bpf.c revision 1.54
1 /* $NetBSD: bpf.c,v 1.54 2000/04/12 04:20:47 chs Exp $ */ 2 3 /* 4 * Copyright (c) 1990, 1991, 1993 5 * The Regents of the University of California. All rights reserved. 6 * 7 * This code is derived from the Stanford/CMU enet packet filter, 8 * (net/enet.c) distributed as part of 4.3BSD, and code contributed 9 * to Berkeley by Steven McCanne and Van Jacobson both of Lawrence 10 * Berkeley Laboratory. 11 * 12 * Redistribution and use in source and binary forms, with or without 13 * modification, are permitted provided that the following conditions 14 * are met: 15 * 1. Redistributions of source code must retain the above copyright 16 * notice, this list of conditions and the following disclaimer. 17 * 2. Redistributions in binary form must reproduce the above copyright 18 * notice, this list of conditions and the following disclaimer in the 19 * documentation and/or other materials provided with the distribution. 20 * 3. All advertising materials mentioning features or use of this software 21 * must display the following acknowledgement: 22 * This product includes software developed by the University of 23 * California, Berkeley and its contributors. 24 * 4. Neither the name of the University nor the names of its contributors 25 * may be used to endorse or promote products derived from this software 26 * without specific prior written permission. 27 * 28 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 29 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 30 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 31 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 32 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 33 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 34 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 35 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 36 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 37 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 38 * SUCH DAMAGE. 39 * 40 * @(#)bpf.c 8.4 (Berkeley) 1/9/95 41 * static char rcsid[] = 42 * "Header: bpf.c,v 1.67 96/09/26 22:00:52 leres Exp "; 43 */ 44 45 #include "bpfilter.h" 46 47 #include <sys/param.h> 48 #include <sys/systm.h> 49 #include <sys/mbuf.h> 50 #include <sys/buf.h> 51 #include <sys/time.h> 52 #include <sys/proc.h> 53 #include <sys/user.h> 54 #include <sys/ioctl.h> 55 #include <sys/map.h> 56 #include <sys/conf.h> 57 #include <sys/vnode.h> 58 59 #include <sys/file.h> 60 #include <sys/tty.h> 61 #include <sys/uio.h> 62 63 #include <sys/protosw.h> 64 #include <sys/socket.h> 65 #include <sys/errno.h> 66 #include <sys/kernel.h> 67 #include <sys/poll.h> 68 69 #include <net/if.h> 70 71 #include <net/bpf.h> 72 #include <net/bpfdesc.h> 73 74 #include <net/if_arc.h> 75 #include <net/if_ether.h> 76 77 #include <netinet/in.h> 78 #include <netinet/if_inarp.h> 79 80 #define BPF_BUFSIZE 8192 /* 4096 too small for FDDI frames */ 81 82 #define PRINET 26 /* interruptible */ 83 84 /* 85 * The default read buffer size is patchable. 86 */ 87 int bpf_bufsize = BPF_BUFSIZE; 88 89 /* 90 * bpf_iflist is the list of interfaces; each corresponds to an ifnet 91 * bpf_dtab holds the descriptors, indexed by minor device # 92 */ 93 struct bpf_if *bpf_iflist; 94 struct bpf_d bpf_dtab[NBPFILTER]; 95 96 static int bpf_allocbufs __P((struct bpf_d *)); 97 static void bpf_freed __P((struct bpf_d *)); 98 static void bpf_ifname __P((struct ifnet *, struct ifreq *)); 99 static void *bpf_mcpy __P((void *, const void *, size_t)); 100 static int bpf_movein __P((struct uio *, int, int, 101 struct mbuf **, struct sockaddr *)); 102 static void bpf_attachd __P((struct bpf_d *, struct bpf_if *)); 103 static void bpf_detachd __P((struct bpf_d *)); 104 static int bpf_setif __P((struct bpf_d *, struct ifreq *)); 105 int bpfpoll __P((dev_t, int, struct proc *)); 106 static __inline void 107 bpf_wakeup __P((struct bpf_d *)); 108 static void catchpacket __P((struct bpf_d *, u_char *, u_int, u_int, 109 void *(*)(void *, const void *, size_t))); 110 static void reset_d __P((struct bpf_d *)); 111 112 static int 113 bpf_movein(uio, linktype, mtu, mp, sockp) 114 struct uio *uio; 115 int linktype; 116 int mtu; 117 struct mbuf **mp; 118 struct sockaddr *sockp; 119 { 120 struct mbuf *m; 121 int error; 122 int len; 123 int hlen; 124 int align; 125 126 /* 127 * Build a sockaddr based on the data link layer type. 128 * We do this at this level because the ethernet header 129 * is copied directly into the data field of the sockaddr. 