1 /* 2 * Copyright (c) 2014-2017, 2023 Apple Inc. All rights reserved. 3 * 4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@ 5 * 6 * This file contains Original Code and/or Modifications of Original Code 7 * as defined in and that are subject to the Apple Public Source License 8 * Version 2.0 (the 'License'). You may not use this file except in 9 * compliance with the License. The rights granted to you under the License 10 * may not be used to create, or enable the creation or redistribution of, 11 * unlawful or unlicensed copies of an Apple operating system, or to 12 * circumvent, violate, or enable the circumvention or violation of, any 13 * terms of an Apple operating system software license agreement. 14 * 15 * Please obtain a copy of the License at 16 * http://www.opensource.apple.com/apsl/ and read it before using this file. 17 * 18 * The Original Code and all software distributed under the License are 19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER 20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, 21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, 22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. 23 * Please see the License for the specific language governing rights and 24 * limitations under the License. 25 * 26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@ 27 */ 28 29 #ifndef _NETAGENT_H_ 30 #define _NETAGENT_H_ 31 #include <net/net_kev.h> 32 33 #ifdef PRIVATE 34 35 #include <netinet/in.h> 36 #include <sys/socket.h> 37 #include <uuid/uuid.h> 38 39 #ifdef BSD_KERNEL_PRIVATE 40 #include <stdbool.h> 41 42 errno_t netagent_init(void); 43 #endif 44 /* 45 * Name registered by the Network Agent kernel control 46 */ 47 #define NETAGENT_CONTROL_NAME "com.apple.net.netagent" 48 49 struct netagent_message_header { 50 u_int8_t message_type; 51 u_int8_t message_flags; 52 u_int32_t message_id; 53 u_int32_t message_error; 54 u_int32_t message_payload_length; 55 }; 56 57 struct netagent_trigger_message { 58 u_int32_t trigger_flags; 59 pid_t trigger_pid; 60 uuid_t trigger_proc_uuid; 61 }; 62 63 struct netagent_client_message { 64 uuid_t client_id; 65 }; 66 67 struct netagent_client_error_message { 68 uuid_t client_id; 69 int32_t error_code; 70 }; 71 72 struct netagent_client_group_message { 73 uuid_t client_id; 74 u_int8_t group_members[0]; 75 }; 76 77 struct netagent_assign_nexus_message { 78 uuid_t assign_client_id; 79 u_int8_t assign_necp_results[0]; 80 }; 81 82 #define NETAGENT_MESSAGE_TYPE_REGISTER 1 // Pass netagent to set, no return value 83 #define NETAGENT_MESSAGE_TYPE_UNREGISTER 2 // No value, no return value 84 #define NETAGENT_MESSAGE_TYPE_UPDATE 3 // Pass netagent to update, no return value 85 #define NETAGENT_MESSAGE_TYPE_GET 4 // No value, return netagent 86 #define NETAGENT_MESSAGE_TYPE_TRIGGER 5 // Kernel initiated, no reply expected 87 #define NETAGENT_MESSAGE_TYPE_ASSERT 6 // Deprecated 88 #define NETAGENT_MESSAGE_TYPE_UNASSERT 7 // Deprecated 89 #define NETAGENT_MESSAGE_TYPE_TRIGGER_ASSERT 8 // Kernel initiated, no reply expected 90 #define NETAGENT_MESSAGE_TYPE_TRIGGER_UNASSERT 9 // Kernel initiated, no reply expected 91 #define NETAGENT_MESSAGE_TYPE_REQUEST_NEXUS 10 // Kernel initiated, struct netagent_client_message 92 #define NETAGENT_MESSAGE_TYPE_ASSIGN_NEXUS 11 // Pass struct netagent_assign_nexus_message 93 #define NETAGENT_MESSAGE_TYPE_CLOSE_NEXUS 12 // Kernel initiated, struct netagent_client_message 94 #define NETAGENT_MESSAGE_TYPE_CLIENT_TRIGGER 13 // Kernel initiated, struct netagent_client_message 95 #define NETAGENT_MESSAGE_TYPE_CLIENT_ASSERT 14 // Kernel initiated, struct netagent_client_message 96 #define NETAGENT_MESSAGE_TYPE_CLIENT_UNASSERT 15 // Kernel initiated, struct netagent_client_message 97 98 #define NETAGENT_OPTION_TYPE_REGISTER NETAGENT_MESSAGE_TYPE_REGISTER // Pass netagent to set, no return value 99 #define NETAGENT_OPTION_TYPE_UNREGISTER NETAGENT_MESSAGE_TYPE_UNREGISTER // No value, no return value 100 #define NETAGENT_OPTION_TYPE_UPDATE NETAGENT_MESSAGE_TYPE_UPDATE // Pass netagent to update, no return value 101 #define NETAGENT_OPTION_TYPE_ASSIGN_NEXUS NETAGENT_MESSAGE_TYPE_ASSIGN_NEXUS // Pass struct netagent_assign_nexus_message 102 #define NETAGENT_OPTION_TYPE_USE_COUNT 16 // Pass use count to set, get current use count 103 #define NETAGENT_MESSAGE_TYPE_ABORT_NEXUS 17 // Kernel private 104 #define NETAGENT_MESSAGE_TYPE_ADD_GROUP_MEMBERS 18 // Kernel initiated, struct netagent_client_group_message 105 #define NETAGENT_MESSAGE_TYPE_REMOVE_GROUP_MEMBERS 19 // Kernel initiated, struct netagent_client_group_message 106 #define NETAGENT_MESSAGE_TYPE_ASSIGN_GROUP_MEMBERS 20 // Pass struct netagent_assign_nexus_message 107 #define NETAGENT_OPTION_TYPE_ADD_TOKEN 21 // Set new token bytes 108 #define NETAGENT_OPTION_TYPE_FLUSH_TOKENS 22 // Flush all tokens 109 #define NETAGENT_OPTION_TYPE_TOKEN_COUNT 23 // Get remaining token count (uint32_t) 110 #define NETAGENT_OPTION_TYPE_TOKEN_LOW_WATER 24 // Set/get token low water mark (uint32_t) 111 #define NETAGENT_MESSAGE_TYPE_TOKENS_NEEDED 25 // Kernel intiated, no content 112 #define NETAGENT_MESSAGE_TYPE_CLIENT_ERROR 26 // Kernel intiated, struct netagent_client_error_message 113 #define NETAGENT_OPTION_TYPE_RESET_CLIENT_ERROR 27 // Call to reset client error and counts 114 115 116 #define NETAGENT_MESSAGE_FLAGS_RESPONSE 0x01 // Used for acks, errors, and query responses 117 118 #define NETAGENT_MESSAGE_ERROR_NONE 0 119 #define NETAGENT_MESSAGE_ERROR_INTERNAL 1 120 #define NETAGENT_MESSAGE_ERROR_UNKNOWN_TYPE 2 121 #define NETAGENT_MESSAGE_ERROR_INVALID_DATA 3 122 #define NETAGENT_MESSAGE_ERROR_NOT_REGISTERED 4 123 #define NETAGENT_MESSAGE_ERROR_ALREADY_REGISTERED 5 124 #define NETAGENT_MESSAGE_ERROR_CANNOT_UPDATE 6 125 #define NETAGENT_MESSAGE_ERROR_CANNOT_ASSIGN 7 126 127 #define NETAGENT_DOMAINSIZE 32 128 #define NETAGENT_TYPESIZE 32 129 #define NETAGENT_DESCSIZE 128 130 131 #define NETAGENT_MAX_DATA_SIZE 4096 132 133 #define NETAGENT_MAX_TOKEN_COUNT 256 134 135 136 #define NETAGENT_FLAG_REGISTERED 0x0001 // Agent is registered 137 #define NETAGENT_FLAG_ACTIVE 0x0002 // Agent is active 138 #define NETAGENT_FLAG_KERNEL_ACTIVATED 0x0004 // Agent can be activated by kernel activity 139 #define NETAGENT_FLAG_USER_ACTIVATED 0x0008 // Agent can be activated by system call (netagent_trigger) 140 #define NETAGENT_FLAG_VOLUNTARY 0x0010 // Use of agent is optional 141 #define NETAGENT_FLAG_SPECIFIC_USE_ONLY 0x0020 // Agent should only be used and activated when specifically required 142 #define NETAGENT_FLAG_NETWORK_PROVIDER 0x0040 // Agent provides network access 143 #define NETAGENT_FLAG_NEXUS_PROVIDER 0x0080 // Agent provides a skywalk nexus 144 #define NETAGENT_FLAG_SUPPORTS_BROWSE 0x0100 // Assertions will cause agent to fill in browse endpoints 145 #define NETAGENT_FLAG_REQUIRES_ASSERT 0x0200 // Assertions are expected to be taken against this agent 146 #define NETAGENT_FLAG_NEXUS_LISTENER 0x0400 // Nexus supports listeners 147 #define NETAGENT_FLAG_UPDATE_IMMEDIATELY 0x0800 // Updates the clients without