]> The Tcpdump Group git mirrors - libpcap/blob - pcap-libdlpi.c
projects / libpcap / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Set the error message for "permission denied" errors.
[libpcap] / pcap-libdlpi.c
1 /*
2 * Copyright (c) 1993, 1994, 1995, 1996, 1997
3 * The Regents of the University of California. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that: (1) source code distributions
7 * retain the above copyright notice and this paragraph in its entirety, (2)
8 * distributions including binary code include the above copyright notice and
9 * this paragraph in its entirety in the documentation or other materials
10 * provided with the distribution, and (3) all advertising materials mentioning
11 * features or use of this software display the following acknowledgement:
12 * ``This product includes software developed by the University of California,
13 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
14 * the University nor the names of its contributors may be used to endorse
15 * or promote products derived from this software without specific prior
16 * written permission.
17 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
18 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
19 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
20 *
21 * This code contributed by Sagun Shakya (sagun.shakya@sun.com)
22 */
23 /*
24 * Packet capture routines for DLPI using libdlpi under SunOS 5.11.
25 */
26
27 #ifdef HAVE_CONFIG_H
28 #include <config.h>
29 #endif
30
31 #include <sys/types.h>
32 #include <sys/time.h>
33 #include <sys/bufmod.h>
34 #include <sys/stream.h>
35 #include <libdlpi.h>
36 #include <errno.h>
37 #include <memory.h>
38 #include <stropts.h>
39 #include <stdio.h>
40 #include <stdlib.h>
41 #include <string.h>
42
43 #include "pcap-int.h"
44 #include "dlpisubs.h"
45
46 /* Forwards. */
47 static int dlpromiscon(pcap_t *, bpf_u_int32);
48 static int pcap_read_libdlpi(pcap_t *, int, pcap_handler, u_char *);
49 static int pcap_inject_libdlpi(pcap_t *, const void *, int);
50 static void pcap_libdlpi_err(const char *, const char *, int, char *);
51 static void pcap_cleanup_libdlpi(pcap_t *);
52
53 /*
54 * list_interfaces() will list all the network links that are
55 * available on a system.
56 */
57 static boolean_t list_interfaces(const char *, void *);
58
59 typedef struct linknamelist {
60 char linkname[DLPI_LINKNAME_MAX];
61 struct linknamelist *lnl_next;
62 } linknamelist_t;
63
64 typedef struct linkwalk {
65 linknamelist_t *lw_list;
66 int lw_err;
67 } linkwalk_t;
68
69 /*
70 * The caller of this function should free the memory allocated
71 * for each linknamelist_t "entry" allocated.
72 */
73 static boolean_t
74 list_interfaces(const char *linkname, void *arg)
75 {
76 linkwalk_t *lwp = arg;
77 linknamelist_t *entry;
78
79 if ((entry = calloc(1, sizeof(linknamelist_t))) == NULL) {
80 lwp->lw_err = ENOMEM;
81 return (B_TRUE);
82 }
83 (void) pcap_strlcpy(entry->linkname, linkname, DLPI_LINKNAME_MAX);
84
85 if (lwp->lw_list == NULL) {
86 lwp->lw_list = entry;
87 } else {
88 entry->lnl_next = lwp->lw_list;
89 lwp->lw_list = entry;
90 }
91
92 return (B_FALSE);
93 }
94
95 static int
96 pcap_activate_libdlpi(pcap_t *p)
97 {
98 struct pcap_dlpi *pd = p->priv;
99 int status = 0;
100 int retv;
101 dlpi_handle_t dh;
102 dlpi_info_t dlinfo;
103
104 /*
105 * Enable Solaris raw and passive DLPI extensions;
106 * dlpi_open() will not fail if the underlying link does not support
107 * passive mode. See dlpi(7P) for details.
108 */
109 retv = dlpi_open(p->opt.device, &dh, DLPI_RAW|DLPI_PASSIVE);
110 if (retv != DLPI_SUCCESS) {
111 if (retv == DLPI_ELINKNAMEINVAL || retv == DLPI_ENOLINK)
112 status = PCAP_ERROR_NO_SUCH_DEVICE;
113 else if (retv == DL_SYSERR &&
114 (errno == EPERM || errno == EACCES)) {
115 status = PCAP_ERROR_PERM_DENIED;
116 snprintf(p->errbuf, PCAP_ERRBUF_SIZE,
117 "Attempt to open DLPI device failed with %s - root privilege may be required",
118 (errno == EPERM) ? "EPERM" : "EACCES");
119 } else {
120 status = PCAP_ERROR;
121 pcap_libdlpi_err(p->opt.device, "dlpi_open", retv,
122 p->errbuf);
123 }
124 return (status);
125 }
126 pd->dlpi_hd = dh;
127
128 if (p->opt.rfmon) {
129 /*
130 * This device exists, but we don't support monitor mode
131 * any platforms that support DLPI.
