]> git.saurik.com Git - apple/xnu.git/blob - bsd/net/ether_inet_pr_module.c
projects / apple / xnu.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
xnu-1699.22.73.tar.gz
[apple/xnu.git] / bsd / net / ether_inet_pr_module.c
1 /*
2 * Copyright (c) 2000-2011 Apple Inc. All rights reserved.
3 *
4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. The rights granted to you under the License
10 * may not be used to create, or enable the creation or redistribution of,
11 * unlawful or unlicensed copies of an Apple operating system, or to
12 * circumvent, violate, or enable the circumvention or violation of, any
13 * terms of an Apple operating system software license agreement.
14 *
15 * Please obtain a copy of the License at
16 * http://www.opensource.apple.com/apsl/ and read it before using this file.
17 *
18 * The Original Code and all software distributed under the License are
19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23 * Please see the License for the specific language governing rights and
24 * limitations under the License.
25 *
26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
27 */
28 /*
29 * Copyright (c) 1982, 1989, 1993
30 * The Regents of the University of California. All rights reserved.
31 *
32 * Redistribution and use in source and binary forms, with or without
33 * modification, are permitted provided that the following conditions
34 * are met:
35 * 1. Redistributions of source code must retain the above copyright
36 * notice, this list of conditions and the following disclaimer.
37 * 2. Redistributions in binary form must reproduce the above copyright
38 * notice, this list of conditions and the following disclaimer in the
39 * documentation and/or other materials provided with the distribution.
40 * 3. All advertising materials mentioning features or use of this software
41 * must display the following acknowledgement:
42 * This product includes software developed by the University of
43 * California, Berkeley and its contributors.
44 * 4. Neither the name of the University nor the names of its contributors
45 * may be used to endorse or promote products derived from this software
46 * without specific prior written permission.
47 *
48 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
49 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
50 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
51 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
52 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
53 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
54 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
55 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
56 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
57 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
58 * SUCH DAMAGE.
59 *
60 */
61 /*
62 * NOTICE: This file was modified by SPARTA, Inc. in 2006 to introduce
63 * support for mandatory and extensible security protections. This notice
64 * is included in support of clause 2.2 (b) of the Apple Public License,
65 * Version 2.0.
66 */
67
68
69 #include <sys/param.h>
70 #include <sys/systm.h>
71 #include <sys/kernel.h>
72 #include <sys/malloc.h>
73 #include <sys/mbuf.h>
74 #include <sys/socket.h>
75 #include <sys/sockio.h>
76 #include <sys/sysctl.h>
77 #include <kern/lock.h>
78
79 #include <net/if.h>
80 #include <net/route.h>
81 #include <net/if_llc.h>
82 #include <net/if_dl.h>
83 #include <net/if_types.h>
84 #include <net/kpi_protocol.h>
85
86 #include <netinet/in.h>
87 #include <netinet/in_var.h>
88 #include <netinet/if_ether.h>
89 #include <netinet/in_systm.h>
90 #include <netinet/ip.h>
91 #include <netinet/in_arp.h>
92
93 #include <sys/socketvar.h>
94
95 #include <net/dlil.h>
96
97 /* #include "vlan.h" */
98 #if NVLAN > 0
99 #include <net/if_vlan_var.h>
100 #endif /* NVLAN > 0 */
101 #include <net/ether_if_module.h>
102 #if CONFIG_MACF
103 #include <security/mac_framework.h>
104 #endif
105
106 /* Local function declarations */
