bpf.c revision 12678
1/* 2 * Copyright (c) 1990, 1991, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * This code is derived from the Stanford/CMU enet packet filter, 6 * (net/enet.c) distributed as part of 4.3BSD, and code contributed 7 * to Berkeley by Steven McCanne and Van Jacobson both of Lawrence 8 * Berkeley Laboratory. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 3. All advertising materials mentioning features or use of this software 19 * must display the following acknowledgement: 20 * This product includes software developed by the University of 21 * California, Berkeley and its contributors. 22 * 4. Neither the name of the University nor the names of its contributors 23 * may be used to endorse or promote products derived from this software 24 * without specific prior written permission. 25 * 26 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 27 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 28 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 29 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 30 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 31 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 34 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 35 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 36 * SUCH DAMAGE. 37 * 38 * @(#)bpf.c 8.2 (Berkeley) 3/28/94 39 * 40 * $Id: bpf.c,v 1.19 1995/12/08 11:18:01 julian Exp $ 41 */ 42 43#include "bpfilter.h" 44 45#if NBPFILTER > 0 46 47#ifndef __GNUC__ 48#define inline 49#else 50#define inline __inline 51#endif 52 53#include <sys/param.h> 54#include <sys/systm.h> 55#include <sys/conf.h> 56#include <machine/cpu.h> /* for bootverbose */ 57#include <sys/mbuf.h> 58#include <sys/buf.h> 59#include <sys/time.h> 60#include <sys/proc.h> 61#include <sys/signalvar.h> 62#include <sys/ioctl.h> 63 64#include <sys/file.h> 65#if defined(sparc) && BSD < 199103 66#include <sys/stream.h> 67#endif 68#include <sys/uio.h> 69 70#include <sys/socket.h> 71#include <sys/socketvar.h> 72#include <sys/protosw.h> 73#include <net/if.h> 74 75#include <net/bpf.h> 76#include <net/bpfdesc.h> 77 78#include <sys/errno.h> 79 80#include <netinet/in.h> 81#include <netinet/if_ether.h> 82#include <sys/kernel.h> 83#include <sys/conf.h> 84#ifdef DEVFS 85#include <sys/devfsext.h> 86#endif /*DEVFS*/ 87 88 89/* 90 * Older BSDs don't have kernel malloc. 91 */ 92#if BSD < 199103 93extern bcopy(); 94static caddr_t bpf_alloc(); 95#include <net/bpf_compat.h> 96#define BPF_BUFSIZE (MCLBYTES-8) 97#define UIOMOVE(cp, len, code, uio) uiomove(cp, len, code, uio) 98#else 99#define BPF_BUFSIZE 4096 100#define UIOMOVE(cp, len, code, uio) uiomove(cp, len, uio) 101#endif 102 103#define PRINET 26 /* interruptible */ 104 105/* 106 * The default read buffer size is patchable. 107 */ 108int bpf_bufsize = BPF_BUFSIZE; 109 110/* 111 * bpf_iflist is the list of interfaces; each corresponds to an ifnet 112 * bpf_dtab holds the descriptors, indexed by minor device # 113 */ 114struct bpf_if *bpf_iflist; 115struct bpf_d bpf_dtab[NBPFILTER]; 116 117#if BSD >= 199207 118/* 119 * bpfilterattach() is called at boot time in new systems. We do 120 * nothing here since old systems will not call this. 121 */ 122/* ARGSUSED */ 123void 124bpfilterattach(n) 125 int n; 126{ 127} 128#endif 129 130static int bpf_allocbufs __P((struct bpf_d *)); 131static void bpf_attachd __P((struct bpf_d *d, struct bpf_if *bp)); 132static void bpf_detachd __P((struct bpf_d *d)); 133static void bpf_freed __P((struct bpf_d *)); 134static void bpf_ifname __P((struct ifnet *, struct ifreq *)); 135static void bpf_mcopy __P((const void *, void *, u_int)); 136static int bpf_movein __P((struct uio *, int, 137 struct mbuf **, struct sockaddr *, int *)); 138static int bpf_setif __P((struct bpf_d *, struct ifreq *)); 139static inline void 140 bpf_wakeup __P((struct bpf_d *)); 141static void catchpacket __P((struct bpf_d *, u_char *, u_int, 142 u_int, void (*)(const void *, void *, u_int))); 143static void reset_d __P((struct bpf_d *)); 144 145static d_open_t bpfopen; 146static d_close_t bpfclose; 147static d_read_t bpfread; 