1 /* 2 * Copyright (c) 1990, 1991, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * This code is derived from the Stanford/CMU enet packet filter, 6 * (net/enet.c) distributed as part of 4.3BSD, and code contributed 7 * to Berkeley by Steven McCanne and Van Jacobson both of Lawrence 8 * Berkeley Laboratory. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 3. All advertising materials mentioning features or use of this software 19 * must display the following acknowledgement: 20 * This product includes software developed by the University of 21 * California, Berkeley and its contributors. 22 * 4. Neither the name of the University nor the names of its contributors 23 * may be used to endorse or promote products derived from this software 24 * without specific prior written permission. 25 * 26 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 27 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 28 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 29 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 30 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 31 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 34 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 35 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 36 * SUCH DAMAGE. 37 * 38 * @(#)bpf.c 8.2 (Berkeley) 3/28/94 39 * 40 * $FreeBSD$ 41 */ 42 43 #include "bpf.h" 44 45 #ifndef __GNUC__ 46 #define inline 47 #else 48 #define inline __inline 49 #endif 50 51 #include <sys/param.h> 52 #include <sys/systm.h> 53 #include <sys/conf.h> 54 #include <sys/malloc.h> 55 #include <sys/mbuf.h> 56 #include <sys/time.h> 57 #include <sys/proc.h> 58 #include <sys/signalvar.h> 59 #include <sys/filio.h> 60 #include <sys/sockio.h> 61 #include <sys/ttycom.h> 62 #include <sys/filedesc.h> 63 64 #if defined(sparc) && BSD < 199103 65 #include <sys/stream.h> 66 #endif 67 #include <sys/poll.h> 68 69 #include <sys/socket.h> 70 #include <sys/vnode.h> 71 72 #include <net/if.h> 73 #include <net/bpf.h> 74 #include <net/bpfdesc.h> 75 76 #include <netinet/in.h> 77 #include <netinet/if_ether.h> 78 #include <sys/kernel.h> 79 #include <sys/sysctl.h> 80 81 MALLOC_DEFINE(M_BPF, "BPF", "BPF data"); 82 83 #if NBPF > 0 84 85 /* 86 * Older BSDs don't have kernel malloc. 87 */ 88 #if BSD < 199103 89 extern bcopy(); 90 static caddr_t bpf_alloc(); 91 #include <net/bpf_compat.h> 92 #define BPF_BUFSIZE (MCLBYTES-8) 93 #define UIOMOVE(cp, len, code, uio) uiomove(cp, len, code, uio) 94 #else 95 #define BPF_BUFSIZE 4096 96 #define UIOMOVE(cp, len, code, uio) uiomove(cp, len, uio) 97 #endif 98 99 #define PRINET 26 /* interruptible */ 100 101 /* 102 * The default read buffer size is patchable. 103 */ 104 static int bpf_bufsize = BPF_BUFSIZE; 105 SYSCTL_INT(_debug, OID_AUTO, bpf_bufsize, CTLFLAG_RW, 106 &bpf_bufsize, 0, ""); 107 static int bpf_maxbufsize = BPF_MAXBUFSIZE; 108 SYSCTL_INT(_debug, OID_AUTO, bpf_maxbufsize, CTLFLAG_RW, 109 &bpf_maxbufsize, 0, ""); 110 111 /* 112 * bpf_iflist is the list of interfaces; each corresponds to an ifnet 113 */ 114 static struct bpf_if *bpf_iflist; 115 116 static int bpf_allocbufs __P((struct bpf_d *)); 117 static void bpf_attachd __P((struct bpf_d *d, struct bpf_if *bp)); 118 static void bpf_detachd __P((struct bpf_d *d)); 119 static void bpf_freed __P((struct bpf_d *)); 120 static void bpf_mcopy __P((const void *, void *, size_t)); 121 static int bpf_movein __P((struct uio *, int, 122 struct mbuf **, struct sockaddr *, int *)); 123 static int bpf_setif __P((struct bpf_d *, struct ifreq *)); 124 static inline void 125 bpf_wakeup __P((struct bpf_d *)); 126 static void catchpacket __P((struct bpf_d *, u_char *, u_int, 127 u_int, void (*)(const void *, void *, size_t))); 128 static void reset_d __P((struct bpf_d *)); 129 static int bpf_setf __P((struct bpf_d *, struct bpf_program *)); 130 131 static d_open_t bpfopen; 132 static d_close_t bpfclose; 133 static d_read_t bpfread; 134 static d_write_t bpfwrite; 135 static d_ioctl_t bpfioctl; 136 static d_poll_t bpfpoll; 137 138 #define CDEV_MAJOR 23 139 static struct cdevsw bpf_cdevsw = { 140 /* open */ bpfopen, 141 /* close */ bpfclose, 142 /* read */ bpfread, 143 /* write */ bpfwrite, 144 /* ioctl */ bpfioctl, 145 /* poll */ bpfpoll, 146 /* mmap */ nommap, 147 /* strategy */ nostrategy, 148 /* name */ "bpf", 149 /* maj */ CDEV_MAJOR, 150 /* dump */ nodump, 151 /* psize */ nopsize, 152 /* flags */ 0, 153 /* bmaj */ -1 154 }; 155 156 157 static int 158 bpf_movein(uio, linktype, mp, sockp, datlen) 159 register struct uio *uio; 160 int linktype, *datlen; 161 register struct mbuf **mp; 162 register struct sockaddr *sockp; 163 { 164 struct mbuf *m; 165 int error; 166 int len; 167 int hlen; 168 169 /* 170 * Build a sockaddr based on the data link layer type. 171 * We do this at this level because the ethernet header 172 * is copied directly into the data field of the sockaddr. 173 * In the case of SLIP, there is no header and the packet 174 * is forwarded as is. 175 * Also, we are careful to leave room at the front of the mbuf 176 * for the link level header. 177 */ 178 switch (linktype) { 179 180 case DLT_SLIP: 181 sockp->sa_family = AF_INET; 182 hlen = 0; 183 break; 184 185 case DLT_EN10MB: 186 sockp->sa_family = AF_UNSPEC; 187 /* XXX Would MAXLINKHDR be better? */ 188 hlen = sizeof(struct ether_header); 189 break; 190 191 case DLT_FDDI: 192 #if defined(__FreeBSD__) || defined(__bsdi__) 193 sockp->sa_family = AF_IMPLINK; 194 hlen = 0; 195 #else 196 sockp->sa_family = AF_UNSPEC; 197 /* XXX 4(FORMAC)+6(dst)+6(src)+3(LLC)+5(SNAP) */ 198 hlen = 24; 199 #endif 200 break; 201 202 case DLT_RAW: 203 case DLT_NULL: 204 sockp->sa_family = AF_UNSPEC; 205 hlen = 0; 206 break; 207 208 #ifdef __FreeBSD__ 209 case DLT_ATM_RFC1483: 210 /* 211 * en atm driver requires 4-byte atm pseudo header. 212 * though it isn't standard, vpi:vci needs to be 213 * specified anyway. 214 */ 215 sockp->sa_family = AF_UNSPEC; 216 hlen = 12; /* XXX 4(ATM_PH) + 3(LLC) + 5(SNAP) */ 217 break; 218 #endif 219 220 default: 221 return (EIO); 222 } 223 224 len = uio->uio_resid; 225 *datlen = len - hlen; 226 if ((unsigned)len > MCLBYTES) 227 return (EIO); 228 229 MGETHDR(m, M_WAIT, MT_DATA); 230 if (m == 0) 231 return (ENOBUFS); 232 if (len > MHLEN) { 233 #if BSD >= 199103 234 MCLGET(m, M_WAIT); 235 if ((m->m_flags & M_EXT) == 0) { 236 #else 237 MCLGET(m); 238 if (m->m_len != MCLBYTES) { 239 #endif 240 error = ENOBUFS; 241 goto bad; 242 } 243 } 244 m->m_pkthdr.len = m->m_len = len; 245 m->m_pkthdr.rcvif = NULL; 246 *mp = m; 247 /* 248 * Make room for link header. 249 */ 250 if (hlen != 0) { 251 m->m_pkthdr.len -= hlen; 252 m->m_len -= hlen; 253 #if BSD >= 199103 254 m->m_data += hlen; /* XXX */ 255 #else 256 m->m_off += hlen; 257 #endif 258 error = UIOMOVE((caddr_t)sockp->sa_data, hlen, UIO_WRITE, uio); 259 if (error) 260 goto bad; 261 } 262 error = UIOMOVE(mtod(m, caddr_t), len - hlen, UIO_WRITE, uio); 263 if (!error) 264 return (0); 265 bad: 266 m_freem(m); 267 return (error); 268 } 269 270 /* 271 * Attach file to the bpf interface, i.e. make d listen on bp. 272 * Must be called at splimp. 273 */ 274 static void 275 bpf_attachd(d, bp) 276 struct bpf_d *d; 277 struct bpf_if *bp; 278 { 279 /* 280 * Point d at bp, and add d to the interface's list of listeners. 281 * Finally, point the driver's bpf cookie at the interface so 282 * it will divert packets to bpf. 283 */ 284 d->bd_bif = bp; 285 d->bd_next = bp->bif_dlist; 286 bp->bif_dlist = d; 287 288 bp->bif_ifp->if_bpf = bp; 289 } 290 291 /* 292 * Detach a file from its interface. 293 */ 294 static void 295 bpf_detachd(d) 296 struct bpf_d *d; 297 { 298 struct bpf_d **p; 299 struct bpf_if *bp; 300 301 bp = d->bd_bif; 302 /* 303 * Check if this descriptor had requested promiscuous mode. 304 * If so, turn it off. 305 */ 306 if (d->bd_promisc) { 307 d->bd_promisc = 0; 308 if (ifpromisc(bp->bif_ifp, 0)) 309 /* 310 * Something is really wrong if we were able to put 311 * the driver into promiscuous mode, but can't 312 * take it out. 313 */ 314 panic("bpf: ifpromisc failed"); 315 } 316 /* Remove d from the interface's descriptor list. */ 317 p = &bp->bif_dlist; 318 while (*p != d) { 319 p = &(*p)->bd_next; 320 if (*p == 0) 321 panic("bpf_detachd: descriptor not in list"); 322 } 323 *p = (*p)->bd_next; 324 if (bp->bif_dlist == 0) 325 /* 326 * Let the driver know that there are no more listeners. 