1 /*
2 * Copyright (c) 1993, 1994, 1995, 1996, 1997
3 * The Regents of the University of California. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that: (1) source code distributions
7 * retain the above copyright notice and this paragraph in its entirety, (2)
8 * distributions including binary code include the above copyright notice and
9 * this paragraph in its entirety in the documentation or other materials
10 * provided with the distribution, and (3) all advertising materials mentioning
11 * features or use of this software display the following acknowledgement:
12 * ``This product includes software developed by the University of California,
13 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
14 * the University nor the names of its contributors may be used to endorse
15 * or promote products derived from this software without specific prior
16 * written permission.
17 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
18 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
19 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
20 *
21 * This code contributed by Sagun Shakya (sagun.shakya@sun.com)
22 */
23 /*
24 * Packet capture routines for DLPI using libdlpi under SunOS 5.11.
25 */
26
27 #include <config.h>
28
29 #include <sys/types.h>
30 #include <sys/time.h>
31 #include <sys/bufmod.h>
32 #include <sys/stream.h>
33 #include <libdlpi.h>
34 #include <errno.h>
35 #include <memory.h>
36 #include <stropts.h>
37 #include <stdio.h>
38 #include <stdlib.h>
39 #include <string.h>
40
41 #include "pcap-int.h"
42 #include "dlpisubs.h"
43
44 /* Forwards. */
45 static int dlpromiscon(pcap_t *, bpf_u_int32);
46 static int pcap_read_libdlpi(pcap_t *, int, pcap_handler, u_char *);
47 static int pcap_inject_libdlpi(pcap_t *, const void *, int);
48 static void pcap_libdlpi_err(const char *, const char *, int, char *);
49 static void pcap_cleanup_libdlpi(pcap_t *);
50
51 /*
52 * list_interfaces() will list all the network links that are
53 * available on a system.
54 */
55 static boolean_t list_interfaces(const char *, void *);
56
57 typedef struct linknamelist {
58 char linkname[DLPI_LINKNAME_MAX];
59 struct linknamelist *lnl_next;
60 } linknamelist_t;
61
62 typedef struct linkwalk {
63 linknamelist_t *lw_list;
64 int lw_err;
65 } linkwalk_t;
66
67 /*
68 * The caller of this function should free the memory allocated
69 * for each linknamelist_t "entry" allocated.
70 */
71 static boolean_t
list_interfaces(const char * linkname,void * arg)72 list_interfaces(const char *linkname, void *arg)
73 {
74 linkwalk_t *lwp = arg;
75 linknamelist_t *entry;
76
77 if ((entry = calloc(1, sizeof(linknamelist_t))) == NULL) {
78 lwp->lw_err = ENOMEM;
79 return (B_TRUE);
80 }
81 (void) pcapint_strlcpy(entry->linkname, linkname, DLPI_LINKNAME_MAX);
82
83 if (lwp->lw_list == NULL) {
84 lwp->lw_list = entry;
85 } else {
86 entry->lnl_next = lwp->lw_list;
87 lwp->lw_list = entry;
88 }
89
90 return (B_FALSE);
91 }
92
93 static int
pcap_activate_libdlpi(pcap_t * p)94 pcap_activate_libdlpi(pcap_t *p)
95 {
96 struct pcap_dlpi *pd = p->priv;
97 int status = 0;
98 int retv;
99 dlpi_handle_t dh;
100 dlpi_info_t dlinfo;
101
102 /*
103 * Enable Solaris raw and passive DLPI extensions;
104 * dlpi_open() will not fail if the underlying link does not support
105 * passive mode. See dlpi(7P) for details.
106 */
107 retv = dlpi_open(p->opt.device, &dh, DLPI_RAW|DLPI_PASSIVE);
108 if (retv != DLPI_SUCCESS) {
109 if (retv == DLPI_ELINKNAMEINVAL) {
110 /*
111 * The interface name is not syntactiacally
112 * valid, and thus doesn't correspond to
113 * an interface.
