1 /* 2 * Copyright (c) 1990, 1991, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * This code is derived from the Stanford/CMU enet packet filter, 6 * (net/enet.c) distributed as part of 4.3BSD, and code contributed 7 * to Berkeley by Steven McCanne and Van Jacobson both of Lawrence 8 * Berkeley Laboratory. 9 * 10 * %sccs.include.redist.c% 11 * 12 * @(#)bpf.c 8.4 (Berkeley) 01/09/95 13 * 14 * static char rcsid[] = 15 * "$Header: bpf.c,v 1.33 91/10/27 21:21:58 mccanne Exp $"; 16 */ 17 18 #include "bpfilter.h" 19 20 #if NBPFILTER > 0 21 22 #include <sys/param.h> 23 #include <sys/systm.h> 24 #include <sys/mbuf.h> 25 #include <sys/buf.h> 26 #include <sys/time.h> 27 #include <sys/proc.h> 28 #include <sys/user.h> 29 #include <sys/ioctl.h> 30 #include <sys/map.h> 31 32 #include <sys/file.h> 33 #if defined(sparc) && BSD < 199103 34 #include <sys/stream.h> 35 #endif 36 #include <sys/tty.h> 37 #include <sys/uio.h> 38 39 #include <sys/protosw.h> 40 #include <sys/socket.h> 41 #include <net/if.h> 42 43 #include <net/bpf.h> 44 #include <net/bpfdesc.h> 45 46 #include <sys/errno.h> 47 48 #include <netinet/in.h> 49 #include <netinet/if_ether.h> 50 #include <sys/kernel.h> 51 52 /* 53 * Older BSDs don't have kernel malloc. 54 */ 55 #if BSD < 199103 56 extern bcopy(); 57 static caddr_t bpf_alloc(); 58 #include <net/bpf_compat.h> 59 #define BPF_BUFSIZE (MCLBYTES-8) 60 #define UIOMOVE(cp, len, code, uio) uiomove(cp, len, code, uio) 61 #else 62 #define BPF_BUFSIZE 4096 63 #define UIOMOVE(cp, len, code, uio) uiomove(cp, len, uio) 64 #endif 65 66 #define PRINET 26 /* interruptible */ 67 68 /* 69 * The default read buffer size is patchable. 70 */ 71 int bpf_bufsize = BPF_BUFSIZE; 72 73 /* 74 * bpf_iflist is the list of interfaces; each corresponds to an ifnet 75 * bpf_dtab holds the descriptors, indexed by minor device # 76 */ 77 struct bpf_if *bpf_iflist; 78 struct bpf_d bpf_dtab[NBPFILTER]; 79 80 #if BSD >= 199207 81 /* 82 * bpfilterattach() is called at boot time in new systems. We do 83 * nothing here since old systems will not call this. 84 */ 85 /* ARGSUSED */ 86 void 87 bpfilterattach(n) 88 int n; 89 { 90 } 91 #endif 92 93 static int bpf_allocbufs __P((struct bpf_d *)); 94 static int bpf_allocbufs __P((struct bpf_d *)); 95 static void bpf_freed __P((struct bpf_d *)); 96 static void bpf_freed __P((struct bpf_d *)); 97 static void bpf_ifname __P((struct ifnet *, struct ifreq *)); 98 static void bpf_ifname __P((struct ifnet *, struct ifreq *)); 99 static void bpf_mcopy __P((const void *, void *, u_int)); 100 static int bpf_movein __P((struct uio *, int, 101 struct mbuf **, struct sockaddr *, int *)); 102 static int bpf_setif __P((struct bpf_d *, struct ifreq *)); 103 static int bpf_setif __P((struct bpf_d *, struct ifreq *)); 104 static __inline void 105 bpf_wakeup __P((struct bpf_d *)); 106 static void catchpacket __P((struct bpf_d *, u_char *, u_int, 107 u_int, void (*)(const void *, void *, u_int))); 108 static void reset_d __P((struct bpf_d *)); 109 110 static int 111 bpf_movein(uio, linktype, mp, sockp, datlen) 112 register struct uio *uio; 113 int linktype, *datlen; 114 register struct mbuf **mp; 115 register struct sockaddr *sockp; 116 { 117 struct mbuf *m; 118 int error; 119 int len; 120 int hlen; 121 122 /* 123 * Build a sockaddr based on the data link layer type. 124 * We do this at this level because the ethernet header 125 * is copied directly into the data field of the sockaddr. 126 * In the case of SLIP, there is no header and the packet 127 * is forwarded as is. 128 * Also, we are careful to leave room at the front of the mbuf 129 * for the link level header. 