Packet.h

Go to the documentation of this file.
00001 /*
00002  * Copyright (c) 1999 - 2005 NetGroup, Politecnico di Torino (Italy)
00003  * Copyright (c) 2005 - 2007 CACE Technologies, Davis (California)
00004  * All rights reserved.
00005  *
00006  * Redistribution and use in source and binary forms, with or without
00007  * modification, are permitted provided that the following conditions
00008  * are met:
00009  *
00010  * 1. Redistributions of source code must retain the above copyright
00011  * notice, this list of conditions and the following disclaimer.
00012  * 2. Redistributions in binary form must reproduce the above copyright
00013  * notice, this list of conditions and the following disclaimer in the
00014  * documentation and/or other materials provided with the distribution.
00015  * 3. Neither the name of the Politecnico di Torino, CACE Technologies 
00016  * nor the names of its contributors may be used to endorse or promote 
00017  * products derived from this software without specific prior written 
00018  * permission.
00019  *
00020  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
00021  * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
00022  * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
00023  * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
00024  * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
00025  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
00026  * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
00027  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
00028  * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
00029  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
00030  * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
00031  *
00032  */
00033 
00042 #ifndef __PACKET_INCLUDE______
00043 #define __PACKET_INCLUDE______
00044 
00045 #ifdef _X86_
00046 #define NTKERNEL    
00047 #include "jitter.h"
00048 #endif
00049 
00050 #ifdef HAVE_BUGGY_TME_SUPPORT
00051 #ifndef _X86_
00052 #error TME support is available only on x86 architectures
00053 #endif // _X86_
00054 #endif //HAVE_BUGGY_TME_SUPPORT
00055 
00056 
00057 //
00058 // Needed to disable a warning due to the #pragma prefast directives,
00059 // that are ignored by the normal DDK compiler
00060 //
00061 #ifndef _PREFAST_
00062 #pragma warning(disable:4068)
00063 #endif
00064 
00065 #include "win_bpf.h"
00066 
00067 #define  MAX_REQUESTS   32 
00068 
00069 #define Packet_ALIGNMENT sizeof(int) 
00070 #define Packet_WORDALIGN(x) (((x)+(Packet_ALIGNMENT-1))&~(Packet_ALIGNMENT-1))  
00071 
00072 
00073 #define KERNEL_EVENT_NAMESPACE L"\\BaseNamedObjects\\"
00074 
00075 
00076 // Working modes
00077 #define MODE_CAPT 0x0       
00078 #define MODE_STAT 0x1       
00079 #define MODE_MON  0x2       
00080 #define MODE_DUMP 0x10      
00081 
00082 
00083 #define IMMEDIATE 1         
00084 
00085 #define NDIS_FLAGS_SKIP_LOOPBACK_W2K    0x400 
00086 
00087 // The following definitions are used to provide compatibility 
00088 // of the dump files with the ones of libpcap
00089 #define TCPDUMP_MAGIC 0xa1b2c3d4    
00090 #define PCAP_VERSION_MAJOR 2        
00091 #define PCAP_VERSION_MINOR 4        
00092 
00093 // Loopback behaviour definitions
00094 #define NPF_DISABLE_LOOPBACK    1   
00095 #define NPF_ENABLE_LOOPBACK     2   
00096 
00097 
00102 struct packet_file_header 
00103 {
00104     UINT magic;             
00105     USHORT version_major;   
00106     USHORT version_minor;   
00107     UINT thiszone;          
00108     UINT sigfigs;           
00109     UINT snaplen;           
00110     UINT linktype;          
00111 };
00112 
00117 struct sf_pkthdr {
00118     struct timeval  ts;         
00119     UINT            caplen;     
00120 
00121 
00122     UINT            len;        
00123 };
00124 
00125 //
00126 // NT4 DDK doesn't have C_ASSERT
00127 //
00128 #ifndef C_ASSERT
00129 #define C_ASSERT(a)
00130 #endif
00131 
00139 typedef struct _PACKET_OID_DATA {
00140     ULONG Oid;                  
00141 
00142     ULONG Length;               
00143     UCHAR Data[1];              
00144 
00145 }
00146     PACKET_OID_DATA, *PPACKET_OID_DATA;
00147 
00148 C_ASSERT(sizeof(PACKET_OID_DATA) == 12);
00149 
00159 typedef struct _INTERNAL_REQUEST {
00160     LIST_ENTRY      ListElement;        
00161 //    PIRP          Irp;                ///< Irp that performed the request
00162 //  BOOLEAN         Internal;           ///< True if the request is for internal use of npf.sys. False if the request is performed by the user through an IOCTL.
