bpf.c revision 1.50
1 /* $NetBSD: bpf.c,v 1.50 2000/02/02 08:36:02 enami Exp $ */ 2 3 /* 4 * Copyright (c) 1990, 1991, 1993 5 * The Regents of the University of California. All rights reserved. 6 * 7 * This code is derived from the Stanford/CMU enet packet filter, 8 * (net/enet.c) distributed as part of 4.3BSD, and code contributed 9 * to Berkeley by Steven McCanne and Van Jacobson both of Lawrence 10 * Berkeley Laboratory. 11 * 12 * Redistribution and use in source and binary forms, with or without 13 * modification, are permitted provided that the following conditions 14 * are met: 15 * 1. Redistributions of source code must retain the above copyright 16 * notice, this list of conditions and the following disclaimer. 17 * 2. Redistributions in binary form must reproduce the above copyright 18 * notice, this list of conditions and the following disclaimer in the 19 * documentation and/or other materials provided with the distribution. 20 * 3. All advertising materials mentioning features or use of this software 21 * must display the following acknowledgement: 22 * This product includes software developed by the University of 23 * California, Berkeley and its contributors. 24 * 4. Neither the name of the University nor the names of its contributors 25 * may be used to endorse or promote products derived from this software 26 * without specific prior written permission. 27 * 28 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 29 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 30 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 31 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 32 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 33 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 34 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 35 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 36 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 37 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 38 * SUCH DAMAGE. 39 * 40 * @(#)bpf.c 8.4 (Berkeley) 1/9/95 41 * static char rcsid[] = 42 * "Header: bpf.c,v 1.67 96/09/26 22:00:52 leres Exp "; 43 */ 44 45 #include "bpfilter.h" 46 47 #include <sys/param.h> 48 #include <sys/systm.h> 49 #include <sys/mbuf.h> 50 #include <sys/buf.h> 51 #include <sys/time.h> 52 #include <sys/proc.h> 53 #include <sys/user.h> 54 #include <sys/ioctl.h> 55 #include <sys/map.h> 56 #include <sys/conf.h> 57 58 #include <sys/file.h> 59 #if defined(sparc) && BSD < 199103 60 #include <sys/stream.h> 61 #endif 62 #include <sys/tty.h> 63 #include <sys/uio.h> 64 65 #include <sys/protosw.h> 66 #include <sys/socket.h> 67 #include <sys/errno.h> 68 #include <sys/kernel.h> 69 #include <sys/poll.h> 70 71 #include <net/if.h> 72 73 #include <net/bpf.h> 74 #include <net/bpfdesc.h> 75 76 #include <net/if_arc.h> 77 #include <net/if_ether.h> 78 79 #include <netinet/in.h> 80 #include <netinet/if_inarp.h> 81 82 /* 83 * Older BSDs don't have kernel malloc. 84 */ 85 #if BSD < 199103 86 extern bcopy(); 87 static caddr_t bpf_alloc(); 88 #include <net/bpf_compat.h> 89 #define BPF_BUFSIZE (MCLBYTES-8) 90 #define UIOMOVE(cp, len, code, uio) uiomove(cp, len, code, uio) 91 #else 92 #define BPF_BUFSIZE 8192 /* 4096 too small for FDDI frames */ 93 #define UIOMOVE(cp, len, code, uio) uiomove(cp, len, uio) 94 #endif 95 96 #define PRINET 26 /* interruptible */ 97 98 /* 99 * The default read buffer size is patchable. 100 */ 101 int bpf_bufsize = BPF_BUFSIZE; 102 103 /* 104 * bpf_iflist is the list of interfaces; each corresponds to an ifnet 105 * bpf_dtab holds the descriptors, indexed by minor device # 106 */ 107 struct bpf_if *bpf_iflist; 108 struct bpf_d bpf_dtab[NBPFILTER]; 109 110 static int bpf_allocbufs __P((struct bpf_d *)); 111 static void bpf_freed __P((struct bpf_d *)); 112 static void bpf_ifname __P((struct ifnet *, struct ifreq *)); 113 static void *bpf_mcpy __P((void *, const void *, size_t)); 114 static int bpf_movein __P((struct uio *, int, int, 115 struct mbuf **, struct sockaddr *)); 116 static void bpf_attachd __P((struct bpf_d *, struct bpf_if *)); 117 static void bpf_detachd __P((struct bpf_d *)); 118 static int bpf_setif __P((struct bpf_d *, struct ifreq *)); 119 int bpfpoll __P((dev_t, int, struct proc *)); 120 static __inline void 121 bpf_wakeup __P((struct bpf_d *)); 122 static void catchpacket __P((struct bpf_d *, u_char *, u_int, u_int, 123 void *(*)(void *, const void *, size_t))); 124 static void reset_d __P((struct bpf_d *)); 125 126 static int 127 bpf_movein(uio, linktype, mtu, mp, sockp) 128 register struct uio *uio; 129 int linktype; 130 int mtu; 131 register struct mbuf **mp; 132 register struct sockaddr *sockp; 133 { 134 struct mbuf *m; 135 int error; 136 int len; 137 int hlen; 138 int align; 139 140 /* 141 * Build a sockaddr based on the data link layer type. 142 * We do this at this level because the ethernet header 143 * is copied directly into the data field of the sockaddr. 