bpf.c revision 1.61.2.4
1 /* $NetBSD: bpf.c,v 1.61.2.4 2002/06/23 17:50:20 jdolecek Exp $ */ 2 3 /* 4 * Copyright (c) 1990, 1991, 1993 5 * The Regents of the University of California. All rights reserved. 6 * 7 * This code is derived from the Stanford/CMU enet packet filter, 8 * (net/enet.c) distributed as part of 4.3BSD, and code contributed 9 * to Berkeley by Steven McCanne and Van Jacobson both of Lawrence 10 * Berkeley Laboratory. 11 * 12 * Redistribution and use in source and binary forms, with or without 13 * modification, are permitted provided that the following conditions 14 * are met: 15 * 1. Redistributions of source code must retain the above copyright 16 * notice, this list of conditions and the following disclaimer. 17 * 2. Redistributions in binary form must reproduce the above copyright 18 * notice, this list of conditions and the following disclaimer in the 19 * documentation and/or other materials provided with the distribution. 20 * 3. All advertising materials mentioning features or use of this software 21 * must display the following acknowledgement: 22 * This product includes software developed by the University of 23 * California, Berkeley and its contributors. 24 * 4. Neither the name of the University nor the names of its contributors 25 * may be used to endorse or promote products derived from this software 26 * without specific prior written permission. 27 * 28 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 29 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 30 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 31 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 32 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 33 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 34 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 35 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 36 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 37 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 38 * SUCH DAMAGE. 39 * 40 * @(#)bpf.c 8.4 (Berkeley) 1/9/95 41 * static char rcsid[] = 42 * "Header: bpf.c,v 1.67 96/09/26 22:00:52 leres Exp "; 43 */ 44 45 #include <sys/cdefs.h> 46 __KERNEL_RCSID(0, "$NetBSD: bpf.c,v 1.61.2.4 2002/06/23 17:50:20 jdolecek Exp $"); 47 48 #include "bpfilter.h" 49 50 #include <sys/param.h> 51 #include <sys/systm.h> 52 #include <sys/mbuf.h> 53 #include <sys/buf.h> 54 #include <sys/time.h> 55 #include <sys/proc.h> 56 #include <sys/user.h> 57 #include <sys/ioctl.h> 58 #include <sys/map.h> 59 #include <sys/conf.h> 60 #include <sys/vnode.h> 61 62 #include <sys/file.h> 63 #include <sys/tty.h> 64 #include <sys/uio.h> 65 66 #include <sys/protosw.h> 67 #include <sys/socket.h> 68 #include <sys/errno.h> 69 #include <sys/kernel.h> 70 #include <sys/poll.h> 71 72 #include <net/if.h> 73 74 #include <net/bpf.h> 75 #include <net/bpfdesc.h> 76 77 #include <net/if_arc.h> 78 #include <net/if_ether.h> 79 80 #include <netinet/in.h> 81 #include <netinet/if_inarp.h> 82 83 #if defined(_KERNEL_OPT) 84 #include "bpf.h" 85 #endif 86 87 #ifndef BPF_BUFSIZE 88 # define BPF_BUFSIZE 8192 /* 4096 too small for FDDI frames */ 89 #endif 90 91 #define PRINET 26 /* interruptible */ 92 93 /* 94 * The default read buffer size is patchable. 95 */ 96 int bpf_bufsize = BPF_BUFSIZE; 97 98 /* 99 * bpf_iflist is the list of interfaces; each corresponds to an ifnet 100 * bpf_dtab holds the descriptors, indexed by minor device # 101 */ 102 struct bpf_if *bpf_iflist; 103 struct bpf_d bpf_dtab[NBPFILTER]; 104 105 static int bpf_allocbufs __P((struct bpf_d *)); 106 static void bpf_freed __P((struct bpf_d *)); 107 static void bpf_ifname __P((struct ifnet *, struct ifreq *)); 108 static void *bpf_mcpy __P((void *, const void *, size_t)); 109 static int bpf_movein __P((struct uio *, int, int, 110 struct mbuf **, struct sockaddr *)); 111 static void bpf_attachd __P((struct bpf_d *, struct bpf_if *)); 112 static void bpf_detachd __P((struct bpf_d *)); 113 static int bpf_setif __P((struct bpf_d *, struct ifreq *)); 114 int bpfpoll __P((dev_t, int, struct proc *)); 115 static __inline void 116 bpf_wakeup __P((struct bpf_d *)); 117 static void catchpacket __P((struct bpf_d *, u_char *, u_int, u_int, 118 void *(*)(void *, const void *, size_t))); 119 static void reset_d __P((struct bpf_d *)); 120 121 static int 122 bpf_movein(uio, linktype, mtu, mp, sockp) 123 struct uio *uio; 124 int linktype; 125 int mtu; 126 struct mbuf **mp; 127 struct sockaddr *sockp; 128 { 129 struct mbuf *m; 130 int error; 131 int len; 132 int hlen; 133 int align; 134 135 /* 136 * Build a sockaddr based on the data link layer type. 137 * We do this at this level because the ethernet header 138 * is copied directly into the data field of the sockaddr. 