Changeset 57904 in vbox

Timestamp:

Sep 25, 2015 7:57:12 PM (9 years ago)

Author:

vboxsync

Message:

VBoxNetFlt/darwin, VBoxNetAdp/darwin: Don't leak host-guest traffic to
the wire when the interface is in promiscuous mode. Call bpf_tap_in
and bpf_tap_out in the filter. Adjust VBoxNetAdp accordingly.

Location:

trunk/src/VBox/HostDrivers

Files:

• VBoxNetAdp/darwin/VBoxNetAdp-darwin.cpp (modified) (2 diffs)
• VBoxNetFlt/darwin/VBoxNetFlt-darwin.cpp (modified) (5 diffs)

trunk/src/VBox/HostDrivers/VBoxNetAdp/darwin/VBoxNetAdp-darwin.cpp

@@ -144 +144 @@
 static errno_t vboxNetAdpDarwinOutput(ifnet_t pIface, mbuf_t pMBuf)
 {
-    PVBOXNETADP pThis = VBOXNETADP_FROM_IFACE(pIface);
-    Assert(pThis);
-    if (pThis->u.s.nTapMode & BPF_MODE_OUTPUT)
-    {
-        Log2(("vboxnetadp: out len=%d\n%.*Rhxd\n", mbuf_len(pMBuf), 14, mbuf_data(pMBuf)));
-        bpf_tap_out(pIface, DLT_EN10MB, pMBuf, NULL, 0);
-    }
+    /*
+     * We are a dummy interface with all the real work done in
+     * VBoxNetFlt bridged networking filter.  If anything makes it
+     * this far, just drop it, we have nowhere to send it to.
+     */
     mbuf_freem_list(pMBuf);
     return 0;
@@ -205 +203 @@
                                      protocol_family_t *pProtocolFamily)
 {
-    PVBOXNETADP pThis = VBOXNETADP_FROM_IFACE(pIface);
-    Assert(pThis);
-    Log2(("vboxNetAdpDarwinDemux: mode=%d\n", pThis->u.s.nTapMode));
-    if (pThis->u.s.nTapMode & BPF_MODE_INPUT)
-    {
-        Log2(("vboxnetadp: in len=%d\n%.*Rhxd\n", mbuf_len(pMBuf), 14, pFrameHeader));
-        bpf_tap_in(pIface, DLT_EN10MB, pMBuf, pFrameHeader, ETHER_HDR_LEN);
-    }
+    /*
+     * Anything we get here comes from VBoxNetFlt bridged networking
+     * filter where it has already been accounted for and fed to bpf.
+     */
     return ether_demux(pIface, pMBuf, pFrameHeader, pProtocolFamily);
 }

trunk/src/VBox/HostDrivers/VBoxNetFlt/darwin/VBoxNetFlt-darwin.cpp

@@ -59 +59 @@
 #include <net/if.h>
 #include <net/if_var.h>
+RT_C_DECLS_BEGIN
+#include <net/bpf.h>
+RT_C_DECLS_END
 #include <netinet/in.h>
 #include <netinet/in_var.h>
@@ -924 +927 @@
         {
             /*
-             * Check if this interface is in promiscuous mode. We should not drop
-             * any packets before they get to the driver as it passes them to tap
-             * callbacks in order for BPF to work properly.
+             * If the interface is in promiscuous mode we should let
+             * all inbound packets (this one was for a bridged guest)
+             * reach the driver as it passes them to tap callbacks in
+             * order for BPF to work properly.
              */
-            if (vboxNetFltDarwinIsPromiscuous(pThis))
+            if (   fSrc == INTNETTRUNKDIR_WIRE
+                && vboxNetFltDarwinIsPromiscuous(pThis))
+            {
                 fDropIt = false;
+            }
+
+            /*
+             * A packet from the host to a guest.  As we won't pass it
+             * to the drvier/wire we need to feed it to bpf ourselves.
+             */
+            if (fSrc == INTNETTRUNKDIR_HOST)
+            {
+                bpf_tap_out(pThis->u.s.pIfNet, DLT_EN10MB, pMBuf, NULL, 0);
+            }
         }
     }
@@ -1088 +1104 @@
             Assert(pThis->pSwitchPort);
             pThis->pSwitchPort->pfnReportMacAddress(pThis->pSwitchPort, &pThis->u.s.MacAddr);
+#if 0
+            /* 
+             * XXX: Don't tell SrvIntNetR0 if the interface is
+             * promiscuous, because there's no code yet to update that
+             * information and we don't want it stuck, spamming all
+             * traffic to the host.
+             */
             pThis->pSwitchPort->pfnReportPromiscuousMode(pThis->pSwitchPort, vboxNetFltDarwinIsPromiscuous(pThis));
+#endif
             pThis->pSwitchPort->pfnReportGsoCapabilities(pThis->pSwitchPort, 0,  INTNETTRUNKDIR_WIRE | INTNETTRUNKDIR_HOST);
             pThis->pSwitchPort->pfnReportNoPreemptDsts(pThis->pSwitchPort, 0 /* none */);
@@ -1127 +1151 @@
         /*
          * Create a mbuf for the gather list and push it onto the wire.
-         *
-         * Note! If the interface is in the promiscuous mode we need to send the
-         *       packet down the stack so it reaches the driver and Berkeley
-         *       Packet Filter (see @bugref{5817}).
          */
-        if ((fDst & INTNETTRUNKDIR_WIRE) || vboxNetFltDarwinIsPromiscuous(pThis))
+        if (fDst & INTNETTRUNKDIR_WIRE)
         {
             mbuf_t pMBuf = vboxNetFltDarwinMBufFromSG(pThis, pSG);
@@ -1153 +1173 @@
             if (pMBuf)
             {
-                /* This is what IONetworkInterface::inputPacket does. */
+                void *pvEthHdr = mbuf_data(pMBuf);
                 unsigned const cbEthHdr = 14;
-                mbuf_pkthdr_setheader(pMBuf, mbuf_data(pMBuf));
-                mbuf_pkthdr_setlen(pMBuf, mbuf_pkthdr_len(pMBuf) - cbEthHdr);
-                mbuf_setdata(pMBuf, (uint8_t *)mbuf_data(pMBuf) + cbEthHdr, mbuf_len(pMBuf) - cbEthHdr);
-                mbuf_pkthdr_setrcvif(pMBuf, pIfNet); /* will crash without this. */
-
+
+                mbuf_pkthdr_setrcvif(pMBuf, pIfNet);
+                mbuf_pkthdr_setheader(pMBuf, pvEthHdr); /* link-layer header */
+                mbuf_adj(pMBuf, cbEthHdr);              /* move to payload */
+
+                bpf_tap_in(pIfNet, DLT_EN10MB, pMBuf, pvEthHdr, cbEthHdr);
                 errno_t err = ifnet_input(pIfNet, pMBuf, NULL);
                 if (err)