bpf.c revision 29024
1/* 2 * Copyright (c) 1990, 1991, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * This code is derived from the Stanford/CMU enet packet filter, 6 * (net/enet.c) distributed as part of 4.3BSD, and code contributed 7 * to Berkeley by Steven McCanne and Van Jacobson both of Lawrence 8 * Berkeley Laboratory. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 3. All advertising materials mentioning features or use of this software 19 * must display the following acknowledgement: 20 * This product includes software developed by the University of 21 * California, Berkeley and its contributors. 22 * 4. Neither the name of the University nor the names of its contributors 23 * may be used to endorse or promote products derived from this software 24 * without specific prior written permission. 25 * 26 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 27 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 28 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 29 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 30 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 31 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 34 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 35 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 36 * SUCH DAMAGE. 37 * 38 * @(#)bpf.c 8.2 (Berkeley) 3/28/94 39 * 40 * $Id: bpf.c,v 1.31 1997/03/24 12:12:35 bde Exp $ 41 */ 42 43#include "bpfilter.h" 44 45#if NBPFILTER > 0 46 47#ifndef __GNUC__ 48#define inline 49#else 50#define inline __inline 51#endif 52 53#include <sys/param.h> 54#include <sys/systm.h> 55#include <sys/conf.h> 56#include <sys/malloc.h> 57#include <sys/mbuf.h> 58#include <sys/buf.h> 59#include <sys/time.h> 60#include <sys/proc.h> 61#include <sys/signalvar.h> 62#include <sys/filio.h> 63#include <sys/sockio.h> 64#include <sys/ttycom.h> 65 66#include <sys/fcntl.h> 67#if defined(sparc) && BSD < 199103 68#include <sys/stream.h> 69#endif 70#include <sys/uio.h> 71 72#include <sys/socket.h> 73#include <sys/socketvar.h> 74#include <sys/protosw.h> 75#include <net/if.h> 76 77#include <net/bpf.h> 78#include <net/bpfdesc.h> 79 80#include <sys/errno.h> 81 82#include <netinet/in.h> 83#include <netinet/if_ether.h> 84#include <sys/kernel.h> 85#include <sys/sysctl.h> 86#include <sys/conf.h> 87#ifdef DEVFS 88#include <sys/devfsext.h> 89#endif /*DEVFS*/ 90 91 92/* 93 * Older BSDs don't have kernel malloc. 94 */ 95#if BSD < 199103 96extern bcopy(); 97static caddr_t bpf_alloc(); 98#include <net/bpf_compat.h> 99#define BPF_BUFSIZE (MCLBYTES-8) 100#define UIOMOVE(cp, len, code, uio) uiomove(cp, len, code, uio) 101#else 102#define BPF_BUFSIZE 4096 103#define UIOMOVE(cp, len, code, uio) uiomove(cp, len, uio) 104#endif 105 106#define PRINET 26 /* interruptible */ 107 108/* 109 * The default read buffer size is patchable. 110 */ 111static int bpf_bufsize = BPF_BUFSIZE; 112SYSCTL_INT(_debug, OID_AUTO, bpf_bufsize, CTLFLAG_RW, 113 &bpf_bufsize, 0, ""); 114 115/* 116 * bpf_iflist is the list of interfaces; each corresponds to an ifnet 117 * bpf_dtab holds the descriptors, indexed by minor device # 118 */ 119static struct bpf_if *bpf_iflist; 120static struct bpf_d bpf_dtab[NBPFILTER]; 121 122static int bpf_allocbufs __P((struct bpf_d *)); 123static void bpf_attachd __P((struct bpf_d *d, struct bpf_if *bp)); 124static void bpf_detachd __P((struct bpf_d *d)); 125static void bpf_freed __P((struct bpf_d *)); 126static void bpf_ifname __P((struct ifnet *, struct ifreq *)); 127static void bpf_mcopy __P((const void *, void *, u_int)); 128static int bpf_movein __P((struct uio *, int, 129 struct mbuf **, struct sockaddr *, int *)); 130static int bpf_setif __P((struct bpf_d *, struct ifreq *)); 131static inline void 132 bpf_wakeup __P((struct bpf_d *)); 133static void catchpacket __P((struct bpf_d *, u_char *, u_int, 134 u_int, void (*)(const void *, void *, u_int))); 135static void reset_d __P((struct bpf_d *)); 136static int bpf_setf __P((struct bpf_d *, struct bpf_program *)); 137 138static