1 /* 2 * Copyright (c) 1990, 1991, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * This code is derived from the Stanford/CMU enet packet filter, 6 * (net/enet.c) distributed as part of 4.3BSD, and code contributed 7 * to Berkeley by Steven McCanne and Van Jacobson both of Lawrence 8 * Berkeley Laboratory. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 3. All advertising materials mentioning features or use of this software 19 * must display the following acknowledgement: 20 * This product includes software developed by the University of 21 * California, Berkeley and its contributors. 22 * 4. Neither the name of the University nor the names of its contributors 23 * may be used to endorse or promote products derived from this software 24 * without specific prior written permission. 25 * 26 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 27 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 28 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 29 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 30 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 31 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 34 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 35 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 36 * SUCH DAMAGE. 37 * 38 * @(#)bpf.c 8.2 (Berkeley) 3/28/94 39 * 40 * $Id: bpf.c,v 1.23 1996/03/28 14:33:11 scrappy Exp $ 41 */ 42 43 #include "bpfilter.h" 44 45 #if NBPFILTER > 0 46 47 #ifndef __GNUC__ 48 #define inline 49 #else 50 #define inline __inline 51 #endif 52 53 #include <sys/param.h> 54 #include <sys/systm.h> 55 #include <sys/conf.h> 56 #include <sys/mbuf.h> 57 #include <sys/buf.h> 58 #include <sys/time.h> 59 #include <sys/proc.h> 60 #include <sys/signalvar.h> 61 #include <sys/ioctl.h> 62 63 #include <sys/file.h> 64 #if defined(sparc) && BSD < 199103 65 #include <sys/stream.h> 66 #endif 67 #include <sys/uio.h> 68 69 #include <sys/socket.h> 70 #include <sys/socketvar.h> 71 #include <sys/protosw.h> 72 #include <net/if.h> 73 74 #include <net/bpf.h> 75 #include <net/bpfdesc.h> 76 77 #include <sys/errno.h> 78 79 #include <netinet/in.h> 80 #include <netinet/if_ether.h> 81 #include <sys/kernel.h> 82 #include <sys/sysctl.h> 83 #include <sys/conf.h> 84 #ifdef DEVFS 85 #include <sys/devfsext.h> 86 #endif /*DEVFS*/ 87 88 89 /* 90 * Older BSDs don't have kernel malloc. 91 */ 92 #if BSD < 199103 93 extern bcopy(); 94 static caddr_t bpf_alloc(); 95 #include <net/bpf_compat.h> 96 #define BPF_BUFSIZE (MCLBYTES-8) 97 #define UIOMOVE(cp, len, code, uio) uiomove(cp, len, code, uio) 98 #else 99 #define BPF_BUFSIZE 4096 100 #define UIOMOVE(cp, len, code, uio) uiomove(cp, len, uio) 101 #endif 102 103 #define PRINET 26 /* interruptible */ 104 105 /* 106 * The default read buffer size is patchable. 107 */ 108 static int bpf_bufsize = BPF_BUFSIZE; 109 SYSCTL_INT(_debug, OID_AUTO, bpf_bufsize, CTLFLAG_RW, 110 &bpf_bufsize, 0, ""); 111 112 /* 113 * bpf_iflist is the list of interfaces; each corresponds to an ifnet 114 * bpf_dtab holds the descriptors, indexed by minor device # 115 */ 116 static struct bpf_if *bpf_iflist; 117 static struct bpf_d bpf_dtab[NBPFILTER]; 118 119 static int bpf_allocbufs __P((struct bpf_d *)); 120 static void bpf_attachd __P((struct bpf_d *d, struct bpf_if *bp)); 121 static void bpf_detachd __P((struct bpf_d *d)); 122 static void bpf_freed __P((struct bpf_d *)); 123 static void bpf_ifname __P((struct ifnet *, struct ifreq *)); 124 static void bpf_mcopy __P((const void *, void *, u_int)); 125 static int bpf_movein __P((struct uio *, int, 126 struct mbuf **, struct sockaddr *, int *)); 127 static int bpf_setif __P((struct bpf_d *, struct ifreq *)); 128 static inline void 129 bpf_wakeup __P((struct bpf_d *)); 130 static void catchpacket __P((struct bpf_d *, u_char *, u_int, 131 u_int, void (*)(const void *, void *, u_int))); 132 static void reset_d __P((struct bpf_d *)); 133 static int bpf_setf __P((struct bpf_d *, struct bpf_program *)); 134 135 static d_open_t bpfopen; 136 static d_close_t bpfclose; 