npf_if.c revision 1.4.4.2
1 1.4.4.2 tls /* $NetBSD: npf_if.c,v 1.4.4.2 2014/08/20 00:04:35 tls Exp $ */ 2 1.4.4.2 tls 3 1.4.4.2 tls /*- 4 1.4.4.2 tls * Copyright (c) 2013 The NetBSD Foundation, Inc. 5 1.4.4.2 tls * All rights reserved. 6 1.4.4.2 tls * 7 1.4.4.2 tls * This code is derived from software contributed to The NetBSD Foundation 8 1.4.4.2 tls * by Mindaugas Rasiukevicius. 9 1.4.4.2 tls * 10 1.4.4.2 tls * Redistribution and use in source and binary forms, with or without 11 1.4.4.2 tls * modification, are permitted provided that the following conditions 12 1.4.4.2 tls * are met: 13 1.4.4.2 tls * 1. Redistributions of source code must retain the above copyright 14 1.4.4.2 tls * notice, this list of conditions and the following disclaimer. 15 1.4.4.2 tls * 2. Redistributions in binary form must reproduce the above copyright 16 1.4.4.2 tls * notice, this list of conditions and the following disclaimer in the 17 1.4.4.2 tls * documentation and/or other materials provided with the distribution. 18 1.4.4.2 tls * 19 1.4.4.2 tls * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 20 1.4.4.2 tls * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 21 1.4.4.2 tls * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 22 1.4.4.2 tls * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 23 1.4.4.2 tls * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 24 1.4.4.2 tls * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 25 1.4.4.2 tls * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 26 1.4.4.2 tls * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 27 1.4.4.2 tls * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 28 1.4.4.2 tls * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 29 1.4.4.2 tls * POSSIBILITY OF SUCH DAMAGE. 30 1.4.4.2 tls */ 31 1.4.4.2 tls 32 1.4.4.2 tls /* 33 1.4.4.2 tls * NPF network interface handling module. 34 1.4.4.2 tls * 35 1.4.4.2 tls * NPF uses its own interface IDs (npf-if-id). When NPF configuration is 36 1.4.4.2 tls * (re)loaded, each required interface name is registered and a matching 37 1.4.4.2 tls * network interface gets an ID assigned. If an interface is not present, 38 1.4.4.2 tls * it gets an ID on attach. Any other interfaces get INACTIVE_ID. 39 1.4.4.2 tls * 40 1.4.4.2 tls * The IDs are mapped synchronously based on interface events which are 41 1.4.4.2 tls * monitored using pfil(9) hooks. 42 1.4.4.2 tls */ 43 1.4.4.2 tls 44 1.4.4.2 tls #include <sys/cdefs.h> 45 1.4.4.2 tls __KERNEL_RCSID(0, "$NetBSD: npf_if.c,v 1.4.4.2 2014/08/20 00:04:35 tls Exp $"); 46 1.4.4.2 tls 47 1.4.4.2 tls #ifdef _KERNEL_OPT 48 1.4.4.2 tls #include "pf.h" 49 1.4.4.2 tls #if NPF > 0 50 1.4.4.2 tls #error "NPF and PF are mutually exclusive; please select one" 51 1.4.4.2 tls #endif 52 1.4.4.2 tls #endif 53 1.4.4.2 tls 54 1.4.4.2 tls #include <sys/param.h> 55 1.4.4.2 tls #include <sys/types.h> 56 1.4.4.2 tls #include <sys/kmem.h> 57 1.4.4.2 tls 58 1.4.4.2 tls #include <net/if.h> 59 1.4.4.2 tls 60 1.4.4.2 tls #include "npf_impl.h" 61 1.4.4.2 tls 62 1.4.4.2 tls #define INACTIVE_ID ((u_int)-1) 63 1.4.4.2 tls 64 1.4.4.2 tls typedef struct { 65 1.4.4.2 tls char n_ifname[IFNAMSIZ]; 66 1.4.4.2 tls } npf_ifmap_t; 67 1.4.4.2 tls 68 1.4.4.2 tls static npf_ifmap_t npf_ifmap[NPF_MAX_IFMAP] __read_mostly; 69 1.4.4.2 tls static u_int npf_ifmap_cnt __read_mostly; 70 1.4.4.2 tls 71 1.4.4.2 tls /* 72 1.4.4.2 tls * NOTE: IDs start from 1. Zero is reserved for "no interface" and 73 1.4.4.2 tls * (unsigned)-1 for "inactive interface". Therefore, an interface 74 1.4.4.2 tls * can have either INACTIVE_ID or non-zero ID. 75 1.4.4.2 tls */ 76 1.4.4.2 tls 77 1.4.4.2 tls static u_int 78 1.4.4.2 tls npf_ifmap_new(void) 79 1.4.4.2 tls { 80 1.4.4.2 tls KASSERT(npf_config_locked_p()); 