315 lines
12 KiB
C
315 lines
12 KiB
C
/* $NetBSD: ndbootd-bpf.c,v 1.3 2001/05/23 02:59:36 fredette Exp $ */
|
|
|
|
/* ndbootd-bpf.c - the Sun Network Disk (nd) daemon BPF component: */
|
|
|
|
/*
|
|
* Copyright (c) 2001 Matthew Fredette. All rights reserved.
|
|
*
|
|
* Redistribution and use in source and binary forms, with or without
|
|
* modification, are permitted provided that the following conditions
|
|
* are met:
|
|
* 1. Redistributions of source code must retain the above copyright
|
|
* notice, this list of conditions and the following disclaimer.
|
|
* 2. Redistributions in binary form must reproduce the above copyright
|
|
* notice, this list of conditions and the following disclaimer in the
|
|
* documentation and/or other materials provided with the distribution.
|
|
* 3. All advertising materials mentioning features or use of this software
|
|
* must display the following acknowledgement:
|
|
* This product includes software developed by Matthew Fredette.
|
|
* 4. The name of Matthew Fredette may not be used to endorse or promote
|
|
* products derived from this software without specific prior written
|
|
* permission.
|
|
*
|
|
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
|
|
* WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
|
|
* MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
|
|
*/
|
|
|
|
/* <<Header: /data/home/fredette/project/THE-WEIGHT-CVS/ndbootd/config/ndbootd-bpf.c,v 1.4 2001/05/23 02:35:49 fredette Exp >> */
|
|
|
|
/*
|
|
* <<Log: ndbootd-bpf.c,v >>
|
|
* Revision 1.4 2001/05/23 02:35:49 fredette
|
|
* Changed many debugging printfs to compile quietly on the
|
|
* alpha. Patch from Andrew Brown <atatat@atatdot.net>.
|
|
*
|
|
* Revision 1.3 2001/05/22 13:13:24 fredette
|
|
* Ran indent(1) with NetBSD's KNF-approximating profile.
|
|
*
|
|
* Revision 1.2 2001/05/09 20:50:46 fredette
|
|
* Removed an unnecessary comment.
|
|
*
|
|
* Revision 1.1 2001/01/29 15:12:13 fredette
|
|
* Added.
|
|
*
|
|
*/
|
|
|
|
static const char _ndbootd_bpf_c_rcsid[] = "<<Id: ndbootd-bpf.c,v 1.4 2001/05/23 02:35:49 fredette Exp >>";
|
|
|
|
/* includes: */
|
|
#include <net/bpf.h>
|
|
|
|
/* structures: */
|
|
struct _ndbootd_interface_bpf {
|
|
|
|
/* the size of the packet buffer for the interface: */
|
|
size_t _ndbootd_interface_bpf_buffer_size;
|
|
|
|
/* the packet buffer for the interface: */
|
|
char *_ndbootd_interface_bpf_buffer;
|
|
|
|
/* the next offset within the packet buffer, and the end of the data
|
|
* in the packet buffer: */
|
|
size_t _ndbootd_interface_bpf_buffer_offset;
|
|
size_t _ndbootd_interface_bpf_buffer_end;
|
|
};
|
|
|
|
/* the BPF program to capture ND packets: */
|
|
static struct bpf_insn ndboot_bpf_filter[] = {
|
|
|
|
/* drop this packet if its ethertype isn't ETHERTYPE_IP: */
|
|
BPF_STMT(BPF_LD + BPF_H + BPF_ABS, NDBOOTD_OFFSETOF(struct ether_header, ether_type)),
|
|
BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, ETHERTYPE_IP, 0, 9),
|
|
|
|
/* drop this packet if its IP protocol isn't IPPROTO_ND: */
|
|
BPF_STMT(BPF_LD + BPF_B + BPF_ABS, sizeof(struct ether_header) + NDBOOTD_OFFSETOF(struct ip, ip_p)),
|
|
BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, IPPROTO_ND, 0, 7),
|
|
|
|
/* drop this packet if it's a fragment: */
|
|
BPF_STMT(BPF_LD + BPF_H + BPF_ABS, sizeof(struct ether_header) + NDBOOTD_OFFSETOF(struct ip, ip_off)),
|
|
BPF_JUMP(BPF_JMP + BPF_JSET + BPF_K, 0x3fff, 5, 0),
|
|
|
|
/* drop this packet if it is carrying data (we only want requests,
|
|
* which have no data): */
|
|
BPF_STMT(BPF_LD + BPF_H + BPF_ABS, sizeof(struct ether_header) + NDBOOTD_OFFSETOF(struct ip, ip_len)),
|
|
BPF_STMT(BPF_LDX + BPF_B + BPF_MSH, sizeof(struct ether_header)),
|
|
BPF_STMT(BPF_ALU + BPF_SUB + BPF_X, 0),
|
|
BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, sizeof(struct ndboot_packet), 0, 1),
|
|
|
|
/* accept this packet: */
|
|
BPF_STMT(BPF_RET + BPF_K, (u_int) -1),
|
|
|
|
/* drop this packet: */
|
|
BPF_STMT(BPF_RET + BPF_K, 0),
|
|
};
|
|
|
|
/* this opens a raw socket using BPF. */
|
|
int
|
|
ndbootd_raw_open(struct ndbootd_interface * interface)
|
|
{
|
|
int network_fd;
|
|
#define DEV_BPF_FORMAT "/dev/bpf%d"
|
|
char dev_bpf_filename[sizeof(DEV_BPF_FORMAT) + (sizeof(int) * 3) + 1];
|
|
int minor;
|
|
int saved_errno;
|
|
u_int bpf_opt;
|
|
struct bpf_version version;
|
|
u_int packet_buffer_size;
|
|
struct bpf_program program;
|
|
struct _ndbootd_interface_bpf *interface_bpf;
|
|
|
|
/* loop trying to open a /dev/bpf device: */
|
|
for (minor = 0;; minor++) {
|
|
|
|
/* form the name of the next device to try, then try opening
|
|
* it. if we succeed, we're done: */
|
|
sprintf(dev_bpf_filename, DEV_BPF_FORMAT, minor);
|
|
_NDBOOTD_DEBUG((fp, "bpf: trying %s", dev_bpf_filename));
|
|
if ((network_fd = open(dev_bpf_filename, O_RDWR)) >= 0) {
|
|
_NDBOOTD_DEBUG((fp, "bpf: opened %s", dev_bpf_filename));
|
|
break;
|
|
}
|
|
/* we failed to open this device. if this device was simply
|
|
* busy, loop: */
|
|
_NDBOOTD_DEBUG((fp, "bpf: failed to open %s: %s", dev_bpf_filename, strerror(errno)));
|
|
if (errno == EBUSY) {
|
|
continue;
|
|
}
|
|
/* otherwise, we have failed: */
|
|
return (-1);
|
|
}
|
|
|
|
/* this macro helps in closing the BPF socket on error: */
|
|
#define _NDBOOTD_RAW_OPEN_ERROR(x) saved_errno = errno; x; errno = saved_errno
|
|
|
|
/* check the BPF version: */
|
|
if (ioctl(network_fd, BIOCVERSION, &version) < 0) {
|
|
_NDBOOTD_DEBUG((fp, "bpf: failed to get the BPF version on %s: %s",
|
|
dev_bpf_filename, strerror(errno)));
|
|
_NDBOOTD_RAW_OPEN_ERROR(close(network_fd));
|
|
return (-1);
|
|
}
|
|
if (version.bv_major != BPF_MAJOR_VERSION
|
|
|| version.bv_minor < BPF_MINOR_VERSION) {
|
|
_NDBOOTD_DEBUG((fp, "bpf: kernel BPF version is %d.%d, my BPF version is %d.%d",
|
|
version.bv_major, version.bv_minor,
|
|
BPF_MAJOR_VERSION, BPF_MINOR_VERSION));
|
|
close(network_fd);
|
|
errno = ENXIO;
|
|
return (-1);
|
|
}
|
|
/* put the BPF device into immediate mode: */
|
|
bpf_opt = TRUE;
|
|
if (ioctl(network_fd, BIOCIMMEDIATE, &bpf_opt) < 0) {
|
|
_NDBOOTD_DEBUG((fp, "bpf: failed to put %s into immediate mode: %s",
|
|
dev_bpf_filename, strerror(errno)));
|
|
_NDBOOTD_RAW_OPEN_ERROR(close(network_fd));
|
|
return (-1);
|
|
}
|
|
/* tell the BPF device we're providing complete Ethernet headers: */
