1 /* 2 * Copyright (c) 1990, 1991, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * This code is derived from the Stanford/CMU enet packet filter, 6 * (net/enet.c) distributed as part of 4.3BSD, and code contributed 7 * to Berkeley by Steven McCanne and Van Jacobson both of Lawrence 8 * Berkeley Laboratory. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 3. All advertising materials mentioning features or use of this software 19 * must display the following acknowledgement: 20 * This product includes software developed by the University of 21 * California, Berkeley and its contributors. 22 * 4. Neither the name of the University nor the names of its contributors 23 * may be used to endorse or promote products derived from this software 24 * without specific prior written permission. 25 * 26 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 27 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 28 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 29 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 30 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 31 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 34 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 35 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 36 * SUCH DAMAGE. 37 * 38 * @(#)bpf.c 8.2 (Berkeley) 3/28/94 39 * 40 * $FreeBSD$ 41 */ 42 43 #include "bpf.h" 44 45 #ifndef __GNUC__ 46 #define inline 47 #else 48 #define inline __inline 49 #endif 50 51 #include <sys/param.h> 52 #include <sys/systm.h> 53 #include <sys/conf.h> 54 #include <sys/malloc.h> 55 #include <sys/mbuf.h> 56 #include <sys/time.h> 57 #include <sys/proc.h> 58 #include <sys/signalvar.h> 59 #include <sys/filio.h> 60 #include <sys/sockio.h> 61 #include <sys/ttycom.h> 62 #include <sys/filedesc.h> 63 64 #if defined(sparc) && BSD < 199103 65 #include <sys/stream.h> 66 #endif 67 #include <sys/poll.h> 68 69 #include <sys/socket.h> 70 #include <sys/vnode.h> 71 72 #include <net/if.h> 73 #include <net/bpf.h> 74 #include <net/bpfdesc.h> 75 76 #include <netinet/in.h> 77 #include <netinet/if_ether.h> 78 #include <sys/kernel.h> 79 #include <sys/sysctl.h> 80 81 MALLOC_DEFINE(M_BPF, "BPF", "BPF data"); 82 83 #if NBPF > 0 84 85 /* 86 * Older BSDs don't have kernel malloc. 87 */ 88 #if BSD < 199103 89 extern bcopy(); 90 static caddr_t bpf_alloc(); 91 #include <net/bpf_compat.h> 92 #define BPF_BUFSIZE (MCLBYTES-8) 93 #define UIOMOVE(cp, len, code, uio) uiomove(cp, len, code, uio) 94 #else 95 #define BPF_BUFSIZE 4096 96 #define UIOMOVE(cp, len, code, uio) uiomove(cp, len, uio) 97 #endif 98 99 #define PRINET 26 /* interruptible */ 100 101 /* 102 * The default read buffer size is patchable. 103 */ 104 static int bpf_bufsize = BPF_BUFSIZE; 105 SYSCTL_INT(_debug, OID_AUTO, bpf_bufsize, CTLFLAG_RW, 106 &bpf_bufsize, 0, ""); 107 static int bpf_maxbufsize = BPF_MAXBUFSIZE; 108 SYSCTL_INT(_debug, OID_AUTO, bpf_maxbufsize, CTLFLAG_RW, 109 &bpf_maxbufsize, 0, ""); 110 111 /* 112 * bpf_iflist is the list of interfaces; each corresponds to an ifnet 113 */ 114 static struct bpf_if *bpf_iflist; 115 116 static int bpf_allocbufs __P((struct bpf_d *)); 117 static void bpf_attachd __P((struct bpf_d *d, struct bpf_if *bp)); 118 static void bpf_detachd __P((struct bpf_d *d)); 119 static void bpf_freed __P((struct bpf_d *)); 120 static void bpf_mcopy __P((const void *, void *, size_t)); 121 static int bpf_movein __P((struct uio *, int, 122 struct mbuf **, struct sockaddr *, int *)); 123 static int bpf_setif __P((struct bpf_d *, struct ifreq *)); 124 static inline void 125 bpf_wakeup __P((struct bpf_d *)); 126 static void catchpacket __P((struct bpf_d *, u_char *, u_int, 127 u_int, void (*)(const void *, void *, size_t))); 128 static void reset_d __P((struct bpf_d *)); 129 static int bpf_setf __P((struct bpf_d *, struct bpf_program *)); 130 131 static d_open_t bpfopen; 132 static d_close_t bpfclose; 133 static d_read_t bpfread; 134 static d_write_t bpfwrite; 135 static d_ioctl_t bpfioctl; 136 static d_poll_t bpfpoll; 137 138 #define CDEV_MAJOR 23 139 static struct cdevsw bpf_cdevsw = { 140 /* open */ bpfopen, 141 /* close */ bpfclose, 142 /* read */ bpfread, 143 /* write */ bpfwrite, 144 /* ioctl */ bpfioctl, 145 /* poll */ bpfpoll, 146 /* mmap */ nommap, 147 /* strategy */ nostrategy, 148 /* name */ "bpf", 149 /* maj */ CDEV_MAJOR, 150 /* dump */ nodump, 151 /* psize */ nopsize, 152 /* flags */ 0, 153 /* bmaj */ -1 154 }; 155 156 157 static int 158 bpf_movein(uio, linktype, mp, sockp, datlen) 159 register struct uio *uio; 160 int linktype, *datlen; 161 register struct mbuf **mp; 162 register struct sockaddr *sockp; 163 { 164 struct mbuf *m; 165 int error; 166 int len; 167 int hlen; 168 169 /* 170 * Build a sockaddr based on the data link layer type. 171 * We do this at this level because the ethernet header 172 * is copied directly into the data field of the sockaddr. 