137 static d_read_t bpfread; 138 static d_write_t bpfwrite; 139 static d_ioctl_t bpfioctl; 140 static d_select_t bpfselect; 141 142 #define CDEV_MAJOR 23 143 static struct cdevsw bpf_cdevsw = 144 { bpfopen, bpfclose, bpfread, bpfwrite, /*23*/ 145 bpfioctl, nostop, nullreset, nodevtotty,/* bpf */ 146 bpfselect, nommap, NULL, "bpf", NULL, -1 }; 147 148 149 static int 150 bpf_movein(uio, linktype, mp, sockp, datlen) 151 register struct uio *uio; 152 int linktype, *datlen; 153 register struct mbuf **mp; 154 register struct sockaddr *sockp; 155 { 156 struct mbuf *m; 157 int error; 158 int len; 159 int hlen; 160 161 /* 162 * Build a sockaddr based on the data link layer type. 163 * We do this at this level because the ethernet header 164 * is copied directly into the data field of the sockaddr. 165 * In the case of SLIP, there is no header and the packet 166 * is forwarded as is. 167 * Also, we are careful to leave room at the front of the mbuf 168 * for the link level header. 169 */ 170 switch (linktype) { 171 172 case DLT_SLIP: 173 sockp->sa_family = AF_INET; 174 hlen = 0; 175 break; 176 177 case DLT_EN10MB: 178 sockp->sa_family = AF_UNSPEC; 179 /* XXX Would MAXLINKHDR be better? */ 180 hlen = sizeof(struct ether_header); 181 break; 182 183 case DLT_FDDI: 184 #if defined(__FreeBSD__) || defined(__bsdi__) 185 sockp->sa_family = AF_IMPLINK; 186 hlen = 0; 187 #else 188 sockp->sa_family = AF_UNSPEC; 189 /* XXX 4(FORMAC)+6(dst)+6(src)+3(LLC)+5(SNAP) */ 190 hlen = 24; 191 #endif 192 break; 193 194 case DLT_NULL: 195 sockp->sa_family = AF_UNSPEC; 196 hlen = 0; 197 break; 198 199 default: 200 return (EIO); 201 } 202 203 len = uio->uio_resid; 204 *datlen = len - hlen; 205 if ((unsigned)len > MCLBYTES) 206 return (EIO); 207 208 MGETHDR(m, M_WAIT, MT_DATA); 209 if (m == 0) 210 return (ENOBUFS); 211 if (len > MHLEN) { 212 #if BSD >= 199103 213 MCLGET(m, M_WAIT); 214 if ((m->m_flags & M_EXT) == 0) { 215 #else 216 MCLGET(m); 217 if (m->m_len != MCLBYTES) { 218 #endif 219 error = ENOBUFS; 220 goto bad; 221 } 222 } 223 m->m_pkthdr.len = m->m_len = len; 224 m->m_pkthdr.rcvif = NULL; 225 *mp = m; 226 /* 227 * Make room for link header. 228 */ 229 if (hlen != 0) { 230 m->m_len -= hlen; 231 #if BSD >= 199103 232 m->m_data += hlen; /* XXX */ 233 #else 234 m->m_off += hlen; 235 #endif 236 error = UIOMOVE((caddr_t)sockp->sa_data, hlen, UIO_WRITE, uio); 237 if (error) 238 goto bad; 239 } 240 error = UIOMOVE(mtod(m, caddr_t), len - hlen, UIO_WRITE, uio); 241 if (!error) 242 return (0); 243 bad: 244 m_freem(m); 245 return (error); 246 } 247 248 /* 249 * Attach file to the bpf interface, i.e. make d listen on bp. 250 * Must be called at splimp. 251 */ 252 static void 253 bpf_attachd(d, bp) 254 struct bpf_d *d; 255 struct bpf_if *bp; 256 { 257 /* 258 * Point d at bp, and add d to the interface's list of listeners. 259 * Finally, point the driver's bpf cookie at the interface so 260 * it will divert packets to bpf. 261 */ 262 d->bd_bif = bp; 263 d->bd_next = bp->bif_dlist; 264 bp->bif_dlist = d; 265 266 bp->bif_ifp->if_bpf = bp; 267 } 268 269 /* 270 * Detach a file from its interface. 271 */ 272 static void 273 bpf_detachd(d) 274 struct bpf_d *d; 275 { 276 struct bpf_d **p; 277 struct bpf_if *bp; 278 279 bp = d->bd_bif; 280 /* 281 * Check if this descriptor had requested promiscuous mode. 282 * If so, turn it off. 283 */ 284 if (d->bd_promisc) { 285 d->bd_promisc = 0; 286 if (ifpromisc(bp->bif_ifp, 0)) 287 /* 288 * Something is really wrong if we were able to put 289 * the driver into promiscuous mode, but can't 290 * take it out. 291 */ 292 panic("bpf: ifpromisc failed"); 293 } 294 /* Remove d from the interface's descriptor list. */ 295 p = &bp->bif_dlist; 296 while (*p != d) { 297 p = &(*p)->bd_next; 298 if (*p == 0) 299 panic("bpf_detachd: descriptor not in list"); 300 } 301 *p = (*p)->bd_next; 302 if (bp->bif_dlist == 0) 303 /* 304 * Let the driver know that there are no more listeners. 305 */ 306 d->bd_bif->bif_ifp->if_bpf = 0; 307 d->bd_bif = 0; 308 } 309 310 311 /* 312 * Mark a descriptor free by making it point to itself. 