1/*
2 * Copyright (c) 2015-2023 Apple Inc. All rights reserved.
3 *
4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. The rights granted to you under the License
10 * may not be used to create, or enable the creation or redistribution of,
11 * unlawful or unlicensed copies of an Apple operating system, or to
12 * circumvent, violate, or enable the circumvention or violation of, any
13 * terms of an Apple operating system software license agreement.
14 *
15 * Please obtain a copy of the License at
16 * http://www.opensource.apple.com/apsl/ and read it before using this file.
17 *
18 * The Original Code and all software distributed under the License are
19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23 * Please see the License for the specific language governing rights and
24 * limitations under the License.
25 *
26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
27 */
28
29#include <string.h>
30
31#include <kern/thread_call.h>
32#include <kern/zalloc.h>
33
34#include <net/if.h>
35#include <net/if_var.h>
36#include <net/net_api_stats.h>
37#include <net/necp.h>
38#include <net/network_agent.h>
39#include <net/ntstat.h>
40
41#include <netinet/in_pcb.h>
42#include <netinet/in_var.h>
43#include <netinet/ip.h>
44#include <netinet/ip6.h>
45#include <netinet/mp_pcb.h>
46#include <netinet/tcp_cc.h>
47#include <netinet/tcp_fsm.h>
48#include <netinet/tcp_cache.h>
49#include <netinet6/in6_var.h>
50
51#include <sys/domain.h>
52#include <sys/file_internal.h>
53#include <sys/kauth.h>
54#include <sys/kernel.h>
55#include <sys/malloc.h>
56#include <sys/poll.h>
57#include <sys/priv.h>
58#include <sys/protosw.h>
59#include <sys/queue.h>
60#include <sys/socket.h>
61#include <sys/socketvar.h>
62#include <sys/sysproto.h>
63#include <sys/systm.h>
64#include <sys/types.h>
65#include <sys/codesign.h>
66#include <libkern/section_keywords.h>
67#include <IOKit/IOBSD.h>
68
69#include <os/refcnt.h>
70
71#include <CoreEntitlements/CoreEntitlements.h>
72
73#if SKYWALK
74#include <skywalk/os_skywalk_private.h>
75#include <skywalk/nexus/flowswitch/flow/flow_var.h>
76#include <skywalk/nexus/flowswitch/nx_flowswitch.h>
77#endif /* SKYWALK */
78
79#if CONFIG_MACF
80#include <security/mac_framework.h>
81#endif
82
83/*
84 * NECP Client Architecture
85 * ------------------------------------------------
86 * See <net/necp.c> for a discussion on NECP database architecture.
87 *
88 * Each client of NECP provides a set of parameters for a connection or network state
89 * evaluation, on which NECP policy evaluation is run. This produces a policy result
90 * which can be accessed by the originating process, along with events for when policies
91 * results have changed.
92 *
93 * ------------------------------------------------
94 * NECP Client FD
95 * ------------------------------------------------
96 * A process opens an NECP file descriptor using necp_open(). This is a very simple
97 * file descriptor, upon which the process may do the following operations:
98 * - necp_client_action(...), to add/remove/query clients
99 * - kqueue, to watch for readable events
100 * - close(), to close the client session and release all clients
101 *
102 * Client objects are allocated structures that hang off of the file descriptor. Each
103 * client contains:
104 * - Client ID, a UUID that references the client across the system
105 * - Parameters, a buffer of TLVs that describe the client's connection parameters,
106 * such as the remote and local endpoints, interface requirements, etc.
107 * - Result, a buffer of TLVs containing the current policy evaluation for the client.
108 * This result will be updated whenever a network change occurs that impacts the
109 * policy result for that client.
110 *
111 * +--------------+
112 * | NECP fd |
113 * +--------------+
114 * ||
115 * ==================================
116 * || || ||
117 * +--------------+ +--------------+ +--------------+
118 * | Client ID | | Client ID | | Client ID |
119 * | ---- | | ---- | | ---- |
120 * | Parameters | | Parameters | | Parameters |
121 * | ---- | | ---- | | ---- |
122 * | Result | | Result | | Result |
123 * +--------------+ +--------------+ +--------------+
124 *
125 * ------------------------------------------------
126 * Client Actions
127 * ------------------------------------------------
128 * - Add. Input parameters as a buffer of TLVs, and output a client ID. Allocates a
129 * new client structure on the file descriptor.
130 * - Remove. Input a client ID. Removes a client structure from the file descriptor.
131 * - Copy Parameters. Input a client ID, and output parameter TLVs.
132 * - Copy Result. Input a client ID, and output result TLVs. Alternatively, input empty
133 * client ID and get next unread client result.
134 * - Copy List. List all client IDs.
135 *
136 * ------------------------------------------------
137 * Client Policy Evaluation
138 * ------------------------------------------------
139 * Policies are evaluated for clients upon client creation, and upon update events,
140 * which are network/agent/policy changes coalesced by a timer.
141 *
142 * The policy evaluation goes through the following steps:
143 * 1. Parse client parameters.
144 * 2. Select a scoped interface if applicable. This involves using require/prohibit
145 * parameters, along with the local address, to select the most appropriate interface
146 * if not explicitly set by the client parameters.
147 * 3. Run NECP application-level policy evalution
148 * 4. Set policy result into client result buffer.
149 *
150 * ------------------------------------------------
151 * Client Observers
152 * ------------------------------------------------
153 * If necp_open() is called with the NECP_OPEN_FLAG_OBSERVER flag, and the process
154 * passes the necessary privilege check, the fd is allowed to use necp_client_action()
155 * to copy client state attached to the file descriptors of other processes, and to
156 * list all client IDs on the system.
157 */
158
159extern u_int32_t necp_debug;
160
161static int necpop_select(struct fileproc *, int, void *, vfs_context_t);
162static int necpop_close(struct fileglob *, vfs_context_t);
163static int necpop_kqfilter(struct fileproc *, struct knote *, struct kevent_qos_s *);
164
165// Timer functions
166static int necp_timeout_microseconds = 1000 * 100; // 100ms
167static int necp_timeout_leeway_microseconds = 1000 * 50; // 50ms
168#if SKYWALK
169static int necp_collect_stats_timeout_microseconds = 1000 * 1000 * 1; // 1s
170static int necp_collect_stats_timeout_leeway_microseconds = 1000 * 500; // 500ms
171static int necp_close_arenas_timeout_microseconds = 1000 * 1000 * 10; // 10s
172static int necp_close_arenas_timeout_leeway_microseconds = 1000 * 1000 * 1; // 1s
173#endif /* SKYWALK */
174
175static int necp_client_fd_count = 0;
176static int necp_observer_fd_count = 0;
177static int necp_client_count = 0;
178static int necp_socket_flow_count = 0;
179static int necp_if_flow_count = 0;
180static int necp_observer_message_limit = 256;
181
182/*
183 * NECP client tracing control -
184 *
185 * necp_client_tracing_level : 1 for client trace, 2 for flow trace, 3 for parameter details
186 * necp_client_tracing_pid : match client with pid
187 */
188static int necp_client_tracing_level = 0;
189static int necp_client_tracing_pid = 0;
190
191#define NECP_CLIENT_TRACE_LEVEL_CLIENT 1
192#define NECP_CLIENT_TRACE_LEVEL_FLOW 2
193#define NECP_CLIENT_TRACE_LEVEL_PARAMS 3
194
195#define NECP_CLIENT_TRACE_PID_MATCHED(pid) \
196 (pid == necp_client_tracing_pid)
197
198#define NECP_ENABLE_CLIENT_TRACE(level) \
199 ((necp_client_tracing_level >= level && \
200 (!necp_client_tracing_pid || NECP_CLIENT_TRACE_PID_MATCHED(client->proc_pid))) ? necp_client_tracing_level : 0)
201
202#define NECP_CLIENT_LOG(client, fmt, ...) \
203 if (client && NECP_ENABLE_CLIENT_TRACE(NECP_CLIENT_TRACE_LEVEL_CLIENT)) { \
204 uuid_string_t client_uuid_str = { }; \
205 uuid_unparse_lower(client->client_id, client_uuid_str); \
206 NECPLOG(LOG_NOTICE, "NECP_CLIENT_LOG <pid %d %s>: " fmt "\n", client ? client->proc_pid : 0, client_uuid_str, ##__VA_ARGS__); \
207 }
208
209#define NECP_CLIENT_FLOW_LOG(client, flow, fmt, ...) \
210 if (client && flow && NECP_ENABLE_CLIENT_TRACE(NECP_CLIENT_TRACE_LEVEL_FLOW)) { \
211 uuid_string_t client_uuid_str = { }; \
212 uuid_unparse_lower(client->client_id, client_uuid_str); \
213 uuid_string_t flow_uuid_str = { }; \
214 uuid_unparse_lower(flow->registration_id, flow_uuid_str); \
215 NECPLOG(LOG_NOTICE, "NECP CLIENT FLOW TRACE <pid %d %s> <flow %s>: " fmt "\n", client ? client->proc_pid : 0, client_uuid_str, flow_uuid_str, ##__VA_ARGS__); \
216 }
217
218#define NECP_CLIENT_PARAMS_LOG(client, fmt, ...) \
219 if (client && NECP_ENABLE_CLIENT_TRACE(NECP_CLIENT_TRACE_LEVEL_PARAMS)) { \
220 uuid_string_t client_uuid_str = { }; \
221 uuid_unparse_lower(client->client_id, client_uuid_str); \
222 NECPLOG(LOG_NOTICE, "NECP_CLIENT_PARAMS_LOG <pid %d %s>: " fmt "\n", client ? client->proc_pid : 0, client_uuid_str, ##__VA_ARGS__); \
223 }
224
225#define NECP_SOCKET_PID(so) \
226 ((so->so_flags & SOF_DELEGATED) ? so->e_pid : so->last_pid)
227
228#define NECP_ENABLE_SOCKET_TRACE(level) \
229 ((necp_client_tracing_level >= level && \
230 (!necp_client_tracing_pid || NECP_CLIENT_TRACE_PID_MATCHED(NECP_SOCKET_PID(so)))) ? necp_client_tracing_level : 0)
231
232#define NECP_SOCKET_PARAMS_LOG(so, fmt, ...) \
233 if (so && NECP_ENABLE_SOCKET_TRACE(NECP_CLIENT_TRACE_LEVEL_PARAMS)) { \
234 NECPLOG(LOG_NOTICE, "NECP_SOCKET_PARAMS_LOG <pid %d>: " fmt "\n", NECP_SOCKET_PID(so), ##__VA_ARGS__); \
235 }
236
237#define NECP_SOCKET_ATTRIBUTE_LOG(fmt, ...) \
238 if (necp_client_tracing_level >= NECP_CLIENT_TRACE_LEVEL_PARAMS) { \
239 NECPLOG(LOG_NOTICE, "NECP_SOCKET_ATTRIBUTE_LOG: " fmt "\n", ##__VA_ARGS__); \
240 }
241
242#define NECP_CLIENT_TRACKER_LOG(pid, fmt, ...) \
243 if (pid) { \
244 NECPLOG(LOG_NOTICE, "NECP_CLIENT_TRACKER_LOG <pid %d>: " fmt "\n", pid, ##__VA_ARGS__); \
245 }
246
247#if SKYWALK
248static int necp_arena_count = 0;
249static int necp_sysctl_arena_count = 0;
250static int necp_nexus_flow_count = 0;
251
252/* userspace stats sanity check range, same unit as TCP (see TCP_RTT_SCALE) */
253static uint32_t necp_client_stats_rtt_floor = 1; // 32us
254static uint32_t necp_client_stats_rtt_ceiling = 1920000; // 60s
255const static struct sk_stats_flow ntstat_sk_stats_zero;
256#endif /* SKYWALK */
257
258/*
259 * Global lock to protect socket inp_necp_attributes across updates.
260 * NECP updating these attributes and clients accessing these attributes
261 * must take this lock.
262 */
263static LCK_GRP_DECLARE(necp_socket_attr_lock_grp, "necpSocketAttrGroup");
264LCK_MTX_DECLARE(necp_socket_attr_lock, &necp_socket_attr_lock_grp);
265
266os_refgrp_decl(static, necp_client_refgrp, "NECPClientRefGroup", NULL);
267
268SYSCTL_INT(_net_necp, NECPCTL_CLIENT_FD_COUNT, client_fd_count, CTLFLAG_LOCKED | CTLFLAG_RD, &necp_client_fd_count, 0, "");
269SYSCTL_INT(_net_necp, NECPCTL_OBSERVER_FD_COUNT, observer_fd_count, CTLFLAG_LOCKED | CTLFLAG_RD, &necp_observer_fd_count, 0, "");
270SYSCTL_INT(_net_necp, NECPCTL_CLIENT_COUNT, client_count, CTLFLAG_LOCKED | CTLFLAG_RD, &necp_client_count, 0, "");
271SYSCTL_INT(_net_necp, NECPCTL_SOCKET_FLOW_COUNT, socket_flow_count, CTLFLAG_LOCKED | CTLFLAG_RD, &necp_socket_flow_count, 0, "");
272SYSCTL_INT(_net_necp, NECPCTL_IF_FLOW_COUNT, if_flow_count, CTLFLAG_LOCKED | CTLFLAG_RD, &necp_if_flow_count, 0, "");
273SYSCTL_INT(_net_necp, NECPCTL_OBSERVER_MESSAGE_LIMIT, observer_message_limit, CTLFLAG_LOCKED | CTLFLAG_RW, &necp_observer_message_limit, 256, "");
274SYSCTL_INT(_net_necp, NECPCTL_CLIENT_TRACING_LEVEL, necp_client_tracing_level, CTLFLAG_LOCKED | CTLFLAG_RW, &necp_client_tracing_level, 0, "");
275SYSCTL_INT(_net_necp, NECPCTL_CLIENT_TRACING_PID, necp_client_tracing_pid, CTLFLAG_LOCKED | CTLFLAG_RW, &necp_client_tracing_pid, 0, "");
276
277#if SKYWALK
278SYSCTL_INT(_net_necp, NECPCTL_ARENA_COUNT, arena_count, CTLFLAG_LOCKED | CTLFLAG_RD, &necp_arena_count, 0, "");
279SYSCTL_INT(_net_necp, NECPCTL_SYSCTL_ARENA_COUNT, sysctl_arena_count, CTLFLAG_LOCKED | CTLFLAG_RD, &necp_sysctl_arena_count, 0, "");
280SYSCTL_INT(_net_necp, NECPCTL_NEXUS_FLOW_COUNT, nexus_flow_count, CTLFLAG_LOCKED | CTLFLAG_RD, &necp_nexus_flow_count, 0, "");
281#if (DEVELOPMENT || DEBUG)
282SYSCTL_UINT(_net_necp, OID_AUTO, collect_stats_interval_us, CTLFLAG_RW | CTLFLAG_LOCKED, &necp_collect_stats_timeout_microseconds, 0, "");
283SYSCTL_UINT(_net_necp, OID_AUTO, necp_client_stats_rtt_floor, CTLFLAG_RW | CTLFLAG_LOCKED, &necp_client_stats_rtt_floor, 0, "");
284SYSCTL_UINT(_net_necp, OID_AUTO, necp_client_stats_rtt_ceiling, CTLFLAG_RW | CTLFLAG_LOCKED, &necp_client_stats_rtt_ceiling, 0, "");
285#endif /* (DEVELOPMENT || DEBUG) */
286#endif /* SKYWALK */
287
288#define NECP_MAX_CLIENT_LIST_SIZE 1024 * 1024 // 1MB
289#define NECP_MAX_AGENT_ACTION_SIZE 10 * 1024 // 10K
290
291extern int tvtohz(struct timeval *);
292extern unsigned int get_maxmtu(struct rtentry *);
293
294// Parsed parameters
295#define NECP_PARSED_PARAMETERS_FIELD_LOCAL_ADDR 0x00001
296#define NECP_PARSED_PARAMETERS_FIELD_REMOTE_ADDR 0x00002
297#define NECP_PARSED_PARAMETERS_FIELD_REQUIRED_IF 0x00004
298#define NECP_PARSED_PARAMETERS_FIELD_PROHIBITED_IF 0x00008
299#define NECP_PARSED_PARAMETERS_FIELD_REQUIRED_IFTYPE 0x00010
300#define NECP_PARSED_PARAMETERS_FIELD_PROHIBITED_IFTYPE 0x00020
301#define NECP_PARSED_PARAMETERS_FIELD_REQUIRED_AGENT 0x00040
302#define NECP_PARSED_PARAMETERS_FIELD_PROHIBITED_AGENT 0x00080
303#define NECP_PARSED_PARAMETERS_FIELD_PREFERRED_AGENT 0x00100
304#define NECP_PARSED_PARAMETERS_FIELD_AVOIDED_AGENT 0x00200
305#define NECP_PARSED_PARAMETERS_FIELD_REQUIRED_AGENT_TYPE 0x00400
306#define NECP_PARSED_PARAMETERS_FIELD_PROHIBITED_AGENT_TYPE 0x00800
307#define NECP_PARSED_PARAMETERS_FIELD_PREFERRED_AGENT_TYPE 0x01000
308#define NECP_PARSED_PARAMETERS_FIELD_AVOIDED_AGENT_TYPE 0x02000
309#define NECP_PARSED_PARAMETERS_FIELD_FLAGS 0x04000
310#define NECP_PARSED_PARAMETERS_FIELD_IP_PROTOCOL 0x08000
311#define NECP_PARSED_PARAMETERS_FIELD_EFFECTIVE_PID 0x10000
312#define NECP_PARSED_PARAMETERS_FIELD_EFFECTIVE_UUID 0x20000
313#define NECP_PARSED_PARAMETERS_FIELD_TRAFFIC_CLASS 0x40000
314#define NECP_PARSED_PARAMETERS_FIELD_LOCAL_PORT 0x80000
315#define NECP_PARSED_PARAMETERS_FIELD_DELEGATED_UPID 0x100000
316#define NECP_PARSED_PARAMETERS_FIELD_ETHERTYPE 0x200000
317#define NECP_PARSED_PARAMETERS_FIELD_TRANSPORT_PROTOCOL 0x400000
318#define NECP_PARSED_PARAMETERS_FIELD_LOCAL_ADDR_PREFERENCE 0x800000
319#define NECP_PARSED_PARAMETERS_FIELD_ATTRIBUTED_BUNDLE_IDENTIFIER 0x1000000
320#define NECP_PARSED_PARAMETERS_FIELD_PARENT_UUID 0x2000000
321#define NECP_PARSED_PARAMETERS_FIELD_FLOW_DEMUX_PATTERN 0x4000000
322#define NECP_PARSED_PARAMETERS_FIELD_UID 0x8000000
323#define NECP_PARSED_PARAMETERS_FIELD_PERSONA_ID 0x10000000
324
325
326#define NECP_MAX_INTERFACE_PARAMETERS 16
327#define NECP_MAX_AGENT_PARAMETERS 4
328struct necp_client_parsed_parameters {
329 u_int32_t valid_fields;
330 u_int32_t flags;
331 u_int64_t delegated_upid;
332 union necp_sockaddr_union local_addr;
333 union necp_sockaddr_union remote_addr;
334 u_int32_t required_interface_index;
335 char prohibited_interfaces[NECP_MAX_INTERFACE_PARAMETERS][IFXNAMSIZ];
336 u_int8_t required_interface_type;
337 u_int8_t local_address_preference;
338 u_int8_t prohibited_interface_types[NECP_MAX_INTERFACE_PARAMETERS];
339 struct necp_client_parameter_netagent_type required_netagent_types[NECP_MAX_AGENT_PARAMETERS];
340 struct necp_client_parameter_netagent_type prohibited_netagent_types[NECP_MAX_AGENT_PARAMETERS];
341 struct necp_client_parameter_netagent_type preferred_netagent_types[NECP_MAX_AGENT_PARAMETERS];
342 struct necp_client_parameter_netagent_type avoided_netagent_types[NECP_MAX_AGENT_PARAMETERS];
343 uuid_t required_netagents[NECP_MAX_AGENT_PARAMETERS];
344 uuid_t prohibited_netagents[NECP_MAX_AGENT_PARAMETERS];
345 uuid_t preferred_netagents[NECP_MAX_AGENT_PARAMETERS];
346 uuid_t avoided_netagents[NECP_MAX_AGENT_PARAMETERS];
347 u_int8_t ip_protocol;
348 u_int8_t transport_protocol;
349 u_int16_t ethertype;
350 pid_t effective_pid;
351 uuid_t effective_uuid;
352 uuid_t parent_uuid;
353 u_int32_t traffic_class;
354 struct necp_demux_pattern demux_patterns[NECP_MAX_DEMUX_PATTERNS];
355 u_int8_t demux_pattern_count;
356 uid_t uid;
357 uid_t persona_id;
358};
359
360static bool
361necp_find_matching_interface_index(struct necp_client_parsed_parameters *parsed_parameters,
362 u_int *return_ifindex, bool *validate_agents);
363
364static bool
365necp_ifnet_matches_local_address(struct ifnet *ifp, struct sockaddr *sa);
366
367static bool
368necp_ifnet_matches_parameters(struct ifnet *ifp,
369 struct necp_client_parsed_parameters *parsed_parameters,
370 u_int32_t override_flags,
371 u_int32_t *preferred_count,
372 bool secondary_interface,
373 bool require_scoped_field);
374
375static const struct fileops necp_fd_ops = {
376 .fo_type = DTYPE_NETPOLICY,
377 .fo_read = fo_no_read,
378 .fo_write = fo_no_write,
379 .fo_ioctl = fo_no_ioctl,
380 .fo_select = necpop_select,
381 .fo_close = necpop_close,
382 .fo_drain = fo_no_drain,
383 .fo_kqfilter = necpop_kqfilter,
384};
385
386struct necp_client_assertion {
387 LIST_ENTRY(necp_client_assertion) assertion_chain;
388 uuid_t asserted_netagent;
389};
390
391struct necp_client_flow_header {
392 struct necp_tlv_header outer_header;
393 struct necp_tlv_header flow_id_tlv_header;
394 uuid_t flow_id;
395 struct necp_tlv_header flags_tlv_header;
396 u_int32_t flags_value;
397 struct necp_tlv_header interface_tlv_header;
398 struct necp_client_result_interface interface_value;
399} __attribute__((__packed__));
400
401struct necp_client_flow_protoctl_event_header {
402 struct necp_tlv_header protoctl_tlv_header;
403 struct necp_client_flow_protoctl_event protoctl_event;
404} __attribute__((__packed__));
405
406struct necp_client_nexus_flow_header {
407 struct necp_client_flow_header flow_header;
408 struct necp_tlv_header agent_tlv_header;
409 struct necp_client_result_netagent agent_value;
410 struct necp_tlv_header tfo_cookie_tlv_header;
411 u_int8_t tfo_cookie_value[NECP_TFO_COOKIE_LEN_MAX];
412} __attribute__((__packed__));
413
414#if SKYWALK
415struct necp_arena_info;
416#endif
417
418struct necp_client_flow {
419 LIST_ENTRY(necp_client_flow) flow_chain;
420 unsigned invalid : 1;
421 unsigned nexus : 1; // If true, flow is a nexus; if false, flow is attached to socket
422 unsigned socket : 1;
423 unsigned viable : 1;
424 unsigned assigned : 1;
425 unsigned has_protoctl_event : 1;
426 unsigned check_tcp_heuristics : 1;
427 unsigned _reserved : 1;
428 union {
429 uuid_t nexus_agent;
430 struct {
431 void *socket_handle;
432 necp_client_flow_cb cb;
433 };
434 } u;
435 uint32_t interface_index;
436 u_short delegated_interface_index;
437 uint32_t interface_flags;
438 uint32_t necp_flow_flags;
439 struct necp_client_flow_protoctl_event protoctl_event;
440 union necp_sockaddr_union local_addr;
441 union necp_sockaddr_union remote_addr;
442
443 size_t assigned_results_length;
444 u_int8_t *assigned_results;
445};
446
447struct necp_client_flow_registration {
448 RB_ENTRY(necp_client_flow_registration) fd_link;
449 RB_ENTRY(necp_client_flow_registration) global_link;
450 RB_ENTRY(necp_client_flow_registration) client_link;
451 LIST_ENTRY(necp_client_flow_registration) collect_stats_chain;
452 uuid_t registration_id;
453 u_int32_t flags;
454 unsigned flow_result_read : 1;
455 unsigned defunct : 1;
456 void *interface_handle;
457 necp_client_flow_cb interface_cb;
458 struct necp_client *client;
459 LIST_HEAD(_necp_registration_flow_list, necp_client_flow) flow_list;
460#if SKYWALK
461 struct necp_arena_info *stats_arena; /* arena where the stats objects came from */
462 void * kstats_kaddr; /* kernel snapshot of untrusted userspace stats, for calculating delta */
463 mach_vm_address_t ustats_uaddr; /* userspace stats (untrusted) */
464 nstat_userland_context stats_handler_context;
465 struct flow_stats *nexus_stats; /* shared stats objects between necp_client and skywalk */
466#endif /* !SKYWALK */
467 u_int64_t last_interface_details __attribute__((aligned(sizeof(u_int64_t))));
468};
469
470static int necp_client_flow_id_cmp(struct necp_client_flow_registration *flow0, struct necp_client_flow_registration *flow1);
471
472RB_HEAD(_necp_client_flow_tree, necp_client_flow_registration);
473RB_PROTOTYPE_PREV(_necp_client_flow_tree, necp_client_flow_registration, client_link, necp_client_flow_id_cmp);
474RB_GENERATE_PREV(_necp_client_flow_tree, necp_client_flow_registration, client_link, necp_client_flow_id_cmp);
475
476#define NECP_CLIENT_INTERFACE_OPTION_STATIC_COUNT 4
477#define NECP_CLIENT_MAX_INTERFACE_OPTIONS 32
478
479#define NECP_CLIENT_INTERFACE_OPTION_EXTRA_COUNT (NECP_CLIENT_MAX_INTERFACE_OPTIONS - NECP_CLIENT_INTERFACE_OPTION_STATIC_COUNT)
480
481struct necp_client {
482 RB_ENTRY(necp_client) link;
483 RB_ENTRY(necp_client) global_link;
484
485 decl_lck_mtx_data(, lock);
486 decl_lck_mtx_data(, route_lock);
487 os_refcnt_t reference_count;
488
489 uuid_t client_id;
490 unsigned result_read : 1;
491 unsigned group_members_read : 1;
492 unsigned allow_multiple_flows : 1;
493 unsigned legacy_client_is_flow : 1;
494
495 unsigned platform_binary : 1;
496 unsigned validated_parent : 1;
497
498 size_t result_length;
499 u_int8_t result[NECP_BASE_CLIENT_RESULT_SIZE];
500
501 necp_policy_id policy_id;
502 necp_policy_id skip_policy_id;
503
504 u_int8_t ip_protocol;
505 int proc_pid;
506
507 u_int64_t delegated_upid;
508
509 struct _necp_client_flow_tree flow_registrations;
510 LIST_HEAD(_necp_client_assertion_list, necp_client_assertion) assertion_list;
511
512 size_t assigned_group_members_length;
513 u_int8_t *assigned_group_members;
514
515 struct rtentry *current_route;
516
517 struct necp_client_interface_option interface_options[NECP_CLIENT_INTERFACE_OPTION_STATIC_COUNT];
518 struct necp_client_interface_option *extra_interface_options;
519 u_int8_t interface_option_count; // Number in interface_options + extra_interface_options
520
521 struct necp_client_result_netagent failed_trigger_agent;
522
523 void *agent_handle;
524
525 uuid_t override_euuid;
526
527#if SKYWALK
528 netns_token port_reservation;
529 nstat_context nstat_context;
530 uuid_t latest_flow_registration_id;
531 uuid_t parent_client_id;
532 struct necp_client *original_parameters_source;
533#endif /* !SKYWALK */
534
535 size_t parameters_length;
536 u_int8_t *parameters;
537};
538
539#define NECP_CLIENT_LOCK(_c) lck_mtx_lock(&_c->lock)
540#define NECP_CLIENT_UNLOCK(_c) lck_mtx_unlock(&_c->lock)
541#define NECP_CLIENT_ASSERT_LOCKED(_c) LCK_MTX_ASSERT(&_c->lock, LCK_MTX_ASSERT_OWNED)
542#define NECP_CLIENT_ASSERT_UNLOCKED(_c) LCK_MTX_ASSERT(&_c->lock, LCK_MTX_ASSERT_NOTOWNED)
543
544#define NECP_CLIENT_ROUTE_LOCK(_c) lck_mtx_lock(&_c->route_lock)
545#define NECP_CLIENT_ROUTE_UNLOCK(_c) lck_mtx_unlock(&_c->route_lock)
546
547static void necp_client_retain_locked(struct necp_client *client);
548static void necp_client_retain(struct necp_client *client);
549
550static bool necp_client_release_locked(struct necp_client *client);
551static bool necp_client_release(struct necp_client *client);
552
553static void
554necp_client_add_assertion(struct necp_client *client, uuid_t netagent_uuid);
555
556static bool
557necp_client_remove_assertion(struct necp_client *client, uuid_t netagent_uuid);
558
559static int
560necp_client_copy_parameters_locked(struct necp_client *client,
561 struct necp_client_nexus_parameters *parameters);
562
563LIST_HEAD(_necp_flow_registration_list, necp_client_flow_registration);
564static struct _necp_flow_registration_list necp_collect_stats_flow_list;
565
566struct necp_flow_defunct {
567 LIST_ENTRY(necp_flow_defunct) chain;
568
569 uuid_t flow_id;
570 uuid_t nexus_agent;
571 void *agent_handle;
572 int proc_pid;
573 u_int32_t flags;
574 struct necp_client_agent_parameters close_parameters;
575 bool has_close_parameters;
576};
577
578LIST_HEAD(_necp_flow_defunct_list, necp_flow_defunct);
579
580static int necp_client_id_cmp(struct necp_client *client0, struct necp_client *client1);
581
582RB_HEAD(_necp_client_tree, necp_client);
583RB_PROTOTYPE_PREV(_necp_client_tree, necp_client, link, necp_client_id_cmp);
584RB_GENERATE_PREV(_necp_client_tree, necp_client, link, necp_client_id_cmp);
585
586RB_HEAD(_necp_client_global_tree, necp_client);
587RB_PROTOTYPE_PREV(_necp_client_global_tree, necp_client, global_link, necp_client_id_cmp);
588RB_GENERATE_PREV(_necp_client_global_tree, necp_client, global_link, necp_client_id_cmp);
589
590RB_HEAD(_necp_fd_flow_tree, necp_client_flow_registration);
591RB_PROTOTYPE_PREV(_necp_fd_flow_tree, necp_client_flow_registration, fd_link, necp_client_flow_id_cmp);
592RB_GENERATE_PREV(_necp_fd_flow_tree, necp_client_flow_registration, fd_link, necp_client_flow_id_cmp);
593
594RB_HEAD(_necp_client_flow_global_tree, necp_client_flow_registration);
595RB_PROTOTYPE_PREV(_necp_client_flow_global_tree, necp_client_flow_registration, global_link, necp_client_flow_id_cmp);
596RB_GENERATE_PREV(_necp_client_flow_global_tree, necp_client_flow_registration, global_link, necp_client_flow_id_cmp);
597
598static struct _necp_client_global_tree necp_client_global_tree;
599static struct _necp_client_flow_global_tree necp_client_flow_global_tree;
600
601struct necp_client_update {
602 TAILQ_ENTRY(necp_client_update) chain;
603
604 uuid_t client_id;
605
606 size_t update_length;
607 struct necp_client_observer_update *update;
608};
609
610#if SKYWALK
611struct necp_arena_info {
612 LIST_ENTRY(necp_arena_info) nai_chain;
613 u_int32_t nai_flags;
614 pid_t nai_proc_pid;
615 struct skmem_arena *nai_arena;
616 struct skmem_arena_mmap_info nai_mmap;
617 mach_vm_offset_t nai_roff;
618 u_int32_t nai_use_count;
619};
620#endif /* !SKYWALK */
621
622#define NAIF_ATTACHED 0x1 // arena is attached to list
623#define NAIF_REDIRECT 0x2 // arena mmap has been redirected
624#define NAIF_DEFUNCT 0x4 // arena is now defunct
625
626#define NECP_FD_REPORTED_AGENT_COUNT 2
627
628struct necp_fd_reported_agents {
629 uuid_t agent_uuid[NECP_FD_REPORTED_AGENT_COUNT];
630};
631
632struct necp_fd_data {
633 u_int8_t necp_fd_type;
634 LIST_ENTRY(necp_fd_data) chain;
635 struct _necp_client_tree clients;
636 struct _necp_fd_flow_tree flows;
637 TAILQ_HEAD(_necp_client_update_list, necp_client_update) update_list;
638 int update_count;
639 int flags;
640
641 unsigned background : 1;
642 unsigned request_in_process_flow_divert : 1;
643
644 int proc_pid;
645 decl_lck_mtx_data(, fd_lock);
646 struct selinfo si;
647
648 struct necp_fd_reported_agents reported_agents;
649#if SKYWALK
650 // Arenas and their mmap info for per-process stats. Stats objects are allocated from an active arena
651 // that is not redirected/defunct. The stats_arena_active keeps track of such an arena, and it also
652 // holds a reference count on the object. Each flow allocating a stats object also holds a reference
653 // the necp_arena_info (where the object got allocated from). During defunct, we redirect the mapping
654 // of the arena such that any attempt to access (read/write) will result in getting zero-filled pages.
655 // We then go thru all of the flows for the process and free the stats objects associated with them,
656 // followed by destroying the skmem region(s) associated with the arena. The stats_arena_list keeps
657 // track of all current and defunct stats arenas; there could be more than one arena created for the
658 // process as the arena destruction happens when its reference count drops to 0.
659 struct necp_arena_info *stats_arena_active;
660 LIST_HEAD(_necp_arena_info_list, necp_arena_info) stats_arena_list;
661 u_int32_t stats_arena_gencnt;
662
663 struct skmem_arena *sysctl_arena;
664 struct skmem_arena_mmap_info sysctl_mmap;
665 mach_vm_offset_t system_sysctls_roff;
666#endif /* !SKYWALK */
667};
668
669#define NECP_FD_LOCK(_f) lck_mtx_lock(&_f->fd_lock)
670#define NECP_FD_UNLOCK(_f) lck_mtx_unlock(&_f->fd_lock)
671#define NECP_FD_ASSERT_LOCKED(_f) LCK_MTX_ASSERT(&_f->fd_lock, LCK_MTX_ASSERT_OWNED)
672#define NECP_FD_ASSERT_UNLOCKED(_f) LCK_MTX_ASSERT(&_f->fd_lock, LCK_MTX_ASSERT_NOTOWNED)
673
674static LIST_HEAD(_necp_fd_list, necp_fd_data) necp_fd_list;
675static LIST_HEAD(_necp_fd_observer_list, necp_fd_data) necp_fd_observer_list;
676
677#if SKYWALK
678static KALLOC_TYPE_DEFINE(necp_arena_info_zone, struct necp_arena_info, NET_KT_DEFAULT);
679#endif /* !SKYWALK */
680
681static LCK_ATTR_DECLARE(necp_fd_mtx_attr, 0, 0);
682static LCK_GRP_DECLARE(necp_fd_mtx_grp, "necp_fd");
683
684static LCK_RW_DECLARE_ATTR(necp_fd_lock, &necp_fd_mtx_grp, &necp_fd_mtx_attr);
685static LCK_RW_DECLARE_ATTR(necp_observer_lock, &necp_fd_mtx_grp, &necp_fd_mtx_attr);
686static LCK_RW_DECLARE_ATTR(necp_client_tree_lock, &necp_fd_mtx_grp, &necp_fd_mtx_attr);
687static LCK_RW_DECLARE_ATTR(necp_flow_tree_lock, &necp_fd_mtx_grp, &necp_fd_mtx_attr);
688static LCK_RW_DECLARE_ATTR(necp_collect_stats_list_lock, &necp_fd_mtx_grp, &necp_fd_mtx_attr);
689
690
691#define NECP_STATS_LIST_LOCK_EXCLUSIVE() lck_rw_lock_exclusive(&necp_collect_stats_list_lock)
692#define NECP_STATS_LIST_LOCK_SHARED() lck_rw_lock_shared(&necp_collect_stats_list_lock)
693#define NECP_STATS_LIST_UNLOCK() lck_rw_done(&necp_collect_stats_list_lock)
694
695#define NECP_CLIENT_TREE_LOCK_EXCLUSIVE() lck_rw_lock_exclusive(&necp_client_tree_lock)
696#define NECP_CLIENT_TREE_LOCK_SHARED() lck_rw_lock_shared(&necp_client_tree_lock)
697#define NECP_CLIENT_TREE_UNLOCK() lck_rw_done(&necp_client_tree_lock)
698#define NECP_CLIENT_TREE_ASSERT_LOCKED() LCK_RW_ASSERT(&necp_client_tree_lock, LCK_RW_ASSERT_HELD)
699
700#define NECP_FLOW_TREE_LOCK_EXCLUSIVE() lck_rw_lock_exclusive(&necp_flow_tree_lock)
701#define NECP_FLOW_TREE_LOCK_SHARED() lck_rw_lock_shared(&necp_flow_tree_lock)
702#define NECP_FLOW_TREE_UNLOCK() lck_rw_done(&necp_flow_tree_lock)
703#define NECP_FLOW_TREE_ASSERT_LOCKED() LCK_RW_ASSERT(&necp_flow_tree_lock, LCK_RW_ASSERT_HELD)
704
705#define NECP_FD_LIST_LOCK_EXCLUSIVE() lck_rw_lock_exclusive(&necp_fd_lock)
706#define NECP_FD_LIST_LOCK_SHARED() lck_rw_lock_shared(&necp_fd_lock)
707#define NECP_FD_LIST_UNLOCK() lck_rw_done(&necp_fd_lock)
708#define NECP_FD_LIST_ASSERT_LOCKED() LCK_RW_ASSERT(&necp_fd_lock, LCK_RW_ASSERT_HELD)
709
710#define NECP_OBSERVER_LIST_LOCK_EXCLUSIVE() lck_rw_lock_exclusive(&necp_observer_lock)
711#define NECP_OBSERVER_LIST_LOCK_SHARED() lck_rw_lock_shared(&necp_observer_lock)
712#define NECP_OBSERVER_LIST_UNLOCK() lck_rw_done(&necp_observer_lock)
713
714// Locking Notes
715
716// Take NECP_FD_LIST_LOCK when accessing or modifying the necp_fd_list
717// Take NECP_CLIENT_TREE_LOCK when accessing or modifying the necp_client_global_tree
718// Take NECP_FLOW_TREE_LOCK when accessing or modifying the necp_client_flow_global_tree
719// Take NECP_STATS_LIST_LOCK when accessing or modifying the necp_collect_stats_flow_list
720// Take NECP_FD_LOCK when accessing or modifying an necp_fd_data entry
721// Take NECP_CLIENT_LOCK when accessing or modifying a single necp_client
722// Take NECP_CLIENT_ROUTE_LOCK when accessing or modifying a client's route
723
724// Precedence, where 1 is the first lock that must be taken
725// 1. NECP_FD_LIST_LOCK
726// 2. NECP_FD_LOCK (any)
727// 3. NECP_CLIENT_TREE_LOCK
728// 4. NECP_CLIENT_LOCK (any)
729// 5. NECP_FLOW_TREE_LOCK
730// 6. NECP_STATS_LIST_LOCK
731// 7. NECP_CLIENT_ROUTE_LOCK (any)
732
733static thread_call_t necp_client_update_tcall;
734static uint32_t necp_update_all_clients_sched_cnt = 0;
735static uint64_t necp_update_all_clients_sched_abstime = 0;
736static LCK_RW_DECLARE_ATTR(necp_update_all_clients_lock, &necp_fd_mtx_grp, &necp_fd_mtx_attr);
737#define NECP_UPDATE_ALL_CLIENTS_LOCK_EXCLUSIVE() lck_rw_lock_exclusive(&necp_update_all_clients_lock)
738#define NECP_UPDATE_ALL_CLIENTS_SHARED_TO_EXCLUSIVE() lck_rw_lock_shared_to_exclusive(&necp_update_all_clients_lock)
739#define NECP_UPDATE_ALL_CLIENTS_SHARED() lck_rw_lock_shared(&necp_update_all_clients_lock)
740#define NECP_UPDATE_ALL_CLIENTS_UNLOCK() lck_rw_done(&necp_update_all_clients_lock)
741
742// Array of PIDs that will trigger in-process flow divert, protected by NECP_FD_LIST_LOCK
743#define NECP_MAX_FLOW_DIVERT_NEEDED_PIDS 4
744static pid_t necp_flow_divert_needed_pids[NECP_MAX_FLOW_DIVERT_NEEDED_PIDS];
745
746#if SKYWALK
747static thread_call_t necp_client_collect_stats_tcall;
748static thread_call_t necp_close_empty_arenas_tcall;
749
750static void necp_fd_insert_stats_arena(struct necp_fd_data *fd_data, struct necp_arena_info *nai);
751static void necp_fd_remove_stats_arena(struct necp_fd_data *fd_data, struct necp_arena_info *nai);
752static struct necp_arena_info *necp_fd_mredirect_stats_arena(struct necp_fd_data *fd_data, struct proc *proc);
753
754static void necp_arena_info_retain(struct necp_arena_info *nai);
755static void necp_arena_info_release(struct necp_arena_info *nai);
756static struct necp_arena_info *necp_arena_info_alloc(void);
757static void necp_arena_info_free(struct necp_arena_info *nai);
758
759static int necp_arena_initialize(struct necp_fd_data *fd_data, bool locked);
760static int necp_stats_initialize(struct necp_fd_data *fd_data, struct necp_client *client,
761 struct necp_client_flow_registration *flow_registration, struct necp_stats_bufreq *bufreq);
762static int necp_arena_create(struct necp_fd_data *fd_data, size_t obj_size, size_t obj_cnt, struct proc *p);
763static int necp_arena_stats_obj_alloc(struct necp_fd_data *fd_data, mach_vm_offset_t *off, struct necp_arena_info **stats_arena, void **kstats_kaddr, boolean_t cansleep);
764static void necp_arena_stats_obj_free(struct necp_fd_data *fd_data, struct necp_arena_info *stats_arena, void **kstats_kaddr, mach_vm_address_t *ustats_uaddr);
765static void necp_stats_arenas_destroy(struct necp_fd_data *fd_data, boolean_t closing);
766
767static int necp_sysctl_arena_initialize(struct necp_fd_data *fd_data, bool locked);
768static void necp_sysctl_arena_destroy(struct necp_fd_data *fd_data);
769static void *necp_arena_sysctls_obj(struct necp_fd_data *fd_data, mach_vm_offset_t *off, size_t *size);
770#endif /* !SKYWALK */
771
772void necp_copy_inp_domain_info(struct inpcb *, struct socket *, nstat_domain_info *);
773void necp_with_inp_domain_name(struct socket *so, void *ctx, void (*with_func)(char *domain_name, void *ctx));
774
775static void
776necp_lock_socket_attributes(void)
777{
778 lck_mtx_lock(lck: &necp_socket_attr_lock);
779}
780
781static void
782necp_unlock_socket_attributes(void)
783{
784 lck_mtx_unlock(lck: &necp_socket_attr_lock);
785}
786
787/// NECP file descriptor functions
788
789static void
790necp_fd_notify(struct necp_fd_data *fd_data, bool locked)
791{
792 struct selinfo *si = &fd_data->si;
793
794 if (!locked) {
795 NECP_FD_LOCK(fd_data);
796 }
797
798 selwakeup(si);
799
800 // use a non-zero hint to tell the notification from the
801 // call done in kqueue_scan() which uses 0
802 KNOTE(&si->si_note, 1); // notification
803
804 if (!locked) {
805 NECP_FD_UNLOCK(fd_data);
806 }
807}
808
809static inline bool
810necp_client_has_unread_flows(struct necp_client *client)
811{
812 NECP_CLIENT_ASSERT_LOCKED(client);
813 struct necp_client_flow_registration *flow_registration = NULL;
814 RB_FOREACH(flow_registration, _necp_client_flow_tree, &client->flow_registrations) {
815 if (!flow_registration->flow_result_read) {
816 return true;
817 }
818 }
819 return false;
820}
821
822static int
823necp_fd_poll(struct necp_fd_data *fd_data, int events, void *wql, struct proc *p, int is_kevent)
824{
825#pragma unused(wql, p, is_kevent)
826 u_int revents = 0;
827
828 u_int want_rx = events & (POLLIN | POLLRDNORM);
829 if (want_rx) {
830 if (fd_data->flags & NECP_OPEN_FLAG_PUSH_OBSERVER) {
831 // Push-mode observers are readable when they have a new update
832 if (!TAILQ_EMPTY(&fd_data->update_list)) {
833 revents |= want_rx;
834 }
835 } else {
836 // Standard fds are readable when some client is unread
837 struct necp_client *client = NULL;
838 bool has_unread_clients = FALSE;
839 RB_FOREACH(client, _necp_client_tree, &fd_data->clients) {
840 NECP_CLIENT_LOCK(client);
841 if (!client->result_read || !client->group_members_read || necp_client_has_unread_flows(client)) {
842 has_unread_clients = TRUE;
843 }
844 NECP_CLIENT_UNLOCK(client);
845 if (has_unread_clients) {
846 break;
847 }
848 }
849
850 if (has_unread_clients || fd_data->request_in_process_flow_divert) {
851 revents |= want_rx;
852 }
853 }
854 }
855
856 return revents;
857}
858
859static inline void
860necp_generate_client_id(uuid_t client_id, bool is_flow)
861{
862 uuid_generate_random(out: client_id);
863
864 if (is_flow) {
865 client_id[9] |= 0x01;
866 } else {
867 client_id[9] &= ~0x01;
868 }
869}
870
871static inline bool
872necp_client_id_is_flow(uuid_t client_id)
873{
874 return client_id[9] & 0x01;
875}
876
877static struct necp_client *
878necp_find_client_and_lock(uuid_t client_id)
879{
880 NECP_CLIENT_TREE_ASSERT_LOCKED();
881
882 struct necp_client *client = NULL;
883
884 if (necp_client_id_is_flow(client_id)) {
885 NECP_FLOW_TREE_LOCK_SHARED();
886 struct necp_client_flow_registration find;
887 uuid_copy(dst: find.registration_id, src: client_id);
888 struct necp_client_flow_registration *flow = RB_FIND(_necp_client_flow_global_tree, &necp_client_flow_global_tree, &find);
889 if (flow != NULL) {
890 client = flow->client;
891 }
892 NECP_FLOW_TREE_UNLOCK();
893 } else {
894 struct necp_client find;
895 uuid_copy(dst: find.client_id, src: client_id);
896 client = RB_FIND(_necp_client_global_tree, &necp_client_global_tree, &find);
897 }
898
899 if (client != NULL) {
900 NECP_CLIENT_LOCK(client);
901 }
902
903 return client;
904}
905
906static struct necp_client_flow_registration *
907necp_client_find_flow(struct necp_client *client, uuid_t flow_id)
908{
909 NECP_CLIENT_ASSERT_LOCKED(client);
910 struct necp_client_flow_registration *flow = NULL;
911
912 if (necp_client_id_is_flow(client_id: flow_id)) {
913 struct necp_client_flow_registration find;
914 uuid_copy(dst: find.registration_id, src: flow_id);
915 flow = RB_FIND(_necp_client_flow_tree, &client->flow_registrations, &find);
916 } else {
917 flow = RB_ROOT(&client->flow_registrations);
918 }
919
920 return flow;
921}
922
923static struct necp_client *
924necp_client_fd_find_client_unlocked(struct necp_fd_data *client_fd, uuid_t client_id)
925{
926 NECP_FD_ASSERT_LOCKED(client_fd);
927 struct necp_client *client = NULL;
928
929 if (necp_client_id_is_flow(client_id)) {
930 struct necp_client_flow_registration find;
931 uuid_copy(dst: find.registration_id, src: client_id);
932 struct necp_client_flow_registration *flow = RB_FIND(_necp_fd_flow_tree, &client_fd->flows, &find);
933 if (flow != NULL) {
934 client = flow->client;
935 }
936 } else {
937 struct necp_client find;
938 uuid_copy(dst: find.client_id, src: client_id);
939 client = RB_FIND(_necp_client_tree, &client_fd->clients, &find);
940 }
941
942 return client;
943}
944
945static struct necp_client *
946necp_client_fd_find_client_and_lock(struct necp_fd_data *client_fd, uuid_t client_id)
947{
948 struct necp_client *client = necp_client_fd_find_client_unlocked(client_fd, client_id);
949 if (client != NULL) {
950 NECP_CLIENT_LOCK(client);
951 }
952
953 return client;
954}
955
956static inline int
957necp_client_id_cmp(struct necp_client *client0, struct necp_client *client1)
958{
959 return uuid_compare(uu1: client0->client_id, uu2: client1->client_id);
960}
961
962static inline int
963necp_client_flow_id_cmp(struct necp_client_flow_registration *flow0, struct necp_client_flow_registration *flow1)
964{
965 return uuid_compare(uu1: flow0->registration_id, uu2: flow1->registration_id);
966}
967
968static int
969necpop_select(struct fileproc *fp, int which, void *wql, vfs_context_t ctx)
970{
971#pragma unused(fp, which, wql, ctx)
972 return 0;
973 struct necp_fd_data *fd_data = NULL;
974 int revents = 0;
975 int events = 0;
976 proc_t procp;
977
978 fd_data = (struct necp_fd_data *)fp_get_data(fp);
979 if (fd_data == NULL) {
980 return 0;
981 }
982
983 procp = vfs_context_proc(ctx);
984
985 switch (which) {
986 case FREAD: {
987 events = POLLIN;
988 break;
989 }
990
991 default: {
992 return 1;
993 }
994 }
995
996 NECP_FD_LOCK(fd_data);
997 revents = necp_fd_poll(fd_data, events, wql, p: procp, is_kevent: 0);
998 NECP_FD_UNLOCK(fd_data);
999
1000 return (events & revents) ? 1 : 0;
1001}
1002
1003static void
1004necp_fd_knrdetach(struct knote *kn)
1005{
1006 struct necp_fd_data *fd_data = (struct necp_fd_data *)knote_kn_hook_get_raw(kn);
1007 struct selinfo *si = &fd_data->si;
1008
1009 NECP_FD_LOCK(fd_data);
1010 KNOTE_DETACH(&si->si_note, kn);
1011 NECP_FD_UNLOCK(fd_data);
1012}
1013
1014static int
1015necp_fd_knread(struct knote *kn, long hint)
1016{
1017#pragma unused(kn, hint)
1018 return 1; /* assume we are ready */
1019}
1020
1021static int
1022necp_fd_knrprocess(struct knote *kn, struct kevent_qos_s *kev)
1023{
1024 struct necp_fd_data *fd_data;
1025 int revents;
1026 int res;
1027
1028 fd_data = (struct necp_fd_data *)knote_kn_hook_get_raw(kn);
1029
1030 NECP_FD_LOCK(fd_data);
1031 revents = necp_fd_poll(fd_data, POLLIN, NULL, p: current_proc(), is_kevent: 1);
1032 res = ((revents & POLLIN) != 0);
1033 if (res) {
1034 knote_fill_kevent(kn, kev, data: 0);
1035 }
1036 NECP_FD_UNLOCK(fd_data);
1037 return res;
1038}
1039
1040static int
1041necp_fd_knrtouch(struct knote *kn, struct kevent_qos_s *kev)
1042{
1043#pragma unused(kev)
1044 struct necp_fd_data *fd_data;
1045 int revents;
1046
1047 fd_data = (struct necp_fd_data *)knote_kn_hook_get_raw(kn);
1048
1049 NECP_FD_LOCK(fd_data);
1050 revents = necp_fd_poll(fd_data, POLLIN, NULL, p: current_proc(), is_kevent: 1);
1051 NECP_FD_UNLOCK(fd_data);
1052
1053 return (revents & POLLIN) != 0;
1054}
1055
1056SECURITY_READ_ONLY_EARLY(struct filterops) necp_fd_rfiltops = {
1057 .f_isfd = 1,
1058 .f_detach = necp_fd_knrdetach,
1059 .f_event = necp_fd_knread,
1060 .f_touch = necp_fd_knrtouch,
1061 .f_process = necp_fd_knrprocess,
1062};
1063
1064static int
1065necpop_kqfilter(struct fileproc *fp, struct knote *kn,
1066 __unused struct kevent_qos_s *kev)
1067{
1068 struct necp_fd_data *fd_data = NULL;
1069 int revents;
1070
1071 if (kn->kn_filter != EVFILT_READ) {
1072 NECPLOG(LOG_ERR, "bad filter request %d", kn->kn_filter);
1073 knote_set_error(kn, EINVAL);
1074 return 0;
1075 }
1076
1077 fd_data = (struct necp_fd_data *)fp_get_data(fp);
1078 if (fd_data == NULL) {
1079 NECPLOG0(LOG_ERR, "No channel for kqfilter");
1080 knote_set_error(kn, ENOENT);
1081 return 0;
1082 }
1083
1084 NECP_FD_LOCK(fd_data);
1085 kn->kn_filtid = EVFILTID_NECP_FD;
1086 knote_kn_hook_set_raw(kn, kn_hook: fd_data);
1087 KNOTE_ATTACH(&fd_data->si.si_note, kn);
1088
1089 revents = necp_fd_poll(fd_data, POLLIN, NULL, p: current_proc(), is_kevent: 1);
1090
1091 NECP_FD_UNLOCK(fd_data);
1092
1093 return (revents & POLLIN) != 0;
1094}
1095
1096#define INTERFACE_FLAGS_SHIFT 32
1097#define INTERFACE_FLAGS_MASK 0xffffffff
1098#define INTERFACE_INDEX_SHIFT 0
1099#define INTERFACE_INDEX_MASK 0xffffffff
1100
1101static uint64_t
1102combine_interface_details(uint32_t interface_index, uint32_t interface_flags)
1103{
1104 return ((uint64_t)interface_flags & INTERFACE_FLAGS_MASK) << INTERFACE_FLAGS_SHIFT |
1105 ((uint64_t)interface_index & INTERFACE_INDEX_MASK) << INTERFACE_INDEX_SHIFT;
1106}
1107
1108#if SKYWALK
1109
1110static void
1111split_interface_details(uint64_t combined_details, uint32_t *interface_index, uint32_t *interface_flags)
1112{
1113 *interface_index = (combined_details >> INTERFACE_INDEX_SHIFT) & INTERFACE_INDEX_MASK;
1114 *interface_flags = (combined_details >> INTERFACE_FLAGS_SHIFT) & INTERFACE_FLAGS_MASK;
1115}
1116
1117static void
1118necp_flow_save_current_interface_details(struct necp_client_flow_registration *flow_registration)
1119{
1120 struct necp_client_flow *flow = NULL;
1121 LIST_FOREACH(flow, &flow_registration->flow_list, flow_chain) {
1122 if (flow->nexus) {
1123 uint64_t combined_details = combine_interface_details(interface_index: flow->interface_index, interface_flags: flow->interface_flags);
1124 os_atomic_store(&flow_registration->last_interface_details, combined_details, release);
1125 break;
1126 }
1127 }
1128}
1129
1130static void
1131necp_client_collect_interface_stats(struct necp_client_flow_registration *flow_registration, struct ifnet_stats_per_flow *ifs)
1132{
1133 struct necp_client_flow *flow = NULL;
1134
1135 if (ifs == NULL || ifs->txpackets == 0 || ifs->rxpackets == 0) {
1136 return; // App might have crashed without publishing ifs
1137 }
1138
1139 // Do malicious stats detection here
1140
1141 // Fold userspace stats into (trusted) kernel stats (stored in ifp).
1142 LIST_FOREACH(flow, &flow_registration->flow_list, flow_chain) {
1143 uint32_t if_idx = flow->interface_index;
1144 ifnet_t ifp = NULL;
1145 ifnet_head_lock_shared();
1146 if (if_idx != IFSCOPE_NONE && if_idx <= (uint32_t)if_index) {
1147 ifp = ifindex2ifnet[if_idx];
1148 ifnet_update_stats_per_flow(ifs, ifp);
1149 }
1150 ifnet_head_done();
1151
1152 // Currently there is only one flow that uses the shared necp
1153 // stats region, so this loop should exit after updating an ifp
1154 break;
1155 }
1156}
1157
1158static void
1159necp_client_collect_stats(struct necp_client_flow_registration *flow_registration)
1160{
1161 struct necp_all_kstats *kstats = (struct necp_all_kstats *)flow_registration->kstats_kaddr;
1162 if (kstats == NULL) {
1163 return;
1164 }
1165
1166 // Grab userspace stats delta (untrusted).
1167 struct necp_tcp_stats *curr_tcpstats = (struct necp_tcp_stats *)kstats->necp_stats_ustats;
1168 struct necp_tcp_stats *prev_tcpstats = (struct necp_tcp_stats *)&kstats->necp_stats_comm;
1169#define diff_n_update(field) \
1170 u_int32_t d_##field = (curr_tcpstats->necp_tcp_counts.necp_stat_##field - prev_tcpstats->necp_tcp_counts.necp_stat_##field); \
1171 prev_tcpstats->necp_tcp_counts.necp_stat_##field += d_##field;
1172 diff_n_update(rxpackets);
1173 diff_n_update(txpackets);
1174 if (d_rxpackets == 0 && d_txpackets == 0) {
1175 return; // no activity since last collection, stop here
1176 }
1177 diff_n_update(rxbytes);
1178 diff_n_update(txbytes);
1179 diff_n_update(rxduplicatebytes);
1180 diff_n_update(rxoutoforderbytes);
1181 diff_n_update(txretransmit);
1182 diff_n_update(connectattempts);
1183 diff_n_update(connectsuccesses);
1184 uint32_t rtt = prev_tcpstats->necp_tcp_counts.necp_stat_avg_rtt = curr_tcpstats->necp_tcp_counts.necp_stat_avg_rtt;
1185 uint32_t rtt_var = prev_tcpstats->necp_tcp_counts.necp_stat_var_rtt = curr_tcpstats->necp_tcp_counts.necp_stat_var_rtt;
1186#undef diff_n_update
1187
1188 // Do malicious stats detection with the deltas here.
1189 // RTT check (not necessarily attacks, might just be not measured since we report stats async periodically).
1190 if (rtt < necp_client_stats_rtt_floor || rtt > necp_client_stats_rtt_ceiling) {
1191 rtt = rtt_var = 0; // nstat_route_update to skip 0 rtt
1192 }
1193
1194 // Fold userspace stats into (trusted) kernel stats (stored in route).
1195 NECP_CLIENT_ROUTE_LOCK(flow_registration->client);
1196 struct rtentry *route = flow_registration->client->current_route;
1197 if (route != NULL) {
1198 nstat_route_update(rte: route, connect_attempts: d_connectattempts, connect_successes: d_connectsuccesses, rx_packets: d_rxpackets, rx_bytes: d_rxbytes, rx_duplicatebytes: d_rxduplicatebytes,
1199 rx_outoforderbytes: d_rxoutoforderbytes, tx_packets: d_txpackets, tx_bytes: d_txbytes, tx_retransmit: d_txretransmit, rtt, rtt_var);
1200 }
1201 NECP_CLIENT_ROUTE_UNLOCK(flow_registration->client);
1202}
1203
1204// This is called from various places; "closing" here implies the client being closed/removed if true, otherwise being
1205// defunct. In the former, we expect the caller to not hold the lock; for the latter it must have acquired it.
1206static void
1207necp_destroy_flow_stats(struct necp_fd_data *fd_data,
1208 struct necp_client_flow_registration *flow_registration,
1209 struct ifnet_stats_per_flow *flow_ifnet_stats,
1210 boolean_t closing)
1211{
1212 NECP_FD_ASSERT_LOCKED(fd_data);
1213
1214 struct necp_client *client = flow_registration->client;
1215
1216 if (closing) {
1217 NECP_CLIENT_ASSERT_UNLOCKED(client);
1218 NECP_CLIENT_LOCK(client);
1219 } else {
1220 NECP_CLIENT_ASSERT_LOCKED(client);
1221 }
1222
1223 // the interface stats are independent of the flow stats, hence we check here
1224 if (flow_ifnet_stats != NULL) {
1225 necp_client_collect_interface_stats(flow_registration, ifs: flow_ifnet_stats);
1226 }
1227
1228 if (flow_registration->kstats_kaddr != NULL) {
1229 NECP_STATS_LIST_LOCK_EXCLUSIVE();
1230 necp_client_collect_stats(flow_registration);
1231 const bool destroyed = necp_client_release_locked(client); // Drop the reference held by the stats list
1232 ASSERT(!destroyed);
1233 (void)destroyed;
1234 LIST_REMOVE(flow_registration, collect_stats_chain);
1235 NECP_STATS_LIST_UNLOCK();
1236 if (flow_registration->stats_handler_context != NULL) {
1237 ntstat_userland_stats_close(nstat_ctx: flow_registration->stats_handler_context);
1238 flow_registration->stats_handler_context = NULL;
1239 }
1240 necp_arena_stats_obj_free(fd_data, stats_arena: flow_registration->stats_arena, kstats_kaddr: &flow_registration->kstats_kaddr, ustats_uaddr: &flow_registration->ustats_uaddr);
1241 ASSERT(flow_registration->kstats_kaddr == NULL);
1242 ASSERT(flow_registration->ustats_uaddr == 0);
1243 }
1244
1245 if (flow_registration->nexus_stats != NULL) {
1246 flow_stats_release(fs: flow_registration->nexus_stats);
1247 flow_registration->nexus_stats = NULL;
1248 }
1249
1250 if (closing) {
1251 NECP_CLIENT_UNLOCK(client);
1252 }
1253}
1254
1255static void
1256necp_schedule_collect_stats_clients(bool recur)
1257{
1258 if (necp_client_collect_stats_tcall == NULL ||
1259 (!recur && thread_call_isactive(call: necp_client_collect_stats_tcall))) {
1260 return;
1261 }
1262
1263 uint64_t deadline = 0;
1264 uint64_t leeway = 0;
1265 clock_interval_to_deadline(interval: necp_collect_stats_timeout_microseconds, NSEC_PER_USEC, result: &deadline);
1266 clock_interval_to_absolutetime_interval(interval: necp_collect_stats_timeout_leeway_microseconds, NSEC_PER_USEC, result: &leeway);
1267
1268 thread_call_enter_delayed_with_leeway(call: necp_client_collect_stats_tcall, NULL,
1269 deadline, leeway, THREAD_CALL_DELAY_LEEWAY);
1270}
1271
1272static void
1273necp_collect_stats_client_callout(__unused thread_call_param_t dummy,
1274 __unused thread_call_param_t arg)
1275{
1276 struct necp_client_flow_registration *flow_registration;
1277
1278 net_update_uptime();
1279 NECP_STATS_LIST_LOCK_SHARED();
1280 if (LIST_EMPTY(&necp_collect_stats_flow_list)) {
1281 NECP_STATS_LIST_UNLOCK();
1282 return;
1283 }
1284 LIST_FOREACH(flow_registration, &necp_collect_stats_flow_list, collect_stats_chain) {
1285 // Collecting stats should be cheap (atomic increments)
1286 // Values like flow_registration->kstats_kaddr are guaranteed to be valid
1287 // as long as the flow_registration is in the stats list
1288 necp_client_collect_stats(flow_registration);
1289 }
1290 NECP_STATS_LIST_UNLOCK();
1291
1292 necp_schedule_collect_stats_clients(TRUE); // recurring collection
1293}
1294
1295#endif /* !SKYWALK */
1296
1297static void
1298necp_defunct_flow_registration(struct necp_client *client,
1299 struct necp_client_flow_registration *flow_registration,
1300 struct _necp_flow_defunct_list *defunct_list)
1301{
1302 NECP_CLIENT_ASSERT_LOCKED(client);
1303
1304 if (!flow_registration->defunct) {
1305 bool needs_defunct = false;
1306 struct necp_client_flow *search_flow = NULL;
1307 LIST_FOREACH(search_flow, &flow_registration->flow_list, flow_chain) {
1308 if (search_flow->nexus &&
1309 !uuid_is_null(uu: search_flow->u.nexus_agent)) {
1310 // Save defunct values for the nexus
1311 if (defunct_list != NULL) {
1312 // Sleeping alloc won't fail; copy only what's necessary
1313 struct necp_flow_defunct *flow_defunct = kalloc_type(struct necp_flow_defunct,
1314 Z_WAITOK | Z_ZERO);
1315 uuid_copy(dst: flow_defunct->nexus_agent, src: search_flow->u.nexus_agent);
1316 uuid_copy(dst: flow_defunct->flow_id, src: ((flow_registration->flags & NECP_CLIENT_FLOW_FLAGS_USE_CLIENT_ID) ?