144 * In the case of SLIP, there is no header and the packet 145 * is forwarded as is. 146 * Also, we are careful to leave room at the front of the mbuf 147 * for the link level header. 148 */ 149 switch (linktype) { 150 151 case DLT_SLIP: 152 sockp->sa_family = AF_INET; 153 hlen = 0; 154 align = 0; 155 break; 156 157 case DLT_PPP: 158 sockp->sa_family = AF_UNSPEC; 159 hlen = 0; 160 align = 0; 161 break; 162 163 case DLT_EN10MB: 164 sockp->sa_family = AF_UNSPEC; 165 /* XXX Would MAXLINKHDR be better? */ 166 /* 6(dst)+6(src)+2(type) */ 167 hlen = sizeof(struct ether_header); 168 align = 2; 169 break; 170 171 case DLT_ARCNET: 172 sockp->sa_family = AF_UNSPEC; 173 hlen = ARC_HDRLEN; 174 align = 5; 175 break; 176 177 case DLT_FDDI: 178 sockp->sa_family = AF_UNSPEC; 179 /* XXX 4(FORMAC)+6(dst)+6(src)+3(LLC)+5(SNAP) */ 180 hlen = 24; 181 align = 0; 182 break; 183 184 case DLT_NULL: 185 sockp->sa_family = AF_UNSPEC; 186 hlen = 0; 187 align = 0; 188 break; 189 190 default: 191 return (EIO); 192 } 193 194 len = uio->uio_resid; 195 /* 196 * If there aren't enough bytes for a link level header or the 197 * packet length exceeds the interface mtu, return an error. 198 */ 199 if (len < hlen || len - hlen > mtu) 200 return (EMSGSIZE); 201 202 /* 203 * XXX Avoid complicated buffer chaining --- 204 * bail if it won't fit in a single mbuf. 205 * (Take into account possible alignment bytes) 206 */ 207 if ((unsigned)len > MCLBYTES - align) 208 return (EIO); 209 210 MGETHDR(m, M_WAIT, MT_DATA); 211 if (m == 0) 212 return (ENOBUFS); 213 m->m_pkthdr.rcvif = 0; 214 m->m_pkthdr.len = len - hlen; 215 if (len > MHLEN - align) { 216 #if BSD >= 199103 217 MCLGET(m, M_WAIT); 218 if ((m->m_flags & M_EXT) == 0) { 219 #else 220 MCLGET(m); 221 if (m->m_len != MCLBYTES) { 222 #endif 223 error = ENOBUFS; 224 goto bad; 225 } 226 } 227 228 /* Insure the data is properly aligned */ 229 if (align > 0) { 230 #if BSD >= 199103 231 m->m_data += align; 232 #else 233 m->m_off += align; 234 #endif 235 m->m_len -= align; 236 } 237 238 error = UIOMOVE(mtod(m, caddr_t), len, UIO_WRITE, uio); 239 if (error) 240 goto bad; 241 if (hlen != 0) { 242 memcpy(sockp->sa_data, mtod(m, caddr_t), hlen); 243 #if BSD >= 199103 244 m->m_data += hlen; /* XXX */ 245 #else 246 m->m_off += hlen; 247 #endif 248 len -= hlen; 249 } 250 m->m_len = len; 251 *mp = m; 252 return (0); 253 254 bad: 255 m_freem(m); 256 return (error); 257 } 258 259 /* 260 * Attach file to the bpf interface, i.e. make d listen on bp. 261 * Must be called at splimp. 262 */ 263 static void 264 bpf_attachd(d, bp) 265 struct bpf_d *d; 266 struct bpf_if *bp; 267 { 268 /* 269 * Point d at bp, and add d to the interface's list of listeners. 270 * Finally, point the driver's bpf cookie at the interface so 271 * it will divert packets to bpf. 272 */ 273 d->bd_bif = bp; 274 d->bd_next = bp->bif_dlist; 275 bp->bif_dlist = d; 276 277 *bp->bif_driverp = bp; 278 } 279 280 /* 281 * Detach a file from its interface. 282 */ 283 static void 284 bpf_detachd(d) 285 struct bpf_d *d; 286 { 287 struct bpf_d **p; 288 struct bpf_if *bp; 289 290 bp = d->bd_bif; 291 /* 292 * Check if this descriptor had requested promiscuous mode. 293 * If so, turn it off. 294 */ 295 if (d->bd_promisc) { 296 int error; 297 298 d->bd_promisc = 0; 299 /* 300 * Take device out of promiscuous mode. Since we were 301 * able to enter promiscuous mode, we should be able 302 * to turn it off. But we can get an error if 303 * the interface was configured down, so only panic 304 * if we don't get an unexpected error. 305 */ 306 error = ifpromisc(bp->bif_ifp, 0); 307 if (error && error != EINVAL) 308 panic("bpf: ifpromisc failed"); 309 } 310 /* Remove d from the interface's descriptor list. */ 311 p = &bp->bif_dlist; 312 while (*p != d) { 313 p = &(*p)->bd_next; 314 if (*p == 0) 315 panic("bpf_detachd: descriptor not in list"); 316 } 317 *p = (*p)->bd_next; 318 if (bp->bif_dlist == 0) 319 /* 320 * Let the driver know that there are no more listeners. 321 */ 322 *d->bd_bif->bif_driverp = 0; 323 d->bd_bif = 0; 324 } 325 326 327 /* 328 * Mark a descriptor free by making it point to itself. 