 rmind { 114 1.1 rmind npf_ifmap_t *nim; 115 1.1 rmind ifnet_t *ifp; 116 1.1 rmind u_int i; 117 1.1 rmind 118 1.7 christos npf_config_enter(npf); 119 1.7 christos if ((i = npf_ifmap_lookup(npf, ifname)) != 0) { 120 1.1 rmind goto out; 121 1.1 rmind } 122 1.7 christos if ((i = npf_ifmap_new(npf)) == 0) { 123 1.1 rmind goto out; 124 1.1 rmind } 125 1.7 christos nim = &npf->ifmap[i - 1]; 126 1.1 rmind strlcpy(nim->n_ifname, ifname, IFNAMSIZ); 127 1.1 rmind 128 1.7 christos if ((ifp = npf->ifops->lookup(ifname)) != NULL) { 129 1.7 christos npf->ifops->setmeta(ifp, (void *)(uintptr_t)i); 130 1.1 rmind } 131 1.1 rmind out: 132 1.7 christos npf_config_exit(npf); 133 1.1 rmind return i; 134 1.1 rmind } 135 1.1 rmind 136 1.1 rmind void 137 1.7 christos npf_ifmap_flush(npf_t *npf) 138 1.1 rmind { 139 1.7 christos KASSERT(npf_config_locked_p(npf)); 140 1.1 rmind 141 1.7 christos for (u_int i = 0; i < npf->ifmap_cnt; i++) { 142 1.7 christos npf->ifmap[i].n_ifname[0] = '\0'; 143 1.1 rmind } 144 1.7 christos npf->ifmap_cnt = 0; 145 1.7 christos npf->ifops->flush((void *)(uintptr_t)0); 146 1.1 rmind } 147 1.1 rmind 148 1.1 rmind u_int 149 1.7 christos npf_ifmap_getid(npf_t *npf, const ifnet_t *ifp) 150 1.1 rmind { 151 1.7 christos const u_int i = (uintptr_t)npf->ifops->getmeta(ifp); 152 1.7 christos KASSERT(i <= npf->ifmap_cnt); 153 1.1 rmind return i; 154 1.1 rmind } 155 1.1 rmind 156 1.8 christos /* 157 1.8 christos * This function is toxic; it can return garbage since we don't 158 1.8 christos * lock, but it is only used temporarily and only for logging. 159 1.8 christos */ 160 1.8 christos void 161 1.8 christos npf_ifmap_copyname(npf_t *npf, u_int id, char *buf, size_t len) 162 1.8 christos { 163 1.8 christos if (id > 0 && id < npf->ifmap_cnt) 164 1.8 christos strlcpy(buf, npf->ifmap[id - 1].n_ifname, 165 1.8 christos MIN(len, sizeof(npf->ifmap[id - 1].n_ifname))); 166 1.8 christos else 167 1.8 christos strlcpy(buf, "???", len); 168 1.8 christos } 169 1.8 christos 170 1.4 rmind const char * 171 1.7 christos npf_ifmap_getname(npf_t *npf, const u_int id) 172 1.4 rmind { 173 1.4 rmind const char *ifname; 174 1.4 rmind 175 1.7 christos KASSERT(npf_config_locked_p(npf)); 176 1.7 christos KASSERT(id > 0 && id <= npf->ifmap_cnt); 177 1.4 rmind 178 1.7 christos ifname = npf->ifmap[id - 1].n_ifname; 179 1.4 rmind KASSERT(ifname[0] != '\0'); 180 1.4 rmind return ifname; 181 1.4 rmind } 182 1.4 rmind 183 1.7 christos __dso_public void 184 1.10 rmind npfk_ifmap_attach(npf_t *npf, ifnet_t *ifp) 185 1.1 rmind { 186 1.7 christos const npf_ifops_t *ifops = npf->ifops; 187 1.7 christos u_int i; 188 1.7 christos 189 1.7 christos npf_config_enter(npf); 190 1.7 christos i = npf_ifmap_lookup(npf, ifops->getname(ifp)); 191 1.7 christos ifops->setmeta(ifp, (void *)(uintptr_t)i); 192 1.7 christos npf_config_exit(npf); 193 1.1 rmind } 194 1.1 rmind 195 1.7 christos __dso_public void 196 1.10 rmind npfk_ifmap_detach(npf_t *npf, ifnet_t *ifp) 197 1.1 rmind { 198 1.5 rmind /* Diagnostic. */ 199 1.7 christos npf_config_enter(npf); 200 1.7 christos npf->ifops->setmeta(ifp, (void *)(uintptr_t)0); 201 1.7 christos npf_config_exit(npf); 202 1.1 rmind } 203
Indexes created Sun Sep 21 20:09:37 GMT 2025