173 * In the case of SLIP, there is no header and the packet 174 * is forwarded as is. 175 * Also, we are careful to leave room at the front of the mbuf 176 * for the link level header. 177 */ 178 switch (linktype) { 179 180 case DLT_SLIP: 181 sockp->sa_family = AF_INET; 182 hlen = 0; 183 break; 184 185 case DLT_EN10MB: 186 sockp->sa_family = AF_UNSPEC; 187 /* XXX Would MAXLINKHDR be better? */ 188 hlen = sizeof(struct ether_header); 189 break; 190 191 case DLT_FDDI: 192 #if defined(__FreeBSD__) || defined(__bsdi__) 193 sockp->sa_family = AF_IMPLINK; 194 hlen = 0; 195 #else 196 sockp->sa_family = AF_UNSPEC; 197 /* XXX 4(FORMAC)+6(dst)+6(src)+3(LLC)+5(SNAP) */ 198 hlen = 24; 199 #endif 200 break; 201 202 case DLT_RAW: 203 case DLT_NULL: 204 sockp->sa_family = AF_UNSPEC; 205 hlen = 0; 206 break; 207 208 #ifdef __FreeBSD__ 209 case DLT_ATM_RFC1483: 210 /* 211 * en atm driver requires 4-byte atm pseudo header. 212 * though it isn't standard, vpi:vci needs to be 213 * specified anyway. 214 */ 215 sockp->sa_family = AF_UNSPEC; 216 hlen = 12; /* XXX 4(ATM_PH) + 3(LLC) + 5(SNAP) */ 217 break; 218 #endif 219 220 case DLT_PPP: 221 sockp->sa_family = AF_UNSPEC; 222 hlen = 4; /* This should match PPP_HDRLEN */ 223 break; 224 225 default: 226 return (EIO); 227 } 228 229 len = uio->uio_resid; 230 *datlen = len - hlen; 231 if ((unsigned)len > MCLBYTES) 232 return (EIO); 233 234 MGETHDR(m, M_WAIT, MT_DATA); 235 if (m == 0) 236 return (ENOBUFS); 237 if (len > MHLEN) { 238 #if BSD >= 199103 239 MCLGET(m, M_WAIT); 240 if ((m->m_flags & M_EXT) == 0) { 241 #else 242 MCLGET(m); 243 if (m->m_len != MCLBYTES) { 244 #endif 245 error = ENOBUFS; 246 goto bad; 247 } 248 } 249 m->m_pkthdr.len = m->m_len = len; 250 m->m_pkthdr.rcvif = NULL; 251 *mp = m; 252 /* 253 * Make room for link header. 254 */ 255 if (hlen != 0) { 256 m->m_pkthdr.len -= hlen; 257 m->m_len -= hlen; 258 #if BSD >= 199103 259 m->m_data += hlen; /* XXX */ 260 #else 261 m->m_off += hlen; 262 #endif 263 error = UIOMOVE((caddr_t)sockp->sa_data, hlen, UIO_WRITE, uio); 264 if (error) 265 goto bad; 266 } 267 error = UIOMOVE(mtod(m, caddr_t), len - hlen, UIO_WRITE, uio); 268 if (!error) 269 return (0); 270 bad: 271 m_freem(m); 272 return (error); 273 } 274 275 /* 276 * Attach file to the bpf interface, i.e. make d listen on bp. 277 * Must be called at splimp. 278 */ 279 static void 280 bpf_attachd(d, bp) 281 struct bpf_d *d; 282 struct bpf_if *bp; 283 { 284 /* 285 * Point d at bp, and add d to the interface's list of listeners. 286 * Finally, point the driver's bpf cookie at the interface so 287 * it will divert packets to bpf. 288 */ 289 d->bd_bif = bp; 290 d->bd_next = bp->bif_dlist; 291 bp->bif_dlist = d; 292 293 bp->bif_ifp->if_bpf = bp; 294 } 295 296 /* 297 * Detach a file from its interface. 298 */ 299 static void 300 bpf_detachd(d) 301 struct bpf_d *d; 302 { 303 int error; 304 struct bpf_d **p; 305 struct bpf_if *bp; 306 307 bp = d->bd_bif; 308 /* 309 * Check if this descriptor had requested promiscuous mode. 310 * If so, turn it off. 311 */ 312 if (d->bd_promisc) { 313 d->bd_promisc = 0; 314 error = ifpromisc(bp->bif_ifp, 0); 315 if (error != 0 && error != ENXIO) { 316 /* 317 * ENXIO can happen if a pccard is unplugged 318 * Something is really wrong if we were able to put 319 * the driver into promiscuous mode, but can't 320 * take it out. 321 */ 322 printf("%s%d: ifpromisc failed %d\n", 323 bp->bif_ifp->if_name, bp->bif_ifp->if_unit, error); 324 } 325 } 326 /* Remove d from the interface's descriptor list. */ 327 p = &bp->bif_dlist; 328 while (*p != d) { 329 p = &(*p)->bd_next; 330 if (*p == 0) 331 panic("bpf_detachd: descriptor not in list"); 332 } 333 *p = (*p)->bd_next; 334 if (bp->bif_dlist == 0) 335 /* 336 * Let the driver know that there are no more listeners. 