1/*- 2 * SPDX-License-Identifier: BSD-2-Clause 3 * 4 * Copyright (c) 2021 Rubicon Communications, LLC (Netgate) 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: 9 * 1. Redistributions of source code must retain the above copyright 10 * notice, this list of conditions and the following disclaimer. 11 * 2. Redistributions in binary form must reproduce the above copyright 12 * notice, this list of conditions and the following disclaimer in the 13 * documentation and/or other materials provided with the distribution. 14 * 15 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 16 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 17 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 18 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 19 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 20 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 21 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 22 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 23 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 24 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 25 * SUCH DAMAGE. 26 * 27 */ 28#ifndef _PF_NV_H_ 29#define _PF_NV_H_ 30 31#include <sys/nv.h> 32#include <sys/sdt.h> 33#include <sys/socket.h> 34#include <sys/types.h> 35 36#include <net/if.h> 37#include <net/if_var.h> 38#include <net/pfvar.h> 39 40SDT_PROBE_DECLARE(pf, ioctl, function, error); 41SDT_PROBE_DECLARE(pf, ioctl, nvchk, error); 42 43#define ERROUT_FUNCTION(target, x) \ 44 do { \ 45 error = (x); \ 46 SDT_PROBE3(pf, ioctl, function, error, __func__, error, \ 47 __LINE__); \ 48 goto target; \ 49 } while (0) 50 51#define PFNV_CHK(x) do { \ 52 error = (x); \ 53 SDT_PROBE2(pf, ioctl, nvchk, error, error, __LINE__); \ 54 if (error != 0) \ 55 goto errout; \ 56 } while (0) 57 58#define PF_NV_DEF_UINT(fnname, type, max) \ 59 int pf_nv ## fnname ## _opt(const nvlist_t *, const char *, \ 60 type *, type); \ 61 int pf_nv ## fnname(const nvlist_t *, const char *, type *); \ 62 int pf_nv ## fnname ## _array(const nvlist_t *, const char *, \ 63 type *,size_t, size_t *); \ 64 void pf_ ## fnname ## _array_nv(nvlist_t *, const char *, \ 65 const type *, size_t); 66 67PF_NV_DEF_UINT(uint8, uint8_t, UINT8_MAX); 68PF_NV_DEF_UINT(uint16, uint16_t, UINT16_MAX); 69PF_NV_DEF_UINT(uint32, uint32_t, UINT32_MAX); 70PF_NV_DEF_UINT(uint64, uint64_t, UINT64_MAX); 71 72int pf_nvbool(const nvlist_t *, const char *, bool *); 73int pf_nvbinary(const nvlist_t *, const char *, void *, size_t); 74int pf_nvint(const nvlist_t *, const char *, int *); 75int pf_nvstring(const nvlist_t *, const char *, char *, size_t); 76 77/* Translation functions */ 78 79int pf_check_rule_addr(const struct pf_rule_addr *); 80 81nvlist_t *pf_krule_to_nvrule(struct pf_krule *); 82int pf_nvrule_to_krule(const nvlist_t *, struct pf_krule *); 83int pf_nvstate_kill_to_kstate_kill(const nvlist_t *, 84 struct pf_kstate_kill *); 85nvlist_t *pf_state_to_nvstate(const struct pf_kstate *); 86 87nvlist_t *pf_keth_rule_to_nveth_rule(const struct pf_keth_rule *); 88int pf_nveth_rule_to_keth_rule(const nvlist_t *, struct pf_keth_rule *); 89#endif 90