130 */ 131 switch (linktype) { 132 133 case DLT_SLIP: 134 sockp->sa_family = AF_INET; 135 hlen = 0; 136 break; 137 138 case DLT_EN10MB: 139 sockp->sa_family = AF_UNSPEC; 140 /* XXX Would MAXLINKHDR be better? */ 141 hlen = sizeof(struct ether_header); 142 break; 143 144 case DLT_FDDI: 145 sockp->sa_family = AF_UNSPEC; 146 /* XXX 4(FORMAC)+6(dst)+6(src)+3(LLC)+5(SNAP) */ 147 hlen = 24; 148 break; 149 150 case DLT_NULL: 151 sockp->sa_family = AF_UNSPEC; 152 hlen = 0; 153 break; 154 155 default: 156 return (EIO); 157 } 158 159 len = uio->uio_resid; 160 *datlen = len - hlen; 161 if ((unsigned)len > MCLBYTES) 162 return (EIO); 163 164 MGET(m, M_WAIT, MT_DATA); 165 if (m == 0) 166 return (ENOBUFS); 167 if (len > MLEN) { 168 #if BSD >= 199103 169 MCLGET(m, M_WAIT); 170 if ((m->m_flags & M_EXT) == 0) { 171 #else 172 MCLGET(m); 173 if (m->m_len != MCLBYTES) { 174 #endif 175 error = ENOBUFS; 176 goto bad; 177 } 178 } 179 m->m_len = len; 180 *mp = m; 181 /* 182 * Make room for link header. 183 */ 184 if (hlen != 0) { 185 m->m_len -= hlen; 186 #if BSD >= 199103 187 m->m_data += hlen; /* XXX */ 188 #else 189 m->m_off += hlen; 190 #endif 191 error = UIOMOVE((caddr_t)sockp->sa_data, hlen, UIO_WRITE, uio); 192 if (error) 193 goto bad; 194 } 195 error = UIOMOVE(mtod(m, caddr_t), len - hlen, UIO_WRITE, uio); 196 if (!error) 197 return (0); 198 bad: 199 m_freem(m); 200 return (error); 201 } 202 203 /* 204 * Attach file to the bpf interface, i.e. make d listen on bp. 205 * Must be called at splimp. 206 */ 207 static void 208 bpf_attachd(d, bp) 209 struct bpf_d *d; 210 struct bpf_if *bp; 211 { 212 /* 213 * Point d at bp, and add d to the interface's list of listeners. 214 * Finally, point the driver's bpf cookie at the interface so 215 * it will divert packets to bpf. 216 */ 217 d->bd_bif = bp; 218 d->bd_next = bp->bif_dlist; 219 bp->bif_dlist = d; 220 221 *bp->bif_driverp = bp; 222 } 223 224 /* 225 * Detach a file from its interface. 226 */ 227 static void 228 bpf_detachd(d) 229 struct bpf_d *d; 230 { 231 struct bpf_d **p; 232 struct bpf_if *bp; 233 234 bp = d->bd_bif; 235 /* 236 * Check if this descriptor had requested promiscuous mode. 237 * If so, turn it off. 238 */ 239 if (d->bd_promisc) { 240 d->bd_promisc = 0; 241 if (ifpromisc(bp->bif_ifp, 0)) 242 /* 243 * Something is really wrong if we were able to put 244 * the driver into promiscuous mode, but can't 245 * take it out. 246 */ 247 panic("bpf: ifpromisc failed"); 248 } 249 /* Remove d from the interface's descriptor list. */ 250 p = &bp->bif_dlist; 251 while (*p != d) { 252 p = &(*p)->bd_next; 253 if (*p == 0) 254 panic("bpf_detachd: descriptor not in list"); 255 } 256 *p = (*p)->bd_next; 257 if (bp->bif_dlist == 0) 258 /* 259 * Let the driver know that there are no more listeners. 260 */ 261 *d->bd_bif->bif_driverp = 0; 262 d->bd_bif = 0; 263 } 264 265 266 /* 267 * Mark a descriptor free by making it point to itself. 268 * This is probably cheaper than marking with a constant since 269 * the address should be in a register anyway. 270 */ 271 #define D_ISFREE(d) ((d) == (d)->bd_next) 272 #define D_MARKFREE(d) ((d)->bd_next = (d)) 273 #define D_MARKUSED(d) ((d)->bd_next = 0) 274 275 /* 276 * Open ethernet device. Returns ENXIO for illegal minor device number, 277 * EBUSY if file is open by another process. 278 */ 279 /* ARGSUSED */ 280 int 281 bpfopen(dev, flag) 282 dev_t dev; 283 int flag; 284 { 285 register struct bpf_d *d; 286 287 if (minor(dev) >= NBPFILTER) 288 return (ENXIO); 289 /* 290 * Each minor can be opened by only one process. If the requested 291 * minor is in use, return EBUSY. 292 */ 293 d = &bpf_dtab[minor(dev)]; 294 if (!D_ISFREE(d)) 295 return (EBUSY); 296 297 /* Mark "free" and do most initialization. */ 298 bzero((char *)d, sizeof(*d)); 299 d->bd_bufsize = bpf_bufsize; 300 301 return (0); 302 } 303 304 /* 305 * Close the descriptor by detaching it from its interface, 306 * deallocating its buffers, and marking it free. 307 */ 308 /* ARGSUSED */ 309 int 310 bpfclose(dev, flag) 311 dev_t dev; 312 int flag; 313 { 314 register struct bpf_d *d = &bpf_dtab[minor(dev)]; 315 register int s; 316 317 s = splimp(); 318 if (d->bd_bif) 319 bpf_detachd(d); 320 splx(s); 321 bpf_freed(d); 322 323 return (0); 324 } 325 326 /* 327 * Support for SunOS, which does not have tsleep. 