1 /* 2 * Copyright (c) 1990, 1991, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * This code is derived from the Stanford/CMU enet packet filter, 6 * (net/enet.c) distributed as part of 4.3BSD, and code contributed 7 * to Berkeley by Steven McCanne and Van Jacobson both of Lawrence 8 * Berkeley Laboratory. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 3. All advertising materials mentioning features or use of this software 19 * must display the following acknowledgement: 20 * This product includes software developed by the University of 21 * California, Berkeley and its contributors. 22 * 4. Neither the name of the University nor the names of its contributors 23 * may be used to endorse or promote products derived from this software 24 * without specific prior written permission. 25 * 26 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 27 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 28 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 29 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 30 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 31 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 34 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 35 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 36 * SUCH DAMAGE. 37 * 38 * @(#)bpf.c 8.2 (Berkeley) 3/28/94 39 * 40 * $FreeBSD: src/sys/net/bpf.c,v 1.59.2.12 2002/04/14 21:41:48 luigi Exp $ 41 * $DragonFly: src/sys/net/bpf.c,v 1.2 2003/06/17 04:28:47 dillon Exp $ 42 */ 43 44 #include "bpf.h" 45 46 #ifndef __GNUC__ 47 #define inline 48 #else 49 #define inline __inline 50 #endif 51 52 #include <sys/param.h> 53 #include <sys/systm.h> 54 #include <sys/conf.h> 55 #include <sys/malloc.h> 56 #include <sys/mbuf.h> 57 #include <sys/time.h> 58 #include <sys/proc.h> 59 #include <sys/signalvar.h> 60 #include <sys/filio.h> 61 #include <sys/sockio.h> 62 #include <sys/ttycom.h> 63 #include <sys/filedesc.h> 64 65 #if defined(sparc) && BSD < 199103 66 #include <sys/stream.h> 67 #endif 68 #include <sys/poll.h> 69 70 #include <sys/socket.h> 71 #include <sys/vnode.h> 72 73 #include <net/if.h> 74 #include <net/bpf.h> 75 #include <net/bpfdesc.h> 76 77 #include <netinet/in.h> 78 #include <netinet/if_ether.h> 79 #include <sys/kernel.h> 80 #include <sys/sysctl.h> 81 82 MALLOC_DEFINE(M_BPF, "BPF", "BPF data"); 83 84 #if NBPF > 0 85 86 /* 87 * Older BSDs don't have kernel malloc. 88 */ 89 #if BSD < 199103 90 extern bcopy(); 91 static caddr_t bpf_alloc(); 92 #include <net/bpf_compat.h> 93 #define BPF_BUFSIZE (MCLBYTES-8) 94 #define UIOMOVE(cp, len, code, uio) uiomove(cp, len, code, uio) 95 #else 96 #define BPF_BUFSIZE 4096 97 #define UIOMOVE(cp, len, code, uio) uiomove(cp, len, uio) 98 #endif 99 100 #define PRINET 26 /* interruptible */ 101 102 /* 103 * The default read buffer size is patchable. 104 */ 105 static int bpf_bufsize = BPF_BUFSIZE; 106 SYSCTL_INT(_debug, OID_AUTO, bpf_bufsize, CTLFLAG_RW, 107 &bpf_bufsize, 0, ""); 108 static int bpf_maxbufsize = BPF_MAXBUFSIZE; 109 SYSCTL_INT(_debug, OID_AUTO, bpf_maxbufsize, CTLFLAG_RW, 110 &bpf_maxbufsize, 0, ""); 111 112 /* 113 * bpf_iflist is the list of interfaces; each corresponds to an ifnet 114 */ 115 static struct bpf_if *bpf_iflist; 116 117 static int bpf_allocbufs __P((struct bpf_d *)); 118 static void bpf_attachd __P((struct bpf_d *d, struct bpf_if *bp)); 119 static void bpf_detachd __P((struct bpf_d *d)); 120 static void bpf_freed __P((struct bpf_d *)); 121 static void bpf_mcopy __P((const void *, void *, size_t)); 122 static int bpf_movein __P((struct uio *, int, 123 struct mbuf **, struct sockaddr *, int *)); 124 static int bpf_setif __P((struct bpf_d *, struct ifreq *)); 125 static void bpf_timed_out __P((void *)); 126 static inline void 127 bpf_wakeup __P((struct bpf_d *)); 128 static void catchpacket __P((struct bpf_d *, u_char *, u_int, 129 u_int, void (*)(const void *, void *, size_t))); 130 static void reset_d __P((struct bpf_d *)); 131 static int bpf_setf __P((struct bpf_d *, struct bpf_program *)); 132 133 static d_open_t bpfopen; 134 static d_close_t bpfclose; 135 static d_read_t bpfread; 136 static d_write_t bpfwrite; 137 static d_ioctl_t bpfioctl; 138 static d_poll_t bpfpoll; 139 140 #define CDEV_MAJOR 23 141 static struct cdevsw bpf_cdevsw = { 142 /* open */ bpfopen, 143 /* close */ bpfclose, 144 /* read */ bpfread, 145 /* write */ bpfwrite, 