bpf.c revision 1.22
1 /* $NetBSD: bpf.c,v 1.22 1995/08/13 04:15:38 mycroft Exp $ */ 2 3 /* 4 * Copyright (c) 1990, 1991, 1993 5 * The Regents of the University of California. All rights reserved. 6 * 7 * This code is derived from the Stanford/CMU enet packet filter, 8 * (net/enet.c) distributed as part of 4.3BSD, and code contributed 9 * to Berkeley by Steven McCanne and Van Jacobson both of Lawrence 10 * Berkeley Laboratory. 11 * 12 * Redistribution and use in source and binary forms, with or without 13 * modification, are permitted provided that the following conditions 14 * are met: 15 * 1. Redistributions of source code must retain the above copyright 16 * notice, this list of conditions and the following disclaimer. 17 * 2. Redistributions in binary form must reproduce the above copyright 18 * notice, this list of conditions and the following disclaimer in the 19 * documentation and/or other materials provided with the distribution. 20 * 3. All advertising materials mentioning features or use of this software 21 * must display the following acknowledgement: 22 * This product includes software developed by the University of 23 * California, Berkeley and its contributors. 24 * 4. Neither the name of the University nor the names of its contributors 25 * may be used to endorse or promote products derived from this software 26 * without specific prior written permission. 27 * 28 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 29 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 30 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 31 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 32 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 33 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 34 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 35 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 36 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 37 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 38 * SUCH DAMAGE. 39 * 40 * @(#)bpf.c 8.2 (Berkeley) 3/28/94 41 */ 42 43 #include "bpfilter.h" 44 45 #include <sys/param.h> 46 #include <sys/systm.h> 47 #include <sys/mbuf.h> 48 #include <sys/buf.h> 49 #include <sys/time.h> 50 #include <sys/proc.h> 51 #include <sys/user.h> 52 #include <sys/ioctl.h> 53 #include <sys/map.h> 54 55 #include <sys/file.h> 56 #if defined(sparc) && BSD < 199103 57 #include <sys/stream.h> 58 #endif 59 #include <sys/tty.h> 60 #include <sys/uio.h> 61 62 #include <sys/protosw.h> 63 #include <sys/socket.h> 64 #include <net/if.h> 65 66 #include <net/bpf.h> 67 #include <net/bpfdesc.h> 68 69 #include <sys/errno.h> 70 71 #include <netinet/in.h> 72 #include <netinet/if_arc.h> 73 #include <netinet/if_ether.h> 74 #include <sys/kernel.h> 75 76 /* 77 * Older BSDs don't have kernel malloc. 78 */ 79 #if BSD < 199103 80 extern bcopy(); 81 static caddr_t bpf_alloc(); 82 #include <net/bpf_compat.h> 83 #define BPF_BUFSIZE (MCLBYTES-8) 84 #define UIOMOVE(cp, len, code, uio) uiomove(cp, len, code, uio) 85 #else 86 #define BPF_BUFSIZE 4096 87 #define UIOMOVE(cp, len, code, uio) uiomove(cp, len, uio) 88 #endif 89 90 #define PRINET 26 /* interruptible */ 91 92 /* 93 * The default read buffer size is patchable. 94 */ 95 int bpf_bufsize = BPF_BUFSIZE; 96 97 /* 98 * bpf_iflist is the list of interfaces; each corresponds to an ifnet 99 * bpf_dtab holds the descriptors, indexed by minor device # 100 */ 101 struct bpf_if *bpf_iflist; 102 struct bpf_d bpf_dtab[NBPFILTER]; 103 104 #if BSD >= 199207 || NetBSD0_9 >= 2 105 /* 106 * bpfilterattach() is called at boot time in new systems. We do 107 * nothing here since old systems will not call this. 108 */ 109 /* ARGSUSED */ 110 void 111 bpfilterattach(n) 112 int n; 113 { 114 } 115 #endif 116 117 static int bpf_allocbufs __P((struct bpf_d *)); 118 static int bpf_allocbufs __P((struct bpf_d *)); 119 static void bpf_freed __P((struct bpf_d *)); 120 static void bpf_freed __P((struct bpf_d *)); 121 static void bpf_ifname __P((struct ifnet *, struct ifreq *)); 122 static void bpf_ifname __P((struct ifnet *, struct ifreq *)); 123 static void bpf_mcopy __P((const void *, void *, size_t)); 124 static int bpf_movein __P((struct uio *, int, 125 struct mbuf **, struct sockaddr *)); 126 static int bpf_setif __P((struct bpf_d *, struct ifreq *)); 127 static int bpf_setif __P((struct bpf_d *, struct ifreq *)); 128 static __inline void 129 bpf_wakeup __P((struct bpf_d *)); 130 static void catchpacket __P((struct bpf_d *, u_char *, size_t, 131 size_t, void (*)(const void *, void *, size_t))); 132 static void reset_d __P((struct bpf_d *)); 133 134 static int 135 bpf_movein(uio, linktype, mp, sockp) 136 register struct uio *uio; 137 int linktype; 138 register struct mbuf **mp; 139 register struct sockaddr *sockp; 140 { 141 struct mbuf *m; 142 int error; 143 int len; 144 int hlen; 145 146 /* 147 * Build a sockaddr based on the data link layer type. 148 * We do this at this level because the ethernet header 149 * is copied directly into the data field of the sockaddr. 150 * In the case of SLIP, there is no header and the packet 151 * is forwarded as is. 152 * Also, we are careful to leave room at the front of the mbuf 153 * for the link level header. 154 */ 155 switch (linktype) { 156 157 case DLT_SLIP: 158 sockp->sa_family = AF_INET; 159 hlen = 0; 160 break; 161 162 case DLT_PPP: 163 sockp->sa_family = AF_UNSPEC; 164 hlen = 0; 165 break; 166 167 case DLT_EN10MB: 168 sockp->sa_family = AF_UNSPEC; 169 /* XXX Would MAXLINKHDR be better? */ 170 hlen = sizeof(struct ether_header); 171 break; 172 173 case DLT_ARCNET: 174 sockp->sa_family = AF_UNSPEC; 175 hlen = ARC_HDRLEN; 176 break; 177 178 case DLT_FDDI: 179 sockp->sa_family = AF_UNSPEC; 180 /* XXX 4(FORMAC)+6(dst)+6(src)+3(LLC)+5(SNAP) */ 181 hlen = 24; 182 break; 183 184 case DLT_NULL: 185 sockp->sa_family = AF_UNSPEC; 186 hlen = 0; 187 break; 188 189 default: 190 return (EIO); 191 } 192 193 len = uio->uio_resid; 194 if ((unsigned)len > MCLBYTES) 195 return (EIO); 196 197 MGETHDR(m, M_WAIT, MT_DATA); 198 if (m == 0) 199 return (ENOBUFS); 200 m->m_pkthdr.rcvif = 0; 201 m->m_pkthdr.len = len - hlen; 202 203 if (len > MHLEN) { 204 #if BSD >= 199103 205 MCLGET(m, M_WAIT); 206 if ((m->m_flags & M_EXT) == 0) { 207 #else 208 MCLGET(m); 209 if (m->m_len != MCLBYTES) { 210 #endif 211 error = ENOBUFS; 212 goto bad; 213 } 214 } 215 m->m_len = len; 216 *mp = m; 217 /* 218 * Make room for link header. 219 */ 220 if (hlen != 0) { 221 m->m_len -= hlen; 222 #if BSD >= 199103 223 m->m_data += hlen; /* XXX */ 224 #else 225 m->m_off += hlen; 226 #endif 227 error = UIOMOVE((caddr_t)sockp->sa_data, hlen, UIO_WRITE, uio); 228 if (error) 229 goto bad; 230 } 231 error = UIOMOVE(mtod(m, caddr_t), len - hlen, UIO_WRITE, uio); 232 if (!error) 233 return (0); 234 bad: 235 m_freem(m); 236 return (error); 237 } 238 239 /* 240 * Attach file to the bpf interface, i.e. make d listen on bp. 241 * Must be called at splimp. 242 */ 243 static void 244 bpf_attachd(d, bp) 245 struct bpf_d *d; 246 struct bpf_if *bp; 247 { 248 /* 249 * Point d at bp, and add d to the interface's list of listeners. 250 * Finally, point the driver's bpf cookie at the interface so 251 * it will divert packets to bpf. 252 */ 253 d->bd_bif = bp; 254 d->bd_next = bp->bif_dlist; 255 bp->bif_dlist = d; 256 257 *bp->bif_driverp = bp; 258 } 259 260 /* 261 * Detach a file from its interface. 262 */ 263 static void 264 bpf_detachd(d) 265 struct bpf_d *d; 266 { 267 struct bpf_d **p; 268 struct bpf_if *bp; 269 270 bp = d->bd_bif; 271 /* 272 * Check if this descriptor had requested promiscuous mode. 273 * If so, turn it off. 274 */ 275 if (d->bd_promisc) { 276 int error; 277 278 d->bd_promisc = 0; 279 error = ifpromisc(bp->bif_ifp, 0); 280 if (error && error != EINVAL) 281 /* 282 * Something is really wrong if we were able to put 283 * the driver into promiscuous mode, but can't 284 * take it out. 285 */ 286 panic("bpf: ifpromisc failed"); 287 } 288 /* Remove d from the interface's descriptor list. */ 289 p = &bp->bif_dlist; 290 while (*p != d) { 291 p = &(*p)->bd_next; 292 if (*p == 0) 293 panic("bpf_detachd: descriptor not in list"); 294 } 295 *p = (*p)->bd_next; 296 if (bp->bif_dlist == 0) 297 /* 298 * Let the driver know that there are no more listeners. 