130 * In the case of SLIP, there is no header and the packet 131 * is forwarded as is. 132 * Also, we are careful to leave room at the front of the mbuf 133 * for the link level header. 134 */ 135 switch (linktype) { 136 137 case DLT_SLIP: 138 sockp->sa_family = AF_INET; 139 hlen = 0; 140 align = 0; 141 break; 142 143 case DLT_PPP: 144 sockp->sa_family = AF_UNSPEC; 145 hlen = 0; 146 align = 0; 147 break; 148 149 case DLT_EN10MB: 150 sockp->sa_family = AF_UNSPEC; 151 /* XXX Would MAXLINKHDR be better? */ 152 /* 6(dst)+6(src)+2(type) */ 153 hlen = sizeof(struct ether_header); 154 align = 2; 155 break; 156 157 case DLT_ARCNET: 158 sockp->sa_family = AF_UNSPEC; 159 hlen = ARC_HDRLEN; 160 align = 5; 161 break; 162 163 case DLT_FDDI: 164 sockp->sa_family = AF_UNSPEC; 165 /* XXX 4(FORMAC)+6(dst)+6(src)+3(LLC)+5(SNAP) */ 166 hlen = 24; 167 align = 0; 168 break; 169 170 case DLT_NULL: 171 sockp->sa_family = AF_UNSPEC; 172 hlen = 0; 173 align = 0; 174 break; 175 176 default: 177 return (EIO); 178 } 179 180 len = uio->uio_resid; 181 /* 182 * If there aren't enough bytes for a link level header or the 183 * packet length exceeds the interface mtu, return an error. 184 */ 185 if (len < hlen || len - hlen > mtu) 186 return (EMSGSIZE); 187 188 /* 189 * XXX Avoid complicated buffer chaining --- 190 * bail if it won't fit in a single mbuf. 191 * (Take into account possible alignment bytes) 192 */ 193 if ((unsigned)len > MCLBYTES - align) 194 return (EIO); 195 196 MGETHDR(m, M_WAIT, MT_DATA); 197 if (m == 0) 198 return (ENOBUFS); 199 m->m_pkthdr.rcvif = 0; 200 m->m_pkthdr.len = len - hlen; 201 if (len > MHLEN - align) { 202 MCLGET(m, M_WAIT); 203 if ((m->m_flags & M_EXT) == 0) { 204 error = ENOBUFS; 205 goto bad; 206 } 207 } 208 209 /* Insure the data is properly aligned */ 210 if (align > 0) { 211 m->m_data += align; 212 m->m_len -= align; 213 } 214 215 error = uiomove(mtod(m, caddr_t), len, uio); 216 if (error) 217 goto bad; 218 if (hlen != 0) { 219 memcpy(sockp->sa_data, mtod(m, caddr_t), hlen); 220 m->m_data += hlen; /* XXX */ 221 len -= hlen; 222 } 223 m->m_len = len; 224 *mp = m; 225 return (0); 226 227 bad: 228 m_freem(m); 229 return (error); 230 } 231 232 /* 233 * Attach file to the bpf interface, i.e. make d listen on bp. 234 * Must be called at splimp. 235 */ 236 static void 237 bpf_attachd(d, bp) 238 struct bpf_d *d; 239 struct bpf_if *bp; 240 { 241 /* 242 * Point d at bp, and add d to the interface's list of listeners. 243 * Finally, point the driver's bpf cookie at the interface so 244 * it will divert packets to bpf. 245 */ 246 d->bd_bif = bp; 247 d->bd_next = bp->bif_dlist; 248 bp->bif_dlist = d; 249 250 *bp->bif_driverp = bp; 251 } 252 253 /* 254 * Detach a file from its interface. 255 */ 256 static void 257 bpf_detachd(d) 258 struct bpf_d *d; 259 { 260 struct bpf_d **p; 261 struct bpf_if *bp; 262 263 bp = d->bd_bif; 264 /* 265 * Check if this descriptor had requested promiscuous mode. 266 * If so, turn it off. 267 */ 268 if (d->bd_promisc) { 269 int error; 270 271 d->bd_promisc = 0; 272 /* 273 * Take device out of promiscuous mode. Since we were 274 * able to enter promiscuous mode, we should be able 275 * to turn it off. But we can get an error if 276 * the interface was configured down, so only panic 277 * if we don't get an unexpected error. 278 */ 279 error = ifpromisc(bp->bif_ifp, 0); 280 if (error && error != EINVAL) 281 panic("bpf: ifpromisc failed"); 282 } 283 /* Remove d from the interface's descriptor list. */ 284 p = &bp->bif_dlist; 285 while (*p != d) { 286 p = &(*p)->bd_next; 287 if (*p == 0) 288 panic("bpf_detachd: descriptor not in list"); 289 } 290 *p = (*p)->bd_next; 291 if (bp->bif_dlist == 0) 292 /* 293 * Let the driver know that there are no more listeners. 294 */ 295 *d->bd_bif->bif_driverp = 0; 296 d->bd_bif = 0; 297 } 298 299 300 /* 301 * Mark a descriptor free by making it point to itself. 