[src/trunk]: src G/C npf_ncode(9)

To: source-changes-hg%NetBSD.org@localhost
Subject: [src/trunk]: src G/C npf_ncode(9)
From: rmind <rmind%NetBSD.org@localhost>
Date: Tue, 07 Apr 2020 01:18:24 +0000
details:   https://anonhg.NetBSD.org/src/rev/ef1fc8856fcb
branches:  trunk
changeset: 790113:ef1fc8856fcb
user:      rmind <rmind%NetBSD.org@localhost>
date:      Thu Sep 19 17:29:06 2013 +0000

description:
G/C npf_ncode(9)

diffstat:

 distrib/sets/lists/comp/mi |    8 +-
 lib/libnpf/npf.3           |    8 +-
 share/man/man9/Makefile    |    4 +-
 share/man/man9/npf_ncode.9 |  290 ---------------------------------------------
 4 files changed, 10 insertions(+), 300 deletions(-)

diffs (truncated from 377 to 300 lines):

diff -r f7775cd42f42 -r ef1fc8856fcb distrib/sets/lists/comp/mi
--- a/distrib/sets/lists/comp/mi        Thu Sep 19 16:16:03 2013 +0000
+++ b/distrib/sets/lists/comp/mi        Thu Sep 19 17:29:06 2013 +0000
@@ -1,4 +1,4 @@
-#      $NetBSD: mi,v 1.1837 2013/09/19 01:49:07 rmind Exp $
+#      $NetBSD: mi,v 1.1838 2013/09/19 17:29:06 rmind Exp $
 #
 # Note: don't delete entries from here - mark them as "obsolete" instead.
 #
@@ -9567,7 +9567,7 @@
 ./usr/share/man/cat9/nanouptime.0              comp-sys-catman         .cat
 ./usr/share/man/cat9/need_resched.0            comp-obsolete           obsolete
 ./usr/share/man/cat9/nextrunqueue.0            comp-obsolete           obsolete
-./usr/share/man/cat9/npf_ncode.0               comp-sys-catman         .cat
+./usr/share/man/cat9/npf_ncode.0               comp-obsolete           obsolete
 ./usr/share/man/cat9/nullop.0                  comp-sys-catman         .cat
 ./usr/share/man/cat9/old_sysctl.0              comp-sys-catman         .cat
 ./usr/share/man/cat9/opencrypto.0              comp-sys-catman         .cat
@@ -15985,7 +15985,7 @@
 ./usr/share/man/html9/namei.html               comp-sys-htmlman        html
 ./usr/share/man/html9/nanotime.html            comp-sys-htmlman        html
 ./usr/share/man/html9/nanouptime.html          comp-sys-htmlman        html
-./usr/share/man/html9/npf_ncode.html           comp-sys-htmlman        html
+./usr/share/man/html9/npf_ncode.html           comp-obsolete           obsolete
 ./usr/share/man/html9/nullop.html              comp-sys-htmlman        html
 ./usr/share/man/html9/old_sysctl.html          comp-sys-htmlman        html
 ./usr/share/man/html9/opencrypto.html          comp-sys-htmlman        html
@@ -22568,7 +22568,7 @@
 ./usr/share/man/man9/nanouptime.9              comp-sys-man            .man
 ./usr/share/man/man9/need_resched.9            comp-obsolete           obsolete
 ./usr/share/man/man9/nextrunqueue.9            comp-obsolete           obsolete
-./usr/share/man/man9/npf_ncode.9               comp-sys-man            .man
+./usr/share/man/man9/npf_ncode.9               comp-obsolete           obsolete
 ./usr/share/man/man9/nullop.9                  comp-sys-man            .man
 ./usr/share/man/man9/old_sysctl.9              comp-sys-man            .man
 ./usr/share/man/man9/opencrypto.9              comp-sys-man            .man
diff -r f7775cd42f42 -r ef1fc8856fcb lib/libnpf/npf.3
--- a/lib/libnpf/npf.3  Thu Sep 19 16:16:03 2013 +0000
+++ b/lib/libnpf/npf.3  Thu Sep 19 17:29:06 2013 +0000
@@ -1,4 +1,4 @@
-.\"    $NetBSD: npf.3,v 1.8 2013/02/09 03:35:33 rmind Exp $
+.\"    $NetBSD: npf.3,v 1.9 2013/09/19 17:29:06 rmind Exp $
 .\"
 .\" Copyright (c) 2011-2013 The NetBSD Foundation, Inc.
 .\" All rights reserved.
@@ -27,7 +27,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
 .\" POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd January 5, 2013
+.Dd September 19, 2013
 .Dt NPF 3
 .Os
 .Sh NAME
@@ -307,8 +307,8 @@
 .El
 .\" -----
 .Sh SEE ALSO
-.Xr npfctl 8 ,
-.Xr npf_ncode 9
+.Xr bpf 4 ,
+.Xr npfctl 8
 .Sh HISTORY
 The NPF library first appeared in
 .Nx 6.0 .
diff -r f7775cd42f42 -r ef1fc8856fcb share/man/man9/Makefile
--- a/share/man/man9/Makefile   Thu Sep 19 16:16:03 2013 +0000
+++ b/share/man/man9/Makefile   Thu Sep 19 17:29:06 2013 +0000
@@ -1,4 +1,4 @@
-#       $NetBSD: Makefile,v 1.373 2013/08/06 22:33:59 soren Exp $
+#       $NetBSD: Makefile,v 1.374 2013/09/19 17:29:06 rmind Exp $
 