337 */ 338 d->bd_bif->bif_ifp->if_bpf = 0; 339 d->bd_bif = 0; 340 } 341 342 /* 343 * Open ethernet device. Returns ENXIO for illegal minor device number, 344 * EBUSY if file is open by another process. 345 */ 346 /* ARGSUSED */ 347 static int 348 bpfopen(dev, flags, fmt, p) 349 dev_t dev; 350 int flags; 351 int fmt; 352 struct proc *p; 353 { 354 register struct bpf_d *d; 355 356 if (p->p_prison) 357 return (EPERM); 358 359 d = dev->si_drv1; 360 /* 361 * Each minor can be opened by only one process. If the requested 362 * minor is in use, return EBUSY. 363 */ 364 if (d) 365 return (EBUSY); 366 if ((dev->si_flags & SI_NAMED) == 0) 367 make_dev(&bpf_cdevsw, minor(dev), UID_ROOT, GID_WHEEL, 0600, 368 "bpf%d", dev2unit(dev)); 369 MALLOC(d, struct bpf_d *, sizeof(*d), M_BPF, M_WAITOK); 370 bzero(d, sizeof(*d)); 371 dev->si_drv1 = d; 372 d->bd_bufsize = bpf_bufsize; 373 d->bd_sig = SIGIO; 374 d->bd_seesent = 1; 375 376 return (0); 377 } 378 379 /* 380 * Close the descriptor by detaching it from its interface, 381 * deallocating its buffers, and marking it free. 382 */ 383 /* ARGSUSED */ 384 static int 385 bpfclose(dev, flags, fmt, p) 386 dev_t dev; 387 int flags; 388 int fmt; 389 struct proc *p; 390 { 391 register struct bpf_d *d = dev->si_drv1; 392 register int s; 393 394 funsetown(d->bd_sigio); 395 s = splimp(); 396 if (d->bd_bif) 397 bpf_detachd(d); 398 splx(s); 399 bpf_freed(d); 400 dev->si_drv1 = 0; 401 FREE(d, M_BPF); 402 403 return (0); 404 } 405 406 /* 407 * Support for SunOS, which does not have tsleep. 408 */ 409 #if BSD < 199103 410 static 411 bpf_timeout(arg) 412 caddr_t arg; 413 { 414 struct bpf_d *d = (struct bpf_d *)arg; 415 d->bd_timedout = 1; 416 wakeup(arg); 417 } 418 419 #define BPF_SLEEP(chan, pri, s, t) bpf_sleep((struct bpf_d *)chan) 420 421 int 422 bpf_sleep(d) 423 register struct bpf_d *d; 424 { 425 register int rto = d->bd_rtout; 426 register int st; 427 428 if (rto != 0) { 429 d->bd_timedout = 0; 430 timeout(bpf_timeout, (caddr_t)d, rto); 431 } 432 st = sleep((caddr_t)d, PRINET|PCATCH); 433 if (rto != 0) { 434 if (d->bd_timedout == 0) 435 untimeout(bpf_timeout, (caddr_t)d); 436 else if (st == 0) 437 return EWOULDBLOCK; 438 } 439 return (st != 0) ? EINTR : 0; 440 } 441 #else 442 #define BPF_SLEEP tsleep 443 #endif 444 445 /* 446 * Rotate the packet buffers in descriptor d. Move the store buffer 447 * into the hold slot, and the free buffer into the store slot. 448 * Zero the length of the new store buffer. 449 */ 450 #define ROTATE_BUFFERS(d) \ 451 (d)->bd_hbuf = (d)->bd_sbuf; \ 452 (d)->bd_hlen = (d)->bd_slen; \ 453 (d)->bd_sbuf = (d)->bd_fbuf; \ 454 (d)->bd_slen = 0; \ 455 (d)->bd_fbuf = 0; 456 /* 457 * bpfread - read next chunk of packets from buffers 458 */ 459 static int 460 bpfread(dev, uio, ioflag) 461 dev_t dev; 462 register struct uio *uio; 463 int ioflag; 464 { 465 register struct bpf_d *d = dev->si_drv1; 466 int error; 467 int s; 468 469 /* 470 * Restrict application to use a buffer the same size as 471 * as kernel buffers. 472 */ 473 if (uio->uio_resid != d->bd_bufsize) 474 return (EINVAL); 475 476 s = splimp(); 477 /* 478 * If the hold buffer is empty, then do a timed sleep, which 479 * ends when the timeout expires or when enough packets 480 * have arrived to fill the store buffer. 481 */ 482 while (d->bd_hbuf == 0) { 483 if (d->bd_immediate && d->bd_slen != 0) { 484 /* 485 * A packet(s) either arrived since the previous 486 * read or arrived while we were asleep. 487 * Rotate the buffers and return what's here. 488 */ 489 ROTATE_BUFFERS(d); 490 break; 491 } 492 493 /* 494 * No data is available, check to see if the bpf device 495 * is still pointed at a real interface. If not, return 496 * ENXIO so that the userland process knows to rebind 497 * it before using it again. 498 */ 499 if (d->bd_bif == NULL) { 500 splx(s); 501 return (ENXIO); 502 } 503 504 if (ioflag & IO_NDELAY) 505 error = EWOULDBLOCK; 506 else 507 error = BPF_SLEEP((caddr_t)d, PRINET|PCATCH, "bpf", 508 d->bd_rtout); 509 if (error == EINTR || error == ERESTART) { 510 splx(s); 511 return (error); 512 } 513 if (error == EWOULDBLOCK) { 514 /* 515 * On a timeout, return what's in the buffer, 516 * which may be nothing. If there is something 517 * in the store buffer, we can rotate the buffers. 