1 <!-- Copyright (C) 2002 Red Hat, Inc. -->
2 <!-- This material may be distributed only subject to the terms -->
3 <!-- and conditions set forth in the Open Publication License, v1.0 -->
4 <!-- or later (the latest version is presently available at -->
5 <!-- http://www.opencontent.org/openpub/). -->
6 <!-- Distribution of the work or derivative of the work in any -->
7 <!-- standard (paper) book form is prohibited unless prior -->
8 <!-- permission is obtained from the copyright holder. -->
12 >Synthetic Target Ethernet Driver</TITLE
13 ><meta name="MSSmartTagsPreventParsing" content="TRUE">
16 CONTENT="Modular DocBook HTML Stylesheet Version 1.76b+
27 NAME="DEVS-ETH-SYNTH-ECOSYNTH">Synthetic Target Ethernet Driver</H1
35 >Synthetic Target Ethernet Support -- Allow synthetic target applications to perform ethernet I/O</DIV
44 >The synthetic target ethernet package can provide up to four network
52 be used directly by the eCos application or, more commonly, by a
53 TCP/IP stack that is linked with the eCos application. Each eCos
54 device can be mapped on to a real Linux network device. For example,
55 if the Linux PC has two ethernet cards and <TT
59 not currently being used by Linux itself, then one of the eCos devices
60 can be mapped on to this Linux device. Alternatively, it is possible
61 to map some or all of the eCos devices on to the ethertap support
62 provided by the Linux kernel.
65 >The ethernet package depends on the I/O auxiliary provided by the
66 synthetic target architectural HAL package. During initialization the
67 eCos application will attempt to instantiate the desired devices, by
68 sending a request to the auxiliary. This will load a Tcl script
72 > that is responsible for handling the
73 instantiation request and subsequent I/O operations, for example
74 transmitting an ethernet packet. However, some of the low-level I/O
75 operations cannot conveniently be done by a Tcl script so
79 > will actually run a separate program
83 > to interact with the Linux network device.
86 CLASS="INFORMALFIGURE"
101 >On the target-side there are configuration options to control which
102 network devices should be present. For many applications a single
103 device will be sufficient, but if the final eCos application is
104 something like a network bridge then the package can support multiple
105 devices. On the host-side each eCos network device needs to be mapped
106 on to a Linux one, either a real ethernet device or an ethertap
107 device. This is handled by an entry in the target definition file:
116 CLASS="PROGRAMLISTING"
117 >synth_device ethernet {
119 eth1 ethertap tap3 00:01:02:03:FE:05
126 >The ethernet package also comes with support for packet logging,
127 and provides various facilities for use by user Tcl scripts.
133 NAME="DEVS-ETH-ECOSYNTH-INSTALL"
138 >Before a synthetic target eCos application can access ethernet devices
139 it is necessary to build and install host-side support. The relevant
140 code resides in the <TT
144 subdirectory of the synthetic target ethernet package, and building it
145 involves the standard <B
156 The build involves a new executable <B
160 must be able to access a raw Linux network device. This is achieved by
161 installing it suid root, so the <B
165 has to be run with superuser privileges.
189 > suid root introduces a
190 potential security problem. Although normally
194 > is executed only by the I/O auxiliary,
195 theoretically it can be run by any program. Effectively it gives any
196 user the ability to monitor all ethernet traffic and to inject
197 arbitrary packets into the network. Also, as with any suid root
198 programs there may be as yet undiscovered exploits. Users and system
199 administrators should consider the risks before running <B
210 >There are two main ways of building the host-side software. It is
211 possible to build both the generic host-side software and all
212 package-specific host-side software, including the ethernet support,
213 in a single build tree. This involves using the
217 > script at the toplevel of the eCos
218 repository. For more information on this, see the
222 > file at the top of the repository.
223 Note that if you have an existing build tree which does not include
224 the synthetic target ethernet support then it will be necessary to
225 rerun the toplevel configure script: the search for appropriate
226 packages happens at configure time.
229 >The alternative is to build just the host-side for this package.
230 This requires a separate build directory, building directly in the
231 source tree is disallowed. The <B
235 are much the same as for a build from the toplevel, and the
239 > file can be consulted for more
240 details. It is essential that the ethernet support be configured with
244 > option as other eCos host-side
245 software, especially the I/O auxiliary provided by the architectural
246 synthetic target HAL package, otherwise the I/O auxiliary will be
247 unable to locate the ethernet support.
