1 /* $OpenBSD: bpf.c,v 1.111 2014/11/23 07:39:02 deraadt Exp $ */ 2 /* $NetBSD: bpf.c,v 1.33 1997/02/21 23:59:35 thorpej Exp $ */ 3 4 /* 5 * Copyright (c) 1990, 1991, 1993 6 * The Regents of the University of California. All rights reserved. 7 * Copyright (c) 2010, 2014 Henning Brauer <henning@openbsd.org> 8 * 9 * This code is derived from the Stanford/CMU enet packet filter, 10 * (net/enet.c) distributed as part of 4.3BSD, and code contributed 11 * to Berkeley by Steven McCanne and Van Jacobson both of Lawrence 12 * Berkeley Laboratory. 13 * 14 * Redistribution and use in source and binary forms, with or without 15 * modification, are permitted provided that the following conditions 16 * are met: 17 * 1. Redistributions of source code must retain the above copyright 18 * notice, this list of conditions and the following disclaimer. 19 * 2. Redistributions in binary form must reproduce the above copyright 20 * notice, this list of conditions and the following disclaimer in the 21 * documentation and/or other materials provided with the distribution. 22 * 3. Neither the name of the University nor the names of its contributors 23 * may be used to endorse or promote products derived from this software 24 * without specific prior written permission. 25 * 26 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 27 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 28 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 29 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 30 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 31 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 34 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 35 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 36 * SUCH DAMAGE. 37 * 38 * @(#)bpf.c 8.2 (Berkeley) 3/28/94 39 */ 40 41 #include "bpfilter.h" 42 43 #include <sys/param.h> 44 #include <sys/mbuf.h> 45 #include <sys/proc.h> 46 #include <sys/signalvar.h> 47 #include <sys/ioctl.h> 48 #include <sys/conf.h> 49 #include <sys/vnode.h> 50 #include <sys/file.h> 51 #include <sys/socket.h> 52 #include <sys/poll.h> 53 #include <sys/kernel.h> 54 #include <sys/sysctl.h> 55 #include <sys/rwlock.h> 56 57 #include <net/if.h> 58 #include <net/bpf.h> 59 #include <net/bpfdesc.h> 60 61 #include <netinet/in.h> 62 #include <netinet/if_ether.h> 63 64 #include "vlan.h" 65 #if NVLAN > 0 66 #include <net/if_vlan_var.h> 67 #endif 68 69 #define BPF_BUFSIZE 32768 70 71 #define PRINET 26 /* interruptible */ 72 73 /* from kern/kern_clock.c; incremented each clock tick. */ 74 extern int ticks; 75 76 /* 77 * The default read buffer size is patchable. 78 */ 79 int bpf_bufsize = BPF_BUFSIZE; 80 int bpf_maxbufsize = BPF_MAXBUFSIZE; 81 82 /* 83 * bpf_iflist is the list of interfaces; each corresponds to an ifnet 84 * bpf_d_list is the list of descriptors 85 */ 86 struct bpf_if *bpf_iflist; 87 LIST_HEAD(, bpf_d) bpf_d_list; 88 89 void bpf_allocbufs(struct bpf_d *); 90 void bpf_freed(struct bpf_d *); 91 void bpf_ifname(struct ifnet *, struct ifreq *); 92 void _bpf_mtap(caddr_t, struct mbuf *, u_int, 93 void (*)(const void *, void *, size_t)); 94 void bpf_mcopy(const void *, void *, size_t); 95 int bpf_movein(struct uio *, u_int, struct mbuf **, 96 struct sockaddr *, struct bpf_insn *); 97 void bpf_attachd(struct bpf_d *, struct bpf_if *); 98 void bpf_detachd(struct bpf_d *); 99 int bpf_setif(struct bpf_d *, struct ifreq *); 100 int bpfpoll(dev_t, int, struct proc *); 101 int bpfkqfilter(dev_t, struct knote *); 102 void bpf_wakeup(struct bpf_d *); 103 void bpf_catchpacket(struct bpf_d *, u_char *, size_t, size_t, 104 void (*)(const void *, void *, size_t), struct timeval *); 105 void bpf_reset_d(struct bpf_d *); 106 int bpf_getdltlist(struct bpf_d *, struct bpf_dltlist *); 107 int bpf_setdlt(struct bpf_d *, u_int); 108 109 void filt_bpfrdetach(struct knote *); 110 int filt_bpfread(struct knote *, long); 111 112 int bpf_sysctl_locked(int *, u_int, void *, size_t *, void *, size_t); 113 114 struct bpf_d *bpfilter_lookup(int); 115 struct bpf_d *bpfilter_create(int); 116 void bpfilter_destroy(struct bpf_d *); 117 118 int 119 bpf_movein(struct uio *uio, u_int linktype, struct mbuf **mp, 120 struct sockaddr *sockp, struct bpf_insn *filter) 121 { 122 struct mbuf *m; 123 struct m_tag *mtag; 124 int error; 125 u_int hlen; 126 u_int len; 127 u_int slen; 128 129 /* 130 * Build a sockaddr based on the data link layer type. 131 * We do this at this level because the ethernet header 132 * is copied directly into the data field of the sockaddr. 133 * In the case of SLIP, there is no header and the packet 134 * is forwarded as is. 135 * Also, we are careful to leave room at the front of the mbuf 136 * for the link level header. 