d_open_t bpfopen; 139static d_close_t bpfclose; 140static d_read_t bpfread; 141static d_write_t bpfwrite; 142static d_ioctl_t bpfioctl; 143static d_select_t bpfselect; 144 145#define CDEV_MAJOR 23 146static struct cdevsw bpf_cdevsw = 147 { bpfopen, bpfclose, bpfread, bpfwrite, /*23*/ 148 bpfioctl, nostop, nullreset, nodevtotty,/* bpf */ 149 bpfselect, nommap, NULL, "bpf", NULL, -1 }; 150 151 152static int 153bpf_movein(uio, linktype, mp, sockp, datlen) 154 register struct uio *uio; 155 int linktype, *datlen; 156 register struct mbuf **mp; 157 register struct sockaddr *sockp; 158{ 159 struct mbuf *m; 160 int error; 161 int len; 162 int hlen; 163 164 /* 165 * Build a sockaddr based on the data link layer type. 166 * We do this at this level because the ethernet header 167 * is copied directly into the data field of the sockaddr. 168 * In the case of SLIP, there is no header and the packet 169 * is forwarded as is. 170 * Also, we are careful to leave room at the front of the mbuf 171 * for the link level header. 172 */ 173 switch (linktype) { 174 175 case DLT_SLIP: 176 sockp->sa_family = AF_INET; 177 hlen = 0; 178 break; 179 180 case DLT_EN10MB: 181 sockp->sa_family = AF_UNSPEC; 182 /* XXX Would MAXLINKHDR be better? */ 183 hlen = sizeof(struct ether_header); 184 break; 185 186 case DLT_FDDI: 187#if defined(__FreeBSD__) || defined(__bsdi__) 188 sockp->sa_family = AF_IMPLINK; 189 hlen = 0; 190#else 191 sockp->sa_family = AF_UNSPEC; 192 /* XXX 4(FORMAC)+6(dst)+6(src)+3(LLC)+5(SNAP) */ 193 hlen = 24; 194#endif 195 break; 196 197 case DLT_NULL: 198 sockp->sa_family = AF_UNSPEC; 199 hlen = 0; 200 break; 201 202 default: 203 return (EIO); 204 } 205 206 len = uio->uio_resid; 207 *datlen = len - hlen; 208 if ((unsigned)len > MCLBYTES) 209 return (EIO); 210 211 MGETHDR(m, M_WAIT, MT_DATA); 212 if (m == 0) 213 return (ENOBUFS); 214 if (len > MHLEN) { 215#if BSD >= 199103 216 MCLGET(m, M_WAIT); 217 if ((m->m_flags & M_EXT) == 0) { 218#else 219 MCLGET(m); 220 if (m->m_len != MCLBYTES) { 221#endif 222 error = ENOBUFS; 223 goto bad; 224 } 225 } 226 m->m_pkthdr.len = m->m_len = len; 227 m->m_pkthdr.rcvif = NULL; 228 *mp = m; 229 /* 230 * Make room for link header. 231 */ 232 if (hlen != 0) { 233 m->m_pkthdr.len -= hlen; 234 m->m_len -= hlen; 235#if BSD >= 199103 236 m->m_data += hlen; /* XXX */ 237#else 238 m->m_off += hlen; 239#endif 240 error = UIOMOVE((caddr_t)sockp->sa_data, hlen, UIO_WRITE, uio); 241 if (error) 242 goto bad; 243 } 244 error = UIOMOVE(mtod(m, caddr_t), len - hlen, UIO_WRITE, uio); 245 if (!error) 246 return (0); 247 bad: 248 m_freem(m); 249 return (error); 250} 251 252/* 253 * Attach file to the bpf interface, i.e. make d listen on bp. 254 * Must be called at splimp. 255 */ 256static void 257bpf_attachd(d, bp) 258 struct bpf_d *d; 259 struct bpf_if *bp; 260{ 261 /* 262 * Point d at bp, and add d to the interface's list of listeners. 263 * Finally, point the driver's bpf cookie at the interface so 264 * it will divert packets to bpf. 265 */ 266 d->bd_bif = bp; 267 d->bd_next = bp->bif_dlist; 268 bp->bif_dlist = d; 269 270 bp->bif_ifp->if_bpf = bp; 271} 272 273/* 274 * Detach a file from its interface. 275 */ 276static void 277bpf_detachd(d) 278 struct bpf_d *d; 279{ 280 struct bpf_d **p; 281 struct bpf_if *bp; 282 283 bp = d->bd_bif; 284 /* 285 * Check if this descriptor had requested promiscuous mode. 286 * If so, turn it off. 287 */ 288 if (d->bd_promisc) { 289 d->bd_promisc = 0; 290 if (ifpromisc(bp->bif_ifp, 0)) 291 /* 292 * Something is really wrong if we were able to put 293 * the driver into promiscuous mode, but can't 294 * take it out. 295 */ 296 panic("bpf: ifpromisc failed"); 297 } 298 /* Remove d from the interface's descriptor list. */ 299 p = &bp->bif_dlist; 300 while (*p != d) { 301 p = &(*p)->bd_next; 302 if (*p == 0) 303 panic("bpf_detachd: descriptor not in list"); 304 } 305 *p = (*p)->bd_next; 306 if (bp->bif_dlist == 0) 307 /* 308 * Let the driver know that there are no more listeners. 