bpf.c revision 1.115.10.3
1 /* $NetBSD: bpf.c,v 1.115.10.3 2006/05/06 23:31:58 christos Exp $ */ 2 3 /* 4 * Copyright (c) 1990, 1991, 1993 5 * The Regents of the University of California. All rights reserved. 6 * 7 * This code is derived from the Stanford/CMU enet packet filter, 8 * (net/enet.c) distributed as part of 4.3BSD, and code contributed 9 * to Berkeley by Steven McCanne and Van Jacobson both of Lawrence 10 * Berkeley Laboratory. 11 * 12 * Redistribution and use in source and binary forms, with or without 13 * modification, are permitted provided that the following conditions 14 * are met: 15 * 1. Redistributions of source code must retain the above copyright 16 * notice, this list of conditions and the following disclaimer. 17 * 2. Redistributions in binary form must reproduce the above copyright 18 * notice, this list of conditions and the following disclaimer in the 19 * documentation and/or other materials provided with the distribution. 20 * 3. Neither the name of the University nor the names of its contributors 21 * may be used to endorse or promote products derived from this software 22 * without specific prior written permission. 23 * 24 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 25 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 26 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 27 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 28 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 29 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 30 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 31 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 32 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 33 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 34 * SUCH DAMAGE. 35 * 36 * @(#)bpf.c 8.4 (Berkeley) 1/9/95 37 * static char rcsid[] = 38 * "Header: bpf.c,v 1.67 96/09/26 22:00:52 leres Exp "; 39 */ 40 41 #include <sys/cdefs.h> 42 __KERNEL_RCSID(0, "$NetBSD: bpf.c,v 1.115.10.3 2006/05/06 23:31:58 christos Exp $"); 43 44 #include <sys/param.h> 45 #include <sys/systm.h> 46 #include <sys/mbuf.h> 47 #include <sys/buf.h> 48 #include <sys/time.h> 49 #include <sys/proc.h> 50 #include <sys/user.h> 51 #include <sys/ioctl.h> 52 #include <sys/conf.h> 53 #include <sys/vnode.h> 54 #include <sys/queue.h> 55 56 #include <sys/file.h> 57 #include <sys/filedesc.h> 58 #include <sys/tty.h> 59 #include <sys/uio.h> 60 61 #include <sys/protosw.h> 62 #include <sys/socket.h> 63 #include <sys/errno.h> 64 #include <sys/kernel.h> 65 #include <sys/poll.h> 66 #include <sys/sysctl.h> 67 #include <sys/kauth.h> 68 69 #include <net/if.h> 70 #include <net/slip.h> 71 72 #include <net/bpf.h> 73 #include <net/bpfdesc.h> 74 75 #include <net/if_arc.h> 76 #include <net/if_ether.h> 77 78 #include <netinet/in.h> 79 #include <netinet/if_inarp.h> 80 81 #if defined(_KERNEL_OPT) 82 #include "opt_bpf.h" 83 #include "sl.h" 84 #include "strip.h" 85 #endif 86 87 #ifndef BPF_BUFSIZE 88 /* 89 * 4096 is too small for FDDI frames. 8192 is too small for gigabit Ethernet 90 * jumbos (circa 9k), ATM, or Intel gig/10gig ethernet jumbos (16k). 91 */ 92 # define BPF_BUFSIZE 32768 93 #endif 94 95 #define PRINET 26 /* interruptible */ 96 97 /* 98 * The default read buffer size, and limit for BIOCSBLEN, is sysctl'able. 99 * XXX the default values should be computed dynamically based 100 * on available memory size and available mbuf clusters. 101 */ 102 int bpf_bufsize = BPF_BUFSIZE; 103 int bpf_maxbufsize = BPF_DFLTBUFSIZE; /* XXX set dynamically, see above */ 104 105 106 /* 107 * Global BPF statistics returned by net.bpf.stats sysctl. 108 */ 109 struct bpf_stat bpf_gstats; 110 111 /* 112 * Use a mutex to avoid a race condition between gathering the stats/peers 113 * and opening/closing the device. 114 */ 115 struct simplelock bpf_slock; 116 117 /* 118 * bpf_iflist is the list of interfaces; each corresponds to an ifnet 119 * bpf_dtab holds the descriptors, indexed by minor device # 120 */ 121 struct bpf_if *bpf_iflist; 122 LIST_HEAD(, bpf_d) bpf_list; 123 124 static int bpf_allocbufs(struct bpf_d *); 125 static void bpf_deliver(struct bpf_if *, 126 void *(*cpfn)(void *, const void *, size_t), 127 void *, u_int, u_int, struct ifnet *); 128 static void bpf_freed(struct bpf_d *); 129 static void bpf_ifname(struct ifnet *, struct ifreq *); 130 static void *bpf_mcpy(void *, const void *, size_t); 131 static int bpf_movein(struct uio *, int, int, 132 struct mbuf **, struct sockaddr *); 133 static void bpf_attachd(struct bpf_d *, struct bpf_if *); 134 static void bpf_detachd(struct bpf_d *); 135 static int bpf_setif(struct bpf_d *, struct ifreq *); 136 static void bpf_timed_out(void *); 137 static inline void 138 bpf_wakeup(struct bpf_d *); 139 static void catchpacket(struct bpf_d *, u_char *, u_int, u_int, 140 void *(*)(void *, const void *, size_t)); 141 static void reset_d(struct bpf_d *); 142 static int bpf_getdltlist(struct bpf_d *, struct bpf_dltlist *); 143 static int bpf_setdlt(struct bpf_d *, u_int); 144 145 static int bpf_read(struct file *, off_t *, struct uio *, kauth_cred_t, 146 int); 147 static int bpf_write(struct file *, off_t *, struct uio *, kauth_cred_t, 148 int); 149 static int bpf_ioctl(struct file *, u_long, void *, struct lwp *); 150 static int bpf_poll(struct file *, int, struct lwp *); 151 static int bpf_close(struct file *, struct lwp *); 152 static int bpf_kqfilter(struct file *, struct knote *); 153 154 static const struct fileops bpf_fileops = { 155 bpf_read, 156 bpf_write, 157 bpf_ioctl, 158 fnullop_fcntl, 159 bpf_poll, 160 fbadop_stat, 161 bpf_close, 162 bpf_kqfilter, 163 }; 164 165 dev_type_open(bpfopen); 166 167 const struct cdevsw bpf_cdevsw = { 168 bpfopen, noclose, noread, nowrite, noioctl, 169 nostop, notty, nopoll, nommap, nokqfilter, 170 }; 171 172 static int 173 bpf_movein(struct uio *uio, int linktype, int mtu, struct mbuf **mp, 174 struct sockaddr *sockp) 175 { 176 struct mbuf *m; 177 int error; 178 int len; 179 int hlen; 180 int align; 181 182 /* 183 * Build a sockaddr based on the data link layer type. 184 * We do this at this level because the ethernet header 185 * is copied directly into the data field of the sockaddr. 