xref: /netbsd-src/sys/net/npf/npf_ext_log.c (revision e89934bbf778a6d6d6894877c4da59d0c7835b0f) 
1 /*	$NetBSD: npf_ext_log.c,v 1.11 2017/01/29 00:15:54 christos Exp $	*/
2 
3 /*-
4  * Copyright (c) 2010-2012 The NetBSD Foundation, Inc.
5  * All rights reserved.
6  *
7  * This material is based upon work partially supported by The
8  * NetBSD Foundation under a contract with Mindaugas Rasiukevicius.
9  *
10  * Redistribution and use in source and binary forms, with or without
11  * modification, are permitted provided that the following conditions
12  * are met:
13  * 1. Redistributions of source code must retain the above copyright
14  *    notice, this list of conditions and the following disclaimer.
15  * 2. Redistributions in binary form must reproduce the above copyright
16  *    notice, this list of conditions and the following disclaimer in the
17  *    documentation and/or other materials provided with the distribution.
18  *
19  * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
20  * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
21  * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
22  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
23  * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
24  * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
25  * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
26  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
27  * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
28  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
29  * POSSIBILITY OF SUCH DAMAGE.
30  */
31 
32 /*
33  * NPF logging extension.
34  */
35 
36 #ifdef _KERNEL
37 #include <sys/cdefs.h>
38 __KERNEL_RCSID(0, "$NetBSD: npf_ext_log.c,v 1.11 2017/01/29 00:15:54 christos Exp $");
39 
40 #include <sys/types.h>
41 #include <sys/module.h>
42 
43 #include <sys/conf.h>
44 #include <sys/kmem.h>
45 #include <sys/mbuf.h>
46 #include <sys/mutex.h>
47 #include <sys/queue.h>
48 
49 #include <net/if.h>
50 #include <net/if_types.h>
51 #include <net/bpf.h>
52 #endif
53 
54 #include "npf_impl.h"
55 #include "if_npflog.h"
56 
57 NPF_EXT_MODULE(npf_ext_log, "");
58 
59 #define	NPFEXT_LOG_VER		1
60 
61 static void *		npf_ext_log_id;
62 
63 typedef struct {
64 	unsigned int	if_idx;
65 } npf_ext_log_t;
66 
67 static int
68 npf_log_ctor(npf_rproc_t *rp, prop_dictionary_t params)
69 {
70 	npf_ext_log_t *meta;
71 
72 	meta = kmem_zalloc(sizeof(npf_ext_log_t), KM_SLEEP);
73 	prop_dictionary_get_uint32(params, "log-interface", &meta->if_idx);
74 	npf_rproc_assign(rp, meta);
75 	return 0;
76 }
77 
78 static void
79 npf_log_dtor(npf_rproc_t *rp, void *meta)
80 {
81 	kmem_free(meta, sizeof(npf_ext_log_t));
82 }
83 
84 static bool
85 npf_log(npf_cache_t *npc, void *meta, const npf_match_info_t *mi, int *decision)
86 {
87 	struct mbuf *m = nbuf_head_mbuf(npc->npc_nbuf);
88 	const npf_ext_log_t *log = meta;
89 	struct psref psref;
90 	ifnet_t *ifp;
91 	struct npfloghdr hdr;
92 
93 	memset(&hdr, 0, sizeof(hdr));
94 	/* Set the address family. */
95 	if (npf_iscached(npc, NPC_IP4)) {
96 		hdr.af = AF_INET;
97 	} else if (npf_iscached(npc, NPC_IP6)) {
98 		hdr.af = AF_INET6;
99 	} else {
100 		hdr.af = AF_UNSPEC;
101 	}
102 
103 	hdr.length = NPFLOG_REAL_HDRLEN;
104 	hdr.action = *decision == NPF_DECISION_PASS ?
105 	    0 /* pass */ : 1 /* block */;
106 	hdr.reason = 0;	/* match */
107 	struct nbuf *nb = npc->npc_nbuf;
108 	const char *ifname = nb && nb->nb_ifid ?
109 	    npf_ifmap_getname(npc->npc_ctx, nb->nb_ifid) : "???";
110 
111 	strlcpy(hdr.ifname, ifname, sizeof(hdr.ifname));
112 
113 	hdr.rulenr = htonl((uint32_t)mi->mi_rid);
114 	hdr.subrulenr = htonl((uint32_t)(mi->mi_rid >> 32));
115 	strlcpy(hdr.ruleset, "rules", sizeof(hdr.ruleset));
116 
117 	hdr.uid = UID_MAX;
118 	hdr.pid = (pid_t)-1;
119 	hdr.rule_uid = UID_MAX;
120 	hdr.rule_pid = (pid_t)-1;
121 
122 	switch (mi->mi_di) {
123 	default:
124 	case PFIL_IN|PFIL_OUT:
125 		hdr.dir = 0;
126 		break;
127 	case PFIL_IN:
128 		hdr.dir = 1;
129 		break;
130 	case PFIL_OUT:
131 		hdr.dir = 2;
132 		break;
133 	}
134 
135 	KERNEL_LOCK(1, NULL);
136 
137 	/* Find a pseudo-interface to log. */
138 	ifp = if_get_byindex(log->if_idx, &psref);
139 	if (ifp == NULL) {
140 		/* No interface. */
141 		KERNEL_UNLOCK_ONE(NULL);
142 		return true;
143 	}
144 
145 	/* Pass through BPF. */
146 	ifp->if_opackets++;
147 	ifp->if_obytes += m->m_pkthdr.len;
148 	if (ifp->if_bpf)
149 		bpf_mtap2(ifp->if_bpf, &hdr, NPFLOG_HDRLEN, m);
150 	if_put(ifp, &psref);
151 
152 	KERNEL_UNLOCK_ONE(NULL);
153 
154 	return true;
155 }
156 
157 /*
158  * Module interface.
159  */
160 static int
161 npf_ext_log_modcmd(modcmd_t cmd, void *arg)
162 {
163 	static const npf_ext_ops_t npf_log_ops = {
164 		.version	= NPFEXT_LOG_VER,
165 		.ctx		= NULL,
166 		.ctor		= npf_log_ctor,
167 		.dtor		= npf_log_dtor,
168 		.proc		= npf_log
169 	};
170 	npf_t *npf = npf_getkernctx();
171 	int error;
172 
173 	switch (cmd) {
174 	case MODULE_CMD_INIT:
175 		/*
176 		 * Initialise the NPF logging extension.
177 		 */
178 		npf_ext_log_id = npf_ext_register(npf, "log", &npf_log_ops);
179 		if (!npf_ext_log_id) {
180 			return EEXIST;
181 		}
182 		break;
183 
184 	case MODULE_CMD_FINI:
185 		error = npf_ext_unregister(npf, npf_ext_log_id);
186 		if (error) {
187 			return error;
188 		}
189 		break;
190 
191 	case MODULE_CMD_AUTOUNLOAD:
192 		/* Allow auto-unload only if NPF permits it. */
193 		return npf_autounload_p() ? 0 : EBUSY;
194 
195 	default:
196 		return ENOTTY;
197 	}
198 	return 0;
199 }
200