]>
Commit | Line | Data |
---|---|---|
1 | /* | |
2 | * IS-IS Rout(e)ing protocol - isis_bpf.c | |
3 | * | |
4 | * Copyright (C) 2001,2002 Sampo Saaristo | |
5 | * Tampere University of Technology | |
6 | * Institute of Communications Engineering | |
7 | * | |
8 | * This program is free software; you can redistribute it and/or modify it | |
9 | * under the terms of the GNU General Public Licenseas published by the Free | |
10 | * Software Foundation; either version 2 of the License, or (at your option) | |
11 | * any later version. | |
12 | * | |
13 | * This program is distributed in the hope that it will be useful,but WITHOUT | |
14 | * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or | |
15 | * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for | |
16 | * more details. | |
17 | * | |
18 | * You should have received a copy of the GNU General Public License along | |
19 | * with this program; see the file COPYING; if not, write to the Free Software | |
20 | * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA | |
21 | */ | |
22 | ||
23 | #include <zebra.h> | |
24 | #if ISIS_METHOD == ISIS_METHOD_BPF | |
25 | #include <net/if.h> | |
26 | #include <netinet/if_ether.h> | |
27 | #include <sys/time.h> | |
28 | #include <sys/ioctl.h> | |
29 | #include <net/bpf.h> | |
30 | ||
31 | #include "log.h" | |
32 | #include "network.h" | |
33 | #include "stream.h" | |
34 | #include "if.h" | |
35 | #include "lib_errors.h" | |
36 | ||
37 | #include "isisd/dict.h" | |
38 | #include "isisd/isis_constants.h" | |
39 | #include "isisd/isis_common.h" | |
40 | #include "isisd/isis_circuit.h" | |
41 | #include "isisd/isis_flags.h" | |
42 | #include "isisd/isisd.h" | |
43 | #include "isisd/isis_constants.h" | |
44 | #include "isisd/isis_circuit.h" | |
45 | #include "isisd/isis_network.h" | |
46 | #include "isisd/isis_pdu.h" | |
47 | ||
48 | #include "privs.h" | |
49 | ||
50 | struct bpf_insn llcfilter[] = { | |
51 | BPF_STMT(BPF_LD + BPF_B + BPF_ABS, | |
52 | ETHER_HDR_LEN), /* check first byte */ | |
53 | BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, ISO_SAP, 0, 5), | |
54 | BPF_STMT(BPF_LD + BPF_B + BPF_ABS, ETHER_HDR_LEN + 1), | |
55 | BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, ISO_SAP, 0, | |
56 | 3), /* check second byte */ | |
57 | BPF_STMT(BPF_LD + BPF_B + BPF_ABS, ETHER_HDR_LEN + 2), | |
58 | BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, 0x03, 0, 1), /* check third byte */ | |
59 | BPF_STMT(BPF_RET + BPF_K, (unsigned int)-1), | |
60 | BPF_STMT(BPF_RET + BPF_K, 0)}; | |
61 | unsigned int readblen = 0; | |
62 | uint8_t *readbuff = NULL; | |
63 | ||
64 | /* | |
65 | * Table 9 - Architectural constants for use with ISO 8802 subnetworks | |
66 | * ISO 10589 - 8.4.8 | |
67 | */ | |
68 | ||
69 | uint8_t ALL_L1_ISS[6] = {0x01, 0x80, 0xC2, 0x00, 0x00, 0x14}; | |
70 | uint8_t ALL_L2_ISS[6] = {0x01, 0x80, 0xC2, 0x00, 0x00, 0x15}; | |
71 | uint8_t ALL_ISS[6] = {0x09, 0x00, 0x2B, 0x00, 0x00, 0x05}; | |
72 | uint8_t ALL_ESS[6] = {0x09, 0x00, 0x2B, 0x00, 0x00, 0x04}; | |
73 | ||
74 | static char sock_buff[8192]; | |
75 | ||
76 | static int open_bpf_dev(struct isis_circuit *circuit) | |
77 | { | |
78 | int i = 0, fd; | |
79 | char bpfdev[128]; | |
80 | struct ifreq ifr; | |
81 | unsigned int blen, immediate; | |
82 | #ifdef BIOCSSEESENT | |
83 | unsigned int seesent; | |
84 | #endif | |
85 | struct timeval timeout; | |
86 | struct bpf_program bpf_prog; | |
87 | ||
88 | do { | |
89 | (void)snprintf(bpfdev, sizeof(bpfdev), "/dev/bpf%d", i++); | |
90 | fd = open(bpfdev, O_RDWR); | |
91 | } while (fd < 0 && errno == EBUSY); | |
92 | ||
93 | if (fd < 0) { | |
94 | zlog_warn("open_bpf_dev(): failed to create bpf socket: %s", | |
