bpf.c revision 38423
1/* 2 * Copyright (c) 1990, 1991, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * This code is derived from the Stanford/CMU enet packet filter, 6 * (net/enet.c) distributed as part of 4.3BSD, and code contributed 7 * to Berkeley by Steven McCanne and Van Jacobson both of Lawrence 8 * Berkeley Laboratory. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 3. All advertising materials mentioning features or use of this software 19 * must display the following acknowledgement: 20 * This product includes software developed by the University of 21 * California, Berkeley and its contributors. 22 * 4. Neither the name of the University nor the names of its contributors 23 * may be used to endorse or promote products derived from this software 24 * without specific prior written permission. 25 * 26 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 27 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 28 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 29 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 30 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 31 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 34 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 35 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 36 * SUCH DAMAGE. 37 * 38 * @(#)bpf.c 8.2 (Berkeley) 3/28/94 39 * 40 * $Id: bpf.c,v 1.40 1998/07/29 05:34:59 kjc Exp $ 41 */ 42 43#include "bpfilter.h" 44 45#if NBPFILTER > 0 46 47#ifndef __GNUC__ 48#define inline 49#else 50#define inline __inline 51#endif 52 53#include <sys/param.h> 54#include <sys/systm.h> 55#include <sys/conf.h> 56#include <sys/malloc.h> 57#include <sys/mbuf.h> 58#include <sys/time.h> 59#include <sys/proc.h> 60#include <sys/signalvar.h> 61#include <sys/filio.h> 62#include <sys/sockio.h> 63#include <sys/ttycom.h> 64 65#if defined(sparc) && BSD < 199103 66#include <sys/stream.h> 67#endif 68#include <sys/poll.h> 69 70#include <sys/socket.h> 71#include <sys/vnode.h> 72 73#include <net/if.h> 74#include <net/bpf.h> 75#include <net/bpfdesc.h> 76 77#include <netinet/in.h> 78#include <netinet/if_ether.h> 79#include <sys/kernel.h> 80#include <sys/sysctl.h> 81 82#include "opt_devfs.h" 83 84#ifdef DEVFS 85#include <sys/devfsext.h> 86#endif /*DEVFS*/ 87 88 89/* 90 * Older BSDs don't have kernel malloc. 91 */ 92#if BSD < 199103 93extern bcopy(); 94static caddr_t bpf_alloc(); 95#include <net/bpf_compat.h> 96#define BPF_BUFSIZE (MCLBYTES-8) 97#define UIOMOVE(cp, len, code, uio) uiomove(cp, len, code, uio) 98#else 99#define BPF_BUFSIZE 4096 100#define UIOMOVE(cp, len, code, uio) uiomove(cp, len, uio) 101#endif 102 103#define PRINET 26 /* interruptible */ 104 105/* 106 * The default read buffer size is patchable. 107 */ 108static int bpf_bufsize = BPF_BUFSIZE; 109SYSCTL_INT(_debug, OID_AUTO, bpf_bufsize, CTLFLAG_RW, 110 &bpf_bufsize, 0, ""); 111 112/* 113 * bpf_iflist is the list of interfaces; each corresponds to an ifnet 114 * bpf_dtab holds the descriptors, indexed by minor device # 115 */ 116static struct bpf_if *bpf_iflist; 117static struct bpf_d bpf_dtab[NBPFILTER]; 118static int bpf_dtab_init; 119 120static int bpf_allocbufs __P((struct bpf_d *)); 121static void bpf_attachd __P((struct bpf_d *d, struct bpf_if *bp)); 122static void bpf_detachd __P((struct bpf_d *d)); 123static void bpf_freed __P((struct bpf_d *)); 124static void bpf_ifname __P((struct ifnet *, struct ifreq *)); 125static void bpf_mcopy __P((const void *, void *, u_int)); 126static int bpf_movein __P((struct uio *, int, 127 struct mbuf **, struct sockaddr *, int *)); 128static int bpf_setif __P((struct bpf_d *, struct ifreq *)); 129static inline void 130 bpf_wakeup __P((struct bpf_d *)); 131static void catchpacket __P((struct bpf_d *, u_char *, u_int, 132 u_int, void (*)(const void *, void *, u_int))); 133static void reset_d __P((struct bpf_d *)); 134static int bpf_setf __P((struct bpf_d *, struct bpf_program *)); 135 136static d_open_t bpfopen; 137static d_close_t bpfclose; 138static d_read_t bpfread; 139static d_write_t bpfwrite; 140static d_ioctl_t bpfioctl; 141static d_poll_t bpfpoll; 142 143#define CDEV_MAJOR 23 144static struct cdevsw bpf_cdevsw = 145 { bpfopen, bpfclose, bpfread, bpfwrite, /*23*/ 146 bpfioctl, nostop, nullreset, nodevtotty,/* bpf */ 147 bpfpoll, nommap, NULL, "bpf", NULL, -1 }; 148 149 150static int 151bpf_movein(uio, linktype, mp, sockp, datlen) 152 register struct uio *uio; 153 int linktype, *datlen; 154 register struct mbuf **mp; 155 register struct sockaddr *sockp; 156{ 157 struct mbuf *m; 158 int error; 159 int len; 160 int hlen; 161 162 /* 163 * Build a sockaddr based on the data link layer type. 164 * We do this at this level because the ethernet header 165 * is copied directly into the data field of the sockaddr. 166 * In the case of SLIP, there is no header and the packet 167 * is forwarded as is. 168 * Also, we are careful to leave room at the front of the mbuf 169 * for the link level header. 170 */ 171 switch (linktype) { 172 173 case DLT_SLIP: 174 sockp->sa_family = AF_INET; 175 hlen = 0; 176 break; 177 178 case DLT_EN10MB: 179 sockp->sa_family = AF_UNSPEC; 180 /* XXX Would MAXLINKHDR be better? */ 181 hlen = sizeof(struct ether_header); 182 break; 183 184 case DLT_FDDI: 185#if defined(__FreeBSD__) || defined(__bsdi__) 186 sockp->sa_family = AF_IMPLINK; 187 hlen = 0; 188#else 189 sockp->sa_family = AF_UNSPEC; 190 /* XXX 4(FORMAC)+6(dst)+6(src)+3(LLC)+5(SNAP) */ 191 hlen = 24; 192#endif 193 break; 194 195 case DLT_RAW: 196 case DLT_NULL: 197 sockp->sa_family = AF_UNSPEC; 198 hlen = 0; 199 break; 200 201#ifdef __FreeBSD__ 202 case DLT_ATM_RFC1483: 203 /* 204 * en atm driver requires 4-byte atm pseudo header. 205 * though it isn't standard, vpi:vci needs to be 206 * specified anyway. 207 */ 208 sockp->sa_family = AF_UNSPEC; 209 hlen = 12; /* XXX 4(ATM_PH) + 3(LLC) + 5(SNAP) */ 210 break; 211#endif 212 213 default: 214 return (EIO); 215 } 216 217 len = uio->uio_resid; 218 *datlen = len - hlen; 219 if ((unsigned)len > MCLBYTES) 220 return (EIO); 221 222 MGETHDR(m, M_WAIT, MT_DATA); 223 if (m == 0) 224 return (ENOBUFS); 225 if (len > MHLEN) { 226#if BSD >= 199103 227 MCLGET(m, M_WAIT); 228 if ((m->m_flags & M_EXT) == 0) { 229#else 230 MCLGET(m); 231 if (m->m_len != MCLBYTES) { 232#endif 233 error = ENOBUFS; 234 goto bad; 235 } 236 } 237 m->m_pkthdr.len = m->m_len = len; 238 m->m_pkthdr.rcvif = NULL; 239 *mp = m; 240 /* 241 * Make room for link header. 242 */ 243 if (hlen != 0) { 244 m->m_pkthdr.len -= hlen; 245 m->m_len -= hlen; 246#if BSD >= 199103 247 m->m_data += hlen; /* XXX */ 248#else 249 m->m_off += hlen; 250#endif 251 error = UIOMOVE((caddr_t)sockp->sa_data, hlen, UIO_WRITE, uio); 252 if (error) 253 goto bad; 254 } 255 error = UIOMOVE(mtod(m, caddr_t), len - hlen, UIO_WRITE, uio); 256 if (!error) 257 return (0); 258 bad: 259 m_freem(m); 260 return (error); 261} 262 263/* 264 * Attach file to the bpf interface, i.e. make d listen on bp. 265 * Must be called at splimp. 266 */ 267static void 268bpf_attachd(d, bp) 269 struct bpf_d *d; 270 struct bpf_if *bp; 271{ 272 /* 273 * Point d at bp, and add d to the interface's list of listeners. 274 * Finally, point the driver's bpf cookie at the interface so 275 * it will divert packets to bpf. 276 */ 277 d->bd_bif = bp; 278 d->bd_next = bp->bif_dlist; 279 bp->bif_dlist = d; 280 281 bp->bif_ifp->if_bpf = bp; 282} 283 284/* 285 * Detach a file from its interface. 