186 * In the case of SLIP, there is no header and the packet 187 * is forwarded as is. 188 * Also, we are careful to leave room at the front of the mbuf 189 * for the link level header. 190 */ 191 switch (linktype) { 192 193 case DLT_SLIP: 194 sockp->sa_family = AF_INET; 195 hlen = 0; 196 align = 0; 197 break; 198 199 case DLT_PPP: 200 sockp->sa_family = AF_UNSPEC; 201 hlen = 0; 202 align = 0; 203 break; 204 205 case DLT_EN10MB: 206 sockp->sa_family = AF_UNSPEC; 207 /* XXX Would MAXLINKHDR be better? */ 208 /* 6(dst)+6(src)+2(type) */ 209 hlen = sizeof(struct ether_header); 210 align = 2; 211 break; 212 213 case DLT_ARCNET: 214 sockp->sa_family = AF_UNSPEC; 215 hlen = ARC_HDRLEN; 216 align = 5; 217 break; 218 219 case DLT_FDDI: 220 sockp->sa_family = AF_LINK; 221 /* XXX 4(FORMAC)+6(dst)+6(src) */ 222 hlen = 16; 223 align = 0; 224 break; 225 226 case DLT_ECONET: 227 sockp->sa_family = AF_UNSPEC; 228 hlen = 6; 229 align = 2; 230 break; 231 232 case DLT_NULL: 233 sockp->sa_family = AF_UNSPEC; 234 hlen = 0; 235 align = 0; 236 break; 237 238 default: 239 return (EIO); 240 } 241 242 len = uio->uio_resid; 243 /* 244 * If there aren't enough bytes for a link level header or the 245 * packet length exceeds the interface mtu, return an error. 246 */ 247 if (len < hlen || len - hlen > mtu) 248 return (EMSGSIZE); 249 250 /* 251 * XXX Avoid complicated buffer chaining --- 252 * bail if it won't fit in a single mbuf. 253 * (Take into account possible alignment bytes) 254 */ 255 if ((unsigned)len > MCLBYTES - align) 256 return (EIO); 257 258 m = m_gethdr(M_WAIT, MT_DATA); 259 m->m_pkthdr.rcvif = 0; 260 m->m_pkthdr.len = len - hlen; 261 if (len > MHLEN - align) { 262 m_clget(m, M_WAIT); 263 if ((m->m_flags & M_EXT) == 0) { 264 error = ENOBUFS; 265 goto bad; 266 } 267 } 268 269 /* Insure the data is properly aligned */ 270 if (align > 0) { 271 m->m_data += align; 272 m->m_len -= align; 273 } 274 275 error = uiomove(mtod(m, void *), len, uio); 276 if (error) 277 goto bad; 278 if (hlen != 0) { 279 memcpy(sockp->sa_data, mtod(m, void *), hlen); 280 m->m_data += hlen; /* XXX */ 281 len -= hlen; 282 } 283 m->m_len = len; 284 *mp = m; 285 return (0); 286 287 bad: 288 m_freem(m); 289 return (error); 290 } 291 292 /* 293 * Attach file to the bpf interface, i.e. make d listen on bp. 294 * Must be called at splnet. 295 */ 296 static void 297 bpf_attachd(struct bpf_d *d, struct bpf_if *bp) 298 { 299 /* 300 * Point d at bp, and add d to the interface's list of listeners. 301 * Finally, point the driver's bpf cookie at the interface so 302 * it will divert packets to bpf. 303 */ 304 d->bd_bif = bp; 305 d->bd_next = bp->bif_dlist; 306 bp->bif_dlist = d; 307 308 *bp->bif_driverp = bp; 309 } 310 311 /* 312 * Detach a file from its interface. 313 */ 314 static void 315 bpf_detachd(struct bpf_d *d) 316 { 317 struct bpf_d **p; 318 struct bpf_if *bp; 319 320 bp = d->bd_bif; 321 /* 322 * Check if this descriptor had requested promiscuous mode. 323 * If so, turn it off. 324 */ 325 if (d->bd_promisc) { 326 int error; 327 328 d->bd_promisc = 0; 329 /* 330 * Take device out of promiscuous mode. Since we were 331 * able to enter promiscuous mode, we should be able 332 * to turn it off. But we can get an error if 333 * the interface was configured down, so only panic 334 * if we don't get an unexpected error. 335 */ 336 error = ifpromisc(bp->bif_ifp, 0); 337 if (error && error != EINVAL) 338 panic("bpf: ifpromisc failed"); 339 } 340 /* Remove d from the interface's descriptor list. */ 341 p = &bp->bif_dlist; 342 while (*p != d) { 343 p = &(*p)->bd_next; 344 if (*p == 0) 345 panic("bpf_detachd: descriptor not in list"); 346 } 347 *p = (*p)->bd_next; 348 if (bp->bif_dlist == 0) 349 /* 350 * Let the driver know that there are no more listeners. 351 */ 352 *d->bd_bif->bif_driverp = 0; 353 d->bd_bif = 0; 354 } 355 356 357 /* 358 * Mark a descriptor free by making it point to itself. 359 * This is probably cheaper than marking with a constant since 360 * the address should be in a register anyway. 361 */ 362 363 /* 364 * bpfilterattach() is called at boot time. 365 */ 366 /* ARGSUSED */ 367 void 368 bpfilterattach(int n) 369 { 370 simple_lock_init(&bpf_slock); 371 372 simple_lock(&bpf_slock); 373 LIST_INIT(&bpf_list); 374 simple_unlock(&bpf_slock); 375 376 bpf_gstats.bs_recv = 0; 377 bpf_gstats.bs_drop = 0; 378 bpf_gstats.bs_capt = 0; 379 } 380 381 /* 382 * Open ethernet device. Clones. 