bpf.c revision 10624
1/* 2 * Copyright (c) 1990, 1991, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * This code is derived from the Stanford/CMU enet packet filter, 6 * (net/enet.c) distributed as part of 4.3BSD, and code contributed 7 * to Berkeley by Steven McCanne and Van Jacobson both of Lawrence 8 * Berkeley Laboratory. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 3. All advertising materials mentioning features or use of this software 19 * must display the following acknowledgement: 20 * This product includes software developed by the University of 21 * California, Berkeley and its contributors. 22 * 4. Neither the name of the University nor the names of its contributors 23 * may be used to endorse or promote products derived from this software 24 * without specific prior written permission. 25 * 26 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 27 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 28 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 29 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 30 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 31 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 34 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 35 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 36 * SUCH DAMAGE. 37 * 38 * @(#)bpf.c 8.2 (Berkeley) 3/28/94 39 * 40 * $Id: bpf.c,v 1.10 1995/07/31 10:35:36 peter Exp $ 41 */ 42 43#include "bpfilter.h" 44 45#if NBPFILTER > 0 46 47#ifndef __GNUC__ 48#define inline 49#else 50#define inline __inline 51#endif 52 53#include <sys/param.h> 54#include <sys/systm.h> 55#include <sys/mbuf.h> 56#include <sys/buf.h> 57#include <sys/time.h> 58#include <sys/proc.h> 59#include <sys/user.h> 60#include <sys/ioctl.h> 61 62#include <sys/file.h> 63#if defined(sparc) && BSD < 199103 64#include <sys/stream.h> 65#endif 66#include <sys/uio.h> 67 68#include <sys/protosw.h> 69#include <sys/socket.h> 70#include <net/if.h> 71 72#include <net/bpf.h> 73#include <net/bpfdesc.h> 74 75#include <sys/errno.h> 76 77#include <netinet/in.h> 78#include <netinet/if_ether.h> 79#include <sys/kernel.h> 80 81/* 82 * Older BSDs don't have kernel malloc. 83 */ 84#if BSD < 199103 85extern bcopy(); 86static caddr_t bpf_alloc(); 87#include <net/bpf_compat.h> 88#define BPF_BUFSIZE (MCLBYTES-8) 89#define UIOMOVE(cp, len, code, uio) uiomove(cp, len, code, uio) 90#else 91#define BPF_BUFSIZE 4096 92#define UIOMOVE(cp, len, code, uio) uiomove(cp, len, uio) 93#endif 94 95#define PRINET 26 /* interruptible */ 96 97/* 98 * The default read buffer size is patchable. 99 */ 100int bpf_bufsize = BPF_BUFSIZE; 101 102/* 103 * bpf_iflist is the list of interfaces; each corresponds to an ifnet 104 * bpf_dtab holds the descriptors, indexed by minor device # 105 */ 106struct bpf_if *bpf_iflist; 107struct bpf_d bpf_dtab[NBPFILTER]; 108 109#if BSD >= 199207 110/* 111 * bpfilterattach() is called at boot time in new systems. We do 112 * nothing here since old systems will not call this. 113 */ 114/* ARGSUSED */ 115void 116bpfilterattach(n) 117 int n; 118{ 119} 120#endif 121 122static int bpf_allocbufs __P((struct bpf_d *)); 123static void bpf_freed __P((struct bpf_d *)); 124static void bpf_ifname __P((struct ifnet *, struct ifreq *)); 125static void bpf_mcopy __P((const void *, void *, u_int)); 126static int bpf_movein __P((struct uio *, int, 127 struct mbuf **, struct sockaddr *, int *)); 128static int bpf_setif __P((struct bpf_d *, struct ifreq *)); 129static inline void 130 bpf_wakeup __P((struct bpf_d *)); 131static void catchpacket __P((struct bpf_d *, u_char *, u_int, 132 u_int, void (*)(const void *, void *, u_int))); 133static void reset_d __P((struct bpf_d *)); 134 135static int 136bpf_movein(uio, linktype, mp, sockp, datlen) 137 register struct uio *uio; 138 int linktype, *datlen; 139 register struct mbuf **mp; 140 register struct sockaddr *sockp; 141{ 142 struct mbuf *m; 143 int error; 144 int len; 145 int hlen; 146 147 /* 148 * Build a sockaddr based on the data link layer type. 149 * We do this at this level because the ethernet header 150 * is copied directly into the data field of the sockaddr. 