302 * This is probably cheaper than marking with a constant since 303 * the address should be in a register anyway. 304 */ 305 #define D_ISFREE(d) ((d) == (d)->bd_next) 306 #define D_MARKFREE(d) ((d)->bd_next = (d)) 307 #define D_MARKUSED(d) ((d)->bd_next = 0) 308 309 /* 310 * bpfilterattach() is called at boot time. 311 */ 312 /* ARGSUSED */ 313 void 314 bpfilterattach(n) 315 int n; 316 { 317 int i; 318 /* 319 * Mark all the descriptors free. 320 */ 321 for (i = 0; i < NBPFILTER; ++i) 322 D_MARKFREE(&bpf_dtab[i]); 323 324 } 325 326 /* 327 * Open ethernet device. Returns ENXIO for illegal minor device number, 328 * EBUSY if file is open by another process. 329 */ 330 /* ARGSUSED */ 331 int 332 bpfopen(dev, flag, mode, p) 333 dev_t dev; 334 int flag; 335 int mode; 336 struct proc *p; 337 { 338 struct bpf_d *d; 339 340 if (minor(dev) >= NBPFILTER) 341 return (ENXIO); 342 /* 343 * Each minor can be opened by only one process. If the requested 344 * minor is in use, return EBUSY. 345 */ 346 d = &bpf_dtab[minor(dev)]; 347 if (!D_ISFREE(d)) 348 return (EBUSY); 349 350 /* Mark "free" and do most initialization. */ 351 memset((char *)d, 0, sizeof(*d)); 352 d->bd_bufsize = bpf_bufsize; 353 354 return (0); 355 } 356 357 /* 358 * Close the descriptor by detaching it from its interface, 359 * deallocating its buffers, and marking it free. 360 */ 361 /* ARGSUSED */ 362 int 363 bpfclose(dev, flag, mode, p) 364 dev_t dev; 365 int flag; 366 int mode; 367 struct proc *p; 368 { 369 struct bpf_d *d = &bpf_dtab[minor(dev)]; 370 int s; 371 372 s = splimp(); 373 if (d->bd_bif) 374 bpf_detachd(d); 375 splx(s); 376 bpf_freed(d); 377 378 return (0); 379 } 380 381 /* 382 * Rotate the packet buffers in descriptor d. Move the store buffer 383 * into the hold slot, and the free buffer into the store slot. 384 * Zero the length of the new store buffer. 385 */ 386 #define ROTATE_BUFFERS(d) \ 387 (d)->bd_hbuf = (d)->bd_sbuf; \ 388 (d)->bd_hlen = (d)->bd_slen; \ 389 (d)->bd_sbuf = (d)->bd_fbuf; \ 390 (d)->bd_slen = 0; \ 391 (d)->bd_fbuf = 0; 392 /* 393 * bpfread - read next chunk of packets from buffers 394 */ 395 int 396 bpfread(dev, uio, ioflag) 397 dev_t dev; 398 struct uio *uio; 399 int ioflag; 400 { 401 struct bpf_d *d = &bpf_dtab[minor(dev)]; 402 int error; 403 int s; 404 405 /* 406 * Restrict application to use a buffer the same size as 407 * as kernel buffers. 408 */ 409 if (uio->uio_resid != d->bd_bufsize) 410 return (EINVAL); 411 412 s = splimp(); 413 /* 414 * If the hold buffer is empty, then do a timed sleep, which 415 * ends when the timeout expires or when enough packets 416 * have arrived to fill the store buffer. 417 */ 418 while (d->bd_hbuf == 0) { 419 if (d->bd_immediate) { 420 if (d->bd_slen == 0) { 421 splx(s); 422 return (EWOULDBLOCK); 423 } 424 /* 425 * A packet(s) either arrived since the previous 426 * read or arrived while we were asleep. 427 * Rotate the buffers and return what's here. 428 */ 429 ROTATE_BUFFERS(d); 430 break; 431 } 432 if (d->bd_rtout != -1) 433 error = tsleep((caddr_t)d, PRINET|PCATCH, "bpf", 434 d->bd_rtout); 435 else 436 error = EWOULDBLOCK; /* User requested non-blocking I/O */ 437 if (error == EINTR || error == ERESTART) { 438 splx(s); 439 return (error); 440 } 441 if (error == EWOULDBLOCK) { 442 /* 443 * On a timeout, return what's in the buffer, 444 * which may be nothing. If there is something 445 * in the store buffer, we can rotate the buffers. 446 */ 447 if (d->bd_hbuf) 448 /* 449 * We filled up the buffer in between 450 * getting the timeout and arriving 451 * here, so we don't need to rotate. 452 */ 453 break; 454 455 if (d->bd_slen == 0) { 456 splx(s); 457 return (0); 458 } 459 ROTATE_BUFFERS(d); 460 break; 461 } 462 if (error != 0) 463 goto done; 464 } 465 /* 466 * At this point, we know we have something in the hold slot. 467 */ 468 splx(s); 469 470 /* 471 * Move data from hold buffer into user space. 472 * We know the entire buffer is transferred since 473 * we checked above that the read buffer is bpf_bufsize bytes. 