383 */ 384 /* ARGSUSED */ 385 int 386 bpfopen(dev_t dev, int flag, int mode, struct lwp *l) 387 { 388 struct bpf_d *d; 389 struct file *fp; 390 int error, fd; 391 392 /* falloc() will use the descriptor for us. */ 393 if ((error = falloc(l->l_proc, &fp, &fd)) != 0) 394 return error; 395 396 d = malloc(sizeof(*d), M_DEVBUF, M_WAITOK); 397 (void)memset(d, 0, sizeof(*d)); 398 d->bd_bufsize = bpf_bufsize; 399 d->bd_seesent = 1; 400 d->bd_pid = l->l_proc->p_pid; 401 callout_init(&d->bd_callout); 402 403 simple_lock(&bpf_slock); 404 LIST_INSERT_HEAD(&bpf_list, d, bd_list); 405 simple_unlock(&bpf_slock); 406 407 return fdclone(l, fp, fd, flag, &bpf_fileops, d); 408 } 409 410 /* 411 * Close the descriptor by detaching it from its interface, 412 * deallocating its buffers, and marking it free. 413 */ 414 /* ARGSUSED */ 415 static int 416 bpf_close(struct file *fp, struct lwp *l) 417 { 418 struct bpf_d *d = fp->f_data; 419 int s; 420 421 /* 422 * Refresh the PID associated with this bpf file. 423 */ 424 d->bd_pid = l->l_proc->p_pid; 425 426 s = splnet(); 427 if (d->bd_state == BPF_WAITING) 428 callout_stop(&d->bd_callout); 429 d->bd_state = BPF_IDLE; 430 if (d->bd_bif) 431 bpf_detachd(d); 432 splx(s); 433 bpf_freed(d); 434 simple_lock(&bpf_slock); 435 LIST_REMOVE(d, bd_list); 436 simple_unlock(&bpf_slock); 437 free(d, M_DEVBUF); 438 fp->f_data = NULL; 439 440 return (0); 441 } 442 443 /* 444 * Rotate the packet buffers in descriptor d. Move the store buffer 445 * into the hold slot, and the free buffer into the store slot. 446 * Zero the length of the new store buffer. 447 */ 448 #define ROTATE_BUFFERS(d) \ 449 (d)->bd_hbuf = (d)->bd_sbuf; \ 450 (d)->bd_hlen = (d)->bd_slen; \ 451 (d)->bd_sbuf = (d)->bd_fbuf; \ 452 (d)->bd_slen = 0; \ 453 (d)->bd_fbuf = 0; 454 /* 455 * bpfread - read next chunk of packets from buffers 456 */ 457 static int 458 bpf_read(struct file *fp, off_t *offp, struct uio *uio, 459 kauth_cred_t cred, int flags) 460 { 461 struct bpf_d *d = fp->f_data; 462 int timed_out; 463 int error; 464 int s; 465 466 /* 467 * Restrict application to use a buffer the same size as 468 * as kernel buffers. 469 */ 470 if (uio->uio_resid != d->bd_bufsize) 471 return (EINVAL); 472 473 s = splnet(); 474 if (d->bd_state == BPF_WAITING) 475 callout_stop(&d->bd_callout); 476 timed_out = (d->bd_state == BPF_TIMED_OUT); 477 d->bd_state = BPF_IDLE; 478 /* 479 * If the hold buffer is empty, then do a timed sleep, which 480 * ends when the timeout expires or when enough packets 481 * have arrived to fill the store buffer. 482 */ 483 while (d->bd_hbuf == 0) { 484 if (fp->f_flag & FNONBLOCK) { 485 if (d->bd_slen == 0) { 486 splx(s); 487 return (EWOULDBLOCK); 488 } 489 ROTATE_BUFFERS(d); 490 break; 491 } 492 493 if ((d->bd_immediate || timed_out) && d->bd_slen != 0) { 494 /* 495 * A packet(s) either arrived since the previous 496 * read or arrived while we were asleep. 497 * Rotate the buffers and return what's here. 498 */ 499 ROTATE_BUFFERS(d); 500 break; 501 } 502 error = tsleep(d, PRINET|PCATCH, "bpf", 503 d->bd_rtout); 504 if (error == EINTR || error == ERESTART) { 505 splx(s); 506 return (error); 507 } 508 if (error == EWOULDBLOCK) { 509 /* 510 * On a timeout, return what's in the buffer, 511 * which may be nothing. If there is something 512 * in the store buffer, we can rotate the buffers. 513 */ 514 if (d->bd_hbuf) 515 /* 516 * We filled up the buffer in between 517 * getting the timeout and arriving 518 * here, so we don't need to rotate. 519 */ 520 break; 521 522 if (d->bd_slen == 0) { 523 splx(s); 524 return (0); 525 } 526 ROTATE_BUFFERS(d); 527 break; 528 } 529 if (error != 0) 530 goto done; 531 } 532 /* 533 * At this point, we know we have something in the hold slot. 534 */ 535 splx(s); 536 537 /* 538 * Move data from hold buffer into user space. 539 * We know the entire buffer is transferred since 540 * we checked above that the read buffer is bpf_bufsize bytes. 541 */ 542 error = uiomove(d->bd_hbuf, d->bd_hlen, uio); 543 544 s = splnet(); 545 d->bd_fbuf = d->bd_hbuf; 546 d->bd_hbuf = 0; 547 d->bd_hlen = 0; 548 done: 549 splx(s); 550 return (error); 551 } 552 553 554 /* 555 * If there are processes sleeping on this descriptor, wake them up. 556 */ 557 static inline void 558 bpf_wakeup(struct bpf_d *d) 559 { 560 wakeup(d); 561 if (d->bd_async) 562 fownsignal(d->bd_pgid, SIGIO, 0, 0, NULL); 563 564 selnotify(&d->bd_sel, 0); 565 /* XXX */ 566 d->bd_sel.sel_pid = 0; 567 } 568 569 570 static void 571 bpf_timed_out(void *arg) 572 { 573 struct bpf_d *d = arg; 574 int s; 575 576 s = splnet(); 577 if (d->bd_state == BPF_WAITING) { 578 d->bd_state = BPF_TIMED_OUT; 579 if (d->bd_slen != 0) 580 bpf_wakeup(d); 581 } 582 splx(s); 583 } 584 585 586 static int 587 bpf_write(struct file *fp, off_t *offp, struct uio *uio, 588 kauth_cred_t cred, int flags) 589 { 590 struct bpf_d *d = fp->f_data; 591 struct ifnet *ifp; 592 struct mbuf *m; 593 int error, s; 594 static struct sockaddr_storage dst; 595 596 if (d->bd_bif == 0) 597 return (ENXIO); 598 599 ifp = d->bd_bif->bif_ifp; 600 601 if (uio->uio_resid == 0) 602 return (0); 603 604 error = bpf_movein(uio, (int)d->bd_bif->bif_dlt, ifp->if_mtu, &m, 605 (struct sockaddr *) &dst); 606 if (error) 607 return (error); 608 609 if (m->m_pkthdr.len > ifp->if_mtu) { 610 m_freem(m); 611 return (EMSGSIZE); 612 } 613 614 if (d->bd_hdrcmplt) 615 dst.ss_family = pseudo_AF_HDRCMPLT; 616 617 s = splsoftnet(); 618 error = (*ifp->if_output)(ifp, m, (struct sockaddr *) &dst, NULL); 619 splx(s); 620 /* 621 * The driver frees the mbuf. 622 */ 623 return (error); 624 } 625 626 /* 627 * Reset a descriptor by flushing its packet buffer and clearing the 628 * receive and drop counts. Should be called at splnet. 629 */ 630 static void 631 reset_d(struct bpf_d *d) 632 { 633 if (d->bd_hbuf) { 634 /* Free the hold buffer. */ 635 d->bd_fbuf = d->bd_hbuf; 636 d->bd_hbuf = 0; 637 } 638 d->bd_slen = 0; 639 d->bd_hlen = 0; 640 d->bd_rcount = 0; 641 d->bd_dcount = 0; 642 d->bd_ccount = 0; 643 } 644 645 /* 646 * FIONREAD Check for read packet available. 647 * BIOCGBLEN Get buffer len [for read()]. 648 * BIOCSETF Set ethernet read filter. 649 * BIOCFLUSH Flush read packet buffer. 