151 * In the case of SLIP, there is no header and the packet 152 * is forwarded as is. 153 * Also, we are careful to leave room at the front of the mbuf 154 * for the link level header. 155 */ 156 switch (linktype) { 157 158 case DLT_SLIP: 159 sockp->sa_family = AF_INET; 160 hlen = 0; 161 break; 162 163 case DLT_EN10MB: 164 sockp->sa_family = AF_UNSPEC; 165 /* XXX Would MAXLINKHDR be better? */ 166 hlen = sizeof(struct ether_header); 167 break; 168 169 case DLT_FDDI: 170#if defined(__FreeBSD__) || defined(__bsdi__) 171 sockp->sa_family = AF_IMPLINK; 172 hlen = 0; 173#else 174 sockp->sa_family = AF_UNSPEC; 175 /* XXX 4(FORMAC)+6(dst)+6(src)+3(LLC)+5(SNAP) */ 176 hlen = 24; 177#endif 178 break; 179 180 case DLT_NULL: 181 sockp->sa_family = AF_UNSPEC; 182 hlen = 0; 183 break; 184 185 default: 186 return (EIO); 187 } 188 189 len = uio->uio_resid; 190 *datlen = len - hlen; 191 if ((unsigned)len > MCLBYTES) 192 return (EIO); 193 194 MGET(m, M_WAIT, MT_DATA); 195 if (m == 0) 196 return (ENOBUFS); 197 if (len > MLEN) { 198#if BSD >= 199103 199 MCLGET(m, M_WAIT); 200 if ((m->m_flags & M_EXT) == 0) { 201#else 202 MCLGET(m); 203 if (m->m_len != MCLBYTES) { 204#endif 205 error = ENOBUFS; 206 goto bad; 207 } 208 } 209 m->m_len = len; 210 *mp = m; 211 /* 212 * Make room for link header. 213 */ 214 if (hlen != 0) { 215 m->m_len -= hlen; 216#if BSD >= 199103 217 m->m_data += hlen; /* XXX */ 218#else 219 m->m_off += hlen; 220#endif 221 error = UIOMOVE((caddr_t)sockp->sa_data, hlen, UIO_WRITE, uio); 222 if (error) 223 goto bad; 224 } 225 error = UIOMOVE(mtod(m, caddr_t), len - hlen, UIO_WRITE, uio); 226 if (!error) 227 return (0); 228 bad: 229 m_freem(m); 230 return (error); 231} 232 233/* 234 * Attach file to the bpf interface, i.e. make d listen on bp. 235 * Must be called at splimp. 236 */ 237static void 238bpf_attachd(d, bp) 239 struct bpf_d *d; 240 struct bpf_if *bp; 241{ 242 /* 243 * Point d at bp, and add d to the interface's list of listeners. 244 * Finally, point the driver's bpf cookie at the interface so 245 * it will divert packets to bpf. 246 */ 247 d->bd_bif = bp; 248 d->bd_next = bp->bif_dlist; 249 bp->bif_dlist = d; 250 251 *bp->bif_driverp = bp; 252} 253 254/* 255 * Detach a file from its interface. 256 */ 257static void 258bpf_detachd(d) 259 struct bpf_d *d; 260{ 261 struct bpf_d **p; 262 struct bpf_if *bp; 263 264 bp = d->bd_bif; 265 /* 266 * Check if this descriptor had requested promiscuous mode. 267 * If so, turn it off. 268 */ 269 if (d->bd_promisc) { 270 d->bd_promisc = 0; 271 if (ifpromisc(bp->bif_ifp, 0)) 272 /* 273 * Something is really wrong if we were able to put 274 * the driver into promiscuous mode, but can't 275 * take it out. 276 */ 277 panic("bpf: ifpromisc failed"); 278 } 279 /* Remove d from the interface's descriptor list. */ 280 p = &bp->bif_dlist; 281 while (*p != d) { 282 p = &(*p)->bd_next; 283 if (*p == 0) 284 panic("bpf_detachd: descriptor not in list"); 285 } 286 *p = (*p)->bd_next; 287 if (bp->bif_dlist == 0) 288 /* 289 * Let the driver know that there are no more listeners. 290 */ 291 *d->bd_bif->bif_driverp = 0; 292 d->bd_bif = 0; 293} 294 295 296/* 297 * Mark a descriptor free by making it point to itself. 298 * This is probably cheaper than marking with a constant since 299 * the address should be in a register anyway. 300 */ 301#define D_ISFREE(d) ((d) == (d)->bd_next) 302#define D_MARKFREE(d) ((d)->bd_next = (d)) 303#define D_MARKUSED(d) ((d)->bd_next = 0) 304 305/* 306 * Open ethernet device. Returns ENXIO for illegal minor device number, 307 * EBUSY if file is open by another process. 308 */ 309/* ARGSUSED */ 310int 311bpfopen(dev, flags, fmt, p) 312 dev_t dev; 313 int flags; 314 int fmt; 315 struct proc *p; 316{ 317 register struct bpf_d *d; 318 319 if (minor(dev) >= NBPFILTER) 320 return (ENXIO); 321 /* 322 * Each minor can be opened by only one process. If the requested 323 * minor is in use, return EBUSY. 