328 */ 329 #if BSD < 199103 330 static 331 bpf_timeout(arg) 332 caddr_t arg; 333 { 334 struct bpf_d *d = (struct bpf_d *)arg; 335 d->bd_timedout = 1; 336 wakeup(arg); 337 } 338 339 #define BPF_SLEEP(chan, pri, s, t) bpf_sleep((struct bpf_d *)chan) 340 341 int 342 bpf_sleep(d) 343 register struct bpf_d *d; 344 { 345 register int rto = d->bd_rtout; 346 register int st; 347 348 if (rto != 0) { 349 d->bd_timedout = 0; 350 timeout(bpf_timeout, (caddr_t)d, rto); 351 } 352 st = sleep((caddr_t)d, PRINET|PCATCH); 353 if (rto != 0) { 354 if (d->bd_timedout == 0) 355 untimeout(bpf_timeout, (caddr_t)d); 356 else if (st == 0) 357 return EWOULDBLOCK; 358 } 359 return (st != 0) ? EINTR : 0; 360 } 361 #else 362 #define BPF_SLEEP tsleep 363 #endif 364 365 /* 366 * Rotate the packet buffers in descriptor d. Move the store buffer 367 * into the hold slot, and the free buffer into the store slot. 368 * Zero the length of the new store buffer. 369 */ 370 #define ROTATE_BUFFERS(d) \ 371 (d)->bd_hbuf = (d)->bd_sbuf; \ 372 (d)->bd_hlen = (d)->bd_slen; \ 373 (d)->bd_sbuf = (d)->bd_fbuf; \ 374 (d)->bd_slen = 0; \ 375 (d)->bd_fbuf = 0; 376 /* 377 * bpfread - read next chunk of packets from buffers 378 */ 379 int 380 bpfread(dev, uio) 381 dev_t dev; 382 register struct uio *uio; 383 { 384 register struct bpf_d *d = &bpf_dtab[minor(dev)]; 385 int error; 386 int s; 387 388 /* 389 * Restrict application to use a buffer the same size as 390 * as kernel buffers. 391 */ 392 if (uio->uio_resid != d->bd_bufsize) 393 return (EINVAL); 394 395 s = splimp(); 396 /* 397 * If the hold buffer is empty, then do a timed sleep, which 398 * ends when the timeout expires or when enough packets 399 * have arrived to fill the store buffer. 400 */ 401 while (d->bd_hbuf == 0) { 402 if (d->bd_immediate && d->bd_slen != 0) { 403 /* 404 * A packet(s) either arrived since the previous 405 * read or arrived while we were asleep. 406 * Rotate the buffers and return what's here. 407 */ 408 ROTATE_BUFFERS(d); 409 break; 410 } 411 error = BPF_SLEEP((caddr_t)d, PRINET|PCATCH, "bpf", 412 d->bd_rtout); 413 if (error == EINTR || error == ERESTART) { 414 splx(s); 415 return (error); 416 } 417 if (error == EWOULDBLOCK) { 418 /* 419 * On a timeout, return what's in the buffer, 420 * which may be nothing. If there is something 421 * in the store buffer, we can rotate the buffers. 422 */ 423 if (d->bd_hbuf) 424 /* 425 * We filled up the buffer in between 426 * getting the timeout and arriving 427 * here, so we don't need to rotate. 428 */ 429 break; 430 431 if (d->bd_slen == 0) { 432 splx(s); 433 return (0); 434 } 435 ROTATE_BUFFERS(d); 436 break; 437 } 438 } 439 /* 440 * At this point, we know we have something in the hold slot. 441 */ 442 splx(s); 443 444 /* 445 * Move data from hold buffer into user space. 446 * We know the entire buffer is transferred since 447 * we checked above that the read buffer is bpf_bufsize bytes. 448 */ 449 error = UIOMOVE(d->bd_hbuf, d->bd_hlen, UIO_READ, uio); 450 451 s = splimp(); 452 d->bd_fbuf = d->bd_hbuf; 453 d->bd_hbuf = 0; 454 d->bd_hlen = 0; 455 splx(s); 456 457 return (error); 458 } 459 460 461 /* 462 * If there are processes sleeping on this descriptor, wake them up. 463 */ 464 static __inline void 465 bpf_wakeup(d) 466 register struct bpf_d *d; 467 { 468 wakeup((caddr_t)d); 469 #if BSD >= 199103 470 selwakeup(&d->bd_sel); 471 /* XXX */ 472 d->bd_sel.si_pid = 0; 473 #else 474 if (d->bd_selproc) { 475 selwakeup(d->bd_selproc, (int)d->bd_selcoll); 476 d->bd_selcoll = 0; 477 d->bd_selproc = 0; 478 } 479 #endif 480 } 481 482 int 483 bpfwrite(dev, uio) 