]> git.saurik.com Git - apple/xnu.git/blob - bsd/net/kext_net.c
xnu-517.7.7.tar.gz
[apple/xnu.git] / bsd / net / kext_net.c
1 /*
2 * Copyright (c) 2000 Apple Computer, Inc. All rights reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * The contents of this file constitute Original Code as defined in and
7 * are subject to the Apple Public Source License Version 1.1 (the
8 * "License"). You may not use this file except in compliance with the
9 * License. Please obtain a copy of the License at
10 * http://www.apple.com/publicsource and read it before using this file.
11 *
12 * This Original Code and all software distributed under the License are
13 * distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER
14 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
15 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
16 * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the
17 * License for the specific language governing rights and limitations
18 * under the License.
19 *
20 * @APPLE_LICENSE_HEADER_END@
21 */
22 /* Copyright (C) 1999 Apple Computer, Inc. */
23
24 /*
25 * Support for Network Kernel Extensions: Socket Filters
26 *
27 * Justin C. Walker, 990319
28 */
29
30 #include <sys/types.h>
31 #include <sys/queue.h>
32 #include <sys/malloc.h>
33 #include <sys/param.h>
34 #include <sys/mbuf.h>
35 #include <sys/domain.h>
36 #include <sys/protosw.h>
37 #include <sys/socket.h>
38 #include <machine/spl.h>
39 #include "kext_net.h"
40
41 /* List of kernel extensions (networking) known to kernel */
42 struct nf_list nf_list;
43
44 static int sockfilter_fix_symantec_bug(struct NFDescriptor* theirDesc);
45
46 /*
47 * Register a global filter for the specified protocol
48 * Make a few checks and then insert the new descriptor in the
49 * filter list and, if global, in its protosw's chain.
50 */
51 int
52 register_sockfilter(struct NFDescriptor *nfp, struct NFDescriptor *nfp1,
53 struct protosw *pr, int flags)
54 { int s;
55 static int NF_initted = 0;
56
57 if (nfp == NULL)
58 return(EINVAL);
59
60 /* Fix Symantec's broken NPC kext */
61 if (nfp->nf_handle == 0xf1ab02de) {
62 int err = sockfilter_fix_symantec_bug(nfp);
63 if (err != 0)
64 return err;
65 }
66
67 s = splhigh();
68 if (!NF_initted)
69 { NF_initted = 1;
70 TAILQ_INIT(&nf_list);
71 }
72
73 /*
74 * Install the extension:
75 * First, put it in the global list of all filters
76 * Then, if global, install in the protosw's list
77 */
78 TAILQ_INSERT_TAIL(&nf_list, nfp, nf_list);
79 if (nfp->nf_flags & NFD_GLOBAL)
80 { if (flags & NFF_BEFORE)
81 { if (nfp1 == NULL)
82 { TAILQ_INSERT_HEAD(&pr->pr_sfilter,
83 nfp, nf_next);
84 } else
85 TAILQ_INSERT_BEFORE(nfp1, nfp, nf_next);
86 } else /* Default: AFTER */
87 { if (nfp1 == NULL)
88 { TAILQ_INSERT_TAIL(&pr->pr_sfilter,
89 nfp, nf_next);
90 } else
91 TAILQ_INSERT_AFTER(&pr->pr_sfilter, nfp1,
92 nfp, nf_next);
93 }
94 }
95 splx(s);
96 return(0);
97 }
98
99 unregister_sockfilter(struct NFDescriptor *nfp, struct protosw *pr, int flags)
100 { int s;
101
102 s = splhigh();
103 TAILQ_REMOVE(&nf_list, nfp, nf_list);
104 /* Only globals are attached to the protosw entry */
105 if (nfp->nf_flags & NFD_GLOBAL)
106 TAILQ_REMOVE(&pr->pr_sfilter, nfp, nf_next);
107 splx(s);
108 return(0);
109 }
110
111 struct NFDescriptor *
112 find_nke(unsigned int handle)
113 { struct NFDescriptor *nfp;
114
115 nfp = nf_list.tqh_first;
116 while (nfp)
117 { if (nfp->nf_handle == handle)
118 return(nfp);
119 nfp = nfp->nf_list.tqe_next;
120 }
121 return(NULL);
122 }
123
124 /*
125 * Insert a previously registered, non-global, NKE into the list of
126 * active NKEs for this socket. Then invoke its "attach/create" entry.
127 * Assumed called with protection in place (spl/mutex/whatever)
128 * XXX: How to which extension is not found, on error.
