1 /* $NetBSD: if_tun.c,v 1.14 1994/06/29 06:36:25 cgd Exp $ */ 2 3 /* 4 * Copyright (c) 1988, Julian Onions <jpo@cs.nott.ac.uk> 5 * Nottingham University 1987. 6 * 7 * This source may be freely distributed, however I would be interested 8 * in any changes that are made. 9 * 10 * This driver takes packets off the IP i/f and hands them up to a 11 * user process to have its wicked way with. This driver has it's 12 * roots in a similar driver written by Phil Cockcroft (formerly) at 13 * UCL. This driver is based much more on read/write/poll mode of 14 * operation though. 15 * 16 * $FreeBSD: src/sys/net/if_tun.c,v 1.74.2.8 2002/02/13 00:43:11 dillon Exp $ 17 * $DragonFly: src/sys/net/tun/if_tun.c,v 1.6 2003/07/21 05:50:43 dillon Exp $ 18 */ 19 20 #include "opt_inet.h" 21 22 #include <sys/param.h> 23 #include <sys/proc.h> 24 #include <sys/systm.h> 25 #include <sys/mbuf.h> 26 #include <sys/socket.h> 27 #include <sys/filio.h> 28 #include <sys/sockio.h> 29 #include <sys/ttycom.h> 30 #include <sys/poll.h> 31 #include <sys/signalvar.h> 32 #include <sys/filedesc.h> 33 #include <sys/kernel.h> 34 #include <sys/sysctl.h> 35 #include <sys/conf.h> 36 #include <sys/uio.h> 37 #include <sys/vnode.h> 38 #include <sys/malloc.h> 39 40 #include <net/if.h> 41 #include <net/if_types.h> 42 #include <net/route.h> 43 #include <net/intrq.h> 44 45 #ifdef INET 46 #include <netinet/in.h> 47 #endif 48 49 #include <net/bpf.h> 50 51 #include <net/if_tunvar.h> 52 #include <net/if_tun.h> 53 54 static MALLOC_DEFINE(M_TUN, "tun", "Tunnel Interface"); 55 56 static void tunattach __P((void *)); 57 PSEUDO_SET(tunattach, if_tun); 58 59 static void tuncreate __P((dev_t dev)); 60 61 #define TUNDEBUG if (tundebug) printf 62 static int tundebug = 0; 63 SYSCTL_INT(_debug, OID_AUTO, if_tun_debug, CTLFLAG_RW, &tundebug, 0, ""); 64 65 static int tunoutput __P((struct ifnet *, struct mbuf *, struct sockaddr *, 66 struct rtentry *rt)); 67 static int tunifioctl __P((struct ifnet *, u_long, caddr_t)); 68 static int tuninit __P((struct ifnet *)); 69 70 static d_open_t tunopen; 71 static d_close_t tunclose; 72 static d_read_t tunread; 73 static d_write_t tunwrite; 74 static d_ioctl_t tunioctl; 75 static d_poll_t tunpoll; 76 77 #define CDEV_MAJOR 52 78 static struct cdevsw tun_cdevsw = { 79 /* name */ "tun", 80 /* maj */ CDEV_MAJOR, 81 /* flags */ 0, 82 /* port */ NULL, 83 /* autoq */ 0, 84 85 /* open */ tunopen, 86 /* close */ tunclose, 87 /* read */ tunread, 88 /* write */ tunwrite, 89 /* ioctl */ tunioctl, 90 /* poll */ tunpoll, 91 /* mmap */ nommap, 92 /* strategy */ nostrategy, 93 /* dump */ nodump, 94 /* psize */ nopsize 95 }; 96 97 static void 98 tunattach(dummy) 99 void *dummy; 100 { 101 102 cdevsw_add(&tun_cdevsw); 103 } 104 105 static void 106 tuncreate(dev) 107 dev_t dev; 108 { 109 struct tun_softc *sc; 110 struct ifnet *ifp; 111 112 dev = make_dev(&tun_cdevsw, minor(dev), 113 UID_UUCP, GID_DIALER, 