xref: /titanic_51/usr/src/uts/common/io/pfmod.c (revision 605445d5657096e69d948ccb554c9ff024fa34df)
17c478bd9Sstevel@tonic-gate /*
27c478bd9Sstevel@tonic-gate  * CDDL HEADER START
37c478bd9Sstevel@tonic-gate  *
47c478bd9Sstevel@tonic-gate  * The contents of this file are subject to the terms of the
5*605445d5Sdg199075  * Common Development and Distribution License (the "License").
6*605445d5Sdg199075  * You may not use this file except in compliance with the License.
77c478bd9Sstevel@tonic-gate  *
87c478bd9Sstevel@tonic-gate  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
97c478bd9Sstevel@tonic-gate  * or http://www.opensolaris.org/os/licensing.
107c478bd9Sstevel@tonic-gate  * See the License for the specific language governing permissions
117c478bd9Sstevel@tonic-gate  * and limitations under the License.
127c478bd9Sstevel@tonic-gate  *
137c478bd9Sstevel@tonic-gate  * When distributing Covered Code, include this CDDL HEADER in each
147c478bd9Sstevel@tonic-gate  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
157c478bd9Sstevel@tonic-gate  * If applicable, add the following below this CDDL HEADER, with the
167c478bd9Sstevel@tonic-gate  * fields enclosed by brackets "[]" replaced with your own identifying
177c478bd9Sstevel@tonic-gate  * information: Portions Copyright [yyyy] [name of copyright owner]
187c478bd9Sstevel@tonic-gate  *
197c478bd9Sstevel@tonic-gate  * CDDL HEADER END
207c478bd9Sstevel@tonic-gate  */
217c478bd9Sstevel@tonic-gate /*
22*605445d5Sdg199075  * Copyright 2006 Sun Microsystems, Inc.  All rights reserved.
237c478bd9Sstevel@tonic-gate  * Use is subject to license terms.
247c478bd9Sstevel@tonic-gate  */
257c478bd9Sstevel@tonic-gate 
267c478bd9Sstevel@tonic-gate #pragma ident	"%Z%%M%	%I%	%E% SMI"
277c478bd9Sstevel@tonic-gate 
287c478bd9Sstevel@tonic-gate /*
297c478bd9Sstevel@tonic-gate  * STREAMS Packet Filter Module
307c478bd9Sstevel@tonic-gate  *
317c478bd9Sstevel@tonic-gate  * This module applies a filter to messages arriving on its read
327c478bd9Sstevel@tonic-gate  * queue, passing on messages that the filter accepts adn discarding
337c478bd9Sstevel@tonic-gate  * the others.  It supports ioctls for setting the filter.
347c478bd9Sstevel@tonic-gate  *
357c478bd9Sstevel@tonic-gate  * On the write side, the module simply passes everything through
367c478bd9Sstevel@tonic-gate  * unchanged.
377c478bd9Sstevel@tonic-gate  *
387c478bd9Sstevel@tonic-gate  * Based on SunOS 4.x version.  This version has minor changes:
397c478bd9Sstevel@tonic-gate  *	- general SVR4 porting stuff
407c478bd9Sstevel@tonic-gate  * 	- change name and prefixes from "nit" buffer to streams buffer
417c478bd9Sstevel@tonic-gate  *	- multithreading assumes configured as D_MTQPAIR
427c478bd9Sstevel@tonic-gate  */
437c478bd9Sstevel@tonic-gate 
447c478bd9Sstevel@tonic-gate #include <sys/types.h>
457c478bd9Sstevel@tonic-gate #include <sys/sysmacros.h>
467c478bd9Sstevel@tonic-gate #include <sys/errno.h>
477c478bd9Sstevel@tonic-gate #include <sys/debug.h>
487c478bd9Sstevel@tonic-gate #include <sys/time.h>
497c478bd9Sstevel@tonic-gate #include <sys/stropts.h>
507c478bd9Sstevel@tonic-gate #include <sys/stream.h>
517c478bd9Sstevel@tonic-gate #include <sys/conf.h>
527c478bd9Sstevel@tonic-gate #include <sys/ddi.h>
537c478bd9Sstevel@tonic-gate #include <sys/sunddi.h>
547c478bd9Sstevel@tonic-gate #include <sys/kmem.h>
557c478bd9Sstevel@tonic-gate #include <sys/strsun.h>
567c478bd9Sstevel@tonic-gate #include <sys/pfmod.h>
577c478bd9Sstevel@tonic-gate #include <sys/modctl.h>
587c478bd9Sstevel@tonic-gate 
597c478bd9Sstevel@tonic-gate /*
607c478bd9Sstevel@tonic-gate  * Expanded version of the Packetfilt structure that includes
617c478bd9Sstevel@tonic-gate  * some additional fields that aid filter execution efficiency.
627c478bd9Sstevel@tonic-gate  */
637c478bd9Sstevel@tonic-gate struct epacketfilt {
647c478bd9Sstevel@tonic-gate 	struct Pf_ext_packetfilt	pf;
657c478bd9Sstevel@tonic-gate #define	pf_Priority	pf.Pf_Priority
667c478bd9Sstevel@tonic-gate #define	pf_FilterLen	pf.Pf_FilterLen
677c478bd9Sstevel@tonic-gate #define	pf_Filter	pf.Pf_Filter
687c478bd9Sstevel@tonic-gate 	/* pointer to word immediately past end of filter */
697c478bd9Sstevel@tonic-gate 	ushort_t		*pf_FilterEnd;
707c478bd9Sstevel@tonic-gate 	/* length in bytes of packet prefix the filter examines */
717c478bd9Sstevel@tonic-gate 	ushort_t		pf_PByteLen;
727c478bd9Sstevel@tonic-gate };
737c478bd9Sstevel@tonic-gate 
747c478bd9Sstevel@tonic-gate /*
757c478bd9Sstevel@tonic-gate  * (Internal) packet descriptor for FilterPacket
767c478bd9Sstevel@tonic-gate  */
777c478bd9Sstevel@tonic-gate struct packdesc {
787c478bd9Sstevel@tonic-gate 	ushort_t	*pd_hdr;	/* header starting address */
797c478bd9Sstevel@tonic-gate 	uint_t		pd_hdrlen;	/* header length in shorts */
807c478bd9Sstevel@tonic-gate 	ushort_t	*pd_body;	/* body starting address */
817c478bd9Sstevel@tonic-gate 	uint_t		pd_bodylen;	/* body length in shorts */
827c478bd9Sstevel@tonic-gate };
837c478bd9Sstevel@tonic-gate 
847c478bd9Sstevel@tonic-gate 
857c478bd9Sstevel@tonic-gate /*
867c478bd9Sstevel@tonic-gate  * Function prototypes.