139 * In the case of SLIP, there is no header and the packet 140 * is forwarded as is. 141 * Also, we are careful to leave room at the front of the mbuf 142 * for the link level header. 143 */ 144 switch (linktype) { 145 146 case DLT_SLIP: 147 sockp->sa_family = AF_INET; 148 hlen = 0; 149 align = 0; 150 break; 151 152 case DLT_PPP: 153 sockp->sa_family = AF_UNSPEC; 154 hlen = 0; 155 align = 0; 156 break; 157 158 case DLT_EN10MB: 159 sockp->sa_family = AF_UNSPEC; 160 /* XXX Would MAXLINKHDR be better? */ 161 /* 6(dst)+6(src)+2(type) */ 162 hlen = sizeof(struct ether_header); 163 align = 2; 164 break; 165 166 case DLT_ARCNET: 167 sockp->sa_family = AF_UNSPEC; 168 hlen = ARC_HDRLEN; 169 align = 5; 170 break; 171 172 case DLT_FDDI: 173 sockp->sa_family = AF_LINK; 174 /* XXX 4(FORMAC)+6(dst)+6(src) */ 175 hlen = 16; 176 align = 0; 177 break; 178 179 case DLT_ECONET: 180 sockp->sa_family = AF_UNSPEC; 181 hlen = 6; 182 align = 2; 183 break; 184 185 case DLT_NULL: 186 sockp->sa_family = AF_UNSPEC; 187 hlen = 0; 188 align = 0; 189 break; 190 191 default: 192 return (EIO); 193 } 194 195 len = uio->uio_resid; 196 /* 197 * If there aren't enough bytes for a link level header or the 198 * packet length exceeds the interface mtu, return an error. 199 */ 200 if (len < hlen || len - hlen > mtu) 201 return (EMSGSIZE); 202 203 /* 204 * XXX Avoid complicated buffer chaining --- 205 * bail if it won't fit in a single mbuf. 206 * (Take into account possible alignment bytes) 207 */ 208 if ((unsigned)len > MCLBYTES - align) 209 return (EIO); 210 211 MGETHDR(m, M_WAIT, MT_DATA); 212 if (m == 0) 213 return (ENOBUFS); 214 m->m_pkthdr.rcvif = 0; 215 m->m_pkthdr.len = len - hlen; 216 if (len > MHLEN - align) { 217 MCLGET(m, M_WAIT); 218 if ((m->m_flags & M_EXT) == 0) { 219 error = ENOBUFS; 220 goto bad; 221 } 222 } 223 224 /* Insure the data is properly aligned */ 225 if (align > 0) { 226 m->m_data += align; 227 m->m_len -= align; 228 } 229 230 error = uiomove(mtod(m, caddr_t), len, uio); 231 if (error) 232 goto bad; 233 if (hlen != 0) { 234 memcpy(sockp->sa_data, mtod(m, caddr_t), hlen); 235 m->m_data += hlen; /* XXX */ 236 len -= hlen; 237 } 238 m->m_len = len; 239 *mp = m; 240 return (0); 241 242 bad: 243 m_freem(m); 244 return (error); 245 } 246 247 /* 248 * Attach file to the bpf interface, i.e. make d listen on bp. 249 * Must be called at splnet. 250 */ 251 static void 252 bpf_attachd(d, bp) 253 struct bpf_d *d; 254 struct bpf_if *bp; 255 { 256 /* 257 * Point d at bp, and add d to the interface's list of listeners. 258 * Finally, point the driver's bpf cookie at the interface so 259 * it will divert packets to bpf. 260 */ 261 d->bd_bif = bp; 262 d->bd_next = bp->bif_dlist; 263 bp->bif_dlist = d; 264 265 *bp->bif_driverp = bp; 266 } 267 268 /* 269 * Detach a file from its interface. 270 */ 271 static void 272 bpf_detachd(d) 273 struct bpf_d *d; 274 { 275 struct bpf_d **p; 276 struct bpf_if *bp; 277 278 bp = d->bd_bif; 279 /* 280 * Check if this descriptor had requested promiscuous mode. 281 * If so, turn it off. 282 */ 283 if (d->bd_promisc) { 284 int error; 285 286 d->bd_promisc = 0; 287 /* 288 * Take device out of promiscuous mode. Since we were 289 * able to enter promiscuous mode, we should be able 290 * to turn it off. But we can get an error if 291 * the interface was configured down, so only panic 292 * if we don't get an unexpected error. 293 */ 294 error = ifpromisc(bp->bif_ifp, 0); 295 if (error && error != EINVAL) 296 panic("bpf: ifpromisc failed"); 297 } 298 /* Remove d from the interface's descriptor list. */ 299 p = &bp->bif_dlist; 300 while (*p != d) { 301 p = &(*p)->bd_next; 302 if (*p == 0) 303 panic("bpf_detachd: descriptor not in list"); 304 } 305 *p = (*p)->bd_next; 306 if (bp->bif_dlist == 0) 307 /* 308 * Let the driver know that there are no more listeners. 