1*ce1320fcSchristos /* $NetBSD: ndbootd-bpf.c,v 1.8 2004/12/01 23:18:20 christos Exp $ */
2ab467667Sfredette
32d0f1618Sfredette /* ndbootd-bpf.c - the Sun Network Disk (nd) daemon BPF component: */
42d0f1618Sfredette
52d0f1618Sfredette /*
62d0f1618Sfredette * Copyright (c) 2001 Matthew Fredette. All rights reserved.
72d0f1618Sfredette *
82d0f1618Sfredette * Redistribution and use in source and binary forms, with or without
92d0f1618Sfredette * modification, are permitted provided that the following conditions
102d0f1618Sfredette * are met:
112d0f1618Sfredette * 1. Redistributions of source code must retain the above copyright
122d0f1618Sfredette * notice, this list of conditions and the following disclaimer.
132d0f1618Sfredette * 2. Redistributions in binary form must reproduce the above copyright
142d0f1618Sfredette * notice, this list of conditions and the following disclaimer in the
152d0f1618Sfredette * documentation and/or other materials provided with the distribution.
162d0f1618Sfredette * 3. All advertising materials mentioning features or use of this software
172d0f1618Sfredette * must display the following acknowledgement:
182d0f1618Sfredette * This product includes software developed by Matthew Fredette.
192d0f1618Sfredette * 4. The name of Matthew Fredette may not be used to endorse or promote
202d0f1618Sfredette * products derived from this software without specific prior written
212d0f1618Sfredette * permission.
222d0f1618Sfredette *
232d0f1618Sfredette * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
242d0f1618Sfredette * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
252d0f1618Sfredette * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
262d0f1618Sfredette */
272d0f1618Sfredette
28735202e7Sfredette /* <<Header: /data/home/fredette/project/THE-WEIGHT-CVS/ndbootd/config/ndbootd-bpf.c,v 1.4 2001/05/23 02:35:49 fredette Exp >> */
292d0f1618Sfredette
302d0f1618Sfredette /*
312d0f1618Sfredette * <<Log: ndbootd-bpf.c,v >>
32735202e7Sfredette * Revision 1.4 2001/05/23 02:35:49 fredette
33735202e7Sfredette * Changed many debugging printfs to compile quietly on the
34735202e7Sfredette * alpha. Patch from Andrew Brown <atatat@atatdot.net>.
35735202e7Sfredette *
362d0f1618Sfredette * Revision 1.3 2001/05/22 13:13:24 fredette
372d0f1618Sfredette * Ran indent(1) with NetBSD's KNF-approximating profile.
382d0f1618Sfredette *
392d0f1618Sfredette * Revision 1.2 2001/05/09 20:50:46 fredette
402d0f1618Sfredette * Removed an unnecessary comment.
412d0f1618Sfredette *
422d0f1618Sfredette * Revision 1.1 2001/01/29 15:12:13 fredette
432d0f1618Sfredette * Added.
