1 /* 2 * Copyright (c) 1990, 1991, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * This code is derived from the Stanford/CMU enet packet filter, 6 * (net/enet.c) distributed as part of 4.3BSD, and code contributed 7 * to Berkeley by Steven McCanne and Van Jacobson both of Lawrence 8 * Berkeley Laboratory. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 3. All advertising materials mentioning features or use of this software 19 * must display the following acknowledgement: 20 * This product includes software developed by the University of 21 * California, Berkeley and its contributors. 22 * 4. Neither the name of the University nor the names of its contributors 23 * may be used to endorse or promote products derived from this software 24 * without specific prior written permission. 25 * 26 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 27 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 28 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 29 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 30 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 31 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 34 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 35 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 36 * SUCH DAMAGE. 37 * 38 * @(#)bpf.c 8.4 (Berkeley) 1/9/95 39 * 40 * $FreeBSD$ 41 */ 42 43 #include "opt_bpf.h" 44 #include "opt_netgraph.h" 45 46 #include <sys/param.h> 47 #include <sys/systm.h> 48 #include <sys/conf.h> 49 #include <sys/malloc.h> 50 #include <sys/mbuf.h> 51 #include <sys/time.h> 52 #include <sys/proc.h> 53 #include <sys/signalvar.h> 54 #include <sys/filio.h> 55 #include <sys/sockio.h> 56 #include <sys/ttycom.h> 57 #include <sys/filedesc.h> 58 59 #include <sys/poll.h> 60 61 #include <sys/socket.h> 62 #include <sys/vnode.h> 63 64 #include <net/if.h> 65 #include <net/bpf.h> 66 #include <net/bpfdesc.h> 67 68 #include <netinet/in.h> 69 #include <netinet/if_ether.h> 70 #include <sys/kernel.h> 71 #include <sys/sysctl.h> 72 73 static MALLOC_DEFINE(M_BPF, "BPF", "BPF data"); 74 75 #if defined(DEV_BPF) || defined(NETGRAPH_BPF) 76 77 #define PRINET 26 /* interruptible */ 78 79 /* 80 * The default read buffer size is patchable. 81 */ 82 static int bpf_bufsize = 4096; 83 SYSCTL_INT(_debug, OID_AUTO, bpf_bufsize, CTLFLAG_RW, 84 &bpf_bufsize, 0, ""); 85 static int bpf_maxbufsize = BPF_MAXBUFSIZE; 86 SYSCTL_INT(_debug, OID_AUTO, bpf_maxbufsize, CTLFLAG_RW, 87 &bpf_maxbufsize, 0, ""); 88 89 /* 90 * bpf_iflist is the list of interfaces; each corresponds to an ifnet 91 */ 92 static struct bpf_if *bpf_iflist; 93 static struct mtx bpf_mtx; /* bpf global lock */ 94 95 static int bpf_allocbufs(struct bpf_d *); 96 static void bpf_attachd(struct bpf_d *d, struct bpf_if *bp); 97 static void bpf_detachd(struct bpf_d *d); 98 static void bpf_freed(struct bpf_d *); 99 static void bpf_mcopy(const void *, void *, size_t); 100 static int bpf_movein(struct uio *, int, 101 struct mbuf **, struct sockaddr *, int *); 102 static int bpf_setif(struct bpf_d *, struct ifreq *); 103 static void bpf_timed_out(void *); 104 static __inline void 105 bpf_wakeup(struct bpf_d *); 106 static void catchpacket(struct bpf_d *, u_char *, u_int, 107 u_int, void (*)(const void *, void *, size_t)); 108 static void reset_d(struct bpf_d *); 109 static int bpf_setf(struct bpf_d *, struct bpf_program *); 110 111 static d_open_t bpfopen; 112 static d_close_t bpfclose; 113 static d_read_t bpfread; 114 static d_write_t bpfwrite; 115 static d_ioctl_t bpfioctl; 116 static d_poll_t bpfpoll; 117 118 #define CDEV_MAJOR 23 119 static struct cdevsw bpf_cdevsw = { 120 /* open */ bpfopen, 121 /* close */ bpfclose, 122 /* read */ bpfread, 123 /* write */ bpfwrite, 124 /* ioctl */ bpfioctl, 125 /* poll */ bpfpoll, 126 /* mmap */ nommap, 127 /* strategy */ nostrategy, 128 /* name */ "bpf", 129 /* maj */ CDEV_MAJOR, 130 /* dump */ nodump, 131 /* psize */ nopsize, 132 /* flags */ 0, 133 }; 134 135 136 static int 137 bpf_movein(uio, linktype, mp, sockp, datlen) 138 register struct uio *uio; 139 int linktype, *datlen; 140 register struct mbuf **mp; 141 register struct sockaddr *sockp; 142 { 143 struct mbuf *m; 144 int error; 145 int len; 146 int hlen; 147 148 /* 149 * Build a sockaddr based on the data link layer type. 150 * We do this at this level because the ethernet header 151 * is copied directly into the data field of the sockaddr. 