diff options
| author | Christopher Pascoe <pascoe@cvs.openbsd.org> | 2005-07-31 03:52:20 +0000 |
|---|---|---|
| committer | Christopher Pascoe <pascoe@cvs.openbsd.org> | 2005-07-31 03:52:20 +0000 |
| commit | 781ac69d614f18f3a062f09f4114df646729d1f4 (patch) | |
| tree | d35b9790c3a701453c5f26373609f72d03e19ec9 /sys/net | |
| parent | 572772cf7ccf3f3860c0121c89ee22e0001d0692 (diff) | |
Introduce bpf_mtap_af and bpf_mtap_hdr to be used when passing a mbuf chain
to bpf with either an address family or other header added.
These helpers only allocate a much smaller struct m_hdr on the stack when
needed, rather than leaving 256 byte struct mbufs on the stack in deep
call paths. Also removes a fair bit of duplicated code.
commit now, tune after deraadt@
Diffstat (limited to 'sys/net')
| -rw-r--r-- | sys/net/bpf.c | 46 | ||||
| -rw-r--r-- | sys/net/bpf.h | 4 | ||||
| -rw-r--r-- | sys/net/if_faith.c | 22 | ||||
| -rw-r--r-- | sys/net/if_gif.c | 22 | ||||
| -rw-r--r-- | sys/net/if_gre.c | 22 | ||||
| -rw-r--r-- | sys/net/if_loop.c | 22 | ||||
| -rw-r--r-- | sys/net/if_pflog.c | 16 | ||||
| -rw-r--r-- | sys/net/if_trunk.c | 13 | ||||
| -rw-r--r-- | sys/net/if_vlan.c | 19 |
9 files changed, 72 insertions, 114 deletions
diff --git a/sys/net/bpf.c b/sys/net/bpf.c index 980066a9490..f329bde00b6 100644 --- a/sys/net/bpf.c +++ b/sys/net/bpf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bpf.c,v 1.58 2005/04/20 19:52:42 reyk Exp $ */ +/* $OpenBSD: bpf.c,v 1.59 2005/07/31 03:52:18 pascoe Exp $ */ /* $NetBSD: bpf.c,v 1.33 1997/02/21 23:59:35 thorpej Exp $ */ /* @@ -1189,6 +1189,50 @@ bpf_mtap(caddr_t arg, struct mbuf *m) } /* + * Incoming linkage from device drivers, where we have a mbuf chain + * but need to prepend some arbitrary header from a linear buffer. + * + * Con up a minimal dummy header to pacify bpf. Allocate (only) a + * struct m_hdr on the stack. This is safe as bpf only reads from the + * fields in this header that we initialize, and will not try to free + * it or keep a pointer to it. + */ +int +bpf_mtap_hdr(caddr_t arg, caddr_t data, u_int dlen, struct mbuf *m) +{ + struct m_hdr mh; + + mh.mh_flags = 0; + mh.mh_next = m; + mh.mh_len = dlen; + mh.mh_data = data; + + return bpf_mtap(arg, (struct mbuf *) &mh); +} + +/* + * Incoming linkage from device drivers, where we have a mbuf chain + * but need to prepend the address family. + * + * Con up a minimal dummy header to pacify bpf. We allocate (only) a + * struct m_hdr on the stack. This is safe as bpf only reads from the + * fields in this header that we initialize, and will not try to free + * it or keep a pointer to it. + */ +int +bpf_mtap_af(caddr_t arg, u_int32_t af, struct mbuf *m) +{ + struct m_hdr