107 extern void *kdp_get_interface(void);
108 extern void kdp_set_ip_and_mac_addresses(struct in_addr *ipaddr,
109 struct ether_addr *macaddr);
110
111 #define _ip_copy(dst, src) \
112 (*(dst) = *(src))
113
114 static void
115 ether_inet_arp_input(struct ifnet *ifp, struct mbuf *m)
116 {
117 struct ether_arp *ea;
118 struct sockaddr_dl sender_hw;
119 struct sockaddr_in sender_ip;
120 struct sockaddr_in target_ip;
121
122 if (mbuf_len(m) < sizeof (*ea) && mbuf_pullup(&m, sizeof (*ea)) != 0)
123 return;
124
125 ea = mbuf_data(m);
126
127 /* Verify this is an ethernet/ip arp and address lengths are correct */
128 if (ntohs(ea->arp_hrd) != ARPHRD_ETHER ||
129 ntohs(ea->arp_pro) != ETHERTYPE_IP ||
130 ea->arp_pln != sizeof (struct in_addr) ||
131 ea->arp_hln != ETHER_ADDR_LEN) {
132 mbuf_freem(m);
133 return;
134 }
135
136 /* Verify the sender is not broadcast */
137 if (bcmp(ea->arp_sha, etherbroadcastaddr, ETHER_ADDR_LEN) == 0) {
138 mbuf_freem(m);
139 return;
140 }
141
142 bzero(&sender_ip, sizeof (sender_ip));
143 sender_ip.sin_len = sizeof (sender_ip);
144 sender_ip.sin_family = AF_INET;
145 _ip_copy(&sender_ip.sin_addr, (const struct in_addr *)ea->arp_spa);
146 target_ip = sender_ip;
147 _ip_copy(&target_ip.sin_addr, (const struct in_addr *)ea->arp_tpa);
148
149 bzero(&sender_hw, sizeof (sender_hw));
150 sender_hw.sdl_len = sizeof (sender_hw);
151 sender_hw.sdl_family = AF_LINK;
152 sender_hw.sdl_type = IFT_ETHER;
153 sender_hw.sdl_alen = ETHER_ADDR_LEN;
154 bcopy(ea->arp_sha, LLADDR(&sender_hw), ETHER_ADDR_LEN);
155
156 /* update L2 reachability record, if present */
157 arp_llreach_set_reachable(ifp, LLADDR(&sender_hw), ETHER_ADDR_LEN);
158
159 arp_ip_handle_input(ifp, ntohs(ea->arp_op), &sender_hw, &sender_ip,
160 &target_ip);
161 mbuf_freem(m);
162 }
163
164 /*
165 * Process a received Ethernet packet;
166 * the packet is in the mbuf chain m without
167 * the ether header, which is provided separately.
168 */
169 static errno_t
170 ether_inet_input(ifnet_t ifp, protocol_family_t protocol_family,
171 mbuf_t m_list)
172 {
173 #pragma unused(ifp, protocol_family)
174 mbuf_t m;
175 mbuf_t *tailptr = &m_list;
176 mbuf_t nextpkt;
177
178 /* Strip ARP and non-IP packets out of the list */
179 for (m = m_list; m; m = nextpkt) {
180 struct ether_header *eh = mbuf_pkthdr_header(m);
181 struct ifnet *mifp;
182
183 /*
184 * Trust the ifp in the mbuf, rather than ifproto's
185 * since the packet could have been injected via
186 * a dlil_input_packet_list() using an ifp that is
187 * different than the one where the packet really
188 * came from.
189 */
190 mifp = mbuf_pkthdr_rcvif(m);
191
192 nextpkt = m->m_nextpkt;
193
194 if (eh->ether_type == htons(ETHERTYPE_IP)) {
195 /*
196 * Update L2 reachability record, if present
197 * (and if not a broadcast sender).
198 */
199 if (bcmp(eh->ether_shost, etherbroadcastaddr,
200 ETHER_ADDR_LEN) != 0) {
201 arp_llreach_set_reachable(mifp, eh->ether_shost,
202 ETHER_ADDR_LEN);
203 }
204 /* put this packet in the list */
205 *tailptr = m;
206 tailptr = &m->m_nextpkt;
207 } else {
208 /* Pass ARP packets to arp input */
209 m->m_nextpkt = NULL;
210 if (eh->ether_type == htons(ETHERTYPE_ARP))
211 ether_inet_arp_input(mifp, m);
212 else
213 mbuf_freem(m);
214 }
215 }
216
217 *tailptr = NULL;
218
219 /* Pass IP list to ip input */
220 if (m_list != NULL && proto_input(PF_INET, m_list) != 0) {
221 mbuf_freem_list(m_list);
222 }
223
224 return (EJUSTRETURN);
225 }
226
227 static errno_t
228 ether_inet_pre_output(ifnet_t ifp, protocol_family_t protocol_family,
229 mbuf_t *m0, const struct sockaddr *dst_netaddr,
230 void *route, char *type, char *edst)
231 {
232 #pragma unused(protocol_family)
233 struct mbuf *m = *m0;
234 const struct ether_header *eh;
235 errno_t result = 0;
236
237 if ((ifp->if_flags & (IFF_UP|IFF_RUNNING)) != (IFF_UP|IFF_RUNNING))
238 return (ENETDOWN);
239
240 /*
241 * Tell ether_frameout it's ok to loop packet unless negated below.