137 */ 138 switch (linktype) { 139 140 case DLT_SLIP: 141 sockp->sa_family = AF_INET; 142 hlen = 0; 143 break; 144 145 case DLT_PPP: 146 sockp->sa_family = AF_UNSPEC; 147 hlen = 0; 148 break; 149 150 case DLT_EN10MB: 151 sockp->sa_family = AF_UNSPEC; 152 /* XXX Would MAXLINKHDR be better? */ 153 hlen = ETHER_HDR_LEN; 154 break; 155 156 case DLT_IEEE802_11: 157 case DLT_IEEE802_11_RADIO: 158 sockp->sa_family = AF_UNSPEC; 159 hlen = 0; 160 break; 161 162 case DLT_RAW: 163 case DLT_NULL: 164 sockp->sa_family = AF_UNSPEC; 165 hlen = 0; 166 break; 167 168 case DLT_LOOP: 169 sockp->sa_family = AF_UNSPEC; 170 hlen = sizeof(u_int32_t); 171 break; 172 173 default: 174 return (EIO); 175 } 176 177 if (uio->uio_resid > MAXMCLBYTES) 178 return (EIO); 179 len = uio->uio_resid; 180 181 MGETHDR(m, M_WAIT, MT_DATA); 182 m->m_pkthdr.rcvif = NULL; 183 m->m_pkthdr.len = len - hlen; 184 185 if (len > MHLEN) { 186 MCLGETI(m, M_WAIT, NULL, len); 187 if ((m->m_flags & M_EXT) == 0) { 188 error = ENOBUFS; 189 goto bad; 190 } 191 } 192 m->m_len = len; 193 *mp = m; 194 195 error = uiomove(mtod(m, caddr_t), len, uio); 196 if (error) 197 goto bad; 198 199 slen = bpf_filter(filter, mtod(m, u_char *), len, len); 200 if (slen < len) { 201 error = EPERM; 202 goto bad; 203 } 204 205 if (m->m_len < hlen) { 206 error = EPERM; 207 goto bad; 208 } 209 /* 210 * Make room for link header, and copy it to sockaddr 211 */ 212 if (hlen != 0) { 213 if (linktype == DLT_LOOP) { 214 u_int32_t af; 215 216 /* the link header indicates the address family */ 217 KASSERT(hlen == sizeof(u_int32_t)); 218 memcpy(&af, m->m_data, hlen); 219 sockp->sa_family = ntohl(af); 220 } else 221 memcpy(sockp->sa_data, m->m_data, hlen); 222 m->m_len -= hlen; 223 m->m_data += hlen; /* XXX */ 224 } 225 226 /* 227 * Prepend the data link type as a mbuf tag 228 */ 229 mtag = m_tag_get(PACKET_TAG_DLT, sizeof(u_int), M_WAIT); 230 *(u_int *)(mtag + 1) = linktype; 231 m_tag_prepend(m, mtag); 232 233 return (0); 234 bad: 235 m_freem(m); 236 return (error); 237 } 238 239 /* 240 * Attach file to the bpf interface, i.e. make d listen on bp. 241 * Must be called at splnet. 242 */ 243 void 244 bpf_attachd(struct bpf_d *d, struct bpf_if *bp) 245 { 246 /* 247 * Point d at bp, and add d to the interface's list of listeners. 248 * Finally, point the driver's bpf cookie at the interface so 249 * it will divert packets to bpf. 250 */ 251 d->bd_bif = bp; 252 d->bd_next = bp->bif_dlist; 253 bp->bif_dlist = d; 254 255 *bp->bif_driverp = bp; 256 } 257 258 /* 259 * Detach a file from its interface. 260 */ 261 void 262 bpf_detachd(struct bpf_d *d) 263 { 264 struct bpf_d **p; 265 struct bpf_if *bp; 266 267 bp = d->bd_bif; 268 /* 269 * Check if this descriptor had requested promiscuous mode. 270 * If so, turn it off. 271 */ 272 if (d->bd_promisc) { 273 int error; 274 275 d->bd_promisc = 0; 276 error = ifpromisc(bp->bif_ifp, 0); 277 if (error && !(error == EINVAL || error == ENODEV)) 278 /* 279 * Something is really wrong if we were able to put 280 * the driver into promiscuous mode, but can't 281 * take it out. 282 */ 283 panic("bpf: ifpromisc failed"); 284 } 285 /* Remove d from the interface's descriptor list. */ 286 p = &bp->bif_dlist; 287 while (*p != d) { 288 p = &(*p)->bd_next; 289 if (*p == 0) 290 panic("bpf_detachd: descriptor not in list"); 291 } 292 *p = (*p)->bd_next; 293 if (bp->bif_dlist == 0) 294 /* 295 * Let the driver know that there are no more listeners. 296 */ 297 *d->bd_bif->bif_driverp = 0; 298 d->bd_bif = NULL; 299 } 300 301 /* 302 * Reference count access to descriptor buffers 303 */ 304 #define D_GET(d) ((d)->bd_ref++) 305 #define D_PUT(d) bpf_freed(d) 306 307 /* ARGSUSED */ 308 void 309 bpfilterattach(int n) 310 { 311 LIST_INIT(&bpf_d_list); 312 } 313 314 /* 315 * Open ethernet device. Returns ENXIO for illegal minor device number, 316 * EBUSY if file is open by another process. 317 */ 318 /* ARGSUSED */ 319 int 320 bpfopen(dev_t dev, int flag, int mode, struct proc *p) 321 { 322 struct bpf_d *d; 323 324 /* create on demand */ 325 if ((d = bpfilter_create(minor(dev))) == NULL) 326 return (EBUSY); 327 328 /* Mark "free" and do most initialization. */ 329 d->bd_bufsize = bpf_bufsize; 330 d->bd_sig = SIGIO; 331 332 D_GET(d); 333 334 return (0); 335 } 336 337 /* 338 * Close the descriptor by detaching it from its interface, 339 * deallocating its buffers, and marking it free. 340 */ 341 /* ARGSUSED */ 342 int 343 bpfclose(dev_t dev, int flag, int mode, struct proc *p) 344 { 345 struct bpf_d *d; 346 int s; 347 348 d = bpfilter_lookup(minor(dev)); 349 s = splnet(); 350 if (d->bd_bif) 351 bpf_detachd(d); 352 bpf_wakeup(d); 353 D_PUT(d); 354 splx(s); 355 356 return (0); 357 } 358 359 /* 360 * Rotate the packet buffers in descriptor d. Move the store buffer 361 * into the hold slot, and the free buffer into the store slot. 362 * Zero the length of the new store buffer. 363 */ 364 #define ROTATE_BUFFERS(d) \ 365 (d)->bd_hbuf = (d)->bd_sbuf; \ 366 (d)->bd_hlen = (d)->bd_slen; \ 367 (d)->bd_sbuf = (d)->bd_fbuf; \ 368 (d)->bd_slen = 0; \ 369 (d)->bd_fbuf = 0; 370 /* 371 * bpfread - read next chunk of packets from buffers 372 */ 373 int 374 bpfread(dev_t dev, struct uio *uio, int ioflag) 375 { 376 struct bpf_d *d; 377 int error; 378 int s; 379 380 d = bpfilter_lookup(minor(dev)); 381 if (d->bd_bif == NULL) 382 return (ENXIO); 383 384 /* 385 * Restrict application to use a buffer the same size as 386 * as kernel buffers. 