|
|
bpf_opt = TRUE;
|
|
if (ioctl(network_fd, BIOCSHDRCMPLT, &bpf_opt) < 0) {
|
|
_NDBOOTD_DEBUG((fp, "bpf: failed to put %s into complete-headers mode: %s",
|
|
dev_bpf_filename, strerror(errno)));
|
|
_NDBOOTD_RAW_OPEN_ERROR(close(network_fd));
|
|
return (-1);
|
|
}
|
|
/* point the BPF device at the interface we're using: */
|
|
if (ioctl(network_fd, BIOCSETIF, interface->ndbootd_interface_ifreq) < 0) {
|
|
_NDBOOTD_DEBUG((fp, "bpf: failed to point BPF socket at %s: %s",
|
|
interface->ndbootd_interface_ifreq->ifr_name, strerror(errno)));
|
|
saved_errno = errno;
|
|
close(network_fd);
|
|
errno = saved_errno;
|
|
return (-1);
|
|
}
|
|
/* set the filter on the BPF device: */
|
|
program.bf_len = sizeof(ndboot_bpf_filter) / sizeof(ndboot_bpf_filter[0]);
|
|
program.bf_insns = ndboot_bpf_filter;
|
|
if (ioctl(network_fd, BIOCSETF, &program) < 0) {
|
|
_NDBOOTD_DEBUG((fp, "bpf: failed to set the filter on %s: %s",
|
|
dev_bpf_filename, strerror(errno)));
|
|
_NDBOOTD_RAW_OPEN_ERROR(close(network_fd));
|
|
return (-1);
|
|
}
|
|
/* get the BPF read buffer size: */
|
|
if (ioctl(network_fd, BIOCGBLEN, &packet_buffer_size) < 0) {
|
|
_NDBOOTD_DEBUG((fp, "bpf: failed to read the buffer size for %s: %s",
|
|
dev_bpf_filename, strerror(errno)));
|
|
_NDBOOTD_RAW_OPEN_ERROR(close(network_fd));
|
|
return (-1);
|
|
}
|
|
_NDBOOTD_DEBUG((fp, "bpf: buffer size for %s is %u",
|
|
dev_bpf_filename, packet_buffer_size));
|
|
|
|
/* allocate our private interface information and we're done: */
|
|
interface->ndbootd_interface_fd = network_fd;
|
|
interface_bpf = ndbootd_new0(struct _ndbootd_interface_bpf, 1);
|
|
interface_bpf->_ndbootd_interface_bpf_buffer_size = packet_buffer_size;
|
|
interface_bpf->_ndbootd_interface_bpf_buffer = ndbootd_new(char, packet_buffer_size);
|
|
interface->_ndbootd_interface_raw_private = interface_bpf;
|
|
return (0);
|
|
#undef _NDBOOTD_RAW_OPEN_ERROR
|
|
}
|
|
|
|
/* this reads a raw packet: */
|
|
int
|
|
ndbootd_raw_read(struct ndbootd_interface * interface, void *packet_buffer, size_t packet_buffer_size)
|
|
{
|
|
struct _ndbootd_interface_bpf *interface_bpf;
|
|
ssize_t buffer_end;
|
|
struct bpf_hdr the_bpf_header;
|
|
fd_set fdset_read;
|
|
|
|
/* recover our state: */
|
|
interface_bpf = (struct _ndbootd_interface_bpf *) interface->_ndbootd_interface_raw_private;
|
|
|
|
/* loop until we have something to return: */
|
|
for (;;) {
|
|
|
|
/* if the buffer is empty, fill it: */
|
|
if (interface_bpf->_ndbootd_interface_bpf_buffer_offset
|
|
>= interface_bpf->_ndbootd_interface_bpf_buffer_end) {
|
|
|
|
/* select on the BPF socket: */
|
|
_NDBOOTD_DEBUG((fp, "bpf: calling select"));
|
|
FD_ZERO(&fdset_read);
|
|
FD_SET(interface->ndbootd_interface_fd, &fdset_read);
|
|
switch (select(interface->ndbootd_interface_fd + 1, &fdset_read, NULL, NULL, NULL)) {
|
|
case 0:
|
|
_NDBOOTD_DEBUG((fp, "bpf: select returned zero"));
|
|
continue;
|
|
case 1:
|
|
break;
|
|
default:
|
|
if (errno == EINTR) {
|
|
_NDBOOTD_DEBUG((fp, "bpf: select got EINTR"));
|
|
continue;
|
|
}
|
|
_NDBOOTD_DEBUG((fp, "bpf: select failed: %s", strerror(errno)));
|
|
return (-1);
|
|
}
|
|