877c478bd9Sstevel@tonic-gate  */
887c478bd9Sstevel@tonic-gate static	int	pfopen(queue_t *, dev_t *, int, int, cred_t *);
897c478bd9Sstevel@tonic-gate static	int	pfclose(queue_t *);
907c478bd9Sstevel@tonic-gate static void	pfioctl(queue_t *wq, mblk_t *mp);
917c478bd9Sstevel@tonic-gate static	int	FilterPacket(struct packdesc *, struct epacketfilt *);
927c478bd9Sstevel@tonic-gate /*
937c478bd9Sstevel@tonic-gate  * To save instructions, since STREAMS ignores the return value
947c478bd9Sstevel@tonic-gate  * from these functions, they are defined as void here. Kind of icky, but...
957c478bd9Sstevel@tonic-gate  */
967c478bd9Sstevel@tonic-gate static void	pfwput(queue_t *, mblk_t *);
977c478bd9Sstevel@tonic-gate static void	pfrput(queue_t *, mblk_t *);
987c478bd9Sstevel@tonic-gate 
997c478bd9Sstevel@tonic-gate static struct module_info pf_minfo = {
1007c478bd9Sstevel@tonic-gate 	22,		/* mi_idnum */
1017c478bd9Sstevel@tonic-gate 	"pfmod",	/* mi_idname */
1027c478bd9Sstevel@tonic-gate 	0,		/* mi_minpsz */
1037c478bd9Sstevel@tonic-gate 	INFPSZ,		/* mi_maxpsz */
1047c478bd9Sstevel@tonic-gate 	0,		/* mi_hiwat */
1057c478bd9Sstevel@tonic-gate 	0		/* mi_lowat */
1067c478bd9Sstevel@tonic-gate };
1077c478bd9Sstevel@tonic-gate 
1087c478bd9Sstevel@tonic-gate static struct qinit pf_rinit = {
1097c478bd9Sstevel@tonic-gate 	(int (*)())pfrput,	/* qi_putp */
1107c478bd9Sstevel@tonic-gate 	NULL,
1117c478bd9Sstevel@tonic-gate 	pfopen,			/* qi_qopen */
1127c478bd9Sstevel@tonic-gate 	pfclose,		/* qi_qclose */
1137c478bd9Sstevel@tonic-gate 	NULL,			/* qi_qadmin */
1147c478bd9Sstevel@tonic-gate 	&pf_minfo,		/* qi_minfo */
1157c478bd9Sstevel@tonic-gate 	NULL			/* qi_mstat */
1167c478bd9Sstevel@tonic-gate };
1177c478bd9Sstevel@tonic-gate 
1187c478bd9Sstevel@tonic-gate static struct qinit pf_winit = {
1197c478bd9Sstevel@tonic-gate 	(int (*)())pfwput,	/* qi_putp */
1207c478bd9Sstevel@tonic-gate 	NULL,			/* qi_srvp */
1217c478bd9Sstevel@tonic-gate 	NULL,			/* qi_qopen */
1227c478bd9Sstevel@tonic-gate 	NULL,			/* qi_qclose */
1237c478bd9Sstevel@tonic-gate 	NULL,			/* qi_qadmin */
1247c478bd9Sstevel@tonic-gate 	&pf_minfo,		/* qi_minfo */
1257c478bd9Sstevel@tonic-gate 	NULL			/* qi_mstat */
1267c478bd9Sstevel@tonic-gate };
1277c478bd9Sstevel@tonic-gate 
1287c478bd9Sstevel@tonic-gate static struct streamtab pf_info = {
1297c478bd9Sstevel@tonic-gate 	&pf_rinit,	/* st_rdinit */
1307c478bd9Sstevel@tonic-gate 	&pf_winit,	/* st_wrinit */
1317c478bd9Sstevel@tonic-gate 	NULL,		/* st_muxrinit */
1327c478bd9Sstevel@tonic-gate 	NULL		/* st_muxwinit */
1337c478bd9Sstevel@tonic-gate };
1347c478bd9Sstevel@tonic-gate 
1357c478bd9Sstevel@tonic-gate static struct fmodsw fsw = {
1367c478bd9Sstevel@tonic-gate 	"pfmod",
1377c478bd9Sstevel@tonic-gate 	&pf_info,
1387c478bd9Sstevel@tonic-gate 	D_MTQPAIR | D_MP
1397c478bd9Sstevel@tonic-gate };
1407c478bd9Sstevel@tonic-gate 
1417c478bd9Sstevel@tonic-gate static struct modlstrmod modlstrmod = {
1427c478bd9Sstevel@tonic-gate 	&mod_strmodops, "streams packet filter module", &fsw
1437c478bd9Sstevel@tonic-gate };
1447c478bd9Sstevel@tonic-gate 
1457c478bd9Sstevel@tonic-gate static struct modlinkage modlinkage = {
1467c478bd9Sstevel@tonic-gate 	MODREV_1, &modlstrmod, NULL
1477c478bd9Sstevel@tonic-gate };
1487c478bd9Sstevel@tonic-gate 
1497c478bd9Sstevel@tonic-gate int
1507c478bd9Sstevel@tonic-gate _init(void)
1517c478bd9Sstevel@tonic-gate {
1527c478bd9Sstevel@tonic-gate 	return (mod_install(&modlinkage));
1537c478bd9Sstevel@tonic-gate }
1547c478bd9Sstevel@tonic-gate 
1557c478bd9Sstevel@tonic-gate int
1567c478bd9Sstevel@tonic-gate _fini(void)
1577c478bd9Sstevel@tonic-gate {
1587c478bd9Sstevel@tonic-gate 	return (mod_remove(&modlinkage));
1597c478bd9Sstevel@tonic-gate }
1607c478bd9Sstevel@tonic-gate 
1617c478bd9Sstevel@tonic-gate int
1627c478bd9Sstevel@tonic-gate _info(struct modinfo *modinfop)
1637c478bd9Sstevel@tonic-gate {
1647c478bd9Sstevel@tonic-gate 	return (mod_info(&modlinkage, modinfop));
1657c478bd9Sstevel@tonic-gate }
1667c478bd9Sstevel@tonic-gate 
1677c478bd9Sstevel@tonic-gate /*ARGSUSED*/
1687c478bd9Sstevel@tonic-gate static int
1697c478bd9Sstevel@tonic-gate pfopen(queue_t *rq, dev_t *dev, int oflag, int sflag, cred_t *crp)
1707c478bd9Sstevel@tonic-gate {
1717c478bd9Sstevel@tonic-gate 	struct epacketfilt	*pfp;
1727c478bd9Sstevel@tonic-gate 
1737c478bd9Sstevel@tonic-gate 	ASSERT(rq);
1747c478bd9Sstevel@tonic-gate 
1757c478bd9Sstevel@tonic-gate 	if (sflag != MODOPEN)
1767c478bd9Sstevel@tonic-gate 		return (EINVAL);
1777c478bd9Sstevel@tonic-gate 
1787c478bd9Sstevel@tonic-gate 	if (rq->q_ptr)
1797c478bd9Sstevel@tonic-gate 		return (0);
1807c478bd9Sstevel@tonic-gate 
1817c478bd9Sstevel@tonic-gate 	/*
1827c478bd9Sstevel@tonic-gate 	 * Allocate and initialize per-Stream structure.