442d0f1618Sfredette *
452d0f1618Sfredette */
462d0f1618Sfredette
472597d53fSthorpej #include <sys/cdefs.h>
482597d53fSthorpej #if o
49735202e7Sfredette static const char _ndbootd_bpf_c_rcsid[] = "<<Id: ndbootd-bpf.c,v 1.4 2001/05/23 02:35:49 fredette Exp >>";
502597d53fSthorpej #else
51*ce1320fcSchristos __RCSID("$NetBSD: ndbootd-bpf.c,v 1.8 2004/12/01 23:18:20 christos Exp $");
522597d53fSthorpej #endif
532d0f1618Sfredette
542d0f1618Sfredette /* includes: */
5505abee23Smycroft #include <sys/poll.h>
562d0f1618Sfredette #include <net/bpf.h>
57*ce1320fcSchristos #include <paths.h>
582d0f1618Sfredette
592d0f1618Sfredette /* structures: */
602d0f1618Sfredette struct _ndbootd_interface_bpf {
612d0f1618Sfredette
622d0f1618Sfredette /* the size of the packet buffer for the interface: */
632d0f1618Sfredette size_t _ndbootd_interface_bpf_buffer_size;
642d0f1618Sfredette
652d0f1618Sfredette /* the packet buffer for the interface: */
662d0f1618Sfredette char *_ndbootd_interface_bpf_buffer;
672d0f1618Sfredette
682d0f1618Sfredette /* the next offset within the packet buffer, and the end of the data
692d0f1618Sfredette * in the packet buffer: */
702d0f1618Sfredette size_t _ndbootd_interface_bpf_buffer_offset;
712d0f1618Sfredette size_t _ndbootd_interface_bpf_buffer_end;
722d0f1618Sfredette };
732d0f1618Sfredette
742d0f1618Sfredette /* the BPF program to capture ND packets: */
752d0f1618Sfredette static struct bpf_insn ndboot_bpf_filter[] = {
762d0f1618Sfredette
772d0f1618Sfredette /* drop this packet if its ethertype isn't ETHERTYPE_IP: */
782d0f1618Sfredette BPF_STMT(BPF_LD + BPF_H + BPF_ABS, NDBOOTD_OFFSETOF(struct ether_header, ether_type)),
792d0f1618Sfredette BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, ETHERTYPE_IP, 0, 9),
802d0f1618Sfredette
812d0f1618Sfredette /* drop this packet if its IP protocol isn't IPPROTO_ND: */
822d0f1618Sfredette BPF_STMT(BPF_LD + BPF_B + BPF_ABS, sizeof(struct ether_header) + NDBOOTD_OFFSETOF(struct ip, ip_p)),
832d0f1618Sfredette BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, IPPROTO_ND, 0, 7),
842d0f1618Sfredette
852d0f1618Sfredette /* drop this packet if it's a fragment: */
862d0f1618Sfredette BPF_STMT(BPF_LD + BPF_H + BPF_ABS, sizeof(struct ether_header) + NDBOOTD_OFFSETOF(struct ip, ip_off)),
872d0f1618Sfredette BPF_JUMP(BPF_JMP + BPF_JSET + BPF_K, 0x3fff, 5, 0),
882d0f1618Sfredette
892d0f1618Sfredette /* drop this packet if it is carrying data (we only want requests,
902d0f1618Sfredette * which have no data): */
912d0f1618Sfredette BPF_STMT(BPF_LD + BPF_H + BPF_ABS, sizeof(struct ether_header) + NDBOOTD_OFFSETOF(struct ip, ip_len)),
922d0f1618Sfredette BPF_STMT(BPF_LDX + BPF_B + BPF_MSH, sizeof(struct ether_header)),
932d0f1618Sfredette BPF_STMT(BPF_ALU + BPF_SUB + BPF_X, 0),
942d0f1618Sfredette BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, sizeof(struct ndboot_packet), 0, 1),
952d0f1618Sfredette
962d0f1618Sfredette /* accept this packet: */
972d0f1618Sfredette BPF_STMT(BPF_RET + BPF_K, (u_int) -1),
982d0f1618Sfredette
992d0f1618Sfredette /* drop this packet: */