299 */ 300 *d->bd_bif->bif_driverp = 0; 301 d->bd_bif = 0; 302 } 303 304 305 /* 306 * Mark a descriptor free by making it point to itself. 307 * This is probably cheaper than marking with a constant since 308 * the address should be in a register anyway. 309 */ 310 #define D_ISFREE(d) ((d) == (d)->bd_next) 311 #define D_MARKFREE(d) ((d)->bd_next = (d)) 312 #define D_MARKUSED(d) ((d)->bd_next = 0) 313 314 /* 315 * Open ethernet device. Returns ENXIO for illegal minor device number, 316 * EBUSY if file is open by another process. 317 */ 318 /* ARGSUSED */ 319 int 320 bpfopen(dev, flag) 321 dev_t dev; 322 int flag; 323 { 324 register struct bpf_d *d; 325 326 if (minor(dev) >= NBPFILTER) 327 return (ENXIO); 328 /* 329 * Each minor can be opened by only one process. If the requested 330 * minor is in use, return EBUSY. 331 */ 332 d = &bpf_dtab[minor(dev)]; 333 if (!D_ISFREE(d)) 334 return (EBUSY); 335 336 /* Mark "free" and do most initialization. */ 337 bzero((char *)d, sizeof(*d)); 338 d->bd_bufsize = bpf_bufsize; 339 340 return (0); 341 } 342 343 /* 344 * Close the descriptor by detaching it from its interface, 345 * deallocating its buffers, and marking it free. 346 */ 347 /* ARGSUSED */ 348 int 349 bpfclose(dev, flag) 350 dev_t dev; 351 int flag; 352 { 353 register struct bpf_d *d = &bpf_dtab[minor(dev)]; 354 register int s; 355 356 s = splimp(); 357 if (d->bd_bif) 358 bpf_detachd(d); 359 splx(s); 360 bpf_freed(d); 361 362 return (0); 363 } 364 365 /* 366 * Support for SunOS, which does not have tsleep. 367 */ 368 #if BSD < 199103 369 static 370 bpf_timeout(arg) 371 caddr_t arg; 372 { 373 struct bpf_d *d = (struct bpf_d *)arg; 374 d->bd_timedout = 1; 375 wakeup(arg); 376 } 377 378 #define BPF_SLEEP(chan, pri, s, t) bpf_sleep((struct bpf_d *)chan) 379 380 int 381 bpf_sleep(d) 382 register struct bpf_d *d; 383 { 384 register int rto = d->bd_rtout; 385 register int st; 386 387 if (rto != 0) { 388 d->bd_timedout = 0; 389 timeout(bpf_timeout, (caddr_t)d, rto); 390 } 391 st = sleep((caddr_t)d, PRINET|PCATCH); 392 if (rto != 0) { 393 if (d->bd_timedout == 0) 394 untimeout(bpf_timeout, (caddr_t)d); 395 else if (st == 0) 396 return EWOULDBLOCK; 397 } 398 return (st != 0) ? EINTR : 0; 399 } 400 #else 401 #define BPF_SLEEP tsleep 402 #endif 403 404 /* 405 * Rotate the packet buffers in descriptor d. Move the store buffer 406 * into the hold slot, and the free buffer into the store slot. 407 * Zero the length of the new store buffer. 408 */ 409 #define ROTATE_BUFFERS(d) \ 410 (d)->bd_hbuf = (d)->bd_sbuf; \ 411 (d)->bd_hlen = (d)->bd_slen; \ 412 (d)->bd_sbuf = (d)->bd_fbuf; \ 413 (d)->bd_slen = 0; \ 414 (d)->bd_fbuf = 0; 415 /* 416 * bpfread - read next chunk of packets from buffers 417 */ 418 int 419 bpfread(dev, uio) 420 dev_t dev; 421 register struct uio *uio; 422 { 423 register struct bpf_d *d = &bpf_dtab[minor(dev)]; 424 int error; 425 int s; 426 427 /* 428 * Restrict application to use a buffer the same size as 429 * as kernel buffers. 430 */ 431 if (uio->uio_resid != d->bd_bufsize) 432 return (EINVAL); 433 434 s = splimp(); 435 /* 436 * If the hold buffer is empty, then do a timed sleep, which 437 * ends when the timeout expires or when enough packets 438 * have arrived to fill the store buffer. 439 */ 440 while (d->bd_hbuf == 0) { 441 if (d->bd_immediate && d->bd_slen != 0) { 442 /* 443 * A packet(s) either arrived since the previous 444 * read or arrived while we were asleep. 445 * Rotate the buffers and return what's here. 446 */ 447 ROTATE_BUFFERS(d); 448 break; 449 } 450 error = BPF_SLEEP((caddr_t)d, PRINET|PCATCH, "bpf", 451 d->bd_rtout); 452 if (error == EINTR || error == ERESTART) { 453 splx(s); 454 return (error); 455 } 456 if (error == EWOULDBLOCK) { 457 /* 458 * On a timeout, return what's in the buffer, 459 * which may be nothing. If there is something 460 * in the store buffer, we can rotate the buffers. 