650 * BIOCPROMISC Put interface into promiscuous mode. 651 * BIOCGDLT Get link layer type. 652 * BIOCGETIF Get interface name. 653 * BIOCSETIF Set interface. 654 * BIOCSRTIMEOUT Set read timeout. 655 * BIOCGRTIMEOUT Get read timeout. 656 * BIOCGSTATS Get packet stats. 657 * BIOCIMMEDIATE Set immediate mode. 658 * BIOCVERSION Get filter language version. 659 * BIOCGHDRCMPLT Get "header already complete" flag. 660 * BIOCSHDRCMPLT Set "header already complete" flag. 661 */ 662 /* ARGSUSED */ 663 static int 664 bpf_ioctl(struct file *fp, u_long cmd, void *addr, struct lwp *l) 665 { 666 struct bpf_d *d = fp->f_data; 667 int s, error = 0; 668 669 /* 670 * Refresh the PID associated with this bpf file. 671 */ 672 d->bd_pid = l->l_proc->p_pid; 673 674 s = splnet(); 675 if (d->bd_state == BPF_WAITING) 676 callout_stop(&d->bd_callout); 677 d->bd_state = BPF_IDLE; 678 splx(s); 679 680 switch (cmd) { 681 682 default: 683 error = EINVAL; 684 break; 685 686 /* 687 * Check for read packet available. 688 */ 689 case FIONREAD: 690 { 691 int n; 692 693 s = splnet(); 694 n = d->bd_slen; 695 if (d->bd_hbuf) 696 n += d->bd_hlen; 697 splx(s); 698 699 *(int *)addr = n; 700 break; 701 } 702 703 /* 704 * Get buffer len [for read()]. 705 */ 706 case BIOCGBLEN: 707 *(u_int *)addr = d->bd_bufsize; 708 break; 709 710 /* 711 * Set buffer length. 712 */ 713 case BIOCSBLEN: 714 if (d->bd_bif != 0) 715 error = EINVAL; 716 else { 717 u_int size = *(u_int *)addr; 718 719 if (size > bpf_maxbufsize) 720 *(u_int *)addr = size = bpf_maxbufsize; 721 else if (size < BPF_MINBUFSIZE) 722 *(u_int *)addr = size = BPF_MINBUFSIZE; 723 d->bd_bufsize = size; 724 } 725 break; 726 727 /* 728 * Set link layer read filter. 729 */ 730 case BIOCSETF: 731 error = bpf_setf(d, addr); 732 break; 733 734 /* 735 * Flush read packet buffer. 736 */ 737 case BIOCFLUSH: 738 s = splnet(); 739 reset_d(d); 740 splx(s); 741 break; 742 743 /* 744 * Put interface into promiscuous mode. 745 */ 746 case BIOCPROMISC: 747 if (d->bd_bif == 0) { 748 /* 749 * No interface attached yet. 750 */ 751 error = EINVAL; 752 break; 753 } 754 s = splnet(); 755 if (d->bd_promisc == 0) { 756 error = ifpromisc(d->bd_bif->bif_ifp, 1); 757 if (error == 0) 758 d->bd_promisc = 1; 759 } 760 splx(s); 761 break; 762 763 /* 764 * Get device parameters. 765 */ 766 case BIOCGDLT: 767 if (d->bd_bif == 0) 768 error = EINVAL; 769 else 770 *(u_int *)addr = d->bd_bif->bif_dlt; 771 break; 772 773 /* 774 * Get a list of supported device parameters. 775 */ 776 case BIOCGDLTLIST: 777 if (d->bd_bif == 0) 778 error = EINVAL; 779 else 780 error = bpf_getdltlist(d, addr); 781 break; 782 783 /* 784 * Set device parameters. 785 */ 786 case BIOCSDLT: 787 if (d->bd_bif == 0) 788 error = EINVAL; 789 else 790 error = bpf_setdlt(d, *(u_int *)addr); 791 break; 792 793 /* 794 * Set interface name. 795 */ 796 case BIOCGETIF: 797 if (d->bd_bif == 0) 798 error = EINVAL; 799 else 800 bpf_ifname(d->bd_bif->bif_ifp, addr); 801 break; 802 803 /* 804 * Set interface. 805 */ 806 case BIOCSETIF: 807 error = bpf_setif(d, addr); 808 break; 809 810 /* 811 * Set read timeout. 812 */ 813 case BIOCSRTIMEOUT: 814 { 815 struct timeval *tv = addr; 816 817 /* Compute number of ticks. */ 818 d->bd_rtout = tv->tv_sec * hz + tv->tv_usec / tick; 819 if ((d->bd_rtout == 0) && (tv->tv_usec != 0)) 820 d->bd_rtout = 1; 821 break; 822 } 823 824 /* 825 * Get read timeout. 826 */ 827 case BIOCGRTIMEOUT: 828 { 829 struct timeval *tv = addr; 830 831 tv->tv_sec = d->bd_rtout / hz; 832 tv->tv_usec = (d->bd_rtout % hz) * tick; 833 break; 834 } 835 836 /* 837 * Get packet stats. 838 */ 839 case BIOCGSTATS: 840 { 841 struct bpf_stat *bs = addr; 842 843 bs->bs_recv = d->bd_rcount; 844 bs->bs_drop = d->bd_dcount; 845 bs->bs_capt = d->bd_ccount; 846 break; 847 } 848 849 case BIOCGSTATSOLD: 850 { 851 struct bpf_stat_old *bs = addr; 852 853 bs->bs_recv = d->bd_rcount; 854 bs->bs_drop = d->bd_dcount; 855 break; 856 } 857 858 /* 859 * Set immediate mode. 860 */ 861 case BIOCIMMEDIATE: 862 d->bd_immediate = *(u_int *)addr; 863 break; 864 865 case BIOCVERSION: 866 { 867 struct bpf_version *bv = addr; 868 869 bv->bv_major = BPF_MAJOR_VERSION; 870 bv->bv_minor = BPF_MINOR_VERSION; 871 break; 872 } 873 874 case BIOCGHDRCMPLT: /* get "header already complete" flag */ 875 *(u_int *)addr = d->bd_hdrcmplt; 876 break; 877 878 case BIOCSHDRCMPLT: /* set "header already complete" flag */ 879 d->bd_hdrcmplt = *(u_int *)addr ? 1 : 0; 880 break; 881 882 /* 883 * Get "see sent packets" flag 884 */ 885 case BIOCGSEESENT: 886 *(u_int *)addr = d->bd_seesent; 887 break; 888 889 /* 890 * Set "see sent" packets flag 891 */ 892 case BIOCSSEESENT: 893 d->bd_seesent = *(u_int *)addr; 894 break; 895 896 case FIONBIO: /* Non-blocking I/O */ 897 /* 898 * No need to do anything special as we use IO_NDELAY in 899 * bpfread() as an indication of whether or not to block 900 * the read. 901 */ 902 break; 903 904 case FIOASYNC: /* Send signal on receive packets */ 905 d->bd_async = *(int *)addr; 906 break; 907 908 case TIOCSPGRP: /* Process or group to send signals to */ 909 case FIOSETOWN: 910 error = fsetown(l->l_proc, &d->bd_pgid, cmd, addr); 911 break; 912 913 case TIOCGPGRP: 914 case FIOGETOWN: 915 error = fgetown(l->l_proc, d->bd_pgid, cmd, addr); 916 break; 917 } 918 return (error); 919 } 920 921 /* 922 * Set d's packet filter program to fp. If this file already has a filter, 923 * free it and replace it. Returns EINVAL for bogus requests. 