146 /* ioctl */ bpfioctl, 147 /* poll */ bpfpoll, 148 /* mmap */ nommap, 149 /* strategy */ nostrategy, 150 /* name */ "bpf", 151 /* maj */ CDEV_MAJOR, 152 /* dump */ nodump, 153 /* psize */ nopsize, 154 /* flags */ 0, 155 /* bmaj */ -1 156 }; 157 158 159 static int 160 bpf_movein(uio, linktype, mp, sockp, datlen) 161 register struct uio *uio; 162 int linktype, *datlen; 163 register struct mbuf **mp; 164 register struct sockaddr *sockp; 165 { 166 struct mbuf *m; 167 int error; 168 int len; 169 int hlen; 170 171 /* 172 * Build a sockaddr based on the data link layer type. 173 * We do this at this level because the ethernet header 174 * is copied directly into the data field of the sockaddr. 175 * In the case of SLIP, there is no header and the packet 176 * is forwarded as is. 177 * Also, we are careful to leave room at the front of the mbuf 178 * for the link level header. 179 */ 180 switch (linktype) { 181 182 case DLT_SLIP: 183 sockp->sa_family = AF_INET; 184 hlen = 0; 185 break; 186 187 case DLT_EN10MB: 188 sockp->sa_family = AF_UNSPEC; 189 /* XXX Would MAXLINKHDR be better? */ 190 hlen = sizeof(struct ether_header); 191 break; 192 193 case DLT_FDDI: 194 #if defined(__FreeBSD__) || defined(__bsdi__) 195 sockp->sa_family = AF_IMPLINK; 196 hlen = 0; 197 #else 198 sockp->sa_family = AF_UNSPEC; 199 /* XXX 4(FORMAC)+6(dst)+6(src)+3(LLC)+5(SNAP) */ 200 hlen = 24; 201 #endif 202 break; 203 204 case DLT_RAW: 205 case DLT_NULL: 206 sockp->sa_family = AF_UNSPEC; 207 hlen = 0; 208 break; 209 210 #ifdef __FreeBSD__ 211 case DLT_ATM_RFC1483: 212 /* 213 * en atm driver requires 4-byte atm pseudo header. 214 * though it isn't standard, vpi:vci needs to be 215 * specified anyway. 216 */ 217 sockp->sa_family = AF_UNSPEC; 218 hlen = 12; /* XXX 4(ATM_PH) + 3(LLC) + 5(SNAP) */ 219 break; 220 #endif 221 case DLT_PPP: 222 sockp->sa_family = AF_UNSPEC; 223 hlen = 4; /* This should match PPP_HDRLEN */ 224 break; 225 226 default: 227 return (EIO); 228 } 229 230 len = uio->uio_resid; 231 *datlen = len - hlen; 232 if ((unsigned)len > MCLBYTES) 233 return (EIO); 234 235 MGETHDR(m, M_WAIT, MT_DATA); 236 if (m == 0) 237 return (ENOBUFS); 238 if (len > MHLEN) { 239 #if BSD >= 199103 240 MCLGET(m, M_WAIT); 241 if ((m->m_flags & M_EXT) == 0) { 242 #else 243 MCLGET(m); 244 if (m->m_len != MCLBYTES) { 245 #endif 246 error = ENOBUFS; 247 goto bad; 248 } 249 } 250 m->m_pkthdr.len = m->m_len = len; 251 m->m_pkthdr.rcvif = NULL; 252 *mp = m; 253 /* 254 * Make room for link header. 255 */ 256 if (hlen != 0) { 257 m->m_pkthdr.len -= hlen; 258 m->m_len -= hlen; 259 #if BSD >= 199103 260 m->m_data += hlen; /* XXX */ 261 #else 262 m->m_off += hlen; 263 #endif 264 error = UIOMOVE((caddr_t)sockp->sa_data, hlen, UIO_WRITE, uio); 265 if (error) 266 goto bad; 267 } 268 error = UIOMOVE(mtod(m, caddr_t), len - hlen, UIO_WRITE, uio); 269 if (!error) 270 return (0); 271 bad: 272 m_freem(m); 273 return (error); 274 } 275 276 /* 277 * Attach file to the bpf interface, i.e. make d listen on bp. 278 * Must be called at splimp. 279 */ 280 static void 281 bpf_attachd(d, bp) 282 struct bpf_d *d; 283 struct bpf_if *bp; 284 { 285 /* 286 * Point d at bp, and add d to the interface's list of listeners. 287 * Finally, point the driver's bpf cookie at the interface so 288 * it will divert packets to bpf. 289 */ 290 d->bd_bif = bp; 291 d->bd_next = bp->bif_dlist; 292 bp->bif_dlist = d; 293 294 bp->bif_ifp->if_bpf = bp; 295 } 296 297 /* 298 * Detach a file from its interface. 299 */ 300 static void 301 bpf_detachd(d) 302 struct bpf_d *d; 303 { 304 struct bpf_d **p; 305 struct bpf_if *bp; 306 307 bp = d->bd_bif; 308 /* 309 * Check if this descriptor had requested promiscuous mode. 310 * If so, turn it off. 311 */ 312 if (d->bd_promisc) { 313 d->bd_promisc = 0; 314 if (ifpromisc(bp->bif_ifp, 0)) 315 /* 316 * Something is really wrong if we were able to put 317 * the driver into promiscuous mode, but can't 318 * take it out. 319 */ 320 panic("bpf: ifpromisc failed"); 321 } 322 /* Remove d from the interface's descriptor list. */ 323 p = &bp->bif_dlist; 324 while (*p != d) { 325 p = &(*p)->bd_next; 326 if (*p == 0) 327 panic("bpf_detachd: descriptor not in list"); 328 } 329 *p = (*p)->bd_next; 330 if (bp->bif_dlist == 0) 331 /* 332 * Let the driver know that there are no more listeners. 