309 */ 310 *d->bd_bif->bif_driverp = 0; 311 d->bd_bif = 0; 312 } 313 314 315 /* 316 * Mark a descriptor free by making it point to itself. 317 * This is probably cheaper than marking with a constant since 318 * the address should be in a register anyway. 319 */ 320 #define D_ISFREE(d) ((d) == (d)->bd_next) 321 #define D_MARKFREE(d) ((d)->bd_next = (d)) 322 #define D_MARKUSED(d) ((d)->bd_next = 0) 323 324 /* 325 * bpfilterattach() is called at boot time. 326 */ 327 /* ARGSUSED */ 328 void 329 bpfilterattach(n) 330 int n; 331 { 332 int i; 333 /* 334 * Mark all the descriptors free. 335 */ 336 for (i = 0; i < NBPFILTER; ++i) 337 D_MARKFREE(&bpf_dtab[i]); 338 339 } 340 341 /* 342 * Open ethernet device. Returns ENXIO for illegal minor device number, 343 * EBUSY if file is open by another process. 344 */ 345 /* ARGSUSED */ 346 int 347 bpfopen(dev, flag, mode, p) 348 dev_t dev; 349 int flag; 350 int mode; 351 struct proc *p; 352 { 353 struct bpf_d *d; 354 355 if (minor(dev) >= NBPFILTER) 356 return (ENXIO); 357 /* 358 * Each minor can be opened by only one process. If the requested 359 * minor is in use, return EBUSY. 360 */ 361 d = &bpf_dtab[minor(dev)]; 362 if (!D_ISFREE(d)) 363 return (EBUSY); 364 365 /* Mark "free" and do most initialization. */ 366 memset((char *)d, 0, sizeof(*d)); 367 d->bd_bufsize = bpf_bufsize; 368 369 return (0); 370 } 371 372 /* 373 * Close the descriptor by detaching it from its interface, 374 * deallocating its buffers, and marking it free. 375 */ 376 /* ARGSUSED */ 377 int 378 bpfclose(dev, flag, mode, p) 379 dev_t dev; 380 int flag; 381 int mode; 382 struct proc *p; 383 { 384 struct bpf_d *d = &bpf_dtab[minor(dev)]; 385 int s; 386 387 s = splnet(); 388 if (d->bd_bif) 389 bpf_detachd(d); 390 splx(s); 391 bpf_freed(d); 392 393 return (0); 394 } 395 396 /* 397 * Rotate the packet buffers in descriptor d. Move the store buffer 398 * into the hold slot, and the free buffer into the store slot. 399 * Zero the length of the new store buffer. 400 */ 401 #define ROTATE_BUFFERS(d) \ 402 (d)->bd_hbuf = (d)->bd_sbuf; \ 403 (d)->bd_hlen = (d)->bd_slen; \ 404 (d)->bd_sbuf = (d)->bd_fbuf; \ 405 (d)->bd_slen = 0; \ 406 (d)->bd_fbuf = 0; 407 /* 408 * bpfread - read next chunk of packets from buffers 409 */ 410 int 411 bpfread(dev, uio, ioflag) 412 dev_t dev; 413 struct uio *uio; 414 int ioflag; 415 { 416 struct bpf_d *d = &bpf_dtab[minor(dev)]; 417 int error; 418 int s; 419 420 /* 421 * Restrict application to use a buffer the same size as 422 * as kernel buffers. 423 */ 424 if (uio->uio_resid != d->bd_bufsize) 425 return (EINVAL); 426 427 s = splnet(); 428 /* 429 * If the hold buffer is empty, then do a timed sleep, which 430 * ends when the timeout expires or when enough packets 431 * have arrived to fill the store buffer. 432 */ 433 while (d->bd_hbuf == 0) { 434 if (d->bd_immediate) { 435 if (d->bd_slen == 0) { 436 splx(s); 437 return (EWOULDBLOCK); 438 } 439 /* 440 * A packet(s) either arrived since the previous 441 * read or arrived while we were asleep. 442 * Rotate the buffers and return what's here. 443 */ 444 ROTATE_BUFFERS(d); 445 break; 446 } 447 if (d->bd_rtout != -1) 448 error = tsleep((caddr_t)d, PRINET|PCATCH, "bpf", 449 d->bd_rtout); 450 else { 451 if (d->bd_rtout == -1) { 452 /* User requested non-blocking I/O */ 453 error = EWOULDBLOCK; 454 } else 455 error = 0; 456 } 457 if (error == EINTR || error == ERESTART) { 458 splx(s); 459 return (error); 460 } 461 if (error == EWOULDBLOCK) { 462 /* 463 * On a timeout, return what's in the buffer, 464 * which may be nothing. If there is something 465 * in the store buffer, we can rotate the buffers. 466 */ 467 if (d->bd_hbuf) 468 /* 469 * We filled up the buffer in between 470 * getting the timeout and arriving 471 * here, so we don't need to rotate. 472 */ 473 break; 474 475 if (d->bd_slen == 0) { 476 splx(s); 477 return (0); 478 } 479 ROTATE_BUFFERS(d); 480 break; 481 } 482 if (error != 0) 483 goto done; 484 } 485 /* 486 * At this point, we know we have something in the hold slot. 487 */ 488 splx(s); 489 490 /* 491 * Move data from hold buffer into user space. 