1837c478bd9Sstevel@tonic-gate 	 */
1847c478bd9Sstevel@tonic-gate 	pfp = kmem_alloc(sizeof (struct epacketfilt), KM_SLEEP);
1857c478bd9Sstevel@tonic-gate 	rq->q_ptr = WR(rq)->q_ptr = (char *)pfp;
1867c478bd9Sstevel@tonic-gate 
1877c478bd9Sstevel@tonic-gate 	qprocson(rq);
1887c478bd9Sstevel@tonic-gate 
1897c478bd9Sstevel@tonic-gate 	return (0);
1907c478bd9Sstevel@tonic-gate }
1917c478bd9Sstevel@tonic-gate 
1927c478bd9Sstevel@tonic-gate static int
1937c478bd9Sstevel@tonic-gate pfclose(queue_t	*rq)
1947c478bd9Sstevel@tonic-gate {
1957c478bd9Sstevel@tonic-gate 	struct	epacketfilt	*pfp = (struct epacketfilt *)rq->q_ptr;
1967c478bd9Sstevel@tonic-gate 
1977c478bd9Sstevel@tonic-gate 	ASSERT(pfp);
1987c478bd9Sstevel@tonic-gate 
1997c478bd9Sstevel@tonic-gate 	qprocsoff(rq);
2007c478bd9Sstevel@tonic-gate 
2017c478bd9Sstevel@tonic-gate 	kmem_free(pfp, sizeof (struct epacketfilt));
2027c478bd9Sstevel@tonic-gate 	rq->q_ptr = WR(rq)->q_ptr = NULL;
2037c478bd9Sstevel@tonic-gate 
2047c478bd9Sstevel@tonic-gate 	return (0);
2057c478bd9Sstevel@tonic-gate }
2067c478bd9Sstevel@tonic-gate 
2077c478bd9Sstevel@tonic-gate /*
2087c478bd9Sstevel@tonic-gate  * Write-side put procedure.  Its main task is to detect ioctls.
2097c478bd9Sstevel@tonic-gate  * Other message types are passed on through.
2107c478bd9Sstevel@tonic-gate  */
2117c478bd9Sstevel@tonic-gate static void
2127c478bd9Sstevel@tonic-gate pfwput(queue_t *wq, mblk_t *mp)
2137c478bd9Sstevel@tonic-gate {
2147c478bd9Sstevel@tonic-gate 	switch (mp->b_datap->db_type) {
2157c478bd9Sstevel@tonic-gate 	case M_IOCTL:
2167c478bd9Sstevel@tonic-gate 		pfioctl(wq, mp);
2177c478bd9Sstevel@tonic-gate 		break;
2187c478bd9Sstevel@tonic-gate 
2197c478bd9Sstevel@tonic-gate 	default:
2207c478bd9Sstevel@tonic-gate 		putnext(wq, mp);
2217c478bd9Sstevel@tonic-gate 		break;
2227c478bd9Sstevel@tonic-gate 	}
2237c478bd9Sstevel@tonic-gate }
2247c478bd9Sstevel@tonic-gate 
2257c478bd9Sstevel@tonic-gate /*
2267c478bd9Sstevel@tonic-gate  * Read-side put procedure.  It's responsible for applying the
2277c478bd9Sstevel@tonic-gate  * packet filter and passing upstream message on or discarding it
2287c478bd9Sstevel@tonic-gate  * depending upon the results.
2297c478bd9Sstevel@tonic-gate  *
2307c478bd9Sstevel@tonic-gate  * Upstream messages can start with zero or more M_PROTO mblks
2317c478bd9Sstevel@tonic-gate  * which are skipped over before executing the packet filter
2327c478bd9Sstevel@tonic-gate  * on any remaining M_DATA mblks.
2337c478bd9Sstevel@tonic-gate  */
2347c478bd9Sstevel@tonic-gate static void
2357c478bd9Sstevel@tonic-gate pfrput(queue_t *rq, mblk_t *mp)
2367c478bd9Sstevel@tonic-gate {
2377c478bd9Sstevel@tonic-gate 	struct	epacketfilt	*pfp = (struct epacketfilt *)rq->q_ptr;
2387c478bd9Sstevel@tonic-gate 	mblk_t	*mbp, *mpp;
2397c478bd9Sstevel@tonic-gate 	struct	packdesc	pd;
2407c478bd9Sstevel@tonic-gate 	int	need;
2417c478bd9Sstevel@tonic-gate 
2427c478bd9Sstevel@tonic-gate 	ASSERT(pfp);
2437c478bd9Sstevel@tonic-gate 
2447c478bd9Sstevel@tonic-gate 	switch (DB_TYPE(mp)) {
2457c478bd9Sstevel@tonic-gate 	case M_PROTO:
2467c478bd9Sstevel@tonic-gate 	case M_DATA:
2477c478bd9Sstevel@tonic-gate 		/*
2487c478bd9Sstevel@tonic-gate 		 * Skip over protocol information and find the start
2497c478bd9Sstevel@tonic-gate 		 * of the message body, saving the overall message
2507c478bd9Sstevel@tonic-gate 		 * start in mpp.