333 */ 334 d->bd_bif->bif_ifp->if_bpf = 0; 335 d->bd_bif = 0; 336 } 337 338 /* 339 * Open ethernet device. Returns ENXIO for illegal minor device number, 340 * EBUSY if file is open by another process. 341 */ 342 /* ARGSUSED */ 343 static int 344 bpfopen(dev, flags, fmt, p) 345 dev_t dev; 346 int flags; 347 int fmt; 348 struct proc *p; 349 { 350 register struct bpf_d *d; 351 352 if (p->p_prison) 353 return (EPERM); 354 355 d = dev->si_drv1; 356 /* 357 * Each minor can be opened by only one process. If the requested 358 * minor is in use, return EBUSY. 359 */ 360 if (d) 361 return (EBUSY); 362 make_dev(&bpf_cdevsw, minor(dev), 0, 0, 0600, "bpf%d", lminor(dev)); 363 MALLOC(d, struct bpf_d *, sizeof(*d), M_BPF, M_WAITOK | M_ZERO); 364 dev->si_drv1 = d; 365 d->bd_bufsize = bpf_bufsize; 366 d->bd_sig = SIGIO; 367 d->bd_seesent = 1; 368 callout_init(&d->bd_callout); 369 return (0); 370 } 371 372 /* 373 * Close the descriptor by detaching it from its interface, 374 * deallocating its buffers, and marking it free. 375 */ 376 /* ARGSUSED */ 377 static int 378 bpfclose(dev, flags, fmt, p) 379 dev_t dev; 380 int flags; 381 int fmt; 382 struct proc *p; 383 { 384 register struct bpf_d *d = dev->si_drv1; 385 register int s; 386 387 funsetown(d->bd_sigio); 388 s = splimp(); 389 if (d->bd_state == BPF_WAITING) 390 callout_stop(&d->bd_callout); 391 d->bd_state = BPF_IDLE; 392 if (d->bd_bif) 393 bpf_detachd(d); 394 splx(s); 395 bpf_freed(d); 396 dev->si_drv1 = 0; 397 free(d, M_BPF); 398 399 return (0); 400 } 401 402 /* 403 * Support for SunOS, which does not have tsleep. 404 */ 405 #if BSD < 199103 406 static 407 bpf_timeout(arg) 408 caddr_t arg; 409 { 410 struct bpf_d *d = (struct bpf_d *)arg; 411 d->bd_timedout = 1; 412 wakeup(arg); 413 } 414 415 #define BPF_SLEEP(chan, pri, s, t) bpf_sleep((struct bpf_d *)chan) 416 417 int 418 bpf_sleep(d) 419 register struct bpf_d *d; 420 { 421 register int rto = d->bd_rtout; 422 register int st; 423 424 if (rto != 0) { 425 d->bd_timedout = 0; 426 timeout(bpf_timeout, (caddr_t)d, rto); 427 } 428 st = sleep((caddr_t)d, PRINET|PCATCH); 429 if (rto != 0) { 430 if (d->bd_timedout == 0) 431 untimeout(bpf_timeout, (caddr_t)d); 432 else if (st == 0) 433 return EWOULDBLOCK; 434 } 435 return (st != 0) ? EINTR : 0; 436 } 437 #else 438 #define BPF_SLEEP tsleep 439 #endif 440 441 /* 442 * Rotate the packet buffers in descriptor d. Move the store buffer 443 * into the hold slot, and the free buffer into the store slot. 444 * Zero the length of the new store buffer. 445 */ 446 #define ROTATE_BUFFERS(d) \ 447 (d)->bd_hbuf = (d)->bd_sbuf; \ 448 (d)->bd_hlen = (d)->bd_slen; \ 449 (d)->bd_sbuf = (d)->bd_fbuf; \ 450 (d)->bd_slen = 0; \ 451 (d)->bd_fbuf = 0; 452 /* 453 * bpfread - read next chunk of packets from buffers 454 */ 455 static int 456 bpfread(dev, uio, ioflag) 457 dev_t dev; 458 register struct uio *uio; 459 int ioflag; 460 { 461 register struct bpf_d *d = dev->si_drv1; 462 int timed_out; 463 int error; 464 int s; 465 466 /* 467 * Restrict application to use a buffer the same size as 468 * as kernel buffers. 469 */ 470 if (uio->uio_resid != d->bd_bufsize) 471 return (EINVAL); 472 473 s = splimp(); 474 if (d->bd_state == BPF_WAITING) 475 callout_stop(&d->bd_callout); 476 timed_out = (d->bd_state == BPF_TIMED_OUT); 477 d->bd_state = BPF_IDLE; 478 /* 479 * If the hold buffer is empty, then do a timed sleep, which 480 * ends when the timeout expires or when enough packets 481 * have arrived to fill the store buffer. 482 */ 483 while (d->bd_hbuf == 0) { 484 if ((d->bd_immediate || timed_out) && d->bd_slen != 0) { 485 /* 486 * A packet(s) either arrived since the previous 487 * read or arrived while we were asleep. 488 * Rotate the buffers and return what's here. 489 */ 490 ROTATE_BUFFERS(d); 491 break; 492 } 493 494 /* 495 * No data is available, check to see if the bpf device 496 * is still pointed at a real interface. If not, return 497 * ENXIO so that the userland process knows to rebind 498 * it before using it again. 499 */ 500 if (d->bd_bif == NULL) { 501 splx(s); 502 return (ENXIO); 503 } 504 505 if (ioflag & IO_NDELAY) { 506 splx(s); 507 return (EWOULDBLOCK); 508 } 509 error = BPF_SLEEP((caddr_t)d, PRINET|PCATCH, "bpf", 510 d->bd_rtout); 511 if (error == EINTR || error == ERESTART) { 512 splx(s); 513 return (error); 514 } 515 if (error == EWOULDBLOCK) { 516 /* 517 * On a timeout, return what's in the buffer, 518 * which may be nothing. If there is something 519 * in the store buffer, we can rotate the buffers. 