329 * This is probably cheaper than marking with a constant since 330 * the address should be in a register anyway. 331 */ 332 #define D_ISFREE(d) ((d) == (d)->bd_next) 333 #define D_MARKFREE(d) ((d)->bd_next = (d)) 334 #define D_MARKUSED(d) ((d)->bd_next = 0) 335 336 /* 337 * bpfilterattach() is called at boot time. 338 */ 339 /* ARGSUSED */ 340 void 341 bpfilterattach(n) 342 int n; 343 { 344 int i; 345 /* 346 * Mark all the descriptors free. 347 */ 348 for (i = 0; i < NBPFILTER; ++i) 349 D_MARKFREE(&bpf_dtab[i]); 350 351 } 352 353 /* 354 * Open ethernet device. Returns ENXIO for illegal minor device number, 355 * EBUSY if file is open by another process. 356 */ 357 /* ARGSUSED */ 358 int 359 bpfopen(dev, flag, mode, p) 360 dev_t dev; 361 int flag; 362 int mode; 363 struct proc *p; 364 { 365 register struct bpf_d *d; 366 367 if (minor(dev) >= NBPFILTER) 368 return (ENXIO); 369 /* 370 * Each minor can be opened by only one process. If the requested 371 * minor is in use, return EBUSY. 372 */ 373 d = &bpf_dtab[minor(dev)]; 374 if (!D_ISFREE(d)) 375 return (EBUSY); 376 377 /* Mark "free" and do most initialization. */ 378 memset((char *)d, 0, sizeof(*d)); 379 d->bd_bufsize = bpf_bufsize; 380 381 return (0); 382 } 383 384 /* 385 * Close the descriptor by detaching it from its interface, 386 * deallocating its buffers, and marking it free. 387 */ 388 /* ARGSUSED */ 389 int 390 bpfclose(dev, flag, mode, p) 391 dev_t dev; 392 int flag; 393 int mode; 394 struct proc *p; 395 { 396 register struct bpf_d *d = &bpf_dtab[minor(dev)]; 397 register int s; 398 399 s = splimp(); 400 if (d->bd_bif) 401 bpf_detachd(d); 402 splx(s); 403 bpf_freed(d); 404 405 return (0); 406 } 407 408 /* 409 * Support for SunOS, which does not have tsleep. 410 */ 411 #if BSD < 199103 412 static 413 bpf_timeout(arg) 414 caddr_t arg; 415 { 416 struct bpf_d *d = (struct bpf_d *)arg; 417 d->bd_timedout = 1; 418 wakeup(arg); 419 } 420 421 #define BPF_SLEEP(chan, pri, s, t) bpf_sleep((struct bpf_d *)chan) 422 423 int 424 bpf_sleep(d) 425 register struct bpf_d *d; 426 { 427 register int rto = d->bd_rtout; 428 register int st; 429 430 if (rto != 0) { 431 d->bd_timedout = 0; 432 timeout(bpf_timeout, (caddr_t)d, rto); 433 } 434 st = sleep((caddr_t)d, PRINET|PCATCH); 435 if (rto != 0) { 436 if (d->bd_timedout == 0) 437 untimeout(bpf_timeout, (caddr_t)d); 438 else if (st == 0) 439 return EWOULDBLOCK; 440 } 441 return (st != 0) ? EINTR : 0; 442 } 443 #else 444 #define BPF_SLEEP tsleep 445 #endif 446 447 /* 448 * Rotate the packet buffers in descriptor d. Move the store buffer 449 * into the hold slot, and the free buffer into the store slot. 450 * Zero the length of the new store buffer. 451 */ 452 #define ROTATE_BUFFERS(d) \ 453 (d)->bd_hbuf = (d)->bd_sbuf; \ 454 (d)->bd_hlen = (d)->bd_slen; \ 455 (d)->bd_sbuf = (d)->bd_fbuf; \ 456 (d)->bd_slen = 0; \ 457 (d)->bd_fbuf = 0; 458 /* 459 * bpfread - read next chunk of packets from buffers 460 */ 461 int 462 bpfread(dev, uio, ioflag) 463 dev_t dev; 464 register struct uio *uio; 465 int ioflag; 466 { 467 register struct bpf_d *d = &bpf_dtab[minor(dev)]; 468 int error; 469 int s; 470 471 /* 472 * Restrict application to use a buffer the same size as 473 * as kernel buffers. 474 */ 475 if (uio->uio_resid != d->bd_bufsize) 476 return (EINVAL); 477 478 s = splimp(); 479 /* 480 * If the hold buffer is empty, then do a timed sleep, which 481 * ends when the timeout expires or when enough packets 482 * have arrived to fill the store buffer. 483 */ 484 while (d->bd_hbuf == 0) { 485 if (d->bd_immediate) { 486 if (d->bd_slen == 0) { 487 splx(s); 488 return (EWOULDBLOCK); 489 } 490 /* 491 * A packet(s) either arrived since the previous 492 * read or arrived while we were asleep. 493 * Rotate the buffers and return what's here. 494 */ 495 ROTATE_BUFFERS(d); 496 break; 497 } 498 if (d->bd_rtout != -1) 499 error = BPF_SLEEP((caddr_t)d, PRINET|PCATCH, "bpf", 500 d->bd_rtout); 501 else 502 error = EWOULDBLOCK; /* User requested non-blocking I/O */ 503 if (error == EINTR || error == ERESTART) { 504 splx(s); 505 return (error); 506 } 507 if (error == EWOULDBLOCK) { 508 /* 509 * On a timeout, return what's in the buffer, 510 * which may be nothing. If there is something 511 * in the store buffer, we can rotate the buffers. 512 */ 513 if (d->bd_hbuf) 514 /* 515 * We filled up the buffer in between 516 * getting the timeout and arriving 517 * here, so we don't need to rotate. 