mh; + + mh.mh_flags = 0; + mh.mh_next = m; + mh.mh_len = 4; + mh.mh_data = (caddr_t)⁡ + + return bpf_mtap(arg, (struct mbuf *) &mh); +} + +/* * Move the packet data from interface memory (pkt) into the * store buffer. Return 1 if it's time to wakeup a listener (buffer full), * otherwise 0. "copy" is the routine called to do the actual data diff --git a/sys/net/bpf.h b/sys/net/bpf.h index c8465ea15c7..b6e8c0e1610 100644 --- a/sys/net/bpf.h +++ b/sys/net/bpf.h @@ -1,4 +1,4 @@ -/* $OpenBSD: bpf.h,v 1.30 2005/01/07 16:28:38 reyk Exp $ */ +/* $OpenBSD: bpf.h,v 1.31 2005/07/31 03:52:18 pascoe Exp $ */ /* $NetBSD: bpf.h,v 1.15 1996/12/13 07:57:33 mikel Exp $ */ /* @@ -262,6 +262,8 @@ struct bpf_dltlist { int bpf_validate(struct bpf_insn *, int); int bpf_tap(caddr_t, u_char *, u_int); int bpf_mtap(caddr_t, struct mbuf *); +int bpf_mtap_hdr(caddr_t, caddr_t, u_int, struct mbuf *); +int bpf_mtap_af(caddr_t, u_int32_t, struct mbuf *); void bpfattach(caddr_t *, struct ifnet *, u_int, u_int); void bpfdetach(struct ifnet *); void bpfilterattach(int); diff --git a/sys/net/if_faith.c b/sys/net/if_faith.c index b936b6f4204..e7a224c80ee 100644 --- a/sys/net/if_faith.c +++ b/sys/net/if_faith.c @@ -1,4 +1,4 @@ -/* $OpenBSD: if_faith.c,v 1.17 2003/12/16 20:33:25 markus Exp $ */ +/* $OpenBSD: if_faith.c,v 1.18 2005/07/31 03:52:18 pascoe Exp $ */ /* * Copyright (c) 1982, 1986, 1993 * The Regents of the University of California. All rights reserved. @@ -151,24 +151,8 @@ faithoutput(ifp, m, dst, rt) m->m_data += sizeof(int); } - if (ifp->if_bpf) { - /* - * We need to prepend the address family as - * a four byte field. Cons up a faith header - * to pacify bpf. This is safe because bpf - * will only read from the mbuf (i.e., it won't - * try to free it or keep a pointer a to it). - */ - struct mbuf m0; - u_int32_t af = dst->sa_family; - - m0.m_flags = 0; - m0.m_next = m; - m0.m_len = 4; - m0.m_data = (char *)⁡ - - bpf_mtap(ifp->if_bpf, &m0); - } + if (ifp->if_bpf) + bpf_mtap_af(ifp->if_bpf, dst->sa_family); #endif if (rt && rt->rt_flags & (RTF_REJECT|RTF_BLACKHOLE)) { diff --git a/sys/net/if_gif.c b/sys/net/if_gif.c index cce663f9a5f..931791e25a5 100644 --- a/sys/net/if_gif.c +++ b/sys/net/if_gif.c @@ -1,4 +1,4 @@ -/* $OpenBSD: if_gif.c,v 1.31 2003/12/16 20:33:25 markus Exp $ */ +/* $OpenBSD: if_gif.c,v 1.32 2005/07/31 03:52:18 pascoe Exp $ */ /* $KAME: if_gif.c,v 1.43 2001/02/20 08:51:07 itojun Exp $ */ /* @@ -232,24 +232,8 @@ gif_output(ifp, m, dst, rt) m->m_flags &= ~(M_BCAST|M_MCAST); #if NBPFILTER > 0 - if (ifp->if_bpf) { - /* - * We need to prepend the address family as - * a four byte field. Cons up a dummy header - * to pacify bpf. This is safe because bpf - * will only read