148static d_write_t bpfwrite; 149static d_ioctl_t bpfioctl; 150static d_select_t bpfselect; 151 152#define CDEV_MAJOR 23 153static struct cdevsw bpf_cdevsw = 154 { bpfopen, bpfclose, bpfread, bpfwrite, /*23*/ 155 bpfioctl, nostop, nullreset, nodevtotty,/* bpf */ 156 bpfselect, nommap, NULL, "bpf", NULL, -1 }; 157 158 159static int 160bpf_movein(uio, linktype, mp, sockp, datlen) 161 register struct uio *uio; 162 int linktype, *datlen; 163 register struct mbuf **mp; 164 register struct sockaddr *sockp; 165{ 166 struct mbuf *m; 167 int error; 168 int len; 169 int hlen; 170 171 /* 172 * Build a sockaddr based on the data link layer type. 173 * We do this at this level because the ethernet header 174 * is copied directly into the data field of the sockaddr. 175 * In the case of SLIP, there is no header and the packet 176 * is forwarded as is. 177 * Also, we are careful to leave room at the front of the mbuf 178 * for the link level header. 179 */ 180 switch (linktype) { 181 182 case DLT_SLIP: 183 sockp->sa_family = AF_INET; 184 hlen = 0; 185 break; 186 187 case DLT_EN10MB: 188 sockp->sa_family = AF_UNSPEC; 189 /* XXX Would MAXLINKHDR be better? */ 190 hlen = sizeof(struct ether_header); 191 break; 192 193 case DLT_FDDI: 194#if defined(__FreeBSD__) || defined(__bsdi__) 195 sockp->sa_family = AF_IMPLINK; 196 hlen = 0; 197#else 198 sockp->sa_family = AF_UNSPEC; 199 /* XXX 4(FORMAC)+6(dst)+6(src)+3(LLC)+5(SNAP) */ 200 hlen = 24; 201#endif 202 break; 203 204 case DLT_NULL: 205 sockp->sa_family = AF_UNSPEC; 206 hlen = 0; 207 break; 208 209 default: 210 return (EIO); 211 } 212 213 len = uio->uio_resid; 214 *datlen = len - hlen; 215 if ((unsigned)len > MCLBYTES) 216 return (EIO); 217 218 MGETHDR(m, M_WAIT, MT_DATA); 219 if (m == 0) 220 return (ENOBUFS); 221 if (len > MHLEN) { 222#if BSD >= 199103 223 MCLGET(m, M_WAIT); 224 if ((m->m_flags & M_EXT) == 0) { 225#else 226 MCLGET(m); 227 if (m->m_len != MCLBYTES) { 228#endif 229 error = ENOBUFS; 230 goto bad; 231 } 232 } 233 m->m_pkthdr.len = m->m_len = len; 234 m->m_pkthdr.rcvif = NULL; 235 *mp = m; 236 /* 237 * Make room for link header. 238 */ 239 if (hlen != 0) { 240 m->m_len -= hlen; 241#if BSD >= 199103 242 m->m_data += hlen; /* XXX */ 243#else 244 m->m_off += hlen; 245#endif 246 error = UIOMOVE((caddr_t)sockp->sa_data, hlen, UIO_WRITE, uio); 247 if (error) 248 goto bad; 249 } 250 error = UIOMOVE(mtod(m, caddr_t), len - hlen, UIO_WRITE, uio); 251 if (!error) 252 return (0); 253 bad: 254 m_freem(m); 255 return (error); 256} 257 258/* 259 * Attach file to the bpf interface, i.e. make d listen on bp. 260 * Must be called at splimp. 261 */ 262static void 263bpf_attachd(d, bp) 264 struct bpf_d *d; 265 struct bpf_if *bp; 266{ 267 /* 268 * Point d at bp, and add d to the interface's list of listeners. 269 * Finally, point the driver's bpf cookie at the interface so 270 * it will divert packets to bpf. 271 */ 272 d->bd_bif = bp; 273 d->bd_next = bp->bif_dlist; 274 bp->bif_dlist = d; 275 276 *bp->bif_driverp = bp; 277} 278 279/* 280 * Detach a file from its interface. 281 */ 282static void 283bpf_detachd(d) 284 struct bpf_d *d; 285{ 286 struct bpf_d **p; 287 struct bpf_if *bp; 288 289 bp = d->bd_bif; 290 /* 291 * Check if this descriptor had requested promiscuous mode. 292 * If so, turn it off. 293 */ 294 if (d->bd_promisc) { 295 d->bd_promisc = 0; 296 if (ifpromisc(bp->bif_ifp, 0)) 297 /* 298 * Something is really wrong if we were able to put 299 * the driver into promiscuous mode, but can't 300 * take it out. 301 */ 302 panic("bpf: ifpromisc failed"); 303 } 304 /* Remove d from the interface's descriptor list. */ 305 p = &bp->bif_dlist; 306 while (*p != d) { 307 p = &(*p)->bd_next; 308 if (*p == 0) 309 panic("bpf_detachd: descriptor not in list"); 310 } 311 *p = (*p)->bd_next; 312 if (bp->bif_dlist == 0) 313 /* 314 * Let the driver know that there are no more listeners. 315 */ 316 *d->bd_bif->bif_driverp = 0; 317 d->bd_bif = 0; 318} 319 320 321/* 322 * Mark a descriptor free by making it point to itself. 323 * This is probably cheaper than marking with a constant since 324 * the address should be in a register anyway. 