1 /*
2  * Copyright (c) 1990, 1991, 1992, 1993, 1994, 1995, 1996
3  *	The Regents of the University of California.  All rights reserved.
4  *
5  * Redistribution and use in source and binary forms, with or without
6  * modification, are permitted provided that: (1) source code distributions
7  * retain the above copyright notice and this paragraph in its entirety, (2)
8  * distributions including binary code include the above copyright notice and
9  * this paragraph in its entirety in the documentation or other materials
10  * provided with the distribution, and (3) all advertising materials mentioning
11  * features or use of this software display the following acknowledgement:
12  * ``This product includes software developed by the University of California,
13  * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
14  * the University nor the names of its contributors may be used to endorse
15  * or promote products derived from this software without specific prior
16  * written permission.
17  * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
18  * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
19  * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
20  */
21 
22 #include "pcap/funcattrs.h"
23 
24 /*
25  * ATM support:
26  *
27  * Copyright (c) 1997 Yen Yen Lim and North Dakota State University
28  * All rights reserved.
29  *
30  * Redistribution and use in source and binary forms, with or without
31  * modification, are permitted provided that the following conditions
32  * are met:
33  * 1. Redistributions of source code must retain the above copyright
34  *    notice, this list of conditions and the following disclaimer.
35  * 2. Redistributions in binary form must reproduce the above copyright
36  *    notice, this list of conditions and the following disclaimer in the
37  *    documentation and/or other materials provided with the distribution.
38  * 3. All advertising materials mentioning features or use of this software
39  *    must display the following acknowledgement:
40  *      This product includes software developed by Yen Yen Lim and
41  *      North Dakota State University
42  * 4. The name of the author may not be used to endorse or promote products
43  *    derived from this software without specific prior written permission.
44  *
45  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
46  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
47  * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
48  * DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
49  * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
50  * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
51  * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
52  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
53  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
54  * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
55  * POSSIBILITY OF SUCH DAMAGE.
56  */
57 
58 /* Address qualifiers. */
59 
60 #define Q_HOST		1
61 #define Q_NET		2
62 #define Q_PORT		3
63 #define Q_GATEWAY	4
64 #define Q_PROTO		5
65 #define Q_PROTOCHAIN	6
66 #define Q_PORTRANGE	7
67 
68 /* Protocol qualifiers. */
69 
70 #define Q_LINK		1
71 #define Q_IP		2
72 #define Q_ARP		3
73 #define Q_RARP		4
74 #define Q_SCTP		5
75 #define Q_TCP		6
76 #define Q_UDP		7
77 #define Q_ICMP		8
78 #define Q_IGMP		9
79 #define Q_IGRP		10
80 
81 
82 #define	Q_ATALK		11
83 #define	Q_DECNET	12
84 #define	Q_LAT		13
85 #define Q_SCA		14
86 #define	Q_MOPRC		15
87 #define	Q_MOPDL		16
88 
89 
90 #define Q_IPV6		17
91 #define Q_ICMPV6	18
92 #define Q_AH		19
93 #define Q_ESP		20
94 
95 #define Q_PIM		21
96 #define Q_VRRP		22
97 
98 #define Q_AARP		23
99 
100 #define Q_ISO		24
101 #define Q_ESIS		25
102 #define Q_ISIS		26
103 #define Q_CLNP		27
104 
105 #define Q_STP		28
106 
107 #define Q_IPX		29
108 
109 #define Q_NETBEUI	30
110 
111 /* IS-IS Levels */
112 #define Q_ISIS_L1       31
113 #define Q_ISIS_L2       32
114 /* PDU types */
115 #define Q_ISIS_IIH      33
116 #define Q_ISIS_LAN_IIH  34
117 #define Q_ISIS_PTP_IIH  35
118 #define Q_ISIS_SNP      36
119 #define Q_ISIS_CSNP     37