327 */ 328 d->bd_bif->bif_ifp->if_bpf = 0; 329 d->bd_bif = 0; 330 } 331 332 /* 333 * Open ethernet device. Returns ENXIO for illegal minor device number, 334 * EBUSY if file is open by another process. 335 */ 336 /* ARGSUSED */ 337 static int 338 bpfopen(dev, flags, fmt, p) 339 dev_t dev; 340 int flags; 341 int fmt; 342 struct proc *p; 343 { 344 register struct bpf_d *d; 345 346 if (p->p_prison) 347 return (EPERM); 348 349 d = dev->si_drv1; 350 /* 351 * Each minor can be opened by only one process. If the requested 352 * minor is in use, return EBUSY. 353 */ 354 if (d) 355 return (EBUSY); 356 make_dev(&bpf_cdevsw, minor(dev), 0, 0, 0600, "bpf%d", lminor(dev)); 357 MALLOC(d, struct bpf_d *, sizeof(*d), M_BPF, M_WAITOK); 358 bzero(d, sizeof(*d)); 359 dev->si_drv1 = d; 360 d->bd_bufsize = bpf_bufsize; 361 d->bd_sig = SIGIO; 362 d->bd_seesent = 1; 363 364 return (0); 365 } 366 367 /* 368 * Close the descriptor by detaching it from its interface, 369 * deallocating its buffers, and marking it free. 370 */ 371 /* ARGSUSED */ 372 static int 373 bpfclose(dev, flags, fmt, p) 374 dev_t dev; 375 int flags; 376 int fmt; 377 struct proc *p; 378 { 379 register struct bpf_d *d = dev->si_drv1; 380 register int s; 381 382 funsetown(d->bd_sigio); 383 s = splimp(); 384 if (d->bd_bif) 385 bpf_detachd(d); 386 splx(s); 387 bpf_freed(d); 388 dev->si_drv1 = 0; 389 FREE(d, M_BPF); 390 391 return (0); 392 } 393 394 /* 395 * Support for SunOS, which does not have tsleep. 396 */ 397 #if BSD < 199103 398 static 399 bpf_timeout(arg) 400 caddr_t arg; 401 { 402 struct bpf_d *d = (struct bpf_d *)arg; 403 d->bd_timedout = 1; 404 wakeup(arg); 405 } 406 407 #define BPF_SLEEP(chan, pri, s, t) bpf_sleep((struct bpf_d *)chan) 408 409 int 410 bpf_sleep(d) 411 register struct bpf_d *d; 412 { 413 register int rto = d->bd_rtout; 414 register int st; 415 416 if (rto != 0) { 417 d->bd_timedout = 0; 418 timeout(bpf_timeout, (caddr_t)d, rto); 419 } 420 st = sleep((caddr_t)d, PRINET|PCATCH); 421 if (rto != 0) { 422 if (d->bd_timedout == 0) 423 untimeout(bpf_timeout, (caddr_t)d); 424 else if (st == 0) 425 return EWOULDBLOCK; 426 } 427 return (st != 0) ? EINTR : 0; 428 } 429 #else 430 #define BPF_SLEEP tsleep 431 #endif 432 433 /* 434 * Rotate the packet buffers in descriptor d. Move the store buffer 435 * into the hold slot, and the free buffer into the store slot. 436 * Zero the length of the new store buffer. 437 */ 438 #define ROTATE_BUFFERS(d) \ 439 (d)->bd_hbuf = (d)->bd_sbuf; \ 440 (d)->bd_hlen = (d)->bd_slen; \ 441 (d)->bd_sbuf = (d)->bd_fbuf; \ 442 (d)->bd_slen = 0; \ 443 (d)->bd_fbuf = 0; 444 /* 445 * bpfread - read next chunk of packets from buffers 446 */ 447 static int 448 bpfread(dev, uio, ioflag) 449 dev_t dev; 450 register struct uio *uio; 451 int ioflag; 452 { 453 register struct bpf_d *d = dev->si_drv1; 454 int error; 455 int s; 456 457 /* 458 * Restrict application to use a buffer the same size as 459 * as kernel buffers. 460 */ 461 if (uio->uio_resid != d->bd_bufsize) 462 return (EINVAL); 463 464 s = splimp(); 465 /* 466 * If the hold buffer is empty, then do a timed sleep, which 467 * ends when the timeout expires or when enough packets 468 * have arrived to fill the store buffer. 469 */ 470 while (d->bd_hbuf == 0) { 471 if (d->bd_immediate && d->bd_slen != 0) { 472 /* 473 * A packet(s) either arrived since the previous 474 * read or arrived while we were asleep. 475 * Rotate the buffers and return what's here. 476 */ 477 ROTATE_BUFFERS(d); 478 break; 479 } 480 481 /* 482 * No data is available, check to see if the bpf device 483 * is still pointed at a real interface. If not, return 484 * ENXIO so that the userland process knows to rebind 485 * it before using it again. 486 */ 487 if (d->bd_bif == NULL) { 488 splx(s); 489 return (ENXIO); 490 } 491 492 if (ioflag & IO_NDELAY) 493 error = EWOULDBLOCK; 494 else 495 error = BPF_SLEEP((caddr_t)d, PRINET|PCATCH, "bpf", 496 d->bd_rtout); 497 if (error == EINTR || error == ERESTART) { 498 splx(s); 499 return (error); 500 } 501 if (error == EWOULDBLOCK) { 502 /* 503 * On a timeout, return what's in the buffer, 504 * which may be nothing. If there is something 505 * in the store buffer, we can rotate the buffers. 