1 /* $NetBSD: if_tun.c,v 1.14 1994/06/29 06:36:25 cgd Exp $ */ 2 3 /* 4 * Copyright (c) 1988, Julian Onions <jpo@cs.nott.ac.uk> 5 * Nottingham University 1987. 6 * 7 * This source may be freely distributed, however I would be interested 8 * in any changes that are made. 9 * 10 * This driver takes packets off the IP i/f and hands them up to a 11 * user process to have its wicked way with. This driver has it's 12 * roots in a similar driver written by Phil Cockcroft (formerly) at 13 * UCL. This driver is based much more on read/write/poll mode of 14 * operation though. 15 * 16 * $FreeBSD: src/sys/net/if_tun.c,v 1.74.2.8 2002/02/13 00:43:11 dillon Exp $ 17 * $DragonFly: src/sys/net/tun/if_tun.c,v 1.2 2003/06/17 04:28:48 dillon Exp $ 18 */ 19 20 #include "opt_inet.h" 21 22 #include <sys/param.h> 23 #include <sys/proc.h> 24 #include <sys/systm.h> 25 #include <sys/mbuf.h> 26 #include <sys/socket.h> 27 #include <sys/filio.h> 28 #include <sys/sockio.h> 29 #include <sys/ttycom.h> 30 #include <sys/poll.h> 31 #include <sys/signalvar.h> 32 #include <sys/filedesc.h> 33 #include <sys/kernel.h> 34 #include <sys/sysctl.h> 35 #include <sys/conf.h> 36 #include <sys/uio.h> 37 #include <sys/vnode.h> 38 #include <sys/malloc.h> 39 40 #include <net/if.h> 41 #include <net/if_types.h> 42 #include <net/route.h> 43 #include <net/intrq.h> 44 45 #ifdef INET 46 #include <netinet/in.h> 47 #endif 48 49 #include <net/bpf.h> 50 51 #include <net/if_tunvar.h> 52 #include <net/if_tun.h> 53 54 static MALLOC_DEFINE(M_TUN, "tun", "Tunnel Interface"); 55 56 static void tunattach __P((void *)); 57 PSEUDO_SET(tunattach, if_tun); 58 59 static void tuncreate __P((dev_t dev)); 60 61 #define TUNDEBUG if (tundebug) printf 62 static int tundebug = 0; 63 SYSCTL_INT(_debug, OID_AUTO, if_tun_debug, CTLFLAG_RW, &tundebug, 0, ""); 64 65 static int tunoutput __P((struct ifnet *, struct mbuf *, struct sockaddr *, 66 struct rtentry *rt)); 67 static int tunifioctl __P((struct ifnet *, u_long, caddr_t)); 68 static int tuninit __P((struct ifnet *)); 69 70 static d_open_t tunopen; 71 static d_close_t tunclose; 72 static d_read_t tunread; 73 static d_write_t tunwrite; 74 static d_ioctl_t tunioctl; 75 static d_poll_t tunpoll; 76 77 #define CDEV_MAJOR 52 78 static struct cdevsw tun_cdevsw = { 79 /* open */ tunopen, 80 /* close */ tunclose, 81 /* read */ tunread, 82 /* write */ tunwrite, 83 /* ioctl */ tunioctl, 84 /* poll */ tunpoll, 85 /* mmap */ nommap, 86 /* strategy */ nostrategy, 87 /* name */ "tun", 88 /* maj */ CDEV_MAJOR, 89 /* dump */ nodump, 90 /* psize */ nopsize, 91 /* flags */ 0, 92 /* bmaj */ -1 93 }; 94 95 static void 96 tunattach(dummy) 97 void *dummy; 98 { 99 100 cdevsw_add(&tun_cdevsw); 101 } 102 103 static void 104 tuncreate(dev) 105 dev_t dev; 106 { 107 struct tun_softc *sc; 108 struct ifnet *ifp; 109 110 dev = make_dev(&tun_cdevsw, minor(dev), 111 UID_UUCP, GID_DIALER, 0600, "tun%d", lminor(dev)); 112 