1 /* 2 * Copyright (c) 1990, 1991, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * This code is derived from the Stanford/CMU enet packet filter, 6 * (net/enet.c) distributed as part of 4.3BSD, and code contributed 7 * to Berkeley by Steven McCanne and Van Jacobson both of Lawrence 8 * Berkeley Laboratory. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 3. All advertising materials mentioning features or use of this software 19 * must display the following acknowledgement: 20 * This product includes software developed by the University of 21 * California, Berkeley and its contributors. 22 * 4. Neither the name of the University nor the names of its contributors 23 * may be used to endorse or promote products derived from this software 24 * without specific prior written permission. 25 * 26 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 27 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 28 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 29 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 30 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 31 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 34 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 35 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 36 * SUCH DAMAGE. 37 * 38 * @(#)bpf.c 8.2 (Berkeley) 3/28/94 39 * 40 * $FreeBSD: src/sys/net/bpf.c,v 1.59.2.12 2002/04/14 21:41:48 luigi Exp $ 41 * $DragonFly: src/sys/net/bpf.c,v 1.17 2004/05/19 22:52:59 dillon Exp $ 42 */ 43 44 #include "use_bpf.h" 45 46 #ifndef __GNUC__ 47 #define inline 48 #else 49 #define inline __inline 50 #endif 51 52 #include <sys/param.h> 53 #include <sys/systm.h> 54 #include <sys/conf.h> 55 #include <sys/malloc.h> 56 #include <sys/mbuf.h> 57 #include <sys/time.h> 58 #include <sys/proc.h> 59 #include <sys/signalvar.h> 60 #include <sys/filio.h> 61 #include <sys/sockio.h> 62 #include <sys/ttycom.h> 63 #include <sys/filedesc.h> 64 65 #if defined(sparc) && BSD < 199103 66 #include <sys/stream.h> 67 #endif 68 #include <sys/poll.h> 69 70 #include <sys/socket.h> 71 #include <sys/vnode.h> 72 73 #include <net/if.h> 74 #include <net/bpf.h> 75 #include <net/bpfdesc.h> 76 77 #include <netinet/in.h> 78 #include <netinet/if_ether.h> 79 #include <sys/kernel.h> 80 #include <sys/sysctl.h> 81 82 MALLOC_DEFINE(M_BPF, "BPF", "BPF data"); 83 84 #if NBPF > 0 85 86 /* 87 * Older BSDs don't have kernel malloc. 88 */ 89 #if BSD < 199103 90 extern bcopy(); 91 static caddr_t bpf_alloc(); 92 #include <net/bpf_compat.h> 93 #define BPF_BUFSIZE (MCLBYTES-8) 94 #define UIOMOVE(cp, len, code, uio) uiomove(cp, len, code, uio) 95 #else 96 #define BPF_BUFSIZE 4096 97 #define UIOMOVE(cp, len, code, uio) uiomove(cp, len, uio) 98 #endif 99 100 #define PRINET 26 /* interruptible */ 101 102 /* 103 * The default read buffer size is patchable. 104 */ 105 static int bpf_bufsize = BPF_BUFSIZE; 106 SYSCTL_INT(_debug, OID_AUTO, bpf_bufsize, CTLFLAG_RW, 107 &bpf_bufsize, 0, ""); 108 static int bpf_maxbufsize = BPF_MAXBUFSIZE; 109 SYSCTL_INT(_debug, OID_AUTO, bpf_maxbufsize, CTLFLAG_RW, 110 &bpf_maxbufsize, 0, ""); 111 112 /* 113 * bpf_iflist is the list of interfaces; each corresponds to an ifnet 114 */ 115 static struct bpf_if *bpf_iflist; 116 117 static int bpf_allocbufs (struct bpf_d *); 118 static void bpf_attachd (struct bpf_d *d, struct bpf_if *bp); 119 static void bpf_detachd (struct bpf_d *d); 120 static void bpf_freed (struct bpf_d *); 121 static void bpf_mcopy (const void *, void *, size_t); 122 static int bpf_movein (struct uio *, int, 123 struct mbuf **, struct sockaddr *, int *); 124 static int bpf_setif (struct bpf_d *, struct ifreq *); 125 static void bpf_timed_out (void *); 126 static inline void 127 bpf_wakeup (struct bpf_d *); 128 static void catchpacket (struct bpf_d *, u_char *, u_int, 129 u_int, void (*)(const void *, void *, size_t)); 130 static void reset_d (struct bpf_d *); 131 static int bpf_setf (struct bpf_d *, struct bpf_program *); 132 133 static d_open_t bpfopen; 134 static d_close_t bpfclose; 135 static d_read_t bpfread; 136 static d_write_t bpfwrite; 137 static d_ioctl_t bpfioctl; 138 static d_poll_t bpfpoll; 139 140 #define CDEV_MAJOR 23 141 static struct cdevsw bpf_cdevsw = { 142 /* name */ "bpf", 143 /* maj */ CDEV_MAJOR, 144 /* flags */ 0, 145 /* port */ NULL, 146 /* clone */ NULL, 147 148 /* open */ bpfopen, 149 /* close */ bpfclose, 150 /* read */ bpfread, 151 /* write */ bpfwrite, 152 /* ioctl */ bpfioctl, 153 /* poll */ bpfpoll, 154 /* mmap */ nommap, 155 /* strategy */ nostrategy, 156 /* dump */ nodump, 157 /* psize */ nopsize 158 }; 159 160 161 static int 162 bpf_movein(uio, linktype, mp, sockp, datlen) 163 struct uio *uio; 164 int linktype, *datlen; 165 struct mbuf **mp; 166 struct sockaddr *sockp; 167 { 168 struct mbuf *m; 169 int error; 170 int len; 171 int hlen; 172 173 /* 174 * Build a sockaddr based on the data link layer type. 175 * We do this at this level because the ethernet header 176 * is copied directly into the data field of the sockaddr. 177 * In the case of SLIP, there is no header and the packet 178 * is forwarded as is. 179 * Also, we are careful to leave room at the front of the mbuf 180 * for the link level header. 181 */ 182 switch (linktype) { 183 184 case DLT_SLIP: 185 sockp->sa_family = AF_INET; 186 hlen = 0; 187 break; 188 189 case DLT_EN10MB: 190 sockp->sa_family = AF_UNSPEC; 191 /* XXX Would MAXLINKHDR be better? */ 192 hlen = sizeof(struct ether_header); 193 break; 194 195 case DLT_FDDI: 196 #if defined(__DragonFly__) || defined(__FreeBSD__) || defined(__bsdi__) 197 sockp->sa_family = AF_IMPLINK; 198 hlen = 0; 199 #else 200 sockp->sa_family = AF_UNSPEC; 201 /* XXX 4(FORMAC)+6(dst)+6(src)+3(LLC)+5(SNAP) */ 202 hlen = 24; 203 #endif 204 break; 205 206 case DLT_RAW: 207 case DLT_NULL: 208 sockp->sa_family = AF_UNSPEC; 209 hlen = 0; 210 break; 211 212 #if defined(__DragonFly__) || defined(__FreeBSD__) 213 case DLT_ATM_RFC1483: 214 /* 215 * en atm driver requires 4-byte atm pseudo header. 216 * though it isn't standard, vpi:vci needs to be 217 * specified anyway. 218 */ 219 sockp->sa_family = AF_UNSPEC; 220 hlen = 12; /* XXX 4(ATM_PH) + 3(LLC) + 5(SNAP) */ 221 break; 222 #endif 223 case DLT_PPP: 224 sockp->sa_family = AF_UNSPEC; 225 hlen = 4; /* This should match PPP_HDRLEN */ 226 break; 227 228 default: 229 return (EIO); 230 } 231 232 len = uio->uio_resid; 233 *datlen = len - hlen; 234 if ((unsigned)len > MCLBYTES) 235 return (EIO); 236 237 MGETHDR(m, M_WAIT, MT_DATA); 238 if (m == 0) 239 return (ENOBUFS); 240 if (len > MHLEN) { 241 #if BSD >= 199103 242 MCLGET(m, M_WAIT); 243 if ((m->m_flags & M_EXT) == 0) { 244 #else 245 MCLGET(m); 246 if (m->m_len != MCLBYTES) { 247 #endif 248 error = ENOBUFS; 249 goto bad; 250 } 251 } 252 m->m_pkthdr.len = m->m_len = len; 253 m->m_pkthdr.rcvif = NULL; 254 *mp = m; 255 /* 256 * Make room for link header. 257 */ 258 if (hlen != 0) { 259 m->m_pkthdr.len -= hlen; 260 m->m_len -= hlen; 261 #if BSD >= 199103 262 m->m_data += hlen; /* XXX */ 263 #else 264 m->m_off += hlen; 265 #endif 266 error = UIOMOVE((caddr_t)sockp->sa_data, hlen, UIO_WRITE, uio); 267 if (error) 268 goto bad; 269 } 270 error = UIOMOVE(mtod(m, caddr_t), len - hlen, UIO_WRITE, uio); 271 if (!error) 272 return (0); 273 bad: 274 m_freem(m); 275 return (error); 276 } 277 278 /* 279 * Attach file to the bpf interface, i.e. make d listen on bp. 280 * Must be called at splimp. 281 */ 282 static void 283 bpf_attachd(d, bp) 284 struct bpf_d *d; 285 struct bpf_if *bp; 286 { 287 /* 288 * Point d at bp, and add d to the interface's list of listeners. 289 * Finally, point the driver's bpf cookie at the interface so 290 * it will divert packets to bpf. 291 */ 292 d->bd_bif = bp; 293 d->bd_next = bp->bif_dlist; 294 bp->bif_dlist = d; 295 296 bp->bif_ifp->if_bpf = bp; 297 } 298 299 /* 300 * Detach a file from its interface. 301 */ 302 static void 303 bpf_detachd(d) 304 struct bpf_d *d; 305 { 306 struct bpf_d **p; 307 struct bpf_if *bp; 308 309 bp = d->bd_bif; 310 /* 311 * Check if this descriptor had requested promiscuous mode. 312 * If so, turn it off. 313 */ 314 if (d->bd_promisc) { 315 d->bd_promisc = 0; 316 if (ifpromisc(bp->bif_ifp, 0)) 317 /* 318 * Something is really wrong if we were able to put 319 * the driver into promiscuous mode, but can't 320 * take it out. 321 */ 322 panic("bpf: ifpromisc failed"); 323 } 324 /* Remove d from the interface's descriptor list. */ 325 p = &bp->bif_dlist; 326 while (*p != d) { 327 p = &(*p)->bd_next; 328 if (*p == 0) 329 panic("bpf_detachd: descriptor not in list"); 330 } 331 *p = (*p)->bd_next; 332 if (bp->bif_dlist == 0) 333 /* 334 * Let the driver know that there are no more listeners. 