506 */ 507 if (d->bd_hbuf) 508 /* 509 * We filled up the buffer in between 510 * getting the timeout and arriving 511 * here, so we don't need to rotate. 512 */ 513 break; 514 515 if (d->bd_slen == 0) { 516 splx(s); 517 return (0); 518 } 519 ROTATE_BUFFERS(d); 520 break; 521 } 522 } 523 /* 524 * At this point, we know we have something in the hold slot. 525 */ 526 splx(s); 527 528 /* 529 * Move data from hold buffer into user space. 530 * We know the entire buffer is transferred since 531 * we checked above that the read buffer is bpf_bufsize bytes. 532 */ 533 error = UIOMOVE(d->bd_hbuf, d->bd_hlen, UIO_READ, uio); 534 535 s = splimp(); 536 d->bd_fbuf = d->bd_hbuf; 537 d->bd_hbuf = 0; 538 d->bd_hlen = 0; 539 splx(s); 540 541 return (error); 542 } 543 544 545 /* 546 * If there are processes sleeping on this descriptor, wake them up. 547 */ 548 static inline void 549 bpf_wakeup(d) 550 register struct bpf_d *d; 551 { 552 wakeup((caddr_t)d); 553 if (d->bd_async && d->bd_sig && d->bd_sigio) 554 pgsigio(d->bd_sigio, d->bd_sig, 0); 555 556 #if BSD >= 199103 557 selwakeup(&d->bd_sel); 558 /* XXX */ 559 d->bd_sel.si_pid = 0; 560 #else 561 if (d->bd_selproc) { 562 selwakeup(d->bd_selproc, (int)d->bd_selcoll); 563 d->bd_selcoll = 0; 564 d->bd_selproc = 0; 565 } 566 #endif 567 } 568 569 static int 570 bpfwrite(dev, uio, ioflag) 571 dev_t dev; 572 struct uio *uio; 573 int ioflag; 574 { 575 register struct bpf_d *d = dev->si_drv1; 576 struct ifnet *ifp; 577 struct mbuf *m; 578 int error, s; 579 static struct sockaddr dst; 580 int datlen; 581 582 if (d->bd_bif == 0) 583 return (ENXIO); 584 585 ifp = d->bd_bif->bif_ifp; 586 587 if (uio->uio_resid == 0) 588 return (0); 589 590 error = bpf_movein(uio, (int)d->bd_bif->bif_dlt, &m, &dst, &datlen); 591 if (error) 592 return (error); 593 594 if (datlen > ifp->if_mtu) 595 return (EMSGSIZE); 596 597 if (d->bd_hdrcmplt) 598 dst.sa_family = pseudo_AF_HDRCMPLT; 599 600 s = splnet(); 601 #if BSD >= 199103 602 error = (*ifp->if_output)(ifp, m, &dst, (struct rtentry *)0); 603 #else 604 error = (*ifp->if_output)(ifp, m, &dst); 605 #endif 606 splx(s); 607 /* 608 * The driver frees the mbuf. 609 */ 610 return (error); 611 } 612 613 /* 614 * Reset a descriptor by flushing its packet buffer and clearing the 615 * receive and drop counts. Should be called at splimp. 616 */ 617 static void 618 reset_d(d) 619 struct bpf_d *d; 620 { 621 if (d->bd_hbuf) { 622 /* Free the hold buffer. */ 623 d->bd_fbuf = d->bd_hbuf; 624 d->bd_hbuf = 0; 625 } 626 d->bd_slen = 0; 627 d->bd_hlen = 0; 628 d->bd_rcount = 0; 629 d->bd_dcount = 0; 630 } 631 632 /* 633 * FIONREAD Check for read packet available. 634 * SIOCGIFADDR Get interface address - convenient hook to driver. 635 * BIOCGBLEN Get buffer len [for read()]. 636 * BIOCSETF Set ethernet read filter. 637 * BIOCFLUSH Flush read packet buffer. 638 * BIOCPROMISC Put interface into promiscuous mode. 639 * BIOCGDLT Get link layer type. 640 * BIOCGETIF Get interface name. 641 * BIOCSETIF Set interface. 642 * BIOCSRTIMEOUT Set read timeout. 643 * BIOCGRTIMEOUT Get read timeout. 644 * BIOCGSTATS Get packet stats. 645 * BIOCIMMEDIATE Set immediate mode. 646 * BIOCVERSION Get filter language version. 647 * BIOCGHDRCMPLT Get "header already complete" flag 648 * BIOCSHDRCMPLT Set "header already complete" flag 649 * BIOCGSEESENT Get "see packets sent" flag 650 * BIOCSSEESENT Set "see packets sent" flag 651 */ 652 /* ARGSUSED */ 653 static int 654 bpfioctl(dev, cmd, addr, flags, p) 655 dev_t dev; 656 u_long cmd; 657 caddr_t addr; 658 int flags; 659 struct proc *p; 660 { 661 register struct bpf_d *d = dev->si_drv1; 662 int s, error = 0; 663 664 switch (cmd) { 665 666 default: 667 error = EINVAL; 668 break; 669 670 /* 671 * Check for read packet available. 672 */ 673 case FIONREAD: 674 { 675 int n; 676 677 s = splimp(); 678 n = d->bd_slen; 679 if (d->bd_hbuf) 680 n += d->bd_hlen; 681 splx(s); 682 683 *(int *)addr = n; 684 break; 685 } 686 687 case SIOCGIFADDR: 688 { 689 struct ifnet *ifp; 690 691 if (d->bd_bif == 0) 692 error = EINVAL; 693 else { 694 ifp = d->bd_bif->bif_ifp; 695 error = (*ifp->if_ioctl)(ifp, cmd, addr); 696 } 697 break; 698 } 699 700 /* 701 * Get buffer len [for read()]. 