114 *
115 * There's nothing more to say, so clear the
116 * error message.
117 */
118 status = PCAP_ERROR_NO_SUCH_DEVICE;
119 p->errbuf[0] = '\0';
120 } else if (retv == DLPI_ENOLINK) {
121 /*
122 * The interface name is syntactically valid,
123 * but we don't have a DLPI device that
124 * would be used for that interface.
125 */
126 status = handle_nonexistent_dlpi_device(p->opt.device,
127 p->errbuf);
128 } else if (retv == DL_SYSERR &&
129 (errno == EPERM || errno == EACCES)) {
130 /*
131 * We got EPERM or EACCES trying to open the
132 * DLPI device, so we know it exists.
133 */
134 status = PCAP_ERROR_PERM_DENIED;
135 snprintf(p->errbuf, PCAP_ERRBUF_SIZE,
136 "Attempt to open DLPI device failed with %s - root privilege may be required",
137 (errno == EPERM) ? "EPERM" : "EACCES");
138 } else {
139 /*
140 * pcap_libdlpi_err() calls dlpi_strerror(),
141 * which handles DL_SYSERR.
142 *
143 * XXX - does DLPI_ERAWNOTSUP mean that the
144 * interface exists and supports DLPI but,
145 * as it doesn't support raw mode, it
146 * doesn't support packet capture?
147 *
148 * XXX - what does DLPI_EBADLINK mean?
149 */
150 status = PCAP_ERROR;
151 pcap_libdlpi_err(p->opt.device, "dlpi_open", retv,
152 p->errbuf);
153 }
154 return (status);
155 }
156 pd->dlpi_hd = dh;
157
158 if (p->opt.rfmon) {
159 /*
160 * This device exists, but we don't support monitor mode
161 * on any platforms that support DLPI.
162 */
163 status = PCAP_ERROR_RFMON_NOTSUP;
164 goto bad;
165 }
166
167 /* Bind with DLPI_ANY_SAP. */
168 if ((retv = dlpi_bind(pd->dlpi_hd, DLPI_ANY_SAP, 0)) != DLPI_SUCCESS) {
169 status = PCAP_ERROR;
170 pcap_libdlpi_err(p->opt.device, "dlpi_bind", retv, p->errbuf);
171 goto bad;
172 }
173
174 /*
175 * Turn a negative snapshot value (invalid), a snapshot value of
176 * 0 (unspecified), or a value bigger than the normal maximum
177 * value, into the maximum allowed value.
178 *
179 * If some application really *needs* a bigger snapshot
180 * length, we should just increase MAXIMUM_SNAPLEN.
181 */
182 if (p->snapshot <= 0 || p->snapshot > MAXIMUM_SNAPLEN)
183 p->snapshot = MAXIMUM_SNAPLEN;
184
185 /* Enable promiscuous mode. */
186 if (p->opt.promisc) {
187 retv = dlpromiscon(p, DL_PROMISC_PHYS);
188 if (retv < 0) {
189 /*
190 * "You don't have permission to capture on
191 * this device" and "you don't have permission
192 * to capture in promiscuous mode on this
193 * device" are different; let the user know,
194 * so if they can't get permission to
195 * capture in promiscuous mode, they can at
196 * least try to capture in non-promiscuous
197 * mode.
198 *
199 * XXX - you might have to capture in
200 * promiscuous mode to see outgoing packets.
201 */
202 if (retv == PCAP_ERROR_PERM_DENIED)
203 status = PCAP_ERROR_PROMISC_PERM_DENIED;
204 else
205 status = retv;
206 goto bad;
207 }
208 } else {
209 /* Try to enable multicast. */
210 retv = dlpromiscon(p, DL_PROMISC_MULTI);
211 if (retv < 0) {
212 status = retv;
213 goto bad;
214 }
215 }
216
217 /* Try to enable SAP promiscuity. */
218 retv = dlpromiscon(p, DL_PROMISC_SAP);
219 if (retv < 0) {
220 /*
221 * Not fatal, since the DL_PROMISC_PHYS mode worked.