492 * We know the entire buffer is transferred since 493 * we checked above that the read buffer is bpf_bufsize bytes. 494 */ 495 error = uiomove(d->bd_hbuf, d->bd_hlen, uio); 496 497 s = splnet(); 498 d->bd_fbuf = d->bd_hbuf; 499 d->bd_hbuf = 0; 500 d->bd_hlen = 0; 501 done: 502 splx(s); 503 return (error); 504 } 505 506 507 /* 508 * If there are processes sleeping on this descriptor, wake them up. 509 */ 510 static __inline void 511 bpf_wakeup(d) 512 struct bpf_d *d; 513 { 514 struct proc *p; 515 516 wakeup((caddr_t)d); 517 if (d->bd_async) { 518 if (d->bd_pgid > 0) 519 gsignal (d->bd_pgid, SIGIO); 520 else if (d->bd_pgid && (p = pfind (-d->bd_pgid)) != NULL) 521 psignal (p, SIGIO); 522 } 523 524 selnotify(&d->bd_sel, 0); 525 } 526 527 int 528 bpfwrite(dev, uio, ioflag) 529 dev_t dev; 530 struct uio *uio; 531 int ioflag; 532 { 533 struct bpf_d *d = &bpf_dtab[minor(dev)]; 534 struct ifnet *ifp; 535 struct mbuf *m; 536 int error, s; 537 static struct sockaddr_storage dst; 538 539 if (d->bd_bif == 0) 540 return (ENXIO); 541 542 ifp = d->bd_bif->bif_ifp; 543 544 if (uio->uio_resid == 0) 545 return (0); 546 547 error = bpf_movein(uio, (int)d->bd_bif->bif_dlt, ifp->if_mtu, &m, 548 (struct sockaddr *) &dst); 549 if (error) 550 return (error); 551 552 if (m->m_pkthdr.len > ifp->if_mtu) 553 return (EMSGSIZE); 554 555 if (d->bd_hdrcmplt) 556 dst.ss_family = pseudo_AF_HDRCMPLT; 557 558 s = splsoftnet(); 559 error = (*ifp->if_output)(ifp, m, (struct sockaddr *) &dst, NULL); 560 splx(s); 561 /* 562 * The driver frees the mbuf. 563 */ 564 return (error); 565 } 566 567 /* 568 * Reset a descriptor by flushing its packet buffer and clearing the 569 * receive and drop counts. Should be called at splnet. 570 */ 571 static void 572 reset_d(d) 573 struct bpf_d *d; 574 { 575 if (d->bd_hbuf) { 576 /* Free the hold buffer. */ 577 d->bd_fbuf = d->bd_hbuf; 578 d->bd_hbuf = 0; 579 } 580 d->bd_slen = 0; 581 d->bd_hlen = 0; 582 d->bd_rcount = 0; 583 d->bd_dcount = 0; 584 } 585 586 #ifdef BPF_KERN_FILTER 587 extern struct bpf_insn *bpf_tcp_filter; 588 extern struct bpf_insn *bpf_udp_filter; 589 #endif 590 591 /* 592 * FIONREAD Check for read packet available. 593 * BIOCGBLEN Get buffer len [for read()]. 594 * BIOCSETF Set ethernet read filter. 595 * BIOCFLUSH Flush read packet buffer. 596 * BIOCPROMISC Put interface into promiscuous mode. 597 * BIOCGDLT Get link layer type. 598 * BIOCGETIF Get interface name. 599 * BIOCSETIF Set interface. 600 * BIOCSRTIMEOUT Set read timeout. 601 * BIOCGRTIMEOUT Get read timeout. 602 * BIOCGSTATS Get packet stats. 603 * BIOCIMMEDIATE Set immediate mode. 604 * BIOCVERSION Get filter language version. 605 * BIOGHDRCMPLT Get "header already complete" flag. 606 * BIOSHDRCMPLT Set "header already complete" flag. 607 */ 608 /* ARGSUSED */ 609 int 610 bpfioctl(dev, cmd, addr, flag, p) 611 dev_t dev; 612 u_long cmd; 613 caddr_t addr; 614 int flag; 615 struct proc *p; 616 { 617 struct bpf_d *d = &bpf_dtab[minor(dev)]; 618 int s, error = 0; 619 #ifdef BPF_KERN_FILTER 620 struct bpf_insn **p; 621 #endif 622 623 switch (cmd) { 624 625 default: 626 error = EINVAL; 627 break; 628 629 /* 630 * Check for read packet available. 631 */ 632 case FIONREAD: 633 { 634 int n; 635 636 s = splnet(); 637 n = d->bd_slen; 638 if (d->bd_hbuf) 639 n += d->bd_hlen; 640 splx(s); 641 642 *(int *)addr = n; 643 break; 644 } 645 646 /* 647 * Get buffer len [for read()]. 648 */ 649 case BIOCGBLEN: 650 *(u_int *)addr = d->bd_bufsize; 651 break; 652 653 /* 654 * Set buffer length. 655 */ 656 case BIOCSBLEN: 657 if (d->bd_bif != 0) 658 error = EINVAL; 659 else { 660 u_int size = *(u_int *)addr; 661 662 if (size > BPF_MAXBUFSIZE) 663 *(u_int *)addr = size = BPF_MAXBUFSIZE; 664 else if (size < BPF_MINBUFSIZE) 665 *(u_int *)addr = size = BPF_MINBUFSIZE; 666 d->bd_bufsize = size; 667 } 668 break; 669 670 /* 671 * Set link layer read filter. 672 */ 673 case BIOCSETF: 674 error = bpf_setf(d, (struct bpf_program *)addr); 675 break; 676 677 #ifdef BPF_KERN_FILTER 678 /* 679 * Set TCP or UDP reject filter. 