253 NAME="DEVS-ETH-ECOSYNTH-OPTIONS"
256 >Target-side Configuration Options</H2
258 >The target-side code can be configured to support up to four ethernet
269 > is enabled if the configuration
270 includes a TCP/IP stack, otherwise it is disabled. The other three
271 devices are always disabled by default. If any of the devices are
272 enabled then there will also be the usual configuration options
273 related to building this package. Other options related to network
274 devices, for example whether or not to use DHCP, are provided by
275 the generic network device package.
281 NAME="DEVS-ETH-ECOSYNTH-REAL"
286 >One obvious way of providing a synthetic target eCos application with
287 ethernet I/O is to use a real ethernet device in the PC: transmitted
288 packets go out on a real network, and packets on the network addressed
289 to the right MAC address are passed on to eCos. This way synthetic
290 target networking behaves just like networking on a real target with
291 ethernet hardware. For example, if there is a DHCP server anywhere on
292 the network then eCos will be able to contact it during networking
293 startup and get hold of IP address information.
296 >Configuring the ethernet support to use a real ethernet device
297 requires a simple entry in the target definition file:
306 CLASS="PROGRAMLISTING"
307 >synth_device ethernet {
308 <eCos device> real <linux device>
315 >For example, to map the eCos network device <TT
331 CLASS="PROGRAMLISTING"
332 >synth_device ethernet {
340 >It is not possible for an ethernet device to be shared by both the
341 eCos TCP/IP stack and the Linux one: there would be no simple way to
342 work out which stack incoming packets are intended for. In theory
343 it might be possible to do some demultiplexing using distinct IP
344 addresses, but it would be impossible to support some functionality
345 such as DHCP. Therefore the <B
349 refuse to access any ethernet device already in use. On a typical
353 > will be used for Linux
354 networking, and the PC will have to be equipped with additional
355 ethernet devices for use by eCos.
361 > program will access the hardware via
362 the appropriate Linux device driver, so it is important that the
363 system is set up such that the relevant module will be automatically
364 loaded or is already loaded. The details of this will depend on the
365 installed distribution and version, but typically it will involve an
368 >/etc/modules.conf</TT
375 NAME="DEVS-ETH-ECOSYNTH-ETHERTAP"
380 >The Linux kernel's ethertap facility provides a virtual network
381 interface. A Linux application, for example the
385 > program, can open a special character
393 > calls, and then <TT
400 > ethernet packets. When the device is
401 opened the Linux kernel automatically creates a new network interface,
405 >. The Linux TCP/IP stack can be
406 made to use this network interface like any other interface, receiving
407 and transmitting ethernet packets. The net effect is a virtual network
408 connecting just the Linux and eCos TCP/IP stacks, with no other nodes
409 attached. By default all traffic remains inside this virtual network
410 and is never forwarded to a real network.
413 >Support for the ethertap facility may or may not be provided
414 automatically, depending on your Linux distribution and version. If
415 your system does not have a device <TT
422 > then the appropriate kernel
423 documentation should be consulted, for example
426 >/usr/src/linux-2.4/Documentation/networking/tuntap.txt</TT
428 If you are using an old Linux kernel then the ethertap functionality
429 may be missing completely. When the <B
433 program is configured and built, the <B
437 script will check for a file <TT
439 >/usr/include/linux/if_tun.h</TT
441 file is missing then <B
444 > will be built without
445 ethertap functionality, and only real ethernet interfaces will be
449 >The target definition file is used to map eCos network devices on to
450 ethertap devices. The simplest usage is:
459 CLASS="PROGRAMLISTING"
460 >synth_device ethernet {
468 >The Linux kernel will automatically allocate the next available tap
469 network interface. Usually this will be <TT
473 other software is using the ethertap facility, for example to
474 implement a VPN, then a different number may be allocated. Usually it
475 will be better to specify the particular tap device that should be
476 used for each eCos device, for example:
485 CLASS="PROGRAMLISTING"
486 >synth_device ethernet {
495 >The user now knows exactly which eCos device is mapped onto which
496 Linux device, avoiding much potential confusion. Because the virtual
497 devices are emulated ethernet devices, they require MAC addresses.