1317 client->client_id :
1318 flow_registration->registration_id));
1319 flow_defunct->proc_pid = client->proc_pid;
1320 flow_defunct->agent_handle = client->agent_handle;
1321 flow_defunct->flags = flow_registration->flags;
1322#if SKYWALK
1323 if (flow_registration->kstats_kaddr != NULL) {
1324 struct necp_all_stats *ustats_kaddr = ((struct necp_all_kstats *)flow_registration->kstats_kaddr)->necp_stats_ustats;
1325 struct necp_quic_stats *quicstats = (struct necp_quic_stats *)ustats_kaddr;
1326 if (quicstats != NULL) {
1327 memcpy(dst: flow_defunct->close_parameters.u.close_token, src: quicstats->necp_quic_extra.ssr_token, n: sizeof(flow_defunct->close_parameters.u.close_token));
1328 flow_defunct->has_close_parameters = true;
1329 }
1330 }
1331#endif /* SKYWALK */
1332 // Add to the list provided by caller
1333 LIST_INSERT_HEAD(defunct_list, flow_defunct, chain);
1334 }
1335
1336 needs_defunct = true;
1337 }
1338 }
1339
1340 if (needs_defunct) {
1341#if SKYWALK
1342 // Close the stats early
1343 if (flow_registration->stats_handler_context != NULL) {
1344 ntstat_userland_stats_event(nstat_ctx: flow_registration->stats_handler_context,
1345 NECP_CLIENT_STATISTICS_EVENT_TIME_WAIT);
1346 }
1347#endif /* SKYWALK */
1348
1349 // Only set defunct if there was some assigned flow
1350 flow_registration->defunct = true;
1351 }
1352 }
1353}
1354
1355static void
1356necp_defunct_client_for_policy(struct necp_client *client,
1357 struct _necp_flow_defunct_list *defunct_list)
1358{
1359 NECP_CLIENT_ASSERT_LOCKED(client);
1360
1361 struct necp_client_flow_registration *flow_registration = NULL;
1362 RB_FOREACH(flow_registration, _necp_client_flow_tree, &client->flow_registrations) {
1363 necp_defunct_flow_registration(client, flow_registration, defunct_list);
1364 }
1365}
1366
1367static void
1368necp_client_free(struct necp_client *client)
1369{
1370 NECP_CLIENT_ASSERT_UNLOCKED(client);
1371
1372 kfree_data(client->extra_interface_options,
1373 sizeof(struct necp_client_interface_option) * NECP_CLIENT_INTERFACE_OPTION_EXTRA_COUNT);
1374 client->extra_interface_options = NULL;
1375
1376 kfree_data(client->parameters, client->parameters_length);
1377 client->parameters = NULL;
1378
1379 kfree_data(client->assigned_group_members, client->assigned_group_members_length);
1380 client->assigned_group_members = NULL;
1381
1382 lck_mtx_destroy(lck: &client->route_lock, grp: &necp_fd_mtx_grp);
1383 lck_mtx_destroy(lck: &client->lock, grp: &necp_fd_mtx_grp);
1384
1385 kfree_type(struct necp_client, client);
1386}
1387
1388static void
1389necp_client_retain_locked(struct necp_client *client)
1390{
1391 NECP_CLIENT_ASSERT_LOCKED(client);
1392
1393 os_ref_retain_locked(rc: &client->reference_count);
1394}
1395
1396static void
1397necp_client_retain(struct necp_client *client)
1398{
1399 NECP_CLIENT_LOCK(client);
1400 necp_client_retain_locked(client);
1401 NECP_CLIENT_UNLOCK(client);
1402}
1403
1404static bool
1405necp_client_release_locked(struct necp_client *client)
1406{
1407 NECP_CLIENT_ASSERT_LOCKED(client);
1408
1409 os_ref_count_t count = os_ref_release_locked(rc: &client->reference_count);
1410 if (count == 0) {
1411 NECP_CLIENT_UNLOCK(client);
1412 necp_client_free(client);
1413 }
1414
1415 return count == 0;
1416}
1417
1418static bool
1419necp_client_release(struct necp_client *client)
1420{
1421 bool last_ref;
1422
1423 NECP_CLIENT_LOCK(client);
1424 if (!(last_ref = necp_client_release_locked(client))) {
1425 NECP_CLIENT_UNLOCK(client);
1426 }
1427
1428 return last_ref;
1429}
1430
1431static struct necp_client_update *
1432necp_client_update_alloc(const void *data, size_t length)
1433{
1434 struct necp_client_update *client_update;
1435 struct necp_client_observer_update *buffer;
1436 size_t alloc_size;
1437
1438 if (os_add_overflow(length, sizeof(*buffer), &alloc_size)) {
1439 return NULL;
1440 }
1441 buffer = kalloc_data(alloc_size, Z_WAITOK);
1442 if (buffer == NULL) {
1443 return NULL;
1444 }
1445
1446 client_update = kalloc_type(struct necp_client_update,
1447 Z_WAITOK | Z_ZERO | Z_NOFAIL);
1448 client_update->update_length = alloc_size;
1449 client_update->update = buffer;
1450 memcpy(dst: buffer->tlv_buffer, src: data, n: length);
1451 return client_update;
1452}
1453
1454static void
1455necp_client_update_free(struct necp_client_update *client_update)
1456{
1457 kfree_data(client_update->update, client_update->update_length);
1458 kfree_type(struct necp_client_update, client_update);
1459}
1460
1461static void
1462necp_client_update_observer_add_internal(struct necp_fd_data *observer_fd, struct necp_client *client)
1463{
1464 struct necp_client_update *client_update;
1465
1466 NECP_FD_LOCK(observer_fd);
1467
1468 if (observer_fd->update_count >= necp_observer_message_limit) {
1469 NECP_FD_UNLOCK(observer_fd);
1470 return;
1471 }
1472
1473 client_update = necp_client_update_alloc(data: client->parameters, length: client->parameters_length);
1474 if (client_update != NULL) {
1475 uuid_copy(dst: client_update->client_id, src: client->client_id);
1476 client_update->update->update_type = NECP_CLIENT_UPDATE_TYPE_PARAMETERS;
1477 TAILQ_INSERT_TAIL(&observer_fd->update_list, client_update, chain);
1478 observer_fd->update_count++;
1479
1480 necp_fd_notify(fd_data: observer_fd, true);
1481 }
1482
1483 NECP_FD_UNLOCK(observer_fd);
1484}
1485
1486static void
1487necp_client_update_observer_update_internal(struct necp_fd_data *observer_fd, struct necp_client *client)
1488{
1489 NECP_FD_LOCK(observer_fd);
1490
1491 if (observer_fd->update_count >= necp_observer_message_limit) {
1492 NECP_FD_UNLOCK(observer_fd);
1493 return;
1494 }
1495
1496 struct necp_client_update *client_update = necp_client_update_alloc(data: client->result, length: client->result_length);
1497 if (client_update != NULL) {
1498 uuid_copy(dst: client_update->client_id, src: client->client_id);
1499 client_update->update->update_type = NECP_CLIENT_UPDATE_TYPE_RESULT;
1500 TAILQ_INSERT_TAIL(&observer_fd->update_list, client_update, chain);
1501 observer_fd->update_count++;
1502
1503 necp_fd_notify(fd_data: observer_fd, true);
1504 }
1505
1506 NECP_FD_UNLOCK(observer_fd);
1507}
1508
1509static void
1510necp_client_update_observer_remove_internal(struct necp_fd_data *observer_fd, struct necp_client *client)
1511{
1512 NECP_FD_LOCK(observer_fd);
1513
1514 if (observer_fd->update_count >= necp_observer_message_limit) {
1515 NECP_FD_UNLOCK(observer_fd);
1516 return;
1517 }
1518
1519 struct necp_client_update *client_update = necp_client_update_alloc(NULL, length: 0);
1520 if (client_update != NULL) {
1521 uuid_copy(dst: client_update->client_id, src: client->client_id);
1522 client_update->update->update_type = NECP_CLIENT_UPDATE_TYPE_REMOVE;
1523 TAILQ_INSERT_TAIL(&observer_fd->update_list, client_update, chain);
1524 observer_fd->update_count++;
1525
1526 necp_fd_notify(fd_data: observer_fd, true);
1527 }
1528
1529 NECP_FD_UNLOCK(observer_fd);
1530}
1531
1532static void
1533necp_client_update_observer_add(struct necp_client *client)
1534{
1535 NECP_OBSERVER_LIST_LOCK_SHARED();
1536
1537 if (LIST_EMPTY(&necp_fd_observer_list)) {
1538 // No observers, bail
1539 NECP_OBSERVER_LIST_UNLOCK();
1540 return;
1541 }
1542
1543 struct necp_fd_data *observer_fd = NULL;
1544 LIST_FOREACH(observer_fd, &necp_fd_observer_list, chain) {
1545 necp_client_update_observer_add_internal(observer_fd, client);
1546 }
1547
1548 NECP_OBSERVER_LIST_UNLOCK();
1549}
1550
1551static void
1552necp_client_update_observer_update(struct necp_client *client)
1553{
1554 NECP_OBSERVER_LIST_LOCK_SHARED();
1555
1556 if (LIST_EMPTY(&necp_fd_observer_list)) {
1557 // No observers, bail
1558 NECP_OBSERVER_LIST_UNLOCK();
1559 return;
1560 }
1561
1562 struct necp_fd_data *observer_fd = NULL;
1563 LIST_FOREACH(observer_fd, &necp_fd_observer_list, chain) {
1564 necp_client_update_observer_update_internal(observer_fd, client);
1565 }
1566
1567 NECP_OBSERVER_LIST_UNLOCK();
1568}
1569
1570static void
1571necp_client_update_observer_remove(struct necp_client *client)
1572{
1573 NECP_OBSERVER_LIST_LOCK_SHARED();
1574
1575 if (LIST_EMPTY(&necp_fd_observer_list)) {
1576 // No observers, bail
1577 NECP_OBSERVER_LIST_UNLOCK();
1578 return;
1579 }
1580
1581 struct necp_fd_data *observer_fd = NULL;
1582 LIST_FOREACH(observer_fd, &necp_fd_observer_list, chain) {
1583 necp_client_update_observer_remove_internal(observer_fd, client);
1584 }
1585
1586 NECP_OBSERVER_LIST_UNLOCK();
1587}
1588
1589static void
1590necp_destroy_client_flow_registration(struct necp_client *client,
1591 struct necp_client_flow_registration *flow_registration,
1592 pid_t pid, bool abort)
1593{
1594 NECP_CLIENT_ASSERT_LOCKED(client);
1595
1596 bool has_close_parameters = false;
1597 struct necp_client_agent_parameters close_parameters = {};
1598 memset(s: close_parameters.u.close_token, c: 0, n: sizeof(close_parameters.u.close_token));
1599#if SKYWALK
1600 if (flow_registration->kstats_kaddr != NULL) {
1601 struct necp_all_stats *ustats_kaddr = ((struct necp_all_kstats *)flow_registration->kstats_kaddr)->necp_stats_ustats;
1602 struct necp_quic_stats *quicstats = (struct necp_quic_stats *)ustats_kaddr;
1603 if (quicstats != NULL &&
1604 quicstats->necp_quic_udp_stats.necp_udp_hdr.necp_stats_type == NECP_CLIENT_STATISTICS_TYPE_QUIC) {
1605 memcpy(dst: close_parameters.u.close_token, src: quicstats->necp_quic_extra.ssr_token, n: sizeof(close_parameters.u.close_token));
1606 has_close_parameters = true;
1607 }
1608 }
1609
1610 // Release reference held on the stats arena
1611 if (flow_registration->stats_arena != NULL) {
1612 necp_arena_info_release(nai: flow_registration->stats_arena);
1613 flow_registration->stats_arena = NULL;
1614 }
1615#endif /* SKYWALK */
1616
1617 struct necp_client_flow *search_flow = NULL;
1618 struct necp_client_flow *temp_flow = NULL;
1619 LIST_FOREACH_SAFE(search_flow, &flow_registration->flow_list, flow_chain, temp_flow) {
1620 if (search_flow->nexus &&
1621 !uuid_is_null(uu: search_flow->u.nexus_agent)) {
1622 // Don't unregister for defunct flows
1623 if (!flow_registration->defunct) {
1624 u_int8_t message_type = (abort ? NETAGENT_MESSAGE_TYPE_ABORT_NEXUS :
1625 NETAGENT_MESSAGE_TYPE_CLOSE_NEXUS);
1626 if (((flow_registration->flags & NECP_CLIENT_FLOW_FLAGS_BROWSE) ||
1627 (flow_registration->flags & NECP_CLIENT_FLOW_FLAGS_RESOLVE)) &&
1628 !(flow_registration->flags & NECP_CLIENT_FLOW_FLAGS_ALLOW_NEXUS)) {
1629 message_type = NETAGENT_MESSAGE_TYPE_CLIENT_UNASSERT;
1630 }
1631 int netagent_error = netagent_client_message_with_params(agent_uuid: search_flow->u.nexus_agent,
1632 necp_client_uuid: ((flow_registration->flags & NECP_CLIENT_FLOW_FLAGS_USE_CLIENT_ID) ?
1633 client->client_id :
1634 flow_registration->registration_id),
1635 pid, handle: client->agent_handle,
1636 message_type,
1637 parameters: has_close_parameters ? &close_parameters : NULL,
1638 NULL, assigned_results_length: 0);
1639 if (netagent_error != 0 && netagent_error != ENOENT) {
1640 NECPLOG(LOG_ERR, "necp_client_remove close nexus error (%d) MESSAGE TYPE %u", netagent_error, message_type);
1641 }
1642 }
1643 uuid_clear(uu: search_flow->u.nexus_agent);
1644 }
1645 if (search_flow->assigned_results != NULL) {
1646 kfree_data(search_flow->assigned_results, search_flow->assigned_results_length);
1647 search_flow->assigned_results = NULL;
1648 }
1649 LIST_REMOVE(search_flow, flow_chain);
1650#if SKYWALK
1651 if (search_flow->nexus) {
1652 OSDecrementAtomic(&necp_nexus_flow_count);
1653 } else
1654#endif /* SKYWALK */
1655 if (search_flow->socket) {
1656 OSDecrementAtomic(&necp_socket_flow_count);
1657 } else {
1658 OSDecrementAtomic(&necp_if_flow_count);
1659 }
1660 kfree_type(struct necp_client_flow, search_flow);
1661 }
1662
1663 RB_REMOVE(_necp_client_flow_tree, &client->flow_registrations, flow_registration);
1664 flow_registration->client = NULL;
1665
1666 kfree_type(struct necp_client_flow_registration, flow_registration);
1667}
1668
1669static void
1670necp_destroy_client(struct necp_client *client, pid_t pid, bool abort)
1671{
1672 NECP_CLIENT_ASSERT_UNLOCKED(client);
1673
1674#if SKYWALK
1675 if (client->nstat_context != NULL) {
1676 // This is a catch-all that should be rarely used.
1677 nstat_provider_stats_close(nstat_ctx: client->nstat_context);
1678 client->nstat_context = NULL;
1679 }
1680 if (client->original_parameters_source != NULL) {
1681 necp_client_release(client: client->original_parameters_source);
1682 client->original_parameters_source = NULL;
1683 }
1684#endif /* SKYWALK */
1685 necp_client_update_observer_remove(client);
1686
1687 NECP_CLIENT_LOCK(client);
1688
1689 // Free route
1690 NECP_CLIENT_ROUTE_LOCK(client);
1691 if (client->current_route != NULL) {
1692 rtfree(client->current_route);
1693 client->current_route = NULL;
1694 }
1695 NECP_CLIENT_ROUTE_UNLOCK(client);
1696
1697 // Remove flow assignments
1698 struct necp_client_flow_registration *flow_registration = NULL;
1699 struct necp_client_flow_registration *temp_flow_registration = NULL;
1700 RB_FOREACH_SAFE(flow_registration, _necp_client_flow_tree, &client->flow_registrations, temp_flow_registration) {
1701 necp_destroy_client_flow_registration(client, flow_registration, pid, abort);
1702 }
1703
1704#if SKYWALK
1705 // Remove port reservation
1706 if (NETNS_TOKEN_VALID(&client->port_reservation)) {
1707 netns_release(token: &client->port_reservation);
1708 }
1709#endif /* !SKYWALK */
1710
1711 // Remove agent assertions
1712 struct necp_client_assertion *search_assertion = NULL;
1713 struct necp_client_assertion *temp_assertion = NULL;
1714 LIST_FOREACH_SAFE(search_assertion, &client->assertion_list, assertion_chain, temp_assertion) {
1715 int netagent_error = netagent_client_message(agent_uuid: search_assertion->asserted_netagent, necp_client_uuid: client->client_id, pid,
1716 handle: client->agent_handle, NETAGENT_MESSAGE_TYPE_CLIENT_UNASSERT);
1717 if (netagent_error != 0) {
1718 NECPLOG((netagent_error == ENOENT ? LOG_DEBUG : LOG_ERR),
1719 "necp_client_remove unassert agent error (%d)", netagent_error);
1720 }
1721 LIST_REMOVE(search_assertion, assertion_chain);
1722 kfree_type(struct necp_client_assertion, search_assertion);
1723 }
1724
1725 if (!necp_client_release_locked(client)) {
1726 NECP_CLIENT_UNLOCK(client);
1727 }
1728
1729 OSDecrementAtomic(&necp_client_count);
1730}
1731
1732static bool
1733necp_defunct_client_fd_locked_inner(struct necp_fd_data *client_fd, struct _necp_flow_defunct_list *defunct_list, bool destroy_stats);
1734
1735static void
1736necp_process_defunct_list(struct _necp_flow_defunct_list *defunct_list)
1737{
1738 if (!LIST_EMPTY(defunct_list)) {
1739 struct necp_flow_defunct *flow_defunct = NULL;
1740 struct necp_flow_defunct *temp_flow_defunct = NULL;
1741
1742 // For each newly defunct client, send a message to the nexus to remove the flow
1743 LIST_FOREACH_SAFE(flow_defunct, defunct_list, chain, temp_flow_defunct) {
1744 if (!uuid_is_null(uu: flow_defunct->nexus_agent)) {
1745 u_int8_t message_type = NETAGENT_MESSAGE_TYPE_ABORT_NEXUS;
1746 if (((flow_defunct->flags & NECP_CLIENT_FLOW_FLAGS_BROWSE) ||
1747 (flow_defunct->flags & NECP_CLIENT_FLOW_FLAGS_RESOLVE)) &&
1748 !(flow_defunct->flags & NECP_CLIENT_FLOW_FLAGS_ALLOW_NEXUS)) {
1749 message_type = NETAGENT_MESSAGE_TYPE_CLIENT_UNASSERT;
1750 }
1751 int netagent_error = netagent_client_message_with_params(agent_uuid: flow_defunct->nexus_agent,
1752 necp_client_uuid: flow_defunct->flow_id,
1753 pid: flow_defunct->proc_pid,
1754 handle: flow_defunct->agent_handle,
1755 message_type,
1756 parameters: flow_defunct->has_close_parameters ? &flow_defunct->close_parameters : NULL,
1757 NULL, assigned_results_length: 0);
1758 if (netagent_error != 0) {
1759 char namebuf[MAXCOMLEN + 1];
1760 (void) strlcpy(dst: namebuf, src: "unknown", n: sizeof(namebuf));
1761 proc_name(pid: flow_defunct->proc_pid, buf: namebuf, size: sizeof(namebuf));
1762 NECPLOG((netagent_error == ENOENT ? LOG_DEBUG : LOG_ERR), "necp_update_client abort nexus error (%d) for pid %d %s", netagent_error, flow_defunct->proc_pid, namebuf);
1763 }
1764 }
1765 LIST_REMOVE(flow_defunct, chain);
1766 kfree_type(struct necp_flow_defunct, flow_defunct);
1767 }
1768 }
1769 ASSERT(LIST_EMPTY(defunct_list));
1770}
1771
1772static int
1773necpop_close(struct fileglob *fg, vfs_context_t ctx)
1774{
1775#pragma unused(ctx)
1776 struct necp_fd_data *fd_data = NULL;
1777 int error = 0;
1778
1779 fd_data = (struct necp_fd_data *)fg_get_data(fg);
1780 fg_set_data(fg, NULL);
1781
1782 if (fd_data != NULL) {
1783 struct _necp_client_tree clients_to_close;
1784 RB_INIT(&clients_to_close);
1785
1786 // Remove from list quickly
1787 if (fd_data->flags & NECP_OPEN_FLAG_PUSH_OBSERVER) {
1788 NECP_OBSERVER_LIST_LOCK_EXCLUSIVE();
1789 LIST_REMOVE(fd_data, chain);
1790 NECP_OBSERVER_LIST_UNLOCK();
1791 } else {
1792 NECP_FD_LIST_LOCK_EXCLUSIVE();
1793 LIST_REMOVE(fd_data, chain);
1794 NECP_FD_LIST_UNLOCK();
1795 }
1796
1797 NECP_FD_LOCK(fd_data);
1798 pid_t pid = fd_data->proc_pid;
1799
1800 struct _necp_flow_defunct_list defunct_list;
1801 LIST_INIT(&defunct_list);
1802
1803 (void)necp_defunct_client_fd_locked_inner(client_fd: fd_data, defunct_list: &defunct_list, false);
1804
1805 struct necp_client_flow_registration *flow_registration = NULL;
1806 struct necp_client_flow_registration *temp_flow_registration = NULL;
1807 RB_FOREACH_SAFE(flow_registration, _necp_fd_flow_tree, &fd_data->flows, temp_flow_registration) {
1808#if SKYWALK
1809 necp_destroy_flow_stats(fd_data, flow_registration, NULL, TRUE);
1810#endif /* SKYWALK */
1811 NECP_FLOW_TREE_LOCK_EXCLUSIVE();
1812 RB_REMOVE(_necp_client_flow_global_tree, &necp_client_flow_global_tree, flow_registration);
1813 NECP_FLOW_TREE_UNLOCK();
1814 RB_REMOVE(_necp_fd_flow_tree, &fd_data->flows, flow_registration);
1815 }
1816
1817 struct necp_client *client = NULL;
1818 struct necp_client *temp_client = NULL;
1819 RB_FOREACH_SAFE(client, _necp_client_tree, &fd_data->clients, temp_client) {
1820 // Clear out the agent_handle to avoid dangling pointers back to fd_data
1821 NECP_CLIENT_LOCK(client);
1822 client->agent_handle = NULL;
1823 NECP_CLIENT_UNLOCK(client);
1824
1825 NECP_CLIENT_TREE_LOCK_EXCLUSIVE();
1826 RB_REMOVE(_necp_client_global_tree, &necp_client_global_tree, client);
1827 NECP_CLIENT_TREE_UNLOCK();
1828 RB_REMOVE(_necp_client_tree, &fd_data->clients, client);
1829 RB_INSERT(_necp_client_tree, &clients_to_close, client);
1830 }
1831
1832 struct necp_client_update *client_update = NULL;
1833 struct necp_client_update *temp_update = NULL;
1834 TAILQ_FOREACH_SAFE(client_update, &fd_data->update_list, chain, temp_update) {
1835 // Flush pending updates
1836 TAILQ_REMOVE(&fd_data->update_list, client_update, chain);
1837 necp_client_update_free(client_update);
1838 }
1839 fd_data->update_count = 0;
1840
1841#if SKYWALK
1842 // Cleanup stats arena(s); indicate that we're closing
1843 necp_stats_arenas_destroy(fd_data, TRUE);
1844 ASSERT(fd_data->stats_arena_active == NULL);
1845 ASSERT(LIST_EMPTY(&fd_data->stats_arena_list));
1846
1847 // Cleanup systctl arena
1848 necp_sysctl_arena_destroy(fd_data);
1849 ASSERT(fd_data->sysctl_arena == NULL);
1850#endif /* SKYWALK */
1851
1852 NECP_FD_UNLOCK(fd_data);
1853
1854 selthreadclear(&fd_data->si);
1855
1856 lck_mtx_destroy(lck: &fd_data->fd_lock, grp: &necp_fd_mtx_grp);
1857
1858 if (fd_data->flags & NECP_OPEN_FLAG_PUSH_OBSERVER) {
1859 OSDecrementAtomic(&necp_observer_fd_count);
1860 } else {
1861 OSDecrementAtomic(&necp_client_fd_count);
1862 }
1863
1864 kfree_type(struct necp_fd_data, fd_data);
1865
1866 RB_FOREACH_SAFE(client, _necp_client_tree, &clients_to_close, temp_client) {
1867 RB_REMOVE(_necp_client_tree, &clients_to_close, client);
1868 necp_destroy_client(client, pid, true);
1869 }
1870
1871 necp_process_defunct_list(defunct_list: &defunct_list);
1872 }
1873
1874 return error;
1875}
1876
1877/// NECP client utilities
1878
1879static inline bool
1880necp_address_is_wildcard(const union necp_sockaddr_union * const addr)
1881{
1882 return (addr->sa.sa_family == AF_INET && addr->sin.sin_addr.s_addr == INADDR_ANY) ||
1883 (addr->sa.sa_family == AF_INET6 && IN6_IS_ADDR_UNSPECIFIED(&addr->sin6.sin6_addr));
1884}
1885
1886static int
1887necp_find_fd_data(struct proc *p, int fd,
1888 struct fileproc **fpp, struct necp_fd_data **fd_data)
1889{
1890 struct fileproc *fp;
1891 int error = fp_get_ftype(p, fd, ftype: DTYPE_NETPOLICY, ENODEV, fpp: &fp);
1892
1893 if (error == 0) {
1894 *fd_data = (struct necp_fd_data *)fp_get_data(fp);
1895 *fpp = fp;
1896
1897 if ((*fd_data)->necp_fd_type != necp_fd_type_client) {
1898 // Not a client fd, ignore
1899 fp_drop(p, fd, fp, locked: 0);
1900 error = EINVAL;
1901 }
1902 }
1903 return error;
1904}
1905
1906static void
1907necp_client_add_nexus_flow(struct necp_client_flow_registration *flow_registration,
1908 uuid_t nexus_agent,
1909 uint32_t interface_index,
1910 uint32_t interface_flags)
1911{
1912 struct necp_client_flow *new_flow = kalloc_type(struct necp_client_flow, Z_WAITOK | Z_ZERO | Z_NOFAIL);
1913
1914 new_flow->nexus = TRUE;
1915 uuid_copy(dst: new_flow->u.nexus_agent, src: nexus_agent);
1916 new_flow->interface_index = interface_index;
1917 new_flow->interface_flags = interface_flags;
1918 new_flow->check_tcp_heuristics = TRUE;
1919
1920#if SKYWALK
1921 OSIncrementAtomic(&necp_nexus_flow_count);
1922#endif /* SKYWALK */
1923
1924 LIST_INSERT_HEAD(&flow_registration->flow_list, new_flow, flow_chain);
1925
1926#if SKYWALK
1927 necp_flow_save_current_interface_details(flow_registration);
1928#endif /* SKYWALK */
1929}
1930
1931static void
1932necp_client_add_nexus_flow_if_needed(struct necp_client_flow_registration *flow_registration,
1933 uuid_t nexus_agent,
1934 uint32_t interface_index)
1935{
1936 struct necp_client_flow *flow = NULL;
1937 LIST_FOREACH(flow, &flow_registration->flow_list, flow_chain) {
1938 if (flow->nexus &&
1939 uuid_compare(uu1: flow->u.nexus_agent, uu2: nexus_agent) == 0) {
1940 return;
1941 }
1942 }
1943
1944 uint32_t interface_flags = 0;
1945 ifnet_t ifp = NULL;
1946 ifnet_head_lock_shared();
1947 if (interface_index != IFSCOPE_NONE && interface_index <= (u_int32_t)if_index) {
1948 ifp = ifindex2ifnet[interface_index];
1949 if (ifp != NULL) {
1950 ifnet_lock_shared(ifp);
1951 interface_flags = nstat_ifnet_to_flags(ifp);
1952 ifnet_lock_done(ifp);
1953 }
1954 }
1955 ifnet_head_done();
1956 necp_client_add_nexus_flow(flow_registration, nexus_agent, interface_index, interface_flags);
1957}
1958
1959static struct necp_client_flow *
1960necp_client_add_interface_flow(struct necp_client_flow_registration *flow_registration,
1961 uint32_t interface_index)
1962{
1963 struct necp_client_flow *new_flow = kalloc_type(struct necp_client_flow, Z_WAITOK | Z_ZERO | Z_NOFAIL);
1964
1965 // Neither nexus nor socket
1966 new_flow->interface_index = interface_index;
1967 new_flow->u.socket_handle = flow_registration->interface_handle;
1968 new_flow->u.cb = flow_registration->interface_cb;
1969
1970 OSIncrementAtomic(&necp_if_flow_count);
1971
1972 LIST_INSERT_HEAD(&flow_registration->flow_list, new_flow, flow_chain);
1973
1974 return new_flow;
1975}
1976
1977static struct necp_client_flow *
1978necp_client_add_interface_flow_if_needed(struct necp_client *client,
1979 struct necp_client_flow_registration *flow_registration,
1980 uint32_t interface_index)
1981{
1982 if (!client->allow_multiple_flows ||
1983 interface_index == IFSCOPE_NONE) {
1984 // Interface not set, or client not allowed to use this mode
1985 return NULL;
1986 }
1987
1988 struct necp_client_flow *flow = NULL;
1989 LIST_FOREACH(flow, &flow_registration->flow_list, flow_chain) {
1990 if (!flow->nexus && !flow->socket && flow->interface_index == interface_index) {
1991 // Already have the flow
1992 flow->invalid = FALSE;
1993 flow->u.socket_handle = flow_registration->interface_handle;
1994 flow->u.cb = flow_registration->interface_cb;
1995 return NULL;
1996 }
1997 }
1998 return necp_client_add_interface_flow(flow_registration, interface_index);
1999}
2000
2001static void
2002necp_client_add_interface_option_if_needed(struct necp_client *client,
2003 uint32_t interface_index,
2004 uint32_t interface_generation,
2005 uuid_t *nexus_agent,
2006 bool network_provider)
2007{
2008 if ((interface_index == IFSCOPE_NONE && !network_provider) ||
2009 (client->interface_option_count != 0 && !client->allow_multiple_flows)) {
2010 // Interface not set, or client not allowed to use this mode
2011 return;
2012 }
2013
2014 if (client->interface_option_count >= NECP_CLIENT_MAX_INTERFACE_OPTIONS) {
2015 // Cannot take any more interface options
2016 return;
2017 }
2018
2019 // Check if already present
2020 for (u_int32_t option_i = 0; option_i < client->interface_option_count; option_i++) {
2021 if (option_i < NECP_CLIENT_INTERFACE_OPTION_STATIC_COUNT) {
2022 struct necp_client_interface_option *option = &client->interface_options[option_i];
2023 if (option->interface_index == interface_index) {
2024 if (nexus_agent == NULL) {
2025 return;
2026 }
2027 if (uuid_compare(uu1: option->nexus_agent, uu2: *nexus_agent) == 0) {
2028 return;
2029 }
2030 if (uuid_is_null(uu: option->nexus_agent)) {
2031 uuid_copy(dst: option->nexus_agent, src: *nexus_agent);
2032 return;
2033 }
2034 // If we get to this point, this is a new nexus flow
2035 }
2036 } else {
2037 struct necp_client_interface_option *option = &client->extra_interface_options[option_i - NECP_CLIENT_INTERFACE_OPTION_STATIC_COUNT];
2038 if (option->interface_index == interface_index) {
2039 if (nexus_agent == NULL) {
2040 return;
2041 }
2042 if (uuid_compare(uu1: option->nexus_agent, uu2: *nexus_agent) == 0) {
2043 return;
2044 }
2045 if (uuid_is_null(uu: option->nexus_agent)) {
2046 uuid_copy(dst: option->nexus_agent, src: *nexus_agent);
2047 return;
2048 }
2049 // If we get to this point, this is a new nexus flow
2050 }
2051 }
2052 }
2053
2054 // Add a new entry
2055 if (client->interface_option_count < NECP_CLIENT_INTERFACE_OPTION_STATIC_COUNT) {
2056 // Add to static
2057 struct necp_client_interface_option *option = &client->interface_options[client->interface_option_count];
2058 option->interface_index = interface_index;
2059 option->interface_generation = interface_generation;
2060 if (nexus_agent != NULL) {
2061 uuid_copy(dst: option->nexus_agent, src: *nexus_agent);
2062 } else {
2063 uuid_clear(uu: option->nexus_agent);
2064 }
2065 client->interface_option_count++;
2066 } else {
2067 // Add to extra
2068 if (client->extra_interface_options == NULL) {
2069 client->extra_interface_options = (struct necp_client_interface_option *)kalloc_data(
2070 sizeof(struct necp_client_interface_option) * NECP_CLIENT_INTERFACE_OPTION_EXTRA_COUNT, Z_WAITOK | Z_ZERO);
2071 }
2072 if (client->extra_interface_options != NULL) {
2073 struct necp_client_interface_option *option = &client->extra_interface_options[client->interface_option_count - NECP_CLIENT_INTERFACE_OPTION_STATIC_COUNT];
2074 option->interface_index = interface_index;
2075 option->interface_generation = interface_generation;
2076 if (nexus_agent != NULL) {
2077 uuid_copy(dst: option->nexus_agent, src: *nexus_agent);
2078 } else {
2079 uuid_clear(uu: option->nexus_agent);
2080 }
2081 client->interface_option_count++;
2082 }
2083 }
2084}
2085
2086static bool
2087necp_client_flow_is_viable(proc_t proc, struct necp_client *client,
2088 struct necp_client_flow *flow)
2089{
2090 struct necp_aggregate_result result;
2091 bool ignore_address = (client->allow_multiple_flows && !flow->nexus && !flow->socket);
2092
2093 flow->necp_flow_flags = 0;
2094 int error = necp_application_find_policy_match_internal(proc, parameters: client->parameters,
2095 parameters_size: (u_int32_t)client->parameters_length,
2096 returned_result: &result, flags: &flow->necp_flow_flags, NULL,
2097 required_interface_index: flow->interface_index,
2098 override_local_addr: &flow->local_addr, override_remote_addr: &flow->remote_addr, NULL, NULL,
2099 NULL, ignore_address, true, NULL);
2100
2101 // Check for blocking agents
2102 for (int i = 0; i < NECP_MAX_NETAGENTS; i++) {
2103 if (uuid_is_null(uu: result.netagents[i])) {
2104 // Passed end of valid agents
2105 break;
2106 }
2107 if (result.netagent_use_flags[i] & NECP_AGENT_USE_FLAG_REMOVE) {
2108 // A removed agent, ignore
2109 continue;
2110 }
2111 u_int32_t flags = netagent_get_flags(uuid: result.netagents[i]);
2112 if ((flags & NETAGENT_FLAG_REGISTERED) &&
2113 !(flags & NETAGENT_FLAG_VOLUNTARY) &&
2114 !(flags & NETAGENT_FLAG_ACTIVE) &&
2115 !(flags & NETAGENT_FLAG_SPECIFIC_USE_ONLY)) {
2116 // A required agent is not active, cause the flow to be marked non-viable
2117 return false;
2118 }
2119 }
2120
2121 if (flow->interface_index != IFSCOPE_NONE) {
2122 ifnet_head_lock_shared();
2123
2124 struct ifnet *ifp = ifindex2ifnet[flow->interface_index];
2125 if (ifp && ifp->if_delegated.ifp != IFSCOPE_NONE) {
2126 flow->delegated_interface_index = ifp->if_delegated.ifp->if_index;
2127 }
2128
2129 ifnet_head_done();
2130 }
2131
2132 return error == 0 &&
2133 result.routed_interface_index != IFSCOPE_NONE &&
2134 result.routing_result != NECP_KERNEL_POLICY_RESULT_DROP;
2135}
2136
2137static void
2138necp_flow_add_interface_flows(proc_t proc,
2139 struct necp_client *client,
2140 struct necp_client_flow_registration *flow_registration,
2141 bool send_initial)
2142{
2143 // Traverse all interfaces and add a tracking flow if needed
2144 for (u_int32_t option_i = 0; option_i < client->interface_option_count; option_i++) {
2145 if (option_i < NECP_CLIENT_INTERFACE_OPTION_STATIC_COUNT) {
2146 struct necp_client_interface_option *option = &client->interface_options[option_i];
2147 struct necp_client_flow *flow = necp_client_add_interface_flow_if_needed(client, flow_registration, interface_index: option->interface_index);
2148 if (flow != NULL && send_initial) {
2149 flow->viable = necp_client_flow_is_viable(proc, client, flow);
2150 if (flow->viable && flow->u.cb) {
2151 bool viable = flow->viable;
2152 flow->u.cb(flow_registration->interface_handle, NECP_CLIENT_CBACTION_INITIAL, flow->interface_index, flow->necp_flow_flags, &viable);
2153 flow->viable = viable;
2154 }
2155 }
2156 } else {
2157 struct necp_client_interface_option *option = &client->extra_interface_options[option_i - NECP_CLIENT_INTERFACE_OPTION_STATIC_COUNT];
2158 struct necp_client_flow *flow = necp_client_add_interface_flow_if_needed(client, flow_registration, interface_index: option->interface_index);
2159 if (flow != NULL && send_initial) {
2160 flow->viable = necp_client_flow_is_viable(proc, client, flow);
2161 if (flow->viable && flow->u.cb) {
2162 bool viable = flow->viable;
2163 flow->u.cb(flow_registration->interface_handle, NECP_CLIENT_CBACTION_INITIAL, flow->interface_index, flow->necp_flow_flags, &viable);
2164 flow->viable = viable;
2165 }
2166 }
2167 }
2168 }
2169}
2170
2171static bool
2172necp_client_update_flows(proc_t proc,
2173 struct necp_client *client,
2174 struct _necp_flow_defunct_list *defunct_list)
2175{
2176 NECP_CLIENT_ASSERT_LOCKED(client);
2177
2178 bool any_client_updated = FALSE;
2179 struct necp_client_flow *flow = NULL;
2180 struct necp_client_flow *temp_flow = NULL;
2181 struct necp_client_flow_registration *flow_registration = NULL;
2182 RB_FOREACH(flow_registration, _necp_client_flow_tree, &client->flow_registrations) {
2183 if (flow_registration->interface_cb != NULL) {
2184 // Add any interface flows that are not already tracked
2185 necp_flow_add_interface_flows(proc, client, flow_registration, false);
2186 }
2187
2188 LIST_FOREACH_SAFE(flow, &flow_registration->flow_list, flow_chain, temp_flow) {
2189 bool client_updated = FALSE;
2190
2191 // Check policy result for flow
2192 u_short old_delegated_ifindex = flow->delegated_interface_index;
2193
2194 int old_flags = flow->necp_flow_flags;
2195 bool viable = necp_client_flow_is_viable(proc, client, flow);
2196
2197 // TODO: Defunct nexus flows that are blocked by policy
2198
2199 if (flow->viable != viable) {
2200 flow->viable = viable;
2201 client_updated = TRUE;
2202 }
2203
2204 if ((old_flags & NECP_CLIENT_RESULT_FLAG_FORCE_UPDATE) !=
2205 (flow->necp_flow_flags & NECP_CLIENT_RESULT_FLAG_FORCE_UPDATE)) {
2206 client_updated = TRUE;
2207 }
2208
2209 if (flow->delegated_interface_index != old_delegated_ifindex) {
2210 client_updated = TRUE;
2211 }
2212
2213 if (flow->viable && client_updated && (flow->socket || (!flow->socket && !flow->nexus)) && flow->u.cb) {
2214 bool flow_viable = flow->viable;
2215 flow->u.cb(flow->u.socket_handle, NECP_CLIENT_CBACTION_VIABLE, flow->interface_index, flow->necp_flow_flags, &flow_viable);
2216 flow->viable = flow_viable;
2217 }
2218
2219 if (!flow->viable || flow->invalid) {
2220 if (client_updated && (flow->socket || (!flow->socket && !flow->nexus)) && flow->u.cb) {
2221 bool flow_viable = flow->viable;
2222 flow->u.cb(flow->u.socket_handle, NECP_CLIENT_CBACTION_NONVIABLE, flow->interface_index, flow->necp_flow_flags, &flow_viable);
2223 flow->viable = flow_viable;
2224 }
2225 // The callback might change the viable-flag of the
2226 // flow depending on its policy. Thus, we need to
2227 // check the flags again after the callback.
2228 }
2229
2230#if SKYWALK
2231 if (defunct_list != NULL) {
2232 if (flow->invalid && flow->nexus && flow->assigned && !uuid_is_null(uu: flow->u.nexus_agent)) {
2233 // This is a nexus flow that was assigned, but not found on path
2234 u_int32_t flags = netagent_get_flags(uuid: flow->u.nexus_agent);
2235 if (!(flags & NETAGENT_FLAG_REGISTERED)) {
2236 // The agent is no longer registered! Mark defunct.
2237 necp_defunct_flow_registration(client, flow_registration, defunct_list);
2238 client_updated = TRUE;
2239 }
2240 }
2241 }
2242#else /* !SKYWALK */
2243 (void)defunct_list;
2244#endif /* !SKYWALK */
2245
2246 // Handle flows that no longer match
2247 if (!flow->viable || flow->invalid) {
2248 // Drop them as long as they aren't assigned data
2249 if (!flow->nexus && !flow->assigned) {
2250 if (flow->assigned_results != NULL) {
2251 kfree_data(flow->assigned_results, flow->assigned_results_length);
2252 flow->assigned_results = NULL;
2253 client_updated = TRUE;
2254 }
2255 LIST_REMOVE(flow, flow_chain);
2256#if SKYWALK
2257 if (flow->nexus) {
2258 OSDecrementAtomic(&necp_nexus_flow_count);
2259 } else
2260#endif /* SKYWALK */
2261 if (flow->socket) {
2262 OSDecrementAtomic(&necp_socket_flow_count);
2263 } else {
2264 OSDecrementAtomic(&necp_if_flow_count);
2265 }
2266 kfree_type(struct necp_client_flow, flow);
2267 }
2268 }
2269
2270 any_client_updated |= client_updated;
2271 }
2272#if SKYWALK
2273 necp_flow_save_current_interface_details(flow_registration);
2274#endif /* SKYWALK */
2275 }
2276
2277 return any_client_updated;
2278}
2279
2280static void
2281necp_client_mark_all_nonsocket_flows_as_invalid(struct necp_client *client)
2282{
2283 struct necp_client_flow_registration *flow_registration = NULL;
2284 struct necp_client_flow *flow = NULL;
2285 RB_FOREACH(flow_registration, _necp_client_flow_tree, &client->flow_registrations) {
2286 LIST_FOREACH(flow, &flow_registration->flow_list, flow_chain) {
2287 if (!flow->socket) { // Socket flows are not marked as invalid
2288 flow->invalid = TRUE;
2289 }
2290 }
2291 }
2292
2293 // Reset option count every update
2294 client->interface_option_count = 0;
2295}
2296
2297static inline bool
2298necp_netagent_is_requested(const struct necp_client_parsed_parameters *parameters,
2299 uuid_t *netagent_uuid)
2300{
2301 // Specific use agents only apply when requested
2302 bool requested = false;
2303 if (parameters != NULL) {
2304 // Check required agent UUIDs
2305 for (int i = 0; i < NECP_MAX_AGENT_PARAMETERS; i++) {
2306 if (uuid_is_null(uu: parameters->required_netagents[i])) {
2307 break;
2308 }
2309 if (uuid_compare(uu1: parameters->required_netagents[i], uu2: *netagent_uuid) == 0) {
2310 requested = true;
2311 break;
2312 }
2313 }
2314
2315 if (!requested) {
2316 // Check required agent types
2317 bool fetched_type = false;
2318 char netagent_domain[NETAGENT_DOMAINSIZE];
2319 char netagent_type[NETAGENT_TYPESIZE];
2320 memset(s: &netagent_domain, c: 0, NETAGENT_DOMAINSIZE);
2321 memset(s: &netagent_type, c: 0, NETAGENT_TYPESIZE);
2322
2323 for (int i = 0; i < NECP_MAX_AGENT_PARAMETERS; i++) {
2324 if (strlen(s: parameters->required_netagent_types[i].netagent_domain) == 0 ||
2325 strlen(s: parameters->required_netagent_types[i].netagent_type) == 0) {
2326 break;
2327 }
2328
2329 if (!fetched_type) {
2330 if (netagent_get_agent_domain_and_type(uuid: *netagent_uuid, domain: netagent_domain, type: netagent_type)) {
2331 fetched_type = TRUE;
2332 } else {
2333 break;
2334 }
2335 }
2336
2337 if ((strlen(s: parameters->required_netagent_types[i].netagent_domain) == 0 ||
2338 strncmp(s1: netagent_domain, s2: parameters->required_netagent_types[i].netagent_domain, NETAGENT_DOMAINSIZE) == 0) &&
2339 (strlen(s: parameters->required_netagent_types[i].netagent_type) == 0 ||
2340 strncmp(s1: netagent_type, s2: parameters->required_netagent_types[i].netagent_type, NETAGENT_TYPESIZE) == 0)) {
2341 requested = true;
2342 break;
2343 }
2344 }
2345 }
2346
2347 // Check preferred agent UUIDs
2348 for (int i = 0; i < NECP_MAX_AGENT_PARAMETERS; i++) {
2349 if (uuid_is_null(uu: parameters->preferred_netagents[i])) {
2350 break;
2351 }
2352 if (uuid_compare(uu1: parameters->preferred_netagents[i], uu2: *netagent_uuid) == 0) {
2353 requested = true;
2354 break;
2355 }
2356 }
2357
2358 if (!requested) {
2359 // Check preferred agent types
2360 bool fetched_type = false;
2361 char netagent_domain[NETAGENT_DOMAINSIZE];
2362 char netagent_type[NETAGENT_TYPESIZE];
2363 memset(s: &netagent_domain, c: 0, NETAGENT_DOMAINSIZE);
2364 memset(s: &netagent_type, c: 0, NETAGENT_TYPESIZE);
2365
2366 for (int i = 0; i < NECP_MAX_AGENT_PARAMETERS; i++) {
2367 if (strlen(s: parameters->preferred_netagent_types[i].netagent_domain) == 0 ||
2368 strlen(s: parameters->preferred_netagent_types[i].netagent_type) == 0) {
2369 break;
2370 }
2371
2372 if (!fetched_type) {
2373 if (netagent_get_agent_domain_and_type(uuid: *netagent_uuid, domain: netagent_domain, type: netagent_type)) {
2374 fetched_type = TRUE;
2375 } else {
2376 break;
2377 }
2378 }
2379
2380 if ((strlen(s: parameters->preferred_netagent_types[i].netagent_domain) == 0 ||
2381 strncmp(s1: netagent_domain, s2: parameters->preferred_netagent_types[i].netagent_domain, NETAGENT_DOMAINSIZE) == 0) &&
2382 (strlen(s: parameters->preferred_netagent_types[i].netagent_type) == 0 ||
2383 strncmp(s1: netagent_type, s2: parameters->preferred_netagent_types[i].netagent_type, NETAGENT_TYPESIZE) == 0)) {
2384 requested = true;
2385 break;
2386 }
2387 }
2388 }
2389 }
2390
2391 return requested;
2392}
2393
2394static bool
2395necp_netagent_applies_to_client(struct necp_client *client,
2396 const struct necp_client_parsed_parameters *parameters,
2397 uuid_t *netagent_uuid, bool allow_nexus,
2398 uint32_t interface_index, uint32_t interface_generation)
2399{
2400#pragma unused(interface_index, interface_generation)
2401 bool applies = FALSE;
2402 u_int32_t flags = netagent_get_flags(uuid: *netagent_uuid);
2403 if (!(flags & NETAGENT_FLAG_REGISTERED)) {
2404 // Unregistered agents never apply
2405 return applies;
2406 }
2407
2408 const bool is_nexus_agent = ((flags & NETAGENT_FLAG_NEXUS_PROVIDER) ||
2409 (flags & NETAGENT_FLAG_NEXUS_LISTENER) ||
2410 (flags & NETAGENT_FLAG_CUSTOM_ETHER_NEXUS) ||
2411 (flags & NETAGENT_FLAG_CUSTOM_IP_NEXUS) ||
2412 (flags & NETAGENT_FLAG_INTERPOSE_NEXUS));
2413 if (is_nexus_agent) {
2414 if (!allow_nexus) {
2415 // Hide nexus providers unless allowed
2416 // Direct interfaces and direct policies are allowed to use a nexus
2417 // Delegate interfaces or re-scoped interfaces are not allowed
2418 return applies;
2419 }
2420
2421 if ((parameters->flags & NECP_CLIENT_PARAMETER_FLAG_CUSTOM_ETHER) &&
2422 !(flags & NETAGENT_FLAG_CUSTOM_ETHER_NEXUS)) {
2423 // Client requested a custom ether nexus, but this nexus isn't one
2424 return applies;
2425 }
2426
2427 if ((parameters->flags & NECP_CLIENT_PARAMETER_FLAG_CUSTOM_IP) &&
2428 !(flags & NETAGENT_FLAG_CUSTOM_IP_NEXUS)) {
2429 // Client requested a custom IP nexus, but this nexus isn't one
2430 return applies;
2431 }
2432
2433 if ((parameters->flags & NECP_CLIENT_PARAMETER_FLAG_INTERPOSE) &&
2434 !(flags & NETAGENT_FLAG_INTERPOSE_NEXUS)) {
2435 // Client requested an interpose nexus, but this nexus isn't one
2436 return applies;
2437 }
2438
2439 if (!(parameters->flags & NECP_CLIENT_PARAMETER_FLAG_CUSTOM_ETHER) &&
2440 !(parameters->flags & NECP_CLIENT_PARAMETER_FLAG_CUSTOM_IP) &&
2441 !(parameters->flags & NECP_CLIENT_PARAMETER_FLAG_INTERPOSE) &&
2442 !(flags & NETAGENT_FLAG_NEXUS_PROVIDER)) {
2443 // Client requested default parameters, but this nexus isn't generic
2444 return applies;
2445 }
2446 }
2447
2448 if (uuid_compare(uu1: client->failed_trigger_agent.netagent_uuid, uu2: *netagent_uuid) == 0) {
2449 if (client->failed_trigger_agent.generation == netagent_get_generation(uuid: *netagent_uuid)) {
2450 // If this agent was triggered, and failed, and hasn't changed, keep hiding it
2451 return applies;
2452 } else {
2453 // Mismatch generation, clear out old trigger
2454 uuid_clear(uu: client->failed_trigger_agent.netagent_uuid);
2455 client->failed_trigger_agent.generation = 0;
2456 }
2457 }
2458
2459 if (flags & NETAGENT_FLAG_SPECIFIC_USE_ONLY) {
2460 // Specific use agents only apply when requested
2461 applies = necp_netagent_is_requested(parameters, netagent_uuid);
2462 } else {
2463 applies = TRUE;
2464 }
2465
2466#if SKYWALK
2467 // Add nexus agent if it is a nexus, and either is not a listener, or the nexus supports listeners
2468 if (applies && is_nexus_agent &&
2469 !(parameters->flags & NECP_CLIENT_PARAMETER_FLAG_BROWSE) && // Don't add for browse paths
2470 ((flags & NETAGENT_FLAG_NEXUS_LISTENER) || !(parameters->flags & NECP_CLIENT_PARAMETER_FLAG_LISTENER))) {
2471 necp_client_add_interface_option_if_needed(client, interface_index,
2472 interface_generation, nexus_agent: netagent_uuid,
2473 network_provider: (flags & NETAGENT_FLAG_NETWORK_PROVIDER));
2474 }
2475#endif /* SKYWALK */
2476
2477 return applies;
2478}
2479
2480static void
2481necp_client_add_agent_interface_options(struct necp_client *client,
2482 const struct necp_client_parsed_parameters *parsed_parameters,
2483 ifnet_t ifp)
2484{
2485 if (ifp != NULL && ifp->if_agentids != NULL) {
2486 for (u_int32_t i = 0; i < ifp->if_agentcount; i++) {
2487 if (uuid_is_null(uu: ifp->if_agentids[i])) {
2488 continue;
2489 }
2490 // Relies on the side effect that nexus agents that apply will create flows
2491 (void)necp_netagent_applies_to_client(client, parameters: parsed_parameters, netagent_uuid: &ifp->if_agentids[i], TRUE,
2492 interface_index: ifp->if_index, interface_generation: ifnet_get_generation(ifp));
2493 }
2494 }
2495}
2496
2497static void
2498necp_client_add_browse_interface_options(struct necp_client *client,
2499 const struct necp_client_parsed_parameters *parsed_parameters,
2500 ifnet_t ifp)
2501{
2502 if (ifp != NULL && ifp->if_agentids != NULL) {
2503 for (u_int32_t i = 0; i < ifp->if_agentcount; i++) {
2504 if (uuid_is_null(uu: ifp->if_agentids[i])) {
2505 continue;
2506 }
2507
2508 u_int32_t flags = netagent_get_flags(uuid: ifp->if_agentids[i]);
2509 if ((flags & NETAGENT_FLAG_REGISTERED) &&
2510 (flags & NETAGENT_FLAG_ACTIVE) &&
2511 (flags & NETAGENT_FLAG_SUPPORTS_BROWSE) &&
2512 (!(flags & NETAGENT_FLAG_SPECIFIC_USE_ONLY) ||
2513 necp_netagent_is_requested(parameters: parsed_parameters, netagent_uuid: &ifp->if_agentids[i]))) {
2514 necp_client_add_interface_option_if_needed(client, interface_index: ifp->if_index, interface_generation: ifnet_get_generation(ifp), nexus_agent: &ifp->if_agentids[i], network_provider: (flags & NETAGENT_FLAG_NETWORK_PROVIDER));
2515
2516 // Finding one is enough
2517 break;
2518 }
2519 }
2520 }
2521}
2522
2523static inline bool
2524_necp_client_address_is_valid(struct sockaddr *address)
2525{
2526 if (address->sa_family == AF_INET) {
2527 return address->sa_len == sizeof(struct sockaddr_in);
2528 } else if (address->sa_family == AF_INET6) {
2529 return address->sa_len == sizeof(struct sockaddr_in6);
2530 } else {
2531 return FALSE;
2532 }
2533}
2534
2535#define necp_client_address_is_valid(S) _necp_client_address_is_valid(SA(S))
2536
2537static inline bool
2538necp_client_endpoint_is_unspecified(struct necp_client_endpoint *endpoint)
2539{
2540 if (necp_client_address_is_valid(&endpoint->u.sa)) {
2541 if (endpoint->u.sa.sa_family == AF_INET) {
2542 return endpoint->u.sin.sin_addr.s_addr == INADDR_ANY;
2543 } else if (endpoint->u.sa.sa_family == AF_INET6) {
2544 return IN6_IS_ADDR_UNSPECIFIED(&endpoint->u.sin6.sin6_addr);
2545 } else {
2546 return TRUE;
2547 }
2548 } else {
2549 return TRUE;
2550 }
2551}
2552
2553#if SKYWALK
2554static void
2555necp_client_update_local_port_parameters(u_int8_t *parameters,
2556 u_int32_t parameters_size,
2557 uint16_t local_port)
2558{
2559 size_t offset = 0;
2560 while ((offset + sizeof(struct necp_tlv_header)) <= parameters_size) {
2561 u_int8_t type = necp_buffer_get_tlv_type(buffer: parameters, tlv_offset: offset);
2562 u_int32_t length = necp_buffer_get_tlv_length(buffer: parameters, tlv_offset: offset);
2563
2564 if (length > (parameters_size - (offset + sizeof(struct necp_tlv_header)))) {
2565 // If the length is larger than what can fit in the remaining parameters size, bail
2566 NECPLOG(LOG_ERR, "Invalid TLV length (%u)", length);
2567 break;
2568 }
2569
2570 if (length > 0) {
2571 u_int8_t *value = necp_buffer_get_tlv_value(buffer: parameters, tlv_offset: offset, NULL);
2572 if (value != NULL) {
2573 switch (type) {
2574 case NECP_CLIENT_PARAMETER_LOCAL_ADDRESS: {
2575 if (length >= sizeof(struct necp_policy_condition_addr)) {
2576 struct necp_policy_condition_addr *address_struct = (struct necp_policy_condition_addr *)(void *)value;
2577 if (necp_client_address_is_valid(&address_struct->address.sa)) {
2578 if (address_struct->address.sa.sa_family == AF_INET) {
2579 address_struct->address.sin.sin_port = local_port;
2580 } else if (address_struct->address.sa.sa_family == AF_INET6) {
2581 address_struct->address.sin6.sin6_port = local_port;
2582 }
2583 }
2584 }
2585 break;
2586 }
2587 case NECP_CLIENT_PARAMETER_LOCAL_ENDPOINT: {
2588 if (length >= sizeof(struct necp_client_endpoint)) {
2589 struct necp_client_endpoint *endpoint = (struct necp_client_endpoint *)(void *)value;
2590 if (necp_client_address_is_valid(&endpoint->u.sa)) {
2591 if (endpoint->u.sa.sa_family == AF_INET) {
2592 endpoint->u.sin.sin_port = local_port;
2593 } else if (endpoint->u.sa.sa_family == AF_INET6) {
2594 endpoint->u.sin6.sin6_port = local_port;
2595 }
2596 }
2597 }
2598 break;
2599 }
2600 default: {
2601 break;
2602 }
2603 }
2604 }
2605 }
2606
2607 offset += sizeof(struct necp_tlv_header) + length;
2608 }
2609}
2610#endif /* !SKYWALK */
2611
2612#define NECP_MAX_SOCKET_ATTRIBUTE_STRING_LENGTH 253
2613
2614static void
2615necp_client_trace_parameter_parsing(struct necp_client *client, u_int8_t type, u_int8_t *value, u_int32_t length)
2616{
2617 uint64_t num = 0;
2618 uint16_t shortBuf;
2619 uint32_t intBuf;
2620 char buffer[NECP_MAX_SOCKET_ATTRIBUTE_STRING_LENGTH + 1];
2621
2622 if (value != NULL && length > 0) {
2623 switch (length) {
2624 case 1:
2625 num = *value;
2626 break;
2627 case 2:
2628 memcpy(dst: &shortBuf, src: value, n: sizeof(shortBuf));
2629 num = shortBuf;
2630 break;
2631 case 4:
2632 memcpy(dst: &intBuf, src: value, n: sizeof(intBuf));
2633 num = intBuf;
2634 break;
2635 case 8:
2636 memcpy(dst: &num, src: value, n: sizeof(num));
2637 break;
2638 default:
2639 num = 0;
2640 break;
2641 }
2642 int len = NECP_MAX_SOCKET_ATTRIBUTE_STRING_LENGTH < length ? NECP_MAX_SOCKET_ATTRIBUTE_STRING_LENGTH : length;
2643 memcpy(dst: buffer, src: value, n: len);
2644 buffer[len] = 0;
2645 NECP_CLIENT_PARAMS_LOG(client, "Parsing param - type %d length %d value <%llu (%llX)> %s", type, length, num, num, buffer);
2646 } else {
2647 NECP_CLIENT_PARAMS_LOG(client, "Parsing param - type %d length %d", type, length);
2648 }
2649}
2650
2651static void
2652necp_client_trace_parsed_parameters(struct necp_client *client, struct necp_client_parsed_parameters *parsed_parameters)
2653{
2654 int i;
2655 char local_buffer[64] = { };
2656 char remote_buffer[64] = { };
2657 uuid_string_t uuid_str = { };
2658 uuid_unparse_lower(uu: parsed_parameters->effective_uuid, out: uuid_str);
2659
2660 switch (parsed_parameters->local_addr.sa.sa_family) {
2661 case AF_INET:
2662 if (parsed_parameters->local_addr.sa.sa_len == sizeof(struct sockaddr_in)) {
2663 struct sockaddr_in *addr = &parsed_parameters->local_addr.sin;
2664 inet_ntop(AF_INET, &(addr->sin_addr), local_buffer, sizeof(local_buffer));
2665 }
2666 break;
2667 case AF_INET6:
2668 if (parsed_parameters->local_addr.sa.sa_len == sizeof(struct sockaddr_in6)) {
2669 struct sockaddr_in6 *addr6 = &parsed_parameters->local_addr.sin6;
2670 inet_ntop(AF_INET6, &(addr6->sin6_addr), local_buffer, sizeof(local_buffer));
2671 }
2672 break;
2673 default:
2674 break;
2675 }
2676
2677 switch (parsed_parameters->remote_addr.sa.sa_family) {
2678 case AF_INET:
2679 if (parsed_parameters->remote_addr.sa.sa_len == sizeof(struct sockaddr_in)) {
2680 struct sockaddr_in *addr = &parsed_parameters->remote_addr.sin;
2681 inet_ntop(AF_INET, &(addr->sin_addr), remote_buffer, sizeof(remote_buffer));
2682 }
2683 break;
2684 case AF_INET6:
2685 if (parsed_parameters->remote_addr.sa.sa_len == sizeof(struct sockaddr_in6)) {
2686 struct sockaddr_in6 *addr6 = &parsed_parameters->remote_addr.sin6;
2687 inet_ntop(AF_INET6, &(addr6->sin6_addr), remote_buffer, sizeof(remote_buffer));
2688 }
2689 break;
2690 default:
2691 break;
2692 }
2693
2694 NECP_CLIENT_PARAMS_LOG(client, "Parsed params - valid_fields %X flags %X delegated_upid %llu local_addr %s remote_addr %s "
2695 "required_interface_index %u required_interface_type %d local_address_preference %d "
2696 "ip_protocol %d transport_protocol %d ethertype %d effective_pid %d effective_uuid %s uid %d persona_id %d traffic_class %d",
2697 parsed_parameters->valid_fields,
2698 parsed_parameters->flags,
2699 parsed_parameters->delegated_upid,
2700 local_buffer, remote_buffer,
2701 parsed_parameters->required_interface_index,
2702 parsed_parameters->required_interface_type,
2703 parsed_parameters->local_address_preference,
2704 parsed_parameters->ip_protocol,
2705 parsed_parameters->transport_protocol,
2706 parsed_parameters->ethertype,
2707 parsed_parameters->effective_pid,
2708 uuid_str,
2709 parsed_parameters->uid,
2710 parsed_parameters->persona_id,
2711 parsed_parameters->traffic_class);
2712
2713 NECP_CLIENT_PARAMS_LOG(client, "Parsed params - tracker flags <known-tracker %X> <non-app-initiated %X> <silent %X> <app-approved %X>",
2714 parsed_parameters->flags & NECP_CLIENT_PARAMETER_FLAG_KNOWN_TRACKER,
2715 parsed_parameters->flags & NECP_CLIENT_PARAMETER_FLAG_NON_APP_INITIATED,
2716 parsed_parameters->flags & NECP_CLIENT_PARAMETER_FLAG_SILENT,
2717 parsed_parameters->flags & NECP_CLIENT_PARAMETER_FLAG_APPROVED_APP_DOMAIN);
2718
2719 for (i = 0; i < NECP_MAX_INTERFACE_PARAMETERS && parsed_parameters->prohibited_interfaces[i][0]; i++) {
2720 NECP_CLIENT_PARAMS_LOG(client, "Parsed prohibited_interfaces[%d] <%s>", i, parsed_parameters->prohibited_interfaces[i]);
2721 }
2722
2723 for (i = 0; i < NECP_MAX_AGENT_PARAMETERS && parsed_parameters->required_netagent_types[i].netagent_domain[0]; i++) {
2724 NECP_CLIENT_PARAMS_LOG(client, "Parsed required_netagent_types[%d] <%s> <%s>", i,
2725 parsed_parameters->required_netagent_types[i].netagent_domain,
2726 parsed_parameters->required_netagent_types[i].netagent_type);
2727 }
2728 for (i = 0; i < NECP_MAX_AGENT_PARAMETERS && parsed_parameters->prohibited_netagent_types[i].netagent_domain[0]; i++) {
2729 NECP_CLIENT_PARAMS_LOG(client, "Parsed prohibited_netagent_types[%d] <%s> <%s>", i,
2730 parsed_parameters->prohibited_netagent_types[i].netagent_domain,
2731 parsed_parameters->prohibited_netagent_types[i].netagent_type);
2732 }
2733 for (i = 0; i < NECP_MAX_AGENT_PARAMETERS && parsed_parameters->preferred_netagent_types[i].netagent_domain[0]; i++) {
2734 NECP_CLIENT_PARAMS_LOG(client, "Parsed preferred_netagent_types[%d] <%s> <%s>", i,
2735 parsed_parameters->preferred_netagent_types[i].netagent_domain,
2736 parsed_parameters->preferred_netagent_types[i].netagent_type);
2737 }
2738 for (i = 0; i < NECP_MAX_AGENT_PARAMETERS && parsed_parameters->avoided_netagent_types[i].netagent_domain[0]; i++) {
2739 NECP_CLIENT_PARAMS_LOG(client, "Parsed avoided_netagent_types[%d] <%s> <%s>", i,
2740 parsed_parameters->avoided_netagent_types[i].netagent_domain,
2741 parsed_parameters->avoided_netagent_types[i].netagent_type);
2742 }
2743
2744 for (i = 0; i < NECP_MAX_AGENT_PARAMETERS && !uuid_is_null(uu: parsed_parameters->required_netagents[i]); i++) {
2745 uuid_unparse_lower(uu: parsed_parameters->required_netagents[i], out: uuid_str);
2746 NECP_CLIENT_PARAMS_LOG(client, "Parsed required_netagents[%d] <%s>", i, uuid_str);
2747 }
2748 for (i = 0; i < NECP_MAX_AGENT_PARAMETERS && !uuid_is_null(uu: parsed_parameters->prohibited_netagents[i]); i++) {
2749 uuid_unparse_lower(uu: parsed_parameters->prohibited_netagents[i], out: uuid_str);
2750 NECP_CLIENT_PARAMS_LOG(client, "Parsed prohibited_netagents[%d] <%s>", i, uuid_str);
2751 }
2752 for (i = 0; i < NECP_MAX_AGENT_PARAMETERS && !uuid_is_null(uu: parsed_parameters->preferred_netagents[i]); i++) {
2753 uuid_unparse_lower(uu: parsed_parameters->preferred_netagents[i], out: uuid_str);
2754 NECP_CLIENT_PARAMS_LOG(client, "Parsed preferred_netagents[%d] <%s>", i, uuid_str);
2755 }
2756 for (i = 0; i < NECP_MAX_AGENT_PARAMETERS && !uuid_is_null(uu: parsed_parameters->avoided_netagents[i]); i++) {
2757 uuid_unparse_lower(uu: parsed_parameters->avoided_netagents[i], out: uuid_str);
2758 NECP_CLIENT_PARAMS_LOG(client, "Parsed avoided_netagents[%d] <%s>", i, uuid_str);
2759 }
2760}
2761
2762static bool
2763necp_client_strings_are_equal(const char *string1, size_t string1_length,
2764 const char *string2, size_t string2_length)
2765{
2766 if (string1 == NULL || string2 == NULL) {
2767 return false;
2768 }
2769 const size_t string1_actual_length = strnlen(s: string1, n: string1_length);
2770 const size_t string2_actual_length = strnlen(s: string2, n: string2_length);
2771 if (string1_actual_length != string2_actual_length) {
2772 return false;
2773 }
2774 return strncmp(s1: string1, s2: string2, n: string1_actual_length) == 0;
2775}
2776
2777static int
2778necp_client_parse_parameters(struct necp_client *client, u_int8_t *parameters,
2779 u_int32_t parameters_size,
2780 struct necp_client_parsed_parameters *parsed_parameters)
2781{
2782 int error = 0;
2783 size_t offset = 0;
2784
2785 u_int32_t num_prohibited_interfaces = 0;
2786 u_int32_t num_prohibited_interface_types = 0;
2787 u_int32_t num_required_agents = 0;
2788 u_int32_t num_prohibited_agents = 0;
2789 u_int32_t num_preferred_agents = 0;
2790 u_int32_t num_avoided_agents = 0;
2791 u_int32_t num_required_agent_types = 0;
2792 u_int32_t num_prohibited_agent_types = 0;
2793 u_int32_t num_preferred_agent_types = 0;
2794 u_int32_t num_avoided_agent_types = 0;
2795 u_int8_t *resolver_tag = NULL;
2796 u_int32_t resolver_tag_length = 0;
2797 u_int8_t *client_hostname = NULL;
2798 u_int32_t hostname_length = 0;
2799 uuid_t parent_id = {};
2800
2801 if (parsed_parameters == NULL) {
2802 return EINVAL;
2803 }
2804
2805 memset(s: parsed_parameters, c: 0, n: sizeof(struct necp_client_parsed_parameters));