518 */ 519 break; 520 521 if (d->bd_slen == 0) { 522 splx(s); 523 return (0); 524 } 525 ROTATE_BUFFERS(d); 526 break; 527 } 528 if (error != 0) 529 goto done; 530 } 531 /* 532 * At this point, we know we have something in the hold slot. 533 */ 534 splx(s); 535 536 /* 537 * Move data from hold buffer into user space. 538 * We know the entire buffer is transferred since 539 * we checked above that the read buffer is bpf_bufsize bytes. 540 */ 541 error = UIOMOVE(d->bd_hbuf, d->bd_hlen, UIO_READ, uio); 542 543 s = splimp(); 544 d->bd_fbuf = d->bd_hbuf; 545 d->bd_hbuf = 0; 546 d->bd_hlen = 0; 547 done: 548 splx(s); 549 return (error); 550 } 551 552 553 /* 554 * If there are processes sleeping on this descriptor, wake them up. 555 */ 556 static __inline void 557 bpf_wakeup(d) 558 register struct bpf_d *d; 559 { 560 struct proc *p; 561 562 wakeup((caddr_t)d); 563 if (d->bd_async) { 564 if (d->bd_pgid > 0) 565 gsignal (d->bd_pgid, SIGIO); 566 else if ((p = pfind (-d->bd_pgid)) != NULL) 567 psignal (p, SIGIO); 568 } 569 570 #if BSD >= 199103 571 selwakeup(&d->bd_sel); 572 /* XXX */ 573 d->bd_sel.si_pid = 0; 574 #else 575 if (d->bd_selproc) { 576 selwakeup(d->bd_selproc, (int)d->bd_selcoll); 577 d->bd_selcoll = 0; 578 d->bd_selproc = 0; 579 } 580 #endif 581 } 582 583 int 584 bpfwrite(dev, uio, ioflag) 585 dev_t dev; 586 struct uio *uio; 587 int ioflag; 588 { 589 register struct bpf_d *d = &bpf_dtab[minor(dev)]; 590 struct ifnet *ifp; 591 struct mbuf *m; 592 int error, s; 593 static struct sockaddr dst; 594 595 if (d->bd_bif == 0) 596 return (ENXIO); 597 598 ifp = d->bd_bif->bif_ifp; 599 600 if (uio->uio_resid == 0) 601 return (0); 602 603 error = bpf_movein(uio, (int)d->bd_bif->bif_dlt, ifp->if_mtu, &m, &dst); 604 if (error) 605 return (error); 606 607 if (m->m_pkthdr.len > ifp->if_mtu) 608 return (EMSGSIZE); 609 610 if (d->bd_hdrcmplt) 611 dst.sa_family = pseudo_AF_HDRCMPLT; 612 613 s = splsoftnet(); 614 #if BSD >= 199103 615 error = (*ifp->if_output)(ifp, m, &dst, (struct rtentry *)0); 616 #else 617 error = (*ifp->if_output)(ifp, m, &dst); 618 #endif 619 splx(s); 620 /* 621 * The driver frees the mbuf. 622 */ 623 return (error); 624 } 625 626 /* 627 * Reset a descriptor by flushing its packet buffer and clearing the 628 * receive and drop counts. Should be called at splimp. 629 */ 630 static void 631 reset_d(d) 632 struct bpf_d *d; 633 { 634 if (d->bd_hbuf) { 635 /* Free the hold buffer. */ 636 d->bd_fbuf = d->bd_hbuf; 637 d->bd_hbuf = 0; 638 } 639 d->bd_slen = 0; 640 d->bd_hlen = 0; 641 d->bd_rcount = 0; 642 d->bd_dcount = 0; 643 } 644 645 #ifdef BPF_KERN_FILTER 646 extern struct bpf_insn *bpf_tcp_filter; 647 extern struct bpf_insn *bpf_udp_filter; 648 #endif 649 650 /* 651 * FIONREAD Check for read packet available. 652 * BIOCGBLEN Get buffer len [for read()]. 653 * BIOCSETF Set ethernet read filter. 654 * BIOCFLUSH Flush read packet buffer. 655 * BIOCPROMISC Put interface into promiscuous mode. 656 * BIOCGDLT Get link layer type. 657 * BIOCGETIF Get interface name. 658 * BIOCSETIF Set interface. 659 * BIOCSRTIMEOUT Set read timeout. 660 * BIOCGRTIMEOUT Get read timeout. 661 * BIOCGSTATS Get packet stats. 662 * BIOCIMMEDIATE Set immediate mode. 663 * BIOCVERSION Get filter language version. 664 * BIOGHDRCMPLT Get "header already complete" flag. 665 * BIOSHDRCMPLT Set "header already complete" flag. 666 */ 667 /* ARGSUSED */ 668 int 669 bpfioctl(dev, cmd, addr, flag, p) 670 dev_t dev; 671 u_long cmd; 672 caddr_t addr; 673 int flag; 674 struct proc *p; 675 { 676 register struct bpf_d *d = &bpf_dtab[minor(dev)]; 677 int s, error = 0; 678 #ifdef BPF_KERN_FILTER 679 register struct bpf_insn **p; 680 #endif 681 682 switch (cmd) { 683 684 default: 685 error = EINVAL; 686 break; 687 688 /* 689 * Check for read packet available. 690 */ 691 case FIONREAD: 692 { 693 int n; 694 695 s = splimp(); 696 n = d->bd_slen; 697 if (d->bd_hbuf) 698 n += d->bd_hlen; 699 splx(s); 700 701 *(int *)addr = n; 702 break; 703 } 704 705 /* 706 * Get buffer len [for read()]. 707 */ 708 case BIOCGBLEN: 709 *(u_int *)addr = d->bd_bufsize; 710 break; 711 712 /* 713 * Set buffer length. 714 */ 715 case BIOCSBLEN: 716 #if BSD < 199103 717 error = EINVAL; 718 #else 719 if (d->bd_bif != 0) 720 error = EINVAL; 721 else { 722 register u_int size = *(u_int *)addr; 723 724 if (size > BPF_MAXBUFSIZE) 725 *(u_int *)addr = size = BPF_MAXBUFSIZE; 726 else if (size < BPF_MINBUFSIZE) 727 *(u_int *)addr = size = BPF_MINBUFSIZE; 728 d->bd_bufsize = size; 729 } 730 #endif 731 break; 732 733 /* 734 * Set link layer read filter. 735 */ 736 case BIOCSETF: 737 error = bpf_setf(d, (struct bpf_program *)addr); 738 break; 739 740 #ifdef BPF_KERN_FILTER 741 /* 742 * Set TCP or UDP reject filter. 