132 */
133 status = PCAP_ERROR_RFMON_NOTSUP;
134 goto bad;
135 }
136
137 /* Bind with DLPI_ANY_SAP. */
138 if ((retv = dlpi_bind(pd->dlpi_hd, DLPI_ANY_SAP, 0)) != DLPI_SUCCESS) {
139 status = PCAP_ERROR;
140 pcap_libdlpi_err(p->opt.device, "dlpi_bind", retv, p->errbuf);
141 goto bad;
142 }
143
144 /*
145 * Turn a negative snapshot value (invalid), a snapshot value of
146 * 0 (unspecified), or a value bigger than the normal maximum
147 * value, into the maximum allowed value.
148 *
149 * If some application really *needs* a bigger snapshot
150 * length, we should just increase MAXIMUM_SNAPLEN.
151 */
152 if (p->snapshot <= 0 || p->snapshot > MAXIMUM_SNAPLEN)
153 p->snapshot = MAXIMUM_SNAPLEN;
154
155 /* Enable promiscuous mode. */
156 if (p->opt.promisc) {
157 retv = dlpromiscon(p, DL_PROMISC_PHYS);
158 if (retv < 0) {
159 /*
160 * "You don't have permission to capture on
161 * this device" and "you don't have permission
162 * to capture in promiscuous mode on this
163 * device" are different; let the user know,
164 * so if they can't get permission to
165 * capture in promiscuous mode, they can at
166 * least try to capture in non-promiscuous
167 * mode.
168 *
169 * XXX - you might have to capture in
170 * promiscuous mode to see outgoing packets.
171 */
172 if (retv == PCAP_ERROR_PERM_DENIED)
173 status = PCAP_ERROR_PROMISC_PERM_DENIED;
174 else
175 status = retv;
176 goto bad;
177 }
178 } else {
179 /* Try to enable multicast. */
180 retv = dlpromiscon(p, DL_PROMISC_MULTI);
181 if (retv < 0) {
182 status = retv;
183 goto bad;
184 }
185 }
186
187 /* Try to enable SAP promiscuity. */
188 retv = dlpromiscon(p, DL_PROMISC_SAP);
189 if (retv < 0) {
190 /*
191 * Not fatal, since the DL_PROMISC_PHYS mode worked.
192 * Report it as a warning, however.
193 */
194 if (p->opt.promisc)
195 status = PCAP_WARNING;
196 else {
197 status = retv;
198 goto bad;
199 }
200 }
201
202 /* Determine link type. */
203 if ((retv = dlpi_info(pd->dlpi_hd, &dlinfo, 0)) != DLPI_SUCCESS) {
204 status = PCAP_ERROR;
205 pcap_libdlpi_err(p->opt.device, "dlpi_info", retv, p->errbuf);
206 goto bad;
207 }
208
209 if (pcap_process_mactype(p, dlinfo.di_mactype) != 0) {
210 status = PCAP_ERROR;
211 goto bad;
212 }
213
214 p->fd = dlpi_fd(pd->dlpi_hd);
215
216 /* Push and configure bufmod. */
217 if (pcap_conf_bufmod(p, p->snapshot) != 0) {
218 status = PCAP_ERROR;
219 goto bad;
220 }
221
222 /*
223 * Flush the read side.
224 */
225 if (ioctl(p->fd, I_FLUSH, FLUSHR) != 0) {
226 status = PCAP_ERROR;
227 pcap_fmt_errmsg_for_errno(p->errbuf, PCAP_ERRBUF_SIZE,
228 errno, "FLUSHR");
229 goto bad;
230 }
231
232 /* Allocate data buffer. */
233 if (pcap_alloc_databuf(p) != 0) {
234 status = PCAP_ERROR;
235 goto bad;
236 }
237
238 /*
239 * "p->fd" is a FD for a STREAMS device, so "select()" and
240 * "poll()" should work on it.