924 */ 925 int 926 bpf_setf(struct bpf_d *d, struct bpf_program *fp) 927 { 928 struct bpf_insn *fcode, *old; 929 u_int flen, size; 930 int s; 931 932 old = d->bd_filter; 933 if (fp->bf_insns == 0) { 934 if (fp->bf_len != 0) 935 return (EINVAL); 936 s = splnet(); 937 d->bd_filter = 0; 938 reset_d(d); 939 splx(s); 940 if (old != 0) 941 free(old, M_DEVBUF); 942 return (0); 943 } 944 flen = fp->bf_len; 945 if (flen > BPF_MAXINSNS) 946 return (EINVAL); 947 948 size = flen * sizeof(*fp->bf_insns); 949 fcode = malloc(size, M_DEVBUF, M_WAITOK); 950 if (copyin(fp->bf_insns, fcode, size) == 0 && 951 bpf_validate(fcode, (int)flen)) { 952 s = splnet(); 953 d->bd_filter = fcode; 954 reset_d(d); 955 splx(s); 956 if (old != 0) 957 free(old, M_DEVBUF); 958 959 return (0); 960 } 961 free(fcode, M_DEVBUF); 962 return (EINVAL); 963 } 964 965 /* 966 * Detach a file from its current interface (if attached at all) and attach 967 * to the interface indicated by the name stored in ifr. 968 * Return an errno or 0. 969 */ 970 static int 971 bpf_setif(struct bpf_d *d, struct ifreq *ifr) 972 { 973 struct bpf_if *bp; 974 char *cp; 975 int unit_seen, i, s, error; 976 977 /* 978 * Make sure the provided name has a unit number, and default 979 * it to '0' if not specified. 980 * XXX This is ugly ... do this differently? 981 */ 982 unit_seen = 0; 983 cp = ifr->ifr_name; 984 cp[sizeof(ifr->ifr_name) - 1] = '\0'; /* sanity */ 985 while (*cp++) 986 if (*cp >= '0' && *cp <= '9') 987 unit_seen = 1; 988 if (!unit_seen) { 989 /* Make sure to leave room for the '\0'. */ 990 for (i = 0; i < (IFNAMSIZ - 1); ++i) { 991 if ((ifr->ifr_name[i] >= 'a' && 992 ifr->ifr_name[i] <= 'z') || 993 (ifr->ifr_name[i] >= 'A' && 994 ifr->ifr_name[i] <= 'Z')) 995 continue; 996 ifr->ifr_name[i] = '0'; 997 } 998 } 999 1000 /* 1001 * Look through attached interfaces for the named one. 1002 */ 1003 for (bp = bpf_iflist; bp != 0; bp = bp->bif_next) { 1004 struct ifnet *ifp = bp->bif_ifp; 1005 1006 if (ifp == 0 || 1007 strcmp(ifp->if_xname, ifr->ifr_name) != 0) 1008 continue; 1009 /* skip additional entry */ 1010 if (bp->bif_driverp != (struct bpf_if **)&ifp->if_bpf) 1011 continue; 1012 /* 1013 * We found the requested interface. 1014 * Allocate the packet buffers if we need to. 1015 * If we're already attached to requested interface, 1016 * just flush the buffer. 1017 */ 1018 if (d->bd_sbuf == 0) { 1019 error = bpf_allocbufs(d); 1020 if (error != 0) 1021 return (error); 1022 } 1023 s = splnet(); 1024 if (bp != d->bd_bif) { 1025 if (d->bd_bif) 1026 /* 1027 * Detach if attached to something else. 1028 */ 1029 bpf_detachd(d); 1030 1031 bpf_attachd(d, bp); 1032 } 1033 reset_d(d); 1034 splx(s); 1035 return (0); 1036 } 1037 /* Not found. */ 1038 return (ENXIO); 1039 } 1040 1041 /* 1042 * Copy the interface name to the ifreq. 1043 */ 1044 static void 1045 bpf_ifname(struct ifnet *ifp, struct ifreq *ifr) 1046 { 1047 memcpy(ifr->ifr_name, ifp->if_xname, IFNAMSIZ); 1048 } 1049 1050 /* 1051 * Support for poll() system call 1052 * 1053 * Return true iff the specific operation will not block indefinitely - with 1054 * the assumption that it is safe to positively acknowledge a request for the 1055 * ability to write to the BPF device. 1056 * Otherwise, return false but make a note that a selwakeup() must be done. 1057 */ 1058 static int 1059 bpf_poll(struct file *fp, int events, struct lwp *l) 1060 { 1061 struct bpf_d *d = fp->f_data; 1062 int s = splnet(); 1063 int revents; 1064 1065 /* 1066 * Refresh the PID associated with this bpf file. 1067 */ 1068 d->bd_pid = l->l_proc->p_pid; 1069 1070 revents = events & (POLLOUT | POLLWRNORM); 1071 if (events & (POLLIN | POLLRDNORM)) { 1072 /* 1073 * An imitation of the FIONREAD ioctl code. 1074 */ 1075 if ((d->bd_hlen != 0) || 1076 (d->bd_immediate && d->bd_slen != 0)) { 1077 revents |= events & (POLLIN | POLLRDNORM); 1078 } else if (d->bd_state == BPF_TIMED_OUT) { 1079 if (d->bd_slen != 0) 1080 revents |= events & (POLLIN | POLLRDNORM); 1081 else 1082 revents |= events & POLLIN; 1083 } else { 1084 selrecord(l, &d->bd_sel); 1085 /* Start the read timeout if necessary */ 1086 if (d->bd_rtout > 0 && d->bd_state == BPF_IDLE) { 1087 callout_reset(&d->bd_callout, d->bd_rtout, 1088 bpf_timed_out, d); 1089 d->bd_state = BPF_WAITING; 1090 } 1091 } 1092 } 1093 1094 splx(s); 1095 return (revents); 1096 } 1097 1098 static void 1099 filt_bpfrdetach(struct knote *kn) 1100 { 1101 struct bpf_d *d = kn->kn_hook; 1102 int s; 1103 1104 s = splnet(); 1105 SLIST_REMOVE(&d->bd_sel.sel_klist, kn, knote, kn_selnext); 1106 splx(s); 1107 } 1108 1109 static int 1110 filt_bpfread(struct knote *kn, long hint) 1111 { 1112 struct bpf_d *d = kn->kn_hook; 1113 1114 kn->kn_data = d->bd_hlen; 1115 if (d->bd_immediate) 1116 kn->kn_data += d->bd_slen; 1117 return (kn->kn_data > 0); 1118 } 1119 1120 static const struct filterops bpfread_filtops = 1121 { 1, NULL, filt_bpfrdetach, filt_bpfread }; 1122 1123 static int 1124 bpf_kqfilter(struct file *fp, struct knote *kn) 1125 { 1126 struct bpf_d *d = fp->f_data; 1127 struct klist *klist; 1128 int s; 1129 1130 switch (kn->kn_filter) { 1131 case EVFILT_READ: 1132 klist = &d->bd_sel.sel_klist; 1133 kn->kn_fop = &bpfread_filtops; 1134 break; 1135 1136 default: 1137 return (1); 1138 } 1139 1140 kn->kn_hook = d; 1141 1142 s = splnet(); 1143 SLIST_INSERT_HEAD(klist, kn, kn_selnext); 1144 splx(s); 1145 1146 return (0); 1147 } 1148 1149 /* 1150 * Incoming linkage from device drivers. Process the packet pkt, of length 1151 * pktlen, which is stored in a contiguous buffer. The packet is parsed 1152 * by each process' filter, and if accepted, stashed into the corresponding 1153 * buffer. 1154 */ 1155 void 1156 bpf_tap(void *arg, u_char *pkt, u_int pktlen) 1157 { 1158 struct bpf_if *bp; 1159 struct bpf_d *d; 1160 u_int slen; 1161 /* 1162 * Note that the ipl does not have to be raised at this point. 