113 MALLOC(sc, struct tun_softc *, sizeof(*sc), M_TUN, M_WAITOK); 114 bzero(sc, sizeof *sc); 115 sc->tun_flags = TUN_INITED; 116 117 ifp = &sc->tun_if; 118 ifp->if_unit = lminor(dev); 119 ifp->if_name = "tun"; 120 ifp->if_mtu = TUNMTU; 121 ifp->if_ioctl = tunifioctl; 122 ifp->if_output = tunoutput; 123 ifp->if_flags = IFF_POINTOPOINT | IFF_MULTICAST; 124 ifp->if_type = IFT_PPP; 125 ifp->if_snd.ifq_maxlen = ifqmaxlen; 126 ifp->if_softc = sc; 127 if_attach(ifp); 128 bpfattach(ifp, DLT_NULL, sizeof(u_int)); 129 dev->si_drv1 = sc; 130 } 131 132 /* 133 * tunnel open - must be superuser & the device must be 134 * configured in 135 */ 136 static int 137 tunopen(dev, flag, mode, p) 138 dev_t dev; 139 int flag, mode; 140 struct proc *p; 141 { 142 struct ifnet *ifp; 143 struct tun_softc *tp; 144 register int error; 145 146 error = suser(p); 147 if (error) 148 return (error); 149 150 tp = dev->si_drv1; 151 if (!tp) { 152 tuncreate(dev); 153 tp = dev->si_drv1; 154 } 155 if (tp->tun_flags & TUN_OPEN) 156 return EBUSY; 157 tp->tun_pid = p->p_pid; 158 ifp = &tp->tun_if; 159 tp->tun_flags |= TUN_OPEN; 160 TUNDEBUG("%s%d: open\n", ifp->if_name, ifp->if_unit); 161 return (0); 162 } 163 164 /* 165 * tunclose - close the device - mark i/f down & delete 166 * routing info 167 */ 168 static int 169 tunclose(dev, foo, bar, p) 170 dev_t dev; 171 int foo; 172 int bar; 173 struct proc *p; 174 { 175 register int s; 176 struct tun_softc *tp; 177 struct ifnet *ifp; 178 struct mbuf *m; 179 180 tp = dev->si_drv1; 181 ifp = &tp->tun_if; 182 183 tp->tun_flags &= ~TUN_OPEN; 184 tp->tun_pid = 0; 185 186 /* 187 * junk all pending output 188 */ 189 do { 190 s = splimp(); 191 IF_DEQUEUE(&ifp->if_snd, m); 192 splx(s); 193 if (m) 194 m_freem(m); 195 } while (m); 196 197 if (ifp->if_flags & IFF_UP) { 198 s = splimp(); 199 if_down(ifp); 200 splx(s); 201 } 202 203 if (ifp->if_flags & IFF_RUNNING) { 204 register struct ifaddr *ifa; 205 206 s = splimp(); 207 /* find internet addresses and delete routes */ 208 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) 209 if (ifa->ifa_addr->sa_family == AF_INET) 210 rtinit(ifa, (int)RTM_DELETE, 211 tp->tun_flags & TUN_DSTADDR ? RTF_HOST : 0); 212 ifp->if_flags &= ~IFF_RUNNING; 213 splx(s); 214 } 215 216 funsetown(tp->tun_sigio); 217 selwakeup(&tp->tun_rsel); 218 219 TUNDEBUG ("%s%d: closed\n", ifp->if_name, ifp->if_unit); 220 return (0); 221 } 222 223 static int 224 tuninit(ifp) 225 struct ifnet *ifp; 226 { 227 struct tun_softc *tp = ifp->if_softc; 228 register struct ifaddr *ifa; 229 int error = 0; 230 231 TUNDEBUG("%s%d: tuninit\n", ifp->if_name, ifp->if_unit); 232 233 ifp->if_flags |= IFF_UP | IFF_RUNNING; 234 getmicrotime(&ifp->if_lastchange); 235 236 for (ifa = TAILQ_FIRST(&ifp->if_addrhead); ifa; 237 ifa = TAILQ_NEXT(ifa, ifa_link)) { 238 if (ifa->ifa_addr == NULL) 239 error = EFAULT; 240 /* XXX: Should maybe return straight off? */ 241 else { 242 #ifdef INET 243 if (ifa->ifa_addr->sa_family == AF_INET) { 244 struct sockaddr_in *si; 245 246 si = (struct sockaddr_in *)ifa->ifa_addr; 247 if (si->sin_addr.s_addr) 248 tp->tun_flags |= TUN_IASET; 249 250 si = (struct sockaddr_in *)ifa->ifa_dstaddr; 251 if (si && si->sin_addr.s_addr) 252 tp->tun_flags |= TUN_DSTADDR; 253 } 254 #endif 255 } 256 } 257 return (error); 258 } 259 260 /* 261 * Process an ioctl request. 