FreeBSD Bugzilla – Attachment 167947 Details for
Bug 207866
BPF(4) is out-of-date
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch to fix these issues
patch.diff (text/plain), 10.37 KB, created by
guy
on 2016-03-10 03:47:14 UTC
(
hide
)
Description:
Patch to fix these issues
Filename:
MIME Type:
Creator:
guy
Created:
2016-03-10 03:47:14 UTC
Size:
10.37 KB
patch
obsolete
>Index: bpf.4 >=================================================================== >--- bpf.4 (revision 296596) >+++ bpf.4 (working copy) >@@ -73,12 +73,6 @@ > A given interface can be shared by multiple listeners, and the filter > underlying each descriptor will see an identical packet stream. > .Pp >-A separate device file is required for each minor device. >-If a file is in use, the open will fail and >-.Va errno >-will be set to >-.Er EBUSY . >-.Pp > Associated with each open instance of a > .Nm > file is a user-settable packet filter. >@@ -86,26 +80,15 @@ > all file descriptors listening on that interface apply their filter. > Each descriptor that accepts the packet receives its own copy. > .Pp >-The packet filter will support any link level protocol that has fixed length >-headers. >-Currently, only Ethernet, >-.Tn SLIP , >-and >-.Tn PPP >-drivers have been modified to interact with >-.Nm . >-.Pp >-Since packet data is in network byte order, applications should use the >-.Xr byteorder 3 >-macros to extract multi-byte values. >-.Pp > A packet can be sent out on the network by writing to a > .Nm > file descriptor. > The writes are unbuffered, meaning only one packet can be processed per write. >-Currently, only writes to Ethernets and >-.Tn SLIP >-links are supported. >+.Pp >+Once a descriptor is configured, further changes to the configuration >+can be prevented using the >+.Dv BIOCLOCK >+.Xr ioctl 2 . > .Sh BUFFER MODES > .Nm > devices deliver packet data to the application via memory buffers provided by >@@ -288,11 +271,6 @@ > and > .In net/if.h . > .Pp >-In addition to >-.Dv FIONREAD >-the following commands may be applied to any open >-.Nm >-file. > The (third) argument to > .Xr ioctl 2 > should be a pointer to the type indicated. >@@ -313,7 +291,7 @@ > If the requested buffer size cannot be accommodated, the closest > allowable size will be set and returned in the argument. > A read call will result in >-.Er EIO >+.Er EINVAL > if it is passed a buffer that is not this size. > .It Dv BIOCGDLT > .Pq Li u_int >@@ -324,6 +302,43 @@ > .Dq Li DLT_ , > are defined in > .In net/bpf.h . >+.It Dv BIOCGDLTLIST >+.Pq Li "struct bpf_dltlist" >+Returns an array of the available types of the data link layer >+underlying the attached interface: >+.Bd -literal -offset indent >+struct bpf_dltlist { >+ u_int bfl_len; >+ u_int *bfl_list; >+}; >+.Ed >+.Pp >+The available types are returned in the array pointed to by the >+.Va bfl_list >+field while their length in u_int is supplied to the >+.Va bfl_len >+field. >+.Er ENOMEM >+is returned if there is not enough buffer space and >+.Er EFAULT >+is returned if a bad address is encountered. >+The >+.Va bfl_len >+field is modified on return to indicate the actual length in u_int >+of the array returned. >+If >+.Va bfl_list >+is >+.Dv NULL , >+the >+.Va bfl_len >+field is set to indicate the required length of an array in u_int. >+.It Dv BIOCSDLT >+.Pq Li u_int >+Changes the type of the data link layer underlying the attached interface. >+.Er EINVAL >+is returned if no interface has been specified or the specified >+type is not available for the interface. > .It Dv BIOCPROMISC > Forces the interface into promiscuous mode. > All packets, not just those destined for the local host, are processed. >@@ -331,6 +346,9 @@ > a listener that opened its interface non-promiscuously may receive > packets promiscuously. > This problem can be remedied with an appropriate