git.saurik.com Git - apple/xnu.git/blame_incremental

... / ...

Commit	Line	Data
	1	/*
	2	* Copyright (c) 2012-2017 Apple Inc. All rights reserved.
	3	*
	4	* @APPLE_OSREFERENCE_LICENSE_HEADER_START@
	5	*
	6	* This file contains Original Code and/or Modifications of Original Code
	7	* as defined in and that are subject to the Apple Public Source License
	8	* Version 2.0 (the 'License'). You may not use this file except in
	9	* compliance with the License. The rights granted to you under the License
	10	* may not be used to create, or enable the creation or redistribution of,
	11	* unlawful or unlicensed copies of an Apple operating system, or to
	12	* circumvent, violate, or enable the circumvention or violation of, any
	13	* terms of an Apple operating system software license agreement.
	14	*
	15	* Please obtain a copy of the License at
	16	* http://www.opensource.apple.com/apsl/ and read it before using this file.
	17	*
	18	* The Original Code and all software distributed under the License are
	19	* distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
	20	* EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
	21	* INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
	22	* FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
	23	* Please see the License for the specific language governing rights and
	24	* limitations under the License.
	25	*
	26	* @APPLE_OSREFERENCE_LICENSE_HEADER_END@
	27	*/
	28
	29	#ifndef _NET_PKTAP_H_
	30	#define _NET_PKTAP_H_
	31
	32	#include <sys/_types/_timeval32.h>
	33	#include <stdint.h>
	34	#include <net/if.h>
	35	#include <uuid/uuid.h>
	36	#include <string.h>
	37
	38	#ifdef PRIVATE
	39
	40	#define PKTAP_IFNAME "pktap"
	41
	42	/* To store interface name + unit */
	43	#define PKTAP_IFXNAMESIZE (IF_NAMESIZE + 8)
	44
	45	/*
	46	* Commands via SIOCGDRVSPEC/SIOCSDRVSPEC
	47	*/
	48	#define PKTP_CMD_FILTER_GET 1 /* array of PKTAP_MAX_FILTERS * struct pktap_filter */
	49	#define PKTP_CMD_FILTER_SET 3 /* array of PKTAP_MAX_FILTERS * struct pktap_filter */
	50	#define PKTP_CMD_TAP_COUNT 4 /* uint32_t number of active bpf tap on the interface */
	51
	52	/*
	53	* Filtering is currently based on network interface properties --
	54	* the interface type and the interface name -- and has two types of
	55	* operations -- pass and skip.
	56	* By default only interfaces of type IFT_ETHER and IFT_CELLULAR pass
	57	* the filter.
	58	* It's possible to include other interfaces by type or by name
	59	* The interface type is evaluated before the interface name
	60	* The first matching rule stops the evaluation.
	61	* A rule with interface type 0 (zero) matches any interfaces
	62	*/
	63	#define PKTAP_FILTER_OP_NONE 0 /* For inactive entries at the end of the list */
	64	#define PKTAP_FILTER_OP_PASS 1
	65	#define PKTAP_FILTER_OP_SKIP 2
	66
	67	#define PKTAP_FILTER_PARAM_NONE 0
	68	#define PKTAP_FILTER_PARAM_IF_TYPE 1
	69	#define PKTAP_FILTER_PARAM_IF_NAME 2
	70
	71	#ifdef BSD_KERNEL_PRIVATE
	72	struct pktap_filter {
	73	uint32_t filter_op;
	74	uint32_t filter_param;
	75	union {
	76	uint32_t _filter_if_type;
	77	char _filter_if_name[PKTAP_IFXNAMESIZE];
	78	} param_;
	79	size_t filter_ifname_prefix_len;
	80	};
	81
	82	struct x_pktap_filter {
	83	#else
	84	struct pktap_filter {
	85	#endif /* BSD_KERNEL_PRIVATE */