2806
2807 while ((offset + sizeof(struct necp_tlv_header)) <= parameters_size) {
2808 u_int8_t type = necp_buffer_get_tlv_type(buffer: parameters, tlv_offset: offset);
2809 u_int32_t length = necp_buffer_get_tlv_length(buffer: parameters, tlv_offset: offset);
2810
2811 if (length > (parameters_size - (offset + sizeof(struct necp_tlv_header)))) {
2812 // If the length is larger than what can fit in the remaining parameters size, bail
2813 NECPLOG(LOG_ERR, "Invalid TLV length (%u)", length);
2814 break;
2815 }
2816
2817 if (length > 0) {
2818 u_int8_t *value = necp_buffer_get_tlv_value(buffer: parameters, tlv_offset: offset, NULL);
2819 if (value != NULL) {
2820 switch (type) {
2821 case NECP_CLIENT_PARAMETER_BOUND_INTERFACE: {
2822 if (length <= IFXNAMSIZ && length > 0) {
2823 ifnet_t bound_interface = NULL;
2824 char interface_name[IFXNAMSIZ];
2825 memcpy(dst: interface_name, src: value, n: length);
2826 interface_name[length - 1] = 0; // Make sure the string is NULL terminated
2827 if (ifnet_find_by_name(ifname: interface_name, interface: &bound_interface) == 0) {
2828 parsed_parameters->required_interface_index = bound_interface->if_index;
2829 parsed_parameters->valid_fields |= NECP_PARSED_PARAMETERS_FIELD_REQUIRED_IF;
2830 ifnet_release(interface: bound_interface);
2831 }
2832 }
2833 break;
2834 }
2835 case NECP_CLIENT_PARAMETER_LOCAL_ADDRESS: {
2836 if (length >= sizeof(struct necp_policy_condition_addr)) {
2837 struct necp_policy_condition_addr *address_struct = (struct necp_policy_condition_addr *)(void *)value;
2838 if (necp_client_address_is_valid(&address_struct->address.sa)) {
2839 memcpy(dst: &parsed_parameters->local_addr, src: &address_struct->address, n: sizeof(address_struct->address));
2840 if (!necp_address_is_wildcard(addr: &parsed_parameters->local_addr)) {
2841 parsed_parameters->valid_fields |= NECP_PARSED_PARAMETERS_FIELD_LOCAL_ADDR;
2842 }
2843 if ((parsed_parameters->local_addr.sa.sa_family == AF_INET && parsed_parameters->local_addr.sin.sin_port) ||
2844 (parsed_parameters->local_addr.sa.sa_family == AF_INET6 && parsed_parameters->local_addr.sin6.sin6_port)) {
2845 parsed_parameters->valid_fields |= NECP_PARSED_PARAMETERS_FIELD_LOCAL_PORT;
2846 }
2847 }
2848 }
2849 break;
2850 }
2851 case NECP_CLIENT_PARAMETER_LOCAL_ENDPOINT: {
2852 if (length >= sizeof(struct necp_client_endpoint)) {
2853 struct necp_client_endpoint *endpoint = (struct necp_client_endpoint *)(void *)value;
2854 if (necp_client_address_is_valid(&endpoint->u.sa)) {
2855 memcpy(dst: &parsed_parameters->local_addr, src: &endpoint->u.sa, n: sizeof(union necp_sockaddr_union));
2856 if (!necp_address_is_wildcard(addr: &parsed_parameters->local_addr)) {
2857 parsed_parameters->valid_fields |= NECP_PARSED_PARAMETERS_FIELD_LOCAL_ADDR;
2858 }
2859 if ((parsed_parameters->local_addr.sa.sa_family == AF_INET && parsed_parameters->local_addr.sin.sin_port) ||
2860 (parsed_parameters->local_addr.sa.sa_family == AF_INET6 && parsed_parameters->local_addr.sin6.sin6_port)) {
2861 parsed_parameters->valid_fields |= NECP_PARSED_PARAMETERS_FIELD_LOCAL_PORT;
2862 }
2863 }
2864 }
2865 break;
2866 }
2867 case NECP_CLIENT_PARAMETER_REMOTE_ADDRESS: {
2868 if (length >= sizeof(struct necp_policy_condition_addr)) {
2869 struct necp_policy_condition_addr *address_struct = (struct necp_policy_condition_addr *)(void *)value;
2870 if (necp_client_address_is_valid(&address_struct->address.sa)) {
2871 memcpy(dst: &parsed_parameters->remote_addr, src: &address_struct->address, n: sizeof(address_struct->address));
2872 parsed_parameters->valid_fields |= NECP_PARSED_PARAMETERS_FIELD_REMOTE_ADDR;
2873 }
2874 }
2875 break;
2876 }
2877 case NECP_CLIENT_PARAMETER_REMOTE_ENDPOINT: {
2878 if (length >= sizeof(struct necp_client_endpoint)) {
2879 struct necp_client_endpoint *endpoint = (struct necp_client_endpoint *)(void *)value;
2880 if (necp_client_address_is_valid(&endpoint->u.sa)) {
2881 memcpy(dst: &parsed_parameters->remote_addr, src: &endpoint->u.sa, n: sizeof(union necp_sockaddr_union));
2882 parsed_parameters->valid_fields |= NECP_PARSED_PARAMETERS_FIELD_REMOTE_ADDR;
2883 }
2884 }
2885 break;
2886 }
2887 case NECP_CLIENT_PARAMETER_PROHIBIT_INTERFACE: {
2888 if (num_prohibited_interfaces >= NECP_MAX_INTERFACE_PARAMETERS) {
2889 break;
2890 }
2891 if (length <= IFXNAMSIZ && length > 0) {
2892 memcpy(dst: parsed_parameters->prohibited_interfaces[num_prohibited_interfaces], src: value, n: length);
2893 parsed_parameters->prohibited_interfaces[num_prohibited_interfaces][length - 1] = 0; // Make sure the string is NULL terminated
2894 num_prohibited_interfaces++;
2895 parsed_parameters->valid_fields |= NECP_PARSED_PARAMETERS_FIELD_PROHIBITED_IF;
2896 }
2897 break;
2898 }
2899 case NECP_CLIENT_PARAMETER_REQUIRE_IF_TYPE: {
2900 if (parsed_parameters->valid_fields & NECP_PARSED_PARAMETERS_FIELD_REQUIRED_IFTYPE) {
2901 break;
2902 }
2903 if (length >= sizeof(u_int8_t)) {
2904 memcpy(dst: &parsed_parameters->required_interface_type, src: value, n: sizeof(u_int8_t));
2905 if (parsed_parameters->required_interface_type) {
2906 parsed_parameters->valid_fields |= NECP_PARSED_PARAMETERS_FIELD_REQUIRED_IFTYPE;
2907 }
2908 }
2909 break;
2910 }
2911 case NECP_CLIENT_PARAMETER_PROHIBIT_IF_TYPE: {
2912 if (num_prohibited_interface_types >= NECP_MAX_INTERFACE_PARAMETERS) {
2913 break;
2914 }
2915 if (length >= sizeof(u_int8_t)) {
2916 memcpy(dst: &parsed_parameters->prohibited_interface_types[num_prohibited_interface_types], src: value, n: sizeof(u_int8_t));
2917 num_prohibited_interface_types++;
2918 parsed_parameters->valid_fields |= NECP_PARSED_PARAMETERS_FIELD_PROHIBITED_IFTYPE;
2919 }
2920 break;
2921 }
2922 case NECP_CLIENT_PARAMETER_REQUIRE_AGENT: {
2923 if (num_required_agents >= NECP_MAX_AGENT_PARAMETERS) {
2924 break;
2925 }
2926 if (length >= sizeof(uuid_t)) {
2927 memcpy(dst: &parsed_parameters->required_netagents[num_required_agents], src: value, n: sizeof(uuid_t));
2928 num_required_agents++;
2929 parsed_parameters->valid_fields |= NECP_PARSED_PARAMETERS_FIELD_REQUIRED_AGENT;
2930 }
2931 break;
2932 }
2933 case NECP_CLIENT_PARAMETER_PROHIBIT_AGENT: {
2934 if (num_prohibited_agents >= NECP_MAX_AGENT_PARAMETERS) {
2935 break;
2936 }
2937 if (length >= sizeof(uuid_t)) {
2938 memcpy(dst: &parsed_parameters->prohibited_netagents[num_prohibited_agents], src: value, n: sizeof(uuid_t));
2939 num_prohibited_agents++;
2940 parsed_parameters->valid_fields |= NECP_PARSED_PARAMETERS_FIELD_PROHIBITED_AGENT;
2941 }
2942 break;
2943 }
2944 case NECP_CLIENT_PARAMETER_PREFER_AGENT: {
2945 if (num_preferred_agents >= NECP_MAX_AGENT_PARAMETERS) {
2946 break;
2947 }
2948 if (length >= sizeof(uuid_t)) {
2949 memcpy(dst: &parsed_parameters->preferred_netagents[num_preferred_agents], src: value, n: sizeof(uuid_t));
2950 num_preferred_agents++;
2951 parsed_parameters->valid_fields |= NECP_PARSED_PARAMETERS_FIELD_PREFERRED_AGENT;
2952 }
2953 break;
2954 }
2955 case NECP_CLIENT_PARAMETER_AVOID_AGENT: {
2956 if (num_avoided_agents >= NECP_MAX_AGENT_PARAMETERS) {
2957 break;
2958 }
2959 if (length >= sizeof(uuid_t)) {
2960 memcpy(dst: &parsed_parameters->avoided_netagents[num_avoided_agents], src: value, n: sizeof(uuid_t));
2961 num_avoided_agents++;
2962 parsed_parameters->valid_fields |= NECP_PARSED_PARAMETERS_FIELD_AVOIDED_AGENT;
2963 }
2964 break;
2965 }
2966 case NECP_CLIENT_PARAMETER_REQUIRE_AGENT_TYPE: {
2967 if (num_required_agent_types >= NECP_MAX_AGENT_PARAMETERS) {
2968 break;
2969 }
2970 if (length >= sizeof(struct necp_client_parameter_netagent_type)) {
2971 memcpy(dst: &parsed_parameters->required_netagent_types[num_required_agent_types], src: value, n: sizeof(struct necp_client_parameter_netagent_type));
2972 num_required_agent_types++;
2973 parsed_parameters->valid_fields |= NECP_PARSED_PARAMETERS_FIELD_REQUIRED_AGENT_TYPE;
2974 }
2975 break;
2976 }
2977 case NECP_CLIENT_PARAMETER_PROHIBIT_AGENT_TYPE: {
2978 if (num_prohibited_agent_types >= NECP_MAX_AGENT_PARAMETERS) {
2979 break;
2980 }
2981 if (length >= sizeof(struct necp_client_parameter_netagent_type)) {
2982 memcpy(dst: &parsed_parameters->prohibited_netagent_types[num_prohibited_agent_types], src: value, n: sizeof(struct necp_client_parameter_netagent_type));
2983 num_prohibited_agent_types++;
2984 parsed_parameters->valid_fields |= NECP_PARSED_PARAMETERS_FIELD_PROHIBITED_AGENT_TYPE;
2985 }
2986 break;
2987 }
2988 case NECP_CLIENT_PARAMETER_PREFER_AGENT_TYPE: {
2989 if (num_preferred_agent_types >= NECP_MAX_AGENT_PARAMETERS) {
2990 break;
2991 }
2992 if (length >= sizeof(struct necp_client_parameter_netagent_type)) {
2993 memcpy(dst: &parsed_parameters->preferred_netagent_types[num_preferred_agent_types], src: value, n: sizeof(struct necp_client_parameter_netagent_type));
2994 num_preferred_agent_types++;
2995 parsed_parameters->valid_fields |= NECP_PARSED_PARAMETERS_FIELD_PREFERRED_AGENT_TYPE;
2996 }
2997 break;
2998 }
2999 case NECP_CLIENT_PARAMETER_AVOID_AGENT_TYPE: {
3000 if (num_avoided_agent_types >= NECP_MAX_AGENT_PARAMETERS) {
3001 break;
3002 }
3003 if (length >= sizeof(struct necp_client_parameter_netagent_type)) {
3004 memcpy(dst: &parsed_parameters->avoided_netagent_types[num_avoided_agent_types], src: value, n: sizeof(struct necp_client_parameter_netagent_type));
3005 num_avoided_agent_types++;
3006 parsed_parameters->valid_fields |= NECP_PARSED_PARAMETERS_FIELD_AVOIDED_AGENT_TYPE;
3007 }
3008 break;
3009 }
3010 case NECP_CLIENT_PARAMETER_FLAGS: {
3011 if (length >= sizeof(u_int32_t)) {
3012 memcpy(dst: &parsed_parameters->flags, src: value, n: sizeof(parsed_parameters->flags));
3013 parsed_parameters->valid_fields |= NECP_PARSED_PARAMETERS_FIELD_FLAGS;
3014 }
3015 break;
3016 }
3017 case NECP_CLIENT_PARAMETER_IP_PROTOCOL: {
3018 if (length == sizeof(u_int16_t)) {
3019 u_int16_t large_ip_protocol = 0;
3020 memcpy(dst: &large_ip_protocol, src: value, n: sizeof(large_ip_protocol));
3021 parsed_parameters->ip_protocol = (u_int8_t)large_ip_protocol;
3022 parsed_parameters->valid_fields |= NECP_PARSED_PARAMETERS_FIELD_IP_PROTOCOL;
3023 } else if (length >= sizeof(parsed_parameters->ip_protocol)) {
3024 memcpy(dst: &parsed_parameters->ip_protocol, src: value, n: sizeof(parsed_parameters->ip_protocol));
3025 parsed_parameters->valid_fields |= NECP_PARSED_PARAMETERS_FIELD_IP_PROTOCOL;
3026 }
3027 break;
3028 }
3029 case NECP_CLIENT_PARAMETER_TRANSPORT_PROTOCOL: {
3030 if (length >= sizeof(parsed_parameters->transport_protocol)) {
3031 memcpy(dst: &parsed_parameters->transport_protocol, src: value, n: sizeof(parsed_parameters->transport_protocol));
3032 parsed_parameters->valid_fields |= NECP_PARSED_PARAMETERS_FIELD_TRANSPORT_PROTOCOL;
3033 }
3034 break;
3035 }
3036 case NECP_CLIENT_PARAMETER_PID: {
3037 if (length >= sizeof(parsed_parameters->effective_pid)) {
3038 memcpy(dst: &parsed_parameters->effective_pid, src: value, n: sizeof(parsed_parameters->effective_pid));
3039 parsed_parameters->valid_fields |= NECP_PARSED_PARAMETERS_FIELD_EFFECTIVE_PID;
3040 }
3041 break;
3042 }
3043 case NECP_CLIENT_PARAMETER_DELEGATED_UPID: {
3044 if (length >= sizeof(parsed_parameters->delegated_upid)) {
3045 memcpy(dst: &parsed_parameters->delegated_upid, src: value, n: sizeof(parsed_parameters->delegated_upid));
3046 parsed_parameters->valid_fields |= NECP_PARSED_PARAMETERS_FIELD_DELEGATED_UPID;
3047 }
3048 break;
3049 }
3050 case NECP_CLIENT_PARAMETER_ETHERTYPE: {
3051 if (length >= sizeof(parsed_parameters->ethertype)) {
3052 memcpy(dst: &parsed_parameters->ethertype, src: value, n: sizeof(parsed_parameters->ethertype));
3053 parsed_parameters->valid_fields |= NECP_PARSED_PARAMETERS_FIELD_ETHERTYPE;
3054 }
3055 break;
3056 }
3057 case NECP_CLIENT_PARAMETER_APPLICATION: {
3058 if (length >= sizeof(parsed_parameters->effective_uuid)) {
3059 memcpy(dst: &parsed_parameters->effective_uuid, src: value, n: sizeof(parsed_parameters->effective_uuid));
3060 parsed_parameters->valid_fields |= NECP_PARSED_PARAMETERS_FIELD_EFFECTIVE_UUID;
3061 }
3062 break;
3063 }
3064 case NECP_CLIENT_PARAMETER_TRAFFIC_CLASS: {
3065 if (length >= sizeof(parsed_parameters->traffic_class)) {
3066 memcpy(dst: &parsed_parameters->traffic_class, src: value, n: sizeof(parsed_parameters->traffic_class));
3067 parsed_parameters->valid_fields |= NECP_PARSED_PARAMETERS_FIELD_TRAFFIC_CLASS;
3068 }
3069 break;
3070 }
3071 case NECP_CLIENT_PARAMETER_RESOLVER_TAG: {
3072 if (length > 0) {
3073 if (resolver_tag != NULL) {
3074 // Multiple resolver tags is invalid
3075 NECPLOG0(LOG_ERR, "Multiple resolver tags are not supported");
3076 error = EINVAL;
3077 } else {
3078 resolver_tag = (u_int8_t *)value;
3079 resolver_tag_length = length;
3080 }
3081 }
3082 break;
3083 }
3084 case NECP_CLIENT_PARAMETER_DOMAIN: {
3085 if (length > 0) {
3086 client_hostname = (u_int8_t *)value;
3087 hostname_length = length;
3088 }
3089 break;
3090 }
3091 case NECP_CLIENT_PARAMETER_PARENT_ID: {
3092 if (length == sizeof(parent_id)) {
3093 uuid_copy(dst: parent_id, src: value);
3094 memcpy(dst: &parsed_parameters->parent_uuid, src: value, n: sizeof(parsed_parameters->parent_uuid));
3095 parsed_parameters->valid_fields |= NECP_PARSED_PARAMETERS_FIELD_PARENT_UUID;
3096 }
3097 break;
3098 }
3099 case NECP_CLIENT_PARAMETER_LOCAL_ADDRESS_PREFERENCE: {
3100 if (length >= sizeof(parsed_parameters->local_address_preference)) {
3101 memcpy(dst: &parsed_parameters->local_address_preference, src: value, n: sizeof(parsed_parameters->local_address_preference));
3102 parsed_parameters->valid_fields |= NECP_PARSED_PARAMETERS_FIELD_LOCAL_ADDR_PREFERENCE;
3103 }
3104 break;
3105 }
3106 case NECP_CLIENT_PARAMETER_ATTRIBUTED_BUNDLE_IDENTIFIER: {
3107 if (length > 0) {
3108 parsed_parameters->valid_fields |= NECP_PARSED_PARAMETERS_FIELD_ATTRIBUTED_BUNDLE_IDENTIFIER;
3109 }
3110 break;
3111 }
3112 case NECP_CLIENT_PARAMETER_FLOW_DEMUX_PATTERN: {
3113 if (parsed_parameters->demux_pattern_count >= NECP_MAX_DEMUX_PATTERNS) {
3114 break;
3115 }
3116 if (length >= sizeof(struct necp_demux_pattern)) {
3117 memcpy(dst: &parsed_parameters->demux_patterns[parsed_parameters->demux_pattern_count], src: value, n: sizeof(struct necp_demux_pattern));
3118 parsed_parameters->demux_pattern_count++;
3119 parsed_parameters->valid_fields |= NECP_PARSED_PARAMETERS_FIELD_FLOW_DEMUX_PATTERN;
3120 }
3121 break;
3122 }
3123 case NECP_CLIENT_PARAMETER_APPLICATION_ID: {
3124 if (length >= sizeof(necp_application_id_t)) {
3125 necp_application_id_t *application_id = (necp_application_id_t *)(void *)value;
3126 // UID
3127 parsed_parameters->uid = application_id->uid;
3128 parsed_parameters->valid_fields |= NECP_PARSED_PARAMETERS_FIELD_UID;
3129 // EUUID
3130 uuid_copy(dst: parsed_parameters->effective_uuid, src: application_id->effective_uuid);
3131 parsed_parameters->valid_fields |= NECP_PARSED_PARAMETERS_FIELD_EFFECTIVE_UUID;
3132 // PERSONA
3133 parsed_parameters->persona_id = application_id->persona_id;
3134 parsed_parameters->valid_fields |= NECP_PARSED_PARAMETERS_FIELD_PERSONA_ID;
3135 }
3136 break;
3137 }
3138 default: {
3139 break;
3140 }
3141 }
3142 }
3143
3144 if (NECP_ENABLE_CLIENT_TRACE(NECP_CLIENT_TRACE_LEVEL_PARAMS)) {
3145 necp_client_trace_parameter_parsing(client, type, value, length);
3146 }
3147 }
3148
3149 offset += sizeof(struct necp_tlv_header) + length;
3150 }
3151
3152 if (resolver_tag != NULL) {
3153 struct necp_client_validatable *validatable = (struct necp_client_validatable *)resolver_tag;
3154 if (resolver_tag_length <= sizeof(struct necp_client_validatable)) {
3155 error = EINVAL;
3156 NECPLOG(LOG_ERR, "Resolver tag length too short: %u", resolver_tag_length);
3157 } else {
3158 bool matches = true;
3159
3160 // Check the client UUID for client-specific results
3161 if (validatable->signable.sign_type == NECP_CLIENT_SIGN_TYPE_RESOLVER_ANSWER ||
3162 validatable->signable.sign_type == NECP_CLIENT_SIGN_TYPE_BROWSE_RESULT ||
3163 validatable->signable.sign_type == NECP_CLIENT_SIGN_TYPE_SERVICE_RESOLVER_ANSWER) {
3164 if (uuid_compare(uu1: parent_id, uu2: validatable->signable.client_id) != 0 &&
3165 uuid_compare(uu1: client->client_id, uu2: validatable->signable.client_id) != 0) {
3166 NECPLOG0(LOG_ERR, "Resolver tag invalid client ID");
3167 matches = false;
3168 }
3169 }
3170
3171 size_t data_length = resolver_tag_length - sizeof(struct necp_client_validatable);
3172 switch (validatable->signable.sign_type) {
3173 case NECP_CLIENT_SIGN_TYPE_RESOLVER_ANSWER:
3174 case NECP_CLIENT_SIGN_TYPE_SYSTEM_RESOLVER_ANSWER: {
3175 if (data_length < (sizeof(struct necp_client_host_resolver_answer) - sizeof(struct necp_client_signable))) {
3176 NECPLOG0(LOG_ERR, "Resolver tag invalid length for resolver answer");
3177 matches = false;
3178 } else {
3179 struct necp_client_host_resolver_answer *answer_struct = (struct necp_client_host_resolver_answer *)&validatable->signable;
3180 if (data_length != (sizeof(struct necp_client_host_resolver_answer) + answer_struct->hostname_length - sizeof(struct necp_client_signable))) {
3181 NECPLOG0(LOG_ERR, "Resolver tag invalid length for resolver answer");
3182 matches = false;
3183 } else {
3184 if (answer_struct->hostname_length != 0 && // If the hostname on the signed answer is empty, ignore
3185 !necp_client_strings_are_equal(string1: (const char *)client_hostname, string1_length: hostname_length,
3186 string2: answer_struct->hostname, string2_length: answer_struct->hostname_length)) {
3187 NECPLOG0(LOG_ERR, "Resolver tag hostname does not match");
3188 matches = false;
3189 } else if (answer_struct->address_answer.sa.sa_family != parsed_parameters->remote_addr.sa.sa_family ||
3190 answer_struct->address_answer.sa.sa_len != parsed_parameters->remote_addr.sa.sa_len) {
3191 NECPLOG0(LOG_ERR, "Resolver tag address type does not match");
3192 matches = false;
3193 } else if (answer_struct->address_answer.sin.sin_port != 0 && // If the port on the signed answer is empty, ignore
3194 answer_struct->address_answer.sin.sin_port != parsed_parameters->remote_addr.sin.sin_port) {
3195 NECPLOG0(LOG_ERR, "Resolver tag port does not match");
3196 matches = false;
3197 } else if ((answer_struct->address_answer.sa.sa_family == AF_INET &&
3198 answer_struct->address_answer.sin.sin_addr.s_addr != parsed_parameters->remote_addr.sin.sin_addr.s_addr) ||
3199 (answer_struct->address_answer.sa.sa_family == AF_INET6 &&
3200 memcmp(s1: &answer_struct->address_answer.sin6.sin6_addr, s2: &parsed_parameters->remote_addr.sin6.sin6_addr, n: sizeof(struct in6_addr)) != 0)) {
3201 NECPLOG0(LOG_ERR, "Resolver tag address does not match");
3202 matches = false;
3203 }
3204 }
3205 }
3206 break;
3207 }
3208 case NECP_CLIENT_SIGN_TYPE_BROWSE_RESULT:
3209 case NECP_CLIENT_SIGN_TYPE_SYSTEM_BROWSE_RESULT: {
3210 if (data_length < (sizeof(struct necp_client_browse_result) - sizeof(struct necp_client_signable))) {
3211 NECPLOG0(LOG_ERR, "Resolver tag invalid length for browse result");
3212 matches = false;
3213 } else {
3214 struct necp_client_browse_result *answer_struct = (struct necp_client_browse_result *)&validatable->signable;
3215 if (data_length != (sizeof(struct necp_client_browse_result) + answer_struct->service_length - sizeof(struct necp_client_signable))) {
3216 NECPLOG0(LOG_ERR, "Resolver tag invalid length for browse result");
3217 matches = false;
3218 }
3219 }
3220 break;
3221 }
3222 case NECP_CLIENT_SIGN_TYPE_SERVICE_RESOLVER_ANSWER:
3223 case NECP_CLIENT_SIGN_TYPE_SYSTEM_SERVICE_RESOLVER_ANSWER: {
3224 if (data_length < (sizeof(struct necp_client_service_resolver_answer) - sizeof(struct necp_client_signable))) {
3225 NECPLOG0(LOG_ERR, "Resolver tag invalid length for service resolver answer");
3226 matches = false;
3227 } else {
3228 struct necp_client_service_resolver_answer *answer_struct = (struct necp_client_service_resolver_answer *)&validatable->signable;
3229 if (data_length != (sizeof(struct necp_client_service_resolver_answer) + answer_struct->service_length + answer_struct->hostname_length - sizeof(struct necp_client_signable))) {
3230 NECPLOG0(LOG_ERR, "Resolver tag invalid length for service resolver answer");
3231 matches = false;
3232 }
3233 }
3234 break;
3235 }
3236 default: {
3237 NECPLOG(LOG_ERR, "Resolver tag unknown sign type: %u", validatable->signable.sign_type);
3238 matches = false;
3239 break;
3240 }
3241 }
3242 if (!matches) {
3243 error = EAUTH;
3244 } else {
3245 const bool validated = necp_validate_resolver_answer(client_id: validatable->signable.client_id,
3246 sign_type: validatable->signable.sign_type,
3247 data: validatable->signable.signable_data, data_length,
3248 tag: validatable->signature.signed_tag, tag_length: sizeof(validatable->signature.signed_tag));
3249 if (!validated) {
3250 error = EAUTH;
3251 NECPLOG0(LOG_ERR, "Failed to validate resolve answer");
3252 }
3253 }
3254 }
3255 }
3256
3257 if (NECP_ENABLE_CLIENT_TRACE(NECP_CLIENT_TRACE_LEVEL_PARAMS)) {
3258 necp_client_trace_parsed_parameters(client, parsed_parameters);
3259 }
3260
3261 return error;
3262}
3263
3264static int
3265necp_client_parse_result(u_int8_t *result,
3266 u_int32_t result_size,
3267 union necp_sockaddr_union *local_address,
3268 union necp_sockaddr_union *remote_address,
3269 void **flow_stats)
3270{
3271#pragma unused(flow_stats)
3272 int error = 0;
3273 size_t offset = 0;
3274
3275 while ((offset + sizeof(struct necp_tlv_header)) <= result_size) {
3276 u_int8_t type = necp_buffer_get_tlv_type(buffer: result, tlv_offset: offset);
3277 u_int32_t length = necp_buffer_get_tlv_length(buffer: result, tlv_offset: offset);
3278
3279 if (length > 0 && (offset + sizeof(struct necp_tlv_header) + length) <= result_size) {
3280 u_int8_t *value = necp_buffer_get_tlv_value(buffer: result, tlv_offset: offset, NULL);
3281 if (value != NULL) {
3282 switch (type) {
3283 case NECP_CLIENT_RESULT_LOCAL_ENDPOINT: {
3284 if (length >= sizeof(struct necp_client_endpoint)) {
3285 struct necp_client_endpoint *endpoint = (struct necp_client_endpoint *)(void *)value;
3286 if (local_address != NULL && necp_client_address_is_valid(&endpoint->u.sa)) {
3287 memcpy(dst: local_address, src: &endpoint->u.sa, n: endpoint->u.sa.sa_len);
3288 }
3289 }
3290 break;
3291 }
3292 case NECP_CLIENT_RESULT_REMOTE_ENDPOINT: {
3293 if (length >= sizeof(struct necp_client_endpoint)) {
3294 struct necp_client_endpoint *endpoint = (struct necp_client_endpoint *)(void *)value;
3295 if (remote_address != NULL && necp_client_address_is_valid(&endpoint->u.sa)) {
3296 memcpy(dst: remote_address, src: &endpoint->u.sa, n: endpoint->u.sa.sa_len);
3297 }
3298 }
3299 break;
3300 }
3301#if SKYWALK
3302 case NECP_CLIENT_RESULT_NEXUS_FLOW_STATS: {
3303 // this TLV contains flow_stats pointer which is refcnt'ed.
3304 if (flow_stats != NULL && length >= sizeof(struct sk_stats_flow *)) {
3305 struct flow_stats *fs = *(void **)(void *)value;
3306 // transfer the refcnt to flow_stats pointer
3307 *flow_stats = fs;
3308 }
3309 memset(s: value, c: 0, n: length); // nullify TLV always
3310 break;
3311 }
3312#endif /* SKYWALK */
3313 default: {
3314 break;
3315 }
3316 }
3317 }
3318 }
3319
3320 offset += sizeof(struct necp_tlv_header) + length;
3321 }
3322
3323 return error;
3324}
3325
3326static struct necp_client_flow_registration *
3327necp_client_create_flow_registration(struct necp_fd_data *fd_data, struct necp_client *client)
3328{
3329 NECP_FD_ASSERT_LOCKED(fd_data);
3330 NECP_CLIENT_ASSERT_LOCKED(client);
3331
3332 struct necp_client_flow_registration *new_registration = kalloc_type(struct necp_client_flow_registration, Z_WAITOK | Z_ZERO | Z_NOFAIL);
3333
3334 new_registration->last_interface_details = combine_interface_details(IFSCOPE_NONE, NSTAT_IFNET_IS_UNKNOWN_TYPE);
3335
3336 necp_generate_client_id(client_id: new_registration->registration_id, true);
3337 LIST_INIT(&new_registration->flow_list);
3338
3339 // Add registration to client list
3340 RB_INSERT(_necp_client_flow_tree, &client->flow_registrations, new_registration);
3341
3342 // Add registration to fd list
3343 RB_INSERT(_necp_fd_flow_tree, &fd_data->flows, new_registration);
3344
3345 // Add registration to global tree for lookup
3346 NECP_FLOW_TREE_LOCK_EXCLUSIVE();
3347 RB_INSERT(_necp_client_flow_global_tree, &necp_client_flow_global_tree, new_registration);
3348 NECP_FLOW_TREE_UNLOCK();
3349
3350 new_registration->client = client;
3351
3352#if SKYWALK
3353 {
3354 // The uuid caching here is something of a hack, but saves a dynamic lookup with attendant lock hierarchy issues
3355 uint64_t stats_event_type = (uuid_is_null(uu: client->latest_flow_registration_id)) ? NSTAT_EVENT_SRC_FLOW_UUID_ASSIGNED : NSTAT_EVENT_SRC_FLOW_UUID_CHANGED;
3356 uuid_copy(dst: client->latest_flow_registration_id, src: new_registration->registration_id);
3357
3358 // With the flow uuid known, push a new statistics update to ensure the uuid gets known by any clients before the flow can close
3359 if (client->nstat_context != NULL) {
3360 nstat_provider_stats_event(nstat_ctx: client->nstat_context, event: stats_event_type);
3361 }
3362 }
3363#endif /* !SKYWALK */
3364
3365 // Start out assuming there is nothing to read from the flow
3366 new_registration->flow_result_read = true;
3367
3368 return new_registration;
3369}
3370
3371static void
3372necp_client_add_socket_flow(struct necp_client_flow_registration *flow_registration,
3373 struct inpcb *inp)
3374{
3375 struct necp_client_flow *new_flow = kalloc_type(struct necp_client_flow, Z_WAITOK | Z_ZERO | Z_NOFAIL);
3376
3377 new_flow->socket = TRUE;
3378 new_flow->u.socket_handle = inp;
3379 new_flow->u.cb = inp->necp_cb;
3380
3381 OSIncrementAtomic(&necp_socket_flow_count);
3382
3383 LIST_INSERT_HEAD(&flow_registration->flow_list, new_flow, flow_chain);
3384}
3385
3386static int
3387necp_client_register_socket_inner(pid_t pid, uuid_t client_id, struct inpcb *inp, bool is_listener)
3388{
3389 int error = 0;
3390 struct necp_fd_data *client_fd = NULL;
3391 bool found_client = FALSE;
3392
3393 NECP_FD_LIST_LOCK_SHARED();
3394 LIST_FOREACH(client_fd, &necp_fd_list, chain) {
3395 NECP_FD_LOCK(client_fd);
3396 struct necp_client *client = necp_client_fd_find_client_and_lock(client_fd, client_id);
3397 if (client != NULL) {
3398 if (!pid || client->proc_pid == pid) {
3399 if (is_listener) {
3400 found_client = TRUE;
3401#if SKYWALK
3402 // Check netns token for registration
3403 if (!NETNS_TOKEN_VALID(&client->port_reservation)) {
3404 error = EINVAL;
3405 }
3406#endif /* !SKYWALK */
3407 } else {
3408 // Find client flow and assign from socket
3409 struct necp_client_flow_registration *flow_registration = necp_client_find_flow(client, flow_id: client_id);
3410 if (flow_registration != NULL) {
3411 // Found the right client and flow registration, add a new flow
3412 found_client = TRUE;
3413 necp_client_add_socket_flow(flow_registration, inp);
3414 } else if (RB_EMPTY(&client->flow_registrations) && !necp_client_id_is_flow(client_id)) {
3415 // No flows yet on this client, add a new registration
3416 flow_registration = necp_client_create_flow_registration(fd_data: client_fd, client);
3417 if (flow_registration == NULL) {
3418 error = ENOMEM;
3419 } else {
3420 // Add a new flow
3421 found_client = TRUE;
3422 necp_client_add_socket_flow(flow_registration, inp);
3423 }
3424 }
3425 }
3426 }
3427
3428 NECP_CLIENT_UNLOCK(client);
3429 }
3430 NECP_FD_UNLOCK(client_fd);
3431
3432 if (found_client) {
3433 break;
3434 }
3435 }
3436 NECP_FD_LIST_UNLOCK();
3437
3438 if (!found_client) {
3439 error = ENOENT;
3440 } else {
3441 // Count the sockets that have the NECP client UUID set
3442 struct socket *so = inp->inp_socket;
3443 if (!(so->so_flags1 & SOF1_HAS_NECP_CLIENT_UUID)) {
3444 so->so_flags1 |= SOF1_HAS_NECP_CLIENT_UUID;
3445 INC_ATOMIC_INT64_LIM(net_api_stats.nas_socket_necp_clientuuid_total);
3446 }
3447 }
3448
3449 return error;
3450}
3451
3452int
3453necp_client_register_socket_flow(pid_t pid, uuid_t client_id, struct inpcb *inp)
3454{
3455 return necp_client_register_socket_inner(pid, client_id, inp, false);
3456}
3457
3458int
3459necp_client_register_socket_listener(pid_t pid, uuid_t client_id, struct inpcb *inp)
3460{
3461 return necp_client_register_socket_inner(pid, client_id, inp, true);
3462}
3463
3464#if SKYWALK
3465int
3466necp_client_get_netns_flow_info(uuid_t client_id, struct ns_flow_info *flow_info)
3467{
3468 int error = 0;
3469 struct necp_fd_data *client_fd = NULL;
3470 bool found_client = FALSE;
3471
3472 NECP_FD_LIST_LOCK_SHARED();
3473 LIST_FOREACH(client_fd, &necp_fd_list, chain) {
3474 NECP_FD_LOCK(client_fd);
3475 struct necp_client *client = necp_client_fd_find_client_and_lock(client_fd, client_id);
3476 if (client != NULL) {
3477 found_client = TRUE;
3478 if (!NETNS_TOKEN_VALID(&client->port_reservation)) {
3479 error = EINVAL;
3480 } else {
3481 error = netns_get_flow_info(token: &client->port_reservation, nfi: flow_info);
3482 }
3483
3484 NECP_CLIENT_UNLOCK(client);
3485 }
3486 NECP_FD_UNLOCK(client_fd);
3487
3488 if (found_client) {
3489 break;
3490 }
3491 }
3492 NECP_FD_LIST_UNLOCK();
3493
3494 if (!found_client) {
3495 error = ENOENT;
3496 }
3497
3498 return error;
3499}
3500#endif /* !SKYWALK */
3501
3502static void
3503necp_client_add_multipath_interface_flows(struct necp_client_flow_registration *flow_registration,
3504 struct necp_client *client,
3505 struct mppcb *mpp)
3506{
3507 flow_registration->interface_handle = mpp;
3508 flow_registration->interface_cb = mpp->necp_cb;
3509
3510 proc_t proc = proc_find(pid: client->proc_pid);
3511 if (proc == PROC_NULL) {
3512 return;
3513 }
3514
3515 // Traverse all interfaces and add a tracking flow if needed
3516 necp_flow_add_interface_flows(proc, client, flow_registration, true);
3517
3518 proc_rele(p: proc);
3519 proc = PROC_NULL;
3520}
3521
3522int
3523necp_client_register_multipath_cb(pid_t pid, uuid_t client_id, struct mppcb *mpp)
3524{
3525 int error = 0;
3526 struct necp_fd_data *client_fd = NULL;
3527 bool found_client = FALSE;
3528
3529 NECP_FD_LIST_LOCK_SHARED();
3530 LIST_FOREACH(client_fd, &necp_fd_list, chain) {
3531 NECP_FD_LOCK(client_fd);
3532 struct necp_client *client = necp_client_fd_find_client_and_lock(client_fd, client_id);
3533 if (client != NULL) {
3534 if (!pid || client->proc_pid == pid) {
3535 struct necp_client_flow_registration *flow_registration = necp_client_find_flow(client, flow_id: client_id);
3536 if (flow_registration != NULL) {
3537 // Found the right client and flow registration, add a new flow
3538 found_client = TRUE;
3539 necp_client_add_multipath_interface_flows(flow_registration, client, mpp);
3540 } else if (RB_EMPTY(&client->flow_registrations) && !necp_client_id_is_flow(client_id)) {
3541 // No flows yet on this client, add a new registration
3542 flow_registration = necp_client_create_flow_registration(fd_data: client_fd, client);
3543 if (flow_registration == NULL) {
3544 error = ENOMEM;
3545 } else {
3546 // Add a new flow
3547 found_client = TRUE;
3548 necp_client_add_multipath_interface_flows(flow_registration, client, mpp);
3549 }
3550 }
3551 }
3552
3553 NECP_CLIENT_UNLOCK(client);
3554 }
3555 NECP_FD_UNLOCK(client_fd);
3556
3557 if (found_client) {
3558 break;
3559 }
3560 }
3561 NECP_FD_LIST_UNLOCK();
3562
3563 if (!found_client && error == 0) {
3564 error = ENOENT;
3565 }
3566
3567 return error;
3568}
3569
3570#define NETAGENT_DOMAIN_RADIO_MANAGER "WirelessRadioManager"
3571#define NETAGENT_TYPE_RADIO_MANAGER "WirelessRadioManager:BB Manager"
3572
3573static int
3574necp_client_lookup_bb_radio_manager(struct necp_client *client,
3575 uuid_t netagent_uuid)
3576{
3577 char netagent_domain[NETAGENT_DOMAINSIZE];
3578 char netagent_type[NETAGENT_TYPESIZE];
3579 struct necp_aggregate_result result;
3580 proc_t proc;
3581 int error;
3582
3583 proc = proc_find(pid: client->proc_pid);
3584 if (proc == PROC_NULL) {
3585 return ESRCH;
3586 }
3587
3588 error = necp_application_find_policy_match_internal(proc, parameters: client->parameters, parameters_size: (u_int32_t)client->parameters_length,
3589 returned_result: &result, NULL, NULL, required_interface_index: 0, NULL, NULL, NULL, NULL, NULL, true, true, NULL);
3590
3591 proc_rele(p: proc);
3592 proc = PROC_NULL;
3593
3594 if (error) {
3595 return error;
3596 }
3597
3598 for (int i = 0; i < NECP_MAX_NETAGENTS; i++) {
3599 if (uuid_is_null(uu: result.netagents[i])) {
3600 // Passed end of valid agents
3601 break;
3602 }
3603
3604 memset(s: &netagent_domain, c: 0, NETAGENT_DOMAINSIZE);
3605 memset(s: &netagent_type, c: 0, NETAGENT_TYPESIZE);
3606 if (netagent_get_agent_domain_and_type(uuid: result.netagents[i], domain: netagent_domain, type: netagent_type) == FALSE) {
3607 continue;
3608 }
3609
3610 if (strncmp(s1: netagent_domain, NETAGENT_DOMAIN_RADIO_MANAGER, NETAGENT_DOMAINSIZE) != 0) {
3611 continue;
3612 }
3613
3614 if (strncmp(s1: netagent_type, NETAGENT_TYPE_RADIO_MANAGER, NETAGENT_TYPESIZE) != 0) {
3615 continue;
3616 }
3617
3618 uuid_copy(dst: netagent_uuid, src: result.netagents[i]);
3619
3620 break;
3621 }
3622
3623 return 0;
3624}
3625
3626static int
3627necp_client_assert_bb_radio_manager_common(struct necp_client *client, bool assert)
3628{
3629 uuid_t netagent_uuid;
3630 uint8_t assert_type;
3631 int error;
3632
3633 error = necp_client_lookup_bb_radio_manager(client, netagent_uuid);
3634 if (error) {
3635 NECPLOG0(LOG_ERR, "BB radio manager agent not found");
3636 return error;
3637 }
3638
3639 // Before unasserting, verify that the assertion was already taken
3640 if (assert == FALSE) {
3641 assert_type = NETAGENT_MESSAGE_TYPE_CLIENT_UNASSERT;
3642
3643 if (!necp_client_remove_assertion(client, netagent_uuid)) {
3644 return EINVAL;
3645 }
3646 } else {
3647 assert_type = NETAGENT_MESSAGE_TYPE_CLIENT_ASSERT;
3648 }
3649
3650 error = netagent_client_message(agent_uuid: netagent_uuid, necp_client_uuid: client->client_id, pid: client->proc_pid, handle: client->agent_handle, message_type: assert_type);
3651 if (error) {
3652 NECPLOG0(LOG_ERR, "netagent_client_message failed");
3653 return error;
3654 }
3655
3656 // Only save the assertion if the action succeeded
3657 if (assert == TRUE) {
3658 necp_client_add_assertion(client, netagent_uuid);
3659 }
3660
3661 return 0;
3662}
3663
3664int
3665necp_client_assert_bb_radio_manager(uuid_t client_id, bool assert)
3666{
3667 struct necp_client *client;
3668 int error = 0;
3669
3670 NECP_CLIENT_TREE_LOCK_SHARED();
3671
3672 client = necp_find_client_and_lock(client_id);
3673
3674 if (client) {
3675 // Found the right client!
3676 error = necp_client_assert_bb_radio_manager_common(client, assert);
3677
3678 NECP_CLIENT_UNLOCK(client);
3679 } else {
3680 NECPLOG0(LOG_ERR, "Couldn't find client");
3681 error = ENOENT;
3682 }
3683
3684 NECP_CLIENT_TREE_UNLOCK();
3685
3686 return error;
3687}
3688
3689static int
3690necp_client_unregister_socket_flow(uuid_t client_id, void *handle)
3691{
3692 int error = 0;
3693 struct necp_fd_data *client_fd = NULL;
3694 bool found_client = FALSE;
3695 bool client_updated = FALSE;
3696
3697 NECP_FD_LIST_LOCK_SHARED();
3698 LIST_FOREACH(client_fd, &necp_fd_list, chain) {
3699 NECP_FD_LOCK(client_fd);
3700
3701 struct necp_client *client = necp_client_fd_find_client_and_lock(client_fd, client_id);
3702 if (client != NULL) {
3703 struct necp_client_flow_registration *flow_registration = necp_client_find_flow(client, flow_id: client_id);
3704 if (flow_registration != NULL) {
3705 // Found the right client and flow!
3706 found_client = TRUE;
3707
3708 // Remove flow assignment
3709 struct necp_client_flow *search_flow = NULL;
3710 struct necp_client_flow *temp_flow = NULL;
3711 LIST_FOREACH_SAFE(search_flow, &flow_registration->flow_list, flow_chain, temp_flow) {
3712 if (search_flow->socket && search_flow->u.socket_handle == handle) {
3713 if (search_flow->assigned_results != NULL) {
3714 kfree_data(search_flow->assigned_results, search_flow->assigned_results_length);
3715 search_flow->assigned_results = NULL;
3716 }
3717 client_updated = TRUE;
3718 flow_registration->flow_result_read = FALSE;
3719 LIST_REMOVE(search_flow, flow_chain);
3720 OSDecrementAtomic(&necp_socket_flow_count);
3721 kfree_type(struct necp_client_flow, search_flow);
3722 }
3723 }
3724 }
3725
3726 NECP_CLIENT_UNLOCK(client);
3727 }
3728
3729 if (client_updated) {
3730 necp_fd_notify(fd_data: client_fd, true);
3731 }
3732 NECP_FD_UNLOCK(client_fd);
3733
3734 if (found_client) {
3735 break;
3736 }
3737 }
3738 NECP_FD_LIST_UNLOCK();
3739
3740 if (!found_client) {
3741 error = ENOENT;
3742 }
3743
3744 return error;
3745}
3746
3747static int
3748necp_client_unregister_multipath_cb(uuid_t client_id, void *handle)
3749{
3750 int error = 0;
3751 bool found_client = FALSE;
3752
3753 NECP_CLIENT_TREE_LOCK_SHARED();
3754
3755 struct necp_client *client = necp_find_client_and_lock(client_id);
3756 if (client != NULL) {
3757 struct necp_client_flow_registration *flow_registration = necp_client_find_flow(client, flow_id: client_id);
3758 if (flow_registration != NULL) {
3759 // Found the right client and flow!
3760 found_client = TRUE;
3761
3762 // Remove flow assignment
3763 struct necp_client_flow *search_flow = NULL;
3764 struct necp_client_flow *temp_flow = NULL;
3765 LIST_FOREACH_SAFE(search_flow, &flow_registration->flow_list, flow_chain, temp_flow) {
3766 if (!search_flow->socket && !search_flow->nexus &&
3767 search_flow->u.socket_handle == handle) {
3768 search_flow->u.socket_handle = NULL;
3769 search_flow->u.cb = NULL;
3770 }
3771 }
3772
3773 flow_registration->interface_handle = NULL;
3774 flow_registration->interface_cb = NULL;
3775 }
3776
3777 NECP_CLIENT_UNLOCK(client);
3778 }
3779
3780 NECP_CLIENT_TREE_UNLOCK();
3781
3782 if (!found_client) {
3783 error = ENOENT;
3784 }
3785
3786 return error;
3787}
3788
3789int
3790necp_client_assign_from_socket(pid_t pid, uuid_t client_id, struct inpcb *inp)
3791{
3792 int error = 0;
3793 struct necp_fd_data *client_fd = NULL;
3794 bool found_client = FALSE;
3795 bool client_updated = FALSE;
3796
3797 NECP_FD_LIST_LOCK_SHARED();
3798 LIST_FOREACH(client_fd, &necp_fd_list, chain) {
3799 if (pid && client_fd->proc_pid != pid) {
3800 continue;
3801 }
3802
3803 proc_t proc = proc_find(pid: client_fd->proc_pid);
3804 if (proc == PROC_NULL) {
3805 continue;
3806 }
3807
3808 NECP_FD_LOCK(client_fd);
3809
3810 struct necp_client *client = necp_client_fd_find_client_and_lock(client_fd, client_id);
3811 if (client != NULL) {
3812 struct necp_client_flow_registration *flow_registration = necp_client_find_flow(client, flow_id: client_id);
3813 if (flow_registration == NULL && RB_EMPTY(&client->flow_registrations) && !necp_client_id_is_flow(client_id)) {
3814 // No flows yet on this client, add a new registration
3815 flow_registration = necp_client_create_flow_registration(fd_data: client_fd, client);
3816 if (flow_registration == NULL) {
3817 error = ENOMEM;
3818 }
3819 }
3820 if (flow_registration != NULL) {
3821 // Found the right client and flow!
3822 found_client = TRUE;
3823
3824 struct necp_client_flow *flow = NULL;
3825 LIST_FOREACH(flow, &flow_registration->flow_list, flow_chain) {
3826 if (flow->socket && flow->u.socket_handle == inp) {
3827 // Release prior results and route
3828 if (flow->assigned_results != NULL) {
3829 kfree_data(flow->assigned_results, flow->assigned_results_length);
3830 flow->assigned_results = NULL;
3831 }
3832
3833 ifnet_t ifp = NULL;
3834 if ((inp->inp_flags & INP_BOUND_IF) && inp->inp_boundifp) {
3835 ifp = inp->inp_boundifp;
3836 } else {
3837 ifp = inp->inp_last_outifp;
3838 }
3839
3840 if (ifp != NULL) {
3841 flow->interface_index = ifp->if_index;
3842 } else {
3843 flow->interface_index = IFSCOPE_NONE;
3844 }
3845
3846 if (inp->inp_vflag & INP_IPV4) {
3847 flow->local_addr.sin.sin_family = AF_INET;
3848 flow->local_addr.sin.sin_len = sizeof(struct sockaddr_in);
3849 flow->local_addr.sin.sin_port = inp->inp_lport;
3850 memcpy(dst: &flow->local_addr.sin.sin_addr, src: &inp->inp_laddr, n: sizeof(struct in_addr));
3851
3852 flow->remote_addr.sin.sin_family = AF_INET;
3853 flow->remote_addr.sin.sin_len = sizeof(struct sockaddr_in);
3854 flow->remote_addr.sin.sin_port = inp->inp_fport;
3855 memcpy(dst: &flow->remote_addr.sin.sin_addr, src: &inp->inp_faddr, n: sizeof(struct in_addr));
3856 } else if (inp->inp_vflag & INP_IPV6) {
3857 in6_ip6_to_sockaddr(ip6: &inp->in6p_laddr, port: inp->inp_lport, ifscope: inp->inp_lifscope, sin6: &flow->local_addr.sin6, maxlen: sizeof(flow->local_addr));
3858 in6_ip6_to_sockaddr(ip6: &inp->in6p_faddr, port: inp->inp_fport, ifscope: inp->inp_fifscope, sin6: &flow->remote_addr.sin6, maxlen: sizeof(flow->remote_addr));
3859 }
3860
3861 flow->viable = necp_client_flow_is_viable(proc, client, flow);
3862
3863 uuid_t empty_uuid;
3864 uuid_clear(uu: empty_uuid);
3865 flow->assigned = TRUE;
3866 flow->assigned_results = necp_create_nexus_assign_message(nexus_instance: empty_uuid, nexus_port: 0, NULL, key_length: 0,
3867 local_endpoint: (struct necp_client_endpoint *)&flow->local_addr,
3868 remote_endpoint: (struct necp_client_endpoint *)&flow->remote_addr,
3869 NULL, flow_adv_index: 0, NULL, message_length: &flow->assigned_results_length);
3870 flow_registration->flow_result_read = FALSE;
3871 client_updated = TRUE;
3872 break;
3873 }
3874 }
3875 }
3876
3877 NECP_CLIENT_UNLOCK(client);
3878 }
3879 if (client_updated) {
3880 necp_fd_notify(fd_data: client_fd, true);
3881 }
3882 NECP_FD_UNLOCK(client_fd);
3883
3884 proc_rele(p: proc);
3885 proc = PROC_NULL;
3886
3887 if (found_client) {
3888 break;
3889 }
3890 }
3891 NECP_FD_LIST_UNLOCK();
3892
3893 if (error == 0) {
3894 if (!found_client) {
3895 error = ENOENT;
3896 } else if (!client_updated) {
3897 error = EINVAL;
3898 }
3899 }
3900
3901 return error;
3902}
3903
3904bool
3905necp_socket_is_allowed_to_recv_on_interface(struct inpcb *inp, ifnet_t interface)
3906{
3907 if (interface == NULL ||
3908 inp == NULL ||
3909 !(inp->inp_flags2 & INP2_EXTERNAL_PORT) ||
3910 uuid_is_null(uu: inp->necp_client_uuid)) {
3911 // If there's no interface or client ID to check,
3912 // or if this is not a listener, pass.
3913 // Outbound connections will have already been
3914 // validated for policy.
3915 return TRUE;
3916 }
3917
3918 // Only filter out listener sockets (no remote address specified)
3919 if ((inp->inp_vflag & INP_IPV4) &&
3920 inp->inp_faddr.s_addr != INADDR_ANY) {
3921 return TRUE;
3922 }
3923 if ((inp->inp_vflag & INP_IPV6) &&
3924 !IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_faddr)) {
3925 return TRUE;
3926 }
3927
3928 bool allowed = TRUE;
3929
3930 NECP_CLIENT_TREE_LOCK_SHARED();
3931
3932 struct necp_client *client = necp_find_client_and_lock(client_id: inp->necp_client_uuid);
3933 if (client != NULL) {
3934 struct necp_client_parsed_parameters *parsed_parameters = NULL;
3935
3936 parsed_parameters = kalloc_type(struct necp_client_parsed_parameters,
3937 Z_WAITOK | Z_ZERO | Z_NOFAIL);
3938 int error = necp_client_parse_parameters(client, parameters: client->parameters, parameters_size: (u_int32_t)client->parameters_length, parsed_parameters);
3939 if (error == 0) {
3940 if (!necp_ifnet_matches_parameters(ifp: interface, parsed_parameters, override_flags: 0, NULL, true, false)) {
3941 allowed = FALSE;
3942 }
3943 }
3944 kfree_type(struct necp_client_parsed_parameters, parsed_parameters);
3945
3946 NECP_CLIENT_UNLOCK(client);
3947 }
3948
3949 NECP_CLIENT_TREE_UNLOCK();
3950
3951 return allowed;
3952}
3953
3954int
3955necp_update_flow_protoctl_event(uuid_t netagent_uuid, uuid_t client_id,
3956 uint32_t protoctl_event_code, uint32_t protoctl_event_val,
3957 uint32_t protoctl_event_tcp_seq_number)
3958{
3959 int error = 0;
3960 struct necp_fd_data *client_fd = NULL;
3961 bool found_client = FALSE;
3962 bool client_updated = FALSE;
3963
3964 NECP_FD_LIST_LOCK_SHARED();
3965 LIST_FOREACH(client_fd, &necp_fd_list, chain) {
3966 proc_t proc = proc_find(pid: client_fd->proc_pid);
3967 if (proc == PROC_NULL) {
3968 continue;
3969 }
3970
3971 NECP_FD_LOCK(client_fd);
3972
3973 struct necp_client *client = necp_client_fd_find_client_and_lock(client_fd, client_id);
3974 if (client != NULL) {
3975 struct necp_client_flow_registration *flow_registration = necp_client_find_flow(client, flow_id: client_id);
3976 if (flow_registration != NULL) {
3977 // Found the right client and flow!
3978 found_client = TRUE;
3979
3980 struct necp_client_flow *flow = NULL;
3981 LIST_FOREACH(flow, &flow_registration->flow_list, flow_chain) {
3982 // Verify that the client nexus agent matches
3983 if ((flow->nexus && uuid_compare(uu1: flow->u.nexus_agent, uu2: netagent_uuid) == 0) ||
3984 flow->socket) {
3985 flow->has_protoctl_event = TRUE;
3986 flow->protoctl_event.protoctl_event_code = protoctl_event_code;
3987 flow->protoctl_event.protoctl_event_val = protoctl_event_val;
3988 flow->protoctl_event.protoctl_event_tcp_seq_num = protoctl_event_tcp_seq_number;
3989 flow_registration->flow_result_read = FALSE;
3990 client_updated = TRUE;
3991 break;
3992 }
3993 }
3994 }
3995
3996 NECP_CLIENT_UNLOCK(client);
3997 }
3998
3999 if (client_updated) {
4000 necp_fd_notify(fd_data: client_fd, true);
4001 }
4002
4003 NECP_FD_UNLOCK(client_fd);
4004 proc_rele(p: proc);
4005 proc = PROC_NULL;
4006
4007 if (found_client) {
4008 break;
4009 }
4010 }
4011 NECP_FD_LIST_UNLOCK();
4012
4013 if (!found_client) {
4014 error = ENOENT;
4015 } else if (!client_updated) {
4016 error = EINVAL;
4017 }
4018 return error;
4019}
4020
4021static bool
4022necp_assign_client_result_locked(struct proc *proc,
4023 struct necp_fd_data *client_fd,
4024 struct necp_client *client,
4025 struct necp_client_flow_registration *flow_registration,
4026 uuid_t netagent_uuid,
4027 u_int8_t *assigned_results,
4028 size_t assigned_results_length,
4029 bool notify_fd,
4030 bool assigned_from_userspace_agent)
4031{
4032 bool client_updated = FALSE;
4033
4034 NECP_FD_ASSERT_LOCKED(client_fd);
4035 NECP_CLIENT_ASSERT_LOCKED(client);
4036
4037 struct necp_client_flow *flow = NULL;
4038 LIST_FOREACH(flow, &flow_registration->flow_list, flow_chain) {
4039 // Verify that the client nexus agent matches
4040 if (flow->nexus &&
4041 uuid_compare(uu1: flow->u.nexus_agent, uu2: netagent_uuid) == 0) {
4042 // Release prior results and route
4043 if (flow->assigned_results != NULL) {
4044 kfree_data(flow->assigned_results, flow->assigned_results_length);
4045 flow->assigned_results = NULL;
4046 }
4047
4048 void *nexus_stats = NULL;
4049 if (assigned_results != NULL && assigned_results_length > 0) {
4050 int error = necp_client_parse_result(result: assigned_results, result_size: (u_int32_t)assigned_results_length,
4051 local_address: &flow->local_addr, remote_address: &flow->remote_addr,
4052 flow_stats: assigned_from_userspace_agent ? NULL : &nexus_stats); // Only assign stats from kernel agents
4053 VERIFY(error == 0);
4054 }
4055
4056 flow->viable = necp_client_flow_is_viable(proc, client, flow);
4057
4058 flow->assigned = TRUE;
4059 flow->assigned_results = assigned_results;
4060 flow->assigned_results_length = assigned_results_length;
4061 flow_registration->flow_result_read = FALSE;
4062#if SKYWALK
4063 if (nexus_stats != NULL) {
4064 if (flow_registration->nexus_stats != NULL) {
4065 flow_stats_release(fs: flow_registration->nexus_stats);
4066 }
4067 flow_registration->nexus_stats = nexus_stats;
4068 }
4069#endif /* SKYWALK */
4070 client_updated = TRUE;
4071 break;
4072 }
4073 }
4074
4075 if (client_updated && notify_fd) {
4076 necp_fd_notify(fd_data: client_fd, true);
4077 }
4078
4079 // if not updated, client must free assigned_results
4080 return client_updated;
4081}
4082
4083int
4084necp_assign_client_result(uuid_t netagent_uuid, uuid_t client_id,
4085 u_int8_t *assigned_results, size_t assigned_results_length)
4086{
4087 int error = 0;
4088 struct necp_fd_data *client_fd = NULL;
4089 bool found_client = FALSE;
4090 bool client_updated = FALSE;
4091
4092 NECP_FD_LIST_LOCK_SHARED();
4093
4094 LIST_FOREACH(client_fd, &necp_fd_list, chain) {
4095 proc_t proc = proc_find(pid: client_fd->proc_pid);
4096 if (proc == PROC_NULL) {
4097 continue;
4098 }
4099
4100 NECP_FD_LOCK(client_fd);
4101 struct necp_client *client = necp_client_fd_find_client_and_lock(client_fd, client_id);
4102 if (client != NULL) {
4103 struct necp_client_flow_registration *flow_registration = necp_client_find_flow(client, flow_id: client_id);
4104 if (flow_registration != NULL) {
4105 // Found the right client and flow!
4106 found_client = TRUE;
4107 if (necp_assign_client_result_locked(proc, client_fd, client, flow_registration, netagent_uuid,
4108 assigned_results, assigned_results_length, true, true)) {
4109 client_updated = TRUE;
4110 }
4111 }
4112
4113 NECP_CLIENT_UNLOCK(client);
4114 }
4115 NECP_FD_UNLOCK(client_fd);
4116
4117 proc_rele(p: proc);
4118 proc = PROC_NULL;
4119
4120 if (found_client) {
4121 break;
4122 }
4123 }
4124
4125 NECP_FD_LIST_UNLOCK();
4126
4127 // upon error, client must free assigned_results
4128 if (!found_client) {
4129 error = ENOENT;
4130 } else if (!client_updated) {
4131 error = EINVAL;
4132 }
4133
4134 return error;
4135}
4136
4137int
4138necp_assign_client_group_members(uuid_t netagent_uuid, uuid_t client_id,
4139 u_int8_t *assigned_group_members, size_t assigned_group_members_length)
4140{
4141#pragma unused(netagent_uuid)
4142 int error = 0;
4143 struct necp_fd_data *client_fd = NULL;
4144 bool found_client = false;
4145 bool client_updated = false;
4146
4147 NECP_FD_LIST_LOCK_SHARED();
4148
4149 LIST_FOREACH(client_fd, &necp_fd_list, chain) {
4150 proc_t proc = proc_find(pid: client_fd->proc_pid);
4151 if (proc == PROC_NULL) {
4152 continue;
4153 }
4154
4155 NECP_FD_LOCK(client_fd);
4156 struct necp_client *client = necp_client_fd_find_client_and_lock(client_fd, client_id);
4157 if (client != NULL) {
4158 found_client = true;
4159 // Release prior results
4160 if (client->assigned_group_members != NULL) {
4161 kfree_data(client->assigned_group_members, client->assigned_group_members_length);
4162 client->assigned_group_members = NULL;
4163 }
4164
4165 // Save new results
4166 client->assigned_group_members = assigned_group_members;
4167 client->assigned_group_members_length = assigned_group_members_length;
4168 client->group_members_read = false;
4169
4170 client_updated = true;
4171 necp_fd_notify(fd_data: client_fd, true);
4172
4173 NECP_CLIENT_UNLOCK(client);
4174 }
4175 NECP_FD_UNLOCK(client_fd);
4176
4177 proc_rele(p: proc);
4178 proc = PROC_NULL;
4179
4180 if (found_client) {
4181 break;
4182 }
4183 }
4184
4185 NECP_FD_LIST_UNLOCK();
4186
4187 // upon error, client must free assigned_results
4188 if (!found_client) {
4189 error = ENOENT;
4190 } else if (!client_updated) {
4191 error = EINVAL;
4192 }
4193
4194 return error;
4195}
4196
4197/// Client updating
4198
4199static bool
4200necp_update_parsed_parameters(struct necp_client_parsed_parameters *parsed_parameters,
4201 struct necp_aggregate_result *result)
4202{
4203 if (parsed_parameters == NULL ||
4204 result == NULL) {
4205 return false;
4206 }
4207
4208 bool updated = false;
4209 for (int i = 0; i < NECP_MAX_NETAGENTS; i++) {
4210 if (uuid_is_null(uu: result->netagents[i])) {
4211 // Passed end of valid agents
4212 break;
4213 }
4214
4215 if (!(result->netagent_use_flags[i] & NECP_AGENT_USE_FLAG_SCOPE)) {
4216 // Not a scoped agent, ignore
4217 continue;
4218 }
4219
4220 // This is a scoped agent. Add it to the required agents.
4221 if (parsed_parameters->valid_fields & NECP_PARSED_PARAMETERS_FIELD_REQUIRED_AGENT) {
4222 // Already some required agents, add this at the end
4223 for (int j = 0; j < NECP_MAX_AGENT_PARAMETERS; j++) {
4224 if (uuid_compare(uu1: parsed_parameters->required_netagents[j], uu2: result->netagents[i]) == 0) {
4225 // Already required, break
4226 break;
4227 }
4228 if (uuid_is_null(uu: parsed_parameters->required_netagents[j])) {
4229 // Add here
4230 memcpy(dst: &parsed_parameters->required_netagents[j], src: result->netagents[i], n: sizeof(uuid_t));
4231 updated = true;
4232 break;
4233 }
4234 }
4235 } else {
4236 // No required agents yet, add this one
4237 parsed_parameters->valid_fields |= NECP_PARSED_PARAMETERS_FIELD_REQUIRED_AGENT;
4238 memcpy(dst: &parsed_parameters->required_netagents[0], src: result->netagents[i], n: sizeof(uuid_t));
4239 updated = true;
4240 }
4241
4242 // Remove requirements for agents of the same type
4243 if (parsed_parameters->valid_fields & NECP_PARSED_PARAMETERS_FIELD_REQUIRED_AGENT_TYPE) {
4244 char remove_agent_domain[NETAGENT_DOMAINSIZE] = { 0 };
4245 char remove_agent_type[NETAGENT_TYPESIZE] = { 0 };
4246 if (netagent_get_agent_domain_and_type(uuid: result->netagents[i], domain: remove_agent_domain, type: remove_agent_type)) {
4247 for (int j = 0; j < NECP_MAX_AGENT_PARAMETERS; j++) {
4248 if (strlen(s: parsed_parameters->required_netagent_types[j].netagent_domain) == 0 &&
4249 strlen(s: parsed_parameters->required_netagent_types[j].netagent_type) == 0) {
4250 break;
4251 }
4252
4253 if (strncmp(s1: parsed_parameters->required_netagent_types[j].netagent_domain, s2: remove_agent_domain, NETAGENT_DOMAINSIZE) == 0 &&
4254 strncmp(s1: parsed_parameters->required_netagent_types[j].netagent_type, s2: remove_agent_type, NETAGENT_TYPESIZE) == 0) {
4255 updated = true;
4256
4257 if (j == NECP_MAX_AGENT_PARAMETERS - 1) {
4258 // Last field, just clear and break
4259 memset(s: &parsed_parameters->required_netagent_types[NECP_MAX_AGENT_PARAMETERS - 1], c: 0, n: sizeof(struct necp_client_parameter_netagent_type));
4260 break;
4261 } else {
4262 // Move the parameters down, clear the last entry
4263 memmove(dst: &parsed_parameters->required_netagent_types[j],
4264 src: &parsed_parameters->required_netagent_types[j + 1],
4265 n: sizeof(struct necp_client_parameter_netagent_type) * (NECP_MAX_AGENT_PARAMETERS - (j + 1)));
4266 memset(s: &parsed_parameters->required_netagent_types[NECP_MAX_AGENT_PARAMETERS - 1], c: 0, n: sizeof(struct necp_client_parameter_netagent_type));
4267 // Continue, don't increment but look at the new shifted item instead
4268 continue;
4269 }
4270 }
4271
4272 // Increment j to look at the next agent type parameter
4273 j++;
4274 }
4275 }
4276 }
4277 }
4278
4279 if (updated &&
4280 parsed_parameters->required_interface_index != IFSCOPE_NONE &&
4281 (parsed_parameters->valid_fields & NECP_PARSED_PARAMETERS_FIELD_REQUIRED_IF) == 0) {
4282 // A required interface index was added after the fact. Clear it.
4283 parsed_parameters->required_interface_index = IFSCOPE_NONE;
4284 }
4285
4286
4287 return updated;
4288}
4289
4290static inline bool
4291necp_agent_types_match(const char *agent_domain1, const char *agent_type1,
4292 const char *agent_domain2, const char *agent_type2)
4293{
4294 return (strlen(s: agent_domain1) == 0 ||
4295 strncmp(s1: agent_domain2, s2: agent_domain1, NETAGENT_DOMAINSIZE) == 0) &&
4296 (strlen(s: agent_type1) == 0 ||
4297 strncmp(s1: agent_type2, s2: agent_type1, NETAGENT_TYPESIZE) == 0);
4298}
4299
4300static inline bool
4301necp_calculate_client_result(proc_t proc,
4302 struct necp_client *client,
4303 struct necp_client_parsed_parameters *parsed_parameters,
4304 struct necp_aggregate_result *result,
4305 u_int32_t *flags,
4306 u_int32_t *reason,
4307 struct necp_client_endpoint *v4_gateway,
4308 struct necp_client_endpoint *v6_gateway,
4309 uuid_t *override_euuid)
4310{
4311 struct rtentry *route = NULL;
4312
4313 // Check parameters to find best interface
4314 bool validate_agents = false;
4315 u_int matching_if_index = 0;
4316 if (necp_find_matching_interface_index(parsed_parameters, return_ifindex: &matching_if_index, validate_agents: &validate_agents)) {
4317 if (matching_if_index != 0) {
4318 parsed_parameters->required_interface_index = matching_if_index;
4319 }
4320 // Interface found or not needed, match policy.