702 */ 703 case BIOCGBLEN: 704 *(u_int *)addr = d->bd_bufsize; 705 break; 706 707 /* 708 * Set buffer length. 709 */ 710 case BIOCSBLEN: 711 #if BSD < 199103 712 error = EINVAL; 713 #else 714 if (d->bd_bif != 0) 715 error = EINVAL; 716 else { 717 register u_int size = *(u_int *)addr; 718 719 if (size > bpf_maxbufsize) 720 *(u_int *)addr = size = bpf_maxbufsize; 721 else if (size < BPF_MINBUFSIZE) 722 *(u_int *)addr = size = BPF_MINBUFSIZE; 723 d->bd_bufsize = size; 724 } 725 #endif 726 break; 727 728 /* 729 * Set link layer read filter. 730 */ 731 case BIOCSETF: 732 error = bpf_setf(d, (struct bpf_program *)addr); 733 break; 734 735 /* 736 * Flush read packet buffer. 737 */ 738 case BIOCFLUSH: 739 s = splimp(); 740 reset_d(d); 741 splx(s); 742 break; 743 744 /* 745 * Put interface into promiscuous mode. 746 */ 747 case BIOCPROMISC: 748 if (d->bd_bif == 0) { 749 /* 750 * No interface attached yet. 751 */ 752 error = EINVAL; 753 break; 754 } 755 s = splimp(); 756 if (d->bd_promisc == 0) { 757 error = ifpromisc(d->bd_bif->bif_ifp, 1); 758 if (error == 0) 759 d->bd_promisc = 1; 760 } 761 splx(s); 762 break; 763 764 /* 765 * Get device parameters. 766 */ 767 case BIOCGDLT: 768 if (d->bd_bif == 0) 769 error = EINVAL; 770 else 771 *(u_int *)addr = d->bd_bif->bif_dlt; 772 break; 773 774 /* 775 * Get interface name. 776 */ 777 case BIOCGETIF: 778 if (d->bd_bif == 0) 779 error = EINVAL; 780 else { 781 struct ifnet *const ifp = d->bd_bif->bif_ifp; 782 struct ifreq *const ifr = (struct ifreq *)addr; 783 784 snprintf(ifr->ifr_name, sizeof(ifr->ifr_name), 785 "%s%d", ifp->if_name, ifp->if_unit); 786 } 787 break; 788 789 /* 790 * Set interface. 791 */ 792 case BIOCSETIF: 793 error = bpf_setif(d, (struct ifreq *)addr); 794 break; 795 796 /* 797 * Set read timeout. 798 */ 799 case BIOCSRTIMEOUT: 800 { 801 struct timeval *tv = (struct timeval *)addr; 802 803 /* 804 * Subtract 1 tick from tvtohz() since this isn't 805 * a one-shot timer. 806 */ 807 if ((error = itimerfix(tv)) == 0) 808 d->bd_rtout = tvtohz(tv) - 1; 809 break; 810 } 811 812 /* 813 * Get read timeout. 814 */ 815 case BIOCGRTIMEOUT: 816 { 817 struct timeval *tv = (struct timeval *)addr; 818 819 tv->tv_sec = d->bd_rtout / hz; 820 tv->tv_usec = (d->bd_rtout % hz) * tick; 821 break; 822 } 823 824 /* 825 * Get packet stats. 826 */ 827 case BIOCGSTATS: 828 { 829 struct bpf_stat *bs = (struct bpf_stat *)addr; 830 831 bs->bs_recv = d->bd_rcount; 832 bs->bs_drop = d->bd_dcount; 833 break; 834 } 835 836 /* 837 * Set immediate mode. 838 */ 839 case BIOCIMMEDIATE: 840 d->bd_immediate = *(u_int *)addr; 841 break; 842 843 case BIOCVERSION: 844 { 845 struct bpf_version *bv = (struct bpf_version *)addr; 846 847 bv->bv_major = BPF_MAJOR_VERSION; 848 bv->bv_minor = BPF_MINOR_VERSION; 849 break; 850 } 851 852 /* 853 * Get "header already complete" flag 854 */ 855 case BIOCGHDRCMPLT: 856 *(u_int *)addr = d->bd_hdrcmplt; 857 break; 858 859 /* 860 * Set "header already complete" flag 861 */ 862 case BIOCSHDRCMPLT: 863 d->bd_hdrcmplt = *(u_int *)addr ? 1 : 0; 864 break; 865 866 /* 867 * Get "see sent packets" flag 868 */ 869 case BIOCGSEESENT: 870 *(u_int *)addr = d->bd_seesent; 871 break; 872 873 /* 874 * Set "see sent packets" flag 875 */ 876 case BIOCSSEESENT: 877 d->bd_seesent = *(u_int *)addr; 878 break; 879 880 case FIONBIO: /* Non-blocking I/O */ 881 break; 882 883 case FIOASYNC: /* Send signal on receive packets */ 884 d->bd_async = *(int *)addr; 885 break; 886 887 case FIOSETOWN: 888 error = fsetown(*(int *)addr, &d->bd_sigio); 889 break; 890 891 case FIOGETOWN: 892 *(int *)addr = fgetown(d->bd_sigio); 893 break; 894 895 /* This is deprecated, FIOSETOWN should be used instead. */ 896 case TIOCSPGRP: 897 error = fsetown(-(*(int *)addr), &d->bd_sigio); 898 break; 899 900 /* This is deprecated, FIOGETOWN should be used instead. */ 901 case TIOCGPGRP: 902 *(int *)addr = -fgetown(d->bd_sigio); 903 break; 904 905 case BIOCSRSIG: /* Set receive signal */ 906 { 907 u_int sig; 908 909 sig = *(u_int *)addr; 910 911 if (sig >= NSIG) 912 error = EINVAL; 913 else 914 d->bd_sig = sig; 915 break; 916 } 917 case BIOCGRSIG: 918 *(u_int *)addr = d->bd_sig; 919 break; 920 } 921 return (error); 922 } 923 924 /* 925 * Set d's packet filter program to fp. If this file already has a filter, 926 * free it and replace it. Returns EINVAL for bogus requests. 