518 */ 519 if (d->bd_hbuf) 520 /* 521 * We filled up the buffer in between 522 * getting the timeout and arriving 523 * here, so we don't need to rotate. 524 */ 525 break; 526 527 if (d->bd_slen == 0) { 528 splx(s); 529 return (0); 530 } 531 ROTATE_BUFFERS(d); 532 break; 533 } 534 } 535 /* 536 * At this point, we know we have something in the hold slot. 537 */ 538 splx(s); 539 540 /* 541 * Move data from hold buffer into user space. 542 * We know the entire buffer is transferred since 543 * we checked above that the read buffer is bpf_bufsize bytes. 544 */ 545 error = UIOMOVE(d->bd_hbuf, d->bd_hlen, UIO_READ, uio); 546 547 s = splimp(); 548 d->bd_fbuf = d->bd_hbuf; 549 d->bd_hbuf = 0; 550 d->bd_hlen = 0; 551 splx(s); 552 553 return (error); 554 } 555 556 557 /* 558 * If there are processes sleeping on this descriptor, wake them up. 559 */ 560 static inline void 561 bpf_wakeup(d) 562 register struct bpf_d *d; 563 { 564 wakeup((caddr_t)d); 565 if (d->bd_async && d->bd_sig && d->bd_sigio) 566 pgsigio(d->bd_sigio, d->bd_sig, 0); 567 568 #if BSD >= 199103 569 selwakeup(&d->bd_sel); 570 /* XXX */ 571 d->bd_sel.si_pid = 0; 572 #else 573 if (d->bd_selproc) { 574 selwakeup(d->bd_selproc, (int)d->bd_selcoll); 575 d->bd_selcoll = 0; 576 d->bd_selproc = 0; 577 } 578 #endif 579 } 580 581 static int 582 bpfwrite(dev, uio, ioflag) 583 dev_t dev; 584 struct uio *uio; 585 int ioflag; 586 { 587 register struct bpf_d *d = dev->si_drv1; 588 struct ifnet *ifp; 589 struct mbuf *m; 590 int error, s; 591 static struct sockaddr dst; 592 int datlen; 593 594 if (d->bd_bif == 0) 595 return (ENXIO); 596 597 ifp = d->bd_bif->bif_ifp; 598 599 if (uio->uio_resid == 0) 600 return (0); 601 602 error = bpf_movein(uio, (int)d->bd_bif->bif_dlt, &m, &dst, &datlen); 603 if (error) 604 return (error); 605 606 if (datlen > ifp->if_mtu) 607 return (EMSGSIZE); 608 609 if (d->bd_hdrcmplt) 610 dst.sa_family = pseudo_AF_HDRCMPLT; 611 612 s = splnet(); 613 #if BSD >= 199103 614 error = (*ifp->if_output)(ifp, m, &dst, (struct rtentry *)0); 615 #else 616 error = (*ifp->if_output)(ifp, m, &dst); 617 #endif 618 splx(s); 619 /* 620 * The driver frees the mbuf. 621 */ 622 return (error); 623 } 624 625 /* 626 * Reset a descriptor by flushing its packet buffer and clearing the 627 * receive and drop counts. Should be called at splimp. 628 */ 629 static void 630 reset_d(d) 631 struct bpf_d *d; 632 { 633 if (d->bd_hbuf) { 634 /* Free the hold buffer. */ 635 d->bd_fbuf = d->bd_hbuf; 636 d->bd_hbuf = 0; 637 } 638 d->bd_slen = 0; 639 d->bd_hlen = 0; 640 d->bd_rcount = 0; 641 d->bd_dcount = 0; 642 } 643 644 /* 645 * FIONREAD Check for read packet available. 646 * SIOCGIFADDR Get interface address - convenient hook to driver. 647 * BIOCGBLEN Get buffer len [for read()]. 648 * BIOCSETF Set ethernet read filter. 649 * BIOCFLUSH Flush read packet buffer. 650 * BIOCPROMISC Put interface into promiscuous mode. 651 * BIOCGDLT Get link layer type. 652 * BIOCGETIF Get interface name. 653 * BIOCSETIF Set interface. 654 * BIOCSRTIMEOUT Set read timeout. 655 * BIOCGRTIMEOUT Get read timeout. 656 * BIOCGSTATS Get packet stats. 657 * BIOCIMMEDIATE Set immediate mode. 658 * BIOCVERSION Get filter language version. 659 * BIOCGHDRCMPLT Get "header already complete" flag 660 * BIOCSHDRCMPLT Set "header already complete" flag 661 * BIOCGSEESENT Get "see packets sent" flag 662 * BIOCSSEESENT Set "see packets sent" flag 663 */ 664 /* ARGSUSED */ 665 static int 666 bpfioctl(dev, cmd, addr, flags, p) 667 dev_t dev; 668 u_long cmd; 669 caddr_t addr; 670 int flags; 671 struct proc *p; 672 { 673 register struct bpf_d *d = dev->si_drv1; 674 int s, error = 0; 675 676 switch (cmd) { 677 678 default: 679 error = EINVAL; 680 break; 681 682 /* 683 * Check for read packet available. 684 */ 685 case FIONREAD: 686 { 687 int n; 688 689 s = splimp(); 690 n = d->bd_slen; 691 if (d->bd_hbuf) 692 n += d->bd_hlen; 693 splx(s); 694 695 *(int *)addr = n; 696 break; 697 } 698 699 case SIOCGIFADDR: 700 { 701 struct ifnet *ifp; 702 703 if (d->bd_bif == 0) 704 error = EINVAL; 705 else { 706 ifp = d->bd_bif->bif_ifp; 707 error = (*ifp->if_ioctl)(ifp, cmd, addr); 708 } 709 break; 710 } 711 712 /* 713 * Get buffer len [for read()]. 