325 */ 326#define D_ISFREE(d) ((d) == (d)->bd_next) 327#define D_MARKFREE(d) ((d)->bd_next = (d)) 328#define D_MARKUSED(d) ((d)->bd_next = 0) 329 330/* 331 * Open ethernet device. Returns ENXIO for illegal minor device number, 332 * EBUSY if file is open by another process. 333 */ 334/* ARGSUSED */ 335static int 336bpfopen(dev, flags, fmt, p) 337 dev_t dev; 338 int flags; 339 int fmt; 340 struct proc *p; 341{ 342 register struct bpf_d *d; 343 344 if (minor(dev) >= NBPFILTER) 345 return (ENXIO); 346 /* 347 * Each minor can be opened by only one process. If the requested 348 * minor is in use, return EBUSY. 349 */ 350 d = &bpf_dtab[minor(dev)]; 351 if (!D_ISFREE(d)) 352 return (EBUSY); 353 354 /* Mark "free" and do most initialization. */ 355 bzero((char *)d, sizeof(*d)); 356 d->bd_bufsize = bpf_bufsize; 357 d->bd_sig = SIGIO; 358 359 return (0); 360} 361 362/* 363 * Close the descriptor by detaching it from its interface, 364 * deallocating its buffers, and marking it free. 365 */ 366/* ARGSUSED */ 367static int 368bpfclose(dev, flags, fmt, p) 369 dev_t dev; 370 int flags; 371 int fmt; 372 struct proc *p; 373{ 374 register struct bpf_d *d = &bpf_dtab[minor(dev)]; 375 register int s; 376 377 s = splimp(); 378 if (d->bd_bif) 379 bpf_detachd(d); 380 splx(s); 381 bpf_freed(d); 382 383 return (0); 384} 385 386/* 387 * Support for SunOS, which does not have tsleep. 388 */ 389#if BSD < 199103 390static 391bpf_timeout(arg) 392 caddr_t arg; 393{ 394 struct bpf_d *d = (struct bpf_d *)arg; 395 d->bd_timedout = 1; 396 wakeup(arg); 397} 398 399#define BPF_SLEEP(chan, pri, s, t) bpf_sleep((struct bpf_d *)chan) 400 401int 402bpf_sleep(d) 403 register struct bpf_d *d; 404{ 405 register int rto = d->bd_rtout; 406 register int st; 407 408 if (rto != 0) { 409 d->bd_timedout = 0; 410 timeout(bpf_timeout, (caddr_t)d, rto); 411 } 412 st = sleep((caddr_t)d, PRINET|PCATCH); 413 if (rto != 0) { 414 if (d->bd_timedout == 0) 415 untimeout(bpf_timeout, (caddr_t)d); 416 else if (st == 0) 417 return EWOULDBLOCK; 418 } 419 return (st != 0) ? EINTR : 0; 420} 421#else 422#define BPF_SLEEP tsleep 423#endif 424 425/* 426 * Rotate the packet buffers in descriptor d. Move the store buffer 427 * into the hold slot, and the free buffer into the store slot. 428 * Zero the length of the new store buffer. 429 */ 430#define ROTATE_BUFFERS(d) \ 431 (d)->bd_hbuf = (d)->bd_sbuf; \ 432 (d)->bd_hlen = (d)->bd_slen; \ 433 (d)->bd_sbuf = (d)->bd_fbuf; \ 434 (d)->bd_slen = 0; \ 435 (d)->bd_fbuf = 0; 436/* 437 * bpfread - read next chunk of packets from buffers 438 */ 439static int 440bpfread(dev, uio, ioflag) 441 dev_t dev; 442 register struct uio *uio; 443 int ioflag; 444{ 445 register struct bpf_d *d = &bpf_dtab[minor(dev)]; 446 int error; 447 int s; 448 449 /* 450 * Restrict application to use a buffer the same size as 451 * as kernel buffers. 452 */ 453 if (uio->uio_resid != d->bd_bufsize) 454 return (EINVAL); 455 456 s = splimp(); 457 /* 458 * If the hold buffer is empty, then do a timed sleep, which 459 * ends when the timeout expires or when enough packets 460 * have arrived to fill the store buffer. 461 */ 462 while (d->bd_hbuf == 0) { 463 if (d->bd_immediate && d->bd_slen != 0) { 464 /* 465 * A packet(s) either arrived since the previous 466 * read or arrived while we were asleep. 467 * Rotate the buffers and return what's here. 468 */ 469 ROTATE_BUFFERS(d); 470 break; 471 } 472 if (d->bd_rtout != -1) 473 error = BPF_SLEEP((caddr_t)d, PRINET|PCATCH, "bpf", 474 d->bd_rtout); 475 else 476 error = EWOULDBLOCK; /* User requested non-blocking I/O */ 477 if (error == EINTR || error == ERESTART) { 478 splx(s); 479 return (error); 480 } 481 if (error == EWOULDBLOCK) { 482 /* 483 * On a timeout, return what's in the buffer, 484 * which may be nothing. If there is something 485 * in the store buffer, we can rotate the buffers. 486 */ 487 if (d->bd_hbuf) 488 /* 489 * We filled up the buffer in between 490 * getting the timeout and arriving 491 * here, so we don't need to rotate. 