152 * In the case of SLIP, there is no header and the packet 153 * is forwarded as is. 154 * Also, we are careful to leave room at the front of the mbuf 155 * for the link level header. 156 */ 157 switch (linktype) { 158 159 case DLT_SLIP: 160 sockp->sa_family = AF_INET; 161 hlen = 0; 162 break; 163 164 case DLT_EN10MB: 165 sockp->sa_family = AF_UNSPEC; 166 /* XXX Would MAXLINKHDR be better? */ 167 hlen = sizeof(struct ether_header); 168 break; 169 170 case DLT_FDDI: 171 sockp->sa_family = AF_IMPLINK; 172 hlen = 0; 173 break; 174 175 case DLT_RAW: 176 case DLT_NULL: 177 sockp->sa_family = AF_UNSPEC; 178 hlen = 0; 179 break; 180 181 case DLT_ATM_RFC1483: 182 /* 183 * en atm driver requires 4-byte atm pseudo header. 184 * though it isn't standard, vpi:vci needs to be 185 * specified anyway. 186 */ 187 sockp->sa_family = AF_UNSPEC; 188 hlen = 12; /* XXX 4(ATM_PH) + 3(LLC) + 5(SNAP) */ 189 break; 190 191 case DLT_PPP: 192 sockp->sa_family = AF_UNSPEC; 193 hlen = 4; /* This should match PPP_HDRLEN */ 194 break; 195 196 default: 197 return (EIO); 198 } 199 200 len = uio->uio_resid; 201 *datlen = len - hlen; 202 if ((unsigned)len > MCLBYTES) 203 return (EIO); 204 205 MGETHDR(m, M_TRYWAIT, MT_DATA); 206 if (m == 0) 207 return (ENOBUFS); 208 if (len > MHLEN) { 209 MCLGET(m, M_TRYWAIT); 210 if ((m->m_flags & M_EXT) == 0) { 211 error = ENOBUFS; 212 goto bad; 213 } 214 } 215 m->m_pkthdr.len = m->m_len = len; 216 m->m_pkthdr.rcvif = NULL; 217 *mp = m; 218 /* 219 * Make room for link header. 220 */ 221 if (hlen != 0) { 222 m->m_pkthdr.len -= hlen; 223 m->m_len -= hlen; 224 #if BSD >= 199103 225 m->m_data += hlen; /* XXX */ 226 #else 227 m->m_off += hlen; 228 #endif 229 error = uiomove((caddr_t)sockp->sa_data, hlen, uio); 230 if (error) 231 goto bad; 232 } 233 error = uiomove(mtod(m, caddr_t), len - hlen, uio); 234 if (!error) 235 return (0); 236 bad: 237 m_freem(m); 238 return (error); 239 } 240 241 /* 242 * Attach file to the bpf interface, i.e. make d listen on bp. 243 */ 244 static void 245 bpf_attachd(d, bp) 246 struct bpf_d *d; 247 struct bpf_if *bp; 248 { 249 /* 250 * Point d at bp, and add d to the interface's list of listeners. 251 * Finally, point the driver's bpf cookie at the interface so 252 * it will divert packets to bpf. 253 */ 254 BPFIF_LOCK(bp); 255 d->bd_bif = bp; 256 d->bd_next = bp->bif_dlist; 257 bp->bif_dlist = d; 258 259 bp->bif_ifp->if_bpf = bp; 260 BPFIF_UNLOCK(bp); 261 } 262 263 /* 264 * Detach a file from its interface. 265 */ 266 static void 267 bpf_detachd(d) 268 struct bpf_d *d; 269 { 270 int error; 271 struct bpf_d **p; 272 struct bpf_if *bp; 273 274 bp = d->bd_bif; 275 /* 276 * Check if this descriptor had requested promiscuous mode. 277 * If so, turn it off. 278 */ 279 if (d->bd_promisc) { 280 d->bd_promisc = 0; 281 error = ifpromisc(bp->bif_ifp, 0); 282 if (error != 0 && error != ENXIO) { 283 /* 284 * ENXIO can happen if a pccard is unplugged 285 * Something is really wrong if we were able to put 286 * the driver into promiscuous mode, but can't 287 * take it out. 288 */ 289 printf("%s%d: ifpromisc failed %d\n", 290 bp->bif_ifp->if_name, bp->bif_ifp->if_unit, error); 291 } 292 } 293 /* Remove d from the interface's descriptor list. */ 294 BPFIF_LOCK(bp); 295 p = &bp->bif_dlist; 296 while (*p != d) { 297 p = &(*p)->bd_next; 298 if (*p == 0) 299 panic("bpf_detachd: descriptor not in list"); 300 } 301 *p = (*p)->bd_next; 302 if (bp->bif_dlist == 0) 303 /* 304 * Let the driver know that there are no more listeners. 305 */ 306 d->bd_bif->bif_ifp->if_bpf = 0; 307 BPFIF_UNLOCK(bp); 308 d->bd_bif = 0; 309 } 310 311 /* 312 * Open ethernet device. Returns ENXIO for illegal minor device number, 313 * EBUSY if file is open by another process. 314 */ 315 /* ARGSUSED */ 316 static int 317 bpfopen(dev, flags, fmt, td) 318 dev_t dev; 319 int flags; 320 int fmt; 321 struct thread *td; 322 { 323 struct bpf_d *d; 324 325 mtx_lock(&bpf_mtx); 326 d = dev->si_drv1; 327 /* 328 * Each minor can be opened by only one process. If the requested 329 * minor is in use, return EBUSY. 