927 */ 928 static int 929 bpf_setf(d, fp) 930 struct bpf_d *d; 931 struct bpf_program *fp; 932 { 933 struct bpf_insn *fcode, *old; 934 u_int flen, size; 935 int s; 936 937 old = d->bd_filter; 938 if (fp->bf_insns == 0) { 939 if (fp->bf_len != 0) 940 return (EINVAL); 941 s = splimp(); 942 d->bd_filter = 0; 943 reset_d(d); 944 splx(s); 945 if (old != 0) 946 free((caddr_t)old, M_BPF); 947 return (0); 948 } 949 flen = fp->bf_len; 950 if (flen > BPF_MAXINSNS) 951 return (EINVAL); 952 953 size = flen * sizeof(*fp->bf_insns); 954 fcode = (struct bpf_insn *)malloc(size, M_BPF, M_WAITOK); 955 if (copyin((caddr_t)fp->bf_insns, (caddr_t)fcode, size) == 0 && 956 bpf_validate(fcode, (int)flen)) { 957 s = splimp(); 958 d->bd_filter = fcode; 959 reset_d(d); 960 splx(s); 961 if (old != 0) 962 free((caddr_t)old, M_BPF); 963 964 return (0); 965 } 966 free((caddr_t)fcode, M_BPF); 967 return (EINVAL); 968 } 969 970 /* 971 * Detach a file from its current interface (if attached at all) and attach 972 * to the interface indicated by the name stored in ifr. 973 * Return an errno or 0. 974 */ 975 static int 976 bpf_setif(d, ifr) 977 struct bpf_d *d; 978 struct ifreq *ifr; 979 { 980 struct bpf_if *bp; 981 int s, error; 982 struct ifnet *theywant; 983 984 theywant = ifunit(ifr->ifr_name); 985 if (theywant == 0) 986 return ENXIO; 987 988 /* 989 * Look through attached interfaces for the named one. 990 */ 991 for (bp = bpf_iflist; bp != 0; bp = bp->bif_next) { 992 struct ifnet *ifp = bp->bif_ifp; 993 994 if (ifp == 0 || ifp != theywant) 995 continue; 996 /* 997 * We found the requested interface. 998 * If it's not up, return an error. 999 * Allocate the packet buffers if we need to. 1000 * If we're already attached to requested interface, 1001 * just flush the buffer. 1002 */ 1003 if ((ifp->if_flags & IFF_UP) == 0) 1004 return (ENETDOWN); 1005 1006 if (d->bd_sbuf == 0) { 1007 error = bpf_allocbufs(d); 1008 if (error != 0) 1009 return (error); 1010 } 1011 s = splimp(); 1012 if (bp != d->bd_bif) { 1013 if (d->bd_bif) 1014 /* 1015 * Detach if attached to something else. 1016 */ 1017 bpf_detachd(d); 1018 1019 bpf_attachd(d, bp); 1020 } 1021 reset_d(d); 1022 splx(s); 1023 return (0); 1024 } 1025 /* Not found. */ 1026 return (ENXIO); 1027 } 1028 1029 /* 1030 * Support for select() and poll() system calls 1031 * 1032 * Return true iff the specific operation will not block indefinitely. 1033 * Otherwise, return false but make a note that a selwakeup() must be done. 1034 */ 1035 int 1036 bpfpoll(dev, events, p) 1037 register dev_t dev; 1038 int events; 1039 struct proc *p; 1040 { 1041 register struct bpf_d *d; 1042 register int s; 1043 int revents = 0; 1044 1045 /* 1046 * An imitation of the FIONREAD ioctl code. 1047 */ 1048 d = dev->si_drv1; 1049 1050 if (d->bd_bif == NULL) 1051 return (ENXIO); 1052 1053 s = splimp(); 1054 if (events & (POLLIN | POLLRDNORM)) { 1055 if (d->bd_hlen != 0 || (d->bd_immediate && d->bd_slen != 0)) 1056 revents |= events & (POLLIN | POLLRDNORM); 1057 else 1058 selrecord(p, &d->bd_sel); 1059 } 1060 splx(s); 1061 return (revents); 1062 } 1063 1064 /* 1065 * Incoming linkage from device drivers. Process the packet pkt, of length 1066 * pktlen, which is stored in a contiguous buffer. The packet is parsed 1067 * by each process' filter, and if accepted, stashed into the corresponding 1068 * buffer. 1069 */ 1070 void 1071 bpf_tap(ifp, pkt, pktlen) 1072 struct ifnet *ifp; 1073 register u_char *pkt; 1074 register u_int pktlen; 1075 { 1076 struct bpf_if *bp; 1077 register struct bpf_d *d; 1078 register u_int slen; 1079 /* 1080 * Note that the ipl does not have to be raised at this point. 