bpf.c revision 1.65
1 /* $NetBSD: bpf.c,v 1.65 2002/06/06 23:54:47 wrstuden Exp $ */ 2 3 /* 4 * Copyright (c) 1990, 1991, 1993 5 * The Regents of the University of California. All rights reserved. 6 * 7 * This code is derived from the Stanford/CMU enet packet filter, 8 * (net/enet.c) distributed as part of 4.3BSD, and code contributed 9 * to Berkeley by Steven McCanne and Van Jacobson both of Lawrence 10 * Berkeley Laboratory. 11 * 12 * Redistribution and use in source and binary forms, with or without 13 * modification, are permitted provided that the following conditions 14 * are met: 15 * 1. Redistributions of source code must retain the above copyright 16 * notice, this list of conditions and the following disclaimer. 17 * 2. Redistributions in binary form must reproduce the above copyright 18 * notice, this list of conditions and the following disclaimer in the 19 * documentation and/or other materials provided with the distribution. 20 * 3. All advertising materials mentioning features or use of this software 21 * must display the following acknowledgement: 22 * This product includes software developed by the University of 23 * California, Berkeley and its contributors. 24 * 4. Neither the name of the University nor the names of its contributors 25 * may be used to endorse or promote products derived from this software 26 * without specific prior written permission. 27 * 28 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 29 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 30 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 31 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 32 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 33 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 34 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 35 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 36 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 37 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 38 * SUCH DAMAGE. 39 * 40 * @(#)bpf.c 8.4 (Berkeley) 1/9/95 41 * static char rcsid[] = 42 * "Header: bpf.c,v 1.67 96/09/26 22:00:52 leres Exp "; 43 */ 44 45 #include <sys/cdefs.h> 46 __KERNEL_RCSID(0, "$NetBSD: bpf.c,v 1.65 2002/06/06 23:54:47 wrstuden Exp $"); 47 48 #include "bpfilter.h" 49 50 #include <sys/param.h> 51 #include <sys/systm.h> 52 #include <sys/mbuf.h> 53 #include <sys/buf.h> 54 #include <sys/time.h> 55 #include <sys/proc.h> 56 #include <sys/user.h> 57 #include <sys/ioctl.h> 58 #include <sys/map.h> 59 #include <sys/conf.h> 60 #include <sys/vnode.h> 61 62 #include <sys/file.h> 63 #include <sys/tty.h> 64 #include <sys/uio.h> 65 66 #include <sys/protosw.h> 67 #include <sys/socket.h> 68 #include <sys/errno.h> 69 #include <sys/kernel.h> 70 #include <sys/poll.h> 71 72 #include <net/if.h> 73 74 #include <net/bpf.h> 75 #include <net/bpfdesc.h> 76 77 #include <net/if_arc.h> 78 #include <net/if_ether.h> 79 80 #include <netinet/in.h> 81 #include <netinet/if_inarp.h> 82 83 #if defined(_KERNEL_OPT) 84 #include "bpf.h" 85 #endif 86 87 #ifndef BPF_BUFSIZE 88 # define BPF_BUFSIZE 8192 /* 4096 too small for FDDI frames */ 89 #endif 90 91 #define PRINET 26 /* interruptible */ 92 93 /* 94 * The default read buffer size is patchable. 95 */ 96 int bpf_bufsize = BPF_BUFSIZE; 97 98 /* 99 * bpf_iflist is the list of interfaces; each corresponds to an ifnet 100 * bpf_dtab holds the descriptors, indexed by minor device # 101 */ 102 struct bpf_if *bpf_iflist; 103 struct bpf_d bpf_dtab[NBPFILTER]; 104 105 static int bpf_allocbufs __P((struct bpf_d *)); 106 static void bpf_freed __P((struct bpf_d *)); 107 static void bpf_ifname __P((struct ifnet *, struct ifreq *)); 108 static void *bpf_mcpy __P((void *, const void *, size_t)); 109 static int bpf_movein __P((struct uio *, int, int, 110 struct mbuf **, struct sockaddr *)); 111 static void bpf_attachd __P((struct bpf_d *, struct bpf_if *)); 112 static void bpf_detachd __P((struct bpf_d *)); 113 static int bpf_setif __P((struct bpf_d *, struct ifreq *)); 114 int bpfpoll __P((dev_t, int, struct proc *)); 115 static __inline void 116 