335 */ 336 d->bd_bif->bif_ifp->if_bpf = 0; 337 d->bd_bif = 0; 338 } 339 340 /* 341 * Open ethernet device. Returns ENXIO for illegal minor device number, 342 * EBUSY if file is open by another process. 343 */ 344 /* ARGSUSED */ 345 static int 346 bpfopen(dev_t dev, int flags, int fmt, struct thread *td) 347 { 348 struct bpf_d *d; 349 struct proc *p = td->td_proc; 350 351 KKASSERT(p != NULL); 352 353 if (p->p_ucred->cr_prison) 354 return (EPERM); 355 356 d = dev->si_drv1; 357 /* 358 * Each minor can be opened by only one process. If the requested 359 * minor is in use, return EBUSY. 360 */ 361 if (d) 362 return (EBUSY); 363 make_dev(&bpf_cdevsw, minor(dev), 0, 0, 0600, "bpf%d", lminor(dev)); 364 MALLOC(d, struct bpf_d *, sizeof(*d), M_BPF, M_WAITOK | M_ZERO); 365 dev->si_drv1 = d; 366 d->bd_bufsize = bpf_bufsize; 367 d->bd_sig = SIGIO; 368 d->bd_seesent = 1; 369 callout_init(&d->bd_callout); 370 return (0); 371 } 372 373 /* 374 * Close the descriptor by detaching it from its interface, 375 * deallocating its buffers, and marking it free. 376 */ 377 /* ARGSUSED */ 378 static int 379 bpfclose(dev, flags, fmt, td) 380 dev_t dev; 381 int flags; 382 int fmt; 383 struct thread *td; 384 { 385 struct bpf_d *d = dev->si_drv1; 386 int s; 387 388 funsetown(d->bd_sigio); 389 s = splimp(); 390 if (d->bd_state == BPF_WAITING) 391 callout_stop(&d->bd_callout); 392 d->bd_state = BPF_IDLE; 393 if (d->bd_bif) 394 bpf_detachd(d); 395 splx(s); 396 bpf_freed(d); 397 dev->si_drv1 = 0; 398 free(d, M_BPF); 399 400 return (0); 401 } 402 403 /* 404 * Support for SunOS, which does not have tsleep. 405 */ 406 #if BSD < 199103 407 static 408 bpf_timeout(arg) 409 caddr_t arg; 410 { 411 struct bpf_d *d = (struct bpf_d *)arg; 412 d->bd_timedout = 1; 413 wakeup(arg); 414 } 415 416 #define BPF_SLEEP(chan, pri, s, t) bpf_sleep((struct bpf_d *)chan) 417 418 int 419 bpf_sleep(d) 420 struct bpf_d *d; 421 { 422 int rto = d->bd_rtout; 423 int st; 424 425 if (rto != 0) { 426 d->bd_timedout = 0; 427 timeout(bpf_timeout, (caddr_t)d, rto); 428 } 429 st = sleep((caddr_t)d, PRINET|PCATCH); 430 if (rto != 0) { 431 if (d->bd_timedout == 0) 432 untimeout(bpf_timeout, (caddr_t)d); 433 else if (st == 0) 434 return EWOULDBLOCK; 435 } 436 return (st != 0) ? EINTR : 0; 437 } 438 #else 439 #define BPF_SLEEP tsleep 440 #endif 441 442 /* 443 * Rotate the packet buffers in descriptor d. Move the store buffer 444 * into the hold slot, and the free buffer into the store slot. 445 * Zero the length of the new store buffer. 446 */ 447 #define ROTATE_BUFFERS(d) \ 448 (d)->bd_hbuf = (d)->bd_sbuf; \ 449 (d)->bd_hlen = (d)->bd_slen; \ 450 (d)->bd_sbuf = (d)->bd_fbuf; \ 451 (d)->bd_slen = 0; \ 452 (d)->bd_fbuf = 0; 453 /* 454 * bpfread - read next chunk of packets from buffers 455 */ 456 static int 457 bpfread(dev, uio, ioflag) 458 dev_t dev; 459 struct uio *uio; 460 int ioflag; 461 { 462 struct bpf_d *d = dev->si_drv1; 463 int timed_out; 464 int error; 465 int s; 466 467 /* 468 * Restrict application to use a buffer the same size as 469 * as kernel buffers. 470 */ 471 if (uio->uio_resid != d->bd_bufsize) 472 return (EINVAL); 473 474 s = splimp(); 475 if (d->bd_state == BPF_WAITING) 476 callout_stop(&d->bd_callout); 477 timed_out = (d->bd_state == BPF_TIMED_OUT); 478 d->bd_state = BPF_IDLE; 479 /* 480 * If the hold buffer is empty, then do a timed sleep, which 481 * ends when the timeout expires or when enough packets 482 * have arrived to fill the store buffer. 483 */ 484 while (d->bd_hbuf == 0) { 485 if ((d->bd_immediate || timed_out) && d->bd_slen != 0) { 486 /* 487 * A packet(s) either arrived since the previous 488 * read or arrived while we were asleep. 489 * Rotate the buffers and return what's here. 490 */ 491 ROTATE_BUFFERS(d); 492 break; 493 } 494 495 /* 496 * No data is available, check to see if the bpf device 497 * is still pointed at a real interface. If not, return 498 * ENXIO so that the userland process knows to rebind 499 * it before using it again. 500 */ 501 if (d->bd_bif == NULL) { 502 splx(s); 503 return (ENXIO); 504 } 505 506 if (ioflag & IO_NDELAY) { 507 splx(s); 508 return (EWOULDBLOCK); 509 } 510 error = BPF_SLEEP((caddr_t)d, PCATCH, "bpf", d->bd_rtout); 511 if (error == EINTR || error == ERESTART) { 512 splx(s); 513 return (error); 514 } 515 if (error == EWOULDBLOCK) { 516 /* 517 * On a timeout, return what's in the buffer, 518 * which may be nothing. If there is something 519 * in the store buffer, we can rotate the buffers. 