129 */
130 int
131 nke_insert(struct socket *so, struct so_nke *np)
132 { int s, error;
133 struct kextcb *kp, *kp1;
134 struct NFDescriptor *nf1, *nf2 = NULL;
135
136 if (np->nke_where != NULL)
137 { if ((nf2 = find_nke(np->nke_where)) == NULL)
138 { /* ??? */
139 return(ENXIO);/* XXX */
140 }
141 }
142
143 if ((nf1 = find_nke(np->nke_handle)) == NULL)
144 { /* ??? */
145 return(ENXIO);/* XXX */
146 }
147
148 kp = so->so_ext;
149 kp1 = NULL;
150 if (np->nke_flags & NFF_BEFORE)
151 { if (nf2)
152 { while (kp)
153 { if (kp->e_nfd == nf2)
154 break;
155 kp1 = kp;
156 kp = kp->e_next;
157 }
158 if (kp == NULL)
159 return(ENXIO);/* XXX */
160 }
161 } else
162 { if (nf2)
163 { while (kp)
164 { if (kp->e_nfd == nf2)
165 break;
166 kp1 = kp;
167 kp = kp->e_next;
168 }
169 if (kp == NULL)
170 return(ENXIO);/* XXX */
171 }
172 kp1 = kp;
173 }
174 /*
175 * Here with kp1 pointing to the insertion point.
176 * If null, this is first entry.
177 * Now, create and insert the descriptor.
178 */
179
180 MALLOC(kp, struct kextcb *, sizeof(*kp), M_TEMP, M_WAITOK);
181 if (kp == NULL)
182 return(ENOBUFS); /* so_free will clean up */
183 bzero(kp, sizeof (*kp));
184 if (kp1 == NULL)
185 { kp->e_next = so->so_ext;
186 so->so_ext = kp;
187 } else
188 { kp->e_next = kp1->e_next;
189 kp1->e_next = kp;
190 }
191 kp->e_fcb = NULL;
192 kp->e_nfd = nf1;
193 kp->e_soif = nf1->nf_soif;
194 kp->e_sout = nf1->nf_soutil;
195 /*
196 * Ignore return value for create
197 * Everyone gets a chance at startup
198 */
199 if (kp->e_soif && kp->e_soif->sf_socreate)
200 (*kp->e_soif->sf_socreate)(so, so->so_proto, kp);
201 return(0);
202 }
203
204 /*
205 * The following gunk is a fix for Symantec's broken NPC kext
206 * Symantec's NPC kext does not check that the kextcb->e_fcb
207 * is not NULL before derefing it. The result is a panic in
208 * the very few cases where the e_fcb is actually NULL.
209 *
210 * This gross chunk of code copies the old function ptrs
211 * supplied by the kext and wraps a few select ones in
212 * our own functions that just check for NULL before
213 * calling in to the kext.
214 */
215
216 static struct sockif* g_symantec_if_funcs = NULL;
217 static struct sockutil* g_symantec_util_funcs = NULL;
218 static int sym_fix_sbflush(struct sockbuf *, struct kextcb *);
219 static int sym_fix_sbappend(struct sockbuf *, struct mbuf *, struct kextcb *);
220 static int sym_fix_soclose(struct socket *, struct kextcb *);
221 static int sym_fix_sofree(struct socket *, struct kextcb *);
222 static int sym_fix_soconnect(struct socket *, struct sockaddr *, struct kextcb *);
223 static int sym_fix_soisconnected(struct socket *, struct kextcb *);
224 static int sym_fix_sosend(struct socket *, struct sockaddr **, struct uio **, struct mbuf **,
225 struct mbuf **, int *, struct kextcb *);
226 static int sym_fix_socantrcvmore(struct socket *, struct kextcb *);
227 static int sym_fix_socontrol(struct socket *, struct sockopt *, struct kextcb *);
228
229 static int sockfilter_fix_symantec_bug(struct NFDescriptor* theirDesc)
230 {
231 if (!g_symantec_if_funcs ) {
232 MALLOC(g_symantec_if_funcs, struct sockif*, sizeof(*g_symantec_if_funcs), M_TEMP, M_WAITOK);
233
234 if (!g_symantec_if_funcs)
235 return ENOMEM;
236
237 *g_symantec_if_funcs = *theirDesc->nf_soif;
238 }
239