242 */
243 m->m_flags |= M_LOOP;
244
245 switch (dst_netaddr->sa_family) {
246 case AF_INET: {
247 struct sockaddr_dl ll_dest;
248
249 result = arp_lookup_ip(ifp,
250 (const struct sockaddr_in *)dst_netaddr, &ll_dest,
251 sizeof (ll_dest), (route_t)route, *m0);
252 if (result == 0) {
253 bcopy(LLADDR(&ll_dest), edst, ETHER_ADDR_LEN);
254 *(u_int16_t *)type = htons(ETHERTYPE_IP);
255 }
256 break;
257 }
258
259 case pseudo_AF_HDRCMPLT:
260 case AF_UNSPEC:
261 m->m_flags &= ~M_LOOP;
262 eh = (const struct ether_header *)dst_netaddr->sa_data;
263 (void) memcpy(edst, eh->ether_dhost, 6);
264 *(u_short *)type = eh->ether_type;
265 break;
266
267 default:
268 printf("%s%d: can't handle af%d\n", ifp->if_name, ifp->if_unit,
269 dst_netaddr->sa_family);
270
271 result = EAFNOSUPPORT;
272 break;
273 }
274
275 return (result);
276 }
277
278 static errno_t
279 ether_inet_resolve_multi(ifnet_t ifp, const struct sockaddr *proto_addr,
280 struct sockaddr_dl *out_ll, size_t ll_len)
281 {
282 static const size_t minsize =
283 offsetof(struct sockaddr_dl, sdl_data[0]) + ETHER_ADDR_LEN;
284 const struct sockaddr_in *sin = (const struct sockaddr_in *)proto_addr;
285
286 if (proto_addr->sa_family != AF_INET)
287 return (EAFNOSUPPORT);
288
289 if (proto_addr->sa_len < sizeof (struct sockaddr_in))
290 return (EINVAL);
291
292 if (ll_len < minsize)
293 return (EMSGSIZE);
294
295 bzero(out_ll, minsize);
296 out_ll->sdl_len = minsize;
297 out_ll->sdl_family = AF_LINK;
298 out_ll->sdl_index = ifp->if_index;
299 out_ll->sdl_type = IFT_ETHER;
300 out_ll->sdl_nlen = 0;
301 out_ll->sdl_alen = ETHER_ADDR_LEN;
302 out_ll->sdl_slen = 0;
303 ETHER_MAP_IP_MULTICAST(&sin->sin_addr, LLADDR(out_ll));
304
305 return (0);
306 }
307
308 static errno_t
309 ether_inet_prmod_ioctl(ifnet_t ifp, protocol_family_t protocol_family,
310 u_long command, void *data)
311 {
312 #pragma unused(protocol_family)
313 ifaddr_t ifa = data;
314 struct ifreq *ifr = data;
315 int error = 0;
316
317 switch (command) {
318 case SIOCSIFADDR:
319 case SIOCAIFADDR:
320 if (!(ifnet_flags(ifp) & IFF_RUNNING)) {
321 ifnet_set_flags(ifp, IFF_UP, IFF_UP);
322 ifnet_ioctl(ifp, 0, SIOCSIFFLAGS, NULL);
323 }
324
325 if (ifaddr_address_family(ifa) != AF_INET)
326 break;
327
328 inet_arp_init_ifaddr(ifp, ifa);
329 /*
330 * Register new IP and MAC addresses with the kernel
331 * debugger if the interface is the same as was registered
332 * by IOKernelDebugger. If no interface was registered,
333 * fall back and just match against en0 interface.