520 */ 521 if (d->bd_hbuf) 522 /* 523 * We filled up the buffer in between 524 * getting the timeout and arriving 525 * here, so we don't need to rotate. 526 */ 527 break; 528 529 if (d->bd_slen == 0) { 530 splx(s); 531 return (0); 532 } 533 ROTATE_BUFFERS(d); 534 break; 535 } 536 } 537 /* 538 * At this point, we know we have something in the hold slot. 539 */ 540 splx(s); 541 542 /* 543 * Move data from hold buffer into user space. 544 * We know the entire buffer is transferred since 545 * we checked above that the read buffer is bpf_bufsize bytes. 546 */ 547 error = UIOMOVE(d->bd_hbuf, d->bd_hlen, UIO_READ, uio); 548 549 s = splimp(); 550 d->bd_fbuf = d->bd_hbuf; 551 d->bd_hbuf = 0; 552 d->bd_hlen = 0; 553 splx(s); 554 555 return (error); 556 } 557 558 559 /* 560 * If there are processes sleeping on this descriptor, wake them up. 561 */ 562 static inline void 563 bpf_wakeup(d) 564 register struct bpf_d *d; 565 { 566 if (d->bd_state == BPF_WAITING) { 567 callout_stop(&d->bd_callout); 568 d->bd_state = BPF_IDLE; 569 } 570 wakeup((caddr_t)d); 571 if (d->bd_async && d->bd_sig && d->bd_sigio) 572 pgsigio(d->bd_sigio, d->bd_sig, 0); 573 574 #if BSD >= 199103 575 selwakeup(&d->bd_sel); 576 /* XXX */ 577 d->bd_sel.si_pid = 0; 578 #else 579 if (d->bd_selproc) { 580 selwakeup(d->bd_selproc, (int)d->bd_selcoll); 581 d->bd_selcoll = 0; 582 d->bd_selproc = 0; 583 } 584 #endif 585 } 586 587 static void 588 bpf_timed_out(arg) 589 void *arg; 590 { 591 struct bpf_d *d = (struct bpf_d *)arg; 592 int s; 593 594 s = splimp(); 595 if (d->bd_state == BPF_WAITING) { 596 d->bd_state = BPF_TIMED_OUT; 597 if (d->bd_slen != 0) 598 bpf_wakeup(d); 599 } 600 splx(s); 601 } 602 603 static int 604 bpfwrite(dev, uio, ioflag) 605 dev_t dev; 606 struct uio *uio; 607 int ioflag; 608 { 609 register struct bpf_d *d = dev->si_drv1; 610 struct ifnet *ifp; 611 struct mbuf *m; 612 int error, s; 613 static struct sockaddr dst; 614 int datlen; 615 616 if (d->bd_bif == 0) 617 return (ENXIO); 618 619 ifp = d->bd_bif->bif_ifp; 620 621 if (uio->uio_resid == 0) 622 return (0); 623 624 error = bpf_movein(uio, (int)d->bd_bif->bif_dlt, &m, &dst, &datlen); 625 if (error) 626 return (error); 627 628 if (datlen > ifp->if_mtu) 629 return (EMSGSIZE); 630 631 if (d->bd_hdrcmplt) 632 dst.sa_family = pseudo_AF_HDRCMPLT; 633 634 s = splnet(); 635 #if BSD >= 199103 636 error = (*ifp->if_output)(ifp, m, &dst, (struct rtentry *)0); 637 #else 638 error = (*ifp->if_output)(ifp, m, &dst); 639 #endif 640 splx(s); 641 /* 642 * The driver frees the mbuf. 643 */ 644 return (error); 645 } 646 647 /* 648 * Reset a descriptor by flushing its packet buffer and clearing the 649 * receive and drop counts. Should be called at splimp. 650 */ 651 static void 652 reset_d(d) 653 struct bpf_d *d; 654 { 655 if (d->bd_hbuf) { 656 /* Free the hold buffer. */ 657 d->bd_fbuf = d->bd_hbuf; 658 d->bd_hbuf = 0; 659 } 660 d->bd_slen = 0; 661 d->bd_hlen = 0; 662 d->bd_rcount = 0; 663 d->bd_dcount = 0; 664 } 665 666 /* 667 * FIONREAD Check for read packet available. 668 * SIOCGIFADDR Get interface address - convenient hook to driver. 669 * BIOCGBLEN Get buffer len [for read()]. 670 * BIOCSETF Set ethernet read filter. 671 * BIOCFLUSH Flush read packet buffer. 672 * BIOCPROMISC Put interface into promiscuous mode. 673 * BIOCGDLT Get link layer type. 674 * BIOCGETIF Get interface name. 675 * BIOCSETIF Set interface. 676 * BIOCSRTIMEOUT Set read timeout. 677 * BIOCGRTIMEOUT Get read timeout. 678 * BIOCGSTATS Get packet stats. 679 * BIOCIMMEDIATE Set immediate mode. 680 * BIOCVERSION Get filter language version. 681 * BIOCGHDRCMPLT Get "header already complete" flag 682 * BIOCSHDRCMPLT Set "header already complete" flag 683 * BIOCGSEESENT Get "see packets sent" flag 684 * BIOCSSEESENT Set "see packets sent" flag 685 */ 686 /* ARGSUSED */ 687 static int 688 bpfioctl(dev, cmd, addr, flags, p) 689 dev_t dev; 690 u_long cmd; 691 caddr_t addr; 692 int flags; 693 struct proc *p; 694 { 695 register struct bpf_d *d = dev->si_drv1; 696 int s, error = 0; 697 698 s = splimp(); 699 if (d->bd_state == BPF_WAITING) 700 callout_stop(&d->bd_callout); 701 d->bd_state = BPF_IDLE; 702 splx(s); 703 704 switch (cmd) { 705 706 default: 707 error = EINVAL; 708 break; 709 710 /* 711 * Check for read packet available. 