-
Notifications
You must be signed in to change notification settings - Fork 2.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Silabs] MDNS and matter packet filter on WiFi Devices #34335
Open
chirag-silabs
wants to merge
15
commits into
project-chip:master
Choose a base branch
from
rosahay-silabs:bugfix/mdns_filter_matter_layer
base: master
Could not load branches
Branch not found: {{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
+234
−0
Open
Changes from all commits
Commits
Show all changes
15 commits
Select commit
Hold shift + click to select a range
402103a
adding the Queue filter to filter non matter mdns packets
chirag-silabs 8435817
renaming and fixing the mdns filter
chirag-silabs 3c1b281
adding the icd condition on the filter
chirag-silabs f822576
Restyled by clang-format
restyled-commits 40e42b5
refactoring the code and addressing review comments
chirag-silabs 100e570
Addressing review comments
chirag-silabs 305287f
removing the commented code
chirag-silabs a19a69b
restyling the PR
chirag-silabs a24ab0f
addressing review comments and fixing the build
chirag-silabs 60fe92a
fixing the build
chirag-silabs 68fade8
fixing the build issue
chirag-silabs ae37555
changing charspan to span<unsigned char> and addressing review comments
chirag-silabs a99409b
restyling the PR
chirag-silabs f237fde
address review comments
chirag-silabs 8cde8fd
restyling the PR
chirag-silabs File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,121 @@ | ||
#include "EndpointQueueFilter.h" | ||
#include <algorithm> | ||
#include <cctype> | ||
#include <lib/core/CHIPSafeCasts.h> | ||
#include <string.h> | ||
#include <support/CodeUtils.h> | ||
#include <support/logging/CHIPLogging.h> | ||
|
||
using namespace ::chip; | ||
|
||
namespace chip { | ||
namespace Inet { | ||
|
||
using FilterOutcome = EndpointQueueFilter::FilterOutcome; | ||
|
||
namespace { | ||
|
||
bool IsValidMdnsHostName(const Span<const unsigned char> & hostName) | ||
{ | ||
for (size_t i = 0; i < hostName.size(); ++i) | ||
{ | ||
char ch_data = *(hostName.data()); | ||
if (!((ch_data >= '0' && ch_data <= '9') || (ch_data >= 'A' && ch_data <= 'F') || (ch_data >= 'a' && ch_data <= 'f'))) | ||
{ | ||
return false; | ||
} | ||
} | ||
return true; | ||
} | ||
|
||
bool IsMdnsBroadcastPacket(const IPPacketInfo & pktInfo, const System::PacketBufferHandle & pktPayload) | ||
{ | ||
// if the packet is not a broadcast packet to mDNS port, drop it. | ||
VerifyOrReturnValue(pktInfo.DestPort == 5353, false); | ||
#if INET_CONFIG_ENABLE_IPV4 | ||
ip_addr_t mdnsIPv4BroadcastAddr = IPADDR4_INIT_BYTES(224, 0, 0, 251); | ||
if (pktInfo.DestAddress == Inet::IPAddress(mdnsIPv4BroadcastAddr)) | ||
{ | ||
return true; | ||
} | ||
#endif | ||
ip_addr_t mdnsIPv6BroadcastAddr = IPADDR6_INIT_HOST(0xFF020000, 0, 0, 0xFB); | ||
if (pktInfo.DestAddress == Inet::IPAddress(mdnsIPv6BroadcastAddr)) | ||
{ | ||
return true; | ||
} | ||
return false; | ||
} | ||
|
||
bool PayloadContainsCaseInsensitive(const System::PacketBufferHandle & payload, const Span<const unsigned char> & pattern) | ||
{ | ||
if (payload->TotalLength() == 0 || pattern.size() == 0) | ||
{ | ||
return false; | ||
} | ||
|
||
if (payload->HasChainedBuffer() || payload->TotalLength() < pattern.size()) | ||
{ | ||
return false; | ||
} | ||
|
||
Span<const unsigned char> payloadView(payload->Start(), payload->TotalLength()); | ||
|
||
auto toLower = [](unsigned char c) { return std::tolower(c); }; | ||
|
||
auto it = std::search(payloadView.begin(), payloadView.end(), pattern.begin(), pattern.end(), | ||
[&](unsigned char a, unsigned char b) { return toLower(a) == toLower(b); }); | ||
|
||
return (it != payloadView.end()); | ||
} | ||
|
||
} // namespace | ||
|
||
FilterOutcome HostNameFilter::Filter(const void * endpoint, const IPPacketInfo & pktInfo, | ||
const System::PacketBufferHandle & pktPayload) | ||
{ | ||
// Drop the mDNS packets which don't contain 'matter' or '<device-hostname>'. | ||
const unsigned char matterBytes[] = { 'm', 'a', 't', 't', 'e', 'r' }; | ||
if (PayloadContainsCaseInsensitive(pktPayload, Span<const unsigned char>(matterBytes)) || | ||
PayloadContainsCaseInsensitive(pktPayload, Span<const unsigned char>(mHostName))) | ||
{ | ||
return FilterOutcome::kAllowPacket; | ||
} | ||
return FilterOutcome::kDropPacket; | ||
} | ||
|
||
CHIP_ERROR HostNameFilter::SetHostName(Span<const unsigned char> & hostName) | ||