	86	uint32_t filter_op;
	87	uint32_t filter_param;
	88	union {
	89	uint32_t _filter_if_type;
	90	char _filter_if_name[PKTAP_IFXNAMESIZE];
	91	} param_;
	92	};
	93	#define filter_param_if_type param_._filter_if_type
	94	#define filter_param_if_name param_._filter_if_name
	95
	96	#define PKTAP_MAX_FILTERS 8
	97
	98	/*
	99	* Header for DLT_PKTAP
	100	*
	101	* In theory, there could be several types of blocks in a chain before the actual packet
	102	*/
	103	struct pktap_header {
	104	uint32_t pth_length; /* length of this header */
	105	uint32_t pth_type_next; /* type of data following */
	106	uint32_t pth_dlt; /* DLT of packet */
	107	char pth_ifname[PKTAP_IFXNAMESIZE]; /* interface name */
	108	uint32_t pth_flags; /* flags */
	109	uint32_t pth_protocol_family;
	110	uint32_t pth_frame_pre_length;
	111	uint32_t pth_frame_post_length;
	112	pid_t pth_pid; /* process ID */
	113	char pth_comm[MAXCOMLEN + 1]; /* process name */
	114	uint32_t pth_svc; /* service class */
	115	uint16_t pth_iftype;
	116	uint16_t pth_ifunit;
	117	pid_t pth_epid; /* effective process ID */
	118	char pth_ecomm[MAXCOMLEN + 1]; /* effective command name */
	119	uint32_t pth_flowid;
	120	uint32_t pth_ipproto;
	121	struct timeval32 pth_tstamp;
	122	uuid_t pth_uuid;
	123	uuid_t pth_euuid;
	124	};
	125
	126	/*
	127	* The original version 1 of the pktap_header structure always had the field
	128	* pth_type_next set to PTH_TYPE_PACKET
	129	*/
	130	#define PTH_TYPE_NONE 0 /* No more data following */
	131	#define PTH_TYPE_PACKET 1 /* Actual captured packet data */
	132
	133	/*
	134	* Size of buffer that can contain any pktap header
	135	* followed by the optional 4 bytes protocol field
	136	* or 16 bytes link layer header
	137	*/
	138	union pktap_header_extra {
	139	uint8_t llhdr[16];
	140	uint32_t proto;
	141	};
	142
	143	/*
	144	* Version 2 version of the header
	145	*
	146	* The field pth_flags is at the same offset as the orignal pktap_header and
	147	* the flag PTH_FLAG_V2_HDR allows to differentiate the header version.
	148	*/
	149
	150	#define PKTAP_MAX_COMM_SIZE (MAXCOMLEN + 1)
	151
	152	struct pktap_v2_hdr {
	153	uint8_t pth_length; /* length of this header */
	154	uint8_t pth_uuid_offset; /* max size: sizeof(uuid_t) */
	155	uint8_t pth_e_uuid_offset; /* max size: sizeof(uuid_t) */
	156	uint8_t pth_ifname_offset; /* max size: PKTAP_IFXNAMESIZE*/
	157	uint8_t pth_comm_offset; /* max size: PKTAP_MAX_COMM_SIZE */
	158	uint8_t pth_e_comm_offset; /* max size: PKTAP_MAX_COMM_SIZE */
	159	uint16_t pth_dlt; /* DLT of packet */
	160	uint16_t pth_frame_pre_length;
	161	uint16_t pth_frame_post_length;
	162	uint16_t pth_iftype;
	163	uint16_t pth_ipproto;
	164	uint32_t pth_protocol_family;
	165	uint32_t pth_svc; /* service class */
	166	uint32_t pth_flowid;
	167	pid_t pth_pid; /* process ID */
	168	pid_t pth_e_pid; /* effective process ID */
	169	uint32_t pth_flags; /* flags */
	170	};
	171
	172	struct pktap_v2_hdr_space {
	173	struct pktap_v2_hdr pth_hdr;
	174	uint8_t pth_uuid[sizeof(uuid_t)];
	175	uint8_t pth_e_uuid[sizeof(uuid_t)];
	176	uint8_t pth_ifname[PKTAP_IFXNAMESIZE];
	177	uint8_t pth_comm[PKTAP_MAX_COMM_SIZE];
	178	uint8_t pth_e_comm[PKTAP_MAX_COMM_SIZE];
	179	};
	180
	181	struct pktap_buffer_v2_hdr_extra {
	182	struct pktap_v2_hdr_space hdr_space;
