bpf.c revision 12579
1/* 2 * Copyright (c) 1990, 1991, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * This code is derived from the Stanford/CMU enet packet filter, 6 * (net/enet.c) distributed as part of 4.3BSD, and code contributed 7 * to Berkeley by Steven McCanne and Van Jacobson both of Lawrence 8 * Berkeley Laboratory. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 3. All advertising materials mentioning features or use of this software 19 * must display the following acknowledgement: 20 * This product includes software developed by the University of 21 * California, Berkeley and its contributors. 22 * 4. Neither the name of the University nor the names of its contributors 23 * may be used to endorse or promote products derived from this software 24 * without specific prior written permission. 25 * 26 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 27 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 28 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 29 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 30 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 31 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 34 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 35 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 36 * SUCH DAMAGE. 37 * 38 * @(#)bpf.c 8.2 (Berkeley) 3/28/94 39 * 40 * $Id: bpf.c,v 1.16 1995/11/29 14:40:45 julian Exp $ 41 */ 42 43#include "bpfilter.h" 44 45#if NBPFILTER > 0 46 47#ifndef __GNUC__ 48#define inline 49#else 50#define inline __inline 51#endif 52 53#include <sys/param.h> 54#include <sys/systm.h> 55#include <sys/conf.h> 56#include <machine/cpu.h> /* for bootverbose */ 57#include <sys/mbuf.h> 58#include <sys/buf.h> 59#include <sys/time.h> 60#include <sys/proc.h> 61#include <sys/user.h> 62#include <sys/ioctl.h> 63 64#include <sys/file.h> 65#if defined(sparc) && BSD < 199103 66#include <sys/stream.h> 67#endif 68#include <sys/uio.h> 69 70#include <sys/socket.h> 71#include <sys/socketvar.h> 72#include <sys/protosw.h> 73#include <net/if.h> 74 75#include <net/bpf.h> 76#include <net/bpfdesc.h> 77 78#include <sys/errno.h> 79 80#include <netinet/in.h> 81#include <netinet/if_ether.h> 82#include <sys/kernel.h> 83 84#ifdef JREMOD 85#include <sys/conf.h> 86#ifdef DEVFS 87#include <sys/devfsext.h> 88#endif /*DEVFS*/ 89#define CDEV_MAJOR 23 90#endif /*JREMOD*/ 91 92/* 93 * Older BSDs don't have kernel malloc. 94 */ 95#if BSD < 199103 96extern bcopy(); 97static caddr_t bpf_alloc(); 98#include <net/bpf_compat.h> 99#define BPF_BUFSIZE (MCLBYTES-8) 100#define UIOMOVE(cp, len, code, uio) uiomove(cp, len, code, uio) 101#else 102#define BPF_BUFSIZE 4096 103#define UIOMOVE(cp, len, code, uio) uiomove(cp, len, uio) 104#endif 105 106#define PRINET 26 /* interruptible */ 107 108/* 109 * The default read buffer size is patchable. 110 */ 111int bpf_bufsize = BPF_BUFSIZE; 112 113/* 114 * bpf_iflist is the list of interfaces; each corresponds to an ifnet 115 * bpf_dtab holds the descriptors, indexed by minor device # 116 */ 117struct bpf_if *bpf_iflist; 118struct bpf_d bpf_dtab[NBPFILTER]; 119 120#if BSD >= 199207 121/* 122 * bpfilterattach() is called at boot time in new systems. We do 123 * nothing here since old systems will not call this. 124 */ 125/* ARGSUSED */ 126void 127bpfilterattach(n) 128 int n; 129{ 130} 131#endif 132 133static int bpf_allocbufs __P((struct bpf_d *)); 134static void bpf_attachd __P((struct bpf_d *d, struct bpf_if *bp)); 135static void bpf_detachd __P((struct bpf_d *d)); 136static void bpf_freed __P((struct bpf_d *)); 137static void bpf_ifname __P((struct ifnet *, struct ifreq *)); 138static void bpf_mcopy __P((const void *, void *, u_int)); 139static int bpf_movein __P((struct uio *, int, 140 struct mbuf **, struct sockaddr *, int *)); 141static int bpf_setif __P((struct bpf_d *, struct ifreq *)); 142static inline void 143 bpf_wakeup __P((struct bpf_d *)); 144static void catchpacket __P((struct bpf_d *, u_char *, u_int, 145 u_int, void (*)(const void *, void *, u_int))); 146static void reset_d __P((struct bpf_d *)); 147 148static int 149bpf_movein(uio, linktype, mp, sockp, datlen) 150 register struct uio *uio; 151 int linktype, *datlen; 152 register struct mbuf **mp; 153 register struct sockaddr *sockp; 154{ 155 struct mbuf *m; 156 int error; 157 int len; 158 int hlen; 159 160 /* 161 * Build a sockaddr based on the data link layer type. 162 * We do this at this level because the ethernet header 163 * is copied directly into the data field of the sockaddr. 