1 /*-
2 * Copyright (c) 2014-2015 Sandvine Inc.
3 * All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 *
14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
15 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
16 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
17 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
18 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
19 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
20 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
21 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
22 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
23 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
24 * SUCH DAMAGE.
25 */
26
27 #include <sys/cdefs.h>
28 #include <sys/param.h>
29 #include <sys/iov.h>
30 #include <sys/nv.h>
31 #include <net/ethernet.h>
32
33 #include <err.h>
34 #include <errno.h>
35 #include <fcntl.h>
36 #include <regex.h>
37 #include <stdint.h>
38 #include <stdio.h>
39 #include <stdlib.h>
40 #include <string.h>
41 #include <ucl.h>
42 #include <unistd.h>
43
44 #include "iovctl.h"
45
46 static void
report_config_error(const char * key,const ucl_object_t * obj,const char * type)47 report_config_error(const char *key, const ucl_object_t *obj, const char *type)
48 {
49
50 errx(1, "Value '%s' of key '%s' is not of type %s",
51 ucl_object_tostring(obj), key, type);
52 }
53
54 /*
55 * Verifies that the value specified in the config file is a boolean value, and
56 * then adds the value to the configuration.
57 */
58 static void
add_bool_config(const char * key,const ucl_object_t * obj,nvlist_t * config)59 add_bool_config(const char *key, const ucl_object_t *obj, nvlist_t *config)
60 {
61 bool val;
62
63 if (!ucl_object_toboolean_safe(obj, &val))
64 report_config_error(key, obj, "bool");
65
66 nvlist_add_bool(config, key, val);
67 }
68
69 /*
70 * Verifies that the value specified in the config file is a string, and then
71 * adds the value to the configuration.
72 */
73 static void
add_string_config(const char * key,const ucl_object_t * obj,nvlist_t * config)74 add_string_config(const char *key, const ucl_object_t *obj, nvlist_t *config)
75 {
76 const char *val;
77
78 if (!ucl_object_tostring_safe(obj, &val))
79 report_config_error(key, obj, "string");
80
81 nvlist_add_string(config, key, val);
82 }
83
84 /*
85 * Verifies that the value specified in the config file is a integer value
86 * within the specified range, and then adds the value to the configuration.
87 */
88 static void
add_uint_config(const char * key,const ucl_object_t * obj,nvlist_t * config,const char * type,uint64_t max)89 add_uint_config(const char *key, const ucl_object_t *obj, nvlist_t *config,
90 const char *type, uint64_t max)
91 {
92 int64_t val;
93 uint64_t uval;
94
95 /* I must use a signed type here as libucl doesn't provide unsigned. */
96 if (!ucl_object_toint_safe(obj, &val))
97 report_config_error(key, obj, type);
98
99 if (val < 0)
100 report_config_error(key, obj, type);
101
102 uval = val;
103 if (uval > max)
104 report_config_error(key, obj, type);
105
106 nvlist_add_number(config, key, uval);
107 }
108
109 /*
110 * Verifies that the value specified in the config file is a unicast MAC
111 * address, and then adds the value to the configuration.
112 */
113 static void
add_unicast_mac_config(const char * key,const ucl_object_t * obj,nvlist_t * config)114 add_unicast_mac_config(const char *key, const ucl_object_t *obj, nvlist_t *config)
115 {
116 uint8_t mac[ETHER_ADDR_LEN];
117 const char *val, *token;
118 char *parse, *orig_parse, *tokpos, *endpos;
119 size_t len;
120 u_long value;
121 int i;
122
123 if (!ucl_object_tostring_safe(obj, &val))
124 report_config_error(key, obj, "unicast-mac");
125
126 parse = strdup(val);
127 orig_parse = parse;
128
129 i = 0;
130 while ((token = strtok_r(parse, ":", &tokpos)) != NULL) {
131 parse = NULL;
132
133 len = strlen(token);
134 if (len < 1 || len > 2)
135 report_config_error(key, obj, "unicast-mac");
136
137 value = strtoul(token, &endpos, 16);
138
139 if (*endpos != '\0')
140 report_config_error(key, obj, "unicast-mac");
141
142 if (value > UINT8_MAX)
143 report_config_error(key, obj, "unicast-mac");
144
145 if (i >= ETHER_ADDR_LEN)
146 report_config_error(key, obj, "unicast-mac");
147
148 mac[i] = value;
149 i++;
150 }
151
152 free(orig_parse);
153
154 if (i != ETHER_ADDR_LEN)
155 report_config_error(key, obj, "unicast-mac");
156
157 if (ETHER_IS_MULTICAST(mac))
158 errx(1, "Value '%s' of key '%s' is a multicast address",
159 ucl_object_tostring(obj), key);
160
161 nvlist_add_binary(config, key, mac, ETHER_ADDR_LEN);
162 }
163
164 static void
add_vlan_config(const char * key,const ucl_object_t * obj,nvlist_t * config)165 add_vlan_config(const char *key, const ucl_object_t *obj, nvlist_t *config)
166 {
167 int64_t val;
168 const char *strVal = "";
169
170 if(ucl_object_tostring_safe(obj, &strVal)) {
171 if (strcasecmp(strVal, "trunk") == 0) {
172 nvlist_add_number(config, key, VF_VLAN_TRUNK);
173 return;
174 }
175 report_config_error(key, obj, "vlan");
176 }
177
178 if (!ucl_object_toint_safe(obj, &val))
179 report_config_error(key, obj, "vlan");
180
181 if (val < 0 || val > 4095)
182 report_config_error(key, obj, "vlan");
183
184 nvlist_add_number(config, key, val);
185 }
186
187 /*
188 * Validates that the given configuration value has the right type as specified
189 * in the schema, and then adds the value to the configuration node.