00163     NDIS_EVENT      InternalRequestCompletedEvent;
00164     NDIS_REQUEST    Request;            
00165     NDIS_STATUS     RequestStatus;
00166 
00167 } INTERNAL_REQUEST, *PINTERNAL_REQUEST;
00168 
00176 typedef struct _PACKET_RESERVED {
00177     LIST_ENTRY      ListElement;        
00178     PIRP            Irp;                
00179     PMDL            pMdl;               
00180     BOOLEAN         FreeBufAfterWrite;  
00181 
00182     ULONG           Cpu;                
00183 }  PACKET_RESERVED, *PPACKET_RESERVED;
00184 
00185 #define RESERVED(_p) ((PPACKET_RESERVED)((_p)->ProtocolReserved)) 
00186 
00187 
00192 typedef struct _DEVICE_EXTENSION {
00193     NDIS_STRING    AdapterName;         
00194     PWSTR          ExportString;        
00195 
00196 } DEVICE_EXTENSION, *PDEVICE_EXTENSION;
00197 
00203 typedef struct __CPU_Private_Data
00204 {
00205     ULONG   P;                  
00206     ULONG   C;                  
00207     ULONG   Free;               
00208     PUCHAR  Buffer;             
00209     ULONG   Accepted;           
00210 
00211 
00212 
00213     ULONG   Received;           
00214 
00215 
00216 
00217     ULONG   Dropped;            
00218 
00219 
00220 
00221     NDIS_SPIN_LOCK BufferLock;  
00222     PMDL    TransferMdl1;       
00223     PMDL    TransferMdl2;       
00224     ULONG   NewP;               
00225 }
00226     CpuPrivateData;
00227 
00228 
00236 typedef struct _OPEN_INSTANCE
00237 {
00238     PDEVICE_EXTENSION   DeviceExtension;    
00239 
00240     NDIS_HANDLE         AdapterHandle;      
00241     UINT                Medium;             
00242 
00243     NDIS_HANDLE         PacketPool;         
00244     KSPIN_LOCK          RequestSpinLock;    
00245     LIST_ENTRY          RequestList;        
00246     LIST_ENTRY          ResetIrpList;       
00247     INTERNAL_REQUEST    Requests[MAX_REQUESTS]; 
00248     PMDL                BufferMdl;          
00249     PKEVENT             ReadEvent;          
00250     PUCHAR              bpfprogram;         
00251 
00252 
00253 
00254 
00255 #ifdef _X86_
00256     JIT_BPF_Filter      *Filter;            
00257 
00258 #endif //_X86_
00259     UINT                MinToCopy;          
00260 
00261     LARGE_INTEGER       TimeOut;            
00262 
00263                                             
00264     int                 mode;               
00265     LARGE_INTEGER       Nbytes;             
00266     LARGE_INTEGER       Npackets;           
00267     NDIS_SPIN_LOCK      CountersLock;       
00268     UINT                Nwrites;            
00269 
00270     ULONG               Multiple_Write_Counter; 
00271     NDIS_EVENT          WriteEvent;         
00272     BOOLEAN             WriteInProgress;    
00273 
00274     NDIS_SPIN_LOCK      WriteLock;          
00275     NDIS_EVENT          NdisRequestEvent;   
00276     BOOLEAN             SkipSentPackets;    
00277     NDIS_STATUS         IOStatus;           
00278     HANDLE              DumpFileHandle;     
