diff options
| author | Henning Brauer <henning@cvs.openbsd.org> | 2014-07-09 09:30:50 +0000 |
|---|---|---|
| committer | Henning Brauer <henning@cvs.openbsd.org> | 2014-07-09 09:30:50 +0000 |
| commit | f254be81afb848372994ebd35f0ea34a274acbc8 (patch) | |
| tree | bf3c15ba2e1cb64cd763ce82c78c59fbb01d7377 /sys | |
| parent | 07edae74825f47a40c1c4573651c84db9a7865ed (diff) | |
bpf code surgery / shuffling / simplification.
the various bpf_mtap_* are very similiar, they differ in what (and to some
extent how) they prepend something, and what copy function they pass to
bpf_catchpacket.
use an internal _bpf_mtap as "backend" for bpf_mtap and friends.
extend bpf_mtap_hdr so that it covers all common cases:
if dlen is 0, nothing gets prepended.
copy function can be given, if NULL the default bpf_mcopy is used.
adjust the existing bpf_mtap_hdr users to pass a NULL ptr for the copy fn.
re-implement bpf_mtap_af as simple wrapper for bpf_mtap_hdr.
re-implement bpf_mtap_ether using bpf_map_hdr
re-implement bpf_mtap_pflog as trivial bpf_mtap_hdr wrapper
ok bluhm benno
Diffstat (limited to 'sys')
| -rw-r--r-- | sys/arch/sparc/dev/if_ie.c | 4 | ||||
| -rw-r--r-- | sys/net/bpf.c | 102 | ||||
| -rw-r--r-- | sys/net/bpf.h | 5 | ||||
| -rw-r--r-- | sys/net/if_bridge.c | 10 | ||||
| -rw-r--r-- | sys/net/if_trunk.c | 6 | ||||
| -rw-r--r-- | sys/net/if_vlan.c | 4 | ||||
| -rw-r--r-- | sys/netinet/ip_ah.c | 4 | ||||
| -rw-r--r-- | sys/netinet/ip_carp.c | 6 | ||||
| -rw-r--r-- | sys/netinet/ip_esp.c | 4 | ||||
| -rw-r--r-- | sys/netinet/ip_ipcomp.c | 4 | ||||
| -rw-r--r-- | sys/netinet/ipsec_input.c | 4 |
11 files changed, 64 insertions, 89 deletions
diff --git a/sys/arch/sparc/dev/if_ie.c b/sys/arch/sparc/dev/if_ie.c index 45785daf00b..df4def1033d 100644 --- a/sys/arch/sparc/dev/if_ie.c +++ b/sys/arch/sparc/dev/if_ie.c @@ -1,4 +1,4 @@ -/* $OpenBSD: if_ie.c,v 1.45 2013/11/28 22:18:52 deraadt Exp $ */ +/* $OpenBSD: if_ie.c,v 1.46 2014/07/09 09:30:49 henning Exp $ */ /* $NetBSD: if_ie.c,v 1.33 1997/07/29 17:55:38 fair Exp $ */ /*- @@ -1335,7 +1335,7 @@ ie_readframe(sc, num) if (bpf_gets_it) { /* Pass it up. */ bpf_mtap_hdr(sc->sc_arpcom.ac_if.if_bpf, (caddr_t)&eh, - sizeof(eh), m, BPF_DIRECTION_IN); + sizeof(eh), m, BPF_DIRECTION_IN, NULL); } /* * A signal passed up from the filtering code indicating that the diff --git a/sys/net/bpf.c b/sys/net/bpf.c index df40c12ff25..4db2310febb 100644 --- a/sys/net/bpf.c +++ b/sys/net/bpf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bpf.c,v 1.93 2014/04/23 10:50:18 jca Exp $ */ +/* $OpenBSD: bpf.c,v 1.94 2014/07/09 09:30:49 henning Exp $ */ /* $NetBSD: bpf.c,v 1.33 1997/02/21 23:59:35 thorpej Exp $ */ /* @@ -92,6 +92,8 @@ LIST_HEAD(, bpf_d) bpf_d_list; void bpf_allocbufs(struct bpf_d *); void bpf_freed(struct bpf_d *); void bpf_ifname(struct ifnet *, struct ifreq *); +void _bpf_mtap(caddr_t, struct mbuf *, u_int, + void (*)(const void *, void *, size_t)); void bpf_mcopy(const void *, void *, size_t); int bpf_movein(struct uio *, u_int, struct mbuf **, struct sockaddr *, struct bpf_insn *); @@ -1159,10 +1161,11 @@ bpf_mcopy(const void *src_arg, void *dst_arg, size_t len) } /* - * Incoming linkage from device drivers, when packet is in an mbuf chain. + * like bpf_mtap, but copy fn can be given. used by various bpf_mtap* */ void -bpf_mtap(caddr_t arg, struct mbuf *m, u_int direction) +_bpf_mtap(caddr_t arg, struct mbuf *m, u_int direction, + void (*cpfn)(const void *, void *, size_t)) { struct bpf_if *bp = (struct bpf_if *)arg; struct bpf_d *d; @@ -1174,6 +1177,9 @@ bpf_mtap(caddr_t arg, struct mbuf *m, u_int direction) if (m == NULL) return; + if (cpfn == NULL) + cpfn = bpf_mcopy; + pktlen = 0; for (m0 = m; m0 != 0; m0 = m0->m_next) pktlen += m0->m_len; @@ -1191,13 +1197,22 @@ bpf_mtap(caddr_t arg, struct mbuf *m, u_int direction) if (!gottime++) microtime(&tv); - bpf_catchpacket(d, (u_char *)m, pktlen, slen, bpf_mcopy, &tv); + bpf_catchpacket(d, (u_char *)m, pktlen, slen, cpfn, &tv); if (d->bd_fildrop) m->m_flags |= M_FILDROP; } } /* + * Incoming linkage from device drivers, when packet is in an mbuf chain. + */ +void +bpf_mtap(caddr_t arg, struct mbuf *m, u_int direction) +{ + _bpf_mtap(arg, m, direction, NULL); +} + +/* * Incoming linkage from device drivers, where we have a mbuf chain * but need to prepend some arbitrary header from a linear buffer. * @@ -1208,17 +1223,23 @@ bpf_mtap(caddr_t arg, struct mbuf *m, u_int direction) */ void bpf_mtap_hdr(caddr_t arg, caddr_t data, u_int dlen, struct mbuf *m, - u_int direction) + u_int direction, void (*cpfn)(const void *, void *, size_t)) { - struct m_hdr mh; - - mh.mh_flags = 0; - mh.mh_next = m; - mh.mh_len = dlen; - mh.mh_data = data; - - bpf_mtap(arg, (struct mbuf *) &mh, direction); - m->m_flags |= mh.mh_flags & M_FILDROP; + struct m_hdr mh; + struct mbuf *m0; + + if (dlen > 0) { + mh.mh_flags = 0; + mh.mh_next = m; + mh.mh_len = dlen; + mh.mh_data = data; + m0 = (struct mbuf *)&mh; + } else + m0 = m; + + _bpf_mtap(arg, m0, direction, cpfn); + if (m0 != m) + m->m_flags |= m0->m_flags & M_FILDROP; } /* @@ -1233,17 +1254,10 @@ bpf_mtap_hdr(caddr_t arg, caddr_t data, u_int dlen, struct mbuf *m, void bpf_mtap_af(caddr_t arg, u_int32_t af, struct mbuf *m, u_int direction) { - struct m_hdr mh; u_int32_t afh; - mh.mh_flags = 0; - mh.mh_next = m; - mh.mh_len = 4; afh = htonl(af); - mh.mh_data = (caddr_t)&afh; - - bpf_mtap(arg, (struct mbuf *) &mh, direction); - m->m_flags |= mh.mh_flags & M_FILDROP; + bpf_mtap_hdr(arg, (caddr_t)&afh, 4, m, direction, NULL); } /* @@ -1259,7 +1273,6 @@ void bpf_mtap_ether(caddr_t arg, struct mbuf *m, u_int direction) { #if NVLAN > 0 - struct m_hdr mh; struct ether_vlan_header evh; if ((m->m_flags & M_VLANTAG) == 0) @@ -1277,13 +1290,7 @@ bpf_mtap_ether(caddr_t arg, struct mbuf *m, u_int direction) m->m_len -= ETHER_HDR_LEN; m->m_data += ETHER_HDR_LEN; - mh.mh_flags = 0; - mh.mh_next = m; - mh.mh_len = sizeof(evh); - mh.mh_data = (caddr_t)&evh; - - bpf_mtap(arg, (struct mbuf *) &mh, direction); - m->m_flags |= mh.mh_flags & M_FILDROP; + bpf_mtap_hdr(arg, (caddr_t)&evh, sizeof(evh), m, direction, NULL); m->m_len += ETHER_HDR_LEN; m->m_data -= ETHER_HDR_LEN; @@ -1294,42 +1301,11 @@ void bpf_mtap_pflog(caddr_t arg, caddr_t data, struct mbuf *m) { #if NPFLOG > 0 - struct m_hdr mh; - struct bpf_if *bp = (struct bpf_if *)arg; - struct bpf_d *d; - size_t pktlen, slen; - struct mbuf *m0; - struct timeval tv; - int gottime = 0; - if (m == NULL) return; - mh.mh_flags = 0; - mh.mh_next = m; - mh.mh_len = PFLOG_HDRLEN; - mh.mh_data = data; - - pktlen = mh.mh_len; - for (m0 = m; m0 != 0; m0 = m0->m_next) - pktlen += m0->m_len; - - for (d = bp->bif_dlist; d != 0; d = d->bd_next) { - ++d->bd_rcount; - if ((BPF_DIRECTION_OUT & d->bd_dirfilt) != 0) - slen = 0; - else - slen = bpf_filter(d->bd_rfilter, (u_char *)&mh, - pktlen, 0); - - if (slen == 0) - continue; - - if (!gottime++) - microtime(&tv); - bpf_catchpacket(d, (u_char *)&mh, pktlen, slen, pflog_bpfcopy, - &tv); - } + bpf_mtap_hdr(arg, data, PFLOG_HDRLEN, m, BPF_DIRECTION_OUT, + pflog_bpfcopy); #endif } diff --git a/sys/net/bpf.h b/sys/net/bpf.h index 6be91c7a4c8..7b061ec10b6 100644 --- a/sys/net/bpf.h +++ b/sys/net/bpf.h @@ -1,4 +1,4 @@ -/* $OpenBSD: bpf.h,v 1.43 2012/03/26 19:37:42 claudio Exp $ */ +/* $OpenBSD: bpf.h,v 1.44 2014/07/09 09:30:49 henning Exp $ */ /* $NetBSD: bpf.h,v 1.15 1996/12/13 07:57:33 mikel Exp $ */ /* @@ -272,7 +272,8 @@ struct bpf_dltlist { int bpf_validate(struct bpf_insn *, int); int bpf_tap(caddr_t, u_char *, u_int, u_int); void bpf_mtap(caddr_t, struct mbuf *, u_int); -void bpf_mtap_hdr(caddr_t, caddr_t, u_int, struct mbuf *, u_int); +void bpf_mtap_hdr(caddr_t, caddr_t, u_int, struct mbuf *, u_int, + void (*)(const void *, void *, size_t)); void bpf_mtap_af(caddr_t, u_int32_t, struct mbuf *, u_int); void bpf_mtap_ether(caddr_t, struct mbuf *, u_int); void bpf_mtap_pflog(caddr_t, caddr_t, struct mbuf *); diff --git a/sys/net/if_bridge.c b/sys/net/if_bridge.c index 24fdda2cd0a..b8aac235601 100644 --- a/sys/net/if_bridge.c +++ b/sys/net/if_bridge.c @@ -1,4 +1,4 @@ -/* $OpenBSD: if_bridge.c,v 1.223 2014/04/19 14:39:26 henning Exp $ */ +/* $OpenBSD: if_bridge.c,v 1.224 2014/07/09 09:30:49 henning Exp $ */ /* * Copyright (c) 1999, 2000 Jason L. Wright (jason@thought.net) @@ -1330,7 +1330,7 @@ bridge_input(struct ifnet *ifp, struct ether_header *eh, struct mbuf *m) #if NBPFILTER > 0 if (sc->sc_if.if_bpf) bpf_mtap_hdr(sc->sc_if.if_bpf, (caddr_t)eh, - ETHER_HDR_LEN, m, BPF_DIRECTION_IN); + ETHER_HDR_LEN, m, BPF_DIRECTION_IN, NULL); #endif