520 */ 521 if (d->bd_hbuf) 522 /* 523 * We filled up the buffer in between 524 * getting the timeout and arriving 525 * here, so we don't need to rotate. 526 */ 527 break; 528 529 if (d->bd_slen == 0) { 530 splx(s); 531 return (0); 532 } 533 ROTATE_BUFFERS(d); 534 break; 535 } 536 } 537 /* 538 * At this point, we know we have something in the hold slot. 539 */ 540 splx(s); 541 542 /* 543 * Move data from hold buffer into user space. 544 * We know the entire buffer is transferred since 545 * we checked above that the read buffer is bpf_bufsize bytes. 546 */ 547 error = UIOMOVE(d->bd_hbuf, d->bd_hlen, UIO_READ, uio); 548 549 s = splimp(); 550 d->bd_fbuf = d->bd_hbuf; 551 d->bd_hbuf = 0; 552 d->bd_hlen = 0; 553 splx(s); 554 555 return (error); 556 } 557 558 559 /* 560 * If there are processes sleeping on this descriptor, wake them up. 561 */ 562 static inline void 563 bpf_wakeup(d) 564 struct bpf_d *d; 565 { 566 if (d->bd_state == BPF_WAITING) { 567 callout_stop(&d->bd_callout); 568 d->bd_state = BPF_IDLE; 569 } 570 wakeup((caddr_t)d); 571 if (d->bd_async && d->bd_sig && d->bd_sigio) 572 pgsigio(d->bd_sigio, d->bd_sig, 0); 573 574 #if BSD >= 199103 575 selwakeup(&d->bd_sel); 576 /* XXX */ 577 d->bd_sel.si_pid = 0; 578 #else 579 if (d->bd_selproc) { 580 selwakeup(d->bd_selproc, (int)d->bd_selcoll); 581 d->bd_selcoll = 0; 582 d->bd_selproc = 0; 583 } 584 #endif 585 } 586 587 static void 588 bpf_timed_out(arg) 589 void *arg; 590 { 591 struct bpf_d *d = (struct bpf_d *)arg; 592 int s; 593 594 s = splimp(); 595 if (d->bd_state == BPF_WAITING) { 596 d->bd_state = BPF_TIMED_OUT; 597 if (d->bd_slen != 0) 598 bpf_wakeup(d); 599 } 600 splx(s); 601 } 602 603 static int 604 bpfwrite(dev, uio, ioflag) 605 dev_t dev; 606 struct uio *uio; 607 int ioflag; 608 { 609 struct bpf_d *d = dev->si_drv1; 610 struct ifnet *ifp; 611 struct mbuf *m; 612 int error, s; 613 static struct sockaddr dst; 614 int datlen; 615 616 if (d->bd_bif == 0) 617 return (ENXIO); 618 619 ifp = d->bd_bif->bif_ifp; 620 621 if (uio->uio_resid == 0) 622 return (0); 623 624 error = bpf_movein(uio, (int)d->bd_bif->bif_dlt, &m, &dst, &datlen); 625 if (error) 626 return (error); 627 628 if (datlen > ifp->if_mtu) 629 return (EMSGSIZE); 630 631 if (d->bd_hdrcmplt) 632 dst.sa_family = pseudo_AF_HDRCMPLT; 633 634 s = splnet(); 635 #if BSD >= 199103 636 error = (*ifp->if_output)(ifp, m, &dst, (struct rtentry *)0); 637 #else 638 error = (*ifp->if_output)(ifp, m, &dst); 639 #endif 640 splx(s); 641 /* 642 * The driver frees the mbuf. 643 */ 644 return (error); 645 } 646 647 /* 648 * Reset a descriptor by flushing its packet buffer and clearing the 649 * receive and drop counts. Should be called at splimp. 650 */ 651 static void 652 reset_d(d) 653 struct bpf_d *d; 654 { 655 if (d->bd_hbuf) { 656 /* Free the hold buffer. */ 657 d->bd_fbuf = d->bd_hbuf; 658 d->bd_hbuf = 0; 659 } 660 d->bd_slen = 0; 661 d->bd_hlen = 0; 662 d->bd_rcount = 0; 663 d->bd_dcount = 0; 664 } 665 666 /* 667 * FIONREAD Check for read packet available. 668 * SIOCGIFADDR Get interface address - convenient hook to driver. 669 * BIOCGBLEN Get buffer len [for read()]. 670 * BIOCSETF Set ethernet read filter. 671 * BIOCFLUSH Flush read packet buffer. 672 * BIOCPROMISC Put interface into promiscuous mode. 673 * BIOCGDLT Get link layer type. 674 * BIOCGETIF Get interface name. 675 * BIOCSETIF Set interface. 676 * BIOCSRTIMEOUT Set read timeout. 677 * BIOCGRTIMEOUT Get read timeout. 678 * BIOCGSTATS Get packet stats. 679 * BIOCIMMEDIATE Set immediate mode. 680 * BIOCVERSION Get filter language version. 681 * BIOCGHDRCMPLT Get "header already complete" flag 682 * BIOCSHDRCMPLT Set "header already complete" flag 683 * BIOCGSEESENT Get "see packets sent" flag 684 * BIOCSSEESENT Set "see packets sent" flag 685 */ 686 /* ARGSUSED */ 687 static int 688 bpfioctl(dev_t dev, u_long cmd, caddr_t addr, int flags, struct thread *td) 689 { 690 struct bpf_d *d = dev->si_drv1; 691 int s, error = 0; 692 693 s = splimp(); 694 if (d->bd_state == BPF_WAITING) 695 callout_stop(&d->bd_callout); 696 d->bd_state = BPF_IDLE; 697 splx(s); 698 699 switch (cmd) { 700 701 default: 702 error = EINVAL; 703 break; 704 705 /* 706 * Check for read packet available. 