bpf.c revision 16206
1/* 2 * Copyright (c) 1990, 1991, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * This code is derived from the Stanford/CMU enet packet filter, 6 * (net/enet.c) distributed as part of 4.3BSD, and code contributed 7 * to Berkeley by Steven McCanne and Van Jacobson both of Lawrence 8 * Berkeley Laboratory. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 3. All advertising materials mentioning features or use of this software 19 * must display the following acknowledgement: 20 * This product includes software developed by the University of 21 * California, Berkeley and its contributors. 22 * 4. Neither the name of the University nor the names of its contributors 23 * may be used to endorse or promote products derived from this software 24 * without specific prior written permission. 25 * 26 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 27 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 28 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 29 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 30 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 31 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 34 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 35 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 36 * SUCH DAMAGE. 37 * 38 * @(#)bpf.c 8.2 (Berkeley) 3/28/94 39 * 40 * $Id: bpf.c,v 1.25 1996/06/08 06:12:58 davidg Exp $ 41 */ 42 43#include "bpfilter.h" 44 45#if NBPFILTER > 0 46 47#ifndef __GNUC__ 48#define inline 49#else 50#define inline __inline 51#endif 52 53#include <sys/param.h> 54#include <sys/systm.h> 55#include <sys/conf.h> 56#include <sys/mbuf.h> 57#include <sys/buf.h> 58#include <sys/time.h> 59#include <sys/proc.h> 60#include <sys/signalvar.h> 61#include <sys/ioctl.h> 62 63#include <sys/file.h> 64#if defined(sparc) && BSD < 199103 65#include <sys/stream.h> 66#endif 67#include <sys/uio.h> 68 69#include <sys/socket.h> 70#include <sys/socketvar.h> 71#include <sys/protosw.h> 72#include <net/if.h> 73 74#include <net/bpf.h> 75#include <net/bpfdesc.h> 76 77#include <sys/errno.h> 78 79#include <netinet/in.h> 80#include <netinet/if_ether.h> 81#include <sys/kernel.h> 82#include <sys/sysctl.h> 83#include <sys/conf.h> 84#ifdef DEVFS 85#include <sys/devfsext.h> 86#endif /*DEVFS*/ 87 88 89/* 90 * Older BSDs don't have kernel malloc. 91 */ 92#if BSD < 199103 93extern bcopy(); 94static caddr_t bpf_alloc(); 95#include <net/bpf_compat.h> 96#define BPF_BUFSIZE (MCLBYTES-8) 97#define UIOMOVE(cp, len, code, uio) uiomove(cp, len, code, uio) 98#else 99#define BPF_BUFSIZE 4096 100#define UIOMOVE(cp, len, code, uio) uiomove(cp, len, uio) 101#endif 102 103#define PRINET 26 /* interruptible */ 104 105/* 106 * The default read buffer size is patchable. 107 */ 108static int bpf_bufsize = BPF_BUFSIZE; 109SYSCTL_INT(_debug, OID_AUTO, bpf_bufsize, CTLFLAG_RW, 110 &bpf_bufsize, 0, ""); 111 112/* 113 * bpf_iflist is the list of interfaces; each corresponds to an ifnet 114 * bpf_dtab holds the descriptors, indexed by minor device # 115 */ 116static struct bpf_if *bpf_iflist; 117static struct bpf_d bpf_dtab[NBPFILTER]; 118 119static int bpf_allocbufs __P((struct bpf_d *)); 120static void bpf_attachd __P((struct bpf_d *d, struct bpf_if *bp)); 121static void bpf_detachd __P((struct bpf_d *d)); 122static void bpf_freed __P((struct bpf_d *)); 123static void bpf_ifname __P((struct ifnet *, struct ifreq *)); 124static void bpf_mcopy __P((const void *, void *, u_int)); 125static int bpf_movein __P((struct uio *, int, 126 struct mbuf **, struct sockaddr *, int *)); 127static int bpf_setif __P((struct bpf_d *, struct ifreq *)); 128static inline void 129 bpf_wakeup __P((struct bpf_d *)); 130static void catchpacket __P((struct bpf_d *, u_char *, u_int, 131 u_int, void (*)(const void *, void *, u_int))); 132static void reset_d __P((struct bpf_d *)); 133static int bpf_setf __P((struct bpf_d *, struct bpf_program *)); 134 135static d_open_t bpfopen; 136static d_close_t bpfclose; 137static d_read_t