-/* $OpenBSD: control.c,v 1.1 2016/07/19 16:54:26 reyk Exp $ */
+/* $OpenBSD: control.c,v 1.2 2016/07/20 21:01:06 reyk Exp $ */
/*
* Copyright (c) 2010-2016 Reyk Floeter <reyk@openbsd.org>
void control_close(int, struct control_sock *);
void control_dispatch_imsg(int, short, void *);
void control_imsg_forward(struct imsg *);
+void control_run(struct privsep *, struct privsep_proc *, void *);
+
+int control_dispatch_ofp(int, struct privsep_proc *, struct imsg *);
+
+static struct privsep_proc procs[] = {
+ { "ofp", PROC_OFP, control_dispatch_ofp },
+ { "parent", PROC_PARENT, NULL },
+ { "ofcconn", PROC_OFCCONN, NULL }
+};
+
+pid_t
+control(struct privsep *ps, struct privsep_proc *p)
+{
+ return (proc_run(ps, p, procs, nitems(procs), control_run, NULL));
+}
+
+void
+control_run(struct privsep *ps, struct privsep_proc *p, void *arg)
+{
+ /*
+ * pledge in the control process:
+ * stdio - for malloc and basic I/O including events.
+ * cpath - for managing the control socket.
+ * unix - for the control socket.
+ */
+ if (pledge("stdio cpath unix", NULL) == -1)
+ fatal("pledge");
+}
+
+int
+control_dispatch_ofp(int fd, struct privsep_proc *p, struct imsg *imsg)
+{
+ int cfd;
+ struct ctl_conn *c;
+ uint8_t *d = imsg->data;
+ size_t s;
+
+ switch (imsg->hdr.type) {
+ case IMSG_CTL_SWITCH:
+ case IMSG_CTL_MAC:
+ IMSG_SIZE_CHECK(imsg, &cfd);
+ memcpy(&cfd, d, sizeof(cfd));
+
+ if ((c = control_connbyfd(cfd)) == NULL)
+ fatalx("invalid control connection");
+
+ s = IMSG_DATA_SIZE(imsg) - sizeof(cfd);
+ d += sizeof(cfd);
+ imsg_compose_event(&c->iev, imsg->hdr.type, 0, 0, -1, d, s);
+ return (0);
+ case IMSG_CTL_END:
+ IMSG_SIZE_CHECK(imsg, &cfd);
+ memcpy(&cfd, d, sizeof(cfd));
+
+ if ((c = control_connbyfd(cfd)) == NULL)
+ fatalx("invalid control connection");
+
+ imsg_compose_event(&c->iev, IMSG_CTL_END, 0, 0, -1, NULL, 0);
+ return (0);
+
+ default:
+ break;
+ }
+
+ return (-1);
+}
int
control_init(struct privsep *ps, struct control_sock *cs)
0, imsg->hdr.pid, -1, imsg->data,
imsg->hdr.len - IMSG_HEADER_SIZE);
}
-
-int control_dispatch_ofp(int, struct privsep_proc *, struct imsg *);
-
-static struct privsep_proc procs[] = {
- { "ofp", PROC_OFP, control_dispatch_ofp },
- { "parent", PROC_PARENT, NULL },
- { "ofcconn", PROC_OFCCONN, NULL }
-};
-
-pid_t
-control(struct privsep *ps, struct privsep_proc *p)
-{
- return (proc_run(ps, p, procs, nitems(procs), NULL, NULL));
-}
-
-int
-control_dispatch_ofp(int fd, struct privsep_proc *p, struct imsg *imsg)
-{
- int cfd;
- struct ctl_conn *c;
- uint8_t *d = imsg->data;
- size_t s;
-
- switch (imsg->hdr.type) {
- case IMSG_CTL_SWITCH:
- case IMSG_CTL_MAC:
- IMSG_SIZE_CHECK(imsg, &cfd);
- memcpy(&cfd, d, sizeof(cfd));
-
- if ((c = control_connbyfd(cfd)) == NULL)
- fatalx("invalid control connection");
-
- s = IMSG_DATA_SIZE(imsg) - sizeof(cfd);
- d += sizeof(cfd);
- imsg_compose_event(&c->iev, imsg->hdr.type, 0, 0, -1, d, s);
- return (0);
- case IMSG_CTL_END:
- IMSG_SIZE_CHECK(imsg, &cfd);
- memcpy(&cfd, d, sizeof(cfd));
-
- if ((c = control_connbyfd(cfd)) == NULL)
- fatalx("invalid control connection");
-
- imsg_compose_event(&c->iev, IMSG_CTL_END, 0, 0, -1, NULL, 0);
- return (0);
-
- default:
- break;
- }
-
- return (-1);
-}
-/* $OpenBSD: ofcconn.c,v 1.4 2016/07/19 18:11:08 reyk Exp $ */
+/* $OpenBSD: ofcconn.c,v 1.5 2016/07/20 21:01:06 reyk Exp $ */
/*
* Copyright (c) 2016 YASUOKA Masahiko <yasuoka@openbsd.org>
void ofcconn_free(struct ofcconn *);
void ofcconn_shutdown_all(void);
int ofcconn_send_hello(struct ofcconn *);
+void ofccon_run(struct privsep *, struct privsep_proc *, void *);
pid_t
-ofcconn_proc_init(struct privsep *ps, struct privsep_proc *p)
+ofcconn(struct privsep *ps, struct privsep_proc *p)
{
- p->p_shutdown = ofcconn_proc_shutdown;
- return (proc_run(ps, p, procs, nitems(procs), NULL, NULL));
+ p->p_shutdown = ofcconn_shutdown;
+ return (proc_run(ps, p, procs, nitems(procs), ofccon_run, NULL));
}
void
-ofcconn_proc_shutdown(void)
+ofccon_run(struct privsep *ps, struct privsep_proc *p, void *arg)
+{
+ /*
+ * pledge in the control process:
+ * stdio - for malloc and basic I/O including events.