712 */ 713 case FIONREAD: 714 { 715 int n; 716 717 s = splimp(); 718 n = d->bd_slen; 719 if (d->bd_hbuf) 720 n += d->bd_hlen; 721 splx(s); 722 723 *(int *)addr = n; 724 break; 725 } 726 727 case SIOCGIFADDR: 728 { 729 struct ifnet *ifp; 730 731 if (d->bd_bif == 0) 732 error = EINVAL; 733 else { 734 ifp = d->bd_bif->bif_ifp; 735 error = (*ifp->if_ioctl)(ifp, cmd, addr); 736 } 737 break; 738 } 739 740 /* 741 * Get buffer len [for read()]. 742 */ 743 case BIOCGBLEN: 744 *(u_int *)addr = d->bd_bufsize; 745 break; 746 747 /* 748 * Set buffer length. 749 */ 750 case BIOCSBLEN: 751 #if BSD < 199103 752 error = EINVAL; 753 #else 754 if (d->bd_bif != 0) 755 error = EINVAL; 756 else { 757 register u_int size = *(u_int *)addr; 758 759 if (size > bpf_maxbufsize) 760 *(u_int *)addr = size = bpf_maxbufsize; 761 else if (size < BPF_MINBUFSIZE) 762 *(u_int *)addr = size = BPF_MINBUFSIZE; 763 d->bd_bufsize = size; 764 } 765 #endif 766 break; 767 768 /* 769 * Set link layer read filter. 770 */ 771 case BIOCSETF: 772 error = bpf_setf(d, (struct bpf_program *)addr); 773 break; 774 775 /* 776 * Flush read packet buffer. 777 */ 778 case BIOCFLUSH: 779 s = splimp(); 780 reset_d(d); 781 splx(s); 782 break; 783 784 /* 785 * Put interface into promiscuous mode. 786 */ 787 case BIOCPROMISC: 788 if (d->bd_bif == 0) { 789 /* 790 * No interface attached yet. 791 */ 792 error = EINVAL; 793 break; 794 } 795 s = splimp(); 796 if (d->bd_promisc == 0) { 797 error = ifpromisc(d->bd_bif->bif_ifp, 1); 798 if (error == 0) 799 d->bd_promisc = 1; 800 } 801 splx(s); 802 break; 803 804 /* 805 * Get device parameters. 806 */ 807 case BIOCGDLT: 808 if (d->bd_bif == 0) 809 error = EINVAL; 810 else 811 *(u_int *)addr = d->bd_bif->bif_dlt; 812 break; 813 814 /* 815 * Get interface name. 816 */ 817 case BIOCGETIF: 818 if (d->bd_bif == 0) 819 error = EINVAL; 820 else { 821 struct ifnet *const ifp = d->bd_bif->bif_ifp; 822 struct ifreq *const ifr = (struct ifreq *)addr; 823 824 snprintf(ifr->ifr_name, sizeof(ifr->ifr_name), 825 "%s%d", ifp->if_name, ifp->if_unit); 826 } 827 break; 828 829 /* 830 * Set interface. 831 */ 832 case BIOCSETIF: 833 error = bpf_setif(d, (struct ifreq *)addr); 834 break; 835 836 /* 837 * Set read timeout. 838 */ 839 case BIOCSRTIMEOUT: 840 { 841 struct timeval *tv = (struct timeval *)addr; 842 843 /* 844 * Subtract 1 tick from tvtohz() since this isn't 845 * a one-shot timer. 846 */ 847 if ((error = itimerfix(tv)) == 0) 848 d->bd_rtout = tvtohz(tv) - 1; 849 break; 850 } 851 852 /* 853 * Get read timeout. 854 */ 855 case BIOCGRTIMEOUT: 856 { 857 struct timeval *tv = (struct timeval *)addr; 858 859 tv->tv_sec = d->bd_rtout / hz; 860 tv->tv_usec = (d->bd_rtout % hz) * tick; 861 break; 862 } 863 864 /* 865 * Get packet stats. 866 */ 867 case BIOCGSTATS: 868 { 869 struct bpf_stat *bs = (struct bpf_stat *)addr; 870 871 bs->bs_recv = d->bd_rcount; 872 bs->bs_drop = d->bd_dcount; 873 break; 874 } 875 876 /* 877 * Set immediate mode. 878 */ 879 case BIOCIMMEDIATE: 880 d->bd_immediate = *(u_int *)addr; 881 break; 882 883 case BIOCVERSION: 884 { 885 struct bpf_version *bv = (struct bpf_version *)addr; 886 887 bv->bv_major = BPF_MAJOR_VERSION; 888 bv->bv_minor = BPF_MINOR_VERSION; 889 break; 890 } 891 892 /* 893 * Get "header already complete" flag 894 */ 895 case BIOCGHDRCMPLT: 896 *(u_int *)addr = d->bd_hdrcmplt; 897 break; 898 899 /* 900 * Set "header already complete" flag 901 */ 902 case BIOCSHDRCMPLT: 903 d->bd_hdrcmplt = *(u_int *)addr ? 1 : 0; 904 break; 905 906 /* 907 * Get "see sent packets" flag 908 */ 909 case BIOCGSEESENT: 910 *(u_int *)addr = d->bd_seesent; 911 break; 912 913 /* 914 * Set "see sent packets" flag 915 */ 916 case BIOCSSEESENT: 917 d->bd_seesent = *(u_int *)addr; 918 break; 919 920 case FIONBIO: /* Non-blocking I/O */ 921 break; 922 923 case FIOASYNC: /* Send signal on receive packets */ 924 d->bd_async = *(int *)addr; 925 break; 926 927 case FIOSETOWN: 928 error = fsetown(*(int *)addr, &d->bd_sigio); 929 break; 930 931 case FIOGETOWN: 932 *(int *)addr = fgetown(d->bd_sigio); 933 break; 934 935 /* This is deprecated, FIOSETOWN should be used instead. */ 936 case TIOCSPGRP: 937 error = fsetown(-(*(int *)addr), &d->bd_sigio); 938 break; 939 940 /* This is deprecated, FIOGETOWN should be used instead. */ 941 case TIOCGPGRP: 942 *(int *)addr = -fgetown(d->bd_sigio); 943 break; 944 945 case BIOCSRSIG: /* Set receive signal */ 946 { 947 u_int sig; 948 949 sig = *(u_int *)addr; 950 951 if (sig >= NSIG) 952 error = EINVAL; 953 else 954 d->bd_sig = sig; 955 break; 956 } 957 case BIOCGRSIG: 958 *(u_int *)addr = d->bd_sig; 959 break; 960 } 961 return (error); 962 } 963 964 /* 965 * Set d's packet filter program to fp. If this file already has a filter, 966 * free it and replace it. Returns EINVAL for bogus requests. 