1081 * The only problem that could arise here is that if two different 1082 * interfaces shared any data. This is not the case. 1083 */ 1084 bp = ifp->if_bpf; 1085 for (d = bp->bif_dlist; d != 0; d = d->bd_next) { 1086 ++d->bd_rcount; 1087 slen = bpf_filter(d->bd_filter, pkt, pktlen, pktlen); 1088 if (slen != 0) 1089 catchpacket(d, pkt, pktlen, slen, bcopy); 1090 } 1091 } 1092 1093 /* 1094 * Copy data from an mbuf chain into a buffer. This code is derived 1095 * from m_copydata in sys/uipc_mbuf.c. 1096 */ 1097 static void 1098 bpf_mcopy(src_arg, dst_arg, len) 1099 const void *src_arg; 1100 void *dst_arg; 1101 register size_t len; 1102 { 1103 register const struct mbuf *m; 1104 register u_int count; 1105 u_char *dst; 1106 1107 m = src_arg; 1108 dst = dst_arg; 1109 while (len > 0) { 1110 if (m == 0) 1111 panic("bpf_mcopy"); 1112 count = min(m->m_len, len); 1113 bcopy(mtod(m, void *), dst, count); 1114 m = m->m_next; 1115 dst += count; 1116 len -= count; 1117 } 1118 } 1119 1120 /* 1121 * Incoming linkage from device drivers, when packet is in an mbuf chain. 1122 */ 1123 void 1124 bpf_mtap(ifp, m) 1125 struct ifnet *ifp; 1126 struct mbuf *m; 1127 { 1128 struct bpf_if *bp = ifp->if_bpf; 1129 struct bpf_d *d; 1130 u_int pktlen, slen; 1131 struct mbuf *m0; 1132 1133 pktlen = 0; 1134 for (m0 = m; m0 != 0; m0 = m0->m_next) 1135 pktlen += m0->m_len; 1136 1137 for (d = bp->bif_dlist; d != 0; d = d->bd_next) { 1138 if (!d->bd_seesent && (m->m_pkthdr.rcvif == NULL)) 1139 continue; 1140 ++d->bd_rcount; 1141 slen = bpf_filter(d->bd_filter, (u_char *)m, pktlen, 0); 1142 if (slen != 0) 1143 catchpacket(d, (u_char *)m, pktlen, slen, bpf_mcopy); 1144 } 1145 } 1146 1147 /* 1148 * Move the packet data from interface memory (pkt) into the 1149 * store buffer. Return 1 if it's time to wakeup a listener (buffer full), 1150 * otherwise 0. "copy" is the routine called to do the actual data 1151 * transfer. bcopy is passed in to copy contiguous chunks, while 1152 * bpf_mcopy is passed in to copy mbuf chains. In the latter case, 1153 * pkt is really an mbuf. 1154 */ 1155 static void 1156 catchpacket(d, pkt, pktlen, snaplen, cpfn) 1157 register struct bpf_d *d; 1158 register u_char *pkt; 1159 register u_int pktlen, snaplen; 1160 register void (*cpfn) __P((const void *, void *, size_t)); 1161 { 1162 register struct bpf_hdr *hp; 1163 register int totlen, curlen; 1164 register int hdrlen = d->bd_bif->bif_hdrlen; 1165 /* 1166 * Figure out how many bytes to move. If the packet is 1167 * greater or equal to the snapshot length, transfer that 1168 * much. Otherwise, transfer the whole packet (unless 1169 * we hit the buffer size limit). 1170 */ 1171 totlen = hdrlen + min(snaplen, pktlen); 1172 if (totlen > d->bd_bufsize) 1173 totlen = d->bd_bufsize; 1174 1175 /* 1176 * Round up the end of the previous packet to the next longword. 1177 */ 1178 curlen = BPF_WORDALIGN(d->bd_slen); 1179 if (curlen + totlen > d->bd_bufsize) { 1180 /* 1181 * This packet will overflow the storage buffer. 1182 * Rotate the buffers if we can, then wakeup any 1183 * pending reads. 1184 */ 1185 if (d->bd_fbuf == 0) { 1186 /* 1187 * We haven't completed the previous read yet, 1188 * so drop the packet. 1189 */ 1190 ++d->bd_dcount; 1191 return; 1192 } 1193 ROTATE_BUFFERS(d); 1194 bpf_wakeup(d); 1195 curlen = 0; 1196 } 1197 else if (d->bd_immediate) 1198 /* 1199 * Immediate mode is set. A packet arrived so any 1200 * reads should be woken up. 1201 */ 1202 bpf_wakeup(d); 1203 1204 /* 1205 * Append the bpf header. 1206 */ 1207 hp = (struct bpf_hdr *)(d->bd_sbuf + curlen); 1208 #if BSD >= 199103 1209 microtime(&hp->bh_tstamp); 1210 #elif defined(sun) 1211 uniqtime(&hp->bh_tstamp); 1212 #else 1213 hp->bh_tstamp = time; 1214 #endif 1215 hp->bh_datalen = pktlen; 1216 hp->bh_hdrlen = hdrlen; 1217 /* 1218 * Copy the packet data into the store buffer and update its length. 1219 */ 1220 (*cpfn)(pkt, (u_char *)hp + hdrlen, (hp->bh_caplen = totlen - hdrlen)); 1221 d->bd_slen = curlen + totlen; 1222 } 1223 1224 /* 1225 * Initialize all nonzero fields of a descriptor. 