Module Name: src
Committed By: christos
Date: Wed Nov 19 19:35:21 UTC 2014
Modified Files:
src/sys/net: bpf.h bpf_filter.c dlt.h
Log Message:
Add BPF_MOD/BPF_XOR, sync DLT entries and document unused bpf instructions.
>From libpcap-1.6.2
To generate a diff of this commit:
cvs rdiff -u -r1.65 -r1.66 src/sys/net/bpf.h
cvs rdiff -u -r1.67 -r1.68 src/sys/net/bpf_filter.c
cvs rdiff -u -r1.14 -r1.15 src/sys/net/dlt.h
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/net/bpf.h
diff -u src/sys/net/bpf.h:1.65 src/sys/net/bpf.h:1.66
--- src/sys/net/bpf.h:1.65 Tue Jun 24 18:19:36 2014
+++ src/sys/net/bpf.h Wed Nov 19 14:35:21 2014
@@ -1,4 +1,4 @@
-/* $NetBSD: bpf.h,v 1.65 2014/06/24 22:19:36 rmind Exp $ */
+/* $NetBSD: bpf.h,v 1.66 2014/11/19 19:35:21 christos Exp $ */
/*
* Copyright (c) 1990, 1991, 1993
@@ -222,6 +222,7 @@ struct bpf_hdr32 {
#define BPF_W 0x00
#define BPF_H 0x08
#define BPF_B 0x10
+/* 0x18 reserved; used by BSD/OS */
#define BPF_MODE(code) ((code) & 0xe0)
#define BPF_IMM 0x00
#define BPF_ABS 0x20
@@ -229,6 +230,8 @@ struct bpf_hdr32 {
#define BPF_MEM 0x60
#define BPF_LEN 0x80
#define BPF_MSH 0xa0
+/* 0xc0 reserved; used by BSD/OS */
+/* 0xe0 reserved; used by BSD/OS */
/* alu/jmp fields */
#define BPF_OP(code) ((code) & 0xf0)
@@ -241,11 +244,29 @@ struct bpf_hdr32 {
#define BPF_LSH 0x60
#define BPF_RSH 0x70
#define BPF_NEG 0x80
+#define BPF_MOD 0x90
+#define BPF_XOR 0xa0
+/* 0xb0 reserved */
+/* 0xc0 reserved */
+/* 0xd0 reserved */
+/* 0xe0 reserved */
+/* 0xf0 reserved */
#define BPF_JA 0x00
#define BPF_JEQ 0x10
#define BPF_JGT 0x20
#define BPF_JGE 0x30
#define BPF_JSET 0x40
+/* 0x50 reserved; used by BSD/OS */
+/* 0x60 reserved */
+/* 0x70 reserved */
+/* 0x80 reserved */
+/* 0x90 reserved */
+/* 0xa0 reserved */
+/* 0xb0 reserved */
+/* 0xc0 reserved */
+/* 0xd0 reserved */
+/* 0xe0 reserved */
+/* 0xf0 reserved */
#define BPF_SRC(code) ((code) & 0x08)
#define BPF_K 0x00
#define BPF_X 0x08
@@ -253,13 +274,41 @@ struct bpf_hdr32 {
/* ret - BPF_K and BPF_X also apply */
#define BPF_RVAL(code) ((code) & 0x18)
#define BPF_A 0x10
+/* 0x18 reserved */
/* misc */
#define BPF_MISCOP(code) ((code) & 0xf8)
#define BPF_TAX 0x00
+/* 0x10 reserved */
+/* 0x18 reserved */
#define BPF_COP 0x20
-#define BPF_COPX 0x40
+/* 0x28 reserved */
+/* 0x30 reserved */
+/* 0x38 reserved */
+#define BPF_COPX 0x40 /* XXX: also used by BSD/OS */
+/* 0x48 reserved */
+/* 0x50 reserved */
+/* 0x58 reserved */
+/* 0x60 reserved */
+/* 0x68 reserved */
+/* 0x70 reserved */
+/* 0x78 reserved */
#define BPF_TXA 0x80
+/* 0x88 reserved */
+/* 0x90 reserved */
+/* 0x98 reserved */
+/* 0xa0 reserved */
+/* 0xa8 reserved */
+/* 0xb0 reserved */
+/* 0xb8 reserved */
+/* 0xc0 reserved; used by BSD/OS */
+/* 0xc8 reserved */
+/* 0xd0 reserved */
+/* 0xd8 reserved */
+/* 0xe0 reserved */
+/* 0xe8 reserved */
+/* 0xf0 reserved */
+/* 0xf8 reserved */
/*
* The instruction data structure.