967 */ 968 static int 969 bpf_setf(d, fp) 970 struct bpf_d *d; 971 struct bpf_program *fp; 972 { 973 struct bpf_insn *fcode, *old; 974 u_int flen, size; 975 int s; 976 977 old = d->bd_filter; 978 if (fp->bf_insns == 0) { 979 if (fp->bf_len != 0) 980 return (EINVAL); 981 s = splimp(); 982 d->bd_filter = 0; 983 reset_d(d); 984 splx(s); 985 if (old != 0) 986 free((caddr_t)old, M_BPF); 987 return (0); 988 } 989 flen = fp->bf_len; 990 if (flen > BPF_MAXINSNS) 991 return (EINVAL); 992 993 size = flen * sizeof(*fp->bf_insns); 994 fcode = (struct bpf_insn *)malloc(size, M_BPF, M_WAITOK); 995 if (copyin((caddr_t)fp->bf_insns, (caddr_t)fcode, size) == 0 && 996 bpf_validate(fcode, (int)flen)) { 997 s = splimp(); 998 d->bd_filter = fcode; 999 reset_d(d); 1000 splx(s); 1001 if (old != 0) 1002 free((caddr_t)old, M_BPF); 1003 1004 return (0); 1005 } 1006 free((caddr_t)fcode, M_BPF); 1007 return (EINVAL); 1008 } 1009 1010 /* 1011 * Detach a file from its current interface (if attached at all) and attach 1012 * to the interface indicated by the name stored in ifr. 1013 * Return an errno or 0. 1014 */ 1015 static int 1016 bpf_setif(d, ifr) 1017 struct bpf_d *d; 1018 struct ifreq *ifr; 1019 { 1020 struct bpf_if *bp; 1021 int s, error; 1022 struct ifnet *theywant; 1023 1024 theywant = ifunit(ifr->ifr_name); 1025 if (theywant == 0) 1026 return ENXIO; 1027 1028 /* 1029 * Look through attached interfaces for the named one. 1030 */ 1031 for (bp = bpf_iflist; bp != 0; bp = bp->bif_next) { 1032 struct ifnet *ifp = bp->bif_ifp; 1033 1034 if (ifp == 0 || ifp != theywant) 1035 continue; 1036 /* 1037 * We found the requested interface. 1038 * If it's not up, return an error. 1039 * Allocate the packet buffers if we need to. 1040 * If we're already attached to requested interface, 1041 * just flush the buffer. 1042 */ 1043 if ((ifp->if_flags & IFF_UP) == 0) 1044 return (ENETDOWN); 1045 1046 if (d->bd_sbuf == 0) { 1047 error = bpf_allocbufs(d); 1048 if (error != 0) 1049 return (error); 1050 } 1051 s = splimp(); 1052 if (bp != d->bd_bif) { 1053 if (d->bd_bif) 1054 /* 1055 * Detach if attached to something else. 1056 */ 1057 bpf_detachd(d); 1058 1059 bpf_attachd(d, bp); 1060 } 1061 reset_d(d); 1062 splx(s); 1063 return (0); 1064 } 1065 /* Not found. */ 1066 return (ENXIO); 1067 } 1068 1069 /* 1070 * Support for select() and poll() system calls 1071 * 1072 * Return true iff the specific operation will not block indefinitely. 1073 * Otherwise, return false but make a note that a selwakeup() must be done. 1074 */ 1075 int 1076 bpfpoll(dev, events, p) 1077 register dev_t dev; 1078 int events; 1079 struct proc *p; 1080 { 1081 register struct bpf_d *d; 1082 register int s; 1083 int revents; 1084 1085 d = dev->si_drv1; 1086 if (d->bd_bif == NULL) 1087 return (ENXIO); 1088 1089 revents = events & (POLLOUT | POLLWRNORM); 1090 s = splimp(); 1091 if (events & (POLLIN | POLLRDNORM)) { 1092 /* 1093 * An imitation of the FIONREAD ioctl code. 1094 * XXX not quite. An exact imitation: 1095 * if (d->b_slen != 0 || 1096 * (d->bd_hbuf != NULL && d->bd_hlen != 0) 1097 */ 1098 if (d->bd_hlen != 0 || 1099 ((d->bd_immediate || d->bd_state == BPF_TIMED_OUT) && 1100 d->bd_slen != 0)) 1101 revents |= events & (POLLIN | POLLRDNORM); 1102 else { 1103 selrecord(p, &d->bd_sel); 1104 /* Start the read timeout if necessary. */ 1105 if (d->bd_rtout > 0 && d->bd_state == BPF_IDLE) { 1106 callout_reset(&d->bd_callout, d->bd_rtout, 1107 bpf_timed_out, d); 1108 d->bd_state = BPF_WAITING; 1109 } 1110 } 1111 } 1112 splx(s); 1113 return (revents); 1114 } 1115 1116 /* 1117 * Incoming linkage from device drivers. Process the packet pkt, of length 1118 * pktlen, which is stored in a contiguous buffer. The packet is parsed 1119 * by each process' filter, and if accepted, stashed into the corresponding 1120 * buffer. 