330 */ 331 if (d) { 332 mtx_unlock(&bpf_mtx); 333 return (EBUSY); 334 } 335 dev->si_drv1 = (struct bpf_d *)~0; /* mark device in use */ 336 mtx_unlock(&bpf_mtx); 337 338 if ((dev->si_flags & SI_NAMED) == 0) 339 make_dev(&bpf_cdevsw, minor(dev), UID_ROOT, GID_WHEEL, 0600, 340 "bpf%d", dev2unit(dev)); 341 MALLOC(d, struct bpf_d *, sizeof(*d), M_BPF, M_WAITOK | M_ZERO); 342 dev->si_drv1 = d; 343 d->bd_bufsize = bpf_bufsize; 344 d->bd_sig = SIGIO; 345 d->bd_seesent = 1; 346 mtx_init(&d->bd_mtx, devtoname(dev), "bpf cdev lock", MTX_DEF); 347 callout_init(&d->bd_callout, 1); 348 349 return (0); 350 } 351 352 /* 353 * Close the descriptor by detaching it from its interface, 354 * deallocating its buffers, and marking it free. 355 */ 356 /* ARGSUSED */ 357 static int 358 bpfclose(dev, flags, fmt, td) 359 dev_t dev; 360 int flags; 361 int fmt; 362 struct thread *td; 363 { 364 struct bpf_d *d = dev->si_drv1; 365 366 BPFD_LOCK(d); 367 if (d->bd_state == BPF_WAITING) 368 callout_stop(&d->bd_callout); 369 d->bd_state = BPF_IDLE; 370 BPFD_UNLOCK(d); 371 funsetown(&d->bd_sigio); 372 mtx_lock(&bpf_mtx); 373 if (d->bd_bif) 374 bpf_detachd(d); 375 mtx_unlock(&bpf_mtx); 376 bpf_freed(d); 377 dev->si_drv1 = 0; 378 free(d, M_BPF); 379 380 return (0); 381 } 382 383 384 /* 385 * Rotate the packet buffers in descriptor d. Move the store buffer 386 * into the hold slot, and the free buffer into the store slot. 387 * Zero the length of the new store buffer. 388 */ 389 #define ROTATE_BUFFERS(d) \ 390 (d)->bd_hbuf = (d)->bd_sbuf; \ 391 (d)->bd_hlen = (d)->bd_slen; \ 392 (d)->bd_sbuf = (d)->bd_fbuf; \ 393 (d)->bd_slen = 0; \ 394 (d)->bd_fbuf = 0; 395 /* 396 * bpfread - read next chunk of packets from buffers 397 */ 398 static int 399 bpfread(dev, uio, ioflag) 400 dev_t dev; 401 register struct uio *uio; 402 int ioflag; 403 { 404 struct bpf_d *d = dev->si_drv1; 405 int timed_out; 406 int error; 407 408 /* 409 * Restrict application to use a buffer the same size as 410 * as kernel buffers. 411 */ 412 if (uio->uio_resid != d->bd_bufsize) 413 return (EINVAL); 414 415 BPFD_LOCK(d); 416 if (d->bd_state == BPF_WAITING) 417 callout_stop(&d->bd_callout); 418 timed_out = (d->bd_state == BPF_TIMED_OUT); 419 d->bd_state = BPF_IDLE; 420 /* 421 * If the hold buffer is empty, then do a timed sleep, which 422 * ends when the timeout expires or when enough packets 423 * have arrived to fill the store buffer. 424 */ 425 while (d->bd_hbuf == 0) { 426 if ((d->bd_immediate || timed_out) && d->bd_slen != 0) { 427 /* 428 * A packet(s) either arrived since the previous 429 * read or arrived while we were asleep. 430 * Rotate the buffers and return what's here. 431 */ 432 ROTATE_BUFFERS(d); 433 break; 434 } 435 436 /* 437 * No data is available, check to see if the bpf device 438 * is still pointed at a real interface. If not, return 439 * ENXIO so that the userland process knows to rebind 440 * it before using it again. 441 */ 442 if (d->bd_bif == NULL) { 443 BPFD_UNLOCK(d); 444 return (ENXIO); 445 } 446 447 if (ioflag & IO_NDELAY) { 448 BPFD_UNLOCK(d); 449 return (EWOULDBLOCK); 450 } 451 error = msleep((caddr_t)d, &d->bd_mtx, PRINET|PCATCH, 452 "bpf", d->bd_rtout); 453 if (error == EINTR || error == ERESTART) { 454 BPFD_UNLOCK(d); 455 return (error); 456 } 457 if (error == EWOULDBLOCK) { 458 /* 459 * On a timeout, return what's in the buffer, 460 * which may be nothing. If there is something 461 * in the store buffer, we can rotate the buffers. 462 */ 463 if (d->bd_hbuf) 464 /* 465 * We filled up the buffer in between 466 * getting the timeout and arriving 467 * here, so we don't need to rotate. 468 */ 469 break; 470 471 if (d->bd_slen == 0) { 472 BPFD_UNLOCK(d); 473 return (0); 474 } 475 ROTATE_BUFFERS(d); 476 break; 477 } 478 } 479 /* 480 * At this point, we know we have something in the hold slot. 481 */ 482 BPFD_UNLOCK(d); 483 484 /* 485 * Move data from hold buffer into user space. 486 * We know the entire buffer is transferred since 487 * we checked above that the read buffer is bpf_bufsize bytes. 