313 * This is probably cheaper than marking with a constant since 314 * the address should be in a register anyway. 315 */ 316 #define D_ISFREE(d) ((d) == (d)->bd_next) 317 #define D_MARKFREE(d) ((d)->bd_next = (d)) 318 #define D_MARKUSED(d) ((d)->bd_next = 0) 319 320 /* 321 * Open ethernet device. Returns ENXIO for illegal minor device number, 322 * EBUSY if file is open by another process. 323 */ 324 /* ARGSUSED */ 325 static int 326 bpfopen(dev, flags, fmt, p) 327 dev_t dev; 328 int flags; 329 int fmt; 330 struct proc *p; 331 { 332 register struct bpf_d *d; 333 334 if (minor(dev) >= NBPFILTER) 335 return (ENXIO); 336 /* 337 * Each minor can be opened by only one process. If the requested 338 * minor is in use, return EBUSY. 339 */ 340 d = &bpf_dtab[minor(dev)]; 341 if (!D_ISFREE(d)) 342 return (EBUSY); 343 344 /* Mark "free" and do most initialization. */ 345 bzero((char *)d, sizeof(*d)); 346 d->bd_bufsize = bpf_bufsize; 347 d->bd_sig = SIGIO; 348 349 return (0); 350 } 351 352 /* 353 * Close the descriptor by detaching it from its interface, 354 * deallocating its buffers, and marking it free. 355 */ 356 /* ARGSUSED */ 357 static int 358 bpfclose(dev, flags, fmt, p) 359 dev_t dev; 360 int flags; 361 int fmt; 362 struct proc *p; 363 { 364 register struct bpf_d *d = &bpf_dtab[minor(dev)]; 365 register int s; 366 367 s = splimp(); 368 if (d->bd_bif) 369 bpf_detachd(d); 370 splx(s); 371 bpf_freed(d); 372 373 return (0); 374 } 375 376 /* 377 * Support for SunOS, which does not have tsleep. 378 */ 379 #if BSD < 199103 380 static 381 bpf_timeout(arg) 382 caddr_t arg; 383 { 384 struct bpf_d *d = (struct bpf_d *)arg; 385 d->bd_timedout = 1; 386 wakeup(arg); 387 } 388 389 #define BPF_SLEEP(chan, pri, s, t) bpf_sleep((struct bpf_d *)chan) 390 391 int 392 bpf_sleep(d) 393 register struct bpf_d *d; 394 { 395 register int rto = d->bd_rtout; 396 register int st; 397 398 if (rto != 0) { 399 d->bd_timedout = 0; 400 timeout(bpf_timeout, (caddr_t)d, rto); 401 } 402 st = sleep((caddr_t)d, PRINET|PCATCH); 403 if (rto != 0) { 404 if (d->bd_timedout == 0) 405 untimeout(bpf_timeout, (caddr_t)d); 406 else if (st == 0) 407 return EWOULDBLOCK; 408 } 409 return (st != 0) ? EINTR : 0; 410 } 411 #else 412 #define BPF_SLEEP tsleep 413 #endif 414 415 /* 416 * Rotate the packet buffers in descriptor d. Move the store buffer 417 * into the hold slot, and the free buffer into the store slot. 418 * Zero the length of the new store buffer. 419 */ 420 #define ROTATE_BUFFERS(d) \ 421 (d)->bd_hbuf = (d)->bd_sbuf; \ 422 (d)->bd_hlen = (d)->bd_slen; \ 423 (d)->bd_sbuf = (d)->bd_fbuf; \ 424 (d)->bd_slen = 0; \ 425 (d)->bd_fbuf = 0; 426 /* 427 * bpfread - read next chunk of packets from buffers 428 */ 429 static int 430 bpfread(dev, uio, ioflag) 431 dev_t dev; 432 register struct uio *uio; 433 int ioflag; 434 { 435 register struct bpf_d *d = &bpf_dtab[minor(dev)]; 436 int error; 437 int s; 438 439 /* 440 * Restrict application to use a buffer the same size as 441 * as kernel buffers. 442 */ 443 if (uio->uio_resid != d->bd_bufsize) 444 return (EINVAL); 445 446 s = splimp(); 447 /* 448 * If the hold buffer is empty, then do a timed sleep, which 449 * ends when the timeout expires or when enough packets 450 * have arrived to fill the store buffer. 451 */ 452 while (d->bd_hbuf == 0) { 453 if (d->bd_immediate && d->bd_slen != 0) { 454 /* 455 * A packet(s) either arrived since the previous 456 * read or arrived while we were asleep. 457 * Rotate the buffers and return what's here. 458 */ 459 ROTATE_BUFFERS(d); 460 break; 461 } 462 if (d->bd_rtout != -1) 463 error = BPF_SLEEP((caddr_t)d, PRINET|PCATCH, "bpf", 464 d->bd_rtout); 465 else 466 error = EWOULDBLOCK; /* User requested non-blocking I/O */ 467 if (error == EINTR || error == ERESTART) { 468 splx(s); 469 return (error); 470 } 471 if (error == EWOULDBLOCK) { 472 /* 473 * On a timeout, return what's in the buffer, 474 * which may be nothing. If there is something 475 * in the store buffer, we can rotate the buffers. 