461 */ 462 if (d->bd_hbuf) 463 /* 464 * We filled up the buffer in between 465 * getting the timeout and arriving 466 * here, so we don't need to rotate. 467 */ 468 break; 469 470 if (d->bd_slen == 0) { 471 splx(s); 472 return (0); 473 } 474 ROTATE_BUFFERS(d); 475 break; 476 } 477 } 478 /* 479 * At this point, we know we have something in the hold slot. 480 */ 481 splx(s); 482 483 /* 484 * Move data from hold buffer into user space. 485 * We know the entire buffer is transferred since 486 * we checked above that the read buffer is bpf_bufsize bytes. 487 */ 488 error = UIOMOVE(d->bd_hbuf, d->bd_hlen, UIO_READ, uio); 489 490 s = splimp(); 491 d->bd_fbuf = d->bd_hbuf; 492 d->bd_hbuf = 0; 493 d->bd_hlen = 0; 494 splx(s); 495 496 return (error); 497 } 498 499 500 /* 501 * If there are processes sleeping on this descriptor, wake them up. 502 */ 503 static __inline void 504 bpf_wakeup(d) 505 register struct bpf_d *d; 506 { 507 wakeup((caddr_t)d); 508 #if BSD >= 199103 509 selwakeup(&d->bd_sel); 510 /* XXX */ 511 d->bd_sel.si_pid = 0; 512 #else 513 if (d->bd_selproc) { 514 selwakeup(d->bd_selproc, (int)d->bd_selcoll); 515 d->bd_selcoll = 0; 516 d->bd_selproc = 0; 517 } 518 #endif 519 } 520 521 int 522 bpfwrite(dev, uio) 523 dev_t dev; 524 struct uio *uio; 525 { 526 register struct bpf_d *d = &bpf_dtab[minor(dev)]; 527 struct ifnet *ifp; 528 struct mbuf *m; 529 int error, s; 530 static struct sockaddr dst; 531 532 if (d->bd_bif == 0) 533 return (ENXIO); 534 535 ifp = d->bd_bif->bif_ifp; 536 537 if (uio->uio_resid == 0) 538 return (0); 539 540 error = bpf_movein(uio, (int)d->bd_bif->bif_dlt, &m, &dst); 541 if (error) 542 return (error); 543 544 if (m->m_pkthdr.len > ifp->if_mtu) 545 return (EMSGSIZE); 546 547 s = splsoftnet(); 548 #if BSD >= 199103 549 error = (*ifp->if_output)(ifp, m, &dst, (struct rtentry *)0); 550 #else 551 error = (*ifp->if_output)(ifp, m, &dst); 552 #endif 553 splx(s); 554 /* 555 * The driver frees the mbuf. 556 */ 557 return (error); 558 } 559 560 /* 561 * Reset a descriptor by flushing its packet buffer and clearing the 562 * receive and drop counts. Should be called at splimp. 563 */ 564 static void 565 reset_d(d) 566 struct bpf_d *d; 567 { 568 if (d->bd_hbuf) { 569 /* Free the hold buffer. */ 570 d->bd_fbuf = d->bd_hbuf; 571 d->bd_hbuf = 0; 572 } 573 d->bd_slen = 0; 574 d->bd_hlen = 0; 575 d->bd_rcount = 0; 576 d->bd_dcount = 0; 577 } 578 579 /* 580 * FIONREAD Check for read packet available. 581 * BIOCGBLEN Get buffer len [for read()]. 582 * BIOCSETF Set ethernet read filter. 583 * BIOCFLUSH Flush read packet buffer. 584 * BIOCPROMISC Put interface into promiscuous mode. 585 * BIOCGDLT Get link layer type. 586 * BIOCGETIF Get interface name. 587 * BIOCSETIF Set interface. 588 * BIOCSRTIMEOUT Set read timeout. 589 * BIOCGRTIMEOUT Get read timeout. 590 * BIOCGSTATS Get packet stats. 591 * BIOCIMMEDIATE Set immediate mode. 592 * BIOCVERSION Get filter language version. 593 */ 594 /* ARGSUSED */ 595 int 596 bpfioctl(dev, cmd, addr, flag) 597 dev_t dev; 598 u_long cmd; 599 caddr_t addr; 600 int flag; 601 { 602 register struct bpf_d *d = &bpf_dtab[minor(dev)]; 603 int s, error = 0; 604 605 switch (cmd) { 606 607 default: 608 error = EINVAL; 609 break; 610 611 /* 612 * Check for read packet available. 613 */ 614 case FIONREAD: 615 { 616 int n; 617 618 s = splimp(); 619 n = d->bd_slen; 620 if (d->bd_hbuf) 621 n += d->bd_hlen; 622 splx(s); 623 624 *(int *)addr = n; 625 break; 626 } 627 628 /* 629 * Get buffer len [for read()]. 630 */ 631 case BIOCGBLEN: 632 *(u_int *)addr = d->bd_bufsize; 633 break; 634 635 /* 636 * Set buffer length. 637 */ 638 case BIOCSBLEN: 639 #if BSD < 199103 640 error = EINVAL; 641 #else 642 if (d->bd_bif != 0) 643 error = EINVAL; 644 else { 645 register u_int size = *(u_int *)addr; 646 647 if (size > BPF_MAXBUFSIZE) 648 *(u_int *)addr = size = BPF_MAXBUFSIZE; 649 else if (size < BPF_MINBUFSIZE) 650 *(u_int *)addr = size = BPF_MINBUFSIZE; 651 d->bd_bufsize = size; 652 } 653 #endif 654 break; 655 656 /* 657 * Set link layer read filter. 