1 /* 2 * Copyright (c) 1990, 1991, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * This code is derived from the Stanford/CMU enet packet filter, 6 * (net/enet.c) distributed as part of 4.3BSD, and code contributed 7 * to Berkeley by Steven McCanne and Van Jacobson both of Lawrence 8 * Berkeley Laboratory. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 3. All advertising materials mentioning features or use of this software 19 * must display the following acknowledgement: 20 * This product includes software developed by the University of 21 * California, Berkeley and its contributors. 22 * 4. Neither the name of the University nor the names of its contributors 23 * may be used to endorse or promote products derived from this software 24 * without specific prior written permission. 25 * 26 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 27 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 28 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 29 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 30 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 31 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 34 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 35 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 36 * SUCH DAMAGE. 37 * 38 * @(#)bpf.c 8.2 (Berkeley) 3/28/94 39 * 40 * $FreeBSD: src/sys/net/bpf.c,v 1.59.2.12 2002/04/14 21:41:48 luigi Exp $ 41 * $DragonFly: src/sys/net/bpf.c,v 1.40 2007/02/12 15:02:33 sephe Exp $ 42 */ 43 44 #include "use_bpf.h" 45 46 #include <sys/param.h> 47 #include <sys/systm.h> 48 #include <sys/conf.h> 49 #include <sys/device.h> 50 #include <sys/malloc.h> 51 #include <sys/mbuf.h> 52 #include <sys/time.h> 53 #include <sys/proc.h> 54 #include <sys/signalvar.h> 55 #include <sys/filio.h> 56 #include <sys/sockio.h> 57 #include <sys/ttycom.h> 58 #include <sys/filedesc.h> 59 60 #include <sys/poll.h> 61 62 #include <sys/socket.h> 63 #include <sys/vnode.h> 64 65 #include <sys/thread2.h> 66 67 #include <net/if.h> 68 #include <net/bpf.h> 69 #include <net/bpfdesc.h> 70 71 #include <netinet/in.h> 72 #include <netinet/if_ether.h> 73 #include <sys/kernel.h> 74 #include <sys/sysctl.h> 75 76 MALLOC_DEFINE(M_BPF, "BPF", "BPF data"); 77 78 #if NBPF > 0 79 80 /* 81 * The default read buffer size is patchable. 82 */ 83 static int bpf_bufsize = BPF_DEFAULTBUFSIZE; 84 SYSCTL_INT(_debug, OID_AUTO, bpf_bufsize, CTLFLAG_RW, 85 &bpf_bufsize, 0, ""); 86 static int bpf_maxbufsize = BPF_MAXBUFSIZE; 87 SYSCTL_INT(_debug, OID_AUTO, bpf_maxbufsize, CTLFLAG_RW, 88 &bpf_maxbufsize, 0, ""); 89 90 /* 91 * bpf_iflist is the list of interfaces; each corresponds to an ifnet 92 */ 93 static struct bpf_if *bpf_iflist; 94 95 static int bpf_allocbufs(struct bpf_d *); 96 static void bpf_attachd(struct bpf_d *d, struct bpf_if *bp); 97 static void bpf_detachd(struct bpf_d *d); 98 static void bpf_resetd(struct bpf_d *); 99 static void bpf_freed(struct bpf_d *); 100 static void bpf_mcopy(const void *, void *, size_t); 101 static int bpf_movein(struct uio *, int, struct mbuf **, 102 struct sockaddr *, int *); 103 static int bpf_setif(struct bpf_d *, struct ifreq *); 104 static void bpf_timed_out(void *); 105 static void bpf_wakeup(struct bpf_d *); 106 static void catchpacket(struct bpf_d *, u_char *, u_int, u_int, 107 void (*)(const void *, void *, size_t), 108 const struct timeval *); 109 static int bpf_setf(struct bpf_d *, struct bpf_program *); 110 static int bpf_getdltlist(struct bpf_d *, struct bpf_dltlist *); 111 static int bpf_setdlt(struct bpf_d *, u_int); 112 static void bpf_drvinit(void *unused); 113 114 static d_open_t bpfopen; 115 static d_close_t bpfclose; 116 static d_read_t bpfread; 117 static d_write_t bpfwrite; 118 static d_ioctl_t bpfioctl; 119 static d_poll_t bpfpoll; 120 121 #define CDEV_MAJOR 23 122 static struct dev_ops bpf_ops = { 123 { "bpf", CDEV_MAJOR, 0 }, 124 .d_open = bpfopen, 125 .d_close = bpfclose, 126 .d_read = bpfread, 127 .d_write = bpfwrite, 128 .d_ioctl = bpfioctl, 129 .d_poll = bpfpoll, 130 }; 131 132 133 static int 134 bpf_movein(struct uio *uio, int linktype, struct mbuf **mp, 135 struct sockaddr *sockp, int *datlen) 136 { 137 struct mbuf *m; 138 int error; 139 int len; 140 int hlen; 141 142 /* 143 * Build a sockaddr based on the data link layer type. 144 * We do this at this level because the ethernet header 145 * is copied directly into the data field of the sockaddr. 