476 */ 477 if (d->bd_hbuf) 478 /* 479 * We filled up the buffer in between 480 * getting the timeout and arriving 481 * here, so we don't need to rotate. 482 */ 483 break; 484 485 if (d->bd_slen == 0) { 486 splx(s); 487 return (0); 488 } 489 ROTATE_BUFFERS(d); 490 break; 491 } 492 } 493 /* 494 * At this point, we know we have something in the hold slot. 495 */ 496 splx(s); 497 498 /* 499 * Move data from hold buffer into user space. 500 * We know the entire buffer is transferred since 501 * we checked above that the read buffer is bpf_bufsize bytes. 502 */ 503 error = UIOMOVE(d->bd_hbuf, d->bd_hlen, UIO_READ, uio); 504 505 s = splimp(); 506 d->bd_fbuf = d->bd_hbuf; 507 d->bd_hbuf = 0; 508 d->bd_hlen = 0; 509 splx(s); 510 511 return (error); 512 } 513 514 515 /* 516 * If there are processes sleeping on this descriptor, wake them up. 517 */ 518 static inline void 519 bpf_wakeup(d) 520 register struct bpf_d *d; 521 { 522 struct proc *p; 523 524 wakeup((caddr_t)d); 525 if (d->bd_async && d->bd_sig) 526 if (d->bd_pgid > 0) 527 gsignal (d->bd_pgid, d->bd_sig); 528 else if (p = pfind (-d->bd_pgid)) 529 psignal (p, d->bd_sig); 530 531 #if BSD >= 199103 532 selwakeup(&d->bd_sel); 533 /* XXX */ 534 d->bd_sel.si_pid = 0; 535 #else 536 if (d->bd_selproc) { 537 selwakeup(d->bd_selproc, (int)d->bd_selcoll); 538 d->bd_selcoll = 0; 539 d->bd_selproc = 0; 540 } 541 #endif 542 } 543 544 static int 545 bpfwrite(dev, uio, ioflag) 546 dev_t dev; 547 struct uio *uio; 548 int ioflag; 549 { 550 register struct bpf_d *d = &bpf_dtab[minor(dev)]; 551 struct ifnet *ifp; 552 struct mbuf *m; 553 int error, s; 554 static struct sockaddr dst; 555 int datlen; 556 557 if (d->bd_bif == 0) 558 return (ENXIO); 559 560 ifp = d->bd_bif->bif_ifp; 561 562 if (uio->uio_resid == 0) 563 return (0); 564 565 error = bpf_movein(uio, (int)d->bd_bif->bif_dlt, &m, &dst, &datlen); 566 if (error) 567 return (error); 568 569 if (datlen > ifp->if_mtu) 570 return (EMSGSIZE); 571 572 s = splnet(); 573 #if BSD >= 199103 574 error = (*ifp->if_output)(ifp, m, &dst, (struct rtentry *)0); 575 #else 576 error = (*ifp->if_output)(ifp, m, &dst); 577 #endif 578 splx(s); 579 /* 580 * The driver frees the mbuf. 581 */ 582 return (error); 583 } 584 585 /* 586 * Reset a descriptor by flushing its packet buffer and clearing the 587 * receive and drop counts. Should be called at splimp. 588 */ 589 static void 590 reset_d(d) 591 struct bpf_d *d; 592 { 593 if (d->bd_hbuf) { 594 /* Free the hold buffer. */ 595 d->bd_fbuf = d->bd_hbuf; 596 d->bd_hbuf = 0; 597 } 598 d->bd_slen = 0; 599 d->bd_hlen = 0; 600 d->bd_rcount = 0; 601 d->bd_dcount = 0; 602 } 603 604 /* 605 * FIONREAD Check for read packet available. 606 * SIOCGIFADDR Get interface address - convenient hook to driver. 607 * BIOCGBLEN Get buffer len [for read()]. 608 * BIOCSETF Set ethernet read filter. 609 * BIOCFLUSH Flush read packet buffer. 610 * BIOCPROMISC Put interface into promiscuous mode. 611 * BIOCGDLT Get link layer type. 612 * BIOCGETIF Get interface name. 613 * BIOCSETIF Set interface. 614 * BIOCSRTIMEOUT Set read timeout. 615 * BIOCGRTIMEOUT Get read timeout. 616 * BIOCGSTATS Get packet stats. 617 * BIOCIMMEDIATE Set immediate mode. 618 * BIOCVERSION Get filter language version. 619 */ 620 /* ARGSUSED */ 621 static int 622 bpfioctl(dev, cmd, addr, flags, p) 623 dev_t dev; 624 int cmd; 625 caddr_t addr; 626 int flags; 627 struct proc *p; 628 { 629 register struct bpf_d *d = &bpf_dtab[minor(dev)]; 630 int s, error = 0; 631 632 switch (cmd) { 633 634 default: 635 error = EINVAL; 636 break; 637 638 /* 639 * Check for read packet available. 640 */ 641 case FIONREAD: 642 { 643 int n; 644 645 s = splimp(); 646 n = d->bd_slen; 647 if (d->bd_hbuf) 648 n += d->bd_hlen; 649 splx(s); 650 651 *(int *)addr = n; 652 break; 653 } 654 655 case SIOCGIFADDR: 656 { 657 struct ifnet *ifp; 658 659 if (d->bd_bif == 0) 660 error = EINVAL; 661 else { 662 ifp = d->bd_bif->bif_ifp; 663 error = (*ifp->if_ioctl)(ifp, cmd, addr); 664 } 665 break; 666 } 667 668 /* 669 * Get buffer len [for read()]. 