492 */ 493 break; 494 495 if (d->bd_slen == 0) { 496 splx(s); 497 return (0); 498 } 499 ROTATE_BUFFERS(d); 500 break; 501 } 502 } 503 /* 504 * At this point, we know we have something in the hold slot. 505 */ 506 splx(s); 507 508 /* 509 * Move data from hold buffer into user space. 510 * We know the entire buffer is transferred since 511 * we checked above that the read buffer is bpf_bufsize bytes. 512 */ 513 error = UIOMOVE(d->bd_hbuf, d->bd_hlen, UIO_READ, uio); 514 515 s = splimp(); 516 d->bd_fbuf = d->bd_hbuf; 517 d->bd_hbuf = 0; 518 d->bd_hlen = 0; 519 splx(s); 520 521 return (error); 522} 523 524 525/* 526 * If there are processes sleeping on this descriptor, wake them up. 527 */ 528static inline void 529bpf_wakeup(d) 530 register struct bpf_d *d; 531{ 532 struct proc *p; 533 534 wakeup((caddr_t)d); 535 if (d->bd_async && d->bd_sig) 536 if (d->bd_pgid > 0) 537 gsignal (d->bd_pgid, d->bd_sig); 538 else if (p = pfind (-d->bd_pgid)) 539 psignal (p, d->bd_sig); 540 541#if BSD >= 199103 542 selwakeup(&d->bd_sel); 543 /* XXX */ 544 d->bd_sel.si_pid = 0; 545#else 546 if (d->bd_selproc) { 547 selwakeup(d->bd_selproc, (int)d->bd_selcoll); 548 d->bd_selcoll = 0; 549 d->bd_selproc = 0; 550 } 551#endif 552} 553 554static int 555bpfwrite(dev, uio, ioflag) 556 dev_t dev; 557 struct uio *uio; 558 int ioflag; 559{ 560 register struct bpf_d *d = &bpf_dtab[minor(dev)]; 561 struct ifnet *ifp; 562 struct mbuf *m; 563 int error, s; 564 static struct sockaddr dst; 565 int datlen; 566 567 if (d->bd_bif == 0) 568 return (ENXIO); 569 570 ifp = d->bd_bif->bif_ifp; 571 572 if (uio->uio_resid == 0) 573 return (0); 574 575 error = bpf_movein(uio, (int)d->bd_bif->bif_dlt, &m, &dst, &datlen); 576 if (error) 577 return (error); 578 579 if (datlen > ifp->if_mtu) 580 return (EMSGSIZE); 581 582 s = splnet(); 583#if BSD >= 199103 584 error = (*ifp->if_output)(ifp, m, &dst, (struct rtentry *)0); 585#else 586 error = (*ifp->if_output)(ifp, m, &dst); 587#endif 588 splx(s); 589 /* 590 * The driver frees the mbuf. 591 */ 592 return (error); 593} 594 595/* 596 * Reset a descriptor by flushing its packet buffer and clearing the 597 * receive and drop counts. Should be called at splimp. 598 */ 599static void 600reset_d(d) 601 struct bpf_d *d; 602{ 603 if (d->bd_hbuf) { 604 /* Free the hold buffer. */ 605 d->bd_fbuf = d->bd_hbuf; 606 d->bd_hbuf = 0; 607 } 608 d->bd_slen = 0; 609 d->bd_hlen = 0; 610 d->bd_rcount = 0; 611 d->bd_dcount = 0; 612} 613 614/* 615 * FIONREAD Check for read packet available. 616 * SIOCGIFADDR Get interface address - convenient hook to driver. 617 * BIOCGBLEN Get buffer len [for read()]. 618 * BIOCSETF Set ethernet read filter. 619 * BIOCFLUSH Flush read packet buffer. 620 * BIOCPROMISC Put interface into promiscuous mode. 621 * BIOCGDLT Get link layer type. 622 * BIOCGETIF Get interface name. 623 * BIOCSETIF Set interface. 624 * BIOCSRTIMEOUT Set read timeout. 625 * BIOCGRTIMEOUT Get read timeout. 626 * BIOCGSTATS Get packet stats. 627 * BIOCIMMEDIATE Set immediate mode. 628 * BIOCVERSION Get filter language version. 629 */ 630/* ARGSUSED */ 631static int 632bpfioctl(dev, cmd, addr, flags, p) 633 dev_t dev; 634 int cmd; 635 caddr_t addr; 636 int flags; 637 struct proc *p; 638{ 639 register struct bpf_d *d = &bpf_dtab[minor(dev)]; 640 int s, error = 0; 641 642 switch (cmd) { 643 644 default: 645 error = EINVAL; 646 break; 647 648 /* 649 * Check for read packet available. 650 */ 651 case FIONREAD: 652 { 653 int n; 654 655 s = splimp(); 656 n = d->bd_slen; 657 if (d->bd_hbuf) 658 n += d->bd_hlen; 659 splx(s); 660 661 *(int *)addr = n; 662 break; 663 } 664 665 case SIOCGIFADDR: 666 { 667 struct ifnet *ifp; 668 669 if (d->bd_bif == 0) 670 error = EINVAL; 671 else { 672 ifp = d->bd_bif->bif_ifp; 673 error = (*ifp->if_ioctl)(ifp, cmd, addr); 674 } 675 break; 676 } 677 678 /* 679 * Get buffer len [for read()]. 680 */ 681 case BIOCGBLEN: 682 *(u_int *)addr = d->bd_bufsize; 683 break; 684 685 /* 686 * Set buffer length. 