164 * In the case of SLIP, there is no header and the packet 165 * is forwarded as is. 166 * Also, we are careful to leave room at the front of the mbuf 167 * for the link level header. 168 */ 169 switch (linktype) { 170 171 case DLT_SLIP: 172 sockp->sa_family = AF_INET; 173 hlen = 0; 174 break; 175 176 case DLT_EN10MB: 177 sockp->sa_family = AF_UNSPEC; 178 /* XXX Would MAXLINKHDR be better? */ 179 hlen = sizeof(struct ether_header); 180 break; 181 182 case DLT_FDDI: 183#if defined(__FreeBSD__) || defined(__bsdi__) 184 sockp->sa_family = AF_IMPLINK; 185 hlen = 0; 186#else 187 sockp->sa_family = AF_UNSPEC; 188 /* XXX 4(FORMAC)+6(dst)+6(src)+3(LLC)+5(SNAP) */ 189 hlen = 24; 190#endif 191 break; 192 193 case DLT_NULL: 194 sockp->sa_family = AF_UNSPEC; 195 hlen = 0; 196 break; 197 198 default: 199 return (EIO); 200 } 201 202 len = uio->uio_resid; 203 *datlen = len - hlen; 204 if ((unsigned)len > MCLBYTES) 205 return (EIO); 206 207 MGETHDR(m, M_WAIT, MT_DATA); 208 if (m == 0) 209 return (ENOBUFS); 210 if (len > MHLEN) { 211#if BSD >= 199103 212 MCLGET(m, M_WAIT); 213 if ((m->m_flags & M_EXT) == 0) { 214#else 215 MCLGET(m); 216 if (m->m_len != MCLBYTES) { 217#endif 218 error = ENOBUFS; 219 goto bad; 220 } 221 } 222 m->m_pkthdr.len = m->m_len = len; 223 m->m_pkthdr.rcvif = NULL; 224 *mp = m; 225 /* 226 * Make room for link header. 227 */ 228 if (hlen != 0) { 229 m->m_len -= hlen; 230#if BSD >= 199103 231 m->m_data += hlen; /* XXX */ 232#else 233 m->m_off += hlen; 234#endif 235 error = UIOMOVE((caddr_t)sockp->sa_data, hlen, UIO_WRITE, uio); 236 if (error) 237 goto bad; 238 } 239 error = UIOMOVE(mtod(m, caddr_t), len - hlen, UIO_WRITE, uio); 240 if (!error) 241 return (0); 242 bad: 243 m_freem(m); 244 return (error); 245} 246 247/* 248 * Attach file to the bpf interface, i.e. make d listen on bp. 249 * Must be called at splimp. 250 */ 251static void 252bpf_attachd(d, bp) 253 struct bpf_d *d; 254 struct bpf_if *bp; 255{ 256 /* 257 * Point d at bp, and add d to the interface's list of listeners. 258 * Finally, point the driver's bpf cookie at the interface so 259 * it will divert packets to bpf. 260 */ 261 d->bd_bif = bp; 262 d->bd_next = bp->bif_dlist; 263 bp->bif_dlist = d; 264 265 *bp->bif_driverp = bp; 266} 267 268/* 269 * Detach a file from its interface. 270 */ 271static void 272bpf_detachd(d) 273 struct bpf_d *d; 274{ 275 struct bpf_d **p; 276 struct bpf_if *bp; 277 278 bp = d->bd_bif; 279 /* 280 * Check if this descriptor had requested promiscuous mode. 281 * If so, turn it off. 282 */ 283 if (d->bd_promisc) { 284 d->bd_promisc = 0; 285 if (ifpromisc(bp->bif_ifp, 0)) 286 /* 287 * Something is really wrong if we were able to put 288 * the driver into promiscuous mode, but can't 289 * take it out. 290 */ 291 panic("bpf: ifpromisc failed"); 292 } 293 /* Remove d from the interface's descriptor list. */ 294 p = &bp->bif_dlist; 295 while (*p != d) { 296 p = &(*p)->bd_next; 297 if (*p == 0) 298 panic("bpf_detachd: descriptor not in list"); 299 } 300 *p = (*p)->bd_next; 301 if (bp->bif_dlist == 0) 302 /* 303 * Let the driver know that there are no more listeners. 304 */ 305 *d->bd_bif->bif_driverp = 0; 306 d->bd_bif = 0; 307} 308 309 310/* 311 * Mark a descriptor free by making it point to itself. 312 * This is probably cheaper than marking with a constant since 313 * the address should be in a register anyway. 314 */ 315#define D_ISFREE(d) ((d) == (d)->bd_next) 316#define D_MARKFREE(d) ((d)->bd_next = (d)) 317#define D_MARKUSED(d) ((d)->bd_next = 0) 318 319/* 320 * Open ethernet device. Returns ENXIO for illegal minor device number, 321 * EBUSY if file is open by another process. 