309 */ 310 d->bd_bif->bif_ifp->if_bpf = 0; 311 d->bd_bif = 0; 312} 313 314 315/* 316 * Mark a descriptor free by making it point to itself. 317 * This is probably cheaper than marking with a constant since 318 * the address should be in a register anyway. 319 */ 320#define D_ISFREE(d) ((d) == (d)->bd_next) 321#define D_MARKFREE(d) ((d)->bd_next = (d)) 322#define D_MARKUSED(d) ((d)->bd_next = 0) 323 324/* 325 * Open ethernet device. Returns ENXIO for illegal minor device number, 326 * EBUSY if file is open by another process. 327 */ 328/* ARGSUSED */ 329static int 330bpfopen(dev, flags, fmt, p) 331 dev_t dev; 332 int flags; 333 int fmt; 334 struct proc *p; 335{ 336 register struct bpf_d *d; 337 338 if (minor(dev) >= NBPFILTER) 339 return (ENXIO); 340 /* 341 * Each minor can be opened by only one process. If the requested 342 * minor is in use, return EBUSY. 343 */ 344 d = &bpf_dtab[minor(dev)]; 345 if (!D_ISFREE(d)) 346 return (EBUSY); 347 348 /* Mark "free" and do most initialization. */ 349 bzero((char *)d, sizeof(*d)); 350 d->bd_bufsize = bpf_bufsize; 351 d->bd_sig = SIGIO; 352 353 return (0); 354} 355 356/* 357 * Close the descriptor by detaching it from its interface, 358 * deallocating its buffers, and marking it free. 359 */ 360/* ARGSUSED */ 361static int 362bpfclose(dev, flags, fmt, p) 363 dev_t dev; 364 int flags; 365 int fmt; 366 struct proc *p; 367{ 368 register struct bpf_d *d = &bpf_dtab[minor(dev)]; 369 register int s; 370 371 s = splimp(); 372 if (d->bd_bif) 373 bpf_detachd(d); 374 splx(s); 375 bpf_freed(d); 376 377 return (0); 378} 379 380/* 381 * Support for SunOS, which does not have tsleep. 382 */ 383#if BSD < 199103 384static 385bpf_timeout(arg) 386 caddr_t arg; 387{ 388 struct bpf_d *d = (struct bpf_d *)arg; 389 d->bd_timedout = 1; 390 wakeup(arg); 391} 392 393#define BPF_SLEEP(chan, pri, s, t) bpf_sleep((struct bpf_d *)chan) 394 395int 396bpf_sleep(d) 397 register struct bpf_d *d; 398{ 399 register int rto = d->bd_rtout; 400 register int st; 401 402 if (rto != 0) { 403 d->bd_timedout = 0; 404 timeout(bpf_timeout, (caddr_t)d, rto); 405 } 406 st = sleep((caddr_t)d, PRINET|PCATCH); 407 if (rto != 0) { 408 if (d->bd_timedout == 0) 409 untimeout(bpf_timeout, (caddr_t)d); 410 else if (st == 0) 411 return EWOULDBLOCK; 412 } 413 return (st != 0) ? EINTR : 0; 414} 415#else 416#define BPF_SLEEP tsleep 417#endif 418 419/* 420 * Rotate the packet buffers in descriptor d. Move the store buffer 421 * into the hold slot, and the free buffer into the store slot. 422 * Zero the length of the new store buffer. 423 */ 424#define ROTATE_BUFFERS(d) \ 425 (d)->bd_hbuf = (d)->bd_sbuf; \ 426 (d)->bd_hlen = (d)->bd_slen; \ 427 (d)->bd_sbuf = (d)->bd_fbuf; \ 428 (d)->bd_slen = 0; \ 429 (d)->bd_fbuf = 0; 430/* 431 * bpfread - read next chunk of packets from buffers 432 */ 433static int 434bpfread(dev, uio, ioflag) 435 dev_t dev; 436 register struct uio *uio; 437 int ioflag; 438{ 439 register struct bpf_d *d = &bpf_dtab[minor(dev)]; 440 int error; 441 int s; 442 443 /* 444 * Restrict application to use a buffer the same size as 445 * as kernel buffers. 446 */ 447 if (uio->uio_resid != d->bd_bufsize) 448 return (EINVAL); 449 450 s = splimp(); 451 /* 452 * If the hold buffer is empty, then do a timed sleep, which 453 * ends when the timeout expires or when enough packets 454 * have arrived to fill the store buffer. 455 */ 456 while (d->bd_hbuf == 0) { 457 if (d->bd_immediate && d->bd_slen != 0) { 458 /* 459 * A packet(s) either arrived since the previous 460 * read or arrived while we were asleep. 461 * Rotate the buffers and return what's here. 462 */ 463 ROTATE_BUFFERS(d); 464 break; 465 } 466 if (d->bd_rtout != -1) 467 error = BPF_SLEEP((caddr_t)d, PRINET|PCATCH, "bpf", 468 d->bd_rtout); 469 else 470 error = EWOULDBLOCK; /* User requested non-blocking I/O */ 471 if (error == EINTR || error == ERESTART) { 472 splx(s); 473 return (error); 474 } 475 if (error == EWOULDBLOCK) { 476 /* 477 * On a timeout, return what's in the buffer, 478 * which may be nothing. If there is something 479 * in the store buffer, we can rotate the buffers. 