1 /* 2 * Copyright (c) 1990, 1991, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * This code is derived from the Stanford/CMU enet packet filter, 6 * (net/enet.c) distributed as part of 4.3BSD, and code contributed 7 * to Berkeley by Steven McCanne and Van Jacobson both of Lawrence 8 * Berkeley Laboratory. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 3. All advertising materials mentioning features or use of this software 19 * must display the following acknowledgement: 20 * This product includes software developed by the University of 21 * California, Berkeley and its contributors. 22 * 4. Neither the name of the University nor the names of its contributors 23 * may be used to endorse or promote products derived from this software 24 * without specific prior written permission. 25 * 26 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 27 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 28 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 29 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 30 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 31 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 34 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 35 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 36 * SUCH DAMAGE. 37 * 38 * @(#)bpf.c 8.2 (Berkeley) 3/28/94 39 * 40 * $FreeBSD: src/sys/net/bpf.c,v 1.59.2.12 2002/04/14 21:41:48 luigi Exp $ 41 * $DragonFly: src/sys/net/bpf.c,v 1.6 2003/07/26 20:19:33 rob Exp $ 42 */ 43 44 #include "bpf.h" 45 46 #ifndef __GNUC__ 47 #define inline 48 #else 49 #define inline __inline 50 #endif 51 52 #include <sys/param.h> 53 #include <sys/systm.h> 54 #include <sys/conf.h> 55 #include <sys/malloc.h> 56 #include <sys/mbuf.h> 57 #include <sys/time.h> 58 #include <sys/proc.h> 59 #include <sys/signalvar.h> 60 #include <sys/filio.h> 61 #include <sys/sockio.h> 62 #include <sys/ttycom.h> 63 #include <sys/filedesc.h> 64 65 #if defined(sparc) && BSD < 199103 66 #include <sys/stream.h> 67 #endif 68 #include <sys/poll.h> 69 70 #include <sys/socket.h> 71 #include <sys/vnode.h> 72 73 #include <net/if.h> 74 #include <net/bpf.h> 75 #include <net/bpfdesc.h> 76 77 #include <netinet/in.h> 78 #include <netinet/if_ether.h> 79 #include <sys/kernel.h> 80 #include <sys/sysctl.h> 81 82 MALLOC_DEFINE(M_BPF, "BPF", "BPF data"); 83 84 #if NBPF > 0 85 86 /* 87 * Older BSDs don't have kernel malloc. 88 */ 89 #if BSD < 199103 90 extern bcopy(); 91 static caddr_t bpf_alloc(); 92 #include <net/bpf_compat.h> 93 #define BPF_BUFSIZE (MCLBYTES-8) 94 #define UIOMOVE(cp, len, code, uio) uiomove(cp, len, code, uio) 95 #else 96 #define BPF_BUFSIZE 4096 97 #define UIOMOVE(cp, len, code, uio) uiomove(cp, len, uio) 98 #endif 99 100 #define PRINET 26 /* interruptible */ 101 102 /* 103 * The default read buffer size is patchable. 104 */ 105 static int bpf_bufsize = BPF_BUFSIZE; 106 SYSCTL_INT(_debug, OID_AUTO, bpf_bufsize, CTLFLAG_RW, 107 &bpf_bufsize, 0, ""); 108 static int bpf_maxbufsize = BPF_MAXBUFSIZE; 109 SYSCTL_INT(_debug, OID_AUTO, bpf_maxbufsize, CTLFLAG_RW, 110 &bpf_maxbufsize, 0, ""); 111 112 /* 113 * bpf_iflist is the list of interfaces; each corresponds to an ifnet 114 */ 115 static struct bpf_if *bpf_iflist; 116 117 static int bpf_allocbufs __P((struct bpf_d *)); 118 static void bpf_attachd __P((struct bpf_d *d, struct bpf_if *bp)); 119 static void bpf_detachd __P((struct bpf_d *d)); 120 static void bpf_freed __P((struct bpf_d *)); 121 static void bpf_mcopy __P((const void *, void *, size_t)); 122 static int bpf_movein __P((struct uio *, int, 123 struct mbuf **, struct sockaddr *, int *)); 124 static int bpf_setif __P((struct bpf_d *, struct ifreq *)); 125 static void bpf_timed_out __P((void *)); 126 static inline void 127 bpf_wakeup __P((struct bpf_d *)); 128 static void catchpacket __P((struct bpf_d *, u_char *, u_int, 129 u_int, void (*)(const void *, void *, size_t))); 130 static void reset_d __P((struct bpf_d *)); 131 static int bpf_setf __P((struct bpf_d *, struct bpf_program *)); 132 133 static d_open_t bpfopen; 134 static d_close_t bpfclose; 135 static d_read_t bpfread; 136 static d_write_t bpfwrite; 137 static d_ioctl_t bpfioctl; 138 static d_poll_t bpfpoll; 139 140 #define CDEV_MAJOR 23 141 static struct cdevsw bpf_cdevsw = { 142 /* name */ "bpf", 143 /* maj */ CDEV_MAJOR, 144 /* flags */ 0, 145 /* port */ NULL, 146 /* autoq */ 0, 147 148 /* open */ bpfopen, 149 /* close */ bpfclose, 150 /* read */ bpfread, 151 /* write */ bpfwrite, 152 /* ioctl */ bpfioctl, 153 /* poll */ bpfpoll, 154 /* mmap */ nommap, 155 /* strategy */ nostrategy, 156 /* dump */ nodump, 157 /* psize */ nopsize 158 }; 159 160 161 static int 162 bpf_movein(uio, linktype, mp, sockp, datlen) 163 struct uio *uio; 164 int linktype, *datlen; 165 struct mbuf **mp; 166 struct sockaddr *sockp; 167 { 168 struct mbuf *m; 169 int error; 170 int len; 171 int hlen; 172 173 /* 174 * Build a sockaddr based on the data link layer type. 175 * We do this at this level because the ethernet header 176 * is copied directly into the data field of the sockaddr. 177 * In the case of SLIP, there is no header and the packet 178 * is forwarded as is. 179 * Also, we are careful to leave room at the front of the mbuf 180 * for the link level header. 181 */ 182 switch (linktype) { 183 184 case DLT_SLIP: 185 sockp->sa_family = AF_INET; 186 hlen = 0; 187 break; 188 189 case DLT_EN10MB: 190 sockp->sa_family = AF_UNSPEC; 191 /* XXX Would MAXLINKHDR be better? */ 192 hlen = sizeof(struct ether_header); 193 break; 194 195 case DLT_FDDI: 196 #if defined(__FreeBSD__) || defined(__bsdi__) 197 sockp->sa_family = AF_IMPLINK; 198 hlen = 0; 199 #else 200 sockp->sa_family = AF_UNSPEC; 201 /* XXX 4(FORMAC)+6(dst)+6(src)+3(LLC)+5(SNAP) */ 202 hlen = 24; 203 #endif 204 break; 205 206 case DLT_RAW: 207 case DLT_NULL: 208 sockp->sa_family = AF_UNSPEC; 209 hlen = 0; 210 break; 211 212 #ifdef __FreeBSD__ 213 case DLT_ATM_RFC1483: 214 /* 215 * en atm driver requires 4-byte atm pseudo header. 216 * though it isn't standard, vpi:vci needs to be 217 * specified anyway. 218 */ 219 sockp->sa_family = AF_UNSPEC; 220 hlen = 12; /* XXX 4(ATM_PH) + 3(LLC) + 5(SNAP) */ 221 break; 222 #endif 223 case DLT_PPP: 224 sockp->sa_family = AF_UNSPEC; 225 hlen = 4; /* This should match PPP_HDRLEN */ 226 break; 227 228 default: 229 return (EIO); 230 } 231 232 len = uio->uio_resid; 233 *datlen = len - hlen; 234 if ((unsigned)len > MCLBYTES) 235 return (EIO); 236 237 MGETHDR(m, M_WAIT, MT_DATA); 238 if (m == 0) 239 return (ENOBUFS); 240 if (len > MHLEN) { 241 #if BSD >= 199103 242 MCLGET(m, M_WAIT); 243 if ((m->m_flags & M_EXT) == 0) { 244 #else 245 MCLGET(m); 246 if (m->m_len != MCLBYTES) { 247 #endif 248 error = ENOBUFS; 249 goto bad; 250 } 251 } 252 m->m_pkthdr.len = m->m_len = len; 253 m->m_pkthdr.rcvif = NULL; 254 *mp = m; 255 /* 256 * Make room for link header. 257 */ 258 if (hlen != 0) { 259 m->m_pkthdr.len -= hlen; 260 m->m_len -= hlen; 261 #if BSD >= 199103 262 m->m_data += hlen; /* XXX */ 263 #else 264 m->m_off += hlen; 265 #endif 266 error = UIOMOVE((caddr_t)sockp->sa_data, hlen, UIO_WRITE, uio); 267 if (error) 268 goto bad; 269 } 270 error = UIOMOVE(mtod(m, caddr_t), len - hlen, UIO_WRITE, uio); 271 if (!error) 272 return (0); 273 bad: 274 m_freem(m); 275 return (error); 276 } 277 278 /* 279 * Attach file to the bpf interface, i.e. make d listen on bp. 280 * Must be called at splimp. 281 */ 282 static void 283 bpf_attachd(d, bp) 284 struct bpf_d *d; 285 struct bpf_if *bp; 286 { 287 /* 288 * Point d at bp, and add d to the interface's list of listeners. 289 * Finally, point the driver's bpf cookie at the interface so 290 * it will divert packets to bpf. 291 */ 292 d->bd_bif = bp; 293 d->bd_next = bp->bif_dlist; 294 bp->bif_dlist = d; 295 296 bp->bif_ifp->if_bpf = bp; 297 } 298 299 /* 300 * Detach a file from its interface. 301 */ 302 static void 303 bpf_detachd(d) 304 struct bpf_d *d; 305 { 306 struct bpf_d **p; 307 struct bpf_if *bp; 308 309 bp = d->bd_bif; 310 /* 311 * Check if this descriptor had requested promiscuous mode. 312 * If so, turn it off. 313 */ 314 if (d->bd_promisc) { 315 d->bd_promisc = 0; 316 if (ifpromisc(bp->bif_ifp, 0)) 317 /* 318 * Something is really wrong if we were able to put 319 * the driver into promiscuous mode, but can't 320 * take it out. 321 */ 322 panic("bpf: ifpromisc failed"); 323 } 324 /* Remove d from the interface's descriptor list. */ 325 p = &bp->bif_dlist; 326 while (*p != d) { 327 p = &(*p)->bd_next; 328 if (*p == 0) 329 panic("bpf_detachd: descriptor not in list"); 330 } 331 *p = (*p)->bd_next; 332 if (bp->bif_dlist == 0) 333 /* 334 * Let the driver know that there are no more listeners. 