474 */ 475 error = uiomove(d->bd_hbuf, d->bd_hlen, uio); 476 477 s = splimp(); 478 d->bd_fbuf = d->bd_hbuf; 479 d->bd_hbuf = 0; 480 d->bd_hlen = 0; 481 done: 482 splx(s); 483 return (error); 484 } 485 486 487 /* 488 * If there are processes sleeping on this descriptor, wake them up. 489 */ 490 static __inline void 491 bpf_wakeup(d) 492 struct bpf_d *d; 493 { 494 struct proc *p; 495 496 wakeup((caddr_t)d); 497 if (d->bd_async) { 498 if (d->bd_pgid > 0) 499 gsignal (d->bd_pgid, SIGIO); 500 else if ((p = pfind (-d->bd_pgid)) != NULL) 501 psignal (p, SIGIO); 502 } 503 504 selwakeup(&d->bd_sel); 505 /* XXX */ 506 d->bd_sel.si_pid = 0; 507 } 508 509 int 510 bpfwrite(dev, uio, ioflag) 511 dev_t dev; 512 struct uio *uio; 513 int ioflag; 514 { 515 struct bpf_d *d = &bpf_dtab[minor(dev)]; 516 struct ifnet *ifp; 517 struct mbuf *m; 518 int error, s; 519 static struct sockaddr dst; 520 521 if (d->bd_bif == 0) 522 return (ENXIO); 523 524 ifp = d->bd_bif->bif_ifp; 525 526 if (uio->uio_resid == 0) 527 return (0); 528 529 error = bpf_movein(uio, (int)d->bd_bif->bif_dlt, ifp->if_mtu, &m, &dst); 530 if (error) 531 return (error); 532 533 if (m->m_pkthdr.len > ifp->if_mtu) 534 return (EMSGSIZE); 535 536 if (d->bd_hdrcmplt) 537 dst.sa_family = pseudo_AF_HDRCMPLT; 538 539 s = splsoftnet(); 540 error = (*ifp->if_output)(ifp, m, &dst, NULL); 541 splx(s); 542 /* 543 * The driver frees the mbuf. 544 */ 545 return (error); 546 } 547 548 /* 549 * Reset a descriptor by flushing its packet buffer and clearing the 550 * receive and drop counts. Should be called at splimp. 551 */ 552 static void 553 reset_d(d) 554 struct bpf_d *d; 555 { 556 if (d->bd_hbuf) { 557 /* Free the hold buffer. */ 558 d->bd_fbuf = d->bd_hbuf; 559 d->bd_hbuf = 0; 560 } 561 d->bd_slen = 0; 562 d->bd_hlen = 0; 563 d->bd_rcount = 0; 564 d->bd_dcount = 0; 565 } 566 567 #ifdef BPF_KERN_FILTER 568 extern struct bpf_insn *bpf_tcp_filter; 569 extern struct bpf_insn *bpf_udp_filter; 570 #endif 571 572 /* 573 * FIONREAD Check for read packet available. 574 * BIOCGBLEN Get buffer len [for read()]. 575 * BIOCSETF Set ethernet read filter. 576 * BIOCFLUSH Flush read packet buffer. 577 * BIOCPROMISC Put interface into promiscuous mode. 578 * BIOCGDLT Get link layer type. 579 * BIOCGETIF Get interface name. 580 * BIOCSETIF Set interface. 581 * BIOCSRTIMEOUT Set read timeout. 582 * BIOCGRTIMEOUT Get read timeout. 583 * BIOCGSTATS Get packet stats. 584 * BIOCIMMEDIATE Set immediate mode. 585 * BIOCVERSION Get filter language version. 586 * BIOGHDRCMPLT Get "header already complete" flag. 587 * BIOSHDRCMPLT Set "header already complete" flag. 588 */ 589 /* ARGSUSED */ 590 int 591 bpfioctl(dev, cmd, addr, flag, p) 592 dev_t dev; 593 u_long cmd; 594 caddr_t addr; 595 int flag; 596 struct proc *p; 597 { 598 struct bpf_d *d = &bpf_dtab[minor(dev)]; 599 int s, error = 0; 600 #ifdef BPF_KERN_FILTER 601 struct bpf_insn **p; 602 #endif 603 604 switch (cmd) { 605 606 default: 607 error = EINVAL; 608 break; 609 610 /* 611 * Check for read packet available. 612 */ 613 case FIONREAD: 614 { 615 int n; 616 617 s = splimp(); 618 n = d->bd_slen; 619 if (d->bd_hbuf) 620 n += d->bd_hlen; 621 splx(s); 622 623 *(int *)addr = n; 624 break; 625 } 626 627 /* 628 * Get buffer len [for read()]. 629 */ 630 case BIOCGBLEN: 631 *(u_int *)addr = d->bd_bufsize; 632 break; 633 634 /* 635 * Set buffer length. 636 */ 637 case BIOCSBLEN: 638 if (d->bd_bif != 0) 639 error = EINVAL; 640 else { 641 u_int size = *(u_int *)addr; 642 643 if (size > BPF_MAXBUFSIZE) 644 *(u_int *)addr = size = BPF_MAXBUFSIZE; 645 else if (size < BPF_MINBUFSIZE) 646 *(u_int *)addr = size = BPF_MINBUFSIZE; 647 d->bd_bufsize = size; 648 } 649 break; 650 651 /* 652 * Set link layer read filter. 653 */ 654 case BIOCSETF: 655 error = bpf_setf(d, (struct bpf_program *)addr); 656 break; 657 658 #ifdef BPF_KERN_FILTER 659 /* 660 * Set TCP or UDP reject filter. 661 */ 662 case BIOCSTCPF: 663 case BIOCSUDPF: 664 if (!suser()) { 665 error = EPERM; 666 break; 667 } 668 669 /* Validate and store filter */ 670 error = bpf_setf(d, (struct bpf_program *)addr); 671 672 /* Free possible old filter */ 673 if (cmd == BIOCSTCPF) 674 p = &bpf_tcp_filter; 675 else 676 p = &bpf_udp_filter; 677 if (*p != NULL) 678 free((caddr_t)*p, M_DEVBUF); 679 680 /* Steal new filter (noop if error) */ 681 s = splimp(); 682 *p = d->bd_filter; 683 d->bd_filter = NULL; 684 splx(s); 685 break; 686 #endif 687 688 /* 689 * Flush read packet buffer. 