714 */ 715 case BIOCGBLEN: 716 *(u_int *)addr = d->bd_bufsize; 717 break; 718 719 /* 720 * Set buffer length. 721 */ 722 case BIOCSBLEN: 723 #if BSD < 199103 724 error = EINVAL; 725 #else 726 if (d->bd_bif != 0) 727 error = EINVAL; 728 else { 729 register u_int size = *(u_int *)addr; 730 731 if (size > bpf_maxbufsize) 732 *(u_int *)addr = size = bpf_maxbufsize; 733 else if (size < BPF_MINBUFSIZE) 734 *(u_int *)addr = size = BPF_MINBUFSIZE; 735 d->bd_bufsize = size; 736 } 737 #endif 738 break; 739 740 /* 741 * Set link layer read filter. 742 */ 743 case BIOCSETF: 744 error = bpf_setf(d, (struct bpf_program *)addr); 745 break; 746 747 /* 748 * Flush read packet buffer. 749 */ 750 case BIOCFLUSH: 751 s = splimp(); 752 reset_d(d); 753 splx(s); 754 break; 755 756 /* 757 * Put interface into promiscuous mode. 758 */ 759 case BIOCPROMISC: 760 if (d->bd_bif == 0) { 761 /* 762 * No interface attached yet. 763 */ 764 error = EINVAL; 765 break; 766 } 767 s = splimp(); 768 if (d->bd_promisc == 0) { 769 error = ifpromisc(d->bd_bif->bif_ifp, 1); 770 if (error == 0) 771 d->bd_promisc = 1; 772 } 773 splx(s); 774 break; 775 776 /* 777 * Get device parameters. 778 */ 779 case BIOCGDLT: 780 if (d->bd_bif == 0) 781 error = EINVAL; 782 else 783 *(u_int *)addr = d->bd_bif->bif_dlt; 784 break; 785 786 /* 787 * Get interface name. 788 */ 789 case BIOCGETIF: 790 if (d->bd_bif == 0) 791 error = EINVAL; 792 else { 793 struct ifnet *const ifp = d->bd_bif->bif_ifp; 794 struct ifreq *const ifr = (struct ifreq *)addr; 795 796 snprintf(ifr->ifr_name, sizeof(ifr->ifr_name), 797 "%s%d", ifp->if_name, ifp->if_unit); 798 } 799 break; 800 801 /* 802 * Set interface. 803 */ 804 case BIOCSETIF: 805 error = bpf_setif(d, (struct ifreq *)addr); 806 break; 807 808 /* 809 * Set read timeout. 810 */ 811 case BIOCSRTIMEOUT: 812 { 813 struct timeval *tv = (struct timeval *)addr; 814 815 /* 816 * Subtract 1 tick from tvtohz() since this isn't 817 * a one-shot timer. 818 */ 819 if ((error = itimerfix(tv)) == 0) 820 d->bd_rtout = tvtohz(tv) - 1; 821 break; 822 } 823 824 /* 825 * Get read timeout. 826 */ 827 case BIOCGRTIMEOUT: 828 { 829 struct timeval *tv = (struct timeval *)addr; 830 831 tv->tv_sec = d->bd_rtout / hz; 832 tv->tv_usec = (d->bd_rtout % hz) * tick; 833 break; 834 } 835 836 /* 837 * Get packet stats. 838 */ 839 case BIOCGSTATS: 840 { 841 struct bpf_stat *bs = (struct bpf_stat *)addr; 842 843 bs->bs_recv = d->bd_rcount; 844 bs->bs_drop = d->bd_dcount; 845 break; 846 } 847 848 /* 849 * Set immediate mode. 850 */ 851 case BIOCIMMEDIATE: 852 d->bd_immediate = *(u_int *)addr; 853 break; 854 855 case BIOCVERSION: 856 { 857 struct bpf_version *bv = (struct bpf_version *)addr; 858 859 bv->bv_major = BPF_MAJOR_VERSION; 860 bv->bv_minor = BPF_MINOR_VERSION; 861 break; 862 } 863 864 /* 865 * Get "header already complete" flag 866 */ 867 case BIOCGHDRCMPLT: 868 *(u_int *)addr = d->bd_hdrcmplt; 869 break; 870 871 /* 872 * Set "header already complete" flag 873 */ 874 case BIOCSHDRCMPLT: 875 d->bd_hdrcmplt = *(u_int *)addr ? 1 : 0; 876 break; 877 878 /* 879 * Get "see sent packets" flag 880 */ 881 case BIOCGSEESENT: 882 *(u_int *)addr = d->bd_seesent; 883 break; 884 885 /* 886 * Set "see sent packets" flag 887 */ 888 case BIOCSSEESENT: 889 d->bd_seesent = *(u_int *)addr; 890 break; 891 892 case FIONBIO: /* Non-blocking I/O */ 893 break; 894 895 case FIOASYNC: /* Send signal on receive packets */ 896 d->bd_async = *(int *)addr; 897 break; 898 899 case FIOSETOWN: 900 error = fsetown(*(int *)addr, &d->bd_sigio); 901 break; 902 903 case FIOGETOWN: 904 *(int *)addr = fgetown(d->bd_sigio); 905 break; 906 907 /* This is deprecated, FIOSETOWN should be used instead. */ 908 case TIOCSPGRP: 909 error = fsetown(-(*(int *)addr), &d->bd_sigio); 910 break; 911 912 /* This is deprecated, FIOGETOWN should be used instead. */ 913 case TIOCGPGRP: 914 *(int *)addr = -fgetown(d->bd_sigio); 915 break; 916 917 case BIOCSRSIG: /* Set receive signal */ 918 { 919 u_int sig; 920 921 sig = *(u_int *)addr; 922 923 if (sig >= NSIG) 924 error = EINVAL; 925 else 926 d->bd_sig = sig; 927 break; 928 } 929 case BIOCGRSIG: 930 *(u_int *)addr = d->bd_sig; 931 break; 932 } 933 return (error); 934 } 935 936 /* 937 * Set d's packet filter program to fp. If this file already has a filter, 938 * free it and replace it. Returns EINVAL for bogus requests. 