1 /* 2 * Copyright (c) 2016 HUAWEI TECHNOLOGIES CO., LTD. 3 * Copyright (c) 2016 FUJITSU LIMITED 4 * Copyright (c) 2016 Intel Corporation 5 * 6 * Author: Zhang Chen <zhangchen.fnst@cn.fujitsu.com> 7 * 8 * This work is licensed under the terms of the GNU GPL, version 2 or 9 * later. See the COPYING file in the top-level directory. 10 */ 11 12 #include "qemu/osdep.h" 13 #include "net/filter.h" 14 #include "net/net.h" 15 #include "qapi/error.h" 16 #include "qom/object.h" 17 #include "qemu/main-loop.h" 18 #include "qemu/error-report.h" 19 #include "trace.h" 20 #include "chardev/char-fe.h" 21 #include "qemu/iov.h" 22 #include "qemu/sockets.h" 23 24 #define TYPE_FILTER_MIRROR "filter-mirror" 25 typedef struct MirrorState MirrorState; 26 DECLARE_INSTANCE_CHECKER(MirrorState, FILTER_MIRROR, 27 TYPE_FILTER_MIRROR) 28 29 #define TYPE_FILTER_REDIRECTOR "filter-redirector" 30 DECLARE_INSTANCE_CHECKER(MirrorState, FILTER_REDIRECTOR, 31 TYPE_FILTER_REDIRECTOR) 32 33 #define REDIRECTOR_MAX_LEN NET_BUFSIZE 34 35 struct MirrorState { 36 NetFilterState parent_obj; 37 char *indev; 38 char *outdev; 39 CharBackend chr_in; 40 CharBackend chr_out; 41 SocketReadState rs; 42 bool vnet_hdr; 43 }; 44 45 static int filter_send(MirrorState *s, 46 const struct iovec *iov, 47 int iovcnt) 48 { 49 NetFilterState *nf = NETFILTER(s); 50 int ret = 0; 51 ssize_t size = 0; 52 uint32_t len = 0; 53 char *buf; 54 55 size = iov_size(iov, iovcnt); 56 if (!size) { 57 return 0; 58 } 59 60 len = htonl(size); 61 ret = qemu_chr_fe_write_all(&s->chr_out, (uint8_t *)&len, sizeof(len)); 62 if (ret != sizeof(len)) { 63 goto err; 64 } 65 66 if (s->vnet_hdr) { 67 /* 68 * If vnet_hdr = on, we send vnet header len to make other 69 * module(like colo-compare) know how to parse net 70 * packet correctly. 71 */ 72 ssize_t vnet_hdr_len; 73 74 vnet_hdr_len = nf->netdev->vnet_hdr_len; 75 76 len = htonl(vnet_hdr_len); 77 ret = qemu_chr_fe_write_all(&s->chr_out, (uint8_t *)&len, sizeof(len)); 78 if (ret != sizeof(len)) { 79 goto err; 80 } 81 } 82 83 buf = g_malloc(size); 84 iov_to_buf(iov, iovcnt, 0, buf, size); 85 ret = qemu_chr_fe_write_all(&s->chr_out, (uint8_t *)buf, size); 86 g_free(buf); 87 if (ret != size) { 88 goto err; 89 } 90 91 return 0; 92 93 err: 94 return ret < 0 ? ret : -EIO; 95 } 96 97 static void redirector_to_filter(NetFilterState *nf, 98 const uint8_t *buf, 99 int len) 100 { 101 struct iovec iov = { 102 .iov_base = (void *)buf, 103 .iov_len = len, 104 }; 105 106 if (nf->direction == NET_FILTER_DIRECTION_ALL || 107 nf->direction == NET_FILTER_DIRECTION_TX) { 108 qemu_netfilter_pass_to_next(nf->netdev, 0, &iov, 1, nf); 109 } 110 111 if (nf->direction == NET_FILTER_DIRECTION_ALL || 112 nf->direction == NET_FILTER_DIRECTION_RX) { 113 qemu_netfilter_pass_to_next(nf->netdev->peer, 0, &iov, 1, nf); 114 } 115 } 116 117 static int redirector_chr_can_read(void *opaque) 118 { 119 return REDIRECTOR_MAX_LEN; 120 } 121 122 static void redirector_chr_read(void *opaque, const uint8_t *buf, int size) 123 { 124 NetFilterState *nf = opaque; 125 MirrorState *s = FILTER_REDIRECTOR(nf); 126 int ret; 127 128 ret = net_fill_rstate(&s->rs, buf, size); 129 130 if (ret == -1) { 131 qemu_chr_fe_set_handlers(&s->chr_in, NULL, NULL, NULL, 132 NULL, NULL, NULL, true); 133 } 134 } 135 136 static void redirector_chr_event(void *opaque, QEMUChrEvent event) 137 { 138 NetFilterState *nf = opaque; 139 MirrorState *s = FILTER_REDIRECTOR(nf); 140 141 switch (event) { 142 case CHR_EVENT_CLOSED: 143 qemu_chr_fe_set_handlers(&s->chr_in, NULL, NULL, NULL, 144 NULL, NULL, NULL, true); 145 break; 146 default: 147 break; 148 } 149 } 150 151 static ssize_t filter_mirror_receive_iov(NetFilterState *nf, 152 NetClientState *sender, 153 unsigned flags, 154 const struct iovec *iov, 155 int iovcnt, 156 NetPacketSent *sent_cb) 157 { 158 MirrorState *s = FILTER_MIRROR(nf); 159 int ret; 160 161 ret = filter_send(s, iov, iovcnt); 162 if (ret) { 163 error_report("filter mirror send failed(%s)", strerror(-ret)); 164 } 165 166 /* 167 * we don't hope this error interrupt the normal 168 * path of net packet, so we always return zero. 169 */ 170 return 0; 171 } 172 173 static ssize_t filter_redirector_receive_iov(NetFilterState *nf, 174 NetClientState *sender, 175 unsigned flags, 176 const struct iovec *iov, 177 int iovcnt, 178 NetPacketSent *sent_cb) 179 { 180 MirrorState *s = FILTER_REDIRECTOR(nf); 181 int ret; 182 183 if (qemu_chr_fe_backend_connected(&s->chr_out)) { 184 ret = filter_send(s, iov, iovcnt); 185 if (ret) { 186 error_report("filter redirector send failed(%s)", strerror(-ret)); 187 } 188 return iov_size(iov, iovcnt); 189 } else { 190 return 0; 191 } 192 } 193 194 static void filter_mirror_cleanup(NetFilterState *nf) 195 { 196 MirrorState *s = FILTER_MIRROR(nf); 197 198 qemu_chr_fe_deinit(&s->chr_out, false); 199 } 200 201 static void filter_redirector_cleanup(NetFilterState *nf) 202 { 203 MirrorState *s = FILTER_REDIRECTOR(nf); 204 205 qemu_chr_fe_deinit(&s->chr_in, false); 206 qemu_chr_fe_deinit(&s->chr_out, false); 207 } 208 209 static void filter_mirror_setup(NetFilterState *nf, Error **errp) 210 { 211 MirrorState *s = FILTER_MIRROR(nf); 212 Chardev *chr; 213 214 if (s->outdev == NULL) { 215 error_set(errp, ERROR_CLASS_DEVICE_NOT_FOUND, "filter-mirror parameter"\ 216 " 'outdev' cannot be empty"); 217 return; 218 } 219 220 chr = qemu_chr_find(s->outdev); 221 if (chr == NULL) { 222 error_set(errp, ERROR_CLASS_DEVICE_NOT_FOUND, 223 "Device '%s' not found", s->outdev); 224 return; 225 } 226 227 qemu_chr_fe_init(&s->chr_out, chr, errp); 228 } 229 230 static void redirector_rs_finalize(SocketReadState *rs) 231 { 232 MirrorState *s = container_of(rs, MirrorState, rs); 233 NetFilterState *nf = NETFILTER(s); 234 235 redirector_to_filter(nf, rs->buf, rs->packet_len); 236 } 237 238 static void filter_redirector_setup(NetFilterState *nf, Error **errp) 239 { 240 MirrorState *s = FILTER_REDIRECTOR(nf); 241 Chardev *chr; 242 243 if (!s->indev && !s->outdev) { 244 error_setg(errp, "filter redirector needs 'indev' or " 245 "'outdev' at least one property set"); 246 return; 247 } else if (s->indev && s->outdev) { 248 if (!strcmp(s->indev, s->outdev)) { 249 error_setg(errp, "'indev' and 'outdev' could not be same " 250 "for filter redirector"); 251 return; 252 } 253 } 254 255 net_socket_rs_init(&s->rs, redirector_rs_finalize, s->vnet_hdr); 256 257 if (s->indev) { 258 chr = qemu_chr_find(s->indev); 259 if (chr == NULL) { 260 error_set(errp, ERROR_CLASS_DEVICE_NOT_FOUND, 261 "IN Device '%s' not found", s->indev); 262 return; 263 } 264 265 if (!qemu_chr_fe_init(&s->chr_in, chr, errp)) { 266 return; 267 } 268 269 qemu_chr_fe_set_handlers(&s->chr_in, redirector_chr_can_read, 270 redirector_chr_read, redirector_chr_event, 271 NULL, nf, NULL, true); 272 } 273 274 if (s->outdev) { 275 chr = qemu_chr_find(s->outdev); 276 if (chr == NULL) { 277 error_set(errp, ERROR_CLASS_DEVICE_NOT_FOUND, 278 "OUT Device '%s' not found", s->outdev); 279 return; 280 } 281 if (!qemu_chr_fe_init(&s->chr_out, chr, errp)) { 282 return; 283 } 284 } 285 } 286 287 static void filter_mirror_class_init(ObjectClass *oc, void *data) 288 { 289 NetFilterClass *nfc = NETFILTER_CLASS(oc); 290 291 nfc->setup = filter_mirror_setup; 292 nfc->cleanup = filter_mirror_cleanup; 293 nfc->receive_iov = filter_mirror_receive_iov; 294 } 295 296 static void filter_redirector_class_init(ObjectClass *oc, void *data) 297 { 298 NetFilterClass *nfc = NETFILTER_CLASS(oc); 299 300 nfc->setup = filter_redirector_setup; 301 nfc->cleanup = filter_redirector_cleanup; 302 nfc->receive_iov = filter_redirector_receive_iov; 303 } 304 305 static char *filter_redirector_get_indev(Object *obj, Error **errp) 306 { 307 MirrorState *s = FILTER_REDIRECTOR(obj); 308 309 return g_strdup(s->indev); 310 } 311 312 static void filter_redirector_set_indev(Object *obj, 313 const char *value, 314 Error **errp) 315 { 316 MirrorState *s = FILTER_REDIRECTOR(obj); 317 318 g_free(s->indev); 319 s->indev = g_strdup(value); 320 } 321 322 static char *filter_mirror_get_outdev(Object *obj, Error **errp) 323 { 324 MirrorState *s = FILTER_MIRROR(obj); 325 326 return g_strdup(s->outdev); 327 } 328 329 static void filter_mirror_set_outdev(Object *obj, 330 const char *value, 331 Error **errp) 332 { 333 MirrorState *s = FILTER_MIRROR(obj); 334 335 g_free(s->outdev); 336 s->outdev = g_strdup(value); 337 if (!s->outdev) { 338 error_setg(errp, "filter mirror needs 'outdev' " 339 "property set"); 340 return; 341 } 342 } 343 344 static bool filter_mirror_get_vnet_hdr(Object *obj, Error **errp) 345 { 346 MirrorState *s = FILTER_MIRROR(obj); 347 348 return s->vnet_hdr; 349 } 350 351 static void filter_mirror_set_vnet_hdr(Object *obj, bool value, Error **errp) 352 { 353 MirrorState *s = FILTER_MIRROR(obj); 354 355 s->vnet_hdr = value; 356 } 357 358 static char *filter_redirector_get_outdev(Object *obj, Error **errp) 359 { 360 MirrorState *s = FILTER_REDIRECTOR(obj); 361 362 return g_strdup(s->outdev); 363 } 364 365 static void filter_redirector_set_outdev(Object *obj, 366 const char *value, 367 Error **errp) 368 { 369 MirrorState *s = FILTER_REDIRECTOR(obj); 370 371 g_free(s->outdev); 372 s->outdev = g_strdup(value); 373 } 374 375 static bool filter_redirector_get_vnet_hdr(Object *obj, Error **errp) 376 { 377 MirrorState *s = FILTER_REDIRECTOR(obj); 378 379 return s->vnet_hdr; 380 } 381 382 static void filter_redirector_set_vnet_hdr(Object *obj, 383 bool value, 384 Error **errp) 385 { 386 MirrorState *s = FILTER_REDIRECTOR(obj); 387 388 s->vnet_hdr = value; 389 } 390 391 static void filter_mirror_init(Object *obj) 392 { 393 MirrorState *s = FILTER_MIRROR(obj); 394 395 object_property_add_str(obj, "outdev", filter_mirror_get_outdev, 396 filter_mirror_set_outdev); 397 398 s->vnet_hdr = false; 399 object_property_add_bool(obj, "vnet_hdr_support", 400 filter_mirror_get_vnet_hdr, 401 filter_mirror_set_vnet_hdr); 402 } 403 404 static void filter_redirector_init(Object *obj) 405 { 406 MirrorState *s = FILTER_REDIRECTOR(obj); 407 408 object_property_add_str(obj, "indev", filter_redirector_get_indev, 409 filter_redirector_set_indev); 410 object_property_add_str(obj, "outdev", filter_redirector_get_outdev, 411 filter_redirector_set_outdev); 412 413 s->vnet_hdr = false; 414 object_property_add_bool(obj, "vnet_hdr_support", 415 filter_redirector_get_vnet_hdr, 416 filter_redirector_set_vnet_hdr); 417 } 418 419 static void filter_mirror_fini(Object *obj) 420 { 421 MirrorState *s = FILTER_MIRROR(obj); 422 423 g_free(s->outdev); 424 } 425 426 static void filter_redirector_fini(Object *obj) 427 { 428 MirrorState *s = FILTER_REDIRECTOR(obj); 429 430 g_free(s->indev); 431 g_free(s->outdev); 432 } 433 434 static const TypeInfo filter_redirector_info = { 435 .name = TYPE_FILTER_REDIRECTOR, 436 .parent = TYPE_NETFILTER, 437 .class_init = filter_redirector_class_init, 438 .instance_init = filter_redirector_init, 439 .instance_finalize = filter_redirector_fini, 440 .instance_size = sizeof(MirrorState), 441 }; 442 443 static const TypeInfo filter_mirror_info = { 444 .name = TYPE_FILTER_MIRROR, 445 .parent = TYPE_NETFILTER, 446 .class_init = filter_mirror_class_init, 447 .instance_init = filter_mirror_init, 448 .instance_finalize = filter_mirror_fini, 449 .instance_size = sizeof(MirrorState), 450 }; 451 452 static void register_types(void) 453 { 454 type_register_static(&filter_mirror_info); 455 type_register_static(&filter_redirector_info); 456 } 457 458 type_init(register_types); 459