2517c478bd9Sstevel@tonic-gate 		 */
2527c478bd9Sstevel@tonic-gate 		for (mpp = mp; mp && (DB_TYPE(mp) == M_PROTO); mp = mp->b_cont)
2537c478bd9Sstevel@tonic-gate 			;
2547c478bd9Sstevel@tonic-gate 
2557c478bd9Sstevel@tonic-gate 		/*
2567c478bd9Sstevel@tonic-gate 		 * Null body (exclusive of M_PROTO blocks) ==> accept.
2577c478bd9Sstevel@tonic-gate 		 * Note that a null body is not the same as an empty body.
2587c478bd9Sstevel@tonic-gate 		 */
2597c478bd9Sstevel@tonic-gate 		if (mp == NULL) {
2607c478bd9Sstevel@tonic-gate 			putnext(rq, mpp);
2617c478bd9Sstevel@tonic-gate 			break;
2627c478bd9Sstevel@tonic-gate 		}
2637c478bd9Sstevel@tonic-gate 
2647c478bd9Sstevel@tonic-gate 		/*
2657c478bd9Sstevel@tonic-gate 		 * Pull the packet up to the length required by
2667c478bd9Sstevel@tonic-gate 		 * the filter.  Note that doing so destroys sharing
2677c478bd9Sstevel@tonic-gate 		 * relationships, which is unfortunate, since the
2687c478bd9Sstevel@tonic-gate 		 * results of pulling up here are likely to be useful
2697c478bd9Sstevel@tonic-gate 		 * for shared messages applied to a filter on a sibling
2707c478bd9Sstevel@tonic-gate 		 * stream.
2717c478bd9Sstevel@tonic-gate 		 *
2727c478bd9Sstevel@tonic-gate 		 * Most packet sources will provide the packet in two
2737c478bd9Sstevel@tonic-gate 		 * logical pieces: an initial header in a single mblk,
2747c478bd9Sstevel@tonic-gate 		 * and a body in a sequence of mblks hooked to the
2757c478bd9Sstevel@tonic-gate 		 * header.  We're prepared to deal with variant forms,
2767c478bd9Sstevel@tonic-gate 		 * but in any case, the pullup applies only to the body
2777c478bd9Sstevel@tonic-gate 		 * part.
2787c478bd9Sstevel@tonic-gate 		 */
2797c478bd9Sstevel@tonic-gate 		mbp = mp->b_cont;
2807c478bd9Sstevel@tonic-gate 		need = pfp->pf_PByteLen;
2817c478bd9Sstevel@tonic-gate 		if (mbp && (MBLKL(mbp) < need)) {
2827c478bd9Sstevel@tonic-gate 			int len = msgdsize(mbp);
2837c478bd9Sstevel@tonic-gate 
2847c478bd9Sstevel@tonic-gate 			/* XXX discard silently on pullupmsg failure */
2857c478bd9Sstevel@tonic-gate 			if (pullupmsg(mbp, MIN(need, len)) == 0) {
2867c478bd9Sstevel@tonic-gate 				freemsg(mpp);
2877c478bd9Sstevel@tonic-gate 				break;
2887c478bd9Sstevel@tonic-gate 			}
2897c478bd9Sstevel@tonic-gate 		}
2907c478bd9Sstevel@tonic-gate 
2917c478bd9Sstevel@tonic-gate 		/*
2927c478bd9Sstevel@tonic-gate 		 * Misalignment (not on short boundary) ==> reject.
2937c478bd9Sstevel@tonic-gate 		 */
2947c478bd9Sstevel@tonic-gate 		if (((uintptr_t)mp->b_rptr & (sizeof (ushort_t) - 1)) ||
2957c478bd9Sstevel@tonic-gate 		    (mbp != NULL &&
2967c478bd9Sstevel@tonic-gate 		    ((uintptr_t)mbp->b_rptr & (sizeof (ushort_t) - 1)))) {
2977c478bd9Sstevel@tonic-gate 			freemsg(mpp);
2987c478bd9Sstevel@tonic-gate 			break;
2997c478bd9Sstevel@tonic-gate 		}
3007c478bd9Sstevel@tonic-gate 
3017c478bd9Sstevel@tonic-gate 		/*
3027c478bd9Sstevel@tonic-gate 		 * These assignments are distasteful, but necessary,
3037c478bd9Sstevel@tonic-gate 		 * since the packet filter wants to work in terms of
3047c478bd9Sstevel@tonic-gate 		 * shorts.  Odd bytes at the end of header or data can't
3057c478bd9Sstevel@tonic-gate 		 * participate in the filtering operation.
3067c478bd9Sstevel@tonic-gate 		 */
3077c478bd9Sstevel@tonic-gate 		pd.pd_hdr = (ushort_t *)mp->b_rptr;
3087c478bd9Sstevel@tonic-gate 		pd.pd_hdrlen = (mp->b_wptr - mp->b_rptr) / sizeof (ushort_t);
3097c478bd9Sstevel@tonic-gate 		if (mbp) {
3107c478bd9Sstevel@tonic-gate 			pd.pd_body = (ushort_t *)mbp->b_rptr;
3117c478bd9Sstevel@tonic-gate 			pd.pd_bodylen = (mbp->b_wptr - mbp->b_rptr) /
3127c478bd9Sstevel@tonic-gate 							sizeof (ushort_t);
3137c478bd9Sstevel@tonic-gate 		} else {
3147c478bd9Sstevel@tonic-gate 			pd.pd_body = NULL;
3157c478bd9Sstevel@tonic-gate 			pd.pd_bodylen = 0;
3167c478bd9Sstevel@tonic-gate 		}
3177c478bd9Sstevel@tonic-gate 
3187c478bd9Sstevel@tonic-gate 		/*
3197c478bd9Sstevel@tonic-gate 		 * Apply the filter.