743 */ 744 case BIOCSTCPF: 745 case BIOCSUDPF: 746 if (!suser()) { 747 error = EPERM; 748 break; 749 } 750 751 /* Validate and store filter */ 752 error = bpf_setf(d, (struct bpf_program *)addr); 753 754 /* Free possible old filter */ 755 if (cmd == BIOCSTCPF) 756 p = &bpf_tcp_filter; 757 else 758 p = &bpf_udp_filter; 759 if (*p != NULL) 760 free((caddr_t)*p, M_DEVBUF); 761 762 /* Steal new filter (noop if error) */ 763 s = splimp(); 764 *p = d->bd_filter; 765 d->bd_filter = NULL; 766 splx(s); 767 break; 768 #endif 769 770 /* 771 * Flush read packet buffer. 772 */ 773 case BIOCFLUSH: 774 s = splimp(); 775 reset_d(d); 776 splx(s); 777 break; 778 779 /* 780 * Put interface into promiscuous mode. 781 */ 782 case BIOCPROMISC: 783 if (d->bd_bif == 0) { 784 /* 785 * No interface attached yet. 786 */ 787 error = EINVAL; 788 break; 789 } 790 s = splimp(); 791 if (d->bd_promisc == 0) { 792 error = ifpromisc(d->bd_bif->bif_ifp, 1); 793 if (error == 0) 794 d->bd_promisc = 1; 795 } 796 splx(s); 797 break; 798 799 /* 800 * Get device parameters. 801 */ 802 case BIOCGDLT: 803 if (d->bd_bif == 0) 804 error = EINVAL; 805 else 806 *(u_int *)addr = d->bd_bif->bif_dlt; 807 break; 808 809 /* 810 * Set interface name. 811 */ 812 case BIOCGETIF: 813 if (d->bd_bif == 0) 814 error = EINVAL; 815 else 816 bpf_ifname(d->bd_bif->bif_ifp, (struct ifreq *)addr); 817 break; 818 819 /* 820 * Set interface. 821 */ 822 case BIOCSETIF: 823 error = bpf_setif(d, (struct ifreq *)addr); 824 break; 825 826 /* 827 * Set read timeout. 828 */ 829 case BIOCSRTIMEOUT: 830 { 831 struct timeval *tv = (struct timeval *)addr; 832 833 /* Compute number of ticks. */ 834 d->bd_rtout = tv->tv_sec * hz + tv->tv_usec / tick; 835 if ((d->bd_rtout == 0) && (tv->tv_usec != 0)) 836 d->bd_rtout = 1; 837 break; 838 } 839 840 /* 841 * Get read timeout. 842 */ 843 case BIOCGRTIMEOUT: 844 { 845 struct timeval *tv = (struct timeval *)addr; 846 847 tv->tv_sec = d->bd_rtout / hz; 848 tv->tv_usec = (d->bd_rtout % hz) * tick; 849 break; 850 } 851 852 /* 853 * Get packet stats. 854 */ 855 case BIOCGSTATS: 856 { 857 struct bpf_stat *bs = (struct bpf_stat *)addr; 858 859 bs->bs_recv = d->bd_rcount; 860 bs->bs_drop = d->bd_dcount; 861 break; 862 } 863 864 /* 865 * Set immediate mode. 866 */ 867 case BIOCIMMEDIATE: 868 d->bd_immediate = *(u_int *)addr; 869 break; 870 871 case BIOCVERSION: 872 { 873 struct bpf_version *bv = (struct bpf_version *)addr; 874 875 bv->bv_major = BPF_MAJOR_VERSION; 876 bv->bv_minor = BPF_MINOR_VERSION; 877 break; 878 } 879 880 case BIOCGHDRCMPLT: /* get "header already complete" flag */ 881 *(u_int *)addr = d->bd_hdrcmplt; 882 break; 883 884 case BIOCSHDRCMPLT: /* set "header already complete" flag */ 885 d->bd_hdrcmplt = *(u_int *)addr ? 1 : 0; 886 break; 887 888 case FIONBIO: /* Non-blocking I/O */ 889 if (*(int *)addr) 890 d->bd_rtout = -1; 891 else 892 d->bd_rtout = 0; 893 break; 894 895 case FIOASYNC: /* Send signal on receive packets */ 896 d->bd_async = *(int *)addr; 897 break; 898 899 /* 900 * N.B. ioctl (FIOSETOWN) and fcntl (F_SETOWN) both end up doing 901 * the equivalent of a TIOCSPGRP and hence end up here. *However* 902 * TIOCSPGRP's arg is a process group if it's positive and a process 903 * id if it's negative. This is exactly the opposite of what the 904 * other two functions want! Therefore there is code in ioctl and 905 * fcntl to negate the arg before calling here. 906 */ 907 case TIOCSPGRP: /* Process or group to send signals to */ 908 d->bd_pgid = *(int *)addr; 909 break; 910 911 case TIOCGPGRP: 912 *(int *)addr = d->bd_pgid; 913 break; 914 } 915 return (error); 916 } 917 918 /* 919 * Set d's packet filter program to fp. If this file already has a filter, 920 * free it and replace it. Returns EINVAL for bogus requests. 921 */ 922 int 923 bpf_setf(d, fp) 924 struct bpf_d *d; 925 struct bpf_program *fp; 926 { 927 struct bpf_insn *fcode, *old; 928 u_int flen, size; 929 int s; 930 931 old = d->bd_filter; 932 if (fp->bf_insns == 0) { 933 if (fp->bf_len != 0) 934 return (EINVAL); 935 s = splimp(); 936 d->bd_filter = 0; 937 reset_d(d); 938 splx(s); 939 if (old != 0) 940 free((caddr_t)old, M_DEVBUF); 941 return (0); 942 } 943 flen = fp->bf_len; 944 if (flen > BPF_MAXINSNS) 945 return (EINVAL); 946 947 size = flen * sizeof(*fp->bf_insns); 948 fcode = (struct bpf_insn *)malloc(size, M_DEVBUF, M_WAITOK); 949 if (copyin((caddr_t)fp->bf_insns, (caddr_t)fcode, size) == 0 && 950 bpf_validate(fcode, (int)flen)) { 951 s = splimp(); 952 d->bd_filter = fcode; 953 reset_d(d); 954 splx(s); 955 if (old != 0) 956 free((caddr_t)old, M_DEVBUF); 957 958 return (0); 959 } 960 free((caddr_t)fcode, M_DEVBUF); 961 return (EINVAL); 962 } 963 964 /* 965 * Detach a file from its current interface (if attached at all) and attach 966 * to the interface indicated by the name stored in ifr. 967 * Return an errno or 0. 