waiting for a leeway 148 #define NETAGENT_FLAG_CUSTOM_ETHER_NEXUS 0x2000 // Agent provides a custom ethertype nexus 149 #define NETAGENT_FLAG_CUSTOM_IP_NEXUS 0x4000 // Agent provides a custom IP nexus 150 #define NETAGENT_FLAG_INTERPOSE_NEXUS 0x8000 // Agent provides an interpose nexus 151 #define NETAGENT_FLAG_SUPPORTS_RESOLVE 0x10000 // Assertions will cause agent to fill in resolved endpoints 152 #define NETAGENT_FLAG_SUPPORTS_GROUPS 0x20000 // Group actions can be performed 153 154 #define NETAGENT_NEXUS_MAX_REQUEST_TYPES 16 155 #define NETAGENT_NEXUS_MAX_RESOLUTION_TYPE_PAIRS 15 156 157 #define NETAGENT_NEXUS_FRAME_TYPE_UNKNOWN 0 158 #define NETAGENT_NEXUS_FRAME_TYPE_LINK 1 159 #define NETAGENT_NEXUS_FRAME_TYPE_INTERNET 2 160 #define NETAGENT_NEXUS_FRAME_TYPE_TRANSPORT 3 161 #define NETAGENT_NEXUS_FRAME_TYPE_APPLICATION 4 162 163 #define NETAGENT_NEXUS_ENDPOINT_TYPE_ADDRESS 1 164 #define NETAGENT_NEXUS_ENDPOINT_TYPE_HOST 2 165 #define NETAGENT_NEXUS_ENDPOINT_TYPE_BONJOUR 3 166 #define NETAGENT_NEXUS_ENDPOINT_TYPE_SRV 5 167 168 #define NETAGENT_NEXUS_FLAG_SUPPORTS_USER_PACKET_POOL 0x1 169 #define NETAGENT_NEXUS_FLAG_ASSERT_UNSUPPORTED 0x2 // No calls to assert the agent are required 170 #define NETAGENT_NEXUS_FLAG_SHOULD_USE_EVENT_RING 0x4 // indicates that nexus agent should use event rings 171 172 struct netagent_nexus { 173 u_int32_t frame_type; 174 u_int32_t endpoint_assignment_type; 175 u_int32_t endpoint_request_types[NETAGENT_NEXUS_MAX_REQUEST_TYPES]; 176 u_int32_t endpoint_resolution_type_pairs[NETAGENT_NEXUS_MAX_RESOLUTION_TYPE_PAIRS * 2]; 177 u_int32_t nexus_max_buf_size; 178 u_int32_t reserved; 179 u_int32_t nexus_flags; 180 }; 181 182 #define NETAGENT_NEXUS_HAS_MAX_BUF_SIZE 1 // struct netagent_nexus includes nexus_max_buf_size 183 184 #define NETAGENT_TRIGGER_FLAG_USER 0x0001 // Userspace triggered agent 185 #define NETAGENT_TRIGGER_FLAG_KERNEL 0x0002 // Kernel triggered agent 186 187 struct kev_netagent_data { 188 uuid_t netagent_uuid; 189 }; 190 191 // To be used with kernel control socket 192 struct netagent { 193 uuid_t netagent_uuid; 194 char netagent_domain[NETAGENT_DOMAINSIZE]; 195 char netagent_type[NETAGENT_TYPESIZE]; 196 char netagent_desc[NETAGENT_DESCSIZE]; 197 u_int32_t netagent_flags; 198 u_int32_t netagent_data_size; 199 u_int8_t netagent_data[0]; 200 }; 201 202 // To be used with SIOCGAGENTDATA 203 struct netagent_req { 204 uuid_t netagent_uuid; 205 char netagent_domain[NETAGENT_DOMAINSIZE]; 206 char netagent_type[NETAGENT_TYPESIZE]; 207 char netagent_desc[NETAGENT_DESCSIZE]; 208 u_int32_t netagent_flags; 209 u_int32_t netagent_data_size; 210 u_int8_t *netagent_data; 211 }; 212 213 // To be used with SIOCGAGENTLIST 214 struct netagentlist_req { 215 u_int32_t data_size; 216 u_int8_t *data; 217 }; 218 #ifdef BSD_KERNEL_PRIVATE 219 int netagent_ioctl(u_long cmd, caddr_t __sized_by(IOCPARM_LEN(cmd)) data); 220 221 struct netagent_req32 { 222 uuid_t netagent_uuid; 223 char netagent_domain[NETAGENT_DOMAINSIZE]; 224 char netagent_type[NETAGENT_TYPESIZE]; 225 char netagent_desc[NETAGENT_DESCSIZE]; 226 u_int32_t netagent_flags; 227 u_int32_t netagent_data_size; 228 user32_addr_t netagent_data; 229 }; 230 struct netagent_req64 { 231 uuid_t netagent_uuid; 232 char netagent_domain[NETAGENT_DOMAINSIZE]; 233 char netagent_type[NETAGENT_TYPESIZE]; 234 char netagent_desc[NETAGENT_DESCSIZE]; 235 u_int32_t netagent_flags; 236 u_int32_t netagent_data_size; 237 user64_addr_t netagent_data __attribute__((aligned(8))); 238 }; 239 struct netagentlist_req32 { 