bpfread; 138static d_write_t bpfwrite; 139static d_ioctl_t bpfioctl; 140static d_select_t bpfselect; 141 142#define CDEV_MAJOR 23 143static struct cdevsw bpf_cdevsw = 144 { bpfopen, bpfclose, bpfread, bpfwrite, /*23*/ 145 bpfioctl, nostop, nullreset, nodevtotty,/* bpf */ 146 bpfselect, nommap, NULL, "bpf", NULL, -1 }; 147 148 149static int 150bpf_movein(uio, linktype, mp, sockp, datlen) 151 register struct uio *uio; 152 int linktype, *datlen; 153 register struct mbuf **mp; 154 register struct sockaddr *sockp; 155{ 156 struct mbuf *m; 157 int error; 158 int len; 159 int hlen; 160 161 /* 162 * Build a sockaddr based on the data link layer type. 163 * We do this at this level because the ethernet header 164 * is copied directly into the data field of the sockaddr. 165 * In the case of SLIP, there is no header and the packet 166 * is forwarded as is. 167 * Also, we are careful to leave room at the front of the mbuf 168 * for the link level header. 169 */ 170 switch (linktype) { 171 172 case DLT_SLIP: 173 sockp->sa_family = AF_INET; 174 hlen = 0; 175 break; 176 177 case DLT_EN10MB: 178 sockp->sa_family = AF_UNSPEC; 179 /* XXX Would MAXLINKHDR be better? */ 180 hlen = sizeof(struct ether_header); 181 break; 182 183 case DLT_FDDI: 184#if defined(__FreeBSD__) || defined(__bsdi__) 185 sockp->sa_family = AF_IMPLINK; 186 hlen = 0; 187#else 188 sockp->sa_family = AF_UNSPEC; 189 /* XXX 4(FORMAC)+6(dst)+6(src)+3(LLC)+5(SNAP) */ 190 hlen = 24; 191#endif 192 break; 193 194 case DLT_NULL: 195 sockp->sa_family = AF_UNSPEC; 196 hlen = 0; 197 break; 198 199 default: 200 return (EIO); 201 } 202 203 len = uio->uio_resid; 204 *datlen = len - hlen; 205 if ((unsigned)len > MCLBYTES) 206 return (EIO); 207 208 MGETHDR(m, M_WAIT, MT_DATA); 209 if (m == 0) 210 return (ENOBUFS); 211 if (len > MHLEN) { 212#if BSD >= 199103 213 MCLGET(m, M_WAIT); 214 if ((m->m_flags & M_EXT) == 0) { 215#else 216 MCLGET(m); 217 if (m->m_len != MCLBYTES) { 218#endif 219 error = ENOBUFS; 220 goto bad; 221 } 222 } 223 m->m_pkthdr.len = m->m_len = len; 224 m->m_pkthdr.rcvif = NULL; 225 *mp = m; 226 /* 227 * Make room for link header. 228 */ 229 if (hlen != 0) { 230 m->m_len -= hlen; 231#if BSD >= 199103 232 m->m_data += hlen; /* XXX */ 233#else 234 m->m_off += hlen; 235#endif 236 error = UIOMOVE((caddr_t)sockp->sa_data, hlen, UIO_WRITE, uio); 237 if (error) 238 goto bad; 239 } 240 error = UIOMOVE(mtod(m, caddr_t), len - hlen, UIO_WRITE, uio); 241 if (!error) 242 return (0); 243 bad: 244 m_freem(m); 245 return (error); 246} 247 248/* 249 * Attach file to the bpf interface, i.e. make d listen on bp. 250 * Must be called at splimp. 251 */ 252static void 253bpf_attachd(d, bp) 254 struct bpf_d *d; 255 struct bpf_if *bp; 256{ 257 /* 258 * Point d at bp, and add d to the interface's list of listeners. 259 * Finally, point the driver's bpf cookie at the interface so 260 * it will divert packets to bpf. 261 */ 262 d->bd_bif = bp; 263 d->bd_next = bp->bif_dlist; 264 bp->bif_dlist = d; 265 266 bp->bif_ifp->if_bpf = bp; 267} 268 269/* 270 * Detach a file from its interface. 271 */ 272static void 273bpf_detachd(d) 274 struct bpf_d *d; 275{ 276 struct bpf_d **p; 277 struct bpf_if *bp; 278 279 bp = d->bd_bif; 280 /* 281 * Check if this descriptor had requested promiscuous mode. 282 * If so, turn it off. 283 */ 284 if (d->bd_promisc) { 285 d->bd_promisc = 0; 286 if (ifpromisc(bp->bif_ifp, 0)) 287 /* 288 * Something is really wrong if we were able to put 289 * the driver into promiscuous mode, but can't 290 * take it out. 291 */ 292 panic("bpf: ifpromisc failed"); 293 } 294 /* Remove d from the interface's descriptor list. */ 295 p = &bp->bif_dlist; 296 while (*p != d) { 297 p = &(*p)->bd_next; 298 if (*p == 0) 299 panic("bpf_detachd: descriptor not in list"); 300 } 301 *p = (*p)->bd_next; 302 if (bp->bif_dlist == 0) 303 /* 304 * Let the driver know that there are no more listeners. 305 */ 306 d->bd_bif->bif_ifp->if_bpf = 0; 307 d->bd_bif = 0; 308} 309 310 311/* 312 * Mark a descriptor free by making it point to itself. 