120 #define Q_ISIS_PSNP     38
121 #define Q_ISIS_LSP      39
122 
123 #define Q_RADIO		40
124 
125 #define Q_CARP		41
126 
127 /* Directional qualifiers. */
128 
129 #define Q_SRC		1
130 #define Q_DST		2
131 #define Q_OR		3
132 #define Q_AND		4
133 #define Q_ADDR1		5
134 #define Q_ADDR2		6
135 #define Q_ADDR3		7
136 #define Q_ADDR4		8
137 #define Q_RA		9
138 #define Q_TA		10
139 
140 #define Q_DEFAULT	0
141 #define Q_UNDEF		255
142 
143 /* ATM types */
144 #define A_METAC		22	/* Meta signalling Circuit */
145 #define A_BCC		23	/* Broadcast Circuit */
146 #define A_OAMF4SC	24	/* Segment OAM F4 Circuit */
147 #define A_OAMF4EC	25	/* End-to-End OAM F4 Circuit */
148 #define A_SC		26	/* Signalling Circuit*/
149 #define A_ILMIC		27	/* ILMI Circuit */
150 #define A_OAM		28	/* OAM cells : F4 only */
151 #define A_OAMF4		29	/* OAM F4 cells: Segment + End-to-end */
152 #define A_LANE		30	/* LANE traffic */
153 #define A_LLC		31	/* LLC-encapsulated traffic */
154 
155 /* Based on Q.2931 signalling protocol */
156 #define A_SETUP		41	/* Setup message */
157 #define A_CALLPROCEED	42	/* Call proceeding message */
158 #define A_CONNECT	43	/* Connect message */
159 #define A_CONNECTACK	44	/* Connect Ack message */
160 #define A_RELEASE	45	/* Release message */
161 #define A_RELEASE_DONE	46	/* Release message */
162 
163 /* ATM field types */
164 #define A_VPI		51
165 #define A_VCI		52
166 #define A_PROTOTYPE	53
167 #define A_MSGTYPE	54
168 #define A_CALLREFTYPE	55
169 
170 #define A_CONNECTMSG	70	/* returns Q.2931 signalling messages for
171 				   establishing and destroying switched
172 				   virtual connection */
173 #define A_METACONNECT	71	/* returns Q.2931 signalling messages for
174 				   establishing and destroying predefined
175 				   virtual circuits, such as broadcast
176 				   circuit, oamf4 segment circuit, oamf4
177 				   end-to-end circuits, ILMI circuits or
178 				   connection signalling circuit. */
179 
180 /* MTP2 types */
181 #define M_FISU		22	/* FISU */
182 #define M_LSSU		23	/* LSSU */
183 #define M_MSU		24	/* MSU */
184 
185 /* MTP2 HSL types */
186 #define MH_FISU		25	/* FISU for HSL */
187 #define MH_LSSU		26	/* LSSU */
188 #define MH_MSU		27	/* MSU */
189 
190 /* MTP3 field types */
191 #define M_SIO		1
192 #define M_OPC		2
193 #define M_DPC		3
194 #define M_SLS		4
195 
196 /* MTP3 field types in case of MTP2 HSL */
197 #define MH_SIO		5
198 #define MH_OPC		6
199 #define MH_DPC		7
200 #define MH_SLS		8
201 
202 
203 struct slist;
204 
205 struct stmt {
206 	int code;
207 	struct slist *jt;	/*only for relative jump in block*/
208 	struct slist *jf;	/*only for relative jump in block*/
209 	bpf_int32 k;
210 };
211 
212 struct slist {
213 	struct stmt s;
214 	struct slist *next;
215 };
216 
217 /*
218  * A bit vector to represent definition sets.  We assume TOT_REGISTERS
219  * is smaller than 8*sizeof(atomset).
220  */
221 typedef bpf_u_int32 atomset;
222 #define ATOMMASK(n) (1 << (n))
223 #define ATOMELEM(d, n) (d & ATOMMASK(n))
224 
225 /*
226  * An unbounded set.
227  */
228 typedef bpf_u_int32 *uset;
229 
230 /*
231  * Total number of atomic entities, including accumulator (A) and index (X).
232  * We treat all these guys similarly during flow analysis.
233  */
234 #define N_ATOMS (BPF_MEMWORDS+2)
235 
236 struct edge {
237 	int id;
238 	int code;
239 	uset edom;
240 	struct block *succ;
241 	struct block *pred;
242 	struct edge *next;	/* link list of incoming edges for a node */
243 };
244 
245 struct block {
246 	int id;
247 	struct slist *stmts;	/* side effect stmts */
248 	struct stmt s;		/* branch stmt */
249 	int mark;
250 	u_int longjt;		/* jt branch requires long jump */
251 	u_int longjf;		/* jf branch requires long jump */
252 	int level;
253 	int offset;
254 	int sense;
255 	struct edge et;
256 	struct edge ef;
257 	struct block *head;
258 	struct block *link;	/* link field used by optimizer */
259 	uset dom;
260 	uset closure;
261 	struct edge *in_edges;
262 	atomset def, kill;
263 	atomset in_use;
264 	atomset out_use;
265 	int oval;
266 	int val[N_ATOMS];
267 };
268 
269 /*
270  * A value of 0 for val[i] means the value is unknown.