146 * In the case of SLIP, there is no header and the packet 147 * is forwarded as is. 148 * Also, we are careful to leave room at the front of the mbuf 149 * for the link level header. 150 */ 151 switch (linktype) { 152 case DLT_SLIP: 153 sockp->sa_family = AF_INET; 154 hlen = 0; 155 break; 156 157 case DLT_EN10MB: 158 sockp->sa_family = AF_UNSPEC; 159 /* XXX Would MAXLINKHDR be better? */ 160 hlen = sizeof(struct ether_header); 161 break; 162 163 case DLT_FDDI: 164 sockp->sa_family = AF_IMPLINK; 165 hlen = 0; 166 break; 167 168 case DLT_RAW: 169 case DLT_NULL: 170 sockp->sa_family = AF_UNSPEC; 171 hlen = 0; 172 break; 173 174 case DLT_ATM_RFC1483: 175 /* 176 * en atm driver requires 4-byte atm pseudo header. 177 * though it isn't standard, vpi:vci needs to be 178 * specified anyway. 179 */ 180 sockp->sa_family = AF_UNSPEC; 181 hlen = 12; /* XXX 4(ATM_PH) + 3(LLC) + 5(SNAP) */ 182 break; 183 184 case DLT_PPP: 185 sockp->sa_family = AF_UNSPEC; 186 hlen = 4; /* This should match PPP_HDRLEN */ 187 break; 188 189 default: 190 return(EIO); 191 } 192 193 len = uio->uio_resid; 194 *datlen = len - hlen; 195 if ((unsigned)len > MCLBYTES) 196 return(EIO); 197 198 m = m_getl(len, MB_WAIT, MT_DATA, M_PKTHDR, NULL); 199 if (m == NULL) 200 return(ENOBUFS); 201 m->m_pkthdr.len = m->m_len = len; 202 m->m_pkthdr.rcvif = NULL; 203 *mp = m; 204 /* 205 * Make room for link header. 206 */ 207 if (hlen != 0) { 208 m->m_pkthdr.len -= hlen; 209 m->m_len -= hlen; 210 m->m_data += hlen; /* XXX */ 211 error = uiomove(sockp->sa_data, hlen, uio); 212 if (error) 213 goto bad; 214 } 215 error = uiomove(mtod(m, caddr_t), len - hlen, uio); 216 if (!error) 217 return(0); 218 bad: 219 m_freem(m); 220 return(error); 221 } 222 223 /* 224 * Attach file to the bpf interface, i.e. make d listen on bp. 225 * Must be called at splimp. 226 */ 227 static void 228 bpf_attachd(struct bpf_d *d, struct bpf_if *bp) 229 { 230 /* 231 * Point d at bp, and add d to the interface's list of listeners. 232 * Finally, point the driver's bpf cookie at the interface so 233 * it will divert packets to bpf. 234 */ 235 d->bd_bif = bp; 236 SLIST_INSERT_HEAD(&bp->bif_dlist, d, bd_next); 237 *bp->bif_driverp = bp; 238 } 239 240 /* 241 * Detach a file from its interface. 242 */ 243 static void 244 bpf_detachd(struct bpf_d *d) 245 { 246 int error; 247 struct bpf_if *bp; 248 struct ifnet *ifp; 249 250 bp = d->bd_bif; 251 ifp = bp->bif_ifp; 252 253 /* Remove d from the interface's descriptor list. */ 254 SLIST_REMOVE(&bp->bif_dlist, d, bpf_d, bd_next); 255 256 if (SLIST_EMPTY(&bp->bif_dlist)) { 257 /* 258 * Let the driver know that there are no more listeners. 259 */ 260 *bp->bif_driverp = NULL; 261 } 262 d->bd_bif = NULL; 263 /* 264 * Check if this descriptor had requested promiscuous mode. 265 * If so, turn it off. 266 */ 267 if (d->bd_promisc) { 268 d->bd_promisc = 0; 269 error = ifpromisc(ifp, 0); 270 if (error != 0 && error != ENXIO) { 271 /* 272 * ENXIO can happen if a pccard is unplugged, 273 * Something is really wrong if we were able to put 274 * the driver into promiscuous mode, but can't 275 * take it out. 276 */ 277 if_printf(ifp, "bpf_detach: ifpromisc failed(%d)\n", 278 error); 279 } 280 } 281 } 282 283 /* 284 * Open ethernet device. Returns ENXIO for illegal minor device number, 285 * EBUSY if file is open by another process. 286 */ 287 /* ARGSUSED */ 288 static int 289 bpfopen(struct dev_open_args *ap) 290 { 291 cdev_t dev = ap->a_head.a_dev; 292 struct bpf_d *d; 293 294 if (ap->a_cred->cr_prison) 295 return(EPERM); 296 297 d = dev->si_drv1; 298 /* 299 * Each minor can be opened by only one process. If the requested 300 * minor is in use, return EBUSY. 301 */ 302 if (d != NULL) 303 return(EBUSY); 304 make_dev(&bpf_ops, minor(dev), 0, 0, 0600, "bpf%d", lminor(dev)); 305 MALLOC(d, struct bpf_d *, sizeof *d, M_BPF, M_WAITOK | M_ZERO); 306 dev->si_drv1 = d; 307 d->bd_bufsize = bpf_bufsize; 308 d->bd_sig = SIGIO; 309 d->bd_seesent = 1; 310 callout_init(&d->bd_callout); 311 return(0); 312 } 313 314 /* 315 * Close the descriptor by detaching it from its interface, 316 * deallocating its buffers, and marking it free. 317 */ 318 /* ARGSUSED */ 319 static int 320 bpfclose(struct dev_close_args *ap) 321 { 322 cdev_t dev = ap->a_head.a_dev; 323 struct bpf_d *d = dev->si_drv1; 324 325 funsetown(d->bd_sigio); 326 crit_enter(); 327 if (d->bd_state == BPF_WAITING) 328 callout_stop(&d->bd_callout); 329 d->bd_state = BPF_IDLE; 330 if (d->bd_bif != NULL) 331 bpf_detachd(d); 332 crit_exit(); 333 bpf_freed(d); 334 dev->si_drv1 = NULL; 335 kfree(d, M_BPF); 336 337 return(0); 338 } 339 340 /* 341 * Rotate the packet buffers in descriptor d. Move the store buffer 342 * into the hold slot, and the free buffer into the store slot. 343 * Zero the length of the new store buffer. 