241 */
242 p->selectable_fd = p->fd;
243
244 p->read_op = pcap_read_libdlpi;
245 p->inject_op = pcap_inject_libdlpi;
246 p->setfilter_op = install_bpf_program; /* No kernel filtering */
247 p->setdirection_op = NULL; /* Not implemented */
248 p->set_datalink_op = NULL; /* Can't change data link type */
249 p->getnonblock_op = pcap_getnonblock_fd;
250 p->setnonblock_op = pcap_setnonblock_fd;
251 p->stats_op = pcap_stats_dlpi;
252 p->cleanup_op = pcap_cleanup_libdlpi;
253
254 return (status);
255 bad:
256 pcap_cleanup_libdlpi(p);
257 return (status);
258 }
259
260 #define STRINGIFY(n) #n
261
262 static int
263 dlpromiscon(pcap_t *p, bpf_u_int32 level)
264 {
265 struct pcap_dlpi *pd = p->priv;
266 int retv;
267 int err;
268
269 retv = dlpi_promiscon(pd->dlpi_hd, level);
270 if (retv != DLPI_SUCCESS) {
271 if (retv == DL_SYSERR &&
272 (errno == EPERM || errno == EACCES)) {
273 if (level == DL_PROMISC_PHYS) {
274 err = PCAP_ERROR_PROMISC_PERM_DENIED;
275 snprintf(p->errbuf, PCAP_ERRBUF_SIZE,
276 "Attempt to set promiscuous mode failed with %s - root privilege may be required",
277 (errno == EPERM) ? "EPERM" : "EACCES");
278 } else {
279 err = PCAP_ERROR_PERM_DENIED;
280 snprintf(p->errbuf, PCAP_ERRBUF_SIZE,
281 "Attempt to set %s mode failed with %s - root privilege may be required",
282 (level == DL_PROMISC_MULTI) ? "multicast" : "SAP promiscuous",
283 (errno == EPERM) ? "EPERM" : "EACCES");
284 }
285 } else {
286 err = PCAP_ERROR;
287 pcap_libdlpi_err(p->opt.device,
288 "dlpi_promiscon" STRINGIFY(level),
289 retv, p->errbuf);
290 }
291 return (err);
292 }
293 return (0);
294 }
295
296 /*
297 * Presumably everything returned by dlpi_walk() is a DLPI device,
298 * so there's no work to be done here to check whether name refers
299 * to a DLPI device.
300 */
301 static int
302 is_dlpi_interface(const char *name _U_)
303 {
304 return (1);
305 }
306
307 static int
308 get_if_flags(const char *name _U_, bpf_u_int32 *flags _U_, char *errbuf _U_)
309 {
310 /*
311 * Nothing we can do other than mark loopback devices as "the
312 * connected/disconnected status doesn't apply".
313 *
314 * XXX - on Solaris, can we do what the dladm command does,
315 * i.e. get a connected/disconnected indication from a kstat?
316 * (Note that you can also get the link speed, and possibly
317 * other information, from a kstat as well.)
318 */
319 if (*flags & PCAP_IF_LOOPBACK) {
320 /*
321 * Loopback devices aren't wireless, and "connected"/
322 * "disconnected" doesn't apply to them.
323 */
324 *flags |= PCAP_IF_CONNECTION_STATUS_NOT_APPLICABLE;
325 return (0);
326 }
327 return (0);
328 }
329
330 /*
331 * In Solaris, the "standard" mechanism" i.e SIOCGLIFCONF will only find
332 * network links that are plumbed and are up. dlpi_walk(3DLPI) will find
333 * additional network links present in the system.
334 */
335 int
336 pcap_platform_finddevs(pcap_if_list_t *devlistp, char *errbuf)
337 {
338 int retv = 0;
339
340 linknamelist_t *entry, *next;
341 linkwalk_t lw = {NULL, 0};
342 int save_errno;
343
344 /*
345 * Get the list of regular interfaces first.
346 */
347 if (pcap_findalldevs_interfaces(devlistp, errbuf,
348 is_dlpi_interface, get_if_flags) == -1)
349 return (-1); /* failure */
350
351 /* dlpi_walk() for loopback will be added here. */
352
353 /*
354 * Find all DLPI devices in the current zone.
355 *
356 * XXX - will pcap_findalldevs_interfaces() find any devices
357 * outside the current zone? If not, the only reason to call
358 * it would be to get the interface addresses.
359 */
360 dlpi_walk(list_interfaces, &lw, 0);
361
362 if (lw.lw_err != 0) {
363 pcap_fmt_errmsg_for_errno(errbuf, PCAP_ERRBUF_SIZE,
364 lw.lw_err, "dlpi_walk");
365 retv = -1;
366 goto done;
367 }
368
369 /* Add linkname if it does not exist on the list. */
370 for (entry = lw.lw_list; entry != NULL; entry = entry->lnl_next) {
371 /*
372 * If it isn't already in the list of devices, try to
373 * add it.