968 */ 969 static int 970 bpf_setif(d, ifr) 971 struct bpf_d *d; 972 struct ifreq *ifr; 973 { 974 struct bpf_if *bp; 975 char *cp; 976 int unit_seen, i, s, error; 977 978 /* 979 * Make sure the provided name has a unit number, and default 980 * it to '0' if not specified. 981 * XXX This is ugly ... do this differently? 982 */ 983 unit_seen = 0; 984 cp = ifr->ifr_name; 985 cp[sizeof(ifr->ifr_name) - 1] = '\0'; /* sanity */ 986 while (*cp++) 987 if (*cp >= '0' && *cp <= '9') 988 unit_seen = 1; 989 if (!unit_seen) { 990 /* Make sure to leave room for the '\0'. */ 991 for (i = 0; i < (IFNAMSIZ - 1); ++i) { 992 if ((ifr->ifr_name[i] >= 'a' && 993 ifr->ifr_name[i] <= 'z') || 994 (ifr->ifr_name[i] >= 'A' && 995 ifr->ifr_name[i] <= 'Z')) 996 continue; 997 ifr->ifr_name[i] = '0'; 998 } 999 } 1000 1001 /* 1002 * Look through attached interfaces for the named one. 1003 */ 1004 for (bp = bpf_iflist; bp != 0; bp = bp->bif_next) { 1005 struct ifnet *ifp = bp->bif_ifp; 1006 1007 if (ifp == 0 || 1008 strcmp(ifp->if_xname, ifr->ifr_name) != 0) 1009 continue; 1010 /* 1011 * We found the requested interface. 1012 * If it's not up, return an error. 1013 * Allocate the packet buffers if we need to. 1014 * If we're already attached to requested interface, 1015 * just flush the buffer. 1016 */ 1017 if ((ifp->if_flags & IFF_UP) == 0) 1018 return (ENETDOWN); 1019 1020 if (d->bd_sbuf == 0) { 1021 error = bpf_allocbufs(d); 1022 if (error != 0) 1023 return (error); 1024 } 1025 s = splimp(); 1026 if (bp != d->bd_bif) { 1027 if (d->bd_bif) 1028 /* 1029 * Detach if attached to something else. 1030 */ 1031 bpf_detachd(d); 1032 1033 bpf_attachd(d, bp); 1034 } 1035 reset_d(d); 1036 splx(s); 1037 return (0); 1038 } 1039 /* Not found. */ 1040 return (ENXIO); 1041 } 1042 1043 /* 1044 * Copy the interface name to the ifreq. 1045 */ 1046 static void 1047 bpf_ifname(ifp, ifr) 1048 struct ifnet *ifp; 1049 struct ifreq *ifr; 1050 { 1051 1052 memcpy(ifr->ifr_name, ifp->if_xname, IFNAMSIZ); 1053 } 1054 1055 /* 1056 * Support for poll() system call 1057 * 1058 * Return true iff the specific operation will not block indefinitely. 1059 * Otherwise, return false but make a note that a selwakeup() must be done. 1060 */ 1061 int 1062 bpfpoll(dev, events, p) 1063 register dev_t dev; 1064 int events; 1065 struct proc *p; 1066 { 1067 register struct bpf_d *d = &bpf_dtab[minor(dev)]; 1068 int revents = 0; 1069 register int s = splimp(); 1070 1071 /* 1072 * An imitation of the FIONREAD ioctl code. 1073 */ 1074 if (events & (POLLIN | POLLRDNORM)) { 1075 if (d->bd_hlen != 0 || (d->bd_immediate && d->bd_slen != 0)) 1076 revents |= events & (POLLIN | POLLRDNORM); 1077 else 1078 selrecord(p, &d->bd_sel); 1079 } 1080 1081 splx(s); 1082 return (revents); 1083 } 1084 1085 /* 1086 * Incoming linkage from device drivers. Process the packet pkt, of length 1087 * pktlen, which is stored in a contiguous buffer. The packet is parsed 1088 * by each process' filter, and if accepted, stashed into the corresponding 1089 * buffer. 1090 */ 1091 void 1092 bpf_tap(arg, pkt, pktlen) 1093 caddr_t arg; 1094 register u_char *pkt; 1095 register u_int pktlen; 1096 { 1097 struct bpf_if *bp; 1098 register struct bpf_d *d; 1099 register u_int slen; 1100 /* 1101 * Note that the ipl does not have to be raised at this point. 1102 * The only problem that could arise here is that if two different 1103 * interfaces shared any data. This is not the case. 1104 */ 1105 bp = (struct bpf_if *)arg; 1106 for (d = bp->bif_dlist; d != 0; d = d->bd_next) { 1107 ++d->bd_rcount; 1108 slen = bpf_filter(d->bd_filter, pkt, pktlen, pktlen); 1109 if (slen != 0) 1110 catchpacket(d, pkt, pktlen, slen, memcpy); 1111 } 1112 } 1113 1114 /* 1115 * Copy data from an mbuf chain into a buffer. This code is derived 1116 * from m_copydata in sys/uipc_mbuf.c. 1117 */ 1118 static void * 1119 bpf_mcpy(dst_arg, src_arg, len) 1120 void *dst_arg; 1121 const void *src_arg; 1122 register size_t len; 1123 { 1124 register const struct mbuf *m; 1125 register u_int count; 1126 u_char *dst; 1127 1128 m = src_arg; 1129 dst = dst_arg; 1130 while (len > 0) { 1131 if (m == 0) 1132 panic("bpf_mcpy"); 1133 count = min(m->m_len, len); 1134 memcpy((caddr_t)dst, mtod(m, caddr_t), count); 1135 m = m->m_next; 1136 dst += count; 1137 len -= count; 1138 } 1139 return(dst_arg); 1140 } 1141 1142 /* 1143 * Incoming linkage from device drivers, when packet is in an mbuf chain. 