484 dev_t dev; 485 struct uio *uio; 486 { 487 register struct bpf_d *d = &bpf_dtab[minor(dev)]; 488 struct ifnet *ifp; 489 struct mbuf *m; 490 int error, s; 491 static struct sockaddr dst; 492 int datlen; 493 494 if (d->bd_bif == 0) 495 return (ENXIO); 496 497 ifp = d->bd_bif->bif_ifp; 498 499 if (uio->uio_resid == 0) 500 return (0); 501 502 error = bpf_movein(uio, (int)d->bd_bif->bif_dlt, &m, &dst, &datlen); 503 if (error) 504 return (error); 505 506 if (datlen > ifp->if_mtu) 507 return (EMSGSIZE); 508 509 s = splnet(); 510 #if BSD >= 199103 511 error = (*ifp->if_output)(ifp, m, &dst, (struct rtentry *)0); 512 #else 513 error = (*ifp->if_output)(ifp, m, &dst); 514 #endif 515 splx(s); 516 /* 517 * The driver frees the mbuf. 518 */ 519 return (error); 520 } 521 522 /* 523 * Reset a descriptor by flushing its packet buffer and clearing the 524 * receive and drop counts. Should be called at splimp. 525 */ 526 static void 527 reset_d(d) 528 struct bpf_d *d; 529 { 530 if (d->bd_hbuf) { 531 /* Free the hold buffer. */ 532 d->bd_fbuf = d->bd_hbuf; 533 d->bd_hbuf = 0; 534 } 535 d->bd_slen = 0; 536 d->bd_hlen = 0; 537 d->bd_rcount = 0; 538 d->bd_dcount = 0; 539 } 540 541 /* 542 * FIONREAD Check for read packet available. 543 * SIOCGIFADDR Get interface address - convenient hook to driver. 544 * BIOCGBLEN Get buffer len [for read()]. 545 * BIOCSETF Set ethernet read filter. 546 * BIOCFLUSH Flush read packet buffer. 547 * BIOCPROMISC Put interface into promiscuous mode. 548 * BIOCGDLT Get link layer type. 549 * BIOCGETIF Get interface name. 550 * BIOCSETIF Set interface. 551 * BIOCSRTIMEOUT Set read timeout. 552 * BIOCGRTIMEOUT Get read timeout. 553 * BIOCGSTATS Get packet stats. 554 * BIOCIMMEDIATE Set immediate mode. 555 * BIOCVERSION Get filter language version. 556 */ 557 /* ARGSUSED */ 558 int 559 bpfioctl(dev, cmd, addr, flag) 560 dev_t dev; 561 u_long cmd; 562 caddr_t addr; 563 int flag; 564 { 565 register struct bpf_d *d = &bpf_dtab[minor(dev)]; 566 int s, error = 0; 567 568 switch (cmd) { 569 570 default: 571 error = EINVAL; 572 break; 573 574 /* 575 * Check for read packet available. 576 */ 577 case FIONREAD: 578 { 579 int n; 580 581 s = splimp(); 582 n = d->bd_slen; 583 if (d->bd_hbuf) 584 n += d->bd_hlen; 585 splx(s); 586 587 *(int *)addr = n; 588 break; 589 } 590 591 case SIOCGIFADDR: 592 { 593 struct ifnet *ifp; 594 595 if (d->bd_bif == 0) 596 error = EINVAL; 597 else { 598 ifp = d->bd_bif->bif_ifp; 599 error = (*ifp->if_ioctl)(ifp, cmd, addr); 600 } 601 break; 602 } 603 604 /* 605 * Get buffer len [for read()]. 606 */ 607 case BIOCGBLEN: 608 *(u_int *)addr = d->bd_bufsize; 609 break; 610 611 /* 612 * Set buffer length. 613 */ 614 case BIOCSBLEN: 615 #if BSD < 199103 616 error = EINVAL; 617 #else 618 if (d->bd_bif != 0) 619 error = EINVAL; 620 else { 621 register u_int size = *(u_int *)addr; 622 623 if (size > BPF_MAXBUFSIZE) 624 *(u_int *)addr = size = BPF_MAXBUFSIZE; 625 else if (size < BPF_MINBUFSIZE) 626 *(u_int *)addr = size = BPF_MINBUFSIZE; 627 d->bd_bufsize = size; 628 } 629 #endif 630 break; 631 632 /* 633 * Set link layer read filter. 634 */ 635 case BIOCSETF: 636 error = bpf_setf(d, (struct bpf_program *)addr); 637 break; 638 639 /* 640 * Flush read packet buffer. 641 */ 642 case BIOCFLUSH: 643 s = splimp(); 644 reset_d(d); 645 splx(s); 646 break; 647 648 /* 649 * Put interface into promiscuous mode. 650 */ 651 case BIOCPROMISC: 652 if (d->bd_bif == 0) { 653 /* 654 * No interface attached yet. 655 */ 656 error = EINVAL; 657 break; 658 } 659 s = splimp(); 660 if (d->bd_promisc == 0) { 661 error = ifpromisc(d->bd_bif->bif_ifp, 1); 662 if (error == 0) 663 d->bd_promisc = 1; 664 } 665 splx(s); 666 break; 667 668 /* 669 * Get device parameters. 