1121 */ 1122 void 1123 bpf_tap(ifp, pkt, pktlen) 1124 struct ifnet *ifp; 1125 register u_char *pkt; 1126 register u_int pktlen; 1127 { 1128 struct bpf_if *bp; 1129 register struct bpf_d *d; 1130 register u_int slen; 1131 /* 1132 * Note that the ipl does not have to be raised at this point. 1133 * The only problem that could arise here is that if two different 1134 * interfaces shared any data. This is not the case. 1135 */ 1136 bp = ifp->if_bpf; 1137 for (d = bp->bif_dlist; d != 0; d = d->bd_next) { 1138 ++d->bd_rcount; 1139 slen = bpf_filter(d->bd_filter, pkt, pktlen, pktlen); 1140 if (slen != 0) 1141 catchpacket(d, pkt, pktlen, slen, bcopy); 1142 } 1143 } 1144 1145 /* 1146 * Copy data from an mbuf chain into a buffer. This code is derived 1147 * from m_copydata in sys/uipc_mbuf.c. 1148 */ 1149 static void 1150 bpf_mcopy(src_arg, dst_arg, len) 1151 const void *src_arg; 1152 void *dst_arg; 1153 register size_t len; 1154 { 1155 register const struct mbuf *m; 1156 register u_int count; 1157 u_char *dst; 1158 1159 m = src_arg; 1160 dst = dst_arg; 1161 while (len > 0) { 1162 if (m == 0) 1163 panic("bpf_mcopy"); 1164 count = min(m->m_len, len); 1165 bcopy(mtod(m, void *), dst, count); 1166 m = m->m_next; 1167 dst += count; 1168 len -= count; 1169 } 1170 } 1171 1172 /* 1173 * Incoming linkage from device drivers, when packet is in an mbuf chain. 1174 */ 1175 void 1176 bpf_mtap(ifp, m) 1177 struct ifnet *ifp; 1178 struct mbuf *m; 1179 { 1180 struct bpf_if *bp = ifp->if_bpf; 1181 struct bpf_d *d; 1182 u_int pktlen, slen; 1183 struct mbuf *m0; 1184 1185 pktlen = 0; 1186 for (m0 = m; m0 != 0; m0 = m0->m_next) 1187 pktlen += m0->m_len; 1188 1189 for (d = bp->bif_dlist; d != 0; d = d->bd_next) { 1190 if (!d->bd_seesent && (m->m_pkthdr.rcvif == NULL)) 1191 continue; 1192 ++d->bd_rcount; 1193 slen = bpf_filter(d->bd_filter, (u_char *)m, pktlen, 0); 1194 if (slen != 0) 1195 catchpacket(d, (u_char *)m, pktlen, slen, bpf_mcopy); 1196 } 1197 } 1198 1199 /* 1200 * Move the packet data from interface memory (pkt) into the 1201 * store buffer. Return 1 if it's time to wakeup a listener (buffer full), 1202 * otherwise 0. "copy" is the routine called to do the actual data 1203 * transfer. bcopy is passed in to copy contiguous chunks, while 1204 * bpf_mcopy is passed in to copy mbuf chains. In the latter case, 1205 * pkt is really an mbuf. 1206 */ 1207 static void 1208 catchpacket(d, pkt, pktlen, snaplen, cpfn) 1209 register struct bpf_d *d; 1210 register u_char *pkt; 1211 register u_int pktlen, snaplen; 1212 register void (*cpfn) __P((const void *, void *, size_t)); 1213 { 1214 register struct bpf_hdr *hp; 1215 register int totlen, curlen; 1216 register int hdrlen = d->bd_bif->bif_hdrlen; 1217 /* 1218 * Figure out how many bytes to move. If the packet is 1219 * greater or equal to the snapshot length, transfer that 1220 * much. Otherwise, transfer the whole packet (unless 1221 * we hit the buffer size limit). 1222 */ 1223 totlen = hdrlen + min(snaplen, pktlen); 1224 if (totlen > d->bd_bufsize) 1225 totlen = d->bd_bufsize; 1226 1227 /* 1228 * Round up the end of the previous packet to the next longword. 1229 */ 1230 curlen = BPF_WORDALIGN(d->bd_slen); 1231 if (curlen + totlen > d->bd_bufsize) { 1232 /* 1233 * This packet will overflow the storage buffer. 1234 * Rotate the buffers if we can, then wakeup any 1235 * pending reads. 1236 */ 1237 if (d->bd_fbuf == 0) { 1238 /* 1239 * We haven't completed the previous read yet, 1240 * so drop the packet. 1241 */ 1242 ++d->bd_dcount; 1243 return; 1244 } 1245 ROTATE_BUFFERS(d); 1246 bpf_wakeup(d); 1247 curlen = 0; 1248 } 1249 else if (d->bd_immediate || d->bd_state == BPF_TIMED_OUT) 1250 /* 1251 * Immediate mode is set, or the read timeout has 1252 * already expired during a select call. A packet 1253 * arrived, so the reader should be woken up. 1254 */ 1255 bpf_wakeup(d); 1256 1257 /* 1258 * Append the bpf header. 1259 */ 1260 hp = (struct bpf_hdr *)(d->bd_sbuf + curlen); 1261 #if BSD >= 199103 1262 microtime(&hp->bh_tstamp); 1263 #elif defined(sun) 1264 uniqtime(&hp->bh_tstamp); 1265 #else 1266 hp->bh_tstamp = time; 1267 #endif 1268 hp->bh_datalen = pktlen; 1269 hp->bh_hdrlen = hdrlen; 1270 /* 1271 * Copy the packet data into the store buffer and update its length. 1272 */ 1273 (*cpfn)(pkt, (u_char *)hp + hdrlen, (hp->bh_caplen = totlen - hdrlen)); 1274 d->bd_slen = curlen + totlen; 1275 } 1276 1277 /* 1278 * Initialize all nonzero fields of a descriptor. 