324 */ 325 d = &bpf_dtab[minor(dev)]; 326 if (!D_ISFREE(d)) 327 return (EBUSY); 328 329 /* Mark "free" and do most initialization. */ 330 bzero((char *)d, sizeof(*d)); 331 d->bd_bufsize = bpf_bufsize; 332 d->bd_sig = SIGIO; 333 334 return (0); 335} 336 337/* 338 * Close the descriptor by detaching it from its interface, 339 * deallocating its buffers, and marking it free. 340 */ 341/* ARGSUSED */ 342int 343bpfclose(dev, flags, fmt, p) 344 dev_t dev; 345 int flags; 346 int fmt; 347 struct proc *p; 348{ 349 register struct bpf_d *d = &bpf_dtab[minor(dev)]; 350 register int s; 351 352 s = splimp(); 353 if (d->bd_bif) 354 bpf_detachd(d); 355 splx(s); 356 bpf_freed(d); 357 358 return (0); 359} 360 361/* 362 * Support for SunOS, which does not have tsleep. 363 */ 364#if BSD < 199103 365static 366bpf_timeout(arg) 367 caddr_t arg; 368{ 369 struct bpf_d *d = (struct bpf_d *)arg; 370 d->bd_timedout = 1; 371 wakeup(arg); 372} 373 374#define BPF_SLEEP(chan, pri, s, t) bpf_sleep((struct bpf_d *)chan) 375 376int 377bpf_sleep(d) 378 register struct bpf_d *d; 379{ 380 register int rto = d->bd_rtout; 381 register int st; 382 383 if (rto != 0) { 384 d->bd_timedout = 0; 385 timeout(bpf_timeout, (caddr_t)d, rto); 386 } 387 st = sleep((caddr_t)d, PRINET|PCATCH); 388 if (rto != 0) { 389 if (d->bd_timedout == 0) 390 untimeout(bpf_timeout, (caddr_t)d); 391 else if (st == 0) 392 return EWOULDBLOCK; 393 } 394 return (st != 0) ? EINTR : 0; 395} 396#else 397#define BPF_SLEEP tsleep 398#endif 399 400/* 401 * Rotate the packet buffers in descriptor d. Move the store buffer 402 * into the hold slot, and the free buffer into the store slot. 403 * Zero the length of the new store buffer. 404 */ 405#define ROTATE_BUFFERS(d) \ 406 (d)->bd_hbuf = (d)->bd_sbuf; \ 407 (d)->bd_hlen = (d)->bd_slen; \ 408 (d)->bd_sbuf = (d)->bd_fbuf; \ 409 (d)->bd_slen = 0; \ 410 (d)->bd_fbuf = 0; 411/* 412 * bpfread - read next chunk of packets from buffers 413 */ 414int 415bpfread(dev, uio, ioflag) 416 dev_t dev; 417 register struct uio *uio; 418 int ioflag; 419{ 420 register struct bpf_d *d = &bpf_dtab[minor(dev)]; 421 int error; 422 int s; 423 424 /* 425 * Restrict application to use a buffer the same size as 426 * as kernel buffers. 427 */ 428 if (uio->uio_resid != d->bd_bufsize) 429 return (EINVAL); 430 431 s = splimp(); 432 /* 433 * If the hold buffer is empty, then do a timed sleep, which 434 * ends when the timeout expires or when enough packets 435 * have arrived to fill the store buffer. 436 */ 437 while (d->bd_hbuf == 0) { 438 if (d->bd_immediate && d->bd_slen != 0) { 439 /* 440 * A packet(s) either arrived since the previous 441 * read or arrived while we were asleep. 442 * Rotate the buffers and return what's here. 443 */ 444 ROTATE_BUFFERS(d); 445 break; 446 } 447 if (d->bd_rtout != -1) 448 error = BPF_SLEEP((caddr_t)d, PRINET|PCATCH, "bpf", 449 d->bd_rtout); 450 else 451 error = EWOULDBLOCK; /* User requested non-blocking I/O */ 452 if (error == EINTR || error == ERESTART) { 453 splx(s); 454 return (error); 455 } 456 if (error == EWOULDBLOCK) { 457 /* 458 * On a timeout, return what's in the buffer, 459 * which may be nothing. If there is something 460 * in the store buffer, we can rotate the buffers. 461 */ 462 if (d->bd_hbuf) 463 /* 464 * We filled up the buffer in between 465 * getting the timeout and arriving 466 * here, so we don't need to rotate. 467 */ 468 break; 469 470 if (d->bd_slen == 0) { 471 splx(s); 472 return (0); 473 } 474 ROTATE_BUFFERS(d); 475 break; 476 } 477 } 478 /* 479 * At this point, we know we have something in the hold slot. 480 */ 481 splx(s); 482 483 /* 484 * Move data from hold buffer into user space. 485 * We know the entire buffer is transferred since 486 * we checked above that the read buffer is bpf_bufsize bytes. 