 #      Makefile for section 9 (kernel function and variable) manual pages.
 
@@ -36,7 +36,7 @@
        memmove.9 memset.9 \
        microseq.9 microtime.9 microuptime.9 mi_switch.9 module.9 \
        mstohz.9 mutex.9 m_tag.9 namecache.9 \
-       namei.9 npf_ncode.9 nullop.9 opencrypto.9 optstr.9 \
+       namei.9 nullop.9 opencrypto.9 optstr.9 \
        panic.9 pathbuf.9 pci.9 pci_configure_bus.9 pci_intr.9 pckbport.9 \
        pcmcia.9 pcq.9 pcu.9 percpu.9 pfil.9 physio.9 pmap.9 pmatch.9 \
        pmc.9 pmf.9 pool.9 pool_cache.9 powerhook_establish.9 ppi.9 \
diff -r f7775cd42f42 -r ef1fc8856fcb share/man/man9/npf_ncode.9
--- a/share/man/man9/npf_ncode.9        Thu Sep 19 16:16:03 2013 +0000
+++ /dev/null   Thu Jan 01 00:00:00 1970 +0000
@@ -1,290 +0,0 @@
-.\"    $NetBSD: npf_ncode.9,v 1.9 2012/07/01 23:21:06 rmind Exp $
-.\"
-.\" Copyright (c) 2009-2012 The NetBSD Foundation, Inc.
-.\" All rights reserved.
-.\"
-.\" This material is based upon work partially supported by The
-.\" NetBSD Foundation under a contract with Mindaugas Rasiukevicius.
-.\"
-.\" Redistribution and use in source and binary forms, with or without
-.\" modification, are permitted provided that the following conditions
-.\" are met:
-.\" 1. Redistributions of source code must retain the above copyright
-.\"    notice, this list of conditions and the following disclaimer.
-.\" 2. Redistributions in binary form must reproduce the above copyright
-.\"    notice, this list of conditions and the following disclaimer in the
-.\"    documentation and/or other materials provided with the distribution.
-.\"
-.\" THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
-.\" ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
-.\" TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
-.\" PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
-.\" BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
-.\" CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
-.\" SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-.\" INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
-.\" CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-.\" POSSIBILITY OF SUCH DAMAGE.
-.\"
-.Dd July 1, 2012
-.Dt NPF_NCODE 9
-.Os
-.Sh NAME
-.Nm npf_ncode
-.Nd NPF n-code processor
-.Sh SYNOPSIS
-.In net/npf_ncode.h
-.Ft int
-.Fn npf_ncode_process \
-"npf_cache_t *npc" "const void *ncode" "nbuf_t *nbuf" "int layer"
-.Ft int
-.Fn npf_ncode_validate "const void *ncode" "size_t sz" "int *errat"
-.\" -----
-.Sh DESCRIPTION
-The NPF n-code processor is a general purpose engine to inspect network
-packets, which are abstracted as chained buffers.
-.Sh FUNCTIONS
-.Fn npf_ncode_process
-performs n-code processing using data of the specified packet.
-.Fa ncode
-is the address to a validated n-code memory block.
-N-code memory addresses should be 32-bit word aligned.
-.Fa nbuf
-is an opaque network buffer on which the n-code processor will operate.
-.Fa layer
-specifies at which network layer the buffer is passed, it can be either