334 * Do this only for the first address of the interface
335 * and not for aliases.
336 */
337 if (command == SIOCSIFADDR &&
338 ((kdp_get_interface() != 0 &&
339 kdp_get_interface() == ifp->if_softc) ||
340 (kdp_get_interface() == 0 && ifp->if_unit == 0)))
341 kdp_set_ip_and_mac_addresses(&(IA_SIN(ifa)->sin_addr),
342 ifnet_lladdr(ifp));
343 break;
344
345 case SIOCGIFADDR:
346 ifnet_lladdr_copy_bytes(ifp, ifr->ifr_addr.sa_data,
347 ETHER_ADDR_LEN);
348 break;
349
350 default:
351 error = EOPNOTSUPP;
352 break;
353 }
354
355 return (error);
356 }
357
358 static void
359 ether_inet_event(ifnet_t ifp, protocol_family_t protocol,
360 const struct kev_msg *event)
361 {
362 #pragma unused(protocol)
363 ifaddr_t *addresses;
364
365 if (event->vendor_code != KEV_VENDOR_APPLE ||
366 event->kev_class != KEV_NETWORK_CLASS ||
367 event->kev_subclass != KEV_DL_SUBCLASS ||
368 event->event_code != KEV_DL_LINK_ADDRESS_CHANGED) {
369 return;
370 }
371
372 if (ifnet_get_address_list_family(ifp, &addresses, AF_INET) == 0) {
373 int i;
374
375 for (i = 0; addresses[i] != NULL; i++) {
376 inet_arp_init_ifaddr(ifp, addresses[i]);
377 }
378
379 ifnet_free_address_list(addresses);
380 }
381 }
382
383 static errno_t
384 ether_inet_arp(ifnet_t ifp, u_short arpop, const struct sockaddr_dl *sender_hw,
385 const struct sockaddr *sender_proto, const struct sockaddr_dl *target_hw,
386 const struct sockaddr *target_proto)
387 {
388 mbuf_t m;
389 errno_t result;
390 struct ether_header *eh;
391 struct ether_arp *ea;
392 const struct sockaddr_in *sender_ip =
393 (const struct sockaddr_in *)sender_proto;
394 const struct sockaddr_in *target_ip =
395 (const struct sockaddr_in *)target_proto;
396 char *datap;
397
398 if (target_ip == NULL)
399 return (EINVAL);
400
401 if ((sender_ip && sender_ip->sin_family != AF_INET) ||
402 target_ip->sin_family != AF_INET)
403 return (EAFNOSUPPORT);
404
405 result = mbuf_gethdr(MBUF_DONTWAIT, MBUF_TYPE_DATA, &m);
406 if (result != 0)
407 return (result);
408
409 mbuf_setlen(m, sizeof (*ea));
410 mbuf_pkthdr_setlen(m, sizeof (*ea));
411
412 /* Move the data pointer in the mbuf to the end, aligned to 4 bytes */
413 datap = mbuf_datastart(m);
414 datap += mbuf_trailingspace(m);
415 datap -= (((uintptr_t)datap) & 0x3);
416 mbuf_setdata(m, datap, sizeof (*ea));
417 ea = mbuf_data(m);
418
419 /*
420 * Prepend the ethernet header, we will send the raw frame;
421 * callee frees the original mbuf when allocation fails.