1002d0f1618Sfredette BPF_STMT(BPF_RET + BPF_K, 0),
1012d0f1618Sfredette };
1022d0f1618Sfredette
1032d0f1618Sfredette /* this opens a raw socket using BPF. */
1042d0f1618Sfredette int
ndbootd_raw_open(struct ndbootd_interface * interface)1052d0f1618Sfredette ndbootd_raw_open(struct ndbootd_interface * interface)
1062d0f1618Sfredette {
1072d0f1618Sfredette int network_fd;
1082d0f1618Sfredette int saved_errno;
109221fa572Sdarrenr u_int bufsize;
1102d0f1618Sfredette u_int bpf_opt;
1112d0f1618Sfredette struct bpf_version version;
1122d0f1618Sfredette u_int packet_buffer_size;
1132d0f1618Sfredette struct bpf_program program;
1142d0f1618Sfredette struct _ndbootd_interface_bpf *interface_bpf;
115*ce1320fcSchristos const char *dev_bpf_filename = _PATH_BPF;
1162d0f1618Sfredette
117*ce1320fcSchristos /* loop trying to open the /dev/bpf device: */
118*ce1320fcSchristos if ((network_fd = open(dev_bpf_filename, O_RDWR)) < 0) {
119*ce1320fcSchristos /* we have failed: */
1202d0f1618Sfredette _NDBOOTD_DEBUG((fp, "bpf: failed to open %s: %s", dev_bpf_filename, strerror(errno)));
1212d0f1618Sfredette return (-1);
1222d0f1618Sfredette }
123*ce1320fcSchristos _NDBOOTD_DEBUG((fp, "bpf: opened %s", dev_bpf_filename));
1242d0f1618Sfredette
1252d0f1618Sfredette /* this macro helps in closing the BPF socket on error: */
1262d0f1618Sfredette #define _NDBOOTD_RAW_OPEN_ERROR(x) saved_errno = errno; x; errno = saved_errno
1272d0f1618Sfredette
1282d0f1618Sfredette /* check the BPF version: */
1292d0f1618Sfredette if (ioctl(network_fd, BIOCVERSION, &version) < 0) {
1302d0f1618Sfredette _NDBOOTD_DEBUG((fp, "bpf: failed to get the BPF version on %s: %s",
1312d0f1618Sfredette dev_bpf_filename, strerror(errno)));
1322d0f1618Sfredette _NDBOOTD_RAW_OPEN_ERROR(close(network_fd));
1332d0f1618Sfredette return (-1);
1342d0f1618Sfredette }
1352d0f1618Sfredette if (version.bv_major != BPF_MAJOR_VERSION
1362d0f1618Sfredette || version.bv_minor < BPF_MINOR_VERSION) {
1372d0f1618Sfredette _NDBOOTD_DEBUG((fp, "bpf: kernel BPF version is %d.%d, my BPF version is %d.%d",
1382d0f1618Sfredette version.bv_major, version.bv_minor,
1392d0f1618Sfredette BPF_MAJOR_VERSION, BPF_MINOR_VERSION));
1402d0f1618Sfredette close(network_fd);
1412d0f1618Sfredette errno = ENXIO;
1422d0f1618Sfredette return (-1);
1432d0f1618Sfredette }
1442d0f1618Sfredette /* put the BPF device into immediate mode: */
1452d0f1618Sfredette bpf_opt = TRUE;
1462d0f1618Sfredette if (ioctl(network_fd, BIOCIMMEDIATE, &bpf_opt) < 0) {
1472d0f1618Sfredette _NDBOOTD_DEBUG((fp, "bpf: failed to put %s into immediate mode: %s",
1482d0f1618Sfredette dev_bpf_filename, strerror(errno)));
1492d0f1618Sfredette _NDBOOTD_RAW_OPEN_ERROR(close(network_fd));
1502d0f1618Sfredette return (-1);
1512d0f1618Sfredette }
152221fa572Sdarrenr /* set a reasonable sized buffer for the BPF device */
153221fa572Sdarrenr bufsize = 32768;
154221fa572Sdarrenr if (ioctl(network_fd, BIOCSBLEN, &bufsize) < 0) {
155221fa572Sdarrenr _NDBOOTD_DEBUG((fp, "bpf: failed set buffer size to %d: %s",
156221fa572Sdarrenr bufsize, strerror(errno)));