bridge_span(sc, eh, m); @@ -1441,10 +1441,8 @@ bridge_input(struct ifnet *ifp, struct ether_header *eh, struct mbuf *m) * is aware */ #if NBPFILTER > 0 if (ifl->ifp->if_bpf) - bpf_mtap_hdr(ifl->ifp->if_bpf, - (caddr_t)eh, - ETHER_HDR_LEN, m, - BPF_DIRECTION_IN); + bpf_mtap_hdr(ifl->ifp->if_bpf, (caddr_t)eh, + ETHER_HDR_LEN, m, BPF_DIRECTION_IN, NULL); #endif /* Count for the interface we are going to */ ifl->ifp->if_ipackets++; diff --git a/sys/net/if_trunk.c b/sys/net/if_trunk.c index a9026e5614f..67128e53464 100644 --- a/sys/net/if_trunk.c +++ b/sys/net/if_trunk.c @@ -1,4 +1,4 @@ -/* $OpenBSD: if_trunk.c,v 1.87 2014/03/10 12:21:35 mpi Exp $ */ +/* $OpenBSD: if_trunk.c,v 1.88 2014/07/09 09:30:49 henning Exp $ */ /* * Copyright (c) 2005, 2006, 2007 Reyk Floeter <reyk@openbsd.org> @@ -1102,7 +1102,7 @@ trunk_input(struct ifnet *ifp, struct ether_header *eh, struct mbuf *m) #if NBPFILTER > 0 if (trifp->if_bpf && tr->tr_proto != TRUNK_PROTO_FAILOVER) bpf_mtap_hdr(trifp->if_bpf, (char *)eh, ETHER_HDR_LEN, m, - BPF_DIRECTION_IN); + BPF_DIRECTION_IN, NULL); #endif error = (*tr->tr_input)(tr, tp, eh, m); @@ -1372,7 +1372,7 @@ trunk_fail_input(struct trunk_softc *tr, struct trunk_port *tp, #if NBPFILTER > 0 if (ifp->if_bpf) bpf_mtap_hdr(ifp->if_bpf, (char *)eh, ETHER_HDR_LEN, m, - BPF_DIRECTION_IN); + BPF_DIRECTION_IN, NULL); #endif m->m_pkthdr.rcvif = ifp; diff --git a/sys/net/if_vlan.c b/sys/net/if_vlan.c index 300f55738de..9f5aca88b33 100644 --- a/sys/net/if_vlan.c +++ b/sys/net/if_vlan.c @@ -1,4 +1,4 @@ -/* $OpenBSD: if_vlan.c,v 1.105 2014/05/14 21:48:50 henning Exp $ */ +/* $OpenBSD: if_vlan.c,v 1.106 2014/07/09 09:30:49 henning Exp $ */ /* * Copyright 1998 Massachusetts Institute of Technology @@ -299,7 +299,7 @@ vlan_input(struct ether_header *eh, struct mbuf *m) #if NBPFILTER > 0 if (ifv->ifv_if.if_bpf) bpf_mtap_hdr(ifv->ifv_if.if_bpf, (char *)eh, ETHER_HDR_LEN, m, - BPF_DIRECTION_IN); + BPF_DIRECTION_IN, NULL); #endif /* diff --git a/sys/netinet/ip_ah.c b/sys/netinet/ip_ah.c index 64f5f198d72..8473c301549 100644 --- a/sys/netinet/ip_ah.c +++ b/sys/netinet/ip_ah.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ip_ah.c,v 1.108 2014/01/09 06:29:05 tedu Exp $ */ +/* $OpenBSD: ip_ah.c,v 1.109 2014/07/09 09:30:49 henning Exp $ */ /* * The authors of this code are John Ioannidis (ji@tla.org), * Angelos D. Keromytis (kermit@csd.uch.gr) and @@ -1016,7 +1016,7 @@ ah_output(struct mbuf *m, struct tdb *tdb, struct mbuf **mp, int skip, hdr.flags |= M_AUTH; bpf_mtap_hdr(encif->if_bpf, (char *)&hdr, - ENC_HDRLEN, m, BPF_DIRECTION_OUT); + ENC_HDRLEN, m, BPF_DIRECTION_OUT, NULL); } } #endif diff --git a/sys/netinet/ip_carp.c b/sys/netinet/ip_carp.c index 0c50adc9d53..608205c1990 100644 --- a/sys/netinet/ip_carp.c +++ b/sys/netinet/ip_carp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ip_carp.c,v 