335 */ 336 d->bd_bif->bif_ifp->if_bpf = 0; 337 d->bd_bif = 0; 338 } 339 340 /* 341 * Open ethernet device. Returns ENXIO for illegal minor device number, 342 * EBUSY if file is open by another process. 343 */ 344 /* ARGSUSED */ 345 static int 346 bpfopen(dev_t dev, int flags, int fmt, struct thread *td) 347 { 348 struct bpf_d *d; 349 struct proc *p = td->td_proc; 350 351 KKASSERT(p != NULL); 352 353 if (p->p_ucred->cr_prison) 354 return (EPERM); 355 356 d = dev->si_drv1; 357 /* 358 * Each minor can be opened by only one process. If the requested 359 * minor is in use, return EBUSY. 360 */ 361 if (d) 362 return (EBUSY); 363 make_dev(&bpf_cdevsw, minor(dev), 0, 0, 0600, "bpf%d", lminor(dev)); 364 MALLOC(d, struct bpf_d *, sizeof(*d), M_BPF, M_WAITOK | M_ZERO); 365 dev->si_drv1 = d; 366 d->bd_bufsize = bpf_bufsize; 367 d->bd_sig = SIGIO; 368 d->bd_seesent = 1; 369 callout_init(&d->bd_callout); 370 return (0); 371 } 372 373 /* 374 * Close the descriptor by detaching it from its interface, 375 * deallocating its buffers, and marking it free. 376 */ 377 /* ARGSUSED */ 378 static int 379 bpfclose(dev, flags, fmt, td) 380 dev_t dev; 381 int flags; 382 int fmt; 383 struct thread *td; 384 { 385 struct bpf_d *d = dev->si_drv1; 386 int s; 387 388 funsetown(d->bd_sigio); 389 s = splimp(); 390 if (d->bd_state == BPF_WAITING) 391 callout_stop(&d->bd_callout); 392 d->bd_state = BPF_IDLE; 393 if (d->bd_bif) 394 bpf_detachd(d); 395 splx(s); 396 bpf_freed(d); 397 dev->si_drv1 = 0; 398 free(d, M_BPF); 399 400 return (0); 401 } 402 403 /* 404 * Support for SunOS, which does not have tsleep. 405 */ 406 #if BSD < 199103 407 static 408 bpf_timeout(arg) 409 caddr_t arg; 410 { 411 struct bpf_d *d = (struct bpf_d *)arg; 412 d->bd_timedout = 1; 413 wakeup(arg); 414 } 415 416 #define BPF_SLEEP(chan, pri, s, t) bpf_sleep((struct bpf_d *)chan) 417 418 int 419 bpf_sleep(d) 420 struct bpf_d *d; 421 { 422 int rto = d->bd_rtout; 423 int st; 424 425 if (rto != 0) { 426 d->bd_timedout = 0; 427 timeout(bpf_timeout, (caddr_t)d, rto); 428 } 429 st = sleep((caddr_t)d, PRINET|PCATCH); 430 if (rto != 0) { 431 if (d->bd_timedout == 0) 432 untimeout(bpf_timeout, (caddr_t)d); 433 else if (st == 0) 434 return EWOULDBLOCK; 435 } 436 return (st != 0) ? EINTR : 0; 437 } 438 #else 439 #define BPF_SLEEP tsleep 440 #endif 441 442 /* 443 * Rotate the packet buffers in descriptor d. Move the store buffer 444 * into the hold slot, and the free buffer into the store slot. 445 * Zero the length of the new store buffer. 446 */ 447 #define ROTATE_BUFFERS(d) \ 448 (d)->bd_hbuf = (d)->bd_sbuf; \ 449 (d)->bd_hlen = (d)->bd_slen; \ 450 (d)->bd_sbuf = (d)->bd_fbuf; \ 451 (d)->bd_slen = 0; \ 452 (d)->bd_fbuf = 0; 453 /* 454 * bpfread - read next chunk of packets from buffers 455 */ 456 static int 457 bpfread(dev, uio, ioflag) 458 dev_t dev; 459 struct uio *uio; 460 int ioflag; 461 { 462 struct bpf_d *d = dev->si_drv1; 463 int timed_out; 464 int error; 465 int s; 466 467 /* 468 * Restrict application to use a buffer the same size as 469 * as kernel buffers. 470 */ 471 if (uio->uio_resid != d->bd_bufsize) 472 return (EINVAL); 473 474 s = splimp(); 475 if (d->bd_state == BPF_WAITING) 476 callout_stop(&d->bd_callout); 477 timed_out = (d->bd_state == BPF_TIMED_OUT); 478 d->bd_state = BPF_IDLE; 479 /* 480 * If the hold buffer is empty, then do a timed sleep, which 481 * ends when the timeout expires or when enough packets 482 * have arrived to fill the store buffer. 483 */ 484 while (d->bd_hbuf == 0) { 485 if ((d->bd_immediate || timed_out) && d->bd_slen != 0) { 486 /* 487 * A packet(s) either arrived since the previous 488 * read or arrived while we were asleep. 489 * Rotate the buffers and return what's here. 490 */ 491 ROTATE_BUFFERS(d); 492 break; 493 } 494 495 /* 496 * No data is available, check to see if the bpf device 497 * is still pointed at a real interface. If not, return 498 * ENXIO so that the userland process knows to rebind 499 * it before using it again. 500 */ 501 if (d->bd_bif == NULL) { 502 splx(s); 503 return (ENXIO); 504 } 505 506 if (ioflag & IO_NDELAY) { 507 splx(s); 508 return (EWOULDBLOCK); 509 } 510 error = BPF_SLEEP((caddr_t)d, PCATCH, "bpf", d->bd_rtout); 511 if (error == EINTR || error == ERESTART) { 512 splx(s); 513 return (error); 514 } 515 if (error == EWOULDBLOCK) { 516 /* 517 * On a timeout, return what's in the buffer, 518 * which may be nothing. If there is something 519 * in the store buffer, we can rotate the buffers. 