498 There is no physical hardware to provide these addresses, so normally
499 MAC addresses will be invented. That means that each time the eCos
500 application is run it will have different MAC addresses, which makes
501 it more difficult to compare the results of different runs. To get
502 more deterministic behaviour it is possible to specify the MAC
503 addresses in the target definition file:
512 CLASS="PROGRAMLISTING"
513 >synth_device ethernet {
514 eth0 ethertap tap3 00:01:02:03:FE:05
515 eth1 ethertap tap4 00:01:02:03:FE:06
522 >During the initialization phase the eCos application will instantiate
523 the various network devices. This will cause the I/O auxiliary to load
531 > processes, which in turn will
539 perform the appropriate <TT
542 > calls. On the Linux
543 side there will now be new network interfaces such as
547 >, and these can be configured like any other
548 network interface using commands such as <B
552 In addition, if the Linux system is set up with hotplug support then
553 it may be possible to arrange for the network interface to become
554 active automatically. On a Red Hat Linux system this would require
558 >/etc/sysconfig/network-scripts/ifcfg-tap3</TT
560 containing data like:
569 CLASS="PROGRAMLISTING"
574 NETMASK="255.255.255.0"
581 >This gives the Linux interface the address <TT
588 >. The eCos network device
589 should be configured with a compatible address. One way of doing this
590 would be to enable <TT
592 >CYGHWR_NET_DRIVER_ETH0_ADDRS</TT
596 >CYGHWR_NET_DRIVER_ETH0_ADDRS_IP</TT
601 >, and similarly update the
619 >It should be noted that the ethertap facility provides a virtual
620 network, and any packets transmitted by the eCos application will
621 not appear on a real network. Therefore usually there will no
622 accessible DHCP server, and eCos cannot use DHCP or BOOTP to obtain IP
623 address information. Instead the eCos configuration should use manual
627 >An alternative approach would be to set up the Linux box as a network
628 bridge, using commands like <B
632 virtual network interface <TT
636 network interface such as <TT
639 >. Any packets sent by
640 the eCos application will get forwarded automatically to the real
641 network, and some packets on the real network will get forwarded over
642 the virtual network to the eCos application. Note that the eCos
643 application might also get some packets that were not intended for it,
644 but usually those will just be discarded by the eCos TCP/IP stack. The
645 exact details of setting up a network bridge are left as an exercise
652 NAME="DEVS-ETH-ECOSYNTH-LOGGING"
657 >The ethernet support comes with support for logging the various
658 packets that are transferred, including a simple protocol analyser.
659 This generates simple text output using the filter mechanisms provided
660 by the I/O auxiliary, so it is possible to control the appearance and
661 visibility of different types of output. For example the user might
662 want to see IPv4 headers and all ICMPv4 and ARP operations, but not
663 TCP headers or any of the packet data.
666 >The protocol analyser is not intended to be a fully functional
667 analyser with knowledge of many different TCP/IP protocols, advanced
668 search facilities, graphical traffic displays, and so on.
669 Functionality like that is already provided by other tools such as
677 >. Achieving similar levels of
678 functionality would require a lot of work, for very little gain. It is
679 still useful to have some protocol analysis functionality available
680 because the output will be interleaved with other output, for example
684 > calls from the application. That may make
685 it easier to understand the sequence of events.
688 >One problem with logging ethernet traffic is that it can involve very
689 large amounts of data. If the application is expected to run for a
690 long time or is very I/O intensive then it is easy to end up with many
691 megabytes. When running in graphical mode all the logging data will be
692 held in memory, even data that is not currently visible. At some point
693 the system will begin to run low on memory and performance will
694 suffer. To avoid problems, the ethernet script maintains a flag that
695 controls whether or not packet logging is active. The default is to
696 run with logging disabled, but this can be changed in the target
706 CLASS="PROGRAMLISTING"
707 >synth_device ethernet {
715 >The ethernet script will add a toolbar button that allows this flag to
716 be changed at run-time, allowing the user to capture traffic for
717 certain periods of time while the application continues running.