687 */ 688 case BIOCSBLEN: 689#if BSD < 199103 690 error = EINVAL; 691#else 692 if (d->bd_bif != 0) 693 error = EINVAL; 694 else { 695 register u_int size = *(u_int *)addr; 696 697 if (size > BPF_MAXBUFSIZE) 698 *(u_int *)addr = size = BPF_MAXBUFSIZE; 699 else if (size < BPF_MINBUFSIZE) 700 *(u_int *)addr = size = BPF_MINBUFSIZE; 701 d->bd_bufsize = size; 702 } 703#endif 704 break; 705 706 /* 707 * Set link layer read filter. 708 */ 709 case BIOCSETF: 710 error = bpf_setf(d, (struct bpf_program *)addr); 711 break; 712 713 /* 714 * Flush read packet buffer. 715 */ 716 case BIOCFLUSH: 717 s = splimp(); 718 reset_d(d); 719 splx(s); 720 break; 721 722 /* 723 * Put interface into promiscuous mode. 724 */ 725 case BIOCPROMISC: 726 if (d->bd_bif == 0) { 727 /* 728 * No interface attached yet. 729 */ 730 error = EINVAL; 731 break; 732 } 733 s = splimp(); 734 if (d->bd_promisc == 0) { 735 error = ifpromisc(d->bd_bif->bif_ifp, 1); 736 if (error == 0) 737 d->bd_promisc = 1; 738 } 739 splx(s); 740 break; 741 742 /* 743 * Get device parameters. 744 */ 745 case BIOCGDLT: 746 if (d->bd_bif == 0) 747 error = EINVAL; 748 else 749 *(u_int *)addr = d->bd_bif->bif_dlt; 750 break; 751 752 /* 753 * Set interface name. 754 */ 755 case BIOCGETIF: 756 if (d->bd_bif == 0) 757 error = EINVAL; 758 else 759 bpf_ifname(d->bd_bif->bif_ifp, (struct ifreq *)addr); 760 break; 761 762 /* 763 * Set interface. 764 */ 765 case BIOCSETIF: 766 error = bpf_setif(d, (struct ifreq *)addr); 767 break; 768 769 /* 770 * Set read timeout. 771 */ 772 case BIOCSRTIMEOUT: 773 { 774 struct timeval *tv = (struct timeval *)addr; 775 u_long msec; 776 777 /* Compute number of milliseconds. */ 778 msec = tv->tv_sec * 1000 + tv->tv_usec / 1000; 779 /* Scale milliseconds to ticks. Assume hard 780 clock has millisecond or greater resolution 781 (i.e. tick >= 1000). For 10ms hardclock, 782 tick/1000 = 10, so rtout<-msec/10. */ 783 d->bd_rtout = msec / (tick / 1000); 784 break; 785 } 786 787 /* 788 * Get read timeout. 789 */ 790 case BIOCGRTIMEOUT: 791 { 792 struct timeval *tv = (struct timeval *)addr; 793 u_long msec = d->bd_rtout; 794 795 msec *= tick / 1000; 796 tv->tv_sec = msec / 1000; 797 tv->tv_usec = msec % 1000; 798 break; 799 } 800 801 /* 802 * Get packet stats. 803 */ 804 case BIOCGSTATS: 805 { 806 struct bpf_stat *bs = (struct bpf_stat *)addr; 807 808 bs->bs_recv = d->bd_rcount; 809 bs->bs_drop = d->bd_dcount; 810 break; 811 } 812 813 /* 814 * Set immediate mode. 815 */ 816 case BIOCIMMEDIATE: 817 d->bd_immediate = *(u_int *)addr; 818 break; 819 820 case BIOCVERSION: 821 { 822 struct bpf_version *bv = (struct bpf_version *)addr; 823 824 bv->bv_major = BPF_MAJOR_VERSION; 825 bv->bv_minor = BPF_MINOR_VERSION; 826 break; 827 } 828 829 830 case FIONBIO: /* Non-blocking I/O */ 831 if (*(int *)addr) 832 d->bd_rtout = -1; 833 else 834 d->bd_rtout = 0; 835 break; 836 837 case FIOASYNC: /* Send signal on receive packets */ 838 d->bd_async = *(int *)addr; 839 break; 840 841/* N.B. ioctl (FIOSETOWN) and fcntl (F_SETOWN) both end up doing the 842 equivalent of a TIOCSPGRP and hence end up here. *However* TIOCSPGRP's arg 843 is a process group if it's positive and a process id if it's negative. This 844 is exactly the opposite of what the other two functions want! Therefore 845 there is code in ioctl and fcntl to negate the arg before calling here. */ 846 847 case TIOCSPGRP: /* Process or group to send signals to */ 848 d->bd_pgid = *(int *)addr; 849 break; 850 851 case TIOCGPGRP: 852 *(int *)addr = d->bd_pgid; 853 break; 854 855 case BIOCSRSIG: /* Set receive signal */ 856 { 857 u_int sig; 858 859 sig = *(u_int *)addr; 860 861 if (sig >= NSIG) 862 error = EINVAL; 863 else 864 d->bd_sig = sig; 865 break; 866 } 867 case BIOCGRSIG: 868 *(u_int *)addr = d->bd_sig; 869 break; 870 } 871 return (error); 872} 873 874/* 875 * Set d's packet filter program to fp. If this file already has a filter, 876 * free it and replace it. Returns EINVAL for bogus requests. 