707 */ 708 case FIONREAD: 709 { 710 int n; 711 712 s = splimp(); 713 n = d->bd_slen; 714 if (d->bd_hbuf) 715 n += d->bd_hlen; 716 splx(s); 717 718 *(int *)addr = n; 719 break; 720 } 721 722 case SIOCGIFADDR: 723 { 724 struct ifnet *ifp; 725 726 if (d->bd_bif == 0) 727 error = EINVAL; 728 else { 729 ifp = d->bd_bif->bif_ifp; 730 error = (*ifp->if_ioctl)(ifp, cmd, addr, 731 td->td_proc->p_ucred); 732 } 733 break; 734 } 735 736 /* 737 * Get buffer len [for read()]. 738 */ 739 case BIOCGBLEN: 740 *(u_int *)addr = d->bd_bufsize; 741 break; 742 743 /* 744 * Set buffer length. 745 */ 746 case BIOCSBLEN: 747 #if BSD < 199103 748 error = EINVAL; 749 #else 750 if (d->bd_bif != 0) 751 error = EINVAL; 752 else { 753 u_int size = *(u_int *)addr; 754 755 if (size > bpf_maxbufsize) 756 *(u_int *)addr = size = bpf_maxbufsize; 757 else if (size < BPF_MINBUFSIZE) 758 *(u_int *)addr = size = BPF_MINBUFSIZE; 759 d->bd_bufsize = size; 760 } 761 #endif 762 break; 763 764 /* 765 * Set link layer read filter. 766 */ 767 case BIOCSETF: 768 error = bpf_setf(d, (struct bpf_program *)addr); 769 break; 770 771 /* 772 * Flush read packet buffer. 773 */ 774 case BIOCFLUSH: 775 s = splimp(); 776 reset_d(d); 777 splx(s); 778 break; 779 780 /* 781 * Put interface into promiscuous mode. 782 */ 783 case BIOCPROMISC: 784 if (d->bd_bif == 0) { 785 /* 786 * No interface attached yet. 787 */ 788 error = EINVAL; 789 break; 790 } 791 s = splimp(); 792 if (d->bd_promisc == 0) { 793 error = ifpromisc(d->bd_bif->bif_ifp, 1); 794 if (error == 0) 795 d->bd_promisc = 1; 796 } 797 splx(s); 798 break; 799 800 /* 801 * Get device parameters. 802 */ 803 case BIOCGDLT: 804 if (d->bd_bif == 0) 805 error = EINVAL; 806 else 807 *(u_int *)addr = d->bd_bif->bif_dlt; 808 break; 809 810 /* 811 * Get interface name. 812 */ 813 case BIOCGETIF: 814 if (d->bd_bif == 0) 815 error = EINVAL; 816 else { 817 struct ifnet *const ifp = d->bd_bif->bif_ifp; 818 struct ifreq *const ifr = (struct ifreq *)addr; 819 820 strlcpy(ifr->ifr_name, ifp->if_xname, 821 sizeof(ifr->ifr_name)); 822 } 823 break; 824 825 /* 826 * Set interface. 827 */ 828 case BIOCSETIF: 829 error = bpf_setif(d, (struct ifreq *)addr); 830 break; 831 832 /* 833 * Set read timeout. 834 */ 835 case BIOCSRTIMEOUT: 836 { 837 struct timeval *tv = (struct timeval *)addr; 838 839 /* 840 * Subtract 1 tick from tvtohz() since this isn't 841 * a one-shot timer. 842 */ 843 if ((error = itimerfix(tv)) == 0) 844 d->bd_rtout = tvtohz_low(tv); 845 break; 846 } 847 848 /* 849 * Get read timeout. 850 */ 851 case BIOCGRTIMEOUT: 852 { 853 struct timeval *tv = (struct timeval *)addr; 854 855 tv->tv_sec = d->bd_rtout / hz; 856 tv->tv_usec = (d->bd_rtout % hz) * tick; 857 break; 858 } 859 860 /* 861 * Get packet stats. 862 */ 863 case BIOCGSTATS: 864 { 865 struct bpf_stat *bs = (struct bpf_stat *)addr; 866 867 bs->bs_recv = d->bd_rcount; 868 bs->bs_drop = d->bd_dcount; 869 break; 870 } 871 872 /* 873 * Set immediate mode. 874 */ 875 case BIOCIMMEDIATE: 876 d->bd_immediate = *(u_int *)addr; 877 break; 878 879 case BIOCVERSION: 880 { 881 struct bpf_version *bv = (struct bpf_version *)addr; 882 883 bv->bv_major = BPF_MAJOR_VERSION; 884 bv->bv_minor = BPF_MINOR_VERSION; 885 break; 886 } 887 888 /* 889 * Get "header already complete" flag 890 */ 891 case BIOCGHDRCMPLT: 892 *(u_int *)addr = d->bd_hdrcmplt; 893 break; 894 895 /* 896 * Set "header already complete" flag 897 */ 898 case BIOCSHDRCMPLT: 899 d->bd_hdrcmplt = *(u_int *)addr ? 1 : 0; 900 break; 901 902 /* 903 * Get "see sent packets" flag 904 */ 905 case BIOCGSEESENT: 906 *(u_int *)addr = d->bd_seesent; 907 break; 908 909 /* 910 * Set "see sent packets" flag 911 */ 912 case BIOCSSEESENT: 913 d->bd_seesent = *(u_int *)addr; 914 break; 915 916 case FIONBIO: /* Non-blocking I/O */ 917 break; 918 919 case FIOASYNC: /* Send signal on receive packets */ 920 d->bd_async = *(int *)addr; 921 break; 922 923 case FIOSETOWN: 924 error = fsetown(*(int *)addr, &d->bd_sigio); 925 break; 926 927 case FIOGETOWN: 928 *(int *)addr = fgetown(d->bd_sigio); 929 break; 930 931 /* This is deprecated, FIOSETOWN should be used instead. */ 932 case TIOCSPGRP: 933 error = fsetown(-(*(int *)addr), &d->bd_sigio); 934 break; 935 936 /* This is deprecated, FIOGETOWN should be used instead. */ 937 case TIOCGPGRP: 938 *(int *)addr = -fgetown(d->bd_sigio); 939 break; 940 941 case BIOCSRSIG: /* Set receive signal */ 942 { 943 u_int sig; 944 945 sig = *(u_int *)addr; 946 947 if (sig >= NSIG) 948 error = EINVAL; 949 else 950 d->bd_sig = sig; 951 break; 952 } 953 case BIOCGRSIG: 954 *(u_int *)addr = d->bd_sig; 955 break; 956 } 957 return (error); 958 } 959 960 /* 961 * Set d's packet filter program to fp. If this file already has a filter, 962 * free it and replace it. Returns EINVAL for bogus requests. 