487 */ 488 error = UIOMOVE(d->bd_hbuf, d->bd_hlen, UIO_READ, uio); 489 490 s = splimp(); 491 d->bd_fbuf = d->bd_hbuf; 492 d->bd_hbuf = 0; 493 d->bd_hlen = 0; 494 splx(s); 495 496 return (error); 497} 498 499 500/* 501 * If there are processes sleeping on this descriptor, wake them up. 502 */ 503static inline void 504bpf_wakeup(d) 505 register struct bpf_d *d; 506{ 507 struct proc *p; 508 509 wakeup((caddr_t)d); 510 if (d->bd_async && d->bd_sig) 511 if (d->bd_pgid > 0) 512 gsignal (d->bd_pgid, d->bd_sig); 513 else if (p = pfind (-d->bd_pgid)) 514 psignal (p, d->bd_sig); 515 516#if BSD >= 199103 517 selwakeup(&d->bd_sel); 518 /* XXX */ 519 d->bd_sel.si_pid = 0; 520#else 521 if (d->bd_selproc) { 522 selwakeup(d->bd_selproc, (int)d->bd_selcoll); 523 d->bd_selcoll = 0; 524 d->bd_selproc = 0; 525 } 526#endif 527} 528 529int 530bpfwrite(dev, uio, ioflag) 531 dev_t dev; 532 struct uio *uio; 533 int ioflag; 534{ 535 register struct bpf_d *d = &bpf_dtab[minor(dev)]; 536 struct ifnet *ifp; 537 struct mbuf *m; 538 int error, s; 539 static struct sockaddr dst; 540 int datlen; 541 542 if (d->bd_bif == 0) 543 return (ENXIO); 544 545 ifp = d->bd_bif->bif_ifp; 546 547 if (uio->uio_resid == 0) 548 return (0); 549 550 error = bpf_movein(uio, (int)d->bd_bif->bif_dlt, &m, &dst, &datlen); 551 if (error) 552 return (error); 553 554 if (datlen > ifp->if_mtu) 555 return (EMSGSIZE); 556 557 s = splnet(); 558#if BSD >= 199103 559 error = (*ifp->if_output)(ifp, m, &dst, (struct rtentry *)0); 560#else 561 error = (*ifp->if_output)(ifp, m, &dst); 562#endif 563 splx(s); 564 /* 565 * The driver frees the mbuf. 566 */ 567 return (error); 568} 569 570/* 571 * Reset a descriptor by flushing its packet buffer and clearing the 572 * receive and drop counts. Should be called at splimp. 573 */ 574static void 575reset_d(d) 576 struct bpf_d *d; 577{ 578 if (d->bd_hbuf) { 579 /* Free the hold buffer. */ 580 d->bd_fbuf = d->bd_hbuf; 581 d->bd_hbuf = 0; 582 } 583 d->bd_slen = 0; 584 d->bd_hlen = 0; 585 d->bd_rcount = 0; 586 d->bd_dcount = 0; 587} 588 589/* 590 * FIONREAD Check for read packet available. 591 * SIOCGIFADDR Get interface address - convenient hook to driver. 592 * BIOCGBLEN Get buffer len [for read()]. 593 * BIOCSETF Set ethernet read filter. 594 * BIOCFLUSH Flush read packet buffer. 595 * BIOCPROMISC Put interface into promiscuous mode. 596 * BIOCGDLT Get link layer type. 597 * BIOCGETIF Get interface name. 598 * BIOCSETIF Set interface. 599 * BIOCSRTIMEOUT Set read timeout. 600 * BIOCGRTIMEOUT Get read timeout. 601 * BIOCGSTATS Get packet stats. 602 * BIOCIMMEDIATE Set immediate mode. 603 * BIOCVERSION Get filter language version. 604 */ 605/* ARGSUSED */ 606int 607bpfioctl(dev, cmd, addr, flags, p) 608 dev_t dev; 609 int cmd; 610 caddr_t addr; 611 int flags; 612 struct proc *p; 613{ 614 register struct bpf_d *d = &bpf_dtab[minor(dev)]; 615 int s, error = 0; 616 617 switch (cmd) { 618 619 default: 620 error = EINVAL; 621 break; 622 623 /* 624 * Check for read packet available. 625 */ 626 case FIONREAD: 627 { 628 int n; 629 630 s = splimp(); 631 n = d->bd_slen; 632 if (d->bd_hbuf) 633 n += d->bd_hlen; 634 splx(s); 635 636 *(int *)addr = n; 637 break; 638 } 639 640 case SIOCGIFADDR: 641 { 642 struct ifnet *ifp; 643 644 if (d->bd_bif == 0) 645 error = EINVAL; 646 else { 647 ifp = d->bd_bif->bif_ifp; 648 error = (*ifp->if_ioctl)(ifp, cmd, addr); 649 } 650 break; 651 } 652 653 /* 654 * Get buffer len [for read()]. 655 */ 656 case BIOCGBLEN: 657 *(u_int *)addr = d->bd_bufsize; 658 break; 659 660 /* 661 * Set buffer length. 662 */ 663 case BIOCSBLEN: 664#if BSD < 199103 665 error = EINVAL; 666#else 667 if (d->bd_bif != 0) 668 error = EINVAL; 669 else { 670 register u_int size = *(u_int *)addr; 671 672 if (size > BPF_MAXBUFSIZE) 673 *(u_int *)addr = size = BPF_MAXBUFSIZE; 674 else if (size < BPF_MINBUFSIZE) 675 *(u_int *)addr = size = BPF_MINBUFSIZE; 676 d->bd_bufsize = size; 677 } 678#endif 679 break; 680 681 /* 682 * Set link layer read filter. 683 */ 684 case BIOCSETF: 685 error = bpf_setf(d, (struct bpf_program *)addr); 686 break; 687 688 /* 689 * Flush read packet buffer. 690 */ 691 case BIOCFLUSH: 692 s = splimp(); 693 reset_d(d); 694 splx(s); 695 break; 696 697 /* 698 * Put interface into promiscuous mode. 699 */ 700 case BIOCPROMISC: 701 if (d->bd_bif == 0) { 702 /* 703 * No interface attached yet. 704 */ 705 error = EINVAL; 706 break; 707 } 708 s = splimp(); 709 if (d->bd_promisc == 0) { 710 error = ifpromisc(d->bd_bif->bif_ifp, 1); 711 if (error == 0) 712 d->bd_promisc = 1; 713 } 714 splx(s); 715 break; 716 717 /* 718 * Get device parameters. 