877 */ 878int 879bpf_setf(d, fp) 880 struct bpf_d *d; 881 struct bpf_program *fp; 882{ 883 struct bpf_insn *fcode, *old; 884 u_int flen, size; 885 int s; 886 887 old = d->bd_filter; 888 if (fp->bf_insns == 0) { 889 if (fp->bf_len != 0) 890 return (EINVAL); 891 s = splimp(); 892 d->bd_filter = 0; 893 reset_d(d); 894 splx(s); 895 if (old != 0) 896 free((caddr_t)old, M_DEVBUF); 897 return (0); 898 } 899 flen = fp->bf_len; 900 if (flen > BPF_MAXINSNS) 901 return (EINVAL); 902 903 size = flen * sizeof(*fp->bf_insns); 904 fcode = (struct bpf_insn *)malloc(size, M_DEVBUF, M_WAITOK); 905 if (copyin((caddr_t)fp->bf_insns, (caddr_t)fcode, size) == 0 && 906 bpf_validate(fcode, (int)flen)) { 907 s = splimp(); 908 d->bd_filter = fcode; 909 reset_d(d); 910 splx(s); 911 if (old != 0) 912 free((caddr_t)old, M_DEVBUF); 913 914 return (0); 915 } 916 free((caddr_t)fcode, M_DEVBUF); 917 return (EINVAL); 918} 919 920/* 921 * Detach a file from its current interface (if attached at all) and attach 922 * to the interface indicated by the name stored in ifr. 923 * Return an errno or 0. 924 */ 925static int 926bpf_setif(d, ifr) 927 struct bpf_d *d; 928 struct ifreq *ifr; 929{ 930 struct bpf_if *bp; 931 char *cp; 932 int unit, s, error; 933 934 /* 935 * Separate string into name part and unit number. Put a null 936 * byte at the end of the name part, and compute the number. 937 * If the a unit number is unspecified, the default is 0, 938 * as initialized above. XXX This should be common code. 939 */ 940 unit = 0; 941 cp = ifr->ifr_name; 942 cp[sizeof(ifr->ifr_name) - 1] = '\0'; 943 while (*cp++) { 944 if (*cp >= '0' && *cp <= '9') { 945 unit = *cp - '0'; 946 *cp++ = '\0'; 947 while (*cp) 948 unit = 10 * unit + *cp++ - '0'; 949 break; 950 } 951 } 952 /* 953 * Look through attached interfaces for the named one. 954 */ 955 for (bp = bpf_iflist; bp != 0; bp = bp->bif_next) { 956 struct ifnet *ifp = bp->bif_ifp; 957 958 if (ifp == 0 || unit != ifp->if_unit 959 || strcmp(ifp->if_name, ifr->ifr_name) != 0) 960 continue; 961 /* 962 * We found the requested interface. 963 * If it's not up, return an error. 964 * Allocate the packet buffers if we need to. 965 * If we're already attached to requested interface, 966 * just flush the buffer. 967 */ 968 if ((ifp->if_flags & IFF_UP) == 0) 969 return (ENETDOWN); 970 971 if (d->bd_sbuf == 0) { 972 error = bpf_allocbufs(d); 973 if (error != 0) 974 return (error); 975 } 976 s = splimp(); 977 if (bp != d->bd_bif) { 978 if (d->bd_bif) 979 /* 980 * Detach if attached to something else. 981 */ 982 bpf_detachd(d); 983 984 bpf_attachd(d, bp); 985 } 986 reset_d(d); 987 splx(s); 988 return (0); 989 } 990 /* Not found. */ 991 return (ENXIO); 992} 993 994/* 995 * Convert an interface name plus unit number of an ifp to a single 996 * name which is returned in the ifr. 997 */ 998static void 999bpf_ifname(ifp, ifr) 1000 struct ifnet *ifp; 1001 struct ifreq *ifr; 1002{ 1003 char *s = ifp->if_name; 1004 char *d = ifr->ifr_name; 1005 1006 while (*d++ = *s++) 1007 continue; 1008 /* XXX Assume that unit number is less than 10. */ 1009 *d++ = ifp->if_unit + '0'; 1010 *d = '\0'; 1011} 1012 1013/* 1014 * The new select interface passes down the proc pointer; the old select 1015 * stubs had to grab it out of the user struct. This glue allows either case. 1016 */ 1017#if BSD >= 199103 1018#define bpf_select bpfselect 1019#else 1020static int 1021bpfselect(dev, rw) 1022 register dev_t dev; 1023 int rw; 1024{ 1025 return (bpf_select(dev, rw, u.u_procp)); 1026} 1027#endif 1028 1029/* 1030 * Support for select() system call 1031 * 1032 * Return true iff the specific operation will not block indefinitely. 1033 * Otherwise, return false but make a note that a selwakeup() must be done. 1034 */ 1035int 1036bpf_select(dev, rw, p) 1037 register dev_t dev; 1038 int rw; 1039 struct proc *p; 1040{ 1041 register struct bpf_d *d; 1042 register int s; 1043 1044 if (rw != FREAD) 1045 return (0); 1046 /* 1047 * An imitation of the FIONREAD ioctl code. 1048 */ 1049 d = &bpf_dtab[minor(dev)]; 1050 1051 s = splimp(); 1052 if (d->bd_hlen != 0 || (d->bd_immediate && d->bd_slen != 0)) { 1053 /* 1054 * There is data waiting. 1055 */ 1056 splx(s); 1057 return (1); 1058 } 1059#if BSD >= 199103 1060 selrecord(p, &d->bd_sel); 1061#else 1062 /* 1063 * No data ready. If there's already a select() waiting on this 1064 * minor device then this is a collision. This shouldn't happen 1065 * because minors really should not be shared, but if a process 1066 * forks while one of these is open, it is possible that both 1067 * processes could select on the same descriptor. 