680 */ 681 case BIOCSTCPF: 682 case BIOCSUDPF: 683 if (!suser()) { 684 error = EPERM; 685 break; 686 } 687 688 /* Validate and store filter */ 689 error = bpf_setf(d, (struct bpf_program *)addr); 690 691 /* Free possible old filter */ 692 if (cmd == BIOCSTCPF) 693 p = &bpf_tcp_filter; 694 else 695 p = &bpf_udp_filter; 696 if (*p != NULL) 697 free((caddr_t)*p, M_DEVBUF); 698 699 /* Steal new filter (noop if error) */ 700 s = splnet(); 701 *p = d->bd_filter; 702 d->bd_filter = NULL; 703 splx(s); 704 break; 705 #endif 706 707 /* 708 * Flush read packet buffer. 709 */ 710 case BIOCFLUSH: 711 s = splnet(); 712 reset_d(d); 713 splx(s); 714 break; 715 716 /* 717 * Put interface into promiscuous mode. 718 */ 719 case BIOCPROMISC: 720 if (d->bd_bif == 0) { 721 /* 722 * No interface attached yet. 723 */ 724 error = EINVAL; 725 break; 726 } 727 s = splnet(); 728 if (d->bd_promisc == 0) { 729 error = ifpromisc(d->bd_bif->bif_ifp, 1); 730 if (error == 0) 731 d->bd_promisc = 1; 732 } 733 splx(s); 734 break; 735 736 /* 737 * Get device parameters. 738 */ 739 case BIOCGDLT: 740 if (d->bd_bif == 0) 741 error = EINVAL; 742 else 743 *(u_int *)addr = d->bd_bif->bif_dlt; 744 break; 745 746 /* 747 * Set interface name. 748 */ 749 case BIOCGETIF: 750 if (d->bd_bif == 0) 751 error = EINVAL; 752 else 753 bpf_ifname(d->bd_bif->bif_ifp, (struct ifreq *)addr); 754 break; 755 756 /* 757 * Set interface. 758 */ 759 case BIOCSETIF: 760 error = bpf_setif(d, (struct ifreq *)addr); 761 break; 762 763 /* 764 * Set read timeout. 765 */ 766 case BIOCSRTIMEOUT: 767 { 768 struct timeval *tv = (struct timeval *)addr; 769 770 /* Compute number of ticks. */ 771 d->bd_rtout = tv->tv_sec * hz + tv->tv_usec / tick; 772 if ((d->bd_rtout == 0) && (tv->tv_usec != 0)) 773 d->bd_rtout = 1; 774 break; 775 } 776 777 /* 778 * Get read timeout. 779 */ 780 case BIOCGRTIMEOUT: 781 { 782 struct timeval *tv = (struct timeval *)addr; 783 784 tv->tv_sec = d->bd_rtout / hz; 785 tv->tv_usec = (d->bd_rtout % hz) * tick; 786 break; 787 } 788 789 /* 790 * Get packet stats. 791 */ 792 case BIOCGSTATS: 793 { 794 struct bpf_stat *bs = (struct bpf_stat *)addr; 795 796 bs->bs_recv = d->bd_rcount; 797 bs->bs_drop = d->bd_dcount; 798 break; 799 } 800 801 /* 802 * Set immediate mode. 803 */ 804 case BIOCIMMEDIATE: 805 d->bd_immediate = *(u_int *)addr; 806 break; 807 808 case BIOCVERSION: 809 { 810 struct bpf_version *bv = (struct bpf_version *)addr; 811 812 bv->bv_major = BPF_MAJOR_VERSION; 813 bv->bv_minor = BPF_MINOR_VERSION; 814 break; 815 } 816 817 case BIOCGHDRCMPLT: /* get "header already complete" flag */ 818 *(u_int *)addr = d->bd_hdrcmplt; 819 break; 820 821 case BIOCSHDRCMPLT: /* set "header already complete" flag */ 822 d->bd_hdrcmplt = *(u_int *)addr ? 1 : 0; 823 break; 824 825 case FIONBIO: /* Non-blocking I/O */ 826 if (*(int *)addr) 827 d->bd_rtout = -1; 828 else 829 d->bd_rtout = 0; 830 break; 831 832 case FIOASYNC: /* Send signal on receive packets */ 833 d->bd_async = *(int *)addr; 834 break; 835 836 /* 837 * N.B. ioctl (FIOSETOWN) and fcntl (F_SETOWN) both end up doing 838 * the equivalent of a TIOCSPGRP and hence end up here. *However* 839 * TIOCSPGRP's arg is a process group if it's positive and a process 840 * id if it's negative. This is exactly the opposite of what the 841 * other two functions want! Therefore there is code in ioctl and 842 * fcntl to negate the arg before calling here. 843 */ 844 case TIOCSPGRP: /* Process or group to send signals to */ 845 d->bd_pgid = *(int *)addr; 846 break; 847 848 case TIOCGPGRP: 849 *(int *)addr = d->bd_pgid; 850 break; 851 } 852 return (error); 853 } 854 855 /* 856 * Set d's packet filter program to fp. If this file already has a filter, 857 * free it and replace it. Returns EINVAL for bogus requests. 858 */ 859 int 860 bpf_setf(d, fp) 861 struct bpf_d *d; 862 struct bpf_program *fp; 863 { 864 struct bpf_insn *fcode, *old; 865 u_int flen, size; 866 int s; 867 868 old = d->bd_filter; 869 if (fp->bf_insns == 0) { 870 if (fp->bf_len != 0) 871 return (EINVAL); 872 s = splnet(); 873 d->bd_filter = 0; 874 reset_d(d); 875 splx(s); 876 if (old != 0) 877 free((caddr_t)old, M_DEVBUF); 878 return (0); 879 } 880 flen = fp->bf_len; 881 if (flen > BPF_MAXINSNS) 882 return (EINVAL); 883 884 size = flen * sizeof(*fp->bf_insns); 885 fcode = (struct bpf_insn *)malloc(size, M_DEVBUF, M_WAITOK); 886 if (copyin((caddr_t)fp->bf_insns, (caddr_t)fcode, size) == 0 && 887 bpf_validate(fcode, (int)flen)) { 888 s = splnet(); 889 d->bd_filter = fcode; 890 reset_d(d); 891 splx(s); 892 if (old != 0) 893 free((caddr_t)old, M_DEVBUF); 894 895 return (0); 896 } 897 free((caddr_t)fcode, M_DEVBUF); 898 return (EINVAL); 899 } 900 901 /* 902 * Detach a file from its current interface (if attached at all) and attach 903 * to the interface indicated by the name stored in ifr. 904 * Return an errno or 0. 