286 */ 287static void 288bpf_detachd(d) 289 struct bpf_d *d; 290{ 291 struct bpf_d **p; 292 struct bpf_if *bp; 293 294 bp = d->bd_bif; 295 /* 296 * Check if this descriptor had requested promiscuous mode. 297 * If so, turn it off. 298 */ 299 if (d->bd_promisc) { 300 d->bd_promisc = 0; 301 if (ifpromisc(bp->bif_ifp, 0)) 302 /* 303 * Something is really wrong if we were able to put 304 * the driver into promiscuous mode, but can't 305 * take it out. 306 */ 307 panic("bpf: ifpromisc failed"); 308 } 309 /* Remove d from the interface's descriptor list. */ 310 p = &bp->bif_dlist; 311 while (*p != d) { 312 p = &(*p)->bd_next; 313 if (*p == 0) 314 panic("bpf_detachd: descriptor not in list"); 315 } 316 *p = (*p)->bd_next; 317 if (bp->bif_dlist == 0) 318 /* 319 * Let the driver know that there are no more listeners. 320 */ 321 d->bd_bif->bif_ifp->if_bpf = 0; 322 d->bd_bif = 0; 323} 324 325 326/* 327 * Mark a descriptor free by making it point to itself. 328 * This is probably cheaper than marking with a constant since 329 * the address should be in a register anyway. 330 */ 331#define D_ISFREE(d) ((d) == (d)->bd_next) 332#define D_MARKFREE(d) ((d)->bd_next = (d)) 333#define D_MARKUSED(d) ((d)->bd_next = 0) 334 335/* 336 * Open ethernet device. Returns ENXIO for illegal minor device number, 337 * EBUSY if file is open by another process. 338 */ 339/* ARGSUSED */ 340static int 341bpfopen(dev, flags, fmt, p) 342 dev_t dev; 343 int flags; 344 int fmt; 345 struct proc *p; 346{ 347 register struct bpf_d *d; 348 349 if (minor(dev) >= NBPFILTER) 350 return (ENXIO); 351 /* 352 * Each minor can be opened by only one process. If the requested 353 * minor is in use, return EBUSY. 354 */ 355 d = &bpf_dtab[minor(dev)]; 356 if (!D_ISFREE(d)) 357 return (EBUSY); 358 359 /* Mark "free" and do most initialization. */ 360 bzero((char *)d, sizeof(*d)); 361 d->bd_bufsize = bpf_bufsize; 362 d->bd_sig = SIGIO; 363 364 return (0); 365} 366 367/* 368 * Close the descriptor by detaching it from its interface, 369 * deallocating its buffers, and marking it free. 370 */ 371/* ARGSUSED */ 372static int 373bpfclose(dev, flags, fmt, p) 374 dev_t dev; 375 int flags; 376 int fmt; 377 struct proc *p; 378{ 379 register struct bpf_d *d = &bpf_dtab[minor(dev)]; 380 register int s; 381 382 s = splimp(); 383 if (d->bd_bif) 384 bpf_detachd(d); 385 splx(s); 386 bpf_freed(d); 387 388 return (0); 389} 390 391/* 392 * Support for SunOS, which does not have tsleep. 393 */ 394#if BSD < 199103 395static 396bpf_timeout(arg) 397 caddr_t arg; 398{ 399 struct bpf_d *d = (struct bpf_d *)arg; 400 d->bd_timedout = 1; 401 wakeup(arg); 402} 403 404#define BPF_SLEEP(chan, pri, s, t) bpf_sleep((struct bpf_d *)chan) 405 406int 407bpf_sleep(d) 408 register struct bpf_d *d; 409{ 410 register int rto = d->bd_rtout; 411 register int st; 412 413 if (rto != 0) { 414 d->bd_timedout = 0; 415 timeout(bpf_timeout, (caddr_t)d, rto); 416 } 417 st = sleep((caddr_t)d, PRINET|PCATCH); 418 if (rto != 0) { 419 if (d->bd_timedout == 0) 420 untimeout(bpf_timeout, (caddr_t)d); 421 else if (st == 0) 422 return EWOULDBLOCK; 423 } 424 return (st != 0) ? EINTR : 0; 425} 426#else 427#define BPF_SLEEP tsleep 428#endif 429 430/* 431 * Rotate the packet buffers in descriptor d. Move the store buffer 432 * into the hold slot, and the free buffer into the store slot. 433 * Zero the length of the new store buffer. 434 */ 435#define ROTATE_BUFFERS(d) \ 436 (d)->bd_hbuf = (d)->bd_sbuf; \ 437 (d)->bd_hlen = (d)->bd_slen; \ 438 (d)->bd_sbuf = (d)->bd_fbuf; \ 439 (d)->bd_slen = 0; \ 440 (d)->bd_fbuf = 0; 441/* 442 * bpfread - read next chunk of packets from buffers 443 */ 444static int 445bpfread(dev, uio, ioflag) 446 dev_t dev; 447 register struct uio *uio; 448 int ioflag; 449{ 450 register struct bpf_d *d = &bpf_dtab[minor(dev)]; 451 int error; 452 int s; 453 454 /* 455 * Restrict application to use a buffer the same size as 456 * as kernel buffers. 