387 */ 388 if (uio->uio_resid != d->bd_bufsize) 389 return (EINVAL); 390 391 s = splnet(); 392 393 D_GET(d); 394 395 /* 396 * If there's a timeout, bd_rdStart is tagged when we start the read. 397 * we can then figure out when we're done reading. 398 */ 399 if (d->bd_rtout != -1 && d->bd_rdStart == 0) 400 d->bd_rdStart = ticks; 401 else 402 d->bd_rdStart = 0; 403 404 /* 405 * If the hold buffer is empty, then do a timed sleep, which 406 * ends when the timeout expires or when enough packets 407 * have arrived to fill the store buffer. 408 */ 409 while (d->bd_hbuf == 0) { 410 if (d->bd_bif == NULL) { 411 /* interface is gone */ 412 if (d->bd_slen == 0) { 413 D_PUT(d); 414 splx(s); 415 return (EIO); 416 } 417 ROTATE_BUFFERS(d); 418 break; 419 } 420 if (d->bd_immediate && d->bd_slen != 0) { 421 /* 422 * A packet(s) either arrived since the previous 423 * read or arrived while we were asleep. 424 * Rotate the buffers and return what's here. 425 */ 426 ROTATE_BUFFERS(d); 427 break; 428 } 429 if (d->bd_rtout == -1) { 430 /* User requested non-blocking I/O */ 431 error = EWOULDBLOCK; 432 } else { 433 if ((d->bd_rdStart + d->bd_rtout) < ticks) { 434 error = tsleep((caddr_t)d, PRINET|PCATCH, "bpf", 435 d->bd_rtout); 436 } else 437 error = EWOULDBLOCK; 438 } 439 if (error == EINTR || error == ERESTART) { 440 D_PUT(d); 441 splx(s); 442 return (error); 443 } 444 if (error == EWOULDBLOCK) { 445 /* 446 * On a timeout, return what's in the buffer, 447 * which may be nothing. If there is something 448 * in the store buffer, we can rotate the buffers. 449 */ 450 if (d->bd_hbuf) 451 /* 452 * We filled up the buffer in between 453 * getting the timeout and arriving 454 * here, so we don't need to rotate. 455 */ 456 break; 457 458 if (d->bd_slen == 0) { 459 D_PUT(d); 460 splx(s); 461 return (0); 462 } 463 ROTATE_BUFFERS(d); 464 break; 465 } 466 } 467 /* 468 * At this point, we know we have something in the hold slot. 469 */ 470 splx(s); 471 472 /* 473 * Move data from hold buffer into user space. 474 * We know the entire buffer is transferred since 475 * we checked above that the read buffer is bpf_bufsize bytes. 476 */ 477 error = uiomove(d->bd_hbuf, d->bd_hlen, uio); 478 479 s = splnet(); 480 d->bd_fbuf = d->bd_hbuf; 481 d->bd_hbuf = NULL; 482 d->bd_hlen = 0; 483 484 D_PUT(d); 485 splx(s); 486 487 return (error); 488 } 489 490 491 /* 492 * If there are processes sleeping on this descriptor, wake them up. 493 */ 494 void 495 bpf_wakeup(struct bpf_d *d) 496 { 497 wakeup((caddr_t)d); 498 if (d->bd_async && d->bd_sig) 499 csignal(d->bd_pgid, d->bd_sig, 500 d->bd_siguid, d->bd_sigeuid); 501 502 selwakeup(&d->bd_sel); 503 /* XXX */ 504 d->bd_sel.si_selpid = 0; 505 } 506 507 int 508 bpfwrite(dev_t dev, struct uio *uio, int ioflag) 509 { 510 struct bpf_d *d; 511 struct ifnet *ifp; 512 struct mbuf *m; 513 int error, s; 514 struct sockaddr_storage dst; 515 516 d = bpfilter_lookup(minor(dev)); 517 if (d->bd_bif == NULL) 518 return (ENXIO); 519 520 ifp = d->bd_bif->bif_ifp; 521 522 if ((ifp->if_flags & IFF_UP) == 0) 523 return (ENETDOWN); 524 525 if (uio->uio_resid == 0) 526 return (0); 527 528 error = bpf_movein(uio, d->bd_bif->bif_dlt, &m, 529 (struct sockaddr *)&dst, d->bd_wfilter); 530 if (error) 531 return (error); 532 533 if (m->m_pkthdr.len > ifp->if_mtu) { 534 m_freem(m); 535 return (EMSGSIZE); 536 } 537 538 m->m_pkthdr.ph_rtableid = ifp->if_rdomain; 539 540 if (d->bd_hdrcmplt && dst.ss_family == AF_UNSPEC) 541 dst.ss_family = pseudo_AF_HDRCMPLT; 542 543 s = splsoftnet(); 544 error = (*ifp->if_output)(ifp, m, (struct sockaddr *)&dst, NULL); 545 splx(s); 546 /* 547 * The driver frees the mbuf. 548 */ 549 return (error); 550 } 551 552 /* 553 * Reset a descriptor by flushing its packet buffer and clearing the 554 * receive and drop counts. Should be called at splnet. 555 */ 556 void 557 bpf_reset_d(struct bpf_d *d) 558 { 559 if (d->bd_hbuf) { 560 /* Free the hold buffer. */ 561 d->bd_fbuf = d->bd_hbuf; 562 d->bd_hbuf = NULL; 563 } 564 d->bd_slen = 0; 565 d->bd_hlen = 0; 566 d->bd_rcount = 0; 567 d->bd_dcount = 0; 568 } 569 570 /* 571 * FIONREAD Check for read packet available. 572 * BIOCGBLEN Get buffer len [for read()]. 573 * BIOCSETF Set ethernet read filter. 574 * BIOCFLUSH Flush read packet buffer. 575 * BIOCPROMISC Put interface into promiscuous mode. 576 * BIOCGDLTLIST Get supported link layer types. 577 * BIOCGDLT Get link layer type. 578 * BIOCSDLT Set link layer type. 579 * BIOCGETIF Get interface name. 580 * BIOCSETIF Set interface. 581 * BIOCSRTIMEOUT Set read timeout. 582 * BIOCGRTIMEOUT Get read timeout. 583 * BIOCGSTATS Get packet stats. 584 * BIOCIMMEDIATE Set immediate mode. 585 * BIOCVERSION Get filter language version. 