690 */ 691 case BIOCFLUSH: 692 s = splimp(); 693 reset_d(d); 694 splx(s); 695 break; 696 697 /* 698 * Put interface into promiscuous mode. 699 */ 700 case BIOCPROMISC: 701 if (d->bd_bif == 0) { 702 /* 703 * No interface attached yet. 704 */ 705 error = EINVAL; 706 break; 707 } 708 s = splimp(); 709 if (d->bd_promisc == 0) { 710 error = ifpromisc(d->bd_bif->bif_ifp, 1); 711 if (error == 0) 712 d->bd_promisc = 1; 713 } 714 splx(s); 715 break; 716 717 /* 718 * Get device parameters. 719 */ 720 case BIOCGDLT: 721 if (d->bd_bif == 0) 722 error = EINVAL; 723 else 724 *(u_int *)addr = d->bd_bif->bif_dlt; 725 break; 726 727 /* 728 * Set interface name. 729 */ 730 case BIOCGETIF: 731 if (d->bd_bif == 0) 732 error = EINVAL; 733 else 734 bpf_ifname(d->bd_bif->bif_ifp, (struct ifreq *)addr); 735 break; 736 737 /* 738 * Set interface. 739 */ 740 case BIOCSETIF: 741 error = bpf_setif(d, (struct ifreq *)addr); 742 break; 743 744 /* 745 * Set read timeout. 746 */ 747 case BIOCSRTIMEOUT: 748 { 749 struct timeval *tv = (struct timeval *)addr; 750 751 /* Compute number of ticks. */ 752 d->bd_rtout = tv->tv_sec * hz + tv->tv_usec / tick; 753 if ((d->bd_rtout == 0) && (tv->tv_usec != 0)) 754 d->bd_rtout = 1; 755 break; 756 } 757 758 /* 759 * Get read timeout. 760 */ 761 case BIOCGRTIMEOUT: 762 { 763 struct timeval *tv = (struct timeval *)addr; 764 765 tv->tv_sec = d->bd_rtout / hz; 766 tv->tv_usec = (d->bd_rtout % hz) * tick; 767 break; 768 } 769 770 /* 771 * Get packet stats. 772 */ 773 case BIOCGSTATS: 774 { 775 struct bpf_stat *bs = (struct bpf_stat *)addr; 776 777 bs->bs_recv = d->bd_rcount; 778 bs->bs_drop = d->bd_dcount; 779 break; 780 } 781 782 /* 783 * Set immediate mode. 784 */ 785 case BIOCIMMEDIATE: 786 d->bd_immediate = *(u_int *)addr; 787 break; 788 789 case BIOCVERSION: 790 { 791 struct bpf_version *bv = (struct bpf_version *)addr; 792 793 bv->bv_major = BPF_MAJOR_VERSION; 794 bv->bv_minor = BPF_MINOR_VERSION; 795 break; 796 } 797 798 case BIOCGHDRCMPLT: /* get "header already complete" flag */ 799 *(u_int *)addr = d->bd_hdrcmplt; 800 break; 801 802 case BIOCSHDRCMPLT: /* set "header already complete" flag */ 803 d->bd_hdrcmplt = *(u_int *)addr ? 1 : 0; 804 break; 805 806 case FIONBIO: /* Non-blocking I/O */ 807 if (*(int *)addr) 808 d->bd_rtout = -1; 809 else 810 d->bd_rtout = 0; 811 break; 812 813 case FIOASYNC: /* Send signal on receive packets */ 814 d->bd_async = *(int *)addr; 815 break; 816 817 /* 818 * N.B. ioctl (FIOSETOWN) and fcntl (F_SETOWN) both end up doing 819 * the equivalent of a TIOCSPGRP and hence end up here. *However* 820 * TIOCSPGRP's arg is a process group if it's positive and a process 821 * id if it's negative. This is exactly the opposite of what the 822 * other two functions want! Therefore there is code in ioctl and 823 * fcntl to negate the arg before calling here. 824 */ 825 case TIOCSPGRP: /* Process or group to send signals to */ 826 d->bd_pgid = *(int *)addr; 827 break; 828 829 case TIOCGPGRP: 830 *(int *)addr = d->bd_pgid; 831 break; 832 } 833 return (error); 834 } 835 836 /* 837 * Set d's packet filter program to fp. If this file already has a filter, 838 * free it and replace it. Returns EINVAL for bogus requests. 839 */ 840 int 841 bpf_setf(d, fp) 842 struct bpf_d *d; 843 struct bpf_program *fp; 844 { 845 struct bpf_insn *fcode, *old; 846 u_int flen, size; 847 int s; 848 849 old = d->bd_filter; 850 if (fp->bf_insns == 0) { 851 if (fp->bf_len != 0) 852 return (EINVAL); 853 s = splimp(); 854 d->bd_filter = 0; 855 reset_d(d); 856 splx(s); 857 if (old != 0) 858 free((caddr_t)old, M_DEVBUF); 859 return (0); 860 } 861 flen = fp->bf_len; 862 if (flen > BPF_MAXINSNS) 863 return (EINVAL); 864 865 size = flen * sizeof(*fp->bf_insns); 866 fcode = (struct bpf_insn *)malloc(size, M_DEVBUF, M_WAITOK); 867 if (copyin((caddr_t)fp->bf_insns, (caddr_t)fcode, size) == 0 && 868 bpf_validate(fcode, (int)flen)) { 869 s = splimp(); 870 d->bd_filter = fcode; 871 reset_d(d); 872 splx(s); 873 if (old != 0) 874 free((caddr_t)old, M_DEVBUF); 875 876 return (0); 877 } 878 free((caddr_t)fcode, M_DEVBUF); 879 return (EINVAL); 880 } 881 882 /* 883 * Detach a file from its current interface (if attached at all) and attach 884 * to the interface indicated by the name stored in ifr. 885 * Return an errno or 0. 