222 * Report it as a warning, however.
223 */
224 if (p->opt.promisc)
225 status = PCAP_WARNING;
226 else {
227 status = retv;
228 goto bad;
229 }
230 }
231
232 /* Determine link type. */
233 if ((retv = dlpi_info(pd->dlpi_hd, &dlinfo, 0)) != DLPI_SUCCESS) {
234 status = PCAP_ERROR;
235 pcap_libdlpi_err(p->opt.device, "dlpi_info", retv, p->errbuf);
236 goto bad;
237 }
238
239 if (pcap_process_mactype(p, dlinfo.di_mactype) != 0) {
240 status = PCAP_ERROR;
241 goto bad;
242 }
243
244 p->fd = dlpi_fd(pd->dlpi_hd);
245
246 /* Push and configure bufmod. */
247 if (pcap_conf_bufmod(p, p->snapshot) != 0) {
248 status = PCAP_ERROR;
249 goto bad;
250 }
251
252 /*
253 * Flush the read side.
254 */
255 if (ioctl(p->fd, I_FLUSH, FLUSHR) != 0) {
256 status = PCAP_ERROR;
257 pcapint_fmt_errmsg_for_errno(p->errbuf, PCAP_ERRBUF_SIZE,
258 errno, "FLUSHR");
259 goto bad;
260 }
261
262 /* Allocate data buffer. */
263 if (pcap_alloc_databuf(p) != 0) {
264 status = PCAP_ERROR;
265 goto bad;
266 }
267
268 /*
269 * "p->fd" is a FD for a STREAMS device, so "select()" and
270 * "poll()" should work on it.
271 */
272 p->selectable_fd = p->fd;
273
274 p->read_op = pcap_read_libdlpi;
275 p->inject_op = pcap_inject_libdlpi;
276 p->setfilter_op = pcapint_install_bpf_program; /* No kernel filtering */
277 p->setdirection_op = NULL; /* Not implemented */
278 p->set_datalink_op = NULL; /* Can't change data link type */
279 p->getnonblock_op = pcapint_getnonblock_fd;
280 p->setnonblock_op = pcapint_setnonblock_fd;
281 p->stats_op = pcap_stats_dlpi;
282 p->cleanup_op = pcap_cleanup_libdlpi;
283
284 return (status);
285 bad:
286 pcap_cleanup_libdlpi(p);
287 return (status);
288 }
289
290 #define STRINGIFY(n) #n
291
292 static int
dlpromiscon(pcap_t * p,bpf_u_int32 level)293 dlpromiscon(pcap_t *p, bpf_u_int32 level)
294 {
295 struct pcap_dlpi *pd = p->priv;
296 int retv;
297 int err;
298
299 retv = dlpi_promiscon(pd->dlpi_hd, level);
300 if (retv != DLPI_SUCCESS) {
301 if (retv == DL_SYSERR &&
302 (errno == EPERM || errno == EACCES)) {
303 if (level == DL_PROMISC_PHYS) {
304 err = PCAP_ERROR_PROMISC_PERM_DENIED;
305 snprintf(p->errbuf, PCAP_ERRBUF_SIZE,
306 "Attempt to set promiscuous mode failed with %s - root privilege may be required",
307 (errno == EPERM) ? "EPERM" : "EACCES");
308 } else {
309 err = PCAP_ERROR_PERM_DENIED;
310 snprintf(p->errbuf, PCAP_ERRBUF_SIZE,
311 "Attempt to set %s mode failed with %s - root privilege may be required",
312 (level == DL_PROMISC_MULTI) ? "multicast" : "SAP promiscuous",
313 (errno == EPERM) ? "EPERM" : "EACCES");
314 }
315 } else {
316 err = PCAP_ERROR;
317 pcap_libdlpi_err(p->opt.device,
318 "dlpi_promiscon" STRINGIFY(level),
319 retv, p->errbuf);
320 }
321 return (err);
322 }
323 return (0);
324 }
325
326 /*
327 * Presumably everything returned by dlpi_walk() is a DLPI device,
328 * so there's no work to be done here to check whether name refers
329 * to a DLPI device.