4321 memset(s: result, c: 0, n: sizeof(*result));
4322 int error = necp_application_find_policy_match_internal(proc, parameters: client->parameters,
4323 parameters_size: (u_int32_t)client->parameters_length,
4324 returned_result: result, flags, reason, required_interface_index: matching_if_index,
4325 NULL, NULL,
4326 returned_v4_gateway: v4_gateway, returned_v6_gateway: v6_gateway,
4327 returned_route: &route, false, true,
4328 returned_override_euuid: override_euuid);
4329 if (error != 0) {
4330 if (route != NULL) {
4331 rtfree(route);
4332 }
4333 return FALSE;
4334 }
4335
4336 if (validate_agents) {
4337 bool requirement_failed = FALSE;
4338 if (parsed_parameters->valid_fields & NECP_PARSED_PARAMETERS_FIELD_REQUIRED_AGENT) {
4339 for (int i = 0; i < NECP_MAX_AGENT_PARAMETERS; i++) {
4340 if (uuid_is_null(uu: parsed_parameters->required_netagents[i])) {
4341 break;
4342 }
4343
4344 bool requirement_found = FALSE;
4345 for (int j = 0; j < NECP_MAX_NETAGENTS; j++) {
4346 if (uuid_is_null(uu: result->netagents[j])) {
4347 break;
4348 }
4349
4350 if (result->netagent_use_flags[j] & NECP_AGENT_USE_FLAG_REMOVE) {
4351 // A removed agent, ignore
4352 continue;
4353 }
4354
4355 if (uuid_compare(uu1: parsed_parameters->required_netagents[i], uu2: result->netagents[j]) == 0) {
4356 requirement_found = TRUE;
4357 break;
4358 }
4359 }
4360
4361 if (!requirement_found) {
4362 requirement_failed = TRUE;
4363 break;
4364 }
4365 }
4366 }
4367
4368 if (!requirement_failed && parsed_parameters->valid_fields & NECP_PARSED_PARAMETERS_FIELD_REQUIRED_AGENT_TYPE) {
4369 for (int i = 0; i < NECP_MAX_AGENT_PARAMETERS; i++) {
4370 if (strlen(s: parsed_parameters->required_netagent_types[i].netagent_domain) == 0 &&
4371 strlen(s: parsed_parameters->required_netagent_types[i].netagent_type) == 0) {
4372 break;
4373 }
4374
4375 bool requirement_found = FALSE;
4376 for (int j = 0; j < NECP_MAX_NETAGENTS; j++) {
4377 if (uuid_is_null(uu: result->netagents[j])) {
4378 break;
4379 }
4380
4381 if (result->netagent_use_flags[j] & NECP_AGENT_USE_FLAG_REMOVE) {
4382 // A removed agent, ignore
4383 continue;
4384 }
4385
4386 char policy_agent_domain[NETAGENT_DOMAINSIZE] = { 0 };
4387 char policy_agent_type[NETAGENT_TYPESIZE] = { 0 };
4388
4389 if (netagent_get_agent_domain_and_type(uuid: result->netagents[j], domain: policy_agent_domain, type: policy_agent_type)) {
4390 if (necp_agent_types_match(agent_domain1: parsed_parameters->required_netagent_types[i].netagent_domain,
4391 agent_type1: parsed_parameters->required_netagent_types[i].netagent_type,
4392 agent_domain2: policy_agent_domain, agent_type2: policy_agent_type)) {
4393 requirement_found = TRUE;
4394 break;
4395 }
4396 }
4397 }
4398
4399 if (!requirement_found) {
4400 requirement_failed = TRUE;
4401 break;
4402 }
4403 }
4404 }
4405
4406 if (requirement_failed) {
4407 // Agent requirement failed. Clear out the whole result, make everything fail.
4408 memset(s: result, c: 0, n: sizeof(*result));
4409 if (route != NULL) {
4410 rtfree(route);
4411 }
4412 return TRUE;
4413 }
4414 }
4415
4416 // Reset current route
4417 NECP_CLIENT_ROUTE_LOCK(client);
4418 if (client->current_route != NULL) {
4419 rtfree(client->current_route);
4420 }
4421 client->current_route = route;
4422 NECP_CLIENT_ROUTE_UNLOCK(client);
4423 } else {
4424 // Interface not found. Clear out the whole result, make everything fail.
4425 memset(s: result, c: 0, n: sizeof(*result));
4426 }
4427
4428 return TRUE;
4429}
4430
4431#define NECP_PARSED_PARAMETERS_REQUIRED_FIELDS (NECP_PARSED_PARAMETERS_FIELD_REQUIRED_IF | \
4432 NECP_PARSED_PARAMETERS_FIELD_REQUIRED_IFTYPE | \
4433 NECP_PARSED_PARAMETERS_FIELD_REQUIRED_AGENT | \
4434 NECP_PARSED_PARAMETERS_FIELD_REQUIRED_AGENT_TYPE)
4435
4436static bool
4437necp_update_client_result(proc_t proc,
4438 struct necp_fd_data *client_fd,
4439 struct necp_client *client,
4440 struct _necp_flow_defunct_list *defunct_list)
4441{
4442 struct necp_client_result_netagent netagent;
4443 struct necp_aggregate_result result;
4444 struct necp_client_parsed_parameters *parsed_parameters = NULL;
4445 u_int32_t flags = 0;
4446 u_int32_t reason = 0;
4447
4448 NECP_CLIENT_ASSERT_LOCKED(client);
4449
4450 parsed_parameters = kalloc_type(struct necp_client_parsed_parameters,
4451 Z_WAITOK | Z_ZERO | Z_NOFAIL);
4452
4453 // Nexus flows will be brought back if they are still valid
4454 necp_client_mark_all_nonsocket_flows_as_invalid(client);
4455
4456 int error = necp_client_parse_parameters(client, parameters: client->parameters, parameters_size: (u_int32_t)client->parameters_length, parsed_parameters);
4457 if (error != 0) {
4458 kfree_type(struct necp_client_parsed_parameters, parsed_parameters);
4459 return FALSE;
4460 }
4461 bool originally_scoped = (parsed_parameters->required_interface_index != IFSCOPE_NONE);
4462
4463 // Update saved IP protocol
4464 client->ip_protocol = parsed_parameters->ip_protocol;
4465
4466 // Calculate the policy result
4467 struct necp_client_endpoint v4_gateway = {};
4468 struct necp_client_endpoint v6_gateway = {};
4469 uuid_t override_euuid;
4470 uuid_clear(uu: override_euuid);
4471 if (!necp_calculate_client_result(proc, client, parsed_parameters, result: &result, flags: &flags, reason: &reason, v4_gateway: &v4_gateway, v6_gateway: &v6_gateway, override_euuid: &override_euuid)) {
4472 kfree_type(struct necp_client_parsed_parameters, parsed_parameters);
4473 return FALSE;
4474 }
4475
4476 if (necp_update_parsed_parameters(parsed_parameters, result: &result)) {
4477 // Changed the parameters based on result, try again (only once)
4478 if (!necp_calculate_client_result(proc, client, parsed_parameters, result: &result, flags: &flags, reason: &reason, v4_gateway: &v4_gateway, v6_gateway: &v6_gateway, override_euuid: &override_euuid)) {
4479 kfree_type(struct necp_client_parsed_parameters, parsed_parameters);
4480 return FALSE;
4481 }
4482 }
4483
4484 if ((parsed_parameters->flags & NECP_CLIENT_PARAMETER_FLAG_LISTENER) &&
4485 parsed_parameters->required_interface_index != IFSCOPE_NONE &&
4486 (parsed_parameters->valid_fields & NECP_PARSED_PARAMETERS_FIELD_REQUIRED_IF) == 0) {
4487 // Listener should not apply required interface index if
4488 parsed_parameters->required_interface_index = IFSCOPE_NONE;
4489 }
4490
4491 // Save the last policy id on the client
4492 client->policy_id = result.policy_id;
4493 client->skip_policy_id = result.skip_policy_id;
4494 uuid_copy(dst: client->override_euuid, src: override_euuid);
4495
4496 if ((parsed_parameters->flags & NECP_CLIENT_PARAMETER_FLAG_MULTIPATH) ||
4497 (parsed_parameters->flags & NECP_CLIENT_PARAMETER_FLAG_BROWSE) ||
4498 ((parsed_parameters->flags & NECP_CLIENT_PARAMETER_FLAG_LISTENER) &&
4499 result.routing_result != NECP_KERNEL_POLICY_RESULT_SOCKET_SCOPED)) {
4500 client->allow_multiple_flows = TRUE;
4501 } else {
4502 client->allow_multiple_flows = FALSE;
4503 }
4504
4505 // If the original request was scoped, and the policy result matches, make sure the result is scoped
4506 if ((result.routing_result == NECP_KERNEL_POLICY_RESULT_NONE ||
4507 result.routing_result == NECP_KERNEL_POLICY_RESULT_PASS) &&
4508 result.routed_interface_index != IFSCOPE_NONE &&
4509 parsed_parameters->required_interface_index == result.routed_interface_index) {
4510 result.routing_result = NECP_KERNEL_POLICY_RESULT_SOCKET_SCOPED;
4511 result.routing_result_parameter.scoped_interface_index = result.routed_interface_index;
4512 }
4513
4514 if (defunct_list != NULL &&
4515 result.routing_result == NECP_KERNEL_POLICY_RESULT_DROP) {
4516 // If we are forced to drop the client, defunct it if it has flows
4517 necp_defunct_client_for_policy(client, defunct_list);
4518 }
4519
4520 // Recalculate flags
4521 if (parsed_parameters->flags & NECP_CLIENT_PARAMETER_FLAG_LISTENER) {
4522 // Listeners are valid as long as they aren't dropped
4523 if (result.routing_result != NECP_KERNEL_POLICY_RESULT_DROP) {
4524 flags |= NECP_CLIENT_RESULT_FLAG_SATISFIED;
4525 }
4526 } else if (result.routed_interface_index != 0) {
4527 // Clients without flows determine viability based on having some routable interface
4528 flags |= NECP_CLIENT_RESULT_FLAG_SATISFIED;
4529 }
4530
4531 bool updated = FALSE;
4532 u_int8_t *cursor = client->result;
4533 cursor = necp_buffer_write_tlv_if_different(cursor, NECP_CLIENT_RESULT_FLAGS, length: sizeof(flags), value: &flags, updated: &updated, buffer: client->result, buffer_length: sizeof(client->result));
4534 if (reason != 0) {
4535 cursor = necp_buffer_write_tlv_if_different(cursor, NECP_CLIENT_RESULT_REASON, length: sizeof(reason), value: &reason, updated: &updated, buffer: client->result, buffer_length: sizeof(client->result));
4536 }
4537 cursor = necp_buffer_write_tlv_if_different(cursor, NECP_CLIENT_RESULT_CLIENT_ID, length: sizeof(uuid_t), value: client->client_id, updated: &updated,
4538 buffer: client->result, buffer_length: sizeof(client->result));
4539 cursor = necp_buffer_write_tlv_if_different(cursor, NECP_CLIENT_RESULT_POLICY_RESULT, length: sizeof(result.routing_result), value: &result.routing_result, updated: &updated,
4540 buffer: client->result, buffer_length: sizeof(client->result));
4541 if (result.routing_result_parameter.tunnel_interface_index != 0) {
4542 cursor = necp_buffer_write_tlv_if_different(cursor, NECP_CLIENT_RESULT_POLICY_RESULT_PARAMETER,
4543 length: sizeof(result.routing_result_parameter), value: &result.routing_result_parameter, updated: &updated,
4544 buffer: client->result, buffer_length: sizeof(client->result));
4545 }
4546 if (result.filter_control_unit != 0) {
4547 cursor = necp_buffer_write_tlv_if_different(cursor, NECP_CLIENT_RESULT_FILTER_CONTROL_UNIT,
4548 length: sizeof(result.filter_control_unit), value: &result.filter_control_unit, updated: &updated,
4549 buffer: client->result, buffer_length: sizeof(client->result));
4550 }
4551 if (result.flow_divert_aggregate_unit != 0) {
4552 cursor = necp_buffer_write_tlv_if_different(cursor, NECP_CLIENT_RESULT_FLOW_DIVERT_AGGREGATE_UNIT,
4553 length: sizeof(result.flow_divert_aggregate_unit), value: &result.flow_divert_aggregate_unit, updated: &updated,
4554 buffer: client->result, buffer_length: sizeof(client->result));
4555 }
4556 if (result.routed_interface_index != 0) {
4557 u_int routed_interface_index = result.routed_interface_index;
4558 if (result.routing_result == NECP_KERNEL_POLICY_RESULT_IP_TUNNEL &&
4559 (parsed_parameters->valid_fields & NECP_PARSED_PARAMETERS_REQUIRED_FIELDS) &&
4560 parsed_parameters->required_interface_index != IFSCOPE_NONE &&
4561 parsed_parameters->required_interface_index != result.routed_interface_index) {
4562 routed_interface_index = parsed_parameters->required_interface_index;
4563 }
4564
4565 cursor = necp_buffer_write_tlv_if_different(cursor, NECP_CLIENT_RESULT_INTERFACE_INDEX,
4566 length: sizeof(routed_interface_index), value: &routed_interface_index, updated: &updated,
4567 buffer: client->result, buffer_length: sizeof(client->result));
4568 }
4569 if (client_fd && client_fd->flags & NECP_OPEN_FLAG_BACKGROUND) {
4570 u_int32_t effective_traffic_class = SO_TC_BK_SYS;
4571 cursor = necp_buffer_write_tlv_if_different(cursor, NECP_CLIENT_RESULT_EFFECTIVE_TRAFFIC_CLASS,
4572 length: sizeof(effective_traffic_class), value: &effective_traffic_class, updated: &updated,
4573 buffer: client->result, buffer_length: sizeof(client->result));
4574 }
4575
4576 if (client_fd->background) {
4577 bool has_assigned_flow = FALSE;
4578 struct necp_client_flow_registration *flow_registration = NULL;
4579 struct necp_client_flow *search_flow = NULL;
4580 RB_FOREACH(flow_registration, _necp_client_flow_tree, &client->flow_registrations) {
4581 LIST_FOREACH(search_flow, &flow_registration->flow_list, flow_chain) {
4582 if (search_flow->assigned) {
4583 has_assigned_flow = TRUE;
4584 break;
4585 }
4586 }
4587 }
4588
4589 if (has_assigned_flow) {
4590 u_int32_t background = client_fd->background;
4591 cursor = necp_buffer_write_tlv_if_different(cursor, NECP_CLIENT_RESULT_TRAFFIC_MGMT_BG,
4592 length: sizeof(background), value: &background, updated: &updated,
4593 buffer: client->result, buffer_length: sizeof(client->result));
4594 }
4595 }
4596
4597 bool write_v4_gateway = !necp_client_endpoint_is_unspecified(endpoint: &v4_gateway);
4598 bool write_v6_gateway = !necp_client_endpoint_is_unspecified(endpoint: &v6_gateway);
4599
4600 NECP_CLIENT_ROUTE_LOCK(client);
4601 if (client->current_route != NULL) {
4602 const u_int32_t route_mtu = get_maxmtu(client->current_route);
4603 if (route_mtu != 0) {
4604 cursor = necp_buffer_write_tlv_if_different(cursor, NECP_CLIENT_RESULT_EFFECTIVE_MTU,
4605 length: sizeof(route_mtu), value: &route_mtu, updated: &updated,
4606 buffer: client->result, buffer_length: sizeof(client->result));
4607 }
4608 bool has_remote_addr = parsed_parameters->valid_fields & NECP_PARSED_PARAMETERS_FIELD_REMOTE_ADDR;
4609 if (has_remote_addr && client->current_route->rt_gateway != NULL) {
4610 if (client->current_route->rt_gateway->sa_family == AF_INET) {
4611 write_v6_gateway = false;
4612 } else if (client->current_route->rt_gateway->sa_family == AF_INET6) {
4613 write_v4_gateway = false;
4614 }
4615 }
4616 }
4617 NECP_CLIENT_ROUTE_UNLOCK(client);
4618
4619 if (write_v4_gateway) {
4620 cursor = necp_buffer_write_tlv_if_different(cursor, NECP_CLIENT_RESULT_GATEWAY,
4621 length: sizeof(struct necp_client_endpoint), value: &v4_gateway, updated: &updated,
4622 buffer: client->result, buffer_length: sizeof(client->result));
4623 }
4624
4625 if (write_v6_gateway) {
4626 cursor = necp_buffer_write_tlv_if_different(cursor, NECP_CLIENT_RESULT_GATEWAY,
4627 length: sizeof(struct necp_client_endpoint), value: &v6_gateway, updated: &updated,
4628 buffer: client->result, buffer_length: sizeof(client->result));
4629 }
4630
4631 for (int i = 0; i < NAT64_MAX_NUM_PREFIXES; i++) {
4632 if (result.nat64_prefixes[i].prefix_len != 0) {
4633 cursor = necp_buffer_write_tlv_if_different(cursor, NECP_CLIENT_RESULT_NAT64,
4634 length: sizeof(result.nat64_prefixes), value: result.nat64_prefixes, updated: &updated,
4635 buffer: client->result, buffer_length: sizeof(client->result));
4636 break;
4637 }
4638 }
4639
4640 if (result.mss_recommended != 0) {
4641 cursor = necp_buffer_write_tlv_if_different(cursor, NECP_CLIENT_RESULT_RECOMMENDED_MSS,
4642 length: sizeof(result.mss_recommended), value: &result.mss_recommended, updated: &updated,
4643 buffer: client->result, buffer_length: sizeof(client->result));
4644 }
4645
4646 for (int i = 0; i < NECP_MAX_NETAGENTS; i++) {
4647 if (uuid_is_null(uu: result.netagents[i])) {
4648 break;
4649 }
4650 if (result.netagent_use_flags[i] & NECP_AGENT_USE_FLAG_REMOVE) {
4651 // A removed agent, ignore
4652 continue;
4653 }
4654 uuid_copy(dst: netagent.netagent_uuid, src: result.netagents[i]);
4655 netagent.generation = netagent_get_generation(uuid: netagent.netagent_uuid);
4656 if (necp_netagent_applies_to_client(client, parameters: parsed_parameters, netagent_uuid: &netagent.netagent_uuid, TRUE, interface_index: 0, interface_generation: 0)) {
4657 cursor = necp_buffer_write_tlv_if_different(cursor, NECP_CLIENT_RESULT_NETAGENT, length: sizeof(netagent), value: &netagent, updated: &updated,
4658 buffer: client->result, buffer_length: sizeof(client->result));
4659 }
4660 }
4661
4662 ifnet_head_lock_shared();
4663 ifnet_t direct_interface = NULL;
4664 ifnet_t delegate_interface = NULL;
4665 ifnet_t original_scoped_interface = NULL;
4666
4667 if (result.routed_interface_index != IFSCOPE_NONE && result.routed_interface_index <= (u_int32_t)if_index) {
4668 direct_interface = ifindex2ifnet[result.routed_interface_index];
4669 } else if (parsed_parameters->required_interface_index != IFSCOPE_NONE &&
4670 parsed_parameters->required_interface_index <= (u_int32_t)if_index) {
4671 // If the request was scoped, but the route didn't match, still grab the agents
4672 direct_interface = ifindex2ifnet[parsed_parameters->required_interface_index];
4673 } else if (result.routed_interface_index == IFSCOPE_NONE &&
4674 result.routing_result == NECP_KERNEL_POLICY_RESULT_SOCKET_SCOPED &&
4675 result.routing_result_parameter.scoped_interface_index != IFSCOPE_NONE) {
4676 direct_interface = ifindex2ifnet[result.routing_result_parameter.scoped_interface_index];
4677 }
4678 if (direct_interface != NULL) {
4679 delegate_interface = direct_interface->if_delegated.ifp;
4680 }
4681 if (result.routing_result == NECP_KERNEL_POLICY_RESULT_IP_TUNNEL &&
4682 (parsed_parameters->valid_fields & NECP_PARSED_PARAMETERS_REQUIRED_FIELDS) &&
4683 parsed_parameters->required_interface_index != IFSCOPE_NONE &&
4684 parsed_parameters->required_interface_index != result.routing_result_parameter.tunnel_interface_index &&
4685 parsed_parameters->required_interface_index <= (u_int32_t)if_index) {
4686 original_scoped_interface = ifindex2ifnet[parsed_parameters->required_interface_index];
4687 }
4688 // Add interfaces
4689 if (original_scoped_interface != NULL) {
4690 struct necp_client_result_interface interface_struct;
4691 interface_struct.index = original_scoped_interface->if_index;
4692 interface_struct.generation = ifnet_get_generation(original_scoped_interface);
4693 cursor = necp_buffer_write_tlv_if_different(cursor, NECP_CLIENT_RESULT_INTERFACE, length: sizeof(interface_struct), value: &interface_struct, updated: &updated,
4694 buffer: client->result, buffer_length: sizeof(client->result));
4695 }
4696 if (direct_interface != NULL) {
4697 struct necp_client_result_interface interface_struct;
4698 interface_struct.index = direct_interface->if_index;
4699 interface_struct.generation = ifnet_get_generation(direct_interface);
4700 cursor = necp_buffer_write_tlv_if_different(cursor, NECP_CLIENT_RESULT_INTERFACE, length: sizeof(interface_struct), value: &interface_struct, updated: &updated,
4701 buffer: client->result, buffer_length: sizeof(client->result));
4702
4703 // Set the delta time since interface up/down
4704 struct timeval updown_delta = {};
4705 if (ifnet_updown_delta(interface: direct_interface, updown_delta: &updown_delta) == 0) {
4706 u_int32_t delta = updown_delta.tv_sec;
4707 bool ignore_updated = FALSE;
4708 cursor = necp_buffer_write_tlv_if_different(cursor, NECP_CLIENT_RESULT_INTERFACE_TIME_DELTA,
4709 length: sizeof(delta), value: &delta, updated: &ignore_updated,
4710 buffer: client->result, buffer_length: sizeof(client->result));
4711 }
4712 }
4713 if (delegate_interface != NULL) {
4714 struct necp_client_result_interface interface_struct;
4715 interface_struct.index = delegate_interface->if_index;
4716 interface_struct.generation = ifnet_get_generation(delegate_interface);
4717 cursor = necp_buffer_write_tlv_if_different(cursor, NECP_CLIENT_RESULT_INTERFACE, length: sizeof(interface_struct), value: &interface_struct, updated: &updated,
4718 buffer: client->result, buffer_length: sizeof(client->result));
4719 }
4720
4721 // Update multipath/listener interface flows
4722 if (parsed_parameters->flags & NECP_CLIENT_PARAMETER_FLAG_MULTIPATH) {
4723 // Add the interface option for the routed interface first
4724 if (direct_interface != NULL) {
4725 // Add nexus agent
4726 necp_client_add_agent_interface_options(client, parsed_parameters, ifp: direct_interface);
4727
4728 // Add interface option in case it is not a nexus
4729 necp_client_add_interface_option_if_needed(client, interface_index: direct_interface->if_index,
4730 interface_generation: ifnet_get_generation(direct_interface), NULL, false);
4731 }
4732 if (parsed_parameters->flags & NECP_CLIENT_PARAMETER_FLAG_INBOUND) {
4733 // For inbound multipath, add from the global list (like a listener)
4734 struct ifnet *multi_interface = NULL;
4735 TAILQ_FOREACH(multi_interface, &ifnet_head, if_link) {
4736 if ((multi_interface->if_flags & (IFF_UP | IFF_RUNNING)) &&
4737 necp_ifnet_matches_parameters(ifp: multi_interface, parsed_parameters, override_flags: 0, NULL, true, false)) {
4738 // Add nexus agents for inbound multipath
4739 necp_client_add_agent_interface_options(client, parsed_parameters, ifp: multi_interface);
4740 }
4741 }
4742 } else {
4743 // Get other multipath interface options from ordered list
4744 struct ifnet *multi_interface = NULL;
4745 TAILQ_FOREACH(multi_interface, &ifnet_ordered_head, if_ordered_link) {
4746 if (multi_interface != direct_interface &&
4747 necp_ifnet_matches_parameters(ifp: multi_interface, parsed_parameters, override_flags: 0, NULL, true, false)) {
4748 // Add nexus agents for multipath
4749 necp_client_add_agent_interface_options(client, parsed_parameters, ifp: multi_interface);
4750
4751 // Add multipath interface flows for kernel MPTCP
4752 necp_client_add_interface_option_if_needed(client, interface_index: multi_interface->if_index,
4753 interface_generation: ifnet_get_generation(multi_interface), NULL, false);
4754 }
4755 }
4756 }
4757 } else if (parsed_parameters->flags & NECP_CLIENT_PARAMETER_FLAG_LISTENER) {
4758 if (result.routing_result == NECP_KERNEL_POLICY_RESULT_SOCKET_SCOPED) {
4759 if (direct_interface != NULL) {
4760 // If scoped, only listen on that interface
4761 // Add nexus agents for listeners
4762 necp_client_add_agent_interface_options(client, parsed_parameters, ifp: direct_interface);
4763
4764 // Add interface option in case it is not a nexus
4765 necp_client_add_interface_option_if_needed(client, interface_index: direct_interface->if_index,
4766 interface_generation: ifnet_get_generation(direct_interface), NULL, false);
4767 }
4768 } else {
4769 // Get listener interface options from global list
4770 struct ifnet *listen_interface = NULL;
4771 TAILQ_FOREACH(listen_interface, &ifnet_head, if_link) {
4772 if ((listen_interface->if_flags & (IFF_UP | IFF_RUNNING)) &&
4773 necp_ifnet_matches_parameters(ifp: listen_interface, parsed_parameters, override_flags: 0, NULL, true, false)) {
4774 // Add nexus agents for listeners
4775 necp_client_add_agent_interface_options(client, parsed_parameters, ifp: listen_interface);
4776 }
4777 }
4778 }
4779 } else if (parsed_parameters->flags & NECP_CLIENT_PARAMETER_FLAG_BROWSE) {
4780 if (result.routing_result == NECP_KERNEL_POLICY_RESULT_SOCKET_SCOPED && originally_scoped) {
4781 if (direct_interface != NULL) {
4782 // Add browse option if it has an agent
4783 necp_client_add_browse_interface_options(client, parsed_parameters, ifp: direct_interface);
4784 }
4785 } else {
4786 // Get browse interface options from global list
4787 struct ifnet *browse_interface = NULL;
4788 TAILQ_FOREACH(browse_interface, &ifnet_head, if_link) {
4789 if (necp_ifnet_matches_parameters(ifp: browse_interface, parsed_parameters, override_flags: 0, NULL, true, false)) {
4790 necp_client_add_browse_interface_options(client, parsed_parameters, ifp: browse_interface);
4791 }
4792 }
4793 }
4794 }
4795
4796 struct necp_client_result_estimated_throughput throughput = {
4797 .up = 0,
4798 .down = 0,
4799 };
4800
4801 // Add agents
4802 if (original_scoped_interface != NULL) {
4803 ifnet_lock_shared(ifp: original_scoped_interface);
4804 if (original_scoped_interface->if_agentids != NULL) {
4805 for (u_int32_t i = 0; i < original_scoped_interface->if_agentcount; i++) {
4806 if (uuid_is_null(uu: original_scoped_interface->if_agentids[i])) {
4807 continue;
4808 }
4809 bool skip_agent = false;
4810 for (int j = 0; j < NECP_MAX_NETAGENTS; j++) {
4811 if (uuid_is_null(uu: result.netagents[j])) {
4812 break;
4813 }
4814 if ((result.netagent_use_flags[j] & NECP_AGENT_USE_FLAG_REMOVE) &&
4815 uuid_compare(uu1: original_scoped_interface->if_agentids[i], uu2: result.netagents[j]) == 0) {
4816 skip_agent = true;
4817 break;
4818 }
4819 }
4820 if (skip_agent) {
4821 continue;
4822 }
4823 uuid_copy(dst: netagent.netagent_uuid, src: original_scoped_interface->if_agentids[i]);
4824 netagent.generation = netagent_get_generation(uuid: netagent.netagent_uuid);
4825 if (necp_netagent_applies_to_client(client, parameters: parsed_parameters, netagent_uuid: &netagent.netagent_uuid, FALSE,
4826 interface_index: original_scoped_interface->if_index, interface_generation: ifnet_get_generation(original_scoped_interface))) {
4827 cursor = necp_buffer_write_tlv_if_different(cursor, NECP_CLIENT_RESULT_NETAGENT, length: sizeof(netagent), value: &netagent, updated: &updated,
4828 buffer: client->result, buffer_length: sizeof(client->result));
4829 }
4830 }
4831 }
4832 ifnet_lock_done(ifp: original_scoped_interface);
4833 }
4834 if (direct_interface != NULL) {
4835 ifnet_lock_shared(ifp: direct_interface);
4836 throughput.up = direct_interface->if_estimated_up_bucket;
4837 throughput.down = direct_interface->if_estimated_down_bucket;
4838 if (direct_interface->if_agentids != NULL) {
4839 for (u_int32_t i = 0; i < direct_interface->if_agentcount; i++) {
4840 if (uuid_is_null(uu: direct_interface->if_agentids[i])) {
4841 continue;
4842 }
4843 bool skip_agent = false;
4844 for (int j = 0; j < NECP_MAX_NETAGENTS; j++) {
4845 if (uuid_is_null(uu: result.netagents[j])) {
4846 break;
4847 }
4848 if ((result.netagent_use_flags[j] & NECP_AGENT_USE_FLAG_REMOVE) &&
4849 uuid_compare(uu1: direct_interface->if_agentids[i], uu2: result.netagents[j]) == 0) {
4850 skip_agent = true;
4851 break;
4852 }
4853 }
4854 if (skip_agent) {
4855 continue;
4856 }
4857 uuid_copy(dst: netagent.netagent_uuid, src: direct_interface->if_agentids[i]);
4858 netagent.generation = netagent_get_generation(uuid: netagent.netagent_uuid);
4859 if (necp_netagent_applies_to_client(client, parameters: parsed_parameters, netagent_uuid: &netagent.netagent_uuid, TRUE,
4860 interface_index: direct_interface->if_index, interface_generation: ifnet_get_generation(direct_interface))) {
4861 cursor = necp_buffer_write_tlv_if_different(cursor, NECP_CLIENT_RESULT_NETAGENT, length: sizeof(netagent), value: &netagent, updated: &updated,
4862 buffer: client->result, buffer_length: sizeof(client->result));
4863 }
4864 }
4865 }
4866 ifnet_lock_done(ifp: direct_interface);
4867 }
4868 if (delegate_interface != NULL) {
4869 ifnet_lock_shared(ifp: delegate_interface);
4870 if (throughput.up == 0 && throughput.down == 0) {
4871 throughput.up = delegate_interface->if_estimated_up_bucket;
4872 throughput.down = delegate_interface->if_estimated_down_bucket;
4873 }
4874 if (delegate_interface->if_agentids != NULL) {
4875 for (u_int32_t i = 0; i < delegate_interface->if_agentcount; i++) {
4876 if (uuid_is_null(uu: delegate_interface->if_agentids[i])) {
4877 continue;
4878 }
4879 bool skip_agent = false;
4880 for (int j = 0; j < NECP_MAX_NETAGENTS; j++) {
4881 if (uuid_is_null(uu: result.netagents[j])) {
4882 break;
4883 }
4884 if ((result.netagent_use_flags[j] & NECP_AGENT_USE_FLAG_REMOVE) &&
4885 uuid_compare(uu1: delegate_interface->if_agentids[i], uu2: result.netagents[j]) == 0) {
4886 skip_agent = true;
4887 break;
4888 }
4889 }
4890 if (skip_agent) {
4891 continue;
4892 }
4893 uuid_copy(dst: netagent.netagent_uuid, src: delegate_interface->if_agentids[i]);
4894 netagent.generation = netagent_get_generation(uuid: netagent.netagent_uuid);
4895 if (necp_netagent_applies_to_client(client, parameters: parsed_parameters, netagent_uuid: &netagent.netagent_uuid, FALSE,
4896 interface_index: delegate_interface->if_index, interface_generation: ifnet_get_generation(delegate_interface))) {
4897 cursor = necp_buffer_write_tlv_if_different(cursor, NECP_CLIENT_RESULT_NETAGENT, length: sizeof(netagent), value: &netagent, updated: &updated,
4898 buffer: client->result, buffer_length: sizeof(client->result));
4899 }
4900 }
4901 }
4902 ifnet_lock_done(ifp: delegate_interface);
4903 }
4904 ifnet_head_done();
4905
4906 if (throughput.up != 0 || throughput.down != 0) {
4907 cursor = necp_buffer_write_tlv_if_different(cursor, NECP_CLIENT_RESULT_ESTIMATED_THROUGHPUT,
4908 length: sizeof(throughput), value: &throughput, updated: &updated, buffer: client->result, buffer_length: sizeof(client->result));
4909 }
4910
4911 // Add interface options
4912 for (u_int32_t option_i = 0; option_i < client->interface_option_count; option_i++) {
4913 if (option_i < NECP_CLIENT_INTERFACE_OPTION_STATIC_COUNT) {
4914 struct necp_client_interface_option *option = &client->interface_options[option_i];
4915 cursor = necp_buffer_write_tlv_if_different(cursor, NECP_CLIENT_RESULT_INTERFACE_OPTION, length: sizeof(*option), value: option, updated: &updated,
4916 buffer: client->result, buffer_length: sizeof(client->result));
4917 } else {
4918 struct necp_client_interface_option *option = &client->extra_interface_options[option_i - NECP_CLIENT_INTERFACE_OPTION_STATIC_COUNT];
4919 cursor = necp_buffer_write_tlv_if_different(cursor, NECP_CLIENT_RESULT_INTERFACE_OPTION, length: sizeof(*option), value: option, updated: &updated,
4920 buffer: client->result, buffer_length: sizeof(client->result));
4921 }
4922 }
4923
4924 size_t new_result_length = (cursor - client->result);
4925 if (new_result_length != client->result_length) {
4926 client->result_length = new_result_length;
4927 updated = TRUE;
4928 }
4929
4930 // Update flow viability/flags
4931 if (necp_client_update_flows(proc, client, defunct_list)) {
4932 updated = TRUE;
4933 }
4934
4935 if (updated) {
4936 client->result_read = FALSE;
4937 necp_client_update_observer_update(client);
4938 }
4939
4940 kfree_type(struct necp_client_parsed_parameters, parsed_parameters);
4941 return updated;
4942}
4943
4944static bool
4945necp_defunct_client_fd_locked_inner(struct necp_fd_data *client_fd, struct _necp_flow_defunct_list *defunct_list, bool destroy_stats)
4946{
4947 bool updated_result = FALSE;
4948 struct necp_client *client = NULL;
4949
4950 NECP_FD_ASSERT_LOCKED(client_fd);
4951
4952 RB_FOREACH(client, _necp_client_tree, &client_fd->clients) {
4953 struct necp_client_flow_registration *flow_registration = NULL;
4954
4955 NECP_CLIENT_LOCK(client);
4956
4957 // Prepare close events to be sent to the nexus to effectively remove the flows
4958 struct necp_client_flow *search_flow = NULL;
4959 RB_FOREACH(flow_registration, _necp_client_flow_tree, &client->flow_registrations) {
4960 LIST_FOREACH(search_flow, &flow_registration->flow_list, flow_chain) {
4961 if (search_flow->nexus &&
4962 !uuid_is_null(uu: search_flow->u.nexus_agent)) {
4963 // Sleeping alloc won't fail; copy only what's necessary
4964 struct necp_flow_defunct *flow_defunct = kalloc_type(struct necp_flow_defunct, Z_WAITOK | Z_ZERO);
4965 uuid_copy(dst: flow_defunct->nexus_agent, src: search_flow->u.nexus_agent);
4966 uuid_copy(dst: flow_defunct->flow_id, src: ((flow_registration->flags & NECP_CLIENT_FLOW_FLAGS_USE_CLIENT_ID) ?
4967 client->client_id :
4968 flow_registration->registration_id));
4969 flow_defunct->proc_pid = client->proc_pid;
4970 flow_defunct->agent_handle = client->agent_handle;
4971 flow_defunct->flags = flow_registration->flags;
4972#if SKYWALK
4973 if (flow_registration->kstats_kaddr != NULL) {
4974 struct necp_all_stats *ustats_kaddr = ((struct necp_all_kstats *)flow_registration->kstats_kaddr)->necp_stats_ustats;
4975 struct necp_quic_stats *quicstats = (struct necp_quic_stats *)ustats_kaddr;
4976 if (quicstats != NULL &&
4977 quicstats->necp_quic_udp_stats.necp_udp_hdr.necp_stats_type == NECP_CLIENT_STATISTICS_TYPE_QUIC) {
4978 memcpy(dst: flow_defunct->close_parameters.u.close_token, src: quicstats->necp_quic_extra.ssr_token, n: sizeof(flow_defunct->close_parameters.u.close_token));
4979 flow_defunct->has_close_parameters = true;
4980 }
4981 }
4982#endif /* SKYWALK */
4983 // Add to the list provided by caller
4984 LIST_INSERT_HEAD(defunct_list, flow_defunct, chain);
4985
4986 flow_registration->defunct = true;
4987 flow_registration->flow_result_read = false;
4988 updated_result = true;
4989 }
4990 }
4991 }
4992 if (destroy_stats) {
4993#if SKYWALK
4994 // Free any remaining stats objects back to the arena where they came from;
4995 // do this independent of the above defunct check, as the client may have
4996 // been marked as defunct separately via necp_defunct_client_for_policy().
4997 RB_FOREACH(flow_registration, _necp_client_flow_tree, &client->flow_registrations) {
4998 necp_destroy_flow_stats(fd_data: client_fd, flow_registration, NULL, FALSE);
4999 }
5000#endif /* SKYWALK */
5001 }
5002 NECP_CLIENT_UNLOCK(client);
5003 }
5004
5005 return updated_result;
5006}
5007
5008static inline void
5009necp_defunct_client_fd_locked(struct necp_fd_data *client_fd, struct _necp_flow_defunct_list *defunct_list, struct proc *proc)
5010{
5011#pragma unused(proc)
5012 bool updated_result = FALSE;
5013
5014 NECP_FD_ASSERT_LOCKED(client_fd);
5015#if SKYWALK
5016 // redirect regions of currently-active stats arena to zero-filled pages
5017 struct necp_arena_info *nai = necp_fd_mredirect_stats_arena(fd_data: client_fd, proc);
5018#endif /* SKYWALK */
5019
5020 updated_result = necp_defunct_client_fd_locked_inner(client_fd, defunct_list, true);
5021
5022#if SKYWALK
5023 // and tear down the currently-active arena's regions now that the redirection and freeing are done
5024 if (nai != NULL) {
5025 ASSERT((nai->nai_flags & (NAIF_REDIRECT | NAIF_DEFUNCT)) == NAIF_REDIRECT);
5026 ASSERT(nai->nai_arena != NULL);
5027 ASSERT(nai->nai_mmap.ami_mapref != NULL);
5028
5029 int err = skmem_arena_defunct(nai->nai_arena);
5030 VERIFY(err == 0);
5031
5032 nai->nai_flags |= NAIF_DEFUNCT;
5033 }
5034#endif /* SKYWALK */
5035
5036 if (updated_result) {
5037 necp_fd_notify(fd_data: client_fd, true);
5038 }
5039}
5040
5041static inline void
5042necp_update_client_fd_locked(struct necp_fd_data *client_fd,
5043 proc_t proc,
5044 struct _necp_flow_defunct_list *defunct_list)
5045{
5046 struct necp_client *client = NULL;
5047 bool updated_result = FALSE;
5048 NECP_FD_ASSERT_LOCKED(client_fd);
5049 RB_FOREACH(client, _necp_client_tree, &client_fd->clients) {
5050 NECP_CLIENT_LOCK(client);
5051 if (necp_update_client_result(proc, client_fd, client, defunct_list)) {
5052 updated_result = TRUE;
5053 }
5054 NECP_CLIENT_UNLOCK(client);
5055 }
5056
5057 // Check if this PID needs to request in-process flow divert
5058 NECP_FD_LIST_ASSERT_LOCKED();
5059 for (int i = 0; i < NECP_MAX_FLOW_DIVERT_NEEDED_PIDS; i++) {
5060 if (necp_flow_divert_needed_pids[i] == 0) {
5061 break;
5062 }
5063 if (necp_flow_divert_needed_pids[i] == client_fd->proc_pid) {
5064 client_fd->request_in_process_flow_divert = true;
5065 break;
5066 }
5067 }
5068
5069 if (updated_result || client_fd->request_in_process_flow_divert) {
5070 necp_fd_notify(fd_data: client_fd, true);
5071 }
5072}
5073
5074#if SKYWALK
5075static void
5076necp_close_empty_arenas_callout(__unused thread_call_param_t dummy,
5077 __unused thread_call_param_t arg)
5078{
5079 struct necp_fd_data *client_fd = NULL;
5080
5081 NECP_FD_LIST_LOCK_SHARED();
5082
5083 LIST_FOREACH(client_fd, &necp_fd_list, chain) {
5084 NECP_FD_LOCK(client_fd);
5085 necp_stats_arenas_destroy(fd_data: client_fd, FALSE);
5086 NECP_FD_UNLOCK(client_fd);
5087 }
5088
5089 NECP_FD_LIST_UNLOCK();
5090}
5091#endif /* SKYWALK */
5092
5093static void
5094necp_update_all_clients_callout(__unused thread_call_param_t dummy,
5095 __unused thread_call_param_t arg)
5096{
5097 struct necp_fd_data *client_fd = NULL;
5098
5099 NECP_UPDATE_ALL_CLIENTS_LOCK_EXCLUSIVE();
5100 uint32_t count = necp_update_all_clients_sched_cnt;
5101 necp_update_all_clients_sched_cnt = 0;
5102 necp_update_all_clients_sched_abstime = 0;
5103 NECP_UPDATE_ALL_CLIENTS_UNLOCK();
5104
5105 if (necp_debug > 0) {
5106 NECPLOG(LOG_DEBUG,
5107 "necp_update_all_clients_callout running for coalesced %u updates",
5108 count);
5109 }
5110
5111 struct _necp_flow_defunct_list defunct_list;
5112 LIST_INIT(&defunct_list);
5113
5114 NECP_FD_LIST_LOCK_SHARED();
5115
5116 LIST_FOREACH(client_fd, &necp_fd_list, chain) {
5117 proc_t proc = proc_find(pid: client_fd->proc_pid);
5118 if (proc == PROC_NULL) {
5119 continue;
5120 }
5121
5122 // Update all clients on one fd
5123 NECP_FD_LOCK(client_fd);
5124 necp_update_client_fd_locked(client_fd, proc, defunct_list: &defunct_list);
5125 NECP_FD_UNLOCK(client_fd);
5126
5127 proc_rele(p: proc);
5128 proc = PROC_NULL;
5129 }
5130
5131 // Reset the necp_flow_divert_needed_pids list
5132 for (int i = 0; i < NECP_MAX_FLOW_DIVERT_NEEDED_PIDS; i++) {
5133 necp_flow_divert_needed_pids[i] = 0;
5134 }
5135
5136 NECP_FD_LIST_UNLOCK();
5137
5138 // Handle the case in which some clients became newly defunct
5139 necp_process_defunct_list(defunct_list: &defunct_list);
5140}
5141
5142void
5143necp_update_all_clients(void)
5144{
5145 necp_update_all_clients_immediately_if_needed(false);
5146}
5147
5148void
5149necp_update_all_clients_immediately_if_needed(bool should_update_immediately)
5150{
5151 if (necp_client_update_tcall == NULL) {
5152 // Don't try to update clients if the module is not initialized
5153 return;
5154 }
5155
5156 uint64_t deadline = 0;
5157 uint64_t leeway = 0;
5158
5159 uint32_t timeout_to_use = necp_timeout_microseconds;
5160 uint32_t leeway_to_use = necp_timeout_leeway_microseconds;
5161 if (should_update_immediately) {
5162 timeout_to_use = 1000 * 10; // 10ms
5163 leeway_to_use = 1000 * 10; // 10ms;
5164 }
5165
5166 clock_interval_to_deadline(interval: timeout_to_use, NSEC_PER_USEC, result: &deadline);
5167 clock_interval_to_absolutetime_interval(interval: leeway_to_use, NSEC_PER_USEC, result: &leeway);
5168
5169 NECP_UPDATE_ALL_CLIENTS_LOCK_EXCLUSIVE();
5170 bool need_cancel = false;
5171 bool need_schedule = true;
5172 uint64_t sched_abstime;
5173
5174 clock_absolutetime_interval_to_deadline(abstime: deadline + leeway, result: &sched_abstime);
5175
5176 /*
5177 * Do not push the timer if it is already scheduled
5178 */
5179 if (necp_update_all_clients_sched_abstime != 0) {
5180 need_schedule = false;
5181
5182 if (should_update_immediately) {
5183 /*
5184 * To update immediately we may have to cancel the current timer
5185 * if it's scheduled too far out.
5186 */
5187 if (necp_update_all_clients_sched_abstime > sched_abstime) {
5188 need_cancel = true;
5189 need_schedule = true;
5190 }
5191 }
5192 }
5193
5194 /*
5195 * Record the time of the deadline with leeway
5196 */
5197 if (need_schedule) {
5198 necp_update_all_clients_sched_abstime = sched_abstime;
5199 }
5200
5201 necp_update_all_clients_sched_cnt += 1;
5202 uint32_t count = necp_update_all_clients_sched_cnt;
5203 NECP_UPDATE_ALL_CLIENTS_UNLOCK();
5204
5205 if (need_schedule) {
5206 /*
5207 * Wait if the thread call is currently executing to make sure the
5208 * next update will be delivered to all clients
5209 */
5210 if (need_cancel) {
5211 (void) thread_call_cancel_wait(call: necp_client_update_tcall);
5212 }
5213
5214 (void) thread_call_enter_delayed_with_leeway(call: necp_client_update_tcall, NULL,
5215 deadline, leeway, THREAD_CALL_DELAY_LEEWAY);
5216 }
5217 if (necp_debug > 0) {
5218 NECPLOG(LOG_DEBUG,
5219 "necp_update_all_clients immediate %s update %u",
5220 should_update_immediately ? "true" : "false", count);
5221 }
5222}
5223
5224bool
5225necp_set_client_as_background(proc_t proc,
5226 struct fileproc *fp,
5227 bool background)
5228{
5229 if (proc == PROC_NULL) {
5230 NECPLOG0(LOG_ERR, "NULL proc");
5231 return FALSE;
5232 }
5233
5234 if (fp == NULL) {
5235 NECPLOG0(LOG_ERR, "NULL fp");
5236 return FALSE;
5237 }
5238
5239 struct necp_fd_data *client_fd = (struct necp_fd_data *)fp_get_data(fp);
5240 if (client_fd == NULL) {
5241 NECPLOG0(LOG_ERR, "Could not find client structure for backgrounded client");
5242 return FALSE;
5243 }
5244
5245 if (client_fd->necp_fd_type != necp_fd_type_client) {
5246 // Not a client fd, ignore
5247 NECPLOG0(LOG_ERR, "Not a client fd, ignore");
5248 return FALSE;
5249 }
5250
5251 client_fd->background = background;
5252
5253 return TRUE;
5254}
5255
5256void
5257necp_fd_memstatus(proc_t proc, uint32_t status,
5258 struct necp_fd_data *client_fd)
5259{
5260#pragma unused(proc, status, client_fd)
5261 ASSERT(proc != PROC_NULL);
5262 ASSERT(client_fd != NULL);
5263
5264 // Nothing to reap for the process or client for now,
5265 // but this is where we would trigger that in future.
5266}
5267
5268void
5269necp_fd_defunct(proc_t proc, struct necp_fd_data *client_fd)
5270{
5271 struct _necp_flow_defunct_list defunct_list;
5272
5273 ASSERT(proc != PROC_NULL);
5274 ASSERT(client_fd != NULL);
5275
5276 if (client_fd->necp_fd_type != necp_fd_type_client) {
5277 // Not a client fd, ignore
5278 return;
5279 }
5280
5281 // Our local temporary list
5282 LIST_INIT(&defunct_list);
5283
5284 // Need to hold lock so ntstats defunct the same set of clients
5285 NECP_FD_LOCK(client_fd);
5286#if SKYWALK
5287 // Shut down statistics
5288 nstats_userland_stats_defunct_for_process(pid: proc_getpid(proc));
5289#endif /* SKYWALK */
5290 necp_defunct_client_fd_locked(client_fd, defunct_list: &defunct_list, proc);
5291 NECP_FD_UNLOCK(client_fd);
5292
5293 necp_process_defunct_list(defunct_list: &defunct_list);
5294}
5295
5296void
5297necp_client_request_in_process_flow_divert(pid_t pid)
5298{
5299 if (pid == 0) {
5300 return;
5301 }
5302
5303 // Add to the list of pids that should get an update. These will
5304 // get picked up on the next thread call to update client paths.
5305 NECP_FD_LIST_LOCK_SHARED();
5306 for (int i = 0; i < NECP_MAX_FLOW_DIVERT_NEEDED_PIDS; i++) {
5307 if (necp_flow_divert_needed_pids[i] == 0) {
5308 necp_flow_divert_needed_pids[i] = pid;
5309 break;
5310 }
5311 }
5312 NECP_FD_LIST_UNLOCK();
5313}
5314
5315static void
5316necp_client_remove_agent_from_result(struct necp_client *client, uuid_t netagent_uuid)
5317{
5318 size_t offset = 0;
5319
5320 u_int8_t *result_buffer = client->result;
5321 while ((offset + sizeof(struct necp_tlv_header)) <= client->result_length) {
5322 u_int8_t type = necp_buffer_get_tlv_type(buffer: result_buffer, tlv_offset: offset);
5323 u_int32_t length = necp_buffer_get_tlv_length(buffer: result_buffer, tlv_offset: offset);
5324
5325 size_t tlv_total_length = (sizeof(struct necp_tlv_header) + length);
5326 if (type == NECP_CLIENT_RESULT_NETAGENT &&
5327 length == sizeof(struct necp_client_result_netagent) &&
5328 (offset + tlv_total_length) <= client->result_length) {
5329 struct necp_client_result_netagent *value = ((struct necp_client_result_netagent *)(void *)
5330 necp_buffer_get_tlv_value(buffer: result_buffer, tlv_offset: offset, NULL));
5331 if (uuid_compare(uu1: value->netagent_uuid, uu2: netagent_uuid) == 0) {
5332 // Found a netagent to remove
5333 // Shift bytes down to remove the tlv, and adjust total length
5334 // Don't adjust the current offset
5335 memmove(dst: result_buffer + offset,
5336 src: result_buffer + offset + tlv_total_length,
5337 n: client->result_length - (offset + tlv_total_length));
5338 client->result_length -= tlv_total_length;
5339 memset(s: result_buffer + client->result_length, c: 0, n: sizeof(client->result) - client->result_length);
5340 continue;
5341 }
5342 }
5343
5344 offset += tlv_total_length;
5345 }
5346}
5347
5348void
5349necp_force_update_client(uuid_t client_id, uuid_t remove_netagent_uuid, u_int32_t agent_generation)
5350{
5351 struct necp_fd_data *client_fd = NULL;
5352
5353 NECP_FD_LIST_LOCK_SHARED();
5354
5355 LIST_FOREACH(client_fd, &necp_fd_list, chain) {
5356 bool updated_result = FALSE;
5357 NECP_FD_LOCK(client_fd);
5358 struct necp_client *client = necp_client_fd_find_client_and_lock(client_fd, client_id);
5359 if (client != NULL) {
5360 client->failed_trigger_agent.generation = agent_generation;
5361 uuid_copy(dst: client->failed_trigger_agent.netagent_uuid, src: remove_netagent_uuid);
5362 if (!uuid_is_null(uu: remove_netagent_uuid)) {
5363 necp_client_remove_agent_from_result(client, netagent_uuid: remove_netagent_uuid);
5364 }
5365 client->result_read = FALSE;
5366 // Found the client, break
5367 updated_result = TRUE;
5368 NECP_CLIENT_UNLOCK(client);
5369 }
5370 if (updated_result) {
5371 necp_fd_notify(fd_data: client_fd, true);
5372 }
5373 NECP_FD_UNLOCK(client_fd);
5374 if (updated_result) {
5375 // Found the client, break
5376 break;
5377 }
5378 }
5379
5380 NECP_FD_LIST_UNLOCK();
5381}
5382
5383#if SKYWALK
5384void
5385necp_client_early_close(uuid_t client_id)
5386{
5387 NECP_CLIENT_TREE_LOCK_SHARED();
5388
5389 struct necp_client *client = necp_find_client_and_lock(client_id);
5390 if (client != NULL) {
5391 struct necp_client_flow_registration *flow_registration = necp_client_find_flow(client, flow_id: client_id);
5392 if (flow_registration != NULL) {
5393 // Found the right client and flow, mark the stats as over
5394 if (flow_registration->stats_handler_context != NULL) {
5395 ntstat_userland_stats_event(nstat_ctx: flow_registration->stats_handler_context,
5396 NECP_CLIENT_STATISTICS_EVENT_TIME_WAIT);
5397 }
5398 }
5399 NECP_CLIENT_UNLOCK(client);
5400 }
5401
5402 NECP_CLIENT_TREE_UNLOCK();
5403}
5404#endif /* SKYWALK */
5405
5406/// Interface matching
5407
5408#define NECP_PARSED_PARAMETERS_INTERESTING_IFNET_FIELDS (NECP_PARSED_PARAMETERS_FIELD_LOCAL_ADDR | \
5409 NECP_PARSED_PARAMETERS_FIELD_PROHIBITED_IF | \
5410 NECP_PARSED_PARAMETERS_FIELD_REQUIRED_IFTYPE | \
5411 NECP_PARSED_PARAMETERS_FIELD_PROHIBITED_IFTYPE | \
5412 NECP_PARSED_PARAMETERS_FIELD_REQUIRED_AGENT | \
5413 NECP_PARSED_PARAMETERS_FIELD_PROHIBITED_AGENT | \
5414 NECP_PARSED_PARAMETERS_FIELD_PREFERRED_AGENT | \
5415 NECP_PARSED_PARAMETERS_FIELD_AVOIDED_AGENT | \
5416 NECP_PARSED_PARAMETERS_FIELD_REQUIRED_AGENT_TYPE | \
5417 NECP_PARSED_PARAMETERS_FIELD_PROHIBITED_AGENT_TYPE | \
5418 NECP_PARSED_PARAMETERS_FIELD_PREFERRED_AGENT_TYPE | \
5419 NECP_PARSED_PARAMETERS_FIELD_AVOIDED_AGENT_TYPE)
5420
5421#define NECP_PARSED_PARAMETERS_SCOPED_FIELDS (NECP_PARSED_PARAMETERS_FIELD_LOCAL_ADDR | \
5422 NECP_PARSED_PARAMETERS_FIELD_REQUIRED_IFTYPE | \
5423 NECP_PARSED_PARAMETERS_FIELD_REQUIRED_AGENT | \
5424 NECP_PARSED_PARAMETERS_FIELD_PREFERRED_AGENT | \
5425 NECP_PARSED_PARAMETERS_FIELD_REQUIRED_AGENT_TYPE | \
5426 NECP_PARSED_PARAMETERS_FIELD_PREFERRED_AGENT_TYPE)
5427
5428#define NECP_PARSED_PARAMETERS_SCOPED_IFNET_FIELDS (NECP_PARSED_PARAMETERS_FIELD_LOCAL_ADDR | \
5429 NECP_PARSED_PARAMETERS_FIELD_REQUIRED_IFTYPE)
5430
5431#define NECP_PARSED_PARAMETERS_PREFERRED_FIELDS (NECP_PARSED_PARAMETERS_FIELD_PREFERRED_AGENT | \
5432 NECP_PARSED_PARAMETERS_FIELD_AVOIDED_AGENT | \
5433 NECP_PARSED_PARAMETERS_FIELD_PREFERRED_AGENT_TYPE | \
5434 NECP_PARSED_PARAMETERS_FIELD_AVOIDED_AGENT_TYPE)
5435
5436static bool
5437necp_ifnet_matches_type(struct ifnet *ifp, u_int8_t interface_type, bool check_delegates)
5438{
5439 struct ifnet *check_ifp = ifp;
5440 while (check_ifp) {
5441 if (if_functional_type(check_ifp, TRUE) == interface_type) {
5442 return TRUE;
5443 }
5444 if (!check_delegates) {
5445 break;
5446 }
5447 check_ifp = check_ifp->if_delegated.ifp;
5448 }
5449 return FALSE;
5450}
5451
5452static bool
5453necp_ifnet_matches_name(struct ifnet *ifp, const char *interface_name, bool check_delegates)
5454{
5455 struct ifnet *check_ifp = ifp;
5456 while (check_ifp) {
5457 if (strncmp(s1: check_ifp->if_xname, s2: interface_name, IFXNAMSIZ) == 0) {
5458 return TRUE;
5459 }
5460 if (!check_delegates) {
5461 break;
5462 }
5463 check_ifp = check_ifp->if_delegated.ifp;
5464 }
5465 return FALSE;
5466}
5467
5468static bool
5469necp_ifnet_matches_agent(struct ifnet *ifp, uuid_t *agent_uuid, bool check_delegates)
5470{
5471 struct ifnet *check_ifp = ifp;
5472
5473 while (check_ifp != NULL) {
5474 ifnet_lock_shared(ifp: check_ifp);
5475 if (check_ifp->if_agentids != NULL) {
5476 for (u_int32_t index = 0; index < check_ifp->if_agentcount; index++) {
5477 if (uuid_compare(uu1: check_ifp->if_agentids[index], uu2: *agent_uuid) == 0) {
5478 ifnet_lock_done(ifp: check_ifp);
5479 return TRUE;
5480 }
5481 }
5482 }
5483 ifnet_lock_done(ifp: check_ifp);
5484
5485 if (!check_delegates) {
5486 break;
5487 }
5488 check_ifp = check_ifp->if_delegated.ifp;
5489 }
5490 return FALSE;
5491}
5492
5493static bool
5494necp_ifnet_matches_agent_type(struct ifnet *ifp, const char *agent_domain, const char *agent_type, bool check_delegates)
5495{
5496 struct ifnet *check_ifp = ifp;
5497
5498 while (check_ifp != NULL) {
5499 ifnet_lock_shared(ifp: check_ifp);
5500 if (check_ifp->if_agentids != NULL) {
5501 for (u_int32_t index = 0; index < check_ifp->if_agentcount; index++) {
5502 if (uuid_is_null(uu: check_ifp->if_agentids[index])) {
5503 continue;
5504 }
5505
5506 char if_agent_domain[NETAGENT_DOMAINSIZE] = { 0 };
5507 char if_agent_type[NETAGENT_TYPESIZE] = { 0 };
5508
5509 if (netagent_get_agent_domain_and_type(uuid: check_ifp->if_agentids[index], domain: if_agent_domain, type: if_agent_type)) {
5510 if (necp_agent_types_match(agent_domain1: agent_domain, agent_type1: agent_type, agent_domain2: if_agent_domain, agent_type2: if_agent_type)) {
5511 ifnet_lock_done(ifp: check_ifp);
5512 return TRUE;
5513 }
5514 }
5515 }
5516 }
5517 ifnet_lock_done(ifp: check_ifp);
5518
5519 if (!check_delegates) {
5520 break;
5521 }
5522 check_ifp = check_ifp->if_delegated.ifp;
5523 }
5524 return FALSE;
5525}
5526
5527static bool
5528necp_ifnet_matches_local_address(struct ifnet *ifp, struct sockaddr *sa)
5529{
5530 struct ifaddr *ifa = NULL;
5531 bool matched_local_address = FALSE;
5532
5533 // Transform sa into the ifaddr form
5534 // IPv6 Scope IDs are always embedded in the ifaddr list
5535 struct sockaddr_storage address;
5536 u_int ifscope = IFSCOPE_NONE;
5537 (void)sa_copy(sa, &address, &ifscope);
5538 SIN(&address)->sin_port = 0;
5539 if (address.ss_family == AF_INET6) {
5540 if (in6_embedded_scope ||
5541 !IN6_IS_SCOPE_EMBED(&SIN6(&address)->sin6_addr)) {
5542 SIN6(&address)->sin6_scope_id = 0;
5543 }
5544 }
5545
5546 ifa = ifa_ifwithaddr_scoped_locked((struct sockaddr *)&address, ifp->if_index);
5547 matched_local_address = (ifa != NULL);
5548
5549 if (ifa) {
5550 ifaddr_release(ifaddr: ifa);
5551 }
5552
5553 return matched_local_address;
5554}
5555
5556static bool
5557necp_interface_type_should_match_unranked_interfaces(u_int8_t interface_type)
5558{
5559 switch (interface_type) {
5560 // These are the interface types we allow a client to request even if the matching
5561 // interface isn't currently eligible to be primary (has default route, dns, etc)
5562 case IFRTYPE_FUNCTIONAL_WIFI_AWDL:
5563 case IFRTYPE_FUNCTIONAL_INTCOPROC:
5564 case IFRTYPE_FUNCTIONAL_COMPANIONLINK:
5565 return true;
5566 default:
5567 break;
5568 }
5569 return false;
5570}
5571
5572#define NECP_IFP_IS_ON_ORDERED_LIST(_ifp) ((_ifp)->if_ordered_link.tqe_next != NULL || (_ifp)->if_ordered_link.tqe_prev != NULL)
5573
5574// Secondary interface flag indicates that the interface is being
5575// used for multipath or a listener as an extra path
5576static bool
5577necp_ifnet_matches_parameters(struct ifnet *ifp,
5578 struct necp_client_parsed_parameters *parsed_parameters,
5579 u_int32_t override_flags,
5580 u_int32_t *preferred_count,
5581 bool secondary_interface,
5582 bool require_scoped_field)
5583{
5584 bool matched_some_scoped_field = FALSE;
5585
5586 if (preferred_count) {
5587 *preferred_count = 0;
5588 }
5589
5590 if (parsed_parameters->valid_fields & NECP_PARSED_PARAMETERS_FIELD_REQUIRED_IF) {
5591 if (parsed_parameters->required_interface_index != ifp->if_index) {
5592 return FALSE;
5593 }
5594 }
5595#if SKYWALK
5596 else {
5597 if (ifnet_is_low_latency(ifp)) {
5598 return FALSE;
5599 }
5600 }
5601#endif /* SKYWALK */
5602
5603 if (parsed_parameters->valid_fields & NECP_PARSED_PARAMETERS_FIELD_LOCAL_ADDR) {
5604 if (!necp_ifnet_matches_local_address(ifp, SA(&parsed_parameters->local_addr.sa))) {
5605 return FALSE;
5606 }
5607 if (require_scoped_field) {
5608 matched_some_scoped_field = TRUE;
5609 }
5610 }
5611
5612 if (parsed_parameters->valid_fields & NECP_PARSED_PARAMETERS_FIELD_FLAGS) {
5613 if (override_flags != 0) {
5614 if ((override_flags & NECP_CLIENT_PARAMETER_FLAG_PROHIBIT_EXPENSIVE) &&
5615 IFNET_IS_EXPENSIVE(ifp)) {
5616 return FALSE;
5617 }
5618 if ((override_flags & NECP_CLIENT_PARAMETER_FLAG_PROHIBIT_CONSTRAINED) &&
5619 IFNET_IS_CONSTRAINED(ifp)) {
5620 return FALSE;
5621 }
5622 } else {
5623 if ((parsed_parameters->flags & NECP_CLIENT_PARAMETER_FLAG_PROHIBIT_EXPENSIVE) &&
5624 IFNET_IS_EXPENSIVE(ifp)) {
5625 return FALSE;
5626 }
5627 if ((parsed_parameters->flags & NECP_CLIENT_PARAMETER_FLAG_PROHIBIT_CONSTRAINED) &&
5628 IFNET_IS_CONSTRAINED(ifp)) {
5629 return FALSE;
5630 }
5631 }
5632 }
5633
5634 if ((!secondary_interface || // Enforce interface type if this is the primary interface
5635 !(parsed_parameters->valid_fields & NECP_PARSED_PARAMETERS_FIELD_FLAGS) || // or if there are no flags
5636 !(parsed_parameters->flags & NECP_CLIENT_PARAMETER_FLAG_ONLY_PRIMARY_REQUIRES_TYPE)) && // or if the flags don't give an exception
5637 (parsed_parameters->valid_fields & NECP_PARSED_PARAMETERS_FIELD_REQUIRED_IFTYPE) &&
5638 !necp_ifnet_matches_type(ifp, interface_type: parsed_parameters->required_interface_type, FALSE)) {
5639 return FALSE;
5640 }
5641
5642 if (parsed_parameters->valid_fields & NECP_PARSED_PARAMETERS_FIELD_REQUIRED_IFTYPE) {
5643 if (require_scoped_field) {
5644 matched_some_scoped_field = TRUE;
5645 }
5646 }
5647
5648 if (parsed_parameters->valid_fields & NECP_PARSED_PARAMETERS_FIELD_PROHIBITED_IFTYPE) {
5649 for (int i = 0; i < NECP_MAX_INTERFACE_PARAMETERS; i++) {
5650 if (parsed_parameters->prohibited_interface_types[i] == 0) {
5651 break;
5652 }
5653
5654 if (necp_ifnet_matches_type(ifp, interface_type: parsed_parameters->prohibited_interface_types[i], TRUE)) {
5655 return FALSE;
5656 }
5657 }
5658 }
5659
5660 if (parsed_parameters->valid_fields & NECP_PARSED_PARAMETERS_FIELD_PROHIBITED_IF) {
5661 for (int i = 0; i < NECP_MAX_INTERFACE_PARAMETERS; i++) {
5662 if (strlen(s: parsed_parameters->prohibited_interfaces[i]) == 0) {
5663 break;
5664 }
5665
5666 if (necp_ifnet_matches_name(ifp, interface_name: parsed_parameters->prohibited_interfaces[i], TRUE)) {
5667 return FALSE;
5668 }
5669 }
5670 }
5671
5672 if (parsed_parameters->valid_fields & NECP_PARSED_PARAMETERS_FIELD_REQUIRED_AGENT) {
5673 for (int i = 0; i < NECP_MAX_AGENT_PARAMETERS; i++) {
5674 if (uuid_is_null(uu: parsed_parameters->required_netagents[i])) {
5675 break;
5676 }
5677
5678 if (!necp_ifnet_matches_agent(ifp, agent_uuid: &parsed_parameters->required_netagents[i], FALSE)) {
5679 return FALSE;
5680 }
5681
5682 if (require_scoped_field) {
5683 matched_some_scoped_field = TRUE;
5684 }
5685 }
5686 }
5687
5688 if (parsed_parameters->valid_fields & NECP_PARSED_PARAMETERS_FIELD_PROHIBITED_AGENT) {
5689 for (int i = 0; i < NECP_MAX_AGENT_PARAMETERS; i++) {
5690 if (uuid_is_null(uu: parsed_parameters->prohibited_netagents[i])) {
5691 break;
5692 }
5693
5694 if (necp_ifnet_matches_agent(ifp, agent_uuid: &parsed_parameters->prohibited_netagents[i], TRUE)) {
5695 return FALSE;
5696 }
5697 }
5698 }
5699
5700 if (parsed_parameters->valid_fields & NECP_PARSED_PARAMETERS_FIELD_REQUIRED_AGENT_TYPE) {
5701 for (int i = 0; i < NECP_MAX_AGENT_PARAMETERS; i++) {
5702 if (strlen(s: parsed_parameters->required_netagent_types[i].netagent_domain) == 0 &&
5703 strlen(s: parsed_parameters->required_netagent_types[i].netagent_type) == 0) {
5704 break;
5705 }
5706
5707 if (!necp_ifnet_matches_agent_type(ifp, agent_domain: parsed_parameters->required_netagent_types[i].netagent_domain, agent_type: parsed_parameters->required_netagent_types[i].netagent_type, FALSE)) {
5708 return FALSE;
5709 }
5710
5711 if (require_scoped_field) {
5712 matched_some_scoped_field = TRUE;
5713 }
5714 }
5715 }
5716
5717 if (parsed_parameters->valid_fields & NECP_PARSED_PARAMETERS_FIELD_PROHIBITED_AGENT_TYPE) {
5718 for (int i = 0; i < NECP_MAX_AGENT_PARAMETERS; i++) {
5719 if (strlen(s: parsed_parameters->prohibited_netagent_types[i].netagent_domain) == 0 &&
5720 strlen(s: parsed_parameters->prohibited_netagent_types[i].netagent_type) == 0) {
5721 break;
5722 }
5723
5724 if (necp_ifnet_matches_agent_type(ifp, agent_domain: parsed_parameters->prohibited_netagent_types[i].netagent_domain, agent_type: parsed_parameters->prohibited_netagent_types[i].netagent_type, TRUE)) {
5725 return FALSE;
5726 }
5727 }
5728 }
5729
5730 // Checked preferred properties
5731 if (preferred_count) {
5732 if (parsed_parameters->valid_fields & NECP_PARSED_PARAMETERS_FIELD_PREFERRED_AGENT) {
5733 for (int i = 0; i < NECP_MAX_AGENT_PARAMETERS; i++) {
5734 if (uuid_is_null(uu: parsed_parameters->preferred_netagents[i])) {
5735 break;
5736 }
5737
5738 if (necp_ifnet_matches_agent(ifp, agent_uuid: &parsed_parameters->preferred_netagents[i], TRUE)) {
5739 (*preferred_count)++;
5740 if (require_scoped_field) {
5741 matched_some_scoped_field = TRUE;
5742 }
5743 }
5744 }
5745 }
5746
5747 if (parsed_parameters->valid_fields & NECP_PARSED_PARAMETERS_FIELD_PREFERRED_AGENT_TYPE) {
5748 for (int i = 0; i < NECP_MAX_AGENT_PARAMETERS; i++) {
5749 if (strlen(s: parsed_parameters->preferred_netagent_types[i].netagent_domain) == 0 &&
5750 strlen(s: parsed_parameters->preferred_netagent_types[i].netagent_type) == 0) {
5751 break;
5752 }
5753
5754 if (necp_ifnet_matches_agent_type(ifp, agent_domain: parsed_parameters->preferred_netagent_types[i].netagent_domain, agent_type: parsed_parameters->preferred_netagent_types[i].netagent_type, TRUE)) {
5755 (*preferred_count)++;
5756 if (require_scoped_field) {
5757 matched_some_scoped_field = TRUE;
5758 }
5759 }
5760 }
5761 }
5762
5763 if (parsed_parameters->valid_fields & NECP_PARSED_PARAMETERS_FIELD_AVOIDED_AGENT) {
5764 for (int i = 0; i < NECP_MAX_AGENT_PARAMETERS; i++) {
5765 if (uuid_is_null(uu: parsed_parameters->avoided_netagents[i])) {
5766 break;
5767 }
5768
5769 if (!necp_ifnet_matches_agent(ifp, agent_uuid: &parsed_parameters->avoided_netagents[i], TRUE)) {
5770 (*preferred_count)++;
5771 }
5772 }
5773 }
5774
5775 if (parsed_parameters->valid_fields & NECP_PARSED_PARAMETERS_FIELD_AVOIDED_AGENT_TYPE) {
5776 for (int i = 0; i < NECP_MAX_AGENT_PARAMETERS; i++) {
5777 if (strlen(s: parsed_parameters->avoided_netagent_types[i].netagent_domain) == 0 &&
5778 strlen(s: parsed_parameters->avoided_netagent_types[i].netagent_type) == 0) {
5779 break;
5780 }
5781
5782 if (!necp_ifnet_matches_agent_type(ifp, agent_domain: parsed_parameters->avoided_netagent_types[i].netagent_domain,
5783 agent_type: parsed_parameters->avoided_netagent_types[i].netagent_type, TRUE)) {
5784 (*preferred_count)++;
5785 }
5786 }
5787 }
5788 }
5789
5790 if (require_scoped_field) {
5791 return matched_some_scoped_field;
5792 }
5793
5794 return TRUE;
5795}
5796
5797static bool
5798necp_find_matching_interface_index(struct necp_client_parsed_parameters *parsed_parameters,
5799 u_int *return_ifindex, bool *validate_agents)
5800{
5801 struct ifnet *ifp = NULL;
5802 u_int32_t best_preferred_count = 0;
5803 bool has_preferred_fields = FALSE;
5804 *return_ifindex = 0;
5805
5806 if (parsed_parameters->required_interface_index != 0) {
5807 *return_ifindex = parsed_parameters->required_interface_index;
5808 return TRUE;
5809 }
5810
5811 // Check and save off flags
5812 u_int32_t flags = 0;
5813 bool has_prohibit_flags = FALSE;
5814 if (parsed_parameters->valid_fields & NECP_PARSED_PARAMETERS_FIELD_FLAGS) {
5815 flags = parsed_parameters->flags;
5816 has_prohibit_flags = (parsed_parameters->flags &
5817 (NECP_CLIENT_PARAMETER_FLAG_PROHIBIT_EXPENSIVE |
5818 NECP_CLIENT_PARAMETER_FLAG_PROHIBIT_CONSTRAINED));
5819 }
5820
5821 if (!(parsed_parameters->valid_fields & NECP_PARSED_PARAMETERS_INTERESTING_IFNET_FIELDS) &&
5822 !has_prohibit_flags) {
5823 return TRUE;
5824 }
5825
5826 has_preferred_fields = (parsed_parameters->valid_fields & NECP_PARSED_PARAMETERS_PREFERRED_FIELDS);
5827
5828 // We have interesting parameters to parse and find a matching interface
5829 ifnet_head_lock_shared();
5830
5831 if (!(parsed_parameters->valid_fields & NECP_PARSED_PARAMETERS_SCOPED_FIELDS) &&
5832 !has_preferred_fields) {
5833 // We do have fields to match, but they are only prohibitory
5834 // If the first interface in the list matches, or there are no ordered interfaces, we don't need to scope
5835 ifp = TAILQ_FIRST(&ifnet_ordered_head);
5836 if (ifp == NULL || necp_ifnet_matches_parameters(ifp, parsed_parameters, override_flags: 0, NULL, false, false)) {
5837 // Don't set return_ifindex, so the client doesn't need to scope
5838 ifnet_head_done();
5839 return TRUE;
5840 }
5841
5842 if (parsed_parameters->valid_fields & NECP_PARSED_PARAMETERS_FIELD_REMOTE_ADDR &&
5843 parsed_parameters->remote_addr.sin6.sin6_family == AF_INET6 &&
5844 parsed_parameters->remote_addr.sin6.sin6_scope_id != IFSCOPE_NONE &&
5845 parsed_parameters->remote_addr.sin6.sin6_scope_id <= (u_int32_t)if_index) {
5846 ifp = ifindex2ifnet[parsed_parameters->remote_addr.sin6.sin6_scope_id];
5847 if (ifp != NULL && necp_ifnet_matches_parameters(ifp, parsed_parameters, override_flags: 0, NULL, false, false)) {
5848 // Don't set return_ifindex, so the client doesn't need to scope since the v6 scope ID will
5849 // already route to the correct interface
5850 ifnet_head_done();
5851 return TRUE;
5852 }
5853 }
5854 }
5855
5856 // First check the ordered interface list
5857 TAILQ_FOREACH(ifp, &ifnet_ordered_head, if_ordered_link) {
5858 u_int32_t preferred_count = 0;
5859 if (necp_ifnet_matches_parameters(ifp, parsed_parameters, override_flags: flags, preferred_count: &preferred_count, false, false)) {
5860 if (preferred_count > best_preferred_count ||
5861 *return_ifindex == 0) {
5862 // Everything matched, and is most preferred. Return this interface.