905 */ 906 static int 907 bpf_setif(d, ifr) 908 struct bpf_d *d; 909 struct ifreq *ifr; 910 { 911 struct bpf_if *bp; 912 char *cp; 913 int unit_seen, i, s, error; 914 915 /* 916 * Make sure the provided name has a unit number, and default 917 * it to '0' if not specified. 918 * XXX This is ugly ... do this differently? 919 */ 920 unit_seen = 0; 921 cp = ifr->ifr_name; 922 cp[sizeof(ifr->ifr_name) - 1] = '\0'; /* sanity */ 923 while (*cp++) 924 if (*cp >= '0' && *cp <= '9') 925 unit_seen = 1; 926 if (!unit_seen) { 927 /* Make sure to leave room for the '\0'. */ 928 for (i = 0; i < (IFNAMSIZ - 1); ++i) { 929 if ((ifr->ifr_name[i] >= 'a' && 930 ifr->ifr_name[i] <= 'z') || 931 (ifr->ifr_name[i] >= 'A' && 932 ifr->ifr_name[i] <= 'Z')) 933 continue; 934 ifr->ifr_name[i] = '0'; 935 } 936 } 937 938 /* 939 * Look through attached interfaces for the named one. 940 */ 941 for (bp = bpf_iflist; bp != 0; bp = bp->bif_next) { 942 struct ifnet *ifp = bp->bif_ifp; 943 944 if (ifp == 0 || 945 strcmp(ifp->if_xname, ifr->ifr_name) != 0) 946 continue; 947 /* 948 * We found the requested interface. 949 * If it's not up, return an error. 950 * Allocate the packet buffers if we need to. 951 * If we're already attached to requested interface, 952 * just flush the buffer. 953 */ 954 if ((ifp->if_flags & IFF_UP) == 0) 955 return (ENETDOWN); 956 957 if (d->bd_sbuf == 0) { 958 error = bpf_allocbufs(d); 959 if (error != 0) 960 return (error); 961 } 962 s = splnet(); 963 if (bp != d->bd_bif) { 964 if (d->bd_bif) 965 /* 966 * Detach if attached to something else. 967 */ 968 bpf_detachd(d); 969 970 bpf_attachd(d, bp); 971 } 972 reset_d(d); 973 splx(s); 974 return (0); 975 } 976 /* Not found. */ 977 return (ENXIO); 978 } 979 980 /* 981 * Copy the interface name to the ifreq. 982 */ 983 static void 984 bpf_ifname(ifp, ifr) 985 struct ifnet *ifp; 986 struct ifreq *ifr; 987 { 988 989 memcpy(ifr->ifr_name, ifp->if_xname, IFNAMSIZ); 990 } 991 992 /* 993 * Support for poll() system call 994 * 995 * Return true iff the specific operation will not block indefinitely - with 996 * the assumption that it is safe to positively acknowledge a request for the 997 * ability to write to the BPF device. 998 * Otherwise, return false but make a note that a selwakeup() must be done. 999 */ 1000 int 1001 bpfpoll(dev, events, p) 1002 dev_t dev; 1003 int events; 1004 struct proc *p; 1005 { 1006 struct bpf_d *d = &bpf_dtab[minor(dev)]; 1007 int s = splnet(); 1008 int revents; 1009 1010 revents = events & (POLLOUT | POLLWRNORM); 1011 if (events & (POLLIN | POLLRDNORM)) { 1012 /* 1013 * An imitation of the FIONREAD ioctl code. 1014 */ 1015 if (d->bd_hlen != 0 || (d->bd_immediate && d->bd_slen != 0)) 1016 revents |= events & (POLLIN | POLLRDNORM); 1017 else 1018 selrecord(p, &d->bd_sel); 1019 } 1020 1021 splx(s); 1022 return (revents); 1023 } 1024 1025 static void 1026 filt_bpfrdetach(struct knote *kn) 1027 { 1028 struct bpf_d *d = (void *) kn->kn_hook; 1029 int s; 1030 1031 s = splnet(); 1032 SLIST_REMOVE(&d->bd_sel.si_klist, kn, knote, kn_selnext); 1033 splx(s); 1034 } 1035 1036 static int 1037 filt_bpfread(struct knote *kn, long hint) 1038 { 1039 struct bpf_d *d = (void *) kn->kn_hook; 1040 1041 kn->kn_data = d->bd_hlen; 1042 if (d->bd_immediate) 1043 kn->kn_data += d->bd_slen; 1044 return (kn->kn_data > 0); 1045 } 1046 1047 static const struct filterops bpfread_filtops = 1048 { 1, NULL, filt_bpfrdetach, filt_bpfread }; 1049 1050 int 1051 bpfkqfilter(dev, kn) 1052 dev_t dev; 1053 struct knote *kn; 1054 { 1055 struct bpf_d *d = &bpf_dtab[minor(dev)]; 1056 struct klist *klist; 1057 int s; 1058 1059 switch (kn->kn_filter) { 1060 case EVFILT_READ: 1061 klist = &d->bd_sel.si_klist; 1062 kn->kn_fop = &bpfread_filtops; 1063 break; 1064 1065 default: 1066 return (1); 1067 } 1068 1069 kn->kn_hook = (void *) d; 1070 1071 s = splnet(); 1072 SLIST_INSERT_HEAD(klist, kn, kn_selnext); 1073 splx(s); 1074 1075 return (0); 1076 } 1077 1078 /* 1079 * Incoming linkage from device drivers. Process the packet pkt, of length 1080 * pktlen, which is stored in a contiguous buffer. The packet is parsed 1081 * by each process' filter, and if accepted, stashed into the corresponding 1082 * buffer. 