from the mbuf (i.e., it won't - * try to free it or keep a pointer a to it). - */ - struct mbuf m0; - u_int32_t af = dst->sa_family; - - m0.m_flags = 0; - m0.m_next = m; - m0.m_len = 4; - m0.m_data = (char *)⁡ - - bpf_mtap(ifp->if_bpf, &m0); - } + if (ifp->if_bpf) + bpf_mtap_af(ifp->if_bpf, dst->sa_family, m); #endif ifp->if_opackets++; ifp->if_obytes += m->m_pkthdr.len; diff --git a/sys/net/if_gre.c b/sys/net/if_gre.c index 8310ff5404e..8b411fc95fe 100644 --- a/sys/net/if_gre.c +++ b/sys/net/if_gre.c @@ -1,4 +1,4 @@ -/* $OpenBSD: if_gre.c,v 1.34 2005/06/08 06:35:04 henning Exp $ */ +/* $OpenBSD: if_gre.c,v 1.35 2005/07/31 03:52:18 pascoe Exp $ */ /* $NetBSD: if_gre.c,v 1.9 1999/10/25 19:18:11 drochner Exp $ */ /* @@ -235,24 +235,8 @@ gre_output(struct ifnet *ifp, struct mbuf *m, struct sockaddr *dst, m_tag_prepend(m, mtag); #if NBPFILTER >0 - if (ifp->if_bpf) { - /* - * We need to prepend the address family as a four - * byte field. Cons up a fake header to pacify bpf. - * This is safe because bpf will only read from the - * mbuf (i.e., it won't try to free it or keep a - * pointer a to it). - */ - struct mbuf m0; - u_int32_t af = dst->sa_family; - - m0.m_flags = 0; - m0.m_next = m; - m0.m_len = 4; - m0.m_data = (char *) ⁡ - - bpf_mtap(ifp->if_bpf, &m0); - } + if (ifp->if_bpf) + bpf_mtap_af(ifp->if_bpf, dst->sa_family, m); #endif if (sc->g_proto == IPPROTO_MOBILE) { diff --git a/sys/net/if_loop.c b/sys/net/if_loop.c index dc51a28c9b5..b4760546e43 100644 --- a/sys/net/if_loop.c +++ b/sys/net/if_loop.c @@ -1,4 +1,4 @@ -/* $OpenBSD: if_loop.c,v 1.35 2005/06/12 06:23:43 henning Exp $ */ +/* $OpenBSD: if_loop.c,v 1.36 2005/07/31 03:52:18 pascoe Exp $ */ /* $NetBSD: if_loop.c,v 1.15 1996/05/07 02:40:33 thorpej Exp $ */ /* @@ -250,24 +250,8 @@ looutput(ifp, m, dst, rt) * looutput() is also called for SIMPLEX interfaces to duplicate * packets for local use. But don't dup them to bpf. */ - if (ifp->if_bpf && (ifp->if_flags&IFF_LOOPBACK)) { - /* - * We need to prepend the address family as - * a four byte field. Cons up a dummy header - * to pacify bpf. This is safe because bpf - * will only read from the mbuf (i.e., it won't - * try to free it or keep a pointer to it). - */ - struct mbuf m0; - u_int32_t af = htonl(dst->sa_family); - - m0.m_flags = 0; - m0.m_next = m; - m0.m_len = sizeof(af); - m0.m_data = (char *)⁡ - - bpf_mtap(ifp->if_bpf, &m0); - } + if (ifp->if_bpf && (ifp->if_flags & IFF_LOOPBACK)) + bpf_mtap_af(ifp->if_bpf, dst->sa_family, m); #endif m->m_pkthdr.rcvif = ifp; diff --git a/sys/net/if_pflog.c b/sys/net/if_pflog.c index d5370c1c7fa..548d0247c66 100644 --- a/sys/net/if_pflog.c +++ b/sys/net/if_pflog.c @@ -1,4 +1,4 @@ -/* $OpenBSD: if_pflog.c,v 