1 /*
2 * Copyright (c) 1990, 1991, 1993
3 * The Regents of the University of California. All rights reserved.
4 *
5 * This code is derived from the Stanford/CMU enet packet filter,
6 * (net/enet.c) distributed as part of 4.3BSD, and code contributed
7 * to Berkeley by Steven McCanne and Van Jacobson both of Lawrence
8 * Berkeley Laboratory.
9 *
10 * %sccs.include.redist.c%
11 *
12 * @(#)bpf.c 8.4 (Berkeley) 01/09/95
13 *
14 * static char rcsid[] =
15 * "$Header: bpf.c,v 1.33 91/10/27 21:21:58 mccanne Exp $";
16 */
17
18 #include "bpfilter.h"
19
20 #if NBPFILTER > 0
21
22 #include <sys/param.h>
23 #include <sys/systm.h>
24 #include <sys/mbuf.h>
25 #include <sys/buf.h>
26 #include <sys/time.h>
27 #include <sys/proc.h>
28 #include <sys/user.h>
29 #include <sys/ioctl.h>
30 #include <sys/map.h>
31
32 #include <sys/file.h>
33 #if defined(sparc) && BSD < 199103
34 #include <sys/stream.h>
35 #endif
36 #include <sys/tty.h>
37 #include <sys/uio.h>
38
39 #include <sys/protosw.h>
40 #include <sys/socket.h>
41 #include <net/if.h>
42
43 #include <net/bpf.h>
44 #include <net/bpfdesc.h>
45
46 #include <sys/errno.h>
47
48 #include <netinet/in.h>
49 #include <netinet/if_ether.h>
50 #include <sys/kernel.h>
51
52 /*
53 * Older BSDs don't have kernel malloc.
54 */
55 #if BSD < 199103
56 extern bcopy();
57 static caddr_t bpf_alloc();
58 #include <net/bpf_compat.h>
59 #define BPF_BUFSIZE (MCLBYTES-8)
60 #define UIOMOVE(cp, len, code, uio) uiomove(cp, len, code, uio)
61 #else
62 #define BPF_BUFSIZE 4096
63 #define UIOMOVE(cp, len, code, uio) uiomove(cp, len, uio)
64 #endif
65
66 #define PRINET 26 /* interruptible */
67
68 /*
69 * The default read buffer size is patchable.
70 */
71 int bpf_bufsize = BPF_BUFSIZE;
72
73 /*
74 * bpf_iflist is the list of interfaces; each corresponds to an ifnet
75 * bpf_dtab holds the descriptors, indexed by minor device #
76 */
77 struct bpf_if *bpf_iflist;
78 struct bpf_d bpf_dtab[NBPFILTER];
79
80 #if BSD >= 199207
81 /*
82 * bpfilterattach() is called at boot time in new systems. We do
83 * nothing here since old systems will not call this.
84 */
85 /* ARGSUSED */
86 void
bpfilterattach(n)87 bpfilterattach(n)
88 int n;
89 {
90 }
91 #endif
92
93 static int bpf_allocbufs __P((struct bpf_d *));
94 static int bpf_allocbufs __P((struct bpf_d *));
95 static void bpf_freed __P((struct bpf_d *));
96 static void bpf_freed __P((struct bpf_d *));
97 static void bpf_ifname __P((struct ifnet *, struct ifreq *));
98 static void bpf_ifname __P((struct ifnet *, struct ifreq *));
99 static void bpf_mcopy __P((const void *, void *, u_int));
100 static int bpf_movein __P((struct uio *, int,
101 struct mbuf **, struct sockaddr *, int *));
102 static int bpf_setif __P((struct bpf_d *, struct ifreq *));
103 static int bpf_setif __P((struct bpf_d *, struct ifreq *));
104 static __inline void
105 bpf_wakeup __P((struct bpf_d *));
106 static void catchpacket __P((struct bpf_d *, u_char *, u_int,
107 u_int, void (*)(const void *, void *, u_int)));
108 static void reset_d __P((struct bpf_d *));
109
110 static int
bpf_movein(uio,linktype,mp,sockp,datlen)111 bpf_movein(uio, linktype, mp, sockp, datlen)
112 register struct uio *uio;
113 int linktype, *datlen;
114 register struct mbuf **mp;
115 register struct sockaddr *sockp;
116 {
117 struct mbuf *m;
118 int error;
119 int len;
120 int hlen;
121
122 /*
123 * Build a sockaddr based on the data link layer type.
124 * We do this at this level because the ethernet header
125 * is copied directly into the data field of the sockaddr.
126 * In the case of SLIP, there is no header and the packet
127 * is forwarded as is.
128 * Also, we are careful to leave room at the front of the mbuf
129 * for the link level header.