240 u_int32_t data_size; 241 user32_addr_t data; 242 }; 243 struct netagentlist_req64 { 244 u_int32_t data_size; 245 user64_addr_t data __attribute__((aligned(8))); 246 }; 247 248 struct necp_client_agent_parameters; 249 250 // Kernel accessors 251 extern void netagent_post_updated_interfaces(uuid_t uuid); // To be called from interface ioctls 252 253 extern u_int32_t netagent_get_flags(uuid_t uuid); 254 255 extern errno_t netagent_set_flags(uuid_t uuid, u_int32_t flags); 256 257 extern u_int32_t netagent_get_generation(uuid_t uuid); 258 259 extern bool netagent_get_agent_domain_and_type(uuid_t uuid, char *domain __sized_by(NETAGENT_DOMAINSIZE), char *type __sized_by(NETAGENT_TYPESIZE)); 260 261 extern int netagent_kernel_trigger(uuid_t uuid); 262 263 extern int netagent_client_message(uuid_t agent_uuid, uuid_t necp_client_uuid, pid_t pid, void *handle, u_int8_t message_type); 264 265 extern int netagent_client_message_with_params(uuid_t agent_uuid, 266 uuid_t necp_client_uuid, 267 pid_t pid, 268 void *handle, 269 u_int8_t message_type, 270 struct necp_client_agent_parameters *parameters, 271 void * __sized_by(*assigned_results_length) * assigned_results, 272 size_t *assigned_results_length); 273 274 extern int netagent_copyout(uuid_t uuid, user_addr_t user_addr, u_int32_t user_size); 275 276 extern int netagent_acquire_token(uuid_t uuid, user_addr_t user_addr, u_int32_t user_size, int *retval); 277 278 279 // Kernel agent management 280 281 typedef void * netagent_session_t; 282 283 struct netagent_nexus_agent { 284 struct netagent agent; 285 struct netagent_nexus nexus_data; 286 }; 287 288 #define NETAGENT_EVENT_TRIGGER NETAGENT_MESSAGE_TYPE_CLIENT_TRIGGER 289 #define NETAGENT_EVENT_ASSERT NETAGENT_MESSAGE_TYPE_CLIENT_ASSERT 290 #define NETAGENT_EVENT_UNASSERT NETAGENT_MESSAGE_TYPE_CLIENT_UNASSERT 291 #define NETAGENT_EVENT_NEXUS_FLOW_INSERT NETAGENT_MESSAGE_TYPE_REQUEST_NEXUS 292 #define NETAGENT_EVENT_NEXUS_FLOW_REMOVE NETAGENT_MESSAGE_TYPE_CLOSE_NEXUS 293 #define NETAGENT_EVENT_NEXUS_FLOW_ABORT NETAGENT_MESSAGE_TYPE_ABORT_NEXUS 294 295 typedef errno_t (*netagent_event_f)(u_int8_t event, uuid_t necp_client_uuid, pid_t pid, void *necp_handle, void *context, struct necp_client_agent_parameters *parameters, void * __sized_by (*assigned_results_length) *assigned_results, size_t *assigned_results_length); 296 297 extern netagent_session_t netagent_create(netagent_event_f event_handler, void *handle); 298 299 extern void netagent_destroy(netagent_session_t session); 300 301 extern errno_t netagent_register(netagent_session_t session, struct netagent *agent); 302 303 extern errno_t netagent_update(netagent_session_t session, struct netagent *agent); 304 305 extern errno_t netagent_unregister(netagent_session_t session); 306 307 extern errno_t netagent_assign_nexus(netagent_session_t _session, 308 uuid_t necp_client_uuid, 309 void *assign_message __sized_by(assigned_results_length), 310 size_t assigned_results_length); // Length of assigned_results_length 311 312 extern errno_t netagent_update_flow_protoctl_event(netagent_session_t _session, 313 uuid_t client_id, 314 uint32_t protoctl_event_code, 315 uint32_t protoctl_event_val, 316 uint32_t protoctl_event_tcp_seq_number); 317 318 extern int netagent_use(uuid_t agent_uuid, uint64_t *out_use_count); 319 320 #endif /* BSD_KERNEL_PRIVATE */ 321 322 #ifndef KERNEL 323 extern int netagent_trigger(uuid_t agent_uuid, size_t agent_uuidlen); 324 #endif /* !KERNEL */ 325 326 #endif /* PRIVATE */ 327 328 #endif /* _NETAGENT_H_ */ 329