963 */ 964 static int 965 bpf_setf(d, fp) 966 struct bpf_d *d; 967 struct bpf_program *fp; 968 { 969 struct bpf_insn *fcode, *old; 970 u_int flen, size; 971 int s; 972 973 old = d->bd_filter; 974 if (fp->bf_insns == 0) { 975 if (fp->bf_len != 0) 976 return (EINVAL); 977 s = splimp(); 978 d->bd_filter = 0; 979 reset_d(d); 980 splx(s); 981 if (old != 0) 982 free((caddr_t)old, M_BPF); 983 return (0); 984 } 985 flen = fp->bf_len; 986 if (flen > BPF_MAXINSNS) 987 return (EINVAL); 988 989 size = flen * sizeof(*fp->bf_insns); 990 fcode = (struct bpf_insn *)malloc(size, M_BPF, M_WAITOK); 991 if (copyin((caddr_t)fp->bf_insns, (caddr_t)fcode, size) == 0 && 992 bpf_validate(fcode, (int)flen)) { 993 s = splimp(); 994 d->bd_filter = fcode; 995 reset_d(d); 996 splx(s); 997 if (old != 0) 998 free((caddr_t)old, M_BPF); 999 1000 return (0); 1001 } 1002 free((caddr_t)fcode, M_BPF); 1003 return (EINVAL); 1004 } 1005 1006 /* 1007 * Detach a file from its current interface (if attached at all) and attach 1008 * to the interface indicated by the name stored in ifr. 1009 * Return an errno or 0. 1010 */ 1011 static int 1012 bpf_setif(d, ifr) 1013 struct bpf_d *d; 1014 struct ifreq *ifr; 1015 { 1016 struct bpf_if *bp; 1017 int s, error; 1018 struct ifnet *theywant; 1019 1020 theywant = ifunit(ifr->ifr_name); 1021 if (theywant == 0) 1022 return ENXIO; 1023 1024 /* 1025 * Look through attached interfaces for the named one. 1026 */ 1027 for (bp = bpf_iflist; bp != 0; bp = bp->bif_next) { 1028 struct ifnet *ifp = bp->bif_ifp; 1029 1030 if (ifp == 0 || ifp != theywant) 1031 continue; 1032 /* 1033 * We found the requested interface. 1034 * If it's not up, return an error. 1035 * Allocate the packet buffers if we need to. 1036 * If we're already attached to requested interface, 1037 * just flush the buffer. 1038 */ 1039 if ((ifp->if_flags & IFF_UP) == 0) 1040 return (ENETDOWN); 1041 1042 if (d->bd_sbuf == 0) { 1043 error = bpf_allocbufs(d); 1044 if (error != 0) 1045 return (error); 1046 } 1047 s = splimp(); 1048 if (bp != d->bd_bif) { 1049 if (d->bd_bif) 1050 /* 1051 * Detach if attached to something else. 1052 */ 1053 bpf_detachd(d); 1054 1055 bpf_attachd(d, bp); 1056 } 1057 reset_d(d); 1058 splx(s); 1059 return (0); 1060 } 1061 /* Not found. */ 1062 return (ENXIO); 1063 } 1064 1065 /* 1066 * Support for select() and poll() system calls 1067 * 1068 * Return true iff the specific operation will not block indefinitely. 1069 * Otherwise, return false but make a note that a selwakeup() must be done. 1070 */ 1071 int 1072 bpfpoll(dev_t dev, int events, struct thread *td) 1073 { 1074 struct bpf_d *d; 1075 int s; 1076 int revents; 1077 1078 d = dev->si_drv1; 1079 if (d->bd_bif == NULL) 1080 return (ENXIO); 1081 1082 revents = events & (POLLOUT | POLLWRNORM); 1083 s = splimp(); 1084 if (events & (POLLIN | POLLRDNORM)) { 1085 /* 1086 * An imitation of the FIONREAD ioctl code. 1087 * XXX not quite. An exact imitation: 1088 * if (d->b_slen != 0 || 1089 * (d->bd_hbuf != NULL && d->bd_hlen != 0) 1090 */ 1091 if (d->bd_hlen != 0 || 1092 ((d->bd_immediate || d->bd_state == BPF_TIMED_OUT) && 1093 d->bd_slen != 0)) 1094 revents |= events & (POLLIN | POLLRDNORM); 1095 else { 1096 selrecord(td, &d->bd_sel); 1097 /* Start the read timeout if necessary. */ 1098 if (d->bd_rtout > 0 && d->bd_state == BPF_IDLE) { 1099 callout_reset(&d->bd_callout, d->bd_rtout, 1100 bpf_timed_out, d); 1101 d->bd_state = BPF_WAITING; 1102 } 1103 } 1104 } 1105 splx(s); 1106 return (revents); 1107 } 1108 1109 /* 1110 * Incoming linkage from device drivers. Process the packet pkt, of length 1111 * pktlen, which is stored in a contiguous buffer. The packet is parsed 1112 * by each process' filter, and if accepted, stashed into the corresponding 1113 * buffer. 