00279     PFILE_OBJECT        DumpFileObject;     
00280     PKTHREAD            DumpThreadObject;   
00281     HANDLE              DumpThreadHandle;   
00282     NDIS_EVENT          DumpEvent;          
00283     LARGE_INTEGER       DumpOffset;         
00284     UNICODE_STRING      DumpFileName;       
00285     UINT                MaxDumpBytes;       
00286 
00287     UINT                MaxDumpPacks;       
00288 
00289 
00290     BOOLEAN             DumpLimitReached;   
00291 
00292 #ifdef HAVE_BUGGY_TME_SUPPORT
00293     MEM_TYPE            mem_ex;             
00294     TME_CORE            tme;                
00295 #endif //HAVE_BUGGY_TME_SUPPORT
00296 
00297     NDIS_SPIN_LOCK      MachineLock;        
00298     UINT                MaxFrameSize;       
00299 
00300     //
00301     // KAFFINITY is used as a bit mask for the affinity in the system. So on every supported OS is big enough for all the CPUs on the system (32 bits on x86, 64 on x64?).
00302     // We use its size to compute the max number of CPUs.
00303     //
00304     CpuPrivateData      CpuData[sizeof(KAFFINITY) * 8];     
00305     ULONG               ReaderSN;           
00306     ULONG               WriterSN;           
00307 
00308     ULONG               Size;               
00309     ULONG              AdapterHandleUsageCounter;
00310     NDIS_SPIN_LOCK     AdapterHandleLock;
00311     ULONG              AdapterBindingStatus;    
00312 
00313     NDIS_EVENT         NdisOpenCloseCompleteEvent;
00314     NDIS_EVENT         NdisWriteCompleteEvent;  
00315     NTSTATUS           OpenCloseStatus;
00316     ULONG              TransmitPendingPackets;  
00317 }
00318 OPEN_INSTANCE, *POPEN_INSTANCE;
00319 
00320 enum ADAPTER_BINDING_STATUS
00321 {
00322     ADAPTER_UNBOUND,
00323     ADAPTER_BOUND,
00324     ADAPTER_UNBINDING,
00325 };
00326 
00334 struct PacketHeader
00335 {
00336     ULONG SN;                               
00337     struct bpf_hdr header;                  
00338 };
00339 
00340 extern ULONG        g_NCpu;
00341 extern NDIS_HANDLE  g_NdisProtocolHandle;
00342 extern struct time_conv G_Start_Time; // from openclos.c
00343 extern UINT         g_SendPacketFlags;
00344 
00345 #define TRANSMIT_PACKETS 256    
00346 
00347 
00348 
00350 #define EXIT_SUCCESS(quantity) Irp->IoStatus.Information=quantity;\
00351     Irp->IoStatus.Status = STATUS_SUCCESS;\
00352     IoCompleteRequest(Irp, IO_NO_INCREMENT);\
00353     return STATUS_SUCCESS;\
00354 
00356 #define EXIT_FAILURE(quantity) Irp->IoStatus.Information=quantity;\
00357     Irp->IoStatus.Status = STATUS_UNSUCCESSFUL;\
00358     IoCompleteRequest(Irp, IO_NO_INCREMENT);\
00359     return STATUS_UNSUCCESSFUL;\
00360 
00361 
00366 /***************************/
00367 /*       Prototypes        */
00368 /***************************/
00369 
00386 NTSTATUS
00387 DriverEntry(
00388     IN PDRIVER_OBJECT DriverObject,
00389     IN PUNICODE_STRING RegistryPath
00390     );
00391 