520 */ 521 if (d->bd_hbuf) 522 /* 523 * We filled up the buffer in between 524 * getting the timeout and arriving 525 * here, so we don't need to rotate. 526 */ 527 break; 528 529 if (d->bd_slen == 0) { 530 splx(s); 531 return (0); 532 } 533 ROTATE_BUFFERS(d); 534 break; 535 } 536 } 537 /* 538 * At this point, we know we have something in the hold slot. 539 */ 540 splx(s); 541 542 /* 543 * Move data from hold buffer into user space. 544 * We know the entire buffer is transferred since 545 * we checked above that the read buffer is bpf_bufsize bytes. 546 */ 547 error = UIOMOVE(d->bd_hbuf, d->bd_hlen, UIO_READ, uio); 548 549 s = splimp(); 550 d->bd_fbuf = d->bd_hbuf; 551 d->bd_hbuf = 0; 552 d->bd_hlen = 0; 553 splx(s); 554 555 return (error); 556 } 557 558 559 /* 560 * If there are processes sleeping on this descriptor, wake them up. 561 */ 562 static inline void 563 bpf_wakeup(d) 564 struct bpf_d *d; 565 { 566 if (d->bd_state == BPF_WAITING) { 567 callout_stop(&d->bd_callout); 568 d->bd_state = BPF_IDLE; 569 } 570 wakeup((caddr_t)d); 571 if (d->bd_async && d->bd_sig && d->bd_sigio) 572 pgsigio(d->bd_sigio, d->bd_sig, 0); 573 574 #if BSD >= 199103 575 selwakeup(&d->bd_sel); 576 /* XXX */ 577 d->bd_sel.si_pid = 0; 578 #else 579 if (d->bd_selproc) { 580 selwakeup(d->bd_selproc, (int)d->bd_selcoll); 581 d->bd_selcoll = 0; 582 d->bd_selproc = 0; 583 } 584 #endif 585 } 586 587 static void 588 bpf_timed_out(arg) 589 void *arg; 590 { 591 struct bpf_d *d = (struct bpf_d *)arg; 592 int s; 593 594 s = splimp(); 595 if (d->bd_state == BPF_WAITING) { 596 d->bd_state = BPF_TIMED_OUT; 597 if (d->bd_slen != 0) 598 bpf_wakeup(d); 599 } 600 splx(s); 601 } 602 603 static int 604 bpfwrite(dev, uio, ioflag) 605 dev_t dev; 606 struct uio *uio; 607 int ioflag; 608 { 609 struct bpf_d *d = dev->si_drv1; 610 struct ifnet *ifp; 611 struct mbuf *m; 612 int error, s; 613 static struct sockaddr dst; 614 int datlen; 615 616 if (d->bd_bif == 0) 617 return (ENXIO); 618 619 ifp = d->bd_bif->bif_ifp; 620 621 if (uio->uio_resid == 0) 622 return (0); 623 624 error = bpf_movein(uio, (int)d->bd_bif->bif_dlt, &m, &dst, &datlen); 625 if (error) 626 return (error); 627 628 if (datlen > ifp->if_mtu) 629 return (EMSGSIZE); 630 631 if (d->bd_hdrcmplt) 632 dst.sa_family = pseudo_AF_HDRCMPLT; 633 634 s = splnet(); 635 #if BSD >= 199103 636 error = (*ifp->if_output)(ifp, m, &dst, (struct rtentry *)0); 637 #else 638 error = (*ifp->if_output)(ifp, m, &dst); 639 #endif 640 splx(s); 641 /* 642 * The driver frees the mbuf. 643 */ 644 return (error); 645 } 646 647 /* 648 * Reset a descriptor by flushing its packet buffer and clearing the 649 * receive and drop counts. Should be called at splimp. 650 */ 651 static void 652 reset_d(d) 653 struct bpf_d *d; 654 { 655 if (d->bd_hbuf) { 656 /* Free the hold buffer. */ 657 d->bd_fbuf = d->bd_hbuf; 658 d->bd_hbuf = 0; 659 } 660 d->bd_slen = 0; 661 d->bd_hlen = 0; 662 d->bd_rcount = 0; 663 d->bd_dcount = 0; 664 } 665 666 /* 667 * FIONREAD Check for read packet available. 668 * SIOCGIFADDR Get interface address - convenient hook to driver. 669 * BIOCGBLEN Get buffer len [for read()]. 670 * BIOCSETF Set ethernet read filter. 671 * BIOCFLUSH Flush read packet buffer. 672 * BIOCPROMISC Put interface into promiscuous mode. 673 * BIOCGDLT Get link layer type. 674 * BIOCGETIF Get interface name. 675 * BIOCSETIF Set interface. 676 * BIOCSRTIMEOUT Set read timeout. 677 * BIOCGRTIMEOUT Get read timeout. 678 * BIOCGSTATS Get packet stats. 679 * BIOCIMMEDIATE Set immediate mode. 680 * BIOCVERSION Get filter language version. 681 * BIOCGHDRCMPLT Get "header already complete" flag 682 * BIOCSHDRCMPLT Set "header already complete" flag 683 * BIOCGSEESENT Get "see packets sent" flag 684 * BIOCSSEESENT Set "see packets sent" flag 685 */ 686 /* ARGSUSED */ 687 static int 688 bpfioctl(dev_t dev, u_long cmd, caddr_t addr, int flags, struct thread *td) 689 { 690 struct bpf_d *d = dev->si_drv1; 691 int s, error = 0; 692 693 s = splimp(); 694 if (d->bd_state == BPF_WAITING) 695 callout_stop(&d->bd_callout); 696 d->bd_state = BPF_IDLE; 697 splx(s); 698 699 switch (cmd) { 700 701 default: 702 error = EINVAL; 703 break; 704 705 /* 706 * Check for read packet available. 