488 */ 489 error = uiomove(d->bd_hbuf, d->bd_hlen, uio); 490 491 BPFD_LOCK(d); 492 d->bd_fbuf = d->bd_hbuf; 493 d->bd_hbuf = 0; 494 d->bd_hlen = 0; 495 BPFD_UNLOCK(d); 496 497 return (error); 498 } 499 500 501 /* 502 * If there are processes sleeping on this descriptor, wake them up. 503 */ 504 static __inline void 505 bpf_wakeup(d) 506 register struct bpf_d *d; 507 { 508 if (d->bd_state == BPF_WAITING) { 509 callout_stop(&d->bd_callout); 510 d->bd_state = BPF_IDLE; 511 } 512 wakeup((caddr_t)d); 513 if (d->bd_async && d->bd_sig && d->bd_sigio) 514 pgsigio(&d->bd_sigio, d->bd_sig, 0); 515 516 selwakeup(&d->bd_sel); 517 } 518 519 static void 520 bpf_timed_out(arg) 521 void *arg; 522 { 523 struct bpf_d *d = (struct bpf_d *)arg; 524 525 BPFD_LOCK(d); 526 if (d->bd_state == BPF_WAITING) { 527 d->bd_state = BPF_TIMED_OUT; 528 if (d->bd_slen != 0) 529 bpf_wakeup(d); 530 } 531 BPFD_UNLOCK(d); 532 } 533 534 static int 535 bpfwrite(dev, uio, ioflag) 536 dev_t dev; 537 struct uio *uio; 538 int ioflag; 539 { 540 struct bpf_d *d = dev->si_drv1; 541 struct ifnet *ifp; 542 struct mbuf *m; 543 int error; 544 static struct sockaddr dst; 545 int datlen; 546 547 if (d->bd_bif == 0) 548 return (ENXIO); 549 550 ifp = d->bd_bif->bif_ifp; 551 552 if (uio->uio_resid == 0) 553 return (0); 554 555 error = bpf_movein(uio, (int)d->bd_bif->bif_dlt, &m, &dst, &datlen); 556 if (error) 557 return (error); 558 559 if (datlen > ifp->if_mtu) 560 return (EMSGSIZE); 561 562 if (d->bd_hdrcmplt) 563 dst.sa_family = pseudo_AF_HDRCMPLT; 564 565 mtx_lock(&Giant); 566 error = (*ifp->if_output)(ifp, m, &dst, (struct rtentry *)0); 567 mtx_unlock(&Giant); 568 /* 569 * The driver frees the mbuf. 570 */ 571 return (error); 572 } 573 574 /* 575 * Reset a descriptor by flushing its packet buffer and clearing the 576 * receive and drop counts. 577 */ 578 static void 579 reset_d(d) 580 struct bpf_d *d; 581 { 582 583 mtx_assert(&d->bd_mtx, MA_OWNED); 584 if (d->bd_hbuf) { 585 /* Free the hold buffer. */ 586 d->bd_fbuf = d->bd_hbuf; 587 d->bd_hbuf = 0; 588 } 589 d->bd_slen = 0; 590 d->bd_hlen = 0; 591 d->bd_rcount = 0; 592 d->bd_dcount = 0; 593 } 594 595 /* 596 * FIONREAD Check for read packet available. 597 * SIOCGIFADDR Get interface address - convenient hook to driver. 598 * BIOCGBLEN Get buffer len [for read()]. 599 * BIOCSETF Set ethernet read filter. 600 * BIOCFLUSH Flush read packet buffer. 601 * BIOCPROMISC Put interface into promiscuous mode. 602 * BIOCGDLT Get link layer type. 603 * BIOCGETIF Get interface name. 604 * BIOCSETIF Set interface. 605 * BIOCSRTIMEOUT Set read timeout. 606 * BIOCGRTIMEOUT Get read timeout. 607 * BIOCGSTATS Get packet stats. 608 * BIOCIMMEDIATE Set immediate mode. 609 * BIOCVERSION Get filter language version. 610 * BIOCGHDRCMPLT Get "header already complete" flag 611 * BIOCSHDRCMPLT Set "header already complete" flag 612 * BIOCGSEESENT Get "see packets sent" flag 613 * BIOCSSEESENT Set "see packets sent" flag 614 */ 615 /* ARGSUSED */ 616 static int 617 bpfioctl(dev, cmd, addr, flags, td) 618 dev_t dev; 619 u_long cmd; 620 caddr_t addr; 621 int flags; 622 struct thread *td; 623 { 624 struct bpf_d *d = dev->si_drv1; 625 int error = 0; 626 627 BPFD_LOCK(d); 628 if (d->bd_state == BPF_WAITING) 629 callout_stop(&d->bd_callout); 630 d->bd_state = BPF_IDLE; 631 BPFD_UNLOCK(d); 632 633 switch (cmd) { 634 635 default: 636 error = EINVAL; 637 break; 638 639 /* 640 * Check for read packet available. 641 */ 642 case FIONREAD: 643 { 644 int n; 645 646 BPFD_LOCK(d); 647 n = d->bd_slen; 648 if (d->bd_hbuf) 649 n += d->bd_hlen; 650 BPFD_UNLOCK(d); 651 652 *(int *)addr = n; 653 break; 654 } 655 656 case SIOCGIFADDR: 657 { 658 struct ifnet *ifp; 659 660 if (d->bd_bif == 0) 661 error = EINVAL; 662 else { 663 ifp = d->bd_bif->bif_ifp; 664 error = (*ifp->if_ioctl)(ifp, cmd, addr); 665 } 666 break; 667 } 668 669 /* 670 * Get buffer len [for read()]. 671 */ 672 case BIOCGBLEN: 673 *(u_int *)addr = d->bd_bufsize; 674 break; 675 676 /* 677 * Set buffer length. 678 */ 679 case BIOCSBLEN: 680 if (d->bd_bif != 0) 681 error = EINVAL; 682 else { 683 register u_int size = *(u_int *)addr; 684 685 if (size > bpf_maxbufsize) 686 *(u_int *)addr = size = bpf_maxbufsize; 687 else if (size < BPF_MINBUFSIZE) 688 *(u_int *)addr = size = BPF_MINBUFSIZE; 689 d->bd_bufsize = size; 690 } 691 break; 692 693 /* 694 * Set link layer read filter. 695 */ 696 case BIOCSETF: 697 error = bpf_setf(d, (struct bpf_program *)addr); 698 break; 699 700 /* 701 * Flush read packet buffer. 