670 */ 671 case BIOCGBLEN: 672 *(u_int *)addr = d->bd_bufsize; 673 break; 674 675 /* 676 * Set buffer length. 677 */ 678 case BIOCSBLEN: 679 #if BSD < 199103 680 error = EINVAL; 681 #else 682 if (d->bd_bif != 0) 683 error = EINVAL; 684 else { 685 register u_int size = *(u_int *)addr; 686 687 if (size > BPF_MAXBUFSIZE) 688 *(u_int *)addr = size = BPF_MAXBUFSIZE; 689 else if (size < BPF_MINBUFSIZE) 690 *(u_int *)addr = size = BPF_MINBUFSIZE; 691 d->bd_bufsize = size; 692 } 693 #endif 694 break; 695 696 /* 697 * Set link layer read filter. 698 */ 699 case BIOCSETF: 700 error = bpf_setf(d, (struct bpf_program *)addr); 701 break; 702 703 /* 704 * Flush read packet buffer. 705 */ 706 case BIOCFLUSH: 707 s = splimp(); 708 reset_d(d); 709 splx(s); 710 break; 711 712 /* 713 * Put interface into promiscuous mode. 714 */ 715 case BIOCPROMISC: 716 if (d->bd_bif == 0) { 717 /* 718 * No interface attached yet. 719 */ 720 error = EINVAL; 721 break; 722 } 723 s = splimp(); 724 if (d->bd_promisc == 0) { 725 error = ifpromisc(d->bd_bif->bif_ifp, 1); 726 if (error == 0) 727 d->bd_promisc = 1; 728 } 729 splx(s); 730 break; 731 732 /* 733 * Get device parameters. 734 */ 735 case BIOCGDLT: 736 if (d->bd_bif == 0) 737 error = EINVAL; 738 else 739 *(u_int *)addr = d->bd_bif->bif_dlt; 740 break; 741 742 /* 743 * Set interface name. 744 */ 745 case BIOCGETIF: 746 if (d->bd_bif == 0) 747 error = EINVAL; 748 else 749 bpf_ifname(d->bd_bif->bif_ifp, (struct ifreq *)addr); 750 break; 751 752 /* 753 * Set interface. 754 */ 755 case BIOCSETIF: 756 error = bpf_setif(d, (struct ifreq *)addr); 757 break; 758 759 /* 760 * Set read timeout. 761 */ 762 case BIOCSRTIMEOUT: 763 { 764 struct timeval *tv = (struct timeval *)addr; 765 u_long msec; 766 767 /* Compute number of milliseconds. */ 768 msec = tv->tv_sec * 1000 + tv->tv_usec / 1000; 769 /* Scale milliseconds to ticks. Assume hard 770 clock has millisecond or greater resolution 771 (i.e. tick >= 1000). For 10ms hardclock, 772 tick/1000 = 10, so rtout<-msec/10. */ 773 d->bd_rtout = msec / (tick / 1000); 774 break; 775 } 776 777 /* 778 * Get read timeout. 779 */ 780 case BIOCGRTIMEOUT: 781 { 782 struct timeval *tv = (struct timeval *)addr; 783 u_long msec = d->bd_rtout; 784 785 msec *= tick / 1000; 786 tv->tv_sec = msec / 1000; 787 tv->tv_usec = msec % 1000; 788 break; 789 } 790 791 /* 792 * Get packet stats. 793 */ 794 case BIOCGSTATS: 795 { 796 struct bpf_stat *bs = (struct bpf_stat *)addr; 797 798 bs->bs_recv = d->bd_rcount; 799 bs->bs_drop = d->bd_dcount; 800 break; 801 } 802 803 /* 804 * Set immediate mode. 805 */ 806 case BIOCIMMEDIATE: 807 d->bd_immediate = *(u_int *)addr; 808 break; 809 810 case BIOCVERSION: 811 { 812 struct bpf_version *bv = (struct bpf_version *)addr; 813 814 bv->bv_major = BPF_MAJOR_VERSION; 815 bv->bv_minor = BPF_MINOR_VERSION; 816 break; 817 } 818 819 820 case FIONBIO: /* Non-blocking I/O */ 821 if (*(int *)addr) 822 d->bd_rtout = -1; 823 else 824 d->bd_rtout = 0; 825 break; 826 827 case FIOASYNC: /* Send signal on receive packets */ 828 d->bd_async = *(int *)addr; 829 break; 830 831 /* N.B. ioctl (FIOSETOWN) and fcntl (F_SETOWN) both end up doing the 832 equivalent of a TIOCSPGRP and hence end up here. *However* TIOCSPGRP's arg 833 is a process group if it's positive and a process id if it's negative. This 834 is exactly the opposite of what the other two functions want! Therefore 835 there is code in ioctl and fcntl to negate the arg before calling here. */ 836 837 case TIOCSPGRP: /* Process or group to send signals to */ 838 d->bd_pgid = *(int *)addr; 839 break; 840 841 case TIOCGPGRP: 842 *(int *)addr = d->bd_pgid; 843 break; 844 845 case BIOCSRSIG: /* Set receive signal */ 846 { 847 u_int sig; 848 849 sig = *(u_int *)addr; 850 851 if (sig >= NSIG) 852 error = EINVAL; 853 else 854 d->bd_sig = sig; 855 break; 856 } 857 case BIOCGRSIG: 858 *(u_int *)addr = d->bd_sig; 859 break; 860 } 861 return (error); 862 } 863 864 /* 865 * Set d's packet filter program to fp. If this file already has a filter, 866 * free it and replace it. Returns EINVAL for bogus requests. 