322 */ 323/* ARGSUSED */ 324int 325bpfopen(dev, flags, fmt, p) 326 dev_t dev; 327 int flags; 328 int fmt; 329 struct proc *p; 330{ 331 register struct bpf_d *d; 332 333 if (minor(dev) >= NBPFILTER) 334 return (ENXIO); 335 /* 336 * Each minor can be opened by only one process. If the requested 337 * minor is in use, return EBUSY. 338 */ 339 d = &bpf_dtab[minor(dev)]; 340 if (!D_ISFREE(d)) 341 return (EBUSY); 342 343 /* Mark "free" and do most initialization. */ 344 bzero((char *)d, sizeof(*d)); 345 d->bd_bufsize = bpf_bufsize; 346 d->bd_sig = SIGIO; 347 348 return (0); 349} 350 351/* 352 * Close the descriptor by detaching it from its interface, 353 * deallocating its buffers, and marking it free. 354 */ 355/* ARGSUSED */ 356int 357bpfclose(dev, flags, fmt, p) 358 dev_t dev; 359 int flags; 360 int fmt; 361 struct proc *p; 362{ 363 register struct bpf_d *d = &bpf_dtab[minor(dev)]; 364 register int s; 365 366 s = splimp(); 367 if (d->bd_bif) 368 bpf_detachd(d); 369 splx(s); 370 bpf_freed(d); 371 372 return (0); 373} 374 375/* 376 * Support for SunOS, which does not have tsleep. 377 */ 378#if BSD < 199103 379static 380bpf_timeout(arg) 381 caddr_t arg; 382{ 383 struct bpf_d *d = (struct bpf_d *)arg; 384 d->bd_timedout = 1; 385 wakeup(arg); 386} 387 388#define BPF_SLEEP(chan, pri, s, t) bpf_sleep((struct bpf_d *)chan) 389 390int 391bpf_sleep(d) 392 register struct bpf_d *d; 393{ 394 register int rto = d->bd_rtout; 395 register int st; 396 397 if (rto != 0) { 398 d->bd_timedout = 0; 399 timeout(bpf_timeout, (caddr_t)d, rto); 400 } 401 st = sleep((caddr_t)d, PRINET|PCATCH); 402 if (rto != 0) { 403 if (d->bd_timedout == 0) 404 untimeout(bpf_timeout, (caddr_t)d); 405 else if (st == 0) 406 return EWOULDBLOCK; 407 } 408 return (st != 0) ? EINTR : 0; 409} 410#else 411#define BPF_SLEEP tsleep 412#endif 413 414/* 415 * Rotate the packet buffers in descriptor d. Move the store buffer 416 * into the hold slot, and the free buffer into the store slot. 417 * Zero the length of the new store buffer. 418 */ 419#define ROTATE_BUFFERS(d) \ 420 (d)->bd_hbuf = (d)->bd_sbuf; \ 421 (d)->bd_hlen = (d)->bd_slen; \ 422 (d)->bd_sbuf = (d)->bd_fbuf; \ 423 (d)->bd_slen = 0; \ 424 (d)->bd_fbuf = 0; 425/* 426 * bpfread - read next chunk of packets from buffers 427 */ 428int 429bpfread(dev, uio, ioflag) 430 dev_t dev; 431 register struct uio *uio; 432 int ioflag; 433{ 434 register struct bpf_d *d = &bpf_dtab[minor(dev)]; 435 int error; 436 int s; 437 438 /* 439 * Restrict application to use a buffer the same size as 440 * as kernel buffers. 441 */ 442 if (uio->uio_resid != d->bd_bufsize) 443 return (EINVAL); 444 445 s = splimp(); 446 /* 447 * If the hold buffer is empty, then do a timed sleep, which 448 * ends when the timeout expires or when enough packets 449 * have arrived to fill the store buffer. 450 */ 451 while (d->bd_hbuf == 0) { 452 if (d->bd_immediate && d->bd_slen != 0) { 453 /* 454 * A packet(s) either arrived since the previous 455 * read or arrived while we were asleep. 456 * Rotate the buffers and return what's here. 457 */ 458 ROTATE_BUFFERS(d); 459 break; 460 } 461 if (d->bd_rtout != -1) 462 error = BPF_SLEEP((caddr_t)d, PRINET|PCATCH, "bpf", 463 d->bd_rtout); 464 else 465 error = EWOULDBLOCK; /* User requested non-blocking I/O */ 466 if (error == EINTR || error == ERESTART) { 467 splx(s); 468 return (error); 469 } 470 if (error == EWOULDBLOCK) { 471 /* 472 * On a timeout, return what's in the buffer, 473 * which may be nothing. If there is something 474 * in the store buffer, we can rotate the buffers. 475 */ 476 if (d->bd_hbuf) 477 /* 478 * We filled up the buffer in between 479 * getting the timeout and arriving 480 * here, so we don't need to rotate. 481 */ 482 break; 483 484 if (d->bd_slen == 0) { 485 splx(s); 486 return (0); 487 } 488 ROTATE_BUFFERS(d); 489 break; 490 } 491 } 492 /* 493 * At this point, we know we have something in the hold slot. 494 */ 495 splx(s); 496 497 /* 498 * Move data from hold buffer into user space. 499 * We know the entire buffer is transferred since 500 * we checked above that the read buffer is bpf_bufsize bytes. 