00401 PWCHAR getAdaptersList(VOID);
00402 
00409 PKEY_VALUE_PARTIAL_INFORMATION getTcpBindings(VOID);
00410 
00421 BOOLEAN NPF_CreateDevice(
00422     IN OUT PDRIVER_OBJECT adriverObjectP,
00423     IN PUNICODE_STRING amacNameP
00424     );
00436 NTSTATUS
00437 NPF_Open(
00438     IN PDEVICE_OBJECT DeviceObject,
00439     IN PIRP Irp
00440     );
00441 
00451 VOID
00452 NPF_OpenAdapterComplete(
00453     IN NDIS_HANDLE  ProtocolBindingContext,
00454     IN NDIS_STATUS  Status,
00455     IN NDIS_STATUS  OpenErrorStatus
00456     );
00457 
00468 NTSTATUS
00469 NPF_Cleanup(
00470     IN PDEVICE_OBJECT DeviceObject,
00471     IN PIRP Irp
00472     );
00473 
00474 NTSTATUS
00475 NPF_Close(
00476     IN PDEVICE_OBJECT DeviceObject,
00477     IN PIRP Irp
00478     );
00479 
00480 
00481 
00490 VOID
00491 NPF_CloseAdapterComplete(
00492     IN NDIS_HANDLE  ProtocolBindingContext,
00493     IN NDIS_STATUS  Status
00494     );
00495 
00518 NDIS_STATUS
00519 NPF_tap(
00520     IN NDIS_HANDLE ProtocolBindingContext,
00521     IN NDIS_HANDLE MacReceiveContext,
00522     IN PVOID HeaderBuffer,
00523     IN UINT HeaderBufferSize,
00524     IN PVOID LookAheadBuffer,
00525     IN UINT LookaheadBufferSize,
00526     IN UINT PacketSize
00527     );
00528 
00539 VOID
00540 NPF_TransferDataComplete(
00541     IN NDIS_HANDLE ProtocolBindingContext,
00542     IN PNDIS_PACKET Packet,
00543     IN NDIS_STATUS Status,
00544     IN UINT BytesTransferred
00545     );
00546 
00553 VOID
00554 NPF_ReceiveComplete(IN NDIS_HANDLE  ProtocolBindingContext);
00555 
00579 NTSTATUS
00580 NPF_IoControl(
00581     IN PDEVICE_OBJECT DeviceObject,
00582     IN PIRP Irp
00583     );
00584 
00585 VOID
00586 
00596 NPF_RequestComplete(
00597     IN NDIS_HANDLE   ProtocolBindingContext,
00598     IN PNDIS_REQUEST pRequest,
00599     IN NDIS_STATUS   Status
00600     );
00601 
00614 NTSTATUS
00615 NPF_Write(
00616             IN PDEVICE_OBJECT DeviceObject,
00617             IN PIRP Irp
00618             );
00619 
00620 
00640 INT NPF_BufferedWrite(IN PIRP Irp, 
00641                         IN PCHAR UserBuff, 
00642                         IN ULONG UserBuffSize,
00643                         BOOLEAN sync);
00644 
00652 VOID NPF_WaitEndOfBufferedWrite(POPEN_INSTANCE Open);
00653 
00663 VOID
00664 NPF_SendComplete(
00665     IN NDIS_HANDLE   ProtocolBindingContext,
00666     IN PNDIS_PACKET  pPacket,
00667     IN NDIS_STATUS   Status
00668     );
00669 
00679 VOID
00680 NPF_ResetComplete(
00681     IN NDIS_HANDLE  ProtocolBindingContext,
00682     IN NDIS_STATUS  Status
00683     );
00684 
00688 VOID
00689 NPF_Status(
00690     IN NDIS_HANDLE   ProtocolBindingContext,
00691     IN NDIS_STATUS   Status,
00692     IN PVOID         StatusBuffer,
00693     IN UINT          StatusBufferSize
00694     );
00695 
00696 
00700 VOID
00701 NPF_StatusComplete(IN NDIS_HANDLE  ProtocolBindingContext);
00702 
00711 VOID
00712 NPF_Unload(IN PDRIVER_OBJECT DriverObject);
00713 
00714 
00733 NTSTATUS
00734 NPF_Read(