344 */ 345 #define ROTATE_BUFFERS(d) \ 346 (d)->bd_hbuf = (d)->bd_sbuf; \ 347 (d)->bd_hlen = (d)->bd_slen; \ 348 (d)->bd_sbuf = (d)->bd_fbuf; \ 349 (d)->bd_slen = 0; \ 350 (d)->bd_fbuf = NULL; 351 /* 352 * bpfread - read next chunk of packets from buffers 353 */ 354 static int 355 bpfread(struct dev_read_args *ap) 356 { 357 cdev_t dev = ap->a_head.a_dev; 358 struct bpf_d *d = dev->si_drv1; 359 int timed_out; 360 int error; 361 362 /* 363 * Restrict application to use a buffer the same size as 364 * as kernel buffers. 365 */ 366 if (ap->a_uio->uio_resid != d->bd_bufsize) 367 return(EINVAL); 368 369 crit_enter(); 370 if (d->bd_state == BPF_WAITING) 371 callout_stop(&d->bd_callout); 372 timed_out = (d->bd_state == BPF_TIMED_OUT); 373 d->bd_state = BPF_IDLE; 374 /* 375 * If the hold buffer is empty, then do a timed sleep, which 376 * ends when the timeout expires or when enough packets 377 * have arrived to fill the store buffer. 378 */ 379 while (d->bd_hbuf == NULL) { 380 if ((d->bd_immediate || timed_out) && d->bd_slen != 0) { 381 /* 382 * A packet(s) either arrived since the previous 383 * read or arrived while we were asleep. 384 * Rotate the buffers and return what's here. 385 */ 386 ROTATE_BUFFERS(d); 387 break; 388 } 389 390 /* 391 * No data is available, check to see if the bpf device 392 * is still pointed at a real interface. If not, return 393 * ENXIO so that the userland process knows to rebind 394 * it before using it again. 395 */ 396 if (d->bd_bif == NULL) { 397 crit_exit(); 398 return(ENXIO); 399 } 400 401 if (ap->a_ioflag & IO_NDELAY) { 402 crit_exit(); 403 return(EWOULDBLOCK); 404 } 405 error = tsleep(d, PCATCH, "bpf", d->bd_rtout); 406 if (error == EINTR || error == ERESTART) { 407 crit_exit(); 408 return(error); 409 } 410 if (error == EWOULDBLOCK) { 411 /* 412 * On a timeout, return what's in the buffer, 413 * which may be nothing. If there is something 414 * in the store buffer, we can rotate the buffers. 415 */ 416 if (d->bd_hbuf) 417 /* 418 * We filled up the buffer in between 419 * getting the timeout and arriving 420 * here, so we don't need to rotate. 421 */ 422 break; 423 424 if (d->bd_slen == 0) { 425 crit_exit(); 426 return(0); 427 } 428 ROTATE_BUFFERS(d); 429 break; 430 } 431 } 432 /* 433 * At this point, we know we have something in the hold slot. 434 */ 435 crit_exit(); 436 437 /* 438 * Move data from hold buffer into user space. 439 * We know the entire buffer is transferred since 440 * we checked above that the read buffer is bpf_bufsize bytes. 441 */ 442 error = uiomove(d->bd_hbuf, d->bd_hlen, ap->a_uio); 443 444 crit_enter(); 445 d->bd_fbuf = d->bd_hbuf; 446 d->bd_hbuf = NULL; 447 d->bd_hlen = 0; 448 crit_exit(); 449 450 return(error); 451 } 452 453 454 /* 455 * If there are processes sleeping on this descriptor, wake them up. 456 */ 457 static void 458 bpf_wakeup(struct bpf_d *d) 459 { 460 if (d->bd_state == BPF_WAITING) { 461 callout_stop(&d->bd_callout); 462 d->bd_state = BPF_IDLE; 463 } 464 wakeup(d); 465 if (d->bd_async && d->bd_sig && d->bd_sigio) 466 pgsigio(d->bd_sigio, d->bd_sig, 0); 467 468 get_mplock(); 469 selwakeup(&d->bd_sel); 470 rel_mplock(); 471 /* XXX */ 472 d->bd_sel.si_pid = 0; 473 } 474 475 static void 476 bpf_timed_out(void *arg) 477 { 478 struct bpf_d *d = (struct bpf_d *)arg; 479 480 crit_enter(); 481 if (d->bd_state == BPF_WAITING) { 482 d->bd_state = BPF_TIMED_OUT; 483 if (d->bd_slen != 0) 484 bpf_wakeup(d); 485 } 486 crit_exit(); 487 } 488 489 static int 490 bpfwrite(struct dev_write_args *ap) 491 { 492 cdev_t dev = ap->a_head.a_dev; 493 struct bpf_d *d = dev->si_drv1; 494 struct ifnet *ifp; 495 struct mbuf *m; 496 int error; 497 static struct sockaddr dst; 498 int datlen; 499 500 if (d->bd_bif == NULL) 501 return(ENXIO); 502 503 ifp = d->bd_bif->bif_ifp; 504 505 if (ap->a_uio->uio_resid == 0) 506 return(0); 507 508 error = bpf_movein(ap->a_uio, (int)d->bd_bif->bif_dlt, &m, 509 &dst, &datlen); 510 if (error) 511 return(error); 512 513 if (datlen > ifp->if_mtu) { 514 m_freem(m); 515 return(EMSGSIZE); 516 } 517 518 if (d->bd_hdrcmplt) 519 dst.sa_family = pseudo_AF_HDRCMPLT; 520 521 crit_enter(); 522 lwkt_serialize_enter(ifp->if_serializer); 523 error = (*ifp->if_output)(ifp, m, &dst, (struct rtentry *)NULL); 524 lwkt_serialize_exit(ifp->if_serializer); 525 crit_exit(); 526 /* 527 * The driver frees the mbuf. 528 */ 529 return(error); 530 } 531 532 /* 533 * Reset a descriptor by flushing its packet buffer and clearing the 534 * receive and drop counts. Should be called at splimp. 