-.Dv NPF_LAYER_L2
-or
-.Dv NPF_LAYER_L3 .
-This value is initially set in the R0 register and can be checked
-by the n-code.
-The contents of other registers are unspecified.
-.Pp
-.Fn npf_ncode_process
-returns a value from the n-code.
-.Pp
-.Fn npf_ncode_validate
-performs n-code validation.
-.Fa ncode
-is the address to an n-code memory block.
-.Fa sz
-is the size of the memory block.
-.Fa errat
-is the word number in the n-code where the error is detected.
-If no error is found, this value is undefined.
-.Pp
-On successful validation, the
-.Fn npf_ncode_validate
-function returns 0.
-Otherwise, it may return one of the following error codes:
-.Bl -tag -width [NPF_ERR_OPCODE]
-.It Bq Er NPF_ERR_OPCODE
-Invalid instruction (unknown opcode).
-.It Bq Er NPF_ERR_JUMP
-Invalid jump, e.g. not to the instruction or out of range.
-.It Bq Er NPF_ERR_REG
-Invalid register, i.e. incorrect index number.
-.It Bq Er NPF_ERR_INVAL
-Invalid argument value.
-.It Bq Er NPF_ERR_RANGE
-Processing out of range, e.g. missing return path.
-.El
-.Pp
-Any untrusted n-code, for example generated by userspace, should be
-validated (once) before allowing to process it.
-.\" -----
-.Sh PROCESSING
-There are two instruction sets: RISC-like and CISC-like.
-Processing is done in words, therefore both instructions (their codes) and
-arguments are always 32-bit long words.
-.Pp
-There are four general purpose registers: R0, R1, R2, R3.
-Each can store 32-bit long words.
-Registers are mainly to store values for operations using RISC-like
-instructions.
-CISC-like instructions, however, use them to store return values.
-.Pp
-Processing begins from the first word until it reaches an
-.Dv NPF_OPCODE_RET
-instruction with a return value.
-The instruction pointer can be changed using jump operations, which always
-take relative addresses, in words.
-The result of last comparison is tracked internally and jump
-operations should be performed immediately after comparison or
-certain CISC-like instructions.
-.Pp
-CISC-like instructions and
-.Dv NPF_OPCODE_LOAD
-can be used to load data from network buffers.
-They operate at the current network buffer offset, which is initially at
-the beginning of the network buffer.
-The
-.Dv NPF_OPCODE_ADVR
-instruction can be used to advance the current network buffer offset.
-.\" -----
-.Sh CACHING
-Various packet data is cached during execution of CISC-like instructions
-and further instruction calls may retrieve information from the cache.
-If n-code changes the packet data, information in the cache might no
-longer reflect the changes.
-In such case, it is n-code's responsibility to invalidate the cache
-(if necessary) by executing the
-.Dv NPF_OPCODE_INVL
-instruction.
-.\" -----
-.Sh INSTRUCTIONS
-Return, advance, jump, and tag operations.
-.Bl -tag -width indent
-.It Sy 0x00 NPF_OPCODE_RET <return value>
-Finish processing and return passed value.
-.It Sy 0x01 NPF_OPCODE_ADVR <register>
-Advance current network buffer offset by a value,
-passed in the specified register.