130 */
131 switch (linktype) {
132
133 case DLT_SLIP:
134 sockp->sa_family = AF_INET;
135 hlen = 0;
136 break;
137
138 case DLT_EN10MB:
139 sockp->sa_family = AF_UNSPEC;
140 /* XXX Would MAXLINKHDR be better? */
141 hlen = sizeof(struct ether_header);
142 break;
143
144 case DLT_FDDI:
145 sockp->sa_family = AF_UNSPEC;
146 /* XXX 4(FORMAC)+6(dst)+6(src)+3(LLC)+5(SNAP) */
147 hlen = 24;
148 break;
149
150 case DLT_NULL:
151 sockp->sa_family = AF_UNSPEC;
152 hlen = 0;
153 break;
154
155 default:
156 return (EIO);
157 }
158
159 len = uio->uio_resid;
160 *datlen = len - hlen;
161 if ((unsigned)len > MCLBYTES)
162 return (EIO);
163
164 MGET(m, M_WAIT, MT_DATA);
165 if (m == 0)
166 return (ENOBUFS);
167 if (len > MLEN) {
168 #if BSD >= 199103
169 MCLGET(m, M_WAIT);
170 if ((m->m_flags & M_EXT) == 0) {
171 #else
172 MCLGET(m);
173 if (m->m_len != MCLBYTES) {
174 #endif
175 error = ENOBUFS;
176 goto bad;
177 }
178 }
179 m->m_len = len;
180 *mp = m;
181 /*
182 * Make room for link header.
183 */
184 if (hlen != 0) {
185 m->m_len -= hlen;
186 #if BSD >= 199103
187 m->m_data += hlen; /* XXX */
188 #else
189 m->m_off += hlen;
190 #endif
191 error = UIOMOVE((caddr_t)sockp->sa_data, hlen, UIO_WRITE, uio);
192 if (error)
193 goto bad;
194 }
195 error = UIOMOVE(mtod(m, caddr_t), len - hlen, UIO_WRITE, uio);
196 if (!error)
197 return (0);
198 bad:
199 m_freem(m);
200 return (error);
201 }
202
203 /*
204 * Attach file to the bpf interface, i.e. make d listen on bp.
205 * Must be called at splimp.
206 */
207 static void
bpf_attachd(d,bp)208 bpf_attachd(d, bp)
209 struct bpf_d *d;
210 struct bpf_if *bp;
211 {
212 /*
213 * Point d at bp, and add d to the interface's list of listeners.
214 * Finally, point the driver's bpf cookie at the interface so
215 * it will divert packets to bpf.
216 */
217 d->bd_bif = bp;
218 d->bd_next = bp->bif_dlist;
219 bp->bif_dlist = d;
220
221 *bp->bif_driverp = bp;
222 }
223
224 /*
225 * Detach a file from its interface.
226 */
227 static void
bpf_detachd(d)228 bpf_detachd(d)
229 struct bpf_d *d;
230 {
231 struct bpf_d **p;
232 struct bpf_if *bp;
233
234 bp = d->bd_bif;
235 /*
236 * Check if this descriptor had requested promiscuous mode.
237 * If so, turn it off.
238 */
239 if (d->bd_promisc) {
240 d->bd_promisc = 0;
241 if (ifpromisc(bp->bif_ifp, 0))
242 /*
243 * Something is really wrong if we were able to put
244 * the driver into promiscuous mode, but can't
245 * take it out.
246 */
247 panic("bpf: ifpromisc failed");
248 }
249 /* Remove d from the interface's descriptor list. */
250 p = &bp->bif_dlist;
251 while (*p != d) {
252 p = &(*p)->bd_next;
253 if (*p == 0)
254 panic("bpf_detachd: descriptor not in list");
255 }
256 *p = (*p)->bd_next;
257 if (bp->bif_dlist == 0)
258 /*
259 * Let the driver know that there are no more listeners.
260 */
261 *d->bd_bif->bif_driverp = 0;
262 d->bd_bif = 0;
263 }
264
265
266 /*
267 * Mark a descriptor free by making it point to itself.
268 * This is probably cheaper than marking with a constant since
269 * the address should be in a register anyway.
270 */
271 #define D_ISFREE(d) ((d) == (d)->bd_next)
272 #define D_MARKFREE(d) ((d)->bd_next = (d))
273 #define D_MARKUSED(d) ((d)->bd_next = 0)
274
275 /*
276 * Open ethernet device. Returns ENXIO for illegal minor device number,
277 * EBUSY if file is open by another process.
278 */
279 /* ARGSUSED */
280 int
bpfopen(dev,flag)281 bpfopen(dev, flag)
282 dev_t dev;
283 int flag;
284 {
285 register struct bpf_d *d;
286
287 if (minor(dev) >= NBPFILTER)
288 return (ENXIO);
289 /*
290 * Each minor can be opened by only one process. If the requested
291 * minor is in use, return EBUSY.
292 */
293 d = &bpf_dtab[minor(dev)];
294 if (!D_ISFREE(d))
295 return (EBUSY);
296
297 /* Mark "free" and do most initialization. */
298 bzero((char *)d, sizeof(*d));
299 d->bd_bufsize = bpf_bufsize;
300
301 return (0);
302 }
303
304 /*
305 * Close the descriptor by detaching it from its interface,
306 * deallocating its buffers, and marking it free.
307 */
308 /* ARGSUSED */
309 int
bpfclose(dev,flag)310 bpfclose(dev, flag)
311 dev_t dev;
312 int flag;
313 {
314 register struct bpf_d *d = &bpf_dtab[minor(dev)];
315 register int s;
316
317 s = splimp();
318 if (d->bd_bif)
319 bpf_detachd(d);
320 splx(s);
321 bpf_freed(d);
322
323 return (0);
324 }
325
326 /*
327 * Support for SunOS, which does not have tsleep.