1.14 2005/05/27 20:17:31 dhartmei Exp $ */ +/* $OpenBSD: if_pflog.c,v 1.15 2005/07/31 03:52:18 pascoe Exp $ */ /* * The authors of this code are John Ioannidis (ji@tla.org), * Angelos D. Keromytis (kermit@csd.uch.gr) and @@ -180,11 +180,14 @@ pflog_packet(struct pfi_kif *kif, struct mbuf *m, sa_family_t af, u_int8_t dir, #if NBPFILTER > 0 struct ifnet *ifn; struct pfloghdr hdr; - struct mbuf m1; if (kif == NULL || m == NULL || rm == NULL || pd == NULL) return (-1); + ifn = &(pflogif[0].sc_if); + if (!ifn->if_bpf) + return (0); + bzero(&hdr, sizeof(hdr)); hdr.length = PFLOG_REAL_HDRLEN; hdr.af = af; @@ -225,14 +228,7 @@ pflog_packet(struct pfi_kif *kif, struct mbuf *m, sa_family_t af, u_int8_t dir, } #endif /* INET */ - m1.m_next = m; - m1.m_len = PFLOG_HDRLEN; - m1.m_data = (char *) &hdr; - - ifn = &(pflogif[0].sc_if); - - if (ifn->if_bpf) - bpf_mtap(ifn->if_bpf, &m1); + bpf_mtap_hdr(ifn->if_bpf, (char *)&hdr, PFLOG_HDRLEN, m); #endif return (0); diff --git a/sys/net/if_trunk.c b/sys/net/if_trunk.c index 8ca077eb43e..84b896281b7 100644 --- a/sys/net/if_trunk.c +++ b/sys/net/if_trunk.c @@ -1,4 +1,4 @@ -/* $OpenBSD: if_trunk.c,v 1.3 2005/05/27 22:57:13 reyk Exp $ */ +/* $OpenBSD: if_trunk.c,v 1.4 2005/07/31 03:52:18 pascoe Exp $ */ /* * Copyright (c) 2005 Reyk Floeter <reyk@vantronix.net> @@ -669,15 +669,8 @@ trunk_input(struct ifnet *ifp, struct ether_header *eh, struct mbuf *m) trifp = &tr->tr_ac.ac_if; #if NBPFILTER > 0 - if (trifp->if_bpf) { - struct mbuf m0; - - m0.m_flags = 0; - m0.m_next = m; - m0.m_len = ETHER_HDR_LEN; - m0.m_data = (char *)eh; - bpf_mtap(trifp->if_bpf, &m0); - } + if (trifp->if_bpf) + bpf_mtap_hdr(trifp->if_bpf, (char *)eh, ETHER_HDR_LEN, m); #endif error = (*tr->tr_input)(tr, tp, eh, m); diff --git a/sys/net/if_vlan.c b/sys/net/if_vlan.c index 376db014ef0..579128b1456 100644 --- a/sys/net/if_vlan.c +++ b/sys/net/if_vlan.c @@ -1,4 +1,4 @@ -/* $OpenBSD: if_vlan.c,v 1.58 2005/07/19 11:50:20 camield Exp $ */ +/* $OpenBSD: if_vlan.c,v 1.59 2005/07/31 03:52:18 pascoe Exp $ */ /* * Copyright 1998 Massachusetts Institute of Technology @@ -301,21 +301,8 @@ vlan_input(eh, m) m->m_pkthdr.len -= EVL_ENCAPLEN; #if NBPFILTER > 0 - if (ifv->ifv_if.if_bpf) { - /* - * Do the usual BPF fakery. Note that we don't support - * promiscuous mode here, since it would require the - * drivers to know about VLANs and we're not ready for - * that yet. - */ - struct mbuf m0; - - m0.m_flags = 0; - m0.m_next = m; - m0.m_len = ETHER_HDR_LEN; - m0.m_data = (char *)eh; - bpf_mtap(ifv->ifv_if.if_bpf, &m0); - } + if (ifv->ifv_if.if_bpf) + bpf_mtap_hdr(ifv->ifv_if.if_bpf, (char *)eh, ETHER_HDR_LEN, m); #endif ifv->ifv_if.if_ipackets++; ether_input(&ifv->ifv_if, eh, m); |