658 */ 659 case BIOCSETF: 660 error = bpf_setf(d, (struct bpf_program *)addr); 661 break; 662 663 /* 664 * Flush read packet buffer. 665 */ 666 case BIOCFLUSH: 667 s = splimp(); 668 reset_d(d); 669 splx(s); 670 break; 671 672 /* 673 * Put interface into promiscuous mode. 674 */ 675 case BIOCPROMISC: 676 if (d->bd_bif == 0) { 677 /* 678 * No interface attached yet. 679 */ 680 error = EINVAL; 681 break; 682 } 683 s = splimp(); 684 if (d->bd_promisc == 0) { 685 error = ifpromisc(d->bd_bif->bif_ifp, 1); 686 if (error == 0) 687 d->bd_promisc = 1; 688 } 689 splx(s); 690 break; 691 692 /* 693 * Get device parameters. 694 */ 695 case BIOCGDLT: 696 if (d->bd_bif == 0) 697 error = EINVAL; 698 else 699 *(u_int *)addr = d->bd_bif->bif_dlt; 700 break; 701 702 /* 703 * Set interface name. 704 */ 705 case BIOCGETIF: 706 if (d->bd_bif == 0) 707 error = EINVAL; 708 else 709 bpf_ifname(d->bd_bif->bif_ifp, (struct ifreq *)addr); 710 break; 711 712 /* 713 * Set interface. 714 */ 715 case BIOCSETIF: 716 error = bpf_setif(d, (struct ifreq *)addr); 717 break; 718 719 /* 720 * Set read timeout. 721 */ 722 case BIOCSRTIMEOUT: 723 { 724 struct timeval *tv = (struct timeval *)addr; 725 726 /* Compute number of ticks. */ 727 d->bd_rtout = tv->tv_sec * hz + tv->tv_usec / tick; 728 break; 729 } 730 731 /* 732 * Get read timeout. 733 */ 734 case BIOCGRTIMEOUT: 735 { 736 struct timeval *tv = (struct timeval *)addr; 737 738 tv->tv_sec = d->bd_rtout / hz; 739 tv->tv_usec = (d->bd_rtout % hz) * tick; 740 break; 741 } 742 743 /* 744 * Get packet stats. 745 */ 746 case BIOCGSTATS: 747 { 748 struct bpf_stat *bs = (struct bpf_stat *)addr; 749 750 bs->bs_recv = d->bd_rcount; 751 bs->bs_drop = d->bd_dcount; 752 break; 753 } 754 755 /* 756 * Set immediate mode. 757 */ 758 case BIOCIMMEDIATE: 759 d->bd_immediate = *(u_int *)addr; 760 break; 761 762 case BIOCVERSION: 763 { 764 struct bpf_version *bv = (struct bpf_version *)addr; 765 766 bv->bv_major = BPF_MAJOR_VERSION; 767 bv->bv_minor = BPF_MINOR_VERSION; 768 break; 769 } 770 } 771 return (error); 772 } 773 774 /* 775 * Set d's packet filter program to fp. If this file already has a filter, 776 * free it and replace it. Returns EINVAL for bogus requests. 777 */ 778 int 779 bpf_setf(d, fp) 780 struct bpf_d *d; 781 struct bpf_program *fp; 782 { 783 struct bpf_insn *fcode, *old; 784 u_int flen, size; 785 int s; 786 787 old = d->bd_filter; 788 if (fp->bf_insns == 0) { 789 if (fp->bf_len != 0) 790 return (EINVAL); 791 s = splimp(); 792 d->bd_filter = 0; 793 reset_d(d); 794 splx(s); 795 if (old != 0) 796 free((caddr_t)old, M_DEVBUF); 797 return (0); 798 } 799 flen = fp->bf_len; 800 if (flen > BPF_MAXINSNS) 801 return (EINVAL); 802 803 size = flen * sizeof(*fp->bf_insns); 804 fcode = (struct bpf_insn *)malloc(size, M_DEVBUF, M_WAITOK); 805 if (copyin((caddr_t)fp->bf_insns, (caddr_t)fcode, size) == 0 && 806 bpf_validate(fcode, (int)flen)) { 807 s = splimp(); 808 d->bd_filter = fcode; 809 reset_d(d); 810 splx(s); 811 if (old != 0) 812 free((caddr_t)old, M_DEVBUF); 813 814 return (0); 815 } 816 free((caddr_t)fcode, M_DEVBUF); 817 return (EINVAL); 818 } 819 820 /* 821 * Detach a file from its current interface (if attached at all) and attach 822 * to the interface indicated by the name stored in ifr. 823 * Return an errno or 0. 824 */ 825 static int 826 bpf_setif(d, ifr) 827 struct bpf_d *d; 828 struct ifreq *ifr; 829 { 830 struct bpf_if *bp; 831 char *cp; 832 int unit, s, error; 833 834 /* 835 * Separate string into name part and unit number. Put a null 836 * byte at the end of the name part, and compute the number. 837 * If the a unit number is unspecified, the default is 0, 838 * as initialized above. XXX This should be common code. 839 */ 840 unit = 0; 841 cp = ifr->ifr_name; 842 cp[sizeof(ifr->ifr_name) - 1] = '\0'; 843 while (*cp++) { 844 if (*cp >= '0' && *cp <= '9') { 845 unit = *cp - '0'; 846 *cp++ = '\0'; 847 while (*cp) 848 unit = 10 * unit + *cp++ - '0'; 849 break; 850 } 851 } 852 /* 853 * Look through attached interfaces for the named one. 854 */ 855 for (bp = bpf_iflist; bp != 0; bp = bp->bif_next) { 856 struct ifnet *ifp = bp->bif_ifp; 857 858 if (ifp == 0 || unit != ifp->if_unit 859 || strcmp(ifp->if_name, ifr->ifr_name) != 0) 860 continue; 861 /* 862 * We found the requested interface. 