670 */ 671 case BIOCGDLT: 672 if (d->bd_bif == 0) 673 error = EINVAL; 674 else 675 *(u_int *)addr = d->bd_bif->bif_dlt; 676 break; 677 678 /* 679 * Set interface name. 680 */ 681 case BIOCGETIF: 682 if (d->bd_bif == 0) 683 error = EINVAL; 684 else 685 bpf_ifname(d->bd_bif->bif_ifp, (struct ifreq *)addr); 686 break; 687 688 /* 689 * Set interface. 690 */ 691 case BIOCSETIF: 692 error = bpf_setif(d, (struct ifreq *)addr); 693 break; 694 695 /* 696 * Set read timeout. 697 */ 698 case BIOCSRTIMEOUT: 699 { 700 struct timeval *tv = (struct timeval *)addr; 701 u_long msec; 702 703 /* Compute number of milliseconds. */ 704 msec = tv->tv_sec * 1000 + tv->tv_usec / 1000; 705 /* Scale milliseconds to ticks. Assume hard 706 clock has millisecond or greater resolution 707 (i.e. tick >= 1000). For 10ms hardclock, 708 tick/1000 = 10, so rtout<-msec/10. */ 709 d->bd_rtout = msec / (tick / 1000); 710 break; 711 } 712 713 /* 714 * Get read timeout. 715 */ 716 case BIOCGRTIMEOUT: 717 { 718 struct timeval *tv = (struct timeval *)addr; 719 u_long msec = d->bd_rtout; 720 721 msec *= tick / 1000; 722 tv->tv_sec = msec / 1000; 723 tv->tv_usec = msec % 1000; 724 break; 725 } 726 727 /* 728 * Get packet stats. 729 */ 730 case BIOCGSTATS: 731 { 732 struct bpf_stat *bs = (struct bpf_stat *)addr; 733 734 bs->bs_recv = d->bd_rcount; 735 bs->bs_drop = d->bd_dcount; 736 break; 737 } 738 739 /* 740 * Set immediate mode. 741 */ 742 case BIOCIMMEDIATE: 743 d->bd_immediate = *(u_int *)addr; 744 break; 745 746 case BIOCVERSION: 747 { 748 struct bpf_version *bv = (struct bpf_version *)addr; 749 750 bv->bv_major = BPF_MAJOR_VERSION; 751 bv->bv_minor = BPF_MINOR_VERSION; 752 break; 753 } 754 } 755 return (error); 756 } 757 758 /* 759 * Set d's packet filter program to fp. If this file already has a filter, 760 * free it and replace it. Returns EINVAL for bogus requests. 761 */ 762 int 763 bpf_setf(d, fp) 764 struct bpf_d *d; 765 struct bpf_program *fp; 766 { 767 struct bpf_insn *fcode, *old; 768 u_int flen, size; 769 int s; 770 771 old = d->bd_filter; 772 if (fp->bf_insns == 0) { 773 if (fp->bf_len != 0) 774 return (EINVAL); 775 s = splimp(); 776 d->bd_filter = 0; 777 reset_d(d); 778 splx(s); 779 if (old != 0) 780 free((caddr_t)old, M_DEVBUF); 781 return (0); 782 } 783 flen = fp->bf_len; 784 if (flen > BPF_MAXINSNS) 785 return (EINVAL); 786 787 size = flen * sizeof(*fp->bf_insns); 788 fcode = (struct bpf_insn *)malloc(size, M_DEVBUF, M_WAITOK); 789 if (copyin((caddr_t)fp->bf_insns, (caddr_t)fcode, size) == 0 && 790 bpf_validate(fcode, (int)flen)) { 791 s = splimp(); 792 d->bd_filter = fcode; 793 reset_d(d); 794 splx(s); 795 if (old != 0) 796 free((caddr_t)old, M_DEVBUF); 797 798 return (0); 799 } 800 free((caddr_t)fcode, M_DEVBUF); 801 return (EINVAL); 802 } 803 804 /* 805 * Detach a file from its current interface (if attached at all) and attach 806 * to the interface indicated by the name stored in ifr. 807 * Return an errno or 0. 808 */ 809 static int 810 bpf_setif(d, ifr) 811 struct bpf_d *d; 812 struct ifreq *ifr; 813 { 814 struct bpf_if *bp; 815 char *cp; 816 int unit, s, error; 817 818 /* 819 * Separate string into name part and unit number. Put a null 820 * byte at the end of the name part, and compute the number. 821 * If the a unit number is unspecified, the default is 0, 822 * as initialized above. XXX This should be common code. 823 */ 824 unit = 0; 825 cp = ifr->ifr_name; 826 cp[sizeof(ifr->ifr_name) - 1] = '\0'; 827 while (*cp++) { 828 if (*cp >= '0' && *cp <= '9') { 829 unit = *cp - '0'; 830 *cp++ = '\0'; 831 while (*cp) 832 unit = 10 * unit + *cp++ - '0'; 833 break; 834 } 835 } 836 /* 837 * Look through attached interfaces for the named one. 838 */ 839 for (bp = bpf_iflist; bp != 0; bp = bp->bif_next) { 840 struct ifnet *ifp = bp->bif_ifp; 841 842 if (ifp == 0 || unit != ifp->if_unit 843 || strcmp(ifp->if_name, ifr->ifr_name) != 0) 844 continue; 845 /* 846 * We found the requested interface. 