npf_if.c revision 1.5
1 1.5 rmind /* $NetBSD: npf_if.c,v 1.5 2015/07/12 23:51:53 rmind Exp $ */ 2 1.1 rmind 3 1.1 rmind /*- 4 1.1 rmind * Copyright (c) 2013 The NetBSD Foundation, Inc. 5 1.1 rmind * All rights reserved. 6 1.1 rmind * 7 1.1 rmind * This code is derived from software contributed to The NetBSD Foundation 8 1.1 rmind * by Mindaugas Rasiukevicius. 9 1.1 rmind * 10 1.1 rmind * Redistribution and use in source and binary forms, with or without 11 1.1 rmind * modification, are permitted provided that the following conditions 12 1.1 rmind * are met: 13 1.1 rmind * 1. Redistributions of source code must retain the above copyright 14 1.1 rmind * notice, this list of conditions and the following disclaimer. 15 1.1 rmind * 2. Redistributions in binary form must reproduce the above copyright 16 1.1 rmind * notice, this list of conditions and the following disclaimer in the 17 1.1 rmind * documentation and/or other materials provided with the distribution. 18 1.1 rmind * 19 1.1 rmind * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 20 1.1 rmind * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 21 1.1 rmind * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 22 1.1 rmind * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 23 1.1 rmind * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 24 1.1 rmind * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 25 1.1 rmind * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 26 1.1 rmind * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 27 1.1 rmind * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 28 1.1 rmind * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 29 1.1 rmind * POSSIBILITY OF SUCH DAMAGE. 30 1.1 rmind */ 31 1.1 rmind 32 1.1 rmind /* 33 1.1 rmind * NPF network interface handling module. 34 1.1 rmind * 35 1.1 rmind * NPF uses its own interface IDs (npf-if-id). When NPF configuration is 36 1.1 rmind * (re)loaded, each required interface name is registered and a matching 37 1.1 rmind * network interface gets an ID assigned. If an interface is not present, 38 1.5 rmind * it gets an ID on attach. 39 1.5 rmind * 40 1.5 rmind * IDs start from 1. Zero is reserved to indicate "no interface" case or 41 1.5 rmind * an interface of no interest (i.e. not registered). 42 1.1 rmind * 43 1.1 rmind * The IDs are mapped synchronously based on interface events which are 44 1.1 rmind * monitored using pfil(9) hooks. 45 1.1 rmind */ 46 1.1 rmind 47 1.1 rmind #include <sys/cdefs.h> 48 1.5 rmind __KERNEL_RCSID(0, "$NetBSD: npf_if.c,v 1.5 2015/07/12 23:51:53 rmind Exp $"); 49 1.1 rmind 50 1.1 rmind #ifdef _KERNEL_OPT 51 1.1 rmind #include "pf.h" 52 1.1 rmind #if NPF > 0 53 1.1 rmind #error "NPF and PF are mutually exclusive; please select one" 54 1.1 rmind #endif 55 1.1 rmind #endif 56 1.1 rmind 57 1.1 rmind #include <sys/param.h> 58 1.1 rmind #include <sys/types.h> 59 1.1 rmind #include <sys/kmem.h> 60 1.1 rmind 61 1.1 rmind #include <net/if.h> 62 1.1 rmind 63 1.1 rmind #include "npf_impl.h" 64 1.1 rmind 65 1.1 rmind typedef struct { 66 1.1 rmind char n_ifname[IFNAMSIZ]; 67 1.1 rmind } npf_ifmap_t; 68 1.1 rmind 69 1.1 rmind static npf_ifmap_t npf_ifmap[NPF_MAX_IFMAP] __read_mostly; 70 1.1 rmind static u_int npf_ifmap_cnt __read_mostly; 71 1.1 rmind 72 1.1 rmind static u_int 73 1.1 rmind npf_ifmap_new(void) 74 1.1 rmind { 75 1.1 rmind KASSERT(npf_config_locked_p()); 