719 */ 720 case BIOCGDLT: 721 if (d->bd_bif == 0) 722 error = EINVAL; 723 else 724 *(u_int *)addr = d->bd_bif->bif_dlt; 725 break; 726 727 /* 728 * Set interface name. 729 */ 730 case BIOCGETIF: 731 if (d->bd_bif == 0) 732 error = EINVAL; 733 else 734 bpf_ifname(d->bd_bif->bif_ifp, (struct ifreq *)addr); 735 break; 736 737 /* 738 * Set interface. 739 */ 740 case BIOCSETIF: 741 error = bpf_setif(d, (struct ifreq *)addr); 742 break; 743 744 /* 745 * Set read timeout. 746 */ 747 case BIOCSRTIMEOUT: 748 { 749 struct timeval *tv = (struct timeval *)addr; 750 u_long msec; 751 752 /* Compute number of milliseconds. */ 753 msec = tv->tv_sec * 1000 + tv->tv_usec / 1000; 754 /* Scale milliseconds to ticks. Assume hard 755 clock has millisecond or greater resolution 756 (i.e. tick >= 1000). For 10ms hardclock, 757 tick/1000 = 10, so rtout<-msec/10. */ 758 d->bd_rtout = msec / (tick / 1000); 759 break; 760 } 761 762 /* 763 * Get read timeout. 764 */ 765 case BIOCGRTIMEOUT: 766 { 767 struct timeval *tv = (struct timeval *)addr; 768 u_long msec = d->bd_rtout; 769 770 msec *= tick / 1000; 771 tv->tv_sec = msec / 1000; 772 tv->tv_usec = msec % 1000; 773 break; 774 } 775 776 /* 777 * Get packet stats. 778 */ 779 case BIOCGSTATS: 780 { 781 struct bpf_stat *bs = (struct bpf_stat *)addr; 782 783 bs->bs_recv = d->bd_rcount; 784 bs->bs_drop = d->bd_dcount; 785 break; 786 } 787 788 /* 789 * Set immediate mode. 790 */ 791 case BIOCIMMEDIATE: 792 d->bd_immediate = *(u_int *)addr; 793 break; 794 795 case BIOCVERSION: 796 { 797 struct bpf_version *bv = (struct bpf_version *)addr; 798 799 bv->bv_major = BPF_MAJOR_VERSION; 800 bv->bv_minor = BPF_MINOR_VERSION; 801 break; 802 } 803 804 805 case FIONBIO: /* Non-blocking I/O */ 806 if (*(int *)addr) 807 d->bd_rtout = -1; 808 else 809 d->bd_rtout = 0; 810 break; 811 812 case FIOASYNC: /* Send signal on receive packets */ 813 d->bd_async = *(int *)addr; 814 break; 815 816/* N.B. ioctl (FIOSETOWN) and fcntl (F_SETOWN) both end up doing the 817 equivalent of a TIOCSPGRP and hence end up here. *However* TIOCSPGRP's arg 818 is a process group if it's positive and a process id if it's negative. This 819 is exactly the opposite of what the other two functions want! Therefore 820 there is code in ioctl and fcntl to negate the arg before calling here. */ 821 822 case TIOCSPGRP: /* Process or group to send signals to */ 823 d->bd_pgid = *(int *)addr; 824 break; 825 826 case TIOCGPGRP: 827 *(int *)addr = d->bd_pgid; 828 break; 829 830 case BIOCSRSIG: /* Set receive signal */ 831 { 832 u_int sig; 833 834 sig = *(u_int *)addr; 835 836 if (sig >= NSIG) 837 error = EINVAL; 838 else 839 d->bd_sig = sig; 840 break; 841 } 842 case BIOCGRSIG: 843 *(u_int *)addr = d->bd_sig; 844 break; 845 } 846 return (error); 847} 848 849/* 850 * Set d's packet filter program to fp. If this file already has a filter, 851 * free it and replace it. Returns EINVAL for bogus requests. 852 */ 853int 854bpf_setf(d, fp) 855 struct bpf_d *d; 856 struct bpf_program *fp; 857{ 858 struct bpf_insn *fcode, *old; 859 u_int flen, size; 860 int s; 861 862 old = d->bd_filter; 863 if (fp->bf_insns == 0) { 864 if (fp->bf_len != 0) 865 return (EINVAL); 866 s = splimp(); 867 d->bd_filter = 0; 868 reset_d(d); 869 splx(s); 870 if (old != 0) 871 free((caddr_t)old, M_DEVBUF); 872 return (0); 873 } 874 flen = fp->bf_len; 875 if (flen > BPF_MAXINSNS) 876 return (EINVAL); 877 878 size = flen * sizeof(*fp->bf_insns); 879 fcode = (struct bpf_insn *)malloc(size, M_DEVBUF, M_WAITOK); 880 if (copyin((caddr_t)fp->bf_insns, (caddr_t)fcode, size) == 0 && 881 bpf_validate(fcode, (int)flen)) { 882 s = splimp(); 883 d->bd_filter = fcode; 884 reset_d(d); 885 splx(s); 886 if (old != 0) 887 free((caddr_t)old, M_DEVBUF); 888 889 return (0); 890 } 891 free((caddr_t)fcode, M_DEVBUF); 892 return (EINVAL); 893} 894 895/* 896 * Detach a file from its current interface (if attached at all) and attach 897 * to the interface indicated by the name stored in ifr. 898 * Return an errno or 0. 899 */ 900static int 901bpf_setif(d, ifr) 902 struct bpf_d *d; 903 struct ifreq *ifr; 904{ 905 struct bpf_if *bp; 906 char *cp; 907 int unit, s, error; 908 909 /* 910 * Separate string into name part and unit number. Put a null 911 * byte at the end of the name part, and compute the number. 