5863 *return_ifindex = ifp->if_index;
5864 best_preferred_count = preferred_count;
5865
5866 if (!has_preferred_fields) {
5867 break;
5868 }
5869 }
5870 }
5871
5872 if (has_prohibit_flags &&
5873 ifp == TAILQ_FIRST(&ifnet_ordered_head)) {
5874 // This was the first interface. From here on, if the
5875 // client prohibited either expensive or constrained,
5876 // don't allow either as a secondary interface option.
5877 flags |= (NECP_CLIENT_PARAMETER_FLAG_PROHIBIT_EXPENSIVE |
5878 NECP_CLIENT_PARAMETER_FLAG_PROHIBIT_CONSTRAINED);
5879 }
5880 }
5881
5882 bool is_listener = ((parsed_parameters->valid_fields & NECP_PARSED_PARAMETERS_FIELD_FLAGS) &&
5883 (parsed_parameters->flags & NECP_CLIENT_PARAMETER_FLAG_LISTENER));
5884
5885 // Then check the remaining interfaces
5886 if ((parsed_parameters->valid_fields & NECP_PARSED_PARAMETERS_SCOPED_FIELDS) &&
5887 ((!(parsed_parameters->valid_fields & NECP_PARSED_PARAMETERS_FIELD_REQUIRED_IFTYPE)) ||
5888 necp_interface_type_should_match_unranked_interfaces(interface_type: parsed_parameters->required_interface_type) ||
5889 (parsed_parameters->valid_fields & NECP_PARSED_PARAMETERS_FIELD_LOCAL_ADDR) ||
5890 is_listener) &&
5891 (*return_ifindex == 0 || has_preferred_fields)) {
5892 TAILQ_FOREACH(ifp, &ifnet_head, if_link) {
5893 u_int32_t preferred_count = 0;
5894 if (NECP_IFP_IS_ON_ORDERED_LIST(ifp)) {
5895 // This interface was in the ordered list, skip
5896 continue;
5897 }
5898 if (necp_ifnet_matches_parameters(ifp, parsed_parameters, override_flags: flags, preferred_count: &preferred_count, false, true)) {
5899 if (preferred_count > best_preferred_count ||
5900 *return_ifindex == 0) {
5901 // Everything matched, and is most preferred. Return this interface.
5902 *return_ifindex = ifp->if_index;
5903 best_preferred_count = preferred_count;
5904
5905 if (!has_preferred_fields) {
5906 break;
5907 }
5908 }
5909 }
5910 }
5911 }
5912
5913 ifnet_head_done();
5914
5915 if (has_preferred_fields && best_preferred_count == 0 &&
5916 ((parsed_parameters->valid_fields & (NECP_PARSED_PARAMETERS_SCOPED_FIELDS | NECP_PARSED_PARAMETERS_PREFERRED_FIELDS)) ==
5917 (parsed_parameters->valid_fields & NECP_PARSED_PARAMETERS_PREFERRED_FIELDS))) {
5918 // If only has preferred ifnet fields, and nothing was found, clear the interface index and return TRUE
5919 *return_ifindex = 0;
5920 return TRUE;
5921 }
5922
5923 if (*return_ifindex == 0 &&
5924 !(parsed_parameters->valid_fields & NECP_PARSED_PARAMETERS_SCOPED_IFNET_FIELDS)) {
5925 // Has required fields, but not including specific interface fields. Pass for now, and check
5926 // to see if agents are satisfied by policy.
5927 *validate_agents = TRUE;
5928 return TRUE;
5929 }
5930
5931 return *return_ifindex != 0;
5932}
5933
5934void
5935necp_copy_inp_domain_info(struct inpcb *inp, struct socket *so, nstat_domain_info *domain_info)
5936{
5937 if (inp == NULL || so == NULL || domain_info == NULL) {
5938 return;
5939 }
5940
5941 necp_lock_socket_attributes();
5942
5943 domain_info->is_tracker = !!(so->so_flags1 & SOF1_KNOWN_TRACKER);
5944 domain_info->is_non_app_initiated = !!(so->so_flags1 & SOF1_TRACKER_NON_APP_INITIATED);
5945 if (domain_info->is_tracker &&
5946 inp->inp_necp_attributes.inp_tracker_domain != NULL) {
5947 strlcpy(dst: domain_info->domain_name, src: inp->inp_necp_attributes.inp_tracker_domain,
5948 n: sizeof(domain_info->domain_name));
5949 } else if (inp->inp_necp_attributes.inp_domain != NULL) {
5950 strlcpy(dst: domain_info->domain_name, src: inp->inp_necp_attributes.inp_domain,
5951 n: sizeof(domain_info->domain_name));
5952 }
5953 if (inp->inp_necp_attributes.inp_domain_owner != NULL) {
5954 strlcpy(dst: domain_info->domain_owner, src: inp->inp_necp_attributes.inp_domain_owner,
5955 n: sizeof(domain_info->domain_owner));
5956 }
5957 if (inp->inp_necp_attributes.inp_domain_context != NULL) {
5958 strlcpy(dst: domain_info->domain_tracker_ctxt, src: inp->inp_necp_attributes.inp_domain_context,
5959 n: sizeof(domain_info->domain_tracker_ctxt));
5960 }
5961
5962 necp_unlock_socket_attributes();
5963}
5964
5965void
5966necp_with_inp_domain_name(struct socket *so, void *ctx, void (*with_func)(char *domain_name, void *ctx))
5967{
5968 struct inpcb *inp = NULL;
5969
5970 if (so == NULL || with_func == NULL) {
5971 return;
5972 }
5973
5974 inp = (struct inpcb *)so->so_pcb;
5975 if (inp == NULL) {
5976 return;
5977 }
5978
5979 necp_lock_socket_attributes();
5980 with_func(inp->inp_necp_attributes.inp_domain, ctx);
5981 necp_unlock_socket_attributes();
5982}
5983
5984static size_t
5985necp_find_domain_info_common(struct necp_client *client,
5986 u_int8_t *parameters,
5987 size_t parameters_size,
5988 struct necp_client_flow_registration *flow_registration, /* For logging purposes only */
5989 nstat_domain_info *domain_info)
5990{
5991 if (client == NULL) {
5992 return 0;
5993 }
5994 if (domain_info == NULL) {
5995 return sizeof(nstat_domain_info);
5996 }
5997
5998 size_t offset = 0;
5999 u_int32_t flags = 0;
6000 u_int8_t *tracker_domain = NULL;
6001 u_int8_t *domain = NULL;
6002 size_t tracker_domain_length = 0;
6003 size_t domain_length = 0;
6004
6005 NECP_CLIENT_FLOW_LOG(client, flow_registration, "Collecting stats");
6006
6007 while ((offset + sizeof(struct necp_tlv_header)) <= parameters_size) {
6008 u_int8_t type = necp_buffer_get_tlv_type(buffer: parameters, tlv_offset: offset);
6009 u_int32_t length = necp_buffer_get_tlv_length(buffer: parameters, tlv_offset: offset);
6010
6011 if (length > (parameters_size - (offset + sizeof(struct necp_tlv_header)))) {
6012 // If the length is larger than what can fit in the remaining parameters size, bail
6013 NECPLOG(LOG_ERR, "Invalid TLV length (%u)", length);
6014 break;
6015 }
6016
6017 if (length > 0) {
6018 u_int8_t *value = necp_buffer_get_tlv_value(buffer: parameters, tlv_offset: offset, NULL);
6019 if (value != NULL) {
6020 switch (type) {
6021 case NECP_CLIENT_PARAMETER_FLAGS: {
6022 if (length >= sizeof(u_int32_t)) {
6023 memcpy(dst: &flags, src: value, n: sizeof(u_int32_t));
6024 }
6025
6026 domain_info->is_tracker =
6027 !!(flags & NECP_CLIENT_PARAMETER_FLAG_KNOWN_TRACKER);
6028 domain_info->is_non_app_initiated =
6029 !!(flags & NECP_CLIENT_PARAMETER_FLAG_NON_APP_INITIATED);
6030 domain_info->is_silent =
6031 !!(flags & NECP_CLIENT_PARAMETER_FLAG_SILENT);
6032 break;
6033 }
6034 case NECP_CLIENT_PARAMETER_TRACKER_DOMAIN: {
6035 tracker_domain_length = length;
6036 tracker_domain = value;
6037 break;
6038 }
6039 case NECP_CLIENT_PARAMETER_DOMAIN: {
6040 domain_length = length;
6041 domain = value;
6042 break;
6043 }
6044 case NECP_CLIENT_PARAMETER_DOMAIN_OWNER: {
6045 size_t length_to_copy = MIN(length, sizeof(domain_info->domain_owner));
6046 strlcpy(dst: domain_info->domain_owner, src: (const char *)value, n: length_to_copy);
6047 break;
6048 }
6049 case NECP_CLIENT_PARAMETER_DOMAIN_CONTEXT: {
6050 size_t length_to_copy = MIN(length, sizeof(domain_info->domain_tracker_ctxt));
6051 strlcpy(dst: domain_info->domain_tracker_ctxt, src: (const char *)value, n: length_to_copy);
6052 break;
6053 }
6054 case NECP_CLIENT_PARAMETER_ATTRIBUTED_BUNDLE_IDENTIFIER: {
6055 size_t length_to_copy = MIN(length, sizeof(domain_info->domain_attributed_bundle_id));
6056 strlcpy(dst: domain_info->domain_attributed_bundle_id, src: (const char *)value, n: length_to_copy);
6057 break;
6058 }
6059 case NECP_CLIENT_PARAMETER_REMOTE_ADDRESS: {
6060 if (length >= sizeof(struct necp_policy_condition_addr)) {
6061 struct necp_policy_condition_addr *address_struct = (struct necp_policy_condition_addr *)(void *)value;
6062 if (necp_client_address_is_valid(&address_struct->address.sa)) {
6063 memcpy(dst: &domain_info->remote, src: &address_struct->address, n: sizeof(address_struct->address));
6064 }
6065 }
6066 break;
6067 }
6068 default: {
6069 break;
6070 }
6071 }
6072 }
6073 }
6074 offset += sizeof(struct necp_tlv_header) + length;
6075 }
6076
6077 if (domain_info->is_tracker && tracker_domain != NULL && tracker_domain_length > 0) {
6078 size_t length_to_copy = MIN(tracker_domain_length, sizeof(domain_info->domain_name));
6079 strlcpy(dst: domain_info->domain_name, src: (const char *)tracker_domain, n: length_to_copy);
6080 } else if (domain != NULL && domain_length > 0) {
6081 size_t length_to_copy = MIN(domain_length, sizeof(domain_info->domain_name));
6082 strlcpy(dst: domain_info->domain_name, src: (const char *)domain, n: length_to_copy);
6083 }
6084
6085 NECP_CLIENT_FLOW_LOG(client, flow_registration,
6086 "Collected stats - domain <%s> owner <%s> ctxt <%s> bundle id <%s> "
6087 "is_tracker %d is_non_app_initiated %d is_silent %d",
6088 domain_info->domain_name,
6089 domain_info->domain_owner,
6090 domain_info->domain_tracker_ctxt,
6091 domain_info->domain_attributed_bundle_id,
6092 domain_info->is_tracker,
6093 domain_info->is_non_app_initiated,
6094 domain_info->is_silent);
6095
6096 return sizeof(nstat_domain_info);
6097}
6098
6099static size_t
6100necp_find_conn_extension_info(nstat_provider_context ctx,
6101 int requested_extension, /* The extension to be returned */
6102 void *buf, /* If not NULL, the address for extensions to be returned in */
6103 size_t buf_size) /* The size of the buffer space, typically matching the return from a previous call with a NULL buf pointer */
6104{
6105 // Note, the caller has guaranteed that any buffer has been zeroed, there is no need to clear it again
6106
6107 if (ctx == NULL) {
6108 return 0;
6109 }
6110 struct necp_client *client = (struct necp_client *)ctx;
6111 switch (requested_extension) {
6112 case NSTAT_EXTENDED_UPDATE_TYPE_DOMAIN:
6113 // This is for completeness. The intent is that domain information can be extracted at user level from the TLV parameters
6114 if (buf == NULL) {
6115 return sizeof(nstat_domain_info);
6116 }
6117 if (buf_size < sizeof(nstat_domain_info)) {
6118 return 0;
6119 }
6120 return necp_find_domain_info_common(client, parameters: client->parameters, parameters_size: client->parameters_length, NULL, domain_info: (nstat_domain_info *)buf);
6121
6122 case NSTAT_EXTENDED_UPDATE_TYPE_NECP_TLV: {
6123 size_t parameters_length = client->parameters_length;
6124 if (buf == NULL) {
6125 return parameters_length;
6126 }
6127 if (buf_size < parameters_length) {
6128 return 0;
6129 }
6130 memcpy(dst: buf, src: client->parameters, n: parameters_length);
6131 return parameters_length;
6132 }
6133 case NSTAT_EXTENDED_UPDATE_TYPE_ORIGINAL_NECP_TLV:
6134 if (buf == NULL) {
6135 return (client->original_parameters_source != NULL) ? client->original_parameters_source->parameters_length : 0;
6136 }
6137 if ((client->original_parameters_source == NULL) || (buf_size < client->original_parameters_source->parameters_length)) {
6138 return 0;
6139 }
6140 memcpy(dst: buf, src: client->original_parameters_source->parameters, n: client->original_parameters_source->parameters_length);
6141 return client->original_parameters_source->parameters_length;
6142
6143 case NSTAT_EXTENDED_UPDATE_TYPE_ORIGINAL_DOMAIN:
6144 if (buf == NULL) {
6145 return (client->original_parameters_source != NULL) ? sizeof(nstat_domain_info) : 0;
6146 }
6147 if ((buf_size < sizeof(nstat_domain_info)) || (client->original_parameters_source == NULL)) {
6148 return 0;
6149 }
6150 return necp_find_domain_info_common(client, parameters: client->original_parameters_source->parameters, parameters_size: client->original_parameters_source->parameters_length,
6151 NULL, domain_info: (nstat_domain_info *)buf);
6152
6153 default:
6154 return 0;
6155 }
6156}
6157
6158#if SKYWALK
6159
6160static size_t
6161necp_find_extension_info(userland_stats_provider_context *ctx,
6162 int requested_extension, /* The extension to be returned */
6163 void *buf, /* If not NULL, the address for extensions to be returned in */
6164 size_t buf_size) /* The size of the buffer space, typically matching the return from a previous call with a NULL buf pointer */
6165{
6166 if (ctx == NULL) {
6167 return 0;
6168 }
6169 struct necp_client_flow_registration *flow_registration = (struct necp_client_flow_registration *)(uintptr_t)ctx;
6170 struct necp_client *client = flow_registration->client;
6171
6172 switch (requested_extension) {
6173 case NSTAT_EXTENDED_UPDATE_TYPE_DOMAIN:
6174 if (buf == NULL) {
6175 return sizeof(nstat_domain_info);
6176 }
6177 if (buf_size < sizeof(nstat_domain_info)) {
6178 return 0;
6179 }
6180 return necp_find_domain_info_common(client, parameters: client->parameters, parameters_size: client->parameters_length, flow_registration, domain_info: (nstat_domain_info *)buf);
6181
6182 case NSTAT_EXTENDED_UPDATE_TYPE_NECP_TLV:
6183 if (buf == NULL) {
6184 return client->parameters_length;
6185 }
6186 if (buf_size < client->parameters_length) {
6187 return 0;
6188 }
6189 memcpy(dst: buf, src: client->parameters, n: client->parameters_length);
6190 return client->parameters_length;
6191
6192 case NSTAT_EXTENDED_UPDATE_TYPE_FUUID:
6193 if (buf == NULL) {
6194 return sizeof(uuid_t);
6195 }
6196 if (buf_size < sizeof(uuid_t)) {
6197 return 0;
6198 }
6199 uuid_copy(dst: buf, src: flow_registration->registration_id);
6200 return sizeof(uuid_t);
6201
6202 default:
6203 return 0;
6204 }
6205}
6206
6207static void
6208necp_find_netstat_data(struct necp_client *client,
6209 union necp_sockaddr_union *remote,
6210 pid_t *effective_pid,
6211 uid_t *uid,
6212 uuid_t euuid,
6213 uid_t *persona_id,
6214 u_int32_t *traffic_class,
6215 u_int8_t *fallback_mode)
6216{
6217 bool have_set_euuid = false;
6218 size_t offset = 0;
6219 u_int8_t *parameters;
6220 u_int32_t parameters_size;
6221
6222 parameters = client->parameters;
6223 parameters_size = (u_int32_t)client->parameters_length;
6224
6225 while ((offset + sizeof(struct necp_tlv_header)) <= parameters_size) {
6226 u_int8_t type = necp_buffer_get_tlv_type(buffer: parameters, tlv_offset: offset);
6227 u_int32_t length = necp_buffer_get_tlv_length(buffer: parameters, tlv_offset: offset);
6228
6229 if (length > (parameters_size - (offset + sizeof(struct necp_tlv_header)))) {
6230 // If the length is larger than what can fit in the remaining parameters size, bail
6231 NECPLOG(LOG_ERR, "Invalid TLV length (%u)", length);
6232 break;
6233 }
6234
6235 if (length > 0) {
6236 u_int8_t *value = necp_buffer_get_tlv_value(buffer: parameters, tlv_offset: offset, NULL);
6237 if (value != NULL) {
6238 switch (type) {
6239 case NECP_CLIENT_PARAMETER_APPLICATION: {
6240 if (length >= sizeof(uuid_t)) {
6241 uuid_copy(dst: euuid, src: value);
6242 }
6243 break;
6244 }
6245 case NECP_CLIENT_PARAMETER_PID: {
6246 if (length >= sizeof(pid_t)) {
6247 memcpy(dst: effective_pid, src: value, n: sizeof(pid_t));
6248 }
6249 break;
6250 }
6251 case NECP_CLIENT_PARAMETER_TRAFFIC_CLASS: {
6252 if (length >= sizeof(u_int32_t)) {
6253 memcpy(dst: traffic_class, src: value, n: sizeof(u_int32_t));
6254 }
6255 break;
6256 }
6257 case NECP_CLIENT_PARAMETER_FALLBACK_MODE: {
6258 if (length >= sizeof(u_int8_t)) {
6259 memcpy(dst: fallback_mode, src: value, n: sizeof(u_int8_t));
6260 }
6261 break;
6262 }
6263 // It is an implementation quirk that the remote address can be found in the necp parameters
6264 // while the local address must be retrieved from the flowswitch
6265 case NECP_CLIENT_PARAMETER_REMOTE_ADDRESS: {
6266 if (length >= sizeof(struct necp_policy_condition_addr)) {
6267 struct necp_policy_condition_addr *address_struct = (struct necp_policy_condition_addr *)(void *)value;
6268 if (necp_client_address_is_valid(&address_struct->address.sa)) {
6269 memcpy(dst: remote, src: &address_struct->address, n: sizeof(address_struct->address));
6270 }
6271 }
6272 break;
6273 }
6274 case NECP_CLIENT_PARAMETER_APPLICATION_ID: {
6275 if (length >= sizeof(necp_application_id_t) && uid && persona_id) {
6276 necp_application_id_t *application_id = (necp_application_id_t *)(void *)value;
6277 memcpy(dst: uid, src: &application_id->uid, n: sizeof(uid_t));
6278 uuid_copy(dst: euuid, src: application_id->effective_uuid);
6279 memcpy(dst: persona_id, src: &application_id->persona_id, n: sizeof(uid_t));
6280 have_set_euuid = true;
6281 }
6282 break;
6283 }
6284 default: {
6285 break;
6286 }
6287 }
6288 }
6289 }
6290 offset += sizeof(struct necp_tlv_header) + length;
6291 }
6292
6293 if (!have_set_euuid) {
6294 proc_t proc = proc_find(pid: client->proc_pid);
6295 if (proc != PROC_NULL) {
6296 uuid_t responsible_uuid = { 0 };
6297 proc_getresponsibleuuid(proc, responsible_uuid, sizeof(responsible_uuid));
6298 proc_rele(p: proc);
6299 if (!uuid_is_null(uu: responsible_uuid)) {
6300 uuid_copy(dst: euuid, src: responsible_uuid);
6301 }
6302 }
6303 }
6304}
6305
6306static u_int64_t
6307necp_find_netstat_initial_properties(struct necp_client *client)
6308{
6309 size_t offset = 0;
6310 u_int64_t retval = 0;
6311 u_int8_t *parameters;
6312 u_int32_t parameters_size;
6313
6314 parameters = client->parameters;
6315 parameters_size = (u_int32_t)client->parameters_length;
6316
6317 while ((offset + sizeof(struct necp_tlv_header)) <= parameters_size) {
6318 u_int8_t type = necp_buffer_get_tlv_type(buffer: parameters, tlv_offset: offset);
6319 u_int32_t length = necp_buffer_get_tlv_length(buffer: parameters, tlv_offset: offset);
6320
6321 if (length > (parameters_size - (offset + sizeof(struct necp_tlv_header)))) {
6322 // If the length is larger than what can fit in the remaining parameters size, bail
6323 NECPLOG(LOG_ERR, "Invalid TLV length (%u)", length);
6324 break;
6325 }
6326
6327 if (type == NECP_CLIENT_PARAMETER_FLAGS) {
6328 u_int32_t policy_condition_client_flags;
6329 u_int8_t *value = necp_buffer_get_tlv_value(buffer: parameters, tlv_offset: offset, NULL);
6330 if ((value != NULL) && (length >= sizeof(policy_condition_client_flags))) {
6331 memcpy(dst: &policy_condition_client_flags, src: value, n: sizeof(policy_condition_client_flags));
6332 if (policy_condition_client_flags & NECP_CLIENT_PARAMETER_FLAG_LISTENER) {
6333 retval |= NSTAT_SOURCE_IS_LISTENER;
6334 }
6335 if (policy_condition_client_flags & NECP_CLIENT_PARAMETER_FLAG_INBOUND) {
6336 retval |= NSTAT_SOURCE_IS_INBOUND;
6337 }
6338 }
6339 break;
6340 }
6341 offset += sizeof(struct necp_tlv_header) + length;
6342 }
6343 if (retval == 0) {
6344 retval = NSTAT_SOURCE_IS_OUTBOUND;
6345 }
6346 return retval;
6347}
6348
6349// Called from NetworkStatistics when it wishes to collect latest information for a TCP flow.
6350// It is a responsibility of NetworkStatistics to have previously zeroed any supplied memory.
6351static bool
6352necp_request_tcp_netstats(userland_stats_provider_context *ctx,
6353 u_int32_t *ifflagsp,
6354 nstat_progress_digest *digestp,
6355 nstat_counts *countsp,
6356 void *metadatap)
6357{
6358 if (ctx == NULL) {
6359 return false;
6360 }
6361
6362 struct necp_client_flow_registration *flow_registration = (struct necp_client_flow_registration *)(uintptr_t)ctx;
6363 struct necp_client *client = flow_registration->client;
6364 struct necp_all_stats *ustats_kaddr = ((struct necp_all_kstats *)flow_registration->kstats_kaddr)->necp_stats_ustats;
6365 struct necp_tcp_stats *tcpstats = (struct necp_tcp_stats *)ustats_kaddr;
6366 ASSERT(tcpstats != NULL);
6367
6368 u_int32_t nstat_diagnostic_flags = 0;
6369
6370 // Retrieve details from the last time the assigned flows were updated
6371 u_int32_t route_ifindex = IFSCOPE_NONE;
6372 u_int32_t route_ifflags = NSTAT_IFNET_IS_UNKNOWN_TYPE;
6373 u_int64_t combined_interface_details = 0;
6374
6375 combined_interface_details = os_atomic_load(&flow_registration->last_interface_details, relaxed);
6376 split_interface_details(combined_details: combined_interface_details, interface_index: &route_ifindex, interface_flags: &route_ifflags);
6377
6378 if (route_ifindex == IFSCOPE_NONE) {
6379 // Mark no interface
6380 nstat_diagnostic_flags |= NSTAT_IFNET_ROUTE_VALUE_UNOBTAINABLE;
6381 route_ifflags = NSTAT_IFNET_IS_UNKNOWN_TYPE;
6382 NECPLOG(LOG_INFO, "req tcp stats, failed to get route details for pid %d curproc %d %s\n",
6383 client->proc_pid, proc_pid(current_proc()), proc_best_name(current_proc()));
6384 }
6385
6386 if (ifflagsp) {
6387 *ifflagsp = route_ifflags | nstat_diagnostic_flags;
6388 if (tcpstats->necp_tcp_extra.flags1 & SOF1_CELLFALLBACK) {
6389 *ifflagsp |= NSTAT_IFNET_VIA_CELLFALLBACK;
6390 }
6391 if ((digestp == NULL) && (countsp == NULL) && (metadatap == NULL)) {
6392 return true;
6393 }
6394 }
6395
6396 if (digestp) {
6397 // The digest is intended to give information that may help give insight into the state of the link
6398 // while avoiding the need to do the relatively expensive flowswitch lookup
6399 digestp->rxbytes = tcpstats->necp_tcp_counts.necp_stat_rxbytes;
6400 digestp->txbytes = tcpstats->necp_tcp_counts.necp_stat_txbytes;
6401 digestp->rxduplicatebytes = tcpstats->necp_tcp_counts.necp_stat_rxduplicatebytes;
6402 digestp->rxoutoforderbytes = tcpstats->necp_tcp_counts.necp_stat_rxoutoforderbytes;
6403 digestp->txretransmit = tcpstats->necp_tcp_counts.necp_stat_txretransmit;
6404 digestp->ifindex = route_ifindex;
6405 digestp->state = tcpstats->necp_tcp_extra.state;
6406 digestp->txunacked = tcpstats->necp_tcp_extra.txunacked;
6407 digestp->txwindow = tcpstats->necp_tcp_extra.txwindow;
6408 digestp->connstatus.probe_activated = tcpstats->necp_tcp_extra.probestatus.probe_activated;
6409 digestp->connstatus.write_probe_failed = tcpstats->necp_tcp_extra.probestatus.write_probe_failed;
6410 digestp->connstatus.read_probe_failed = tcpstats->necp_tcp_extra.probestatus.read_probe_failed;
6411 digestp->connstatus.conn_probe_failed = tcpstats->necp_tcp_extra.probestatus.conn_probe_failed;
6412
6413 if ((countsp == NULL) && (metadatap == NULL)) {
6414 return true;
6415 }
6416 }
6417
6418 const struct sk_stats_flow *sf = &flow_registration->nexus_stats->fs_stats;
6419 if (sf == NULL) {
6420 nstat_diagnostic_flags |= NSTAT_IFNET_FLOWSWITCH_VALUE_UNOBTAINABLE;
6421 char namebuf[MAXCOMLEN + 1];
6422 (void) strlcpy(dst: namebuf, src: "unknown", n: sizeof(namebuf));
6423 proc_name(pid: client->proc_pid, buf: namebuf, size: sizeof(namebuf));
6424 NECPLOG(LOG_ERR, "req tcp stats, necp_client flow_registration flow_stats missing for pid %d %s curproc %d %s\n",
6425 client->proc_pid, namebuf, proc_pid(current_proc()), proc_best_name(current_proc()));
6426 sf = &ntstat_sk_stats_zero;
6427 }
6428
6429 if (countsp) {
6430 countsp->nstat_rxbytes = tcpstats->necp_tcp_counts.necp_stat_rxbytes;
6431 countsp->nstat_txbytes = tcpstats->necp_tcp_counts.necp_stat_txbytes;
6432
6433 countsp->nstat_rxduplicatebytes = tcpstats->necp_tcp_counts.necp_stat_rxduplicatebytes;
6434 countsp->nstat_rxoutoforderbytes = tcpstats->necp_tcp_counts.necp_stat_rxoutoforderbytes;
6435 countsp->nstat_txretransmit = tcpstats->necp_tcp_counts.necp_stat_txretransmit;
6436
6437 countsp->nstat_min_rtt = tcpstats->necp_tcp_counts.necp_stat_min_rtt;
6438 countsp->nstat_avg_rtt = tcpstats->necp_tcp_counts.necp_stat_avg_rtt;
6439 countsp->nstat_var_rtt = tcpstats->necp_tcp_counts.necp_stat_var_rtt;
6440
6441 countsp->nstat_connectattempts = tcpstats->necp_tcp_extra.state >= TCPS_SYN_SENT ? 1 : 0;
6442 countsp->nstat_connectsuccesses = tcpstats->necp_tcp_extra.state >= TCPS_ESTABLISHED ? 1 : 0;
6443
6444 // Supplement what the user level has told us with what we know from the flowswitch
6445 countsp->nstat_rxpackets = sf->sf_ipackets;
6446 countsp->nstat_txpackets = sf->sf_opackets;
6447 if (route_ifflags & NSTAT_IFNET_IS_CELLULAR) {
6448 countsp->nstat_cell_rxbytes = sf->sf_ibytes;
6449 countsp->nstat_cell_txbytes = sf->sf_obytes;
6450 } else if (route_ifflags & NSTAT_IFNET_IS_WIFI) {
6451 countsp->nstat_wifi_rxbytes = sf->sf_ibytes;
6452 countsp->nstat_wifi_txbytes = sf->sf_obytes;
6453 } else if (route_ifflags & NSTAT_IFNET_IS_WIRED) {
6454 countsp->nstat_wired_rxbytes = sf->sf_ibytes;
6455 countsp->nstat_wired_txbytes = sf->sf_obytes;
6456 }
6457 }
6458
6459 if (metadatap) {
6460 nstat_tcp_descriptor *desc = (nstat_tcp_descriptor *)metadatap;
6461 memset(s: desc, c: 0, n: sizeof(*desc));
6462
6463 // Metadata from the flow registration
6464 uuid_copy(dst: desc->fuuid, src: flow_registration->registration_id);
6465
6466 // Metadata that the necp client should have in TLV format.
6467 pid_t effective_pid = client->proc_pid;
6468 necp_find_netstat_data(client, remote: (union necp_sockaddr_union *)&desc->remote, effective_pid: &effective_pid, uid: &desc->uid, euuid: desc->euuid, persona_id: &desc->persona_id, traffic_class: &desc->traffic_class, fallback_mode: &desc->fallback_mode);
6469 desc->epid = (u_int32_t)effective_pid;
6470
6471 // Metadata from the flow registration
6472 // This needs to revisited if multiple flows are created from one flow registration
6473 struct necp_client_flow *flow = NULL;
6474 LIST_FOREACH(flow, &flow_registration->flow_list, flow_chain) {
6475 memcpy(dst: &desc->local, src: &flow->local_addr, n: sizeof(desc->local));
6476 break;
6477 }
6478
6479 // Metadata from the route
6480 desc->ifindex = route_ifindex;
6481 desc->ifnet_properties = route_ifflags | nstat_diagnostic_flags;
6482 desc->ifnet_properties |= (sf->sf_flags & SFLOWF_ONLINK) ? NSTAT_IFNET_IS_LOCAL : NSTAT_IFNET_IS_NON_LOCAL;
6483 if (tcpstats->necp_tcp_extra.flags1 & SOF1_CELLFALLBACK) {
6484 desc->ifnet_properties |= NSTAT_IFNET_VIA_CELLFALLBACK;
6485 }
6486
6487 // Basic metadata from userland
6488 desc->rcvbufsize = tcpstats->necp_tcp_basic.rcvbufsize;
6489 desc->rcvbufused = tcpstats->necp_tcp_basic.rcvbufused;
6490
6491 // Additional TCP specific data
6492 desc->sndbufsize = tcpstats->necp_tcp_extra.sndbufsize;
6493 desc->sndbufused = tcpstats->necp_tcp_extra.sndbufused;
6494 desc->txunacked = tcpstats->necp_tcp_extra.txunacked;
6495 desc->txwindow = tcpstats->necp_tcp_extra.txwindow;
6496 desc->txcwindow = tcpstats->necp_tcp_extra.txcwindow;
6497 desc->traffic_mgt_flags = tcpstats->necp_tcp_extra.traffic_mgt_flags;
6498 desc->state = tcpstats->necp_tcp_extra.state;
6499
6500 u_int32_t cc_alg_index = tcpstats->necp_tcp_extra.cc_alg_index;
6501 if (cc_alg_index < TCP_CC_ALGO_COUNT) {
6502 strlcpy(dst: desc->cc_algo, src: tcp_cc_algo_list[cc_alg_index]->name, n: sizeof(desc->cc_algo));
6503 } else {
6504 strlcpy(dst: desc->cc_algo, src: "unknown", n: sizeof(desc->cc_algo));
6505 }
6506
6507 desc->connstatus.probe_activated = tcpstats->necp_tcp_extra.probestatus.probe_activated;
6508 desc->connstatus.write_probe_failed = tcpstats->necp_tcp_extra.probestatus.write_probe_failed;
6509 desc->connstatus.read_probe_failed = tcpstats->necp_tcp_extra.probestatus.read_probe_failed;
6510 desc->connstatus.conn_probe_failed = tcpstats->necp_tcp_extra.probestatus.conn_probe_failed;
6511
6512 memcpy(dst: &desc->activity_bitmap, src: &sf->sf_activity, n: sizeof(sf->sf_activity));
6513
6514 if (NECP_ENABLE_CLIENT_TRACE(NECP_CLIENT_TRACE_LEVEL_FLOW)) {
6515 uuid_string_t euuid_str = { 0 };
6516 uuid_unparse(uu: desc->euuid, out: euuid_str);
6517 NECPLOG(LOG_NOTICE, "Collected stats - TCP - epid %d uid %d euuid %s persona id %d", desc->epid, desc->uid, euuid_str, desc->persona_id);
6518 }
6519 }
6520
6521 return true;
6522}
6523
6524// Called from NetworkStatistics when it wishes to collect latest information for a UDP flow.
6525static bool
6526necp_request_udp_netstats(userland_stats_provider_context *ctx,
6527 u_int32_t *ifflagsp,
6528 nstat_progress_digest *digestp,
6529 nstat_counts *countsp,
6530 void *metadatap)
6531{
6532#pragma unused(digestp)
6533
6534 if (ctx == NULL) {
6535 return false;
6536 }
6537
6538 struct necp_client_flow_registration *flow_registration = (struct necp_client_flow_registration *)(uintptr_t)ctx;
6539 struct necp_client *client = flow_registration->client;
6540 struct necp_all_stats *ustats_kaddr = ((struct necp_all_kstats *)flow_registration->kstats_kaddr)->necp_stats_ustats;
6541 struct necp_udp_stats *udpstats = (struct necp_udp_stats *)ustats_kaddr;
6542 ASSERT(udpstats != NULL);
6543
6544 u_int32_t nstat_diagnostic_flags = 0;
6545
6546 // Retrieve details from the last time the assigned flows were updated
6547 u_int32_t route_ifindex = IFSCOPE_NONE;
6548 u_int32_t route_ifflags = NSTAT_IFNET_IS_UNKNOWN_TYPE;
6549 u_int64_t combined_interface_details = 0;
6550
6551 combined_interface_details = os_atomic_load(&flow_registration->last_interface_details, relaxed);
6552 split_interface_details(combined_details: combined_interface_details, interface_index: &route_ifindex, interface_flags: &route_ifflags);
6553
6554 if (route_ifindex == IFSCOPE_NONE) {
6555 // Mark no interface
6556 nstat_diagnostic_flags |= NSTAT_IFNET_ROUTE_VALUE_UNOBTAINABLE;
6557 route_ifflags = NSTAT_IFNET_IS_UNKNOWN_TYPE;
6558 NECPLOG(LOG_INFO, "req udp stats, failed to get route details for pid %d curproc %d %s\n",
6559 client->proc_pid, proc_pid(current_proc()), proc_best_name(current_proc()));
6560 }
6561
6562 if (ifflagsp) {
6563 *ifflagsp = route_ifflags | nstat_diagnostic_flags;
6564 if ((countsp == NULL) && (metadatap == NULL)) {
6565 return true;
6566 }
6567 }
6568 const struct sk_stats_flow *sf = &flow_registration->nexus_stats->fs_stats;
6569 if (sf == NULL) {
6570 nstat_diagnostic_flags |= NSTAT_IFNET_FLOWSWITCH_VALUE_UNOBTAINABLE;
6571 char namebuf[MAXCOMLEN + 1];
6572 (void) strlcpy(dst: namebuf, src: "unknown", n: sizeof(namebuf));
6573 proc_name(pid: client->proc_pid, buf: namebuf, size: sizeof(namebuf));
6574 NECPLOG(LOG_ERR, "req udp stats, necp_client flow_registration flow_stats missing for pid %d %s curproc %d %s\n",
6575 client->proc_pid, namebuf, proc_pid(current_proc()), proc_best_name(current_proc()));
6576 sf = &ntstat_sk_stats_zero;
6577 }
6578
6579 if (countsp) {
6580 countsp->nstat_rxbytes = udpstats->necp_udp_counts.necp_stat_rxbytes;
6581 countsp->nstat_txbytes = udpstats->necp_udp_counts.necp_stat_txbytes;
6582
6583 countsp->nstat_rxduplicatebytes = udpstats->necp_udp_counts.necp_stat_rxduplicatebytes;
6584 countsp->nstat_rxoutoforderbytes = udpstats->necp_udp_counts.necp_stat_rxoutoforderbytes;
6585 countsp->nstat_txretransmit = udpstats->necp_udp_counts.necp_stat_txretransmit;
6586
6587 countsp->nstat_min_rtt = udpstats->necp_udp_counts.necp_stat_min_rtt;
6588 countsp->nstat_avg_rtt = udpstats->necp_udp_counts.necp_stat_avg_rtt;
6589 countsp->nstat_var_rtt = udpstats->necp_udp_counts.necp_stat_var_rtt;
6590
6591 // Supplement what the user level has told us with what we know from the flowswitch
6592 countsp->nstat_rxpackets = sf->sf_ipackets;
6593 countsp->nstat_txpackets = sf->sf_opackets;
6594 if (route_ifflags & NSTAT_IFNET_IS_CELLULAR) {
6595 countsp->nstat_cell_rxbytes = sf->sf_ibytes;
6596 countsp->nstat_cell_txbytes = sf->sf_obytes;
6597 } else if (route_ifflags & NSTAT_IFNET_IS_WIFI) {
6598 countsp->nstat_wifi_rxbytes = sf->sf_ibytes;
6599 countsp->nstat_wifi_txbytes = sf->sf_obytes;
6600 } else if (route_ifflags & NSTAT_IFNET_IS_WIRED) {
6601 countsp->nstat_wired_rxbytes = sf->sf_ibytes;
6602 countsp->nstat_wired_txbytes = sf->sf_obytes;
6603 }
6604 }
6605
6606 if (metadatap) {
6607 nstat_udp_descriptor *desc = (nstat_udp_descriptor *)metadatap;
6608 memset(s: desc, c: 0, n: sizeof(*desc));
6609
6610 // Metadata from the flow registration
6611 uuid_copy(dst: desc->fuuid, src: flow_registration->registration_id);
6612
6613 // Metadata that the necp client should have in TLV format.
6614 pid_t effective_pid = client->proc_pid;
6615 necp_find_netstat_data(client, remote: (union necp_sockaddr_union *)&desc->remote, effective_pid: &effective_pid, uid: &desc->uid, euuid: desc->euuid, persona_id: &desc->persona_id, traffic_class: &desc->traffic_class, fallback_mode: &desc->fallback_mode);
6616 desc->epid = (u_int32_t)effective_pid;
6617
6618 // Metadata from the flow registration
6619 // This needs to revisited if multiple flows are created from one flow registration
6620 struct necp_client_flow *flow = NULL;
6621 LIST_FOREACH(flow, &flow_registration->flow_list, flow_chain) {
6622 memcpy(dst: &desc->local, src: &flow->local_addr, n: sizeof(desc->local));
6623 break;
6624 }
6625
6626 // Metadata from the route
6627 desc->ifindex = route_ifindex;
6628 desc->ifnet_properties = route_ifflags | nstat_diagnostic_flags;
6629 desc->ifnet_properties |= (sf->sf_flags & SFLOWF_ONLINK) ? NSTAT_IFNET_IS_LOCAL : NSTAT_IFNET_IS_NON_LOCAL;
6630
6631 // Basic metadata is all that is required for UDP
6632 desc->rcvbufsize = udpstats->necp_udp_basic.rcvbufsize;
6633 desc->rcvbufused = udpstats->necp_udp_basic.rcvbufused;
6634
6635 memcpy(dst: &desc->activity_bitmap, src: &sf->sf_activity, n: sizeof(sf->sf_activity));
6636
6637 if (NECP_ENABLE_CLIENT_TRACE(NECP_CLIENT_TRACE_LEVEL_FLOW)) {
6638 uuid_string_t euuid_str = { 0 };
6639 uuid_unparse(uu: desc->euuid, out: euuid_str);
6640 NECPLOG(LOG_NOTICE, "Collected stats - UDP - epid %d uid %d euuid %s persona id %d", desc->epid, desc->uid, euuid_str, desc->persona_id);
6641 }
6642 }
6643
6644 return true;
6645}
6646
6647// Called from NetworkStatistics when it wishes to collect latest information for a QUIC flow.
6648//
6649// TODO: For now it is an exact implementation as that of TCP.
6650// Still to keep the logic separate for future divergence, keeping the routines separate.
6651// It also seems there are lots of common code between existing implementations and
6652// it would be good to refactor this logic at some point.
6653static bool
6654necp_request_quic_netstats(userland_stats_provider_context *ctx,
6655 u_int32_t *ifflagsp,
6656 nstat_progress_digest *digestp,
6657 nstat_counts *countsp,
6658 void *metadatap)
6659{
6660 if (ctx == NULL) {
6661 return false;
6662 }
6663
6664 struct necp_client_flow_registration *flow_registration = (struct necp_client_flow_registration *)(uintptr_t)ctx;
6665 struct necp_client *client = flow_registration->client;
6666 struct necp_all_stats *ustats_kaddr = ((struct necp_all_kstats *)flow_registration->kstats_kaddr)->necp_stats_ustats;
6667 struct necp_quic_stats *quicstats = (struct necp_quic_stats *)ustats_kaddr;
6668 ASSERT(quicstats != NULL);
6669
6670 u_int32_t nstat_diagnostic_flags = 0;
6671
6672 // Retrieve details from the last time the assigned flows were updated
6673 u_int32_t route_ifindex = IFSCOPE_NONE;
6674 u_int32_t route_ifflags = NSTAT_IFNET_IS_UNKNOWN_TYPE;
6675 u_int64_t combined_interface_details = 0;
6676
6677 combined_interface_details = os_atomic_load(&flow_registration->last_interface_details, relaxed);
6678 split_interface_details(combined_details: combined_interface_details, interface_index: &route_ifindex, interface_flags: &route_ifflags);
6679
6680 if (route_ifindex == IFSCOPE_NONE) {
6681 // Mark no interface
6682 nstat_diagnostic_flags |= NSTAT_IFNET_ROUTE_VALUE_UNOBTAINABLE;
6683 route_ifflags = NSTAT_IFNET_IS_UNKNOWN_TYPE;
6684 NECPLOG(LOG_INFO, "req quic stats, failed to get route details for pid %d curproc %d %s\n",
6685 client->proc_pid, proc_pid(current_proc()), proc_best_name(current_proc()));
6686 }
6687
6688 if (ifflagsp) {
6689 *ifflagsp = route_ifflags | nstat_diagnostic_flags;
6690 if ((digestp == NULL) && (countsp == NULL) && (metadatap == NULL)) {
6691 return true;
6692 }
6693 }
6694
6695 if (digestp) {
6696 // The digest is intended to give information that may help give insight into the state of the link
6697 // while avoiding the need to do the relatively expensive flowswitch lookup
6698 digestp->rxbytes = quicstats->necp_quic_counts.necp_stat_rxbytes;
6699 digestp->txbytes = quicstats->necp_quic_counts.necp_stat_txbytes;
6700 digestp->rxduplicatebytes = quicstats->necp_quic_counts.necp_stat_rxduplicatebytes;
6701 digestp->rxoutoforderbytes = quicstats->necp_quic_counts.necp_stat_rxoutoforderbytes;
6702 digestp->txretransmit = quicstats->necp_quic_counts.necp_stat_txretransmit;
6703 digestp->ifindex = route_ifindex;
6704 digestp->state = quicstats->necp_quic_extra.state;
6705 digestp->txunacked = quicstats->necp_quic_extra.txunacked;
6706 digestp->txwindow = quicstats->necp_quic_extra.txwindow;
6707 digestp->connstatus.probe_activated = quicstats->necp_quic_extra.probestatus.probe_activated;
6708 digestp->connstatus.write_probe_failed = quicstats->necp_quic_extra.probestatus.write_probe_failed;
6709 digestp->connstatus.read_probe_failed = quicstats->necp_quic_extra.probestatus.read_probe_failed;
6710 digestp->connstatus.conn_probe_failed = quicstats->necp_quic_extra.probestatus.conn_probe_failed;
6711
6712 if ((countsp == NULL) && (metadatap == NULL)) {
6713 return true;
6714 }
6715 }
6716
6717 const struct sk_stats_flow *sf = &flow_registration->nexus_stats->fs_stats;
6718 if (sf == NULL) {
6719 nstat_diagnostic_flags |= NSTAT_IFNET_FLOWSWITCH_VALUE_UNOBTAINABLE;
6720 char namebuf[MAXCOMLEN + 1];
6721 (void) strlcpy(dst: namebuf, src: "unknown", n: sizeof(namebuf));
6722 proc_name(pid: client->proc_pid, buf: namebuf, size: sizeof(namebuf));
6723 NECPLOG(LOG_ERR, "req quic stats, necp_client flow_registration flow_stats missing for pid %d %s curproc %d %s\n",
6724 client->proc_pid, namebuf, proc_pid(current_proc()), proc_best_name(current_proc()));
6725 sf = &ntstat_sk_stats_zero;
6726 }
6727
6728 if (countsp) {
6729 countsp->nstat_rxbytes = quicstats->necp_quic_counts.necp_stat_rxbytes;
6730 countsp->nstat_txbytes = quicstats->necp_quic_counts.necp_stat_txbytes;
6731
6732 countsp->nstat_rxduplicatebytes = quicstats->necp_quic_counts.necp_stat_rxduplicatebytes;
6733 countsp->nstat_rxoutoforderbytes = quicstats->necp_quic_counts.necp_stat_rxoutoforderbytes;
6734 countsp->nstat_txretransmit = quicstats->necp_quic_counts.necp_stat_txretransmit;
6735
6736 countsp->nstat_min_rtt = quicstats->necp_quic_counts.necp_stat_min_rtt;
6737 countsp->nstat_avg_rtt = quicstats->necp_quic_counts.necp_stat_avg_rtt;
6738 countsp->nstat_var_rtt = quicstats->necp_quic_counts.necp_stat_var_rtt;
6739
6740 // TODO: It would be good to expose QUIC stats for CH/SH retransmission and connection state
6741 // Supplement what the user level has told us with what we know from the flowswitch
6742 countsp->nstat_rxpackets = sf->sf_ipackets;
6743 countsp->nstat_txpackets = sf->sf_opackets;
6744 if (route_ifflags & NSTAT_IFNET_IS_CELLULAR) {
6745 countsp->nstat_cell_rxbytes = sf->sf_ibytes;
6746 countsp->nstat_cell_txbytes = sf->sf_obytes;
6747 } else if (route_ifflags & NSTAT_IFNET_IS_WIFI) {
6748 countsp->nstat_wifi_rxbytes = sf->sf_ibytes;
6749 countsp->nstat_wifi_txbytes = sf->sf_obytes;
6750 } else if (route_ifflags & NSTAT_IFNET_IS_WIRED) {
6751 countsp->nstat_wired_rxbytes = sf->sf_ibytes;
6752 countsp->nstat_wired_txbytes = sf->sf_obytes;
6753 }
6754 }
6755
6756 if (metadatap) {
6757 nstat_quic_descriptor *desc = (nstat_quic_descriptor *)metadatap;
6758 memset(s: desc, c: 0, n: sizeof(*desc));
6759
6760 // Metadata from the flow registration
6761 uuid_copy(dst: desc->fuuid, src: flow_registration->registration_id);
6762
6763 // Metadata, that the necp client should have, in TLV format.
6764 pid_t effective_pid = client->proc_pid;
6765 necp_find_netstat_data(client, remote: (union necp_sockaddr_union *)&desc->remote, effective_pid: &effective_pid, uid: &desc->uid, euuid: desc->euuid, persona_id: &desc->persona_id, traffic_class: &desc->traffic_class, fallback_mode: &desc->fallback_mode);
6766 desc->epid = (u_int32_t)effective_pid;
6767
6768 // Metadata from the flow registration
6769 // This needs to revisited if multiple flows are created from one flow registration
6770 struct necp_client_flow *flow = NULL;
6771 LIST_FOREACH(flow, &flow_registration->flow_list, flow_chain) {
6772 memcpy(dst: &desc->local, src: &flow->local_addr, n: sizeof(desc->local));
6773 break;
6774 }
6775
6776 // Metadata from the route
6777 desc->ifindex = route_ifindex;
6778 desc->ifnet_properties = route_ifflags | nstat_diagnostic_flags;
6779 desc->ifnet_properties |= (sf->sf_flags & SFLOWF_ONLINK) ? NSTAT_IFNET_IS_LOCAL : NSTAT_IFNET_IS_NON_LOCAL;
6780
6781 // Basic metadata from userland
6782 desc->rcvbufsize = quicstats->necp_quic_basic.rcvbufsize;
6783 desc->rcvbufused = quicstats->necp_quic_basic.rcvbufused;
6784
6785 // Additional QUIC specific data
6786 desc->sndbufsize = quicstats->necp_quic_extra.sndbufsize;
6787 desc->sndbufused = quicstats->necp_quic_extra.sndbufused;
6788 desc->txunacked = quicstats->necp_quic_extra.txunacked;
6789 desc->txwindow = quicstats->necp_quic_extra.txwindow;
6790 desc->txcwindow = quicstats->necp_quic_extra.txcwindow;
6791 desc->traffic_mgt_flags = quicstats->necp_quic_extra.traffic_mgt_flags;
6792 desc->state = quicstats->necp_quic_extra.state;
6793
6794 // TODO: CC algo defines should be named agnostic of the protocol
6795 u_int32_t cc_alg_index = quicstats->necp_quic_extra.cc_alg_index;
6796 if (cc_alg_index < TCP_CC_ALGO_COUNT) {
6797 strlcpy(dst: desc->cc_algo, src: tcp_cc_algo_list[cc_alg_index]->name, n: sizeof(desc->cc_algo));
6798 } else {
6799 strlcpy(dst: desc->cc_algo, src: "unknown", n: sizeof(desc->cc_algo));
6800 }
6801
6802 memcpy(dst: &desc->activity_bitmap, src: &sf->sf_activity, n: sizeof(sf->sf_activity));
6803
6804 desc->connstatus.probe_activated = quicstats->necp_quic_extra.probestatus.probe_activated;
6805 desc->connstatus.write_probe_failed = quicstats->necp_quic_extra.probestatus.write_probe_failed;
6806 desc->connstatus.read_probe_failed = quicstats->necp_quic_extra.probestatus.read_probe_failed;
6807 desc->connstatus.conn_probe_failed = quicstats->necp_quic_extra.probestatus.conn_probe_failed;
6808
6809 if (NECP_ENABLE_CLIENT_TRACE(NECP_CLIENT_TRACE_LEVEL_FLOW)) {
6810 uuid_string_t euuid_str = { 0 };
6811 uuid_unparse(uu: desc->euuid, out: euuid_str);
6812 NECPLOG(LOG_NOTICE, "Collected stats - QUIC - epid %d uid %d euuid %s persona id %d", desc->epid, desc->uid, euuid_str, desc->persona_id);
6813 }
6814 }
6815 return true;
6816}
6817
6818#endif /* SKYWALK */
6819
6820// Support functions for NetworkStatistics support for necp_client connections
6821
6822static void
6823necp_client_inherit_from_parent(
6824 struct necp_client *client,
6825 struct necp_client *parent)
6826{
6827 assert(client->original_parameters_source == NULL);
6828
6829 if (parent->original_parameters_source != NULL) {
6830 client->original_parameters_source = parent->original_parameters_source;
6831 } else {
6832 client->original_parameters_source = parent;
6833 }
6834 necp_client_retain(client: client->original_parameters_source);
6835}
6836
6837static void
6838necp_find_conn_netstat_data(struct necp_client *client,
6839 u_int32_t *ntstat_flags,
6840 pid_t *effective_pid,
6841 uuid_t puuid,
6842 uid_t *uid,
6843 uuid_t euuid,
6844 uid_t *persona_id)
6845{
6846 bool has_remote_address = false;
6847 bool has_ip_protocol = false;
6848 bool has_transport_protocol = false;
6849 size_t offset = 0;
6850 u_int8_t *parameters;
6851 u_int32_t parameters_size;
6852
6853
6854 parameters = client->parameters;
6855 parameters_size = (u_int32_t)client->parameters_length;
6856
6857 while ((offset + sizeof(struct necp_tlv_header)) <= parameters_size) {
6858 u_int8_t type = necp_buffer_get_tlv_type(buffer: parameters, tlv_offset: offset);
6859 u_int32_t length = necp_buffer_get_tlv_length(buffer: parameters, tlv_offset: offset);
6860
6861 if (length > (parameters_size - (offset + sizeof(struct necp_tlv_header)))) {
6862 // If the length is larger than what can fit in the remaining parameters size, bail
6863 NECPLOG(LOG_ERR, "Invalid TLV length (%u)", length);
6864 break;
6865 }
6866
6867 if (length > 0) {
6868 u_int8_t *value = necp_buffer_get_tlv_value(buffer: parameters, tlv_offset: offset, NULL);
6869 if (value != NULL) {
6870 switch (type) {
6871 case NECP_CLIENT_PARAMETER_APPLICATION: {
6872 if ((euuid) && (length >= sizeof(uuid_t))) {
6873 uuid_copy(dst: euuid, src: value);
6874 }
6875 break;
6876 }
6877 case NECP_CLIENT_PARAMETER_IP_PROTOCOL: {
6878 if (length >= 1) {
6879 has_ip_protocol = true;
6880 }
6881 break;
6882 }
6883 case NECP_CLIENT_PARAMETER_PID: {
6884 if ((effective_pid) && length >= sizeof(pid_t)) {
6885 memcpy(dst: effective_pid, src: value, n: sizeof(pid_t));
6886 }
6887 break;
6888 }
6889 case NECP_CLIENT_PARAMETER_PARENT_ID: {
6890 if ((puuid) && (length == sizeof(uuid_t))) {
6891 uuid_copy(dst: puuid, src: value);
6892 }
6893 break;
6894 }
6895 // It is an implementation quirk that the remote address can be found in the necp parameters
6896 case NECP_CLIENT_PARAMETER_REMOTE_ADDRESS: {
6897 if (length >= sizeof(struct necp_policy_condition_addr)) {
6898 struct necp_policy_condition_addr *address_struct = (struct necp_policy_condition_addr *)(void *)value;
6899 if (necp_client_address_is_valid(&address_struct->address.sa)) {
6900 has_remote_address = true;
6901 }
6902 }
6903 break;
6904 }
6905 case NECP_CLIENT_PARAMETER_TRANSPORT_PROTOCOL: {
6906 if (length >= 1) {
6907 has_transport_protocol = true;
6908 }
6909 break;
6910 }
6911 case NECP_CLIENT_PARAMETER_APPLICATION_ID: {
6912 if (length >= sizeof(necp_application_id_t) && uid && persona_id) {
6913 necp_application_id_t *application_id = (necp_application_id_t *)(void *)value;
6914 memcpy(dst: uid, src: &application_id->uid, n: sizeof(uid_t));
6915 uuid_copy(dst: euuid, src: application_id->effective_uuid);
6916 memcpy(dst: persona_id, src: &application_id->persona_id, n: sizeof(uid_t));
6917 }
6918 break;
6919 }
6920 default: {
6921 break;
6922 }
6923 }
6924 }
6925 }
6926 offset += sizeof(struct necp_tlv_header) + length;
6927 }
6928 if (ntstat_flags) {
6929 *ntstat_flags = (has_remote_address && has_ip_protocol && has_transport_protocol)? NSTAT_NECP_CONN_HAS_NET_ACCESS: 0;
6930 }
6931}
6932
6933static bool
6934necp_request_conn_netstats(nstat_provider_context ctx,
6935 u_int32_t *ifflagsp,
6936 nstat_counts *countsp,
6937 void *metadatap)
6938{
6939 if (ctx == NULL) {
6940 return false;
6941 }
6942 struct necp_client *client = (struct necp_client *)(uintptr_t)ctx;
6943 nstat_connection_descriptor *desc = (nstat_connection_descriptor *)metadatap;
6944
6945 if (ifflagsp) {
6946 necp_find_conn_netstat_data(client, ntstat_flags: ifflagsp, NULL, NULL, NULL, NULL, NULL);
6947 }
6948 if (countsp) {
6949 memset(s: countsp, c: 0, n: sizeof(*countsp));
6950 }
6951 if (desc) {
6952 memset(s: desc, c: 0, n: sizeof(*desc));
6953 // Metadata, that the necp client should have, in TLV format.
6954 pid_t effective_pid = client->proc_pid;
6955 necp_find_conn_netstat_data(client, ntstat_flags: &desc->ifnet_properties, effective_pid: &effective_pid, puuid: desc->puuid, uid: &desc->uid, euuid: desc->euuid, persona_id: &desc->persona_id);
6956 desc->epid = (u_int32_t)effective_pid;
6957
6958 // User level should obtain almost all connection information from an extension
6959 // leaving little to do here
6960 uuid_copy(dst: desc->fuuid, src: client->latest_flow_registration_id);
6961 uuid_copy(dst: desc->cuuid, src: client->client_id);
6962 }
6963 return true;
6964}
6965
6966static int
6967necp_skywalk_priv_check_cred(proc_t p, kauth_cred_t cred)
6968{
6969#pragma unused(p, cred)
6970#if SKYWALK
6971 /* This includes Nexus controller and Skywalk observer privs */
6972 return skywalk_nxctl_check_privileges(p, cred);
6973#else /* !SKYWALK */
6974 return 0;
6975#endif /* !SKYWALK */
6976}
6977
6978/// System calls
6979
6980int
6981necp_open(struct proc *p, struct necp_open_args *uap, int *retval)
6982{
6983#pragma unused(retval)
6984 int error = 0;
6985 struct necp_fd_data *fd_data = NULL;
6986 struct fileproc *fp = NULL;
6987 int fd = -1;
6988
6989 if (uap->flags & NECP_OPEN_FLAG_OBSERVER ||
6990 uap->flags & NECP_OPEN_FLAG_PUSH_OBSERVER) {
6991 if (necp_skywalk_priv_check_cred(p, cred: kauth_cred_get()) != 0 &&
6992 priv_check_cred(cred: kauth_cred_get(), PRIV_NET_PRIVILEGED_NETWORK_STATISTICS, flags: 0) != 0) {
6993 NECPLOG0(LOG_ERR, "Client does not hold necessary entitlement to observe other NECP clients");
6994 error = EACCES;
6995 goto done;
6996 }
6997 }
6998
6999#if CONFIG_MACF
7000 error = mac_necp_check_open(proc: p, flags: uap->flags);
7001 if (error) {
7002 goto done;
7003 }
7004#endif /* MACF */
7005
7006 error = falloc(p, &fp, &fd);
7007 if (error != 0) {
7008 goto done;
7009 }
7010
7011 fd_data = kalloc_type(struct necp_fd_data, Z_WAITOK | Z_ZERO | Z_NOFAIL);
7012
7013 fd_data->necp_fd_type = necp_fd_type_client;
7014 fd_data->flags = uap->flags;
7015 RB_INIT(&fd_data->clients);
7016 RB_INIT(&fd_data->flows);
7017 TAILQ_INIT(&fd_data->update_list);
7018 lck_mtx_init(lck: &fd_data->fd_lock, grp: &necp_fd_mtx_grp, attr: &necp_fd_mtx_attr);
7019 klist_init(list: &fd_data->si.si_note);
7020 fd_data->proc_pid = proc_pid(p);
7021#if SKYWALK
7022 LIST_INIT(&fd_data->stats_arena_list);
7023#endif /* !SKYWALK */
7024
7025 fp->fp_flags |= FP_CLOEXEC | FP_CLOFORK;
7026 fp->fp_glob->fg_flag = FREAD;
7027 fp->fp_glob->fg_ops = &necp_fd_ops;
7028 fp_set_data(fp, fg_data: fd_data);
7029
7030 proc_fdlock(p);
7031
7032 procfdtbl_releasefd(p, fd, NULL);
7033 fp_drop(p, fd, fp, locked: 1);
7034
7035 *retval = fd;
7036
7037 if (fd_data->flags & NECP_OPEN_FLAG_PUSH_OBSERVER) {
7038 NECP_OBSERVER_LIST_LOCK_EXCLUSIVE();
7039 LIST_INSERT_HEAD(&necp_fd_observer_list, fd_data, chain);
7040 OSIncrementAtomic(&necp_observer_fd_count);
7041 NECP_OBSERVER_LIST_UNLOCK();
7042
7043 // Walk all existing clients and add them
7044 NECP_CLIENT_TREE_LOCK_SHARED();
7045 struct necp_client *existing_client = NULL;
7046 RB_FOREACH(existing_client, _necp_client_global_tree, &necp_client_global_tree) {
7047 NECP_CLIENT_LOCK(existing_client);
7048 necp_client_update_observer_add_internal(observer_fd: fd_data, client: existing_client);
7049 necp_client_update_observer_update_internal(observer_fd: fd_data, client: existing_client);
7050 NECP_CLIENT_UNLOCK(existing_client);
7051 }
7052 NECP_CLIENT_TREE_UNLOCK();
7053 } else {
7054 NECP_FD_LIST_LOCK_EXCLUSIVE();
7055 LIST_INSERT_HEAD(&necp_fd_list, fd_data, chain);
7056 OSIncrementAtomic(&necp_client_fd_count);
7057 NECP_FD_LIST_UNLOCK();
7058 }
7059
7060 proc_fdunlock(p);
7061
7062done:
7063 if (error != 0) {
7064 if (fp != NULL) {
7065 fp_free(p, fd, fp);
7066 fp = NULL;
7067 }
7068 if (fd_data != NULL) {
7069 kfree_type(struct necp_fd_data, fd_data);
7070 }
7071 }
7072
7073 return error;
7074}
7075
7076// All functions called directly from necp_client_action() to handle one of the
7077// types should be marked with NECP_CLIENT_ACTION_FUNCTION. This ensures that
7078// necp_client_action() does not inline all the actions into a single function.