1144 */ 1145 void 1146 bpf_mtap(arg, m) 1147 caddr_t arg; 1148 struct mbuf *m; 1149 { 1150 struct bpf_if *bp = (struct bpf_if *)arg; 1151 struct bpf_d *d; 1152 u_int pktlen, slen; 1153 struct mbuf *m0; 1154 1155 pktlen = 0; 1156 for (m0 = m; m0 != 0; m0 = m0->m_next) 1157 pktlen += m0->m_len; 1158 1159 for (d = bp->bif_dlist; d != 0; d = d->bd_next) { 1160 ++d->bd_rcount; 1161 slen = bpf_filter(d->bd_filter, (u_char *)m, pktlen, 0); 1162 if (slen != 0) 1163 catchpacket(d, (u_char *)m, pktlen, slen, bpf_mcpy); 1164 } 1165 } 1166 1167 /* 1168 * Move the packet data from interface memory (pkt) into the 1169 * store buffer. Return 1 if it's time to wakeup a listener (buffer full), 1170 * otherwise 0. "copy" is the routine called to do the actual data 1171 * transfer. memcpy is passed in to copy contiguous chunks, while 1172 * bpf_mcpy is passed in to copy mbuf chains. In the latter case, 1173 * pkt is really an mbuf. 1174 */ 1175 static void 1176 catchpacket(d, pkt, pktlen, snaplen, cpfn) 1177 register struct bpf_d *d; 1178 register u_char *pkt; 1179 register u_int pktlen, snaplen; 1180 register void *(*cpfn) __P((void *, const void *, size_t)); 1181 { 1182 register struct bpf_hdr *hp; 1183 register int totlen, curlen; 1184 register int hdrlen = d->bd_bif->bif_hdrlen; 1185 /* 1186 * Figure out how many bytes to move. If the packet is 1187 * greater or equal to the snapshot length, transfer that 1188 * much. Otherwise, transfer the whole packet (unless 1189 * we hit the buffer size limit). 1190 */ 1191 totlen = hdrlen + min(snaplen, pktlen); 1192 if (totlen > d->bd_bufsize) 1193 totlen = d->bd_bufsize; 1194 1195 /* 1196 * Round up the end of the previous packet to the next longword. 1197 */ 1198 curlen = BPF_WORDALIGN(d->bd_slen); 1199 if (curlen + totlen > d->bd_bufsize) { 1200 /* 1201 * This packet will overflow the storage buffer. 1202 * Rotate the buffers if we can, then wakeup any 1203 * pending reads. 1204 */ 1205 if (d->bd_fbuf == 0) { 1206 /* 1207 * We haven't completed the previous read yet, 1208 * so drop the packet. 1209 */ 1210 ++d->bd_dcount; 1211 return; 1212 } 1213 ROTATE_BUFFERS(d); 1214 bpf_wakeup(d); 1215 curlen = 0; 1216 } 1217 else if (d->bd_immediate) 1218 /* 1219 * Immediate mode is set. A packet arrived so any 1220 * reads should be woken up. 1221 */ 1222 bpf_wakeup(d); 1223 1224 /* 1225 * Append the bpf header. 1226 */ 1227 hp = (struct bpf_hdr *)(d->bd_sbuf + curlen); 1228 #if BSD >= 199103 1229 microtime(&hp->bh_tstamp); 1230 #elif defined(sun) 1231 uniqtime(&hp->bh_tstamp); 1232 #else 1233 hp->bh_tstamp = time; 1234 #endif 1235 hp->bh_datalen = pktlen; 1236 hp->bh_hdrlen = hdrlen; 1237 /* 1238 * Copy the packet data into the store buffer and update its length. 1239 */ 1240 (*cpfn)((u_char *)hp + hdrlen, pkt, (hp->bh_caplen = totlen - hdrlen)); 1241 d->bd_slen = curlen + totlen; 1242 } 1243 1244 /* 1245 * Initialize all nonzero fields of a descriptor. 1246 */ 1247 static int 1248 bpf_allocbufs(d) 1249 register struct bpf_d *d; 1250 { 1251 1252 d->bd_fbuf = (caddr_t)malloc(d->bd_bufsize, M_DEVBUF, M_WAITOK); 1253 d->bd_sbuf = (caddr_t)malloc(d->bd_bufsize, M_DEVBUF, M_WAITOK); 1254 d->bd_slen = 0; 1255 d->bd_hlen = 0; 1256 return (0); 1257 } 1258 1259 /* 1260 * Free buffers currently in use by a descriptor. 1261 * Called on close. 1262 */ 1263 static void 1264 bpf_freed(d) 1265 register struct bpf_d *d; 1266 { 1267 /* 1268 * We don't need to lock out interrupts since this descriptor has 1269 * been detached from its interface and it yet hasn't been marked 1270 * free. 1271 */ 1272 if (d->bd_sbuf != 0) { 1273 free(d->bd_sbuf, M_DEVBUF); 1274 if (d->bd_hbuf != 0) 1275 free(d->bd_hbuf, M_DEVBUF); 1276 if (d->bd_fbuf != 0) 1277 free(d->bd_fbuf, M_DEVBUF); 1278 } 1279 if (d->bd_filter) 1280 free((caddr_t)d->bd_filter, M_DEVBUF); 1281 1282 D_MARKFREE(d); 1283 } 1284 1285 /* 1286 * Attach an interface to bpf. driverp is a pointer to a (struct bpf_if *) 1287 * in the driver's softc; dlt is the link layer type; hdrlen is the fixed 1288 * size of the link header (variable length headers not yet supported). 