3207c478bd9Sstevel@tonic-gate 		 */
3217c478bd9Sstevel@tonic-gate 		if (FilterPacket(&pd, pfp))
3227c478bd9Sstevel@tonic-gate 			putnext(rq, mpp);
3237c478bd9Sstevel@tonic-gate 		else
3247c478bd9Sstevel@tonic-gate 			freemsg(mpp);
3257c478bd9Sstevel@tonic-gate 
3267c478bd9Sstevel@tonic-gate 		break;
3277c478bd9Sstevel@tonic-gate 
3287c478bd9Sstevel@tonic-gate 	default:
3297c478bd9Sstevel@tonic-gate 		putnext(rq, mp);
3307c478bd9Sstevel@tonic-gate 		break;
3317c478bd9Sstevel@tonic-gate 	}
3327c478bd9Sstevel@tonic-gate 
3337c478bd9Sstevel@tonic-gate }
3347c478bd9Sstevel@tonic-gate 
3357c478bd9Sstevel@tonic-gate /*
3367c478bd9Sstevel@tonic-gate  * Handle write-side M_IOCTL messages.
3377c478bd9Sstevel@tonic-gate  */
3387c478bd9Sstevel@tonic-gate static void
3397c478bd9Sstevel@tonic-gate pfioctl(queue_t *wq, mblk_t *mp)
3407c478bd9Sstevel@tonic-gate {
3417c478bd9Sstevel@tonic-gate 	struct	epacketfilt	*pfp = (struct epacketfilt *)wq->q_ptr;
3427c478bd9Sstevel@tonic-gate 	struct	Pf_ext_packetfilt	*upfp;
3437c478bd9Sstevel@tonic-gate 	struct	packetfilt	*opfp;
3447c478bd9Sstevel@tonic-gate 	ushort_t	*fwp;
345*605445d5Sdg199075 	int	arg;
346*605445d5Sdg199075 	int	maxoff = 0;
347*605445d5Sdg199075 	int	maxoffreg = 0;
3487c478bd9Sstevel@tonic-gate 	struct iocblk	*iocp = (struct iocblk *)mp->b_rptr;
3497c478bd9Sstevel@tonic-gate 	int	error;
3507c478bd9Sstevel@tonic-gate 
3517c478bd9Sstevel@tonic-gate 	switch (iocp->ioc_cmd) {
3527c478bd9Sstevel@tonic-gate 	case PFIOCSETF:
3537c478bd9Sstevel@tonic-gate 		/*
3547c478bd9Sstevel@tonic-gate 		 * Verify argument length. Since the size of packet filter
3557c478bd9Sstevel@tonic-gate 		 * got increased (ENMAXFILTERS was bumped up to 2047), to
3567c478bd9Sstevel@tonic-gate 		 * maintain backwards binary compatibility, we need to
3577c478bd9Sstevel@tonic-gate 		 * check for both possible sizes.
3587c478bd9Sstevel@tonic-gate 		 */
3597c478bd9Sstevel@tonic-gate 		switch (iocp->ioc_count) {
3607c478bd9Sstevel@tonic-gate 		case sizeof (struct Pf_ext_packetfilt):
3617c478bd9Sstevel@tonic-gate 			error = miocpullup(mp,
3627c478bd9Sstevel@tonic-gate 			    sizeof (struct Pf_ext_packetfilt));
3637c478bd9Sstevel@tonic-gate 			if (error != 0) {
3647c478bd9Sstevel@tonic-gate 				miocnak(wq, mp, 0, error);
3657c478bd9Sstevel@tonic-gate 				return;
3667c478bd9Sstevel@tonic-gate 			}
3677c478bd9Sstevel@tonic-gate 			upfp = (struct Pf_ext_packetfilt *)mp->b_cont->b_rptr;
3687c478bd9Sstevel@tonic-gate 			if (upfp->Pf_FilterLen > PF_MAXFILTERS) {
3697c478bd9Sstevel@tonic-gate 				miocnak(wq, mp, 0, EINVAL);
3707c478bd9Sstevel@tonic-gate 				return;
3717c478bd9Sstevel@tonic-gate 			}
3727c478bd9Sstevel@tonic-gate 
3737c478bd9Sstevel@tonic-gate 			bcopy(upfp, pfp, sizeof (struct Pf_ext_packetfilt));
3747c478bd9Sstevel@tonic-gate 			pfp->pf_FilterEnd = &pfp->pf_Filter[pfp->pf_FilterLen];
3757c478bd9Sstevel@tonic-gate 			break;
3767c478bd9Sstevel@tonic-gate 
3777c478bd9Sstevel@tonic-gate 		case sizeof (struct packetfilt):
3787c478bd9Sstevel@tonic-gate 			error = miocpullup(mp, sizeof (struct packetfilt));
3797c478bd9Sstevel@tonic-gate 			if (error != 0) {
3807c478bd9Sstevel@tonic-gate 				miocnak(wq, mp, 0, error);
3817c478bd9Sstevel@tonic-gate 				return;
3827c478bd9Sstevel@tonic-gate 			}
3837c478bd9Sstevel@tonic-gate 			opfp = (struct packetfilt *)mp->b_cont->b_rptr;
3847c478bd9Sstevel@tonic-gate 			/* this strange comparison keeps gcc from complaining */
3857c478bd9Sstevel@tonic-gate 			if (opfp->Pf_FilterLen - 1 >= ENMAXFILTERS) {
3867c478bd9Sstevel@tonic-gate 				miocnak(wq, mp, 0, EINVAL);
3877c478bd9Sstevel@tonic-gate 				return;
3887c478bd9Sstevel@tonic-gate 			}
3897c478bd9Sstevel@tonic-gate 
3907c478bd9Sstevel@tonic-gate 			pfp->pf.Pf_Priority = opfp->Pf_Priority;
3917c478bd9Sstevel@tonic-gate 			pfp->pf.Pf_FilterLen = (unsigned int)opfp->Pf_FilterLen;
3927c478bd9Sstevel@tonic-gate 
3937c478bd9Sstevel@tonic-gate 			bcopy(opfp->Pf_Filter, pfp->pf.Pf_Filter,
3947c478bd9Sstevel@tonic-gate 			    sizeof (opfp->Pf_Filter));
3957c478bd9Sstevel@tonic-gate 			pfp->pf_FilterEnd = &pfp->pf_Filter[pfp->pf_FilterLen];
3967c478bd9Sstevel@tonic-gate 			break;
3977c478bd9Sstevel@tonic-gate 
3987c478bd9Sstevel@tonic-gate 		default:
3997c478bd9Sstevel@tonic-gate 			miocnak(wq, mp, 0, EINVAL);
4007c478bd9Sstevel@tonic-gate 			return;
4017c478bd9Sstevel@tonic-gate 		}
4027c478bd9Sstevel@tonic-gate 
4037c478bd9Sstevel@tonic-gate 		/*
4047c478bd9Sstevel@tonic-gate 		 * Find and record maximum byte offset that the
4057c478bd9Sstevel@tonic-gate 		 * filter users.  We use this when executing the
4067c478bd9Sstevel@tonic-gate 		 * filter to determine how much of the packet
4077c478bd9Sstevel@tonic-gate 		 * body to pull up.  This code depends on the
4087c478bd9Sstevel@tonic-gate 		 * filter encoding.