939 */ 940 static int 941 bpf_setf(d, fp) 942 struct bpf_d *d; 943 struct bpf_program *fp; 944 { 945 struct bpf_insn *fcode, *old; 946 u_int flen, size; 947 int s; 948 949 old = d->bd_filter; 950 if (fp->bf_insns == 0) { 951 if (fp->bf_len != 0) 952 return (EINVAL); 953 s = splimp(); 954 d->bd_filter = 0; 955 reset_d(d); 956 splx(s); 957 if (old != 0) 958 free((caddr_t)old, M_BPF); 959 return (0); 960 } 961 flen = fp->bf_len; 962 if (flen > BPF_MAXINSNS) 963 return (EINVAL); 964 965 size = flen * sizeof(*fp->bf_insns); 966 fcode = (struct bpf_insn *)malloc(size, M_BPF, M_WAITOK); 967 if (copyin((caddr_t)fp->bf_insns, (caddr_t)fcode, size) == 0 && 968 bpf_validate(fcode, (int)flen)) { 969 s = splimp(); 970 d->bd_filter = fcode; 971 reset_d(d); 972 splx(s); 973 if (old != 0) 974 free((caddr_t)old, M_BPF); 975 976 return (0); 977 } 978 free((caddr_t)fcode, M_BPF); 979 return (EINVAL); 980 } 981 982 /* 983 * Detach a file from its current interface (if attached at all) and attach 984 * to the interface indicated by the name stored in ifr. 985 * Return an errno or 0. 986 */ 987 static int 988 bpf_setif(d, ifr) 989 struct bpf_d *d; 990 struct ifreq *ifr; 991 { 992 struct bpf_if *bp; 993 int s, error; 994 struct ifnet *theywant; 995 996 theywant = ifunit(ifr->ifr_name); 997 if (theywant == 0) 998 return ENXIO; 999 1000 /* 1001 * Look through attached interfaces for the named one. 1002 */ 1003 for (bp = bpf_iflist; bp != 0; bp = bp->bif_next) { 1004 struct ifnet *ifp = bp->bif_ifp; 1005 1006 if (ifp == 0 || ifp != theywant) 1007 continue; 1008 /* 1009 * We found the requested interface. 1010 * If it's not up, return an error. 1011 * Allocate the packet buffers if we need to. 1012 * If we're already attached to requested interface, 1013 * just flush the buffer. 1014 */ 1015 if ((ifp->if_flags & IFF_UP) == 0) 1016 return (ENETDOWN); 1017 1018 if (d->bd_sbuf == 0) { 1019 error = bpf_allocbufs(d); 1020 if (error != 0) 1021 return (error); 1022 } 1023 s = splimp(); 1024 if (bp != d->bd_bif) { 1025 if (d->bd_bif) 1026 /* 1027 * Detach if attached to something else. 1028 */ 1029 bpf_detachd(d); 1030 1031 bpf_attachd(d, bp); 1032 } 1033 reset_d(d); 1034 splx(s); 1035 return (0); 1036 } 1037 /* Not found. */ 1038 return (ENXIO); 1039 } 1040 1041 /* 1042 * Support for select() and poll() system calls 1043 * 1044 * Return true iff the specific operation will not block indefinitely. 1045 * Otherwise, return false but make a note that a selwakeup() must be done. 1046 */ 1047 int 1048 bpfpoll(dev, events, p) 1049 register dev_t dev; 1050 int events; 1051 struct proc *p; 1052 { 1053 register struct bpf_d *d; 1054 register int s; 1055 int revents = 0; 1056 1057 /* 1058 * An imitation of the FIONREAD ioctl code. 1059 */ 1060 d = dev->si_drv1; 1061 1062 if (d->bd_bif == NULL) 1063 return (ENXIO); 1064 1065 s = splimp(); 1066 if (events & (POLLIN | POLLRDNORM)) { 1067 if (d->bd_hlen != 0 || (d->bd_immediate && d->bd_slen != 0)) 1068 revents |= events & (POLLIN | POLLRDNORM); 1069 else 1070 selrecord(p, &d->bd_sel); 1071 } 1072 splx(s); 1073 return (revents); 1074 } 1075 1076 /* 1077 * Incoming linkage from device drivers. Process the packet pkt, of length 1078 * pktlen, which is stored in a contiguous buffer. The packet is parsed 1079 * by each process' filter, and if accepted, stashed into the corresponding 1080 * buffer. 1081 */ 1082 void 1083 bpf_tap(ifp, pkt, pktlen) 1084 struct ifnet *ifp; 1085 register u_char *pkt; 1086 register u_int pktlen; 1087 { 1088 struct bpf_if *bp; 1089 register struct bpf_d *d; 1090 register u_int slen; 1091 /* 1092 * Note that the ipl does not have to be raised at this point. 