328 */
329 #if BSD < 199103
330 static
bpf_timeout(arg)331 bpf_timeout(arg)
332 caddr_t arg;
333 {
334 struct bpf_d *d = (struct bpf_d *)arg;
335 d->bd_timedout = 1;
336 wakeup(arg);
337 }
338
339 #define BPF_SLEEP(chan, pri, s, t) bpf_sleep((struct bpf_d *)chan)
340
341 int
bpf_sleep(d)342 bpf_sleep(d)
343 register struct bpf_d *d;
344 {
345 register int rto = d->bd_rtout;
346 register int st;
347
348 if (rto != 0) {
349 d->bd_timedout = 0;
350 timeout(bpf_timeout, (caddr_t)d, rto);
351 }
352 st = sleep((caddr_t)d, PRINET|PCATCH);
353 if (rto != 0) {
354 if (d->bd_timedout == 0)
355 untimeout(bpf_timeout, (caddr_t)d);
356 else if (st == 0)
357 return EWOULDBLOCK;
358 }
359 return (st != 0) ? EINTR : 0;
360 }
361 #else
362 #define BPF_SLEEP tsleep
363 #endif
364
365 /*
366 * Rotate the packet buffers in descriptor d. Move the store buffer
367 * into the hold slot, and the free buffer into the store slot.
368 * Zero the length of the new store buffer.
369 */
370 #define ROTATE_BUFFERS(d) \
371 (d)->bd_hbuf = (d)->bd_sbuf; \
372 (d)->bd_hlen = (d)->bd_slen; \
373 (d)->bd_sbuf = (d)->bd_fbuf; \
374 (d)->bd_slen = 0; \
375 (d)->bd_fbuf = 0;
376 /*
377 * bpfread - read next chunk of packets from buffers
378 */
379 int
bpfread(dev,uio)380 bpfread(dev, uio)
381 dev_t dev;
382 register struct uio *uio;
383 {
384 register struct bpf_d *d = &bpf_dtab[minor(dev)];
385 int error;
386 int s;
387
388 /*
389 * Restrict application to use a buffer the same size as
390 * as kernel buffers.
391 */
392 if (uio->uio_resid != d->bd_bufsize)
393 return (EINVAL);
394
395 s = splimp();
396 /*
397 * If the hold buffer is empty, then do a timed sleep, which
398 * ends when the timeout expires or when enough packets
399 * have arrived to fill the store buffer.
400 */
401 while (d->bd_hbuf == 0) {
402 if (d->bd_immediate && d->bd_slen != 0) {
403 /*
404 * A packet(s) either arrived since the previous
405 * read or arrived while we were asleep.
406 * Rotate the buffers and return what's here.
407 */
408 ROTATE_BUFFERS(d);
409 break;
410 }
411 error = BPF_SLEEP((caddr_t)d, PRINET|PCATCH, "bpf",
412 d->bd_rtout);
413 if (error == EINTR || error == ERESTART) {
414 splx(s);
415 return (error);
416 }
417 if (error == EWOULDBLOCK) {
418 /*
419 * On a timeout, return what's in the buffer,
420 * which may be nothing. If there is something
421 * in the store buffer, we can rotate the buffers.
422 */
423 if (d->bd_hbuf)
424 /*
425 * We filled up the buffer in between
426 * getting the timeout and arriving
427 * here, so we don't need to rotate.
428 */
429 break;
430
431 if (d->bd_slen == 0) {
432 splx(s);
433 return (0);
434 }
435 ROTATE_BUFFERS(d);
436 break;
437 }
438 }
439 /*
440 * At this point, we know we have something in the hold slot.
441 */
442 splx(s);
443
444 /*
445 * Move data from hold buffer into user space.
446 * We know the entire buffer is transferred since
447 * we checked above that the read buffer is bpf_bufsize bytes.
448 */
449 error = UIOMOVE(d->bd_hbuf, d->bd_hlen, UIO_READ, uio);
450
451 s = splimp();
452 d->bd_fbuf = d->bd_hbuf;
453 d->bd_hbuf = 0;
454 d->bd_hlen = 0;
455 splx(s);
456
457 return (error);
458 }
459
460
461 /*
462 * If there are processes sleeping on this descriptor, wake them up.
463 */
464 static __inline void
bpf_wakeup(d)465 bpf_wakeup(d)
466 register struct bpf_d *d;
467 {
468 wakeup((caddr_t)d);
469 #if BSD >= 199103
470 selwakeup(&d->bd_sel);
471 /* XXX */
472 d->bd_sel.si_pid = 0;
473 #else
474 if (d->bd_selproc) {
475 selwakeup(d->bd_selproc, (int)d->bd_selcoll);
476 d->bd_selcoll = 0;
477 d->bd_selproc = 0;
478 }
479 #endif
480 }
481
482 int
bpfwrite(dev,uio)483 bpfwrite(dev, uio)
484 dev_t dev;
485 struct uio *uio;
486 {
487 register struct bpf_d *d = &bpf_dtab[minor(dev)];
488 struct ifnet *ifp;
489 struct mbuf *m;
490 int error, s;
491 static struct sockaddr dst;
492 int datlen;
493
494 if (d->bd_bif == 0)
495 return (ENXIO);
496
497 ifp = d->bd_bif->bif_ifp;
498
499 if (uio->uio_resid == 0)
500 return (0);
501
502 error = bpf_movein(uio, (int)d->bd_bif->bif_dlt, &m, &dst, &datlen);
503 if (error)
504 return (error);
505
506 if (datlen > ifp->if_mtu)
507 return (EMSGSIZE);
508
509 s = splnet();
510 #if BSD >= 199103
511 error = (*ifp->if_output)(ifp, m, &dst, (struct rtentry *)0);
512 #else
513 error = (*ifp->if_output)(ifp, m, &dst);
514 #endif
515 splx(s);
516 /*
517 * The driver frees the mbuf.