867 */ 868 static int 869 bpf_setf(d, fp) 870 struct bpf_d *d; 871 struct bpf_program *fp; 872 { 873 struct bpf_insn *fcode, *old; 874 u_int flen, size; 875 int s; 876 877 old = d->bd_filter; 878 if (fp->bf_insns == 0) { 879 if (fp->bf_len != 0) 880 return (EINVAL); 881 s = splimp(); 882 d->bd_filter = 0; 883 reset_d(d); 884 splx(s); 885 if (old != 0) 886 free((caddr_t)old, M_DEVBUF); 887 return (0); 888 } 889 flen = fp->bf_len; 890 if (flen > BPF_MAXINSNS) 891 return (EINVAL); 892 893 size = flen * sizeof(*fp->bf_insns); 894 fcode = (struct bpf_insn *)malloc(size, M_DEVBUF, M_WAITOK); 895 if (copyin((caddr_t)fp->bf_insns, (caddr_t)fcode, size) == 0 && 896 bpf_validate(fcode, (int)flen)) { 897 s = splimp(); 898 d->bd_filter = fcode; 899 reset_d(d); 900 splx(s); 901 if (old != 0) 902 free((caddr_t)old, M_DEVBUF); 903 904 return (0); 905 } 906 free((caddr_t)fcode, M_DEVBUF); 907 return (EINVAL); 908 } 909 910 /* 911 * Detach a file from its current interface (if attached at all) and attach 912 * to the interface indicated by the name stored in ifr. 913 * Return an errno or 0. 914 */ 915 static int 916 bpf_setif(d, ifr) 917 struct bpf_d *d; 918 struct ifreq *ifr; 919 { 920 struct bpf_if *bp; 921 int s, error; 922 struct ifnet *theywant; 923 924 theywant = ifunit(ifr->ifr_name); 925 if (theywant == 0) 926 return ENXIO; 927 928 /* 929 * Look through attached interfaces for the named one. 930 */ 931 for (bp = bpf_iflist; bp != 0; bp = bp->bif_next) { 932 struct ifnet *ifp = bp->bif_ifp; 933 934 if (ifp == 0 || ifp != theywant) 935 continue; 936 /* 937 * We found the requested interface. 938 * If it's not up, return an error. 939 * Allocate the packet buffers if we need to. 940 * If we're already attached to requested interface, 941 * just flush the buffer. 942 */ 943 if ((ifp->if_flags & IFF_UP) == 0) 944 return (ENETDOWN); 945 946 if (d->bd_sbuf == 0) { 947 error = bpf_allocbufs(d); 948 if (error != 0) 949 return (error); 950 } 951 s = splimp(); 952 if (bp != d->bd_bif) { 953 if (d->bd_bif) 954 /* 955 * Detach if attached to something else. 956 */ 957 bpf_detachd(d); 958 959 bpf_attachd(d, bp); 960 } 961 reset_d(d); 962 splx(s); 963 return (0); 964 } 965 /* Not found. */ 966 return (ENXIO); 967 } 968 969 /* 970 * Convert an interface name plus unit number of an ifp to a single 971 * name which is returned in the ifr. 972 */ 973 static void 974 bpf_ifname(ifp, ifr) 975 struct ifnet *ifp; 976 struct ifreq *ifr; 977 { 978 char *s = ifp->if_name; 979 char *d = ifr->ifr_name; 980 981 while (*d++ = *s++) 982 continue; 983 /* XXX Assume that unit number is less than 10. */ 984 *d++ = ifp->if_unit + '0'; 985 *d = '\0'; 986 } 987 988 /* 989 * The new select interface passes down the proc pointer; the old select 990 * stubs had to grab it out of the user struct. This glue allows either case. 991 */ 992 #if BSD >= 199103 993 #define bpf_select bpfselect 994 #else 995 static int 996 bpfselect(dev, rw) 997 register dev_t dev; 998 int rw; 999 { 1000 return (bpf_select(dev, rw, u.u_procp)); 1001 } 1002 #endif 1003 1004 /* 1005 * Support for select() system call 1006 * 1007 * Return true iff the specific operation will not block indefinitely. 1008 * Otherwise, return false but make a note that a selwakeup() must be done. 1009 */ 1010 int 1011 bpf_select(dev, rw, p) 1012 register dev_t dev; 1013 int rw; 1014 struct proc *p; 1015 { 1016 register struct bpf_d *d; 1017 register int s; 1018 1019 if (rw != FREAD) 1020 return (0); 1021 /* 1022 * An imitation of the FIONREAD ioctl code. 1023 */ 1024 d = &bpf_dtab[minor(dev)]; 1025 1026 s = splimp(); 1027 if (d->bd_hlen != 0 || (d->bd_immediate && d->bd_slen != 0)) { 1028 /* 1029 * There is data waiting. 