535 */ 536 static void 537 bpf_resetd(struct bpf_d *d) 538 { 539 if (d->bd_hbuf) { 540 /* Free the hold buffer. */ 541 d->bd_fbuf = d->bd_hbuf; 542 d->bd_hbuf = NULL; 543 } 544 d->bd_slen = 0; 545 d->bd_hlen = 0; 546 d->bd_rcount = 0; 547 d->bd_dcount = 0; 548 } 549 550 /* 551 * FIONREAD Check for read packet available. 552 * SIOCGIFADDR Get interface address - convenient hook to driver. 553 * BIOCGBLEN Get buffer len [for read()]. 554 * BIOCSETF Set ethernet read filter. 555 * BIOCFLUSH Flush read packet buffer. 556 * BIOCPROMISC Put interface into promiscuous mode. 557 * BIOCGDLT Get link layer type. 558 * BIOCGETIF Get interface name. 559 * BIOCSETIF Set interface. 560 * BIOCSRTIMEOUT Set read timeout. 561 * BIOCGRTIMEOUT Get read timeout. 562 * BIOCGSTATS Get packet stats. 563 * BIOCIMMEDIATE Set immediate mode. 564 * BIOCVERSION Get filter language version. 565 * BIOCGHDRCMPLT Get "header already complete" flag 566 * BIOCSHDRCMPLT Set "header already complete" flag 567 * BIOCGSEESENT Get "see packets sent" flag 568 * BIOCSSEESENT Set "see packets sent" flag 569 */ 570 /* ARGSUSED */ 571 static int 572 bpfioctl(struct dev_ioctl_args *ap) 573 { 574 cdev_t dev = ap->a_head.a_dev; 575 struct bpf_d *d = dev->si_drv1; 576 int error = 0; 577 578 crit_enter(); 579 if (d->bd_state == BPF_WAITING) 580 callout_stop(&d->bd_callout); 581 d->bd_state = BPF_IDLE; 582 crit_exit(); 583 584 switch (ap->a_cmd) { 585 default: 586 error = EINVAL; 587 break; 588 589 /* 590 * Check for read packet available. 591 */ 592 case FIONREAD: 593 { 594 int n; 595 596 crit_enter(); 597 n = d->bd_slen; 598 if (d->bd_hbuf) 599 n += d->bd_hlen; 600 crit_exit(); 601 602 *(int *)ap->a_data = n; 603 break; 604 } 605 606 case SIOCGIFADDR: 607 { 608 struct ifnet *ifp; 609 610 if (d->bd_bif == NULL) { 611 error = EINVAL; 612 } else { 613 ifp = d->bd_bif->bif_ifp; 614 lwkt_serialize_enter(ifp->if_serializer); 615 error = ifp->if_ioctl(ifp, ap->a_cmd, 616 ap->a_data, ap->a_cred); 617 lwkt_serialize_exit(ifp->if_serializer); 618 } 619 break; 620 } 621 622 /* 623 * Get buffer len [for read()]. 624 */ 625 case BIOCGBLEN: 626 *(u_int *)ap->a_data = d->bd_bufsize; 627 break; 628 629 /* 630 * Set buffer length. 631 */ 632 case BIOCSBLEN: 633 if (d->bd_bif != NULL) { 634 error = EINVAL; 635 } else { 636 u_int size = *(u_int *)ap->a_data; 637 638 if (size > bpf_maxbufsize) 639 *(u_int *)ap->a_data = size = bpf_maxbufsize; 640 else if (size < BPF_MINBUFSIZE) 641 *(u_int *)ap->a_data = size = BPF_MINBUFSIZE; 642 d->bd_bufsize = size; 643 } 644 break; 645 646 /* 647 * Set link layer read filter. 648 */ 649 case BIOCSETF: 650 error = bpf_setf(d, (struct bpf_program *)ap->a_data); 651 break; 652 653 /* 654 * Flush read packet buffer. 655 */ 656 case BIOCFLUSH: 657 crit_enter(); 658 bpf_resetd(d); 659 crit_exit(); 660 break; 661 662 /* 663 * Put interface into promiscuous mode. 664 */ 665 case BIOCPROMISC: 666 if (d->bd_bif == NULL) { 667 /* 668 * No interface attached yet. 669 */ 670 error = EINVAL; 671 break; 672 } 673 crit_enter(); 674 if (d->bd_promisc == 0) { 675 error = ifpromisc(d->bd_bif->bif_ifp, 1); 676 if (error == 0) 677 d->bd_promisc = 1; 678 } 679 crit_exit(); 680 break; 681 682 /* 683 * Get device parameters. 684 */ 685 case BIOCGDLT: 686 if (d->bd_bif == NULL) 687 error = EINVAL; 688 else 689 *(u_int *)ap->a_data = d->bd_bif->bif_dlt; 690 break; 691 692 /* 693 * Get a list of supported data link types. 694 */ 695 case BIOCGDLTLIST: 696 if (d->bd_bif == NULL) { 697 error = EINVAL; 698 } else { 699 error = bpf_getdltlist(d, 700 (struct bpf_dltlist *)ap->a_data); 701 } 702 break; 703 704 /* 705 * Set data link type. 706 */ 707 case BIOCSDLT: 708 if (d->bd_bif == NULL) 709 error = EINVAL; 710 else 711 error = bpf_setdlt(d, *(u_int *)ap->a_data); 712 break; 713 714 /* 715 * Get interface name. 716 */ 717 case BIOCGETIF: 718 if (d->bd_bif == NULL) { 719 error = EINVAL; 720 } else { 721 struct ifnet *const ifp = d->bd_bif->bif_ifp; 722 struct ifreq *const ifr = (struct ifreq *)ap->a_data; 723 724 strlcpy(ifr->ifr_name, ifp->if_xname, 725 sizeof ifr->ifr_name); 726 } 727 break; 728 729 /* 730 * Set interface. 