501 */ 502 error = UIOMOVE(d->bd_hbuf, d->bd_hlen, UIO_READ, uio); 503 504 s = splimp(); 505 d->bd_fbuf = d->bd_hbuf; 506 d->bd_hbuf = 0; 507 d->bd_hlen = 0; 508 splx(s); 509 510 return (error); 511} 512 513 514/* 515 * If there are processes sleeping on this descriptor, wake them up. 516 */ 517static inline void 518bpf_wakeup(d) 519 register struct bpf_d *d; 520{ 521 struct proc *p; 522 523 wakeup((caddr_t)d); 524 if (d->bd_async && d->bd_sig) 525 if (d->bd_pgid > 0) 526 gsignal (d->bd_pgid, d->bd_sig); 527 else if (p = pfind (-d->bd_pgid)) 528 psignal (p, d->bd_sig); 529 530#if BSD >= 199103 531 selwakeup(&d->bd_sel); 532 /* XXX */ 533 d->bd_sel.si_pid = 0; 534#else 535 if (d->bd_selproc) { 536 selwakeup(d->bd_selproc, (int)d->bd_selcoll); 537 d->bd_selcoll = 0; 538 d->bd_selproc = 0; 539 } 540#endif 541} 542 543int 544bpfwrite(dev, uio, ioflag) 545 dev_t dev; 546 struct uio *uio; 547 int ioflag; 548{ 549 register struct bpf_d *d = &bpf_dtab[minor(dev)]; 550 struct ifnet *ifp; 551 struct mbuf *m; 552 int error, s; 553 static struct sockaddr dst; 554 int datlen; 555 556 if (d->bd_bif == 0) 557 return (ENXIO); 558 559 ifp = d->bd_bif->bif_ifp; 560 561 if (uio->uio_resid == 0) 562 return (0); 563 564 error = bpf_movein(uio, (int)d->bd_bif->bif_dlt, &m, &dst, &datlen); 565 if (error) 566 return (error); 567 568 if (datlen > ifp->if_mtu) 569 return (EMSGSIZE); 570 571 s = splnet(); 572#if BSD >= 199103 573 error = (*ifp->if_output)(ifp, m, &dst, (struct rtentry *)0); 574#else 575 error = (*ifp->if_output)(ifp, m, &dst); 576#endif 577 splx(s); 578 /* 579 * The driver frees the mbuf. 580 */ 581 return (error); 582} 583 584/* 585 * Reset a descriptor by flushing its packet buffer and clearing the 586 * receive and drop counts. Should be called at splimp. 587 */ 588static void 589reset_d(d) 590 struct bpf_d *d; 591{ 592 if (d->bd_hbuf) { 593 /* Free the hold buffer. */ 594 d->bd_fbuf = d->bd_hbuf; 595 d->bd_hbuf = 0; 596 } 597 d->bd_slen = 0; 598 d->bd_hlen = 0; 599 d->bd_rcount = 0; 600 d->bd_dcount = 0; 601} 602 603/* 604 * FIONREAD Check for read packet available. 605 * SIOCGIFADDR Get interface address - convenient hook to driver. 606 * BIOCGBLEN Get buffer len [for read()]. 607 * BIOCSETF Set ethernet read filter. 608 * BIOCFLUSH Flush read packet buffer. 609 * BIOCPROMISC Put interface into promiscuous mode. 610 * BIOCGDLT Get link layer type. 611 * BIOCGETIF Get interface name. 612 * BIOCSETIF Set interface. 613 * BIOCSRTIMEOUT Set read timeout. 614 * BIOCGRTIMEOUT Get read timeout. 615 * BIOCGSTATS Get packet stats. 616 * BIOCIMMEDIATE Set immediate mode. 617 * BIOCVERSION Get filter language version. 618 */ 619/* ARGSUSED */ 620int 621bpfioctl(dev, cmd, addr, flags, p) 622 dev_t dev; 623 int cmd; 624 caddr_t addr; 625 int flags; 626 struct proc *p; 627{ 628 register struct bpf_d *d = &bpf_dtab[minor(dev)]; 629 int s, error = 0; 630 631 switch (cmd) { 632 633 default: 634 error = EINVAL; 635 break; 636 637 /* 638 * Check for read packet available. 639 */ 640 case FIONREAD: 641 { 642 int n; 643 644 s = splimp(); 645 n = d->bd_slen; 646 if (d->bd_hbuf) 647 n += d->bd_hlen; 648 splx(s); 649 650 *(int *)addr = n; 651 break; 652 } 653 654 case SIOCGIFADDR: 655 { 656 struct ifnet *ifp; 657 658 if (d->bd_bif == 0) 659 error = EINVAL; 660 else { 661 ifp = d->bd_bif->bif_ifp; 662 error = (*ifp->if_ioctl)(ifp, cmd, addr); 663 } 664 break; 665 } 666 667 /* 668 * Get buffer len [for read()]. 669 */ 670 case BIOCGBLEN: 671 *(u_int *)addr = d->bd_bufsize; 672 break; 673 674 /* 675 * Set buffer length. 676 */ 677 case BIOCSBLEN: 678#if BSD < 199103 679 error = EINVAL; 680#else 681 if (d->bd_bif != 0) 682 error = EINVAL; 683 else { 684 register u_int size = *(u_int *)addr; 685 686 if (size > BPF_MAXBUFSIZE) 687 *(u_int *)addr = size = BPF_MAXBUFSIZE; 688 else if (size < BPF_MINBUFSIZE) 689 *(u_int *)addr = size = BPF_MINBUFSIZE; 690 d->bd_bufsize = size; 691 } 692#endif 693 break; 694 695 /* 696 * Set link layer read filter. 