Commit | Line | Data |
---|---|---|
b688fc87 WJ |
1 | /*- |
2 | * Copyright (c) 1991 The Regents of the University of California. | |
3 | * All rights reserved. | |
4 | * | |
5 | * This code is derived from the Stanford/CMU enet packet filter, | |
6 | * (net/enet.c) distributed as part of 4.3BSD, and code contributed | |
7 | * to Berkeley by Steven McCanne of Lawrence Berkeley Laboratory. | |
8 | * | |
9 | * Redistribution and use in source and binary forms, with or without | |
10 | * modification, are permitted provided that the following conditions | |
11 | * are met: | |
12 | * 1. Redistributions of source code must retain the above copyright | |
13 | * notice, this list of conditions and the following disclaimer. | |
14 | * 2. Redistributions in binary form must reproduce the above copyright | |
15 | * notice, this list of conditions and the following disclaimer in the | |
16 | * documentation and/or other materials provided with the distribution. | |
17 | * 3. All advertising materials mentioning features or use of this software | |
18 | * must display the following acknowledgement: | |
19 | * This product includes software developed by the University of | |
20 | * California, Berkeley and its contributors. | |
21 | * 4. Neither the name of the University nor the names of its contributors | |
22 | * may be used to endorse or promote products derived from this software | |
23 | * without specific prior written permission. | |
24 | * | |
25 | * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND | |
26 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | |
27 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | |
28 | * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE | |
29 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | |
30 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | |
31 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |
32 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | |
33 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | |
34 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | |
35 | * SUCH DAMAGE. | |
36 | * | |
37 | * @(#)bpf_filter.c 7.2 (Berkeley) 5/14/91 | |
38 | * | |
39 | * static char rcsid[] = | |
40 | * "@(#) $Header: bpf_filter.c,v 1.10 91/04/24 22:07:07 mccanne Locked $ (LBL)"; | |
41 | */ | |
42 | ||
43 | #include <sys/param.h> | |
44 | #include <sys/types.h> | |
45 | #include <sys/time.h> | |
46 | #include <net/bpf.h> | |
47 | ||
48 | #ifdef sun | |
49 | #include <netinet/in.h> | |
50 | #endif | |
51 | ||
52 | #if defined(sparc) || defined(mips) | |
53 | #define ALIGN | |
54 | #endif | |
55 | ||
56 | #ifndef ALIGN | |
57 | #define EXTRACT_SHORT(p) (ntohs(*(u_short *)p)) | |
58 | #define EXTRACT_LONG(p) (ntohl(*(u_long *)p)) | |
59 | #else | |
60 | #define EXTRACT_SHORT(p)\ | |
61 | ((u_short)\ | |
62 | (*((u_char *)(p)+0)<<8|\ | |
63 | *((u_char *)(p)+1)<<0)) | |
64 | #define EXTRACT_LONG(p)\ | |
65 | (*((u_char *)(p)+0)<<24|\ | |