7079#define NECP_CLIENT_ACTION_FUNCTION __attribute__((noinline))
7080
7081static NECP_CLIENT_ACTION_FUNCTION int
7082necp_client_add(struct proc *p, struct necp_fd_data *fd_data, struct necp_client_action_args *uap, int *retval)
7083{
7084 int error = 0;
7085 struct necp_client *client = NULL;
7086 const size_t buffer_size = uap->buffer_size;
7087
7088 if (fd_data->flags & NECP_OPEN_FLAG_PUSH_OBSERVER) {
7089 NECPLOG0(LOG_ERR, "NECP client observers with push enabled may not add their own clients");
7090 return EINVAL;
7091 }
7092
7093 if (uap->client_id == 0 || uap->client_id_len != sizeof(uuid_t) ||
7094 buffer_size == 0 || buffer_size > NECP_MAX_CLIENT_PARAMETERS_SIZE || uap->buffer == 0) {
7095 return EINVAL;
7096 }
7097
7098 client = kalloc_type(struct necp_client, Z_WAITOK | Z_ZERO | Z_NOFAIL);
7099 client->parameters = kalloc_data(buffer_size, Z_WAITOK | Z_NOFAIL);
7100 client->parameters_length = buffer_size;
7101 lck_mtx_init(lck: &client->lock, grp: &necp_fd_mtx_grp, attr: &necp_fd_mtx_attr);
7102 lck_mtx_init(lck: &client->route_lock, grp: &necp_fd_mtx_grp, attr: &necp_fd_mtx_attr);
7103
7104 error = copyin(uap->buffer, client->parameters, buffer_size);
7105 if (error) {
7106 NECPLOG(LOG_ERR, "necp_client_add parameters copyin error (%d)", error);
7107 goto done;
7108 }
7109
7110 os_ref_init(&client->reference_count, &necp_client_refgrp); // Hold our reference until close
7111
7112 client->proc_pid = fd_data->proc_pid; // Save off proc pid in case the client will persist past fd
7113 client->agent_handle = (void *)fd_data;
7114 client->platform_binary = ((csproc_get_platform_binary(p) == 0) ? 0 : 1);
7115
7116 necp_generate_client_id(client_id: client->client_id, false);
7117 LIST_INIT(&client->assertion_list);
7118 RB_INIT(&client->flow_registrations);
7119
7120 NECP_CLIENT_LOG(client, "Adding client");
7121
7122 error = copyout(client->client_id, uap->client_id, sizeof(uuid_t));
7123 if (error) {
7124 NECPLOG(LOG_ERR, "necp_client_add client_id copyout error (%d)", error);
7125 goto done;
7126 }
7127
7128#if SKYWALK
7129 struct necp_client_parsed_parameters parsed_parameters = {};
7130 int parse_error = necp_client_parse_parameters(client, parameters: client->parameters, parameters_size: (u_int32_t)client->parameters_length, parsed_parameters: &parsed_parameters);
7131
7132 if (parse_error == 0 &&
7133 ((parsed_parameters.valid_fields & NECP_PARSED_PARAMETERS_FIELD_DELEGATED_UPID) ||
7134 (parsed_parameters.valid_fields & NECP_PARSED_PARAMETERS_FIELD_ATTRIBUTED_BUNDLE_IDENTIFIER))) {
7135 bool has_delegation_entitlement = (priv_check_cred(cred: kauth_cred_get(), PRIV_NET_PRIVILEGED_SOCKET_DELEGATE, flags: 0) == 0);
7136 if (!has_delegation_entitlement) {
7137 if (parsed_parameters.valid_fields & NECP_PARSED_PARAMETERS_FIELD_DELEGATED_UPID) {
7138 NECPLOG(LOG_ERR, "%s(%d) does not hold the necessary entitlement to delegate network traffic for other processes by upid",
7139 proc_name_address(p), proc_pid(p));
7140 }
7141 if (parsed_parameters.valid_fields & NECP_PARSED_PARAMETERS_FIELD_ATTRIBUTED_BUNDLE_IDENTIFIER) {
7142 NECPLOG(LOG_ERR, "%s(%d) does not hold the necessary entitlement to set attributed bundle identifier",
7143 proc_name_address(p), proc_pid(p));
7144 }
7145 error = EPERM;
7146 goto done;
7147 }
7148
7149 if (parsed_parameters.valid_fields & NECP_PARSED_PARAMETERS_FIELD_DELEGATED_UPID) {
7150 // Save off delegated unique PID
7151 client->delegated_upid = parsed_parameters.delegated_upid;
7152 }
7153 }
7154
7155 if (parse_error == 0 && parsed_parameters.flags & NECP_CLIENT_PARAMETER_FLAG_INTERPOSE) {
7156 bool has_nexus_entitlement = (necp_skywalk_priv_check_cred(p, cred: kauth_cred_get()) == 0);
7157 if (!has_nexus_entitlement) {
7158 NECPLOG(LOG_ERR, "%s(%d) does not hold the necessary entitlement to open a custom nexus client",
7159 proc_name_address(p), proc_pid(p));
7160 error = EPERM;
7161 goto done;
7162 }
7163 }
7164
7165 if (parse_error == 0 && (parsed_parameters.flags &
7166 (NECP_CLIENT_PARAMETER_FLAG_CUSTOM_ETHER | NECP_CLIENT_PARAMETER_FLAG_CUSTOM_IP))) {
7167 bool has_custom_protocol_entitlement = (priv_check_cred(cred: kauth_cred_get(), PRIV_NET_CUSTOM_PROTOCOL, flags: 0) == 0);
7168 if (!has_custom_protocol_entitlement) {
7169 NECPLOG(LOG_ERR, "%s(%d) does not hold the necessary entitlement for custom protocol APIs",
7170 proc_name_address(p), proc_pid(p));
7171 error = EPERM;
7172 goto done;
7173 }
7174 }
7175
7176 if (parse_error == 0 && parsed_parameters.flags & NECP_CLIENT_PARAMETER_FLAG_LISTENER &&
7177 (parsed_parameters.ip_protocol == IPPROTO_TCP || parsed_parameters.ip_protocol == IPPROTO_UDP)) {
7178 uint32_t *netns_addr = NULL;
7179 uint8_t netns_addr_len = 0;
7180 struct ns_flow_info flow_info = {};
7181 uint32_t netns_flags = NETNS_LISTENER;
7182 uuid_copy(dst: flow_info.nfi_flow_uuid, src: client->client_id);
7183 flow_info.nfi_protocol = parsed_parameters.ip_protocol;
7184 flow_info.nfi_owner_pid = client->proc_pid;
7185 if (parsed_parameters.valid_fields & NECP_PARSED_PARAMETERS_FIELD_EFFECTIVE_PID) {
7186 flow_info.nfi_effective_pid = parsed_parameters.effective_pid;
7187 } else {
7188 flow_info.nfi_effective_pid = flow_info.nfi_owner_pid;
7189 }
7190 proc_name(pid: flow_info.nfi_owner_pid, buf: flow_info.nfi_owner_name, MAXCOMLEN);
7191 proc_name(pid: flow_info.nfi_effective_pid, buf: flow_info.nfi_effective_name, MAXCOMLEN);
7192
7193 if (parsed_parameters.local_addr.sa.sa_family == AF_UNSPEC) {
7194 // Treat no local address as a wildcard IPv6
7195 // parsed_parameters is already initialized to all zeros
7196 parsed_parameters.local_addr.sin6.sin6_family = AF_INET6;
7197 parsed_parameters.local_addr.sin6.sin6_len = sizeof(struct sockaddr_in6);
7198 }
7199
7200 switch (parsed_parameters.local_addr.sa.sa_family) {
7201 case AF_INET: {
7202 memcpy(dst: &flow_info.nfi_laddr, src: &parsed_parameters.local_addr.sa, n: parsed_parameters.local_addr.sa.sa_len);
7203 netns_addr = (uint32_t *)&parsed_parameters.local_addr.sin.sin_addr;
7204 netns_addr_len = 4;
7205 break;
7206 }
7207 case AF_INET6: {
7208 memcpy(dst: &flow_info.nfi_laddr, src: &parsed_parameters.local_addr.sa, n: parsed_parameters.local_addr.sa.sa_len);
7209 netns_addr = (uint32_t *)&parsed_parameters.local_addr.sin6.sin6_addr;
7210 netns_addr_len = 16;
7211 break;
7212 }
7213
7214 default: {
7215 NECPLOG(LOG_ERR, "necp_client_add listener invalid address family (%d)", parsed_parameters.local_addr.sa.sa_family);
7216 error = EINVAL;
7217 goto done;
7218 }
7219 }
7220 if ((parsed_parameters.valid_fields & NECP_PARSED_PARAMETERS_FIELD_FLAGS) &&
7221 (parsed_parameters.flags & NECP_CLIENT_PARAMETER_FLAG_REUSE_LOCAL)) {
7222 netns_flags |= NETNS_REUSEPORT;
7223 }
7224 if (parsed_parameters.local_addr.sin.sin_port == 0) {
7225 error = netns_reserve_ephemeral(token: &client->port_reservation, addr: netns_addr, addr_len: netns_addr_len, proto: parsed_parameters.ip_protocol,
7226 port: &parsed_parameters.local_addr.sin.sin_port, flags: netns_flags, nfi: &flow_info);
7227 if (error) {
7228 NECPLOG(LOG_ERR, "necp_client_add netns_reserve_ephemeral error (%d)", error);
7229 goto done;
7230 }
7231
7232 // Update the parameter TLVs with the assigned port
7233 necp_client_update_local_port_parameters(parameters: client->parameters, parameters_size: (u_int32_t)client->parameters_length, local_port: parsed_parameters.local_addr.sin.sin_port);
7234 } else {
7235 error = netns_reserve(token: &client->port_reservation, addr: netns_addr, addr_len: netns_addr_len, proto: parsed_parameters.ip_protocol,
7236 port: parsed_parameters.local_addr.sin.sin_port, flags: netns_flags, nfi: &flow_info);
7237 if (error) {
7238 NECPLOG(LOG_ERR, "necp_client_add netns_reserve error (%d)", error);
7239 goto done;
7240 }
7241 }
7242 }
7243
7244 struct necp_client *parent = NULL;
7245 uuid_t parent_client_id;
7246 uuid_clear(uu: parent_client_id);
7247 struct necp_client_nexus_parameters parent_parameters = {};
7248 uint16_t num_flow_regs = 0;
7249 if (parsed_parameters.valid_fields & NECP_PARSED_PARAMETERS_FIELD_PARENT_UUID) {
7250 // The parent "should" be found on fd_data without having to search across the whole necp_fd_list
7251 // It would be nice to do this a little further down where there's another instance of NECP_FD_LOCK
7252 // but the logic here depends on the parse paramters
7253 NECP_FD_LOCK(fd_data);
7254 parent = necp_client_fd_find_client_unlocked(client_fd: fd_data, client_id: parsed_parameters.parent_uuid);
7255 if (parent != NULL) {
7256 necp_client_inherit_from_parent(client, parent);
7257 necp_client_copy_parameters_locked(client, parameters: &parent_parameters);
7258 uuid_copy(dst: parent_client_id, src: parsed_parameters.parent_uuid);
7259 struct necp_client_flow_registration *flow_registration = NULL;
7260 RB_FOREACH(flow_registration, _necp_client_flow_tree, &parent->flow_registrations) {
7261 num_flow_regs++;
7262 }
7263 }
7264 NECP_FD_UNLOCK(fd_data);
7265 if (parent == NULL) {
7266 NECPLOG0(LOG_ERR, "necp_client_add, no necp_client_inherit_from_parent as can't find parent on fd_data");
7267 }
7268 }
7269 if (parse_error == 0 && parent != NULL && parsed_parameters.valid_fields & NECP_PARSED_PARAMETERS_FIELD_FLOW_DEMUX_PATTERN) {
7270 do {
7271 if (parsed_parameters.demux_patterns[0].len == 0) {
7272 NECPLOG0(LOG_INFO, "necp_client_add, child does not have a demux pattern");
7273 break;
7274 }
7275
7276 if (uuid_is_null(uu: parent_client_id)) {
7277 NECPLOG0(LOG_INFO, "necp_client_add, parent ID is null");
7278 break;
7279 }
7280
7281 if (num_flow_regs > 1) {
7282 NECPLOG0(LOG_INFO, "necp_client_add, multiple parent flows not supported");
7283 break;
7284 }
7285 if (parsed_parameters.ip_protocol != IPPROTO_UDP) {
7286 NECPLOG(LOG_INFO, "necp_client_add, flow demux pattern not supported for %d protocol",
7287 parsed_parameters.ip_protocol);
7288 break;
7289 }
7290 if (parsed_parameters.ip_protocol != parent_parameters.ip_protocol) {
7291 NECPLOG0(LOG_INFO, "necp_client_add, parent/child ip protocol mismatch");
7292 break;
7293 }
7294 if (parsed_parameters.local_addr.sa.sa_family != AF_INET && parsed_parameters.local_addr.sa.sa_family != AF_INET6) {
7295 NECPLOG(LOG_INFO, "necp_client_add, flow demux pattern not supported for %d family",
7296 parsed_parameters.local_addr.sa.sa_family);
7297 break;
7298 }
7299 if (parsed_parameters.local_addr.sa.sa_family != parsed_parameters.remote_addr.sa.sa_family) {
7300 NECPLOG0(LOG_INFO, "necp_client_add, local/remote address family mismatch");
7301 break;
7302 }
7303 if (parsed_parameters.local_addr.sa.sa_family != parent_parameters.local_addr.sa.sa_family) {
7304 NECPLOG0(LOG_INFO, "necp_client_add, parent/child address family mismatch");
7305 break;
7306 }
7307 if (memcmp(s1: &parsed_parameters.local_addr.sa, s2: &parent_parameters.local_addr.sa, n: parsed_parameters.local_addr.sa.sa_len)) {
7308 NECPLOG0(LOG_INFO, "necp_client_add, parent/child local address mismatch");
7309 break;
7310 }
7311 if (memcmp(s1: &parsed_parameters.remote_addr.sa, s2: &parent_parameters.remote_addr.sa, n: parsed_parameters.remote_addr.sa.sa_len)) {
7312 NECPLOG0(LOG_INFO, "necp_client_add, parent/child remote address mismatch");
7313 break;
7314 }
7315 if (parsed_parameters.local_addr.sin.sin_port != parent_parameters.local_addr.sin.sin_port) {
7316 NECPLOG0(LOG_INFO, "necp_client_add, parent/child local port mismatch");
7317 break;
7318 }
7319 if (parsed_parameters.remote_addr.sin.sin_port != parent_parameters.remote_addr.sin.sin_port) {
7320 NECPLOG0(LOG_INFO, "necp_client_add, parent/child remote port mismatch");
7321 break;
7322 }
7323 client->validated_parent = 1;
7324 uuid_copy(dst: client->parent_client_id, src: parent_client_id);
7325 } while (false);
7326 }
7327
7328#endif /* !SKYWALK */
7329
7330 necp_client_update_observer_add(client);
7331
7332 NECP_FD_LOCK(fd_data);
7333 RB_INSERT(_necp_client_tree, &fd_data->clients, client);
7334 OSIncrementAtomic(&necp_client_count);
7335 NECP_CLIENT_TREE_LOCK_EXCLUSIVE();
7336 RB_INSERT(_necp_client_global_tree, &necp_client_global_tree, client);
7337 NECP_CLIENT_TREE_UNLOCK();
7338
7339 // Prime the client result
7340 NECP_CLIENT_LOCK(client);
7341 (void)necp_update_client_result(proc: current_proc(), client_fd: fd_data, client, NULL);
7342 necp_client_retain_locked(client);
7343 NECP_CLIENT_UNLOCK(client);
7344 NECP_FD_UNLOCK(fd_data);
7345 // Now everything is set, it's safe to plumb this in to NetworkStatistics
7346 uint32_t ntstat_properties = 0;
7347 necp_find_conn_netstat_data(client, ntstat_flags: &ntstat_properties, NULL, NULL, NULL, NULL, NULL);
7348
7349 client->nstat_context = nstat_provider_stats_open(ctx: (nstat_provider_context)client,
7350 provider_id: NSTAT_PROVIDER_CONN_USERLAND, properties: (u_int64_t)ntstat_properties, req_fn: necp_request_conn_netstats, req_extensions_fn: necp_find_conn_extension_info);
7351 necp_client_release(client);
7352done:
7353 if (error != 0 && client != NULL) {
7354 necp_client_free(client);
7355 client = NULL;
7356 }
7357 *retval = error;
7358
7359 return error;
7360}
7361
7362static NECP_CLIENT_ACTION_FUNCTION int
7363necp_client_claim(struct proc *p, struct necp_fd_data *fd_data, struct necp_client_action_args *uap, int *retval)
7364{
7365 int error = 0;
7366 uuid_t client_id = {};
7367 struct necp_client *client = NULL;
7368
7369 if (uap->client_id == 0 || uap->client_id_len != sizeof(uuid_t)) {
7370 error = EINVAL;
7371 goto done;
7372 }
7373
7374 error = copyin(uap->client_id, client_id, sizeof(uuid_t));
7375 if (error) {
7376 NECPLOG(LOG_ERR, "necp_client_claim copyin client_id error (%d)", error);
7377 goto done;
7378 }
7379
7380 if (necp_client_id_is_flow(client_id)) {
7381 NECPLOG0(LOG_ERR, "necp_client_claim cannot claim from flow UUID");
7382 error = EINVAL;
7383 goto done;
7384 }
7385
7386 u_int64_t upid = proc_uniqueid(p);
7387
7388 NECP_FD_LIST_LOCK_SHARED();
7389
7390 struct necp_fd_data *find_fd = NULL;
7391 LIST_FOREACH(find_fd, &necp_fd_list, chain) {
7392 NECP_FD_LOCK(find_fd);
7393 struct necp_client *find_client = necp_client_fd_find_client_and_lock(client_fd: find_fd, client_id);
7394 if (find_client != NULL) {
7395 if (find_client->delegated_upid == upid &&
7396 RB_EMPTY(&find_client->flow_registrations)) {
7397 // Matched the client to claim; remove from the old fd
7398 client = find_client;
7399 RB_REMOVE(_necp_client_tree, &find_fd->clients, client);
7400 necp_client_retain_locked(client);
7401 }
7402 NECP_CLIENT_UNLOCK(find_client);
7403 }
7404 NECP_FD_UNLOCK(find_fd);
7405
7406 if (client != NULL) {
7407 break;
7408 }
7409 }
7410
7411 NECP_FD_LIST_UNLOCK();
7412
7413 if (client == NULL) {
7414 error = ENOENT;
7415 goto done;
7416 }
7417
7418 client->proc_pid = fd_data->proc_pid; // Transfer client to claiming pid
7419 client->agent_handle = (void *)fd_data;
7420 client->platform_binary = ((csproc_get_platform_binary(p) == 0) ? 0 : 1);
7421
7422 NECP_CLIENT_LOG(client, "Claiming client");
7423
7424 // Add matched client to our fd and re-run result
7425 NECP_FD_LOCK(fd_data);
7426 RB_INSERT(_necp_client_tree, &fd_data->clients, client);
7427 NECP_CLIENT_LOCK(client);
7428 (void)necp_update_client_result(proc: current_proc(), client_fd: fd_data, client, NULL);
7429 NECP_CLIENT_UNLOCK(client);
7430 NECP_FD_UNLOCK(fd_data);
7431
7432 necp_client_release(client);
7433
7434done:
7435 *retval = error;
7436
7437 return error;
7438}
7439
7440static NECP_CLIENT_ACTION_FUNCTION int
7441necp_client_remove(struct necp_fd_data *fd_data, struct necp_client_action_args *uap, int *retval)
7442{
7443 int error = 0;
7444 uuid_t client_id = {};
7445 struct ifnet_stats_per_flow flow_ifnet_stats = {};
7446 const size_t buffer_size = uap->buffer_size;
7447
7448 if (uap->client_id == 0 || uap->client_id_len != sizeof(uuid_t)) {
7449 error = EINVAL;
7450 goto done;
7451 }
7452
7453 error = copyin(uap->client_id, client_id, sizeof(uuid_t));
7454 if (error) {
7455 NECPLOG(LOG_ERR, "necp_client_remove copyin client_id error (%d)", error);
7456 goto done;
7457 }
7458
7459 if (uap->buffer != 0 && buffer_size == sizeof(flow_ifnet_stats)) {
7460 error = copyin(uap->buffer, &flow_ifnet_stats, buffer_size);
7461 if (error) {
7462 NECPLOG(LOG_ERR, "necp_client_remove flow_ifnet_stats copyin error (%d)", error);
7463 // Not fatal; make sure to zero-out stats in case of partial copy
7464 memset(s: &flow_ifnet_stats, c: 0, n: sizeof(flow_ifnet_stats));
7465 error = 0;
7466 }
7467 } else if (uap->buffer != 0) {
7468 NECPLOG(LOG_ERR, "necp_client_remove unexpected parameters length (%zu)", buffer_size);
7469 }
7470
7471 NECP_FD_LOCK(fd_data);
7472
7473 pid_t pid = fd_data->proc_pid;
7474 struct necp_client *client = necp_client_fd_find_client_unlocked(client_fd: fd_data, client_id);
7475
7476 NECP_CLIENT_LOG(client, "Removing client");
7477
7478 if (client != NULL) {
7479 // Remove any flow registrations that match
7480 struct necp_client_flow_registration *flow_registration = NULL;
7481 struct necp_client_flow_registration *temp_flow_registration = NULL;
7482 RB_FOREACH_SAFE(flow_registration, _necp_fd_flow_tree, &fd_data->flows, temp_flow_registration) {
7483 if (flow_registration->client == client) {
7484#if SKYWALK
7485 necp_destroy_flow_stats(fd_data, flow_registration, NULL, TRUE);
7486#endif /* SKYWALK */
7487 NECP_FLOW_TREE_LOCK_EXCLUSIVE();
7488 RB_REMOVE(_necp_client_flow_global_tree, &necp_client_flow_global_tree, flow_registration);
7489 NECP_FLOW_TREE_UNLOCK();
7490 RB_REMOVE(_necp_fd_flow_tree, &fd_data->flows, flow_registration);
7491 }
7492 }
7493#if SKYWALK
7494 if (client->nstat_context != NULL) {
7495 // Main path, we expect stats to be in existance at this point
7496 nstat_provider_stats_close(nstat_ctx: client->nstat_context);
7497 client->nstat_context = NULL;
7498 } else {
7499 NECPLOG0(LOG_ERR, "necp_client_remove ntstat shutdown finds nstat_context NULL");
7500 }
7501#endif /* SKYWALK */
7502 // Remove client from lists
7503 NECP_CLIENT_TREE_LOCK_EXCLUSIVE();
7504 RB_REMOVE(_necp_client_global_tree, &necp_client_global_tree, client);
7505 NECP_CLIENT_TREE_UNLOCK();
7506 RB_REMOVE(_necp_client_tree, &fd_data->clients, client);
7507 }
7508
7509#if SKYWALK
7510 // If the currently-active arena is idle (has no more flows referring to it), or if there are defunct
7511 // arenas lingering in the list, schedule a threadcall to do the clean up. The idle check is done
7512 // by checking if the reference count is 3: one held by this client (will be released below when we
7513 // destroy it) when it's non-NULL; the rest held by stats_arena_{active,list}.
7514 if ((fd_data->stats_arena_active != NULL && fd_data->stats_arena_active->nai_use_count == 3) ||
7515 (fd_data->stats_arena_active == NULL && !LIST_EMPTY(&fd_data->stats_arena_list))) {
7516 uint64_t deadline = 0;
7517 uint64_t leeway = 0;
7518 clock_interval_to_deadline(interval: necp_close_arenas_timeout_microseconds, NSEC_PER_USEC, result: &deadline);
7519 clock_interval_to_absolutetime_interval(interval: necp_close_arenas_timeout_leeway_microseconds, NSEC_PER_USEC, result: &leeway);
7520
7521 thread_call_enter_delayed_with_leeway(call: necp_close_empty_arenas_tcall, NULL,
7522 deadline, leeway, THREAD_CALL_DELAY_LEEWAY);
7523 }
7524#endif /* SKYWALK */
7525
7526 NECP_FD_UNLOCK(fd_data);
7527
7528 if (client != NULL) {
7529 ASSERT(error == 0);
7530 necp_destroy_client(client, pid, true);
7531 } else {
7532 error = ENOENT;
7533 NECPLOG(LOG_ERR, "necp_client_remove invalid client_id (%d)", error);
7534 }
7535done:
7536 *retval = error;
7537
7538 return error;
7539}
7540
7541static struct necp_client_flow_registration *
7542necp_client_fd_find_flow(struct necp_fd_data *client_fd, uuid_t flow_id)
7543{
7544 NECP_FD_ASSERT_LOCKED(client_fd);
7545 struct necp_client_flow_registration *flow = NULL;
7546
7547 if (necp_client_id_is_flow(client_id: flow_id)) {
7548 struct necp_client_flow_registration find;
7549 uuid_copy(dst: find.registration_id, src: flow_id);
7550 flow = RB_FIND(_necp_fd_flow_tree, &client_fd->flows, &find);
7551 }
7552
7553 return flow;
7554}
7555
7556static NECP_CLIENT_ACTION_FUNCTION int
7557necp_client_remove_flow(struct necp_fd_data *fd_data, struct necp_client_action_args *uap, int *retval)
7558{
7559 int error = 0;
7560 uuid_t flow_id = {};
7561 struct ifnet_stats_per_flow flow_ifnet_stats = {};
7562 const size_t buffer_size = uap->buffer_size;
7563
7564 if (uap->client_id == 0 || uap->client_id_len != sizeof(uuid_t)) {
7565 error = EINVAL;
7566 NECPLOG(LOG_ERR, "necp_client_remove_flow invalid client_id (length %zu)", (size_t)uap->client_id_len);
7567 goto done;
7568 }
7569
7570 error = copyin(uap->client_id, flow_id, sizeof(uuid_t));
7571 if (error) {
7572 NECPLOG(LOG_ERR, "necp_client_remove_flow copyin client_id error (%d)", error);
7573 goto done;
7574 }
7575
7576 if (uap->buffer != 0 && buffer_size == sizeof(flow_ifnet_stats)) {
7577 error = copyin(uap->buffer, &flow_ifnet_stats, buffer_size);
7578 if (error) {
7579 NECPLOG(LOG_ERR, "necp_client_remove flow_ifnet_stats copyin error (%d)", error);
7580 // Not fatal
7581 }
7582 } else if (uap->buffer != 0) {
7583 NECPLOG(LOG_ERR, "necp_client_remove unexpected parameters length (%zu)", buffer_size);
7584 }
7585
7586 NECP_FD_LOCK(fd_data);
7587 struct necp_client *client = NULL;
7588 struct necp_client_flow_registration *flow_registration = necp_client_fd_find_flow(client_fd: fd_data, flow_id);
7589 if (flow_registration != NULL) {
7590#if SKYWALK
7591 // Cleanup stats per flow
7592 necp_destroy_flow_stats(fd_data, flow_registration, flow_ifnet_stats: &flow_ifnet_stats, TRUE);
7593#endif /* SKYWALK */
7594 NECP_FLOW_TREE_LOCK_EXCLUSIVE();
7595 RB_REMOVE(_necp_client_flow_global_tree, &necp_client_flow_global_tree, flow_registration);
7596 NECP_FLOW_TREE_UNLOCK();
7597 RB_REMOVE(_necp_fd_flow_tree, &fd_data->flows, flow_registration);
7598
7599 client = flow_registration->client;
7600 if (client != NULL) {
7601 necp_client_retain(client);
7602 }
7603 }
7604 NECP_FD_UNLOCK(fd_data);
7605
7606 NECP_CLIENT_FLOW_LOG(client, flow_registration, "removing flow");
7607
7608 if (flow_registration != NULL && client != NULL) {
7609 NECP_CLIENT_LOCK(client);
7610 if (flow_registration->client == client) {
7611 necp_destroy_client_flow_registration(client, flow_registration, pid: fd_data->proc_pid, false);
7612 }
7613 necp_client_release_locked(client);
7614 NECP_CLIENT_UNLOCK(client);
7615 }
7616
7617done:
7618 *retval = error;
7619 if (error != 0) {
7620 NECPLOG(LOG_ERR, "Remove flow error (%d)", error);
7621 }
7622
7623 return error;
7624}
7625
7626// Don't inline the function since it includes necp_client_parsed_parameters on the stack
7627static __attribute__((noinline)) int
7628necp_client_check_tcp_heuristics(struct necp_client *client, struct necp_client_flow *flow, u_int32_t *flags, u_int8_t *tfo_cookie, u_int8_t *tfo_cookie_len)
7629{
7630 struct necp_client_parsed_parameters parsed_parameters;
7631 int error = 0;
7632
7633 error = necp_client_parse_parameters(client, parameters: client->parameters,
7634 parameters_size: (u_int32_t)client->parameters_length,
7635 parsed_parameters: &parsed_parameters);
7636 if (error) {
7637 NECPLOG(LOG_ERR, "necp_client_parse_parameters error (%d)", error);
7638 return error;
7639 }
7640
7641 if ((flow->remote_addr.sa.sa_family != AF_INET &&
7642 flow->remote_addr.sa.sa_family != AF_INET6) ||
7643 (flow->local_addr.sa.sa_family != AF_INET &&
7644 flow->local_addr.sa.sa_family != AF_INET6)) {
7645 return EINVAL;
7646 }
7647
7648 NECP_CLIENT_ROUTE_LOCK(client);
7649
7650 if (client->current_route == NULL) {
7651 error = ENOENT;
7652 goto do_unlock;
7653 }
7654
7655 bool check_ecn = false;
7656 do {
7657 if ((parsed_parameters.flags & NECP_CLIENT_PARAMETER_FLAG_ECN_ENABLE) ==
7658 NECP_CLIENT_PARAMETER_FLAG_ECN_ENABLE) {
7659 check_ecn = true;
7660 break;
7661 }
7662
7663 if ((parsed_parameters.flags & NECP_CLIENT_PARAMETER_FLAG_ECN_DISABLE) ==
7664 NECP_CLIENT_PARAMETER_FLAG_ECN_DISABLE) {
7665 break;
7666 }
7667
7668 if (client->current_route != NULL) {
7669 if (client->current_route->rt_ifp->if_eflags & IFEF_ECN_ENABLE) {
7670 check_ecn = true;
7671 break;
7672 }
7673 if (client->current_route->rt_ifp->if_eflags & IFEF_ECN_DISABLE) {
7674 break;
7675 }
7676 }
7677
7678 bool inbound = ((parsed_parameters.flags & NECP_CLIENT_PARAMETER_FLAG_LISTENER) == 0);
7679 if ((inbound && tcp_ecn_inbound == 1) ||
7680 (!inbound && tcp_ecn_outbound == 1)) {
7681 check_ecn = true;
7682 }
7683 } while (false);
7684
7685 if (check_ecn) {
7686 if (tcp_heuristic_do_ecn_with_address(ifp: client->current_route->rt_ifp,
7687 local_address: (union sockaddr_in_4_6 *)&flow->local_addr)) {
7688 *flags |= NECP_CLIENT_RESULT_FLAG_ECN_ENABLED;
7689 }
7690 }
7691
7692 if ((parsed_parameters.flags & NECP_CLIENT_PARAMETER_FLAG_TFO_ENABLE) ==
7693 NECP_CLIENT_PARAMETER_FLAG_TFO_ENABLE) {
7694 if (!tcp_heuristic_do_tfo_with_address(ifp: client->current_route->rt_ifp,
7695 local_address: (union sockaddr_in_4_6 *)&flow->local_addr,
7696 remote_address: (union sockaddr_in_4_6 *)&flow->remote_addr,
7697 cookie: tfo_cookie, cookie_len: tfo_cookie_len)) {
7698 *flags |= NECP_CLIENT_RESULT_FLAG_FAST_OPEN_BLOCKED;
7699 *tfo_cookie_len = 0;
7700 }
7701 } else {
7702 *flags |= NECP_CLIENT_RESULT_FLAG_FAST_OPEN_BLOCKED;
7703 *tfo_cookie_len = 0;
7704 }
7705do_unlock:
7706 NECP_CLIENT_ROUTE_UNLOCK(client);
7707
7708 return error;
7709}
7710
7711static size_t
7712necp_client_calculate_flow_tlv_size(struct necp_client_flow_registration *flow_registration)
7713{
7714 size_t assigned_results_size = 0;
7715 struct necp_client_flow *flow = NULL;
7716 LIST_FOREACH(flow, &flow_registration->flow_list, flow_chain) {
7717 if (flow->assigned || !necp_client_endpoint_is_unspecified(endpoint: (struct necp_client_endpoint *)&flow->remote_addr)) {
7718 size_t header_length = 0;
7719 if (flow->nexus) {
7720 header_length = sizeof(struct necp_client_nexus_flow_header);
7721 } else {
7722 header_length = sizeof(struct necp_client_flow_header);
7723 }
7724 assigned_results_size += (header_length + flow->assigned_results_length);
7725
7726 if (flow->has_protoctl_event) {
7727 assigned_results_size += sizeof(struct necp_client_flow_protoctl_event_header);
7728 }
7729 }
7730 }
7731 return assigned_results_size;
7732}
7733
7734static int
7735necp_client_fillout_flow_tlvs(struct necp_client *client,
7736 bool client_is_observed,
7737 struct necp_client_flow_registration *flow_registration,
7738 struct necp_client_action_args *uap,
7739 size_t *assigned_results_cursor)
7740{
7741 int error = 0;
7742 struct necp_client_flow *flow = NULL;
7743 LIST_FOREACH(flow, &flow_registration->flow_list, flow_chain) {
7744 if (flow->assigned || !necp_client_endpoint_is_unspecified(endpoint: (struct necp_client_endpoint *)&flow->remote_addr)) {
7745 // Write TLV headers
7746 struct necp_client_nexus_flow_header header = {};
7747 u_int32_t length = 0;
7748 u_int32_t flags = 0;
7749 u_int8_t tfo_cookie_len = 0;
7750 u_int8_t type = 0;
7751
7752 type = NECP_CLIENT_RESULT_FLOW_ID;
7753 length = sizeof(header.flow_header.flow_id);
7754 memcpy(dst: &header.flow_header.flow_id_tlv_header.type, src: &type, n: sizeof(type));
7755 memcpy(dst: &header.flow_header.flow_id_tlv_header.length, src: &length, n: sizeof(length));
7756 uuid_copy(dst: header.flow_header.flow_id, src: flow_registration->registration_id);
7757
7758 if (flow->nexus) {
7759 if (flow->check_tcp_heuristics) {
7760 u_int8_t tfo_cookie[NECP_TFO_COOKIE_LEN_MAX];
7761 tfo_cookie_len = NECP_TFO_COOKIE_LEN_MAX;
7762
7763 if (necp_client_check_tcp_heuristics(client, flow, flags: &flags,
7764 tfo_cookie, tfo_cookie_len: &tfo_cookie_len) != 0) {
7765 tfo_cookie_len = 0;
7766 } else {
7767 flow->check_tcp_heuristics = FALSE;
7768
7769 if (tfo_cookie_len != 0) {
7770 type = NECP_CLIENT_RESULT_TFO_COOKIE;
7771 length = tfo_cookie_len;
7772 memcpy(dst: &header.tfo_cookie_tlv_header.type, src: &type, n: sizeof(type));
7773 memcpy(dst: &header.tfo_cookie_tlv_header.length, src: &length, n: sizeof(length));
7774 memcpy(dst: &header.tfo_cookie_value, src: tfo_cookie, n: tfo_cookie_len);
7775 }
7776 }
7777 }
7778 }
7779
7780 size_t header_length = 0;
7781 if (flow->nexus) {
7782 if (tfo_cookie_len != 0) {
7783 header_length = sizeof(struct necp_client_nexus_flow_header) - (NECP_TFO_COOKIE_LEN_MAX - tfo_cookie_len);
7784 } else {
7785 header_length = sizeof(struct necp_client_nexus_flow_header) - sizeof(struct necp_tlv_header) - NECP_TFO_COOKIE_LEN_MAX;
7786 }
7787 } else {
7788 header_length = sizeof(struct necp_client_flow_header);
7789 }
7790
7791 type = NECP_CLIENT_RESULT_FLAGS;
7792 length = sizeof(header.flow_header.flags_value);
7793 memcpy(dst: &header.flow_header.flags_tlv_header.type, src: &type, n: sizeof(type));
7794 memcpy(dst: &header.flow_header.flags_tlv_header.length, src: &length, n: sizeof(length));
7795 if (flow->assigned) {
7796 flags |= NECP_CLIENT_RESULT_FLAG_FLOW_ASSIGNED;
7797 }
7798 if (flow->viable) {
7799 flags |= NECP_CLIENT_RESULT_FLAG_FLOW_VIABLE;
7800 }
7801 if (flow_registration->defunct) {
7802 flags |= NECP_CLIENT_RESULT_FLAG_DEFUNCT;
7803 }
7804 flags |= flow->necp_flow_flags;
7805 memcpy(dst: &header.flow_header.flags_value, src: &flags, n: sizeof(flags));
7806
7807 type = NECP_CLIENT_RESULT_INTERFACE;
7808 length = sizeof(header.flow_header.interface_value);
7809 memcpy(dst: &header.flow_header.interface_tlv_header.type, src: &type, n: sizeof(type));
7810 memcpy(dst: &header.flow_header.interface_tlv_header.length, src: &length, n: sizeof(length));
7811
7812 struct necp_client_result_interface interface_struct;
7813 interface_struct.generation = 0;
7814 interface_struct.index = flow->interface_index;
7815
7816 memcpy(dst: &header.flow_header.interface_value, src: &interface_struct, n: sizeof(interface_struct));
7817 if (flow->nexus) {
7818 type = NECP_CLIENT_RESULT_NETAGENT;
7819 length = sizeof(header.agent_value);
7820 memcpy(dst: &header.agent_tlv_header.type, src: &type, n: sizeof(type));
7821 memcpy(dst: &header.agent_tlv_header.length, src: &length, n: sizeof(length));
7822
7823 struct necp_client_result_netagent agent_struct;
7824 uuid_copy(dst: agent_struct.netagent_uuid, src: flow->u.nexus_agent);
7825 agent_struct.generation = netagent_get_generation(uuid: agent_struct.netagent_uuid);
7826
7827 memcpy(dst: &header.agent_value, src: &agent_struct, n: sizeof(agent_struct));
7828 }
7829
7830 // Don't include outer TLV header in length field
7831 type = NECP_CLIENT_RESULT_FLOW;
7832 length = (header_length - sizeof(struct necp_tlv_header) + flow->assigned_results_length);
7833 if (flow->has_protoctl_event) {
7834 length += sizeof(struct necp_client_flow_protoctl_event_header);
7835 }
7836 memcpy(dst: &header.flow_header.outer_header.type, src: &type, n: sizeof(type));
7837 memcpy(dst: &header.flow_header.outer_header.length, src: &length, n: sizeof(length));
7838
7839 error = copyout(&header, uap->buffer + client->result_length + *assigned_results_cursor, header_length);
7840 if (error) {
7841 NECPLOG(LOG_ERR, "necp_client_copy assigned results tlv_header copyout error (%d)", error);
7842 return error;
7843 }
7844 *assigned_results_cursor += header_length;
7845
7846 if (flow->assigned_results && flow->assigned_results_length) {
7847 // Write inner TLVs
7848 error = copyout(flow->assigned_results, uap->buffer + client->result_length + *assigned_results_cursor,
7849 flow->assigned_results_length);
7850 if (error) {
7851 NECPLOG(LOG_ERR, "necp_client_copy assigned results copyout error (%d)", error);
7852 return error;
7853 }
7854 }
7855 *assigned_results_cursor += flow->assigned_results_length;
7856
7857 /* Read the protocol event and reset it */
7858 if (flow->has_protoctl_event) {
7859 struct necp_client_flow_protoctl_event_header protoctl_event_header = {};
7860
7861 type = NECP_CLIENT_RESULT_PROTO_CTL_EVENT;
7862 length = sizeof(protoctl_event_header.protoctl_event);
7863
7864 memcpy(dst: &protoctl_event_header.protoctl_tlv_header.type, src: &type, n: sizeof(type));
7865 memcpy(dst: &protoctl_event_header.protoctl_tlv_header.length, src: &length, n: sizeof(length));
7866 memcpy(dst: &protoctl_event_header.protoctl_event, src: &flow->protoctl_event,
7867 n: sizeof(flow->protoctl_event));
7868
7869 error = copyout(&protoctl_event_header, uap->buffer + client->result_length + *assigned_results_cursor,
7870 sizeof(protoctl_event_header));
7871
7872 if (error) {
7873 NECPLOG(LOG_ERR, "necp_client_copy protocol control event results"
7874 " tlv_header copyout error (%d)", error);
7875 return error;
7876 }
7877 *assigned_results_cursor += sizeof(protoctl_event_header);
7878 flow->has_protoctl_event = FALSE;
7879 flow->protoctl_event.protoctl_event_code = 0;
7880 flow->protoctl_event.protoctl_event_val = 0;
7881 flow->protoctl_event.protoctl_event_tcp_seq_num = 0;
7882 }
7883 }
7884 }
7885 if (!client_is_observed) {
7886 flow_registration->flow_result_read = TRUE;
7887 }
7888 return 0;
7889}
7890
7891static int
7892necp_client_copy_internal(struct necp_client *client, uuid_t client_id, bool client_is_observed, struct necp_client_action_args *uap, int *retval)
7893{
7894 NECP_CLIENT_ASSERT_LOCKED(client);
7895 int error = 0;
7896 // Copy results out
7897 if (uap->action == NECP_CLIENT_ACTION_COPY_PARAMETERS) {
7898 if (uap->buffer_size < client->parameters_length) {
7899 return EINVAL;
7900 }
7901 error = copyout(client->parameters, uap->buffer, client->parameters_length);
7902 if (error) {
7903 NECPLOG(LOG_ERR, "necp_client_copy parameters copyout error (%d)", error);
7904 return error;
7905 }
7906 *retval = client->parameters_length;
7907 } else if (uap->action == NECP_CLIENT_ACTION_COPY_UPDATED_RESULT &&
7908 client->result_read && client->group_members_read && !necp_client_has_unread_flows(client)) {
7909 // Copy updates only, but nothing to read
7910 // Just return 0 for bytes read
7911 *retval = 0;
7912 } else if (uap->action == NECP_CLIENT_ACTION_COPY_RESULT ||
7913 uap->action == NECP_CLIENT_ACTION_COPY_UPDATED_RESULT) {
7914 size_t assigned_results_size = client->assigned_group_members_length;
7915
7916 bool some_flow_is_defunct = false;
7917 struct necp_client_flow_registration *single_flow_registration = NULL;
7918 if (necp_client_id_is_flow(client_id)) {
7919 single_flow_registration = necp_client_find_flow(client, flow_id: client_id);
7920 if (single_flow_registration != NULL) {
7921 assigned_results_size += necp_client_calculate_flow_tlv_size(flow_registration: single_flow_registration);
7922 }
7923 } else {
7924 // This request is for the client, so copy everything
7925 struct necp_client_flow_registration *flow_registration = NULL;
7926 RB_FOREACH(flow_registration, _necp_client_flow_tree, &client->flow_registrations) {
7927 if (flow_registration->defunct) {
7928 some_flow_is_defunct = true;
7929 }
7930 assigned_results_size += necp_client_calculate_flow_tlv_size(flow_registration);
7931 }
7932 }
7933 if (uap->buffer_size < (client->result_length + assigned_results_size)) {
7934 return EINVAL;
7935 }
7936
7937 u_int32_t original_flags = 0;
7938 bool flags_updated = false;
7939 if (some_flow_is_defunct && client->legacy_client_is_flow) {
7940 // If our client expects the defunct flag in the client, add it now
7941 u_int32_t client_flags = 0;
7942 u_int32_t value_size = 0;
7943 u_int8_t *flags_pointer = necp_buffer_get_tlv_value(buffer: client->result, tlv_offset: 0, value_size: &value_size);
7944 if (flags_pointer != NULL && value_size == sizeof(client_flags)) {
7945 memcpy(dst: &client_flags, src: flags_pointer, n: value_size);
7946 original_flags = client_flags;
7947 client_flags |= NECP_CLIENT_RESULT_FLAG_DEFUNCT;
7948 (void)necp_buffer_write_tlv_if_different(cursor: client->result, NECP_CLIENT_RESULT_FLAGS,
7949 length: sizeof(client_flags), value: &client_flags, updated: &flags_updated,
7950 buffer: client->result, buffer_length: sizeof(client->result));
7951 }
7952 }
7953
7954 error = copyout(client->result, uap->buffer, client->result_length);
7955
7956 if (flags_updated) {
7957 // Revert stored flags
7958 (void)necp_buffer_write_tlv_if_different(cursor: client->result, NECP_CLIENT_RESULT_FLAGS,
7959 length: sizeof(original_flags), value: &original_flags, updated: &flags_updated,
7960 buffer: client->result, buffer_length: sizeof(client->result));
7961 }
7962
7963 if (error != 0) {
7964 NECPLOG(LOG_ERR, "necp_client_copy result copyout error (%d)", error);
7965 return error;
7966 }
7967
7968 if (client->assigned_group_members != NULL && client->assigned_group_members_length > 0) {
7969 error = copyout(client->assigned_group_members, uap->buffer + client->result_length, client->assigned_group_members_length);
7970 if (error != 0) {
7971 NECPLOG(LOG_ERR, "necp_client_copy group members copyout error (%d)", error);
7972 return error;
7973 }
7974 }
7975
7976 size_t assigned_results_cursor = client->assigned_group_members_length; // Start with an offset based on the group members
7977 if (necp_client_id_is_flow(client_id)) {
7978 if (single_flow_registration != NULL) {
7979 error = necp_client_fillout_flow_tlvs(client, client_is_observed, flow_registration: single_flow_registration, uap, assigned_results_cursor: &assigned_results_cursor);
7980 if (error != 0) {
7981 return error;
7982 }
7983 }
7984 } else {
7985 // This request is for the client, so copy everything
7986 struct necp_client_flow_registration *flow_registration = NULL;
7987 RB_FOREACH(flow_registration, _necp_client_flow_tree, &client->flow_registrations) {
7988 error = necp_client_fillout_flow_tlvs(client, client_is_observed, flow_registration, uap, assigned_results_cursor: &assigned_results_cursor);
7989 if (error != 0) {
7990 return error;
7991 }
7992 }
7993 }
7994
7995 *retval = client->result_length + assigned_results_cursor;
7996
7997 if (!client_is_observed) {
7998 client->result_read = TRUE;
7999 client->group_members_read = TRUE;
8000 }
8001 }
8002
8003 return 0;
8004}
8005
8006static NECP_CLIENT_ACTION_FUNCTION int
8007necp_client_copy(struct necp_fd_data *fd_data, struct necp_client_action_args *uap, int *retval)
8008{
8009 int error = 0;
8010 struct necp_client *client = NULL;
8011 uuid_t client_id;
8012 uuid_clear(uu: client_id);
8013
8014 *retval = 0;
8015
8016 if (uap->buffer_size == 0 || uap->buffer == 0) {
8017 return EINVAL;
8018 }
8019
8020 if (uap->action != NECP_CLIENT_ACTION_COPY_PARAMETERS &&
8021 uap->action != NECP_CLIENT_ACTION_COPY_RESULT &&
8022 uap->action != NECP_CLIENT_ACTION_COPY_UPDATED_RESULT) {
8023 return EINVAL;
8024 }
8025
8026 if (uap->client_id) {
8027 if (uap->client_id_len != sizeof(uuid_t)) {
8028 NECPLOG(LOG_ERR, "Incorrect length (got %zu, expected %zu)", (size_t)uap->client_id_len, sizeof(uuid_t));
8029 return ERANGE;
8030 }
8031
8032 error = copyin(uap->client_id, client_id, sizeof(uuid_t));
8033 if (error) {
8034 NECPLOG(LOG_ERR, "necp_client_copy client_id copyin error (%d)", error);
8035 return error;
8036 }
8037 }
8038
8039 const bool is_wildcard = (bool)uuid_is_null(uu: client_id);
8040
8041 NECP_FD_LOCK(fd_data);
8042
8043 bool send_in_process_flow_divert_message = false;
8044 if (is_wildcard) {
8045 if (uap->action == NECP_CLIENT_ACTION_COPY_RESULT || uap->action == NECP_CLIENT_ACTION_COPY_UPDATED_RESULT) {
8046 struct necp_client *find_client = NULL;
8047 RB_FOREACH(find_client, _necp_client_tree, &fd_data->clients) {
8048 NECP_CLIENT_LOCK(find_client);
8049 if (!find_client->result_read || !find_client->group_members_read || necp_client_has_unread_flows(client: find_client)) {
8050 client = find_client;
8051 // Leave the client locked, and break
8052 break;
8053 }
8054 NECP_CLIENT_UNLOCK(find_client);
8055 }
8056
8057 if (client == NULL && fd_data->request_in_process_flow_divert) {
8058 // No client found that needs update. Check for an event requesting in-process flow divert.
8059 send_in_process_flow_divert_message = true;
8060 }
8061 }
8062 } else {
8063 client = necp_client_fd_find_client_and_lock(client_fd: fd_data, client_id);
8064 }
8065
8066 if (client != NULL) {
8067 if (!send_in_process_flow_divert_message) {
8068 // If client is set, it is locked
8069 error = necp_client_copy_internal(client, client_id, FALSE, uap, retval);
8070 }
8071 NECP_CLIENT_UNLOCK(client);
8072 }
8073
8074 if (send_in_process_flow_divert_message) {
8075 fd_data->request_in_process_flow_divert = false;
8076
8077 struct necp_tlv_header request_tlv = {
8078 .type = NECP_CLIENT_RESULT_REQUEST_IN_PROCESS_FLOW_DIVERT,
8079 .length = 0,
8080 };
8081 if (uap->buffer_size < sizeof(request_tlv)) {
8082 error = EINVAL;
8083 } else {
8084 error = copyout(&request_tlv, uap->buffer, sizeof(request_tlv));
8085 if (error) {
8086 NECPLOG(LOG_ERR, "necp_client_copy request flow divert TLV copyout error (%d)", error);
8087 } else {
8088 *retval = sizeof(request_tlv);
8089 }
8090 }
8091 }
8092
8093 // Unlock our own fd before moving on or returning
8094 NECP_FD_UNLOCK(fd_data);
8095
8096 if (client == NULL && !send_in_process_flow_divert_message) {
8097 if (fd_data->flags & NECP_OPEN_FLAG_OBSERVER) {
8098 // Observers are allowed to lookup clients on other fds
8099
8100 // Lock tree
8101 NECP_CLIENT_TREE_LOCK_SHARED();
8102
8103 bool found_client = FALSE;
8104
8105 client = necp_find_client_and_lock(client_id);
8106 if (client != NULL) {
8107 // Matched, copy out data
8108 found_client = TRUE;
8109 error = necp_client_copy_internal(client, client_id, TRUE, uap, retval);
8110 NECP_CLIENT_UNLOCK(client);
8111 }
8112
8113 // Unlock tree
8114 NECP_CLIENT_TREE_UNLOCK();
8115
8116 // No client found, fail
8117 if (!found_client) {
8118 return ENOENT;
8119 }
8120 } else {
8121 // No client found, and not allowed to search other fds, fail
8122 return ENOENT;
8123 }
8124 }
8125
8126 return error;
8127}
8128
8129static NECP_CLIENT_ACTION_FUNCTION int
8130necp_client_copy_client_update(struct necp_fd_data *fd_data, struct necp_client_action_args *uap, int *retval)
8131{
8132 int error = 0;
8133
8134 *retval = 0;
8135
8136 if (!(fd_data->flags & NECP_OPEN_FLAG_PUSH_OBSERVER)) {
8137 NECPLOG0(LOG_ERR, "NECP fd is not observer, cannot copy client update");
8138 return EINVAL;
8139 }
8140
8141 if (uap->client_id_len != sizeof(uuid_t) || uap->client_id == 0) {
8142 NECPLOG0(LOG_ERR, "Client id invalid, cannot copy client update");
8143 return EINVAL;
8144 }
8145
8146 if (uap->buffer_size == 0 || uap->buffer == 0) {
8147 NECPLOG0(LOG_ERR, "Buffer invalid, cannot copy client update");
8148 return EINVAL;
8149 }
8150
8151 NECP_FD_LOCK(fd_data);
8152 struct necp_client_update *client_update = TAILQ_FIRST(&fd_data->update_list);
8153 if (client_update != NULL) {
8154 TAILQ_REMOVE(&fd_data->update_list, client_update, chain);
8155 VERIFY(fd_data->update_count > 0);
8156 fd_data->update_count--;
8157 }
8158 NECP_FD_UNLOCK(fd_data);
8159
8160 if (client_update != NULL) {
8161 error = copyout(client_update->client_id, uap->client_id, sizeof(uuid_t));
8162 if (error) {
8163 NECPLOG(LOG_ERR, "Copy client update copyout client id error (%d)", error);
8164 } else {
8165 if (uap->buffer_size < client_update->update_length) {
8166 NECPLOG(LOG_ERR, "Buffer size cannot hold update (%zu < %zu)", (size_t)uap->buffer_size, client_update->update_length);
8167 error = EINVAL;
8168 } else {
8169 error = copyout(client_update->update, uap->buffer, client_update->update_length);
8170 if (error) {
8171 NECPLOG(LOG_ERR, "Copy client update copyout error (%d)", error);
8172 } else {
8173 *retval = client_update->update_length;
8174 }
8175 }
8176 }
8177
8178 necp_client_update_free(client_update);
8179 client_update = NULL;
8180 } else {
8181 error = ENOENT;
8182 }
8183
8184 return error;
8185}
8186
8187static int
8188necp_client_copy_parameters_locked(struct necp_client *client,
8189 struct necp_client_nexus_parameters *parameters)
8190{
8191 VERIFY(parameters != NULL);
8192
8193 struct necp_client_parsed_parameters parsed_parameters = {};
8194 int error = necp_client_parse_parameters(client, parameters: client->parameters, parameters_size: (u_int32_t)client->parameters_length, parsed_parameters: &parsed_parameters);
8195
8196 parameters->pid = client->proc_pid;
8197 if (parsed_parameters.valid_fields & NECP_PARSED_PARAMETERS_FIELD_EFFECTIVE_PID) {
8198 parameters->epid = parsed_parameters.effective_pid;
8199 } else {
8200 parameters->epid = parameters->pid;
8201 }
8202#if SKYWALK
8203 parameters->port_reservation = client->port_reservation;
8204#endif /* !SKYWALK */
8205 memcpy(dst: &parameters->local_addr, src: &parsed_parameters.local_addr, n: sizeof(parameters->local_addr));
8206 memcpy(dst: &parameters->remote_addr, src: &parsed_parameters.remote_addr, n: sizeof(parameters->remote_addr));
8207 parameters->ip_protocol = parsed_parameters.ip_protocol;
8208 if (parsed_parameters.valid_fields & NECP_PARSED_PARAMETERS_FIELD_TRANSPORT_PROTOCOL) {
8209 parameters->transport_protocol = parsed_parameters.transport_protocol;
8210 } else {
8211 parameters->transport_protocol = parsed_parameters.ip_protocol;
8212 }
8213 parameters->ethertype = parsed_parameters.ethertype;
8214 parameters->traffic_class = parsed_parameters.traffic_class;
8215 if (uuid_is_null(uu: client->override_euuid)) {
8216 uuid_copy(dst: parameters->euuid, src: parsed_parameters.effective_uuid);
8217 } else {
8218 uuid_copy(dst: parameters->euuid, src: client->override_euuid);
8219 }
8220 parameters->is_listener = (parsed_parameters.flags & NECP_CLIENT_PARAMETER_FLAG_LISTENER) ? 1 : 0;
8221 parameters->is_interpose = (parsed_parameters.flags & NECP_CLIENT_PARAMETER_FLAG_INTERPOSE) ? 1 : 0;
8222 parameters->is_custom_ether = (parsed_parameters.flags & NECP_CLIENT_PARAMETER_FLAG_CUSTOM_ETHER) ? 1 : 0;
8223 parameters->policy_id = client->policy_id;
8224 parameters->skip_policy_id = client->skip_policy_id;
8225
8226 // parse client result flag
8227 u_int32_t client_result_flags = 0;
8228 u_int32_t value_size = 0;
8229 u_int8_t *flags_pointer = NULL;
8230 flags_pointer = necp_buffer_get_tlv_value(buffer: client->result, tlv_offset: 0, value_size: &value_size);
8231 if (flags_pointer && value_size == sizeof(client_result_flags)) {
8232 memcpy(dst: &client_result_flags, src: flags_pointer, n: value_size);
8233 }
8234 parameters->allow_qos_marking = (client_result_flags & NECP_CLIENT_RESULT_FLAG_ALLOW_QOS_MARKING) ? 1 : 0;
8235
8236 if (parsed_parameters.valid_fields & NECP_PARSED_PARAMETERS_FIELD_LOCAL_ADDR_PREFERENCE) {
8237 if (parsed_parameters.local_address_preference == NECP_CLIENT_PARAMETER_LOCAL_ADDRESS_PREFERENCE_DEFAULT) {
8238 parameters->override_address_selection = false;
8239 } else if (parsed_parameters.local_address_preference == NECP_CLIENT_PARAMETER_LOCAL_ADDRESS_PREFERENCE_TEMPORARY) {
8240 parameters->override_address_selection = true;
8241 parameters->use_stable_address = false;
8242 } else if (parsed_parameters.local_address_preference == NECP_CLIENT_PARAMETER_LOCAL_ADDRESS_PREFERENCE_STABLE) {
8243 parameters->override_address_selection = true;
8244 parameters->use_stable_address = true;
8245 }
8246 } else {
8247 parameters->override_address_selection = false;
8248 }
8249
8250 if ((parsed_parameters.valid_fields & NECP_PARSED_PARAMETERS_FIELD_FLAGS) &&
8251 (parsed_parameters.flags & NECP_CLIENT_PARAMETER_FLAG_NO_WAKE_FROM_SLEEP)) {
8252 parameters->no_wake_from_sleep = true;
8253 }
8254
8255 if ((parsed_parameters.valid_fields & NECP_PARSED_PARAMETERS_FIELD_FLAGS) &&
8256 (parsed_parameters.flags & NECP_CLIENT_PARAMETER_FLAG_REUSE_LOCAL)) {
8257 parameters->reuse_port = true;
8258 }
8259
8260#if SKYWALK
8261 if (!parameters->is_listener) {
8262 if (parsed_parameters.valid_fields & NECP_PARSED_PARAMETERS_FIELD_FLOW_DEMUX_PATTERN) {
8263 if (parsed_parameters.demux_patterns[0].len == 0) {
8264 parameters->is_demuxable_parent = 1;
8265 } else {
8266 if (client->validated_parent) {
8267 ASSERT(!uuid_is_null(client->parent_client_id));
8268
8269 NECP_CLIENT_TREE_LOCK_SHARED();
8270 struct necp_client *parent = necp_find_client_and_lock(client_id: client->parent_client_id);
8271 if (parent != NULL) {
8272 struct necp_client_flow_registration *parent_flow_registration = NULL;
8273 RB_FOREACH(parent_flow_registration, _necp_client_flow_tree, &parent->flow_registrations) {
8274 uuid_copy(dst: parameters->parent_flow_uuid, src: parent_flow_registration->registration_id);
8275 break;
8276 }
8277
8278 NECP_CLIENT_UNLOCK(parent);
8279 }
8280 NECP_CLIENT_TREE_UNLOCK();
8281
8282 if (parsed_parameters.demux_pattern_count > 0) {
8283 for (int i = 0; i < parsed_parameters.demux_pattern_count; i++) {
8284 memcpy(dst: &parameters->demux_patterns[i], src: &parsed_parameters.demux_patterns[i], n: sizeof(struct necp_demux_pattern));
8285 }
8286 parameters->demux_pattern_count = parsed_parameters.demux_pattern_count;
8287 }
8288 }
8289 }
8290 }
8291 }
8292#endif // SKYWALK
8293
8294 return error;
8295}
8296
8297static NECP_CLIENT_ACTION_FUNCTION int
8298necp_client_list(struct necp_fd_data *fd_data, struct necp_client_action_args *uap, int *retval)
8299{
8300 int error = 0;
8301 struct necp_client *find_client = NULL;
8302 uuid_t *list = NULL;
8303 u_int32_t requested_client_count = 0;
8304 u_int32_t client_count = 0;
8305 size_t copy_buffer_size = 0;
8306
8307 if (uap->buffer_size < sizeof(requested_client_count) || uap->buffer == 0) {
8308 error = EINVAL;
8309 goto done;
8310 }
8311
8312 if (!(fd_data->flags & NECP_OPEN_FLAG_OBSERVER)) {
8313 NECPLOG0(LOG_ERR, "Client does not hold necessary entitlement to list other NECP clients");
8314 error = EACCES;
8315 goto done;
8316 }
8317
8318 error = copyin(uap->buffer, &requested_client_count, sizeof(requested_client_count));
8319 if (error) {
8320 goto done;
8321 }
8322
8323 if (os_mul_overflow(sizeof(uuid_t), requested_client_count, &copy_buffer_size)) {
8324 error = ERANGE;
8325 goto done;
8326 }
8327
8328 if (uap->buffer_size - sizeof(requested_client_count) != copy_buffer_size) {
8329 error = EINVAL;
8330 goto done;
8331 }
8332
8333 if (copy_buffer_size > NECP_MAX_CLIENT_LIST_SIZE) {
8334 error = EINVAL;
8335 goto done;
8336 }
8337
8338 if (requested_client_count > 0) {
8339 if ((list = (uuid_t*)kalloc_data(copy_buffer_size, Z_WAITOK | Z_ZERO)) == NULL) {
8340 error = ENOMEM;
8341 goto done;
8342 }
8343 }
8344
8345 // Lock tree
8346 NECP_CLIENT_TREE_LOCK_SHARED();
8347
8348 find_client = NULL;
8349 RB_FOREACH(find_client, _necp_client_global_tree, &necp_client_global_tree) {
8350 NECP_CLIENT_LOCK(find_client);
8351 if (!uuid_is_null(uu: find_client->client_id)) {
8352 if (client_count < requested_client_count) {
8353 uuid_copy(dst: list[client_count], src: find_client->client_id);
8354 }
8355 client_count++;
8356 }
8357 NECP_CLIENT_UNLOCK(find_client);
8358 }
8359
8360 // Unlock tree
8361 NECP_CLIENT_TREE_UNLOCK();
8362
8363 error = copyout(&client_count, uap->buffer, sizeof(client_count));
8364 if (error) {
8365 NECPLOG(LOG_ERR, "necp_client_list buffer copyout error (%d)", error);
8366 goto done;
8367 }
8368
8369 if (requested_client_count > 0 &&
8370 client_count > 0 &&
8371 list != NULL) {
8372 error = copyout(list, uap->buffer + sizeof(client_count), copy_buffer_size);
8373 if (error) {
8374 NECPLOG(LOG_ERR, "necp_client_list client count copyout error (%d)", error);
8375 goto done;
8376 }
8377 }
8378done:
8379 if (list != NULL) {
8380 kfree_data(list, copy_buffer_size);
8381 }
8382 *retval = error;
8383
8384 return error;
8385}
8386
8387static NECP_CLIENT_ACTION_FUNCTION int
8388necp_client_add_flow(struct necp_fd_data *fd_data, struct necp_client_action_args *uap, int *retval)
8389{
8390 int error = 0;
8391 struct necp_client *client = NULL;
8392 uuid_t client_id;
8393 struct necp_client_nexus_parameters parameters = {};
8394 struct proc *proc = PROC_NULL;
8395 struct necp_client_add_flow *add_request = NULL;
8396 struct necp_client_add_flow *allocated_add_request = NULL;
8397 struct necp_client_add_flow_default default_add_request = {};
8398 const size_t buffer_size = uap->buffer_size;
8399
8400 if (uap->client_id == 0 || uap->client_id_len != sizeof(uuid_t)) {
8401 error = EINVAL;
8402 NECPLOG(LOG_ERR, "necp_client_add_flow invalid client_id (length %zu)", (size_t)uap->client_id_len);
8403 goto done;
8404 }
8405
8406 if (uap->buffer == 0 || buffer_size < sizeof(struct necp_client_add_flow) ||
8407 buffer_size > sizeof(struct necp_client_add_flow_default) * 4) {
8408 error = EINVAL;
8409 NECPLOG(LOG_ERR, "necp_client_add_flow invalid buffer (length %zu)", buffer_size);
8410 goto done;
8411 }
8412
8413 error = copyin(uap->client_id, client_id, sizeof(uuid_t));
8414 if (error) {
8415 NECPLOG(LOG_ERR, "necp_client_add_flow copyin client_id error (%d)", error);
8416 goto done;
8417 }
8418
8419 if (buffer_size <= sizeof(struct necp_client_add_flow_default)) {
8420 // Fits in default size
8421 error = copyin(uap->buffer, &default_add_request, buffer_size);
8422 if (error) {
8423 NECPLOG(LOG_ERR, "necp_client_add_flow copyin default_add_request error (%d)", error);
8424 goto done;
8425 }
8426
8427 add_request = (struct necp_client_add_flow *)&default_add_request;
8428 } else {
8429 allocated_add_request = (struct necp_client_add_flow *)kalloc_data(buffer_size, Z_WAITOK | Z_ZERO);
8430 if (allocated_add_request == NULL) {
8431 error = ENOMEM;
8432 goto done;
8433 }
8434
8435 error = copyin(uap->buffer, allocated_add_request, buffer_size);
8436 if (error) {
8437 NECPLOG(LOG_ERR, "necp_client_add_flow copyin default_add_request error (%d)", error);
8438 goto done;
8439 }
8440
8441 add_request = allocated_add_request;
8442 }
8443
8444 NECP_FD_LOCK(fd_data);
8445 pid_t pid = fd_data->proc_pid;
8446 proc = proc_find(pid);
8447 if (proc == PROC_NULL) {
8448 NECP_FD_UNLOCK(fd_data);
8449 NECPLOG(LOG_ERR, "necp_client_add_flow process not found for pid %d error (%d)", pid, error);
8450 error = ESRCH;
8451 goto done;
8452 }
8453
8454 client = necp_client_fd_find_client_and_lock(client_fd: fd_data, client_id);
8455 if (client == NULL) {
8456 error = ENOENT;
8457 NECP_FD_UNLOCK(fd_data);
8458 goto done;
8459 }
8460
8461 // Using ADD_FLOW indicates that the client supports multiple flows per client
8462 client->legacy_client_is_flow = false;
8463
8464 necp_client_retain_locked(client);
8465 necp_client_copy_parameters_locked(client, parameters: &parameters);
8466
8467 struct necp_client_flow_registration *new_registration = necp_client_create_flow_registration(fd_data, client);
8468 if (new_registration == NULL) {
8469 error = ENOMEM;
8470 NECP_CLIENT_UNLOCK(client);
8471 NECP_FD_UNLOCK(fd_data);
8472 NECPLOG0(LOG_ERR, "Failed to allocate flow registration");
8473 goto done;
8474 }
8475
8476 new_registration->flags = add_request->flags;
8477
8478 // Copy new ID out to caller
8479 uuid_copy(dst: add_request->registration_id, src: new_registration->registration_id);
8480
8481 NECP_CLIENT_FLOW_LOG(client, new_registration, "adding flow");
8482
8483 size_t trailer_offset = (sizeof(struct necp_client_add_flow) +
8484 add_request->stats_request_count * sizeof(struct necp_client_flow_stats));
8485
8486 // Copy override address
8487 struct sockaddr *override_address = NULL;
8488 if (add_request->flags & NECP_CLIENT_FLOW_FLAGS_OVERRIDE_ADDRESS) {
8489 size_t offset_of_address = trailer_offset;
8490 if (buffer_size >= offset_of_address + sizeof(struct sockaddr_in)) {
8491 override_address = (struct sockaddr *)(((uint8_t *)add_request) + offset_of_address);
8492 if (buffer_size >= offset_of_address + override_address->sa_len &&
8493 override_address->sa_len <= sizeof(parameters.remote_addr)) {
8494 memcpy(dst: &parameters.remote_addr, src: override_address, n: override_address->sa_len);
8495 trailer_offset += override_address->sa_len;
8496 } else {
8497 override_address = NULL;
8498 }
8499 }
8500 }
8501
8502 // Copy override IP protocol
8503 if (add_request->flags & NECP_CLIENT_FLOW_FLAGS_OVERRIDE_IP_PROTOCOL) {
8504 size_t offset_of_ip_protocol = trailer_offset;
8505 if (buffer_size >= offset_of_ip_protocol + sizeof(uint8_t)) {
8506 uint8_t *ip_protocol_p = (uint8_t *)(((uint8_t *)add_request) + offset_of_ip_protocol);
8507 memcpy(dst: &parameters.ip_protocol, src: ip_protocol_p, n: sizeof(uint8_t));
8508 }
8509 }
8510
8511#if SKYWALK
8512 if (add_request->flags & NECP_CLIENT_FLOW_FLAGS_ALLOW_NEXUS) {
8513 void *assigned_results = NULL;
8514 size_t assigned_results_length = 0;
8515 uint32_t interface_index = 0;
8516
8517 // Validate that the nexus UUID is assigned
8518 bool found_nexus = false;
8519 for (u_int32_t option_i = 0; option_i < client->interface_option_count; option_i++) {
8520 if (option_i < NECP_CLIENT_INTERFACE_OPTION_STATIC_COUNT) {
8521 struct necp_client_interface_option *option = &client->interface_options[option_i];
8522 if (uuid_compare(uu1: option->nexus_agent, uu2: add_request->agent_uuid) == 0) {
8523 interface_index = option->interface_index;
8524 found_nexus = true;
8525 break;
8526 }
8527 } else {
8528 struct necp_client_interface_option *option = &client->extra_interface_options[option_i - NECP_CLIENT_INTERFACE_OPTION_STATIC_COUNT];
8529 if (uuid_compare(uu1: option->nexus_agent, uu2: add_request->agent_uuid) == 0) {
8530 interface_index = option->interface_index;
8531 found_nexus = true;
8532 break;
8533 }
8534 }
8535 }
8536
8537 if (!found_nexus) {
8538 NECPLOG0(LOG_ERR, "Requested nexus not found");
8539 } else {
8540 necp_client_add_nexus_flow_if_needed(flow_registration: new_registration, nexus_agent: add_request->agent_uuid, interface_index);
8541
8542 error = netagent_client_message_with_params(agent_uuid: add_request->agent_uuid,
8543 necp_client_uuid: ((new_registration->flags & NECP_CLIENT_FLOW_FLAGS_USE_CLIENT_ID) ?