847 * If it's not up, return an error. 848 * Allocate the packet buffers if we need to. 849 * If we're already attached to requested interface, 850 * just flush the buffer. 851 */ 852 if ((ifp->if_flags & IFF_UP) == 0) 853 return (ENETDOWN); 854 855 if (d->bd_sbuf == 0) { 856 error = bpf_allocbufs(d); 857 if (error != 0) 858 return (error); 859 } 860 s = splimp(); 861 if (bp != d->bd_bif) { 862 if (d->bd_bif) 863 /* 864 * Detach if attached to something else. 865 */ 866 bpf_detachd(d); 867 868 bpf_attachd(d, bp); 869 } 870 reset_d(d); 871 splx(s); 872 return (0); 873 } 874 /* Not found. */ 875 return (ENXIO); 876 } 877 878 /* 879 * Convert an interface name plus unit number of an ifp to a single 880 * name which is returned in the ifr. 881 */ 882 static void 883 bpf_ifname(ifp, ifr) 884 struct ifnet *ifp; 885 struct ifreq *ifr; 886 { 887 char *s = ifp->if_name; 888 char *d = ifr->ifr_name; 889 890 while (*d++ = *s++) 891 continue; 892 /* XXX Assume that unit number is less than 10. */ 893 *d++ = ifp->if_unit + '0'; 894 *d = '\0'; 895 } 896 897 /* 898 * The new select interface passes down the proc pointer; the old select 899 * stubs had to grab it out of the user struct. This glue allows either case. 900 */ 901 #if BSD >= 199103 902 #define bpf_select bpfselect 903 #else 904 int 905 bpfselect(dev, rw) 906 register dev_t dev; 907 int rw; 908 { 909 return (bpf_select(dev, rw, u.u_procp)); 910 } 911 #endif 912 913 /* 914 * Support for select() system call 915 * 916 * Return true iff the specific operation will not block indefinitely. 917 * Otherwise, return false but make a note that a selwakeup() must be done. 918 */ 919 int 920 bpf_select(dev, rw, p) 921 register dev_t dev; 922 int rw; 923 struct proc *p; 924 { 925 register struct bpf_d *d; 926 register int s; 927 928 if (rw != FREAD) 929 return (0); 930 /* 931 * An imitation of the FIONREAD ioctl code. 932 */ 933 d = &bpf_dtab[minor(dev)]; 934 935 s = splimp(); 936 if (d->bd_hlen != 0 || (d->bd_immediate && d->bd_slen != 0)) { 937 /* 938 * There is data waiting. 939 */ 940 splx(s); 941 return (1); 942 } 943 #if BSD >= 199103 944 selrecord(p, &d->bd_sel); 945 #else 946 /* 947 * No data ready. If there's already a select() waiting on this 948 * minor device then this is a collision. This shouldn't happen 949 * because minors really should not be shared, but if a process 950 * forks while one of these is open, it is possible that both 951 * processes could select on the same descriptor. 952 */ 953 if (d->bd_selproc && d->bd_selproc->p_wchan == (caddr_t)&selwait) 954 d->bd_selcoll = 1; 955 else 956 d->bd_selproc = p; 957 #endif 958 splx(s); 959 return (0); 960 } 961 962 /* 963 * Incoming linkage from device drivers. Process the packet pkt, of length 964 * pktlen, which is stored in a contiguous buffer. The packet is parsed 965 * by each process' filter, and if accepted, stashed into the corresponding 966 * buffer. 967 */ 968 void 969 bpf_tap(arg, pkt, pktlen) 970 caddr_t arg; 971 register u_char *pkt; 972 register u_int pktlen; 973 { 974 struct bpf_if *bp; 975 register struct bpf_d *d; 976 register u_int slen; 977 /* 978 * Note that the ipl does not have to be raised at this point. 979 * The only problem that could arise here is that if two different 980 * interfaces shared any data. This is not the case. 981 */ 982 bp = (struct bpf_if *)arg; 983 for (d = bp->bif_dlist; d != 0; d = d->bd_next) { 984 ++d->bd_rcount; 985 slen = bpf_filter(d->bd_filter, pkt, pktlen, pktlen); 986 if (slen != 0) 987 catchpacket(d, pkt, pktlen, slen, bcopy); 988 } 989 } 990 991 /* 992 * Copy data from an mbuf chain into a buffer. This code is derived 993 * from m_copydata in sys/uipc_mbuf.c. 994 */ 995 static void 996 bpf_mcopy(src_arg, dst_arg, len) 997 const void *src_arg; 998 void *dst_arg; 999 register u_int len; 1000 { 1001 register const struct mbuf *m; 1002 register u_int count; 1003 u_char *dst; 1004 1005 m = src_arg; 1006 dst = dst_arg; 1007 while (len > 0) { 1008 if (m == 0) 1009 panic("bpf_mcopy"); 1010 count = min(m->m_len, len); 1011 bcopy(mtod(m, caddr_t), (caddr_t)dst, count); 1012 m = m->m_next; 1013 dst += count; 1014 len -= count; 1015 } 1016 } 1017 1018 /* 1019 * Incoming linkage from device drivers, when packet is in an mbuf chain. 