1068 */ 1069 if (d->bd_selproc && d->bd_selproc->p_wchan == (caddr_t)&selwait) 1070 d->bd_selcoll = 1; 1071 else 1072 d->bd_selproc = p; 1073#endif 1074 splx(s); 1075 return (0); 1076} 1077 1078/* 1079 * Incoming linkage from device drivers. Process the packet pkt, of length 1080 * pktlen, which is stored in a contiguous buffer. The packet is parsed 1081 * by each process' filter, and if accepted, stashed into the corresponding 1082 * buffer. 1083 */ 1084void 1085bpf_tap(arg, pkt, pktlen) 1086 caddr_t arg; 1087 register u_char *pkt; 1088 register u_int pktlen; 1089{ 1090 struct bpf_if *bp; 1091 register struct bpf_d *d; 1092 register u_int slen; 1093 /* 1094 * Note that the ipl does not have to be raised at this point. 1095 * The only problem that could arise here is that if two different 1096 * interfaces shared any data. This is not the case. 1097 */ 1098 bp = (struct bpf_if *)arg; 1099 for (d = bp->bif_dlist; d != 0; d = d->bd_next) { 1100 ++d->bd_rcount; 1101 slen = bpf_filter(d->bd_filter, pkt, pktlen, pktlen); 1102 if (slen != 0) 1103 catchpacket(d, pkt, pktlen, slen, bcopy); 1104 } 1105} 1106 1107/* 1108 * Copy data from an mbuf chain into a buffer. This code is derived 1109 * from m_copydata in sys/uipc_mbuf.c. 1110 */ 1111static void 1112bpf_mcopy(src_arg, dst_arg, len) 1113 const void *src_arg; 1114 void *dst_arg; 1115 register u_int len; 1116{ 1117 register const struct mbuf *m; 1118 register u_int count; 1119 u_char *dst; 1120 1121 m = src_arg; 1122 dst = dst_arg; 1123 while (len > 0) { 1124 if (m == 0) 1125 panic("bpf_mcopy"); 1126 count = min(m->m_len, len); 1127 (void)memcpy((caddr_t)dst, mtod(m, caddr_t), count); 1128 m = m->m_next; 1129 dst += count; 1130 len -= count; 1131 } 1132} 1133 1134/* 1135 * Incoming linkage from device drivers, when packet is in an mbuf chain. 1136 */ 1137void 1138bpf_mtap(arg, m) 1139 caddr_t arg; 1140 struct mbuf *m; 1141{ 1142 struct bpf_if *bp = (struct bpf_if *)arg; 1143 struct bpf_d *d; 1144 u_int pktlen, slen; 1145 struct mbuf *m0; 1146 1147 pktlen = 0; 1148 for (m0 = m; m0 != 0; m0 = m0->m_next) 1149 pktlen += m0->m_len; 1150 1151 for (d = bp->bif_dlist; d != 0; d = d->bd_next) { 1152 ++d->bd_rcount; 1153 slen = bpf_filter(d->bd_filter, (u_char *)m, pktlen, 0); 1154 if (slen != 0) 1155 catchpacket(d, (u_char *)m, pktlen, slen, bpf_mcopy); 1156 } 1157} 1158 1159/* 1160 * Move the packet data from interface memory (pkt) into the 1161 * store buffer. Return 1 if it's time to wakeup a listener (buffer full), 1162 * otherwise 0. "copy" is the routine called to do the actual data 1163 * transfer. bcopy is passed in to copy contiguous chunks, while 1164 * bpf_mcopy is passed in to copy mbuf chains. In the latter case, 1165 * pkt is really an mbuf. 1166 */ 1167static void 1168catchpacket(d, pkt, pktlen, snaplen, cpfn) 1169 register struct bpf_d *d; 1170 register u_char *pkt; 1171 register u_int pktlen, snaplen; 1172 register void (*cpfn)(const void *, void *, u_int); 1173{ 1174 register struct bpf_hdr *hp; 1175 register int totlen, curlen; 1176 register int hdrlen = d->bd_bif->bif_hdrlen; 1177 /* 1178 * Figure out how many bytes to move. If the packet is 1179 * greater or equal to the snapshot length, transfer that 1180 * much. Otherwise, transfer the whole packet (unless 1181 * we hit the buffer size limit). 1182 */ 1183 totlen = hdrlen + min(snaplen, pktlen); 1184 if (totlen > d->bd_bufsize) 1185 totlen = d->bd_bufsize; 1186 1187 /* 1188 * Round up the end of the previous packet to the next longword. 1189 */ 1190 curlen = BPF_WORDALIGN(d->bd_slen); 1191 if (curlen + totlen > d->bd_bufsize) { 1192 /* 1193 * This packet will overflow the storage buffer. 1194 * Rotate the buffers if we can, then wakeup any 1195 * pending reads. 1196 */ 1197 if (d->bd_fbuf == 0) { 1198 /* 1199 * We haven't completed the previous read yet, 1200 * so drop the packet. 