313 * This is probably cheaper than marking with a constant since 314 * the address should be in a register anyway. 315 */ 316#define D_ISFREE(d) ((d) == (d)->bd_next) 317#define D_MARKFREE(d) ((d)->bd_next = (d)) 318#define D_MARKUSED(d) ((d)->bd_next = 0) 319 320/* 321 * Open ethernet device. Returns ENXIO for illegal minor device number, 322 * EBUSY if file is open by another process. 323 */ 324/* ARGSUSED */ 325static int 326bpfopen(dev, flags, fmt, p) 327 dev_t dev; 328 int flags; 329 int fmt; 330 struct proc *p; 331{ 332 register struct bpf_d *d; 333 334 if (minor(dev) >= NBPFILTER) 335 return (ENXIO); 336 /* 337 * Each minor can be opened by only one process. If the requested 338 * minor is in use, return EBUSY. 339 */ 340 d = &bpf_dtab[minor(dev)]; 341 if (!D_ISFREE(d)) 342 return (EBUSY); 343 344 /* Mark "free" and do most initialization. */ 345 bzero((char *)d, sizeof(*d)); 346 d->bd_bufsize = bpf_bufsize; 347 d->bd_sig = SIGIO; 348 349 return (0); 350} 351 352/* 353 * Close the descriptor by detaching it from its interface, 354 * deallocating its buffers, and marking it free. 355 */ 356/* ARGSUSED */ 357static int 358bpfclose(dev, flags, fmt, p) 359 dev_t dev; 360 int flags; 361 int fmt; 362 struct proc *p; 363{ 364 register struct bpf_d *d = &bpf_dtab[minor(dev)]; 365 register int s; 366 367 s = splimp(); 368 if (d->bd_bif) 369 bpf_detachd(d); 370 splx(s); 371 bpf_freed(d); 372 373 return (0); 374} 375 376/* 377 * Support for SunOS, which does not have tsleep. 378 */ 379#if BSD < 199103 380static 381bpf_timeout(arg) 382 caddr_t arg; 383{ 384 struct bpf_d *d = (struct bpf_d *)arg; 385 d->bd_timedout = 1; 386 wakeup(arg); 387} 388 389#define BPF_SLEEP(chan, pri, s, t) bpf_sleep((struct bpf_d *)chan) 390 391int 392bpf_sleep(d) 393 register struct bpf_d *d; 394{ 395 register int rto = d->bd_rtout; 396 register int st; 397 398 if (rto != 0) { 399 d->bd_timedout = 0; 400 timeout(bpf_timeout, (caddr_t)d, rto); 401 } 402 st = sleep((caddr_t)d, PRINET|PCATCH); 403 if (rto != 0) { 404 if (d->bd_timedout == 0) 405 untimeout(bpf_timeout, (caddr_t)d); 406 else if (st == 0) 407 return EWOULDBLOCK; 408 } 409 return (st != 0) ? EINTR : 0; 410} 411#else 412#define BPF_SLEEP tsleep 413#endif 414 415/* 416 * Rotate the packet buffers in descriptor d. Move the store buffer 417 * into the hold slot, and the free buffer into the store slot. 418 * Zero the length of the new store buffer. 419 */ 420#define ROTATE_BUFFERS(d) \ 421 (d)->bd_hbuf = (d)->bd_sbuf; \ 422 (d)->bd_hlen = (d)->bd_slen; \ 423 (d)->bd_sbuf = (d)->bd_fbuf; \ 424 (d)->bd_slen = 0; \ 425 (d)->bd_fbuf = 0; 426/* 427 * bpfread - read next chunk of packets from buffers 428 */ 429static int 430bpfread(dev, uio, ioflag) 431 dev_t dev; 432 register struct uio *uio; 433 int ioflag; 434{ 435 register struct bpf_d *d = &bpf_dtab[minor(dev)]; 436 int error; 437 int s; 438 439 /* 440 * Restrict application to use a buffer the same size as 441 * as kernel buffers. 442 */ 443 if (uio->uio_resid != d->bd_bufsize) 444 return (EINVAL); 445 446 s = splimp(); 447 /* 448 * If the hold buffer is empty, then do a timed sleep, which 449 * ends when the timeout expires or when enough packets 450 * have arrived to fill the store buffer. 451 */ 452 while (d->bd_hbuf == 0) { 453 if (d->bd_immediate && d->bd_slen != 0) { 454 /* 455 * A packet(s) either arrived since the previous 456 * read or arrived while we were asleep. 457 * Rotate the buffers and return what's here. 458 */ 459 ROTATE_BUFFERS(d); 460 break; 461 } 462 if (d->bd_rtout != -1) 463 error = BPF_SLEEP((caddr_t)d, PRINET|PCATCH, "bpf", 464 d->bd_rtout); 465 else 466 error = EWOULDBLOCK; /* User requested non-blocking I/O */ 467 if (error == EINTR || error == ERESTART) { 468 splx(s); 469 return (error); 470 } 471 if (error == EWOULDBLOCK) { 472 /* 473 * On a timeout, return what's in the buffer, 474 * which may be nothing. If there is something 475 * in the store buffer, we can rotate the buffers. 