assert(FD_ISSET(interface->ndbootd_interface_fd, &fdset_read));
|
|
|
|
/* read the BPF socket: */
|
|
_NDBOOTD_DEBUG((fp, "bpf: calling read"));
|
|
buffer_end = read(interface->ndbootd_interface_fd,
|
|
interface_bpf->_ndbootd_interface_bpf_buffer,
|
|
interface_bpf->_ndbootd_interface_bpf_buffer_size);
|
|
if (buffer_end <= 0) {
|
|
_NDBOOTD_DEBUG((fp, "bpf: failed to read packets: %s", strerror(errno)));
|
|
return (-1);
|
|
}
|
|
_NDBOOTD_DEBUG((fp, "bpf: read %ld bytes of packets", (long) buffer_end));
|
|
interface_bpf->_ndbootd_interface_bpf_buffer_offset = 0;
|
|
interface_bpf->_ndbootd_interface_bpf_buffer_end = buffer_end;
|
|
}
|
|
/* if there's not enough for a BPF header, flush the buffer: */
|
|
if ((interface_bpf->_ndbootd_interface_bpf_buffer_offset
|
|
+ sizeof(the_bpf_header))
|
|
> interface_bpf->_ndbootd_interface_bpf_buffer_end) {
|
|
_NDBOOTD_DEBUG((fp, "bpf: flushed garbage BPF header bytes"));
|
|
interface_bpf->_ndbootd_interface_bpf_buffer_end = 0;
|
|
continue;
|
|
}
|
|
/* get the BPF header and check it: */
|
|
memcpy(&the_bpf_header,
|
|
interface_bpf->_ndbootd_interface_bpf_buffer
|
|
+ interface_bpf->_ndbootd_interface_bpf_buffer_offset,
|
|
sizeof(the_bpf_header));
|
|
interface_bpf->_ndbootd_interface_bpf_buffer_offset += the_bpf_header.bh_hdrlen;
|
|
|
|
/* if we're missing some part of the packet: */
|
|
if (the_bpf_header.bh_caplen != the_bpf_header.bh_datalen
|
|
|| ((interface_bpf->_ndbootd_interface_bpf_buffer_offset + the_bpf_header.bh_datalen)
|
|
> interface_bpf->_ndbootd_interface_bpf_buffer_end)) {
|
|
_NDBOOTD_DEBUG((fp, "bpf: flushed truncated BPF packet"));
|
|
interface_bpf->_ndbootd_interface_bpf_buffer_offset += the_bpf_header.bh_datalen;
|
|
continue;
|
|
}
|
|
/* silently ignore packets that don't even have Ethernet
|
|
* headers, and those packets that we transmitted: */
|
|
if (the_bpf_header.bh_datalen < sizeof(struct ether_header)
|
|
|| !memcmp(((struct ether_header *)
|
|
(interface_bpf->_ndbootd_interface_bpf_buffer
|
|
+ interface_bpf->_ndbootd_interface_bpf_buffer_offset))->ether_shost,
|
|
interface->ndbootd_interface_ether,
|
|
ETHER_ADDR_LEN)) {
|
|
/* silently ignore packets from us: */
|
|
interface_bpf->_ndbootd_interface_bpf_buffer_offset += the_bpf_header.bh_datalen;
|
|
continue;
|
|
}
|
|
/* if the caller hasn't provided a large enough buffer: */
|
|
if (packet_buffer_size < the_bpf_header.bh_datalen) {
|
|
errno = EIO;
|
|
interface_bpf->_ndbootd_interface_bpf_buffer_offset += the_bpf_header.bh_datalen;
|
|
return (-1);
|
|
}
|
|
/* return this captured packet to the user: */
|
|
memcpy(packet_buffer,
|
|
interface_bpf->_ndbootd_interface_bpf_buffer
|
|
+ interface_bpf->_ndbootd_interface_bpf_buffer_offset,
|
|
the_bpf_header.bh_datalen);
|
|
interface_bpf->_ndbootd_interface_bpf_buffer_offset += the_bpf_header.bh_datalen;
|
|
return (the_bpf_header.bh_datalen);
|
|
}
|
|
/* NOTREACHED */
|
|
}
|
|
|
|
/* this writes a raw packet: */
|
|
int
|
|
ndbootd_raw_write(struct ndbootd_interface * interface, void *packet_buffer, size_t packet_buffer_size)
|
|
{
|
|
return (write(interface->ndbootd_interface_fd, packet_buffer, packet_buffer_size));
|
|
}
|