95 | safe_strerror(errno)); | |
96 | return ISIS_WARNING; | |
97 | } | |
98 | ||
99 | zlog_debug("Opened BPF device %s", bpfdev); | |
100 | ||
101 | memcpy(ifr.ifr_name, circuit->interface->name, sizeof(ifr.ifr_name)); | |
102 | if (ioctl(fd, BIOCSETIF, (caddr_t)&ifr) < 0) { | |
103 | zlog_warn("open_bpf_dev(): failed to bind to interface: %s", | |
104 | safe_strerror(errno)); | |
105 | return ISIS_WARNING; | |
106 | } | |
107 | ||
108 | if (ioctl(fd, BIOCGBLEN, (caddr_t)&blen) < 0) { | |
109 | zlog_warn("failed to get BPF buffer len"); | |
110 | blen = circuit->interface->mtu; | |
111 | } | |
112 | ||
113 | readblen = blen; | |
114 | ||
115 | if (readbuff == NULL) | |
116 | readbuff = malloc(blen); | |
117 | ||
118 | zlog_debug("BPF buffer len = %u", blen); | |
119 | ||
120 | /* BPF(4): reads return immediately upon packet reception. | |
121 | * Otherwise, a read will block until either the kernel | |
122 | * buffer becomes full or a timeout occurs. | |
123 | */ | |
124 | immediate = 1; | |
125 | if (ioctl(fd, BIOCIMMEDIATE, (caddr_t)&immediate) < 0) { | |
126 | zlog_warn("failed to set BPF dev to immediate mode"); | |
127 | } | |
128 | ||
129 | #ifdef BIOCSSEESENT | |
130 | /* | |
131 | * We want to see only incoming packets | |
132 | */ | |
133 | seesent = 0; | |
134 | if (ioctl(fd, BIOCSSEESENT, (caddr_t)&seesent) < 0) { | |
135 | zlog_warn("failed to set BPF dev to incoming only mode"); | |
136 | } | |
137 | #endif | |
138 | ||
139 | /* | |
140 | * ...but all of them | |
141 | */ | |
142 | if (ioctl(fd, BIOCPROMISC) < 0) { | |
143 | zlog_warn("failed to set BPF dev to promiscuous mode"); | |
144 | } | |
145 | ||
146 | /* | |
147 | * If the buffer length is smaller than our mtu, lets try to increase it | |
148 | */ | |
149 | if (blen < circuit->interface->mtu) { | |
150 | if (ioctl(fd, BIOCSBLEN, &circuit->interface->mtu) < 0) { | |
151 | zlog_warn("failed to set BPF buffer len (%u to %u)", | |
152 | blen, circuit->interface->mtu); | |
153 | } | |
154 | } | |
155 | ||
156 | /* | |
157 | * Set a timeout parameter - hope this helps select() | |
158 | */ | |
159 | timeout.tv_sec = 600; | |
160 | timeout.tv_usec = 0; | |
161 | if (ioctl(fd, BIOCSRTIMEOUT, (caddr_t)&timeout) < 0) { | |
162 | zlog_warn("failed to set BPF device timeout"); | |
163 | } | |
164 | ||
165 | /* | |
166 | * And set the filter | |
167 | */ | |
168 | memset(&bpf_prog, 0, sizeof(struct bpf_program)); | |
169 | bpf_prog.bf_len = 8; | |
170 | bpf_prog.bf_insns = &(llcfilter[0]); | |
171 | if (ioctl(fd, BIOCSETF, (caddr_t)&bpf_prog) < 0) { | |
172 | zlog_warn("open_bpf_dev(): failed to install filter: %s", | |
173 | safe_strerror(errno)); | |
174 | return ISIS_WARNING; | |
175 | } | |
176 | ||
177 | assert(fd > 0); | |
178 | ||
179 | circuit->fd = fd; | |
180 | ||
181 | return ISIS_OK; | |
182 | } | |
183 | ||
184 | /* | |
185 | * Create the socket and set the tx/rx funcs | |
186 | */ | |
187 | int isis_sock_init(struct isis_circuit *circuit) | |
188 | { | |
189 | int retval = ISIS_OK; | |
190 | ||
191 | frr_elevate_privs(&isisd_privs) { | |
192 | ||
193 | retval = open_bpf_dev(circuit); | |
194 | ||
195 | if (retval != ISIS_OK) { | |
196 | zlog_warn("%s: could not initialize the socket", | |
197 | __func__); | |
198 | break; | |
199 | } | |
200 | ||
201 | if (if_is_broadcast(circuit->interface)) { | |
202 | circuit->tx = isis_send_pdu_bcast; | |
203 | circuit->rx = isis_recv_pdu_bcast; | |
204 | } else { | |
205 | zlog_warn("isis_sock_init(): unknown circuit type"); | |
206 | retval = ISIS_WARNING; | |
207 | break; | |
208 | } | |
209 | } | |
210 | ||
211 | return retval; | |
212 | } | |
213 | ||
214 | int isis_recv_pdu_bcast(struct isis_circuit *circuit, uint8_t *ssnpa) | |