8544 client->client_id :
8545 new_registration->registration_id),
8546 pid, handle: client->agent_handle,
8547 NETAGENT_MESSAGE_TYPE_REQUEST_NEXUS,
8548 parameters: (struct necp_client_agent_parameters *)&parameters,
8549 assigned_results: &assigned_results, assigned_results_length: &assigned_results_length);
8550 if (error != 0) {
8551 VERIFY(assigned_results == NULL);
8552 VERIFY(assigned_results_length == 0);
8553 NECPLOG(LOG_ERR, "netagent_client_message error (%d)", error);
8554 } else if (assigned_results != NULL) {
8555 if (!necp_assign_client_result_locked(proc, client_fd: fd_data, client, flow_registration: new_registration, netagent_uuid: add_request->agent_uuid,
8556 assigned_results, assigned_results_length, false, false)) {
8557 kfree_data(assigned_results, assigned_results_length);
8558 }
8559 } else if (override_address != NULL) {
8560 // Save the overridden address in the flow. Find the correct flow,
8561 // and assign just the address TLV. Don't set the assigned flag.
8562 struct necp_client_flow *flow = NULL;
8563 LIST_FOREACH(flow, &new_registration->flow_list, flow_chain) {
8564 if (flow->nexus &&
8565 uuid_compare(uu1: flow->u.nexus_agent, uu2: add_request->agent_uuid) == 0) {
8566 if (flow->assigned_results == NULL) {
8567 memcpy(dst: &flow->remote_addr, src: override_address, n: override_address->sa_len);
8568 uuid_t empty_uuid;
8569 uuid_clear(uu: empty_uuid);
8570 flow->assigned_results = necp_create_nexus_assign_message(nexus_instance: empty_uuid, nexus_port: 0, NULL, key_length: 0,
8571 local_endpoint: (struct necp_client_endpoint *)&flow->local_addr,
8572 remote_endpoint: (struct necp_client_endpoint *)&flow->remote_addr,
8573 NULL, flow_adv_index: 0, NULL, message_length: &flow->assigned_results_length);
8574 }
8575 break;
8576 }
8577 }
8578 }
8579 }
8580 }
8581
8582 // Don't request stats if nexus creation fails
8583 if (error == 0 && add_request->stats_request_count > 0 && necp_arena_initialize(fd_data, true) == 0) {
8584 struct necp_client_flow_stats *stats_request = (struct necp_client_flow_stats *)&add_request->stats_requests[0];
8585 struct necp_stats_bufreq bufreq = {};
8586
8587 NECP_CLIENT_FLOW_LOG(client, new_registration, "Initializing stats");
8588
8589 bufreq.necp_stats_bufreq_id = NECP_CLIENT_STATISTICS_BUFREQ_ID;
8590 bufreq.necp_stats_bufreq_type = stats_request->stats_type;
8591 bufreq.necp_stats_bufreq_ver = stats_request->stats_version;
8592 bufreq.necp_stats_bufreq_size = stats_request->stats_size;
8593 bufreq.necp_stats_bufreq_uaddr = stats_request->stats_addr;
8594 (void)necp_stats_initialize(fd_data, client, flow_registration: new_registration, bufreq: &bufreq);
8595 stats_request->stats_type = bufreq.necp_stats_bufreq_type;
8596 stats_request->stats_version = bufreq.necp_stats_bufreq_ver;
8597 stats_request->stats_size = bufreq.necp_stats_bufreq_size;
8598 stats_request->stats_addr = bufreq.necp_stats_bufreq_uaddr;
8599 }
8600#endif /* !SKYWALK */
8601
8602 if (error == 0 &&
8603 (add_request->flags & NECP_CLIENT_FLOW_FLAGS_BROWSE ||
8604 add_request->flags & NECP_CLIENT_FLOW_FLAGS_RESOLVE)) {
8605 uint32_t interface_index = IFSCOPE_NONE;
8606 ifnet_head_lock_shared();
8607 struct ifnet *interface = NULL;
8608 TAILQ_FOREACH(interface, &ifnet_head, if_link) {
8609 ifnet_lock_shared(ifp: interface);
8610 if (interface->if_agentids != NULL) {
8611 for (u_int32_t i = 0; i < interface->if_agentcount; i++) {
8612 if (uuid_compare(uu1: interface->if_agentids[i], uu2: add_request->agent_uuid) == 0) {
8613 interface_index = interface->if_index;
8614 break;
8615 }
8616 }
8617 }
8618 ifnet_lock_done(ifp: interface);
8619 if (interface_index != IFSCOPE_NONE) {
8620 break;
8621 }
8622 }
8623 ifnet_head_done();
8624
8625 necp_client_add_nexus_flow_if_needed(flow_registration: new_registration, nexus_agent: add_request->agent_uuid, interface_index);
8626
8627 error = netagent_client_message_with_params(agent_uuid: add_request->agent_uuid,
8628 necp_client_uuid: ((new_registration->flags & NECP_CLIENT_FLOW_FLAGS_USE_CLIENT_ID) ?
8629 client->client_id :
8630 new_registration->registration_id),
8631 pid, handle: client->agent_handle,
8632 NETAGENT_MESSAGE_TYPE_CLIENT_ASSERT,
8633 parameters: (struct necp_client_agent_parameters *)&parameters,
8634 NULL, NULL);
8635 if (error != 0) {
8636 NECPLOG(LOG_ERR, "netagent_client_message error (%d)", error);
8637 }
8638 }
8639
8640 if (error != 0) {
8641 // Encountered an error in adding the flow, destroy the flow registration
8642#if SKYWALK
8643 necp_destroy_flow_stats(fd_data, flow_registration: new_registration, NULL, false);
8644#endif /* SKYWALK */
8645 NECP_FLOW_TREE_LOCK_EXCLUSIVE();
8646 RB_REMOVE(_necp_client_flow_global_tree, &necp_client_flow_global_tree, new_registration);
8647 NECP_FLOW_TREE_UNLOCK();
8648 RB_REMOVE(_necp_fd_flow_tree, &fd_data->flows, new_registration);
8649 necp_destroy_client_flow_registration(client, flow_registration: new_registration, pid: fd_data->proc_pid, true);
8650 new_registration = NULL;
8651 }
8652
8653 NECP_CLIENT_UNLOCK(client);
8654 NECP_FD_UNLOCK(fd_data);
8655
8656 necp_client_release(client);
8657
8658 if (error != 0) {
8659 goto done;
8660 }
8661
8662 // Copy the request back out to the caller with assigned fields
8663 error = copyout(add_request, uap->buffer, buffer_size);
8664 if (error != 0) {
8665 NECPLOG(LOG_ERR, "necp_client_add_flow copyout add_request error (%d)", error);
8666 }
8667
8668done:
8669 *retval = error;
8670 if (error != 0) {
8671 NECPLOG(LOG_ERR, "Add flow error (%d)", error);
8672 }
8673
8674 if (allocated_add_request != NULL) {
8675 kfree_data(allocated_add_request, buffer_size);
8676 }
8677
8678 if (proc != PROC_NULL) {
8679 proc_rele(p: proc);
8680 }
8681 return error;
8682}
8683
8684#if SKYWALK
8685
8686static NECP_CLIENT_ACTION_FUNCTION int
8687necp_client_request_nexus(struct necp_fd_data *fd_data, struct necp_client_action_args *uap, int *retval)
8688{
8689 int error = 0;
8690 struct necp_client *client = NULL;
8691 uuid_t client_id;
8692 struct necp_client_nexus_parameters parameters = {};
8693 struct proc *proc = PROC_NULL;
8694 const size_t buffer_size = uap->buffer_size;
8695
8696 if (uap->client_id == 0 || uap->client_id_len != sizeof(uuid_t)) {
8697 error = EINVAL;
8698 goto done;
8699 }
8700
8701 error = copyin(uap->client_id, client_id, sizeof(uuid_t));
8702 if (error) {
8703 NECPLOG(LOG_ERR, "necp_client_request_nexus copyin client_id error (%d)", error);
8704 goto done;
8705 }
8706
8707 NECP_FD_LOCK(fd_data);
8708 pid_t pid = fd_data->proc_pid;
8709 proc = proc_find(pid);
8710 if (proc == PROC_NULL) {
8711 NECP_FD_UNLOCK(fd_data);
8712 NECPLOG(LOG_ERR, "necp_client_request_nexus process not found for pid %d error (%d)", pid, error);
8713 error = ESRCH;
8714 goto done;
8715 }
8716
8717 client = necp_client_fd_find_client_and_lock(client_fd: fd_data, client_id);
8718 if (client == NULL) {
8719 NECP_FD_UNLOCK(fd_data);
8720 error = ENOENT;
8721 goto done;
8722 }
8723
8724 // Using REQUEST_NEXUS indicates that the client only supports one flow per client
8725 client->legacy_client_is_flow = true;
8726
8727 necp_client_retain_locked(client);
8728 necp_client_copy_parameters_locked(client, parameters: &parameters);
8729
8730 do {
8731 void *assigned_results = NULL;
8732 size_t assigned_results_length = 0;
8733 uuid_t nexus_uuid;
8734 uint32_t interface_index = 0;
8735
8736 // Validate that the nexus UUID is assigned
8737 bool found_nexus = false;
8738 for (u_int32_t option_i = 0; option_i < client->interface_option_count; option_i++) {
8739 if (option_i < NECP_CLIENT_INTERFACE_OPTION_STATIC_COUNT) {
8740 struct necp_client_interface_option *option = &client->interface_options[option_i];
8741 if (!uuid_is_null(uu: option->nexus_agent)) {
8742 uuid_copy(dst: nexus_uuid, src: option->nexus_agent);
8743 interface_index = option->interface_index;
8744 found_nexus = true;
8745 break;
8746 }
8747 } else {
8748 struct necp_client_interface_option *option = &client->extra_interface_options[option_i - NECP_CLIENT_INTERFACE_OPTION_STATIC_COUNT];
8749 if (!uuid_is_null(uu: option->nexus_agent)) {
8750 uuid_copy(dst: nexus_uuid, src: option->nexus_agent);
8751 interface_index = option->interface_index;
8752 found_nexus = true;
8753 break;
8754 }
8755 }
8756 }
8757
8758 if (!found_nexus) {
8759 NECP_CLIENT_UNLOCK(client);
8760 NECP_FD_UNLOCK(fd_data);
8761 necp_client_release(client);
8762 // Break the loop
8763 error = ENETDOWN;
8764 goto done;
8765 }
8766
8767 struct necp_client_flow_registration *new_registration = necp_client_create_flow_registration(fd_data, client);
8768 if (new_registration == NULL) {
8769 error = ENOMEM;
8770 NECP_CLIENT_UNLOCK(client);
8771 NECP_FD_UNLOCK(fd_data);
8772 necp_client_release(client);
8773 NECPLOG0(LOG_ERR, "Failed to allocate flow registration");
8774 goto done;
8775 }
8776
8777 new_registration->flags = (NECP_CLIENT_FLOW_FLAGS_ALLOW_NEXUS | NECP_CLIENT_FLOW_FLAGS_USE_CLIENT_ID);
8778
8779 necp_client_add_nexus_flow_if_needed(flow_registration: new_registration, nexus_agent: nexus_uuid, interface_index);
8780
8781 // Note: Any clients using "request_nexus" are not flow-registration aware.
8782 // Register the Client ID rather than the Registration ID with the nexus, since
8783 // the client will send traffic based on the client ID.
8784 error = netagent_client_message_with_params(agent_uuid: nexus_uuid,
8785 necp_client_uuid: ((new_registration->flags & NECP_CLIENT_FLOW_FLAGS_USE_CLIENT_ID) ?
8786 client->client_id :
8787 new_registration->registration_id),
8788 pid, handle: client->agent_handle,
8789 NETAGENT_MESSAGE_TYPE_REQUEST_NEXUS,
8790 parameters: (struct necp_client_agent_parameters *)&parameters,
8791 assigned_results: &assigned_results, assigned_results_length: &assigned_results_length);
8792 if (error) {
8793 NECP_CLIENT_UNLOCK(client);
8794 NECP_FD_UNLOCK(fd_data);
8795 necp_client_release(client);
8796 VERIFY(assigned_results == NULL);
8797 VERIFY(assigned_results_length == 0);
8798 NECPLOG(LOG_ERR, "netagent_client_message error (%d)", error);
8799 goto done;
8800 }
8801
8802 if (assigned_results != NULL) {
8803 if (!necp_assign_client_result_locked(proc, client_fd: fd_data, client, flow_registration: new_registration, netagent_uuid: nexus_uuid,
8804 assigned_results, assigned_results_length, false, false)) {
8805 kfree_data(assigned_results, assigned_results_length);
8806 }
8807 }
8808
8809 if (uap->buffer != 0 && buffer_size == sizeof(struct necp_stats_bufreq) &&
8810 necp_arena_initialize(fd_data, true) == 0) {
8811 struct necp_stats_bufreq bufreq = {};
8812 int copy_error = copyin(uap->buffer, &bufreq, buffer_size);
8813 if (copy_error) {
8814 NECPLOG(LOG_ERR, "necp_client_request_nexus copyin bufreq error (%d)", copy_error);
8815 } else {
8816 (void)necp_stats_initialize(fd_data, client, flow_registration: new_registration, bufreq: &bufreq);
8817 copy_error = copyout(&bufreq, uap->buffer, buffer_size);
8818 if (copy_error != 0) {
8819 NECPLOG(LOG_ERR, "necp_client_request_nexus copyout bufreq error (%d)", copy_error);
8820 }
8821 }
8822 }
8823 } while (false);
8824
8825 NECP_CLIENT_UNLOCK(client);
8826 NECP_FD_UNLOCK(fd_data);
8827
8828 necp_client_release(client);
8829
8830done:
8831 *retval = error;
8832 if (error != 0) {
8833 NECPLOG(LOG_ERR, "Request nexus error (%d)", error);
8834 }
8835
8836 if (proc != PROC_NULL) {
8837 proc_rele(p: proc);
8838 }
8839 return error;
8840}
8841#endif /* !SKYWALK */
8842
8843static void
8844necp_client_add_assertion(struct necp_client *client, uuid_t netagent_uuid)
8845{
8846 struct necp_client_assertion *new_assertion = NULL;
8847
8848 new_assertion = kalloc_type(struct necp_client_assertion,
8849 Z_WAITOK | Z_NOFAIL);
8850
8851 uuid_copy(dst: new_assertion->asserted_netagent, src: netagent_uuid);
8852
8853 LIST_INSERT_HEAD(&client->assertion_list, new_assertion, assertion_chain);
8854}
8855
8856static bool
8857necp_client_remove_assertion(struct necp_client *client, uuid_t netagent_uuid)
8858{
8859 struct necp_client_assertion *found_assertion = NULL;
8860 struct necp_client_assertion *search_assertion = NULL;
8861 LIST_FOREACH(search_assertion, &client->assertion_list, assertion_chain) {
8862 if (uuid_compare(uu1: search_assertion->asserted_netagent, uu2: netagent_uuid) == 0) {
8863 found_assertion = search_assertion;
8864 break;
8865 }
8866 }
8867
8868 if (found_assertion == NULL) {
8869 NECPLOG0(LOG_ERR, "Netagent uuid not previously asserted");
8870 return false;
8871 }
8872
8873 LIST_REMOVE(found_assertion, assertion_chain);
8874 kfree_type(struct necp_client_assertion, found_assertion);
8875 return true;
8876}
8877
8878static NECP_CLIENT_ACTION_FUNCTION int
8879necp_client_agent_action(struct necp_fd_data *fd_data, struct necp_client_action_args *uap, int *retval)
8880{
8881 int error = 0;
8882 struct necp_client *client = NULL;
8883 uuid_t client_id;
8884 bool acted_on_agent = FALSE;
8885 u_int8_t *parameters = NULL;
8886 const size_t buffer_size = uap->buffer_size;
8887
8888 if (uap->client_id == 0 || uap->client_id_len != sizeof(uuid_t) ||
8889 buffer_size == 0 || uap->buffer == 0) {
8890 NECPLOG0(LOG_ERR, "necp_client_agent_action invalid parameters");
8891 error = EINVAL;
8892 goto done;
8893 }
8894
8895 error = copyin(uap->client_id, client_id, sizeof(uuid_t));
8896 if (error) {
8897 NECPLOG(LOG_ERR, "necp_client_agent_action copyin client_id error (%d)", error);
8898 goto done;
8899 }
8900
8901 if (buffer_size > NECP_MAX_AGENT_ACTION_SIZE) {
8902 NECPLOG(LOG_ERR, "necp_client_agent_action invalid buffer size (>%u)", NECP_MAX_AGENT_ACTION_SIZE);
8903 error = EINVAL;
8904 goto done;
8905 }
8906
8907 if ((parameters = (u_int8_t *)kalloc_data(buffer_size, Z_WAITOK | Z_ZERO)) == NULL) {
8908 NECPLOG0(LOG_ERR, "necp_client_agent_action malloc failed");
8909 error = ENOMEM;
8910 goto done;
8911 }
8912
8913 error = copyin(uap->buffer, parameters, buffer_size);
8914 if (error) {
8915 NECPLOG(LOG_ERR, "necp_client_agent_action parameters copyin error (%d)", error);
8916 goto done;
8917 }
8918
8919 NECP_FD_LOCK(fd_data);
8920 client = necp_client_fd_find_client_and_lock(client_fd: fd_data, client_id);
8921 if (client != NULL) {
8922 size_t offset = 0;
8923 while ((offset + sizeof(struct necp_tlv_header)) <= buffer_size) {
8924 u_int8_t type = necp_buffer_get_tlv_type(buffer: parameters, tlv_offset: offset);
8925 u_int32_t length = necp_buffer_get_tlv_length(buffer: parameters, tlv_offset: offset);
8926
8927 if (length > (buffer_size - (offset + sizeof(struct necp_tlv_header)))) {
8928 // If the length is larger than what can fit in the remaining parameters size, bail
8929 NECPLOG(LOG_ERR, "Invalid TLV length (%u)", length);
8930 break;
8931 }
8932
8933 if (length >= sizeof(uuid_t)) {
8934 u_int8_t *value = necp_buffer_get_tlv_value(buffer: parameters, tlv_offset: offset, NULL);
8935 if (value == NULL) {
8936 NECPLOG0(LOG_ERR, "Invalid TLV value");
8937 break;
8938 }
8939 if (type == NECP_CLIENT_PARAMETER_TRIGGER_AGENT ||
8940 type == NECP_CLIENT_PARAMETER_ASSERT_AGENT ||
8941 type == NECP_CLIENT_PARAMETER_UNASSERT_AGENT) {
8942 uuid_t agent_uuid;
8943 uuid_copy(dst: agent_uuid, src: value);
8944 u_int8_t netagent_message_type = 0;
8945 if (type == NECP_CLIENT_PARAMETER_TRIGGER_AGENT) {
8946 netagent_message_type = NETAGENT_MESSAGE_TYPE_CLIENT_TRIGGER;
8947 } else if (type == NECP_CLIENT_PARAMETER_ASSERT_AGENT) {
8948 netagent_message_type = NETAGENT_MESSAGE_TYPE_CLIENT_ASSERT;
8949 } else if (type == NECP_CLIENT_PARAMETER_UNASSERT_AGENT) {
8950 netagent_message_type = NETAGENT_MESSAGE_TYPE_CLIENT_UNASSERT;
8951 }
8952
8953 // Before unasserting, verify that the assertion was already taken
8954 if (type == NECP_CLIENT_PARAMETER_UNASSERT_AGENT) {
8955 if (!necp_client_remove_assertion(client, netagent_uuid: agent_uuid)) {
8956 error = ENOENT;
8957 break;
8958 }
8959 }
8960
8961 struct necp_client_nexus_parameters parsed_parameters = {};
8962 necp_client_copy_parameters_locked(client, parameters: &parsed_parameters);
8963
8964 error = netagent_client_message_with_params(agent_uuid,
8965 necp_client_uuid: client_id,
8966 pid: fd_data->proc_pid,
8967 handle: client->agent_handle,
8968 message_type: netagent_message_type,
8969 parameters: (struct necp_client_agent_parameters *)&parsed_parameters,
8970 NULL, NULL);
8971 if (error == 0) {
8972 acted_on_agent = TRUE;
8973 } else {
8974 break;
8975 }
8976
8977 // Only save the assertion if the action succeeded
8978 if (type == NECP_CLIENT_PARAMETER_ASSERT_AGENT) {
8979 necp_client_add_assertion(client, netagent_uuid: agent_uuid);
8980 }
8981 } else if (type == NECP_CLIENT_PARAMETER_AGENT_ADD_GROUP_MEMBERS ||
8982 type == NECP_CLIENT_PARAMETER_AGENT_REMOVE_GROUP_MEMBERS) {
8983 uuid_t agent_uuid;
8984 uuid_copy(dst: agent_uuid, src: value);
8985 u_int8_t netagent_message_type = 0;
8986 if (type == NECP_CLIENT_PARAMETER_AGENT_ADD_GROUP_MEMBERS) {
8987 netagent_message_type = NETAGENT_MESSAGE_TYPE_ADD_GROUP_MEMBERS;
8988 } else if (type == NECP_CLIENT_PARAMETER_AGENT_REMOVE_GROUP_MEMBERS) {
8989 netagent_message_type = NETAGENT_MESSAGE_TYPE_REMOVE_GROUP_MEMBERS;
8990 }
8991
8992 struct necp_client_group_members group_members = {};
8993 group_members.group_members_length = (length - sizeof(uuid_t));
8994 group_members.group_members = (value + sizeof(uuid_t));
8995 error = netagent_client_message_with_params(agent_uuid,
8996 necp_client_uuid: client_id,
8997 pid: fd_data->proc_pid,
8998 handle: client->agent_handle,
8999 message_type: netagent_message_type,
9000 parameters: (struct necp_client_agent_parameters *)&group_members,
9001 NULL, NULL);
9002 if (error == 0) {
9003 acted_on_agent = TRUE;
9004 } else {
9005 break;
9006 }
9007 } else if (type == NECP_CLIENT_PARAMETER_REPORT_AGENT_ERROR) {
9008 uuid_t agent_uuid;
9009 uuid_copy(dst: agent_uuid, src: value);
9010 struct necp_client_agent_parameters agent_params = {};
9011 if ((length - sizeof(uuid_t)) >= sizeof(agent_params.u.error.error)) {
9012 memcpy(dst: &agent_params.u.error.error,
9013 src: (value + sizeof(uuid_t)),
9014 n: sizeof(agent_params.u.error.error));
9015 }
9016 bool agent_reported = false;
9017 for (int agent_i = 0; agent_i < NECP_FD_REPORTED_AGENT_COUNT; agent_i++) {
9018 if (uuid_compare(uu1: agent_uuid, uu2: fd_data->reported_agents.agent_uuid[agent_i]) == 0) {
9019 // Found a match, already reported
9020 agent_reported = true;
9021 break;
9022 }
9023 }
9024 agent_params.u.error.force_report = !agent_reported;
9025 if (!agent_reported) {
9026 // Save this agent as having been reported
9027 bool saved_agent_uuid = false;
9028 for (int agent_i = 0; agent_i < NECP_FD_REPORTED_AGENT_COUNT; agent_i++) {
9029 if (uuid_is_null(uu: fd_data->reported_agents.agent_uuid[agent_i])) {
9030 uuid_copy(dst: fd_data->reported_agents.agent_uuid[agent_i], src: agent_uuid);
9031 saved_agent_uuid = true;
9032 break;
9033 }
9034 }
9035 if (!saved_agent_uuid) {
9036 // Reported agent UUIDs full, move over and insert at the end
9037 for (int agent_i = 0; agent_i < NECP_FD_REPORTED_AGENT_COUNT; agent_i++) {
9038 if (agent_i + 1 < NECP_FD_REPORTED_AGENT_COUNT) {
9039 uuid_copy(dst: fd_data->reported_agents.agent_uuid[agent_i], src: fd_data->reported_agents.agent_uuid[agent_i + 1]);
9040 } else {
9041 uuid_copy(dst: fd_data->reported_agents.agent_uuid[agent_i], src: agent_uuid);
9042 }
9043 }
9044 }
9045 }
9046 error = netagent_client_message_with_params(agent_uuid,
9047 necp_client_uuid: client_id,
9048 pid: fd_data->proc_pid,
9049 handle: client->agent_handle,
9050 NETAGENT_MESSAGE_TYPE_CLIENT_ERROR,
9051 parameters: &agent_params,
9052 NULL, NULL);
9053 if (error == 0) {
9054 acted_on_agent = TRUE;
9055 } else {
9056 break;
9057 }
9058 }
9059 }
9060
9061 offset += sizeof(struct necp_tlv_header) + length;
9062 }
9063
9064 NECP_CLIENT_UNLOCK(client);
9065 }
9066 NECP_FD_UNLOCK(fd_data);
9067
9068 if (!acted_on_agent &&
9069 error == 0) {
9070 error = ENOENT;
9071 }
9072done:
9073 *retval = error;
9074 if (parameters != NULL) {
9075 kfree_data(parameters, buffer_size);
9076 parameters = NULL;
9077 }
9078
9079 return error;
9080}
9081
9082static NECP_CLIENT_ACTION_FUNCTION int
9083necp_client_copy_agent(__unused struct necp_fd_data *fd_data, struct necp_client_action_args *uap, int *retval)
9084{
9085 int error = 0;
9086 uuid_t agent_uuid;
9087 const size_t buffer_size = uap->buffer_size;
9088
9089 if (uap->client_id == 0 || uap->client_id_len != sizeof(uuid_t) ||
9090 buffer_size == 0 || uap->buffer == 0) {
9091 NECPLOG0(LOG_ERR, "necp_client_copy_agent bad input");
9092 error = EINVAL;
9093 goto done;
9094 }
9095
9096 error = copyin(uap->client_id, agent_uuid, sizeof(uuid_t));
9097 if (error) {
9098 NECPLOG(LOG_ERR, "necp_client_copy_agent copyin agent_uuid error (%d)", error);
9099 goto done;
9100 }
9101
9102 error = netagent_copyout(uuid: agent_uuid, user_addr: uap->buffer, user_size: buffer_size);
9103 if (error) {
9104 // netagent_copyout already logs appropriate errors
9105 goto done;
9106 }
9107done:
9108 *retval = error;
9109
9110 return error;
9111}
9112
9113static NECP_CLIENT_ACTION_FUNCTION int
9114necp_client_agent_use(struct necp_fd_data *fd_data, struct necp_client_action_args *uap, int *retval)
9115{
9116 int error = 0;
9117 struct necp_client *client = NULL;
9118 uuid_t client_id;
9119 struct necp_agent_use_parameters parameters = {};
9120 const size_t buffer_size = uap->buffer_size;
9121
9122 if (uap->client_id == 0 || uap->client_id_len != sizeof(uuid_t) ||
9123 buffer_size != sizeof(parameters) || uap->buffer == 0) {
9124 error = EINVAL;
9125 goto done;
9126 }
9127
9128 error = copyin(uap->client_id, client_id, sizeof(uuid_t));
9129 if (error) {
9130 NECPLOG(LOG_ERR, "Copyin client_id error (%d)", error);
9131 goto done;
9132 }
9133
9134 error = copyin(uap->buffer, &parameters, buffer_size);
9135 if (error) {
9136 NECPLOG(LOG_ERR, "Parameters copyin error (%d)", error);
9137 goto done;
9138 }
9139
9140 NECP_FD_LOCK(fd_data);
9141 client = necp_client_fd_find_client_and_lock(client_fd: fd_data, client_id);
9142 if (client != NULL) {
9143 error = netagent_use(agent_uuid: parameters.agent_uuid, out_use_count: &parameters.out_use_count);
9144 NECP_CLIENT_UNLOCK(client);
9145 } else {
9146 error = ENOENT;
9147 }
9148
9149 NECP_FD_UNLOCK(fd_data);
9150
9151 if (error == 0) {
9152 error = copyout(&parameters, uap->buffer, buffer_size);
9153 if (error) {
9154 NECPLOG(LOG_ERR, "Parameters copyout error (%d)", error);
9155 goto done;
9156 }
9157 }
9158
9159done:
9160 *retval = error;
9161
9162 return error;
9163}
9164
9165static NECP_CLIENT_ACTION_FUNCTION int
9166necp_client_acquire_agent_token(__unused struct necp_fd_data *fd_data, struct necp_client_action_args *uap, int *retval)
9167{
9168 int error = 0;
9169 uuid_t agent_uuid = {};
9170 const size_t buffer_size = uap->buffer_size;
9171
9172 *retval = 0;
9173
9174 if (uap->client_id == 0 || uap->client_id_len != sizeof(uuid_t) ||
9175 buffer_size == 0 || uap->buffer == 0) {
9176 NECPLOG0(LOG_ERR, "necp_client_copy_agent bad input");
9177 error = EINVAL;
9178 goto done;
9179 }
9180
9181 error = copyin(uap->client_id, agent_uuid, sizeof(uuid_t));
9182 if (error) {
9183 NECPLOG(LOG_ERR, "necp_client_copy_agent copyin agent_uuid error (%d)", error);
9184 goto done;
9185 }
9186
9187 error = netagent_acquire_token(uuid: agent_uuid, user_addr: uap->buffer, user_size: buffer_size, retval);
9188done:
9189 return error;
9190}
9191
9192static NECP_CLIENT_ACTION_FUNCTION int
9193necp_client_copy_interface(__unused struct necp_fd_data *fd_data, struct necp_client_action_args *uap, int *retval)
9194{
9195 int error = 0;
9196 u_int32_t interface_index = 0;
9197 struct necp_interface_details interface_details = {};
9198
9199 if (uap->client_id == 0 || uap->client_id_len != sizeof(u_int32_t) ||
9200 uap->buffer_size < sizeof(interface_details) ||
9201 uap->buffer == 0) {
9202 NECPLOG0(LOG_ERR, "necp_client_copy_interface bad input");
9203 error = EINVAL;
9204 goto done;
9205 }
9206
9207 error = copyin(uap->client_id, &interface_index, sizeof(u_int32_t));
9208 if (error) {
9209 NECPLOG(LOG_ERR, "necp_client_copy_interface copyin interface_index error (%d)", error);
9210 goto done;
9211 }
9212
9213 if (interface_index == 0) {
9214 error = ENOENT;
9215 NECPLOG(LOG_ERR, "necp_client_copy_interface bad interface_index (%d)", interface_index);
9216 goto done;
9217 }
9218
9219 lck_mtx_lock(rnh_lock);
9220 ifnet_head_lock_shared();
9221 ifnet_t interface = NULL;
9222 if (interface_index != IFSCOPE_NONE && interface_index <= (u_int32_t)if_index) {
9223 interface = ifindex2ifnet[interface_index];
9224 }
9225
9226 if (interface != NULL) {
9227 if (interface->if_xname != NULL) {
9228 strlcpy(dst: (char *)&interface_details.name, src: interface->if_xname, n: sizeof(interface_details.name));
9229 }
9230 interface_details.index = interface->if_index;
9231 interface_details.generation = ifnet_get_generation(interface);
9232 if (interface->if_delegated.ifp != NULL) {
9233 interface_details.delegate_index = interface->if_delegated.ifp->if_index;
9234 }
9235 interface_details.functional_type = if_functional_type(interface, TRUE);
9236 if (IFNET_IS_EXPENSIVE(interface)) {
9237 interface_details.flags |= NECP_INTERFACE_FLAG_EXPENSIVE;
9238 }
9239 if (IFNET_IS_CONSTRAINED(interface)) {
9240 interface_details.flags |= NECP_INTERFACE_FLAG_CONSTRAINED;
9241 }
9242 if ((interface->if_eflags & IFEF_TXSTART) == IFEF_TXSTART) {
9243 interface_details.flags |= NECP_INTERFACE_FLAG_TXSTART;
9244 }
9245 if ((interface->if_eflags & IFEF_NOACKPRI) == IFEF_NOACKPRI) {
9246 interface_details.flags |= NECP_INTERFACE_FLAG_NOACKPRI;
9247 }
9248 if ((interface->if_eflags & IFEF_3CA) == IFEF_3CA) {
9249 interface_details.flags |= NECP_INTERFACE_FLAG_3CARRIERAGG;
9250 }
9251 if (IFNET_IS_LOW_POWER(interface)) {
9252 interface_details.flags |= NECP_INTERFACE_FLAG_IS_LOW_POWER;
9253 }
9254 if (interface->if_xflags & IFXF_MPK_LOG) {
9255 interface_details.flags |= NECP_INTERFACE_FLAG_MPK_LOG;
9256 }
9257 if (interface->if_flags & IFF_MULTICAST) {
9258 interface_details.flags |= NECP_INTERFACE_FLAG_SUPPORTS_MULTICAST;
9259 }
9260 if (IS_INTF_CLAT46(interface)) {
9261 interface_details.flags |= NECP_INTERFACE_FLAG_HAS_NAT64;
9262 }
9263 interface_details.mtu = interface->if_mtu;
9264#if SKYWALK
9265 fsw_get_tso_capabilities(interface, &interface_details.tso_max_segment_size_v4,
9266 &interface_details.tso_max_segment_size_v6);
9267
9268 interface_details.hwcsum_flags = interface->if_hwassist & IFNET_CHECKSUMF;
9269#endif /* SKYWALK */
9270
9271 u_int8_t ipv4_signature_len = sizeof(interface_details.ipv4_signature.signature);
9272 u_int16_t ipv4_signature_flags;
9273 if (ifnet_get_netsignature(interface, AF_INET, &ipv4_signature_len, &ipv4_signature_flags,
9274 (u_int8_t *)&interface_details.ipv4_signature) != 0) {
9275 ipv4_signature_len = 0;
9276 }
9277 interface_details.ipv4_signature.signature_len = ipv4_signature_len;
9278
9279 // Check for default scoped routes for IPv4 and IPv6
9280 union necp_sockaddr_union default_address;
9281 struct rtentry *v4Route = NULL;
9282 memset(s: &default_address, c: 0, n: sizeof(default_address));
9283 default_address.sa.sa_family = AF_INET;
9284 default_address.sa.sa_len = sizeof(struct sockaddr_in);
9285 v4Route = rtalloc1_scoped_locked((struct sockaddr *)&default_address, 0, 0,
9286 interface->if_index);
9287 if (v4Route != NULL) {
9288 if (v4Route->rt_ifp != NULL && !IS_INTF_CLAT46(v4Route->rt_ifp)) {
9289 interface_details.flags |= NECP_INTERFACE_FLAG_IPV4_ROUTABLE;
9290 }
9291 rtfree_locked(v4Route);
9292 v4Route = NULL;
9293 }
9294
9295 struct rtentry *v6Route = NULL;
9296 memset(s: &default_address, c: 0, n: sizeof(default_address));
9297 default_address.sa.sa_family = AF_INET6;
9298 default_address.sa.sa_len = sizeof(struct sockaddr_in6);
9299 v6Route = rtalloc1_scoped_locked((struct sockaddr *)&default_address, 0, 0,
9300 interface->if_index);
9301 if (v6Route != NULL) {
9302 if (v6Route->rt_ifp != NULL) {
9303 interface_details.flags |= NECP_INTERFACE_FLAG_IPV6_ROUTABLE;
9304 }
9305 rtfree_locked(v6Route);
9306 v6Route = NULL;
9307 }
9308
9309 u_int8_t ipv6_signature_len = sizeof(interface_details.ipv6_signature.signature);
9310 u_int16_t ipv6_signature_flags;
9311 if (ifnet_get_netsignature(interface, AF_INET6, &ipv6_signature_len, &ipv6_signature_flags,
9312 (u_int8_t *)&interface_details.ipv6_signature) != 0) {
9313 ipv6_signature_len = 0;
9314 }
9315 interface_details.ipv6_signature.signature_len = ipv6_signature_len;
9316
9317 ifnet_lock_shared(ifp: interface);
9318 struct ifaddr *ifa = NULL;
9319 TAILQ_FOREACH(ifa, &interface->if_addrhead, ifa_link) {
9320 IFA_LOCK(ifa);
9321 if (ifa->ifa_addr->sa_family == AF_INET) {
9322 interface_details.flags |= NECP_INTERFACE_FLAG_HAS_NETMASK;
9323 interface_details.ipv4_netmask = ((struct in_ifaddr *)ifa)->ia_sockmask.sin_addr.s_addr;
9324 if (interface->if_flags & IFF_BROADCAST) {
9325 interface_details.flags |= NECP_INTERFACE_FLAG_HAS_BROADCAST;
9326 interface_details.ipv4_broadcast = ((struct in_ifaddr *)ifa)->ia_broadaddr.sin_addr.s_addr;
9327 }
9328 }
9329 IFA_UNLOCK(ifa);
9330 }
9331
9332 interface_details.radio_type = interface->if_radio_type;
9333 if (interface_details.radio_type == 0 && interface->if_delegated.ifp) {
9334 interface_details.radio_type = interface->if_delegated.ifp->if_radio_type;
9335 }
9336 ifnet_lock_done(ifp: interface);
9337 }
9338
9339 ifnet_head_done();
9340 lck_mtx_unlock(rnh_lock);
9341
9342 // If the client is using an older version of the struct, copy that length
9343 error = copyout(&interface_details, uap->buffer, sizeof(interface_details));
9344 if (error) {
9345 NECPLOG(LOG_ERR, "necp_client_copy_interface copyout error (%d)", error);
9346 goto done;
9347 }
9348done:
9349 *retval = error;
9350
9351 return error;
9352}
9353
9354#if SKYWALK
9355
9356static NECP_CLIENT_ACTION_FUNCTION int
9357necp_client_get_interface_address(__unused struct necp_fd_data *fd_data, struct necp_client_action_args *uap, int *retval)
9358{
9359 int error = 0;
9360 u_int32_t interface_index = IFSCOPE_NONE;
9361 struct sockaddr_storage address = {};
9362 const size_t buffer_size = uap->buffer_size;
9363
9364 if (uap->client_id == 0 || uap->client_id_len != sizeof(u_int32_t) ||
9365 buffer_size < sizeof(struct sockaddr_in) ||
9366 buffer_size > sizeof(struct sockaddr_storage) ||
9367 uap->buffer == 0) {
9368 NECPLOG0(LOG_ERR, "necp_client_get_interface_address bad input");
9369 error = EINVAL;
9370 goto done;
9371 }
9372
9373 error = copyin(uap->client_id, &interface_index, sizeof(u_int32_t));
9374 if (error) {
9375 NECPLOG(LOG_ERR, "necp_client_get_interface_address copyin interface_index error (%d)", error);
9376 goto done;
9377 }
9378
9379 if (interface_index == IFSCOPE_NONE) {
9380 error = ENOENT;
9381 NECPLOG(LOG_ERR, "necp_client_get_interface_address bad interface_index (%d)", interface_index);
9382 goto done;
9383 }
9384
9385 error = copyin(uap->buffer, &address, buffer_size);
9386 if (error) {
9387 NECPLOG(LOG_ERR, "necp_client_get_interface_address copyin address error (%d)", error);
9388 goto done;
9389 }
9390
9391 if (address.ss_family != AF_INET && address.ss_family != AF_INET6) {
9392 error = EINVAL;
9393 NECPLOG(LOG_ERR, "necp_client_get_interface_address invalid address family (%u)", address.ss_family);
9394 goto done;
9395 }
9396
9397 if (address.ss_len != buffer_size) {
9398 error = EINVAL;
9399 NECPLOG(LOG_ERR, "necp_client_get_interface_address invalid address length (%u)", address.ss_len);
9400 goto done;
9401 }
9402
9403 ifnet_head_lock_shared();
9404 ifnet_t ifp = NULL;
9405 if (interface_index != IFSCOPE_NONE && interface_index <= (u_int32_t)if_index) {
9406 ifp = ifindex2ifnet[interface_index];
9407 }
9408 ifnet_head_done();
9409 if (ifp == NULL) {
9410 error = ENOENT;
9411 NECPLOG0(LOG_ERR, "necp_client_get_interface_address no matching interface found");
9412 goto done;
9413 }
9414
9415 struct rtentry *rt = rtalloc1_scoped((struct sockaddr *)&address, 0, 0, interface_index);
9416 if (rt == NULL) {
9417 error = EINVAL;
9418 NECPLOG0(LOG_ERR, "necp_client_get_interface_address route lookup failed");
9419 goto done;
9420 }
9421
9422 uint32_t gencount = 0;
9423 struct sockaddr_storage local_address = {};
9424 error = flow_route_select_laddr((union sockaddr_in_4_6 *)&local_address,
9425 (union sockaddr_in_4_6 *)&address, ifp, rt, &gencount, 1);
9426 rtfree(rt);
9427 rt = NULL;
9428
9429 if (error) {
9430 NECPLOG(LOG_ERR, "necp_client_get_interface_address local address selection failed (%d)", error);
9431 goto done;
9432 }
9433
9434 if (local_address.ss_len > buffer_size) {
9435 error = EMSGSIZE;
9436 NECPLOG(LOG_ERR, "necp_client_get_interface_address local address too long for buffer (%u)",
9437 local_address.ss_len);
9438 goto done;
9439 }
9440
9441 error = copyout(&local_address, uap->buffer, local_address.ss_len);
9442 if (error) {
9443 NECPLOG(LOG_ERR, "necp_client_get_interface_address copyout error (%d)", error);
9444 goto done;
9445 }
9446done:
9447 *retval = error;
9448
9449 return error;
9450}
9451
9452extern char *proc_name_address(void *p);
9453
9454int
9455necp_stats_ctor(struct skmem_obj_info *oi, struct skmem_obj_info *oim,
9456 void *arg, uint32_t skmflag)
9457{
9458#pragma unused(arg, skmflag)
9459 struct necp_all_kstats *kstats = SKMEM_OBJ_ADDR(oi);
9460
9461 ASSERT(oim != NULL && SKMEM_OBJ_ADDR(oim) != NULL);
9462 ASSERT(SKMEM_OBJ_SIZE(oi) == SKMEM_OBJ_SIZE(oim));
9463
9464 kstats->necp_stats_ustats = SKMEM_OBJ_ADDR(oim);
9465
9466 return 0;
9467}
9468
9469int
9470necp_stats_dtor(void *addr, void *arg)
9471{
9472#pragma unused(addr, arg)
9473 struct necp_all_kstats *kstats = addr;
9474
9475 kstats->necp_stats_ustats = NULL;
9476
9477 return 0;
9478}
9479
9480static void
9481necp_fd_insert_stats_arena(struct necp_fd_data *fd_data, struct necp_arena_info *nai)
9482{
9483 NECP_FD_ASSERT_LOCKED(fd_data);
9484 VERIFY(!(nai->nai_flags & NAIF_ATTACHED));
9485 VERIFY(nai->nai_chain.le_next == NULL && nai->nai_chain.le_prev == NULL);
9486
9487 LIST_INSERT_HEAD(&fd_data->stats_arena_list, nai, nai_chain);
9488 nai->nai_flags |= NAIF_ATTACHED;
9489 necp_arena_info_retain(nai); // for the list
9490}
9491
9492static void
9493necp_fd_remove_stats_arena(struct necp_fd_data *fd_data, struct necp_arena_info *nai)
9494{
9495#pragma unused(fd_data)
9496 NECP_FD_ASSERT_LOCKED(fd_data);
9497 VERIFY(nai->nai_flags & NAIF_ATTACHED);
9498 VERIFY(nai->nai_use_count >= 1);
9499
9500 LIST_REMOVE(nai, nai_chain);
9501 nai->nai_flags &= ~NAIF_ATTACHED;
9502 nai->nai_chain.le_next = NULL;
9503 nai->nai_chain.le_prev = NULL;
9504 necp_arena_info_release(nai); // for the list
9505}
9506
9507static struct necp_arena_info *
9508necp_fd_mredirect_stats_arena(struct necp_fd_data *fd_data, struct proc *proc)
9509{
9510 struct necp_arena_info *nai, *nai_ret = NULL;
9511
9512 NECP_FD_ASSERT_LOCKED(fd_data);
9513
9514 // Redirect currently-active stats arena and remove it from the active state;
9515 // upon process resumption, new flow request would trigger the creation of
9516 // another active arena.
9517 if ((nai = fd_data->stats_arena_active) != NULL) {
9518 boolean_t need_defunct = FALSE;
9519
9520 ASSERT(!(nai->nai_flags & (NAIF_REDIRECT | NAIF_DEFUNCT)));
9521 VERIFY(nai->nai_use_count >= 2);
9522 ASSERT(nai->nai_arena != NULL);
9523 ASSERT(nai->nai_mmap.ami_mapref != NULL);
9524
9525 int err = skmem_arena_mredirect(nai->nai_arena, &nai->nai_mmap, proc, &need_defunct);
9526 VERIFY(err == 0);
9527 // must be TRUE since we don't mmap the arena more than once
9528 VERIFY(need_defunct == TRUE);
9529
9530 nai->nai_flags |= NAIF_REDIRECT;
9531 nai_ret = nai; // return to caller
9532
9533 necp_arena_info_release(nai); // for fd_data
9534 fd_data->stats_arena_active = nai = NULL;
9535 }
9536
9537#if (DEVELOPMENT || DEBUG)
9538 // make sure this list now contains nothing but redirected/defunct arenas
9539 LIST_FOREACH(nai, &fd_data->stats_arena_list, nai_chain) {
9540 ASSERT(nai->nai_use_count >= 1);
9541 ASSERT(nai->nai_flags & (NAIF_REDIRECT | NAIF_DEFUNCT));
9542 }
9543#endif /* (DEVELOPMENT || DEBUG) */
9544
9545 return nai_ret;
9546}
9547
9548static void
9549necp_arena_info_retain(struct necp_arena_info *nai)
9550{
9551 nai->nai_use_count++;
9552 VERIFY(nai->nai_use_count != 0);
9553}
9554
9555static void
9556necp_arena_info_release(struct necp_arena_info *nai)
9557{
9558 VERIFY(nai->nai_use_count > 0);
9559 if (--nai->nai_use_count == 0) {
9560 necp_arena_info_free(nai);
9561 }
9562}
9563
9564static struct necp_arena_info *
9565necp_arena_info_alloc(void)
9566{
9567 return zalloc_flags(necp_arena_info_zone, Z_WAITOK | Z_ZERO);
9568}
9569
9570static void
9571necp_arena_info_free(struct necp_arena_info *nai)
9572{
9573 VERIFY(nai->nai_chain.le_next == NULL && nai->nai_chain.le_prev == NULL);
9574 VERIFY(nai->nai_use_count == 0);
9575
9576 // NOTE: destroying the arena requires that all outstanding objects
9577 // that were allocated have been freed, else it will assert.
9578 if (nai->nai_arena != NULL) {
9579 skmem_arena_munmap(nai->nai_arena, &nai->nai_mmap);
9580 skmem_arena_release(nai->nai_arena);
9581 OSDecrementAtomic(&necp_arena_count);
9582 nai->nai_arena = NULL;
9583 nai->nai_roff = 0;
9584 }
9585
9586 ASSERT(nai->nai_arena == NULL);
9587 ASSERT(nai->nai_mmap.ami_mapref == NULL);
9588 ASSERT(nai->nai_mmap.ami_arena == NULL);
9589 ASSERT(nai->nai_mmap.ami_maptask == TASK_NULL);
9590
9591 zfree(necp_arena_info_zone, nai);
9592}
9593
9594static int
9595necp_arena_create(struct necp_fd_data *fd_data, size_t obj_size, size_t obj_cnt, struct proc *p)
9596{
9597 struct skmem_region_params srp_ustats = {};
9598 struct skmem_region_params srp_kstats = {};
9599 struct necp_arena_info *nai;
9600 char name[32];
9601 int error = 0;
9602
9603 NECP_FD_ASSERT_LOCKED(fd_data);
9604 ASSERT(fd_data->stats_arena_active == NULL);
9605 ASSERT(p != PROC_NULL);
9606 ASSERT(proc_pid(p) == fd_data->proc_pid);
9607
9608 // inherit the default parameters for the stats region
9609 srp_ustats = *skmem_get_default(SKMEM_REGION_USTATS);
9610 srp_kstats = *skmem_get_default(SKMEM_REGION_KSTATS);
9611
9612 // enable multi-segment mode
9613 srp_ustats.srp_cflags &= ~SKMEM_REGION_CR_MONOLITHIC;
9614 srp_kstats.srp_cflags &= ~SKMEM_REGION_CR_MONOLITHIC;
9615
9616 // configure and adjust the region parameters
9617 srp_ustats.srp_r_obj_cnt = srp_kstats.srp_r_obj_cnt = obj_cnt;
9618 srp_ustats.srp_r_obj_size = srp_kstats.srp_r_obj_size = obj_size;
9619 skmem_region_params_config(&srp_ustats);
9620 skmem_region_params_config(&srp_kstats);
9621
9622 nai = necp_arena_info_alloc();
9623
9624 nai->nai_proc_pid = fd_data->proc_pid;
9625 (void) snprintf(name, count: sizeof(name), "stats-%u.%s.%d", fd_data->stats_arena_gencnt, proc_name_address(p), fd_data->proc_pid);
9626 nai->nai_arena = skmem_arena_create_for_necp(name, &srp_ustats, &srp_kstats, &error);
9627 ASSERT(nai->nai_arena != NULL || error != 0);
9628 if (error != 0) {
9629 NECPLOG(LOG_ERR, "failed to create stats arena for pid %d\n", fd_data->proc_pid);
9630 } else {
9631 OSIncrementAtomic(&necp_arena_count);
9632
9633 // Get region offsets from base of mmap span; the arena
9634 // doesn't need to be mmap'd at this point, since we simply
9635 // compute the relative offset.
9636 nai->nai_roff = skmem_arena_get_region_offset(nai->nai_arena, SKMEM_REGION_USTATS);
9637
9638 // map to the task/process; upon success, the base address of the region
9639 // will be returned in nai_mmap.ami_mapaddr; this can be communicated to
9640 // the process.
9641 error = skmem_arena_mmap(nai->nai_arena, p, &nai->nai_mmap);
9642 if (error != 0) {
9643 NECPLOG(LOG_ERR, "failed to map stats arena for pid %d\n", fd_data->proc_pid);
9644 }
9645 }
9646
9647 if (error == 0) {
9648 fd_data->stats_arena_active = nai;
9649 necp_arena_info_retain(nai); // for fd_data
9650 necp_fd_insert_stats_arena(fd_data, nai);
9651 ++fd_data->stats_arena_gencnt;
9652 } else {
9653 necp_arena_info_free(nai);
9654 }
9655
9656 return error;
9657}
9658
9659static int
9660necp_arena_stats_obj_alloc(struct necp_fd_data *fd_data,
9661 mach_vm_offset_t *off,
9662 struct necp_arena_info **stats_arena,
9663 void **kstats_kaddr,
9664 boolean_t cansleep)
9665{
9666 struct skmem_cache *kstats_cp = NULL;
9667 void *ustats_obj = NULL;
9668 void *kstats_obj = NULL;
9669 struct necp_all_kstats *kstats = NULL;
9670 struct skmem_obj_info kstats_oi = {};
9671
9672 ASSERT(off != NULL);
9673 ASSERT(stats_arena != NULL && *stats_arena == NULL);
9674 ASSERT(kstats_kaddr != NULL && *kstats_kaddr == NULL);
9675
9676 NECP_FD_ASSERT_LOCKED(fd_data);
9677 ASSERT(fd_data->stats_arena_active != NULL);
9678 ASSERT(fd_data->stats_arena_active->nai_arena != NULL);
9679
9680 kstats_cp = skmem_arena_necp(fd_data->stats_arena_active->nai_arena)->arc_kstats_cache;
9681 if ((kstats_obj = skmem_cache_alloc(kstats_cp, (cansleep ? SKMEM_SLEEP : SKMEM_NOSLEEP))) == NULL) {
9682 return ENOMEM;
9683 }
9684
9685 kstats = (struct necp_all_kstats*)kstats_obj;
9686 ustats_obj = kstats->necp_stats_ustats;
9687
9688 skmem_cache_get_obj_info(kstats_cp, kstats_obj, &kstats_oi, NULL);
9689 ASSERT(SKMEM_OBJ_SIZE(&kstats_oi) >= sizeof(struct necp_all_stats));
9690 // reset all stats counters
9691 bzero(s: ustats_obj, SKMEM_OBJ_SIZE(&kstats_oi));
9692 bzero(s: &kstats->necp_stats_comm, n: sizeof(struct necp_all_stats));
9693 *stats_arena = fd_data->stats_arena_active;
9694 *kstats_kaddr = kstats_obj;
9695 // kstats and ustats are mirrored and have the same offset
9696 *off = fd_data->stats_arena_active->nai_roff + SKMEM_OBJ_ROFF(&kstats_oi);
9697
9698 return 0;
9699}
9700
9701static void
9702necp_arena_stats_obj_free(struct necp_fd_data *fd_data, struct necp_arena_info *stats_arena, void **kstats_kaddr, mach_vm_address_t *ustats_uaddr)
9703{
9704#pragma unused(fd_data)
9705 NECP_FD_ASSERT_LOCKED(fd_data);
9706
9707 ASSERT(stats_arena != NULL);
9708 ASSERT(stats_arena->nai_arena != NULL);
9709 ASSERT(kstats_kaddr != NULL && *kstats_kaddr != NULL);
9710 ASSERT(ustats_uaddr != NULL);
9711
9712 skmem_cache_free(skmem_arena_necp(stats_arena->nai_arena)->arc_kstats_cache, *kstats_kaddr);
9713 *kstats_kaddr = NULL;
9714 *ustats_uaddr = 0;
9715}
9716
9717// This routine returns the KVA of the sysctls object, as well as the
9718// offset of that object relative to the mmap base address for the
9719// task/process.
9720static void *
9721necp_arena_sysctls_obj(struct necp_fd_data *fd_data, mach_vm_offset_t *off, size_t *size)
9722{
9723 void *objaddr;
9724
9725 NECP_FD_ASSERT_LOCKED(fd_data);
9726 ASSERT(fd_data->sysctl_arena != NULL);
9727
9728 // kernel virtual address of the sysctls object
9729 objaddr = skmem_arena_system_sysctls_obj_addr(fd_data->sysctl_arena);
9730 ASSERT(objaddr != NULL);
9731
9732 // Return the relative offset of the sysctls object; there is
9733 // only 1 object in the entire sysctls region, and therefore the
9734 // object's offset is simply the region's offset in the arena.
9735 // (sysctl_mmap.ami_mapaddr + offset) is the address of this object
9736 // in the task/process.
9737 if (off != NULL) {
9738 *off = fd_data->system_sysctls_roff;
9739 }
9740
9741 if (size != NULL) {
9742 *size = skmem_arena_system_sysctls_obj_size(fd_data->sysctl_arena);
9743 ASSERT(*size != 0);
9744 }
9745
9746 return objaddr;
9747}
9748
9749static void
9750necp_stats_arenas_destroy(struct necp_fd_data *fd_data, boolean_t closing)
9751{
9752 struct necp_arena_info *nai, *nai_tmp;
9753
9754 NECP_FD_ASSERT_LOCKED(fd_data);
9755
9756 // If reaping (not closing), release reference only for idle active arena; the reference
9757 // count must be 2 by now, when it's not being referred to by any clients/flows.
9758 if ((nai = fd_data->stats_arena_active) != NULL && (closing || nai->nai_use_count == 2)) {
9759 VERIFY(nai->nai_use_count >= 2);
9760 necp_arena_info_release(nai); // for fd_data
9761 fd_data->stats_arena_active = NULL;
9762 }
9763
9764 // clean up any defunct arenas left in the list
9765 LIST_FOREACH_SAFE(nai, &fd_data->stats_arena_list, nai_chain, nai_tmp) {
9766 // If reaping, release reference if the list holds the last one
9767 if (closing || nai->nai_use_count == 1) {
9768 VERIFY(nai->nai_use_count >= 1);
9769 // callee unchains nai (and may free it)
9770 necp_fd_remove_stats_arena(fd_data, nai);
9771 }
9772 }
9773}
9774
9775static void
9776necp_sysctl_arena_destroy(struct necp_fd_data *fd_data)
9777{
9778 NECP_FD_ASSERT_LOCKED(fd_data);
9779
9780 // NOTE: destroying the arena requires that all outstanding objects
9781 // that were allocated have been freed, else it will assert.
9782 if (fd_data->sysctl_arena != NULL) {
9783 skmem_arena_munmap(fd_data->sysctl_arena, &fd_data->sysctl_mmap);
9784 skmem_arena_release(fd_data->sysctl_arena);
9785 OSDecrementAtomic(&necp_sysctl_arena_count);
9786 fd_data->sysctl_arena = NULL;
9787 fd_data->system_sysctls_roff = 0;
9788 }
9789}
9790
9791static int
9792necp_arena_initialize(struct necp_fd_data *fd_data, bool locked)
9793{
9794 int error = 0;
9795 size_t stats_obj_size = MAX(sizeof(struct necp_all_stats), sizeof(struct necp_all_kstats));
9796
9797 if (!locked) {
9798 NECP_FD_LOCK(fd_data);
9799 }
9800 if (fd_data->stats_arena_active == NULL) {
9801 error = necp_arena_create(fd_data, obj_size: stats_obj_size,
9802 NECP_MAX_PER_PROCESS_CLIENT_STATISTICS_STRUCTS,
9803 p: current_proc());
9804 }
9805 if (!locked) {
9806 NECP_FD_UNLOCK(fd_data);
9807 }
9808
9809 return error;
9810}
9811
9812static int
9813necp_sysctl_arena_initialize(struct necp_fd_data *fd_data, bool locked)
9814{
9815 int error = 0;
9816
9817 if (!locked) {
9818 NECP_FD_LOCK(fd_data);
9819 }
9820
9821 NECP_FD_ASSERT_LOCKED(fd_data);
9822
9823 if (fd_data->sysctl_arena == NULL) {
9824 char name[32];
9825 struct proc *p = current_proc();
9826
9827 ASSERT(p != PROC_NULL);
9828 ASSERT(proc_pid(p) == fd_data->proc_pid);
9829
9830 (void) snprintf(name, count: sizeof(name), "sysctl.%s.%d", proc_name_address(p), fd_data->proc_pid);
9831 fd_data->sysctl_arena = skmem_arena_create_for_system(name, &error);
9832 ASSERT(fd_data->sysctl_arena != NULL || error != 0);
9833 if (error != 0) {
9834 NECPLOG(LOG_ERR, "failed to create arena for pid %d\n", fd_data->proc_pid);
9835 } else {
9836 OSIncrementAtomic(&necp_sysctl_arena_count);
9837
9838 // Get region offsets from base of mmap span; the arena
9839 // doesn't need to be mmap'd at this point, since we simply
9840 // compute the relative offset.
9841 fd_data->system_sysctls_roff = skmem_arena_get_region_offset(fd_data->sysctl_arena, SKMEM_REGION_SYSCTLS);
9842
9843 // map to the task/process; upon success, the base address of the region
9844 // will be returned in nai_mmap.ami_mapaddr; this can be communicated to
9845 // the process.
9846 error = skmem_arena_mmap(fd_data->sysctl_arena, p, &fd_data->sysctl_mmap);
9847 if (error != 0) {
9848 NECPLOG(LOG_ERR, "failed to map sysctl arena for pid %d\n", fd_data->proc_pid);
9849 necp_sysctl_arena_destroy(fd_data);
9850 }
9851 }
9852 }
9853
9854 if (!locked) {
9855 NECP_FD_UNLOCK(fd_data);
9856 }
9857
9858 return error;
9859}
9860
9861static int
9862necp_client_stats_bufreq(struct necp_fd_data *fd_data,
9863 struct necp_client *client,
9864 struct necp_client_flow_registration *flow_registration,
9865 struct necp_stats_bufreq *bufreq,
9866 struct necp_stats_hdr *out_header)
9867{
9868 int error = 0;
9869 NECP_CLIENT_ASSERT_LOCKED(client);
9870 NECP_FD_ASSERT_LOCKED(fd_data);
9871
9872 if ((bufreq->necp_stats_bufreq_id == NECP_CLIENT_STATISTICS_BUFREQ_ID) &&
9873 ((bufreq->necp_stats_bufreq_type == NECP_CLIENT_STATISTICS_TYPE_TCP &&
9874 bufreq->necp_stats_bufreq_ver == NECP_CLIENT_STATISTICS_TYPE_TCP_CURRENT_VER) ||
9875 (bufreq->necp_stats_bufreq_type == NECP_CLIENT_STATISTICS_TYPE_UDP &&
9876 bufreq->necp_stats_bufreq_ver == NECP_CLIENT_STATISTICS_TYPE_UDP_CURRENT_VER) ||
9877 (bufreq->necp_stats_bufreq_type == NECP_CLIENT_STATISTICS_TYPE_QUIC &&
9878 bufreq->necp_stats_bufreq_ver == NECP_CLIENT_STATISTICS_TYPE_QUIC_CURRENT_VER)) &&
9879 (bufreq->necp_stats_bufreq_size == sizeof(struct necp_all_stats))) {
9880 // There should be one and only one stats allocation per client.
9881 // If asked more than once, we just repeat ourselves.