1226 */ 1227 static int 1228 bpf_allocbufs(d) 1229 register struct bpf_d *d; 1230 { 1231 d->bd_fbuf = (caddr_t)malloc(d->bd_bufsize, M_BPF, M_WAITOK); 1232 if (d->bd_fbuf == 0) 1233 return (ENOBUFS); 1234 1235 d->bd_sbuf = (caddr_t)malloc(d->bd_bufsize, M_BPF, M_WAITOK); 1236 if (d->bd_sbuf == 0) { 1237 free(d->bd_fbuf, M_BPF); 1238 return (ENOBUFS); 1239 } 1240 d->bd_slen = 0; 1241 d->bd_hlen = 0; 1242 return (0); 1243 } 1244 1245 /* 1246 * Free buffers currently in use by a descriptor. 1247 * Called on close. 1248 */ 1249 static void 1250 bpf_freed(d) 1251 register struct bpf_d *d; 1252 { 1253 /* 1254 * We don't need to lock out interrupts since this descriptor has 1255 * been detached from its interface and it yet hasn't been marked 1256 * free. 1257 */ 1258 if (d->bd_sbuf != 0) { 1259 free(d->bd_sbuf, M_BPF); 1260 if (d->bd_hbuf != 0) 1261 free(d->bd_hbuf, M_BPF); 1262 if (d->bd_fbuf != 0) 1263 free(d->bd_fbuf, M_BPF); 1264 } 1265 if (d->bd_filter) 1266 free((caddr_t)d->bd_filter, M_BPF); 1267 } 1268 1269 /* 1270 * Attach an interface to bpf. driverp is a pointer to a (struct bpf_if *) 1271 * in the driver's softc; dlt is the link layer type; hdrlen is the fixed 1272 * size of the link header (variable length headers not yet supported). 1273 */ 1274 void 1275 bpfattach(ifp, dlt, hdrlen) 1276 struct ifnet *ifp; 1277 u_int dlt, hdrlen; 1278 { 1279 struct bpf_if *bp; 1280 bp = (struct bpf_if *)malloc(sizeof(*bp), M_BPF, M_DONTWAIT); 1281 if (bp == 0) 1282 panic("bpfattach"); 1283 1284 bp->bif_dlist = 0; 1285 bp->bif_ifp = ifp; 1286 bp->bif_dlt = dlt; 1287 1288 bp->bif_next = bpf_iflist; 1289 bpf_iflist = bp; 1290 1291 bp->bif_ifp->if_bpf = 0; 1292 1293 /* 1294 * Compute the length of the bpf header. This is not necessarily 1295 * equal to SIZEOF_BPF_HDR because we want to insert spacing such 1296 * that the network layer header begins on a longword boundary (for 1297 * performance reasons and to alleviate alignment restrictions). 1298 */ 1299 bp->bif_hdrlen = BPF_WORDALIGN(hdrlen + SIZEOF_BPF_HDR) - hdrlen; 1300 1301 if (bootverbose) 1302 printf("bpf: %s%d attached\n", ifp->if_name, ifp->if_unit); 1303 } 1304 1305 /* 1306 * Detach bpf from an interface. This involves detaching each descriptor 1307 * associated with the interface, and leaving bd_bif NULL. Notify each 1308 * descriptor as it's detached so that any sleepers wake up and get 1309 * ENXIO. 1310 */ 1311 void 1312 bpfdetach(ifp) 1313 struct ifnet *ifp; 1314 { 1315 struct bpf_if *bp, *bp_prev; 1316 struct bpf_d *d; 1317 int s; 1318 1319 s = splimp(); 1320 1321 /* Locate BPF interface information */ 1322 bp_prev = NULL; 1323 for (bp = bpf_iflist; bp != NULL; bp = bp->bif_next) { 1324 if (ifp == bp->bif_ifp) 1325 break; 1326 bp_prev = bp; 1327 } 1328 1329 /* Interface wasn't attached */ 1330 if (bp->bif_ifp == NULL) { 1331 splx(s); 1332 printf("bpfdetach: %s%d was not attached\n", ifp->if_name, 1333 ifp->if_unit); 1334 return; 1335 } 1336 1337 while ((d = bp->bif_dlist) != NULL) { 1338 bpf_detachd(d); 1339 bpf_wakeup(d); 1340 } 1341 1342 if (bp_prev) { 1343 bp_prev->bif_next = bp->bif_next; 1344 } else { 1345 bpf_iflist = bp->bif_next; 1346 } 1347 1348 free(bp, M_BPF); 1349 1350 splx(s); 1351 } 1352 1353 static void bpf_drvinit __P((void *unused)); 1354 1355 static void 1356 bpf_drvinit(unused) 1357 void *unused; 1358 { 1359 1360 cdevsw_add(&bpf_cdevsw); 1361 } 1362 1363 SYSINIT(bpfdev,SI_SUB_DRIVERS,SI_ORDER_MIDDLE+CDEV_MAJOR,bpf_drvinit,NULL) 1364 1365 #else /* !BPF */ 1366 /* 1367 * NOP stubs to allow bpf-using drivers to load and function. 1368 * 1369 * A 'better' implementation would allow the core bpf functionality 1370 * to be loaded at runtime. 1371 */ 1372 1373 void 1374 bpf_tap(ifp, pkt, pktlen) 1375 struct ifnet *ifp; 1376 register u_char *pkt; 1377 register u_int pktlen; 1378 { 1379 } 1380 1381 void 1382 bpf_mtap(ifp, m) 1383 struct ifnet *ifp; 1384 struct mbuf *m; 1385 { 1386 } 1387 1388 void 1389 bpfattach(ifp, dlt, hdrlen) 1390 struct ifnet *ifp; 1391 u_int dlt, hdrlen; 1392 { 1393 } 1394 1395 void 1396 bpfdetach(ifp) 1397 struct ifnet *ifp; 1398 { 1399 } 1400 1401 u_int 1402 bpf_filter(pc, p, wirelen, buflen) 1403 register const struct bpf_insn *pc; 1404 register u_char *p; 1405 u_int wirelen; 1406 register u_int buflen; 1407 { 1408 return -1; /* "no filter" behaviour */ 1409 } 1410 1411 #endif /* !BPF */ 1412