707 */ 708 case FIONREAD: 709 { 710 int n; 711 712 s = splimp(); 713 n = d->bd_slen; 714 if (d->bd_hbuf) 715 n += d->bd_hlen; 716 splx(s); 717 718 *(int *)addr = n; 719 break; 720 } 721 722 case SIOCGIFADDR: 723 { 724 struct ifnet *ifp; 725 726 if (d->bd_bif == 0) 727 error = EINVAL; 728 else { 729 ifp = d->bd_bif->bif_ifp; 730 error = (*ifp->if_ioctl)(ifp, cmd, addr); 731 } 732 break; 733 } 734 735 /* 736 * Get buffer len [for read()]. 737 */ 738 case BIOCGBLEN: 739 *(u_int *)addr = d->bd_bufsize; 740 break; 741 742 /* 743 * Set buffer length. 744 */ 745 case BIOCSBLEN: 746 #if BSD < 199103 747 error = EINVAL; 748 #else 749 if (d->bd_bif != 0) 750 error = EINVAL; 751 else { 752 u_int size = *(u_int *)addr; 753 754 if (size > bpf_maxbufsize) 755 *(u_int *)addr = size = bpf_maxbufsize; 756 else if (size < BPF_MINBUFSIZE) 757 *(u_int *)addr = size = BPF_MINBUFSIZE; 758 d->bd_bufsize = size; 759 } 760 #endif 761 break; 762 763 /* 764 * Set link layer read filter. 765 */ 766 case BIOCSETF: 767 error = bpf_setf(d, (struct bpf_program *)addr); 768 break; 769 770 /* 771 * Flush read packet buffer. 772 */ 773 case BIOCFLUSH: 774 s = splimp(); 775 reset_d(d); 776 splx(s); 777 break; 778 779 /* 780 * Put interface into promiscuous mode. 781 */ 782 case BIOCPROMISC: 783 if (d->bd_bif == 0) { 784 /* 785 * No interface attached yet. 786 */ 787 error = EINVAL; 788 break; 789 } 790 s = splimp(); 791 if (d->bd_promisc == 0) { 792 error = ifpromisc(d->bd_bif->bif_ifp, 1); 793 if (error == 0) 794 d->bd_promisc = 1; 795 } 796 splx(s); 797 break; 798 799 /* 800 * Get device parameters. 801 */ 802 case BIOCGDLT: 803 if (d->bd_bif == 0) 804 error = EINVAL; 805 else 806 *(u_int *)addr = d->bd_bif->bif_dlt; 807 break; 808 809 /* 810 * Get interface name. 811 */ 812 case BIOCGETIF: 813 if (d->bd_bif == 0) 814 error = EINVAL; 815 else { 816 struct ifnet *const ifp = d->bd_bif->bif_ifp; 817 struct ifreq *const ifr = (struct ifreq *)addr; 818 819 snprintf(ifr->ifr_name, sizeof(ifr->ifr_name), 820 "%s%d", ifp->if_name, ifp->if_unit); 821 } 822 break; 823 824 /* 825 * Set interface. 826 */ 827 case BIOCSETIF: 828 error = bpf_setif(d, (struct ifreq *)addr); 829 break; 830 831 /* 832 * Set read timeout. 833 */ 834 case BIOCSRTIMEOUT: 835 { 836 struct timeval *tv = (struct timeval *)addr; 837 838 /* 839 * Subtract 1 tick from tvtohz() since this isn't 840 * a one-shot timer. 841 */ 842 if ((error = itimerfix(tv)) == 0) 843 d->bd_rtout = tvtohz(tv) - 1; 844 break; 845 } 846 847 /* 848 * Get read timeout. 849 */ 850 case BIOCGRTIMEOUT: 851 { 852 struct timeval *tv = (struct timeval *)addr; 853 854 tv->tv_sec = d->bd_rtout / hz; 855 tv->tv_usec = (d->bd_rtout % hz) * tick; 856 break; 857 } 858 859 /* 860 * Get packet stats. 861 */ 862 case BIOCGSTATS: 863 { 864 struct bpf_stat *bs = (struct bpf_stat *)addr; 865 866 bs->bs_recv = d->bd_rcount; 867 bs->bs_drop = d->bd_dcount; 868 break; 869 } 870 871 /* 872 * Set immediate mode. 873 */ 874 case BIOCIMMEDIATE: 875 d->bd_immediate = *(u_int *)addr; 876 break; 877 878 case BIOCVERSION: 879 { 880 struct bpf_version *bv = (struct bpf_version *)addr; 881 882 bv->bv_major = BPF_MAJOR_VERSION; 883 bv->bv_minor = BPF_MINOR_VERSION; 884 break; 885 } 886 887 /* 888 * Get "header already complete" flag 889 */ 890 case BIOCGHDRCMPLT: 891 *(u_int *)addr = d->bd_hdrcmplt; 892 break; 893 894 /* 895 * Set "header already complete" flag 896 */ 897 case BIOCSHDRCMPLT: 898 d->bd_hdrcmplt = *(u_int *)addr ? 1 : 0; 899 break; 900 901 /* 902 * Get "see sent packets" flag 903 */ 904 case BIOCGSEESENT: 905 *(u_int *)addr = d->bd_seesent; 906 break; 907 908 /* 909 * Set "see sent packets" flag 910 */ 911 case BIOCSSEESENT: 912 d->bd_seesent = *(u_int *)addr; 913 break; 914 915 case FIONBIO: /* Non-blocking I/O */ 916 break; 917 918 case FIOASYNC: /* Send signal on receive packets */ 919 d->bd_async = *(int *)addr; 920 break; 921 922 case FIOSETOWN: 923 error = fsetown(*(int *)addr, &d->bd_sigio); 924 break; 925 926 case FIOGETOWN: 927 *(int *)addr = fgetown(d->bd_sigio); 928 break; 929 930 /* This is deprecated, FIOSETOWN should be used instead. */ 931 case TIOCSPGRP: 932 error = fsetown(-(*(int *)addr), &d->bd_sigio); 933 break; 934 935 /* This is deprecated, FIOGETOWN should be used instead. */ 936 case TIOCGPGRP: 937 *(int *)addr = -fgetown(d->bd_sigio); 938 break; 939 940 case BIOCSRSIG: /* Set receive signal */ 941 { 942 u_int sig; 943 944 sig = *(u_int *)addr; 945 946 if (sig >= NSIG) 947 error = EINVAL; 948 else 949 d->bd_sig = sig; 950 break; 951 } 952 case BIOCGRSIG: 953 *(u_int *)addr = d->bd_sig; 954 break; 955 } 956 return (error); 957 } 958 959 /* 960 * Set d's packet filter program to fp. If this file already has a filter, 961 * free it and replace it. Returns EINVAL for bogus requests. 