586 * BIOCGHDRCMPLT Get "header already complete" flag 587 * BIOCSHDRCMPLT Set "header already complete" flag 588 */ 589 /* ARGSUSED */ 590 int 591 bpfioctl(dev_t dev, u_long cmd, caddr_t addr, int flag, struct proc *p) 592 { 593 struct bpf_d *d; 594 int s, error = 0; 595 596 d = bpfilter_lookup(minor(dev)); 597 if (d->bd_locked && suser(p, 0) != 0) { 598 /* list of allowed ioctls when locked and not root */ 599 switch (cmd) { 600 case BIOCGBLEN: 601 case BIOCFLUSH: 602 case BIOCGDLT: 603 case BIOCGDLTLIST: 604 case BIOCGETIF: 605 case BIOCGRTIMEOUT: 606 case BIOCGSTATS: 607 case BIOCVERSION: 608 case BIOCGRSIG: 609 case BIOCGHDRCMPLT: 610 case FIONREAD: 611 case BIOCLOCK: 612 case BIOCSRTIMEOUT: 613 case BIOCIMMEDIATE: 614 case TIOCGPGRP: 615 case BIOCGDIRFILT: 616 break; 617 default: 618 return (EPERM); 619 } 620 } 621 622 switch (cmd) { 623 624 default: 625 error = EINVAL; 626 break; 627 628 /* 629 * Check for read packet available. 630 */ 631 case FIONREAD: 632 { 633 int n; 634 635 s = splnet(); 636 n = d->bd_slen; 637 if (d->bd_hbuf) 638 n += d->bd_hlen; 639 splx(s); 640 641 *(int *)addr = n; 642 break; 643 } 644 645 /* 646 * Get buffer len [for read()]. 647 */ 648 case BIOCGBLEN: 649 *(u_int *)addr = d->bd_bufsize; 650 break; 651 652 /* 653 * Set buffer length. 654 */ 655 case BIOCSBLEN: 656 if (d->bd_bif != NULL) 657 error = EINVAL; 658 else { 659 u_int size = *(u_int *)addr; 660 661 if (size > bpf_maxbufsize) 662 *(u_int *)addr = size = bpf_maxbufsize; 663 else if (size < BPF_MINBUFSIZE) 664 *(u_int *)addr = size = BPF_MINBUFSIZE; 665 d->bd_bufsize = size; 666 } 667 break; 668 669 /* 670 * Set link layer read filter. 671 */ 672 case BIOCSETF: 673 error = bpf_setf(d, (struct bpf_program *)addr, 0); 674 break; 675 676 /* 677 * Set link layer write filter. 678 */ 679 case BIOCSETWF: 680 error = bpf_setf(d, (struct bpf_program *)addr, 1); 681 break; 682 683 /* 684 * Flush read packet buffer. 685 */ 686 case BIOCFLUSH: 687 s = splnet(); 688 bpf_reset_d(d); 689 splx(s); 690 break; 691 692 /* 693 * Put interface into promiscuous mode. 694 */ 695 case BIOCPROMISC: 696 if (d->bd_bif == NULL) { 697 /* 698 * No interface attached yet. 699 */ 700 error = EINVAL; 701 break; 702 } 703 s = splnet(); 704 if (d->bd_promisc == 0) { 705 error = ifpromisc(d->bd_bif->bif_ifp, 1); 706 if (error == 0) 707 d->bd_promisc = 1; 708 } 709 splx(s); 710 break; 711 712 /* 713 * Get a list of supported device parameters. 714 */ 715 case BIOCGDLTLIST: 716 if (d->bd_bif == NULL) 717 error = EINVAL; 718 else 719 error = bpf_getdltlist(d, (struct bpf_dltlist *)addr); 720 break; 721 722 /* 723 * Get device parameters. 724 */ 725 case BIOCGDLT: 726 if (d->bd_bif == NULL) 727 error = EINVAL; 728 else 729 *(u_int *)addr = d->bd_bif->bif_dlt; 730 break; 731 732 /* 733 * Set device parameters. 734 */ 735 case BIOCSDLT: 736 if (d->bd_bif == NULL) 737 error = EINVAL; 738 else 739 error = bpf_setdlt(d, *(u_int *)addr); 740 break; 741 742 /* 743 * Set interface name. 744 */ 745 case BIOCGETIF: 746 if (d->bd_bif == NULL) 747 error = EINVAL; 748 else 749 bpf_ifname(d->bd_bif->bif_ifp, (struct ifreq *)addr); 750 break; 751 752 /* 753 * Set interface. 754 */ 755 case BIOCSETIF: 756 error = bpf_setif(d, (struct ifreq *)addr); 757 break; 758 759 /* 760 * Set read timeout. 761 */ 762 case BIOCSRTIMEOUT: 763 { 764 struct timeval *tv = (struct timeval *)addr; 765 766 /* Compute number of ticks. */ 767 d->bd_rtout = tv->tv_sec * hz + tv->tv_usec / tick; 768 if (d->bd_rtout == 0 && tv->tv_usec != 0) 769 d->bd_rtout = 1; 770 break; 771 } 772 773 /* 774 * Get read timeout. 775 */ 776 case BIOCGRTIMEOUT: 777 { 778 struct timeval *tv = (struct timeval *)addr; 779 780 tv->tv_sec = d->bd_rtout / hz; 781 tv->tv_usec = (d->bd_rtout % hz) * tick; 782 break; 783 } 784 785 /* 786 * Get packet stats. 787 */ 788 case BIOCGSTATS: 789 { 790 struct bpf_stat *bs = (struct bpf_stat *)addr; 791 792 bs->bs_recv = d->bd_rcount; 793 bs->bs_drop = d->bd_dcount; 794 break; 795 } 796 797 /* 798 * Set immediate mode. 799 */ 800 case BIOCIMMEDIATE: 801 d->bd_immediate = *(u_int *)addr; 802 break; 803 804 case BIOCVERSION: 805 { 806 struct bpf_version *bv = (struct bpf_version *)addr; 807 808 bv->bv_major = BPF_MAJOR_VERSION; 809 bv->bv_minor = BPF_MINOR_VERSION; 810 break; 811 } 812 813 case BIOCGHDRCMPLT: /* get "header already complete" flag */ 814 *(u_int *)addr = d->bd_hdrcmplt; 815 break; 816 817 case BIOCSHDRCMPLT: /* set "header already complete" flag */ 818 d->bd_hdrcmplt = *(u_int *)addr ? 1 : 0; 819 break; 820 821 case BIOCLOCK: /* set "locked" flag (no reset) */ 822 d->bd_locked = 1; 823 break; 824 825 case BIOCGFILDROP: /* get "filter-drop" flag */ 826 *(u_int *)addr = d->bd_fildrop; 827 break; 828 829 case BIOCSFILDROP: /* set "filter-drop" flag */ 830 d->bd_fildrop = *(u_int *)addr ? 