-Value represents bytes and cannot be negative or zero.
-.It Sy 0x02 NPF_OPCODE_J <relative address>
-Jump processor to a relative address (from this instruction).
-The address value is the amount of words forwards or backwards.
-It can point only to a valid instruction, at valid boundaries.
-.It Sy 0x03 NPF_OPCODE_INVL
-Invalidate all data in the packet cache.
-.It Sy 0x04 NPF_OPCODE_TAG <key> <value>
-Add a tag with specified key and value to the primary network buffer (nbuf).
-.El
-.Pp
-.\" ---
-Set and load operations.
-.Bl -tag -width indent
-.It Sy 0x10 NPF_OPCODE_MOVE <value>, <register>
-Set the specified value to a register.
-.It Sy 0x11 NPF_OPCODE_LW <length>, <register>
-Load specified length of packet data into the register.
-The data is read starting from the current network buffer offset.
-The operation does not advance the offset after read, however.
-The value of
-.Fa length
-represents bytes and must be in the range from 1 to 4.
-Returned data is in network byte order.
-.El
-.Pp
-.\" ---
-Compare and jump operations.
-.Bl -tag -width indent
-.It Sy 0x21 NPF_OPCODE_CMP <value>, <register>
-Compare the specified value and value in a register.
-The result is stored internally and can be tested by jump instructions.
-.It Sy 0x22 NPF_OPCODE_CMPR <register>, <register>
-Compare values of two registers.
-The result is stored internally and can be tested by jump instructions.
-.It Sy 0x23 NPF_OPCODE_BEQ <relative address>
-Jump if the result of the last comparison was "equal".
-Otherwise, continue processing with the next instruction.
-.It Sy 0x24 NPF_OPCODE_BNE <relative address>
-Jump if the result of last comparison was "not equal".
-Otherwise, continue processing with the next instruction.
-.It Sy 0x25 NPF_OPCODE_BGT <relative address>
-Jump if the result of last comparison was "greater than".
-Otherwise, continue processing with the next instruction.
-.It Sy 0x26 NPF_OPCODE_BLT <relative address>
-Jump if the result of last comparison was "less than".
-Otherwise, continue processing with the next instruction.
-.El
-.Pp
-.\" ---
-.\" Arithmetic operations.
-.\" .Bl -tag -width indent
-.\" .It Sy 0x30 NPF_OPCODE_ADD
-.\" .It Sy 0x31 NPF_OPCODE_SUB
-.\" .It Sy 0x32 NPF_OPCODE_MULT
-.\" .It Sy 0x33 NPF_OPCODE_DIV
-.\" .El
-.\" .Pp
-.\" ---
-Bitwise operations.
-.Bl -tag -width indent
-.\" .It Sy 0x40 NPF_OPCODE_NOT
-.It Sy 0x41 NPF_OPCODE_AND <value>, <register>
-Perform bitwise
-.Dv AND
-with a specified value and the value in the register.
-The result is stored in the register.
-.\" .It Sy 0x42 NPF_OPCODE_OR
-.\" .It Sy 0x43 NPF_OPCODE_XOR
-.\" .It Sy 0x44 NPF_OPCODE_SLL
Prev by Date: [src/trunk]: src/sys/rump Pull in all of sys/dev (i.e. don't skip pci/ and mi...
Next by Date: [src/trunk]: src/sys exec modules need to be of the exec kind
Previous by Thread: [src/trunk]: src/sys/rump Pull in all of sys/dev (i.e. don't skip pci/ and mi...
Next by Thread: [src/trunk]: src/sys exec modules need to be of the exec kind
Indexes:
Home | Main Index | Thread Index | Old Index