962 */ 963 static int 964 bpf_setf(d, fp) 965 struct bpf_d *d; 966 struct bpf_program *fp; 967 { 968 struct bpf_insn *fcode, *old; 969 u_int flen, size; 970 int s; 971 972 old = d->bd_filter; 973 if (fp->bf_insns == 0) { 974 if (fp->bf_len != 0) 975 return (EINVAL); 976 s = splimp(); 977 d->bd_filter = 0; 978 reset_d(d); 979 splx(s); 980 if (old != 0) 981 free((caddr_t)old, M_BPF); 982 return (0); 983 } 984 flen = fp->bf_len; 985 if (flen > BPF_MAXINSNS) 986 return (EINVAL); 987 988 size = flen * sizeof(*fp->bf_insns); 989 fcode = (struct bpf_insn *)malloc(size, M_BPF, M_WAITOK); 990 if (copyin((caddr_t)fp->bf_insns, (caddr_t)fcode, size) == 0 && 991 bpf_validate(fcode, (int)flen)) { 992 s = splimp(); 993 d->bd_filter = fcode; 994 reset_d(d); 995 splx(s); 996 if (old != 0) 997 free((caddr_t)old, M_BPF); 998 999 return (0); 1000 } 1001 free((caddr_t)fcode, M_BPF); 1002 return (EINVAL); 1003 } 1004 1005 /* 1006 * Detach a file from its current interface (if attached at all) and attach 1007 * to the interface indicated by the name stored in ifr. 1008 * Return an errno or 0. 1009 */ 1010 static int 1011 bpf_setif(d, ifr) 1012 struct bpf_d *d; 1013 struct ifreq *ifr; 1014 { 1015 struct bpf_if *bp; 1016 int s, error; 1017 struct ifnet *theywant; 1018 1019 theywant = ifunit(ifr->ifr_name); 1020 if (theywant == 0) 1021 return ENXIO; 1022 1023 /* 1024 * Look through attached interfaces for the named one. 1025 */ 1026 for (bp = bpf_iflist; bp != 0; bp = bp->bif_next) { 1027 struct ifnet *ifp = bp->bif_ifp; 1028 1029 if (ifp == 0 || ifp != theywant) 1030 continue; 1031 /* 1032 * We found the requested interface. 1033 * If it's not up, return an error. 1034 * Allocate the packet buffers if we need to. 1035 * If we're already attached to requested interface, 1036 * just flush the buffer. 1037 */ 1038 if ((ifp->if_flags & IFF_UP) == 0) 1039 return (ENETDOWN); 1040 1041 if (d->bd_sbuf == 0) { 1042 error = bpf_allocbufs(d); 1043 if (error != 0) 1044 return (error); 1045 } 1046 s = splimp(); 1047 if (bp != d->bd_bif) { 1048 if (d->bd_bif) 1049 /* 1050 * Detach if attached to something else. 1051 */ 1052 bpf_detachd(d); 1053 1054 bpf_attachd(d, bp); 1055 } 1056 reset_d(d); 1057 splx(s); 1058 return (0); 1059 } 1060 /* Not found. */ 1061 return (ENXIO); 1062 } 1063 1064 /* 1065 * Support for select() and poll() system calls 1066 * 1067 * Return true iff the specific operation will not block indefinitely. 1068 * Otherwise, return false but make a note that a selwakeup() must be done. 1069 */ 1070 int 1071 bpfpoll(dev_t dev, int events, struct thread *td) 1072 { 1073 struct bpf_d *d; 1074 int s; 1075 int revents; 1076 1077 d = dev->si_drv1; 1078 if (d->bd_bif == NULL) 1079 return (ENXIO); 1080 1081 revents = events & (POLLOUT | POLLWRNORM); 1082 s = splimp(); 1083 if (events & (POLLIN | POLLRDNORM)) { 1084 /* 1085 * An imitation of the FIONREAD ioctl code. 1086 * XXX not quite. An exact imitation: 1087 * if (d->b_slen != 0 || 1088 * (d->bd_hbuf != NULL && d->bd_hlen != 0) 1089 */ 1090 if (d->bd_hlen != 0 || 1091 ((d->bd_immediate || d->bd_state == BPF_TIMED_OUT) && 1092 d->bd_slen != 0)) 1093 revents |= events & (POLLIN | POLLRDNORM); 1094 else { 1095 selrecord(td, &d->bd_sel); 1096 /* Start the read timeout if necessary. */ 1097 if (d->bd_rtout > 0 && d->bd_state == BPF_IDLE) { 1098 callout_reset(&d->bd_callout, d->bd_rtout, 1099 bpf_timed_out, d); 1100 d->bd_state = BPF_WAITING; 1101 } 1102 } 1103 } 1104 splx(s); 1105 return (revents); 1106 } 1107 1108 /* 1109 * Incoming linkage from device drivers. Process the packet pkt, of length 1110 * pktlen, which is stored in a contiguous buffer. The packet is parsed 1111 * by each process' filter, and if accepted, stashed into the corresponding 1112 * buffer. 