157221fa572Sdarrenr }
1582d0f1618Sfredette /* tell the BPF device we're providing complete Ethernet headers: */
1592d0f1618Sfredette bpf_opt = TRUE;
1602d0f1618Sfredette if (ioctl(network_fd, BIOCSHDRCMPLT, &bpf_opt) < 0) {
1612d0f1618Sfredette _NDBOOTD_DEBUG((fp, "bpf: failed to put %s into complete-headers mode: %s",
1622d0f1618Sfredette dev_bpf_filename, strerror(errno)));
1632d0f1618Sfredette _NDBOOTD_RAW_OPEN_ERROR(close(network_fd));
1642d0f1618Sfredette return (-1);
1652d0f1618Sfredette }
1662d0f1618Sfredette /* point the BPF device at the interface we're using: */
1672d0f1618Sfredette if (ioctl(network_fd, BIOCSETIF, interface->ndbootd_interface_ifreq) < 0) {
1682d0f1618Sfredette _NDBOOTD_DEBUG((fp, "bpf: failed to point BPF socket at %s: %s",
1692d0f1618Sfredette interface->ndbootd_interface_ifreq->ifr_name, strerror(errno)));
1702d0f1618Sfredette saved_errno = errno;
1712d0f1618Sfredette close(network_fd);
1722d0f1618Sfredette errno = saved_errno;
1732d0f1618Sfredette return (-1);
1742d0f1618Sfredette }
1752d0f1618Sfredette /* set the filter on the BPF device: */
1762d0f1618Sfredette program.bf_len = sizeof(ndboot_bpf_filter) / sizeof(ndboot_bpf_filter[0]);
1772d0f1618Sfredette program.bf_insns = ndboot_bpf_filter;
1782d0f1618Sfredette if (ioctl(network_fd, BIOCSETF, &program) < 0) {
1792d0f1618Sfredette _NDBOOTD_DEBUG((fp, "bpf: failed to set the filter on %s: %s",
1802d0f1618Sfredette dev_bpf_filename, strerror(errno)));
1812d0f1618Sfredette _NDBOOTD_RAW_OPEN_ERROR(close(network_fd));
1822d0f1618Sfredette return (-1);
1832d0f1618Sfredette }
1842d0f1618Sfredette /* get the BPF read buffer size: */
1852d0f1618Sfredette if (ioctl(network_fd, BIOCGBLEN, &packet_buffer_size) < 0) {
1862d0f1618Sfredette _NDBOOTD_DEBUG((fp, "bpf: failed to read the buffer size for %s: %s",
1872d0f1618Sfredette dev_bpf_filename, strerror(errno)));
1882d0f1618Sfredette _NDBOOTD_RAW_OPEN_ERROR(close(network_fd));
1892d0f1618Sfredette return (-1);
1902d0f1618Sfredette }
1912d0f1618Sfredette _NDBOOTD_DEBUG((fp, "bpf: buffer size for %s is %u",
1922d0f1618Sfredette dev_bpf_filename, packet_buffer_size));
1932d0f1618Sfredette
1942d0f1618Sfredette /* allocate our private interface information and we're done: */
1952d0f1618Sfredette interface->ndbootd_interface_fd = network_fd;
1962d0f1618Sfredette interface_bpf = ndbootd_new0(struct _ndbootd_interface_bpf, 1);
1972d0f1618Sfredette interface_bpf->_ndbootd_interface_bpf_buffer_size = packet_buffer_size;
1982d0f1618Sfredette interface_bpf->_ndbootd_interface_bpf_buffer = ndbootd_new(char, packet_buffer_size);
1992d0f1618Sfredette interface->_ndbootd_interface_raw_private = interface_bpf;
2002d0f1618Sfredette return (0);
2012d0f1618Sfredette #undef _NDBOOTD_RAW_OPEN_ERROR
2022d0f1618Sfredette }
2032d0f1618Sfredette
2042d0f1618Sfredette /* this reads a raw packet: */
2052d0f1618Sfredette int
ndbootd_raw_read(struct ndbootd_interface * interface,void * packet_buffer,size_t packet_buffer_size)2062d0f1618Sfredette ndbootd_raw_read(struct ndbootd_interface * interface, void *packet_buffer, size_t packet_buffer_size)