0600, "tun%d", lminor(dev)); 114 115 MALLOC(sc, struct tun_softc *, sizeof(*sc), M_TUN, M_WAITOK); 116 bzero(sc, sizeof *sc); 117 sc->tun_flags = TUN_INITED; 118 119 ifp = &sc->tun_if; 120 ifp->if_unit = lminor(dev); 121 ifp->if_name = "tun"; 122 ifp->if_mtu = TUNMTU; 123 ifp->if_ioctl = tunifioctl; 124 ifp->if_output = tunoutput; 125 ifp->if_flags = IFF_POINTOPOINT | IFF_MULTICAST; 126 ifp->if_type = IFT_PPP; 127 ifp->if_snd.ifq_maxlen = ifqmaxlen; 128 ifp->if_softc = sc; 129 if_attach(ifp); 130 bpfattach(ifp, DLT_NULL, sizeof(u_int)); 131 dev->si_drv1 = sc; 132 } 133 134 /* 135 * tunnel open - must be superuser & the device must be 136 * configured in 137 */ 138 static int 139 tunopen(dev_t dev, int flag, int mode, struct thread *td) 140 { 141 struct ifnet *ifp; 142 struct tun_softc *tp; 143 register int error; 144 145 KKASSERT(td->td_proc); 146 if ((error = suser(td)) != NULL) 147 return (error); 148 149 tp = dev->si_drv1; 150 if (!tp) { 151 tuncreate(dev); 152 tp = dev->si_drv1; 153 } 154 if (tp->tun_flags & TUN_OPEN) 155 return EBUSY; 156 tp->tun_pid = td->td_proc->p_pid; 157 ifp = &tp->tun_if; 158 tp->tun_flags |= TUN_OPEN; 159 TUNDEBUG("%s%d: open\n", ifp->if_name, ifp->if_unit); 160 return (0); 161 } 162 163 /* 164 * tunclose - close the device - mark i/f down & delete 165 * routing info 166 */ 167 static int 168 tunclose(dev_t dev, int foo, int bar, struct thread *td) 169 { 170 register int s; 171 struct tun_softc *tp; 172 struct ifnet *ifp; 173 struct mbuf *m; 174 175 tp = dev->si_drv1; 176 ifp = &tp->tun_if; 177 178 tp->tun_flags &= ~TUN_OPEN; 179 tp->tun_pid = 0; 180 181 /* 182 * junk all pending output 183 */ 184 do { 185 s = splimp(); 186 IF_DEQUEUE(&ifp->if_snd, m); 187 splx(s); 188 if (m) 189 m_freem(m); 190 } while (m); 191 192 if (ifp->if_flags & IFF_UP) { 193 s = splimp(); 194 if_down(ifp); 195 splx(s); 196 } 197 198 if (ifp->if_flags & IFF_RUNNING) { 199 register struct ifaddr *ifa; 200 201 s = splimp(); 202 /* find internet addresses and delete routes */ 203 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) 204 if (ifa->ifa_addr->sa_family == AF_INET) 205 rtinit(ifa, (int)RTM_DELETE, 206 tp->tun_flags & TUN_DSTADDR ? RTF_HOST : 0); 207 ifp->if_flags &= ~IFF_RUNNING; 208 splx(s); 209 } 210 211 funsetown(tp->tun_sigio); 212 selwakeup(&tp->tun_rsel); 213 214 TUNDEBUG ("%s%d: closed\n", ifp->if_name, ifp->if_unit); 215 return (0); 216 } 217 218 static int 219 tuninit(ifp) 220 struct ifnet *ifp; 221 { 222 struct tun_softc *tp = ifp->if_softc; 223 register struct ifaddr *ifa; 224 int error = 0; 225 226 TUNDEBUG("%s%d: tuninit\n", ifp->if_name, ifp->if_unit); 227 228 ifp->if_flags |= IFF_UP | IFF_RUNNING; 229 getmicrotime(&ifp->if_lastchange); 230 231 for (ifa = TAILQ_FIRST(&ifp->if_addrhead); ifa; 232 ifa = TAILQ_NEXT(ifa, ifa_link)) { 233 if (ifa->ifa_addr == NULL) 234 error = EFAULT; 235 /* XXX: Should maybe return straight