00735     IN PDEVICE_OBJECT DeviceObject,
00736     IN PIRP Irp
00737     );
00738 
00744 NTSTATUS
00745 NPF_ReadRegistry(
00746     IN  PWSTR              *MacDriverName,
00747     IN  PWSTR              *PacketDriverName,
00748     IN  PUNICODE_STRING     RegistryPath
00749     );
00750 
00757 NTSTATUS
00758 NPF_QueryRegistryRoutine(
00759     IN PWSTR     ValueName,
00760     IN ULONG     ValueType,
00761     IN PVOID     ValueData,
00762     IN ULONG     ValueLength,
00763     IN PVOID     Context,
00764     IN PVOID     EntryContext
00765     );
00766 
00772 VOID NPF_BindAdapter(
00773     OUT PNDIS_STATUS            Status,
00774     IN  NDIS_HANDLE             BindContext,
00775     IN  PNDIS_STRING            DeviceName,
00776     IN  PVOID                   SystemSpecific1,
00777     IN  PVOID                   SystemSpecific2
00778     );
00779 
00791 VOID
00792 NPF_UnbindAdapter(
00793     OUT PNDIS_STATUS        Status,
00794     IN  NDIS_HANDLE         ProtocolBindingContext,
00795     IN  NDIS_HANDLE         UnbindContext
00796     );
00797 
00798 
00806 NTSTATUS NPF_OpenDumpFile(POPEN_INSTANCE Open , PUNICODE_STRING fileName, BOOLEAN append);
00807 
00816 NTSTATUS NPF_StartDump(POPEN_INSTANCE Open);
00817 
00825 VOID NPF_DumpThread(PVOID Open);
00826 
00833 NTSTATUS NPF_SaveCurrentBuffer(POPEN_INSTANCE Open);
00834 
00847 VOID NPF_WriteDumpFile(PFILE_OBJECT FileObject,
00848                                 PLARGE_INTEGER Offset,
00849                                 ULONG Length,
00850                                 PMDL Mdl,
00851                                 PIO_STATUS_BLOCK IoStatusBlock);
00852 
00853 
00854 
00860 NTSTATUS NPF_CloseDumpFile(POPEN_INSTANCE Open);
00861 
00862 VOID
00863 NPF_CloseOpenInstance(POPEN_INSTANCE pOpen);
00864 
00865 BOOLEAN
00866 NPF_StartUsingBinding(
00867     IN POPEN_INSTANCE pOpen);
00868 
00869 VOID
00870 NPF_StopUsingBinding(
00871     IN POPEN_INSTANCE pOpen);
00872 
00873 VOID
00874 NPF_CloseBinding(
00875     IN POPEN_INSTANCE pOpen);
00876 
00877 NTSTATUS
00878 NPF_GetDeviceMTU(
00879              IN POPEN_INSTANCE pOpen,
00880              IN PIRP    pIrp,
00881              OUT PUINT  pMtu);
00882 
00887 UINT GetBuffOccupation(POPEN_INSTANCE Open);
00888 
00900 #ifdef NDIS50
00901 NDIS_STATUS NPF_PowerChange(IN NDIS_HANDLE ProtocolBindingContext, IN PNET_PNP_EVENT pNetPnPEvent);
00902 #endif
00903 
00904 //  
00905 //  Old registry based WinPcap names
00906 //
00908 //  \brief Helper function to query a value from the global WinPcap registry key
00909 //*/
00910 //VOID NPF_QueryWinpcapRegistryString(PWSTR SubKeyName,
00911 //                               WCHAR *Value,
00912 //                               UINT ValueLen, 
00913 //                               WCHAR *DefaultValue);
00914 //
00915 
00916 
00925 #endif  /*main ifndef/define*/

documentation. Copyright (c) 2002-2005 Politecnico di Torino. Copyright (c) 2005-2008 CACE Technologies. All rights reserved.