76 1.1 rmind 77 1.1 rmind for (u_int i = 0; i < npf_ifmap_cnt; i++) 78 1.1 rmind if (npf_ifmap[i].n_ifname[0] == '\0') 79 1.1 rmind return i + 1; 80 1.1 rmind 81 1.1 rmind if (npf_ifmap_cnt == NPF_MAX_IFMAP) { 82 1.1 rmind printf("npf_ifmap_new: out of slots; bump NPF_MAX_IFMAP\n"); 83 1.5 rmind return 0; 84 1.1 rmind } 85 1.1 rmind return ++npf_ifmap_cnt; 86 1.1 rmind } 87 1.1 rmind 88 1.1 rmind static u_int 89 1.1 rmind npf_ifmap_lookup(const char *ifname) 90 1.1 rmind { 91 1.1 rmind KASSERT(npf_config_locked_p()); 92 1.1 rmind 93 1.1 rmind for (u_int i = 0; i < npf_ifmap_cnt; i++) { 94 1.1 rmind npf_ifmap_t *nim = &npf_ifmap[i]; 95 1.1 rmind 96 1.2 martin if (nim->n_ifname[0] && strcmp(nim->n_ifname, ifname) == 0) 97 1.1 rmind return i + 1; 98 1.1 rmind } 99 1.5 rmind return 0; 100 1.1 rmind } 101 1.1 rmind 102 1.1 rmind u_int 103 1.1 rmind npf_ifmap_register(const char *ifname) 104 1.1 rmind { 105 1.1 rmind npf_ifmap_t *nim; 106 1.1 rmind ifnet_t *ifp; 107 1.1 rmind u_int i; 108 1.1 rmind 109 1.1 rmind npf_config_enter(); 110 1.5 rmind if ((i = npf_ifmap_lookup(ifname)) != 0) { 111 1.1 rmind goto out; 112 1.1 rmind } 113 1.5 rmind if ((i = npf_ifmap_new()) == 0) { 114 1.1 rmind goto out; 115 1.1 rmind } 116 1.1 rmind nim = &npf_ifmap[i - 1]; 117 1.1 rmind strlcpy(nim->n_ifname, ifname, IFNAMSIZ); 118 1.1 rmind 119 1.1 rmind KERNEL_LOCK(1, NULL); 120 1.1 rmind if ((ifp = ifunit(ifname)) != NULL) { 121 1.1 rmind ifp->if_pf_kif = (void *)(uintptr_t)i; 122 1.1 rmind } 123 1.1 rmind KERNEL_UNLOCK_ONE(NULL); 124 1.1 rmind out: 125 1.1 rmind npf_config_exit(); 126 1.1 rmind return i; 127 1.1 rmind } 128 1.1 rmind 129 1.1 rmind void 130 1.1 rmind npf_ifmap_flush(void) 131 1.1 rmind { 132 1.1 rmind ifnet_t *ifp; 133 1.1 rmind 134 1.1 rmind KASSERT(npf_config_locked_p()); 135 1.1 rmind 136 1.1 rmind for (u_int i = 0; i < npf_ifmap_cnt; i++) { 137 1.1 rmind npf_ifmap[i].n_ifname[0] = '\0'; 138 1.1 rmind } 139 1.1 rmind npf_ifmap_cnt = 0; 140 1.1 rmind 141 1.1 rmind KERNEL_LOCK(1, NULL); 142 1.1 rmind IFNET_FOREACH(ifp) { 143 1.5 rmind ifp->if_pf_kif = (void *)(uintptr_t)0; 144 1.1 rmind } 145 1.1 rmind KERNEL_UNLOCK_ONE(NULL); 146 1.1 rmind } 147 1.1 rmind 148 1.1 rmind u_int 149 1.4 rmind npf_ifmap_getid(const ifnet_t *ifp) 150 1.1 rmind { 151 1.1 rmind const u_int i = (uintptr_t)ifp->if_pf_kif; 152 1.5 rmind KASSERT(i <= npf_ifmap_cnt); 153 1.1 rmind return i; 154 1.1 rmind } 155 1.1 rmind 156 1.4 rmind const char * 157 1.4 rmind npf_ifmap_getname(const u_int id) 158 1.4 rmind { 159 1.4 rmind const char *ifname; 160 1.4 rmind 161 1.4 rmind KASSERT(npf_config_locked_p()); 162 1.4 rmind KASSERT(id > 0 && id <= npf_ifmap_cnt); 163 1.4 rmind 164 1.4 rmind ifname = npf_ifmap[id - 1].n_ifname; 165 1.4 rmind KASSERT(ifname[0] != '\0'); 166 1.4 rmind return ifname; 167 1.4 rmind } 168 1.4 rmind 169 1.1 rmind void 170 1.1 rmind npf_ifmap_attach(ifnet_t *ifp) 171 1.1 rmind { 172 1.1 rmind npf_config_enter(); 173 1.1 rmind ifp->if_pf_kif = (void *)(uintptr_t)npf_ifmap_lookup(ifp->if_xname); 174 1.1 rmind npf_config_exit(); 175 1.1 rmind } 176 1.1 rmind 177 1.1 rmind void 178 1.1 rmind npf_ifmap_detach(ifnet_t *ifp) 179 1.1 rmind { 180 1.5 rmind /* Diagnostic. */ 181 1.1 rmind npf_config_enter(); 182 1.5 rmind ifp->if_pf_kif = (void *)(uintptr_t)0; 183 1.1 rmind npf_config_exit(); 184 1.1 rmind } 185
Indexes created Tue Sep 23 07:09:52 GMT 2025