697 */ 698 case BIOCSETF: 699 error = bpf_setf(d, (struct bpf_program *)addr); 700 break; 701 702 /* 703 * Flush read packet buffer. 704 */ 705 case BIOCFLUSH: 706 s = splimp(); 707 reset_d(d); 708 splx(s); 709 break; 710 711 /* 712 * Put interface into promiscuous mode. 713 */ 714 case BIOCPROMISC: 715 if (d->bd_bif == 0) { 716 /* 717 * No interface attached yet. 718 */ 719 error = EINVAL; 720 break; 721 } 722 s = splimp(); 723 if (d->bd_promisc == 0) { 724 error = ifpromisc(d->bd_bif->bif_ifp, 1); 725 if (error == 0) 726 d->bd_promisc = 1; 727 } 728 splx(s); 729 break; 730 731 /* 732 * Get device parameters. 733 */ 734 case BIOCGDLT: 735 if (d->bd_bif == 0) 736 error = EINVAL; 737 else 738 *(u_int *)addr = d->bd_bif->bif_dlt; 739 break; 740 741 /* 742 * Set interface name. 743 */ 744 case BIOCGETIF: 745 if (d->bd_bif == 0) 746 error = EINVAL; 747 else 748 bpf_ifname(d->bd_bif->bif_ifp, (struct ifreq *)addr); 749 break; 750 751 /* 752 * Set interface. 753 */ 754 case BIOCSETIF: 755 error = bpf_setif(d, (struct ifreq *)addr); 756 break; 757 758 /* 759 * Set read timeout. 760 */ 761 case BIOCSRTIMEOUT: 762 { 763 struct timeval *tv = (struct timeval *)addr; 764 u_long msec; 765 766 /* Compute number of milliseconds. */ 767 msec = tv->tv_sec * 1000 + tv->tv_usec / 1000; 768 /* Scale milliseconds to ticks. Assume hard 769 clock has millisecond or greater resolution 770 (i.e. tick >= 1000). For 10ms hardclock, 771 tick/1000 = 10, so rtout<-msec/10. */ 772 d->bd_rtout = msec / (tick / 1000); 773 break; 774 } 775 776 /* 777 * Get read timeout. 778 */ 779 case BIOCGRTIMEOUT: 780 { 781 struct timeval *tv = (struct timeval *)addr; 782 u_long msec = d->bd_rtout; 783 784 msec *= tick / 1000; 785 tv->tv_sec = msec / 1000; 786 tv->tv_usec = msec % 1000; 787 break; 788 } 789 790 /* 791 * Get packet stats. 792 */ 793 case BIOCGSTATS: 794 { 795 struct bpf_stat *bs = (struct bpf_stat *)addr; 796 797 bs->bs_recv = d->bd_rcount; 798 bs->bs_drop = d->bd_dcount; 799 break; 800 } 801 802 /* 803 * Set immediate mode. 804 */ 805 case BIOCIMMEDIATE: 806 d->bd_immediate = *(u_int *)addr; 807 break; 808 809 case BIOCVERSION: 810 { 811 struct bpf_version *bv = (struct bpf_version *)addr; 812 813 bv->bv_major = BPF_MAJOR_VERSION; 814 bv->bv_minor = BPF_MINOR_VERSION; 815 break; 816 } 817 818 819 case FIONBIO: /* Non-blocking I/O */ 820 if (*(int *)addr) 821 d->bd_rtout = -1; 822 else 823 d->bd_rtout = 0; 824 break; 825 826 case FIOASYNC: /* Send signal on receive packets */ 827 d->bd_async = *(int *)addr; 828 break; 829 830/* N.B. ioctl (FIOSETOWN) and fcntl (F_SETOWN) both end up doing the 831 equivalent of a TIOCSPGRP and hence end up here. *However* TIOCSPGRP's arg 832 is a process group if it's positive and a process id if it's negative. This 833 is exactly the opposite of what the other two functions want! Therefore 834 there is code in ioctl and fcntl to negate the arg before calling here. */ 835 836 case TIOCSPGRP: /* Process or group to send signals to */ 837 d->bd_pgid = *(int *)addr; 838 break; 839 840 case TIOCGPGRP: 841 *(int *)addr = d->bd_pgid; 842 break; 843 844 case BIOCSRSIG: /* Set receive signal */ 845 { 846 u_int sig; 847 848 sig = *(u_int *)addr; 849 850 if (sig >= NSIG) 851 error = EINVAL; 852 else 853 d->bd_sig = sig; 854 break; 855 } 856 case BIOCGRSIG: 857 *(u_int *)addr = d->bd_sig; 858 break; 859 } 860 return (error); 861} 862 863/* 864 * Set d's packet filter program to fp. If this file already has a filter, 865 * free it and replace it. Returns EINVAL for bogus requests. 866 */ 867int 868bpf_setf(d, fp) 869 struct bpf_d *d; 870 struct bpf_program *fp; 871{ 872 struct bpf_insn *fcode, *old; 873 u_int flen, size; 874 int s; 875 876 old = d->bd_filter; 877 if (fp->bf_insns == 0) { 878 if (fp->bf_len != 0) 879 return (EINVAL); 880 s = splimp(); 881 d->bd_filter = 0; 882 reset_d(d); 883 splx(s); 884 if (old != 0) 885 free((caddr_t)old, M_DEVBUF); 886 return (0); 887 } 888 flen = fp->bf_len; 889 if (flen > BPF_MAXINSNS) 890 return (EINVAL); 891 892 size = flen * sizeof(*fp->bf_insns); 893 fcode = (struct bpf_insn *)malloc(size, M_DEVBUF, M_WAITOK); 894 if (copyin((caddr_t)fp->bf_insns, (caddr_t)fcode, size) == 0 && 895 bpf_validate(fcode, (int)flen)) { 896 s = splimp(); 897 d->bd_filter = fcode; 898 reset_d(d); 899 splx(s); 900 if (old != 0) 901 free((caddr_t)old, M_DEVBUF); 902 903 return (0); 904 } 905 free((caddr_t)fcode, M_DEVBUF); 906 return (EINVAL); 907} 908 909/* 910 * Detach a file from its current interface (if attached at all) and attach 911 * to the interface indicated by the name stored in ifr. 912 * Return an errno or 0. 