863 * If it's not up, return an error. 864 * Allocate the packet buffers if we need to. 865 * If we're already attached to requested interface, 866 * just flush the buffer. 867 */ 868 if ((ifp->if_flags & IFF_UP) == 0) 869 return (ENETDOWN); 870 871 if (d->bd_sbuf == 0) { 872 error = bpf_allocbufs(d); 873 if (error != 0) 874 return (error); 875 } 876 s = splimp(); 877 if (bp != d->bd_bif) { 878 if (d->bd_bif) 879 /* 880 * Detach if attached to something else. 881 */ 882 bpf_detachd(d); 883 884 bpf_attachd(d, bp); 885 } 886 reset_d(d); 887 splx(s); 888 return (0); 889 } 890 /* Not found. */ 891 return (ENXIO); 892 } 893 894 /* 895 * Convert an interface name plus unit number of an ifp to a single 896 * name which is returned in the ifr. 897 */ 898 static void 899 bpf_ifname(ifp, ifr) 900 struct ifnet *ifp; 901 struct ifreq *ifr; 902 { 903 char *s = ifp->if_name; 904 char *d = ifr->ifr_name; 905 906 while (*d++ = *s++) 907 continue; 908 /* XXX Assume that unit number is less than 10. */ 909 *d++ = ifp->if_unit + '0'; 910 *d = '\0'; 911 } 912 913 /* 914 * The new select interface passes down the proc pointer; the old select 915 * stubs had to grab it out of the user struct. This glue allows either case. 916 */ 917 #if BSD >= 199103 918 #define bpf_select bpfselect 919 #else 920 int 921 bpfselect(dev, rw) 922 register dev_t dev; 923 int rw; 924 { 925 return (bpf_select(dev, rw, u.u_procp)); 926 } 927 #endif 928 929 /* 930 * Support for select() system call 931 * 932 * Return true iff the specific operation will not block indefinitely. 933 * Otherwise, return false but make a note that a selwakeup() must be done. 934 */ 935 int 936 bpf_select(dev, rw, p) 937 register dev_t dev; 938 int rw; 939 struct proc *p; 940 { 941 register struct bpf_d *d; 942 register int s; 943 944 if (rw != FREAD) 945 return (0); 946 /* 947 * An imitation of the FIONREAD ioctl code. 948 */ 949 d = &bpf_dtab[minor(dev)]; 950 951 s = splimp(); 952 if (d->bd_hlen != 0 || (d->bd_immediate && d->bd_slen != 0)) { 953 /* 954 * There is data waiting. 955 */ 956 splx(s); 957 return (1); 958 } 959 #if BSD >= 199103 960 selrecord(p, &d->bd_sel); 961 #else 962 /* 963 * No data ready. If there's already a select() waiting on this 964 * minor device then this is a collision. This shouldn't happen 965 * because minors really should not be shared, but if a process 966 * forks while one of these is open, it is possible that both 967 * processes could select on the same descriptor. 968 */ 969 if (d->bd_selproc && d->bd_selproc->p_wchan == (caddr_t)&selwait) 970 d->bd_selcoll = 1; 971 else 972 d->bd_selproc = p; 973 #endif 974 splx(s); 975 return (0); 976 } 977 978 /* 979 * Incoming linkage from device drivers. Process the packet pkt, of length 980 * pktlen, which is stored in a contiguous buffer. The packet is parsed 981 * by each process' filter, and if accepted, stashed into the corresponding 982 * buffer. 983 */ 984 void 985 bpf_tap(arg, pkt, pktlen) 986 caddr_t arg; 987 register u_char *pkt; 988 register u_int pktlen; 989 { 990 struct bpf_if *bp; 991 register struct bpf_d *d; 992 register size_t slen; 993 /* 994 * Note that the ipl does not have to be raised at this point. 995 * The only problem that could arise here is that if two different 996 * interfaces shared any data. This is not the case. 997 */ 998 bp = (struct bpf_if *)arg; 999 for (d = bp->bif_dlist; d != 0; d = d->bd_next) { 1000 ++d->bd_rcount; 1001 slen = bpf_filter(d->bd_filter, pkt, pktlen, pktlen); 1002 if (slen != 0) 1003 catchpacket(d, pkt, pktlen, slen, bcopy); 1004 } 1005 } 1006 1007 /* 1008 * Copy data from an mbuf chain into a buffer. This code is derived 1009 * from m_copydata in sys/uipc_mbuf.c. 1010 */ 1011 static void 1012 bpf_mcopy(src_arg, dst_arg, len) 1013 const void *src_arg; 1014 void *dst_arg; 1015 register size_t len; 1016 { 1017 register const struct mbuf *m; 1018 register u_int count; 1019 u_char *dst; 1020 1021 m = src_arg; 1022 dst = dst_arg; 1023 while (len > 0) { 1024 if (m == 0) 1025 panic("bpf_mcopy"); 1026 count = min(m->m_len, len); 1027 bcopy(mtod(m, caddr_t), (caddr_t)dst, count); 1028 m = m->m_next; 1029 dst += count; 1030 len -= count; 1031 } 1032 } 1033 1034 /* 1035 * Incoming linkage from device drivers, when packet is in an mbuf chain. 