bpf_wakeup __P((struct bpf_d *)); 117 static void catchpacket __P((struct bpf_d *, u_char *, u_int, u_int, 118 void *(*)(void *, const void *, size_t))); 119 static void reset_d __P((struct bpf_d *)); 120 121 static int 122 bpf_movein(uio, linktype, mtu, mp, sockp) 123 struct uio *uio; 124 int linktype; 125 int mtu; 126 struct mbuf **mp; 127 struct sockaddr *sockp; 128 { 129 struct mbuf *m; 130 int error; 131 int len; 132 int hlen; 133 int align; 134 135 /* 136 * Build a sockaddr based on the data link layer type. 137 * We do this at this level because the ethernet header 138 * is copied directly into the data field of the sockaddr. 139 * In the case of SLIP, there is no header and the packet 140 * is forwarded as is. 141 * Also, we are careful to leave room at the front of the mbuf 142 * for the link level header. 143 */ 144 switch (linktype) { 145 146 case DLT_SLIP: 147 sockp->sa_family = AF_INET; 148 hlen = 0; 149 align = 0; 150 break; 151 152 case DLT_PPP: 153 sockp->sa_family = AF_UNSPEC; 154 hlen = 0; 155 align = 0; 156 break; 157 158 case DLT_EN10MB: 159 sockp->sa_family = AF_UNSPEC; 160 /* XXX Would MAXLINKHDR be better? */ 161 /* 6(dst)+6(src)+2(type) */ 162 hlen = sizeof(struct ether_header); 163 align = 2; 164 break; 165 166 case DLT_ARCNET: 167 sockp->sa_family = AF_UNSPEC; 168 hlen = ARC_HDRLEN; 169 align = 5; 170 break; 171 172 case DLT_FDDI: 173 sockp->sa_family = AF_LINK; 174 /* XXX 4(FORMAC)+6(dst)+6(src) */ 175 hlen = 16; 176 align = 0; 177 break; 178 179 case DLT_ECONET: 180 sockp->sa_family = AF_UNSPEC; 181 hlen = 6; 182 align = 2; 183 break; 184 185 case DLT_NULL: 186 sockp->sa_family = AF_UNSPEC; 187 hlen = 0; 188 align = 0; 189 break; 190 191 default: 192 return (EIO); 193 } 194 195 len = uio->uio_resid; 196 /* 197 * If there aren't enough bytes for a link level header or the 198 * packet length exceeds the interface mtu, return an error. 199 */ 200 if (len < hlen || len - hlen > mtu) 201 return (EMSGSIZE); 202 203 /* 204 * XXX Avoid complicated buffer chaining --- 205 * bail if it won't fit in a single mbuf. 206 * (Take into account possible alignment bytes) 207 */ 208 if ((unsigned)len > MCLBYTES - align) 209 return (EIO); 210 211 MGETHDR(m, M_WAIT, MT_DATA); 212 if (m == 0) 213 return (ENOBUFS); 214 m->m_pkthdr.rcvif = 0; 215 m->m_pkthdr.len = len - hlen; 216 if (len > MHLEN - align) { 217 MCLGET(m, M_WAIT); 218 if ((m->m_flags & M_EXT) == 0) { 219 error = ENOBUFS; 220 goto bad; 221 } 222 } 223 224 /* Insure the data is properly aligned */ 225 if (align > 0) { 226 m->m_data += align; 227 m->m_len -= align; 228 } 229 230 error = uiomove(mtod(m, caddr_t), len, uio); 231 if (error) 232 goto bad; 233 if (hlen != 0) { 234 memcpy(sockp->sa_data, mtod(m, caddr_t), hlen); 235 m->m_data += hlen; /* XXX */ 236 len -= hlen; 237 } 238 m->m_len = len; 239 *mp = m; 240 return (0); 241 242 bad: 243 m_freem(m); 244 return (error); 245 } 246 247 /* 248 * Attach file to the bpf interface, i.e. make d listen on bp. 249 * Must be called at splnet. 250 */ 251 static void 252 bpf_attachd(d, bp) 253 struct bpf_d *d; 254 struct bpf_if *bp; 255 { 256 /* 257 * Point d at bp, and add d to the interface's list of listeners. 258 * Finally, point the driver's bpf cookie at the interface so 259 * it will divert packets to bpf. 260 */ 261 d->bd_bif = bp; 262 d->bd_next = bp->bif_dlist; 263 bp->bif_dlist = d; 264 265 *bp->bif_driverp = bp; 266 } 267 268 /* 269 * Detach a file from its interface. 270 */ 271 static void 272 bpf_detachd(d) 273 struct bpf_d *d; 274 { 275 struct bpf_d **p; 276 struct bpf_if *bp; 277 278 bp = d->bd_bif; 279 /* 280 * Check if this descriptor had requested promiscuous mode. 281 * If so, turn it off. 282 */ 283 if (d->bd_promisc) { 284 int error; 285 286 d->bd_promisc = 0; 287 /* 288 * Take device out of promiscuous mode. Since we were 289 * able to enter promiscuous mode, we should be able 290 * to turn it off. But we can get an error if 291 * the interface was configured down, so only panic 292 * if we don't get an unexpected error. 