{ | ||
VerifyOrReturnError(IsValidMdnsHostName(hostName), CHIP_ERROR_INVALID_ARGUMENT); | ||
memcpy(mHostName, hostName.data(), hostName.size()); | ||
return CHIP_NO_ERROR; | ||
} | ||
|
||
namespace SilabsEndpointQueueFilter { | ||
|
||
EndpointQueueFilter::EndpointQueueFilter() : mTooManyFilter(mConfig.allowedQueuedPackets) {} | ||
|
||
EndpointQueueFilter::EndpointQueueFilter(size_t maxAllowedQueuedPackets) : mTooManyFilter(maxAllowedQueuedPackets) {} | ||
|
||
FilterOutcome EndpointQueueFilter::FilterBeforeEnqueue(const void * endpoint, const IPPacketInfo & pktInfo, | ||
const System::PacketBufferHandle & pktPayload) | ||
{ | ||
VerifyOrReturnError(FilterOutcome::kAllowPacket == mTooManyFilter.FilterBeforeEnqueue(endpoint, pktInfo, pktPayload), | ||
FilterOutcome::kDropPacket); | ||
|
||
if (!IsMdnsBroadcastPacket(pktInfo, pktPayload)) | ||
{ | ||
return FilterOutcome::kAllowPacket; | ||
} | ||
return mHostNameFilter.Filter(endpoint, pktInfo, pktPayload); | ||
} | ||
|
||
FilterOutcome EndpointQueueFilter::FilterAfterDequeue(const void * endpoint, const IPPacketInfo & pktInfo, | ||
const System::PacketBufferHandle & pktPayload) | ||
{ | ||
return mTooManyFilter.FilterAfterDequeue(endpoint, pktInfo, pktPayload); | ||
} | ||
|
||
} // namespace SilabsEndpointQueueFilter | ||
} // namespace Inet | ||
} // namespace chip |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,78 @@ | ||
/* | ||
* | ||
* Copyright (c) 2023 Project CHIP Authors | ||
* | ||
* Licensed under the Apache License, Version 2.0 (the "License"); | ||
* you may not use this file except in compliance with the License. | ||
* You may obtain a copy of the License at | ||
* | ||
* http://www.apache.org/licenses/LICENSE-2.0 | ||
* | ||
* Unless required by applicable law or agreed to in writing, software | ||
* distributed under the License is distributed on an "AS IS" BASIS, | ||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
* See the License for the specific language governing permissions and | ||
* limitations under the License. | ||
*/ | ||
|
||
#pragma once | ||
|
||
#include <inet/BasicPacketFilters.h> | ||
|
||
namespace chip { | ||
namespace Inet { | ||
|
||
struct EndpointFilter | ||
{ | ||
virtual ~EndpointFilter() = default; | ||
virtual EndpointQueueFilter::FilterOutcome Filter(const void * endpoint, const IPPacketInfo & pktInfo, | ||
const System::PacketBufferHandle & pktPayload) = 0; | ||
}; | ||
|
||
struct EndpointQueueFilterConfig | ||
{ | ||
size_t allowedQueuedPackets = 10; // Default value | ||
}; | ||
|
||
struct HostNameFilter : EndpointFilter | ||
{ | ||
static constexpr size_t kHostNameLengthMax = 13; // 6 bytes in hex and null terminator. | ||
|
||
EndpointQueueFilter::FilterOutcome Filter(const void * endpoint, const IPPacketInfo & pktInfo, | ||
const System::PacketBufferHandle & pktPayload) override; | ||
|
||
CHIP_ERROR SetHostName(Span<const unsigned char> & name); | ||
|
||
private: | ||
uint8_t mHostName[kHostNameLengthMax] = { 0 }; | ||
static constexpr size_t kMdnsPort = 5353; | ||
}; | ||
|
||
namespace SilabsEndpointQueueFilter { | ||
|
||
class EndpointQueueFilter : public Inet::EndpointQueueFilter | ||
{ | ||
public: | ||
EndpointQueueFilterConfig mConfig; | ||
EndpointQueueFilter(); | ||
EndpointQueueFilter(size_t maxAllowedQueuedPackets); | ||
|
||
FilterOutcome FilterBeforeEnqueue(const void * endpoint, const IPPacketInfo & pktInfo, | ||
const System::PacketBufferHandle & pktPayload) override; | ||
|
||
FilterOutcome FilterAfterDequeue(const void * endpoint, const IPPacketInfo & pktInfo, | ||
const System::PacketBufferHandle & pktPayload); | ||
|
||
CHIP_ERROR SetHostName(Span<const unsigned char> & addr) { return mHostNameFilter.SetHostName(addr); } | ||
|
||
// Method to set the configuration | ||
void SetConfig(const EndpointQueueFilterConfig & config) { mConfig = config; } | ||
|
||
private: | ||
DropIfTooManyQueuedPacketsFilter mTooManyFilter; | ||
HostNameFilter mHostNameFilter; | ||
}; | ||
|
||
} // namespace SilabsEndpointQueueFilter | ||
} // namespace Inet | ||
} // namespace chip |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is there a reason not to do:
?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
notice the span interation is not working, will have a check once
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't understand this comment...