2072d0f1618Sfredette {
2082d0f1618Sfredette struct _ndbootd_interface_bpf *interface_bpf;
2092d0f1618Sfredette ssize_t buffer_end;
2102d0f1618Sfredette struct bpf_hdr the_bpf_header;
21105abee23Smycroft struct pollfd set[1];
2122d0f1618Sfredette
2132d0f1618Sfredette /* recover our state: */
2142d0f1618Sfredette interface_bpf = (struct _ndbootd_interface_bpf *) interface->_ndbootd_interface_raw_private;
2152d0f1618Sfredette
2162d0f1618Sfredette /* loop until we have something to return: */
21705abee23Smycroft set[0].fd = interface->ndbootd_interface_fd;
21805abee23Smycroft set[0].events = POLLIN;
2192d0f1618Sfredette for (;;) {
2202d0f1618Sfredette
2212d0f1618Sfredette /* if the buffer is empty, fill it: */
2222d0f1618Sfredette if (interface_bpf->_ndbootd_interface_bpf_buffer_offset
2232d0f1618Sfredette >= interface_bpf->_ndbootd_interface_bpf_buffer_end) {
2242d0f1618Sfredette
22505abee23Smycroft /* poll on the BPF socket: */
22605abee23Smycroft _NDBOOTD_DEBUG((fp, "bpf: calling poll"));
22705abee23Smycroft switch (poll(set, 1, INFTIM)) {
2282d0f1618Sfredette case 0:
22905abee23Smycroft _NDBOOTD_DEBUG((fp, "bpf: poll returned zero"));
2302d0f1618Sfredette continue;
2312d0f1618Sfredette case 1:
2322d0f1618Sfredette break;
2332d0f1618Sfredette default:
2342d0f1618Sfredette if (errno == EINTR) {
23505abee23Smycroft _NDBOOTD_DEBUG((fp, "bpf: poll got EINTR"));
2362d0f1618Sfredette continue;
2372d0f1618Sfredette }
23805abee23Smycroft _NDBOOTD_DEBUG((fp, "bpf: poll failed: %s", strerror(errno)));
2392d0f1618Sfredette return (-1);
2402d0f1618Sfredette }
24105abee23Smycroft assert(set[0].revents & POLLIN);
2422d0f1618Sfredette
2432d0f1618Sfredette /* read the BPF socket: */
2442d0f1618Sfredette _NDBOOTD_DEBUG((fp, "bpf: calling read"));
2452d0f1618Sfredette buffer_end = read(interface->ndbootd_interface_fd,
2462d0f1618Sfredette interface_bpf->_ndbootd_interface_bpf_buffer,
2472d0f1618Sfredette interface_bpf->_ndbootd_interface_bpf_buffer_size);
2482d0f1618Sfredette if (buffer_end <= 0) {
2492d0f1618Sfredette _NDBOOTD_DEBUG((fp, "bpf: failed to read packets: %s", strerror(errno)));
2502d0f1618Sfredette return (-1);
2512d0f1618Sfredette }
252735202e7Sfredette _NDBOOTD_DEBUG((fp, "bpf: read %ld bytes of packets", (long) buffer_end));
2532d0f1618Sfredette interface_bpf->_ndbootd_interface_bpf_buffer_offset = 0;
2542d0f1618Sfredette interface_bpf->_ndbootd_interface_bpf_buffer_end = buffer_end;
2552d0f1618Sfredette }
2562d0f1618Sfredette /* if there's not enough for a BPF header, flush the buffer: */
2572d0f1618Sfredette if ((interface_bpf->_ndbootd_interface_bpf_buffer_offset
2582d0f1618Sfredette + sizeof(the_bpf_header))
2592d0f1618Sfredette > interface_bpf->_ndbootd_interface_bpf_buffer_end) {
2602d0f1618Sfredette _NDBOOTD_DEBUG((fp, "bpf: flushed garbage BPF header bytes"));
2612d0f1618Sfredette interface_bpf->_ndbootd_interface_bpf_buffer_end = 0;
2622d0f1618Sfredette continue;
2632d0f1618Sfredette }
2642d0f1618Sfredette /* get the BPF header and check it: */