1083 */ 1084 void 1085 bpf_tap(arg, pkt, pktlen) 1086 caddr_t arg; 1087 u_char *pkt; 1088 u_int pktlen; 1089 { 1090 struct bpf_if *bp; 1091 struct bpf_d *d; 1092 u_int slen; 1093 /* 1094 * Note that the ipl does not have to be raised at this point. 1095 * The only problem that could arise here is that if two different 1096 * interfaces shared any data. This is not the case. 1097 */ 1098 bp = (struct bpf_if *)arg; 1099 for (d = bp->bif_dlist; d != 0; d = d->bd_next) { 1100 ++d->bd_rcount; 1101 slen = bpf_filter(d->bd_filter, pkt, pktlen, pktlen); 1102 if (slen != 0) 1103 catchpacket(d, pkt, pktlen, slen, memcpy); 1104 } 1105 } 1106 1107 /* 1108 * Copy data from an mbuf chain into a buffer. This code is derived 1109 * from m_copydata in sys/uipc_mbuf.c. 1110 */ 1111 static void * 1112 bpf_mcpy(dst_arg, src_arg, len) 1113 void *dst_arg; 1114 const void *src_arg; 1115 size_t len; 1116 { 1117 const struct mbuf *m; 1118 u_int count; 1119 u_char *dst; 1120 1121 m = src_arg; 1122 dst = dst_arg; 1123 while (len > 0) { 1124 if (m == 0) 1125 panic("bpf_mcpy"); 1126 count = min(m->m_len, len); 1127 memcpy((caddr_t)dst, mtod(m, caddr_t), count); 1128 m = m->m_next; 1129 dst += count; 1130 len -= count; 1131 } 1132 return(dst_arg); 1133 } 1134 1135 /* 1136 * Incoming linkage from device drivers, when packet is in an mbuf chain. 1137 */ 1138 void 1139 bpf_mtap(arg, m) 1140 caddr_t arg; 1141 struct mbuf *m; 1142 { 1143 struct bpf_if *bp = (struct bpf_if *)arg; 1144 struct bpf_d *d; 1145 u_int pktlen, slen; 1146 struct mbuf *m0; 1147 1148 pktlen = 0; 1149 for (m0 = m; m0 != 0; m0 = m0->m_next) 1150 pktlen += m0->m_len; 1151 1152 for (d = bp->bif_dlist; d != 0; d = d->bd_next) { 1153 ++d->bd_rcount; 1154 slen = bpf_filter(d->bd_filter, (u_char *)m, pktlen, 0); 1155 if (slen != 0) 1156 catchpacket(d, (u_char *)m, pktlen, slen, bpf_mcpy); 1157 } 1158 } 1159 1160 /* 1161 * Move the packet data from interface memory (pkt) into the 1162 * store buffer. Return 1 if it's time to wakeup a listener (buffer full), 1163 * otherwise 0. "copy" is the routine called to do the actual data 1164 * transfer. memcpy is passed in to copy contiguous chunks, while 1165 * bpf_mcpy is passed in to copy mbuf chains. In the latter case, 1166 * pkt is really an mbuf. 1167 */ 1168 static void 1169 catchpacket(d, pkt, pktlen, snaplen, cpfn) 1170 struct bpf_d *d; 1171 u_char *pkt; 1172 u_int pktlen, snaplen; 1173 void *(*cpfn) __P((void *, const void *, size_t)); 1174 { 1175 struct bpf_hdr *hp; 1176 int totlen, curlen; 1177 int hdrlen = d->bd_bif->bif_hdrlen; 1178 /* 1179 * Figure out how many bytes to move. If the packet is 1180 * greater or equal to the snapshot length, transfer that 1181 * much. Otherwise, transfer the whole packet (unless 1182 * we hit the buffer size limit). 1183 */ 1184 totlen = hdrlen + min(snaplen, pktlen); 1185 if (totlen > d->bd_bufsize) 1186 totlen = d->bd_bufsize; 1187 1188 /* 1189 * Round up the end of the previous packet to the next longword. 1190 */ 1191 curlen = BPF_WORDALIGN(d->bd_slen); 1192 if (curlen + totlen > d->bd_bufsize) { 1193 /* 1194 * This packet will overflow the storage buffer. 1195 * Rotate the buffers if we can, then wakeup any 1196 * pending reads. 1197 */ 1198 if (d->bd_fbuf == 0) { 1199 /* 1200 * We haven't completed the previous read yet, 1201 * so drop the packet. 1202 */ 1203 ++d->bd_dcount; 1204 return; 1205 } 1206 ROTATE_BUFFERS(d); 1207 bpf_wakeup(d); 1208 curlen = 0; 1209 } 1210 else if (d->bd_immediate) 1211 /* 1212 * Immediate mode is set. A packet arrived so any 1213 * reads should be woken up. 1214 */ 1215 bpf_wakeup(d); 1216 1217 /* 1218 * Append the bpf header. 