4097c478bd9Sstevel@tonic-gate 		 */
4107c478bd9Sstevel@tonic-gate 		for (fwp = pfp->pf_Filter; fwp < pfp->pf_FilterEnd; fwp++) {
4117c478bd9Sstevel@tonic-gate 			arg = *fwp & ((1 << ENF_NBPA) - 1);
4127c478bd9Sstevel@tonic-gate 			switch (arg) {
4137c478bd9Sstevel@tonic-gate 			default:
4147c478bd9Sstevel@tonic-gate 				if ((arg -= ENF_PUSHWORD) > maxoff)
4157c478bd9Sstevel@tonic-gate 					maxoff = arg;
4167c478bd9Sstevel@tonic-gate 				break;
4177c478bd9Sstevel@tonic-gate 
418*605445d5Sdg199075 			case ENF_LOAD_OFFSET:
419*605445d5Sdg199075 				/* Point to the offset */
420*605445d5Sdg199075 				fwp++;
421*605445d5Sdg199075 				if (*fwp > maxoffreg)
422*605445d5Sdg199075 					maxoffreg = *fwp;
423*605445d5Sdg199075 				break;
424*605445d5Sdg199075 
4257c478bd9Sstevel@tonic-gate 			case ENF_PUSHLIT:
426*605445d5Sdg199075 			case ENF_BRTR:
427*605445d5Sdg199075 			case ENF_BRFL:
4287c478bd9Sstevel@tonic-gate 				/* Skip over the literal. */
4297c478bd9Sstevel@tonic-gate 				fwp++;
4307c478bd9Sstevel@tonic-gate 				break;
4317c478bd9Sstevel@tonic-gate 
4327c478bd9Sstevel@tonic-gate 			case ENF_PUSHZERO:
4337c478bd9Sstevel@tonic-gate 			case ENF_PUSHONE:
4347c478bd9Sstevel@tonic-gate 			case ENF_PUSHFFFF:
4357c478bd9Sstevel@tonic-gate 			case ENF_PUSHFF00:
4367c478bd9Sstevel@tonic-gate 			case ENF_PUSH00FF:
4377c478bd9Sstevel@tonic-gate 			case ENF_NOPUSH:
438*605445d5Sdg199075 			case ENF_POP:
4397c478bd9Sstevel@tonic-gate 				break;
4407c478bd9Sstevel@tonic-gate 			}
4417c478bd9Sstevel@tonic-gate 		}
4427c478bd9Sstevel@tonic-gate 
4437c478bd9Sstevel@tonic-gate 		/*
4447c478bd9Sstevel@tonic-gate 		 * Convert word offset to length in bytes.
4457c478bd9Sstevel@tonic-gate 		 */
446*605445d5Sdg199075 		pfp->pf_PByteLen = (maxoff + maxoffreg + 1) * sizeof (ushort_t);
4477c478bd9Sstevel@tonic-gate 		miocack(wq, mp, 0, 0);
4487c478bd9Sstevel@tonic-gate 		break;
4497c478bd9Sstevel@tonic-gate 
4507c478bd9Sstevel@tonic-gate 	default:
4517c478bd9Sstevel@tonic-gate 		putnext(wq, mp);
4527c478bd9Sstevel@tonic-gate 		break;
4537c478bd9Sstevel@tonic-gate 	}
4547c478bd9Sstevel@tonic-gate }
4557c478bd9Sstevel@tonic-gate 
4567c478bd9Sstevel@tonic-gate /* #define	DEBUG	1 */
4577c478bd9Sstevel@tonic-gate /* #define	INNERDEBUG	1 */
4587c478bd9Sstevel@tonic-gate 
4597c478bd9Sstevel@tonic-gate #ifdef	INNERDEBUG
460*605445d5Sdg199075 #define	enprintf(a)	printf a
461*605445d5Sdg199075 #else
462*605445d5Sdg199075 #define	enprintf(a)
463*605445d5Sdg199075 #endif
4647c478bd9Sstevel@tonic-gate 
4657c478bd9Sstevel@tonic-gate /*
4667c478bd9Sstevel@tonic-gate  * Apply the packet filter given by pfp to the packet given by
4677c478bd9Sstevel@tonic-gate  * pp.  Return nonzero iff the filter accepts the packet.
4687c478bd9Sstevel@tonic-gate  *
4697c478bd9Sstevel@tonic-gate  * The packet comes in two pieces, a header and a body, since
4707c478bd9Sstevel@tonic-gate  * that's the most convenient form for our caller.  The header
4717c478bd9Sstevel@tonic-gate  * is in contiguous memory, whereas the body is in a mbuf.
4727c478bd9Sstevel@tonic-gate  * Our caller will have adjusted the mbuf chain so that its first
4737c478bd9Sstevel@tonic-gate  * min(MLEN, length(body)) bytes are guaranteed contiguous.  For
4747c478bd9Sstevel@tonic-gate  * the sake of efficiency (and some laziness) the filter is prepared
4757c478bd9Sstevel@tonic-gate  * to examine only these two contiguous pieces.  Furthermore, it
4767c478bd9Sstevel@tonic-gate  * assumes that the header length is even, so that there's no need
4777c478bd9Sstevel@tonic-gate  * to glue the last byte of header to the first byte of data.