422 */
423 result = mbuf_prepend(&m, sizeof (*eh), MBUF_DONTWAIT);
424 if (result != 0)
425 return (result);
426
427 eh = mbuf_data(m);
428 eh->ether_type = htons(ETHERTYPE_ARP);
429
430 #if CONFIG_MACF_NET
431 mac_mbuf_label_associate_linklayer(ifp, m);
432 #endif
433
434 /* Fill out the arp header */
435 ea->arp_pro = htons(ETHERTYPE_IP);
436 ea->arp_hln = sizeof (ea->arp_sha);
437 ea->arp_pln = sizeof (ea->arp_spa);
438 ea->arp_hrd = htons(ARPHRD_ETHER);
439 ea->arp_op = htons(arpop);
440
441 /* Sender Hardware */
442 if (sender_hw != NULL) {
443 bcopy(CONST_LLADDR(sender_hw), ea->arp_sha,
444 sizeof (ea->arp_sha));
445 } else {
446 ifnet_lladdr_copy_bytes(ifp, ea->arp_sha, ETHER_ADDR_LEN);
447 }
448 ifnet_lladdr_copy_bytes(ifp, eh->ether_shost, sizeof (eh->ether_shost));
449
450 /* Sender IP */
451 if (sender_ip != NULL) {
452 bcopy(&sender_ip->sin_addr, ea->arp_spa, sizeof (ea->arp_spa));
453 } else {
454 struct ifaddr *ifa;
455
456 /* Look for an IP address to use as our source */
457 ifnet_lock_shared(ifp);
458 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
459 IFA_LOCK(ifa);
460 if (ifa->ifa_addr != NULL &&
461 ifa->ifa_addr->sa_family == AF_INET) {
462 bcopy(&((struct sockaddr_in *)ifa->ifa_addr)->
463 sin_addr, ea->arp_spa, sizeof(ea->arp_spa));
464 IFA_UNLOCK(ifa);
465 break;
466 }
467 IFA_UNLOCK(ifa);
468 }
469 ifnet_lock_done(ifp);
470
471 if (ifa == NULL) {
472 mbuf_freem(m);
473 return (ENXIO);
474 }
475 }
476
477 /* Target Hardware */
478 if (target_hw == NULL) {
479 bzero(ea->arp_tha, sizeof (ea->arp_tha));
480 bcopy(etherbroadcastaddr, eh->ether_dhost,
481 sizeof (eh->ether_dhost));
482 } else {
483 bcopy(CONST_LLADDR(target_hw), ea->arp_tha,
484 sizeof (ea->arp_tha));
485 bcopy(CONST_LLADDR(target_hw), eh->ether_dhost,
486 sizeof (eh->ether_dhost));
487 }
488
489 /* Target IP */
490 bcopy(&target_ip->sin_addr, ea->arp_tpa, sizeof (ea->arp_tpa));
491
492 ifnet_output_raw(ifp, PF_INET, m);
493
494 return (0);
495 }
496
497 errno_t
498 ether_attach_inet(struct ifnet *ifp, protocol_family_t proto_family)
499 {
500 #pragma unused(proto_family)
501 struct ifnet_attach_proto_param_v2 proto;
502 struct ifnet_demux_desc demux[2];
503 u_short en_native = htons(ETHERTYPE_IP);
504 u_short arp_native = htons(ETHERTYPE_ARP);
505 errno_t error;
506
507 bzero(&demux[0], sizeof (demux));
508 demux[0].type = DLIL_DESC_ETYPE2;
509 demux[0].data = &en_native;
510 demux[0].datalen = sizeof (en_native);
511 demux[1].type = DLIL_DESC_ETYPE2;
512 demux[1].data = &arp_native;
513 demux[1].datalen = sizeof (arp_native);
514
515 bzero(&proto, sizeof (proto));
516 proto.demux_list = demux;
517 proto.demux_count = sizeof (demux) / sizeof (demux[0]);
518 proto.input = ether_inet_input;
519 proto.pre_output = ether_inet_pre_output;
520 proto.ioctl = ether_inet_prmod_ioctl;
521 proto.event = ether_inet_event;
522 proto.resolve = ether_inet_resolve_multi;
523 proto.send_arp = ether_inet_arp;
524
525 error = ifnet_attach_protocol_v2(ifp, proto_family, &proto);
526 if (error && error != EEXIST) {
527 printf("WARNING: %s can't attach ip to %s%d\n", __func__,
528 ifp->if_name, ifp->if_unit);
529 }
530 return (error);
531 }
532
533 void
534 ether_detach_inet(struct ifnet *ifp, protocol_family_t proto_family)
535 {
536 (void) ifnet_detach_protocol(ifp, proto_family);
537 }
mirror of XNU