480 */ 481 if (d->bd_hbuf) 482 /* 483 * We filled up the buffer in between 484 * getting the timeout and arriving 485 * here, so we don't need to rotate. 486 */ 487 break; 488 489 if (d->bd_slen == 0) { 490 splx(s); 491 return (0); 492 } 493 ROTATE_BUFFERS(d); 494 break; 495 } 496 } 497 /* 498 * At this point, we know we have something in the hold slot. 499 */ 500 splx(s); 501 502 /* 503 * Move data from hold buffer into user space. 504 * We know the entire buffer is transferred since 505 * we checked above that the read buffer is bpf_bufsize bytes. 506 */ 507 error = UIOMOVE(d->bd_hbuf, d->bd_hlen, UIO_READ, uio); 508 509 s = splimp(); 510 d->bd_fbuf = d->bd_hbuf; 511 d->bd_hbuf = 0; 512 d->bd_hlen = 0; 513 splx(s); 514 515 return (error); 516} 517 518 519/* 520 * If there are processes sleeping on this descriptor, wake them up. 521 */ 522static inline void 523bpf_wakeup(d) 524 register struct bpf_d *d; 525{ 526 struct proc *p; 527 528 wakeup((caddr_t)d); 529 if (d->bd_async && d->bd_sig) 530 if (d->bd_pgid > 0) 531 gsignal (d->bd_pgid, d->bd_sig); 532 else if (p = pfind (-d->bd_pgid)) 533 psignal (p, d->bd_sig); 534 535#if BSD >= 199103 536 selwakeup(&d->bd_sel); 537 /* XXX */ 538 d->bd_sel.si_pid = 0; 539#else 540 if (d->bd_selproc) { 541 selwakeup(d->bd_selproc, (int)d->bd_selcoll); 542 d->bd_selcoll = 0; 543 d->bd_selproc = 0; 544 } 545#endif 546} 547 548static int 549bpfwrite(dev, uio, ioflag) 550 dev_t dev; 551 struct uio *uio; 552 int ioflag; 553{ 554 register struct bpf_d *d = &bpf_dtab[minor(dev)]; 555 struct ifnet *ifp; 556 struct mbuf *m; 557 int error, s; 558 static struct sockaddr dst; 559 int datlen; 560 561 if (d->bd_bif == 0) 562 return (ENXIO); 563 564 ifp = d->bd_bif->bif_ifp; 565 566 if (uio->uio_resid == 0) 567 return (0); 568 569 error = bpf_movein(uio, (int)d->bd_bif->bif_dlt, &m, &dst, &datlen); 570 if (error) 571 return (error); 572 573 if (datlen > ifp->if_mtu) 574 return (EMSGSIZE); 575 576 s = splnet(); 577#if BSD >= 199103 578 error = (*ifp->if_output)(ifp, m, &dst, (struct rtentry *)0); 579#else 580 error = (*ifp->if_output)(ifp, m, &dst); 581#endif 582 splx(s); 583 /* 584 * The driver frees the mbuf. 585 */ 586 return (error); 587} 588 589/* 590 * Reset a descriptor by flushing its packet buffer and clearing the 591 * receive and drop counts. Should be called at splimp. 592 */ 593static void 594reset_d(d) 595 struct bpf_d *d; 596{ 597 if (d->bd_hbuf) { 598 /* Free the hold buffer. */ 599 d->bd_fbuf = d->bd_hbuf; 600 d->bd_hbuf = 0; 601 } 602 d->bd_slen = 0; 603 d->bd_hlen = 0; 604 d->bd_rcount = 0; 605 d->bd_dcount = 0; 606} 607 608/* 609 * FIONREAD Check for read packet available. 610 * SIOCGIFADDR Get interface address - convenient hook to driver. 611 * BIOCGBLEN Get buffer len [for read()]. 612 * BIOCSETF Set ethernet read filter. 613 * BIOCFLUSH Flush read packet buffer. 614 * BIOCPROMISC Put interface into promiscuous mode. 615 * BIOCGDLT Get link layer type. 616 * BIOCGETIF Get interface name. 617 * BIOCSETIF Set interface. 618 * BIOCSRTIMEOUT Set read timeout. 619 * BIOCGRTIMEOUT Get read timeout. 620 * BIOCGSTATS Get packet stats. 621 * BIOCIMMEDIATE Set immediate mode. 622 * BIOCVERSION Get filter language version. 623 */ 624/* ARGSUSED */ 625static int 626bpfioctl(dev, cmd, addr, flags, p) 627 dev_t dev; 628 int cmd; 629 caddr_t addr; 630 int flags; 631 struct proc *p; 632{ 633 register struct bpf_d *d = &bpf_dtab[minor(dev)]; 634 int s, error = 0; 635 636 switch (cmd) { 637 638 default: 639 error = EINVAL; 640 break; 641 642 /* 643 * Check for read packet available. 644 */ 645 case FIONREAD: 646 { 647 int n; 648 649 s = splimp(); 650 n = d->bd_slen; 651 if (d->bd_hbuf) 652 n += d->bd_hlen; 653 splx(s); 654 655 *(int *)addr = n; 656 break; 657 } 658 659 case SIOCGIFADDR: 660 { 661 struct ifnet *ifp; 662 663 if (d->bd_bif == 0) 664 error = EINVAL; 665 else { 666 ifp = d->bd_bif->bif_ifp; 667 error = (*ifp->if_ioctl)(ifp, cmd, addr); 668 } 669 break; 670 } 671 672 /* 673 * Get buffer len [for read()]. 