1114 */ 1115 void 1116 bpf_tap(ifp, pkt, pktlen) 1117 struct ifnet *ifp; 1118 u_char *pkt; 1119 u_int pktlen; 1120 { 1121 struct bpf_if *bp; 1122 struct bpf_d *d; 1123 u_int slen; 1124 /* 1125 * Note that the ipl does not have to be raised at this point. 1126 * The only problem that could arise here is that if two different 1127 * interfaces shared any data. This is not the case. 1128 */ 1129 bp = ifp->if_bpf; 1130 for (d = bp->bif_dlist; d != 0; d = d->bd_next) { 1131 ++d->bd_rcount; 1132 slen = bpf_filter(d->bd_filter, pkt, pktlen, pktlen); 1133 if (slen != 0) 1134 catchpacket(d, pkt, pktlen, slen, ovbcopy); 1135 } 1136 } 1137 1138 /* 1139 * Copy data from an mbuf chain into a buffer. This code is derived 1140 * from m_copydata in sys/uipc_mbuf.c. 1141 */ 1142 static void 1143 bpf_mcopy(src_arg, dst_arg, len) 1144 const void *src_arg; 1145 void *dst_arg; 1146 size_t len; 1147 { 1148 const struct mbuf *m; 1149 u_int count; 1150 u_char *dst; 1151 1152 m = src_arg; 1153 dst = dst_arg; 1154 while (len > 0) { 1155 if (m == 0) 1156 panic("bpf_mcopy"); 1157 count = min(m->m_len, len); 1158 bcopy(mtod(m, void *), dst, count); 1159 m = m->m_next; 1160 dst += count; 1161 len -= count; 1162 } 1163 } 1164 1165 /* 1166 * Incoming linkage from device drivers, when packet is in an mbuf chain. 1167 */ 1168 void 1169 bpf_mtap(ifp, m) 1170 struct ifnet *ifp; 1171 struct mbuf *m; 1172 { 1173 struct bpf_if *bp = ifp->if_bpf; 1174 struct bpf_d *d; 1175 u_int pktlen, slen; 1176 struct mbuf *m0; 1177 1178 pktlen = 0; 1179 for (m0 = m; m0 != 0; m0 = m0->m_next) 1180 pktlen += m0->m_len; 1181 1182 for (d = bp->bif_dlist; d != 0; d = d->bd_next) { 1183 if (!d->bd_seesent && (m->m_pkthdr.rcvif == NULL)) 1184 continue; 1185 ++d->bd_rcount; 1186 slen = bpf_filter(d->bd_filter, (u_char *)m, pktlen, 0); 1187 if (slen != 0) 1188 catchpacket(d, (u_char *)m, pktlen, slen, bpf_mcopy); 1189 } 1190 } 1191 1192 /* 1193 * Move the packet data from interface memory (pkt) into the 1194 * store buffer. Return 1 if it's time to wakeup a listener (buffer full), 1195 * otherwise 0. "copy" is the routine called to do the actual data 1196 * transfer. bcopy is passed in to copy contiguous chunks, while 1197 * bpf_mcopy is passed in to copy mbuf chains. In the latter case, 1198 * pkt is really an mbuf. 1199 */ 1200 static void 1201 catchpacket(d, pkt, pktlen, snaplen, cpfn) 1202 struct bpf_d *d; 1203 u_char *pkt; 1204 u_int pktlen, snaplen; 1205 void (*cpfn) (const void *, void *, size_t); 1206 { 1207 struct bpf_hdr *hp; 1208 int totlen, curlen; 1209 int hdrlen = d->bd_bif->bif_hdrlen; 1210 /* 1211 * Figure out how many bytes to move. If the packet is 1212 * greater or equal to the snapshot length, transfer that 1213 * much. Otherwise, transfer the whole packet (unless 1214 * we hit the buffer size limit). 1215 */ 1216 totlen = hdrlen + min(snaplen, pktlen); 1217 if (totlen > d->bd_bufsize) 1218 totlen = d->bd_bufsize; 1219 1220 /* 1221 * Round up the end of the previous packet to the next longword. 1222 */ 1223 curlen = BPF_WORDALIGN(d->bd_slen); 1224 if (curlen + totlen > d->bd_bufsize) { 1225 /* 1226 * This packet will overflow the storage buffer. 1227 * Rotate the buffers if we can, then wakeup any 1228 * pending reads. 1229 */ 1230 if (d->bd_fbuf == 0) { 1231 /* 1232 * We haven't completed the previous read yet, 1233 * so drop the packet. 1234 */ 1235 ++d->bd_dcount; 1236 return; 1237 } 1238 ROTATE_BUFFERS(d); 1239 bpf_wakeup(d); 1240 curlen = 0; 1241 } 1242 else if (d->bd_immediate || d->bd_state == BPF_TIMED_OUT) 1243 /* 1244 * Immediate mode is set, or the read timeout has 1245 * already expired during a select call. A packet 1246 * arrived, so the reader should be woken up. 1247 */ 1248 bpf_wakeup(d); 1249 1250 /* 1251 * Append the bpf header. 1252 */ 1253 hp = (struct bpf_hdr *)(d->bd_sbuf + curlen); 1254 #if BSD >= 199103 1255 microtime(&hp->bh_tstamp); 1256 #elif defined(sun) 1257 uniqtime(&hp->bh_tstamp); 1258 #else 1259 hp->bh_tstamp = time; 1260 #endif 1261 hp->bh_datalen = pktlen; 1262 hp->bh_hdrlen = hdrlen; 1263 /* 1264 * Copy the packet data into the store buffer and update its length. 