702 */ 703 case BIOCFLUSH: 704 BPFD_LOCK(d); 705 reset_d(d); 706 BPFD_UNLOCK(d); 707 break; 708 709 /* 710 * Put interface into promiscuous mode. 711 */ 712 case BIOCPROMISC: 713 if (d->bd_bif == 0) { 714 /* 715 * No interface attached yet. 716 */ 717 error = EINVAL; 718 break; 719 } 720 if (d->bd_promisc == 0) { 721 mtx_lock(&Giant); 722 error = ifpromisc(d->bd_bif->bif_ifp, 1); 723 mtx_unlock(&Giant); 724 if (error == 0) 725 d->bd_promisc = 1; 726 } 727 break; 728 729 /* 730 * Get device parameters. 731 */ 732 case BIOCGDLT: 733 if (d->bd_bif == 0) 734 error = EINVAL; 735 else 736 *(u_int *)addr = d->bd_bif->bif_dlt; 737 break; 738 739 /* 740 * Get interface name. 741 */ 742 case BIOCGETIF: 743 if (d->bd_bif == 0) 744 error = EINVAL; 745 else { 746 struct ifnet *const ifp = d->bd_bif->bif_ifp; 747 struct ifreq *const ifr = (struct ifreq *)addr; 748 749 snprintf(ifr->ifr_name, sizeof(ifr->ifr_name), 750 "%s%d", ifp->if_name, ifp->if_unit); 751 } 752 break; 753 754 /* 755 * Set interface. 756 */ 757 case BIOCSETIF: 758 error = bpf_setif(d, (struct ifreq *)addr); 759 break; 760 761 /* 762 * Set read timeout. 763 */ 764 case BIOCSRTIMEOUT: 765 { 766 struct timeval *tv = (struct timeval *)addr; 767 768 /* 769 * Subtract 1 tick from tvtohz() since this isn't 770 * a one-shot timer. 771 */ 772 if ((error = itimerfix(tv)) == 0) 773 d->bd_rtout = tvtohz(tv) - 1; 774 break; 775 } 776 777 /* 778 * Get read timeout. 779 */ 780 case BIOCGRTIMEOUT: 781 { 782 struct timeval *tv = (struct timeval *)addr; 783 784 tv->tv_sec = d->bd_rtout / hz; 785 tv->tv_usec = (d->bd_rtout % hz) * tick; 786 break; 787 } 788 789 /* 790 * Get packet stats. 791 */ 792 case BIOCGSTATS: 793 { 794 struct bpf_stat *bs = (struct bpf_stat *)addr; 795 796 bs->bs_recv = d->bd_rcount; 797 bs->bs_drop = d->bd_dcount; 798 break; 799 } 800 801 /* 802 * Set immediate mode. 803 */ 804 case BIOCIMMEDIATE: 805 d->bd_immediate = *(u_int *)addr; 806 break; 807 808 case BIOCVERSION: 809 { 810 struct bpf_version *bv = (struct bpf_version *)addr; 811 812 bv->bv_major = BPF_MAJOR_VERSION; 813 bv->bv_minor = BPF_MINOR_VERSION; 814 break; 815 } 816 817 /* 818 * Get "header already complete" flag 819 */ 820 case BIOCGHDRCMPLT: 821 *(u_int *)addr = d->bd_hdrcmplt; 822 break; 823 824 /* 825 * Set "header already complete" flag 826 */ 827 case BIOCSHDRCMPLT: 828 d->bd_hdrcmplt = *(u_int *)addr ? 1 : 0; 829 break; 830 831 /* 832 * Get "see sent packets" flag 833 */ 834 case BIOCGSEESENT: 835 *(u_int *)addr = d->bd_seesent; 836 break; 837 838 /* 839 * Set "see sent packets" flag 840 */ 841 case BIOCSSEESENT: 842 d->bd_seesent = *(u_int *)addr; 843 break; 844 845 case FIONBIO: /* Non-blocking I/O */ 846 break; 847 848 case FIOASYNC: /* Send signal on receive packets */ 849 d->bd_async = *(int *)addr; 850 break; 851 852 case FIOSETOWN: 853 error = fsetown(*(int *)addr, &d->bd_sigio); 854 break; 855 856 case FIOGETOWN: 857 *(int *)addr = fgetown(d->bd_sigio); 858 break; 859 860 /* This is deprecated, FIOSETOWN should be used instead. */ 861 case TIOCSPGRP: 862 error = fsetown(-(*(int *)addr), &d->bd_sigio); 863 break; 864 865 /* This is deprecated, FIOGETOWN should be used instead. */ 866 case TIOCGPGRP: 867 *(int *)addr = -fgetown(d->bd_sigio); 868 break; 869 870 case BIOCSRSIG: /* Set receive signal */ 871 { 872 u_int sig; 873 874 sig = *(u_int *)addr; 875 876 if (sig >= NSIG) 877 error = EINVAL; 878 else 879 d->bd_sig = sig; 880 break; 881 } 882 case BIOCGRSIG: 883 *(u_int *)addr = d->bd_sig; 884 break; 885 } 886 return (error); 887 } 888 889 /* 890 * Set d's packet filter program to fp. If this file already has a filter, 891 * free it and replace it. Returns EINVAL for bogus requests. 892 */ 893 static int 894 bpf_setf(d, fp) 895 struct bpf_d *d; 896 struct bpf_program *fp; 897 { 898 struct bpf_insn *fcode, *old; 899 u_int flen, size; 900 901 old = d->bd_filter; 902 if (fp->bf_insns == 0) { 903 if (fp->bf_len != 0) 904 return (EINVAL); 905 BPFD_LOCK(d); 906 d->bd_filter = 0; 907 reset_d(d); 908 BPFD_UNLOCK(d); 909 if (old != 0) 910 free((caddr_t)old, M_BPF); 911 return (0); 912 } 913 flen = fp->bf_len; 914 if (flen > BPF_MAXINSNS) 915 return (EINVAL); 916 917 size = flen * sizeof(*fp->bf_insns); 918 fcode = (struct bpf_insn *)malloc(size, M_BPF, M_WAITOK); 919 if (copyin((caddr_t)fp->bf_insns, (caddr_t)fcode, size) == 0 && 920 bpf_validate(fcode, (int)flen)) { 921 BPFD_LOCK(d); 922 d->bd_filter = fcode; 923 reset_d(d); 924 BPFD_UNLOCK(d); 925 if (old != 0) 926 free((caddr_t)old, M_BPF); 927 928 return (0); 929 } 930 free((caddr_t)fcode, M_BPF); 931 return (EINVAL); 932 } 933 934 /* 935 * Detach a file from its current interface (if attached at all) and attach 936 * to the interface indicated by the name stored in ifr. 937 * Return an errno or 0. 