filter. >+.Pp >+The interface remains in promiscuous mode until all files listening >+promiscuously are closed. > .It Dv BIOCFLUSH > Flushes the buffer of incoming packets, > and resets the statistics that are returned by BIOCGSTATS. >@@ -344,7 +362,7 @@ > All other fields are undefined. > .It Dv BIOCSETIF > .Pq Li "struct ifreq" >-Sets the hardware interface associate with the file. >+Sets the hardware interface associated with the file. > This > command must be performed before any packets can be read. > The device is indicated by name using the >@@ -357,7 +375,7 @@ > .It Dv BIOCSRTIMEOUT > .It Dv BIOCGRTIMEOUT > .Pq Li "struct timeval" >-Set or get the read timeout parameter. >+Sets or gets the read timeout parameter. > The argument > specifies the length of time to wait before timing > out on a read request. >@@ -387,7 +405,7 @@ > .El > .It Dv BIOCIMMEDIATE > .Pq Li u_int >-Enable or disable >+Enables or disables > .Dq immediate mode , > based on the truth value of the argument. > When immediate mode is enabled, reads return immediately upon packet >@@ -407,7 +425,7 @@ > the following structure: > .Bd -literal > struct bpf_program { >- int bf_len; >+ u_int bf_len; > struct bpf_insn *bf_insns; > }; > .Ed >@@ -469,10 +487,18 @@ > may result in undefined behavior (most likely, an error returned by > .Fn ioctl > or haphazard packet matching). >+.It Dv BIOCGRSIG >+.It Dv BIOCSRSIG >+.Pq Li u_int >+Sets or gets the receive signal. >+This signal will be sent to the process or process group specified by >+.Dv FIOSETOWN . >+It defaults to >+.Dv SIGIO . > .It Dv BIOCSHDRCMPLT > .It Dv BIOCGHDRCMPLT > .Pq Li u_int >-Set or get the status of the >+Sets or gets the status of the > .Dq header complete > flag. > Set to zero if the link level source address should be filled in automatically >@@ -489,7 +515,7 @@ > and > .Dv BIOCGDIRECTION > instead. >-Set or get the flag determining whether locally generated packets on the >+Sets or gets the flag determining whether locally generated packets on the > interface should be returned by BPF. > Set to zero to see only incoming packets on the interface. > Set to one to see packets originating locally and remotely on the interface. >@@ -497,7 +523,7 @@ > .It Dv BIOCSDIRECTION > .It Dv BIOCGDIRECTION > .Pq Li u_int >-Set or get the setting determining whether incoming, outgoing, or all packets >+Sets or gets the setting determining whether incoming, outgoing, or all packets > on the interface should be returned by BPF. > Set to > .Dv BPF_D_IN >@@ -571,20 +597,68 @@ > by default. > .It Dv BIOCFEEDBACK > .Pq Li u_int >-Set packet feedback mode. >+Sets packet feedback mode. > This allows injected packets to be fed back as input to the interface when > output via the interface is successful. > When > .Dv BPF_D_INOUT >-direction is set, injected outgoing packet is not returned by BPF to avoid >+direction is set, injected outgoing packets are not returned by BPF to avoid > duplication. This flag is initialized to zero by default. > .It Dv BIOCLOCK >-Set the locked flag on the >+This ioctl is designed to prevent the security issues associated >+with an open > .Nm >-descriptor. >-This prevents the execution of >-ioctl commands which could change the underlying operating parameters of >-the device. >+descriptor in unprivileged programs. >+Even with dropped privileges, an open >+.Nm >+descriptor can be abused by a rogue program to listen on any interface >+on the system, send packets on these interfaces if the descriptor was >+opened read-write and send signals to arbitrary processes using the >+signaling mechanism of >+.Nm bpf . >+By allowing only >+.Dq known safe >+ioctls, the >+.Dv BIOCLOCK >+ioctl prevents this abuse. >+The allowable ioctls are >+.Dv BIOCFEEDBACK , >+.Dv BIOCFLUSH , >+.Dv BIOCGBLEN , >+.Dv BIOCGDLT , >+.Dv BIOCGDIRFILT , >+.Dv BIOCGDLTLIST , >+.Dv BIOCGETIF , >+.Dv BIOCGHDRCMPLT , >+.Dv BIOCGRSIG , >+.Dv BIOCGRTIMEOUT , >+.Dv BIOCGSTATS , >+.Dv BIOCIMMEDIATE , >+.Dv BIOCLOCK , >+.Dv BIOCROTZBUF , >+.Dv BIOCSRTIMEOUT , >+.Dv BIOCSTSTAMP , >+.Dv BIOCVERSION , >+.Dv TIOCGPGRP , >+and >+.Dv FIONREAD . >+Use of any other ioctl is denied with error >+.Er EPERM . >+Once a descriptor is locked, it is not possible to unlock it. >+A process with root privileges is not affected by the lock. >+.Pp >+A privileged program can open a >+.Nm >+device, drop privileges, set the interface, filters and modes on the >+descriptor, and lock it. >+Once the descriptor is locked, the system is safe >+from further abuse through the descriptor. >+Locking a descriptor does not prevent writes. >+If the application does not need to send packets through >+.Nm bpf , >+it can open the device read-only to prevent writing. >+If sending packets is necessary, a write-filter can be set before locking the >+descriptor to prevent arbitrary packets from being sent out. > .It Dv BIOCGETBUFMODE > .It Dv BIOCSETBUFMODE > .Pq Li u_int >@@ -619,6 +693,7 @@ > .Nm > descriptors in use on 32-bit systems. > .It Dv BIOCROTZBUF >+.Pq Li struct bpf_zbuf > Force ownership of the next buffer to be assigned to userspace, if any data > present in the buffer. > If no data is present, the buffer will remain owned by the kernel. >@@ -630,6 +705,55 @@ > against > .Vt bzh_user_gen . > .El >+.Sh STANDARD IOCTLS >+.Nm >+now supports several standard >+.Xr ioctl 2 Ns 's >+which allow the user to do async and/or non-blocking I/O to an open >+.I bpf >+file descriptor. >+.Bl -tag -width FIONREAD >+.It Dv FIONREAD >+.Pq Li int >+Returns the number of bytes that are immediately available for reading. >+.It Dv FIONBIO >+.Pq Li int >+Sets or clears non-blocking I/O. >+If arg is non-zero, then doing a >+.Xr read 2 >+when no data is available will return -1 and >+.Va errno >+will be set to >+.Er EAGAIN . >+If arg is zero, non-blocking I/O is disabled. >+Note: setting this >+overrides the timeout set by >+.Dv BIOCSRTIMEOUT . >+.It Dv FIOASYNC >+.Pq Li int >+Enables or disables async I/O. >+When enabled (arg is non-zero), the process or process group specified by >+.Dv FIOSETOWN >+will start receiving >+.Dv SIGIO 's >+when packets arrive. >+Note that you must do an >+.Dv FIOSETOWN >+in order for this to take affect, as >+the system will not default this for you. >+The signal may be changed via >+.Dv BIOCSRSIG . >+.It Dv FIOSETOWN >+.It Dv FIOGETOWN >+.Pq Li int >+Sets or gets the process or process group (if negative) that should >+receive >+.Dv SIGIO >+when packets are available. >+The signal may be changed using >+.Dv BIOCSRSIG >+(see above). >+.El > .Sh BPF HEADER > One of the following structures is prepended to each packet returned by > .Xr read 2 >@@ -652,7 +776,7 @@ > }; > .Ed > .Pp >-The fields, whose values are stored in host order, and are: >+The fields, whose values are stored in host order, are: > .Pp > .Bl -tag -compact -width bh_datalen > .It Li bh_tstamp >@@ -749,10 +873,10 @@ > The following structure defines the instruction format: > .Bd -literal > struct bpf_insn { >- u_short code; >- u_char jt; >- u_char jf; >- u_long k; >+ u_short code; >+ u_char jt; >+ u_char jf; >+ bpf_u_int32 k; > }; > .Ed > .Pp >@@ -1047,7 +1171,6 @@ > .Xr kqueue 2 , > .Xr poll 2 , > .Xr select 2 , >-.Xr byteorder 3 , > .Xr ng_bpf 4 , > .Xr bpf 9 > .Rs >@@ -1096,8 +1219,6 @@ > all files must assume that the interface is promiscuous, and if > so desired, must utilize a filter to reject foreign packets. > .Pp >-Data link protocols with variable length headers are not currently supported. >-.Pp > The > .Dv SEESENT , > .Dv DIRECTION ,
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=167947">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 207866
: 167947