1 : 0; 831 break; 832 833 case BIOCGDIRFILT: /* get direction filter */ 834 *(u_int *)addr = d->bd_dirfilt; 835 break; 836 837 case BIOCSDIRFILT: /* set direction filter */ 838 d->bd_dirfilt = (*(u_int *)addr) & 839 (BPF_DIRECTION_IN|BPF_DIRECTION_OUT); 840 break; 841 842 case FIONBIO: /* Non-blocking I/O */ 843 if (*(int *)addr) 844 d->bd_rtout = -1; 845 else 846 d->bd_rtout = 0; 847 break; 848 849 case FIOASYNC: /* Send signal on receive packets */ 850 d->bd_async = *(int *)addr; 851 break; 852 853 /* 854 * N.B. ioctl (FIOSETOWN) and fcntl (F_SETOWN) both end up doing 855 * the equivalent of a TIOCSPGRP and hence end up here. *However* 856 * TIOCSPGRP's arg is a process group if it's positive and a process 857 * id if it's negative. This is exactly the opposite of what the 858 * other two functions want! Therefore there is code in ioctl and 859 * fcntl to negate the arg before calling here. 860 */ 861 case TIOCSPGRP: /* Process or group to send signals to */ 862 d->bd_pgid = *(int *)addr; 863 d->bd_siguid = p->p_ucred->cr_ruid; 864 d->bd_sigeuid = p->p_ucred->cr_uid; 865 break; 866 867 case TIOCGPGRP: 868 *(int *)addr = d->bd_pgid; 869 break; 870 871 case BIOCSRSIG: /* Set receive signal */ 872 { 873 u_int sig; 874 875 sig = *(u_int *)addr; 876 877 if (sig >= NSIG) 878 error = EINVAL; 879 else 880 d->bd_sig = sig; 881 break; 882 } 883 case BIOCGRSIG: 884 *(u_int *)addr = d->bd_sig; 885 break; 886 } 887 return (error); 888 } 889 890 /* 891 * Set d's packet filter program to fp. If this file already has a filter, 892 * free it and replace it. Returns EINVAL for bogus requests. 893 */ 894 int 895 bpf_setf(struct bpf_d *d, struct bpf_program *fp, int wf) 896 { 897 struct bpf_insn *fcode, *old; 898 u_int flen, size; 899 int s; 900 901 old = wf ? d->bd_wfilter : d->bd_rfilter; 902 if (fp->bf_insns == 0) { 903 if (fp->bf_len != 0) 904 return (EINVAL); 905 s = splnet(); 906 if (wf) 907 d->bd_wfilter = NULL; 908 else 909 d->bd_rfilter = NULL; 910 bpf_reset_d(d); 911 splx(s); 912 free(old, M_DEVBUF, 0); 913 return (0); 914 } 915 flen = fp->bf_len; 916 if (flen > BPF_MAXINSNS) 917 return (EINVAL); 918 919 size = flen * sizeof(*fp->bf_insns); 920 fcode = (struct bpf_insn *)malloc(size, M_DEVBUF, M_WAITOK); 921 if (copyin((caddr_t)fp->bf_insns, (caddr_t)fcode, size) == 0 && 922 bpf_validate(fcode, (int)flen)) { 923 s = splnet(); 924 if (wf) 925 d->bd_wfilter = fcode; 926 else 927 d->bd_rfilter = fcode; 928 bpf_reset_d(d); 929 splx(s); 930 free(old, M_DEVBUF, 0); 931 932 return (0); 933 } 934 free(fcode, M_DEVBUF, size); 935 return (EINVAL); 936 } 937 938 /* 939 * Detach a file from its current interface (if attached at all) and attach 940 * to the interface indicated by the name stored in ifr. 941 * Return an errno or 0. 942 */ 943 int 944 bpf_setif(struct bpf_d *d, struct ifreq *ifr) 945 { 946 struct bpf_if *bp, *candidate = NULL; 947 int s; 948 949 /* 950 * Look through attached interfaces for the named one. 951 */ 952 for (bp = bpf_iflist; bp != NULL; bp = bp->bif_next) { 953 struct ifnet *ifp = bp->bif_ifp; 954 955 if (ifp == NULL || 956 strcmp(ifp->if_xname, ifr->ifr_name) != 0) 957 continue; 958 959 if (candidate == NULL || candidate->bif_dlt > bp->bif_dlt) 960 candidate = bp; 961 } 962 963 if (candidate != NULL) { 964 /* 965 * Allocate the packet buffers if we need to. 966 * If we're already attached to requested interface, 967 * just flush the buffer. 968 */ 969 if (d->bd_sbuf == NULL) 970 bpf_allocbufs(d); 971 s = splnet(); 972 if (candidate != d->bd_bif) { 973 if (d->bd_bif) 974 /* 975 * Detach if attached to something else. 976 */ 977 bpf_detachd(d); 978 979 bpf_attachd(d, candidate); 980 } 981 bpf_reset_d(d); 982 splx(s); 983 return (0); 984 } 985 /* Not found. */ 986 return (ENXIO); 987 } 988 989 /* 990 * Copy the interface name to the ifreq. 991 */ 992 void 993 bpf_ifname(struct ifnet *ifp, struct ifreq *ifr) 994 { 995 bcopy(ifp->if_xname, ifr->ifr_name, IFNAMSIZ); 996 } 997 998 /* 999 * Support for poll() system call 1000 */ 1001 int 1002 bpfpoll(dev_t dev, int events, struct proc *p) 1003 { 1004 struct bpf_d *d; 1005 int s, revents; 1006 1007 /* 1008 * An imitation of the FIONREAD ioctl code. 1009 */ 1010 d = bpfilter_lookup(minor(dev)); 1011 1012 /* 1013 * XXX The USB stack manages it to trigger some race condition 1014 * which causes bpfilter_lookup to return NULL when a USB device 1015 * gets detached while it is up and has an open bpf handler (e.g. 1016 * dhclient). We still should recheck if we can fix the root 1017 * cause of this issue. 1018 */ 1019 if (d == NULL) 1020 return (POLLERR); 1021 1022 /* Always ready to write data */ 1023 revents = events & (POLLOUT | POLLWRNORM); 1024 1025 if (events & (POLLIN | POLLRDNORM)) { 1026 s = splnet(); 1027 if (d->bd_hlen != 0 || (d->bd_immediate && d->bd_slen != 0)) 1028 revents |= events & (POLLIN | POLLRDNORM); 1029 else { 1030 /* 1031 * if there's a timeout, mark the time we 1032 * started waiting. 