674 */ 675 case BIOCGBLEN: 676 *(u_int *)addr = d->bd_bufsize; 677 break; 678 679 /* 680 * Set buffer length. 681 */ 682 case BIOCSBLEN: 683#if BSD < 199103 684 error = EINVAL; 685#else 686 if (d->bd_bif != 0) 687 error = EINVAL; 688 else { 689 register u_int size = *(u_int *)addr; 690 691 if (size > BPF_MAXBUFSIZE) 692 *(u_int *)addr = size = BPF_MAXBUFSIZE; 693 else if (size < BPF_MINBUFSIZE) 694 *(u_int *)addr = size = BPF_MINBUFSIZE; 695 d->bd_bufsize = size; 696 } 697#endif 698 break; 699 700 /* 701 * Set link layer read filter. 702 */ 703 case BIOCSETF: 704 error = bpf_setf(d, (struct bpf_program *)addr); 705 break; 706 707 /* 708 * Flush read packet buffer. 709 */ 710 case BIOCFLUSH: 711 s = splimp(); 712 reset_d(d); 713 splx(s); 714 break; 715 716 /* 717 * Put interface into promiscuous mode. 718 */ 719 case BIOCPROMISC: 720 if (d->bd_bif == 0) { 721 /* 722 * No interface attached yet. 723 */ 724 error = EINVAL; 725 break; 726 } 727 s = splimp(); 728 if (d->bd_promisc == 0) { 729 error = ifpromisc(d->bd_bif->bif_ifp, 1); 730 if (error == 0) 731 d->bd_promisc = 1; 732 } 733 splx(s); 734 break; 735 736 /* 737 * Get device parameters. 738 */ 739 case BIOCGDLT: 740 if (d->bd_bif == 0) 741 error = EINVAL; 742 else 743 *(u_int *)addr = d->bd_bif->bif_dlt; 744 break; 745 746 /* 747 * Set interface name. 748 */ 749 case BIOCGETIF: 750 if (d->bd_bif == 0) 751 error = EINVAL; 752 else 753 bpf_ifname(d->bd_bif->bif_ifp, (struct ifreq *)addr); 754 break; 755 756 /* 757 * Set interface. 758 */ 759 case BIOCSETIF: 760 error = bpf_setif(d, (struct ifreq *)addr); 761 break; 762 763 /* 764 * Set read timeout. 765 */ 766 case BIOCSRTIMEOUT: 767 { 768 struct timeval *tv = (struct timeval *)addr; 769 u_long msec; 770 771 /* Compute number of milliseconds. */ 772 msec = tv->tv_sec * 1000 + tv->tv_usec / 1000; 773 /* Scale milliseconds to ticks. Assume hard 774 clock has millisecond or greater resolution 775 (i.e. tick >= 1000). For 10ms hardclock, 776 tick/1000 = 10, so rtout<-msec/10. */ 777 d->bd_rtout = msec / (tick / 1000); 778 break; 779 } 780 781 /* 782 * Get read timeout. 783 */ 784 case BIOCGRTIMEOUT: 785 { 786 struct timeval *tv = (struct timeval *)addr; 787 u_long msec = d->bd_rtout; 788 789 msec *= tick / 1000; 790 tv->tv_sec = msec / 1000; 791 tv->tv_usec = msec % 1000; 792 break; 793 } 794 795 /* 796 * Get packet stats. 797 */ 798 case BIOCGSTATS: 799 { 800 struct bpf_stat *bs = (struct bpf_stat *)addr; 801 802 bs->bs_recv = d->bd_rcount; 803 bs->bs_drop = d->bd_dcount; 804 break; 805 } 806 807 /* 808 * Set immediate mode. 809 */ 810 case BIOCIMMEDIATE: 811 d->bd_immediate = *(u_int *)addr; 812 break; 813 814 case BIOCVERSION: 815 { 816 struct bpf_version *bv = (struct bpf_version *)addr; 817 818 bv->bv_major = BPF_MAJOR_VERSION; 819 bv->bv_minor = BPF_MINOR_VERSION; 820 break; 821 } 822 823 824 case FIONBIO: /* Non-blocking I/O */ 825 if (*(int *)addr) 826 d->bd_rtout = -1; 827 else 828 d->bd_rtout = 0; 829 break; 830 831 case FIOASYNC: /* Send signal on receive packets */ 832 d->bd_async = *(int *)addr; 833 break; 834 835/* N.B. ioctl (FIOSETOWN) and fcntl (F_SETOWN) both end up doing the 836 equivalent of a TIOCSPGRP and hence end up here. *However* TIOCSPGRP's arg 837 is a process group if it's positive and a process id if it's negative. This 838 is exactly the opposite of what the other two functions want! Therefore 839 there is code in ioctl and fcntl to negate the arg before calling here. */ 840 841 case TIOCSPGRP: /* Process or group to send signals to */ 842 d->bd_pgid = *(int *)addr; 843 break; 844 845 case TIOCGPGRP: 846 *(int *)addr = d->bd_pgid; 847 break; 848 849 case BIOCSRSIG: /* Set receive signal */ 850 { 851 u_int sig; 852 853 sig = *(u_int *)addr; 854 855 if (sig >= NSIG) 856 error = EINVAL; 857 else 858 d->bd_sig = sig; 859 break; 860 } 861 case BIOCGRSIG: 862 *(u_int *)addr = d->bd_sig; 863 break; 864 } 865 return (error); 866} 867 868/* 869 * Set d's packet filter program to fp. If this file already has a filter, 870 * free it and replace it. Returns EINVAL for bogus requests. 