81 1.4.4.2 tls 82 1.4.4.2 tls for (u_int i = 0; i < npf_ifmap_cnt; i++) 83 1.4.4.2 tls if (npf_ifmap[i].n_ifname[0] == '\0') 84 1.4.4.2 tls return i + 1; 85 1.4.4.2 tls 86 1.4.4.2 tls if (npf_ifmap_cnt == NPF_MAX_IFMAP) { 87 1.4.4.2 tls printf("npf_ifmap_new: out of slots; bump NPF_MAX_IFMAP\n"); 88 1.4.4.2 tls return INACTIVE_ID; 89 1.4.4.2 tls } 90 1.4.4.2 tls return ++npf_ifmap_cnt; 91 1.4.4.2 tls } 92 1.4.4.2 tls 93 1.4.4.2 tls static u_int 94 1.4.4.2 tls npf_ifmap_lookup(const char *ifname) 95 1.4.4.2 tls { 96 1.4.4.2 tls KASSERT(npf_config_locked_p()); 97 1.4.4.2 tls 98 1.4.4.2 tls for (u_int i = 0; i < npf_ifmap_cnt; i++) { 99 1.4.4.2 tls npf_ifmap_t *nim = &npf_ifmap[i]; 100 1.4.4.2 tls 101 1.4.4.2 tls if (nim->n_ifname[0] && strcmp(nim->n_ifname, ifname) == 0) 102 1.4.4.2 tls return i + 1; 103 1.4.4.2 tls } 104 1.4.4.2 tls return INACTIVE_ID; 105 1.4.4.2 tls } 106 1.4.4.2 tls 107 1.4.4.2 tls u_int 108 1.4.4.2 tls npf_ifmap_register(const char *ifname) 109 1.4.4.2 tls { 110 1.4.4.2 tls npf_ifmap_t *nim; 111 1.4.4.2 tls ifnet_t *ifp; 112 1.4.4.2 tls u_int i; 113 1.4.4.2 tls 114 1.4.4.2 tls npf_config_enter(); 115 1.4.4.2 tls if ((i = npf_ifmap_lookup(ifname)) != INACTIVE_ID) { 116 1.4.4.2 tls goto out; 117 1.4.4.2 tls } 118 1.4.4.2 tls if ((i = npf_ifmap_new()) == INACTIVE_ID) { 119 1.4.4.2 tls i = INACTIVE_ID; 120 1.4.4.2 tls goto out; 121 1.4.4.2 tls } 122 1.4.4.2 tls nim = &npf_ifmap[i - 1]; 123 1.4.4.2 tls strlcpy(nim->n_ifname, ifname, IFNAMSIZ); 124 1.4.4.2 tls 125 1.4.4.2 tls KERNEL_LOCK(1, NULL); 126 1.4.4.2 tls if ((ifp = ifunit(ifname)) != NULL) { 127 1.4.4.2 tls ifp->if_pf_kif = (void *)(uintptr_t)i; 128 1.4.4.2 tls } 129 1.4.4.2 tls KERNEL_UNLOCK_ONE(NULL); 130 1.4.4.2 tls out: 131 1.4.4.2 tls npf_config_exit(); 132 1.4.4.2 tls return i; 133 1.4.4.2 tls } 134 1.4.4.2 tls 135 1.4.4.2 tls void 136 1.4.4.2 tls npf_ifmap_flush(void) 137 1.4.4.2 tls { 138 1.4.4.2 tls ifnet_t *ifp; 139 1.4.4.2 tls 140 1.4.4.2 tls KASSERT(npf_config_locked_p()); 141 1.4.4.2 tls 142 1.4.4.2 tls for (u_int i = 0; i < npf_ifmap_cnt; i++) { 143 1.4.4.2 tls npf_ifmap[i].n_ifname[0] = '\0'; 144 1.4.4.2 tls } 145 1.4.4.2 tls npf_ifmap_cnt = 0; 146 1.4.4.2 tls 147 1.4.4.2 tls KERNEL_LOCK(1, NULL); 148 1.4.4.2 tls IFNET_FOREACH(ifp) { 149 1.4.4.2 tls ifp->if_pf_kif = (void *)(uintptr_t)INACTIVE_ID; 150 1.4.4.2 tls } 151 1.4.4.2 tls KERNEL_UNLOCK_ONE(NULL); 152 1.4.4.2 tls } 153 1.4.4.2 tls 154 1.4.4.2 tls u_int 155 1.4.4.2 tls npf_ifmap_getid(const ifnet_t *ifp) 156 1.4.4.2 tls { 157 1.4.4.2 tls const u_int i = (uintptr_t)ifp->if_pf_kif; 158 1.4.4.2 tls 159 1.4.4.2 tls KASSERT(i == INACTIVE_ID || (i > 0 && i <= npf_ifmap_cnt)); 160 1.4.4.2 tls return i; 161 1.4.4.2 tls } 162 1.4.4.2 tls 163 1.4.4.2 tls const char * 164 1.4.4.2 tls npf_ifmap_getname(const u_int id) 165 1.4.4.2 tls { 166 1.4.4.2 tls const char *ifname; 167 1.4.4.2 tls 168 1.4.4.2 tls KASSERT(npf_config_locked_p()); 169 1.4.4.2 tls KASSERT(id > 0 && id <= npf_ifmap_cnt); 170 1.4.4.2 tls 171 1.4.4.2 tls ifname = npf_ifmap[id - 1].n_ifname; 172 1.4.4.2 tls KASSERT(ifname[0] != '\0'); 173 1.4.4.2 tls return ifname; 174 1.4.4.2 tls } 175 1.4.4.2 tls 176 1.4.4.2 tls void 177 1.4.4.2 tls npf_ifmap_attach(ifnet_t *ifp) 178 1.4.4.2 tls { 179 1.4.4.2 tls npf_config_enter(); 180 1.4.4.2 tls ifp->if_pf_kif = (void *)(uintptr_t)npf_ifmap_lookup(ifp->if_xname); 181 1.4.4.2 tls npf_config_exit(); 182 1.4.4.2 tls } 183 1.4.4.2 tls 184 1.4.4.2 tls void 185 1.4.4.2 tls npf_ifmap_detach(ifnet_t *ifp) 186 1.4.4.2 tls { 187 1.4.4.2 tls npf_config_enter(); 188 1.4.4.2 tls ifp->if_pf_kif = (void *)(uintptr_t)INACTIVE_ID; /* diagnostic */ 189 1.4.4.2 tls npf_config_exit(); 190 1.4.4.2 tls } 191
Indexes created Sun Oct 19 02:09:48 GMT 2025