293 */ 294 error = ifpromisc(bp->bif_ifp, 0); 295 if (error && error != EINVAL) 296 panic("bpf: ifpromisc failed"); 297 } 298 /* Remove d from the interface's descriptor list. */ 299 p = &bp->bif_dlist; 300 while (*p != d) { 301 p = &(*p)->bd_next; 302 if (*p == 0) 303 panic("bpf_detachd: descriptor not in list"); 304 } 305 *p = (*p)->bd_next; 306 if (bp->bif_dlist == 0) 307 /* 308 * Let the driver know that there are no more listeners. 309 */ 310 *d->bd_bif->bif_driverp = 0; 311 d->bd_bif = 0; 312 } 313 314 315 /* 316 * Mark a descriptor free by making it point to itself. 317 * This is probably cheaper than marking with a constant since 318 * the address should be in a register anyway. 319 */ 320 #define D_ISFREE(d) ((d) == (d)->bd_next) 321 #define D_MARKFREE(d) ((d)->bd_next = (d)) 322 #define D_MARKUSED(d) ((d)->bd_next = 0) 323 324 /* 325 * bpfilterattach() is called at boot time. 326 */ 327 /* ARGSUSED */ 328 void 329 bpfilterattach(n) 330 int n; 331 { 332 int i; 333 /* 334 * Mark all the descriptors free. 335 */ 336 for (i = 0; i < NBPFILTER; ++i) 337 D_MARKFREE(&bpf_dtab[i]); 338 339 } 340 341 /* 342 * Open ethernet device. Returns ENXIO for illegal minor device number, 343 * EBUSY if file is open by another process. 344 */ 345 /* ARGSUSED */ 346 int 347 bpfopen(dev, flag, mode, p) 348 dev_t dev; 349 int flag; 350 int mode; 351 struct proc *p; 352 { 353 struct bpf_d *d; 354 355 if (minor(dev) >= NBPFILTER) 356 return (ENXIO); 357 /* 358 * Each minor can be opened by only one process. If the requested 359 * minor is in use, return EBUSY. 360 */ 361 d = &bpf_dtab[minor(dev)]; 362 if (!D_ISFREE(d)) 363 return (EBUSY); 364 365 /* Mark "free" and do most initialization. */ 366 memset((char *)d, 0, sizeof(*d)); 367 d->bd_bufsize = bpf_bufsize; 368 369 return (0); 370 } 371 372 /* 373 * Close the descriptor by detaching it from its interface, 374 * deallocating its buffers, and marking it free. 375 */ 376 /* ARGSUSED */ 377 int 378 bpfclose(dev, flag, mode, p) 379 dev_t dev; 380 int flag; 381 int mode; 382 struct proc *p; 383 { 384 struct bpf_d *d = &bpf_dtab[minor(dev)]; 385 int s; 386 387 s = splnet(); 388 if (d->bd_bif) 389 bpf_detachd(d); 390 splx(s); 391 bpf_freed(d); 392 393 return (0); 394 } 395 396 /* 397 * Rotate the packet buffers in descriptor d. Move the store buffer 398 * into the hold slot, and the free buffer into the store slot. 399 * Zero the length of the new store buffer. 400 */ 401 #define ROTATE_BUFFERS(d) \ 402 (d)->bd_hbuf = (d)->bd_sbuf; \ 403 (d)->bd_hlen = (d)->bd_slen; \ 404 (d)->bd_sbuf = (d)->bd_fbuf; \ 405 (d)->bd_slen = 0; \ 406 (d)->bd_fbuf = 0; 407 /* 408 * bpfread - read next chunk of packets from buffers 409 */ 410 int 411 bpfread(dev, uio, ioflag) 412 dev_t dev; 413 struct uio *uio; 414 int ioflag; 415 { 416 struct bpf_d *d = &bpf_dtab[minor(dev)]; 417 int error; 418 int s; 419 420 /* 421 * Restrict application to use a buffer the same size as 422 * as kernel buffers. 423 */ 424 if (uio->uio_resid != d->bd_bufsize) 425 return (EINVAL); 426 427 s = splnet(); 428 /* 429 * If the hold buffer is empty, then do a timed sleep, which 430 * ends when the timeout expires or when enough packets 431 * have arrived to fill the store buffer. 432 */ 433 while (d->bd_hbuf == 0) { 434 if (d->bd_immediate) { 435 if (d->bd_slen == 0) { 436 splx(s); 437 return (EWOULDBLOCK); 438 } 439 /* 440 * A packet(s) either arrived since the previous 441 * read or arrived while we were asleep. 442 * Rotate the buffers and return what's here. 443 */ 444 ROTATE_BUFFERS(d); 445 break; 446 } 447 if (d->bd_rtout != -1) 448 error = tsleep((caddr_t)d, PRINET|PCATCH, "bpf", 449 d->bd_rtout); 450 else { 451 if (d->bd_rtout == -1) { 452 /* User requested non-blocking I/O */ 453 error = EWOULDBLOCK; 454 } else 455 error = 0; 456 } 457 if (error == EINTR || error == ERESTART) { 458 splx(s); 459 return (error); 460 } 461 if (error == EWOULDBLOCK) { 462 /* 463 * On a timeout, return what's in the buffer, 464 * which may be nothing. If there is something 465 * in the store buffer, we can rotate the buffers. 