938 */ 939 static int 940 bpf_setif(d, ifr) 941 struct bpf_d *d; 942 struct ifreq *ifr; 943 { 944 struct bpf_if *bp; 945 int error; 946 struct ifnet *theywant; 947 948 theywant = ifunit(ifr->ifr_name); 949 if (theywant == 0) 950 return ENXIO; 951 952 /* 953 * Look through attached interfaces for the named one. 954 */ 955 mtx_lock(&bpf_mtx); 956 for (bp = bpf_iflist; bp != 0; bp = bp->bif_next) { 957 struct ifnet *ifp = bp->bif_ifp; 958 959 if (ifp == 0 || ifp != theywant) 960 continue; 961 962 mtx_unlock(&bpf_mtx); 963 /* 964 * We found the requested interface. 965 * If it's not up, return an error. 966 * Allocate the packet buffers if we need to. 967 * If we're already attached to requested interface, 968 * just flush the buffer. 969 */ 970 if ((ifp->if_flags & IFF_UP) == 0) 971 return (ENETDOWN); 972 973 if (d->bd_sbuf == 0) { 974 error = bpf_allocbufs(d); 975 if (error != 0) 976 return (error); 977 } 978 if (bp != d->bd_bif) { 979 if (d->bd_bif) 980 /* 981 * Detach if attached to something else. 982 */ 983 bpf_detachd(d); 984 985 bpf_attachd(d, bp); 986 } 987 BPFD_LOCK(d); 988 reset_d(d); 989 BPFD_UNLOCK(d); 990 return (0); 991 } 992 mtx_unlock(&bpf_mtx); 993 /* Not found. */ 994 return (ENXIO); 995 } 996 997 /* 998 * Support for select() and poll() system calls 999 * 1000 * Return true iff the specific operation will not block indefinitely. 1001 * Otherwise, return false but make a note that a selwakeup() must be done. 1002 */ 1003 int 1004 bpfpoll(dev, events, td) 1005 register dev_t dev; 1006 int events; 1007 struct thread *td; 1008 { 1009 struct bpf_d *d; 1010 int revents; 1011 1012 d = dev->si_drv1; 1013 if (d->bd_bif == NULL) 1014 return (ENXIO); 1015 1016 revents = events & (POLLOUT | POLLWRNORM); 1017 BPFD_LOCK(d); 1018 if (events & (POLLIN | POLLRDNORM)) { 1019 /* 1020 * An imitation of the FIONREAD ioctl code. 1021 * XXX not quite. An exact imitation: 1022 * if (d->b_slen != 0 || 1023 * (d->bd_hbuf != NULL && d->bd_hlen != 0) 1024 */ 1025 if (d->bd_hlen != 0 || 1026 ((d->bd_immediate || d->bd_state == BPF_TIMED_OUT) && 1027 d->bd_slen != 0)) 1028 revents |= events & (POLLIN | POLLRDNORM); 1029 else { 1030 selrecord(td, &d->bd_sel); 1031 /* Start the read timeout if necessary. */ 1032 if (d->bd_rtout > 0 && d->bd_state == BPF_IDLE) { 1033 callout_reset(&d->bd_callout, d->bd_rtout, 1034 bpf_timed_out, d); 1035 d->bd_state = BPF_WAITING; 1036 } 1037 } 1038 } 1039 BPFD_UNLOCK(d); 1040 return (revents); 1041 } 1042 1043 /* 1044 * Incoming linkage from device drivers. Process the packet pkt, of length 1045 * pktlen, which is stored in a contiguous buffer. The packet is parsed 1046 * by each process' filter, and if accepted, stashed into the corresponding 1047 * buffer. 1048 */ 1049 void 1050 bpf_tap(ifp, pkt, pktlen) 1051 struct ifnet *ifp; 1052 register u_char *pkt; 1053 register u_int pktlen; 1054 { 1055 struct bpf_if *bp; 1056 register struct bpf_d *d; 1057 register u_int slen; 1058 1059 bp = ifp->if_bpf; 1060 BPFIF_LOCK(bp); 1061 for (d = bp->bif_dlist; d != 0; d = d->bd_next) { 1062 BPFD_LOCK(d); 1063 ++d->bd_rcount; 1064 slen = bpf_filter(d->bd_filter, pkt, pktlen, pktlen); 1065 if (slen != 0) 1066 catchpacket(d, pkt, pktlen, slen, bcopy); 1067 BPFD_UNLOCK(d); 1068 } 1069 BPFIF_UNLOCK(bp); 1070 } 1071 1072 /* 1073 * Copy data from an mbuf chain into a buffer. This code is derived 1074 * from m_copydata in sys/uipc_mbuf.c. 1075 */ 1076 static void 1077 bpf_mcopy(src_arg, dst_arg, len) 1078 const void *src_arg; 1079 void *dst_arg; 1080 register size_t len; 1081 { 1082 register const struct mbuf *m; 1083 register u_int count; 1084 u_char *dst; 1085 1086 m = src_arg; 1087 dst = dst_arg; 1088 while (len > 0) { 1089 if (m == 0) 1090 panic("bpf_mcopy"); 1091 count = min(m->m_len, len); 1092 bcopy(mtod(m, void *), dst, count); 1093 m = m->m_next; 1094 dst += count; 1095 len -= count; 1096 } 1097 } 1098 1099 /* 1100 * Incoming linkage from device drivers, when packet is in an mbuf chain. 