+ * inet - for socket operations and OpenFlow connections.
+ * recvfd - for receiving new sockets on reload.
+ */
+ if (pledge("stdio inet recvfd", NULL) == -1)
+ fatal("pledge");
+}
+
+void
+ofcconn_shutdown(void)
{
struct ofcconn *e, *t;
-/* $OpenBSD: ofp.c,v 1.3 2016/07/20 14:15:08 reyk Exp $ */
+/* $OpenBSD: ofp.c,v 1.4 2016/07/20 21:01:06 reyk Exp $ */
/*
* Copyright (c) 2013-2016 Reyk Floeter <reyk@openbsd.org>
int ofp_dispatch_control(int, struct privsep_proc *, struct imsg *);
int ofp_dispatch_parent(int, struct privsep_proc *, struct imsg *);
-void ofp_init(struct privsep *, struct privsep_proc *, void *);
+void ofp_run(struct privsep *, struct privsep_proc *, void *);
int ofp_add_device(struct switchd *, int, const char *);
static unsigned int id = 0;
&srv->srv_addr)) == -1)
fatal("listen");
- pid = proc_run(ps, p, procs, nitems(procs), ofp_init, NULL);
+ pid = proc_run(ps, p, procs, nitems(procs), ofp_run, NULL);
close(srv->srv_fd);
close(sc->sc_tap);
}
void
-ofp_init(struct privsep *ps, struct privsep_proc *p, void *arg)
+ofp_run(struct privsep *ps, struct privsep_proc *p, void *arg)
{
struct switchd *sc = ps->ps_env;
struct switch_server *srv = &sc->sc_server;
+ /*
+ * pledge in the control process:
+ * stdio - for malloc and basic I/O including events.
+ * inet - for handling tcp connections with OpenFlow peers.
+ * recvfd - for receiving new sockets on reload.
+ */
+ if (pledge("stdio inet recvfd", NULL) == -1)
+ fatal("pledge");
+
event_set(&srv->srv_ev, srv->srv_fd, EV_READ, ofp_accept, srv);
event_add(&srv->srv_ev, NULL);
}
-/* $OpenBSD: switchd.c,v 1.4 2016/07/20 11:43:31 jsg Exp $ */
+/* $OpenBSD: switchd.c,v 1.5 2016/07/20 21:01:06 reyk Exp $ */
/*
* Copyright (c) 2013-2016 Reyk Floeter <reyk@openbsd.org>
static struct privsep_proc procs[] = {
{ "ofp", PROC_OFP, NULL, ofp },
{ "control", PROC_CONTROL, parent_dispatch_control, control },
- { "ofcconn", PROC_OFCCONN, NULL, ofcconn_proc_init }
+ { "ofcconn", PROC_OFCCONN, NULL, ofcconn }
};
__dead void
ps->ps_ninstances = 1;
proc_init(ps, procs, nitems(procs));
+ log_procinit("parent");
- setproctitle("parent");
+ /*
+ * pledge in the parent process:
+ * stdio - for malloc and basic I/O including events.
+ * rpath - for reload to open and read the configuration files.
+ * inet - for opening OpenFlow and device sockets.
+ * dns - for resolving host in the configuration files.
+ * sendfd - send sockets to child processes on reload.
+ */
+ if (pledge("stdio rpath inet dns proc sendfd", NULL) == -1)
+ fatal("pledge");
event_init();
-/* $OpenBSD: switchd.h,v 1.4 2016/07/20 20:07:02 reyk Exp $ */
+/* $OpenBSD: switchd.h,v 1.5 2016/07/20 21:01:06 reyk Exp $ */
/*
* Copyright (c) 2013-2016 Reyk Floeter <reyk@openbsd.org>
struct ofp_header *, struct ibuf *);
/* ofcconn.c */
-pid_t ofcconn_proc_init(struct privsep *, struct privsep_proc *);
-void ofcconn_proc_shutdown(void);
+pid_t ofcconn(struct privsep *, struct privsep_proc *);
+void ofcconn_shutdown(void);
/* imsg_util.c */
struct ibuf *ibuf_new(void *, size_t);
projects / openbsd / commitdiff