off? */ 236 else { 237 #ifdef INET 238 if (ifa->ifa_addr->sa_family == AF_INET) { 239 struct sockaddr_in *si; 240 241 si = (struct sockaddr_in *)ifa->ifa_addr; 242 if (si->sin_addr.s_addr) 243 tp->tun_flags |= TUN_IASET; 244 245 si = (struct sockaddr_in *)ifa->ifa_dstaddr; 246 if (si && si->sin_addr.s_addr) 247 tp->tun_flags |= TUN_DSTADDR; 248 } 249 #endif 250 } 251 } 252 return (error); 253 } 254 255 /* 256 * Process an ioctl request. 257 */ 258 int 259 tunifioctl(ifp, cmd, data) 260 struct ifnet *ifp; 261 u_long cmd; 262 caddr_t data; 263 { 264 struct ifreq *ifr = (struct ifreq *)data; 265 struct tun_softc *tp = ifp->if_softc; 266 struct ifstat *ifs; 267 int error = 0, s; 268 269 s = splimp(); 270 switch(cmd) { 271 case SIOCGIFSTATUS: 272 ifs = (struct ifstat *)data; 273 if (tp->tun_pid) 274 sprintf(ifs->ascii + strlen(ifs->ascii), 275 "\tOpened by PID %d\n", tp->tun_pid); 276 break; 277 case SIOCSIFADDR: 278 error = tuninit(ifp); 279 TUNDEBUG("%s%d: address set, error=%d\n", 280 ifp->if_name, ifp->if_unit, error); 281 break; 282 case SIOCSIFDSTADDR: 283 error = tuninit(ifp); 284 TUNDEBUG("%s%d: destination address set, error=%d\n", 285 ifp->if_name, ifp->if_unit, error); 286 break; 287 case SIOCSIFMTU: 288 ifp->if_mtu = ifr->ifr_mtu; 289 TUNDEBUG("%s%d: mtu set\n", 290 ifp->if_name, ifp->if_unit); 291 break; 292 case SIOCSIFFLAGS: 293 case SIOCADDMULTI: 294 case SIOCDELMULTI: 295 break; 296 default: 297 error = EINVAL; 298 } 299 splx(s); 300 return (error); 301 } 302 303 /* 304 * tunoutput - queue packets from higher level ready to put out. 305 */ 306 int 307 tunoutput(ifp, m0, dst, rt) 308 struct ifnet *ifp; 309 struct mbuf *m0; 310 struct sockaddr *dst; 311 struct rtentry *rt; 312 { 313 struct tun_softc *tp = ifp->if_softc; 314 int s; 315 316 TUNDEBUG ("%s%d: tunoutput\n", ifp->if_name, ifp->if_unit); 317 318 if ((tp->tun_flags & TUN_READY) != TUN_READY) { 319 TUNDEBUG ("%s%d: not ready 0%o\n", ifp->if_name, 320 ifp->if_unit, tp->tun_flags); 321 m_freem (m0); 322 return EHOSTDOWN; 323 } 324 325 /* BPF write needs to be handled specially */ 326 if (dst->sa_family == AF_UNSPEC) { 327 dst->sa_family = *(mtod(m0, int *)); 328 m0->m_len -= sizeof(int); 329 m0->m_pkthdr.len -= sizeof(int); 330 m0->m_data += sizeof(int); 331 } 332 333 if (ifp->if_bpf) { 334 /* 335 * We need to prepend the address family as 336 * a four byte field. Cons up a dummy header 337 * to pacify bpf. This is safe because bpf 338 * will only read from the mbuf (i.e., it won't 339 * try to free it or keep a pointer to it). 