2652d0f1618Sfredette memcpy(&the_bpf_header,
2662d0f1618Sfredette interface_bpf->_ndbootd_interface_bpf_buffer
2672d0f1618Sfredette + interface_bpf->_ndbootd_interface_bpf_buffer_offset,
2682d0f1618Sfredette sizeof(the_bpf_header));
2692d0f1618Sfredette interface_bpf->_ndbootd_interface_bpf_buffer_offset += the_bpf_header.bh_hdrlen;
2702d0f1618Sfredette
2712d0f1618Sfredette /* if we're missing some part of the packet: */
2722d0f1618Sfredette if (the_bpf_header.bh_caplen != the_bpf_header.bh_datalen
2732d0f1618Sfredette || ((interface_bpf->_ndbootd_interface_bpf_buffer_offset + the_bpf_header.bh_datalen)
2742d0f1618Sfredette > interface_bpf->_ndbootd_interface_bpf_buffer_end)) {
2752d0f1618Sfredette _NDBOOTD_DEBUG((fp, "bpf: flushed truncated BPF packet"));
2762d0f1618Sfredette interface_bpf->_ndbootd_interface_bpf_buffer_offset += the_bpf_header.bh_datalen;
2772d0f1618Sfredette continue;
2782d0f1618Sfredette }
2792d0f1618Sfredette /* silently ignore packets that don't even have Ethernet
2802d0f1618Sfredette * headers, and those packets that we transmitted: */
2812d0f1618Sfredette if (the_bpf_header.bh_datalen < sizeof(struct ether_header)
2822d0f1618Sfredette || !memcmp(((struct ether_header *)
2832d0f1618Sfredette (interface_bpf->_ndbootd_interface_bpf_buffer
2842d0f1618Sfredette + interface_bpf->_ndbootd_interface_bpf_buffer_offset))->ether_shost,
2852d0f1618Sfredette interface->ndbootd_interface_ether,
2862d0f1618Sfredette ETHER_ADDR_LEN)) {
2872d0f1618Sfredette /* silently ignore packets from us: */
2882d0f1618Sfredette interface_bpf->_ndbootd_interface_bpf_buffer_offset += the_bpf_header.bh_datalen;
2892d0f1618Sfredette continue;
2902d0f1618Sfredette }
2912d0f1618Sfredette /* if the caller hasn't provided a large enough buffer: */
2922d0f1618Sfredette if (packet_buffer_size < the_bpf_header.bh_datalen) {
2932d0f1618Sfredette errno = EIO;
2942d0f1618Sfredette interface_bpf->_ndbootd_interface_bpf_buffer_offset += the_bpf_header.bh_datalen;
2952d0f1618Sfredette return (-1);
2962d0f1618Sfredette }
2972d0f1618Sfredette /* return this captured packet to the user: */
2982d0f1618Sfredette memcpy(packet_buffer,
2992d0f1618Sfredette interface_bpf->_ndbootd_interface_bpf_buffer
3002d0f1618Sfredette + interface_bpf->_ndbootd_interface_bpf_buffer_offset,
3012d0f1618Sfredette the_bpf_header.bh_datalen);
3022d0f1618Sfredette interface_bpf->_ndbootd_interface_bpf_buffer_offset += the_bpf_header.bh_datalen;
3032d0f1618Sfredette return (the_bpf_header.bh_datalen);
3042d0f1618Sfredette }
3052d0f1618Sfredette /* NOTREACHED */
3062d0f1618Sfredette }
3072d0f1618Sfredette
3082d0f1618Sfredette /* this writes a raw packet: */
3092d0f1618Sfredette int
ndbootd_raw_write(struct ndbootd_interface * interface,void * packet_buffer,size_t packet_buffer_size)3102d0f1618Sfredette ndbootd_raw_write(struct ndbootd_interface * interface, void *packet_buffer, size_t packet_buffer_size)
3112d0f1618Sfredette {
3122d0f1618Sfredette return (write(interface->ndbootd_interface_fd, packet_buffer, packet_buffer_size));
3132d0f1618Sfredette }
314