1279 */ 1280 static int 1281 bpf_allocbufs(d) 1282 register struct bpf_d *d; 1283 { 1284 d->bd_fbuf = (caddr_t)malloc(d->bd_bufsize, M_BPF, M_WAITOK); 1285 if (d->bd_fbuf == 0) 1286 return (ENOBUFS); 1287 1288 d->bd_sbuf = (caddr_t)malloc(d->bd_bufsize, M_BPF, M_WAITOK); 1289 if (d->bd_sbuf == 0) { 1290 free(d->bd_fbuf, M_BPF); 1291 return (ENOBUFS); 1292 } 1293 d->bd_slen = 0; 1294 d->bd_hlen = 0; 1295 return (0); 1296 } 1297 1298 /* 1299 * Free buffers currently in use by a descriptor. 1300 * Called on close. 1301 */ 1302 static void 1303 bpf_freed(d) 1304 register struct bpf_d *d; 1305 { 1306 /* 1307 * We don't need to lock out interrupts since this descriptor has 1308 * been detached from its interface and it yet hasn't been marked 1309 * free. 1310 */ 1311 if (d->bd_sbuf != 0) { 1312 free(d->bd_sbuf, M_BPF); 1313 if (d->bd_hbuf != 0) 1314 free(d->bd_hbuf, M_BPF); 1315 if (d->bd_fbuf != 0) 1316 free(d->bd_fbuf, M_BPF); 1317 } 1318 if (d->bd_filter) 1319 free((caddr_t)d->bd_filter, M_BPF); 1320 } 1321 1322 /* 1323 * Attach an interface to bpf. ifp is a pointer to the structure 1324 * defining the interface to be attached, dlt is the link layer type, 1325 * and hdrlen is the fixed size of the link header (variable length 1326 * headers are not yet supporrted). 1327 */ 1328 void 1329 bpfattach(ifp, dlt, hdrlen) 1330 struct ifnet *ifp; 1331 u_int dlt, hdrlen; 1332 { 1333 struct bpf_if *bp; 1334 bp = (struct bpf_if *)malloc(sizeof(*bp), M_BPF, M_DONTWAIT | M_ZERO); 1335 if (bp == 0) 1336 panic("bpfattach"); 1337 1338 bp->bif_ifp = ifp; 1339 bp->bif_dlt = dlt; 1340 1341 bp->bif_next = bpf_iflist; 1342 bpf_iflist = bp; 1343 1344 bp->bif_ifp->if_bpf = 0; 1345 1346 /* 1347 * Compute the length of the bpf header. This is not necessarily 1348 * equal to SIZEOF_BPF_HDR because we want to insert spacing such 1349 * that the network layer header begins on a longword boundary (for 1350 * performance reasons and to alleviate alignment restrictions). 1351 */ 1352 bp->bif_hdrlen = BPF_WORDALIGN(hdrlen + SIZEOF_BPF_HDR) - hdrlen; 1353 1354 if (bootverbose) 1355 printf("bpf: %s%d attached\n", ifp->if_name, ifp->if_unit); 1356 } 1357 1358 /* 1359 * Detach bpf from an interface. This involves detaching each descriptor 1360 * associated with the interface, and leaving bd_bif NULL. Notify each 1361 * descriptor as it's detached so that any sleepers wake up and get 1362 * ENXIO. 1363 */ 1364 void 1365 bpfdetach(ifp) 1366 struct ifnet *ifp; 1367 { 1368 struct bpf_if *bp, *bp_prev; 1369 struct bpf_d *d; 1370 int s; 1371 1372 s = splimp(); 1373 1374 /* Locate BPF interface information */ 1375 bp_prev = NULL; 1376 for (bp = bpf_iflist; bp != NULL; bp = bp->bif_next) { 1377 if (ifp == bp->bif_ifp) 1378 break; 1379 bp_prev = bp; 1380 } 1381 1382 /* Interface wasn't attached */ 1383 if (bp->bif_ifp == NULL) { 1384 splx(s); 1385 printf("bpfdetach: %s%d was not attached\n", ifp->if_name, 1386 ifp->if_unit); 1387 return; 1388 } 1389 1390 while ((d = bp->bif_dlist) != NULL) { 1391 bpf_detachd(d); 1392 bpf_wakeup(d); 1393 } 1394 1395 if (bp_prev) { 1396 bp_prev->bif_next = bp->bif_next; 1397 } else { 1398 bpf_iflist = bp->bif_next; 1399 } 1400 1401 free(bp, M_BPF); 1402 1403 splx(s); 1404 } 1405 1406 static void bpf_drvinit __P((void *unused)); 1407 1408 static void 1409 bpf_drvinit(unused) 1410 void *unused; 1411 { 1412 1413 cdevsw_add(&bpf_cdevsw); 1414 } 1415 1416 SYSINIT(bpfdev,SI_SUB_DRIVERS,SI_ORDER_MIDDLE+CDEV_MAJOR,bpf_drvinit,NULL) 1417 1418 #else /* !BPF */ 1419 /* 1420 * NOP stubs to allow bpf-using drivers to load and function. 1421 * 1422 * A 'better' implementation would allow the core bpf functionality 1423 * to be loaded at runtime. 1424 */ 1425 1426 void 1427 bpf_tap(ifp, pkt, pktlen) 1428 struct ifnet *ifp; 1429 register u_char *pkt; 1430 register u_int pktlen; 1431 { 1432 } 1433 1434 void 1435 bpf_mtap(ifp, m) 1436 struct ifnet *ifp; 1437 struct mbuf *m; 1438 { 1439 } 1440 1441 void 1442 bpfattach(ifp, dlt, hdrlen) 1443 struct ifnet *ifp; 1444 u_int dlt, hdrlen; 1445 { 1446 } 1447 1448 void 1449 bpfdetach(ifp) 1450 struct ifnet *ifp; 1451 { 1452 } 1453 1454 u_int 1455 bpf_filter(pc, p, wirelen, buflen) 1456 register const struct bpf_insn *pc; 1457 register u_char *p; 1458 u_int wirelen; 1459 register u_int buflen; 1460 { 1461 return -1; /* "no filter" behaviour */ 1462 } 1463 1464 #endif /* !BPF */ 1465