466 */ 467 if (d->bd_hbuf) 468 /* 469 * We filled up the buffer in between 470 * getting the timeout and arriving 471 * here, so we don't need to rotate. 472 */ 473 break; 474 475 if (d->bd_slen == 0) { 476 splx(s); 477 return (0); 478 } 479 ROTATE_BUFFERS(d); 480 break; 481 } 482 if (error != 0) 483 goto done; 484 } 485 /* 486 * At this point, we know we have something in the hold slot. 487 */ 488 splx(s); 489 490 /* 491 * Move data from hold buffer into user space. 492 * We know the entire buffer is transferred since 493 * we checked above that the read buffer is bpf_bufsize bytes. 494 */ 495 error = uiomove(d->bd_hbuf, d->bd_hlen, uio); 496 497 s = splnet(); 498 d->bd_fbuf = d->bd_hbuf; 499 d->bd_hbuf = 0; 500 d->bd_hlen = 0; 501 done: 502 splx(s); 503 return (error); 504 } 505 506 507 /* 508 * If there are processes sleeping on this descriptor, wake them up. 509 */ 510 static __inline void 511 bpf_wakeup(d) 512 struct bpf_d *d; 513 { 514 struct proc *p; 515 516 wakeup((caddr_t)d); 517 if (d->bd_async) { 518 if (d->bd_pgid > 0) 519 gsignal (d->bd_pgid, SIGIO); 520 else if (d->bd_pgid && (p = pfind (-d->bd_pgid)) != NULL) 521 psignal (p, SIGIO); 522 } 523 524 selwakeup(&d->bd_sel); 525 /* XXX */ 526 d->bd_sel.si_pid = 0; 527 } 528 529 int 530 bpfwrite(dev, uio, ioflag) 531 dev_t dev; 532 struct uio *uio; 533 int ioflag; 534 { 535 struct bpf_d *d = &bpf_dtab[minor(dev)]; 536 struct ifnet *ifp; 537 struct mbuf *m; 538 int error, s; 539 static struct sockaddr_storage dst; 540 541 if (d->bd_bif == 0) 542 return (ENXIO); 543 544 ifp = d->bd_bif->bif_ifp; 545 546 if (uio->uio_resid == 0) 547 return (0); 548 549 error = bpf_movein(uio, (int)d->bd_bif->bif_dlt, ifp->if_mtu, &m, 550 (struct sockaddr *) &dst); 551 if (error) 552 return (error); 553 554 if (m->m_pkthdr.len > ifp->if_mtu) 555 return (EMSGSIZE); 556 557 if (d->bd_hdrcmplt) 558 dst.ss_family = pseudo_AF_HDRCMPLT; 559 560 s = splsoftnet(); 561 error = (*ifp->if_output)(ifp, m, (struct sockaddr *) &dst, NULL); 562 splx(s); 563 /* 564 * The driver frees the mbuf. 565 */ 566 return (error); 567 } 568 569 /* 570 * Reset a descriptor by flushing its packet buffer and clearing the 571 * receive and drop counts. Should be called at splnet. 572 */ 573 static void 574 reset_d(d) 575 struct bpf_d *d; 576 { 577 if (d->bd_hbuf) { 578 /* Free the hold buffer. */ 579 d->bd_fbuf = d->bd_hbuf; 580 d->bd_hbuf = 0; 581 } 582 d->bd_slen = 0; 583 d->bd_hlen = 0; 584 d->bd_rcount = 0; 585 d->bd_dcount = 0; 586 } 587 588 #ifdef BPF_KERN_FILTER 589 extern struct bpf_insn *bpf_tcp_filter; 590 extern struct bpf_insn *bpf_udp_filter; 591 #endif 592 593 /* 594 * FIONREAD Check for read packet available. 595 * BIOCGBLEN Get buffer len [for read()]. 596 * BIOCSETF Set ethernet read filter. 597 * BIOCFLUSH Flush read packet buffer. 598 * BIOCPROMISC Put interface into promiscuous mode. 599 * BIOCGDLT Get link layer type. 600 * BIOCGETIF Get interface name. 601 * BIOCSETIF Set interface. 602 * BIOCSRTIMEOUT Set read timeout. 603 * BIOCGRTIMEOUT Get read timeout. 604 * BIOCGSTATS Get packet stats. 605 * BIOCIMMEDIATE Set immediate mode. 606 * BIOCVERSION Get filter language version. 607 * BIOGHDRCMPLT Get "header already complete" flag. 608 * BIOSHDRCMPLT Set "header already complete" flag. 609 */ 610 /* ARGSUSED */ 611 int 612 bpfioctl(dev, cmd, addr, flag, p) 613 dev_t dev; 614 u_long cmd; 615 caddr_t addr; 616 int flag; 617 struct proc *p; 618 { 619 struct bpf_d *d = &bpf_dtab[minor(dev)]; 620 int s, error = 0; 621 #ifdef BPF_KERN_FILTER 622 struct bpf_insn **p; 623 #endif 624 625 switch (cmd) { 626 627 default: 628 error = EINVAL; 629 break; 630 631 /* 632 * Check for read packet available. 633 */ 634 case FIONREAD: 635 { 636 int n; 637 638 s = splnet(); 639 n = d->bd_slen; 640 if (d->bd_hbuf) 641 n += d->bd_hlen; 642 splx(s); 643 644 *(int *)addr = n; 645 break; 646 } 647 648 /* 649 * Get buffer len [for read()]. 650 */ 651 case BIOCGBLEN: 652 *(u_int *)addr = d->bd_bufsize; 653 break; 654 655 /* 656 * Set buffer length. 