Index: src/sys/net/bpf_filter.c
diff -u src/sys/net/bpf_filter.c:1.67 src/sys/net/bpf_filter.c:1.68
--- src/sys/net/bpf_filter.c:1.67 Mon Jul 7 15:56:03 2014
+++ src/sys/net/bpf_filter.c Wed Nov 19 14:35:21 2014
@@ -1,4 +1,4 @@
-/* $NetBSD: bpf_filter.c,v 1.67 2014/07/07 19:56:03 alnsn Exp $ */
+/* $NetBSD: bpf_filter.c,v 1.68 2014/11/19 19:35:21 christos Exp $ */
/*-
* Copyright (c) 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997
@@ -37,7 +37,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: bpf_filter.c,v 1.67 2014/07/07 19:56:03 alnsn Exp $");
+__KERNEL_RCSID(0, "$NetBSD: bpf_filter.c,v 1.68 2014/11/19 19:35:21 christos Exp $");
#if 0
#if !(defined(lint) || defined(KERNEL))
@@ -481,6 +481,12 @@ bpf_filter(const struct bpf_insn *pc, co
A /= X;
continue;
+ case BPF_ALU|BPF_MOD|BPF_X:
+ if (X == 0)
+ return 0;
+ A %= X;
+ continue;
+
case BPF_ALU|BPF_AND|BPF_X:
A &= X;
continue;
@@ -489,6 +495,10 @@ bpf_filter(const struct bpf_insn *pc, co
A |= X;
continue;
+ case BPF_ALU|BPF_XOR|BPF_X:
+ A ^= X;
+ continue;
+
case BPF_ALU|BPF_LSH|BPF_X:
A <<= X;
continue;
@@ -513,6 +523,10 @@ bpf_filter(const struct bpf_insn *pc, co
A /= pc->k;
continue;
+ case BPF_ALU|BPF_MOD|BPF_K:
+ A %= pc->k;
+ continue;
+
case BPF_ALU|BPF_AND|BPF_K:
A &= pc->k;
continue;
@@ -521,6 +535,10 @@ bpf_filter(const struct bpf_insn *pc, co
A |= pc->k;
continue;
+ case BPF_ALU|BPF_XOR|BPF_K:
+ A ^= pc->k;
+ continue;
+
case BPF_ALU|BPF_LSH|BPF_K:
A <<= pc->k;
continue;
@@ -675,12 +693,14 @@ bpf_validate(const struct bpf_insn *f, i
case BPF_SUB:
case BPF_MUL:
case BPF_OR:
+ case BPF_XOR:
case BPF_AND:
case BPF_LSH:
case BPF_RSH:
case BPF_NEG:
break;
case BPF_DIV:
+ case BPF_MOD:
/*
* Check for constant division by 0.
*/
Index: src/sys/net/dlt.h
diff -u src/sys/net/dlt.h:1.14 src/sys/net/dlt.h:1.15
--- src/sys/net/dlt.h:1.14 Sun Apr 7 10:12:05 2013
+++ src/sys/net/dlt.h Wed Nov 19 14:35:21 2014
@@ -1,4 +1,4 @@
-/* $NetBSD: dlt.h,v 1.14 2013/04/07 14:12:05 kardel Exp $ */
+/* $NetBSD: dlt.h,v 1.15 2014/11/19 19:35:21 christos Exp $ */
/*-
* Copyright (c) 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997
@@ -1115,7 +1115,146 @@
#define DLT_PFSYNC 246
#endif
-#define DLT_MATCHING_MAX 246 /* highest value in the "matching" range */
+
+/*
+ * Raw InfiniBand packets, starting with the Local Routing Header.
+ *
+ * Requested by Oren Kladnitsky <or...@mellanox.com>.
+ */
+#define DLT_INFINIBAND 247
+
+/*
+ * SCTP, with no lower-level protocols (i.e., no IPv4 or IPv6).
+ *
+ * Requested by Michael Tuexen <michael.tue...@lurchi.franken.de>.
+ */
+#define DLT_SCTP 248
+
+/*
+ * USB packets, beginning with a USBPcap header.
+ *
+ * Requested by Tomasz Mon <deso...@gmail.com>
+ */
+#define DLT_USBPCAP 249
+
+/*
+ * Schweitzer Engineering Laboratories "RTAC" product serial-line
+ * packets.
+ *
+ * Requested by Chris Bontje <chris_bon...@selinc.com>.
+ */
+#define DLT_RTAC_SERIAL 250
+
+/*
+ * Bluetooth Low Energy air interface link-layer packets.
+ *
+ * Requested by Mike Kershaw <drag...@kismetwireless.net>.