262 */ 263 int 264 tunifioctl(ifp, cmd, data) 265 struct ifnet *ifp; 266 u_long cmd; 267 caddr_t data; 268 { 269 struct ifreq *ifr = (struct ifreq *)data; 270 struct tun_softc *tp = ifp->if_softc; 271 struct ifstat *ifs; 272 int error = 0, s; 273 274 s = splimp(); 275 switch(cmd) { 276 case SIOCGIFSTATUS: 277 ifs = (struct ifstat *)data; 278 if (tp->tun_pid) 279 sprintf(ifs->ascii + strlen(ifs->ascii), 280 "\tOpened by PID %d\n", tp->tun_pid); 281 break; 282 case SIOCSIFADDR: 283 error = tuninit(ifp); 284 TUNDEBUG("%s%d: address set, error=%d\n", 285 ifp->if_name, ifp->if_unit, error); 286 break; 287 case SIOCSIFDSTADDR: 288 error = tuninit(ifp); 289 TUNDEBUG("%s%d: destination address set, error=%d\n", 290 ifp->if_name, ifp->if_unit, error); 291 break; 292 case SIOCSIFMTU: 293 ifp->if_mtu = ifr->ifr_mtu; 294 TUNDEBUG("%s%d: mtu set\n", 295 ifp->if_name, ifp->if_unit); 296 break; 297 case SIOCSIFFLAGS: 298 case SIOCADDMULTI: 299 case SIOCDELMULTI: 300 break; 301 default: 302 error = EINVAL; 303 } 304 splx(s); 305 return (error); 306 } 307 308 /* 309 * tunoutput - queue packets from higher level ready to put out. 310 */ 311 int 312 tunoutput(ifp, m0, dst, rt) 313 struct ifnet *ifp; 314 struct mbuf *m0; 315 struct sockaddr *dst; 316 struct rtentry *rt; 317 { 318 struct tun_softc *tp = ifp->if_softc; 319 int s; 320 321 TUNDEBUG ("%s%d: tunoutput\n", ifp->if_name, ifp->if_unit); 322 323 if ((tp->tun_flags & TUN_READY) != TUN_READY) { 324 TUNDEBUG ("%s%d: not ready 0%o\n", ifp->if_name, 325 ifp->if_unit, tp->tun_flags); 326 m_freem (m0); 327 return EHOSTDOWN; 328 } 329 330 /* BPF write needs to be handled specially */ 331 if (dst->sa_family == AF_UNSPEC) { 332 dst->sa_family = *(mtod(m0, int *)); 333 m0->m_len -= sizeof(int); 334 m0->m_pkthdr.len -= sizeof(int); 335 m0->m_data += sizeof(int); 336 } 337 338 if (ifp->if_bpf) { 339 /* 340 * We need to prepend the address family as 341 * a four byte field. Cons up a dummy header 342 * to pacify bpf. This is safe because bpf 343 * will only read from the mbuf (i.e., it won't 344 * try to free it or keep a pointer to it). 