1033 */ 1034 if (d->bd_rtout != -1 && d->bd_rdStart == 0) 1035 d->bd_rdStart = ticks; 1036 selrecord(p, &d->bd_sel); 1037 } 1038 splx(s); 1039 } 1040 return (revents); 1041 } 1042 1043 struct filterops bpfread_filtops = 1044 { 1, NULL, filt_bpfrdetach, filt_bpfread }; 1045 1046 int 1047 bpfkqfilter(dev_t dev, struct knote *kn) 1048 { 1049 struct bpf_d *d; 1050 struct klist *klist; 1051 int s; 1052 1053 d = bpfilter_lookup(minor(dev)); 1054 switch (kn->kn_filter) { 1055 case EVFILT_READ: 1056 klist = &d->bd_sel.si_note; 1057 kn->kn_fop = &bpfread_filtops; 1058 break; 1059 default: 1060 return (EINVAL); 1061 } 1062 1063 kn->kn_hook = d; 1064 1065 s = splnet(); 1066 D_GET(d); 1067 SLIST_INSERT_HEAD(klist, kn, kn_selnext); 1068 if (d->bd_rtout != -1 && d->bd_rdStart == 0) 1069 d->bd_rdStart = ticks; 1070 splx(s); 1071 1072 return (0); 1073 } 1074 1075 void 1076 filt_bpfrdetach(struct knote *kn) 1077 { 1078 struct bpf_d *d = kn->kn_hook; 1079 int s; 1080 1081 s = splnet(); 1082 SLIST_REMOVE(&d->bd_sel.si_note, kn, knote, kn_selnext); 1083 D_PUT(d); 1084 splx(s); 1085 } 1086 1087 int 1088 filt_bpfread(struct knote *kn, long hint) 1089 { 1090 struct bpf_d *d = kn->kn_hook; 1091 1092 kn->kn_data = d->bd_hlen; 1093 if (d->bd_immediate) 1094 kn->kn_data += d->bd_slen; 1095 return (kn->kn_data > 0); 1096 } 1097 1098 /* 1099 * Incoming linkage from device drivers. Process the packet pkt, of length 1100 * pktlen, which is stored in a contiguous buffer. The packet is parsed 1101 * by each process' filter, and if accepted, stashed into the corresponding 1102 * buffer. 1103 */ 1104 int 1105 bpf_tap(caddr_t arg, u_char *pkt, u_int pktlen, u_int direction) 1106 { 1107 struct bpf_if *bp; 1108 struct bpf_d *d; 1109 size_t slen; 1110 struct timeval tv; 1111 int drop = 0, gottime = 0; 1112 1113 /* 1114 * Note that the ipl does not have to be raised at this point. 1115 * The only problem that could arise here is that if two different 1116 * interfaces shared any data. This is not the case. 1117 */ 1118 bp = (struct bpf_if *)arg; 1119 for (d = bp->bif_dlist; d != NULL; d = d->bd_next) { 1120 ++d->bd_rcount; 1121 if ((direction & d->bd_dirfilt) != 0) 1122 slen = 0; 1123 else 1124 slen = bpf_filter(d->bd_rfilter, pkt, pktlen, pktlen); 1125 if (slen != 0) { 1126 if (!gottime++) 1127 microtime(&tv); 1128 bpf_catchpacket(d, pkt, pktlen, slen, bcopy, &tv); 1129 if (d->bd_fildrop) 1130 drop++; 1131 } 1132 } 1133 1134 return (drop); 1135 } 1136 1137 /* 1138 * Copy data from an mbuf chain into a buffer. This code is derived 1139 * from m_copydata in sys/uipc_mbuf.c. 1140 */ 1141 void 1142 bpf_mcopy(const void *src_arg, void *dst_arg, size_t len) 1143 { 1144 const struct mbuf *m; 1145 u_int count; 1146 u_char *dst; 1147 1148 m = src_arg; 1149 dst = dst_arg; 1150 while (len > 0) { 1151 if (m == 0) 1152 panic("bpf_mcopy"); 1153 count = min(m->m_len, len); 1154 bcopy(mtod(m, caddr_t), (caddr_t)dst, count); 1155 m = m->m_next; 1156 dst += count; 1157 len -= count; 1158 } 1159 } 1160 1161 /* 1162 * like bpf_mtap, but copy fn can be given. used by various bpf_mtap* 1163 */ 1164 void 1165 _bpf_mtap(caddr_t arg, struct mbuf *m, u_int direction, 1166 void (*cpfn)(const void *, void *, size_t)) 1167 { 1168 struct bpf_if *bp = (struct bpf_if *)arg; 1169 struct bpf_d *d; 1170 size_t pktlen, slen; 1171 struct mbuf *m0; 1172 struct timeval tv; 1173 int gottime = 0; 1174 1175 if (m == NULL) 1176 return; 1177 1178 if (cpfn == NULL) 1179 cpfn = bpf_mcopy; 1180 1181 pktlen = 0; 1182 for (m0 = m; m0 != NULL; m0 = m0->m_next) 1183 pktlen += m0->m_len; 1184 1185 for (d = bp->bif_dlist; d != NULL; d = d->bd_next) { 1186 ++d->bd_rcount; 1187 if ((direction & d->bd_dirfilt) != 0) 1188 slen = 0; 1189 else 1190 slen = bpf_filter(d->bd_rfilter, (u_char *)m, 1191 pktlen, 0); 1192 1193 if (slen == 0) 1194 continue; 1195 1196 if (!gottime++) 1197 microtime(&tv); 1198 bpf_catchpacket(d, (u_char *)m, pktlen, slen, cpfn, &tv); 1199 if (d->bd_fildrop) 1200 m->m_flags |= M_FILDROP; 1201 } 1202 } 1203 1204 /* 1205 * Incoming linkage from device drivers, when packet is in an mbuf chain. 1206 */ 1207 void 1208 bpf_mtap(caddr_t arg, struct mbuf *m, u_int direction) 1209 { 1210 _bpf_mtap(arg, m, direction, NULL); 1211 } 1212 1213 /* 1214 * Incoming linkage from device drivers, where we have a mbuf chain 1215 * but need to prepend some arbitrary header from a linear buffer. 1216 * 1217 * Con up a minimal dummy header to pacify bpf. Allocate (only) a 1218 * struct m_hdr on the stack. This is safe as bpf only reads from the 1219 * fields in this header that we initialize, and will not try to free 1220 * it or keep a pointer to it. 1221 */ 1222 void 1223 bpf_mtap_hdr(caddr_t arg, caddr_t data, u_int dlen, struct mbuf *m, 1224 u_int direction, void (*cpfn)(const void *, void *, size_t)) 1225 { 1226 struct m_hdr mh; 1227 struct mbuf *m0; 1228 1229 if (dlen > 0) { 1230 mh.mh_flags = 0; 1231 mh.mh_next = m; 1232 mh.mh_len = dlen; 1233 mh.mh_data = data; 1234 m0 = (struct mbuf *)&mh; 1235 } else 1236 m0 = m; 1237 1238 _bpf_mtap(arg, m0, direction, cpfn); 1239 if (m0 != m) 1240 m->m_flags |= m0->m_flags & M_FILDROP; 1241 } 1242 1243 /* 1244 * Incoming linkage from device drivers, where we have a mbuf chain 1245 * but need to prepend the address family. 