871 */ 872static int 873bpf_setf(d, fp) 874 struct bpf_d *d; 875 struct bpf_program *fp; 876{ 877 struct bpf_insn *fcode, *old; 878 u_int flen, size; 879 int s; 880 881 old = d->bd_filter; 882 if (fp->bf_insns == 0) { 883 if (fp->bf_len != 0) 884 return (EINVAL); 885 s = splimp(); 886 d->bd_filter = 0; 887 reset_d(d); 888 splx(s); 889 if (old != 0) 890 free((caddr_t)old, M_DEVBUF); 891 return (0); 892 } 893 flen = fp->bf_len; 894 if (flen > BPF_MAXINSNS) 895 return (EINVAL); 896 897 size = flen * sizeof(*fp->bf_insns); 898 fcode = (struct bpf_insn *)malloc(size, M_DEVBUF, M_WAITOK); 899 if (copyin((caddr_t)fp->bf_insns, (caddr_t)fcode, size) == 0 && 900 bpf_validate(fcode, (int)flen)) { 901 s = splimp(); 902 d->bd_filter = fcode; 903 reset_d(d); 904 splx(s); 905 if (old != 0) 906 free((caddr_t)old, M_DEVBUF); 907 908 return (0); 909 } 910 free((caddr_t)fcode, M_DEVBUF); 911 return (EINVAL); 912} 913 914/* 915 * Detach a file from its current interface (if attached at all) and attach 916 * to the interface indicated by the name stored in ifr. 917 * Return an errno or 0. 918 */ 919static int 920bpf_setif(d, ifr) 921 struct bpf_d *d; 922 struct ifreq *ifr; 923{ 924 struct bpf_if *bp; 925 int s, error; 926 struct ifnet *theywant; 927 928 theywant = ifunit(ifr->ifr_name); 929 if (theywant == 0) 930 return ENXIO; 931 932 /* 933 * Look through attached interfaces for the named one. 934 */ 935 for (bp = bpf_iflist; bp != 0; bp = bp->bif_next) { 936 struct ifnet *ifp = bp->bif_ifp; 937 938 if (ifp == 0 || ifp != theywant) 939 continue; 940 /* 941 * We found the requested interface. 942 * If it's not up, return an error. 943 * Allocate the packet buffers if we need to. 944 * If we're already attached to requested interface, 945 * just flush the buffer. 946 */ 947 if ((ifp->if_flags & IFF_UP) == 0) 948 return (ENETDOWN); 949 950 if (d->bd_sbuf == 0) { 951 error = bpf_allocbufs(d); 952 if (error != 0) 953 return (error); 954 } 955 s = splimp(); 956 if (bp != d->bd_bif) { 957 if (d->bd_bif) 958 /* 959 * Detach if attached to something else. 960 */ 961 bpf_detachd(d); 962 963 bpf_attachd(d, bp); 964 } 965 reset_d(d); 966 splx(s); 967 return (0); 968 } 969 /* Not found. */ 970 return (ENXIO); 971} 972 973/* 974 * Convert an interface name plus unit number of an ifp to a single 975 * name which is returned in the ifr. 976 */ 977static void 978bpf_ifname(ifp, ifr) 979 struct ifnet *ifp; 980 struct ifreq *ifr; 981{ 982 char *s = ifp->if_name; 983 char *d = ifr->ifr_name; 984 985 while (*d++ = *s++) 986 continue; 987 d--; /* back to the null */ 988 /* XXX Assume that unit number is less than 10. */ 989 *d++ = ifp->if_unit + '0'; 990 *d = '\0'; 991} 992 993/* 994 * The new select interface passes down the proc pointer; the old select 995 * stubs had to grab it out of the user struct. This glue allows either case. 996 */ 997#if BSD >= 199103 998#define bpf_select bpfselect 999#else 1000static int 1001bpfselect(dev, rw) 1002 register dev_t dev; 1003 int rw; 1004{ 1005 return (bpf_select(dev, rw, u.u_procp)); 1006} 1007#endif 1008 1009/* 1010 * Support for select() system call 1011 * 1012 * Return true iff the specific operation will not block indefinitely. 1013 * Otherwise, return false but make a note that a selwakeup() must be done. 1014 */ 1015int 1016bpf_select(dev, rw, p) 1017 register dev_t dev; 1018 int rw; 1019 struct proc *p; 1020{ 1021 register struct bpf_d *d; 1022 register int s; 1023 1024 if (rw != FREAD) 1025 return (0); 1026 /* 1027 * An imitation of the FIONREAD ioctl code. 1028 */ 1029 d = &bpf_dtab[minor(dev)]; 1030 1031 s = splimp(); 1032 if (d->bd_hlen != 0 || (d->bd_immediate && d->bd_slen != 0)) { 1033 /* 1034 * There is data waiting. 