1163 * The only problem that could arise here is that if two different 1164 * interfaces shared any data. This is not the case. 1165 */ 1166 bp = arg; 1167 for (d = bp->bif_dlist; d != 0; d = d->bd_next) { 1168 ++d->bd_rcount; 1169 ++bpf_gstats.bs_recv; 1170 slen = bpf_filter(d->bd_filter, pkt, pktlen, pktlen); 1171 if (slen != 0) 1172 catchpacket(d, pkt, pktlen, slen, memcpy); 1173 } 1174 } 1175 1176 /* 1177 * Copy data from an mbuf chain into a buffer. This code is derived 1178 * from m_copydata in sys/uipc_mbuf.c. 1179 */ 1180 static void * 1181 bpf_mcpy(void *dst_arg, const void *src_arg, size_t len) 1182 { 1183 const struct mbuf *m; 1184 u_int count; 1185 u_char *dst; 1186 1187 m = src_arg; 1188 dst = dst_arg; 1189 while (len > 0) { 1190 if (m == 0) 1191 panic("bpf_mcpy"); 1192 count = min(m->m_len, len); 1193 memcpy(dst, mtod(m, void *), count); 1194 m = m->m_next; 1195 dst += count; 1196 len -= count; 1197 } 1198 return (dst_arg); 1199 } 1200 1201 /* 1202 * Dispatch a packet to all the listeners on interface bp. 1203 * 1204 * marg pointer to the packet, either a data buffer or an mbuf chain 1205 * buflen buffer length, if marg is a data buffer 1206 * cpfn a function that can copy marg into the listener's buffer 1207 * pktlen length of the packet 1208 * rcvif either NULL or the interface the packet came in on. 1209 */ 1210 static inline void 1211 bpf_deliver(struct bpf_if *bp, void *(*cpfn)(void *, const void *, size_t), 1212 void *marg, u_int pktlen, u_int buflen, struct ifnet *rcvif) 1213 { 1214 u_int slen; 1215 struct bpf_d *d; 1216 1217 for (d = bp->bif_dlist; d != 0; d = d->bd_next) { 1218 if (!d->bd_seesent && (rcvif == NULL)) 1219 continue; 1220 ++d->bd_rcount; 1221 ++bpf_gstats.bs_recv; 1222 slen = bpf_filter(d->bd_filter, marg, pktlen, buflen); 1223 if (slen != 0) 1224 catchpacket(d, marg, pktlen, slen, cpfn); 1225 } 1226 } 1227 1228 /* 1229 * Incoming linkage from device drivers, when the head of the packet is in 1230 * a buffer, and the tail is in an mbuf chain. 1231 */ 1232 void 1233 bpf_mtap2(void *arg, void *data, u_int dlen, struct mbuf *m) 1234 { 1235 struct bpf_if *bp = arg; 1236 u_int pktlen; 1237 struct mbuf mb; 1238 1239 pktlen = m_length(m) + dlen; 1240 1241 /* 1242 * Craft on-stack mbuf suitable for passing to bpf_filter. 1243 * Note that we cut corners here; we only setup what's 1244 * absolutely needed--this mbuf should never go anywhere else. 1245 */ 1246 (void)memset(&mb, 0, sizeof(mb)); 1247 mb.m_next = m; 1248 mb.m_data = data; 1249 mb.m_len = dlen; 1250 1251 bpf_deliver(bp, bpf_mcpy, &mb, pktlen, 0, m->m_pkthdr.rcvif); 1252 } 1253 1254 /* 1255 * Incoming linkage from device drivers, when packet is in an mbuf chain. 1256 */ 1257 void 1258 bpf_mtap(void *arg, struct mbuf *m) 1259 { 1260 void *(*cpfn)(void *, const void *, size_t); 1261 struct bpf_if *bp = arg; 1262 u_int pktlen, buflen; 1263 void *marg; 1264 1265 pktlen = m_length(m); 1266 1267 if (pktlen == m->m_len) { 1268 cpfn = memcpy; 1269 marg = mtod(m, void *); 1270 buflen = pktlen; 1271 } else { 1272 cpfn = bpf_mcpy; 1273 marg = m; 1274 buflen = 0; 1275 } 1276 1277 bpf_deliver(bp, cpfn, marg, pktlen, buflen, m->m_pkthdr.rcvif); 1278 } 1279 1280 /* 1281 * We need to prepend the address family as 1282 * a four byte field. Cons up a dummy header 1283 * to pacify bpf. This is safe because bpf 1284 * will only read from the mbuf (i.e., it won't 1285 * try to free it or keep a pointer a to it). 1286 */ 1287 void 1288 bpf_mtap_af(void *arg, u_int32_t af, struct mbuf *m) 1289 { 1290 struct mbuf m0; 1291 1292 m0.m_flags = 0; 1293 m0.m_next = m; 1294 m0.m_len = 4; 1295 m0.m_data = (char *)⁡ 1296 1297 bpf_mtap(arg, &m0); 1298 } 1299 1300 void 1301 bpf_mtap_et(void *arg, u_int16_t et, struct mbuf *m) 1302 { 1303 struct mbuf m0; 1304 1305 m0.m_flags = 0; 1306 m0.m_next = m; 1307 m0.m_len = 14; 1308 m0.m_data = m0.m_dat; 1309 1310 ((u_int32_t *)m0.m_data)[0] = 0; 1311 ((u_int32_t *)m0.m_data)[1] = 0; 1312 ((u_int32_t *)m0.m_data)[2] = 0; 1313 ((u_int16_t *)m0.m_data)[6] = et; 1314 1315 bpf_mtap(arg, &m0); 1316 } 1317 1318 #if NSL > 0 || NSTRIP > 0 1319 /* 1320 * Put the SLIP pseudo-"link header" in place. 1321 * Note this M_PREPEND() should never fail, 1322 * swince we know we always have enough space 1323 * in the input buffer. 1324 */ 1325 void 1326 bpf_mtap_sl_in(void *arg, u_char *chdr, struct mbuf **m) 1327 { 1328 int s; 1329 u_char *hp; 1330 1331 M_PREPEND(*m, SLIP_HDRLEN, M_DONTWAIT); 1332 if (*m == NULL) 1333 return; 1334 1335 hp = mtod(*m, u_char *); 1336 hp[SLX_DIR] = SLIPDIR_IN; 1337 (void)memcpy(&hp[SLX_CHDR], chdr, CHDR_LEN); 1338 1339 s = splnet(); 1340 bpf_mtap(arg, *m); 1341 splx(s); 1342 1343 m_adj(*m, SLIP_HDRLEN); 1344 } 1345 1346 /* 1347 * Put the SLIP pseudo-"link header" in 1348 * place. The compressed header is now 1349 * at the beginning of the mbuf. 1350 */ 1351 void 1352 bpf_mtap_sl_out(void *arg, u_char *chdr, struct mbuf *m) 1353 { 1354 struct mbuf m0; 1355 u_char *hp; 1356 int s; 1357 1358 m0.m_flags = 0; 1359 m0.m_next = m; 1360 m0.m_data = m0.m_dat; 1361 m0.m_len = SLIP_HDRLEN; 1362 1363 hp = mtod(&m0, u_char *); 1364 1365 hp[SLX_DIR] = SLIPDIR_OUT; 1366 (void)memcpy(&hp[SLX_CHDR], chdr, CHDR_LEN); 1367 1368 s = splnet(); 1369 bpf_mtap(arg, &m0); 1370 splx(s); 1371 m_freem(m); 1372 } 1373 #endif 1374 1375 /* 1376 * Move the packet data from interface memory (pkt) into the 1377 * store buffer. Return 1 if it's time to wakeup a listener (buffer full), 1378 * otherwise 0. "copy" is the routine called to do the actual data 1379 * transfer. memcpy is passed in to copy contiguous chunks, while 1380 * bpf_mcpy is passed in to copy mbuf chains. In the latter case, 1381 * pkt is really an mbuf. 1382 */ 1383 static void 1384 catchpacket(struct bpf_d *d, u_char *pkt, u_int pktlen, u_int snaplen, 1385 void *(*cpfn)(void *, const void *, size_t)) 1386 { 1387 struct bpf_hdr *hp; 1388 int totlen, curlen; 1389 int hdrlen = d->bd_bif->bif_hdrlen; 1390 1391 ++d->bd_ccount; 1392 ++bpf_gstats.bs_capt; 1393 /* 1394 * Figure out how many bytes to move. If the packet is 1395 * greater or equal to the snapshot length, transfer that 1396 * much. Otherwise, transfer the whole packet (unless 1397 * we hit the buffer size limit). 