1246 * 1247 * Con up a minimal dummy header to pacify bpf. We allocate (only) a 1248 * struct m_hdr on the stack. This is safe as bpf only reads from the 1249 * fields in this header that we initialize, and will not try to free 1250 * it or keep a pointer to it. 1251 */ 1252 void 1253 bpf_mtap_af(caddr_t arg, u_int32_t af, struct mbuf *m, u_int direction) 1254 { 1255 u_int32_t afh; 1256 1257 afh = htonl(af); 1258 bpf_mtap_hdr(arg, (caddr_t)&afh, sizeof(afh), m, direction, NULL); 1259 } 1260 1261 /* 1262 * Incoming linkage from device drivers, where we have a mbuf chain 1263 * but need to prepend a VLAN encapsulation header. 1264 * 1265 * Con up a minimal dummy header to pacify bpf. Allocate (only) a 1266 * struct m_hdr on the stack. This is safe as bpf only reads from the 1267 * fields in this header that we initialize, and will not try to free 1268 * it or keep a pointer to it. 1269 */ 1270 void 1271 bpf_mtap_ether(caddr_t arg, struct mbuf *m, u_int direction) 1272 { 1273 #if NVLAN > 0 1274 struct ether_vlan_header evh; 1275 1276 if ((m->m_flags & M_VLANTAG) == 0) 1277 #endif 1278 { 1279 bpf_mtap(arg, m, direction); 1280 return; 1281 } 1282 1283 #if NVLAN > 0 1284 bcopy(mtod(m, char *), &evh, ETHER_HDR_LEN); 1285 evh.evl_proto = evh.evl_encap_proto; 1286 evh.evl_encap_proto = htons(ETHERTYPE_VLAN); 1287 evh.evl_tag = htons(m->m_pkthdr.ether_vtag); 1288 m->m_len -= ETHER_HDR_LEN; 1289 m->m_data += ETHER_HDR_LEN; 1290 1291 bpf_mtap_hdr(arg, (caddr_t)&evh, sizeof(evh), m, direction, NULL); 1292 1293 m->m_len += ETHER_HDR_LEN; 1294 m->m_data -= ETHER_HDR_LEN; 1295 #endif 1296 } 1297 1298 /* 1299 * Move the packet data from interface memory (pkt) into the 1300 * store buffer. Return 1 if it's time to wakeup a listener (buffer full), 1301 * otherwise 0. "copy" is the routine called to do the actual data 1302 * transfer. bcopy is passed in to copy contiguous chunks, while 1303 * bpf_mcopy is passed in to copy mbuf chains. In the latter case, 1304 * pkt is really an mbuf. 1305 */ 1306 void 1307 bpf_catchpacket(struct bpf_d *d, u_char *pkt, size_t pktlen, size_t snaplen, 1308 void (*cpfn)(const void *, void *, size_t), struct timeval *tv) 1309 { 1310 struct bpf_hdr *hp; 1311 int totlen, curlen; 1312 int hdrlen = d->bd_bif->bif_hdrlen; 1313 1314 /* 1315 * Figure out how many bytes to move. If the packet is 1316 * greater or equal to the snapshot length, transfer that 1317 * much. Otherwise, transfer the whole packet (unless 1318 * we hit the buffer size limit). 1319 */ 1320 totlen = hdrlen + min(snaplen, pktlen); 1321 if (totlen > d->bd_bufsize) 1322 totlen = d->bd_bufsize; 1323 1324 /* 1325 * Round up the end of the previous packet to the next longword. 1326 */ 1327 curlen = BPF_WORDALIGN(d->bd_slen); 1328 if (curlen + totlen > d->bd_bufsize) { 1329 /* 1330 * This packet will overflow the storage buffer. 1331 * Rotate the buffers if we can, then wakeup any 1332 * pending reads. 1333 */ 1334 if (d->bd_fbuf == NULL) { 1335 /* 1336 * We haven't completed the previous read yet, 1337 * so drop the packet. 1338 */ 1339 ++d->bd_dcount; 1340 return; 1341 } 1342 ROTATE_BUFFERS(d); 1343 bpf_wakeup(d); 1344 curlen = 0; 1345 } 1346 1347 /* 1348 * Append the bpf header. 1349 */ 1350 hp = (struct bpf_hdr *)(d->bd_sbuf + curlen); 1351 hp->bh_tstamp.tv_sec = tv->tv_sec; 1352 hp->bh_tstamp.tv_usec = tv->tv_usec; 1353 hp->bh_datalen = pktlen; 1354 hp->bh_hdrlen = hdrlen; 1355 /* 1356 * Copy the packet data into the store buffer and update its length. 1357 */ 1358 (*cpfn)(pkt, (u_char *)hp + hdrlen, (hp->bh_caplen = totlen - hdrlen)); 1359 d->bd_slen = curlen + totlen; 1360 1361 if (d->bd_immediate) { 1362 /* 1363 * Immediate mode is set. A packet arrived so any 1364 * reads should be woken up. 1365 */ 1366 bpf_wakeup(d); 1367 } 1368 1369 if (d->bd_rdStart && (d->bd_rtout + d->bd_rdStart < ticks)) { 1370 /* 1371 * we could be selecting on the bpf, and we 1372 * may have timeouts set. We got here by getting 1373 * a packet, so wake up the reader. 1374 */ 1375 if (d->bd_fbuf) { 1376 d->bd_rdStart = 0; 1377 ROTATE_BUFFERS(d); 1378 bpf_wakeup(d); 1379 } 1380 } 1381 } 1382 1383 /* 1384 * Initialize all nonzero fields of a descriptor. 1385 */ 1386 void 1387 bpf_allocbufs(struct bpf_d *d) 1388 { 1389 d->bd_fbuf = malloc(d->bd_bufsize, M_DEVBUF, M_WAITOK); 1390 d->bd_sbuf = malloc(d->bd_bufsize, M_DEVBUF, M_WAITOK); 1391 d->bd_slen = 0; 1392 d->bd_hlen = 0; 1393 } 1394 1395 /* 1396 * Free buffers currently in use by a descriptor 1397 * when the reference count drops to zero. 1398 */ 1399 void 1400 bpf_freed(struct bpf_d *d) 1401 { 1402 if (--d->bd_ref > 0) 1403 return; 1404 1405 free(d->bd_sbuf, M_DEVBUF, 0); 1406 free(d->bd_hbuf, M_DEVBUF, 0); 1407 free(d->bd_fbuf, M_DEVBUF, 0); 1408 free(d->bd_rfilter, M_DEVBUF, 0); 1409 free(d->bd_wfilter, M_DEVBUF, 0); 1410 1411 bpfilter_destroy(d); 1412 } 1413 1414 /* 1415 * Attach an interface to bpf. driverp is a pointer to a (struct bpf_if *) 1416 * in the driver's softc; dlt is the link layer type; hdrlen is the fixed 1417 * size of the link header (variable length headers not yet supported). 