330 */
331 static int
is_dlpi_interface(const char * name _U_)332 is_dlpi_interface(const char *name _U_)
333 {
334 return (1);
335 }
336
337 static int
get_if_flags(const char * name _U_,bpf_u_int32 * flags _U_,char * errbuf _U_)338 get_if_flags(const char *name _U_, bpf_u_int32 *flags _U_, char *errbuf _U_)
339 {
340 /*
341 * Nothing we can do other than mark loopback devices as "the
342 * connected/disconnected status doesn't apply".
343 *
344 * XXX - on Solaris, can we do what the dladm command does,
345 * i.e. get a connected/disconnected indication from a kstat?
346 * (Note that you can also get the link speed, and possibly
347 * other information, from a kstat as well.)
348 */
349 if (*flags & PCAP_IF_LOOPBACK) {
350 /*
351 * Loopback devices aren't wireless, and "connected"/
352 * "disconnected" doesn't apply to them.
353 */
354 *flags |= PCAP_IF_CONNECTION_STATUS_NOT_APPLICABLE;
355 return (0);
356 }
357 return (0);
358 }
359
360 /*
361 * In Solaris, the "standard" mechanism" i.e SIOCGLIFCONF will only find
362 * network links that are plumbed and are up. dlpi_walk(3DLPI) will find
363 * additional network links present in the system.
364 */
365 int
pcapint_platform_finddevs(pcap_if_list_t * devlistp,char * errbuf)366 pcapint_platform_finddevs(pcap_if_list_t *devlistp, char *errbuf)
367 {
368 int retv = 0;
369
370 linknamelist_t *entry, *next;
371 linkwalk_t lw = {NULL, 0};
372 int save_errno;
373
374 /*
375 * Get the list of regular interfaces first.
376 */
377 if (pcapint_findalldevs_interfaces(devlistp, errbuf,
378 is_dlpi_interface, get_if_flags) == -1)
379 return (-1); /* failure */
380
381 /* dlpi_walk() for loopback will be added here. */
382
383 /*
384 * Find all DLPI devices in the current zone.
385 *
386 * XXX - will pcapint_findalldevs_interfaces() find any devices
387 * outside the current zone? If not, the only reason to call
388 * it would be to get the interface addresses.
389 */
390 dlpi_walk(list_interfaces, &lw, 0);
391
392 if (lw.lw_err != 0) {
393 pcapint_fmt_errmsg_for_errno(errbuf, PCAP_ERRBUF_SIZE,
394 lw.lw_err, "dlpi_walk");
395 retv = -1;
396 goto done;
397 }
398
399 /* Add linkname if it does not exist on the list. */
400 for (entry = lw.lw_list; entry != NULL; entry = entry->lnl_next) {
401 /*
402 * If it isn't already in the list of devices, try to
403 * add it.
404 */
405 if (pcapint_find_or_add_dev(devlistp, entry->linkname, 0, get_if_flags,
406 NULL, errbuf) == NULL)
407 retv = -1;
408 }
409 done:
410 save_errno = errno;
411 for (entry = lw.lw_list; entry != NULL; entry = next) {
412 next = entry->lnl_next;
413 free(entry);
414 }
415 errno = save_errno;
416
417 return (retv);
418 }
419
420 /*
421 * Read data received on DLPI handle. Returns -2 if told to terminate, else
422 * returns the number of packets read.