657 */ 658 case BIOCSBLEN: 659 if (d->bd_bif != 0) 660 error = EINVAL; 661 else { 662 u_int size = *(u_int *)addr; 663 664 if (size > BPF_MAXBUFSIZE) 665 *(u_int *)addr = size = BPF_MAXBUFSIZE; 666 else if (size < BPF_MINBUFSIZE) 667 *(u_int *)addr = size = BPF_MINBUFSIZE; 668 d->bd_bufsize = size; 669 } 670 break; 671 672 /* 673 * Set link layer read filter. 674 */ 675 case BIOCSETF: 676 error = bpf_setf(d, (struct bpf_program *)addr); 677 break; 678 679 #ifdef BPF_KERN_FILTER 680 /* 681 * Set TCP or UDP reject filter. 682 */ 683 case BIOCSTCPF: 684 case BIOCSUDPF: 685 if (!suser()) { 686 error = EPERM; 687 break; 688 } 689 690 /* Validate and store filter */ 691 error = bpf_setf(d, (struct bpf_program *)addr); 692 693 /* Free possible old filter */ 694 if (cmd == BIOCSTCPF) 695 p = &bpf_tcp_filter; 696 else 697 p = &bpf_udp_filter; 698 if (*p != NULL) 699 free((caddr_t)*p, M_DEVBUF); 700 701 /* Steal new filter (noop if error) */ 702 s = splnet(); 703 *p = d->bd_filter; 704 d->bd_filter = NULL; 705 splx(s); 706 break; 707 #endif 708 709 /* 710 * Flush read packet buffer. 711 */ 712 case BIOCFLUSH: 713 s = splnet(); 714 reset_d(d); 715 splx(s); 716 break; 717 718 /* 719 * Put interface into promiscuous mode. 720 */ 721 case BIOCPROMISC: 722 if (d->bd_bif == 0) { 723 /* 724 * No interface attached yet. 725 */ 726 error = EINVAL; 727 break; 728 } 729 s = splnet(); 730 if (d->bd_promisc == 0) { 731 error = ifpromisc(d->bd_bif->bif_ifp, 1); 732 if (error == 0) 733 d->bd_promisc = 1; 734 } 735 splx(s); 736 break; 737 738 /* 739 * Get device parameters. 740 */ 741 case BIOCGDLT: 742 if (d->bd_bif == 0) 743 error = EINVAL; 744 else 745 *(u_int *)addr = d->bd_bif->bif_dlt; 746 break; 747 748 /* 749 * Set interface name. 750 */ 751 case BIOCGETIF: 752 if (d->bd_bif == 0) 753 error = EINVAL; 754 else 755 bpf_ifname(d->bd_bif->bif_ifp, (struct ifreq *)addr); 756 break; 757 758 /* 759 * Set interface. 760 */ 761 case BIOCSETIF: 762 error = bpf_setif(d, (struct ifreq *)addr); 763 break; 764 765 /* 766 * Set read timeout. 767 */ 768 case BIOCSRTIMEOUT: 769 { 770 struct timeval *tv = (struct timeval *)addr; 771 772 /* Compute number of ticks. */ 773 d->bd_rtout = tv->tv_sec * hz + tv->tv_usec / tick; 774 if ((d->bd_rtout == 0) && (tv->tv_usec != 0)) 775 d->bd_rtout = 1; 776 break; 777 } 778 779 /* 780 * Get read timeout. 781 */ 782 case BIOCGRTIMEOUT: 783 { 784 struct timeval *tv = (struct timeval *)addr; 785 786 tv->tv_sec = d->bd_rtout / hz; 787 tv->tv_usec = (d->bd_rtout % hz) * tick; 788 break; 789 } 790 791 /* 792 * Get packet stats. 793 */ 794 case BIOCGSTATS: 795 { 796 struct bpf_stat *bs = (struct bpf_stat *)addr; 797 798 bs->bs_recv = d->bd_rcount; 799 bs->bs_drop = d->bd_dcount; 800 break; 801 } 802 803 /* 804 * Set immediate mode. 805 */ 806 case BIOCIMMEDIATE: 807 d->bd_immediate = *(u_int *)addr; 808 break; 809 810 case BIOCVERSION: 811 { 812 struct bpf_version *bv = (struct bpf_version *)addr; 813 814 bv->bv_major = BPF_MAJOR_VERSION; 815 bv->bv_minor = BPF_MINOR_VERSION; 816 break; 817 } 818 819 case BIOCGHDRCMPLT: /* get "header already complete" flag */ 820 *(u_int *)addr = d->bd_hdrcmplt; 821 break; 822 823 case BIOCSHDRCMPLT: /* set "header already complete" flag */ 824 d->bd_hdrcmplt = *(u_int *)addr ? 1 : 0; 825 break; 826 827 case FIONBIO: /* Non-blocking I/O */ 828 if (*(int *)addr) 829 d->bd_rtout = -1; 830 else 831 d->bd_rtout = 0; 832 break; 833 834 case FIOASYNC: /* Send signal on receive packets */ 835 d->bd_async = *(int *)addr; 836 break; 837 838 /* 839 * N.B. ioctl (FIOSETOWN) and fcntl (F_SETOWN) both end up doing 840 * the equivalent of a TIOCSPGRP and hence end up here. *However* 841 * TIOCSPGRP's arg is a process group if it's positive and a process 842 * id if it's negative. This is exactly the opposite of what the 843 * other two functions want! Therefore there is code in ioctl and 844 * fcntl to negate the arg before calling here. 845 */ 846 case TIOCSPGRP: /* Process or group to send signals to */ 847 d->bd_pgid = *(int *)addr; 848 break; 849 850 case TIOCGPGRP: 851 *(int *)addr = d->bd_pgid; 852 break; 853 } 854 return (error); 855 } 856 857 /* 858 * Set d's packet filter program to fp. If this file already has a filter, 859 * free it and replace it. Returns EINVAL for bogus requests. 