1398 */ 1399 totlen = hdrlen + min(snaplen, pktlen); 1400 if (totlen > d->bd_bufsize) 1401 totlen = d->bd_bufsize; 1402 1403 /* 1404 * Round up the end of the previous packet to the next longword. 1405 */ 1406 curlen = BPF_WORDALIGN(d->bd_slen); 1407 if (curlen + totlen > d->bd_bufsize) { 1408 /* 1409 * This packet will overflow the storage buffer. 1410 * Rotate the buffers if we can, then wakeup any 1411 * pending reads. 1412 */ 1413 if (d->bd_fbuf == 0) { 1414 /* 1415 * We haven't completed the previous read yet, 1416 * so drop the packet. 1417 */ 1418 ++d->bd_dcount; 1419 ++bpf_gstats.bs_drop; 1420 return; 1421 } 1422 ROTATE_BUFFERS(d); 1423 bpf_wakeup(d); 1424 curlen = 0; 1425 } 1426 1427 /* 1428 * Append the bpf header. 1429 */ 1430 hp = (struct bpf_hdr *)(d->bd_sbuf + curlen); 1431 microtime(&hp->bh_tstamp); 1432 hp->bh_datalen = pktlen; 1433 hp->bh_hdrlen = hdrlen; 1434 /* 1435 * Copy the packet data into the store buffer and update its length. 1436 */ 1437 (*cpfn)((u_char *)hp + hdrlen, pkt, (hp->bh_caplen = totlen - hdrlen)); 1438 d->bd_slen = curlen + totlen; 1439 1440 /* 1441 * Call bpf_wakeup after bd_slen has been updated so that kevent(2) 1442 * will cause filt_bpfread() to be called with it adjusted. 1443 */ 1444 if (d->bd_immediate || d->bd_state == BPF_TIMED_OUT) 1445 /* 1446 * Immediate mode is set, or the read timeout has 1447 * already expired during a select call. A packet 1448 * arrived, so the reader should be woken up. 1449 */ 1450 bpf_wakeup(d); 1451 } 1452 1453 /* 1454 * Initialize all nonzero fields of a descriptor. 1455 */ 1456 static int 1457 bpf_allocbufs(struct bpf_d *d) 1458 { 1459 1460 d->bd_fbuf = malloc(d->bd_bufsize, M_DEVBUF, M_NOWAIT); 1461 if (!d->bd_fbuf) 1462 return (ENOBUFS); 1463 d->bd_sbuf = malloc(d->bd_bufsize, M_DEVBUF, M_NOWAIT); 1464 if (!d->bd_sbuf) { 1465 free(d->bd_fbuf, M_DEVBUF); 1466 return (ENOBUFS); 1467 } 1468 d->bd_slen = 0; 1469 d->bd_hlen = 0; 1470 return (0); 1471 } 1472 1473 /* 1474 * Free buffers currently in use by a descriptor. 1475 * Called on close. 1476 */ 1477 static void 1478 bpf_freed(struct bpf_d *d) 1479 { 1480 /* 1481 * We don't need to lock out interrupts since this descriptor has 1482 * been detached from its interface and it yet hasn't been marked 1483 * free. 1484 */ 1485 if (d->bd_sbuf != 0) { 1486 free(d->bd_sbuf, M_DEVBUF); 1487 if (d->bd_hbuf != 0) 1488 free(d->bd_hbuf, M_DEVBUF); 1489 if (d->bd_fbuf != 0) 1490 free(d->bd_fbuf, M_DEVBUF); 1491 } 1492 if (d->bd_filter) 1493 free(d->bd_filter, M_DEVBUF); 1494 } 1495 1496 /* 1497 * Attach an interface to bpf. dlt is the link layer type; hdrlen is the 1498 * fixed size of the link header (variable length headers not yet supported). 1499 */ 1500 void 1501 bpfattach(struct ifnet *ifp, u_int dlt, u_int hdrlen) 1502 { 1503 1504 bpfattach2(ifp, dlt, hdrlen, &ifp->if_bpf); 1505 } 1506 1507 /* 1508 * Attach additional dlt for a interface to bpf. dlt is the link layer type; 1509 * hdrlen is the fixed size of the link header for the specified dlt 1510 * (variable length headers not yet supported). 1511 */ 1512 void 1513 bpfattach2(struct ifnet *ifp, u_int dlt, u_int hdrlen, void *driverp) 1514 { 1515 struct bpf_if *bp; 1516 bp = malloc(sizeof(*bp), M_DEVBUF, M_DONTWAIT); 1517 if (bp == 0) 1518 panic("bpfattach"); 1519 1520 bp->bif_dlist = 0; 1521 bp->bif_driverp = driverp; 1522 bp->bif_ifp = ifp; 1523 bp->bif_dlt = dlt; 1524 1525 bp->bif_next = bpf_iflist; 1526 bpf_iflist = bp; 1527 1528 *bp->bif_driverp = 0; 1529 1530 /* 1531 * Compute the length of the bpf header. This is not necessarily 1532 * equal to SIZEOF_BPF_HDR because we want to insert spacing such 1533 * that the network layer header begins on a longword boundary (for 1534 * performance reasons and to alleviate alignment restrictions). 1535 */ 1536 bp->bif_hdrlen = BPF_WORDALIGN(hdrlen + SIZEOF_BPF_HDR) - hdrlen; 1537 1538 #if 0 1539 printf("bpf: %s attached\n", ifp->if_xname); 1540 #endif 1541 } 1542 1543 /* 1544 * Remove an interface from bpf. 1545 */ 1546 void 1547 bpfdetach(struct ifnet *ifp) 1548 { 1549 struct bpf_if *bp, **pbp; 1550 struct bpf_d *d; 1551 int s; 1552 1553 /* Nuke the vnodes for any open instances */ 1554 for (d = LIST_FIRST(&bpf_list); d != NULL; d = LIST_NEXT(d, bd_list)) { 1555 if (d->bd_bif != NULL && d->bd_bif->bif_ifp == ifp) { 1556 /* 1557 * Detach the descriptor from an interface now. 1558 * It will be free'ed later by close routine. 1559 */ 1560 s = splnet(); 1561 d->bd_promisc = 0; /* we can't touch device. */ 1562 bpf_detachd(d); 1563 splx(s); 1564 } 1565 } 1566 1567 again: 1568 for (bp = bpf_iflist, pbp = &bpf_iflist; 1569 bp != NULL; pbp = &bp->bif_next, bp = bp->bif_next) { 1570 if (bp->bif_ifp == ifp) { 1571 *pbp = bp->bif_next; 1572 free(bp, M_DEVBUF); 1573 goto again; 1574 } 1575 } 1576 } 1577 1578 /* 1579 * Change the data link type of a interface. 