345 */ 346 struct mbuf m; 347 uint32_t af = dst->sa_family; 348 349 m.m_next = m0; 350 m.m_len = 4; 351 m.m_data = (char *)⁡ 352 353 bpf_mtap(ifp, &m); 354 } 355 356 /* prepend sockaddr? this may abort if the mbuf allocation fails */ 357 if (tp->tun_flags & TUN_LMODE) { 358 /* allocate space for sockaddr */ 359 M_PREPEND(m0, dst->sa_len, M_DONTWAIT); 360 361 /* if allocation failed drop packet */ 362 if (m0 == NULL){ 363 s = splimp(); /* spl on queue manipulation */ 364 IF_DROP(&ifp->if_snd); 365 splx(s); 366 ifp->if_oerrors++; 367 return (ENOBUFS); 368 } else { 369 bcopy(dst, m0->m_data, dst->sa_len); 370 } 371 } 372 373 if (tp->tun_flags & TUN_IFHEAD) { 374 /* Prepend the address family */ 375 M_PREPEND(m0, 4, M_DONTWAIT); 376 377 /* if allocation failed drop packet */ 378 if (m0 == NULL){ 379 s = splimp(); /* spl on queue manipulation */ 380 IF_DROP(&ifp->if_snd); 381 splx(s); 382 ifp->if_oerrors++; 383 return ENOBUFS; 384 } else 385 *(u_int32_t *)m0->m_data = htonl(dst->sa_family); 386 } else { 387 #ifdef INET 388 if (dst->sa_family != AF_INET) 389 #endif 390 { 391 m_freem(m0); 392 return EAFNOSUPPORT; 393 } 394 } 395 396 s = splimp(); 397 if (IF_QFULL(&ifp->if_snd)) { 398 IF_DROP(&ifp->if_snd); 399 m_freem(m0); 400 splx(s); 401 ifp->if_collisions++; 402 return ENOBUFS; 403 } 404 ifp->if_obytes += m0->m_pkthdr.len; 405 IF_ENQUEUE(&ifp->if_snd, m0); 406 splx(s); 407 ifp->if_opackets++; 408 409 if (tp->tun_flags & TUN_RWAIT) { 410 tp->tun_flags &= ~TUN_RWAIT; 411 wakeup((caddr_t)tp); 412 } 413 if (tp->tun_flags & TUN_ASYNC && tp->tun_sigio) 414 pgsigio(tp->tun_sigio, SIGIO, 0); 415 selwakeup(&tp->tun_rsel); 416 return 0; 417 } 418 419 /* 420 * the cdevsw interface is now pretty minimal. 421 */ 422 static int 423 tunioctl(dev, cmd, data, flag, p) 424 dev_t dev; 425 u_long cmd; 426 caddr_t data; 427 int flag; 428 struct proc *p; 429 { 430 int s; 431 struct tun_softc *tp = dev->si_drv1; 432 struct tuninfo *tunp; 433 434 switch (cmd) { 435 case TUNSIFINFO: 436 tunp = (struct tuninfo *)data; 437 if (tunp->mtu < IF_MINMTU) 438 return (EINVAL); 439 tp->tun_if.if_mtu = tunp->mtu; 440 tp->tun_if.if_type = tunp->type; 441 tp->tun_if.if_baudrate = tunp->baudrate; 442 break; 443 case TUNGIFINFO: 444 tunp = (struct tuninfo *)data; 445 tunp->mtu = tp->tun_if.if_mtu; 446 tunp->type = tp->tun_if.if_type; 447 tunp->baudrate = tp->tun_if.if_baudrate; 448 break; 449 case TUNSDEBUG: 450 tundebug = *(int *)data; 451 break; 452 case TUNGDEBUG: 453 *(int *)data = tundebug; 454 break; 455 case TUNSLMODE: 456 if (*(int *)data) { 457 tp->tun_flags |= TUN_LMODE; 458 tp->tun_flags &= ~TUN_IFHEAD; 459 } else 460 tp->tun_flags &= ~TUN_LMODE; 461 break; 462 case TUNSIFHEAD: 463 if (*(int *)data) { 464 tp->tun_flags |= TUN_IFHEAD; 465 tp->tun_flags &= ~TUN_LMODE; 466 } else 467 tp->tun_flags &= ~TUN_IFHEAD; 468 break; 469 case TUNGIFHEAD: 470 *(int *)data = (tp->tun_flags & TUN_IFHEAD) ? 