912 * If the a unit number is unspecified, the default is 0, 913 * as initialized above. XXX This should be common code. 914 */ 915 unit = 0; 916 cp = ifr->ifr_name; 917 cp[sizeof(ifr->ifr_name) - 1] = '\0'; 918 while (*cp++) { 919 if (*cp >= '0' && *cp <= '9') { 920 unit = *cp - '0'; 921 *cp++ = '\0'; 922 while (*cp) 923 unit = 10 * unit + *cp++ - '0'; 924 break; 925 } 926 } 927 /* 928 * Look through attached interfaces for the named one. 929 */ 930 for (bp = bpf_iflist; bp != 0; bp = bp->bif_next) { 931 struct ifnet *ifp = bp->bif_ifp; 932 933 if (ifp == 0 || unit != ifp->if_unit 934 || strcmp(ifp->if_name, ifr->ifr_name) != 0) 935 continue; 936 /* 937 * We found the requested interface. 938 * If it's not up, return an error. 939 * Allocate the packet buffers if we need to. 940 * If we're already attached to requested interface, 941 * just flush the buffer. 942 */ 943 if ((ifp->if_flags & IFF_UP) == 0) 944 return (ENETDOWN); 945 946 if (d->bd_sbuf == 0) { 947 error = bpf_allocbufs(d); 948 if (error != 0) 949 return (error); 950 } 951 s = splimp(); 952 if (bp != d->bd_bif) { 953 if (d->bd_bif) 954 /* 955 * Detach if attached to something else. 956 */ 957 bpf_detachd(d); 958 959 bpf_attachd(d, bp); 960 } 961 reset_d(d); 962 splx(s); 963 return (0); 964 } 965 /* Not found. */ 966 return (ENXIO); 967} 968 969/* 970 * Convert an interface name plus unit number of an ifp to a single 971 * name which is returned in the ifr. 972 */ 973static void 974bpf_ifname(ifp, ifr) 975 struct ifnet *ifp; 976 struct ifreq *ifr; 977{ 978 char *s = ifp->if_name; 979 char *d = ifr->ifr_name; 980 981 while (*d++ = *s++) 982 continue; 983 /* XXX Assume that unit number is less than 10. */ 984 *d++ = ifp->if_unit + '0'; 985 *d = '\0'; 986} 987 988/* 989 * The new select interface passes down the proc pointer; the old select 990 * stubs had to grab it out of the user struct. This glue allows either case. 991 */ 992#if BSD >= 199103 993#define bpf_select bpfselect 994#else 995int 996bpfselect(dev, rw) 997 register dev_t dev; 998 int rw; 999{ 1000 return (bpf_select(dev, rw, u.u_procp)); 1001} 1002#endif 1003 1004/* 1005 * Support for select() system call 1006 * 1007 * Return true iff the specific operation will not block indefinitely. 1008 * Otherwise, return false but make a note that a selwakeup() must be done. 1009 */ 1010int 1011bpf_select(dev, rw, p) 1012 register dev_t dev; 1013 int rw; 1014 struct proc *p; 1015{ 1016 register struct bpf_d *d; 1017 register int s; 1018 1019 if (rw != FREAD) 1020 return (0); 1021 /* 1022 * An imitation of the FIONREAD ioctl code. 1023 */ 1024 d = &bpf_dtab[minor(dev)]; 1025 1026 s = splimp(); 1027 if (d->bd_hlen != 0 || (d->bd_immediate && d->bd_slen != 0)) { 1028 /* 1029 * There is data waiting. 1030 */ 1031 splx(s); 1032 return (1); 1033 } 1034#if BSD >= 199103 1035 selrecord(p, &d->bd_sel); 1036#else 1037 /* 1038 * No data ready. If there's already a select() waiting on this 1039 * minor device then this is a collision. This shouldn't happen 1040 * because minors really should not be shared, but if a process 1041 * forks while one of these is open, it is possible that both 1042 * processes could select on the same descriptor. 1043 */ 1044 if (d->bd_selproc && d->bd_selproc->p_wchan == (caddr_t)&selwait) 1045 d->bd_selcoll = 1; 1046 else 1047 d->bd_selproc = p; 1048#endif 1049 splx(s); 1050 return (0); 1051} 1052 1053/* 1054 * Incoming linkage from device drivers. Process the packet pkt, of length 1055 * pktlen, which is stored in a contiguous buffer. The packet is parsed 1056 * by each process' filter, and if accepted, stashed into the corresponding 1057 * buffer. 1058 */ 1059void 1060bpf_tap(arg, pkt, pktlen) 1061 caddr_t arg; 1062 register u_char *pkt; 1063 register u_int pktlen; 1064{ 1065 struct bpf_if *bp; 1066 register struct bpf_d *d; 1067 register u_int slen; 1068 /* 1069 * Note that the ipl does not have to be raised at this point. 