1289 */ 1290 void 1291 bpfattach(driverp, ifp, dlt, hdrlen) 1292 caddr_t *driverp; 1293 struct ifnet *ifp; 1294 u_int dlt, hdrlen; 1295 { 1296 struct bpf_if *bp; 1297 #if BSD < 199103 1298 static struct bpf_if bpf_ifs[NBPFILTER]; 1299 static int bpfifno; 1300 1301 bp = (bpfifno < NBPFILTER) ? &bpf_ifs[bpfifno++] : 0; 1302 #else 1303 bp = (struct bpf_if *)malloc(sizeof(*bp), M_DEVBUF, M_DONTWAIT); 1304 #endif 1305 if (bp == 0) 1306 panic("bpfattach"); 1307 1308 bp->bif_dlist = 0; 1309 bp->bif_driverp = (struct bpf_if **)driverp; 1310 bp->bif_ifp = ifp; 1311 bp->bif_dlt = dlt; 1312 1313 bp->bif_next = bpf_iflist; 1314 bpf_iflist = bp; 1315 1316 *bp->bif_driverp = 0; 1317 1318 /* 1319 * Compute the length of the bpf header. This is not necessarily 1320 * equal to SIZEOF_BPF_HDR because we want to insert spacing such 1321 * that the network layer header begins on a longword boundary (for 1322 * performance reasons and to alleviate alignment restrictions). 1323 */ 1324 bp->bif_hdrlen = BPF_WORDALIGN(hdrlen + SIZEOF_BPF_HDR) - hdrlen; 1325 1326 #if 0 1327 printf("bpf: %s attached\n", ifp->if_xname); 1328 #endif 1329 } 1330 1331 /* 1332 * Remove an interface from bpf. 1333 */ 1334 void 1335 bpfdetach(ifp) 1336 struct ifnet *ifp; 1337 { 1338 struct bpf_if *bp, **pbp; 1339 1340 for (bp = bpf_iflist, pbp = &bpf_iflist; 1341 bp != NULL; pbp = &bp->bif_next, bp = bp->bif_next) { 1342 if (bp->bif_ifp == ifp) { 1343 *pbp = bp->bif_next; 1344 free(bp, M_DEVBUF); 1345 break; 1346 } 1347 } 1348 } 1349 1350 /* 1351 * Change the data link type of a BPF instance. 1352 */ 1353 void 1354 bpf_change_type(driverp, dlt, hdrlen) 1355 caddr_t *driverp; 1356 u_int dlt, hdrlen; 1357 { 1358 struct bpf_if *bp; 1359 1360 for (bp = bpf_iflist; bp != NULL; bp = bp->bif_next) { 1361 if (bp->bif_driverp == (struct bpf_if **)driverp) 1362 break; 1363 } 1364 if (bp == NULL) 1365 panic("bpf_change_type"); 1366 1367 bp->bif_dlt = dlt; 1368 1369 /* 1370 * Compute the length of the bpf header. This is not necessarily 1371 * equal to SIZEOF_BPF_HDR because we want to insert spacing such 1372 * that the network layer header begins on a longword boundary (for 1373 * performance reasons and to alleviate alignment restrictions). 1374 */ 1375 bp->bif_hdrlen = BPF_WORDALIGN(hdrlen + SIZEOF_BPF_HDR) - hdrlen; 1376 } 1377 1378 #if BSD >= 199103 1379 /* XXX This routine belongs in net/if.c. */ 1380 /* 1381 * Set/clear promiscuous mode on interface ifp based on the truth value 1382 * of pswitch. The calls are reference counted so that only the first 1383 * "on" request actually has an effect, as does the final "off" request. 1384 * Results are undefined if the "off" and "on" requests are not matched. 1385 */ 1386 int 1387 ifpromisc(ifp, pswitch) 1388 register struct ifnet *ifp; 1389 register int pswitch; 1390 { 1391 register int pcount, ret; 1392 register short flags; 1393 struct ifreq ifr; 1394 1395 pcount = ifp->if_pcount; 1396 flags = ifp->if_flags; 1397 if (pswitch) { 1398 /* 1399 * If the device is not configured up, we cannot put it in 1400 * promiscuous mode. 1401 */ 1402 if ((ifp->if_flags & IFF_UP) == 0) 1403 return (ENETDOWN); 1404 if (ifp->if_pcount++ != 0) 1405 return (0); 1406 ifp->if_flags |= IFF_PROMISC; 1407 } else { 1408 if (--ifp->if_pcount > 0) 1409 return (0); 1410 ifp->if_flags &= ~IFF_PROMISC; 1411 /* 1412 * If the device is not configured up, we should not need to 1413 * turn off promiscuous mode (device should have turned it 1414 * off when interface went down; and will look at IFF_PROMISC 1415 * again next time interface comes up). 1416 */ 1417 if ((ifp->if_flags & IFF_UP) == 0) 1418 return (0); 1419 } 1420 memset((caddr_t)&ifr, 0, sizeof(ifr)); 1421 ifr.ifr_flags = ifp->if_flags; 1422 ret = (*ifp->if_ioctl)(ifp, SIOCSIFFLAGS, (caddr_t)&ifr); 1423 /* Restore interface state if not successful */ 1424 if (ret != 0) { 1425 ifp->if_pcount = pcount; 1426 ifp->if_flags = flags; 1427 } 1428 return (ret); 1429 } 1430 #endif 1431 1432 #if BSD < 199103 1433 /* 1434 * Allocate some memory for bpf. This is temporary SunOS support, and 1435 * is admittedly a hack. 1436 * If resources unavailable, return 0. 1437 */ 1438 static caddr_t 1439 bpf_alloc(size, canwait) 1440 register int size; 1441 register int canwait; 1442 { 1443 register struct mbuf *m; 1444 1445 if ((unsigned)size > (MCLBYTES-8)) 1446 return 0; 1447 1448 MGET(m, canwait, MT_DATA); 1449 if (m == 0) 1450 return 0; 1451 if ((unsigned)size > (MLEN-8)) { 1452 MCLGET(m); 1453 if (m->m_len != MCLBYTES) { 1454 m_freem(m); 1455 return 0; 1456 } 1457 } 1458 *mtod(m, struct mbuf **) = m; 1459 return mtod(m, caddr_t) + 8; 1460 } 1461 #endif 1462
Indexes created Tue Sep 23 02:09:52 GMT 2025