1093 * The only problem that could arise here is that if two different 1094 * interfaces shared any data. This is not the case. 1095 */ 1096 bp = ifp->if_bpf; 1097 for (d = bp->bif_dlist; d != 0; d = d->bd_next) { 1098 ++d->bd_rcount; 1099 slen = bpf_filter(d->bd_filter, pkt, pktlen, pktlen); 1100 if (slen != 0) 1101 catchpacket(d, pkt, pktlen, slen, bcopy); 1102 } 1103 } 1104 1105 /* 1106 * Copy data from an mbuf chain into a buffer. This code is derived 1107 * from m_copydata in sys/uipc_mbuf.c. 1108 */ 1109 static void 1110 bpf_mcopy(src_arg, dst_arg, len) 1111 const void *src_arg; 1112 void *dst_arg; 1113 register size_t len; 1114 { 1115 register const struct mbuf *m; 1116 register u_int count; 1117 u_char *dst; 1118 1119 m = src_arg; 1120 dst = dst_arg; 1121 while (len > 0) { 1122 if (m == 0) 1123 panic("bpf_mcopy"); 1124 count = min(m->m_len, len); 1125 bcopy(mtod(m, void *), dst, count); 1126 m = m->m_next; 1127 dst += count; 1128 len -= count; 1129 } 1130 } 1131 1132 /* 1133 * Incoming linkage from device drivers, when packet is in an mbuf chain. 1134 */ 1135 void 1136 bpf_mtap(ifp, m) 1137 struct ifnet *ifp; 1138 struct mbuf *m; 1139 { 1140 struct bpf_if *bp = ifp->if_bpf; 1141 struct bpf_d *d; 1142 u_int pktlen, slen; 1143 struct mbuf *m0; 1144 1145 pktlen = 0; 1146 for (m0 = m; m0 != 0; m0 = m0->m_next) 1147 pktlen += m0->m_len; 1148 1149 for (d = bp->bif_dlist; d != 0; d = d->bd_next) { 1150 if (!d->bd_seesent && (m->m_pkthdr.rcvif == NULL)) 1151 continue; 1152 ++d->bd_rcount; 1153 slen = bpf_filter(d->bd_filter, (u_char *)m, pktlen, 0); 1154 if (slen != 0) 1155 catchpacket(d, (u_char *)m, pktlen, slen, bpf_mcopy); 1156 } 1157 } 1158 1159 /* 1160 * Move the packet data from interface memory (pkt) into the 1161 * store buffer. Return 1 if it's time to wakeup a listener (buffer full), 1162 * otherwise 0. "copy" is the routine called to do the actual data 1163 * transfer. bcopy is passed in to copy contiguous chunks, while 1164 * bpf_mcopy is passed in to copy mbuf chains. In the latter case, 1165 * pkt is really an mbuf. 1166 */ 1167 static void 1168 catchpacket(d, pkt, pktlen, snaplen, cpfn) 1169 register struct bpf_d *d; 1170 register u_char *pkt; 1171 register u_int pktlen, snaplen; 1172 register void (*cpfn) __P((const void *, void *, size_t)); 1173 { 1174 register struct bpf_hdr *hp; 1175 register int totlen, curlen; 1176 register int hdrlen = d->bd_bif->bif_hdrlen; 1177 /* 1178 * Figure out how many bytes to move. If the packet is 1179 * greater or equal to the snapshot length, transfer that 1180 * much. Otherwise, transfer the whole packet (unless 1181 * we hit the buffer size limit). 1182 */ 1183 totlen = hdrlen + min(snaplen, pktlen); 1184 if (totlen > d->bd_bufsize) 1185 totlen = d->bd_bufsize; 1186 1187 /* 1188 * Round up the end of the previous packet to the next longword. 1189 */ 1190 curlen = BPF_WORDALIGN(d->bd_slen); 1191 if (curlen + totlen > d->bd_bufsize) { 1192 /* 1193 * This packet will overflow the storage buffer. 1194 * Rotate the buffers if we can, then wakeup any 1195 * pending reads. 1196 */ 1197 if (d->bd_fbuf == 0) { 1198 /* 1199 * We haven't completed the previous read yet, 1200 * so drop the packet. 1201 */ 1202 ++d->bd_dcount; 1203 return; 1204 } 1205 ROTATE_BUFFERS(d); 1206 bpf_wakeup(d); 1207 curlen = 0; 1208 } 1209 else if (d->bd_immediate) 1210 /* 1211 * Immediate mode is set. A packet arrived so any 1212 * reads should be woken up. 1213 */ 1214 bpf_wakeup(d); 1215 1216 /* 1217 * Append the bpf header. 1218 */ 1219 hp = (struct bpf_hdr *)(d->bd_sbuf + curlen); 1220 #if BSD >= 199103 1221 microtime(&hp->bh_tstamp); 1222 #elif defined(sun) 1223 uniqtime(&hp->bh_tstamp); 1224 #else 1225 hp->bh_tstamp = time; 1226 #endif 1227 hp->bh_datalen = pktlen; 1228 hp->bh_hdrlen = hdrlen; 1229 /* 1230 * Copy the packet data into the store buffer and update its length. 1231 */ 1232 (*cpfn)(pkt, (u_char *)hp + hdrlen, (hp->bh_caplen = totlen - hdrlen)); 1233 d->bd_slen = curlen + totlen; 1234 } 1235 1236 /* 1237 * Initialize all nonzero fields of a descriptor. 1238 */ 1239 static int 1240 bpf_allocbufs(d) 1241 register struct bpf_d *d; 1242 { 1243 d->bd_fbuf = (caddr_t)malloc(d->bd_bufsize, M_BPF, M_WAITOK); 1244 if (d->bd_fbuf == 0) 1245 return (ENOBUFS); 1246 1247 d->bd_sbuf = (caddr_t)malloc(d->bd_bufsize, M_BPF, M_WAITOK); 1248 if (d->bd_sbuf == 0) { 1249 free(d->bd_fbuf, M_BPF); 1250 return (ENOBUFS); 1251 } 1252 d->bd_slen = 0; 1253 d->bd_hlen = 0; 1254 return (0); 1255 } 1256 1257 /* 1258 * Free buffers currently in use by a descriptor. 1259 * Called on close. 