1020 */ 1021 void 1022 bpf_mtap(arg, m) 1023 caddr_t arg; 1024 struct mbuf *m; 1025 { 1026 struct bpf_if *bp = (struct bpf_if *)arg; 1027 struct bpf_d *d; 1028 u_int pktlen, slen; 1029 struct mbuf *m0; 1030 1031 pktlen = 0; 1032 for (m0 = m; m0 != 0; m0 = m0->m_next) 1033 pktlen += m0->m_len; 1034 1035 for (d = bp->bif_dlist; d != 0; d = d->bd_next) { 1036 ++d->bd_rcount; 1037 slen = bpf_filter(d->bd_filter, (u_char *)m, pktlen, 0); 1038 if (slen != 0) 1039 catchpacket(d, (u_char *)m, pktlen, slen, bpf_mcopy); 1040 } 1041 } 1042 1043 /* 1044 * Move the packet data from interface memory (pkt) into the 1045 * store buffer. Return 1 if it's time to wakeup a listener (buffer full), 1046 * otherwise 0. "copy" is the routine called to do the actual data 1047 * transfer. bcopy is passed in to copy contiguous chunks, while 1048 * bpf_mcopy is passed in to copy mbuf chains. In the latter case, 1049 * pkt is really an mbuf. 1050 */ 1051 static void 1052 catchpacket(d, pkt, pktlen, snaplen, cpfn) 1053 register struct bpf_d *d; 1054 register u_char *pkt; 1055 register u_int pktlen, snaplen; 1056 register void (*cpfn)(const void *, void *, u_int); 1057 { 1058 register struct bpf_hdr *hp; 1059 register int totlen, curlen; 1060 register int hdrlen = d->bd_bif->bif_hdrlen; 1061 /* 1062 * Figure out how many bytes to move. If the packet is 1063 * greater or equal to the snapshot length, transfer that 1064 * much. Otherwise, transfer the whole packet (unless 1065 * we hit the buffer size limit). 1066 */ 1067 totlen = hdrlen + min(snaplen, pktlen); 1068 if (totlen > d->bd_bufsize) 1069 totlen = d->bd_bufsize; 1070 1071 /* 1072 * Round up the end of the previous packet to the next longword. 1073 */ 1074 curlen = BPF_WORDALIGN(d->bd_slen); 1075 if (curlen + totlen > d->bd_bufsize) { 1076 /* 1077 * This packet will overflow the storage buffer. 1078 * Rotate the buffers if we can, then wakeup any 1079 * pending reads. 1080 */ 1081 if (d->bd_fbuf == 0) { 1082 /* 1083 * We haven't completed the previous read yet, 1084 * so drop the packet. 1085 */ 1086 ++d->bd_dcount; 1087 return; 1088 } 1089 ROTATE_BUFFERS(d); 1090 bpf_wakeup(d); 1091 curlen = 0; 1092 } 1093 else if (d->bd_immediate) 1094 /* 1095 * Immediate mode is set. A packet arrived so any 1096 * reads should be woken up. 1097 */ 1098 bpf_wakeup(d); 1099 1100 /* 1101 * Append the bpf header. 1102 */ 1103 hp = (struct bpf_hdr *)(d->bd_sbuf + curlen); 1104 #if BSD >= 199103 1105 microtime(&hp->bh_tstamp); 1106 #elif defined(sun) 1107 uniqtime(&hp->bh_tstamp); 1108 #else 1109 hp->bh_tstamp = time; 1110 #endif 1111 hp->bh_datalen = pktlen; 1112 hp->bh_hdrlen = hdrlen; 1113 /* 1114 * Copy the packet data into the store buffer and update its length. 1115 */ 1116 (*cpfn)(pkt, (u_char *)hp + hdrlen, (hp->bh_caplen = totlen - hdrlen)); 1117 d->bd_slen = curlen + totlen; 1118 } 1119 1120 /* 1121 * Initialize all nonzero fields of a descriptor. 1122 */ 1123 static int 1124 bpf_allocbufs(d) 1125 register struct bpf_d *d; 1126 { 1127 d->bd_fbuf = (caddr_t)malloc(d->bd_bufsize, M_DEVBUF, M_WAITOK); 1128 if (d->bd_fbuf == 0) 1129 return (ENOBUFS); 1130 1131 d->bd_sbuf = (caddr_t)malloc(d->bd_bufsize, M_DEVBUF, M_WAITOK); 1132 if (d->bd_sbuf == 0) { 1133 free(d->bd_fbuf, M_DEVBUF); 1134 return (ENOBUFS); 1135 } 1136 d->bd_slen = 0; 1137 d->bd_hlen = 0; 1138 return (0); 1139 } 1140 1141 /* 1142 * Free buffers currently in use by a descriptor. 