518 */
519 return (error);
520 }
521
522 /*
523 * Reset a descriptor by flushing its packet buffer and clearing the
524 * receive and drop counts. Should be called at splimp.
525 */
526 static void
reset_d(d)527 reset_d(d)
528 struct bpf_d *d;
529 {
530 if (d->bd_hbuf) {
531 /* Free the hold buffer. */
532 d->bd_fbuf = d->bd_hbuf;
533 d->bd_hbuf = 0;
534 }
535 d->bd_slen = 0;
536 d->bd_hlen = 0;
537 d->bd_rcount = 0;
538 d->bd_dcount = 0;
539 }
540
541 /*
542 * FIONREAD Check for read packet available.
543 * SIOCGIFADDR Get interface address - convenient hook to driver.
544 * BIOCGBLEN Get buffer len [for read()].
545 * BIOCSETF Set ethernet read filter.
546 * BIOCFLUSH Flush read packet buffer.
547 * BIOCPROMISC Put interface into promiscuous mode.
548 * BIOCGDLT Get link layer type.
549 * BIOCGETIF Get interface name.
550 * BIOCSETIF Set interface.
551 * BIOCSRTIMEOUT Set read timeout.
552 * BIOCGRTIMEOUT Get read timeout.
553 * BIOCGSTATS Get packet stats.
554 * BIOCIMMEDIATE Set immediate mode.
555 * BIOCVERSION Get filter language version.
556 */
557 /* ARGSUSED */
558 int
bpfioctl(dev,cmd,addr,flag)559 bpfioctl(dev, cmd, addr, flag)
560 dev_t dev;
561 u_long cmd;
562 caddr_t addr;
563 int flag;
564 {
565 register struct bpf_d *d = &bpf_dtab[minor(dev)];
566 int s, error = 0;
567
568 switch (cmd) {
569
570 default:
571 error = EINVAL;
572 break;
573
574 /*
575 * Check for read packet available.
576 */
577 case FIONREAD:
578 {
579 int n;
580
581 s = splimp();
582 n = d->bd_slen;
583 if (d->bd_hbuf)
584 n += d->bd_hlen;
585 splx(s);
586
587 *(int *)addr = n;
588 break;
589 }
590
591 case SIOCGIFADDR:
592 {
593 struct ifnet *ifp;
594
595 if (d->bd_bif == 0)
596 error = EINVAL;
597 else {
598 ifp = d->bd_bif->bif_ifp;
599 error = (*ifp->if_ioctl)(ifp, cmd, addr);
600 }
601 break;
602 }
603
604 /*
605 * Get buffer len [for read()].
606 */
607 case BIOCGBLEN:
608 *(u_int *)addr = d->bd_bufsize;
609 break;
610
611 /*
612 * Set buffer length.
613 */
614 case BIOCSBLEN:
615 #if BSD < 199103
616 error = EINVAL;
617 #else
618 if (d->bd_bif != 0)
619 error = EINVAL;
620 else {
621 register u_int size = *(u_int *)addr;
622
623 if (size > BPF_MAXBUFSIZE)
624 *(u_int *)addr = size = BPF_MAXBUFSIZE;
625 else if (size < BPF_MINBUFSIZE)
626 *(u_int *)addr = size = BPF_MINBUFSIZE;
627 d->bd_bufsize = size;
628 }
629 #endif
630 break;
631
632 /*
633 * Set link layer read filter.
634 */
635 case BIOCSETF:
636 error = bpf_setf(d, (struct bpf_program *)addr);
637 break;
638
639 /*
640 * Flush read packet buffer.
641 */
642 case BIOCFLUSH:
643 s = splimp();
644 reset_d(d);
645 splx(s);
646 break;
647
648 /*
649 * Put interface into promiscuous mode.
650 */
651 case BIOCPROMISC:
652 if (d->bd_bif == 0) {
653 /*
654 * No interface attached yet.
655 */
656 error = EINVAL;
657 break;
658 }
659 s = splimp();
660 if (d->bd_promisc == 0) {
661 error = ifpromisc(d->bd_bif->bif_ifp, 1);
662 if (error == 0)
663 d->bd_promisc = 1;
664 }
665 splx(s);
666 break;
667
668 /*
669 * Get device parameters.
670 */
671 case BIOCGDLT:
672 if (d->bd_bif == 0)
673 error = EINVAL;
674 else
675 *(u_int *)addr = d->bd_bif->bif_dlt;
676 break;
677
678 /*
679 * Set interface name.