374 */
375 if (find_or_add_dev(devlistp, entry->linkname, 0, get_if_flags,
376 NULL, errbuf) == NULL)
377 retv = -1;
378 }
379 done:
380 save_errno = errno;
381 for (entry = lw.lw_list; entry != NULL; entry = next) {
382 next = entry->lnl_next;
383 free(entry);
384 }
385 errno = save_errno;
386
387 return (retv);
388 }
389
390 /*
391 * Read data received on DLPI handle. Returns -2 if told to terminate, else
392 * returns the number of packets read.
393 */
394 static int
395 pcap_read_libdlpi(pcap_t *p, int count, pcap_handler callback, u_char *user)
396 {
397 struct pcap_dlpi *pd = p->priv;
398 int len;
399 u_char *bufp;
400 size_t msglen;
401 int retv;
402
403 len = p->cc;
404 if (len != 0) {
405 bufp = p->bp;
406 goto process_pkts;
407 }
408 do {
409 /* Has "pcap_breakloop()" been called? */
410 if (p->break_loop) {
411 /*
412 * Yes - clear the flag that indicates that it has,
413 * and return -2 to indicate that we were told to
414 * break out of the loop.
415 */
416 p->break_loop = 0;
417 return (-2);
418 }
419
420 msglen = p->bufsize;
421 bufp = (u_char *)p->buffer + p->offset;
422
423 retv = dlpi_recv(pd->dlpi_hd, NULL, NULL, bufp,
424 &msglen, -1, NULL);
425 if (retv != DLPI_SUCCESS) {
426 /*
427 * This is most likely a call to terminate out of the
428 * loop. So, do not return an error message, instead
429 * check if "pcap_breakloop()" has been called above.
430 */
431 if (retv == DL_SYSERR && errno == EINTR) {
432 len = 0;
433 continue;
434 }
435 pcap_libdlpi_err(dlpi_linkname(pd->dlpi_hd),
436 "dlpi_recv", retv, p->errbuf);
437 return (-1);
438 }
439 len = msglen;
440 } while (len == 0);
441
442 process_pkts:
443 return (pcap_process_pkts(p, callback, user, count, bufp, len));
444 }
445
446 static int
447 pcap_inject_libdlpi(pcap_t *p, const void *buf, int size)
448 {
449 struct pcap_dlpi *pd = p->priv;
450 int retv;
451
452 retv = dlpi_send(pd->dlpi_hd, NULL, 0, buf, size, NULL);
453 if (retv != DLPI_SUCCESS) {
454 pcap_libdlpi_err(dlpi_linkname(pd->dlpi_hd), "dlpi_send", retv,
455 p->errbuf);
456 return (-1);
457 }
458 /*
459 * dlpi_send(3DLPI) does not provide a way to return the number of
460 * bytes sent on the wire. Based on the fact that DLPI_SUCCESS was
461 * returned we are assuming 'size' bytes were sent.
462 */
463 return (size);
464 }
465
466 /*
467 * Close dlpi handle.
468 */
469 static void
470 pcap_cleanup_libdlpi(pcap_t *p)
471 {
472 struct pcap_dlpi *pd = p->priv;
473
474 if (pd->dlpi_hd != NULL) {
475 dlpi_close(pd->dlpi_hd);
476 pd->dlpi_hd = NULL;
477 p->fd = -1;
478 }
479 pcap_cleanup_live_common(p);
480 }
481
482 /*
483 * Write error message to buffer.
484 */
485 static void
486 pcap_libdlpi_err(const char *linkname, const char *func, int err, char *errbuf)
487 {
488 snprintf(errbuf, PCAP_ERRBUF_SIZE, "libpcap: %s failed on %s: %s",
489 func, linkname, dlpi_strerror(err));
490 }
491
492 pcap_t *
493 pcap_create_interface(const char *device _U_, char *ebuf)
494 {
495 pcap_t *p;
496
497 p = PCAP_CREATE_COMMON(ebuf, struct pcap_dlpi);
498 if (p == NULL)
499 return (NULL);
500
501 p->activate_op = pcap_activate_libdlpi;
502 return (p);
503 }
504
505 /*
506 * Libpcap version string.
507 */
508 const char *
509 pcap_lib_version(void)
510 {
511 return (PCAP_VERSION_STRING);
512 }
[mirror] the LIBpcap interface to various kernel packet capture mechanism