xref: /netbsd-src/sys/net/npf/npf_if.c (revision 946379e7b37692fc43f68eb0d1c10daa0a7f3b6c) 
1 /*	$NetBSD: npf_if.c,v 1.5 2015/07/12 23:51:53 rmind Exp $	*/
2 
3 /*-
4  * Copyright (c) 2013 The NetBSD Foundation, Inc.
5  * All rights reserved.
6  *
7  * This code is derived from software contributed to The NetBSD Foundation
8  * by Mindaugas Rasiukevicius.
9  *
10  * Redistribution and use in source and binary forms, with or without
11  * modification, are permitted provided that the following conditions
12  * are met:
13  * 1. Redistributions of source code must retain the above copyright
14  *    notice, this list of conditions and the following disclaimer.
15  * 2. Redistributions in binary form must reproduce the above copyright
16  *    notice, this list of conditions and the following disclaimer in the
17  *    documentation and/or other materials provided with the distribution.
18  *
19  * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
20  * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
21  * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
22  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
23  * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
24  * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
25  * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
26  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
27  * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
28  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
29  * POSSIBILITY OF SUCH DAMAGE.
30  */
31 
32 /*
33  * NPF network interface handling module.
34  *
35  * NPF uses its own interface IDs (npf-if-id).  When NPF configuration is
36  * (re)loaded, each required interface name is registered and a matching
37  * network interface gets an ID assigned.  If an interface is not present,
38  * it gets an ID on attach.
39  *
40  * IDs start from 1.  Zero is reserved to indicate "no interface" case or
41  * an interface of no interest (i.e. not registered).
42  *
43  * The IDs are mapped synchronously based on interface events which are
44  * monitored using pfil(9) hooks.
45  */
46 
47 #include <sys/cdefs.h>
48 __KERNEL_RCSID(0, "$NetBSD: npf_if.c,v 1.5 2015/07/12 23:51:53 rmind Exp $");
49 
50 #ifdef _KERNEL_OPT
51 #include "pf.h"
52 #if NPF > 0
53 #error "NPF and PF are mutually exclusive; please select one"
54 #endif
55 #endif
56 
57 #include <sys/param.h>
58 #include <sys/types.h>
59 #include <sys/kmem.h>
60 
61 #include <net/if.h>
62 
63 #include "npf_impl.h"
64 
65 typedef struct {
66 	char		n_ifname[IFNAMSIZ];
67 } npf_ifmap_t;
68 
69 static npf_ifmap_t	npf_ifmap[NPF_MAX_IFMAP]	__read_mostly;
70 static u_int		npf_ifmap_cnt			__read_mostly;
71 
72 static u_int
73 npf_ifmap_new(void)
74 {
75 	KASSERT(npf_config_locked_p());
76 
77 	for (u_int i = 0; i < npf_ifmap_cnt; i++)
78 		if (npf_ifmap[i].n_ifname[0] == '\0')
79 			return i + 1;
80 
81 	if (npf_ifmap_cnt == NPF_MAX_IFMAP) {
82 		printf("npf_ifmap_new: out of slots; bump NPF_MAX_IFMAP\n");
83 		return 0;
84 	}
85 	return ++npf_ifmap_cnt;
86 }
87 
88 static u_int
89 npf_ifmap_lookup(const char *ifname)
90 {
91 	KASSERT(npf_config_locked_p());
92 
93 	for (u_int i = 0; i < npf_ifmap_cnt; i++) {
94 		npf_ifmap_t *nim = &npf_ifmap[i];
95 
96 		if (nim->n_ifname[0] && strcmp(nim->n_ifname, ifname) == 0)
97 			return i + 1;
98 	}
99 	return 0;
100 }
101 
102 u_int
103 npf_ifmap_register(const char *ifname)
104 {
105 	npf_ifmap_t *nim;
106 	ifnet_t *ifp;
107 	u_int i;
108 
109 	npf_config_enter();
110 	if ((i = npf_ifmap_lookup(ifname)) != 0) {
111 		goto out;
112 	}
113 	if ((i = npf_ifmap_new()) == 0) {
114 		goto out;
115 	}
116 	nim = &npf_ifmap[i - 1];
117 	strlcpy(nim->n_ifname, ifname, IFNAMSIZ);
118 
119 	KERNEL_LOCK(1, NULL);
120 	if ((ifp = ifunit(ifname)) != NULL) {
121 		ifp->if_pf_kif = (void *)(uintptr_t)i;
122 	}
123 	KERNEL_UNLOCK_ONE(NULL);
124 out:
125 	npf_config_exit();
126 	return i;
127 }
128 
129 void
130 npf_ifmap_flush(void)
131 {
132 	ifnet_t *ifp;
133 
134 	KASSERT(npf_config_locked_p());
135 
136 	for (u_int i = 0; i < npf_ifmap_cnt; i++) {
137 		npf_ifmap[i].n_ifname[0] = '\0';
138 	}
139 	npf_ifmap_cnt = 0;
140 
141 	KERNEL_LOCK(1, NULL);
142 	IFNET_FOREACH(ifp) {
143 		ifp->if_pf_kif = (void *)(uintptr_t)0;
144 	}
145 	KERNEL_UNLOCK_ONE(NULL);
146 }
147 
148 u_int
149 npf_ifmap_getid(const ifnet_t *ifp)
150 {
151 	const u_int i = (uintptr_t)ifp->if_pf_kif;
152 	KASSERT(i <= npf_ifmap_cnt);
153 	return i;
154 }
155 
156 const char *
157 npf_ifmap_getname(const u_int id)
158 {
159 	const char *ifname;
160 
161 	KASSERT(npf_config_locked_p());
162 	KASSERT(id > 0 && id <= npf_ifmap_cnt);
163 
164 	ifname = npf_ifmap[id - 1].n_ifname;
165 	KASSERT(ifname[0] != '\0');
166 	return ifname;
167 }
168 
169 void
170 npf_ifmap_attach(ifnet_t *ifp)
171 {
172 	npf_config_enter();
173 	ifp->if_pf_kif = (void *)(uintptr_t)npf_ifmap_lookup(ifp->if_xname);
174 	npf_config_exit();
175 }
176 
177 void
178 npf_ifmap_detach(ifnet_t *ifp)
179 {
180 	/* Diagnostic. */
181 	npf_config_enter();
182 	ifp->if_pf_kif = (void *)(uintptr_t)0;
183 	npf_config_exit();
184 }
185