1143 * Called on close. 1144 */ 1145 static void 1146 bpf_freed(d) 1147 register struct bpf_d *d; 1148 { 1149 /* 1150 * We don't need to lock out interrupts since this descriptor has 1151 * been detached from its interface and it yet hasn't been marked 1152 * free. 1153 */ 1154 if (d->bd_sbuf != 0) { 1155 free(d->bd_sbuf, M_DEVBUF); 1156 if (d->bd_hbuf != 0) 1157 free(d->bd_hbuf, M_DEVBUF); 1158 if (d->bd_fbuf != 0) 1159 free(d->bd_fbuf, M_DEVBUF); 1160 } 1161 if (d->bd_filter) 1162 free((caddr_t)d->bd_filter, M_DEVBUF); 1163 1164 D_MARKFREE(d); 1165 } 1166 1167 /* 1168 * Attach an interface to bpf. driverp is a pointer to a (struct bpf_if *) 1169 * in the driver's softc; dlt is the link layer type; hdrlen is the fixed 1170 * size of the link header (variable length headers not yet supported). 1171 */ 1172 void 1173 bpfattach(driverp, ifp, dlt, hdrlen) 1174 caddr_t *driverp; 1175 struct ifnet *ifp; 1176 u_int dlt, hdrlen; 1177 { 1178 struct bpf_if *bp; 1179 int i; 1180 #if BSD < 199103 1181 static struct bpf_if bpf_ifs[NBPFILTER]; 1182 static int bpfifno; 1183 1184 bp = (bpfifno < NBPFILTER) ? &bpf_ifs[bpfifno++] : 0; 1185 #else 1186 bp = (struct bpf_if *)malloc(sizeof(*bp), M_DEVBUF, M_DONTWAIT); 1187 #endif 1188 if (bp == 0) 1189 panic("bpfattach"); 1190 1191 bp->bif_dlist = 0; 1192 bp->bif_driverp = (struct bpf_if **)driverp; 1193 bp->bif_ifp = ifp; 1194 bp->bif_dlt = dlt; 1195 1196 bp->bif_next = bpf_iflist; 1197 bpf_iflist = bp; 1198 1199 *bp->bif_driverp = 0; 1200 1201 /* 1202 * Compute the length of the bpf header. This is not necessarily 1203 * equal to SIZEOF_BPF_HDR because we want to insert spacing such 1204 * that the network layer header begins on a longword boundary (for 1205 * performance reasons and to alleviate alignment restrictions). 1206 */ 1207 bp->bif_hdrlen = BPF_WORDALIGN(hdrlen + SIZEOF_BPF_HDR) - hdrlen; 1208 1209 /* 1210 * Mark all the descriptors free if this hasn't been done. 1211 */ 1212 if (!D_ISFREE(&bpf_dtab[0])) 1213 for (i = 0; i < NBPFILTER; ++i) 1214 D_MARKFREE(&bpf_dtab[i]); 1215 1216 printf("bpf: %s%d attached\n", ifp->if_name, ifp->if_unit); 1217 } 1218 1219 #if BSD >= 199103 1220 /* XXX This routine belongs in net/if.c. */ 1221 /* 1222 * Set/clear promiscuous mode on interface ifp based on the truth value 1223 * of pswitch. The calls are reference counted so that only the first 1224 * "on" request actually has an effect, as does the final "off" request. 1225 * Results are undefined if the "off" and "on" requests are not matched. 1226 */ 1227 int 1228 ifpromisc(ifp, pswitch) 1229 struct ifnet *ifp; 1230 int pswitch; 1231 { 1232 struct ifreq ifr; 1233 /* 1234 * If the device is not configured up, we cannot put it in 1235 * promiscuous mode. 1236 */ 1237 if ((ifp->if_flags & IFF_UP) == 0) 1238 return (ENETDOWN); 1239 1240 if (pswitch) { 1241 if (ifp->if_pcount++ != 0) 1242 return (0); 1243 ifp->if_flags |= IFF_PROMISC; 1244 } else { 1245 if (--ifp->if_pcount > 0) 1246 return (0); 1247 ifp->if_flags &= ~IFF_PROMISC; 1248 } 1249 ifr.ifr_flags = ifp->if_flags; 1250 return ((*ifp->if_ioctl)(ifp, SIOCSIFFLAGS, (caddr_t)&ifr)); 1251 } 1252 #endif 1253 1254 #if BSD < 199103 1255 /* 1256 * Allocate some memory for bpf. This is temporary SunOS support, and 1257 * is admittedly a hack. 1258 * If resources unavaiable, return 0. 1259 */ 1260 static caddr_t 1261 bpf_alloc(size, canwait) 1262 register int size; 1263 register int canwait; 1264 { 1265 register struct mbuf *m; 1266 1267 if ((unsigned)size > (MCLBYTES-8)) 1268 return 0; 1269 1270 MGET(m, canwait, MT_DATA); 1271 if (m == 0) 1272 return 0; 1273 if ((unsigned)size > (MLEN-8)) { 1274 MCLGET(m); 1275 if (m->m_len != MCLBYTES) { 1276 m_freem(m); 1277 return 0; 1278 } 1279 } 1280 *mtod(m, struct mbuf **) = m; 1281 return mtod(m, caddr_t) + 8; 1282 } 1283 #endif 1284 #endif 1285