731 */ 732 case BIOCSETIF: 733 error = bpf_setif(d, (struct ifreq *)ap->a_data); 734 break; 735 736 /* 737 * Set read timeout. 738 */ 739 case BIOCSRTIMEOUT: 740 { 741 struct timeval *tv = (struct timeval *)ap->a_data; 742 743 /* 744 * Subtract 1 tick from tvtohz() since this isn't 745 * a one-shot timer. 746 */ 747 if ((error = itimerfix(tv)) == 0) 748 d->bd_rtout = tvtohz_low(tv); 749 break; 750 } 751 752 /* 753 * Get read timeout. 754 */ 755 case BIOCGRTIMEOUT: 756 { 757 struct timeval *tv = (struct timeval *)ap->a_data; 758 759 tv->tv_sec = d->bd_rtout / hz; 760 tv->tv_usec = (d->bd_rtout % hz) * tick; 761 break; 762 } 763 764 /* 765 * Get packet stats. 766 */ 767 case BIOCGSTATS: 768 { 769 struct bpf_stat *bs = (struct bpf_stat *)ap->a_data; 770 771 bs->bs_recv = d->bd_rcount; 772 bs->bs_drop = d->bd_dcount; 773 break; 774 } 775 776 /* 777 * Set immediate mode. 778 */ 779 case BIOCIMMEDIATE: 780 d->bd_immediate = *(u_int *)ap->a_data; 781 break; 782 783 case BIOCVERSION: 784 { 785 struct bpf_version *bv = (struct bpf_version *)ap->a_data; 786 787 bv->bv_major = BPF_MAJOR_VERSION; 788 bv->bv_minor = BPF_MINOR_VERSION; 789 break; 790 } 791 792 /* 793 * Get "header already complete" flag 794 */ 795 case BIOCGHDRCMPLT: 796 *(u_int *)ap->a_data = d->bd_hdrcmplt; 797 break; 798 799 /* 800 * Set "header already complete" flag 801 */ 802 case BIOCSHDRCMPLT: 803 d->bd_hdrcmplt = *(u_int *)ap->a_data ? 1 : 0; 804 break; 805 806 /* 807 * Get "see sent packets" flag 808 */ 809 case BIOCGSEESENT: 810 *(u_int *)ap->a_data = d->bd_seesent; 811 break; 812 813 /* 814 * Set "see sent packets" flag 815 */ 816 case BIOCSSEESENT: 817 d->bd_seesent = *(u_int *)ap->a_data; 818 break; 819 820 case FIOASYNC: /* Send signal on receive packets */ 821 d->bd_async = *(int *)ap->a_data; 822 break; 823 824 case FIOSETOWN: 825 error = fsetown(*(int *)ap->a_data, &d->bd_sigio); 826 break; 827 828 case FIOGETOWN: 829 *(int *)ap->a_data = fgetown(d->bd_sigio); 830 break; 831 832 /* This is deprecated, FIOSETOWN should be used instead. */ 833 case TIOCSPGRP: 834 error = fsetown(-(*(int *)ap->a_data), &d->bd_sigio); 835 break; 836 837 /* This is deprecated, FIOGETOWN should be used instead. */ 838 case TIOCGPGRP: 839 *(int *)ap->a_data = -fgetown(d->bd_sigio); 840 break; 841 842 case BIOCSRSIG: /* Set receive signal */ 843 { 844 u_int sig; 845 846 sig = *(u_int *)ap->a_data; 847 848 if (sig >= NSIG) 849 error = EINVAL; 850 else 851 d->bd_sig = sig; 852 break; 853 } 854 case BIOCGRSIG: 855 *(u_int *)ap->a_data = d->bd_sig; 856 break; 857 } 858 return(error); 859 } 860 861 /* 862 * Set d's packet filter program to fp. If this file already has a filter, 863 * free it and replace it. Returns EINVAL for bogus requests. 864 */ 865 static int 866 bpf_setf(struct bpf_d *d, struct bpf_program *fp) 867 { 868 struct bpf_insn *fcode, *old; 869 u_int flen, size; 870 871 old = d->bd_filter; 872 if (fp->bf_insns == NULL) { 873 if (fp->bf_len != 0) 874 return(EINVAL); 875 crit_enter(); 876 d->bd_filter = NULL; 877 bpf_resetd(d); 878 crit_exit(); 879 if (old != NULL) 880 kfree(old, M_BPF); 881 return(0); 882 } 883 flen = fp->bf_len; 884 if (flen > BPF_MAXINSNS) 885 return(EINVAL); 886 887 size = flen * sizeof *fp->bf_insns; 888 fcode = (struct bpf_insn *)kmalloc(size, M_BPF, M_WAITOK); 889 if (copyin(fp->bf_insns, fcode, size) == 0 && 890 bpf_validate(fcode, (int)flen)) { 891 crit_enter(); 892 d->bd_filter = fcode; 893 bpf_resetd(d); 894 crit_exit(); 895 if (old != NULL) 896 kfree(old, M_BPF); 897 898 return(0); 899 } 900 kfree(fcode, M_BPF); 901 return(EINVAL); 902 } 903 904 /* 905 * Detach a file from its current interface (if attached at all) and attach 906 * to the interface indicated by the name stored in ifr. 907 * Return an errno or 0. 908 */ 909 static int 910 bpf_setif(struct bpf_d *d, struct ifreq *ifr) 911 { 912 struct bpf_if *bp; 913 int error; 914 struct ifnet *theywant; 915 916 theywant = ifunit(ifr->ifr_name); 917 if (theywant == NULL) 918 return(ENXIO); 919 920 /* 921 * Look through attached interfaces for the named one. 922 */ 923 for (bp = bpf_iflist; bp != NULL; bp = bp->bif_next) { 924 struct ifnet *ifp = bp->bif_ifp; 925 926 if (ifp == NULL || ifp != theywant) 927 continue; 928 /* skip additional entry */ 929 if (bp->bif_driverp != &ifp->if_bpf) 930 continue; 931 /* 932 * We found the requested interface. 