860 */ 861 int 862 bpf_setf(d, fp) 863 struct bpf_d *d; 864 struct bpf_program *fp; 865 { 866 struct bpf_insn *fcode, *old; 867 u_int flen, size; 868 int s; 869 870 old = d->bd_filter; 871 if (fp->bf_insns == 0) { 872 if (fp->bf_len != 0) 873 return (EINVAL); 874 s = splnet(); 875 d->bd_filter = 0; 876 reset_d(d); 877 splx(s); 878 if (old != 0) 879 free((caddr_t)old, M_DEVBUF); 880 return (0); 881 } 882 flen = fp->bf_len; 883 if (flen > BPF_MAXINSNS) 884 return (EINVAL); 885 886 size = flen * sizeof(*fp->bf_insns); 887 fcode = (struct bpf_insn *)malloc(size, M_DEVBUF, M_WAITOK); 888 if (copyin((caddr_t)fp->bf_insns, (caddr_t)fcode, size) == 0 && 889 bpf_validate(fcode, (int)flen)) { 890 s = splnet(); 891 d->bd_filter = fcode; 892 reset_d(d); 893 splx(s); 894 if (old != 0) 895 free((caddr_t)old, M_DEVBUF); 896 897 return (0); 898 } 899 free((caddr_t)fcode, M_DEVBUF); 900 return (EINVAL); 901 } 902 903 /* 904 * Detach a file from its current interface (if attached at all) and attach 905 * to the interface indicated by the name stored in ifr. 906 * Return an errno or 0. 907 */ 908 static int 909 bpf_setif(d, ifr) 910 struct bpf_d *d; 911 struct ifreq *ifr; 912 { 913 struct bpf_if *bp; 914 char *cp; 915 int unit_seen, i, s, error; 916 917 /* 918 * Make sure the provided name has a unit number, and default 919 * it to '0' if not specified. 920 * XXX This is ugly ... do this differently? 921 */ 922 unit_seen = 0; 923 cp = ifr->ifr_name; 924 cp[sizeof(ifr->ifr_name) - 1] = '\0'; /* sanity */ 925 while (*cp++) 926 if (*cp >= '0' && *cp <= '9') 927 unit_seen = 1; 928 if (!unit_seen) { 929 /* Make sure to leave room for the '\0'. */ 930 for (i = 0; i < (IFNAMSIZ - 1); ++i) { 931 if ((ifr->ifr_name[i] >= 'a' && 932 ifr->ifr_name[i] <= 'z') || 933 (ifr->ifr_name[i] >= 'A' && 934 ifr->ifr_name[i] <= 'Z')) 935 continue; 936 ifr->ifr_name[i] = '0'; 937 } 938 } 939 940 /* 941 * Look through attached interfaces for the named one. 942 */ 943 for (bp = bpf_iflist; bp != 0; bp = bp->bif_next) { 944 struct ifnet *ifp = bp->bif_ifp; 945 946 if (ifp == 0 || 947 strcmp(ifp->if_xname, ifr->ifr_name) != 0) 948 continue; 949 /* 950 * We found the requested interface. 951 * If it's not up, return an error. 952 * Allocate the packet buffers if we need to. 953 * If we're already attached to requested interface, 954 * just flush the buffer. 955 */ 956 if ((ifp->if_flags & IFF_UP) == 0) 957 return (ENETDOWN); 958 959 if (d->bd_sbuf == 0) { 960 error = bpf_allocbufs(d); 961 if (error != 0) 962 return (error); 963 } 964 s = splnet(); 965 if (bp != d->bd_bif) { 966 if (d->bd_bif) 967 /* 968 * Detach if attached to something else. 969 */ 970 bpf_detachd(d); 971 972 bpf_attachd(d, bp); 973 } 974 reset_d(d); 975 splx(s); 976 return (0); 977 } 978 /* Not found. */ 979 return (ENXIO); 980 } 981 982 /* 983 * Copy the interface name to the ifreq. 984 */ 985 static void 986 bpf_ifname(ifp, ifr) 987 struct ifnet *ifp; 988 struct ifreq *ifr; 989 { 990 991 memcpy(ifr->ifr_name, ifp->if_xname, IFNAMSIZ); 992 } 993 994 /* 995 * Support for poll() system call 996 * 997 * Return true iff the specific operation will not block indefinitely - with 998 * the assumption that it is safe to positively acknowledge a request for the 999 * ability to write to the BPF device. 1000 * Otherwise, return false but make a note that a selwakeup() must be done. 1001 */ 1002 int 1003 bpfpoll(dev, events, p) 1004 dev_t dev; 1005 int events; 1006 struct proc *p; 1007 { 1008 struct bpf_d *d = &bpf_dtab[minor(dev)]; 1009 int s = splnet(); 1010 int revents; 1011 1012 revents = events & (POLLOUT | POLLWRNORM); 1013 if (events & (POLLIN | POLLRDNORM)) { 1014 /* 1015 * An imitation of the FIONREAD ioctl code. 1016 */ 1017 if (d->bd_hlen != 0 || (d->bd_immediate && d->bd_slen != 0)) 1018 revents |= events & (POLLIN | POLLRDNORM); 1019 else 1020 selrecord(p, &d->bd_sel); 1021 } 1022 1023 splx(s); 1024 return (revents); 1025 } 1026 1027 /* 1028 * Incoming linkage from device drivers. Process the packet pkt, of length 1029 * pktlen, which is stored in a contiguous buffer. The packet is parsed 1030 * by each process' filter, and if accepted, stashed into the corresponding 1031 * buffer. 