476 */ 477 if (d->bd_hbuf) 478 /* 479 * We filled up the buffer in between 480 * getting the timeout and arriving 481 * here, so we don't need to rotate. 482 */ 483 break; 484 485 if (d->bd_slen == 0) { 486 splx(s); 487 return (0); 488 } 489 ROTATE_BUFFERS(d); 490 break; 491 } 492 } 493 /* 494 * At this point, we know we have something in the hold slot. 495 */ 496 splx(s); 497 498 /* 499 * Move data from hold buffer into user space. 500 * We know the entire buffer is transferred since 501 * we checked above that the read buffer is bpf_bufsize bytes. 502 */ 503 error = UIOMOVE(d->bd_hbuf, d->bd_hlen, UIO_READ, uio); 504 505 s = splimp(); 506 d->bd_fbuf = d->bd_hbuf; 507 d->bd_hbuf = 0; 508 d->bd_hlen = 0; 509 splx(s); 510 511 return (error); 512} 513 514 515/* 516 * If there are processes sleeping on this descriptor, wake them up. 517 */ 518static inline void 519bpf_wakeup(d) 520 register struct bpf_d *d; 521{ 522 struct proc *p; 523 524 wakeup((caddr_t)d); 525 if (d->bd_async && d->bd_sig) 526 if (d->bd_pgid > 0) 527 gsignal (d->bd_pgid, d->bd_sig); 528 else if (p = pfind (-d->bd_pgid)) 529 psignal (p, d->bd_sig); 530 531#if BSD >= 199103 532 selwakeup(&d->bd_sel); 533 /* XXX */ 534 d->bd_sel.si_pid = 0; 535#else 536 if (d->bd_selproc) { 537 selwakeup(d->bd_selproc, (int)d->bd_selcoll); 538 d->bd_selcoll = 0; 539 d->bd_selproc = 0; 540 } 541#endif 542} 543 544static int 545bpfwrite(dev, uio, ioflag) 546 dev_t dev; 547 struct uio *uio; 548 int ioflag; 549{ 550 register struct bpf_d *d = &bpf_dtab[minor(dev)]; 551 struct ifnet *ifp; 552 struct mbuf *m; 553 int error, s; 554 static struct sockaddr dst; 555 int datlen; 556 557 if (d->bd_bif == 0) 558 return (ENXIO); 559 560 ifp = d->bd_bif->bif_ifp; 561 562 if (uio->uio_resid == 0) 563 return (0); 564 565 error = bpf_movein(uio, (int)d->bd_bif->bif_dlt, &m, &dst, &datlen); 566 if (error) 567 return (error); 568 569 if (datlen > ifp->if_mtu) 570 return (EMSGSIZE); 571 572 s = splnet(); 573#if BSD >= 199103 574 error = (*ifp->if_output)(ifp, m, &dst, (struct rtentry *)0); 575#else 576 error = (*ifp->if_output)(ifp, m, &dst); 577#endif 578 splx(s); 579 /* 580 * The driver frees the mbuf. 581 */ 582 return (error); 583} 584 585/* 586 * Reset a descriptor by flushing its packet buffer and clearing the 587 * receive and drop counts. Should be called at splimp. 588 */ 589static void 590reset_d(d) 591 struct bpf_d *d; 592{ 593 if (d->bd_hbuf) { 594 /* Free the hold buffer. */ 595 d->bd_fbuf = d->bd_hbuf; 596 d->bd_hbuf = 0; 597 } 598 d->bd_slen = 0; 599 d->bd_hlen = 0; 600 d->bd_rcount = 0; 601 d->bd_dcount = 0; 602} 603 604/* 605 * FIONREAD Check for read packet available. 606 * SIOCGIFADDR Get interface address - convenient hook to driver. 607 * BIOCGBLEN Get buffer len [for read()]. 608 * BIOCSETF Set ethernet read filter. 609 * BIOCFLUSH Flush read packet buffer. 610 * BIOCPROMISC Put interface into promiscuous mode. 611 * BIOCGDLT Get link layer type. 612 * BIOCGETIF Get interface name. 613 * BIOCSETIF Set interface. 614 * BIOCSRTIMEOUT Set read timeout. 615 * BIOCGRTIMEOUT Get read timeout. 616 * BIOCGSTATS Get packet stats. 617 * BIOCIMMEDIATE Set immediate mode. 618 * BIOCVERSION Get filter language version. 619 */ 620/* ARGSUSED */ 621static int 622bpfioctl(dev, cmd, addr, flags, p) 623 dev_t dev; 624 int cmd; 625 caddr_t addr; 626 int flags; 627 struct proc *p; 628{ 629 register struct bpf_d *d = &bpf_dtab[minor(dev)]; 630 int s, error = 0; 631 632 switch (cmd) { 633 634 default: 635 error = EINVAL; 636 break; 637 638 /* 639 * Check for read packet available. 640 */ 641 case FIONREAD: 642 { 643 int n; 644 645 s = splimp(); 646 n = d->bd_slen; 647 if (d->bd_hbuf) 648 n += d->bd_hlen; 649 splx(s); 650 651 *(int *)addr = n; 652 break; 653 } 654 655 case SIOCGIFADDR: 656 { 657 struct ifnet *ifp; 658 659 if (d->bd_bif == 0) 660 error = EINVAL; 661 else { 662 ifp = d->bd_bif->bif_ifp; 663 error = (*ifp->if_ioctl)(ifp, cmd, addr); 664 } 665 break; 666 } 667 668 /* 669 * Get buffer len [for read()]. 