1036 */ 1037 void 1038 bpf_mtap(arg, m) 1039 caddr_t arg; 1040 struct mbuf *m; 1041 { 1042 struct bpf_if *bp = (struct bpf_if *)arg; 1043 struct bpf_d *d; 1044 size_t pktlen, slen; 1045 struct mbuf *m0; 1046 1047 pktlen = 0; 1048 for (m0 = m; m0 != 0; m0 = m0->m_next) 1049 pktlen += m0->m_len; 1050 1051 for (d = bp->bif_dlist; d != 0; d = d->bd_next) { 1052 ++d->bd_rcount; 1053 slen = bpf_filter(d->bd_filter, (u_char *)m, pktlen, 0); 1054 if (slen != 0) 1055 catchpacket(d, (u_char *)m, pktlen, slen, bpf_mcopy); 1056 } 1057 } 1058 1059 /* 1060 * Move the packet data from interface memory (pkt) into the 1061 * store buffer. Return 1 if it's time to wakeup a listener (buffer full), 1062 * otherwise 0. "copy" is the routine called to do the actual data 1063 * transfer. bcopy is passed in to copy contiguous chunks, while 1064 * bpf_mcopy is passed in to copy mbuf chains. In the latter case, 1065 * pkt is really an mbuf. 1066 */ 1067 static void 1068 catchpacket(d, pkt, pktlen, snaplen, cpfn) 1069 register struct bpf_d *d; 1070 register u_char *pkt; 1071 register size_t pktlen, snaplen; 1072 register void (*cpfn) __P((const void *, void *, size_t)); 1073 { 1074 register struct bpf_hdr *hp; 1075 register int totlen, curlen; 1076 register int hdrlen = d->bd_bif->bif_hdrlen; 1077 /* 1078 * Figure out how many bytes to move. If the packet is 1079 * greater or equal to the snapshot length, transfer that 1080 * much. Otherwise, transfer the whole packet (unless 1081 * we hit the buffer size limit). 1082 */ 1083 totlen = hdrlen + min(snaplen, pktlen); 1084 if (totlen > d->bd_bufsize) 1085 totlen = d->bd_bufsize; 1086 1087 /* 1088 * Round up the end of the previous packet to the next longword. 1089 */ 1090 curlen = BPF_WORDALIGN(d->bd_slen); 1091 if (curlen + totlen > d->bd_bufsize) { 1092 /* 1093 * This packet will overflow the storage buffer. 1094 * Rotate the buffers if we can, then wakeup any 1095 * pending reads. 1096 */ 1097 if (d->bd_fbuf == 0) { 1098 /* 1099 * We haven't completed the previous read yet, 1100 * so drop the packet. 1101 */ 1102 ++d->bd_dcount; 1103 return; 1104 } 1105 ROTATE_BUFFERS(d); 1106 bpf_wakeup(d); 1107 curlen = 0; 1108 } 1109 else if (d->bd_immediate) 1110 /* 1111 * Immediate mode is set. A packet arrived so any 1112 * reads should be woken up. 1113 */ 1114 bpf_wakeup(d); 1115 1116 /* 1117 * Append the bpf header. 1118 */ 1119 hp = (struct bpf_hdr *)(d->bd_sbuf + curlen); 1120 #if BSD >= 199103 1121 microtime(&hp->bh_tstamp); 1122 #elif defined(sun) 1123 uniqtime(&hp->bh_tstamp); 1124 #else 1125 hp->bh_tstamp = time; 1126 #endif 1127 hp->bh_datalen = pktlen; 1128 hp->bh_hdrlen = hdrlen; 1129 /* 1130 * Copy the packet data into the store buffer and update its length. 1131 */ 1132 (*cpfn)(pkt, (u_char *)hp + hdrlen, (hp->bh_caplen = totlen - hdrlen)); 1133 d->bd_slen = curlen + totlen; 1134 } 1135 1136 /* 1137 * Initialize all nonzero fields of a descriptor. 1138 */ 1139 static int 1140 bpf_allocbufs(d) 1141 register struct bpf_d *d; 1142 { 1143 d->bd_fbuf = (caddr_t)malloc(d->bd_bufsize, M_DEVBUF, M_WAITOK); 1144 if (d->bd_fbuf == 0) 1145 return (ENOBUFS); 1146 1147 d->bd_sbuf = (caddr_t)malloc(d->bd_bufsize, M_DEVBUF, M_WAITOK); 1148 if (d->bd_sbuf == 0) { 1149 free(d->bd_fbuf, M_DEVBUF); 1150 return (ENOBUFS); 1151 } 1152 d->bd_slen = 0; 1153 d->bd_hlen = 0; 1154 return (0); 1155 } 1156 1157 /* 1158 * Free buffers currently in use by a descriptor. 1159 * Called on close. 