1113 */ 1114 void 1115 bpf_tap(ifp, pkt, pktlen) 1116 struct ifnet *ifp; 1117 u_char *pkt; 1118 u_int pktlen; 1119 { 1120 struct bpf_if *bp; 1121 struct bpf_d *d; 1122 u_int slen; 1123 /* 1124 * Note that the ipl does not have to be raised at this point. 1125 * The only problem that could arise here is that if two different 1126 * interfaces shared any data. This is not the case. 1127 */ 1128 bp = ifp->if_bpf; 1129 for (d = bp->bif_dlist; d != 0; d = d->bd_next) { 1130 ++d->bd_rcount; 1131 slen = bpf_filter(d->bd_filter, pkt, pktlen, pktlen); 1132 if (slen != 0) 1133 catchpacket(d, pkt, pktlen, slen, bcopy); 1134 } 1135 } 1136 1137 /* 1138 * Copy data from an mbuf chain into a buffer. This code is derived 1139 * from m_copydata in sys/uipc_mbuf.c. 1140 */ 1141 static void 1142 bpf_mcopy(src_arg, dst_arg, len) 1143 const void *src_arg; 1144 void *dst_arg; 1145 size_t len; 1146 { 1147 const struct mbuf *m; 1148 u_int count; 1149 u_char *dst; 1150 1151 m = src_arg; 1152 dst = dst_arg; 1153 while (len > 0) { 1154 if (m == 0) 1155 panic("bpf_mcopy"); 1156 count = min(m->m_len, len); 1157 bcopy(mtod(m, void *), dst, count); 1158 m = m->m_next; 1159 dst += count; 1160 len -= count; 1161 } 1162 } 1163 1164 /* 1165 * Incoming linkage from device drivers, when packet is in an mbuf chain. 1166 */ 1167 void 1168 bpf_mtap(ifp, m) 1169 struct ifnet *ifp; 1170 struct mbuf *m; 1171 { 1172 struct bpf_if *bp = ifp->if_bpf; 1173 struct bpf_d *d; 1174 u_int pktlen, slen; 1175 struct mbuf *m0; 1176 1177 pktlen = 0; 1178 for (m0 = m; m0 != 0; m0 = m0->m_next) 1179 pktlen += m0->m_len; 1180 1181 for (d = bp->bif_dlist; d != 0; d = d->bd_next) { 1182 if (!d->bd_seesent && (m->m_pkthdr.rcvif == NULL)) 1183 continue; 1184 ++d->bd_rcount; 1185 slen = bpf_filter(d->bd_filter, (u_char *)m, pktlen, 0); 1186 if (slen != 0) 1187 catchpacket(d, (u_char *)m, pktlen, slen, bpf_mcopy); 1188 } 1189 } 1190 1191 /* 1192 * Move the packet data from interface memory (pkt) into the 1193 * store buffer. Return 1 if it's time to wakeup a listener (buffer full), 1194 * otherwise 0. "copy" is the routine called to do the actual data 1195 * transfer. bcopy is passed in to copy contiguous chunks, while 1196 * bpf_mcopy is passed in to copy mbuf chains. In the latter case, 1197 * pkt is really an mbuf. 1198 */ 1199 static void 1200 catchpacket(d, pkt, pktlen, snaplen, cpfn) 1201 struct bpf_d *d; 1202 u_char *pkt; 1203 u_int pktlen, snaplen; 1204 void (*cpfn) __P((const void *, void *, size_t)); 1205 { 1206 struct bpf_hdr *hp; 1207 int totlen, curlen; 1208 int hdrlen = d->bd_bif->bif_hdrlen; 1209 /* 1210 * Figure out how many bytes to move. If the packet is 1211 * greater or equal to the snapshot length, transfer that 1212 * much. Otherwise, transfer the whole packet (unless 1213 * we hit the buffer size limit). 1214 */ 1215 totlen = hdrlen + min(snaplen, pktlen); 1216 if (totlen > d->bd_bufsize) 1217 totlen = d->bd_bufsize; 1218 1219 /* 1220 * Round up the end of the previous packet to the next longword. 1221 */ 1222 curlen = BPF_WORDALIGN(d->bd_slen); 1223 if (curlen + totlen > d->bd_bufsize) { 1224 /* 1225 * This packet will overflow the storage buffer. 1226 * Rotate the buffers if we can, then wakeup any 1227 * pending reads. 1228 */ 1229 if (d->bd_fbuf == 0) { 1230 /* 1231 * We haven't completed the previous read yet, 1232 * so drop the packet. 1233 */ 1234 ++d->bd_dcount; 1235 return; 1236 } 1237 ROTATE_BUFFERS(d); 1238 bpf_wakeup(d); 1239 curlen = 0; 1240 } 1241 else if (d->bd_immediate || d->bd_state == BPF_TIMED_OUT) 1242 /* 1243 * Immediate mode is set, or the read timeout has 1244 * already expired during a select call. A packet 1245 * arrived, so the reader should be woken up. 1246 */ 1247 bpf_wakeup(d); 1248 1249 /* 1250 * Append the bpf header. 1251 */ 1252 hp = (struct bpf_hdr *)(d->bd_sbuf + curlen); 1253 #if BSD >= 199103 1254 microtime(&hp->bh_tstamp); 1255 #elif defined(sun) 1256 uniqtime(&hp->bh_tstamp); 1257 #else 1258 hp->bh_tstamp = time; 1259 #endif 1260 hp->bh_datalen = pktlen; 1261 hp->bh_hdrlen = hdrlen; 1262 /* 1263 * Copy the packet data into the store buffer and update its length. 1264 */ 1265 (*cpfn)(pkt, (u_char *)hp + hdrlen, (hp->bh_caplen = totlen - hdrlen)); 1266 d->bd_slen = curlen + totlen; 1267 } 1268 1269 /* 1270 * Initialize all nonzero fields of a descriptor. 