423 */
424 static int
pcap_read_libdlpi(pcap_t * p,int count,pcap_handler callback,u_char * user)425 pcap_read_libdlpi(pcap_t *p, int count, pcap_handler callback, u_char *user)
426 {
427 struct pcap_dlpi *pd = p->priv;
428 int len;
429 u_char *bufp;
430 size_t msglen;
431 int retv;
432
433 len = p->cc;
434 if (len != 0) {
435 bufp = p->bp;
436 goto process_pkts;
437 }
438 do {
439 /* Has "pcap_breakloop()" been called? */
440 if (p->break_loop) {
441 /*
442 * Yes - clear the flag that indicates that it has,
443 * and return -2 to indicate that we were told to
444 * break out of the loop.
445 */
446 p->break_loop = 0;
447 return (-2);
448 }
449
450 msglen = p->bufsize;
451 bufp = (u_char *)p->buffer + p->offset;
452
453 retv = dlpi_recv(pd->dlpi_hd, NULL, NULL, bufp,
454 &msglen, -1, NULL);
455 if (retv != DLPI_SUCCESS) {
456 /*
457 * This is most likely a call to terminate out of the
458 * loop. So, do not return an error message, instead
459 * check if "pcap_breakloop()" has been called above.
460 */
461 if (retv == DL_SYSERR && errno == EINTR) {
462 len = 0;
463 continue;
464 }
465 pcap_libdlpi_err(dlpi_linkname(pd->dlpi_hd),
466 "dlpi_recv", retv, p->errbuf);
467 return (-1);
468 }
469 len = msglen;
470 } while (len == 0);
471
472 process_pkts:
473 return (pcap_process_pkts(p, callback, user, count, bufp, len));
474 }
475
476 static int
pcap_inject_libdlpi(pcap_t * p,const void * buf,int size)477 pcap_inject_libdlpi(pcap_t *p, const void *buf, int size)
478 {
479 struct pcap_dlpi *pd = p->priv;
480 int retv;
481
482 retv = dlpi_send(pd->dlpi_hd, NULL, 0, buf, size, NULL);
483 if (retv != DLPI_SUCCESS) {
484 pcap_libdlpi_err(dlpi_linkname(pd->dlpi_hd), "dlpi_send", retv,
485 p->errbuf);
486 return (-1);
487 }
488 /*
489 * dlpi_send(3DLPI) does not provide a way to return the number of
490 * bytes sent on the wire. Based on the fact that DLPI_SUCCESS was
491 * returned we are assuming 'size' bytes were sent.
492 */
493 return (size);
494 }
495
496 /*
497 * Close dlpi handle.
498 */
499 static void
pcap_cleanup_libdlpi(pcap_t * p)500 pcap_cleanup_libdlpi(pcap_t *p)
501 {
502 struct pcap_dlpi *pd = p->priv;
503
504 if (pd->dlpi_hd != NULL) {
505 dlpi_close(pd->dlpi_hd);
506 pd->dlpi_hd = NULL;
507 p->fd = -1;
508 }
509 pcapint_cleanup_live_common(p);
510 }
511
512 /*
513 * Write error message to buffer.
514 */
515 static void
pcap_libdlpi_err(const char * linkname,const char * func,int err,char * errbuf)516 pcap_libdlpi_err(const char *linkname, const char *func, int err, char *errbuf)
517 {
518 snprintf(errbuf, PCAP_ERRBUF_SIZE, "%s failed on %s: %s",
519 func, linkname, dlpi_strerror(err));
520 }
521
522 pcap_t *
pcapint_create_interface(const char * device _U_,char * ebuf)523 pcapint_create_interface(const char *device _U_, char *ebuf)
524 {
525 pcap_t *p;
526
527 p = PCAP_CREATE_COMMON(ebuf, struct pcap_dlpi);
528 if (p == NULL)
529 return (NULL);
530
531 p->activate_op = pcap_activate_libdlpi;
532 return (p);
533 }
534
535 /*
536 * Libpcap version string.
537 */
538 const char *
pcap_lib_version(void)539 pcap_lib_version(void)
540 {
541 return (PCAP_VERSION_STRING);
542 }
543