340 */ 341 struct mbuf m; 342 uint32_t af = dst->sa_family; 343 344 m.m_next = m0; 345 m.m_len = 4; 346 m.m_data = (char *)⁡ 347 348 bpf_mtap(ifp, &m); 349 } 350 351 /* prepend sockaddr? this may abort if the mbuf allocation fails */ 352 if (tp->tun_flags & TUN_LMODE) { 353 /* allocate space for sockaddr */ 354 M_PREPEND(m0, dst->sa_len, M_DONTWAIT); 355 356 /* if allocation failed drop packet */ 357 if (m0 == NULL){ 358 s = splimp(); /* spl on queue manipulation */ 359 IF_DROP(&ifp->if_snd); 360 splx(s); 361 ifp->if_oerrors++; 362 return (ENOBUFS); 363 } else { 364 bcopy(dst, m0->m_data, dst->sa_len); 365 } 366 } 367 368 if (tp->tun_flags & TUN_IFHEAD) { 369 /* Prepend the address family */ 370 M_PREPEND(m0, 4, M_DONTWAIT); 371 372 /* if allocation failed drop packet */ 373 if (m0 == NULL){ 374 s = splimp(); /* spl on queue manipulation */ 375 IF_DROP(&ifp->if_snd); 376 splx(s); 377 ifp->if_oerrors++; 378 return ENOBUFS; 379 } else 380 *(u_int32_t *)m0->m_data = htonl(dst->sa_family); 381 } else { 382 #ifdef INET 383 if (dst->sa_family != AF_INET) 384 #endif 385 { 386 m_freem(m0); 387 return EAFNOSUPPORT; 388 } 389 } 390 391 s = splimp(); 392 if (IF_QFULL(&ifp->if_snd)) { 393 IF_DROP(&ifp->if_snd); 394 m_freem(m0); 395 splx(s); 396 ifp->if_collisions++; 397 return ENOBUFS; 398 } 399 ifp->if_obytes += m0->m_pkthdr.len; 400 IF_ENQUEUE(&ifp->if_snd, m0); 401 splx(s); 402 ifp->if_opackets++; 403 404 if (tp->tun_flags & TUN_RWAIT) { 405 tp->tun_flags &= ~TUN_RWAIT; 406 wakeup((caddr_t)tp); 407 } 408 if (tp->tun_flags & TUN_ASYNC && tp->tun_sigio) 409 pgsigio(tp->tun_sigio, SIGIO, 0); 410 selwakeup(&tp->tun_rsel); 411 return 0; 412 } 413 414 /* 415 * the cdevsw interface is now pretty minimal. 416 */ 417 static int 418 tunioctl(dev_t dev, u_long cmd, caddr_t data, int flag, struct thread *td) 419 { 420 int s; 421 struct tun_softc *tp = dev->si_drv1; 422 struct tuninfo *tunp; 423 424 switch (cmd) { 425 case TUNSIFINFO: 426 tunp = (struct tuninfo *)data; 427 if (tunp->mtu < IF_MINMTU) 428 return (EINVAL); 429 tp->tun_if.if_mtu = tunp->mtu; 430 tp->tun_if.if_type = tunp->type; 431 tp->tun_if.if_baudrate = tunp->baudrate; 432 break; 433 case TUNGIFINFO: 434 tunp = (struct tuninfo *)data; 435 tunp->mtu = tp->tun_if.if_mtu; 436 tunp->type = tp->tun_if.if_type; 437 tunp->baudrate = tp->tun_if.if_baudrate; 438 break; 439 case TUNSDEBUG: 440 tundebug = *(int *)data; 441 break; 442 case TUNGDEBUG: 443 *(int *)data = tundebug; 444 break; 445 case TUNSLMODE: 446 if (*(int *)data) { 447 tp->tun_flags |= TUN_LMODE; 448 tp->tun_flags &= ~TUN_IFHEAD; 449 } else 450 tp->tun_flags &= ~TUN_LMODE; 451 break; 452 case TUNSIFHEAD: 453 if (*(int *)data) { 454 tp->tun_flags |= TUN_IFHEAD; 455 tp->tun_flags &= ~TUN_LMODE; 456 } else 457 tp->tun_flags &= ~TUN_IFHEAD; 458 break; 459 case TUNGIFHEAD: 460 *(int *)data = (tp->tun_flags & TUN_IFHEAD) ? 