670 */ 671 case BIOCGBLEN: 672 *(u_int *)addr = d->bd_bufsize; 673 break; 674 675 /* 676 * Set buffer length. 677 */ 678 case BIOCSBLEN: 679#if BSD < 199103 680 error = EINVAL; 681#else 682 if (d->bd_bif != 0) 683 error = EINVAL; 684 else { 685 register u_int size = *(u_int *)addr; 686 687 if (size > BPF_MAXBUFSIZE) 688 *(u_int *)addr = size = BPF_MAXBUFSIZE; 689 else if (size < BPF_MINBUFSIZE) 690 *(u_int *)addr = size = BPF_MINBUFSIZE; 691 d->bd_bufsize = size; 692 } 693#endif 694 break; 695 696 /* 697 * Set link layer read filter. 698 */ 699 case BIOCSETF: 700 error = bpf_setf(d, (struct bpf_program *)addr); 701 break; 702 703 /* 704 * Flush read packet buffer. 705 */ 706 case BIOCFLUSH: 707 s = splimp(); 708 reset_d(d); 709 splx(s); 710 break; 711 712 /* 713 * Put interface into promiscuous mode. 714 */ 715 case BIOCPROMISC: 716 if (d->bd_bif == 0) { 717 /* 718 * No interface attached yet. 719 */ 720 error = EINVAL; 721 break; 722 } 723 s = splimp(); 724 if (d->bd_promisc == 0) { 725 error = ifpromisc(d->bd_bif->bif_ifp, 1); 726 if (error == 0) 727 d->bd_promisc = 1; 728 } 729 splx(s); 730 break; 731 732 /* 733 * Get device parameters. 734 */ 735 case BIOCGDLT: 736 if (d->bd_bif == 0) 737 error = EINVAL; 738 else 739 *(u_int *)addr = d->bd_bif->bif_dlt; 740 break; 741 742 /* 743 * Set interface name. 744 */ 745 case BIOCGETIF: 746 if (d->bd_bif == 0) 747 error = EINVAL; 748 else 749 bpf_ifname(d->bd_bif->bif_ifp, (struct ifreq *)addr); 750 break; 751 752 /* 753 * Set interface. 754 */ 755 case BIOCSETIF: 756 error = bpf_setif(d, (struct ifreq *)addr); 757 break; 758 759 /* 760 * Set read timeout. 761 */ 762 case BIOCSRTIMEOUT: 763 { 764 struct timeval *tv = (struct timeval *)addr; 765 u_long msec; 766 767 /* Compute number of milliseconds. */ 768 msec = tv->tv_sec * 1000 + tv->tv_usec / 1000; 769 /* Scale milliseconds to ticks. Assume hard 770 clock has millisecond or greater resolution 771 (i.e. tick >= 1000). For 10ms hardclock, 772 tick/1000 = 10, so rtout<-msec/10. */ 773 d->bd_rtout = msec / (tick / 1000); 774 break; 775 } 776 777 /* 778 * Get read timeout. 779 */ 780 case BIOCGRTIMEOUT: 781 { 782 struct timeval *tv = (struct timeval *)addr; 783 u_long msec = d->bd_rtout; 784 785 msec *= tick / 1000; 786 tv->tv_sec = msec / 1000; 787 tv->tv_usec = msec % 1000; 788 break; 789 } 790 791 /* 792 * Get packet stats. 793 */ 794 case BIOCGSTATS: 795 { 796 struct bpf_stat *bs = (struct bpf_stat *)addr; 797 798 bs->bs_recv = d->bd_rcount; 799 bs->bs_drop = d->bd_dcount; 800 break; 801 } 802 803 /* 804 * Set immediate mode. 805 */ 806 case BIOCIMMEDIATE: 807 d->bd_immediate = *(u_int *)addr; 808 break; 809 810 case BIOCVERSION: 811 { 812 struct bpf_version *bv = (struct bpf_version *)addr; 813 814 bv->bv_major = BPF_MAJOR_VERSION; 815 bv->bv_minor = BPF_MINOR_VERSION; 816 break; 817 } 818 819 820 case FIONBIO: /* Non-blocking I/O */ 821 if (*(int *)addr) 822 d->bd_rtout = -1; 823 else 824 d->bd_rtout = 0; 825 break; 826 827 case FIOASYNC: /* Send signal on receive packets */ 828 d->bd_async = *(int *)addr; 829 break; 830 831/* N.B. ioctl (FIOSETOWN) and fcntl (F_SETOWN) both end up doing the 832 equivalent of a TIOCSPGRP and hence end up here. *However* TIOCSPGRP's arg 833 is a process group if it's positive and a process id if it's negative. This 834 is exactly the opposite of what the other two functions want! Therefore 835 there is code in ioctl and fcntl to negate the arg before calling here. */ 836 837 case TIOCSPGRP: /* Process or group to send signals to */ 838 d->bd_pgid = *(int *)addr; 839 break; 840 841 case TIOCGPGRP: 842 *(int *)addr = d->bd_pgid; 843 break; 844 845 case BIOCSRSIG: /* Set receive signal */ 846 { 847 u_int sig; 848 849 sig = *(u_int *)addr; 850 851 if (sig >= NSIG) 852 error = EINVAL; 853 else 854 d->bd_sig = sig; 855 break; 856 } 857 case BIOCGRSIG: 858 *(u_int *)addr = d->bd_sig; 859 break; 860 } 861 return (error); 862} 863 864/* 865 * Set d's packet filter program to fp. If this file already has a filter, 866 * free it and replace it. Returns EINVAL for bogus requests. 