1265 */ 1266 (*cpfn)(pkt, (u_char *)hp + hdrlen, (hp->bh_caplen = totlen - hdrlen)); 1267 d->bd_slen = curlen + totlen; 1268 } 1269 1270 /* 1271 * Initialize all nonzero fields of a descriptor. 1272 */ 1273 static int 1274 bpf_allocbufs(d) 1275 struct bpf_d *d; 1276 { 1277 d->bd_fbuf = (caddr_t)malloc(d->bd_bufsize, M_BPF, M_WAITOK); 1278 if (d->bd_fbuf == 0) 1279 return (ENOBUFS); 1280 1281 d->bd_sbuf = (caddr_t)malloc(d->bd_bufsize, M_BPF, M_WAITOK); 1282 if (d->bd_sbuf == 0) { 1283 free(d->bd_fbuf, M_BPF); 1284 return (ENOBUFS); 1285 } 1286 d->bd_slen = 0; 1287 d->bd_hlen = 0; 1288 return (0); 1289 } 1290 1291 /* 1292 * Free buffers currently in use by a descriptor. 1293 * Called on close. 1294 */ 1295 static void 1296 bpf_freed(d) 1297 struct bpf_d *d; 1298 { 1299 /* 1300 * We don't need to lock out interrupts since this descriptor has 1301 * been detached from its interface and it yet hasn't been marked 1302 * free. 1303 */ 1304 if (d->bd_sbuf != 0) { 1305 free(d->bd_sbuf, M_BPF); 1306 if (d->bd_hbuf != 0) 1307 free(d->bd_hbuf, M_BPF); 1308 if (d->bd_fbuf != 0) 1309 free(d->bd_fbuf, M_BPF); 1310 } 1311 if (d->bd_filter) 1312 free((caddr_t)d->bd_filter, M_BPF); 1313 } 1314 1315 /* 1316 * Attach an interface to bpf. ifp is a pointer to the structure 1317 * defining the interface to be attached, dlt is the link layer type, 1318 * and hdrlen is the fixed size of the link header (variable length 1319 * headers are not yet supporrted). 1320 */ 1321 void 1322 bpfattach(ifp, dlt, hdrlen) 1323 struct ifnet *ifp; 1324 u_int dlt, hdrlen; 1325 { 1326 struct bpf_if *bp; 1327 1328 bp = malloc(sizeof(*bp), M_BPF, M_WAITOK | M_ZERO); 1329 1330 bp->bif_ifp = ifp; 1331 bp->bif_dlt = dlt; 1332 1333 bp->bif_next = bpf_iflist; 1334 bpf_iflist = bp; 1335 1336 bp->bif_ifp->if_bpf = 0; 1337 1338 /* 1339 * Compute the length of the bpf header. This is not necessarily 1340 * equal to SIZEOF_BPF_HDR because we want to insert spacing such 1341 * that the network layer header begins on a longword boundary (for 1342 * performance reasons and to alleviate alignment restrictions). 1343 */ 1344 bp->bif_hdrlen = BPF_WORDALIGN(hdrlen + SIZEOF_BPF_HDR) - hdrlen; 1345 1346 if (bootverbose) 1347 printf("bpf: %s attached\n", ifp->if_xname); 1348 } 1349 1350 /* 1351 * Detach bpf from an interface. This involves detaching each descriptor 1352 * associated with the interface, and leaving bd_bif NULL. Notify each 1353 * descriptor as it's detached so that any sleepers wake up and get 1354 * ENXIO. 1355 */ 1356 void 1357 bpfdetach(ifp) 1358 struct ifnet *ifp; 1359 { 1360 struct bpf_if *bp, *bp_prev; 1361 struct bpf_d *d; 1362 int s; 1363 1364 s = splimp(); 1365 1366 /* Locate BPF interface information */ 1367 bp_prev = NULL; 1368 for (bp = bpf_iflist; bp != NULL; bp = bp->bif_next) { 1369 if (ifp == bp->bif_ifp) 1370 break; 1371 bp_prev = bp; 1372 } 1373 1374 /* Interface wasn't attached */ 1375 if (bp->bif_ifp == NULL) { 1376 splx(s); 1377 printf("bpfdetach: %s was not attached\n", ifp->if_xname); 1378 return; 1379 } 1380 1381 while ((d = bp->bif_dlist) != NULL) { 1382 bpf_detachd(d); 1383 bpf_wakeup(d); 1384 } 1385 1386 if (bp_prev) { 1387 bp_prev->bif_next = bp->bif_next; 1388 } else { 1389 bpf_iflist = bp->bif_next; 1390 } 1391 1392 free(bp, M_BPF); 1393 1394 splx(s); 1395 } 1396 1397 static void bpf_drvinit (void *unused); 1398 1399 static void 1400 bpf_drvinit(void *unused) 1401 { 1402 cdevsw_add(&bpf_cdevsw, 0, 0); 1403 } 1404 1405 SYSINIT(bpfdev,SI_SUB_DRIVERS,SI_ORDER_MIDDLE+CDEV_MAJOR,bpf_drvinit,NULL) 1406 1407 #else /* !BPF */ 1408 /* 1409 * NOP stubs to allow bpf-using drivers to load and function. 1410 * 1411 * A 'better' implementation would allow the core bpf functionality 1412 * to be loaded at runtime. 1413 */ 1414 1415 void 1416 bpf_tap(ifp, pkt, pktlen) 1417 struct ifnet *ifp; 1418 u_char *pkt; 1419 u_int pktlen; 1420 { 1421 } 1422 1423 void 1424 bpf_mtap(ifp, m) 1425 struct ifnet *ifp; 1426 struct mbuf *m; 1427 { 1428 } 1429 1430 void 1431 bpfattach(ifp, dlt, hdrlen) 1432 struct ifnet *ifp; 1433 u_int dlt, hdrlen; 1434 { 1435 } 1436 1437 void 1438 bpfdetach(ifp) 1439 struct ifnet *ifp; 1440 { 1441 } 1442 1443 u_int 1444 bpf_filter(pc, p, wirelen, buflen) 1445 const struct bpf_insn *pc; 1446 u_char *p; 1447 u_int wirelen; 1448 u_int buflen; 1449 { 1450 return -1; /* "no filter" behaviour */ 1451 } 1452 1453 #endif /* !BPF */ 1454