190 */
191 static void
add_config(const char * key,const ucl_object_t * obj,nvlist_t * config,const nvlist_t * schema)192 add_config(const char *key, const ucl_object_t *obj, nvlist_t *config,
193 const nvlist_t *schema)
194 {
195 const char *type;
196
197 type = nvlist_get_string(schema, TYPE_SCHEMA_NAME);
198
199 if (strcasecmp(type, "bool") == 0)
200 add_bool_config(key, obj, config);
201 else if (strcasecmp(type, "string") == 0)
202 add_string_config(key, obj, config);
203 else if (strcasecmp(type, "uint8_t") == 0)
204 add_uint_config(key, obj, config, type, UINT8_MAX);
205 else if (strcasecmp(type, "uint16_t") == 0)
206 add_uint_config(key, obj, config, type, UINT16_MAX);
207 else if (strcasecmp(type, "uint32_t") == 0)
208 add_uint_config(key, obj, config, type, UINT32_MAX);
209 else if (strcasecmp(type, "uint64_t") == 0)
210 add_uint_config(key, obj, config, type, UINT64_MAX);
211 else if (strcasecmp(type, "unicast-mac") == 0)
212 add_unicast_mac_config(key, obj, config);
213 else if (strcasecmp(type, "vlan") == 0)
214 add_vlan_config(key, obj, config);
215 else
216 errx(1, "Unexpected type '%s' in schema", type);
217 }
218
219 /*
220 * Parses all values specified in a device section in the configuration file,
221 * validates that the key/value pair is valid in the schema, and then adds
222 * the key/value pair to the correct subsystem in the config.
223 */
224 static void
parse_device_config(const ucl_object_t * top,nvlist_t * config,const char * subsystem,const nvlist_t * schema)225 parse_device_config(const ucl_object_t *top, nvlist_t *config,
226 const char *subsystem, const nvlist_t *schema)
227 {
228 ucl_object_iter_t it;
229 const ucl_object_t *obj;
230 nvlist_t *subsystem_config, *driver_config, *iov_config;
231 const nvlist_t *driver_schema, *iov_schema;
232 const char *key;
233
234 if (nvlist_exists(config, subsystem))
235 errx(1, "Multiple definitions of '%s' in config file",
236 subsystem);
237
238 driver_schema = nvlist_get_nvlist(schema, DRIVER_CONFIG_NAME);
239 iov_schema = nvlist_get_nvlist(schema, IOV_CONFIG_NAME);
240
241 driver_config = nvlist_create(NV_FLAG_IGNORE_CASE);
242 if (driver_config == NULL)
243 err(1, "Could not allocate config nvlist");
244
245 iov_config = nvlist_create(NV_FLAG_IGNORE_CASE);
246 if (iov_config == NULL)
247 err(1, "Could not allocate config nvlist");
248
249 subsystem_config = nvlist_create(NV_FLAG_IGNORE_CASE);
250 if (subsystem_config == NULL)
251 err(1, "Could not allocate config nvlist");
252
253 it = NULL;
254 while ((obj = ucl_iterate_object(top, &it, true)) != NULL) {
255 key = ucl_object_key(obj);
256
257 if (nvlist_exists_nvlist(iov_schema, key))
258 add_config(key, obj, iov_config,
259 nvlist_get_nvlist(iov_schema, key));
260 else if (nvlist_exists_nvlist(driver_schema, key))
261 add_config(key, obj, driver_config,
262 nvlist_get_nvlist(driver_schema, key));
263 else
264 errx(1, "%s: Invalid config key '%s'", subsystem, key);
265 }
266
267 nvlist_move_nvlist(subsystem_config, DRIVER_CONFIG_NAME, driver_config);
268 nvlist_move_nvlist(subsystem_config, IOV_CONFIG_NAME, iov_config);
269 nvlist_move_nvlist(config, subsystem, subsystem_config);
270 }
271
272 /*
273 * Parses the specified config file using the given schema, and returns an
274 * nvlist containing the configuration specified by the file.
275 *
276 * Exits with a message to stderr and an error if any config validation fails.