933 * If it's not up, return an error. 934 * Allocate the packet buffers if we need to. 935 * If we're already attached to requested interface, 936 * just flush the buffer. 937 */ 938 if (!(ifp->if_flags & IFF_UP)) 939 return(ENETDOWN); 940 941 if (d->bd_sbuf == NULL) { 942 error = bpf_allocbufs(d); 943 if (error != 0) 944 return(error); 945 } 946 crit_enter(); 947 if (bp != d->bd_bif) { 948 if (d->bd_bif != NULL) { 949 /* 950 * Detach if attached to something else. 951 */ 952 bpf_detachd(d); 953 } 954 955 bpf_attachd(d, bp); 956 } 957 bpf_resetd(d); 958 crit_exit(); 959 return(0); 960 } 961 962 /* Not found. */ 963 return(ENXIO); 964 } 965 966 /* 967 * Support for select() and poll() system calls 968 * 969 * Return true iff the specific operation will not block indefinitely. 970 * Otherwise, return false but make a note that a selwakeup() must be done. 971 */ 972 int 973 bpfpoll(struct dev_poll_args *ap) 974 { 975 cdev_t dev = ap->a_head.a_dev; 976 struct bpf_d *d; 977 int revents; 978 979 d = dev->si_drv1; 980 if (d->bd_bif == NULL) 981 return(ENXIO); 982 983 revents = ap->a_events & (POLLOUT | POLLWRNORM); 984 crit_enter(); 985 if (ap->a_events & (POLLIN | POLLRDNORM)) { 986 /* 987 * An imitation of the FIONREAD ioctl code. 988 * XXX not quite. An exact imitation: 989 * if (d->b_slen != 0 || 990 * (d->bd_hbuf != NULL && d->bd_hlen != 0) 991 */ 992 if (d->bd_hlen != 0 || 993 ((d->bd_immediate || d->bd_state == BPF_TIMED_OUT) && 994 d->bd_slen != 0)) { 995 revents |= ap->a_events & (POLLIN | POLLRDNORM); 996 } else { 997 selrecord(curthread, &d->bd_sel); 998 /* Start the read timeout if necessary. */ 999 if (d->bd_rtout > 0 && d->bd_state == BPF_IDLE) { 1000 callout_reset(&d->bd_callout, d->bd_rtout, 1001 bpf_timed_out, d); 1002 d->bd_state = BPF_WAITING; 1003 } 1004 } 1005 } 1006 crit_exit(); 1007 ap->a_events = revents; 1008 return(0); 1009 } 1010 1011 /* 1012 * Process the packet pkt of length pktlen. The packet is parsed 1013 * by each listener's filter, and if accepted, stashed into the 1014 * corresponding buffer. 1015 */ 1016 void 1017 bpf_tap(struct bpf_if *bp, u_char *pkt, u_int pktlen) 1018 { 1019 struct bpf_d *d; 1020 struct timeval tv; 1021 int gottime = 0; 1022 u_int slen; 1023 1024 /* 1025 * Note that the ipl does not have to be raised at this point. 1026 * The only problem that could arise here is that if two different 1027 * interfaces shared any data. This is not the case. 1028 */ 1029 SLIST_FOREACH(d, &bp->bif_dlist, bd_next) { 1030 ++d->bd_rcount; 1031 slen = bpf_filter(d->bd_filter, pkt, pktlen, pktlen); 1032 if (slen != 0) { 1033 if (!gottime) { 1034 microtime(&tv); 1035 gottime = 1; 1036 } 1037 catchpacket(d, pkt, pktlen, slen, ovbcopy, &tv); 1038 } 1039 } 1040 } 1041 1042 /* 1043 * Copy data from an mbuf chain into a buffer. This code is derived 1044 * from m_copydata in sys/uipc_mbuf.c. 1045 */ 1046 static void 1047 bpf_mcopy(const void *src_arg, void *dst_arg, size_t len) 1048 { 1049 const struct mbuf *m; 1050 u_int count; 1051 u_char *dst; 1052 1053 m = src_arg; 1054 dst = dst_arg; 1055 while (len > 0) { 1056 if (m == NULL) 1057 panic("bpf_mcopy"); 1058 count = min(m->m_len, len); 1059 bcopy(mtod(m, void *), dst, count); 1060 m = m->m_next; 1061 dst += count; 1062 len -= count; 1063 } 1064 } 1065 1066 /* 1067 * Process the packet in the mbuf chain m. The packet is parsed by each 1068 * listener's filter, and if accepted, stashed into the corresponding 1069 * buffer. 1070 */ 1071 void 1072 bpf_mtap(struct bpf_if *bp, struct mbuf *m) 1073 { 1074 struct bpf_d *d; 1075 u_int pktlen, slen; 1076 struct timeval tv; 1077 int gottime = 0; 1078 1079 /* Don't compute pktlen, if no descriptor is attached. */ 1080 if (SLIST_EMPTY(&bp->bif_dlist)) 1081 return; 1082 1083 pktlen = m_lengthm(m, NULL); 1084 1085 SLIST_FOREACH(d, &bp->bif_dlist, bd_next) { 1086 if (!d->bd_seesent && (m->m_pkthdr.rcvif == NULL)) 1087 continue; 1088 ++d->bd_rcount; 1089 slen = bpf_filter(d->bd_filter, (u_char *)m, pktlen, 0); 1090 if (slen != 0) { 1091 if (!gottime) { 1092 microtime(&tv); 1093 gottime = 1; 1094 } 1095 catchpacket(d, (u_char *)m, pktlen, slen, bpf_mcopy, 1096 &tv); 1097 } 1098 } 1099 } 1100 1101 void 1102 bpf_mtap_family(struct bpf_if *bp, struct mbuf *m, sa_family_t family) 1103 { 1104 u_int family4; 1105 1106 KKASSERT(family != AF_UNSPEC); 1107 1108 family4 = (u_int)family; 1109 bpf_ptap(bp, m, &family4, sizeof(family4)); 1110 } 1111 1112 /* 1113 * Process the packet in the mbuf chain m with the header in m prepended. 