867 */ 868static int 869bpf_setf(d, fp) 870 struct bpf_d *d; 871 struct bpf_program *fp; 872{ 873 struct bpf_insn *fcode, *old; 874 u_int flen, size; 875 int s; 876 877 old = d->bd_filter; 878 if (fp->bf_insns == 0) { 879 if (fp->bf_len != 0) 880 return (EINVAL); 881 s = splimp(); 882 d->bd_filter = 0; 883 reset_d(d); 884 splx(s); 885 if (old != 0) 886 free((caddr_t)old, M_DEVBUF); 887 return (0); 888 } 889 flen = fp->bf_len; 890 if (flen > BPF_MAXINSNS) 891 return (EINVAL); 892 893 size = flen * sizeof(*fp->bf_insns); 894 fcode = (struct bpf_insn *)malloc(size, M_DEVBUF, M_WAITOK); 895 if (copyin((caddr_t)fp->bf_insns, (caddr_t)fcode, size) == 0 && 896 bpf_validate(fcode, (int)flen)) { 897 s = splimp(); 898 d->bd_filter = fcode; 899 reset_d(d); 900 splx(s); 901 if (old != 0) 902 free((caddr_t)old, M_DEVBUF); 903 904 return (0); 905 } 906 free((caddr_t)fcode, M_DEVBUF); 907 return (EINVAL); 908} 909 910/* 911 * Detach a file from its current interface (if attached at all) and attach 912 * to the interface indicated by the name stored in ifr. 913 * Return an errno or 0. 914 */ 915static int 916bpf_setif(d, ifr) 917 struct bpf_d *d; 918 struct ifreq *ifr; 919{ 920 struct bpf_if *bp; 921 int s, error; 922 struct ifnet *theywant; 923 924 theywant = ifunit(ifr->ifr_name); 925 if (theywant == 0) 926 return ENXIO; 927 928 /* 929 * Look through attached interfaces for the named one. 930 */ 931 for (bp = bpf_iflist; bp != 0; bp = bp->bif_next) { 932 struct ifnet *ifp = bp->bif_ifp; 933 934 if (ifp == 0 || ifp != theywant) 935 continue; 936 /* 937 * We found the requested interface. 938 * If it's not up, return an error. 939 * Allocate the packet buffers if we need to. 940 * If we're already attached to requested interface, 941 * just flush the buffer. 942 */ 943 if ((ifp->if_flags & IFF_UP) == 0) 944 return (ENETDOWN); 945 946 if (d->bd_sbuf == 0) { 947 error = bpf_allocbufs(d); 948 if (error != 0) 949 return (error); 950 } 951 s = splimp(); 952 if (bp != d->bd_bif) { 953 if (d->bd_bif) 954 /* 955 * Detach if attached to something else. 956 */ 957 bpf_detachd(d); 958 959 bpf_attachd(d, bp); 960 } 961 reset_d(d); 962 splx(s); 963 return (0); 964 } 965 /* Not found. */ 966 return (ENXIO); 967} 968 969/* 970 * Convert an interface name plus unit number of an ifp to a single 971 * name which is returned in the ifr. 972 */ 973static void 974bpf_ifname(ifp, ifr) 975 struct ifnet *ifp; 976 struct ifreq *ifr; 977{ 978 char *s = ifp->if_name; 979 char *d = ifr->ifr_name; 980 981 while (*d++ = *s++) 982 continue; 983 d--; /* back to the null */ 984 /* XXX Assume that unit number is less than 10. */ 985 *d++ = ifp->if_unit + '0'; 986 *d = '\0'; 987} 988 989/* 990 * The new select interface passes down the proc pointer; the old select 991 * stubs had to grab it out of the user struct. This glue allows either case. 992 */ 993#if BSD >= 199103 994#define bpf_select bpfselect 995#else 996static int 997bpfselect(dev, rw) 998 register dev_t dev; 999 int rw; 1000{ 1001 return (bpf_select(dev, rw, u.u_procp)); 1002} 1003#endif 1004 1005/* 1006 * Support for select() system call 1007 * 1008 * Return true iff the specific operation will not block indefinitely. 1009 * Otherwise, return false but make a note that a selwakeup() must be done. 1010 */ 1011int 1012bpf_select(dev, rw, p) 1013 register dev_t dev; 1014 int rw; 1015 struct proc *p; 1016{ 1017 register struct bpf_d *d; 1018 register int s; 1019 1020 if (rw != FREAD) 1021 return (0); 1022 /* 1023 * An imitation of the FIONREAD ioctl code. 1024 */ 1025 d = &bpf_dtab[minor(dev)]; 1026 1027 s = splimp(); 1028 if (d->bd_hlen != 0 || (d->bd_immediate && d->bd_slen != 0)) { 1029 /* 1030 * There is data waiting. 