240 if (!g_symantec_util_funcs) {
241 MALLOC(g_symantec_util_funcs, struct sockutil*, sizeof(*g_symantec_util_funcs), M_TEMP, M_WAITOK);
242
243 if (!g_symantec_util_funcs)
244 return ENOMEM;
245
246 *g_symantec_util_funcs = *theirDesc->nf_soutil;
247 }
248
249 if (theirDesc->nf_soutil->su_sbflush)
250 theirDesc->nf_soutil->su_sbflush = sym_fix_sbflush;
251 if (theirDesc->nf_soutil->su_sbappend)
252 theirDesc->nf_soutil->su_sbappend = sym_fix_sbappend;
253 if (theirDesc->nf_soif->sf_soclose)
254 theirDesc->nf_soif->sf_soclose = sym_fix_soclose;
255 if (theirDesc->nf_soif->sf_sofree)
256 theirDesc->nf_soif->sf_sofree = sym_fix_sofree;
257 if (theirDesc->nf_soif->sf_soconnect)
258 theirDesc->nf_soif->sf_soconnect = sym_fix_soconnect;
259 if (theirDesc->nf_soif->sf_soisconnected)
260 theirDesc->nf_soif->sf_soisconnected = sym_fix_soisconnected;
261 if (theirDesc->nf_soif->sf_sosend)
262 theirDesc->nf_soif->sf_sosend = sym_fix_sosend;
263 if (theirDesc->nf_soif->sf_socantrcvmore)
264 theirDesc->nf_soif->sf_socantrcvmore = sym_fix_socantrcvmore;
265 if (theirDesc->nf_soif->sf_socontrol)
266 theirDesc->nf_soif->sf_socontrol = sym_fix_socontrol;
267
268 return 0;
269 }
270
271 static int sym_fix_sbflush(struct sockbuf *p1, struct kextcb *p2)
272 {
273 if (p2->e_fcb != NULL && g_symantec_util_funcs)
274 return g_symantec_util_funcs->su_sbflush(p1, p2);
275 else
276 return 0;
277 }
278
279 static int sym_fix_sbappend(struct sockbuf *p1, struct mbuf *p2, struct kextcb *p3)
280 {
281 if (p3->e_fcb != NULL && g_symantec_util_funcs)
282 return g_symantec_util_funcs->su_sbappend(p1, p2, p3);
283 else
284 return 0;
285 }
286
287 static int sym_fix_soclose(struct socket *p1, struct kextcb *p2)
288 {
289 if (p2->e_fcb != NULL && g_symantec_if_funcs)
290 return g_symantec_if_funcs->sf_soclose(p1, p2);
291 else
292 return 0;
293 }
294
295 static int sym_fix_sofree(struct socket *p1, struct kextcb *p2)
296 {
297 if (p2->e_fcb != NULL && g_symantec_if_funcs)
298 return g_symantec_if_funcs->sf_sofree(p1, p2);
299 else
300 return 0;
301 }
302
303 static int sym_fix_soconnect(struct socket *p1, struct sockaddr *p2, struct kextcb *p3)
304 {
305 if (p3->e_fcb != NULL && g_symantec_if_funcs)
306 return g_symantec_if_funcs->sf_soconnect(p1, p2, p3);
307 else
308 return 0;
309 }
310
311 static int sym_fix_soisconnected(struct socket *p1, struct kextcb *p2)
312 {
313 if (p2->e_fcb != NULL && g_symantec_if_funcs)
314 return g_symantec_if_funcs->sf_soisconnected(p1, p2);
315 else
316 return 0;
317 }
318
319 static int sym_fix_sosend(struct socket *p1, struct sockaddr **p2, struct uio **p3, struct mbuf **p4,
320 struct mbuf **p5, int *p6, struct kextcb *p7)
321 {
322 if (p7->e_fcb != NULL && g_symantec_if_funcs)
323 return g_symantec_if_funcs->sf_sosend(p1, p2, p3, p4, p5, p6, p7);
324 else
325 return 0;
326 }
327
328 static int sym_fix_socantrcvmore(struct socket *p1, struct kextcb *p2)
329 {
330 if (p2->e_fcb != NULL && g_symantec_if_funcs)
331 return g_symantec_if_funcs->sf_socantrcvmore(p1, p2);
332 else
333 return 0;
334 }
335
336 static int sym_fix_socontrol(struct socket *p1, struct sockopt *p2, struct kextcb *p3)
337 {
338 if (p3->e_fcb != NULL && g_symantec_if_funcs)
339 return g_symantec_if_funcs->sf_socontrol(p1, p2, p3);
340 else
341 return 0;
342 }