1271 */ 1272 static int 1273 bpf_allocbufs(d) 1274 struct bpf_d *d; 1275 { 1276 d->bd_fbuf = (caddr_t)malloc(d->bd_bufsize, M_BPF, M_WAITOK); 1277 if (d->bd_fbuf == 0) 1278 return (ENOBUFS); 1279 1280 d->bd_sbuf = (caddr_t)malloc(d->bd_bufsize, M_BPF, M_WAITOK); 1281 if (d->bd_sbuf == 0) { 1282 free(d->bd_fbuf, M_BPF); 1283 return (ENOBUFS); 1284 } 1285 d->bd_slen = 0; 1286 d->bd_hlen = 0; 1287 return (0); 1288 } 1289 1290 /* 1291 * Free buffers currently in use by a descriptor. 1292 * Called on close. 1293 */ 1294 static void 1295 bpf_freed(d) 1296 struct bpf_d *d; 1297 { 1298 /* 1299 * We don't need to lock out interrupts since this descriptor has 1300 * been detached from its interface and it yet hasn't been marked 1301 * free. 1302 */ 1303 if (d->bd_sbuf != 0) { 1304 free(d->bd_sbuf, M_BPF); 1305 if (d->bd_hbuf != 0) 1306 free(d->bd_hbuf, M_BPF); 1307 if (d->bd_fbuf != 0) 1308 free(d->bd_fbuf, M_BPF); 1309 } 1310 if (d->bd_filter) 1311 free((caddr_t)d->bd_filter, M_BPF); 1312 } 1313 1314 /* 1315 * Attach an interface to bpf. ifp is a pointer to the structure 1316 * defining the interface to be attached, dlt is the link layer type, 1317 * and hdrlen is the fixed size of the link header (variable length 1318 * headers are not yet supporrted). 1319 */ 1320 void 1321 bpfattach(ifp, dlt, hdrlen) 1322 struct ifnet *ifp; 1323 u_int dlt, hdrlen; 1324 { 1325 struct bpf_if *bp; 1326 bp = (struct bpf_if *)malloc(sizeof(*bp), M_BPF, M_DONTWAIT | M_ZERO); 1327 if (bp == 0) 1328 panic("bpfattach"); 1329 1330 bp->bif_ifp = ifp; 1331 bp->bif_dlt = dlt; 1332 1333 bp->bif_next = bpf_iflist; 1334 bpf_iflist = bp; 1335 1336 bp->bif_ifp->if_bpf = 0; 1337 1338 /* 1339 * Compute the length of the bpf header. This is not necessarily 1340 * equal to SIZEOF_BPF_HDR because we want to insert spacing such 1341 * that the network layer header begins on a longword boundary (for 1342 * performance reasons and to alleviate alignment restrictions). 1343 */ 1344 bp->bif_hdrlen = BPF_WORDALIGN(hdrlen + SIZEOF_BPF_HDR) - hdrlen; 1345 1346 if (bootverbose) 1347 printf("bpf: %s%d attached\n", ifp->if_name, ifp->if_unit); 1348 } 1349 1350 /* 1351 * Detach bpf from an interface. This involves detaching each descriptor 1352 * associated with the interface, and leaving bd_bif NULL. Notify each 1353 * descriptor as it's detached so that any sleepers wake up and get 1354 * ENXIO. 1355 */ 1356 void 1357 bpfdetach(ifp) 1358 struct ifnet *ifp; 1359 { 1360 struct bpf_if *bp, *bp_prev; 1361 struct bpf_d *d; 1362 int s; 1363 1364 s = splimp(); 1365 1366 /* Locate BPF interface information */ 1367 bp_prev = NULL; 1368 for (bp = bpf_iflist; bp != NULL; bp = bp->bif_next) { 1369 if (ifp == bp->bif_ifp) 1370 break; 1371 bp_prev = bp; 1372 } 1373 1374 /* Interface wasn't attached */ 1375 if (bp->bif_ifp == NULL) { 1376 splx(s); 1377 printf("bpfdetach: %s%d was not attached\n", ifp->if_name, 1378 ifp->if_unit); 1379 return; 1380 } 1381 1382 while ((d = bp->bif_dlist) != NULL) { 1383 bpf_detachd(d); 1384 bpf_wakeup(d); 1385 } 1386 1387 if (bp_prev) { 1388 bp_prev->bif_next = bp->bif_next; 1389 } else { 1390 bpf_iflist = bp->bif_next; 1391 } 1392 1393 free(bp, M_BPF); 1394 1395 splx(s); 1396 } 1397 1398 static void bpf_drvinit __P((void *unused)); 1399 1400 static void 1401 bpf_drvinit(unused) 1402 void *unused; 1403 { 1404 1405 cdevsw_add(&bpf_cdevsw); 1406 } 1407 1408 SYSINIT(bpfdev,SI_SUB_DRIVERS,SI_ORDER_MIDDLE+CDEV_MAJOR,bpf_drvinit,NULL) 1409 1410 #else /* !BPF */ 1411 /* 1412 * NOP stubs to allow bpf-using drivers to load and function. 1413 * 1414 * A 'better' implementation would allow the core bpf functionality 1415 * to be loaded at runtime. 1416 */ 1417 1418 void 1419 bpf_tap(ifp, pkt, pktlen) 1420 struct ifnet *ifp; 1421 u_char *pkt; 1422 u_int pktlen; 1423 { 1424 } 1425 1426 void 1427 bpf_mtap(ifp, m) 1428 struct ifnet *ifp; 1429 struct mbuf *m; 1430 { 1431 } 1432 1433 void 1434 bpfattach(ifp, dlt, hdrlen) 1435 struct ifnet *ifp; 1436 u_int dlt, hdrlen; 1437 { 1438 } 1439 1440 void 1441 bpfdetach(ifp) 1442 struct ifnet *ifp; 1443 { 1444 } 1445 1446 u_int 1447 bpf_filter(pc, p, wirelen, buflen) 1448 const struct bpf_insn *pc; 1449 u_char *p; 1450 u_int wirelen; 1451 u_int buflen; 1452 { 1453 return -1; /* "no filter" behaviour */ 1454 } 1455 1456 #endif /* !BPF */ 1457