1031 */ 1032 splx(s); 1033 return (1); 1034 } 1035#if BSD >= 199103 1036 selrecord(p, &d->bd_sel); 1037#else 1038 /* 1039 * No data ready. If there's already a select() waiting on this 1040 * minor device then this is a collision. This shouldn't happen 1041 * because minors really should not be shared, but if a process 1042 * forks while one of these is open, it is possible that both 1043 * processes could select on the same descriptor. 1044 */ 1045 if (d->bd_selproc && d->bd_selproc->p_wchan == (caddr_t)&selwait) 1046 d->bd_selcoll = 1; 1047 else 1048 d->bd_selproc = p; 1049#endif 1050 splx(s); 1051 return (0); 1052} 1053 1054/* 1055 * Incoming linkage from device drivers. Process the packet pkt, of length 1056 * pktlen, which is stored in a contiguous buffer. The packet is parsed 1057 * by each process' filter, and if accepted, stashed into the corresponding 1058 * buffer. 1059 */ 1060void 1061bpf_tap(ifp, pkt, pktlen) 1062 struct ifnet *ifp; 1063 register u_char *pkt; 1064 register u_int pktlen; 1065{ 1066 struct bpf_if *bp; 1067 register struct bpf_d *d; 1068 register u_int slen; 1069 /* 1070 * Note that the ipl does not have to be raised at this point. 1071 * The only problem that could arise here is that if two different 1072 * interfaces shared any data. This is not the case. 1073 */ 1074 bp = ifp->if_bpf; 1075 for (d = bp->bif_dlist; d != 0; d = d->bd_next) { 1076 ++d->bd_rcount; 1077 slen = bpf_filter(d->bd_filter, pkt, pktlen, pktlen); 1078 if (slen != 0) 1079 catchpacket(d, pkt, pktlen, slen, bcopy); 1080 } 1081} 1082 1083/* 1084 * Copy data from an mbuf chain into a buffer. This code is derived 1085 * from m_copydata in sys/uipc_mbuf.c. 1086 */ 1087static void 1088bpf_mcopy(src_arg, dst_arg, len) 1089 const void *src_arg; 1090 void *dst_arg; 1091 register u_int len; 1092{ 1093 register const struct mbuf *m; 1094 register u_int count; 1095 u_char *dst; 1096 1097 m = src_arg; 1098 dst = dst_arg; 1099 while (len > 0) { 1100 if (m == 0) 1101 panic("bpf_mcopy"); 1102 count = min(m->m_len, len); 1103 bcopy(mtod(m, void *), dst, count); 1104 m = m->m_next; 1105 dst += count; 1106 len -= count; 1107 } 1108} 1109 1110/* 1111 * Incoming linkage from device drivers, when packet is in an mbuf chain. 1112 */ 1113void 1114bpf_mtap(ifp, m) 1115 struct ifnet *ifp; 1116 struct mbuf *m; 1117{ 1118 struct bpf_if *bp = ifp->if_bpf; 1119 struct bpf_d *d; 1120 u_int pktlen, slen; 1121 struct mbuf *m0; 1122 1123 pktlen = 0; 1124 for (m0 = m; m0 != 0; m0 = m0->m_next) 1125 pktlen += m0->m_len; 1126 1127 for (d = bp->bif_dlist; d != 0; d = d->bd_next) { 1128 ++d->bd_rcount; 1129 slen = bpf_filter(d->bd_filter, (u_char *)m, pktlen, 0); 1130 if (slen != 0) 1131 catchpacket(d, (u_char *)m, pktlen, slen, bpf_mcopy); 1132 } 1133} 1134 1135/* 1136 * Move the packet data from interface memory (pkt) into the 1137 * store buffer. Return 1 if it's time to wakeup a listener (buffer full), 1138 * otherwise 0. "copy" is the routine called to do the actual data 1139 * transfer. bcopy is passed in to copy contiguous chunks, while 1140 * bpf_mcopy is passed in to copy mbuf chains. In the latter case, 1141 * pkt is really an mbuf. 1142 */ 1143static void 1144catchpacket(d, pkt, pktlen, snaplen, cpfn) 1145 register struct bpf_d *d; 1146 register u_char *pkt; 1147 register u_int pktlen, snaplen; 1148 register void (*cpfn)(const void *, void *, u_int); 1149{ 1150 register struct bpf_hdr *hp; 1151 register int totlen, curlen; 1152 register int hdrlen = d->bd_bif->bif_hdrlen; 1153 /* 1154 * Figure out how many bytes to move. If the packet is 1155 * greater or equal to the snapshot length, transfer that 1156 * much. Otherwise, transfer the whole packet (unless 1157 * we hit the buffer size limit). 1158 */ 1159 totlen = hdrlen + min(snaplen, pktlen); 1160 if (totlen > d->bd_bufsize) 1161 totlen = d->bd_bufsize; 1162 1163 /* 1164 * Round up the end of the previous packet to the next longword. 1165 */ 1166 curlen = BPF_WORDALIGN(d->bd_slen); 1167 if (curlen + totlen > d->bd_bufsize) { 1168 /* 1169 * This packet will overflow the storage buffer. 1170 * Rotate the buffers if we can, then wakeup any 1171 * pending reads. 