4787c478bd9Sstevel@tonic-gate  */
4797c478bd9Sstevel@tonic-gate 
4807c478bd9Sstevel@tonic-gate #define	opx(i)	((i) >> ENF_NBPA)
4817c478bd9Sstevel@tonic-gate 
4827c478bd9Sstevel@tonic-gate static int
4837c478bd9Sstevel@tonic-gate FilterPacket(struct packdesc *pp, struct epacketfilt *pfp)
4847c478bd9Sstevel@tonic-gate {
4857c478bd9Sstevel@tonic-gate 	int		maxhdr = pp->pd_hdrlen;
4867c478bd9Sstevel@tonic-gate 	int		maxword = maxhdr + pp->pd_bodylen;
4877c478bd9Sstevel@tonic-gate 	ushort_t	*sp;
4887c478bd9Sstevel@tonic-gate 	ushort_t	*fp;
4897c478bd9Sstevel@tonic-gate 	ushort_t	*fpe;
4907c478bd9Sstevel@tonic-gate 	unsigned	op;
4917c478bd9Sstevel@tonic-gate 	unsigned	arg;
492*605445d5Sdg199075 	unsigned	offreg = 0;
4937c478bd9Sstevel@tonic-gate 	ushort_t	stack[ENMAXFILTERS+1];
4947c478bd9Sstevel@tonic-gate 
4957c478bd9Sstevel@tonic-gate 	fp = &pfp->pf_Filter[0];
4967c478bd9Sstevel@tonic-gate 	fpe = pfp->pf_FilterEnd;
4977c478bd9Sstevel@tonic-gate 
498*605445d5Sdg199075 	enprintf(("FilterPacket(%p, %p, %p, %p):\n", pp, pfp, fp, fpe));
4997c478bd9Sstevel@tonic-gate 
5007c478bd9Sstevel@tonic-gate 	/*
5017c478bd9Sstevel@tonic-gate 	 * Push TRUE on stack to start.  The stack size is chosen such
5027c478bd9Sstevel@tonic-gate 	 * that overflow can't occur -- each operation can push at most
5037c478bd9Sstevel@tonic-gate 	 * one item on the stack, and the stack size equals the maximum
5047c478bd9Sstevel@tonic-gate 	 * program length.
5057c478bd9Sstevel@tonic-gate 	 */
5067c478bd9Sstevel@tonic-gate 	sp = &stack[ENMAXFILTERS];
5077c478bd9Sstevel@tonic-gate 	*sp = 1;
5087c478bd9Sstevel@tonic-gate 
5097c478bd9Sstevel@tonic-gate 	while (fp < fpe) {
5107c478bd9Sstevel@tonic-gate 	op = *fp >> ENF_NBPA;
5117c478bd9Sstevel@tonic-gate 	arg = *fp & ((1 << ENF_NBPA) - 1);
5127c478bd9Sstevel@tonic-gate 	fp++;
5137c478bd9Sstevel@tonic-gate 
5147c478bd9Sstevel@tonic-gate 	switch (arg) {
5157c478bd9Sstevel@tonic-gate 	default:
5167c478bd9Sstevel@tonic-gate 		arg -= ENF_PUSHWORD;
5177c478bd9Sstevel@tonic-gate 		/*
5187c478bd9Sstevel@tonic-gate 		 * Since arg is unsigned,
5197c478bd9Sstevel@tonic-gate 		 * if it were less than ENF_PUSHWORD before,
5207c478bd9Sstevel@tonic-gate 		 * it would now be huge.
5217c478bd9Sstevel@tonic-gate 		 */
522*605445d5Sdg199075 		if (arg + offreg < maxhdr)
523*605445d5Sdg199075 			*--sp = pp->pd_hdr[arg + offreg];
524*605445d5Sdg199075 		else if (arg + offreg < maxword)
525*605445d5Sdg199075 			*--sp = pp->pd_body[arg - maxhdr + offreg];
5267c478bd9Sstevel@tonic-gate 		else {
527*605445d5Sdg199075 			enprintf(("=>0(len)\n"));
5287c478bd9Sstevel@tonic-gate 			return (0);
5297c478bd9Sstevel@tonic-gate 		}
5307c478bd9Sstevel@tonic-gate 		break;
5317c478bd9Sstevel@tonic-gate 	case ENF_PUSHLIT:
5327c478bd9Sstevel@tonic-gate 		*--sp = *fp++;
5337c478bd9Sstevel@tonic-gate 		break;
5347c478bd9Sstevel@tonic-gate 	case ENF_PUSHZERO:
5357c478bd9Sstevel@tonic-gate 		*--sp = 0;
5367c478bd9Sstevel@tonic-gate 		break;
5377c478bd9Sstevel@tonic-gate 	case ENF_PUSHONE:
5387c478bd9Sstevel@tonic-gate 		*--sp = 1;
5397c478bd9Sstevel@tonic-gate 		break;
5407c478bd9Sstevel@tonic-gate 	case ENF_PUSHFFFF:
5417c478bd9Sstevel@tonic-gate 		*--sp = 0xffff;
5427c478bd9Sstevel@tonic-gate 		break;
5437c478bd9Sstevel@tonic-gate 	case ENF_PUSHFF00:
5447c478bd9Sstevel@tonic-gate 		*--sp = 0xff00;
5457c478bd9Sstevel@tonic-gate 		break;
5467c478bd9Sstevel@tonic-gate 	case ENF_PUSH00FF:
5477c478bd9Sstevel@tonic-gate 		*--sp = 0x00ff;
5487c478bd9Sstevel@tonic-gate 		break;
549*605445d5Sdg199075 	case ENF_LOAD_OFFSET:
550*605445d5Sdg199075 		offreg = *fp++;
551*605445d5Sdg199075 		break;
552*605445d5Sdg199075 	case ENF_BRTR:
553*605445d5Sdg199075 		if (*sp != 0)
554*605445d5Sdg199075 			fp += *fp;
555*605445d5Sdg199075 		else
556*605445d5Sdg199075 			fp++;
557*605445d5Sdg199075 		if (fp >= fpe) {
558*605445d5Sdg199075 			enprintf(("BRTR: fp>=fpe\n"));
559*605445d5Sdg199075 			return (0);
560*605445d5Sdg199075 		}
561*605445d5Sdg199075 		break;
562*605445d5Sdg199075 	case ENF_BRFL:
563*605445d5Sdg199075 		if (*sp == 0)
564*605445d5Sdg199075 			fp += *fp;
565*605445d5Sdg199075 		else
566*605445d5Sdg199075 			fp++;
567*605445d5Sdg199075 		if (fp >= fpe) {
568*605445d5Sdg199075 			enprintf(("BRFL: fp>=fpe\n"));
569*605445d5Sdg199075 			return (0);
570*605445d5Sdg199075 		}
571*605445d5Sdg199075 		break;
572*605445d5Sdg199075 	case ENF_POP:
573*605445d5Sdg199075 		++sp;
574*605445d5Sdg199075 		if (sp > &stack[ENMAXFILTERS]) {
575*605445d5Sdg199075 			enprintf(("stack underflow\n"));
576*605445d5Sdg199075 			return (0);
577*605445d5Sdg199075 		}
578*605445d5Sdg199075 		break;
5797c478bd9Sstevel@tonic-gate 	case ENF_NOPUSH:
5807c478bd9Sstevel@tonic-gate 		break;
5817c478bd9Sstevel@tonic-gate 	}
5827c478bd9Sstevel@tonic-gate 
5837c478bd9Sstevel@tonic-gate 	if (sp < &stack[2]) {	/* check stack overflow: small yellow zone */
584*605445d5Sdg199075 		enprintf(("=>0(--sp)\n"));
5857c478bd9Sstevel@tonic-gate 		return (0);
5867c478bd9Sstevel@tonic-gate 	}
5877c478bd9Sstevel@tonic-gate 
5887c478bd9Sstevel@tonic-gate 	if (op == ENF_NOP)
5897c478bd9Sstevel@tonic-gate 		continue;
5907c478bd9Sstevel@tonic-gate 
5917c478bd9Sstevel@tonic-gate 	/*
5927c478bd9Sstevel@tonic-gate 	 * all non-NOP operators binary, must have at least two operands
5937c478bd9Sstevel@tonic-gate 	 * on stack to evaluate.