680 */
681 case BIOCGETIF:
682 if (d->bd_bif == 0)
683 error = EINVAL;
684 else
685 bpf_ifname(d->bd_bif->bif_ifp, (struct ifreq *)addr);
686 break;
687
688 /*
689 * Set interface.
690 */
691 case BIOCSETIF:
692 error = bpf_setif(d, (struct ifreq *)addr);
693 break;
694
695 /*
696 * Set read timeout.
697 */
698 case BIOCSRTIMEOUT:
699 {
700 struct timeval *tv = (struct timeval *)addr;
701 u_long msec;
702
703 /* Compute number of milliseconds. */
704 msec = tv->tv_sec * 1000 + tv->tv_usec / 1000;
705 /* Scale milliseconds to ticks. Assume hard
706 clock has millisecond or greater resolution
707 (i.e. tick >= 1000). For 10ms hardclock,
708 tick/1000 = 10, so rtout<-msec/10. */
709 d->bd_rtout = msec / (tick / 1000);
710 break;
711 }
712
713 /*
714 * Get read timeout.
715 */
716 case BIOCGRTIMEOUT:
717 {
718 struct timeval *tv = (struct timeval *)addr;
719 u_long msec = d->bd_rtout;
720
721 msec *= tick / 1000;
722 tv->tv_sec = msec / 1000;
723 tv->tv_usec = msec % 1000;
724 break;
725 }
726
727 /*
728 * Get packet stats.
729 */
730 case BIOCGSTATS:
731 {
732 struct bpf_stat *bs = (struct bpf_stat *)addr;
733
734 bs->bs_recv = d->bd_rcount;
735 bs->bs_drop = d->bd_dcount;
736 break;
737 }
738
739 /*
740 * Set immediate mode.
741 */
742 case BIOCIMMEDIATE:
743 d->bd_immediate = *(u_int *)addr;
744 break;
745
746 case BIOCVERSION:
747 {
748 struct bpf_version *bv = (struct bpf_version *)addr;
749
750 bv->bv_major = BPF_MAJOR_VERSION;
751 bv->bv_minor = BPF_MINOR_VERSION;
752 break;
753 }
754 }
755 return (error);
756 }
757
758 /*
759 * Set d's packet filter program to fp. If this file already has a filter,
760 * free it and replace it. Returns EINVAL for bogus requests.
761 */
762 int
bpf_setf(d,fp)763 bpf_setf(d, fp)
764 struct bpf_d *d;
765 struct bpf_program *fp;
766 {
767 struct bpf_insn *fcode, *old;
768 u_int flen, size;
769 int s;
770
771 old = d->bd_filter;
772 if (fp->bf_insns == 0) {
773 if (fp->bf_len != 0)
774 return (EINVAL);
775 s = splimp();
776 d->bd_filter = 0;
777 reset_d(d);
778 splx(s);
779 if (old != 0)
780 free((caddr_t)old, M_DEVBUF);
781 return (0);
782 }
783 flen = fp->bf_len;
784 if (flen > BPF_MAXINSNS)
785 return (EINVAL);
786
787 size = flen * sizeof(*fp->bf_insns);
788 fcode = (struct bpf_insn *)malloc(size, M_DEVBUF, M_WAITOK);
789 if (copyin((caddr_t)fp->bf_insns, (caddr_t)fcode, size) == 0 &&
790 bpf_validate(fcode, (int)flen)) {
791 s = splimp();
792 d->bd_filter = fcode;
793 reset_d(d);
794 splx(s);
795 if (old != 0)
796 free((caddr_t)old, M_DEVBUF);
797
798 return (0);
799 }
800 free((caddr_t)fcode, M_DEVBUF);
801 return (EINVAL);
802 }
803
804 /*
805 * Detach a file from its current interface (if attached at all) and attach
806 * to the interface indicated by the name stored in ifr.
807 * Return an errno or 0.
808 */
809 static int
bpf_setif(d,ifr)810 bpf_setif(d, ifr)
811 struct bpf_d *d;
812 struct ifreq *ifr;
813 {
814 struct bpf_if *bp;
815 char *cp;
816 int unit, s, error;
817
818 /*
819 * Separate string into name part and unit number. Put a null
820 * byte at the end of the name part, and compute the number.
821 * If the a unit number is unspecified, the default is 0,
822 * as initialized above. XXX This should be common code.
823 */
824 unit = 0;
825 cp = ifr->ifr_name;
826 cp[sizeof(ifr->ifr_name) - 1] = '\0';
827 while (*cp++) {
828 if (*cp >= '0' && *cp <= '9') {
829 unit = *cp - '0';
830 *cp++ = '\0';
831 while (*cp)
832 unit = 10 * unit + *cp++ - '0';
833 break;
834 }
835 }
836 /*
837 * Look through attached interfaces for the named one.
838 */
839 for (bp = bpf_iflist; bp != 0; bp = bp->bif_next) {
840 struct ifnet *ifp = bp->bif_ifp;
841
842 if (ifp == 0 || unit != ifp->if_unit
843 || strcmp(ifp->if_name, ifr->ifr_name) != 0)
844 continue;
845 /*
846 * We found the requested interface.
