Print this page
OS-5549 move bpf filter functions into ip module
Reviewed by: Jerry Jelinek <jerry.jelinek@joyent.com>
Reviewed by: Robert Mustacchi <rm@joyent.com>
Approved by: Jerry Jelinek <jerry.jelinek@joyent.com>
*** 19,29 ****
* CDDL HEADER END
*/
/*
* Copyright (c) 2009, 2010, Oracle and/or its affiliates. All rights reserved.
! * Copyright 2015 Joyent, Inc. All rights reserved.
*/
#include <sys/types.h>
#include <sys/param.h>
#include <sys/systm.h>
--- 19,29 ----
* CDDL HEADER END
*/
/*
* Copyright (c) 2009, 2010, Oracle and/or its affiliates. All rights reserved.
! * Copyright 2016 Joyent, Inc.
*/
#include <sys/types.h>
#include <sys/param.h>
#include <sys/systm.h>
*** 49,58 ****
--- 49,59 ----
#include <sys/dls.h>
#include <sys/mac.h>
#include <sys/mac_client.h>
#include <sys/mac_provider.h>
#include <sys/mac_client_priv.h>
+ #include <inet/bpf.h>
#include <netpacket/packet.h>
static void pfp_close(mac_handle_t, mac_client_handle_t);
static int pfp_dl_to_arphrd(int);
*** 446,456 ****
} else {
buflen = 0;
buffer = (uchar_t *)mp;
}
rw_enter(&ps->ps_bpflock, RW_READER);
! if (bpf_filter(ps->ps_bpf.bf_insns, buffer,
hdr.mhi_pktsize, buflen) == 0) {
rw_exit(&ps->ps_bpflock);
ps->ps_stats.tp_drops++;
ks_stats.kp_recv_filtered.value.ui64++;
freemsg(mp);
--- 447,457 ----
} else {
buflen = 0;
buffer = (uchar_t *)mp;
}
rw_enter(&ps->ps_bpflock, RW_READER);
! if (ip_bpf_filter((ip_bpf_insn_t *)ps->ps_bpf.bf_insns, buffer,
hdr.mhi_pktsize, buflen) == 0) {
rw_exit(&ps->ps_bpflock);
ps->ps_stats.tp_drops++;
ks_stats.kp_recv_filtered.value.ui64++;
freemsg(mp);
*** 1334,1344 ****
static int
pfp_setsocket_sockopt(sock_lower_handle_t handle, int option_name,
const void *optval, socklen_t optlen)
{
struct bpf_program prog;
! struct bpf_insn *fcode;
struct pfpsock *ps;
struct sock_proto_props sopp;
int error = 0;
int size;
--- 1335,1345 ----
static int
pfp_setsocket_sockopt(sock_lower_handle_t handle, int option_name,
const void *optval, socklen_t optlen)
{
struct bpf_program prog;
! ip_bpf_insn_t *fcode;
struct pfpsock *ps;
struct sock_proto_props sopp;
int error = 0;
int size;
*** 1368,1381 ****
if (ddi_copyin(prog.bf_insns, fcode, size, 0) != 0) {
kmem_free(fcode, size);
return (EFAULT);
}
! if (bpf_validate(fcode, (int)prog.bf_len)) {
rw_enter(&ps->ps_bpflock, RW_WRITER);
pfp_release_bpf(ps);
! ps->ps_bpf.bf_insns = fcode;
ps->ps_bpf.bf_len = size;
rw_exit(&ps->ps_bpflock);
return (0);
}
--- 1369,1382 ----
if (ddi_copyin(prog.bf_insns, fcode, size, 0) != 0) {
kmem_free(fcode, size);
return (EFAULT);
}
! if (ip_bpf_validate(fcode, prog.bf_len)) {
rw_enter(&ps->ps_bpflock, RW_WRITER);
pfp_release_bpf(ps);
! ps->ps_bpf.bf_insns = (struct bpf_insn *)fcode;
ps->ps_bpf.bf_len = size;
rw_exit(&ps->ps_bpflock);
return (0);
}