1030 */ 1031 splx(s); 1032 return (1); 1033 } 1034 #if BSD >= 199103 1035 selrecord(p, &d->bd_sel); 1036 #else 1037 /* 1038 * No data ready. If there's already a select() waiting on this 1039 * minor device then this is a collision. This shouldn't happen 1040 * because minors really should not be shared, but if a process 1041 * forks while one of these is open, it is possible that both 1042 * processes could select on the same descriptor. 1043 */ 1044 if (d->bd_selproc && d->bd_selproc->p_wchan == (caddr_t)&selwait) 1045 d->bd_selcoll = 1; 1046 else 1047 d->bd_selproc = p; 1048 #endif 1049 splx(s); 1050 return (0); 1051 } 1052 1053 /* 1054 * Incoming linkage from device drivers. Process the packet pkt, of length 1055 * pktlen, which is stored in a contiguous buffer. The packet is parsed 1056 * by each process' filter, and if accepted, stashed into the corresponding 1057 * buffer. 1058 */ 1059 void 1060 bpf_tap(ifp, pkt, pktlen) 1061 struct ifnet *ifp; 1062 register u_char *pkt; 1063 register u_int pktlen; 1064 { 1065 struct bpf_if *bp; 1066 register struct bpf_d *d; 1067 register u_int slen; 1068 /* 1069 * Note that the ipl does not have to be raised at this point. 1070 * The only problem that could arise here is that if two different 1071 * interfaces shared any data. This is not the case. 1072 */ 1073 bp = ifp->if_bpf; 1074 for (d = bp->bif_dlist; d != 0; d = d->bd_next) { 1075 ++d->bd_rcount; 1076 slen = bpf_filter(d->bd_filter, pkt, pktlen, pktlen); 1077 if (slen != 0) 1078 catchpacket(d, pkt, pktlen, slen, bcopy); 1079 } 1080 } 1081 1082 /* 1083 * Copy data from an mbuf chain into a buffer. This code is derived 1084 * from m_copydata in sys/uipc_mbuf.c. 1085 */ 1086 static void 1087 bpf_mcopy(src_arg, dst_arg, len) 1088 const void *src_arg; 1089 void *dst_arg; 1090 register u_int len; 1091 { 1092 register const struct mbuf *m; 1093 register u_int count; 1094 u_char *dst; 1095 1096 m = src_arg; 1097 dst = dst_arg; 1098 while (len > 0) { 1099 if (m == 0) 1100 panic("bpf_mcopy"); 1101 count = min(m->m_len, len); 1102 (void)memcpy((caddr_t)dst, mtod(m, caddr_t), count); 1103 m = m->m_next; 1104 dst += count; 1105 len -= count; 1106 } 1107 } 1108 1109 /* 1110 * Incoming linkage from device drivers, when packet is in an mbuf chain. 1111 */ 1112 void 1113 bpf_mtap(ifp, m) 1114 struct ifnet *ifp; 1115 struct mbuf *m; 1116 { 1117 struct bpf_if *bp = ifp->if_bpf; 1118 struct bpf_d *d; 1119 u_int pktlen, slen; 1120 struct mbuf *m0; 1121 1122 pktlen = 0; 1123 for (m0 = m; m0 != 0; m0 = m0->m_next) 1124 pktlen += m0->m_len; 1125 1126 for (d = bp->bif_dlist; d != 0; d = d->bd_next) { 1127 ++d->bd_rcount; 1128 slen = bpf_filter(d->bd_filter, (u_char *)m, pktlen, 0); 1129 if (slen != 0) 1130 catchpacket(d, (u_char *)m, pktlen, slen, bpf_mcopy); 1131 } 1132 } 1133 1134 /* 1135 * Move the packet data from interface memory (pkt) into the 1136 * store buffer. Return 1 if it's time to wakeup a listener (buffer full), 1137 * otherwise 0. "copy" is the routine called to do the actual data 1138 * transfer. bcopy is passed in to copy contiguous chunks, while 1139 * bpf_mcopy is passed in to copy mbuf chains. In the latter case, 1140 * pkt is really an mbuf. 1141 */ 1142 static void 1143 catchpacket(d, pkt, pktlen, snaplen, cpfn) 1144 register struct bpf_d *d; 1145 register u_char *pkt; 1146 register u_int pktlen, snaplen; 1147 register void (*cpfn)(const void *, void *, u_int); 1148 { 1149 register struct bpf_hdr *hp; 1150 register int totlen, curlen; 1151 register int hdrlen = d->bd_bif->bif_hdrlen; 1152 /* 1153 * Figure out how many bytes to move. If the packet is 1154 * greater or equal to the snapshot length, transfer that 1155 * much. Otherwise, transfer the whole packet (unless 1156 * we hit the buffer size limit). 1157 */ 1158 totlen = hdrlen + min(snaplen, pktlen); 1159 if (totlen > d->bd_bufsize) 1160 totlen = d->bd_bufsize; 1161 1162 /* 1163 * Round up the end of the previous packet to the next longword. 1164 */ 1165 curlen = BPF_WORDALIGN(d->bd_slen); 1166 if (curlen + totlen > d->bd_bufsize) { 1167 /* 1168 * This packet will overflow the storage buffer. 1169 * Rotate the buffers if we can, then wakeup any 1170 * pending reads. 