913 */ 914static int 915bpf_setif(d, ifr) 916 struct bpf_d *d; 917 struct ifreq *ifr; 918{ 919 struct bpf_if *bp; 920 char *cp; 921 int unit, s, error; 922 923 /* 924 * Separate string into name part and unit number. Put a null 925 * byte at the end of the name part, and compute the number. 926 * If the a unit number is unspecified, the default is 0, 927 * as initialized above. XXX This should be common code. 928 */ 929 unit = 0; 930 cp = ifr->ifr_name; 931 cp[sizeof(ifr->ifr_name) - 1] = '\0'; 932 while (*cp++) { 933 if (*cp >= '0' && *cp <= '9') { 934 unit = *cp - '0'; 935 *cp++ = '\0'; 936 while (*cp) 937 unit = 10 * unit + *cp++ - '0'; 938 break; 939 } 940 } 941 /* 942 * Look through attached interfaces for the named one. 943 */ 944 for (bp = bpf_iflist; bp != 0; bp = bp->bif_next) { 945 struct ifnet *ifp = bp->bif_ifp; 946 947 if (ifp == 0 || unit != ifp->if_unit 948 || strcmp(ifp->if_name, ifr->ifr_name) != 0) 949 continue; 950 /* 951 * We found the requested interface. 952 * If it's not up, return an error. 953 * Allocate the packet buffers if we need to. 954 * If we're already attached to requested interface, 955 * just flush the buffer. 956 */ 957 if ((ifp->if_flags & IFF_UP) == 0) 958 return (ENETDOWN); 959 960 if (d->bd_sbuf == 0) { 961 error = bpf_allocbufs(d); 962 if (error != 0) 963 return (error); 964 } 965 s = splimp(); 966 if (bp != d->bd_bif) { 967 if (d->bd_bif) 968 /* 969 * Detach if attached to something else. 970 */ 971 bpf_detachd(d); 972 973 bpf_attachd(d, bp); 974 } 975 reset_d(d); 976 splx(s); 977 return (0); 978 } 979 /* Not found. */ 980 return (ENXIO); 981} 982 983/* 984 * Convert an interface name plus unit number of an ifp to a single 985 * name which is returned in the ifr. 986 */ 987static void 988bpf_ifname(ifp, ifr) 989 struct ifnet *ifp; 990 struct ifreq *ifr; 991{ 992 char *s = ifp->if_name; 993 char *d = ifr->ifr_name; 994 995 while (*d++ = *s++) 996 continue; 997 /* XXX Assume that unit number is less than 10. */ 998 *d++ = ifp->if_unit + '0'; 999 *d = '\0'; 1000} 1001 1002/* 1003 * The new select interface passes down the proc pointer; the old select 1004 * stubs had to grab it out of the user struct. This glue allows either case. 1005 */ 1006#if BSD >= 199103 1007#define bpf_select bpfselect 1008#else 1009int 1010bpfselect(dev, rw) 1011 register dev_t dev; 1012 int rw; 1013{ 1014 return (bpf_select(dev, rw, u.u_procp)); 1015} 1016#endif 1017 1018/* 1019 * Support for select() system call 1020 * 1021 * Return true iff the specific operation will not block indefinitely. 1022 * Otherwise, return false but make a note that a selwakeup() must be done. 1023 */ 1024int 1025bpf_select(dev, rw, p) 1026 register dev_t dev; 1027 int rw; 1028 struct proc *p; 1029{ 1030 register struct bpf_d *d; 1031 register int s; 1032 1033 if (rw != FREAD) 1034 return (0); 1035 /* 1036 * An imitation of the FIONREAD ioctl code. 1037 */ 1038 d = &bpf_dtab[minor(dev)]; 1039 1040 s = splimp(); 1041 if (d->bd_hlen != 0 || (d->bd_immediate && d->bd_slen != 0)) { 1042 /* 1043 * There is data waiting. 1044 */ 1045 splx(s); 1046 return (1); 1047 } 1048#if BSD >= 199103 1049 selrecord(p, &d->bd_sel); 1050#else 1051 /* 1052 * No data ready. If there's already a select() waiting on this 1053 * minor device then this is a collision. This shouldn't happen 1054 * because minors really should not be shared, but if a process 1055 * forks while one of these is open, it is possible that both 1056 * processes could select on the same descriptor. 