1101 */ 1102 void 1103 bpf_mtap(ifp, m) 1104 struct ifnet *ifp; 1105 struct mbuf *m; 1106 { 1107 struct bpf_if *bp = ifp->if_bpf; 1108 struct bpf_d *d; 1109 u_int pktlen, slen; 1110 struct mbuf *m0; 1111 1112 pktlen = 0; 1113 for (m0 = m; m0 != 0; m0 = m0->m_next) 1114 pktlen += m0->m_len; 1115 1116 BPFIF_LOCK(bp); 1117 for (d = bp->bif_dlist; d != 0; d = d->bd_next) { 1118 if (!d->bd_seesent && (m->m_pkthdr.rcvif == NULL)) 1119 continue; 1120 BPFD_LOCK(d); 1121 ++d->bd_rcount; 1122 slen = bpf_filter(d->bd_filter, (u_char *)m, pktlen, 0); 1123 if (slen != 0) 1124 catchpacket(d, (u_char *)m, pktlen, slen, bpf_mcopy); 1125 BPFD_UNLOCK(d); 1126 } 1127 BPFIF_UNLOCK(bp); 1128 } 1129 1130 /* 1131 * Move the packet data from interface memory (pkt) into the 1132 * store buffer. Return 1 if it's time to wakeup a listener (buffer full), 1133 * otherwise 0. "copy" is the routine called to do the actual data 1134 * transfer. bcopy is passed in to copy contiguous chunks, while 1135 * bpf_mcopy is passed in to copy mbuf chains. In the latter case, 1136 * pkt is really an mbuf. 1137 */ 1138 static void 1139 catchpacket(d, pkt, pktlen, snaplen, cpfn) 1140 register struct bpf_d *d; 1141 register u_char *pkt; 1142 register u_int pktlen, snaplen; 1143 register void (*cpfn)(const void *, void *, size_t); 1144 { 1145 register struct bpf_hdr *hp; 1146 register int totlen, curlen; 1147 register int hdrlen = d->bd_bif->bif_hdrlen; 1148 /* 1149 * Figure out how many bytes to move. If the packet is 1150 * greater or equal to the snapshot length, transfer that 1151 * much. Otherwise, transfer the whole packet (unless 1152 * we hit the buffer size limit). 1153 */ 1154 totlen = hdrlen + min(snaplen, pktlen); 1155 if (totlen > d->bd_bufsize) 1156 totlen = d->bd_bufsize; 1157 1158 /* 1159 * Round up the end of the previous packet to the next longword. 1160 */ 1161 curlen = BPF_WORDALIGN(d->bd_slen); 1162 if (curlen + totlen > d->bd_bufsize) { 1163 /* 1164 * This packet will overflow the storage buffer. 1165 * Rotate the buffers if we can, then wakeup any 1166 * pending reads. 1167 */ 1168 if (d->bd_fbuf == 0) { 1169 /* 1170 * We haven't completed the previous read yet, 1171 * so drop the packet. 1172 */ 1173 ++d->bd_dcount; 1174 return; 1175 } 1176 ROTATE_BUFFERS(d); 1177 bpf_wakeup(d); 1178 curlen = 0; 1179 } 1180 else if (d->bd_immediate || d->bd_state == BPF_TIMED_OUT) 1181 /* 1182 * Immediate mode is set, or the read timeout has 1183 * already expired during a select call. A packet 1184 * arrived, so the reader should be woken up. 1185 */ 1186 bpf_wakeup(d); 1187 1188 /* 1189 * Append the bpf header. 1190 */ 1191 hp = (struct bpf_hdr *)(d->bd_sbuf + curlen); 1192 microtime(&hp->bh_tstamp); 1193 hp->bh_datalen = pktlen; 1194 hp->bh_hdrlen = hdrlen; 1195 /* 1196 * Copy the packet data into the store buffer and update its length. 1197 */ 1198 (*cpfn)(pkt, (u_char *)hp + hdrlen, (hp->bh_caplen = totlen - hdrlen)); 1199 d->bd_slen = curlen + totlen; 1200 } 1201 1202 /* 1203 * Initialize all nonzero fields of a descriptor. 1204 */ 1205 static int 1206 bpf_allocbufs(d) 1207 register struct bpf_d *d; 1208 { 1209 d->bd_fbuf = (caddr_t)malloc(d->bd_bufsize, M_BPF, M_WAITOK); 1210 if (d->bd_fbuf == 0) 1211 return (ENOBUFS); 1212 1213 d->bd_sbuf = (caddr_t)malloc(d->bd_bufsize, M_BPF, M_WAITOK); 1214 if (d->bd_sbuf == 0) { 1215 free(d->bd_fbuf, M_BPF); 1216 return (ENOBUFS); 1217 } 1218 d->bd_slen = 0; 1219 d->bd_hlen = 0; 1220 return (0); 1221 } 1222 1223 /* 1224 * Free buffers currently in use by a descriptor. 1225 * Called on close. 1226 */ 1227 static void 1228 bpf_freed(d) 1229 register struct bpf_d *d; 1230 { 1231 /* 1232 * We don't need to lock out interrupts since this descriptor has 1233 * been detached from its interface and it yet hasn't been marked 1234 * free. 1235 */ 1236 if (d->bd_sbuf != 0) { 1237 free(d->bd_sbuf, M_BPF); 1238 if (d->bd_hbuf != 0) 1239 free(d->bd_hbuf, M_BPF); 1240 if (d->bd_fbuf != 0) 1241 free(d->bd_fbuf, M_BPF); 1242 } 1243 if (d->bd_filter) 1244 free((caddr_t)d->bd_filter, M_BPF); 1245 mtx_destroy(&d->bd_mtx); 1246 } 1247 1248 /* 1249 * Attach an interface to bpf. ifp is a pointer to the structure 1250 * defining the interface to be attached, dlt is the link layer type, 1251 * and hdrlen is the fixed size of the link header (variable length 1252 * headers are not yet supporrted). 