1114 * The packet is parsed by each listener's filter, and if accepted, 1115 * stashed into the corresponding buffer. 1116 */ 1117 void 1118 bpf_ptap(struct bpf_if *bp, struct mbuf *m, const void *data, u_int dlen) 1119 { 1120 struct mbuf mb; 1121 1122 /* 1123 * Craft on-stack mbuf suitable for passing to bpf_mtap. 1124 * Note that we cut corners here; we only setup what's 1125 * absolutely needed--this mbuf should never go anywhere else. 1126 */ 1127 mb.m_next = m; 1128 mb.m_data = __DECONST(void *, data); /* LINTED */ 1129 mb.m_len = dlen; 1130 mb.m_pkthdr.rcvif = m->m_pkthdr.rcvif; 1131 1132 bpf_mtap(bp, &mb); 1133 } 1134 1135 /* 1136 * Move the packet data from interface memory (pkt) into the 1137 * store buffer. Return 1 if it's time to wakeup a listener (buffer full), 1138 * otherwise 0. "copy" is the routine called to do the actual data 1139 * transfer. bcopy is passed in to copy contiguous chunks, while 1140 * bpf_mcopy is passed in to copy mbuf chains. In the latter case, 1141 * pkt is really an mbuf. 1142 */ 1143 static void 1144 catchpacket(struct bpf_d *d, u_char *pkt, u_int pktlen, u_int snaplen, 1145 void (*cpfn)(const void *, void *, size_t), 1146 const struct timeval *tv) 1147 { 1148 struct bpf_hdr *hp; 1149 int totlen, curlen; 1150 int hdrlen = d->bd_bif->bif_hdrlen; 1151 /* 1152 * Figure out how many bytes to move. If the packet is 1153 * greater or equal to the snapshot length, transfer that 1154 * much. Otherwise, transfer the whole packet (unless 1155 * we hit the buffer size limit). 1156 */ 1157 totlen = hdrlen + min(snaplen, pktlen); 1158 if (totlen > d->bd_bufsize) 1159 totlen = d->bd_bufsize; 1160 1161 /* 1162 * Round up the end of the previous packet to the next longword. 1163 */ 1164 curlen = BPF_WORDALIGN(d->bd_slen); 1165 if (curlen + totlen > d->bd_bufsize) { 1166 /* 1167 * This packet will overflow the storage buffer. 1168 * Rotate the buffers if we can, then wakeup any 1169 * pending reads. 1170 */ 1171 if (d->bd_fbuf == NULL) { 1172 /* 1173 * We haven't completed the previous read yet, 1174 * so drop the packet. 1175 */ 1176 ++d->bd_dcount; 1177 return; 1178 } 1179 ROTATE_BUFFERS(d); 1180 bpf_wakeup(d); 1181 curlen = 0; 1182 } else if (d->bd_immediate || d->bd_state == BPF_TIMED_OUT) { 1183 /* 1184 * Immediate mode is set, or the read timeout has 1185 * already expired during a select call. A packet 1186 * arrived, so the reader should be woken up. 1187 */ 1188 bpf_wakeup(d); 1189 } 1190 1191 /* 1192 * Append the bpf header. 1193 */ 1194 hp = (struct bpf_hdr *)(d->bd_sbuf + curlen); 1195 hp->bh_tstamp = *tv; 1196 hp->bh_datalen = pktlen; 1197 hp->bh_hdrlen = hdrlen; 1198 /* 1199 * Copy the packet data into the store buffer and update its length. 1200 */ 1201 (*cpfn)(pkt, (u_char *)hp + hdrlen, (hp->bh_caplen = totlen - hdrlen)); 1202 d->bd_slen = curlen + totlen; 1203 } 1204 1205 /* 1206 * Initialize all nonzero fields of a descriptor. 1207 */ 1208 static int 1209 bpf_allocbufs(struct bpf_d *d) 1210 { 1211 d->bd_fbuf = kmalloc(d->bd_bufsize, M_BPF, M_WAITOK); 1212 d->bd_sbuf = kmalloc(d->bd_bufsize, M_BPF, M_WAITOK); 1213 d->bd_slen = 0; 1214 d->bd_hlen = 0; 1215 return(0); 1216 } 1217 1218 /* 1219 * Free buffers and packet filter program currently in use by a descriptor. 1220 * Called on close. 1221 */ 1222 static void 1223 bpf_freed(struct bpf_d *d) 1224 { 1225 /* 1226 * We don't need to lock out interrupts since this descriptor has 1227 * been detached from its interface and it yet hasn't been marked 1228 * free. 1229 */ 1230 if (d->bd_sbuf != NULL) { 1231 kfree(d->bd_sbuf, M_BPF); 1232 if (d->bd_hbuf != NULL) 1233 kfree(d->bd_hbuf, M_BPF); 1234 if (d->bd_fbuf != NULL) 1235 kfree(d->bd_fbuf, M_BPF); 1236 } 1237 if (d->bd_filter != NULL) 1238 kfree(d->bd_filter, M_BPF); 1239 } 1240 1241 /* 1242 * Attach an interface to bpf. ifp is a pointer to the structure 1243 * defining the interface to be attached, dlt is the link layer type, 1244 * and hdrlen is the fixed size of the link header (variable length 1245 * headers are not yet supported). 