1057 */ 1058 if (d->bd_selproc && d->bd_selproc->p_wchan == (caddr_t)&selwait) 1059 d->bd_selcoll = 1; 1060 else 1061 d->bd_selproc = p; 1062#endif 1063 splx(s); 1064 return (0); 1065} 1066 1067/* 1068 * Incoming linkage from device drivers. Process the packet pkt, of length 1069 * pktlen, which is stored in a contiguous buffer. The packet is parsed 1070 * by each process' filter, and if accepted, stashed into the corresponding 1071 * buffer. 1072 */ 1073void 1074bpf_tap(arg, pkt, pktlen) 1075 caddr_t arg; 1076 register u_char *pkt; 1077 register u_int pktlen; 1078{ 1079 struct bpf_if *bp; 1080 register struct bpf_d *d; 1081 register u_int slen; 1082 /* 1083 * Note that the ipl does not have to be raised at this point. 1084 * The only problem that could arise here is that if two different 1085 * interfaces shared any data. This is not the case. 1086 */ 1087 bp = (struct bpf_if *)arg; 1088 for (d = bp->bif_dlist; d != 0; d = d->bd_next) { 1089 ++d->bd_rcount; 1090 slen = bpf_filter(d->bd_filter, pkt, pktlen, pktlen); 1091 if (slen != 0) 1092 catchpacket(d, pkt, pktlen, slen, bcopy); 1093 } 1094} 1095 1096/* 1097 * Copy data from an mbuf chain into a buffer. This code is derived 1098 * from m_copydata in sys/uipc_mbuf.c. 1099 */ 1100static void 1101bpf_mcopy(src_arg, dst_arg, len) 1102 const void *src_arg; 1103 void *dst_arg; 1104 register u_int len; 1105{ 1106 register const struct mbuf *m; 1107 register u_int count; 1108 u_char *dst; 1109 1110 m = src_arg; 1111 dst = dst_arg; 1112 while (len > 0) { 1113 if (m == 0) 1114 panic("bpf_mcopy"); 1115 count = min(m->m_len, len); 1116 (void)memcpy((caddr_t)dst, mtod(m, caddr_t), count); 1117 m = m->m_next; 1118 dst += count; 1119 len -= count; 1120 } 1121} 1122 1123/* 1124 * Incoming linkage from device drivers, when packet is in an mbuf chain. 1125 */ 1126void 1127bpf_mtap(arg, m) 1128 caddr_t arg; 1129 struct mbuf *m; 1130{ 1131 struct bpf_if *bp = (struct bpf_if *)arg; 1132 struct bpf_d *d; 1133 u_int pktlen, slen; 1134 struct mbuf *m0; 1135 1136 pktlen = 0; 1137 for (m0 = m; m0 != 0; m0 = m0->m_next) 1138 pktlen += m0->m_len; 1139 1140 for (d = bp->bif_dlist; d != 0; d = d->bd_next) { 1141 ++d->bd_rcount; 1142 slen = bpf_filter(d->bd_filter, (u_char *)m, pktlen, 0); 1143 if (slen != 0) 1144 catchpacket(d, (u_char *)m, pktlen, slen, bpf_mcopy); 1145 } 1146} 1147 1148/* 1149 * Move the packet data from interface memory (pkt) into the 1150 * store buffer. Return 1 if it's time to wakeup a listener (buffer full), 1151 * otherwise 0. "copy" is the routine called to do the actual data 1152 * transfer. bcopy is passed in to copy contiguous chunks, while 1153 * bpf_mcopy is passed in to copy mbuf chains. In the latter case, 1154 * pkt is really an mbuf. 1155 */ 1156static void 1157catchpacket(d, pkt, pktlen, snaplen, cpfn) 1158 register struct bpf_d *d; 1159 register u_char *pkt; 1160 register u_int pktlen, snaplen; 1161 register void (*cpfn)(const void *, void *, u_int); 1162{ 1163 register struct bpf_hdr *hp; 1164 register int totlen, curlen; 1165 register int hdrlen = d->bd_bif->bif_hdrlen; 1166 /* 1167 * Figure out how many bytes to move. If the packet is 1168 * greater or equal to the snapshot length, transfer that 1169 * much. Otherwise, transfer the whole packet (unless 1170 * we hit the buffer size limit). 1171 */ 1172 totlen = hdrlen + min(snaplen, pktlen); 1173 if (totlen > d->bd_bufsize) 1174 totlen = d->bd_bufsize; 1175 1176 /* 1177 * Round up the end of the previous packet to the next longword. 1178 */ 1179 curlen = BPF_WORDALIGN(d->bd_slen); 1180 if (curlen + totlen > d->bd_bufsize) { 1181 /* 1182 * This packet will overflow the storage buffer. 1183 * Rotate the buffers if we can, then wakeup any 1184 * pending reads. 1185 */ 1186 if (d->bd_fbuf == 0) { 1187 /* 1188 * We haven't completed the previous read yet, 1189 * so drop the packet. 1190 */ 1191 ++d->bd_dcount; 1192 return; 1193 } 1194 ROTATE_BUFFERS(d); 1195 bpf_wakeup(d); 1196 curlen = 0; 1197 } 1198 else if (d->bd_immediate) 1199 /* 1200 * Immediate mode is set. A packet arrived so any 1201 * reads should be woken up. 1202 */ 1203 bpf_wakeup(d); 1204 1205 /* 1206 * Append the bpf header. 