1 : 0; 471 break; 472 case TUNSIFMODE: 473 /* deny this if UP */ 474 if (tp->tun_if.if_flags & IFF_UP) 475 return(EBUSY); 476 477 switch (*(int *)data & ~IFF_MULTICAST) { 478 case IFF_POINTOPOINT: 479 case IFF_BROADCAST: 480 tp->tun_if.if_flags &= ~(IFF_BROADCAST|IFF_POINTOPOINT); 481 tp->tun_if.if_flags |= *(int *)data; 482 break; 483 default: 484 return(EINVAL); 485 } 486 break; 487 case TUNSIFPID: 488 tp->tun_pid = curproc->p_pid; 489 break; 490 case FIONBIO: 491 break; 492 case FIOASYNC: 493 if (*(int *)data) 494 tp->tun_flags |= TUN_ASYNC; 495 else 496 tp->tun_flags &= ~TUN_ASYNC; 497 break; 498 case FIONREAD: 499 s = splimp(); 500 if (tp->tun_if.if_snd.ifq_head) { 501 struct mbuf *mb = tp->tun_if.if_snd.ifq_head; 502 for( *(int *)data = 0; mb != 0; mb = mb->m_next) 503 *(int *)data += mb->m_len; 504 } else 505 *(int *)data = 0; 506 splx(s); 507 break; 508 case FIOSETOWN: 509 return (fsetown(*(int *)data, &tp->tun_sigio)); 510 511 case FIOGETOWN: 512 *(int *)data = fgetown(tp->tun_sigio); 513 return (0); 514 515 /* This is deprecated, FIOSETOWN should be used instead. */ 516 case TIOCSPGRP: 517 return (fsetown(-(*(int *)data), &tp->tun_sigio)); 518 519 /* This is deprecated, FIOGETOWN should be used instead. */ 520 case TIOCGPGRP: 521 *(int *)data = -fgetown(tp->tun_sigio); 522 return (0); 523 524 default: 525 return (ENOTTY); 526 } 527 return (0); 528 } 529 530 /* 531 * The cdevsw read interface - reads a packet at a time, or at 532 * least as much of a packet as can be read. 533 */ 534 static int 535 tunread(dev, uio, flag) 536 dev_t dev; 537 struct uio *uio; 538 int flag; 539 { 540 struct tun_softc *tp = dev->si_drv1; 541 struct ifnet *ifp = &tp->tun_if; 542 struct mbuf *m0; 543 int error=0, len, s; 544 545 TUNDEBUG ("%s%d: read\n", ifp->if_name, ifp->if_unit); 546 if ((tp->tun_flags & TUN_READY) != TUN_READY) { 547 TUNDEBUG ("%s%d: not ready 0%o\n", ifp->if_name, 548 ifp->if_unit, tp->tun_flags); 549 return EHOSTDOWN; 550 } 551 552 tp->tun_flags &= ~TUN_RWAIT; 553 554 s = splimp(); 555 do { 556 IF_DEQUEUE(&ifp->if_snd, m0); 557 if (m0 == 0) { 558 if (flag & IO_NDELAY) { 559 splx(s); 560 return EWOULDBLOCK; 561 } 562 tp->tun_flags |= TUN_RWAIT; 563 if((error = tsleep((caddr_t)tp, PCATCH | (PZERO + 1), 564 "tunread", 0)) != 0) { 565 splx(s); 566 return error; 567 } 568 } 569 } while (m0 == 0); 570 splx(s); 571 572 while (m0 && uio->uio_resid > 0 && error == 0) { 573 len = min(uio->uio_resid, m0->m_len); 574 if (len != 0) 575 error = uiomove(mtod(m0, caddr_t), len, uio); 576 m0 = m_free(m0); 577 } 578 579 if (m0) { 580 TUNDEBUG("%s%d: Dropping mbuf\n", ifp->if_name, ifp->if_unit); 581 m_freem(m0); 582 } 583 return error; 584 } 585 586 /* 587 * the cdevsw write interface - an atomic write is a packet - or else! 588 */ 589 static int 590 tunwrite(dev, uio, flag) 591 dev_t dev; 592 struct uio *uio; 593 int flag; 594 { 595 struct tun_softc *tp = dev->si_drv1; 596 struct ifnet *ifp = &tp->tun_if; 597 struct mbuf *top, **mp, *m; 598 int error=0, tlen, mlen; 599 uint32_t family; 600 601 TUNDEBUG("%s%d: tunwrite\n", ifp->if_name, ifp->if_unit); 602 603 if (uio->uio_resid == 0) 604 return 0; 605 606 if (uio->uio_resid < 0 || uio->uio_resid > TUNMRU) { 607 TUNDEBUG("%s%d: len=%d!