1032 */ 1033 void 1034 bpf_tap(arg, pkt, pktlen) 1035 caddr_t arg; 1036 u_char *pkt; 1037 u_int pktlen; 1038 { 1039 struct bpf_if *bp; 1040 struct bpf_d *d; 1041 u_int slen; 1042 /* 1043 * Note that the ipl does not have to be raised at this point. 1044 * The only problem that could arise here is that if two different 1045 * interfaces shared any data. This is not the case. 1046 */ 1047 bp = (struct bpf_if *)arg; 1048 for (d = bp->bif_dlist; d != 0; d = d->bd_next) { 1049 ++d->bd_rcount; 1050 slen = bpf_filter(d->bd_filter, pkt, pktlen, pktlen); 1051 if (slen != 0) 1052 catchpacket(d, pkt, pktlen, slen, memcpy); 1053 } 1054 } 1055 1056 /* 1057 * Copy data from an mbuf chain into a buffer. This code is derived 1058 * from m_copydata in sys/uipc_mbuf.c. 1059 */ 1060 static void * 1061 bpf_mcpy(dst_arg, src_arg, len) 1062 void *dst_arg; 1063 const void *src_arg; 1064 size_t len; 1065 { 1066 const struct mbuf *m; 1067 u_int count; 1068 u_char *dst; 1069 1070 m = src_arg; 1071 dst = dst_arg; 1072 while (len > 0) { 1073 if (m == 0) 1074 panic("bpf_mcpy"); 1075 count = min(m->m_len, len); 1076 memcpy((caddr_t)dst, mtod(m, caddr_t), count); 1077 m = m->m_next; 1078 dst += count; 1079 len -= count; 1080 } 1081 return(dst_arg); 1082 } 1083 1084 /* 1085 * Incoming linkage from device drivers, when packet is in an mbuf chain. 1086 */ 1087 void 1088 bpf_mtap(arg, m) 1089 caddr_t arg; 1090 struct mbuf *m; 1091 { 1092 struct bpf_if *bp = (struct bpf_if *)arg; 1093 struct bpf_d *d; 1094 u_int pktlen, slen; 1095 struct mbuf *m0; 1096 1097 pktlen = 0; 1098 for (m0 = m; m0 != 0; m0 = m0->m_next) 1099 pktlen += m0->m_len; 1100 1101 for (d = bp->bif_dlist; d != 0; d = d->bd_next) { 1102 ++d->bd_rcount; 1103 slen = bpf_filter(d->bd_filter, (u_char *)m, pktlen, 0); 1104 if (slen != 0) 1105 catchpacket(d, (u_char *)m, pktlen, slen, bpf_mcpy); 1106 } 1107 } 1108 1109 /* 1110 * Move the packet data from interface memory (pkt) into the 1111 * store buffer. Return 1 if it's time to wakeup a listener (buffer full), 1112 * otherwise 0. "copy" is the routine called to do the actual data 1113 * transfer. memcpy is passed in to copy contiguous chunks, while 1114 * bpf_mcpy is passed in to copy mbuf chains. In the latter case, 1115 * pkt is really an mbuf. 1116 */ 1117 static void 1118 catchpacket(d, pkt, pktlen, snaplen, cpfn) 1119 struct bpf_d *d; 1120 u_char *pkt; 1121 u_int pktlen, snaplen; 1122 void *(*cpfn) __P((void *, const void *, size_t)); 1123 { 1124 struct bpf_hdr *hp; 1125 int totlen, curlen; 1126 int hdrlen = d->bd_bif->bif_hdrlen; 1127 /* 1128 * Figure out how many bytes to move. If the packet is 1129 * greater or equal to the snapshot length, transfer that 1130 * much. Otherwise, transfer the whole packet (unless 1131 * we hit the buffer size limit). 1132 */ 1133 totlen = hdrlen + min(snaplen, pktlen); 1134 if (totlen > d->bd_bufsize) 1135 totlen = d->bd_bufsize; 1136 1137 /* 1138 * Round up the end of the previous packet to the next longword. 1139 */ 1140 curlen = BPF_WORDALIGN(d->bd_slen); 1141 if (curlen + totlen > d->bd_bufsize) { 1142 /* 1143 * This packet will overflow the storage buffer. 1144 * Rotate the buffers if we can, then wakeup any 1145 * pending reads. 1146 */ 1147 if (d->bd_fbuf == 0) { 1148 /* 1149 * We haven't completed the previous read yet, 1150 * so drop the packet. 1151 */ 1152 ++d->bd_dcount; 1153 return; 1154 } 1155 ROTATE_BUFFERS(d); 1156 bpf_wakeup(d); 1157 curlen = 0; 1158 } 1159 else if (d->bd_immediate) 1160 /* 1161 * Immediate mode is set. A packet arrived so any 1162 * reads should be woken up. 1163 */ 1164 bpf_wakeup(d); 1165 1166 /* 1167 * Append the bpf header. 1168 */ 1169 hp = (struct bpf_hdr *)(d->bd_sbuf + curlen); 1170 microtime(&hp->bh_tstamp); 1171 hp->bh_datalen = pktlen; 1172 hp->bh_hdrlen = hdrlen; 1173 /* 1174 * Copy the packet data into the store buffer and update its length. 