1035 */ 1036 splx(s); 1037 return (1); 1038 } 1039#if BSD >= 199103 1040 selrecord(p, &d->bd_sel); 1041#else 1042 /* 1043 * No data ready. If there's already a select() waiting on this 1044 * minor device then this is a collision. This shouldn't happen 1045 * because minors really should not be shared, but if a process 1046 * forks while one of these is open, it is possible that both 1047 * processes could select on the same descriptor. 1048 */ 1049 if (d->bd_selproc && d->bd_selproc->p_wchan == (caddr_t)&selwait) 1050 d->bd_selcoll = 1; 1051 else 1052 d->bd_selproc = p; 1053#endif 1054 splx(s); 1055 return (0); 1056} 1057 1058/* 1059 * Incoming linkage from device drivers. Process the packet pkt, of length 1060 * pktlen, which is stored in a contiguous buffer. The packet is parsed 1061 * by each process' filter, and if accepted, stashed into the corresponding 1062 * buffer. 1063 */ 1064void 1065bpf_tap(ifp, pkt, pktlen) 1066 struct ifnet *ifp; 1067 register u_char *pkt; 1068 register u_int pktlen; 1069{ 1070 struct bpf_if *bp; 1071 register struct bpf_d *d; 1072 register u_int slen; 1073 /* 1074 * Note that the ipl does not have to be raised at this point. 1075 * The only problem that could arise here is that if two different 1076 * interfaces shared any data. This is not the case. 1077 */ 1078 bp = ifp->if_bpf; 1079 for (d = bp->bif_dlist; d != 0; d = d->bd_next) { 1080 ++d->bd_rcount; 1081 slen = bpf_filter(d->bd_filter, pkt, pktlen, pktlen); 1082 if (slen != 0) 1083 catchpacket(d, pkt, pktlen, slen, bcopy); 1084 } 1085} 1086 1087/* 1088 * Copy data from an mbuf chain into a buffer. This code is derived 1089 * from m_copydata in sys/uipc_mbuf.c. 1090 */ 1091static void 1092bpf_mcopy(src_arg, dst_arg, len) 1093 const void *src_arg; 1094 void *dst_arg; 1095 register u_int len; 1096{ 1097 register const struct mbuf *m; 1098 register u_int count; 1099 u_char *dst; 1100 1101 m = src_arg; 1102 dst = dst_arg; 1103 while (len > 0) { 1104 if (m == 0) 1105 panic("bpf_mcopy"); 1106 count = min(m->m_len, len); 1107 bcopy(mtod(m, void *), dst, count); 1108 m = m->m_next; 1109 dst += count; 1110 len -= count; 1111 } 1112} 1113 1114/* 1115 * Incoming linkage from device drivers, when packet is in an mbuf chain. 1116 */ 1117void 1118bpf_mtap(ifp, m) 1119 struct ifnet *ifp; 1120 struct mbuf *m; 1121{ 1122 struct bpf_if *bp = ifp->if_bpf; 1123 struct bpf_d *d; 1124 u_int pktlen, slen; 1125 struct mbuf *m0; 1126 1127 pktlen = 0; 1128 for (m0 = m; m0 != 0; m0 = m0->m_next) 1129 pktlen += m0->m_len; 1130 1131 for (d = bp->bif_dlist; d != 0; d = d->bd_next) { 1132 ++d->bd_rcount; 1133 slen = bpf_filter(d->bd_filter, (u_char *)m, pktlen, 0); 1134 if (slen != 0) 1135 catchpacket(d, (u_char *)m, pktlen, slen, bpf_mcopy); 1136 } 1137} 1138 1139/* 1140 * Move the packet data from interface memory (pkt) into the 1141 * store buffer. Return 1 if it's time to wakeup a listener (buffer full), 1142 * otherwise 0. "copy" is the routine called to do the actual data 1143 * transfer. bcopy is passed in to copy contiguous chunks, while 1144 * bpf_mcopy is passed in to copy mbuf chains. In the latter case, 1145 * pkt is really an mbuf. 1146 */ 1147static void 1148catchpacket(d, pkt, pktlen, snaplen, cpfn) 1149 register struct bpf_d *d; 1150 register u_char *pkt; 1151 register u_int pktlen, snaplen; 1152 register void (*cpfn)(const void *, void *, u_int); 1153{ 1154 register struct bpf_hdr *hp; 1155 register int totlen, curlen; 1156 register int hdrlen = d->bd_bif->bif_hdrlen; 1157 /* 1158 * Figure out how many bytes to move. If the packet is 1159 * greater or equal to the snapshot length, transfer that 1160 * much. Otherwise, transfer the whole packet (unless 1161 * we hit the buffer size limit). 1162 */ 1163 totlen = hdrlen + min(snaplen, pktlen); 1164 if (totlen > d->bd_bufsize) 1165 totlen = d->bd_bufsize; 1166 1167 /* 1168 * Round up the end of the previous packet to the next longword. 1169 */ 1170 curlen = BPF_WORDALIGN(d->bd_slen); 1171 if (curlen + totlen > d->bd_bufsize) { 1172 /* 1173 * This packet will overflow the storage buffer. 1174 * Rotate the buffers if we can, then wakeup any 1175 * pending reads. 