886 */ 887 static int 888 bpf_setif(d, ifr) 889 struct bpf_d *d; 890 struct ifreq *ifr; 891 { 892 struct bpf_if *bp; 893 char *cp; 894 int unit_seen, i, s, error; 895 896 /* 897 * Make sure the provided name has a unit number, and default 898 * it to '0' if not specified. 899 * XXX This is ugly ... do this differently? 900 */ 901 unit_seen = 0; 902 cp = ifr->ifr_name; 903 cp[sizeof(ifr->ifr_name) - 1] = '\0'; /* sanity */ 904 while (*cp++) 905 if (*cp >= '0' && *cp <= '9') 906 unit_seen = 1; 907 if (!unit_seen) { 908 /* Make sure to leave room for the '\0'. */ 909 for (i = 0; i < (IFNAMSIZ - 1); ++i) { 910 if ((ifr->ifr_name[i] >= 'a' && 911 ifr->ifr_name[i] <= 'z') || 912 (ifr->ifr_name[i] >= 'A' && 913 ifr->ifr_name[i] <= 'Z')) 914 continue; 915 ifr->ifr_name[i] = '0'; 916 } 917 } 918 919 /* 920 * Look through attached interfaces for the named one. 921 */ 922 for (bp = bpf_iflist; bp != 0; bp = bp->bif_next) { 923 struct ifnet *ifp = bp->bif_ifp; 924 925 if (ifp == 0 || 926 strcmp(ifp->if_xname, ifr->ifr_name) != 0) 927 continue; 928 /* 929 * We found the requested interface. 930 * If it's not up, return an error. 931 * Allocate the packet buffers if we need to. 932 * If we're already attached to requested interface, 933 * just flush the buffer. 934 */ 935 if ((ifp->if_flags & IFF_UP) == 0) 936 return (ENETDOWN); 937 938 if (d->bd_sbuf == 0) { 939 error = bpf_allocbufs(d); 940 if (error != 0) 941 return (error); 942 } 943 s = splimp(); 944 if (bp != d->bd_bif) { 945 if (d->bd_bif) 946 /* 947 * Detach if attached to something else. 948 */ 949 bpf_detachd(d); 950 951 bpf_attachd(d, bp); 952 } 953 reset_d(d); 954 splx(s); 955 return (0); 956 } 957 /* Not found. */ 958 return (ENXIO); 959 } 960 961 /* 962 * Copy the interface name to the ifreq. 963 */ 964 static void 965 bpf_ifname(ifp, ifr) 966 struct ifnet *ifp; 967 struct ifreq *ifr; 968 { 969 970 memcpy(ifr->ifr_name, ifp->if_xname, IFNAMSIZ); 971 } 972 973 /* 974 * Support for poll() system call 975 * 976 * Return true iff the specific operation will not block indefinitely. 977 * Otherwise, return false but make a note that a selwakeup() must be done. 978 */ 979 int 980 bpfpoll(dev, events, p) 981 dev_t dev; 982 int events; 983 struct proc *p; 984 { 985 struct bpf_d *d = &bpf_dtab[minor(dev)]; 986 int revents = 0; 987 int s = splimp(); 988 989 /* 990 * An imitation of the FIONREAD ioctl code. 991 */ 992 if (events & (POLLIN | POLLRDNORM)) { 993 if (d->bd_hlen != 0 || (d->bd_immediate && d->bd_slen != 0)) 994 revents |= events & (POLLIN | POLLRDNORM); 995 else 996 selrecord(p, &d->bd_sel); 997 } 998 999 splx(s); 1000 return (revents); 1001 } 1002 1003 /* 1004 * Incoming linkage from device drivers. Process the packet pkt, of length 1005 * pktlen, which is stored in a contiguous buffer. The packet is parsed 1006 * by each process' filter, and if accepted, stashed into the corresponding 1007 * buffer. 1008 */ 1009 void 1010 bpf_tap(arg, pkt, pktlen) 1011 caddr_t arg; 1012 u_char *pkt; 1013 u_int pktlen; 1014 { 1015 struct bpf_if *bp; 1016 struct bpf_d *d; 1017 u_int slen; 1018 /* 1019 * Note that the ipl does not have to be raised at this point. 1020 * The only problem that could arise here is that if two different 1021 * interfaces shared any data. This is not the case. 1022 */ 1023 bp = (struct bpf_if *)arg; 1024 for (d = bp->bif_dlist; d != 0; d = d->bd_next) { 1025 ++d->bd_rcount; 1026 slen = bpf_filter(d->bd_filter, pkt, pktlen, pktlen); 1027 if (slen != 0) 1028 catchpacket(d, pkt, pktlen, slen, memcpy); 1029 } 1030 } 1031 1032 /* 1033 * Copy data from an mbuf chain into a buffer. This code is derived 1034 * from m_copydata in sys/uipc_mbuf.c. 1035 */ 1036 static void * 1037 bpf_mcpy(dst_arg, src_arg, len) 1038 void *dst_arg; 1039 const void *src_arg; 1040 size_t len; 1041 { 1042 const struct mbuf *m; 1043 u_int count; 1044 u_char *dst; 1045 1046 m = src_arg; 1047 dst = dst_arg; 1048 while (len > 0) { 1049 if (m == 0) 1050 panic("bpf_mcpy"); 1051 count = min(m->m_len, len); 1052 memcpy((caddr_t)dst, mtod(m, caddr_t), count); 1053 m = m->m_next; 1054 dst += count; 1055 len -= count; 1056 } 1057 return(dst_arg); 1058 } 1059 1060 /* 1061 * Incoming linkage from device drivers, when packet is in an mbuf chain. 