1207 */ 1208 hp = (struct bpf_hdr *)(d->bd_sbuf + curlen); 1209#if BSD >= 199103 1210 microtime(&hp->bh_tstamp); 1211#elif defined(sun) 1212 uniqtime(&hp->bh_tstamp); 1213#else 1214 hp->bh_tstamp = time; 1215#endif 1216 hp->bh_datalen = pktlen; 1217 hp->bh_hdrlen = hdrlen; 1218 /* 1219 * Copy the packet data into the store buffer and update its length. 1220 */ 1221 (*cpfn)(pkt, (u_char *)hp + hdrlen, (hp->bh_caplen = totlen - hdrlen)); 1222 d->bd_slen = curlen + totlen; 1223} 1224 1225/* 1226 * Initialize all nonzero fields of a descriptor. 1227 */ 1228static int 1229bpf_allocbufs(d) 1230 register struct bpf_d *d; 1231{ 1232 d->bd_fbuf = (caddr_t)malloc(d->bd_bufsize, M_DEVBUF, M_WAITOK); 1233 if (d->bd_fbuf == 0) 1234 return (ENOBUFS); 1235 1236 d->bd_sbuf = (caddr_t)malloc(d->bd_bufsize, M_DEVBUF, M_WAITOK); 1237 if (d->bd_sbuf == 0) { 1238 free(d->bd_fbuf, M_DEVBUF); 1239 return (ENOBUFS); 1240 } 1241 d->bd_slen = 0; 1242 d->bd_hlen = 0; 1243 return (0); 1244} 1245 1246/* 1247 * Free buffers currently in use by a descriptor. 1248 * Called on close. 1249 */ 1250static void 1251bpf_freed(d) 1252 register struct bpf_d *d; 1253{ 1254 /* 1255 * We don't need to lock out interrupts since this descriptor has 1256 * been detached from its interface and it yet hasn't been marked 1257 * free. 1258 */ 1259 if (d->bd_sbuf != 0) { 1260 free(d->bd_sbuf, M_DEVBUF); 1261 if (d->bd_hbuf != 0) 1262 free(d->bd_hbuf, M_DEVBUF); 1263 if (d->bd_fbuf != 0) 1264 free(d->bd_fbuf, M_DEVBUF); 1265 } 1266 if (d->bd_filter) 1267 free((caddr_t)d->bd_filter, M_DEVBUF); 1268 1269 D_MARKFREE(d); 1270} 1271 1272/* 1273 * Attach an interface to bpf. driverp is a pointer to a (struct bpf_if *) 1274 * in the driver's softc; dlt is the link layer type; hdrlen is the fixed 1275 * size of the link header (variable length headers not yet supported). 1276 */ 1277void 1278bpfattach(driverp, ifp, dlt, hdrlen) 1279 caddr_t *driverp; 1280 struct ifnet *ifp; 1281 u_int dlt, hdrlen; 1282{ 1283 struct bpf_if *bp; 1284 int i; 1285#if BSD < 199103 1286 static struct bpf_if bpf_ifs[NBPFILTER]; 1287 static int bpfifno; 1288 1289 bp = (bpfifno < NBPFILTER) ? &bpf_ifs[bpfifno++] : 0; 1290#else 1291 bp = (struct bpf_if *)malloc(sizeof(*bp), M_DEVBUF, M_DONTWAIT); 1292#endif 1293 if (bp == 0) 1294 panic("bpfattach"); 1295 1296 bp->bif_dlist = 0; 1297 bp->bif_driverp = (struct bpf_if **)driverp; 1298 bp->bif_ifp = ifp; 1299 bp->bif_dlt = dlt; 1300 1301 bp->bif_next = bpf_iflist; 1302 bpf_iflist = bp; 1303 1304 *bp->bif_driverp = 0; 1305 1306 /* 1307 * Compute the length of the bpf header. This is not necessarily 1308 * equal to SIZEOF_BPF_HDR because we want to insert spacing such 1309 * that the network layer header begins on a longword boundary (for 1310 * performance reasons and to alleviate alignment restrictions). 1311 */ 1312 bp->bif_hdrlen = BPF_WORDALIGN(hdrlen + SIZEOF_BPF_HDR) - hdrlen; 1313 1314 /* 1315 * Mark all the descriptors free if this hasn't been done. 1316 */ 1317 if (!D_ISFREE(&bpf_dtab[0])) 1318 for (i = 0; i < NBPFILTER; ++i) 1319 D_MARKFREE(&bpf_dtab[i]); 1320 1321 if (bootverbose) 1322 printf("bpf: %s%d attached\n", ifp->if_name, ifp->if_unit); 1323} 1324 1325 1326#ifdef JREMOD 1327struct cdevsw bpf_cdevsw = 1328 { bpfopen, bpfclose, bpfread, bpfwrite, /*23*/ 1329 bpfioctl, nostop, nullreset, nodevtotty,/* bpf */ 1330 bpfselect, nommap, NULL }; 1331 1332static bpf_devsw_installed = 0; 1333 1334static void bpf_drvinit(void *unused) 1335{ 1336 dev_t dev; 1337 1338 if( ! bpf_devsw_installed ) { 1339 dev = makedev(CDEV_MAJOR,0); 1340 cdevsw_add(&dev,&bpf_cdevsw,NULL); 1341 bpf_devsw_installed = 1; 1342#ifdef DEVFS 1343 { 1344 int x; 1345/* default for a simple device with no probe routine (usually delete this) */ 1346 x=devfs_add_devsw( 1347/* path name devsw minor type uid gid perm*/ 1348 "/", "bpf", major(dev), 0, DV_CHR, 0, 0, 0600); 1349 } 1350#endif 1351 } 1352} 1353 1354SYSINIT(bpfdev,SI_SUB_DRIVERS,SI_ORDER_MIDDLE+CDEV_MAJOR,bpf_drvinit,NULL) 1355 1356#endif /* JREMOD */ 1357 1358#endif 1359