1176 */ 1177 if (d->bd_fbuf == 0) { 1178 /* 1179 * We haven't completed the previous read yet, 1180 * so drop the packet. 1181 */ 1182 ++d->bd_dcount; 1183 return; 1184 } 1185 ROTATE_BUFFERS(d); 1186 bpf_wakeup(d); 1187 curlen = 0; 1188 } 1189 else if (d->bd_immediate) 1190 /* 1191 * Immediate mode is set. A packet arrived so any 1192 * reads should be woken up. 1193 */ 1194 bpf_wakeup(d); 1195 1196 /* 1197 * Append the bpf header. 1198 */ 1199 hp = (struct bpf_hdr *)(d->bd_sbuf + curlen); 1200#if BSD >= 199103 1201 microtime(&hp->bh_tstamp); 1202#elif defined(sun) 1203 uniqtime(&hp->bh_tstamp); 1204#else 1205 hp->bh_tstamp = time; 1206#endif 1207 hp->bh_datalen = pktlen; 1208 hp->bh_hdrlen = hdrlen; 1209 /* 1210 * Copy the packet data into the store buffer and update its length. 1211 */ 1212 (*cpfn)(pkt, (u_char *)hp + hdrlen, (hp->bh_caplen = totlen - hdrlen)); 1213 d->bd_slen = curlen + totlen; 1214} 1215 1216/* 1217 * Initialize all nonzero fields of a descriptor. 1218 */ 1219static int 1220bpf_allocbufs(d) 1221 register struct bpf_d *d; 1222{ 1223 d->bd_fbuf = (caddr_t)malloc(d->bd_bufsize, M_DEVBUF, M_WAITOK); 1224 if (d->bd_fbuf == 0) 1225 return (ENOBUFS); 1226 1227 d->bd_sbuf = (caddr_t)malloc(d->bd_bufsize, M_DEVBUF, M_WAITOK); 1228 if (d->bd_sbuf == 0) { 1229 free(d->bd_fbuf, M_DEVBUF); 1230 return (ENOBUFS); 1231 } 1232 d->bd_slen = 0; 1233 d->bd_hlen = 0; 1234 return (0); 1235} 1236 1237/* 1238 * Free buffers currently in use by a descriptor. 1239 * Called on close. 1240 */ 1241static void 1242bpf_freed(d) 1243 register struct bpf_d *d; 1244{ 1245 /* 1246 * We don't need to lock out interrupts since this descriptor has 1247 * been detached from its interface and it yet hasn't been marked 1248 * free. 1249 */ 1250 if (d->bd_sbuf != 0) { 1251 free(d->bd_sbuf, M_DEVBUF); 1252 if (d->bd_hbuf != 0) 1253 free(d->bd_hbuf, M_DEVBUF); 1254 if (d->bd_fbuf != 0) 1255 free(d->bd_fbuf, M_DEVBUF); 1256 } 1257 if (d->bd_filter) 1258 free((caddr_t)d->bd_filter, M_DEVBUF); 1259 1260 D_MARKFREE(d); 1261} 1262 1263/* 1264 * Attach an interface to bpf. driverp is a pointer to a (struct bpf_if *) 1265 * in the driver's softc; dlt is the link layer type; hdrlen is the fixed 1266 * size of the link header (variable length headers not yet supported). 1267 */ 1268void 1269bpfattach(ifp, dlt, hdrlen) 1270 struct ifnet *ifp; 1271 u_int dlt, hdrlen; 1272{ 1273 struct bpf_if *bp; 1274 int i; 1275 bp = (struct bpf_if *)malloc(sizeof(*bp), M_DEVBUF, M_DONTWAIT); 1276 if (bp == 0) 1277 panic("bpfattach"); 1278 1279 bp->bif_dlist = 0; 1280 bp->bif_ifp = ifp; 1281 bp->bif_dlt = dlt; 1282 1283 bp->bif_next = bpf_iflist; 1284 bpf_iflist = bp; 1285 1286 bp->bif_ifp->if_bpf = 0; 1287 1288 /* 1289 * Compute the length of the bpf header. This is not necessarily 1290 * equal to SIZEOF_BPF_HDR because we want to insert spacing such 1291 * that the network layer header begins on a longword boundary (for 1292 * performance reasons and to alleviate alignment restrictions). 1293 */ 1294 bp->bif_hdrlen = BPF_WORDALIGN(hdrlen + SIZEOF_BPF_HDR) - hdrlen; 1295 1296 /* 1297 * Mark all the descriptors free if this hasn't been done. 1298 */ 1299 if (!D_ISFREE(&bpf_dtab[0])) 1300 for (i = 0; i < NBPFILTER; ++i) 1301 D_MARKFREE(&bpf_dtab[i]); 1302 1303 if (bootverbose) 1304 printf("bpf: %s%d attached\n", ifp->if_name, ifp->if_unit); 1305} 1306 1307#ifdef DEVFS 1308static void *bpf_devfs_token[NBPFILTER]; 1309#endif 1310 1311static bpf_devsw_installed = 0; 1312 1313static void bpf_drvinit(void *unused) 1314{ 1315 dev_t dev; 1316#ifdef DEVFS 1317 int i; 1318#endif 1319 1320 if( ! bpf_devsw_installed ) { 1321 dev = makedev(CDEV_MAJOR, 0); 1322 cdevsw_add(&dev,&bpf_cdevsw, NULL); 1323 bpf_devsw_installed = 1; 1324#ifdef DEVFS 1325 1326 for ( i = 0 ; i < NBPFILTER ; i++ ) { 1327 bpf_devfs_token[i] = 1328 devfs_add_devswf(&bpf_cdevsw, i, DV_CHR, 0, 0, 1329 0600, "bpf%d", i); 1330 } 1331#endif 1332 } 1333} 1334 1335SYSINIT(bpfdev,SI_SUB_DRIVERS,SI_ORDER_MIDDLE+CDEV_MAJOR,bpf_drvinit,NULL) 1336 1337#endif 1338