66 | *((u_char *)(p)+1)<<16|\ | |
67 | *((u_char *)(p)+2)<<8|\ | |
68 | *((u_char *)(p)+3)<<0) | |
69 | #endif | |
70 | ||
71 | #ifdef KERNEL | |
72 | #include <sys/mbuf.h> | |
73 | #define MINDEX(m, k) \ | |
74 | { \ | |
75 | register int len = m->m_len; \ | |
76 | \ | |
77 | while (k >= len) { \ | |
78 | k -= len; \ | |
79 | m = m->m_next; \ | |
80 | if (m == 0) \ | |
81 | return 0; \ | |
82 | len = m->m_len; \ | |
83 | } \ | |
84 | } | |
85 | ||
86 | static int | |
87 | m_xword(m, k, err) | |
88 | register struct mbuf *m; | |
89 | register int k, *err; | |
90 | { | |
91 | register int len; | |
92 | register u_char *cp, *np; | |
93 | register struct mbuf *m0; | |
94 | ||
95 | len = m->m_len; | |
96 | while (k >= len) { | |
97 | k -= len; | |
98 | m = m->m_next; | |
99 | if (m == 0) | |
100 | goto bad; | |
101 | len = m->m_len; | |
102 | } | |
103 | cp = mtod(m, u_char *) + k; | |
104 | if (len - k >= 4) { | |
105 | *err = 0; | |
106 | return EXTRACT_LONG(cp); | |
107 | } | |
108 | m0 = m->m_next; | |
109 | if (m0 == 0 || m0->m_len + len - k < 4) | |
110 | goto bad; | |
111 | *err = 0; | |
112 | np = mtod(m0, u_char *); | |
113 | switch (len - k) { | |
114 | ||
115 | case 1: | |
116 | return (cp[k] << 24) | (np[0] << 16) | (np[1] << 8) | np[2]; | |
117 | ||
118 | case 2: | |
119 | return (cp[k] << 24) | (cp[k + 1] << 16) | (np[0] << 8) | | |
120 | np[1]; | |
121 | ||
122 | default: | |
123 | return (cp[k] << 24) | (cp[k + 1] << 16) | (cp[k + 2] << 8) | | |
124 | np[0]; | |
125 | } | |
126 | bad: | |
127 | *err = 1; | |
128 | return 0; | |
129 | } | |
130 | ||
131 | static int | |
132 | m_xhalf(m, k, err) | |
133 | register struct mbuf *m; | |
134 | register int k, *err; | |
135 | { | |
136 | register int len; | |
137 | register u_char *cp, *np; | |
138 | register struct mbuf *m0; | |
139 | ||
140 | len = m->m_len; | |
141 | while (k >= len) { | |
142 | k -= len; | |
143 | m = m->m_next; | |
144 | if (m == 0) | |
145 | goto bad; | |
146 | len = m->m_len; | |
147 | } | |
148 | cp = mtod(m, u_char *) + k; | |
149 | if (len - k >= 2) { | |
150 | *err = 0; | |
151 | return EXTRACT_SHORT(cp); | |
152 | } | |
153 | m0 = m->m_next; | |
154 | if (m0 == 0) | |
155 | goto bad; | |
156 | *err = 0; | |
157 | return (cp[k] << 8) | mtod(m0, u_char *)[0]; | |
158 | bad: | |
159 | *err = 1; | |
160 | return 0; | |
161 | } | |
162 | ||
163 | ||
164 | #endif | |
165 | ||
166 | /* | |
167 | * Execute the filter program starting at pc on the packet p | |
168 | * wirelen is the length of the original packet | |
169 | * buflen is the amount of data present | |
170 | */ | |
171 | u_int | |
172 | bpf_filter(pc, p, wirelen, buflen) | |
173 | register struct bpf_insn *pc; | |
174 | register u_char *p; | |
175 | u_int wirelen; | |
176 | register u_int buflen; | |
177 | { | |
178 | register long A, X; | |
179 | register int k; | |
180 | long mem[BPF_MEMWORDS]; | |
181 | ||
182 | if (pc == 0) | |
183 | /* | |
184 | * No filter means accept all. | |