5947c478bd9Sstevel@tonic-gate 	 */
5957c478bd9Sstevel@tonic-gate 	if (sp > &stack[ENMAXFILTERS-2]) {
596*605445d5Sdg199075 		enprintf(("=>0(sp++)\n"));
5977c478bd9Sstevel@tonic-gate 		return (0);
5987c478bd9Sstevel@tonic-gate 	}
5997c478bd9Sstevel@tonic-gate 
6007c478bd9Sstevel@tonic-gate 	arg = *sp++;
6017c478bd9Sstevel@tonic-gate 	switch (op) {
6027c478bd9Sstevel@tonic-gate 	default:
603*605445d5Sdg199075 		enprintf(("=>0(def)\n"));
6047c478bd9Sstevel@tonic-gate 		return (0);
6057c478bd9Sstevel@tonic-gate 	case opx(ENF_AND):
6067c478bd9Sstevel@tonic-gate 		*sp &= arg;
6077c478bd9Sstevel@tonic-gate 		break;
6087c478bd9Sstevel@tonic-gate 	case opx(ENF_OR):
6097c478bd9Sstevel@tonic-gate 		*sp |= arg;
6107c478bd9Sstevel@tonic-gate 		break;
6117c478bd9Sstevel@tonic-gate 	case opx(ENF_XOR):
6127c478bd9Sstevel@tonic-gate 		*sp ^= arg;
6137c478bd9Sstevel@tonic-gate 		break;
6147c478bd9Sstevel@tonic-gate 	case opx(ENF_EQ):
6157c478bd9Sstevel@tonic-gate 		*sp = (*sp == arg);
6167c478bd9Sstevel@tonic-gate 		break;
6177c478bd9Sstevel@tonic-gate 	case opx(ENF_NEQ):
6187c478bd9Sstevel@tonic-gate 		*sp = (*sp != arg);
6197c478bd9Sstevel@tonic-gate 		break;
6207c478bd9Sstevel@tonic-gate 	case opx(ENF_LT):
6217c478bd9Sstevel@tonic-gate 		*sp = (*sp < arg);
6227c478bd9Sstevel@tonic-gate 		break;
6237c478bd9Sstevel@tonic-gate 	case opx(ENF_LE):
6247c478bd9Sstevel@tonic-gate 		*sp = (*sp <= arg);
6257c478bd9Sstevel@tonic-gate 		break;
6267c478bd9Sstevel@tonic-gate 	case opx(ENF_GT):
6277c478bd9Sstevel@tonic-gate 		*sp = (*sp > arg);
6287c478bd9Sstevel@tonic-gate 		break;
6297c478bd9Sstevel@tonic-gate 	case opx(ENF_GE):
6307c478bd9Sstevel@tonic-gate 		*sp = (*sp >= arg);
6317c478bd9Sstevel@tonic-gate 		break;
6327c478bd9Sstevel@tonic-gate 
6337c478bd9Sstevel@tonic-gate 	/* short-circuit operators */
6347c478bd9Sstevel@tonic-gate 
6357c478bd9Sstevel@tonic-gate 	case opx(ENF_COR):
6367c478bd9Sstevel@tonic-gate 		if (*sp++ == arg) {
637*605445d5Sdg199075 			enprintf(("=>COR %x\n", *sp));
6387c478bd9Sstevel@tonic-gate 			return (1);
6397c478bd9Sstevel@tonic-gate 		}
6407c478bd9Sstevel@tonic-gate 		break;
6417c478bd9Sstevel@tonic-gate 	case opx(ENF_CAND):
6427c478bd9Sstevel@tonic-gate 		if (*sp++ != arg) {
643*605445d5Sdg199075 			enprintf(("=>CAND %x\n", *sp));
6447c478bd9Sstevel@tonic-gate 			return (0);
6457c478bd9Sstevel@tonic-gate 		}
6467c478bd9Sstevel@tonic-gate 		break;
6477c478bd9Sstevel@tonic-gate 	case opx(ENF_CNOR):
6487c478bd9Sstevel@tonic-gate 		if (*sp++ == arg) {
649*605445d5Sdg199075 			enprintf(("=>COR %x\n", *sp));
6507c478bd9Sstevel@tonic-gate 			return (0);
6517c478bd9Sstevel@tonic-gate 		}
6527c478bd9Sstevel@tonic-gate 		break;
6537c478bd9Sstevel@tonic-gate 	case opx(ENF_CNAND):
6547c478bd9Sstevel@tonic-gate 		if (*sp++ != arg) {
655*605445d5Sdg199075 			enprintf(("=>CNAND %x\n", *sp));
6567c478bd9Sstevel@tonic-gate 			return (1);
6577c478bd9Sstevel@tonic-gate 		}
6587c478bd9Sstevel@tonic-gate 		break;
6597c478bd9Sstevel@tonic-gate 	}
6607c478bd9Sstevel@tonic-gate 	}
661*605445d5Sdg199075 	enprintf(("=>%x\n", *sp));
6627c478bd9Sstevel@tonic-gate 	return (*sp);
6637c478bd9Sstevel@tonic-gate }
664