1171 */ 1172 if (d->bd_fbuf == 0) { 1173 /* 1174 * We haven't completed the previous read yet, 1175 * so drop the packet. 1176 */ 1177 ++d->bd_dcount; 1178 return; 1179 } 1180 ROTATE_BUFFERS(d); 1181 bpf_wakeup(d); 1182 curlen = 0; 1183 } 1184 else if (d->bd_immediate) 1185 /* 1186 * Immediate mode is set. A packet arrived so any 1187 * reads should be woken up. 1188 */ 1189 bpf_wakeup(d); 1190 1191 /* 1192 * Append the bpf header. 1193 */ 1194 hp = (struct bpf_hdr *)(d->bd_sbuf + curlen); 1195 #if BSD >= 199103 1196 microtime(&hp->bh_tstamp); 1197 #elif defined(sun) 1198 uniqtime(&hp->bh_tstamp); 1199 #else 1200 hp->bh_tstamp = time; 1201 #endif 1202 hp->bh_datalen = pktlen; 1203 hp->bh_hdrlen = hdrlen; 1204 /* 1205 * Copy the packet data into the store buffer and update its length. 1206 */ 1207 (*cpfn)(pkt, (u_char *)hp + hdrlen, (hp->bh_caplen = totlen - hdrlen)); 1208 d->bd_slen = curlen + totlen; 1209 } 1210 1211 /* 1212 * Initialize all nonzero fields of a descriptor. 1213 */ 1214 static int 1215 bpf_allocbufs(d) 1216 register struct bpf_d *d; 1217 { 1218 d->bd_fbuf = (caddr_t)malloc(d->bd_bufsize, M_DEVBUF, M_WAITOK); 1219 if (d->bd_fbuf == 0) 1220 return (ENOBUFS); 1221 1222 d->bd_sbuf = (caddr_t)malloc(d->bd_bufsize, M_DEVBUF, M_WAITOK); 1223 if (d->bd_sbuf == 0) { 1224 free(d->bd_fbuf, M_DEVBUF); 1225 return (ENOBUFS); 1226 } 1227 d->bd_slen = 0; 1228 d->bd_hlen = 0; 1229 return (0); 1230 } 1231 1232 /* 1233 * Free buffers currently in use by a descriptor. 1234 * Called on close. 1235 */ 1236 static void 1237 bpf_freed(d) 1238 register struct bpf_d *d; 1239 { 1240 /* 1241 * We don't need to lock out interrupts since this descriptor has 1242 * been detached from its interface and it yet hasn't been marked 1243 * free. 1244 */ 1245 if (d->bd_sbuf != 0) { 1246 free(d->bd_sbuf, M_DEVBUF); 1247 if (d->bd_hbuf != 0) 1248 free(d->bd_hbuf, M_DEVBUF); 1249 if (d->bd_fbuf != 0) 1250 free(d->bd_fbuf, M_DEVBUF); 1251 } 1252 if (d->bd_filter) 1253 free((caddr_t)d->bd_filter, M_DEVBUF); 1254 1255 D_MARKFREE(d); 1256 } 1257 1258 /* 1259 * Attach an interface to bpf. driverp is a pointer to a (struct bpf_if *) 1260 * in the driver's softc; dlt is the link layer type; hdrlen is the fixed 1261 * size of the link header (variable length headers not yet supported). 1262 */ 1263 void 1264 bpfattach(ifp, dlt, hdrlen) 1265 struct ifnet *ifp; 1266 u_int dlt, hdrlen; 1267 { 1268 struct bpf_if *bp; 1269 int i; 1270 bp = (struct bpf_if *)malloc(sizeof(*bp), M_DEVBUF, M_DONTWAIT); 1271 if (bp == 0) 1272 panic("bpfattach"); 1273 1274 bp->bif_dlist = 0; 1275 bp->bif_ifp = ifp; 1276 bp->bif_dlt = dlt; 1277 1278 bp->bif_next = bpf_iflist; 1279 bpf_iflist = bp; 1280 1281 bp->bif_ifp->if_bpf = 0; 1282 1283 /* 1284 * Compute the length of the bpf header. This is not necessarily 1285 * equal to SIZEOF_BPF_HDR because we want to insert spacing such 1286 * that the network layer header begins on a longword boundary (for 1287 * performance reasons and to alleviate alignment restrictions). 1288 */ 1289 bp->bif_hdrlen = BPF_WORDALIGN(hdrlen + SIZEOF_BPF_HDR) - hdrlen; 1290 1291 /* 1292 * Mark all the descriptors free if this hasn't been done. 1293 */ 1294 if (!D_ISFREE(&bpf_dtab[0])) 1295 for (i = 0; i < NBPFILTER; ++i) 1296 D_MARKFREE(&bpf_dtab[i]); 1297 1298 if (bootverbose) 1299 printf("bpf: %s%d attached\n", ifp->if_name, ifp->if_unit); 1300 } 1301 1302 #ifdef DEVFS 1303 static void *bpf_devfs_token[NBPFILTER]; 1304 #endif 1305 1306 static bpf_devsw_installed = 0; 1307 1308 static void bpf_drvinit(void *unused) 1309 { 1310 dev_t dev; 1311 #ifdef DEVFS 1312 int i; 1313 #endif 1314 1315 if( ! bpf_devsw_installed ) { 1316 dev = makedev(CDEV_MAJOR, 0); 1317 cdevsw_add(&dev,&bpf_cdevsw, NULL); 1318 bpf_devsw_installed = 1; 1319 #ifdef DEVFS 1320 1321 for ( i = 0 ; i < NBPFILTER ; i++ ) { 1322 bpf_devfs_token[i] = 1323 devfs_add_devswf(&bpf_cdevsw, i, DV_CHR, 0, 0, 1324 0600, "bpf%d", i); 1325 } 1326 #endif 1327 } 1328 } 1329 1330 SYSINIT(bpfdev,SI_SUB_DRIVERS,SI_ORDER_MIDDLE+CDEV_MAJOR,bpf_drvinit,NULL) 1331 1332 #endif 1333