1418 */ 1419 void 1420 bpfattach(caddr_t *driverp, struct ifnet *ifp, u_int dlt, u_int hdrlen) 1421 { 1422 struct bpf_if *bp; 1423 1424 if ((bp = malloc(sizeof(*bp), M_DEVBUF, M_NOWAIT)) == NULL) 1425 panic("bpfattach"); 1426 bp->bif_dlist = 0; 1427 bp->bif_driverp = (struct bpf_if **)driverp; 1428 bp->bif_ifp = ifp; 1429 bp->bif_dlt = dlt; 1430 1431 bp->bif_next = bpf_iflist; 1432 bpf_iflist = bp; 1433 1434 *bp->bif_driverp = NULL; 1435 1436 /* 1437 * Compute the length of the bpf header. This is not necessarily 1438 * equal to SIZEOF_BPF_HDR because we want to insert spacing such 1439 * that the network layer header begins on a longword boundary (for 1440 * performance reasons and to alleviate alignment restrictions). 1441 */ 1442 bp->bif_hdrlen = BPF_WORDALIGN(hdrlen + SIZEOF_BPF_HDR) - hdrlen; 1443 } 1444 1445 /* Detach an interface from its attached bpf device. */ 1446 void 1447 bpfdetach(struct ifnet *ifp) 1448 { 1449 struct bpf_if *bp, *nbp, **pbp = &bpf_iflist; 1450 struct bpf_d *bd; 1451 int maj; 1452 1453 for (bp = bpf_iflist; bp; bp = nbp) { 1454 nbp= bp->bif_next; 1455 if (bp->bif_ifp == ifp) { 1456 *pbp = nbp; 1457 1458 /* Locate the major number. */ 1459 for (maj = 0; maj < nchrdev; maj++) 1460 if (cdevsw[maj].d_open == bpfopen) 1461 break; 1462 1463 for (bd = bp->bif_dlist; bd; bd = bp->bif_dlist) { 1464 struct bpf_d *d; 1465 1466 /* 1467 * Locate the minor number and nuke the vnode 1468 * for any open instance. 1469 */ 1470 LIST_FOREACH(d, &bpf_d_list, bd_list) 1471 if (d == bd) { 1472 vdevgone(maj, d->bd_unit, 1473 d->bd_unit, VCHR); 1474 break; 1475 } 1476 } 1477 1478 free(bp, M_DEVBUF, 0); 1479 } else 1480 pbp = &bp->bif_next; 1481 } 1482 ifp->if_bpf = NULL; 1483 } 1484 1485 int 1486 bpf_sysctl_locked(int *name, u_int namelen, void *oldp, size_t *oldlenp, 1487 void *newp, size_t newlen) 1488 { 1489 int newval; 1490 int error; 1491 1492 switch (name[0]) { 1493 case NET_BPF_BUFSIZE: 1494 newval = bpf_bufsize; 1495 error = sysctl_int(oldp, oldlenp, newp, newlen, &newval); 1496 if (error) 1497 return (error); 1498 if (newval < BPF_MINBUFSIZE || newval > bpf_maxbufsize) 1499 return (EINVAL); 1500 bpf_bufsize = newval; 1501 break; 1502 case NET_BPF_MAXBUFSIZE: 1503 newval = bpf_maxbufsize; 1504 error = sysctl_int(oldp, oldlenp, newp, newlen, &newval); 1505 if (error) 1506 return (error); 1507 if (newval < BPF_MINBUFSIZE) 1508 return (EINVAL); 1509 bpf_maxbufsize = newval; 1510 break; 1511 default: 1512 return (EOPNOTSUPP); 1513 } 1514 return (0); 1515 } 1516 1517 int 1518 bpf_sysctl(int *name, u_int namelen, void *oldp, size_t *oldlenp, void *newp, 1519 size_t newlen) 1520 { 1521 static struct rwlock bpf_sysctl_lk = RWLOCK_INITIALIZER("bpfsz"); 1522 int flags = RW_INTR; 1523 int error; 1524 1525 if (namelen != 1) 1526 return (ENOTDIR); 1527 1528 flags |= (newp == NULL) ? RW_READ : RW_WRITE; 1529 1530 error = rw_enter(&bpf_sysctl_lk, flags); 1531 if (error != 0) 1532 return (error); 1533 1534 error = bpf_sysctl_locked(name, namelen, oldp, oldlenp, newp, newlen); 1535 1536 rw_exit(&bpf_sysctl_lk); 1537 1538 return (error); 1539 } 1540 1541 struct bpf_d * 1542 bpfilter_lookup(int unit) 1543 { 1544 struct bpf_d *bd; 1545 1546 LIST_FOREACH(bd, &bpf_d_list, bd_list) 1547 if (bd->bd_unit == unit) 1548 return (bd); 1549 return (NULL); 1550 } 1551 1552 struct bpf_d * 1553 bpfilter_create(int unit) 1554 { 1555 struct bpf_d *bd; 1556 1557 if ((bd = bpfilter_lookup(unit)) != NULL) 1558 return (NULL); 1559 if ((bd = malloc(sizeof(*bd), M_DEVBUF, M_NOWAIT|M_ZERO)) != NULL) { 1560 bd->bd_unit = unit; 1561 LIST_INSERT_HEAD(&bpf_d_list, bd, bd_list); 1562 } 1563 return (bd); 1564 } 1565 1566 void 1567 bpfilter_destroy(struct bpf_d *bd) 1568 { 1569 LIST_REMOVE(bd, bd_list); 1570 free(bd, M_DEVBUF, sizeof(*bd)); 1571 } 1572 1573 /* 1574 * Get a list of available data link type of the interface. 1575 */ 1576 int 1577 bpf_getdltlist(struct bpf_d *d, struct bpf_dltlist *bfl) 1578 { 1579 int n, error; 1580 struct ifnet *ifp; 1581 struct bpf_if *bp; 1582 1583 ifp = d->bd_bif->bif_ifp; 1584 n = 0; 1585 error = 0; 1586 for (bp = bpf_iflist; bp != NULL; bp = bp->bif_next) { 1587 if (bp->bif_ifp != ifp) 1588 continue; 1589 if (bfl->bfl_list != NULL) { 1590 if (n >= bfl->bfl_len) 1591 return (ENOMEM); 1592 error = copyout(&bp->bif_dlt, 1593 bfl->bfl_list + n, sizeof(u_int)); 1594 if (error) 1595 break; 1596 } 1597 n++; 1598 } 1599 1600 bfl->bfl_len = n; 1601 return (error); 1602 } 1603 1604 /* 1605 * Set the data link type of a BPF instance. 1606 */ 1607 int 1608 bpf_setdlt(struct bpf_d *d, u_int dlt) 1609 { 1610 int s; 1611 struct ifnet *ifp; 1612 struct bpf_if *bp; 1613 1614 if (d->bd_bif->bif_dlt == dlt) 1615 return (0); 1616 ifp = d->bd_bif->bif_ifp; 1617 for (bp = bpf_iflist; bp != NULL; bp = bp->bif_next) { 1618 if (bp->bif_ifp == ifp && bp->bif_dlt == dlt) 1619 break; 1620 } 1621 if (bp == NULL) 1622 return (EINVAL); 1623 s = splnet(); 1624 bpf_detachd(d); 1625 bpf_attachd(d, bp); 1626 bpf_reset_d(d); 1627 splx(s); 1628 return (0); 1629 } 1630