215 | { | |
216 | int bytesread = 0, bytestoread, offset, one = 1; | |
217 | uint8_t *buff_ptr; | |
218 | struct bpf_hdr *bpf_hdr; | |
219 | ||
220 | assert(circuit->fd > 0); | |
221 | ||
222 | if (ioctl(circuit->fd, FIONREAD, (caddr_t)&bytestoread) < 0) { | |
223 | zlog_warn("ioctl() FIONREAD failed: %s", safe_strerror(errno)); | |
224 | } | |
225 | ||
226 | if (bytestoread) { | |
227 | bytesread = read(circuit->fd, readbuff, readblen); | |
228 | } | |
229 | if (bytesread < 0) { | |
230 | zlog_warn("isis_recv_pdu_bcast(): read() failed: %s", | |
231 | safe_strerror(errno)); | |
232 | return ISIS_WARNING; | |
233 | } | |
234 | ||
235 | if (bytesread == 0) | |
236 | return ISIS_WARNING; | |
237 | ||
238 | buff_ptr = readbuff; | |
239 | while (buff_ptr < readbuff + bytesread) { | |
240 | bpf_hdr = (struct bpf_hdr *) buff_ptr; | |
241 | assert(bpf_hdr->bh_caplen == bpf_hdr->bh_datalen); | |
242 | offset = bpf_hdr->bh_hdrlen + LLC_LEN + ETHER_HDR_LEN; | |
243 | ||
244 | /* then we lose the BPF, LLC and ethernet headers */ | |
245 | stream_write(circuit->rcv_stream, buff_ptr + offset, | |
246 | bpf_hdr->bh_caplen - LLC_LEN - ETHER_HDR_LEN); | |
247 | stream_set_getp(circuit->rcv_stream, 0); | |
248 | ||
249 | memcpy(ssnpa, buff_ptr + bpf_hdr->bh_hdrlen + ETHER_ADDR_LEN, | |
250 | ETHER_ADDR_LEN); | |
251 | ||
252 | isis_handle_pdu(circuit, ssnpa); | |
253 | stream_reset(circuit->rcv_stream); | |
254 | buff_ptr += BPF_WORDALIGN(bpf_hdr->bh_hdrlen + | |
255 | bpf_hdr->bh_datalen); | |
256 | } | |
257 | ||
258 | ||
259 | if (ioctl(circuit->fd, BIOCFLUSH, &one) < 0) | |
260 | zlog_warn("Flushing failed: %s", safe_strerror(errno)); | |
261 | ||
262 | return ISIS_OK; | |
263 | } | |
264 | ||
265 | int isis_send_pdu_bcast(struct isis_circuit *circuit, int level) | |
266 | { | |
267 | struct ether_header *eth; | |
268 | ssize_t written; | |
269 | size_t buflen; | |
270 | ||
271 | buflen = stream_get_endp(circuit->snd_stream) + LLC_LEN + ETHER_HDR_LEN; | |
272 | if (buflen > sizeof(sock_buff)) { | |
273 | zlog_warn( | |
274 | "isis_send_pdu_bcast: sock_buff size %zu is less than " | |
275 | "output pdu size %zu on circuit %s", | |
276 | sizeof(sock_buff), buflen, circuit->interface->name); | |
277 | return ISIS_WARNING; | |
278 | } | |
279 | ||
280 | stream_set_getp(circuit->snd_stream, 0); | |
281 | ||
282 | /* | |
283 | * First the eth header | |
284 | */ | |
285 | eth = (struct ether_header *)sock_buff; | |
286 | if (level == 1) | |
287 | memcpy(eth->ether_dhost, ALL_L1_ISS, ETH_ALEN); | |
288 | else | |
289 | memcpy(eth->ether_dhost, ALL_L2_ISS, ETH_ALEN); | |
290 | memcpy(eth->ether_shost, circuit->u.bc.snpa, ETH_ALEN); | |
291 | size_t frame_size = stream_get_endp(circuit->snd_stream) + LLC_LEN; | |
292 | eth->ether_type = htons(isis_ethertype(frame_size)); | |
293 | ||
294 | /* | |
295 | * Then the LLC | |
296 | */ | |
297 | sock_buff[ETHER_HDR_LEN] = ISO_SAP; | |
298 | sock_buff[ETHER_HDR_LEN + 1] = ISO_SAP; | |
299 | sock_buff[ETHER_HDR_LEN + 2] = 0x03; | |
300 | ||
301 | /* then we copy the data */ | |
302 | memcpy(sock_buff + (LLC_LEN + ETHER_HDR_LEN), circuit->snd_stream->data, | |
303 | stream_get_endp(circuit->snd_stream)); | |
304 | ||
305 | /* now we can send this */ | |
306 | written = write(circuit->fd, sock_buff, buflen); | |
307 | if (written < 0) { | |
308 | zlog_warn("IS-IS bpf: could not transmit packet on %s: %s", | |
309 | circuit->interface->name, safe_strerror(errno)); | |
310 | if (ERRNO_IO_RETRY(errno)) | |
311 | return ISIS_WARNING; | |
312 | return ISIS_ERROR; | |
313 | } | |
314 | ||
315 | return ISIS_OK; | |
316 | } | |
317 | ||
318 | #endif /* ISIS_METHOD == ISIS_METHOD_BPF */ |