720 >The target definition file can contain the following entries for the
721 various packet logging filters:
730 CLASS="PROGRAMLISTING"
731 >synth_device ethernet {
733 filter ether -hide 0 -background LightBlue -foreground "#000080"
734 filter arp -hide 0 -background LightBlue -foreground "#000050"
735 filter ipv4 -hide 0 -background LightBlue -foreground "#000040"
736 filter ipv6 -hide 1 -background LightBlue -foreground "#000040"
737 filter icmpv4 -hide 0 -background LightBlue -foreground "#000070"
738 filter icmpv6 -hide 1 -background LightBlue -foreground "#000070"
739 filter udp -hide 0 -background LightBlue -foreground "#000030"
740 filter tcp -hide 0 -background LightBlue -foreground "#000020"
741 filter hexdata -hide 1 -background LightBlue -foreground "#000080"
742 filter asciidata -hide 1 -background LightBlue -foreground "#000080"
748 >All output will show the eCos network device, for example
752 >, and the direction relative to the eCos
753 application. Some of the filters will show packet headers, for example
757 > gives details of the ethernet packet header
761 > gives information about TCP headers such as
762 whether or not the SYN flag is set. The TCP and UDP filters will also
763 show source and destination addresses, using numerical addresses and
764 if possible host names. However, host names will only be shown if the
769 lookups while the data is being captured would add significantly to
770 complexity and overhead. The <TT
777 > filters show the remainder of the packets
778 after the ethernet, IP and TCP or UDP headers have been stripped.
781 >Some of the filters will provide raw dumps of some of the packet data.
782 Showing up to 1500 bytes of data for each packet would be expensive,
783 and often the most interesting information is near the start of the
784 packet. Therefore it is possible to set a limit on the number of bytes
785 that will be shown using the target definition file. The default limit
795 CLASS="PROGRAMLISTING"
796 >synth_device ethernet {
807 NAME="DEVS-ETH-ECOSYNTH-GUI"
810 >User Interface Additions</H2
812 >When running in graphical mode the ethernet script extends the user
813 interface in two ways: a button is added to the toolbar so that users
814 can enable or disable packet logging; and an entry is added to the
818 > menu for the ethernet-specific documentation.
824 NAME="DEVS-ETH-ECOSYNTH-ARGS"
827 >Command Line Arguments</H2
829 >The synthetic target ethernet support does not use any command line
830 arguments. All configuration is handled through the target definition
837 NAME="DEVS-ETH-ECOSYNTH-HOOKS"
842 >The ethernet support defines two hooks that can be used by other
843 scripts, especially user scripts: <TT
850 >. The tx hook is called whenever eCos
851 tries to transmit a packet. The rx hook is called whenever an incoming
852 packet is passed to the eCos application. Note that this may be a
853 little bit after the packet was actually received by the I/O auxiliary
854 since it can buffer some packets. Both hooks are called with two
855 arguments, the name of the network device and the packet being
856 transferred. Typical usage might look like:
865 CLASS="PROGRAMLISTING"
866 > proc my_tx_hook { arg_list } {
867 set dev [lindex $arg_list 0]
868 incr ::my_ethernet_tx_packets($dev)
869 incr ::my_ethernet_tx_bytes($dev) [string length [lindex $arg_list 1]]
871 proc my_rx_hook { arg_list } {
872 set dev [lindex $arg_list 0]
873 incr ::my_ethernet_rx_packets($dev)
874 incr ::my_ethernet_rx_bytes($dev) [string length [lindex $arg_list 1]]
876 synth::hook_add "ethernet_tx" my_tx_hook
877 synth::hook_add "ethernet_rx" my_rx_hook</PRE
882 >The global arrays <TT
884 >my_ethernet_tx_packets</TT
886 now be updated whenever there is ethernet traffic. Other code,
887 probably running at regular intervals by use of the Tcl
891 > procedure, can then use this information to
892 update a graphical monitor of some sort.
898 NAME="DEVS-ETH-ECOSYNTH-TCL"
901 >Additional Tcl Procedures</H2
903 >The ethernet support provides one additional Tcl procedure that can be
904 used by other scripts;
913 CLASS="PROGRAMLISTING"
914 >ethernet::devices_get_list </PRE
919 >This procedure returns a list of the ethernet devices that have been
920 instantiated, for example <TT