185 | */ | |
186 | return (u_int)-1; | |
187 | #ifdef lint | |
188 | A = 0; | |
189 | X = 0; | |
190 | #endif | |
191 | --pc; | |
192 | while (1) { | |
193 | ++pc; | |
194 | switch (pc->code) { | |
195 | ||
196 | default: | |
197 | #ifdef KERNEL | |
198 | return 0; | |
199 | #else | |
200 | abort(); | |
201 | #endif | |
202 | case BPF_RET|BPF_K: | |
203 | return (u_int)pc->k; | |
204 | ||
205 | case BPF_RET|BPF_A: | |
206 | return (u_int)A; | |
207 | ||
208 | case BPF_LD|BPF_W|BPF_ABS: | |
209 | k = pc->k; | |
210 | if (k + sizeof(long) > buflen) { | |
211 | #ifdef KERNEL | |
212 | int merr; | |
213 | ||
214 | if (buflen != 0) | |
215 | return 0; | |
216 | A = m_xword((struct mbuf *)p, k, &merr); | |
217 | if (merr != 0) | |
218 | return 0; | |
219 | continue; | |
220 | #else | |
221 | return 0; | |
222 | #endif | |
223 | } | |
224 | #ifdef ALIGN | |
225 | if (((int)(p + k) & 3) != 0) | |
226 | A = EXTRACT_LONG(&p[k]); | |
227 | else | |
228 | #endif | |
229 | A = *(long *)(p + k); | |
230 | continue; | |
231 | ||
232 | case BPF_LD|BPF_H|BPF_ABS: | |
233 | k = pc->k; | |
234 | if (k + sizeof(short) > buflen) { | |
235 | #ifdef KERNEL | |
236 | int merr; | |
237 | ||
238 | if (buflen != 0) | |
239 | return 0; | |
240 | A = m_xhalf((struct mbuf *)p, k, &merr); | |
241 | continue; | |
242 | #else | |
243 | return 0; | |
244 | #endif | |
245 | } | |
246 | A = EXTRACT_SHORT(&p[k]); | |
247 | continue; | |
248 | ||
249 | case BPF_LD|BPF_B|BPF_ABS: | |
250 | k = pc->k; | |
251 | if (k >= buflen) { | |
252 | #ifdef KERNEL | |
253 | register struct mbuf *m; | |
254 | ||
255 | if (buflen != 0) | |
256 | return 0; | |
257 | m = (struct mbuf *)p; | |
258 | MINDEX(m, k); | |
259 | A = mtod(m, u_char *)[k]; | |
260 | continue; | |
261 | #else | |
262 | return 0; | |
263 | #endif | |
264 | } | |
265 | A = p[k]; | |
266 | continue; | |
267 | ||
268 | case BPF_LD|BPF_W|BPF_LEN: | |
269 | A = wirelen; | |
270 | continue; | |
271 | ||
272 | case BPF_LDX|BPF_W|BPF_LEN: | |
273 | X = wirelen; | |
274 | continue; | |
275 | ||
276 | case BPF_LD|BPF_W|BPF_IND: | |
277 | k = X + pc->k; | |
278 | if (k + sizeof(long) > buflen) { | |
279 | #ifdef KERNEL | |
280 | int merr; | |
281 | ||
282 | if (buflen != 0) | |
283 | return 0; | |
284 | A = m_xword((struct mbuf *)p, k, &merr); | |
285 | if (merr != 0) | |
286 | return 0; | |
287 | continue; | |
288 | #else | |
289 | return 0; | |
290 | #endif | |
291 | } | |
292 | #ifdef ALIGN | |
293 | if (((int)(p + k) & 3) != 0) | |
294 | A = EXTRACT_LONG(&p[k]); | |
295 | else | |
296 | #endif | |
297 | A = *(long *)(p + k); | |
298 | continue; | |
299 | ||
300 | case BPF_LD|BPF_H|BPF_IND: | |
301 | k = X + pc->k; | |
302 | if (k + sizeof(short) > buflen) { | |
303 | #ifdef KERNEL | |
304 | int merr; | |
305 | ||
306 | if (buflen != 0) | |
307 | return 0; | |
308 | A = m_xhalf((struct mbuf *)p, k, &merr); | |
309 | if (merr != 0) | |
310 | return 0; | |
311 | continue; | |