1070 * The only problem that could arise here is that if two different 1071 * interfaces shared any data. This is not the case. 1072 */ 1073 bp = (struct bpf_if *)arg; 1074 for (d = bp->bif_dlist; d != 0; d = d->bd_next) { 1075 ++d->bd_rcount; 1076 slen = bpf_filter(d->bd_filter, pkt, pktlen, pktlen); 1077 if (slen != 0) 1078 catchpacket(d, pkt, pktlen, slen, bcopy); 1079 } 1080} 1081 1082/* 1083 * Copy data from an mbuf chain into a buffer. This code is derived 1084 * from m_copydata in sys/uipc_mbuf.c. 1085 */ 1086static void 1087bpf_mcopy(src_arg, dst_arg, len) 1088 const void *src_arg; 1089 void *dst_arg; 1090 register u_int len; 1091{ 1092 register const struct mbuf *m; 1093 register u_int count; 1094 u_char *dst; 1095 1096 m = src_arg; 1097 dst = dst_arg; 1098 while (len > 0) { 1099 if (m == 0) 1100 panic("bpf_mcopy"); 1101 count = min(m->m_len, len); 1102 (void)memcpy((caddr_t)dst, mtod(m, caddr_t), count); 1103 m = m->m_next; 1104 dst += count; 1105 len -= count; 1106 } 1107} 1108 1109/* 1110 * Incoming linkage from device drivers, when packet is in an mbuf chain. 1111 */ 1112void 1113bpf_mtap(arg, m) 1114 caddr_t arg; 1115 struct mbuf *m; 1116{ 1117 struct bpf_if *bp = (struct bpf_if *)arg; 1118 struct bpf_d *d; 1119 u_int pktlen, slen; 1120 struct mbuf *m0; 1121 1122 pktlen = 0; 1123 for (m0 = m; m0 != 0; m0 = m0->m_next) 1124 pktlen += m0->m_len; 1125 1126 for (d = bp->bif_dlist; d != 0; d = d->bd_next) { 1127 ++d->bd_rcount; 1128 slen = bpf_filter(d->bd_filter, (u_char *)m, pktlen, 0); 1129 if (slen != 0) 1130 catchpacket(d, (u_char *)m, pktlen, slen, bpf_mcopy); 1131 } 1132} 1133 1134/* 1135 * Move the packet data from interface memory (pkt) into the 1136 * store buffer. Return 1 if it's time to wakeup a listener (buffer full), 1137 * otherwise 0. "copy" is the routine called to do the actual data 1138 * transfer. bcopy is passed in to copy contiguous chunks, while 1139 * bpf_mcopy is passed in to copy mbuf chains. In the latter case, 1140 * pkt is really an mbuf. 1141 */ 1142static void 1143catchpacket(d, pkt, pktlen, snaplen, cpfn) 1144 register struct bpf_d *d; 1145 register u_char *pkt; 1146 register u_int pktlen, snaplen; 1147 register void (*cpfn)(const void *, void *, u_int); 1148{ 1149 register struct bpf_hdr *hp; 1150 register int totlen, curlen; 1151 register int hdrlen = d->bd_bif->bif_hdrlen; 1152 /* 1153 * Figure out how many bytes to move. If the packet is 1154 * greater or equal to the snapshot length, transfer that 1155 * much. Otherwise, transfer the whole packet (unless 1156 * we hit the buffer size limit). 1157 */ 1158 totlen = hdrlen + min(snaplen, pktlen); 1159 if (totlen > d->bd_bufsize) 1160 totlen = d->bd_bufsize; 1161 1162 /* 1163 * Round up the end of the previous packet to the next longword. 1164 */ 1165 curlen = BPF_WORDALIGN(d->bd_slen); 1166 if (curlen + totlen > d->bd_bufsize) { 1167 /* 1168 * This packet will overflow the storage buffer. 1169 * Rotate the buffers if we can, then wakeup any 1170 * pending reads. 1171 */ 1172 if (d->bd_fbuf == 0) { 1173 /* 1174 * We haven't completed the previous read yet, 1175 * so drop the packet. 1176 */ 1177 ++d->bd_dcount; 1178 return; 1179 } 1180 ROTATE_BUFFERS(d); 1181 bpf_wakeup(d); 1182 curlen = 0; 1183 } 1184 else if (d->bd_immediate) 1185 /* 1186 * Immediate mode is set. A packet arrived so any 1187 * reads should be woken up. 1188 */ 1189 bpf_wakeup(d); 1190 1191 /* 1192 * Append the bpf header. 1193 */ 1194 hp = (struct bpf_hdr *)(d->bd_sbuf + curlen); 1195#if BSD >= 199103 1196 microtime(&hp->bh_tstamp); 1197#elif defined(sun) 1198 uniqtime(&hp->bh_tstamp); 1199#else 1200 hp->bh_tstamp = time; 1201#endif 1202 hp->bh_datalen = pktlen; 1203 hp->bh_hdrlen = hdrlen; 1204 /* 1205 * Copy the packet data into the store buffer and update its length. 1206 */ 1207 (*cpfn)(pkt, (u_char *)hp + hdrlen, (hp->bh_caplen = totlen - hdrlen)); 1208 d->bd_slen = curlen + totlen; 1209} 1210 1211/* 1212 * Initialize all nonzero fields of a descriptor. 