1260 */ 1261 static void 1262 bpf_freed(d) 1263 register struct bpf_d *d; 1264 { 1265 /* 1266 * We don't need to lock out interrupts since this descriptor has 1267 * been detached from its interface and it yet hasn't been marked 1268 * free. 1269 */ 1270 if (d->bd_sbuf != 0) { 1271 free(d->bd_sbuf, M_BPF); 1272 if (d->bd_hbuf != 0) 1273 free(d->bd_hbuf, M_BPF); 1274 if (d->bd_fbuf != 0) 1275 free(d->bd_fbuf, M_BPF); 1276 } 1277 if (d->bd_filter) 1278 free((caddr_t)d->bd_filter, M_BPF); 1279 } 1280 1281 /* 1282 * Attach an interface to bpf. driverp is a pointer to a (struct bpf_if *) 1283 * in the driver's softc; dlt is the link layer type; hdrlen is the fixed 1284 * size of the link header (variable length headers not yet supported). 1285 */ 1286 void 1287 bpfattach(ifp, dlt, hdrlen) 1288 struct ifnet *ifp; 1289 u_int dlt, hdrlen; 1290 { 1291 struct bpf_if *bp; 1292 bp = (struct bpf_if *)malloc(sizeof(*bp), M_BPF, M_DONTWAIT); 1293 if (bp == 0) 1294 panic("bpfattach"); 1295 1296 bp->bif_dlist = 0; 1297 bp->bif_ifp = ifp; 1298 bp->bif_dlt = dlt; 1299 1300 bp->bif_next = bpf_iflist; 1301 bpf_iflist = bp; 1302 1303 bp->bif_ifp->if_bpf = 0; 1304 1305 /* 1306 * Compute the length of the bpf header. This is not necessarily 1307 * equal to SIZEOF_BPF_HDR because we want to insert spacing such 1308 * that the network layer header begins on a longword boundary (for 1309 * performance reasons and to alleviate alignment restrictions). 1310 */ 1311 bp->bif_hdrlen = BPF_WORDALIGN(hdrlen + SIZEOF_BPF_HDR) - hdrlen; 1312 1313 if (bootverbose) 1314 printf("bpf: %s%d attached\n", ifp->if_name, ifp->if_unit); 1315 } 1316 1317 /* 1318 * Detach bpf from an interface. This involves detaching each descriptor 1319 * associated with the interface, and leaving bd_bif NULL. Notify each 1320 * descriptor as it's detached so that any sleepers wake up and get 1321 * ENXIO. 1322 */ 1323 void 1324 bpfdetach(ifp) 1325 struct ifnet *ifp; 1326 { 1327 struct bpf_if *bp, *bp_prev; 1328 struct bpf_d *d; 1329 int s; 1330 1331 s = splimp(); 1332 1333 /* Locate BPF interface information */ 1334 bp_prev = NULL; 1335 for (bp = bpf_iflist; bp != NULL; bp = bp->bif_next) { 1336 if (ifp == bp->bif_ifp) 1337 break; 1338 bp_prev = bp; 1339 } 1340 1341 /* Interface wasn't attached */ 1342 if (bp->bif_ifp == NULL) { 1343 splx(s); 1344 printf("bpfdetach: %s%d was not attached\n", ifp->if_name, 1345 ifp->if_unit); 1346 return; 1347 } 1348 1349 while ((d = bp->bif_dlist) != NULL) { 1350 bpf_detachd(d); 1351 bpf_wakeup(d); 1352 } 1353 1354 if (bp_prev) { 1355 bp_prev->bif_next = bp->bif_next; 1356 } else { 1357 bpf_iflist = bp->bif_next; 1358 } 1359 1360 free(bp, M_BPF); 1361 1362 splx(s); 1363 } 1364 1365 static void bpf_drvinit __P((void *unused)); 1366 1367 static void bpf_clone __P((void *arg, char *name, int namelen, dev_t *dev)); 1368 1369 static void 1370 bpf_clone(arg, name, namelen, dev) 1371 void *arg; 1372 char *name; 1373 int namelen; 1374 dev_t *dev; 1375 { 1376 int u; 1377 1378 if (*dev != NODEV) 1379 return; 1380 if (dev_stdclone(name, NULL, "bpf", &u) != 1) 1381 return; 1382 *dev = make_dev(&bpf_cdevsw, unit2minor(u), UID_ROOT, GID_WHEEL, 0600, 1383 "bpf%d", u); 1384 (*dev)->si_flags |= SI_CHEAPCLONE; 1385 return; 1386 } 1387 1388 static void 1389 bpf_drvinit(unused) 1390 void *unused; 1391 { 1392 1393 EVENTHANDLER_REGISTER(dev_clone, bpf_clone, 0, 1000); 1394 cdevsw_add(&bpf_cdevsw); 1395 } 1396 1397 SYSINIT(bpfdev,SI_SUB_DRIVERS,SI_ORDER_MIDDLE+CDEV_MAJOR,bpf_drvinit,NULL) 1398 1399 #else /* !BPF */ 1400 /* 1401 * NOP stubs to allow bpf-using drivers to load and function. 1402 * 1403 * A 'better' implementation would allow the core bpf functionality 1404 * to be loaded at runtime. 1405 */ 1406 1407 void 1408 bpf_tap(ifp, pkt, pktlen) 1409 struct ifnet *ifp; 1410 register u_char *pkt; 1411 register u_int pktlen; 1412 { 1413 } 1414 1415 void 1416 bpf_mtap(ifp, m) 1417 struct ifnet *ifp; 1418 struct mbuf *m; 1419 { 1420 } 1421 1422 void 1423 bpfattach(ifp, dlt, hdrlen) 1424 struct ifnet *ifp; 1425 u_int dlt, hdrlen; 1426 { 1427 } 1428 1429 void 1430 bpfdetach(ifp) 1431 struct ifnet *ifp; 1432 { 1433 } 1434 1435 u_int 1436 bpf_filter(pc, p, wirelen, buflen) 1437 register const struct bpf_insn *pc; 1438 register u_char *p; 1439 u_int wirelen; 1440 register u_int buflen; 1441 { 1442 return -1; /* "no filter" behaviour */ 1443 } 1444 1445 #endif /* !BPF */ 1446