312 | #else | |
313 | return 0; | |
314 | #endif | |
315 | } | |
316 | A = EXTRACT_SHORT(&p[k]); | |
317 | continue; | |
318 | ||
319 | case BPF_LD|BPF_B|BPF_IND: | |
320 | k = X + pc->k; | |
321 | if (k >= buflen) { | |
322 | #ifdef KERNEL | |
323 | register struct mbuf *m; | |
324 | ||
325 | if (buflen != 0) | |
326 | return 0; | |
327 | m = (struct mbuf *)p; | |
328 | MINDEX(m, k); | |
329 | A = mtod(m, char *)[k]; | |
330 | continue; | |
331 | #else | |
332 | return 0; | |
333 | #endif | |
334 | } | |
335 | A = p[k]; | |
336 | continue; | |
337 | ||
338 | case BPF_LDX|BPF_MSH|BPF_B: | |
339 | k = pc->k; | |
340 | if (k >= buflen) { | |
341 | #ifdef KERNEL | |
342 | register struct mbuf *m; | |
343 | ||
344 | if (buflen != 0) | |
345 | return 0; | |
346 | m = (struct mbuf *)p; | |
347 | MINDEX(m, k); | |
348 | X = (mtod(m, char *)[k] & 0xf) << 2; | |
349 | continue; | |
350 | #else | |
351 | return 0; | |
352 | #endif | |
353 | } | |
354 | X = (p[pc->k] & 0xf) << 2; | |
355 | continue; | |
356 | ||
357 | case BPF_LD|BPF_IMM: | |
358 | A = pc->k; | |
359 | continue; | |
360 | ||
361 | case BPF_LDX|BPF_IMM: | |
362 | X = pc->k; | |
363 | continue; | |
364 | ||
365 | case BPF_LD|BPF_MEM: | |
366 | A = mem[pc->k]; | |
367 | continue; | |
368 | ||
369 | case BPF_LDX|BPF_MEM: | |
370 | X = mem[pc->k]; | |
371 | continue; | |
372 | ||
373 | case BPF_ST: | |
374 | mem[pc->k] = A; | |
375 | continue; | |
376 | ||
377 | case BPF_STX: | |
378 | mem[pc->k] = X; | |
379 | continue; | |
380 | ||
381 | case BPF_JMP|BPF_JA: | |
382 | pc += pc->k; | |
383 | continue; | |
384 | ||
385 | case BPF_JMP|BPF_JGT|BPF_K: | |
386 | pc += (A > pc->k) ? pc->jt : pc->jf; | |
387 | continue; | |
388 | ||
389 | case BPF_JMP|BPF_JGE|BPF_K: | |
390 | pc += (A >= pc->k) ? pc->jt : pc->jf; | |
391 | continue; | |
392 | ||
393 | case BPF_JMP|BPF_JEQ|BPF_K: | |
394 | pc += (A == pc->k) ? pc->jt : pc->jf; | |
395 | continue; | |
396 | ||
397 | case BPF_JMP|BPF_JSET|BPF_K: | |
398 | pc += (A & pc->k) ? pc->jt : pc->jf; | |
399 | continue; | |
400 | ||
401 | case BPF_JMP|BPF_JGT|BPF_X: | |
402 | pc += (A > X) ? pc->jt : pc->jf; | |
403 | continue; | |
404 | ||
405 | case BPF_JMP|BPF_JGE|BPF_X: | |
406 | pc += (A >= X) ? pc->jt : pc->jf; | |
407 | continue; | |
408 | ||
409 | case BPF_JMP|BPF_JEQ|BPF_X: | |
410 | pc += (A == X) ? pc->jt : pc->jf; | |
411 | continue; | |
412 | ||
413 | case BPF_JMP|BPF_JSET|BPF_X: | |
414 | pc += (A & X) ? pc->jt : pc->jf; | |
415 | continue; | |
416 | ||
417 | case BPF_ALU|BPF_ADD|BPF_X: | |
418 | A += X; | |
419 | continue; | |
420 | ||
421 | case BPF_ALU|BPF_SUB|BPF_X: | |
422 | A -= X; | |
423 | continue; | |
424 | ||
425 | case BPF_ALU|BPF_MUL|BPF_X: | |
426 | A *= X; | |
427 | continue; | |
428 | ||
429 | case BPF_ALU|BPF_DIV|BPF_X: | |
430 | if (X == 0) | |
431 | return 0; | |
432 | A /= X; | |
433 | continue; | |
434 | ||
435 | case BPF_ALU|BPF_AND|BPF_X: | |
436 | A &= X; | |
437 | continue; | |
438 | ||