1219 */ 1220 hp = (struct bpf_hdr *)(d->bd_sbuf + curlen); 1221 microtime(&hp->bh_tstamp); 1222 hp->bh_datalen = pktlen; 1223 hp->bh_hdrlen = hdrlen; 1224 /* 1225 * Copy the packet data into the store buffer and update its length. 1226 */ 1227 (*cpfn)((u_char *)hp + hdrlen, pkt, (hp->bh_caplen = totlen - hdrlen)); 1228 d->bd_slen = curlen + totlen; 1229 } 1230 1231 /* 1232 * Initialize all nonzero fields of a descriptor. 1233 */ 1234 static int 1235 bpf_allocbufs(d) 1236 struct bpf_d *d; 1237 { 1238 1239 d->bd_fbuf = (caddr_t)malloc(d->bd_bufsize, M_DEVBUF, M_WAITOK); 1240 d->bd_sbuf = (caddr_t)malloc(d->bd_bufsize, M_DEVBUF, M_WAITOK); 1241 d->bd_slen = 0; 1242 d->bd_hlen = 0; 1243 return (0); 1244 } 1245 1246 /* 1247 * Free buffers currently in use by a descriptor. 1248 * Called on close. 1249 */ 1250 static void 1251 bpf_freed(d) 1252 struct bpf_d *d; 1253 { 1254 /* 1255 * We don't need to lock out interrupts since this descriptor has 1256 * been detached from its interface and it yet hasn't been marked 1257 * free. 1258 */ 1259 if (d->bd_sbuf != 0) { 1260 free(d->bd_sbuf, M_DEVBUF); 1261 if (d->bd_hbuf != 0) 1262 free(d->bd_hbuf, M_DEVBUF); 1263 if (d->bd_fbuf != 0) 1264 free(d->bd_fbuf, M_DEVBUF); 1265 } 1266 if (d->bd_filter) 1267 free((caddr_t)d->bd_filter, M_DEVBUF); 1268 1269 D_MARKFREE(d); 1270 } 1271 1272 /* 1273 * Attach an interface to bpf. dlt is the link layer type; hdrlen is the 1274 * fixed size of the link header (variable length headers not yet supported). 1275 */ 1276 void 1277 bpfattach(ifp, dlt, hdrlen) 1278 struct ifnet *ifp; 1279 u_int dlt, hdrlen; 1280 { 1281 struct bpf_if *bp; 1282 bp = (struct bpf_if *)malloc(sizeof(*bp), M_DEVBUF, M_DONTWAIT); 1283 if (bp == 0) 1284 panic("bpfattach"); 1285 1286 bp->bif_dlist = 0; 1287 bp->bif_driverp = (struct bpf_if **)&ifp->if_bpf; 1288 bp->bif_ifp = ifp; 1289 bp->bif_dlt = dlt; 1290 1291 bp->bif_next = bpf_iflist; 1292 bpf_iflist = bp; 1293 1294 *bp->bif_driverp = 0; 1295 1296 /* 1297 * Compute the length of the bpf header. This is not necessarily 1298 * equal to SIZEOF_BPF_HDR because we want to insert spacing such 1299 * that the network layer header begins on a longword boundary (for 1300 * performance reasons and to alleviate alignment restrictions). 1301 */ 1302 bp->bif_hdrlen = BPF_WORDALIGN(hdrlen + SIZEOF_BPF_HDR) - hdrlen; 1303 1304 #if 0 1305 printf("bpf: %s attached\n", ifp->if_xname); 1306 #endif 1307 } 1308 1309 /* 1310 * Remove an interface from bpf. 1311 */ 1312 void 1313 bpfdetach(ifp) 1314 struct ifnet *ifp; 1315 { 1316 struct bpf_if *bp, **pbp; 1317 struct bpf_d *d; 1318 int i, s, cmaj; 1319 1320 /* locate the major number */ 1321 for (cmaj = 0; cmaj <= nchrdev; cmaj++) 1322 if (cdevsw[cmaj].d_open == bpfopen) 1323 break; 1324 1325 /* Nuke the vnodes for any open instances */ 1326 for (i = 0; i < NBPFILTER; ++i) { 1327 d = &bpf_dtab[i]; 1328 if (!D_ISFREE(d) && d->bd_bif != NULL && 1329 d->bd_bif->bif_ifp == ifp) { 1330 /* 1331 * Detach the descriptor from an interface now. 1332 * It will be free'ed later by close routine. 1333 */ 1334 s = splnet(); 1335 d->bd_promisc = 0; /* we can't touch device. */ 1336 bpf_detachd(d); 1337 splx(s); 1338 vdevgone(cmaj, i, i, VCHR); 1339 } 1340 } 1341 1342 for (bp = bpf_iflist, pbp = &bpf_iflist; 1343 bp != NULL; pbp = &bp->bif_next, bp = bp->bif_next) { 1344 if (bp->bif_ifp == ifp) { 1345 *pbp = bp->bif_next; 1346 free(bp, M_DEVBUF); 1347 break; 1348 } 1349 } 1350 } 1351 1352 /* 1353 * Change the data link type of a BPF instance. 1354 */ 1355 void 1356 bpf_change_type(ifp, dlt, hdrlen) 1357 struct ifnet *ifp; 1358 u_int dlt, hdrlen; 1359 { 1360 struct bpf_if *bp; 1361 1362 for (bp = bpf_iflist; bp != NULL; bp = bp->bif_next) { 1363 if (bp->bif_driverp == (struct bpf_if **)&ifp->if_bpf) 1364 break; 1365 } 1366 if (bp == NULL) 1367 panic("bpf_change_type"); 1368 1369 bp->bif_dlt = dlt; 1370 1371 /* 1372 * Compute the length of the bpf header. This is not necessarily 1373 * equal to SIZEOF_BPF_HDR because we want to insert spacing such 1374 * that the network layer header begins on a longword boundary (for 1375 * performance reasons and to alleviate alignment restrictions). 1376 */ 1377 bp->bif_hdrlen = BPF_WORDALIGN(hdrlen + SIZEOF_BPF_HDR) - hdrlen; 1378 } 1379
Indexes created Wed Oct 01 12:09:54 GMT 2025