+ */
+#define DLT_BLUETOOTH_LE_LL 251
+
+/*
+ * DLT type for upper-protocol layer PDU saves from wireshark.
+ *
+ * the actual contents are determined by two TAGs stored with each
+ * packet:
+ * EXP_PDU_TAG_LINKTYPE the link type (LINKTYPE_ value) of the
+ * original packet.
+ *
+ * EXP_PDU_TAG_PROTO_NAME the name of the wireshark dissector
+ * that can make sense of the data stored.
+ */
+#define DLT_WIRESHARK_UPPER_PDU 252
+
+/*
+ * DLT type for the netlink protocol (nlmon devices).
+ */
+#define DLT_NETLINK 253
+
+/*
+ * Bluetooth Linux Monitor headers for the BlueZ stack.
+ */
+#define DLT_BLUETOOTH_LINUX_MONITOR 254
+
+/*
+ * Bluetooth Basic Rate/Enhanced Data Rate baseband packets, as
+ * captured by Ubertooth.
+ */
+#define DLT_BLUETOOTH_BREDR_BB 255
+
+/*
+ * Bluetooth Low Energy link layer packets, as captured by Ubertooth.
+ */
+#define DLT_BLUETOOTH_LE_LL_WITH_PHDR 256
+
+/*
+ * PROFIBUS data link layer.
+ */
+#define DLT_PROFIBUS_DL 257
+
+/*
+ * Apple's DLT_PKTAP headers.
+ *
+ * Sadly, the folks at Apple either had no clue that the DLT_USERn values
+ * are for internal use within an organization and partners only, and
+ * didn't know that the right way to get a link-layer header type is to
+ * ask tcpdump.org for one, or knew and didn't care, so they just
+ * used DLT_USER2, which causes problems for everything except for
+ * their version of tcpdump.
+ *
+ * So I'll just give them one; hopefully this will show up in a
+ * libpcap release in time for them to get this into 10.10 Big Sur
+ * or whatever Mavericks' successor is called. LINKTYPE_PKTAP
+ * will be 258 *even on OS X*; that is *intentional*, so that
+ * PKTAP files look the same on *all* OSes (different OSes can have
+ * different numerical values for a given DLT_, but *MUST NOT* have
+ * different values for what goes in a file, as files can be moved
+ * between OSes!).
+ *
+ * When capturing, on a system with a Darwin-based OS, on a device
+ * that returns 149 (DLT_USER2 and Apple's DLT_PKTAP) with this
+ * version of libpcap, the DLT_ value for the pcap_t will be DLT_PKTAP,
+ * and that will continue to be DLT_USER2 on Darwin-based OSes. That way,
+ * binary compatibility with Mavericks is preserved for programs using
+ * this version of libpcap. This does mean that if you were using
+ * DLT_USER2 for some capture device on OS X, you can't do so with
+ * this version of libpcap, just as you can't with Apple's libpcap -
+ * on OS X, they define DLT_PKTAP to be DLT_USER2, so programs won't
+ * be able to distinguish between PKTAP and whatever you were using
+ * DLT_USER2 for.
+ *
+ * If the program saves the capture to a file using this version of
+ * libpcap's pcap_dump code, the LINKTYPE_ value in the file will be
+ * LINKTYPE_PKTAP, which will be 258, even on Darwin-based OSes.
+ * That way, the file will *not* be a DLT_USER2 file. That means
+ * that the latest version of tcpdump, when built with this version
+ * of libpcap, and sufficiently recent versions of Wireshark will
+ * be able to read those files and interpret them correctly; however,
+ * Apple's version of tcpdump in OS X 10.9 won't be able to handle
+ * them. (Hopefully, Apple will pick up this version of libpcap,
+ * and the corresponding version of tcpdump, so that tcpdump will
+ * be able to handle the old LINKTYPE_USER2 captures *and* the new
+ * LINKTYPE_PKTAP captures.)
+ */
+#ifdef __APPLE__
+#define DLT_PKTAP DLT_USER2
+#else
+#define DLT_PKTAP 258
+#endif
+
+/*
+ * Ethernet packets preceded by a header giving the last 6 octets
+ * of the preamble specified by 802.3-2012 Clause 65, section
+ * 65.1.3.2 "Transmit".
+ */
+#define DLT_EPON 259
+
+/*
+ * IPMI trace packets, as specified by Table 3-20 "Trace Data Block Format"
+ * in the PICMG HPM.2 specification.
+ */
+#define DLT_IPMI_HPM_2 260
+
+#define DLT_MATCHING_MAX 260 /* highest value in the "matching" range */
/*
* DLT and savefile link type values are split into a class and