439 | case BPF_ALU|BPF_OR|BPF_X: | |
440 | A |= X; | |
441 | continue; | |
442 | ||
443 | case BPF_ALU|BPF_LSH|BPF_X: | |
444 | A <<= X; | |
445 | continue; | |
446 | ||
447 | case BPF_ALU|BPF_RSH|BPF_X: | |
448 | A >>= X; | |
449 | continue; | |
450 | ||
451 | case BPF_ALU|BPF_ADD|BPF_K: | |
452 | A += pc->k; | |
453 | continue; | |
454 | ||
455 | case BPF_ALU|BPF_SUB|BPF_K: | |
456 | A -= pc->k; | |
457 | continue; | |
458 | ||
459 | case BPF_ALU|BPF_MUL|BPF_K: | |
460 | A *= pc->k; | |
461 | continue; | |
462 | ||
463 | case BPF_ALU|BPF_DIV|BPF_K: | |
464 | A /= pc->k; | |
465 | continue; | |
466 | ||
467 | case BPF_ALU|BPF_AND|BPF_K: | |
468 | A &= pc->k; | |
469 | continue; | |
470 | ||
471 | case BPF_ALU|BPF_OR|BPF_K: | |
472 | A |= pc->k; | |
473 | continue; | |
474 | ||
475 | case BPF_ALU|BPF_LSH|BPF_K: | |
476 | A <<= pc->k; | |
477 | continue; | |
478 | ||
479 | case BPF_ALU|BPF_RSH|BPF_K: | |
480 | A >>= pc->k; | |
481 | continue; | |
482 | ||
483 | case BPF_ALU|BPF_NEG: | |
484 | A = -A; | |
485 | continue; | |
486 | ||
487 | case BPF_MISC|BPF_TAX: | |
488 | X = A; | |
489 | continue; | |
490 | ||
491 | case BPF_MISC|BPF_TXA: | |
492 | A = X; | |
493 | continue; | |
494 | } | |
495 | } | |
496 | } | |
497 | ||
498 | #ifdef KERNEL | |
499 | /* | |
500 | * Return true if the 'fcode' is a valid filter program. | |
501 | * The constraints are that each jump be forward and to a valid | |
502 | * code. The code must terminate with either an accept or reject. | |
503 | * 'valid' is an array for use by the routine (it must be at least | |
504 | * 'len' bytes long). | |
505 | * | |
506 | * The kernel needs to be able to verify an application's filter code. | |
507 | * Otherwise, a bogus program could easily crash the system. | |
508 | */ | |
509 | int | |
510 | bpf_validate(f, len) | |
511 | struct bpf_insn *f; | |
512 | int len; | |
513 | { | |
514 | register int i; | |
515 | register struct bpf_insn *p; | |
516 | ||
517 | for (i = 0; i < len; ++i) { | |
518 | /* | |
519 | * Check that that jumps are forward, and within | |
520 | * the code block. | |
521 | */ | |
522 | p = &f[i]; | |
523 | if (BPF_CLASS(p->code) == BPF_JMP) { | |
524 | register int from = i + 1; | |
525 | ||
526 | if (BPF_OP(p->code) == BPF_JA) { | |
527 | if (from + p->k >= len) | |
528 | return 0; | |
529 | } | |
530 | else if (from + p->jt >= len || from + p->jf >= len) | |
531 | return 0; | |
532 | } | |
533 | /* | |
534 | * Check that memory operations use valid addresses. | |
535 | */ | |
536 | if ((BPF_CLASS(p->code) == BPF_ST || | |
537 | (BPF_CLASS(p->code) == BPF_LD && | |
538 | (p->code & 0xe0) == BPF_MEM)) && | |
539 | (p->k >= BPF_MEMWORDS || p->k < 0)) | |
540 | return 0; | |
541 | /* | |
542 | * Check for constant division by 0. | |
543 | */ | |
544 | if (p->code == BPF_ALU|BPF_DIV|BPF_K && p->k == 0) | |
545 | return; | |
546 | } | |
547 | return BPF_CLASS(f[len - 1].code) == BPF_RET; | |
548 | } | |
549 | #endif |