847 * If it's not up, return an error.
848 * Allocate the packet buffers if we need to.
849 * If we're already attached to requested interface,
850 * just flush the buffer.
851 */
852 if ((ifp->if_flags & IFF_UP) == 0)
853 return (ENETDOWN);
854
855 if (d->bd_sbuf == 0) {
856 error = bpf_allocbufs(d);
857 if (error != 0)
858 return (error);
859 }
860 s = splimp();
861 if (bp != d->bd_bif) {
862 if (d->bd_bif)
863 /*
864 * Detach if attached to something else.
865 */
866 bpf_detachd(d);
867
868 bpf_attachd(d, bp);
869 }
870 reset_d(d);
871 splx(s);
872 return (0);
873 }
874 /* Not found. */
875 return (ENXIO);
876 }
877
878 /*
879 * Convert an interface name plus unit number of an ifp to a single
880 * name which is returned in the ifr.
881 */
882 static void
bpf_ifname(ifp,ifr)883 bpf_ifname(ifp, ifr)
884 struct ifnet *ifp;
885 struct ifreq *ifr;
886 {
887 char *s = ifp->if_name;
888 char *d = ifr->ifr_name;
889
890 while (*d++ = *s++)
891 continue;
892 /* XXX Assume that unit number is less than 10. */
893 *d++ = ifp->if_unit + '0';
894 *d = '\0';
895 }
896
897 /*
898 * The new select interface passes down the proc pointer; the old select
899 * stubs had to grab it out of the user struct. This glue allows either case.
900 */
901 #if BSD >= 199103
902 #define bpf_select bpfselect
903 #else
904 int
bpfselect(dev,rw)905 bpfselect(dev, rw)
906 register dev_t dev;
907 int rw;
908 {
909 return (bpf_select(dev, rw, u.u_procp));
910 }
911 #endif
912
913 /*
914 * Support for select() system call
915 *
916 * Return true iff the specific operation will not block indefinitely.
917 * Otherwise, return false but make a note that a selwakeup() must be done.
918 */
919 int
bpf_select(dev,rw,p)920 bpf_select(dev, rw, p)
921 register dev_t dev;
922 int rw;
923 struct proc *p;
924 {
925 register struct bpf_d *d;
926 register int s;
927
928 if (rw != FREAD)
929 return (0);
930 /*
931 * An imitation of the FIONREAD ioctl code.
932 */
933 d = &bpf_dtab[minor(dev)];
934
935 s = splimp();
936 if (d->bd_hlen != 0 || (d->bd_immediate && d->bd_slen != 0)) {
937 /*
938 * There is data waiting.
939 */
940 splx(s);
941 return (1);
942 }
943 #if BSD >= 199103
944 selrecord(p, &d->bd_sel);
945 #else
946 /*
947 * No data ready. If there's already a select() waiting on this
948 * minor device then this is a collision. This shouldn't happen
949 * because minors really should not be shared, but if a process
950 * forks while one of these is open, it is possible that both
951 * processes could select on the same descriptor.
952 */
953 if (d->bd_selproc && d->bd_selproc->p_wchan == (caddr_t)&selwait)
954 d->bd_selcoll = 1;
955 else
956 d->bd_selproc = p;
957 #endif
958 splx(s);
959 return (0);
960 }
961
962 /*
963 * Incoming linkage from device drivers. Process the packet pkt, of length
964 * pktlen, which is stored in a contiguous buffer. The packet is parsed
965 * by each process' filter, and if accepted, stashed into the corresponding
966 * buffer.
967 */
968 void
bpf_tap(arg,pkt,pktlen)969 bpf_tap(arg, pkt, pktlen)
970 caddr_t arg;
971 register u_char *pkt;
972 register u_int pktlen;
973 {
974 struct bpf_if *bp;
975 register struct bpf_d *d;
976 register u_int slen;
977 /*
978 * Note that the ipl does not have to be raised at this point.
979 * The only problem that could arise here is that if two different
980 * interfaces shared any data. This is not the case.
981 */
982 bp = (struct bpf_if *)arg;
983 for (d = bp->bif_dlist; d != 0; d = d->bd_next) {
984 ++d->bd_rcount;
985 slen = bpf_filter(d->bd_filter, pkt, pktlen, pktlen);
986 if (slen != 0)
987 catchpacket(d, pkt, pktlen, slen, bcopy);
988 }
989 }
990
991 /*
992 * Copy data from an mbuf chain into a buffer. This code is derived
993 * from m_copydata in sys/uipc_mbuf.c.
994 */
995 static void
bpf_mcopy(src_arg,dst_arg,len)996 bpf_mcopy(src_arg, dst_arg, len)
997 const void *src_arg;
998 void *dst_arg;
999 register u_int len;
1000 {
1001 register const struct mbuf *m;
1002 register u_int count;
1003 u_char *dst;
1004
1005 m = src_arg;
1006 dst = dst_arg;
1007 while (len > 0) {
1008 if (m == 0)
1009 panic("bpf_mcopy");
1010 count = min(m->m_len, len);
1011 bcopy(mtod(m, caddr_t), (caddr_t)dst, count);
1012 m = m->m_next;
1013 dst += count;
1014 len -= count;
1015 }
1016 }
1017
1018 /*
1019 * Incoming linkage from device drivers, when packet is in an mbuf chain.