1253 */ 1254 void 1255 bpfattach(ifp, dlt, hdrlen) 1256 struct ifnet *ifp; 1257 u_int dlt, hdrlen; 1258 { 1259 struct bpf_if *bp; 1260 bp = (struct bpf_if *)malloc(sizeof(*bp), M_BPF, M_NOWAIT | M_ZERO); 1261 if (bp == 0) 1262 panic("bpfattach"); 1263 1264 bp->bif_ifp = ifp; 1265 bp->bif_dlt = dlt; 1266 mtx_init(&bp->bif_mtx, "bpf interface lock", NULL, MTX_DEF); 1267 1268 mtx_lock(&bpf_mtx); 1269 bp->bif_next = bpf_iflist; 1270 bpf_iflist = bp; 1271 mtx_unlock(&bpf_mtx); 1272 1273 bp->bif_ifp->if_bpf = 0; 1274 1275 /* 1276 * Compute the length of the bpf header. This is not necessarily 1277 * equal to SIZEOF_BPF_HDR because we want to insert spacing such 1278 * that the network layer header begins on a longword boundary (for 1279 * performance reasons and to alleviate alignment restrictions). 1280 */ 1281 bp->bif_hdrlen = BPF_WORDALIGN(hdrlen + SIZEOF_BPF_HDR) - hdrlen; 1282 1283 if (bootverbose) 1284 printf("bpf: %s%d attached\n", ifp->if_name, ifp->if_unit); 1285 } 1286 1287 /* 1288 * Detach bpf from an interface. This involves detaching each descriptor 1289 * associated with the interface, and leaving bd_bif NULL. Notify each 1290 * descriptor as it's detached so that any sleepers wake up and get 1291 * ENXIO. 1292 */ 1293 void 1294 bpfdetach(ifp) 1295 struct ifnet *ifp; 1296 { 1297 struct bpf_if *bp, *bp_prev; 1298 struct bpf_d *d; 1299 1300 mtx_lock(&bpf_mtx); 1301 1302 /* Locate BPF interface information */ 1303 bp_prev = NULL; 1304 for (bp = bpf_iflist; bp != NULL; bp = bp->bif_next) { 1305 if (ifp == bp->bif_ifp) 1306 break; 1307 bp_prev = bp; 1308 } 1309 1310 /* Interface wasn't attached */ 1311 if (bp->bif_ifp == NULL) { 1312 mtx_unlock(&bpf_mtx); 1313 printf("bpfdetach: %s%d was not attached\n", ifp->if_name, 1314 ifp->if_unit); 1315 return; 1316 } 1317 1318 if (bp_prev) { 1319 bp_prev->bif_next = bp->bif_next; 1320 } else { 1321 bpf_iflist = bp->bif_next; 1322 } 1323 1324 while ((d = bp->bif_dlist) != NULL) { 1325 bpf_detachd(d); 1326 BPFD_LOCK(d); 1327 bpf_wakeup(d); 1328 BPFD_UNLOCK(d); 1329 } 1330 1331 mtx_destroy(&bp->bif_mtx); 1332 free(bp, M_BPF); 1333 1334 mtx_unlock(&bpf_mtx); 1335 } 1336 1337 static void bpf_drvinit(void *unused); 1338 1339 static void bpf_clone(void *arg, char *name, int namelen, dev_t *dev); 1340 1341 static void 1342 bpf_clone(arg, name, namelen, dev) 1343 void *arg; 1344 char *name; 1345 int namelen; 1346 dev_t *dev; 1347 { 1348 int u; 1349 1350 if (*dev != NODEV) 1351 return; 1352 if (dev_stdclone(name, NULL, "bpf", &u) != 1) 1353 return; 1354 *dev = make_dev(&bpf_cdevsw, unit2minor(u), UID_ROOT, GID_WHEEL, 0600, 1355 "bpf%d", u); 1356 (*dev)->si_flags |= SI_CHEAPCLONE; 1357 return; 1358 } 1359 1360 static void 1361 bpf_drvinit(unused) 1362 void *unused; 1363 { 1364 1365 mtx_init(&bpf_mtx, "bpf global lock", NULL, MTX_DEF); 1366 EVENTHANDLER_REGISTER(dev_clone, bpf_clone, 0, 1000); 1367 cdevsw_add(&bpf_cdevsw); 1368 } 1369 1370 SYSINIT(bpfdev,SI_SUB_DRIVERS,SI_ORDER_MIDDLE+CDEV_MAJOR,bpf_drvinit,NULL) 1371 1372 #else /* !DEV_BPF && !NETGRAPH_BPF */ 1373 /* 1374 * NOP stubs to allow bpf-using drivers to load and function. 1375 * 1376 * A 'better' implementation would allow the core bpf functionality 1377 * to be loaded at runtime. 1378 */ 1379 1380 void 1381 bpf_tap(ifp, pkt, pktlen) 1382 struct ifnet *ifp; 1383 register u_char *pkt; 1384 register u_int pktlen; 1385 { 1386 } 1387 1388 void 1389 bpf_mtap(ifp, m) 1390 struct ifnet *ifp; 1391 struct mbuf *m; 1392 { 1393 } 1394 1395 void 1396 bpfattach(ifp, dlt, hdrlen) 1397 struct ifnet *ifp; 1398 u_int dlt, hdrlen; 1399 { 1400 } 1401 1402 void 1403 bpfdetach(ifp) 1404 struct ifnet *ifp; 1405 { 1406 } 1407 1408 u_int 1409 bpf_filter(pc, p, wirelen, buflen) 1410 register const struct bpf_insn *pc; 1411 register u_char *p; 1412 u_int wirelen; 1413 register u_int buflen; 1414 { 1415 return -1; /* "no filter" behaviour */ 1416 } 1417 1418 int 1419 bpf_validate(f, len) 1420 const struct bpf_insn *f; 1421 int len; 1422 { 1423 return 0; /* false */ 1424 } 1425 1426 #endif /* !DEV_BPF && !NETGRAPH_BPF */ 1427