1175 */ 1176 (*cpfn)((u_char *)hp + hdrlen, pkt, (hp->bh_caplen = totlen - hdrlen)); 1177 d->bd_slen = curlen + totlen; 1178 } 1179 1180 /* 1181 * Initialize all nonzero fields of a descriptor. 1182 */ 1183 static int 1184 bpf_allocbufs(d) 1185 struct bpf_d *d; 1186 { 1187 1188 d->bd_fbuf = (caddr_t)malloc(d->bd_bufsize, M_DEVBUF, M_WAITOK); 1189 d->bd_sbuf = (caddr_t)malloc(d->bd_bufsize, M_DEVBUF, M_WAITOK); 1190 d->bd_slen = 0; 1191 d->bd_hlen = 0; 1192 return (0); 1193 } 1194 1195 /* 1196 * Free buffers currently in use by a descriptor. 1197 * Called on close. 1198 */ 1199 static void 1200 bpf_freed(d) 1201 struct bpf_d *d; 1202 { 1203 /* 1204 * We don't need to lock out interrupts since this descriptor has 1205 * been detached from its interface and it yet hasn't been marked 1206 * free. 1207 */ 1208 if (d->bd_sbuf != 0) { 1209 free(d->bd_sbuf, M_DEVBUF); 1210 if (d->bd_hbuf != 0) 1211 free(d->bd_hbuf, M_DEVBUF); 1212 if (d->bd_fbuf != 0) 1213 free(d->bd_fbuf, M_DEVBUF); 1214 } 1215 if (d->bd_filter) 1216 free((caddr_t)d->bd_filter, M_DEVBUF); 1217 1218 D_MARKFREE(d); 1219 } 1220 1221 /* 1222 * Attach an interface to bpf. dlt is the link layer type; hdrlen is the 1223 * fixed size of the link header (variable length headers not yet supported). 1224 */ 1225 void 1226 bpfattach(ifp, dlt, hdrlen) 1227 struct ifnet *ifp; 1228 u_int dlt, hdrlen; 1229 { 1230 struct bpf_if *bp; 1231 bp = (struct bpf_if *)malloc(sizeof(*bp), M_DEVBUF, M_DONTWAIT); 1232 if (bp == 0) 1233 panic("bpfattach"); 1234 1235 bp->bif_dlist = 0; 1236 bp->bif_driverp = (struct bpf_if **)&ifp->if_bpf; 1237 bp->bif_ifp = ifp; 1238 bp->bif_dlt = dlt; 1239 1240 bp->bif_next = bpf_iflist; 1241 bpf_iflist = bp; 1242 1243 *bp->bif_driverp = 0; 1244 1245 /* 1246 * Compute the length of the bpf header. This is not necessarily 1247 * equal to SIZEOF_BPF_HDR because we want to insert spacing such 1248 * that the network layer header begins on a longword boundary (for 1249 * performance reasons and to alleviate alignment restrictions). 1250 */ 1251 bp->bif_hdrlen = BPF_WORDALIGN(hdrlen + SIZEOF_BPF_HDR) - hdrlen; 1252 1253 #if 0 1254 printf("bpf: %s attached\n", ifp->if_xname); 1255 #endif 1256 } 1257 1258 /* 1259 * Remove an interface from bpf. 1260 */ 1261 void 1262 bpfdetach(ifp) 1263 struct ifnet *ifp; 1264 { 1265 struct bpf_if *bp, **pbp; 1266 struct bpf_d *d; 1267 int i, s, cmaj; 1268 1269 /* locate the major number */ 1270 for (cmaj = 0; cmaj <= nchrdev; cmaj++) 1271 if (cdevsw[cmaj].d_open == bpfopen) 1272 break; 1273 1274 /* Nuke the vnodes for any open instances */ 1275 for (i = 0; i < NBPFILTER; ++i) { 1276 d = &bpf_dtab[i]; 1277 if (!D_ISFREE(d) && d->bd_bif != NULL && 1278 d->bd_bif->bif_ifp == ifp) { 1279 /* 1280 * Detach the descriptor from an interface now. 1281 * It will be free'ed later by close routine. 1282 */ 1283 s = splnet(); 1284 d->bd_promisc = 0; /* we can't touch device. */ 1285 bpf_detachd(d); 1286 splx(s); 1287 vdevgone(cmaj, i, i, VCHR); 1288 } 1289 } 1290 1291 for (bp = bpf_iflist, pbp = &bpf_iflist; 1292 bp != NULL; pbp = &bp->bif_next, bp = bp->bif_next) { 1293 if (bp->bif_ifp == ifp) { 1294 *pbp = bp->bif_next; 1295 free(bp, M_DEVBUF); 1296 break; 1297 } 1298 } 1299 } 1300 1301 /* 1302 * Change the data link type of a BPF instance. 1303 */ 1304 void 1305 bpf_change_type(ifp, dlt, hdrlen) 1306 struct ifnet *ifp; 1307 u_int dlt, hdrlen; 1308 { 1309 struct bpf_if *bp; 1310 1311 for (bp = bpf_iflist; bp != NULL; bp = bp->bif_next) { 1312 if (bp->bif_driverp == (struct bpf_if **)&ifp->if_bpf) 1313 break; 1314 } 1315 if (bp == NULL) 1316 panic("bpf_change_type"); 1317 1318 bp->bif_dlt = dlt; 1319 1320 /* 1321 * Compute the length of the bpf header. This is not necessarily 1322 * equal to SIZEOF_BPF_HDR because we want to insert spacing such 1323 * that the network layer header begins on a longword boundary (for 1324 * performance reasons and to alleviate alignment restrictions). 1325 */ 1326 bp->bif_hdrlen = BPF_WORDALIGN(hdrlen + SIZEOF_BPF_HDR) - hdrlen; 1327 } 1328
Indexes created Tue Sep 23 20:09:58 GMT 2025