1 : 0; 461 break; 462 case TUNSIFMODE: 463 /* deny this if UP */ 464 if (tp->tun_if.if_flags & IFF_UP) 465 return(EBUSY); 466 467 switch (*(int *)data & ~IFF_MULTICAST) { 468 case IFF_POINTOPOINT: 469 case IFF_BROADCAST: 470 tp->tun_if.if_flags &= ~(IFF_BROADCAST|IFF_POINTOPOINT); 471 tp->tun_if.if_flags |= *(int *)data; 472 break; 473 default: 474 return(EINVAL); 475 } 476 break; 477 case TUNSIFPID: 478 tp->tun_pid = curproc->p_pid; 479 break; 480 case FIONBIO: 481 break; 482 case FIOASYNC: 483 if (*(int *)data) 484 tp->tun_flags |= TUN_ASYNC; 485 else 486 tp->tun_flags &= ~TUN_ASYNC; 487 break; 488 case FIONREAD: 489 s = splimp(); 490 if (tp->tun_if.if_snd.ifq_head) { 491 struct mbuf *mb = tp->tun_if.if_snd.ifq_head; 492 for( *(int *)data = 0; mb != 0; mb = mb->m_next) 493 *(int *)data += mb->m_len; 494 } else 495 *(int *)data = 0; 496 splx(s); 497 break; 498 case FIOSETOWN: 499 return (fsetown(*(int *)data, &tp->tun_sigio)); 500 501 case FIOGETOWN: 502 *(int *)data = fgetown(tp->tun_sigio); 503 return (0); 504 505 /* This is deprecated, FIOSETOWN should be used instead. */ 506 case TIOCSPGRP: 507 return (fsetown(-(*(int *)data), &tp->tun_sigio)); 508 509 /* This is deprecated, FIOGETOWN should be used instead. */ 510 case TIOCGPGRP: 511 *(int *)data = -fgetown(tp->tun_sigio); 512 return (0); 513 514 default: 515 return (ENOTTY); 516 } 517 return (0); 518 } 519 520 /* 521 * The cdevsw read interface - reads a packet at a time, or at 522 * least as much of a packet as can be read. 523 */ 524 static int 525 tunread(dev, uio, flag) 526 dev_t dev; 527 struct uio *uio; 528 int flag; 529 { 530 struct tun_softc *tp = dev->si_drv1; 531 struct ifnet *ifp = &tp->tun_if; 532 struct mbuf *m0; 533 int error=0, len, s; 534 535 TUNDEBUG ("%s%d: read\n", ifp->if_name, ifp->if_unit); 536 if ((tp->tun_flags & TUN_READY) != TUN_READY) { 537 TUNDEBUG ("%s%d: not ready 0%o\n", ifp->if_name, 538 ifp->if_unit, tp->tun_flags); 539 return EHOSTDOWN; 540 } 541 542 tp->tun_flags &= ~TUN_RWAIT; 543 544 s = splimp(); 545 do { 546 IF_DEQUEUE(&ifp->if_snd, m0); 547 if (m0 == 0) { 548 if (flag & IO_NDELAY) { 549 splx(s); 550 return EWOULDBLOCK; 551 } 552 tp->tun_flags |= TUN_RWAIT; 553 if((error = tsleep((caddr_t)tp, PCATCH, 554 "tunread", 0)) != 0) { 555 splx(s); 556 return error; 557 } 558 } 559 } while (m0 == 0); 560 splx(s); 561 562 while (m0 && uio->uio_resid > 0 && error == 0) { 563 len = min(uio->uio_resid, m0->m_len); 564 if (len != 0) 565 error = uiomove(mtod(m0, caddr_t), len, uio); 566 m0 = m_free(m0); 567 } 568 569 if (m0) { 570 TUNDEBUG("%s%d: Dropping mbuf\n", ifp->if_name, ifp->if_unit); 571 m_freem(m0); 572 } 573 return error; 574 } 575 576 /* 577 * the cdevsw write interface - an atomic write is a packet - or else! 578 */ 579 static int 580 tunwrite(dev, uio, flag) 581 dev_t dev; 582 struct uio *uio; 583 int flag; 584 { 585 struct tun_softc *tp = dev->si_drv1; 586 struct ifnet *ifp = &tp->tun_if; 587 struct mbuf *top, **mp, *m; 588 int error=0, tlen, mlen; 589 uint32_t family; 590 591 TUNDEBUG("%s%d: tunwrite\n", ifp->if_name, ifp->if_unit); 592 593 if (uio->uio_resid == 0) 594 return 0; 595 596 if (uio->uio_resid < 0 || uio->uio_resid > TUNMRU) { 597 TUNDEBUG("%s%d: len=%d!