1062 */ 1063 void 1064 bpf_mtap(arg, m) 1065 caddr_t arg; 1066 struct mbuf *m; 1067 { 1068 struct bpf_if *bp = (struct bpf_if *)arg; 1069 struct bpf_d *d; 1070 u_int pktlen, slen; 1071 struct mbuf *m0; 1072 1073 pktlen = 0; 1074 for (m0 = m; m0 != 0; m0 = m0->m_next) 1075 pktlen += m0->m_len; 1076 1077 for (d = bp->bif_dlist; d != 0; d = d->bd_next) { 1078 ++d->bd_rcount; 1079 slen = bpf_filter(d->bd_filter, (u_char *)m, pktlen, 0); 1080 if (slen != 0) 1081 catchpacket(d, (u_char *)m, pktlen, slen, bpf_mcpy); 1082 } 1083 } 1084 1085 /* 1086 * Move the packet data from interface memory (pkt) into the 1087 * store buffer. Return 1 if it's time to wakeup a listener (buffer full), 1088 * otherwise 0. "copy" is the routine called to do the actual data 1089 * transfer. memcpy is passed in to copy contiguous chunks, while 1090 * bpf_mcpy is passed in to copy mbuf chains. In the latter case, 1091 * pkt is really an mbuf. 1092 */ 1093 static void 1094 catchpacket(d, pkt, pktlen, snaplen, cpfn) 1095 struct bpf_d *d; 1096 u_char *pkt; 1097 u_int pktlen, snaplen; 1098 void *(*cpfn) __P((void *, const void *, size_t)); 1099 { 1100 struct bpf_hdr *hp; 1101 int totlen, curlen; 1102 int hdrlen = d->bd_bif->bif_hdrlen; 1103 /* 1104 * Figure out how many bytes to move. If the packet is 1105 * greater or equal to the snapshot length, transfer that 1106 * much. Otherwise, transfer the whole packet (unless 1107 * we hit the buffer size limit). 1108 */ 1109 totlen = hdrlen + min(snaplen, pktlen); 1110 if (totlen > d->bd_bufsize) 1111 totlen = d->bd_bufsize; 1112 1113 /* 1114 * Round up the end of the previous packet to the next longword. 1115 */ 1116 curlen = BPF_WORDALIGN(d->bd_slen); 1117 if (curlen + totlen > d->bd_bufsize) { 1118 /* 1119 * This packet will overflow the storage buffer. 1120 * Rotate the buffers if we can, then wakeup any 1121 * pending reads. 1122 */ 1123 if (d->bd_fbuf == 0) { 1124 /* 1125 * We haven't completed the previous read yet, 1126 * so drop the packet. 1127 */ 1128 ++d->bd_dcount; 1129 return; 1130 } 1131 ROTATE_BUFFERS(d); 1132 bpf_wakeup(d); 1133 curlen = 0; 1134 } 1135 else if (d->bd_immediate) 1136 /* 1137 * Immediate mode is set. A packet arrived so any 1138 * reads should be woken up. 1139 */ 1140 bpf_wakeup(d); 1141 1142 /* 1143 * Append the bpf header. 1144 */ 1145 hp = (struct bpf_hdr *)(d->bd_sbuf + curlen); 1146 microtime(&hp->bh_tstamp); 1147 hp->bh_datalen = pktlen; 1148 hp->bh_hdrlen = hdrlen; 1149 /* 1150 * Copy the packet data into the store buffer and update its length. 1151 */ 1152 (*cpfn)((u_char *)hp + hdrlen, pkt, (hp->bh_caplen = totlen - hdrlen)); 1153 d->bd_slen = curlen + totlen; 1154 } 1155 1156 /* 1157 * Initialize all nonzero fields of a descriptor. 1158 */ 1159 static int 1160 bpf_allocbufs(d) 1161 struct bpf_d *d; 1162 { 1163 1164 d->bd_fbuf = (caddr_t)malloc(d->bd_bufsize, M_DEVBUF, M_WAITOK); 1165 d->bd_sbuf = (caddr_t)malloc(d->bd_bufsize, M_DEVBUF, M_WAITOK); 1166 d->bd_slen = 0; 1167 d->bd_hlen = 0; 1168 return (0); 1169 } 1170 1171 /* 1172 * Free buffers currently in use by a descriptor. 1173 * Called on close. 1174 */ 1175 static void 1176 bpf_freed(d) 1177 struct bpf_d *d; 1178 { 1179 /* 1180 * We don't need to lock out interrupts since this descriptor has 1181 * been detached from its interface and it yet hasn't been marked 1182 * free. 1183 */ 1184 if (d->bd_sbuf != 0) { 1185 free(d->bd_sbuf, M_DEVBUF); 1186 if (d->bd_hbuf != 0) 1187 free(d->bd_hbuf, M_DEVBUF); 1188 if (d->bd_fbuf != 0) 1189 free(d->bd_fbuf, M_DEVBUF); 1190 } 1191 if (d->bd_filter) 1192 free((caddr_t)d->bd_filter, M_DEVBUF); 1193 1194 D_MARKFREE(d); 1195 } 1196 1197 /* 1198 * Attach an interface to bpf. driverp is a pointer to a (struct bpf_if *) 1199 * in the driver's softc; dlt is the link layer type; hdrlen is the fixed 1200 * size of the link header (variable length headers not yet supported). 