1213 */ 1214static int 1215bpf_allocbufs(d) 1216 register struct bpf_d *d; 1217{ 1218 d->bd_fbuf = (caddr_t)malloc(d->bd_bufsize, M_DEVBUF, M_WAITOK); 1219 if (d->bd_fbuf == 0) 1220 return (ENOBUFS); 1221 1222 d->bd_sbuf = (caddr_t)malloc(d->bd_bufsize, M_DEVBUF, M_WAITOK); 1223 if (d->bd_sbuf == 0) { 1224 free(d->bd_fbuf, M_DEVBUF); 1225 return (ENOBUFS); 1226 } 1227 d->bd_slen = 0; 1228 d->bd_hlen = 0; 1229 return (0); 1230} 1231 1232/* 1233 * Free buffers currently in use by a descriptor. 1234 * Called on close. 1235 */ 1236static void 1237bpf_freed(d) 1238 register struct bpf_d *d; 1239{ 1240 /* 1241 * We don't need to lock out interrupts since this descriptor has 1242 * been detached from its interface and it yet hasn't been marked 1243 * free. 1244 */ 1245 if (d->bd_sbuf != 0) { 1246 free(d->bd_sbuf, M_DEVBUF); 1247 if (d->bd_hbuf != 0) 1248 free(d->bd_hbuf, M_DEVBUF); 1249 if (d->bd_fbuf != 0) 1250 free(d->bd_fbuf, M_DEVBUF); 1251 } 1252 if (d->bd_filter) 1253 free((caddr_t)d->bd_filter, M_DEVBUF); 1254 1255 D_MARKFREE(d); 1256} 1257 1258/* 1259 * Attach an interface to bpf. driverp is a pointer to a (struct bpf_if *) 1260 * in the driver's softc; dlt is the link layer type; hdrlen is the fixed 1261 * size of the link header (variable length headers not yet supported). 1262 */ 1263void 1264bpfattach(driverp, ifp, dlt, hdrlen) 1265 caddr_t *driverp; 1266 struct ifnet *ifp; 1267 u_int dlt, hdrlen; 1268{ 1269 struct bpf_if *bp; 1270 int i; 1271#if BSD < 199103 1272 static struct bpf_if bpf_ifs[NBPFILTER]; 1273 static int bpfifno; 1274 1275 bp = (bpfifno < NBPFILTER) ? &bpf_ifs[bpfifno++] : 0; 1276#else 1277 bp = (struct bpf_if *)malloc(sizeof(*bp), M_DEVBUF, M_DONTWAIT); 1278#endif 1279 if (bp == 0) 1280 panic("bpfattach"); 1281 1282 bp->bif_dlist = 0; 1283 bp->bif_driverp = (struct bpf_if **)driverp; 1284 bp->bif_ifp = ifp; 1285 bp->bif_dlt = dlt; 1286 1287 bp->bif_next = bpf_iflist; 1288 bpf_iflist = bp; 1289 1290 *bp->bif_driverp = 0; 1291 1292 /* 1293 * Compute the length of the bpf header. This is not necessarily 1294 * equal to SIZEOF_BPF_HDR because we want to insert spacing such 1295 * that the network layer header begins on a longword boundary (for 1296 * performance reasons and to alleviate alignment restrictions). 1297 */ 1298 bp->bif_hdrlen = BPF_WORDALIGN(hdrlen + SIZEOF_BPF_HDR) - hdrlen; 1299 1300 /* 1301 * Mark all the descriptors free if this hasn't been done. 1302 */ 1303 if (!D_ISFREE(&bpf_dtab[0])) 1304 for (i = 0; i < NBPFILTER; ++i) 1305 D_MARKFREE(&bpf_dtab[i]); 1306 1307 printf("bpf: %s%d attached\n", ifp->if_name, ifp->if_unit); 1308} 1309 1310#if BSD >= 199103 1311/* XXX This routine belongs in net/if.c. */ 1312/* 1313 * Set/clear promiscuous mode on interface ifp based on the truth value 1314 * of pswitch. The calls are reference counted so that only the first 1315 * "on" request actually has an effect, as does the final "off" request. 1316 * Results are undefined if the "off" and "on" requests are not matched. 1317 */ 1318int 1319ifpromisc(ifp, pswitch) 1320 struct ifnet *ifp; 1321 int pswitch; 1322{ 1323 struct ifreq ifr; 1324 1325 if (pswitch) { 1326 /* 1327 * If the device is not configured up, we cannot put it in 1328 * promiscuous mode. 1329 */ 1330 if ((ifp->if_flags & IFF_UP) == 0) 1331 return (ENETDOWN); 1332 if (ifp->if_pcount++ != 0) 1333 return (0); 1334 ifp->if_flags |= IFF_PROMISC; 1335 } else { 1336 if (--ifp->if_pcount > 0) 1337 return (0); 1338 ifp->if_flags &= ~IFF_PROMISC; 1339 } 1340 ifr.ifr_flags = ifp->if_flags; 1341 return ((*ifp->if_ioctl)(ifp, SIOCSIFFLAGS, (caddr_t)&ifr)); 1342} 1343#endif 1344 1345#if BSD < 199103 1346/* 1347 * Allocate some memory for bpf. This is temporary SunOS support, and 1348 * is admittedly a hack. 1349 * If resources unavaiable, return 0. 1350 */ 1351static caddr_t 1352bpf_alloc(size, canwait) 1353 register int size; 1354 register int canwait; 1355{ 1356 register struct mbuf *m; 1357 1358 if ((unsigned)size > (MCLBYTES-8)) 1359 return 0; 1360 1361 MGET(m, canwait, MT_DATA); 1362 if (m == 0) 1363 return 0; 1364 if ((unsigned)size > (MLEN-8)) { 1365 MCLGET(m); 1366 if (m->m_len != MCLBYTES) { 1367 m_freem(m); 1368 return 0; 1369 } 1370 } 1371 *mtod(m, struct mbuf **) = m; 1372 return mtod(m, caddr_t) + 8; 1373} 1374#endif 1375#endif 1376