\n", ifp->if_name, ifp->if_unit, 608 uio->uio_resid); 609 return EIO; 610 } 611 tlen = uio->uio_resid; 612 613 /* get a header mbuf */ 614 MGETHDR(m, M_DONTWAIT, MT_DATA); 615 if (m == NULL) 616 return ENOBUFS; 617 mlen = MHLEN; 618 619 top = 0; 620 mp = ⊤ 621 while (error == 0 && uio->uio_resid > 0) { 622 m->m_len = min(mlen, uio->uio_resid); 623 error = uiomove(mtod (m, caddr_t), m->m_len, uio); 624 *mp = m; 625 mp = &m->m_next; 626 if (uio->uio_resid > 0) { 627 MGET (m, M_DONTWAIT, MT_DATA); 628 if (m == 0) { 629 error = ENOBUFS; 630 break; 631 } 632 mlen = MLEN; 633 } 634 } 635 if (error) { 636 if (top) 637 m_freem (top); 638 ifp->if_ierrors++; 639 return error; 640 } 641 642 top->m_pkthdr.len = tlen; 643 top->m_pkthdr.rcvif = ifp; 644 645 if (ifp->if_bpf) { 646 if (tp->tun_flags & TUN_IFHEAD) { 647 /* 648 * Conveniently, we already have a 4-byte address 649 * family prepended to our packet ! 650 * Inconveniently, it's in the wrong byte order ! 651 */ 652 if ((top = m_pullup(top, sizeof(family))) == NULL) 653 return ENOBUFS; 654 *mtod(top, u_int32_t *) = 655 ntohl(*mtod(top, u_int32_t *)); 656 bpf_mtap(ifp, top); 657 *mtod(top, u_int32_t *) = 658 htonl(*mtod(top, u_int32_t *)); 659 } else { 660 /* 661 * We need to prepend the address family as 662 * a four byte field. Cons up a dummy header 663 * to pacify bpf. This is safe because bpf 664 * will only read from the mbuf (i.e., it won't 665 * try to free it or keep a pointer to it). 666 */ 667 struct mbuf m; 668 uint32_t af = AF_INET; 669 670 m.m_next = top; 671 m.m_len = 4; 672 m.m_data = (char *)⁡ 673 674 bpf_mtap(ifp, &m); 675 } 676 } 677 678 if (tp->tun_flags & TUN_IFHEAD) { 679 if (top->m_len < sizeof(family) && 680 (top = m_pullup(top, sizeof(family))) == NULL) 681 return ENOBUFS; 682 family = ntohl(*mtod(top, u_int32_t *)); 683 m_adj(top, sizeof(family)); 684 } else 685 family = AF_INET; 686 687 ifp->if_ibytes += top->m_pkthdr.len; 688 ifp->if_ipackets++; 689 690 return family_enqueue(family, top); 691 } 692 693 /* 694 * tunpoll - the poll interface, this is only useful on reads 695 * really. The write detect always returns true, write never blocks 696 * anyway, it either accepts the packet or drops it. 697 */ 698 static int 699 tunpoll(dev, events, p) 700 dev_t dev; 701 int events; 702 struct proc *p; 703 { 704 int s; 705 struct tun_softc *tp = dev->si_drv1; 706 struct ifnet *ifp = &tp->tun_if; 707 int revents = 0; 708 709 s = splimp(); 710 TUNDEBUG("%s%d: tunpoll\n", ifp->if_name, ifp->if_unit); 711 712 if (events & (POLLIN | POLLRDNORM)) { 713 if (ifp->if_snd.ifq_len > 0) { 714 TUNDEBUG("%s%d: tunpoll q=%d\n", ifp->if_name, 715 ifp->if_unit, ifp->if_snd.ifq_len); 716 revents |= events & (POLLIN | POLLRDNORM); 717 } else { 718 TUNDEBUG("%s%d: tunpoll waiting\n", ifp->if_name, 719 ifp->if_unit); 720 selrecord(p, &tp->tun_rsel); 721 } 722 } 723 if (events & (POLLOUT | POLLWRNORM)) 724 revents |= events & (POLLOUT | POLLWRNORM); 725 726 splx(s); 727 return (revents); 728 } 729