1172 */ 1173 if (d->bd_fbuf == 0) { 1174 /* 1175 * We haven't completed the previous read yet, 1176 * so drop the packet. 1177 */ 1178 ++d->bd_dcount; 1179 return; 1180 } 1181 ROTATE_BUFFERS(d); 1182 bpf_wakeup(d); 1183 curlen = 0; 1184 } 1185 else if (d->bd_immediate) 1186 /* 1187 * Immediate mode is set. A packet arrived so any 1188 * reads should be woken up. 1189 */ 1190 bpf_wakeup(d); 1191 1192 /* 1193 * Append the bpf header. 1194 */ 1195 hp = (struct bpf_hdr *)(d->bd_sbuf + curlen); 1196#if BSD >= 199103 1197 microtime(&hp->bh_tstamp); 1198#elif defined(sun) 1199 uniqtime(&hp->bh_tstamp); 1200#else 1201 hp->bh_tstamp = time; 1202#endif 1203 hp->bh_datalen = pktlen; 1204 hp->bh_hdrlen = hdrlen; 1205 /* 1206 * Copy the packet data into the store buffer and update its length. 1207 */ 1208 (*cpfn)(pkt, (u_char *)hp + hdrlen, (hp->bh_caplen = totlen - hdrlen)); 1209 d->bd_slen = curlen + totlen; 1210} 1211 1212/* 1213 * Initialize all nonzero fields of a descriptor. 1214 */ 1215static int 1216bpf_allocbufs(d) 1217 register struct bpf_d *d; 1218{ 1219 d->bd_fbuf = (caddr_t)malloc(d->bd_bufsize, M_DEVBUF, M_WAITOK); 1220 if (d->bd_fbuf == 0) 1221 return (ENOBUFS); 1222 1223 d->bd_sbuf = (caddr_t)malloc(d->bd_bufsize, M_DEVBUF, M_WAITOK); 1224 if (d->bd_sbuf == 0) { 1225 free(d->bd_fbuf, M_DEVBUF); 1226 return (ENOBUFS); 1227 } 1228 d->bd_slen = 0; 1229 d->bd_hlen = 0; 1230 return (0); 1231} 1232 1233/* 1234 * Free buffers currently in use by a descriptor. 1235 * Called on close. 1236 */ 1237static void 1238bpf_freed(d) 1239 register struct bpf_d *d; 1240{ 1241 /* 1242 * We don't need to lock out interrupts since this descriptor has 1243 * been detached from its interface and it yet hasn't been marked 1244 * free. 1245 */ 1246 if (d->bd_sbuf != 0) { 1247 free(d->bd_sbuf, M_DEVBUF); 1248 if (d->bd_hbuf != 0) 1249 free(d->bd_hbuf, M_DEVBUF); 1250 if (d->bd_fbuf != 0) 1251 free(d->bd_fbuf, M_DEVBUF); 1252 } 1253 if (d->bd_filter) 1254 free((caddr_t)d->bd_filter, M_DEVBUF); 1255 1256 D_MARKFREE(d); 1257} 1258 1259/* 1260 * Attach an interface to bpf. driverp is a pointer to a (struct bpf_if *) 1261 * in the driver's softc; dlt is the link layer type; hdrlen is the fixed 1262 * size of the link header (variable length headers not yet supported). 1263 */ 1264void 1265bpfattach(ifp, dlt, hdrlen) 1266 struct ifnet *ifp; 1267 u_int dlt, hdrlen; 1268{ 1269 struct bpf_if *bp; 1270 int i; 1271 bp = (struct bpf_if *)malloc(sizeof(*bp), M_DEVBUF, M_DONTWAIT); 1272 if (bp == 0) 1273 panic("bpfattach"); 1274 1275 bp->bif_dlist = 0; 1276 bp->bif_ifp = ifp; 1277 bp->bif_dlt = dlt; 1278 1279 bp->bif_next = bpf_iflist; 1280 bpf_iflist = bp; 1281 1282 bp->bif_ifp->if_bpf = 0; 1283 1284 /* 1285 * Compute the length of the bpf header. This is not necessarily 1286 * equal to SIZEOF_BPF_HDR because we want to insert spacing such 1287 * that the network layer header begins on a longword boundary (for 1288 * performance reasons and to alleviate alignment restrictions). 1289 */ 1290 bp->bif_hdrlen = BPF_WORDALIGN(hdrlen + SIZEOF_BPF_HDR) - hdrlen; 1291 1292 /* 1293 * Mark all the descriptors free if this hasn't been done. 1294 */ 1295 if (!D_ISFREE(&bpf_dtab[0])) 1296 for (i = 0; i < NBPFILTER; ++i) 1297 D_MARKFREE(&bpf_dtab[i]); 1298 1299 if (bootverbose) 1300 printf("bpf: %s%d attached\n", ifp->if_name, ifp->if_unit); 1301} 1302 1303#ifdef DEVFS 1304static void *bpf_devfs_token[NBPFILTER]; 1305#endif 1306 1307static bpf_devsw_installed = 0; 1308 1309static void bpf_drvinit(void *unused) 1310{ 1311 dev_t dev; 1312#ifdef DEVFS 1313 int i; 1314#endif 1315 1316 if( ! bpf_devsw_installed ) { 1317 dev = makedev(CDEV_MAJOR, 0); 1318 cdevsw_add(&dev,&bpf_cdevsw, NULL); 1319 bpf_devsw_installed = 1; 1320#ifdef DEVFS 1321 1322 for ( i = 0 ; i < NBPFILTER ; i++ ) { 1323 bpf_devfs_token[i] = 1324 devfs_add_devswf(&bpf_cdevsw, i, DV_CHR, 0, 0, 1325 0600, "bpf%d", i); 1326 } 1327#endif 1328 } 1329} 1330 1331SYSINIT(bpfdev,SI_SUB_DRIVERS,SI_ORDER_MIDDLE+CDEV_MAJOR,bpf_drvinit,NULL) 1332 1333#endif 1334