1201 */ 1202 void 1203 bpfattach(driverp, ifp, dlt, hdrlen) 1204 caddr_t *driverp; 1205 struct ifnet *ifp; 1206 u_int dlt, hdrlen; 1207 { 1208 struct bpf_if *bp; 1209 bp = (struct bpf_if *)malloc(sizeof(*bp), M_DEVBUF, M_DONTWAIT); 1210 if (bp == 0) 1211 panic("bpfattach"); 1212 1213 bp->bif_dlist = 0; 1214 bp->bif_driverp = (struct bpf_if **)driverp; 1215 bp->bif_ifp = ifp; 1216 bp->bif_dlt = dlt; 1217 1218 bp->bif_next = bpf_iflist; 1219 bpf_iflist = bp; 1220 1221 *bp->bif_driverp = 0; 1222 1223 /* 1224 * Compute the length of the bpf header. This is not necessarily 1225 * equal to SIZEOF_BPF_HDR because we want to insert spacing such 1226 * that the network layer header begins on a longword boundary (for 1227 * performance reasons and to alleviate alignment restrictions). 1228 */ 1229 bp->bif_hdrlen = BPF_WORDALIGN(hdrlen + SIZEOF_BPF_HDR) - hdrlen; 1230 1231 #if 0 1232 printf("bpf: %s attached\n", ifp->if_xname); 1233 #endif 1234 } 1235 1236 /* 1237 * Remove an interface from bpf. 1238 */ 1239 void 1240 bpfdetach(ifp) 1241 struct ifnet *ifp; 1242 { 1243 struct bpf_if *bp, **pbp; 1244 struct bpf_d *d; 1245 int i, s, cmaj; 1246 1247 /* locate the major number */ 1248 for (cmaj = 0; cmaj <= nchrdev; cmaj++) 1249 if (cdevsw[cmaj].d_open == bpfopen) 1250 break; 1251 1252 /* Nuke the vnodes for any open instances */ 1253 for (i = 0; i < NBPFILTER; ++i) { 1254 d = &bpf_dtab[i]; 1255 if (!D_ISFREE(d) && d->bd_bif != NULL && 1256 d->bd_bif->bif_ifp == ifp) { 1257 /* 1258 * Detach the descriptor from an interface now. 1259 * It will be free'ed later by close routine. 1260 */ 1261 s = splimp(); 1262 d->bd_promisc = 0; /* we can't touch device. */ 1263 bpf_detachd(d); 1264 splx(s); 1265 vdevgone(cmaj, i, i, VCHR); 1266 } 1267 } 1268 1269 for (bp = bpf_iflist, pbp = &bpf_iflist; 1270 bp != NULL; pbp = &bp->bif_next, bp = bp->bif_next) { 1271 if (bp->bif_ifp == ifp) { 1272 *pbp = bp->bif_next; 1273 free(bp, M_DEVBUF); 1274 break; 1275 } 1276 } 1277 } 1278 1279 /* 1280 * Change the data link type of a BPF instance. 1281 */ 1282 void 1283 bpf_change_type(driverp, dlt, hdrlen) 1284 caddr_t *driverp; 1285 u_int dlt, hdrlen; 1286 { 1287 struct bpf_if *bp; 1288 1289 for (bp = bpf_iflist; bp != NULL; bp = bp->bif_next) { 1290 if (bp->bif_driverp == (struct bpf_if **)driverp) 1291 break; 1292 } 1293 if (bp == NULL) 1294 panic("bpf_change_type"); 1295 1296 bp->bif_dlt = dlt; 1297 1298 /* 1299 * Compute the length of the bpf header. This is not necessarily 1300 * equal to SIZEOF_BPF_HDR because we want to insert spacing such 1301 * that the network layer header begins on a longword boundary (for 1302 * performance reasons and to alleviate alignment restrictions). 1303 */ 1304 bp->bif_hdrlen = BPF_WORDALIGN(hdrlen + SIZEOF_BPF_HDR) - hdrlen; 1305 } 1306 1307 /* XXX This routine belongs in net/if.c. */ 1308 /* 1309 * Set/clear promiscuous mode on interface ifp based on the truth value 1310 * of pswitch. The calls are reference counted so that only the first 1311 * "on" request actually has an effect, as does the final "off" request. 1312 * Results are undefined if the "off" and "on" requests are not matched. 1313 */ 1314 int 1315 ifpromisc(ifp, pswitch) 1316 struct ifnet *ifp; 1317 int pswitch; 1318 { 1319 int pcount, ret; 1320 short flags; 1321 struct ifreq ifr; 1322 1323 pcount = ifp->if_pcount; 1324 flags = ifp->if_flags; 1325 if (pswitch) { 1326 /* 1327 * If the device is not configured up, we cannot put it in 1328 * promiscuous mode. 1329 */ 1330 if ((ifp->if_flags & IFF_UP) == 0) 1331 return (ENETDOWN); 1332 if (ifp->if_pcount++ != 0) 1333 return (0); 1334 ifp->if_flags |= IFF_PROMISC; 1335 } else { 1336 if (--ifp->if_pcount > 0) 1337 return (0); 1338 ifp->if_flags &= ~IFF_PROMISC; 1339 /* 1340 * If the device is not configured up, we should not need to 1341 * turn off promiscuous mode (device should have turned it 1342 * off when interface went down; and will look at IFF_PROMISC 1343 * again next time interface comes up). 1344 */ 1345 if ((ifp->if_flags & IFF_UP) == 0) 1346 return (0); 1347 } 1348 memset((caddr_t)&ifr, 0, sizeof(ifr)); 1349 ifr.ifr_flags = ifp->if_flags; 1350 ret = (*ifp->if_ioctl)(ifp, SIOCSIFFLAGS, (caddr_t)&ifr); 1351 /* Restore interface state if not successful */ 1352 if (ret != 0) { 1353 ifp->if_pcount = pcount; 1354 ifp->if_flags = flags; 1355 } 1356 return (ret); 1357 } 1358
Indexes created Thu Sep 25 16:09:42 GMT 2025