1020 */
1021 void
bpf_mtap(arg,m)1022 bpf_mtap(arg, m)
1023 caddr_t arg;
1024 struct mbuf *m;
1025 {
1026 struct bpf_if *bp = (struct bpf_if *)arg;
1027 struct bpf_d *d;
1028 u_int pktlen, slen;
1029 struct mbuf *m0;
1030
1031 pktlen = 0;
1032 for (m0 = m; m0 != 0; m0 = m0->m_next)
1033 pktlen += m0->m_len;
1034
1035 for (d = bp->bif_dlist; d != 0; d = d->bd_next) {
1036 ++d->bd_rcount;
1037 slen = bpf_filter(d->bd_filter, (u_char *)m, pktlen, 0);
1038 if (slen != 0)
1039 catchpacket(d, (u_char *)m, pktlen, slen, bpf_mcopy);
1040 }
1041 }
1042
1043 /*
1044 * Move the packet data from interface memory (pkt) into the
1045 * store buffer. Return 1 if it's time to wakeup a listener (buffer full),
1046 * otherwise 0. "copy" is the routine called to do the actual data
1047 * transfer. bcopy is passed in to copy contiguous chunks, while
1048 * bpf_mcopy is passed in to copy mbuf chains. In the latter case,
1049 * pkt is really an mbuf.
1050 */
1051 static void
catchpacket(d,pkt,pktlen,snaplen,cpfn)1052 catchpacket(d, pkt, pktlen, snaplen, cpfn)
1053 register struct bpf_d *d;
1054 register u_char *pkt;
1055 register u_int pktlen, snaplen;
1056 register void (*cpfn)(const void *, void *, u_int);
1057 {
1058 register struct bpf_hdr *hp;
1059 register int totlen, curlen;
1060 register int hdrlen = d->bd_bif->bif_hdrlen;
1061 /*
1062 * Figure out how many bytes to move. If the packet is
1063 * greater or equal to the snapshot length, transfer that
1064 * much. Otherwise, transfer the whole packet (unless
1065 * we hit the buffer size limit).
1066 */
1067 totlen = hdrlen + min(snaplen, pktlen);
1068 if (totlen > d->bd_bufsize)
1069 totlen = d->bd_bufsize;
1070
1071 /*
1072 * Round up the end of the previous packet to the next longword.
1073 */
1074 curlen = BPF_WORDALIGN(d->bd_slen);
1075 if (curlen + totlen > d->bd_bufsize) {
1076 /*
1077 * This packet will overflow the storage buffer.
1078 * Rotate the buffers if we can, then wakeup any
1079 * pending reads.
1080 */
1081 if (d->bd_fbuf == 0) {
1082 /*
1083 * We haven't completed the previous read yet,
1084 * so drop the packet.
1085 */
1086 ++d->bd_dcount;
1087 return;
1088 }
1089 ROTATE_BUFFERS(d);
1090 bpf_wakeup(d);
1091 curlen = 0;
1092 }
1093 else if (d->bd_immediate)
1094 /*
1095 * Immediate mode is set. A packet arrived so any
1096 * reads should be woken up.
1097 */
1098 bpf_wakeup(d);
1099
1100 /*
1101 * Append the bpf header.
1102 */
1103 hp = (struct bpf_hdr *)(d->bd_sbuf + curlen);
1104 #if BSD >= 199103
1105 microtime(&hp->bh_tstamp);
1106 #elif defined(sun)
1107 uniqtime(&hp->bh_tstamp);
1108 #else
1109 hp->bh_tstamp = time;
1110 #endif
1111 hp->bh_datalen = pktlen;
1112 hp->bh_hdrlen = hdrlen;
1113 /*
1114 * Copy the packet data into the store buffer and update its length.
1115 */
1116 (*cpfn)(pkt, (u_char *)hp + hdrlen, (hp->bh_caplen = totlen - hdrlen));
1117 d->bd_slen = curlen + totlen;
1118 }
1119
1120 /*
1121 * Initialize all nonzero fields of a descriptor.
1122 */
1123 static int
bpf_allocbufs(d)1124 bpf_allocbufs(d)
1125 register struct bpf_d *d;
1126 {
1127 d->bd_fbuf = (caddr_t)malloc(d->bd_bufsize, M_DEVBUF, M_WAITOK);
1128 if (d->bd_fbuf == 0)
1129 return (ENOBUFS);
1130
1131 d->bd_sbuf = (caddr_t)malloc(d->bd_bufsize, M_DEVBUF, M_WAITOK);
1132 if (d->bd_sbuf == 0) {
1133 free(d->bd_fbuf, M_DEVBUF);
1134 return (ENOBUFS);
1135 }
1136 d->bd_slen = 0;
1137 d->bd_hlen = 0;
1138 return (0);
1139 }
1140
1141 /*
1142 * Free buffers currently in use by a descriptor.
1143 * Called on close.
1144 */
1145 static void
bpf_freed(d)1146 bpf_freed(d)
1147 register struct bpf_d *d;
1148 {
1149 /*
1150 * We don't need to lock out interrupts since this descriptor has
1151 * been detached from its interface and it yet hasn't been marked
1152 * free.