9882 if (flow_registration->ustats_uaddr == 0) {
9883 mach_vm_offset_t off;
9884 ASSERT(flow_registration->stats_arena == NULL);
9885 ASSERT(flow_registration->kstats_kaddr == NULL);
9886 ASSERT(flow_registration->ustats_uaddr == 0);
9887 error = necp_arena_stats_obj_alloc(fd_data, off: &off, stats_arena: &flow_registration->stats_arena, kstats_kaddr: &flow_registration->kstats_kaddr, FALSE);
9888 if (error == 0) {
9889 // upon success, hold a reference for the client; this is released when the client is removed/closed
9890 ASSERT(flow_registration->stats_arena != NULL);
9891 necp_arena_info_retain(nai: flow_registration->stats_arena);
9892
9893 // compute user address based on mapping info and object offset
9894 flow_registration->ustats_uaddr = flow_registration->stats_arena->nai_mmap.ami_mapaddr + off;
9895
9896 // add to collect_stats list
9897 NECP_STATS_LIST_LOCK_EXCLUSIVE();
9898 necp_client_retain_locked(client); // Add a reference to the client
9899 LIST_INSERT_HEAD(&necp_collect_stats_flow_list, flow_registration, collect_stats_chain);
9900 NECP_STATS_LIST_UNLOCK();
9901 necp_schedule_collect_stats_clients(FALSE);
9902 } else {
9903 ASSERT(flow_registration->stats_arena == NULL);
9904 ASSERT(flow_registration->kstats_kaddr == NULL);
9905 }
9906 }
9907 if (flow_registration->ustats_uaddr != 0) {
9908 ASSERT(error == 0);
9909 ASSERT(flow_registration->stats_arena != NULL);
9910 ASSERT(flow_registration->kstats_kaddr != NULL);
9911
9912 struct necp_all_kstats *kstats = (struct necp_all_kstats *)flow_registration->kstats_kaddr;
9913 kstats->necp_stats_ustats->all_stats_u.tcp_stats.necp_tcp_hdr.necp_stats_type = bufreq->necp_stats_bufreq_type;
9914 kstats->necp_stats_ustats->all_stats_u.tcp_stats.necp_tcp_hdr.necp_stats_ver = bufreq->necp_stats_bufreq_ver;
9915
9916 if (out_header) {
9917 out_header->necp_stats_type = bufreq->necp_stats_bufreq_type;
9918 out_header->necp_stats_ver = bufreq->necp_stats_bufreq_ver;
9919 }
9920
9921 bufreq->necp_stats_bufreq_uaddr = flow_registration->ustats_uaddr;
9922 }
9923 } else {
9924 error = EINVAL;
9925 }
9926
9927 return error;
9928}
9929
9930static int
9931necp_client_stats_initial(struct necp_client_flow_registration *flow_registration, uint32_t stats_type, uint32_t stats_ver)
9932{
9933 // An attempted create
9934 assert(flow_registration->stats_handler_context == NULL);
9935 assert(flow_registration->stats_arena);
9936 assert(flow_registration->ustats_uaddr);
9937 assert(flow_registration->kstats_kaddr);
9938
9939 int error = 0;
9940 uint64_t ntstat_properties = necp_find_netstat_initial_properties(client: flow_registration->client);
9941
9942 switch (stats_type) {
9943 case NECP_CLIENT_STATISTICS_TYPE_TCP: {
9944 if (stats_ver == NECP_CLIENT_STATISTICS_TYPE_TCP_VER_1) {
9945 flow_registration->stats_handler_context = ntstat_userland_stats_open(ctx: (userland_stats_provider_context *)flow_registration,
9946 provider_id: NSTAT_PROVIDER_TCP_USERLAND, properties: ntstat_properties, req_fn: necp_request_tcp_netstats, req_extension_fn: necp_find_extension_info);
9947 if (flow_registration->stats_handler_context == NULL) {
9948 error = EIO;
9949 }
9950 } else {
9951 error = ENOTSUP;
9952 }
9953 break;
9954 }
9955 case NECP_CLIENT_STATISTICS_TYPE_UDP: {
9956 if (stats_ver == NECP_CLIENT_STATISTICS_TYPE_UDP_VER_1) {
9957 flow_registration->stats_handler_context = ntstat_userland_stats_open(ctx: (userland_stats_provider_context *)flow_registration,
9958 provider_id: NSTAT_PROVIDER_UDP_USERLAND, properties: ntstat_properties, req_fn: necp_request_udp_netstats, req_extension_fn: necp_find_extension_info);
9959 if (flow_registration->stats_handler_context == NULL) {
9960 error = EIO;
9961 }
9962 } else {
9963 error = ENOTSUP;
9964 }
9965 break;
9966 }
9967 case NECP_CLIENT_STATISTICS_TYPE_QUIC: {
9968 if (stats_ver == NECP_CLIENT_STATISTICS_TYPE_QUIC_VER_1 && flow_registration->flags & NECP_CLIENT_FLOW_FLAGS_ALLOW_NEXUS) {
9969 flow_registration->stats_handler_context = ntstat_userland_stats_open(ctx: (userland_stats_provider_context *)flow_registration,
9970 provider_id: NSTAT_PROVIDER_QUIC_USERLAND, properties: ntstat_properties, req_fn: necp_request_quic_netstats, req_extension_fn: necp_find_extension_info);
9971 if (flow_registration->stats_handler_context == NULL) {
9972 error = EIO;
9973 }
9974 } else {
9975 error = ENOTSUP;
9976 }
9977 break;
9978 }
9979 default: {
9980 error = ENOTSUP;
9981 break;
9982 }
9983 }
9984 return error;
9985}
9986
9987static int
9988necp_stats_initialize(struct necp_fd_data *fd_data,
9989 struct necp_client *client,
9990 struct necp_client_flow_registration *flow_registration,
9991 struct necp_stats_bufreq *bufreq)
9992{
9993 int error = 0;
9994 struct necp_stats_hdr stats_hdr = {};
9995
9996 NECP_CLIENT_ASSERT_LOCKED(client);
9997 NECP_FD_ASSERT_LOCKED(fd_data);
9998 VERIFY(fd_data->stats_arena_active != NULL);
9999 VERIFY(fd_data->stats_arena_active->nai_arena != NULL);
10000 VERIFY(!(fd_data->stats_arena_active->nai_flags & (NAIF_REDIRECT | NAIF_DEFUNCT)));
10001
10002 if (bufreq == NULL) {
10003 return EINVAL;
10004 }
10005
10006 // Setup stats region
10007 error = necp_client_stats_bufreq(fd_data, client, flow_registration, bufreq, out_header: &stats_hdr);
10008 if (error) {
10009 return error;
10010 }
10011 // Notify ntstat about new flow
10012 if (flow_registration->stats_handler_context == NULL) {
10013 error = necp_client_stats_initial(flow_registration, stats_type: stats_hdr.necp_stats_type, stats_ver: stats_hdr.necp_stats_ver);
10014 if (flow_registration->stats_handler_context != NULL) {
10015 ntstat_userland_stats_event(nstat_ctx: flow_registration->stats_handler_context, NECP_CLIENT_STATISTICS_EVENT_INIT);
10016 }
10017 NECP_CLIENT_FLOW_LOG(client, flow_registration, "Initialized stats <error %d>", error);
10018 }
10019
10020 return error;
10021}
10022
10023static NECP_CLIENT_ACTION_FUNCTION int
10024necp_client_map_sysctls(__unused struct necp_fd_data *fd_data, struct necp_client_action_args *uap, int *retval)
10025{
10026 int result = 0;
10027 if (!retval) {
10028 retval = &result;
10029 }
10030
10031 do {
10032 mach_vm_address_t uaddr = 0;
10033 if (uap->buffer_size != sizeof(uaddr)) {
10034 *retval = EINVAL;
10035 break;
10036 }
10037
10038 *retval = necp_sysctl_arena_initialize(fd_data, false);
10039 if (*retval != 0) {
10040 break;
10041 }
10042
10043 mach_vm_offset_t off = 0;
10044 void *location = NULL;
10045 NECP_FD_LOCK(fd_data);
10046 location = necp_arena_sysctls_obj(fd_data, off: &off, NULL);
10047 NECP_FD_UNLOCK(fd_data);
10048
10049 if (location == NULL) {
10050 *retval = ENOENT;
10051 break;
10052 }
10053
10054 uaddr = fd_data->sysctl_mmap.ami_mapaddr + off;
10055 *retval = copyout(&uaddr, uap->buffer, sizeof(uaddr));
10056 } while (false);
10057
10058 return *retval;
10059}
10060
10061#endif /* !SKYWALK */
10062
10063static NECP_CLIENT_ACTION_FUNCTION int
10064necp_client_copy_route_statistics(__unused struct necp_fd_data *fd_data, struct necp_client_action_args *uap, int *retval)
10065{
10066 int error = 0;
10067 struct necp_client *client = NULL;
10068 uuid_t client_id;
10069
10070 if (uap->client_id == 0 || uap->client_id_len != sizeof(uuid_t) ||
10071 uap->buffer_size < sizeof(struct necp_stat_counts) || uap->buffer == 0) {
10072 NECPLOG0(LOG_ERR, "necp_client_copy_route_statistics bad input");
10073 error = EINVAL;
10074 goto done;
10075 }
10076
10077 error = copyin(uap->client_id, client_id, sizeof(uuid_t));
10078 if (error) {
10079 NECPLOG(LOG_ERR, "necp_client_copy_route_statistics copyin client_id error (%d)", error);
10080 goto done;
10081 }
10082
10083 // Lock
10084 NECP_FD_LOCK(fd_data);
10085 client = necp_client_fd_find_client_and_lock(client_fd: fd_data, client_id);
10086 if (client != NULL) {
10087 NECP_CLIENT_ROUTE_LOCK(client);
10088 struct necp_stat_counts route_stats = {};
10089 if (client->current_route != NULL && client->current_route->rt_stats != NULL) {
10090 struct nstat_counts *rt_stats = client->current_route->rt_stats;
10091 route_stats.necp_stat_rxpackets = os_atomic_load(&rt_stats->nstat_rxpackets, relaxed);
10092 route_stats.necp_stat_rxbytes = os_atomic_load(&rt_stats->nstat_rxbytes, relaxed);
10093 route_stats.necp_stat_txpackets = os_atomic_load(&rt_stats->nstat_txpackets, relaxed);
10094 route_stats.necp_stat_txbytes = os_atomic_load(&rt_stats->nstat_txbytes, relaxed);
10095 route_stats.necp_stat_rxduplicatebytes = rt_stats->nstat_rxduplicatebytes;
10096 route_stats.necp_stat_rxoutoforderbytes = rt_stats->nstat_rxoutoforderbytes;
10097 route_stats.necp_stat_txretransmit = rt_stats->nstat_txretransmit;
10098 route_stats.necp_stat_connectattempts = rt_stats->nstat_connectattempts;
10099 route_stats.necp_stat_connectsuccesses = rt_stats->nstat_connectsuccesses;
10100 route_stats.necp_stat_min_rtt = rt_stats->nstat_min_rtt;
10101 route_stats.necp_stat_avg_rtt = rt_stats->nstat_avg_rtt;
10102 route_stats.necp_stat_var_rtt = rt_stats->nstat_var_rtt;
10103 route_stats.necp_stat_route_flags = client->current_route->rt_flags;
10104 }
10105
10106 // Unlock before copying out
10107 NECP_CLIENT_ROUTE_UNLOCK(client);
10108 NECP_CLIENT_UNLOCK(client);
10109 NECP_FD_UNLOCK(fd_data);
10110
10111 error = copyout(&route_stats, uap->buffer, sizeof(route_stats));
10112 if (error) {
10113 NECPLOG(LOG_ERR, "necp_client_copy_route_statistics copyout error (%d)", error);
10114 }
10115 } else {
10116 // Unlock
10117 NECP_FD_UNLOCK(fd_data);
10118 error = ENOENT;
10119 }
10120
10121
10122done:
10123 *retval = error;
10124 return error;
10125}
10126
10127static NECP_CLIENT_ACTION_FUNCTION int
10128necp_client_update_cache(struct necp_fd_data *fd_data, struct necp_client_action_args *uap, int *retval)
10129{
10130 int error = 0;
10131 struct necp_client *client = NULL;
10132 uuid_t client_id;
10133
10134 if (uap->client_id == 0 || uap->client_id_len != sizeof(uuid_t)) {
10135 error = EINVAL;
10136 goto done;
10137 }
10138
10139 error = copyin(uap->client_id, client_id, sizeof(uuid_t));
10140 if (error) {
10141 NECPLOG(LOG_ERR, "necp_client_update_cache copyin client_id error (%d)", error);
10142 goto done;
10143 }
10144
10145 NECP_FD_LOCK(fd_data);
10146 client = necp_client_fd_find_client_and_lock(client_fd: fd_data, client_id);
10147 if (client == NULL) {
10148 NECP_FD_UNLOCK(fd_data);
10149 error = ENOENT;
10150 goto done;
10151 }
10152
10153 struct necp_client_flow_registration *flow_registration = necp_client_find_flow(client, flow_id: client_id);
10154 if (flow_registration == NULL) {
10155 NECP_CLIENT_UNLOCK(client);
10156 NECP_FD_UNLOCK(fd_data);
10157 error = ENOENT;
10158 goto done;
10159 }
10160
10161 NECP_CLIENT_ROUTE_LOCK(client);
10162 // This needs to be changed when TFO/ECN is supported by multiple flows
10163 struct necp_client_flow *flow = LIST_FIRST(&flow_registration->flow_list);
10164 if (flow == NULL ||
10165 (flow->remote_addr.sa.sa_family != AF_INET &&
10166 flow->remote_addr.sa.sa_family != AF_INET6) ||
10167 (flow->local_addr.sa.sa_family != AF_INET &&
10168 flow->local_addr.sa.sa_family != AF_INET6)) {
10169 error = EINVAL;
10170 NECPLOG(LOG_ERR, "necp_client_update_cache no flow error (%d)", error);
10171 goto done_unlock;
10172 }
10173
10174 necp_cache_buffer cache_buffer;
10175 memset(s: &cache_buffer, c: 0, n: sizeof(cache_buffer));
10176
10177 if (uap->buffer_size != sizeof(necp_cache_buffer) ||
10178 uap->buffer == USER_ADDR_NULL) {
10179 error = EINVAL;
10180 goto done_unlock;
10181 }
10182
10183 error = copyin(uap->buffer, &cache_buffer, sizeof(cache_buffer));
10184 if (error) {
10185 NECPLOG(LOG_ERR, "necp_client_update_cache copyin cache buffer error (%d)", error);
10186 goto done_unlock;
10187 }
10188
10189 if (cache_buffer.necp_cache_buf_type == NECP_CLIENT_CACHE_TYPE_ECN &&
10190 cache_buffer.necp_cache_buf_ver == NECP_CLIENT_CACHE_TYPE_ECN_VER_1) {
10191 if (cache_buffer.necp_cache_buf_size != sizeof(necp_tcp_ecn_cache) ||
10192 cache_buffer.necp_cache_buf_addr == USER_ADDR_NULL) {
10193 error = EINVAL;
10194 goto done_unlock;
10195 }
10196
10197 necp_tcp_ecn_cache ecn_cache_buffer;
10198 memset(s: &ecn_cache_buffer, c: 0, n: sizeof(ecn_cache_buffer));
10199
10200 error = copyin(cache_buffer.necp_cache_buf_addr, &ecn_cache_buffer, sizeof(necp_tcp_ecn_cache));
10201 if (error) {
10202 NECPLOG(LOG_ERR, "necp_client_update_cache copyin ecn cache buffer error (%d)", error);
10203 goto done_unlock;
10204 }
10205
10206 if (client->current_route != NULL && client->current_route->rt_ifp != NULL) {
10207 if (!client->platform_binary) {
10208 ecn_cache_buffer.necp_tcp_ecn_heuristics_success = 0;
10209 }
10210 tcp_heuristics_ecn_update(necp_buffer: &ecn_cache_buffer, ifp: client->current_route->rt_ifp,
10211 local_address: (union sockaddr_in_4_6 *)&flow->local_addr);
10212 }
10213 } else if (cache_buffer.necp_cache_buf_type == NECP_CLIENT_CACHE_TYPE_TFO &&
10214 cache_buffer.necp_cache_buf_ver == NECP_CLIENT_CACHE_TYPE_TFO_VER_1) {
10215 if (cache_buffer.necp_cache_buf_size != sizeof(necp_tcp_tfo_cache) ||
10216 cache_buffer.necp_cache_buf_addr == USER_ADDR_NULL) {
10217 error = EINVAL;
10218 goto done_unlock;
10219 }
10220
10221 necp_tcp_tfo_cache tfo_cache_buffer;
10222 memset(s: &tfo_cache_buffer, c: 0, n: sizeof(tfo_cache_buffer));
10223
10224 error = copyin(cache_buffer.necp_cache_buf_addr, &tfo_cache_buffer, sizeof(necp_tcp_tfo_cache));
10225 if (error) {
10226 NECPLOG(LOG_ERR, "necp_client_update_cache copyin tfo cache buffer error (%d)", error);
10227 goto done_unlock;
10228 }
10229
10230 if (client->current_route != NULL && client->current_route->rt_ifp != NULL) {
10231 if (!client->platform_binary) {
10232 tfo_cache_buffer.necp_tcp_tfo_heuristics_success = 0;
10233 }
10234 tcp_heuristics_tfo_update(necp_buffer: &tfo_cache_buffer, ifp: client->current_route->rt_ifp,
10235 local_address: (union sockaddr_in_4_6 *)&flow->local_addr,
10236 remote_address: (union sockaddr_in_4_6 *)&flow->remote_addr);
10237 }
10238 } else {
10239 error = EINVAL;
10240 }
10241done_unlock:
10242 NECP_CLIENT_ROUTE_UNLOCK(client);
10243 NECP_CLIENT_UNLOCK(client);
10244 NECP_FD_UNLOCK(fd_data);
10245done:
10246 *retval = error;
10247 return error;
10248}
10249
10250// Most results will fit into this size
10251struct necp_client_signable_default {
10252 uuid_t client_id;
10253 u_int32_t sign_type;
10254 u_int8_t signable_data[NECP_CLIENT_ACTION_SIGN_DEFAULT_DATA_LENGTH];
10255} __attribute__((__packed__));
10256
10257static NECP_CLIENT_ACTION_FUNCTION int
10258necp_client_sign(__unused struct necp_fd_data *fd_data, struct necp_client_action_args *uap, int *retval)
10259{
10260 int error = 0;
10261 u_int8_t tag[NECP_CLIENT_ACTION_SIGN_TAG_LENGTH] = {};
10262 struct necp_client_signable *signable = NULL;
10263 struct necp_client_signable *allocated_signable = NULL;
10264 struct necp_client_signable_default default_signable = {};
10265 size_t tag_size = sizeof(tag);
10266
10267 const size_t signable_length = uap->client_id_len;
10268 const size_t return_tag_length = uap->buffer_size;
10269
10270 *retval = 0;
10271
10272 const bool has_resolver_entitlement = (priv_check_cred(cred: kauth_cred_get(), PRIV_NET_VALIDATED_RESOLVER, flags: 0) == 0);
10273 if (!has_resolver_entitlement) {
10274 NECPLOG0(LOG_ERR, "Process does not hold the necessary entitlement to sign resolver answers");
10275 error = EPERM;
10276 goto done;
10277 }
10278
10279 if (uap->client_id == 0 || signable_length < sizeof(*signable) || signable_length > NECP_CLIENT_ACTION_SIGN_MAX_TOTAL_LENGTH) {
10280 error = EINVAL;
10281 goto done;
10282 }
10283
10284 if (uap->buffer == 0 || return_tag_length != NECP_CLIENT_ACTION_SIGN_TAG_LENGTH) {
10285 error = EINVAL;
10286 goto done;
10287 }
10288
10289 if (signable_length <= sizeof(default_signable)) {
10290 signable = (struct necp_client_signable *)&default_signable;
10291 } else {
10292 if ((allocated_signable = (struct necp_client_signable *)kalloc_data(signable_length, Z_WAITOK | Z_ZERO)) == NULL) {
10293 NECPLOG(LOG_ERR, "necp_client_sign allocate signable %zu failed", signable_length);
10294 error = ENOMEM;
10295 goto done;
10296 }
10297 signable = allocated_signable;
10298 }
10299
10300 error = copyin(uap->client_id, signable, signable_length);
10301 if (error) {
10302 NECPLOG(LOG_ERR, "necp_client_sign copyin signable error (%d)", error);
10303 goto done;
10304 }
10305
10306 size_t data_length = 0;
10307 switch (signable->sign_type) {
10308 case NECP_CLIENT_SIGN_TYPE_RESOLVER_ANSWER:
10309 case NECP_CLIENT_SIGN_TYPE_SYSTEM_RESOLVER_ANSWER: {
10310 data_length = (sizeof(struct necp_client_host_resolver_answer) - sizeof(struct necp_client_signable));
10311 if (signable_length < (sizeof(struct necp_client_signable) + data_length)) {
10312 error = EINVAL;
10313 goto done;
10314 }
10315 struct necp_client_host_resolver_answer *signable_struct = (struct necp_client_host_resolver_answer *)signable;
10316 if (signable_struct->hostname_length > NECP_CLIENT_ACTION_SIGN_MAX_STRING_LENGTH ||
10317 signable_length != (sizeof(struct necp_client_signable) + data_length + signable_struct->hostname_length)) {
10318 error = EINVAL;
10319 goto done;
10320 }
10321 data_length += signable_struct->hostname_length;
10322 break;
10323 }
10324 case NECP_CLIENT_SIGN_TYPE_BROWSE_RESULT:
10325 case NECP_CLIENT_SIGN_TYPE_SYSTEM_BROWSE_RESULT: {
10326 data_length = (sizeof(struct necp_client_browse_result) - sizeof(struct necp_client_signable));
10327 if (signable_length < (sizeof(struct necp_client_signable) + data_length)) {
10328 error = EINVAL;
10329 goto done;
10330 }
10331 struct necp_client_browse_result *signable_struct = (struct necp_client_browse_result *)signable;
10332 if (signable_struct->service_length > NECP_CLIENT_ACTION_SIGN_MAX_STRING_LENGTH ||
10333 signable_length != (sizeof(struct necp_client_signable) + data_length + signable_struct->service_length)) {
10334 error = EINVAL;
10335 goto done;
10336 }
10337 data_length += signable_struct->service_length;
10338 break;
10339 }
10340 case NECP_CLIENT_SIGN_TYPE_SERVICE_RESOLVER_ANSWER:
10341 case NECP_CLIENT_SIGN_TYPE_SYSTEM_SERVICE_RESOLVER_ANSWER: {
10342 data_length = (sizeof(struct necp_client_service_resolver_answer) - sizeof(struct necp_client_signable));
10343 if (signable_length < (sizeof(struct necp_client_signable) + data_length)) {
10344 error = EINVAL;
10345 goto done;
10346 }
10347 struct necp_client_service_resolver_answer *signable_struct = (struct necp_client_service_resolver_answer *)signable;
10348 if (signable_struct->service_length > NECP_CLIENT_ACTION_SIGN_MAX_STRING_LENGTH ||
10349 signable_struct->hostname_length > NECP_CLIENT_ACTION_SIGN_MAX_STRING_LENGTH ||
10350 signable_length != (sizeof(struct necp_client_signable) + data_length + signable_struct->service_length + signable_struct->hostname_length)) {
10351 error = EINVAL;
10352 goto done;
10353 }
10354 data_length += signable_struct->service_length;
10355 data_length += signable_struct->hostname_length;
10356 break;
10357 }
10358 default: {
10359 NECPLOG(LOG_ERR, "necp_client_sign unknown signable type (%u)", signable->sign_type);
10360 error = EINVAL;
10361 goto done;
10362 }
10363 }
10364
10365 error = necp_sign_resolver_answer(client_id: signable->client_id, sign_type: signable->sign_type,
10366 data: signable->signable_data, data_length,
10367 tag, out_tag_length: &tag_size);
10368 if (tag_size != sizeof(tag)) {
10369 NECPLOG(LOG_ERR, "necp_client_sign unexpected tag size %zu", tag_size);
10370 error = EINVAL;
10371 goto done;
10372 }
10373 error = copyout(tag, uap->buffer, tag_size);
10374 if (error) {
10375 NECPLOG(LOG_ERR, "necp_client_sign copyout error (%d)", error);
10376 goto done;
10377 }
10378
10379done:
10380 if (allocated_signable != NULL) {
10381 kfree_data(allocated_signable, signable_length);
10382 allocated_signable = NULL;
10383 }
10384 *retval = error;
10385 return error;
10386}
10387
10388// Most results will fit into this size
10389struct necp_client_validatable_default {
10390 struct necp_client_signature signature;
10391 struct necp_client_signable_default signable;
10392} __attribute__((__packed__));
10393
10394static NECP_CLIENT_ACTION_FUNCTION int
10395necp_client_validate(__unused struct necp_fd_data *fd_data, struct necp_client_action_args *uap, int *retval)
10396{
10397 int error = 0;
10398 struct necp_client_validatable *validatable = NULL;
10399 struct necp_client_validatable *allocated_validatable = NULL;
10400 struct necp_client_validatable_default default_validatable = {};
10401
10402 const size_t validatable_length = uap->client_id_len;
10403
10404 *retval = 0;
10405
10406 const bool has_resolver_entitlement = (priv_check_cred(cred: kauth_cred_get(), PRIV_NET_VALIDATED_RESOLVER, flags: 0) == 0);
10407 if (!has_resolver_entitlement) {
10408 NECPLOG0(LOG_ERR, "Process does not hold the necessary entitlement to directly validate resolver answers");
10409 error = EPERM;
10410 goto done;
10411 }
10412
10413 if (uap->client_id == 0 || validatable_length < sizeof(*validatable) ||
10414 validatable_length > (NECP_CLIENT_ACTION_SIGN_MAX_TOTAL_LENGTH + NECP_CLIENT_ACTION_SIGN_TAG_LENGTH)) {
10415 error = EINVAL;
10416 goto done;
10417 }
10418
10419 if (validatable_length <= sizeof(default_validatable)) {
10420 validatable = (struct necp_client_validatable *)&default_validatable;
10421 } else {
10422 if ((allocated_validatable = (struct necp_client_validatable *)kalloc_data(validatable_length, Z_WAITOK | Z_ZERO)) == NULL) {
10423 NECPLOG(LOG_ERR, "necp_client_validate allocate struct %zu failed", validatable_length);
10424 error = ENOMEM;
10425 goto done;
10426 }
10427 validatable = allocated_validatable;
10428 }
10429
10430 error = copyin(uap->client_id, validatable, validatable_length);
10431 if (error) {
10432 NECPLOG(LOG_ERR, "necp_client_validate copyin error (%d)", error);
10433 goto done;
10434 }
10435
10436 const bool validated = necp_validate_resolver_answer(client_id: validatable->signable.client_id, sign_type: validatable->signable.sign_type,
10437 data: validatable->signable.signable_data, data_length: validatable_length - sizeof(struct necp_client_validatable),
10438 tag: validatable->signature.signed_tag, tag_length: sizeof(validatable->signature.signed_tag));
10439 if (!validated) {
10440 // Return EAUTH to indicate that the signature failed
10441 error = EAUTH;
10442 }
10443
10444done:
10445 if (allocated_validatable != NULL) {
10446 kfree_data(allocated_validatable, validatable_length);
10447 allocated_validatable = NULL;
10448 }
10449 *retval = error;
10450 return error;
10451}
10452
10453static NECP_CLIENT_ACTION_FUNCTION int
10454necp_client_get_signed_client_id(__unused struct necp_fd_data *fd_data, struct necp_client_action_args *uap, int *retval)
10455{
10456 int error = 0;
10457 *retval = 0;
10458 u_int32_t request_type = 0;
10459 struct necp_client_signed_client_id_uuid client_id = { 0 };
10460 const size_t buffer_size = uap->buffer_size;
10461 u_int8_t tag[NECP_CLIENT_ACTION_SIGN_TAG_LENGTH] = {};
10462 size_t tag_size = sizeof(tag);
10463
10464 // Only allow entitled processes to get the client ID.
10465 proc_t proc = current_proc();
10466 task_t __single task = proc_task(proc);
10467 bool has_delegation_entitlement = task != NULL && IOTaskHasEntitlement(task, kCSWebBrowserHostEntitlement);
10468 if (!has_delegation_entitlement) {
10469 has_delegation_entitlement = (priv_check_cred(cred: kauth_cred_get(), PRIV_NET_PRIVILEGED_SOCKET_DELEGATE, flags: 0) == 0);
10470 }
10471 if (!has_delegation_entitlement) {
10472 NECPLOG0(LOG_ERR, "necp_client_get_signed_client_id client lacks the necessary entitlement");
10473 error = EAUTH;
10474 goto done;
10475 }
10476
10477 if (uap->client_id == 0 || uap->client_id_len != sizeof(u_int32_t) ||
10478 buffer_size < sizeof(struct necp_client_signed_client_id_uuid) ||
10479 uap->buffer == 0) {
10480 NECPLOG0(LOG_ERR, "necp_client_get_signed_client_id bad input");
10481 error = EINVAL;
10482 goto done;
10483 }
10484
10485 error = copyin(uap->client_id, &request_type, sizeof(u_int32_t));
10486 if (error) {
10487 NECPLOG(LOG_ERR, "necp_client_get_signed_client_id copyin request_type error (%d)", error);
10488 goto done;
10489 }
10490
10491 if (request_type != NECP_CLIENT_SIGNED_CLIENT_ID_TYPE_UUID) {
10492 error = ENOENT;
10493 NECPLOG(LOG_ERR, "necp_client_get_signed_client_id bad request_type (%d)", request_type);
10494 goto done;
10495 }
10496
10497 uuid_t application_uuid;
10498 uuid_clear(uu: application_uuid);
10499 proc_getexecutableuuid(proc, application_uuid, sizeof(application_uuid));
10500
10501 error = necp_sign_application_id(client_id: application_uuid,
10502 NECP_CLIENT_SIGNED_CLIENT_ID_TYPE_UUID,
10503 tag, out_tag_length: &tag_size);
10504 if (tag_size != sizeof(tag)) {
10505 NECPLOG(LOG_ERR, "necp_client_get_signed_client_id unexpected tag size %zu", tag_size);
10506 error = EINVAL;
10507 goto done;
10508 }
10509 uuid_copy(dst: client_id.client_id, src: application_uuid);
10510 client_id.signature_length = tag_size;
10511 memcpy(dst: client_id.signature_data, src: tag, n: tag_size);
10512
10513 error = copyout(&client_id, uap->buffer, sizeof(client_id));
10514 if (error != 0) {
10515 NECPLOG(LOG_ERR, "necp_client_get_signed_client_id copyout error (%d)", error);
10516 goto done;
10517 }
10518
10519done:
10520 *retval = error;
10521 return error;
10522}
10523
10524static NECP_CLIENT_ACTION_FUNCTION int
10525necp_client_set_signed_client_id(__unused struct necp_fd_data *fd_data, struct necp_client_action_args *uap, int *retval)
10526{
10527 int error = 0;
10528 *retval = 0;
10529 u_int32_t request_type = 0;
10530 struct necp_client_signed_client_id_uuid client_id = { 0 };
10531 const size_t buffer_size = uap->buffer_size;
10532
10533 // Only allow entitled processes to set the client ID.
10534 proc_t proc = current_proc();
10535 task_t __single task = proc_task(proc);
10536 bool has_delegation_entitlement = task != NULL && IOTaskHasEntitlement(task, kCSWebBrowserNetworkEntitlement);
10537 if (!has_delegation_entitlement) {
10538 has_delegation_entitlement = (priv_check_cred(cred: kauth_cred_get(), PRIV_NET_PRIVILEGED_SOCKET_DELEGATE, flags: 0) == 0);
10539 }
10540 if (!has_delegation_entitlement) {
10541 NECPLOG0(LOG_ERR, "necp_client_set_signed_client_id client lacks the necessary entitlement");
10542 error = EAUTH;
10543 goto done;
10544 }
10545
10546 if (uap->client_id == 0 || uap->client_id_len != sizeof(u_int32_t) ||
10547 buffer_size < sizeof(struct necp_client_signed_client_id_uuid) ||
10548 uap->buffer == 0) {
10549 NECPLOG0(LOG_ERR, "necp_client_set_signed_client_id bad input");
10550 error = EINVAL;
10551 goto done;
10552 }
10553
10554 error = copyin(uap->client_id, &request_type, sizeof(u_int32_t));
10555 if (error) {
10556 NECPLOG(LOG_ERR, "necp_client_set_signed_client_id copyin request_type error (%d)", error);
10557 goto done;
10558 }
10559
10560 if (request_type != NECP_CLIENT_SIGNED_CLIENT_ID_TYPE_UUID) {
10561 error = ENOENT;
10562 NECPLOG(LOG_ERR, "necp_client_set_signed_client_id bad request_type (%d)", request_type);
10563 goto done;
10564 }
10565
10566 error = copyin(uap->buffer, &client_id, sizeof(struct necp_client_signed_client_id_uuid));
10567 if (error) {
10568 NECPLOG(LOG_ERR, "necp_client_set_signed_client_id copyin request error (%d)", error);
10569 goto done;
10570 }
10571
10572 const bool validated = necp_validate_application_id(client_id: client_id.client_id,
10573 NECP_CLIENT_SIGNED_CLIENT_ID_TYPE_UUID,
10574 tag: client_id.signature_data, tag_length: sizeof(client_id.signature_data));
10575 if (!validated) {
10576 // Return EAUTH to indicate that the signature failed
10577 error = EAUTH;
10578 NECPLOG(LOG_ERR, "necp_client_set_signed_client_id signature validation failed (%d)", error);
10579 goto done;
10580 }
10581
10582 proc_setresponsibleuuid(target_proc: proc, responsible_uuid: client_id.client_id, size: sizeof(client_id.client_id));
10583
10584done:
10585 *retval = error;
10586 return error;
10587}
10588
10589int
10590necp_client_action(struct proc *p, struct necp_client_action_args *uap, int *retval)
10591{
10592 struct fileproc *fp;
10593 int error = 0;
10594 int return_value = 0;
10595 struct necp_fd_data *fd_data = NULL;
10596
10597 error = necp_find_fd_data(p, fd: uap->necp_fd, fpp: &fp, fd_data: &fd_data);
10598 if (error != 0) {
10599 NECPLOG(LOG_ERR, "necp_client_action find fd error (%d)", error);
10600 return error;
10601 }
10602
10603 u_int32_t action = uap->action;
10604
10605#if CONFIG_MACF
10606 error = mac_necp_check_client_action(proc: p, fg: fp->fp_glob, action);
10607 if (error) {
10608 return_value = error;
10609 goto done;
10610 }
10611#endif /* MACF */
10612
10613 switch (action) {
10614 case NECP_CLIENT_ACTION_ADD: {
10615 return_value = necp_client_add(p, fd_data, uap, retval);
10616 break;
10617 }
10618 case NECP_CLIENT_ACTION_CLAIM: {
10619 return_value = necp_client_claim(p, fd_data, uap, retval);
10620 break;
10621 }
10622 case NECP_CLIENT_ACTION_REMOVE: {
10623 return_value = necp_client_remove(fd_data, uap, retval);
10624 break;
10625 }
10626 case NECP_CLIENT_ACTION_COPY_PARAMETERS:
10627 case NECP_CLIENT_ACTION_COPY_RESULT:
10628 case NECP_CLIENT_ACTION_COPY_UPDATED_RESULT: {
10629 return_value = necp_client_copy(fd_data, uap, retval);
10630 break;
10631 }
10632 case NECP_CLIENT_ACTION_COPY_LIST: {
10633 return_value = necp_client_list(fd_data, uap, retval);
10634 break;
10635 }
10636 case NECP_CLIENT_ACTION_ADD_FLOW: {
10637 return_value = necp_client_add_flow(fd_data, uap, retval);
10638 break;
10639 }
10640 case NECP_CLIENT_ACTION_REMOVE_FLOW: {
10641 return_value = necp_client_remove_flow(fd_data, uap, retval);
10642 break;
10643 }
10644#if SKYWALK
10645 case NECP_CLIENT_ACTION_REQUEST_NEXUS_INSTANCE: {
10646 return_value = necp_client_request_nexus(fd_data, uap, retval);
10647 break;
10648 }
10649#endif /* !SKYWALK */
10650 case NECP_CLIENT_ACTION_AGENT: {
10651 return_value = necp_client_agent_action(fd_data, uap, retval);
10652 break;
10653 }
10654 case NECP_CLIENT_ACTION_COPY_AGENT: {
10655 return_value = necp_client_copy_agent(fd_data, uap, retval);
10656 break;
10657 }
10658 case NECP_CLIENT_ACTION_AGENT_USE: {
10659 return_value = necp_client_agent_use(fd_data, uap, retval);
10660 break;
10661 }
10662 case NECP_CLIENT_ACTION_ACQUIRE_AGENT_TOKEN: {
10663 return_value = necp_client_acquire_agent_token(fd_data, uap, retval);
10664 break;
10665 }
10666 case NECP_CLIENT_ACTION_COPY_INTERFACE: {
10667 return_value = necp_client_copy_interface(fd_data, uap, retval);
10668 break;
10669 }
10670#if SKYWALK
10671 case NECP_CLIENT_ACTION_GET_INTERFACE_ADDRESS: {
10672 return_value = necp_client_get_interface_address(fd_data, uap, retval);
10673 break;
10674 }
10675 case NECP_CLIENT_ACTION_SET_STATISTICS: {
10676 return_value = ENOTSUP;
10677 break;
10678 }
10679 case NECP_CLIENT_ACTION_MAP_SYSCTLS: {
10680 return_value = necp_client_map_sysctls(fd_data, uap, retval);
10681 break;
10682 }
10683#endif /* !SKYWALK */
10684 case NECP_CLIENT_ACTION_COPY_ROUTE_STATISTICS: {
10685 return_value = necp_client_copy_route_statistics(fd_data, uap, retval);
10686 break;
10687 }
10688 case NECP_CLIENT_ACTION_UPDATE_CACHE: {
10689 return_value = necp_client_update_cache(fd_data, uap, retval);
10690 break;
10691 }
10692 case NECP_CLIENT_ACTION_COPY_CLIENT_UPDATE: {
10693 return_value = necp_client_copy_client_update(fd_data, uap, retval);
10694 break;
10695 }
10696 case NECP_CLIENT_ACTION_SIGN: {
10697 return_value = necp_client_sign(fd_data, uap, retval);
10698 break;
10699 }
10700 case NECP_CLIENT_ACTION_VALIDATE: {
10701 return_value = necp_client_validate(fd_data, uap, retval);
10702 break;
10703 }
10704 case NECP_CLIENT_ACTION_GET_SIGNED_CLIENT_ID: {
10705 return_value = necp_client_get_signed_client_id(fd_data, uap, retval);
10706 break;
10707 }
10708 case NECP_CLIENT_ACTION_SET_SIGNED_CLIENT_ID: {
10709 return_value = necp_client_set_signed_client_id(fd_data, uap, retval);
10710 break;
10711 }
10712 default: {
10713 NECPLOG(LOG_ERR, "necp_client_action unknown action (%u)", action);
10714 return_value = EINVAL;
10715 break;
10716 }
10717 }
10718
10719done:
10720 fp_drop(p, fd: uap->necp_fd, fp, locked: 0);
10721 return return_value;
10722}
10723
10724#define NECP_MAX_MATCH_POLICY_PARAMETER_SIZE 1024
10725
10726int
10727necp_match_policy(struct proc *p, struct necp_match_policy_args *uap, int32_t *retval)
10728{
10729#pragma unused(retval)
10730 u_int8_t *parameters = NULL;
10731 struct necp_aggregate_result returned_result;
10732 int error = 0;
10733
10734 if (uap == NULL) {
10735 error = EINVAL;
10736 goto done;
10737 }
10738
10739 if (uap->parameters == 0 || uap->parameters_size == 0 || uap->parameters_size > NECP_MAX_MATCH_POLICY_PARAMETER_SIZE || uap->returned_result == 0) {
10740 error = EINVAL;
10741 goto done;
10742 }
10743
10744 parameters = (u_int8_t *)kalloc_data(uap->parameters_size, Z_WAITOK | Z_ZERO);
10745 if (parameters == NULL) {
10746 error = ENOMEM;
10747 goto done;
10748 }
10749 // Copy parameters in
10750 error = copyin(uap->parameters, parameters, uap->parameters_size);
10751 if (error) {
10752 goto done;
10753 }
10754
10755 error = necp_application_find_policy_match_internal(proc: p, parameters, parameters_size: uap->parameters_size,
10756 returned_result: &returned_result, NULL, NULL, required_interface_index: 0, NULL, NULL, NULL, NULL, NULL, false, false, NULL);
10757 if (error) {
10758 goto done;
10759 }
10760
10761 // Copy return value back
10762 error = copyout(&returned_result, uap->returned_result, sizeof(struct necp_aggregate_result));
10763 if (error) {
10764 goto done;
10765 }
10766done:
10767 if (parameters != NULL) {
10768 kfree_data(parameters, uap->parameters_size);
10769 }
10770 return error;
10771}
10772
10773/// Socket operations
10774
10775static errno_t
10776necp_set_socket_attribute(u_int8_t *buffer, size_t buffer_length, u_int8_t type, char **buffer_p, bool *single_tlv)
10777{
10778 int error = 0;
10779 int cursor = 0;
10780 size_t string_size = 0;
10781 char *local_string = NULL;
10782 u_int8_t *value = NULL;
10783 char *buffer_to_free = NULL;
10784
10785 cursor = necp_buffer_find_tlv(buffer, buffer_length, offset: 0, type, NULL, next: 0);
10786 if (cursor < 0) {
10787 // This will clear out the parameter
10788 goto done;
10789 }
10790
10791 string_size = necp_buffer_get_tlv_length(buffer, tlv_offset: cursor);
10792 if (single_tlv != NULL && (buffer_length == sizeof(struct necp_tlv_header) + string_size)) {
10793 *single_tlv = true;
10794 }
10795 if (string_size == 0 || string_size > NECP_MAX_SOCKET_ATTRIBUTE_STRING_LENGTH) {
10796 // This will clear out the parameter
10797 goto done;
10798 }
10799
10800 local_string = (char *)kalloc_data(string_size + 1, Z_WAITOK | Z_ZERO);
10801 if (local_string == NULL) {
10802 NECPLOG(LOG_ERR, "Failed to allocate a socket attribute buffer (size %zu)", string_size);
10803 goto fail;
10804 }
10805
10806 value = necp_buffer_get_tlv_value(buffer, tlv_offset: cursor, NULL);
10807 if (value == NULL) {
10808 NECPLOG0(LOG_ERR, "Failed to get socket attribute");
10809 goto fail;
10810 }
10811
10812 memcpy(dst: local_string, src: value, n: string_size);
10813 local_string[string_size] = 0;
10814
10815done:
10816 buffer_to_free = *buffer_p;
10817
10818 // Protect switching of buffer pointer
10819 necp_lock_socket_attributes();
10820 *buffer_p = local_string;
10821 necp_unlock_socket_attributes();
10822
10823 if (buffer_to_free != NULL) {
10824 kfree_data_addr(buffer_to_free);
10825 }
10826 return 0;
10827fail:
10828 if (local_string != NULL) {
10829 kfree_data(local_string, string_size + 1);
10830 }
10831 return error;
10832}
10833
10834errno_t
10835necp_set_socket_attributes(struct inp_necp_attributes *attributes, struct sockopt *sopt)
10836{
10837 int error = 0;
10838 u_int8_t *buffer = NULL;
10839 bool single_tlv = false;
10840 size_t valsize = sopt->sopt_valsize;
10841 if (valsize == 0 ||
10842 valsize > ((sizeof(struct necp_tlv_header) + NECP_MAX_SOCKET_ATTRIBUTE_STRING_LENGTH) * 4)) {
10843 goto done;
10844 }
10845
10846 buffer = (u_int8_t *)kalloc_data(valsize, Z_WAITOK | Z_ZERO);
10847 if (buffer == NULL) {
10848 goto done;
10849 }
10850
10851 error = sooptcopyin(sopt, buffer, len: valsize, minlen: 0);
10852 if (error) {
10853 goto done;
10854 }
10855
10856 // If NECP_TLV_ATTRIBUTE_DOMAIN_CONTEXT is being set/cleared separately from the other attributes,
10857 // do not clear other attributes.
10858 error = necp_set_socket_attribute(buffer, buffer_length: valsize, NECP_TLV_ATTRIBUTE_DOMAIN_CONTEXT, buffer_p: &attributes->inp_domain_context, single_tlv: &single_tlv);
10859 if (error) {
10860 NECPLOG0(LOG_ERR, "Could not set domain context TLV for socket attributes");
10861 goto done;
10862 }
10863 if (single_tlv == true) {
10864 goto done;
10865 }
10866
10867 error = necp_set_socket_attribute(buffer, buffer_length: valsize, NECP_TLV_ATTRIBUTE_DOMAIN, buffer_p: &attributes->inp_domain, NULL);
10868 if (error) {
10869 NECPLOG0(LOG_ERR, "Could not set domain TLV for socket attributes");
10870 goto done;
10871 }
10872
10873 error = necp_set_socket_attribute(buffer, buffer_length: valsize, NECP_TLV_ATTRIBUTE_DOMAIN_OWNER, buffer_p: &attributes->inp_domain_owner, NULL);
10874 if (error) {
10875 NECPLOG0(LOG_ERR, "Could not set domain owner TLV for socket attributes");
10876 goto done;
10877 }
10878
10879 error = necp_set_socket_attribute(buffer, buffer_length: valsize, NECP_TLV_ATTRIBUTE_TRACKER_DOMAIN, buffer_p: &attributes->inp_tracker_domain, NULL);
10880 if (error) {
10881 NECPLOG0(LOG_ERR, "Could not set tracker domain TLV for socket attributes");
10882 goto done;
10883 }
10884
10885 error = necp_set_socket_attribute(buffer, buffer_length: valsize, NECP_TLV_ATTRIBUTE_ACCOUNT, buffer_p: &attributes->inp_account, NULL);
10886 if (error) {
10887 NECPLOG0(LOG_ERR, "Could not set account TLV for socket attributes");
10888 goto done;
10889 }
10890
10891done:
10892 NECP_SOCKET_ATTRIBUTE_LOG("NECP ATTRIBUTES SOCKET - domain <%s> owner <%s> context <%s> tracker domain <%s> account <%s>",
10893 attributes->inp_domain,
10894 attributes->inp_domain_owner,
10895 attributes->inp_domain_context,
10896 attributes->inp_tracker_domain,
10897 attributes->inp_account);
10898
10899 if (necp_debug) {
10900 NECPLOG(LOG_DEBUG, "Set on socket: Domain %s, Domain owner %s, Domain context %s, Tracker domain %s, Account %s",
10901 attributes->inp_domain,
10902 attributes->inp_domain_owner,
10903 attributes->inp_domain_context,
10904 attributes->inp_tracker_domain,
10905 attributes->inp_account);
10906 }
10907
10908 if (buffer != NULL) {
10909 kfree_data(buffer, valsize);
10910 }
10911
10912 return error;
10913}
10914
10915errno_t
10916necp_get_socket_attributes(struct inp_necp_attributes *attributes, struct sockopt *sopt)
10917{
10918 int error = 0;
10919 u_int8_t *buffer = NULL;
10920 u_int8_t *cursor = NULL;
10921 size_t valsize = 0;
10922
10923 if (attributes->inp_domain != NULL) {
10924 valsize += sizeof(struct necp_tlv_header) + strlen(s: attributes->inp_domain);
10925 }
10926 if (attributes->inp_domain_owner != NULL) {
10927 valsize += sizeof(struct necp_tlv_header) + strlen(s: attributes->inp_domain_owner);
10928 }
10929 if (attributes->inp_domain_context != NULL) {
10930 valsize += sizeof(struct necp_tlv_header) + strlen(s: attributes->inp_domain_context);
10931 }
10932 if (attributes->inp_tracker_domain != NULL) {
10933 valsize += sizeof(struct necp_tlv_header) + strlen(s: attributes->inp_tracker_domain);
10934 }
10935 if (attributes->inp_account != NULL) {
10936 valsize += sizeof(struct necp_tlv_header) + strlen(s: attributes->inp_account);
10937 }
10938 if (valsize == 0) {
10939 goto done;
10940 }
10941
10942 buffer = (u_int8_t *)kalloc_data(valsize, Z_WAITOK | Z_ZERO);
10943 if (buffer == NULL) {
10944 goto done;
10945 }
10946
10947 cursor = buffer;
10948 if (attributes->inp_domain != NULL) {
10949 cursor = necp_buffer_write_tlv(cursor, NECP_TLV_ATTRIBUTE_DOMAIN, length: strlen(s: attributes->inp_domain), value: attributes->inp_domain,
10950 buffer, buffer_length: valsize);
10951 }
10952
10953 if (attributes->inp_domain_owner != NULL) {
10954 cursor = necp_buffer_write_tlv(cursor, NECP_TLV_ATTRIBUTE_DOMAIN_OWNER, length: strlen(s: attributes->inp_domain_owner), value: attributes->inp_domain_owner,
10955 buffer, buffer_length: valsize);
10956 }
10957
10958 if (attributes->inp_domain_context != NULL) {
10959 cursor = necp_buffer_write_tlv(cursor, NECP_TLV_ATTRIBUTE_DOMAIN_CONTEXT, length: strlen(s: attributes->inp_domain_context), value: attributes->inp_domain_context,
10960 buffer, buffer_length: valsize);
10961 }
10962
10963 if (attributes->inp_tracker_domain != NULL) {
10964 cursor = necp_buffer_write_tlv(cursor, NECP_TLV_ATTRIBUTE_TRACKER_DOMAIN, length: strlen(s: attributes->inp_tracker_domain), value: attributes->inp_tracker_domain,
10965 buffer, buffer_length: valsize);
10966 }
10967
10968 if (attributes->inp_account != NULL) {
10969 cursor = necp_buffer_write_tlv(cursor, NECP_TLV_ATTRIBUTE_ACCOUNT, length: strlen(s: attributes->inp_account), value: attributes->inp_account,
10970 buffer, buffer_length: valsize);
10971 }
10972
10973 error = sooptcopyout(sopt, data: buffer, len: valsize);
10974 if (error) {
10975 goto done;
10976 }
10977done:
10978 if (buffer != NULL) {
10979 kfree_data(buffer, valsize);
10980 }
10981
10982 return error;
10983}
10984
10985int
10986necp_set_socket_resolver_signature(struct inpcb *inp, struct sockopt *sopt)
10987{
10988 const size_t valsize = sopt->sopt_valsize;
10989 if (valsize > NECP_CLIENT_ACTION_SIGN_MAX_TOTAL_LENGTH + NECP_CLIENT_ACTION_SIGN_TAG_LENGTH) {
10990 return EINVAL;
10991 }
10992
10993 necp_lock_socket_attributes();
10994 if (inp->inp_resolver_signature != NULL) {
10995 kfree_data(inp->inp_resolver_signature, inp->inp_resolver_signature_length);
10996 }
10997 inp->inp_resolver_signature_length = 0;
10998
10999 int error = 0;
11000 if (valsize > 0) {
11001 inp->inp_resolver_signature = kalloc_data(valsize, Z_WAITOK | Z_ZERO);
11002 if ((error = sooptcopyin(sopt, inp->inp_resolver_signature, len: valsize,
11003 minlen: valsize)) != 0) {
11004 // Free the signature buffer if the copyin failed
11005 kfree_data(inp->inp_resolver_signature, valsize);
11006 } else {
11007 inp->inp_resolver_signature_length = valsize;
11008 }
11009 }
11010 necp_unlock_socket_attributes();
11011
11012 return error;
11013}
11014
11015int
11016necp_get_socket_resolver_signature(struct inpcb *inp, struct sockopt *sopt)
11017{
11018 int error = 0;
11019 necp_lock_socket_attributes();
11020 if (inp->inp_resolver_signature == NULL ||
11021 inp->inp_resolver_signature_length == 0) {
11022 error = ENOENT;
11023 } else {
11024 error = sooptcopyout(sopt, data: inp->inp_resolver_signature,
11025 len: inp->inp_resolver_signature_length);
11026 }
11027 necp_unlock_socket_attributes();
11028 return error;
11029}
11030
11031bool
11032necp_socket_has_resolver_signature(struct inpcb *inp)
11033{
11034 necp_lock_socket_attributes();
11035 bool has_signature = (inp->inp_resolver_signature != NULL && inp->inp_resolver_signature_length != 0);
11036 necp_unlock_socket_attributes();
11037 return has_signature;
11038}
11039
11040bool
11041necp_socket_resolver_signature_matches_address(struct inpcb *inp, union necp_sockaddr_union *address)
11042{
11043 bool matches_address = false;
11044 necp_lock_socket_attributes();
11045 if (inp->inp_resolver_signature != NULL && inp->inp_resolver_signature_length > 0 && address->sa.sa_len > 0) {
11046 struct necp_client_validatable *validatable = (struct necp_client_validatable *)inp->inp_resolver_signature;
11047 if (inp->inp_resolver_signature_length > sizeof(struct necp_client_validatable) &&
11048 validatable->signable.sign_type == NECP_CLIENT_SIGN_TYPE_SYSTEM_RESOLVER_ANSWER) {
11049 size_t data_length = inp->inp_resolver_signature_length - sizeof(struct necp_client_validatable);
11050 if (data_length >= (sizeof(struct necp_client_host_resolver_answer) - sizeof(struct necp_client_signable))) {
11051 struct necp_client_host_resolver_answer *answer_struct = (struct necp_client_host_resolver_answer *)&validatable->signable;
11052 if (data_length == (sizeof(struct necp_client_host_resolver_answer) + answer_struct->hostname_length - sizeof(struct necp_client_signable)) &&
11053 answer_struct->address_answer.sa.sa_family == address->sa.sa_family &&
11054 answer_struct->address_answer.sa.sa_len == address->sa.sa_len &&
11055 (answer_struct->address_answer.sin.sin_port == 0 ||
11056 answer_struct->address_answer.sin.sin_port == address->sin.sin_port) &&
11057 ((answer_struct->address_answer.sa.sa_family == AF_INET &&
11058 answer_struct->address_answer.sin.sin_addr.s_addr == address->sin.sin_addr.s_addr) ||
11059 (answer_struct->address_answer.sa.sa_family == AF_INET6 &&
11060 memcmp(s1: &answer_struct->address_answer.sin6.sin6_addr, s2: &address->sin6.sin6_addr, n: sizeof(struct in6_addr)) == 0))) {
11061 // Address matches
11062 const bool validated = necp_validate_resolver_answer(client_id: validatable->signable.client_id,
11063 sign_type: validatable->signable.sign_type,
11064 data: validatable->signable.signable_data, data_length,
11065 tag: validatable->signature.signed_tag, tag_length: sizeof(validatable->signature.signed_tag));
11066 if (validated) {
11067 // Answer is validated
11068 matches_address = true;
11069 }
11070 }
11071 }
11072 }
11073 }
11074 necp_unlock_socket_attributes();
11075 return matches_address;
11076}
11077
11078/*
11079 * necp_set_socket_domain_attributes
11080 * Called from soconnectlock/soconnectxlock to directly set the tracker domain and owner for
11081 * a newly marked tracker socket.
11082 */
11083errno_t
11084necp_set_socket_domain_attributes(struct socket *so, const char *domain, const char *domain_owner)
11085{
11086 int error = 0;
11087 struct inpcb *inp = NULL;
11088 u_int8_t *buffer = NULL;
11089 size_t valsize = 0;
11090 char *buffer_to_free = NULL;
11091
11092 if (SOCK_DOM(so) != PF_INET && SOCK_DOM(so) != PF_INET6) {
11093 error = EINVAL;
11094 goto fail;
11095 }
11096
11097 // Set domain (required)
11098
11099 valsize = strlen(s: domain);
11100 if (valsize == 0 || valsize > NECP_MAX_SOCKET_ATTRIBUTE_STRING_LENGTH) {
11101 error = EINVAL;
11102 goto fail;
11103 }
11104
11105 buffer = (u_int8_t *)kalloc_data(valsize + 1, Z_WAITOK | Z_ZERO);
11106 if (buffer == NULL) {
11107 error = ENOMEM;
11108 goto fail;
11109 }
11110 bcopy(src: domain, dst: buffer, n: valsize);
11111 buffer[valsize] = 0;
11112
11113 inp = sotoinpcb(so);
11114 // Do not overwrite a previously set domain if tracker domain is different.
11115 if (inp->inp_necp_attributes.inp_domain != NULL) {
11116 if (strlen(s: inp->inp_necp_attributes.inp_domain) != strlen(s: domain) ||
11117 strncmp(s1: inp->inp_necp_attributes.inp_domain, s2: domain, n: strlen(s: domain)) != 0) {
11118 buffer_to_free = inp->inp_necp_attributes.inp_tracker_domain;
11119 // Protect switching of buffer pointer
11120 necp_lock_socket_attributes();
11121 inp->inp_necp_attributes.inp_tracker_domain = (char *)buffer;
11122 necp_unlock_socket_attributes();
11123 if (buffer_to_free != NULL) {
11124 kfree_data_addr(buffer_to_free);
11125 }
11126 } else {
11127 kfree_data_addr(buffer);
11128 }
11129 } else {
11130 // Protect switching of buffer pointer
11131 necp_lock_socket_attributes();
11132 inp->inp_necp_attributes.inp_domain = (char *)buffer;
11133 necp_unlock_socket_attributes();
11134 }
11135 buffer = NULL;
11136
11137 // set domain_owner (required only for tracker)
11138 if (!(so->so_flags1 & SOF1_KNOWN_TRACKER)) {
11139 goto done;
11140 }
11141
11142 valsize = strlen(s: domain_owner);
11143 if (valsize == 0 || valsize > NECP_MAX_SOCKET_ATTRIBUTE_STRING_LENGTH) {
11144 error = EINVAL;
11145 goto fail;
11146 }
11147
11148 buffer = (u_int8_t *)kalloc_data(valsize + 1, Z_WAITOK | Z_ZERO);
11149 if (buffer == NULL) {
11150 error = ENOMEM;
11151 goto fail;
11152 }
11153 bcopy(src: domain_owner, dst: buffer, n: valsize);
11154 buffer[valsize] = 0;
11155
11156 inp = sotoinpcb(so);
11157
11158 buffer_to_free = inp->inp_necp_attributes.inp_domain_owner;
11159 // Protect switching of buffer pointer
11160 necp_lock_socket_attributes();
11161 inp->inp_necp_attributes.inp_domain_owner = (char *)buffer;
11162 necp_unlock_socket_attributes();
11163 buffer = NULL;
11164
11165 if (buffer_to_free != NULL) {
11166 kfree_data_addr(buffer_to_free);
11167 }
11168
11169done:
11170 NECP_SOCKET_PARAMS_LOG(so, "NECP ATTRIBUTES SOCKET - domain <%s> owner <%s> context <%s> tracker domain <%s> account <%s> "
11171 "<so flags - is_tracker %X non-app-initiated %X app-approved-domain %X",
11172 inp->inp_necp_attributes.inp_domain,
11173 inp->inp_necp_attributes.inp_domain_owner,
11174 inp->inp_necp_attributes.inp_domain_context,
11175 inp->inp_necp_attributes.inp_tracker_domain,
11176 inp->inp_necp_attributes.inp_account,
11177 so->so_flags1 & SOF1_KNOWN_TRACKER,
11178 so->so_flags1 & SOF1_TRACKER_NON_APP_INITIATED,
11179 so->so_flags1 & SOF1_APPROVED_APP_DOMAIN);
11180
11181 if (necp_debug) {
11182 NECPLOG(LOG_DEBUG, "Set on socket: Domain <%s> Domain owner <%s> Domain context <%s> Tracker domain <%s> Account <%s> ",
11183 inp->inp_necp_attributes.inp_domain,
11184 inp->inp_necp_attributes.inp_domain_owner,
11185 inp->inp_necp_attributes.inp_domain_context,
11186 inp->inp_necp_attributes.inp_tracker_domain,
11187 inp->inp_necp_attributes.inp_account);
11188 }
11189fail:
11190 if (buffer != NULL) {
11191 kfree_data(buffer, valsize + 1);
11192 }
11193 return error;
11194}
11195
11196void *
11197necp_create_nexus_assign_message(uuid_t nexus_instance, nexus_port_t nexus_port, void *key, uint32_t key_length,
11198 struct necp_client_endpoint *local_endpoint, struct necp_client_endpoint *remote_endpoint, struct ether_addr *local_ether_addr,
11199 u_int32_t flow_adv_index, void *flow_stats, size_t *message_length)
11200{
11201 u_int8_t *buffer = NULL;
11202 u_int8_t *cursor = NULL;
11203 size_t valsize = 0;
11204 bool has_nexus_assignment = FALSE;
11205
11206 if (!uuid_is_null(uu: nexus_instance)) {
11207 has_nexus_assignment = TRUE;
11208 valsize += sizeof(struct necp_tlv_header) + sizeof(uuid_t);
11209 valsize += sizeof(struct necp_tlv_header) + sizeof(nexus_port_t);
11210 }
11211 if (flow_adv_index != NECP_FLOWADV_IDX_INVALID) {
11212 valsize += sizeof(struct necp_tlv_header) + sizeof(u_int32_t);
11213 }
11214 if (key != NULL && key_length > 0) {
11215 valsize += sizeof(struct necp_tlv_header) + key_length;
11216 }
11217 if (local_endpoint != NULL) {
11218 valsize += sizeof(struct necp_tlv_header) + sizeof(struct necp_client_endpoint);
11219 }
11220 if (remote_endpoint != NULL) {
11221 valsize += sizeof(struct necp_tlv_header) + sizeof(struct necp_client_endpoint);
11222 }
11223 if (local_ether_addr != NULL) {
11224 valsize += sizeof(struct necp_tlv_header) + sizeof(struct ether_addr);
11225 }
11226 if (flow_stats != NULL) {
11227 valsize += sizeof(struct necp_tlv_header) + sizeof(void *);
11228 }
11229 if (valsize == 0) {
11230 return NULL;
11231 }
11232
11233 buffer = kalloc_data(valsize, Z_WAITOK | Z_ZERO);
11234 if (buffer == NULL) {
11235 return NULL;
11236 }
11237
11238 cursor = buffer;
11239 if (has_nexus_assignment) {
11240 cursor = necp_buffer_write_tlv(cursor, NECP_CLIENT_RESULT_NEXUS_INSTANCE, length: sizeof(uuid_t), value: nexus_instance, buffer, buffer_length: valsize);
11241 cursor = necp_buffer_write_tlv(cursor, NECP_CLIENT_RESULT_NEXUS_PORT, length: sizeof(nexus_port_t), value: &nexus_port, buffer, buffer_length: valsize);
11242 }
11243 if (flow_adv_index != NECP_FLOWADV_IDX_INVALID) {
11244 cursor = necp_buffer_write_tlv(cursor, NECP_CLIENT_RESULT_NEXUS_PORT_FLOW_INDEX, length: sizeof(u_int32_t), value: &flow_adv_index, buffer, buffer_length: valsize);
11245 }
11246 if (key != NULL && key_length > 0) {
11247 cursor = necp_buffer_write_tlv(cursor, NECP_CLIENT_PARAMETER_NEXUS_KEY, length: key_length, value: key, buffer, buffer_length: valsize);
11248 }
11249 if (local_endpoint != NULL) {
11250 cursor = necp_buffer_write_tlv(cursor, NECP_CLIENT_RESULT_LOCAL_ENDPOINT, length: sizeof(struct necp_client_endpoint), value: local_endpoint, buffer, buffer_length: valsize);
11251 }
11252 if (remote_endpoint != NULL) {
11253 cursor = necp_buffer_write_tlv(cursor, NECP_CLIENT_RESULT_REMOTE_ENDPOINT, length: sizeof(struct necp_client_endpoint), value: remote_endpoint, buffer, buffer_length: valsize);
11254 }
11255 if (local_ether_addr != NULL) {
11256 cursor = necp_buffer_write_tlv(cursor, NECP_CLIENT_RESULT_LOCAL_ETHER_ADDR, length: sizeof(struct ether_addr), value: local_ether_addr, buffer, buffer_length: valsize);
11257 }
11258 if (flow_stats != NULL) {
11259 cursor = necp_buffer_write_tlv(cursor, NECP_CLIENT_RESULT_NEXUS_FLOW_STATS, length: sizeof(void *), value: &flow_stats, buffer, buffer_length: valsize);
11260 }
11261
11262 *message_length = valsize;
11263
11264 return buffer;
11265}
11266
11267void
11268necp_inpcb_remove_cb(struct inpcb *inp)
11269{
11270 if (!uuid_is_null(uu: inp->necp_client_uuid)) {
11271 necp_client_unregister_socket_flow(client_id: inp->necp_client_uuid, handle: inp);
11272 uuid_clear(uu: inp->necp_client_uuid);
11273 }
11274}
11275
11276void
11277necp_inpcb_dispose(struct inpcb *inp)
11278{
11279 necp_inpcb_remove_cb(inp); // Clear out socket registrations if not yet done
11280 if (inp->inp_necp_attributes.inp_domain != NULL) {
11281 kfree_data_addr(inp->inp_necp_attributes.inp_domain);
11282 inp->inp_necp_attributes.inp_domain = NULL;
11283 }
11284 if (inp->inp_necp_attributes.inp_account != NULL) {
11285 kfree_data_addr(inp->inp_necp_attributes.inp_account);
11286 inp->inp_necp_attributes.inp_account = NULL;
11287 }
11288 if (inp->inp_necp_attributes.inp_domain_owner != NULL) {
11289 kfree_data_addr(inp->inp_necp_attributes.inp_domain_owner);
11290 inp->inp_necp_attributes.inp_domain_owner = NULL;
11291 }
11292 if (inp->inp_necp_attributes.inp_domain_context != NULL) {
11293 kfree_data_addr(inp->inp_necp_attributes.inp_domain_context);
11294 inp->inp_necp_attributes.inp_domain_context = NULL;
11295 }
11296 if (inp->inp_necp_attributes.inp_tracker_domain != NULL) {
11297 kfree_data_addr(inp->inp_necp_attributes.inp_tracker_domain);
11298 inp->inp_necp_attributes.inp_tracker_domain = NULL;
11299 }
11300 if (inp->inp_resolver_signature != NULL) {
11301 kfree_data(inp->inp_resolver_signature, inp->inp_resolver_signature_length);
11302 }
11303 inp->inp_resolver_signature_length = 0;
11304}
11305
11306void
11307necp_mppcb_dispose(struct mppcb *mpp)
11308{
11309 if (!uuid_is_null(uu: mpp->necp_client_uuid)) {
11310 necp_client_unregister_multipath_cb(client_id: mpp->necp_client_uuid, handle: mpp);
11311 uuid_clear(uu: mpp->necp_client_uuid);
11312 }
11313
11314 if (mpp->inp_necp_attributes.inp_domain != NULL) {
11315 kfree_data_addr(mpp->inp_necp_attributes.inp_domain);
11316 mpp->inp_necp_attributes.inp_domain = NULL;
11317 }
11318 if (mpp->inp_necp_attributes.inp_account != NULL) {
11319 kfree_data_addr(mpp->inp_necp_attributes.inp_account);
11320 mpp->inp_necp_attributes.inp_account = NULL;
11321 }
11322 if (mpp->inp_necp_attributes.inp_domain_owner != NULL) {
11323 kfree_data_addr(mpp->inp_necp_attributes.inp_domain_owner);
11324 mpp->inp_necp_attributes.inp_domain_owner = NULL;
11325 }
11326 if (mpp->inp_necp_attributes.inp_tracker_domain != NULL) {
11327 kfree_data_addr(mpp->inp_necp_attributes.inp_tracker_domain);
11328 mpp->inp_necp_attributes.inp_tracker_domain = NULL;
11329 }
11330}
11331
11332/// Module init
11333
11334void
11335necp_client_init(void)
11336{
11337 necp_client_update_tcall = thread_call_allocate_with_options(func: necp_update_all_clients_callout, NULL,
11338 pri: THREAD_CALL_PRIORITY_KERNEL, options: THREAD_CALL_OPTIONS_ONCE);
11339 VERIFY(necp_client_update_tcall != NULL);
11340#if SKYWALK
11341
11342 necp_client_collect_stats_tcall = thread_call_allocate_with_options(func: necp_collect_stats_client_callout, NULL,
11343 pri: THREAD_CALL_PRIORITY_KERNEL, options: THREAD_CALL_OPTIONS_ONCE);
11344 VERIFY(necp_client_collect_stats_tcall != NULL);
11345
11346 necp_close_empty_arenas_tcall = thread_call_allocate_with_options(func: necp_close_empty_arenas_callout, NULL,
11347 pri: THREAD_CALL_PRIORITY_KERNEL, options: THREAD_CALL_OPTIONS_ONCE);
11348 VERIFY(necp_close_empty_arenas_tcall != NULL);
11349#endif /* SKYWALK */
11350
11351 LIST_INIT(&necp_fd_list);
11352 LIST_INIT(&necp_fd_observer_list);
11353 LIST_INIT(&necp_collect_stats_flow_list);
11354
11355 RB_INIT(&necp_client_global_tree);
11356 RB_INIT(&necp_client_flow_global_tree);
11357}
11358
11359#if SKYWALK
11360pid_t
11361necp_client_get_proc_pid_from_arena_info(struct skmem_arena_mmap_info *arena_info)
11362{
11363 ASSERT((arena_info->ami_arena->ar_type == SKMEM_ARENA_TYPE_NECP) || (arena_info->ami_arena->ar_type == SKMEM_ARENA_TYPE_SYSTEM));
11364
11365 if (arena_info->ami_arena->ar_type == SKMEM_ARENA_TYPE_NECP) {
11366 struct necp_arena_info *nai = container_of(arena_info, struct necp_arena_info, nai_mmap);
11367 return nai->nai_proc_pid;
11368 } else {
11369 struct necp_fd_data *fd_data = container_of(arena_info, struct necp_fd_data, sysctl_mmap);
11370 return fd_data->proc_pid;
11371 }
11372}
11373#endif /* !SKYWALK */
11374