1246 */ 1247 void 1248 bpfattach(struct ifnet *ifp, u_int dlt, u_int hdrlen) 1249 { 1250 bpfattach_dlt(ifp, dlt, hdrlen, &ifp->if_bpf); 1251 } 1252 1253 void 1254 bpfattach_dlt(struct ifnet *ifp, u_int dlt, u_int hdrlen, struct bpf_if **driverp) 1255 { 1256 struct bpf_if *bp; 1257 1258 bp = kmalloc(sizeof *bp, M_BPF, M_WAITOK | M_ZERO); 1259 1260 SLIST_INIT(&bp->bif_dlist); 1261 bp->bif_ifp = ifp; 1262 bp->bif_dlt = dlt; 1263 bp->bif_driverp = driverp; 1264 *bp->bif_driverp = NULL; 1265 1266 bp->bif_next = bpf_iflist; 1267 bpf_iflist = bp; 1268 1269 /* 1270 * Compute the length of the bpf header. This is not necessarily 1271 * equal to SIZEOF_BPF_HDR because we want to insert spacing such 1272 * that the network layer header begins on a longword boundary (for 1273 * performance reasons and to alleviate alignment restrictions). 1274 */ 1275 bp->bif_hdrlen = BPF_WORDALIGN(hdrlen + SIZEOF_BPF_HDR) - hdrlen; 1276 1277 if (bootverbose) 1278 if_printf(ifp, "bpf attached\n"); 1279 } 1280 1281 /* 1282 * Detach bpf from an interface. This involves detaching each descriptor 1283 * associated with the interface, and leaving bd_bif NULL. Notify each 1284 * descriptor as it's detached so that any sleepers wake up and get 1285 * ENXIO. 1286 */ 1287 void 1288 bpfdetach(struct ifnet *ifp) 1289 { 1290 struct bpf_if *bp, *bp_prev; 1291 struct bpf_d *d; 1292 1293 crit_enter(); 1294 1295 /* Locate BPF interface information */ 1296 bp_prev = NULL; 1297 for (bp = bpf_iflist; bp != NULL; bp = bp->bif_next) { 1298 if (ifp == bp->bif_ifp) 1299 break; 1300 bp_prev = bp; 1301 } 1302 1303 /* Interface wasn't attached */ 1304 if (bp->bif_ifp == NULL) { 1305 crit_exit(); 1306 kprintf("bpfdetach: %s was not attached\n", ifp->if_xname); 1307 return; 1308 } 1309 1310 while ((d = SLIST_FIRST(&bp->bif_dlist)) != NULL) { 1311 bpf_detachd(d); 1312 bpf_wakeup(d); 1313 } 1314 1315 if (bp_prev != NULL) 1316 bp_prev->bif_next = bp->bif_next; 1317 else 1318 bpf_iflist = bp->bif_next; 1319 1320 kfree(bp, M_BPF); 1321 1322 crit_exit(); 1323 } 1324 1325 /* 1326 * Get a list of available data link type of the interface. 1327 */ 1328 static int 1329 bpf_getdltlist(struct bpf_d *d, struct bpf_dltlist *bfl) 1330 { 1331 int n, error; 1332 struct ifnet *ifp; 1333 struct bpf_if *bp; 1334 1335 ifp = d->bd_bif->bif_ifp; 1336 n = 0; 1337 error = 0; 1338 for (bp = bpf_iflist; bp != NULL; bp = bp->bif_next) { 1339 if (bp->bif_ifp != ifp) 1340 continue; 1341 if (bfl->bfl_list != NULL) { 1342 if (n >= bfl->bfl_len) { 1343 return (ENOMEM); 1344 } 1345 error = copyout(&bp->bif_dlt, 1346 bfl->bfl_list + n, sizeof(u_int)); 1347 } 1348 n++; 1349 } 1350 bfl->bfl_len = n; 1351 return(error); 1352 } 1353 1354 /* 1355 * Set the data link type of a BPF instance. 1356 */ 1357 static int 1358 bpf_setdlt(struct bpf_d *d, u_int dlt) 1359 { 1360 int error, opromisc; 1361 struct ifnet *ifp; 1362 struct bpf_if *bp; 1363 1364 if (d->bd_bif->bif_dlt == dlt) 1365 return (0); 1366 ifp = d->bd_bif->bif_ifp; 1367 for (bp = bpf_iflist; bp != NULL; bp = bp->bif_next) { 1368 if (bp->bif_ifp == ifp && bp->bif_dlt == dlt) 1369 break; 1370 } 1371 if (bp != NULL) { 1372 opromisc = d->bd_promisc; 1373 crit_enter(); 1374 bpf_detachd(d); 1375 bpf_attachd(d, bp); 1376 bpf_resetd(d); 1377 if (opromisc) { 1378 error = ifpromisc(bp->bif_ifp, 1); 1379 if (error) { 1380 if_printf(bp->bif_ifp, 1381 "bpf_setdlt: ifpromisc failed (%d)\n", 1382 error); 1383 } else { 1384 d->bd_promisc = 1; 1385 } 1386 } 1387 crit_exit(); 1388 } 1389 return(bp == NULL ? EINVAL : 0); 1390 } 1391 1392 static void 1393 bpf_drvinit(void *unused) 1394 { 1395 dev_ops_add(&bpf_ops, 0, 0); 1396 } 1397 1398 SYSINIT(bpfdev,SI_SUB_DRIVERS,SI_ORDER_MIDDLE+CDEV_MAJOR,bpf_drvinit,NULL) 1399 1400 #else /* !BPF */ 1401 /* 1402 * NOP stubs to allow bpf-using drivers to load and function. 1403 * 1404 * A 'better' implementation would allow the core bpf functionality 1405 * to be loaded at runtime. 1406 */ 1407 1408 void 1409 bpf_tap(struct bpf_if *bp, u_char *pkt, u_int pktlen) 1410 { 1411 } 1412 1413 void 1414 bpf_mtap(struct bpf_if *bp, struct mbuf *m) 1415 { 1416 } 1417 1418 void 1419 bpf_ptap(struct bpf_if *bp, struct mbuf *m, const void *data, u_int dlen) 1420 { 1421 } 1422 1423 void 1424 bpfattach(struct ifnet *ifp, u_int dlt, u_int hdrlen) 1425 { 1426 } 1427 1428 void 1429 bpfattach_dlt(struct ifnet *ifp, u_int dlt, u_int hdrlen, struct bpf_if **driverp) 1430 { 1431 } 1432 1433 void 1434 bpfdetach(struct ifnet *ifp) 1435 { 1436 } 1437 1438 u_int 1439 bpf_filter(const struct bpf_insn *pc, u_char *p, u_int wirelen, u_int buflen) 1440 { 1441 return -1; /* "no filter" behaviour */ 1442 } 1443 1444 #endif /* !BPF */ 1445