1153 */
1154 if (d->bd_sbuf != 0) {
1155 free(d->bd_sbuf, M_DEVBUF);
1156 if (d->bd_hbuf != 0)
1157 free(d->bd_hbuf, M_DEVBUF);
1158 if (d->bd_fbuf != 0)
1159 free(d->bd_fbuf, M_DEVBUF);
1160 }
1161 if (d->bd_filter)
1162 free((caddr_t)d->bd_filter, M_DEVBUF);
1163
1164 D_MARKFREE(d);
1165 }
1166
1167 /*
1168 * Attach an interface to bpf. driverp is a pointer to a (struct bpf_if *)
1169 * in the driver's softc; dlt is the link layer type; hdrlen is the fixed
1170 * size of the link header (variable length headers not yet supported).
1171 */
1172 void
bpfattach(driverp,ifp,dlt,hdrlen)1173 bpfattach(driverp, ifp, dlt, hdrlen)
1174 caddr_t *driverp;
1175 struct ifnet *ifp;
1176 u_int dlt, hdrlen;
1177 {
1178 struct bpf_if *bp;
1179 int i;
1180 #if BSD < 199103
1181 static struct bpf_if bpf_ifs[NBPFILTER];
1182 static int bpfifno;
1183
1184 bp = (bpfifno < NBPFILTER) ? &bpf_ifs[bpfifno++] : 0;
1185 #else
1186 bp = (struct bpf_if *)malloc(sizeof(*bp), M_DEVBUF, M_DONTWAIT);
1187 #endif
1188 if (bp == 0)
1189 panic("bpfattach");
1190
1191 bp->bif_dlist = 0;
1192 bp->bif_driverp = (struct bpf_if **)driverp;
1193 bp->bif_ifp = ifp;
1194 bp->bif_dlt = dlt;
1195
1196 bp->bif_next = bpf_iflist;
1197 bpf_iflist = bp;
1198
1199 *bp->bif_driverp = 0;
1200
1201 /*
1202 * Compute the length of the bpf header. This is not necessarily
1203 * equal to SIZEOF_BPF_HDR because we want to insert spacing such
1204 * that the network layer header begins on a longword boundary (for
1205 * performance reasons and to alleviate alignment restrictions).
1206 */
1207 bp->bif_hdrlen = BPF_WORDALIGN(hdrlen + SIZEOF_BPF_HDR) - hdrlen;
1208
1209 /*
1210 * Mark all the descriptors free if this hasn't been done.
1211 */
1212 if (!D_ISFREE(&bpf_dtab[0]))
1213 for (i = 0; i < NBPFILTER; ++i)
1214 D_MARKFREE(&bpf_dtab[i]);
1215
1216 printf("bpf: %s%d attached\n", ifp->if_name, ifp->if_unit);
1217 }
1218
1219 #if BSD >= 199103
1220 /* XXX This routine belongs in net/if.c. */
1221 /*
1222 * Set/clear promiscuous mode on interface ifp based on the truth value
1223 * of pswitch. The calls are reference counted so that only the first
1224 * "on" request actually has an effect, as does the final "off" request.
1225 * Results are undefined if the "off" and "on" requests are not matched.
1226 */
1227 int
ifpromisc(ifp,pswitch)1228 ifpromisc(ifp, pswitch)
1229 struct ifnet *ifp;
1230 int pswitch;
1231 {
1232 struct ifreq ifr;
1233 /*
1234 * If the device is not configured up, we cannot put it in
1235 * promiscuous mode.
1236 */
1237 if ((ifp->if_flags & IFF_UP) == 0)
1238 return (ENETDOWN);
1239
1240 if (pswitch) {
1241 if (ifp->if_pcount++ != 0)
1242 return (0);
1243 ifp->if_flags |= IFF_PROMISC;
1244 } else {
1245 if (--ifp->if_pcount > 0)
1246 return (0);
1247 ifp->if_flags &= ~IFF_PROMISC;
1248 }
1249 ifr.ifr_flags = ifp->if_flags;
1250 return ((*ifp->if_ioctl)(ifp, SIOCSIFFLAGS, (caddr_t)&ifr));
1251 }
1252 #endif
1253
1254 #if BSD < 199103
1255 /*
1256 * Allocate some memory for bpf. This is temporary SunOS support, and
1257 * is admittedly a hack.
1258 * If resources unavaiable, return 0.
1259 */
1260 static caddr_t
bpf_alloc(size,canwait)1261 bpf_alloc(size, canwait)
1262 register int size;
1263 register int canwait;
1264 {
1265 register struct mbuf *m;
1266
1267 if ((unsigned)size > (MCLBYTES-8))
1268 return 0;
1269
1270 MGET(m, canwait, MT_DATA);
1271 if (m == 0)
1272 return 0;
1273 if ((unsigned)size > (MLEN-8)) {
1274 MCLGET(m);
1275 if (m->m_len != MCLBYTES) {
1276 m_freem(m);
1277 return 0;
1278 }
1279 }
1280 *mtod(m, struct mbuf **) = m;
1281 return mtod(m, caddr_t) + 8;
1282 }
1283 #endif
1284 #endif
1285