1.230 2014/06/30 07:02:22 mpi Exp $ */ +/* $OpenBSD: ip_carp.c,v 1.231 2014/07/09 09:30:49 henning Exp $ */ /* * Copyright (c) 2002 Michael Shalayeff. All rights reserved. @@ -1454,7 +1454,7 @@ carp_input(struct ifnet *ifp0, struct ether_header *eh0, struct mbuf *m) #if NBPFILTER > 0 if (vh->sc_if.if_bpf) bpf_mtap_hdr(vh->sc_if.if_bpf, (char *)&eh, - ETHER_HDR_LEN, m0, BPF_DIRECTION_IN); + ETHER_HDR_LEN, m0, BPF_DIRECTION_IN, NULL); #endif vh->sc_if.if_ipackets++; ether_input(&vh->sc_if, &eh, m0); @@ -1470,7 +1470,7 @@ carp_input(struct ifnet *ifp0, struct ether_header *eh0, struct mbuf *m) #if NBPFILTER > 0 if (ifp->if_bpf) bpf_mtap_hdr(ifp->if_bpf, (char *)&eh, ETHER_HDR_LEN, m, - BPF_DIRECTION_IN); + BPF_DIRECTION_IN, NULL); #endif ifp->if_ipackets++; ether_input(ifp, &eh, m); diff --git a/sys/netinet/ip_esp.c b/sys/netinet/ip_esp.c index 9df5825cf31..bf29436a217 100644 --- a/sys/netinet/ip_esp.c +++ b/sys/netinet/ip_esp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ip_esp.c,v 1.123 2014/01/09 06:29:06 tedu Exp $ */ +/* $OpenBSD: ip_esp.c,v 1.124 2014/07/09 09:30:49 henning Exp $ */ /* * The authors of this code are John Ioannidis (ji@tla.org), * Angelos D. Keromytis (kermit@csd.uch.gr) and @@ -803,7 +803,7 @@ esp_output(struct mbuf *m, struct tdb *tdb, struct mbuf **mp, int skip, hdr.flags |= M_AUTH; bpf_mtap_hdr(encif->if_bpf, (char *)&hdr, - ENC_HDRLEN, m, BPF_DIRECTION_OUT); + ENC_HDRLEN, m, BPF_DIRECTION_OUT, NULL); } } #endif diff --git a/sys/netinet/ip_ipcomp.c b/sys/netinet/ip_ipcomp.c index f0dba810a49..6e753eb8d51 100644 --- a/sys/netinet/ip_ipcomp.c +++ b/sys/netinet/ip_ipcomp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ip_ipcomp.c,v 1.33 2014/01/09 06:29:06 tedu Exp $ */ +/* $OpenBSD: ip_ipcomp.c,v 1.34 2014/07/09 09:30:49 henning Exp $ */ /* * Copyright (c) 2001 Jean-Jacques Bernard-Gundol (jj@wabbitt.org) @@ -402,7 +402,7 @@ ipcomp_output(m, tdb, mp, skip, protoff) hdr.spi = tdb->tdb_spi; bpf_mtap_hdr(encif->if_bpf, (char *)&hdr, - ENC_HDRLEN, m, BPF_DIRECTION_OUT); + ENC_HDRLEN, m, BPF_DIRECTION_OUT, NULL); } } #endif diff --git a/sys/netinet/ipsec_input.c b/sys/netinet/ipsec_input.c index 40f7afbae36..6b1eb7ee1d7 100644 --- a/sys/netinet/ipsec_input.c +++ b/sys/netinet/ipsec_input.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ipsec_input.c,v 1.120 2014/04/14 09:06:42 mpi Exp $ */ +/* $OpenBSD: ipsec_input.c,v 1.121 2014/07/09 09:30:49 henning Exp $ */ /* * The authors of this code are John Ioannidis (ji@tla.org), * Angelos D. Keromytis (kermit@csd.uch.gr) and @@ -702,7 +702,7 @@ ipsec_common_input_cb(struct mbuf *m, struct tdb *tdbp, int skip, int protoff, hdr.flags = m->m_flags & (M_AUTH|M_CONF); bpf_mtap_hdr(encif->if_bpf, (char *)&hdr, - ENC_HDRLEN, m, BPF_DIRECTION_IN); + ENC_HDRLEN, m, BPF_DIRECTION_IN, NULL); } } #endif |