\n", ifp->if_name, ifp->if_unit, 598 uio->uio_resid); 599 return EIO; 600 } 601 tlen = uio->uio_resid; 602 603 /* get a header mbuf */ 604 MGETHDR(m, M_DONTWAIT, MT_DATA); 605 if (m == NULL) 606 return ENOBUFS; 607 mlen = MHLEN; 608 609 top = 0; 610 mp = ⊤ 611 while (error == 0 && uio->uio_resid > 0) { 612 m->m_len = min(mlen, uio->uio_resid); 613 error = uiomove(mtod (m, caddr_t), m->m_len, uio); 614 *mp = m; 615 mp = &m->m_next; 616 if (uio->uio_resid > 0) { 617 MGET (m, M_DONTWAIT, MT_DATA); 618 if (m == 0) { 619 error = ENOBUFS; 620 break; 621 } 622 mlen = MLEN; 623 } 624 } 625 if (error) { 626 if (top) 627 m_freem (top); 628 ifp->if_ierrors++; 629 return error; 630 } 631 632 top->m_pkthdr.len = tlen; 633 top->m_pkthdr.rcvif = ifp; 634 635 if (ifp->if_bpf) { 636 if (tp->tun_flags & TUN_IFHEAD) { 637 /* 638 * Conveniently, we already have a 4-byte address 639 * family prepended to our packet ! 640 * Inconveniently, it's in the wrong byte order ! 641 */ 642 if ((top = m_pullup(top, sizeof(family))) == NULL) 643 return ENOBUFS; 644 *mtod(top, u_int32_t *) = 645 ntohl(*mtod(top, u_int32_t *)); 646 bpf_mtap(ifp, top); 647 *mtod(top, u_int32_t *) = 648 htonl(*mtod(top, u_int32_t *)); 649 } else { 650 /* 651 * We need to prepend the address family as 652 * a four byte field. Cons up a dummy header 653 * to pacify bpf. This is safe because bpf 654 * will only read from the mbuf (i.e., it won't 655 * try to free it or keep a pointer to it). 656 */ 657 struct mbuf m; 658 uint32_t af = AF_INET; 659 660 m.m_next = top; 661 m.m_len = 4; 662 m.m_data = (char *)⁡ 663 664 bpf_mtap(ifp, &m); 665 } 666 } 667 668 if (tp->tun_flags & TUN_IFHEAD) { 669 if (top->m_len < sizeof(family) && 670 (top = m_pullup(top, sizeof(family))) == NULL) 671 return ENOBUFS; 672 family = ntohl(*mtod(top, u_int32_t *)); 673 m_adj(top, sizeof(family)); 674 } else 675 family = AF_INET; 676 677 ifp->if_ibytes += top->m_pkthdr.len; 678 ifp->if_ipackets++; 679 680 return family_enqueue(family, top); 681 } 682 683 /* 684 * tunpoll - the poll interface, this is only useful on reads 685 * really. The write detect always returns true, write never blocks 686 * anyway, it either accepts the packet or drops it. 687 */ 688 static int 689 tunpoll(dev_t dev, int events, struct thread *td) 690 { 691 int s; 692 struct tun_softc *tp = dev->si_drv1; 693 struct ifnet *ifp = &tp->tun_if; 694 int revents = 0; 695 696 s = splimp(); 697 TUNDEBUG("%s%d: tunpoll\n", ifp->if_name, ifp->if_unit); 698 699 if (events & (POLLIN | POLLRDNORM)) { 700 if (ifp->if_snd.ifq_len > 0) { 701 TUNDEBUG("%s%d: tunpoll q=%d\n", ifp->if_name, 702 ifp->if_unit, ifp->if_snd.ifq_len); 703 revents |= events & (POLLIN | POLLRDNORM); 704 } else { 705 TUNDEBUG("%s%d: tunpoll waiting\n", ifp->if_name, 706 ifp->if_unit); 707 selrecord(td, &tp->tun_rsel); 708 } 709 } 710 if (events & (POLLOUT | POLLWRNORM)) 711 revents |= events & (POLLOUT | POLLWRNORM); 712 713 splx(s); 714 return (revents); 715 } 716