277 */
278 nvlist_t *
parse_config_file(const char * filename,const nvlist_t * schema)279 parse_config_file(const char *filename, const nvlist_t *schema)
280 {
281 ucl_object_iter_t it;
282 struct ucl_parser *parser;
283 ucl_object_t *top;
284 const ucl_object_t *obj;
285 nvlist_t *config;
286 const nvlist_t *pf_schema, *vf_schema;
287 const char *errmsg, *key;
288 regex_t vf_pat;
289 int regex_err, processed_vf;
290
291 regex_err = regcomp(&vf_pat, "^"VF_PREFIX"([1-9][0-9]*|0)$",
292 REG_EXTENDED | REG_ICASE);
293 if (regex_err != 0)
294 errx(1, "Could not compile VF regex");
295
296 parser = ucl_parser_new(0);
297 if (parser == NULL)
298 err(1, "Could not allocate parser");
299
300 if (!ucl_parser_add_file(parser, filename))
301 err(1, "Could not open '%s' for reading", filename);
302
303 errmsg = ucl_parser_get_error(parser);
304 if (errmsg != NULL)
305 errx(1, "Could not parse '%s': %s", filename, errmsg);
306
307 config = nvlist_create(NV_FLAG_IGNORE_CASE);
308 if (config == NULL)
309 err(1, "Could not allocate config nvlist");
310
311 pf_schema = nvlist_get_nvlist(schema, PF_CONFIG_NAME);
312 vf_schema = nvlist_get_nvlist(schema, VF_SCHEMA_NAME);
313
314 processed_vf = 0;
315 top = ucl_parser_get_object(parser);
316 it = NULL;
317 while ((obj = ucl_iterate_object(top, &it, true)) != NULL) {
318 key = ucl_object_key(obj);
319
320 if (strcasecmp(key, PF_CONFIG_NAME) == 0)
321 parse_device_config(obj, config, key, pf_schema);
322 else if (strcasecmp(key, DEFAULT_SCHEMA_NAME) == 0) {
323 /*
324 * Enforce that the default section must come before all
325 * VF sections. This will hopefully prevent confusing
326 * the user by having a default value apply to a VF
327 * that was declared earlier in the file.
328 *
329 * This also gives us the flexibility to extend the file
330 * format in the future to allow for multiple default
331 * sections that do only apply to subsequent VF
332 * sections.
333 */
334 if (processed_vf)
335 errx(1,
336 "'default' section must precede all VF sections");
337
338 parse_device_config(obj, config, key, vf_schema);
339 } else if (regexec(&vf_pat, key, 0, NULL, 0) == 0) {
340 processed_vf = 1;
341 parse_device_config(obj, config, key, vf_schema);
342 } else
343 errx(1, "Unexpected top-level node: %s", key);
344 }
345
346 validate_config(config, schema, &vf_pat);
347
348 ucl_object_unref(top);
349 ucl_parser_free(parser);
350 regfree(&vf_pat);
351
352 return (config);
353 }
354
355 /*
356 * Parse the PF configuration section for and return the value specified for
357 * the device parameter, or NULL if the device is not specified.
358 */
359 static const char *
find_pf_device(const ucl_object_t * pf)360 find_pf_device(const ucl_object_t *pf)
361 {
362 ucl_object_iter_t it;
363 const ucl_object_t *obj;
364 const char *key, *device;
365
366 it = NULL;
367 while ((obj = ucl_iterate_object(pf, &it, true)) != NULL) {
368 key = ucl_object_key(obj);
369
370 if (strcasecmp(key, "device") == 0) {
371 if (!ucl_object_tostring_safe(obj, &device))
372 err(1,
373 "Config PF.device must be a string");
374
375 return (device);
376 }
377 }
378
379 return (NULL);
380 }
381
382 /*
383 * Manually parse the config file looking for the name of the PF device. We
384 * have to do this separately because we need the config schema to call the
385 * normal config file parsing code, and we need to know the name of the PF
386 * device so that we can fetch the schema from it.
387 *
388 * This will always exit on failure, so if it returns then it is guaranteed to
389 * have returned a valid device name.
390 */
391 char *
find_device(const char * filename)392 find_device(const char *filename)
393 {
394 char *device;
395 const char *deviceName;
396 ucl_object_iter_t it;
397 struct ucl_parser *parser;
398 ucl_object_t *top;
399 const ucl_object_t *obj;
400 const char *errmsg, *key;
401 int error;
402
403 device = NULL;
404 deviceName = NULL;
405
406 parser = ucl_parser_new(0);
407 if (parser == NULL)
408 err(1, "Could not allocate parser");
409
410 if (!ucl_parser_add_file(parser, filename))
411 err(1, "Could not open '%s' for reading", filename);
412
413 errmsg = ucl_parser_get_error(parser);
414 if (errmsg != NULL)
415 errx(1, "Could not parse '%s': %s", filename, errmsg);
416
417 top = ucl_parser_get_object (parser);
418 it = NULL;
419 while ((obj = ucl_iterate_object(top, &it, true)) != NULL) {
420 key = ucl_object_key(obj);
421
422 if (strcasecmp(key, PF_CONFIG_NAME) == 0) {
423 deviceName = find_pf_device(obj);
424 break;
425 }
426 }
427
428 if (deviceName == NULL)
429 errx(1, "Config file does not specify device");
430
431 error = asprintf(&device, "/dev/iov/%s", deviceName);
432 if (error < 0)
433 err(1, "Could not allocate memory for device");
434
435 ucl_object_unref(top);
436 ucl_parser_free(parser);
437
438 return (device);
439 }
440