271  */
272 #define VAL_UNKNOWN	0
273 
274 struct arth {
275 	struct block *b;	/* protocol checks */
276 	struct slist *s;	/* stmt list */
277 	int regno;		/* virtual register number of result */
278 };
279 
280 struct qual {
281 	unsigned char addr;
282 	unsigned char proto;
283 	unsigned char dir;
284 	unsigned char pad;
285 };
286 
287 struct _compiler_state;
288 
289 typedef struct _compiler_state compiler_state_t;
290 
291 struct arth *gen_loadi(compiler_state_t *, int);
292 struct arth *gen_load(compiler_state_t *, int, struct arth *, int);
293 struct arth *gen_loadlen(compiler_state_t *);
294 struct arth *gen_neg(compiler_state_t *, struct arth *);
295 struct arth *gen_arth(compiler_state_t *, int, struct arth *, struct arth *);
296 
297 void gen_and(struct block *, struct block *);
298 void gen_or(struct block *, struct block *);
299 void gen_not(struct block *);
300 
301 struct block *gen_scode(compiler_state_t *, const char *, struct qual);
302 struct block *gen_ecode(compiler_state_t *, const u_char *, struct qual);
303 struct block *gen_acode(compiler_state_t *, const u_char *, struct qual);
304 struct block *gen_mcode(compiler_state_t *, const char *, const char *,
305     unsigned int, struct qual);
306 #ifdef INET6
307 struct block *gen_mcode6(compiler_state_t *, const char *, const char *,
308     unsigned int, struct qual);
309 #endif
310 struct block *gen_ncode(compiler_state_t *, const char *, bpf_u_int32,
311     struct qual);
312 struct block *gen_proto_abbrev(compiler_state_t *, int);
313 struct block *gen_relation(compiler_state_t *, int, struct arth *,
314     struct arth *, int);
315 struct block *gen_less(compiler_state_t *, int);
316 struct block *gen_greater(compiler_state_t *, int);
317 struct block *gen_byteop(compiler_state_t *, int, int, int);
318 struct block *gen_broadcast(compiler_state_t *, int);
319 struct block *gen_multicast(compiler_state_t *, int);
320 struct block *gen_inbound(compiler_state_t *, int);
321 
322 struct block *gen_llc(compiler_state_t *);
323 struct block *gen_llc_i(compiler_state_t *);
324 struct block *gen_llc_s(compiler_state_t *);
325 struct block *gen_llc_u(compiler_state_t *);
326 struct block *gen_llc_s_subtype(compiler_state_t *, bpf_u_int32);
327 struct block *gen_llc_u_subtype(compiler_state_t *, bpf_u_int32);
328 
329 struct block *gen_vlan(compiler_state_t *, int);
330 struct block *gen_mpls(compiler_state_t *, int);
331 
332 struct block *gen_pppoed(compiler_state_t *);
333 struct block *gen_pppoes(compiler_state_t *, int);
334 
335 struct block *gen_geneve(compiler_state_t *, int);
336 
337 struct block *gen_atmfield_code(compiler_state_t *, int, bpf_int32,
338     bpf_u_int32, int);
339 struct block *gen_atmtype_abbrev(compiler_state_t *, int type);
340 struct block *gen_atmmulti_abbrev(compiler_state_t *, int type);
341 
342 struct block *gen_mtp2type_abbrev(compiler_state_t *, int type);
343 struct block *gen_mtp3field_code(compiler_state_t *, int, bpf_u_int32,
344     bpf_u_int32, int);
345 
346 #ifndef HAVE_NET_PFVAR_H
347 PCAP_NORETURN
348 #endif
349 struct block *gen_pf_ifname(compiler_state_t *, const char *);
350 #ifndef HAVE_NET_PFVAR_H
351 PCAP_NORETURN
352 #endif
353 struct block *gen_pf_rnr(compiler_state_t *, int);
354 #ifndef HAVE_NET_PFVAR_H
355 PCAP_NORETURN
356 #endif
357 struct block *gen_pf_srnr(compiler_state_t *, int);
358 #ifndef HAVE_NET_PFVAR_H
359 PCAP_NORETURN
360 #endif
361 struct block *gen_pf_ruleset(compiler_state_t *, char *);
362 #ifndef HAVE_NET_PFVAR_H
363 PCAP_NORETURN
364 #endif
365 struct block *gen_pf_reason(compiler_state_t *, int);
366 #ifndef HAVE_NET_PFVAR_H
367 PCAP_NORETURN
368 #endif
369 struct block *gen_pf_action(compiler_state_t *, int);
370 
371 struct block *gen_p80211_type(compiler_state_t *, int, int);
372 struct block *gen_p80211_fcdir(compiler_state_t *, int);
373 
374 /*
375  * Representation of a program as a tree of blocks, plus current mark.
376  * A block is marked if only if its mark equals the current mark.
377  * Rather than traverse the code array, marking each item, 'cur_mark'
378  * is incremented.  This automatically makes each element unmarked.
379  */
380 #define isMarked(icp, p) ((p)->mark == (icp)->cur_mark)
381 #define unMarkAll(icp) (icp)->cur_mark += 1
382 #define Mark(icp, p) ((p)->mark = (icp)->cur_mark)
383 
384 struct icode {
385 	struct block *root;
386 	int cur_mark;
387 };
388 
389 void bpf_optimize(compiler_state_t *, struct icode *ic);
390 void PCAP_NORETURN bpf_syntax_error(compiler_state_t *, const char *);
391 void PCAP_NORETURN bpf_error(compiler_state_t *, const char *, ...)
392     PCAP_PRINTFLIKE(2, 3);
393 
394 void finish_parse(compiler_state_t *, struct block *);
395 char *sdup(compiler_state_t *, const char *);
396 
397 struct bpf_insn *icode_to_fcode(compiler_state_t *, struct icode *,
398     struct block *, u_int *);
399 void sappend(struct slist *, struct slist *);
400 
401 /*
402  * Older versions of Bison don't put this declaration in
403  * grammar.h.
404  */
405 int pcap_parse(void *, compiler_state_t *);
406 
407 /* XXX */
408 #define JT(b)  ((b)->et.succ)
409 #define JF(b)  ((b)->ef.succ)
410