1160 */ 1161 static void 1162 bpf_freed(d) 1163 register struct bpf_d *d; 1164 { 1165 /* 1166 * We don't need to lock out interrupts since this descriptor has 1167 * been detached from its interface and it yet hasn't been marked 1168 * free. 1169 */ 1170 if (d->bd_sbuf != 0) { 1171 free(d->bd_sbuf, M_DEVBUF); 1172 if (d->bd_hbuf != 0) 1173 free(d->bd_hbuf, M_DEVBUF); 1174 if (d->bd_fbuf != 0) 1175 free(d->bd_fbuf, M_DEVBUF); 1176 } 1177 if (d->bd_filter) 1178 free((caddr_t)d->bd_filter, M_DEVBUF); 1179 1180 D_MARKFREE(d); 1181 } 1182 1183 /* 1184 * Attach an interface to bpf. driverp is a pointer to a (struct bpf_if *) 1185 * in the driver's softc; dlt is the link layer type; hdrlen is the fixed 1186 * size of the link header (variable length headers not yet supported). 1187 */ 1188 void 1189 bpfattach(driverp, ifp, dlt, hdrlen) 1190 caddr_t *driverp; 1191 struct ifnet *ifp; 1192 u_int dlt, hdrlen; 1193 { 1194 struct bpf_if *bp; 1195 int i; 1196 #if BSD < 199103 1197 static struct bpf_if bpf_ifs[NBPFILTER]; 1198 static int bpfifno; 1199 1200 bp = (bpfifno < NBPFILTER) ? &bpf_ifs[bpfifno++] : 0; 1201 #else 1202 bp = (struct bpf_if *)malloc(sizeof(*bp), M_DEVBUF, M_DONTWAIT); 1203 #endif 1204 if (bp == 0) 1205 panic("bpfattach"); 1206 1207 bp->bif_dlist = 0; 1208 bp->bif_driverp = (struct bpf_if **)driverp; 1209 bp->bif_ifp = ifp; 1210 bp->bif_dlt = dlt; 1211 1212 bp->bif_next = bpf_iflist; 1213 bpf_iflist = bp; 1214 1215 *bp->bif_driverp = 0; 1216 1217 /* 1218 * Compute the length of the bpf header. This is not necessarily 1219 * equal to SIZEOF_BPF_HDR because we want to insert spacing such 1220 * that the network layer header begins on a longword boundary (for 1221 * performance reasons and to alleviate alignment restrictions). 1222 */ 1223 bp->bif_hdrlen = BPF_WORDALIGN(hdrlen + SIZEOF_BPF_HDR) - hdrlen; 1224 1225 /* 1226 * Mark all the descriptors free if this hasn't been done. 1227 */ 1228 if (!D_ISFREE(&bpf_dtab[0])) 1229 for (i = 0; i < NBPFILTER; ++i) 1230 D_MARKFREE(&bpf_dtab[i]); 1231 1232 #if 0 1233 printf("bpf: %s%d attached\n", ifp->if_name, ifp->if_unit); 1234 #endif 1235 } 1236 1237 #if BSD >= 199103 1238 /* XXX This routine belongs in net/if.c. */ 1239 /* 1240 * Set/clear promiscuous mode on interface ifp based on the truth value 1241 * of pswitch. The calls are reference counted so that only the first 1242 * "on" request actually has an effect, as does the final "off" request. 1243 * Results are undefined if the "off" and "on" requests are not matched. 1244 */ 1245 int 1246 ifpromisc(ifp, pswitch) 1247 struct ifnet *ifp; 1248 int pswitch; 1249 { 1250 struct ifreq ifr; 1251 1252 if (pswitch) { 1253 /* 1254 * If the device is not configured up, we cannot put it in 1255 * promiscuous mode. 1256 */ 1257 if ((ifp->if_flags & IFF_UP) == 0) 1258 return (ENETDOWN); 1259 if (ifp->if_pcount++ != 0) 1260 return (0); 1261 ifp->if_flags |= IFF_PROMISC; 1262 } else { 1263 if (--ifp->if_pcount > 0) 1264 return (0); 1265 ifp->if_flags &= ~IFF_PROMISC; 1266 /* 1267 * If the device is not configured up, we should not need to 1268 * turn off promiscuous mode (device should have turned it 1269 * off when interface went down; and will look at IFF_PROMISC 1270 * again next time interface comes up). 1271 */ 1272 if ((ifp->if_flags & IFF_UP) == 0) 1273 return (0); 1274 } 1275 ifr.ifr_flags = ifp->if_flags; 1276 return ((*ifp->if_ioctl)(ifp, SIOCSIFFLAGS, (caddr_t)&ifr)); 1277 } 1278 #endif 1279 1280 #if BSD < 199103 1281 /* 1282 * Allocate some memory for bpf. This is temporary SunOS support, and 1283 * is admittedly a hack. 1284 * If resources unavaiable, return 0. 1285 */ 1286 static caddr_t 1287 bpf_alloc(size, canwait) 1288 register int size; 1289 register int canwait; 1290 { 1291 register struct mbuf *m; 1292 1293 if ((unsigned)size > (MCLBYTES-8)) 1294 return 0; 1295 1296 MGET(m, canwait, MT_DATA); 1297 if (m == 0) 1298 return 0; 1299 if ((unsigned)size > (MLEN-8)) { 1300 MCLGET(m); 1301 if (m->m_len != MCLBYTES) { 1302 m_freem(m); 1303 return 0; 1304 } 1305 } 1306 *mtod(m, struct mbuf **) = m; 1307 return mtod(m, caddr_t) + 8; 1308 } 1309 #endif 1310
Indexes created Wed Oct 01 12:09:54 GMT 2025