1580 */ 1581 void 1582 bpf_change_type(struct ifnet *ifp, u_int dlt, u_int hdrlen) 1583 { 1584 struct bpf_if *bp; 1585 1586 for (bp = bpf_iflist; bp != NULL; bp = bp->bif_next) { 1587 if (bp->bif_driverp == (struct bpf_if **)&ifp->if_bpf) 1588 break; 1589 } 1590 if (bp == NULL) 1591 panic("bpf_change_type"); 1592 1593 bp->bif_dlt = dlt; 1594 1595 /* 1596 * Compute the length of the bpf header. This is not necessarily 1597 * equal to SIZEOF_BPF_HDR because we want to insert spacing such 1598 * that the network layer header begins on a longword boundary (for 1599 * performance reasons and to alleviate alignment restrictions). 1600 */ 1601 bp->bif_hdrlen = BPF_WORDALIGN(hdrlen + SIZEOF_BPF_HDR) - hdrlen; 1602 } 1603 1604 /* 1605 * Get a list of available data link type of the interface. 1606 */ 1607 static int 1608 bpf_getdltlist(struct bpf_d *d, struct bpf_dltlist *bfl) 1609 { 1610 int n, error; 1611 struct ifnet *ifp; 1612 struct bpf_if *bp; 1613 1614 ifp = d->bd_bif->bif_ifp; 1615 n = 0; 1616 error = 0; 1617 for (bp = bpf_iflist; bp != NULL; bp = bp->bif_next) { 1618 if (bp->bif_ifp != ifp) 1619 continue; 1620 if (bfl->bfl_list != NULL) { 1621 if (n >= bfl->bfl_len) 1622 return ENOMEM; 1623 error = copyout(&bp->bif_dlt, 1624 bfl->bfl_list + n, sizeof(u_int)); 1625 } 1626 n++; 1627 } 1628 bfl->bfl_len = n; 1629 return error; 1630 } 1631 1632 /* 1633 * Set the data link type of a BPF instance. 1634 */ 1635 static int 1636 bpf_setdlt(struct bpf_d *d, u_int dlt) 1637 { 1638 int s, error, opromisc; 1639 struct ifnet *ifp; 1640 struct bpf_if *bp; 1641 1642 if (d->bd_bif->bif_dlt == dlt) 1643 return 0; 1644 ifp = d->bd_bif->bif_ifp; 1645 for (bp = bpf_iflist; bp != NULL; bp = bp->bif_next) { 1646 if (bp->bif_ifp == ifp && bp->bif_dlt == dlt) 1647 break; 1648 } 1649 if (bp == NULL) 1650 return EINVAL; 1651 s = splnet(); 1652 opromisc = d->bd_promisc; 1653 bpf_detachd(d); 1654 bpf_attachd(d, bp); 1655 reset_d(d); 1656 if (opromisc) { 1657 error = ifpromisc(bp->bif_ifp, 1); 1658 if (error) 1659 printf("%s: bpf_setdlt: ifpromisc failed (%d)\n", 1660 bp->bif_ifp->if_xname, error); 1661 else 1662 d->bd_promisc = 1; 1663 } 1664 splx(s); 1665 return 0; 1666 } 1667 1668 static int 1669 sysctl_net_bpf_maxbufsize(SYSCTLFN_ARGS) 1670 { 1671 int newsize, error; 1672 struct sysctlnode node; 1673 1674 node = *rnode; 1675 node.sysctl_data = &newsize; 1676 newsize = bpf_maxbufsize; 1677 error = sysctl_lookup(SYSCTLFN_CALL(&node)); 1678 if (error || newp == NULL) 1679 return (error); 1680 1681 if (newsize < BPF_MINBUFSIZE || newsize > BPF_MAXBUFSIZE) 1682 return (EINVAL); 1683 1684 bpf_maxbufsize = newsize; 1685 1686 return (0); 1687 } 1688 1689 static int 1690 sysctl_net_bpf_peers(SYSCTLFN_ARGS) 1691 { 1692 int error, elem_count; 1693 struct bpf_d *dp; 1694 struct bpf_d_ext dpe; 1695 size_t len, needed, elem_size, out_size; 1696 char *sp; 1697 1698 if (namelen == 1 && name[0] == CTL_QUERY) 1699 return (sysctl_query(SYSCTLFN_CALL(rnode))); 1700 1701 if (namelen != 2) 1702 return (EINVAL); 1703 1704 if ((error = kauth_authorize_generic(l->l_proc->p_cred, 1705 KAUTH_GENERIC_ISSUSER, 1706 &l->l_proc->p_acflag))) 1707 return (error); 1708 1709 len = (oldp != NULL) ? *oldlenp : 0; 1710 sp = oldp; 1711 elem_size = name[0]; 1712 elem_count = name[1]; 1713 out_size = MIN(sizeof(dpe), elem_size); 1714 needed = 0; 1715 1716 if (elem_size < 1 || elem_count < 0) 1717 return (EINVAL); 1718 1719 simple_lock(&bpf_slock); 1720 LIST_FOREACH(dp, &bpf_list, bd_list) { 1721 if (len >= elem_size && elem_count > 0) { 1722 #define BPF_EXT(field) dpe.bde_ ## field = dp->bd_ ## field 1723 BPF_EXT(bufsize); 1724 BPF_EXT(promisc); 1725 BPF_EXT(promisc); 1726 BPF_EXT(state); 1727 BPF_EXT(immediate); 1728 BPF_EXT(hdrcmplt); 1729 BPF_EXT(seesent); 1730 BPF_EXT(pid); 1731 BPF_EXT(rcount); 1732 BPF_EXT(dcount); 1733 BPF_EXT(ccount); 1734 #undef BPF_EXT 1735 if (dp->bd_bif) 1736 (void)strlcpy(dpe.bde_ifname, 1737 dp->bd_bif->bif_ifp->if_xname, 1738 IFNAMSIZ - 1); 1739 else 1740 dpe.bde_ifname[0] = '\0'; 1741 1742 error = copyout(&dpe, sp, out_size); 1743 if (error) 1744 break; 1745 sp += elem_size; 1746 len -= elem_size; 1747 } 1748 if (elem_count > 0) { 1749 needed += elem_size; 1750 if (elem_count != INT_MAX) 1751 elem_count--; 1752 } 1753 } 1754 simple_unlock(&bpf_slock); 1755 1756 *oldlenp = needed; 1757 1758 return (error); 1759 } 1760 1761 SYSCTL_SETUP(sysctl_net_bpf_setup, "sysctl net.bpf subtree setup") 1762 { 1763 const struct sysctlnode *node; 1764 1765 sysctl_createv(clog, 0, NULL, NULL, 1766 CTLFLAG_PERMANENT, 1767 CTLTYPE_NODE, "net", NULL, 1768 NULL, 0, NULL, 0, 1769 CTL_NET, CTL_EOL); 1770 1771 node = NULL; 1772 sysctl_createv(clog, 0, NULL, &node, 1773 CTLFLAG_PERMANENT, 1774 CTLTYPE_NODE, "bpf", 1775 SYSCTL_DESCR("BPF options"), 1776 NULL, 0, NULL, 0, 1777 CTL_NET, CTL_CREATE, CTL_EOL); 1778 if (node != NULL) { 1779 sysctl_createv(clog, 0, NULL, NULL, 1780 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1781 CTLTYPE_INT, "maxbufsize", 1782 SYSCTL_DESCR("Maximum size for data capture buffer"), 1783 sysctl_net_bpf_maxbufsize, 0, &bpf_maxbufsize, 0, 1784 CTL_NET, node->sysctl_num, CTL_CREATE, CTL_EOL); 1785 sysctl_createv(clog, 0, NULL, NULL, 1786 CTLFLAG_PERMANENT, 1787 CTLTYPE_STRUCT, "stats", 1788 SYSCTL_DESCR("BPF stats"), 1789 NULL, 0, &bpf_gstats, sizeof(bpf_gstats), 1790 CTL_NET, node->sysctl_num, CTL_CREATE, CTL_EOL); 1791 sysctl_createv(clog, 0, NULL, NULL, 1792 CTLFLAG_PERMANENT, 1793 CTLTYPE_STRUCT, "peers", 1794 SYSCTL_DESCR("BPF peers"), 1795 sysctl_net_bpf_peers, 0, NULL, 0, 1796 CTL_NET, node->sysctl_num, CTL_CREATE, CTL_EOL); 1797 } 1798 1799 } 1800
Indexes created Wed Oct 01 12:09:54 GMT 2025