1201 */ 1202 ++d->bd_dcount; 1203 return; 1204 } 1205 ROTATE_BUFFERS(d); 1206 bpf_wakeup(d); 1207 curlen = 0; 1208 } 1209 else if (d->bd_immediate) 1210 /* 1211 * Immediate mode is set. A packet arrived so any 1212 * reads should be woken up. 1213 */ 1214 bpf_wakeup(d); 1215 1216 /* 1217 * Append the bpf header. 1218 */ 1219 hp = (struct bpf_hdr *)(d->bd_sbuf + curlen); 1220#if BSD >= 199103 1221 microtime(&hp->bh_tstamp); 1222#elif defined(sun) 1223 uniqtime(&hp->bh_tstamp); 1224#else 1225 hp->bh_tstamp = time; 1226#endif 1227 hp->bh_datalen = pktlen; 1228 hp->bh_hdrlen = hdrlen; 1229 /* 1230 * Copy the packet data into the store buffer and update its length. 1231 */ 1232 (*cpfn)(pkt, (u_char *)hp + hdrlen, (hp->bh_caplen = totlen - hdrlen)); 1233 d->bd_slen = curlen + totlen; 1234} 1235 1236/* 1237 * Initialize all nonzero fields of a descriptor. 1238 */ 1239static int 1240bpf_allocbufs(d) 1241 register struct bpf_d *d; 1242{ 1243 d->bd_fbuf = (caddr_t)malloc(d->bd_bufsize, M_DEVBUF, M_WAITOK); 1244 if (d->bd_fbuf == 0) 1245 return (ENOBUFS); 1246 1247 d->bd_sbuf = (caddr_t)malloc(d->bd_bufsize, M_DEVBUF, M_WAITOK); 1248 if (d->bd_sbuf == 0) { 1249 free(d->bd_fbuf, M_DEVBUF); 1250 return (ENOBUFS); 1251 } 1252 d->bd_slen = 0; 1253 d->bd_hlen = 0; 1254 return (0); 1255} 1256 1257/* 1258 * Free buffers currently in use by a descriptor. 1259 * Called on close. 1260 */ 1261static void 1262bpf_freed(d) 1263 register struct bpf_d *d; 1264{ 1265 /* 1266 * We don't need to lock out interrupts since this descriptor has 1267 * been detached from its interface and it yet hasn't been marked 1268 * free. 1269 */ 1270 if (d->bd_sbuf != 0) { 1271 free(d->bd_sbuf, M_DEVBUF); 1272 if (d->bd_hbuf != 0) 1273 free(d->bd_hbuf, M_DEVBUF); 1274 if (d->bd_fbuf != 0) 1275 free(d->bd_fbuf, M_DEVBUF); 1276 } 1277 if (d->bd_filter) 1278 free((caddr_t)d->bd_filter, M_DEVBUF); 1279 1280 D_MARKFREE(d); 1281} 1282 1283/* 1284 * Attach an interface to bpf. driverp is a pointer to a (struct bpf_if *) 1285 * in the driver's softc; dlt is the link layer type; hdrlen is the fixed 1286 * size of the link header (variable length headers not yet supported). 1287 */ 1288void 1289bpfattach(driverp, ifp, dlt, hdrlen) 1290 caddr_t *driverp; 1291 struct ifnet *ifp; 1292 u_int dlt, hdrlen; 1293{ 1294 struct bpf_if *bp; 1295 int i; 1296#if BSD < 199103 1297 static struct bpf_if bpf_ifs[NBPFILTER]; 1298 static int bpfifno; 1299 1300 bp = (bpfifno < NBPFILTER) ? &bpf_ifs[bpfifno++] : 0; 1301#else 1302 bp = (struct bpf_if *)malloc(sizeof(*bp), M_DEVBUF, M_DONTWAIT); 1303#endif 1304 if (bp == 0) 1305 panic("bpfattach"); 1306 1307 bp->bif_dlist = 0; 1308 bp->bif_driverp = (struct bpf_if **)driverp; 1309 bp->bif_ifp = ifp; 1310 bp->bif_dlt = dlt; 1311 1312 bp->bif_next = bpf_iflist; 1313 bpf_iflist = bp; 1314 1315 *bp->bif_driverp = 0; 1316 1317 /* 1318 * Compute the length of the bpf header. This is not necessarily 1319 * equal to SIZEOF_BPF_HDR because we want to insert spacing such 1320 * that the network layer header begins on a longword boundary (for 1321 * performance reasons and to alleviate alignment restrictions). 1322 */ 1323 bp->bif_hdrlen = BPF_WORDALIGN(hdrlen + SIZEOF_BPF_HDR) - hdrlen; 1324 1325 /* 1326 * Mark all the descriptors free if this hasn't been done. 1327 */ 1328 if (!D_ISFREE(&bpf_dtab[0])) 1329 for (i = 0; i < NBPFILTER; ++i) 1330 D_MARKFREE(&bpf_dtab[i]); 1331 1332 if (bootverbose) 1333 printf("bpf: %s%d attached\n", ifp->if_name, ifp->if_unit); 1334} 1335 1336static void *bpf_devfs_token[NBPFILTER]; 1337 1338static bpf_devsw_installed = 0; 1339 1340static void bpf_drvinit(void *unused) 1341{ 1342 dev_t dev; 1343 int i; 1344 char name[32]; 1345 1346 if( ! bpf_devsw_installed ) { 1347 dev = makedev(CDEV_MAJOR, 0); 1348 cdevsw_add(&dev,&bpf_cdevsw, NULL); 1349 bpf_devsw_installed = 1; 1350#ifdef DEVFS 1351 for ( i = 0 ; i < NBPFILTER ; i++ ) { 1352 sprintf(name,"bpf%d",i); 1353 bpf_devfs_token[i] = 1354 devfs_add_devsw( "/", name, 1355 &bpf_cdevsw, i, DV_CHR, 0, 0, 0600); 1356 } 1357#endif 1358 } 1359} 1360 1361SYSINIT(bpfdev,SI_SUB_DRIVERS,SI_ORDER_MIDDLE+CDEV_MAJOR,bpf_drvinit,NULL) 1362 1363#endif 1364