	183	union pktap_header_extra extra;
	184	};
	185
	186	#define COPY_PKTAP_COMMON_FIELDS_TO_V2(pktap_v2_hdr_dst, pktap_header_src) { \
	187	(pktap_v2_hdr_dst)->pth_length = sizeof(struct pktap_v2_hdr); \
	188	(pktap_v2_hdr_dst)->pth_uuid_offset = 0; \
	189	(pktap_v2_hdr_dst)->pth_e_uuid_offset = 0; \
	190	(pktap_v2_hdr_dst)->pth_ifname_offset = 0; \
	191	(pktap_v2_hdr_dst)->pth_comm_offset = 0; \
	192	(pktap_v2_hdr_dst)->pth_e_comm_offset = 0; \
	193	(pktap_v2_hdr_dst)->pth_dlt = (uint16_t)(pktap_header_src)->pth_dlt; \
	194	(pktap_v2_hdr_dst)->pth_frame_pre_length = (uint16_t)(pktap_header_src)->pth_frame_pre_length; \
	195	(pktap_v2_hdr_dst)->pth_frame_post_length = (uint16_t)(pktap_header_src)->pth_frame_post_length; \
	196	(pktap_v2_hdr_dst)->pth_iftype = (pktap_header_src)->pth_iftype; \
	197	(pktap_v2_hdr_dst)->pth_ipproto = (uint16_t)(pktap_header_src)->pth_ipproto; \
	198	(pktap_v2_hdr_dst)->pth_protocol_family = (pktap_header_src)->pth_protocol_family; \
	199	(pktap_v2_hdr_dst)->pth_svc = (pktap_header_src)->pth_svc; \
	200	(pktap_v2_hdr_dst)->pth_flowid = (pktap_header_src)->pth_flowid; \
	201	(pktap_v2_hdr_dst)->pth_pid = (pktap_header_src)->pth_pid; \
	202	(pktap_v2_hdr_dst)->pth_e_pid = (pktap_header_src)->pth_epid; \
	203	(pktap_v2_hdr_dst)->pth_flags = (pktap_header_src)->pth_flags; \
	204	(pktap_v2_hdr_dst)->pth_flags \|= PTH_FLAG_V2_HDR; \
	205	}
	206
	207	/*
	208	* Values for field pth_flags
	209	*/
	210	#define PTH_FLAG_DIR_IN 0x00000001 /* Outgoing packet */
	211	#define PTH_FLAG_DIR_OUT 0x00000002 /* Incoming packet */
	212	#define PTH_FLAG_PROC_DELEGATED 0x00000004 /* Process delegated */
	213	#define PTH_FLAG_IF_DELEGATED 0x00000008 /* Interface delegated */
	214	#ifdef BSD_KERNEL_PRIVATE
	215	#define PTH_FLAG_DELAY_PKTAP 0x00001000 /* Finalize pktap header on read */
	216	#endif /* BSD_KERNEL_PRIVATE */
	217	#define PTH_FLAG_TSTAMP 0x00002000 /* Has time stamp */
	218	#define PTH_FLAG_NEW_FLOW 0x00004000 /* Packet from a new flow */
	219	#define PTH_FLAG_REXMIT 0x00008000 /* Packet is a retransmission */
	220	#define PTH_FLAG_KEEP_ALIVE 0x00010000 /* Is keep alive packet */
	221	#define PTH_FLAG_SOCKET 0x00020000 /* Packet on a Socket */
	222	#define PTH_FLAG_NEXUS_CHAN 0x00040000 /* Packet on a nexus channel */
	223	#define PTH_FLAG_V2_HDR 0x00080000 /* Version 2 of pktap */
	224
	225	#ifdef BSD_KERNEL_PRIVATE
	226
	227	#include <net/bpf.h>
	228
	229	struct pktap_header_buffer {
	230	struct pktap_header pkth;
	231	union pktap_header_extra extra;
	232	};
	233
	234	extern uint32_t pktap_total_tap_count;
	235
	236	extern void pktap_init(void);
	237	extern void pktap_input(struct ifnet , protocol_family_t, struct mbuf , char *);
	238	extern void pktap_output(struct ifnet , protocol_family_t, struct mbuf ,
	239	u_int32_t, u_int32_t);
	240	extern void pktap_fill_proc_info(struct pktap_header *, protocol_family_t,
	241	struct mbuf , u_int32_t, int, struct ifnet );
	242	extern void pktap_finalize_proc_info(struct pktap_header *);
	243	extern void pktap_v2_finalize_proc_info(struct pktap_v2_hdr *);
	244	extern void convert_to_pktap_header_to_v2(struct bpf_packet *bpf_pkt, bool truncate);
	245	#endif /* BSD_KERNEL_PRIVATE */
	246	#endif /* PRIVATE */
	247
	248	#endif /* _NET_PKTAP_H_ */