457 */ 458 if (uio->uio_resid != d->bd_bufsize) 459 return (EINVAL); 460 461 s = splimp(); 462 /* 463 * If the hold buffer is empty, then do a timed sleep, which 464 * ends when the timeout expires or when enough packets 465 * have arrived to fill the store buffer. 466 */ 467 while (d->bd_hbuf == 0) { 468 if (d->bd_immediate && d->bd_slen != 0) { 469 /* 470 * A packet(s) either arrived since the previous 471 * read or arrived while we were asleep. 472 * Rotate the buffers and return what's here. 473 */ 474 ROTATE_BUFFERS(d); 475 break; 476 } 477 if (ioflag & IO_NDELAY) 478 error = EWOULDBLOCK; 479 else 480 error = BPF_SLEEP((caddr_t)d, PRINET|PCATCH, "bpf", 481 d->bd_rtout); 482 if (error == EINTR || error == ERESTART) { 483 splx(s); 484 return (error); 485 } 486 if (error == EWOULDBLOCK) { 487 /* 488 * On a timeout, return what's in the buffer, 489 * which may be nothing. If there is something 490 * in the store buffer, we can rotate the buffers. 491 */ 492 if (d->bd_hbuf) 493 /* 494 * We filled up the buffer in between 495 * getting the timeout and arriving 496 * here, so we don't need to rotate. 497 */ 498 break; 499 500 if (d->bd_slen == 0) { 501 splx(s); 502 return (0); 503 } 504 ROTATE_BUFFERS(d); 505 break; 506 } 507 } 508 /* 509 * At this point, we know we have something in the hold slot. 510 */ 511 splx(s); 512 513 /* 514 * Move data from hold buffer into user space. 515 * We know the entire buffer is transferred since 516 * we checked above that the read buffer is bpf_bufsize bytes. 517 */ 518 error = UIOMOVE(d->bd_hbuf, d->bd_hlen, UIO_READ, uio); 519 520 s = splimp(); 521 d->bd_fbuf = d->bd_hbuf; 522 d->bd_hbuf = 0; 523 d->bd_hlen = 0; 524 splx(s); 525 526 return (error); 527} 528 529 530/* 531 * If there are processes sleeping on this descriptor, wake them up. 532 */ 533static inline void 534bpf_wakeup(d) 535 register struct bpf_d *d; 536{ 537 struct proc *p; 538 539 wakeup((caddr_t)d); 540 if (d->bd_async && d->bd_sig) 541 if (d->bd_pgid > 0) 542 gsignal (d->bd_pgid, d->bd_sig); 543 else if (p = pfind (-d->bd_pgid)) 544 psignal (p, d->bd_sig); 545 546#if BSD >= 199103 547 selwakeup(&d->bd_sel); 548 /* XXX */ 549 d->bd_sel.si_pid = 0; 550#else 551 if (d->bd_selproc) { 552 selwakeup(d->bd_selproc, (int)d->bd_selcoll); 553 d->bd_selcoll = 0; 554 d->bd_selproc = 0; 555 } 556#endif 557} 558 559static int 560bpfwrite(dev, uio, ioflag) 561 dev_t dev; 562 struct uio *uio; 563 int ioflag; 564{ 565 register struct bpf_d *d = &bpf_dtab[minor(dev)]; 566 struct ifnet *ifp; 567 struct mbuf *m; 568 int error, s; 569 static struct sockaddr dst; 570 int datlen; 571 572 if (d->bd_bif == 0) 573 return (ENXIO); 574 575 ifp = d->bd_bif->bif_ifp; 576 577 if (uio->uio_resid == 0) 578 return (0); 579 580 error = bpf_movein(uio, (int)d->bd_bif->bif_dlt, &m, &dst, &datlen); 581 if (error) 582 return (error); 583 584 if (datlen > ifp->if_mtu) 585 return (EMSGSIZE); 586 587 s = splnet(); 588#if BSD >= 199103 589 error = (*ifp->if_output)(ifp, m, &dst, (struct rtentry *)0); 590#else 591 error = (*ifp->if_output)(ifp, m, &dst); 592#endif 593 splx(s); 594 /* 595 * The driver frees the mbuf. 596 */ 597 return (error); 598} 599 600/* 601 * Reset a descriptor by flushing its packet buffer and clearing the 602 * receive and drop counts. Should be called at splimp. 603 */ 604static void 605reset_d(d) 606 struct bpf_d *d; 607{ 608 if (d->bd_hbuf) { 609 /* Free the hold buffer. */ 610 d->bd_fbuf = d->bd_hbuf; 611 d->bd_hbuf = 0; 612 } 613 d->bd_slen = 0; 614 d->bd_hlen = 0; 615 d->bd_rcount = 0; 616 d->bd_dcount = 0; 617} 618 619/* 620 * FIONREAD Check for read packet available. 621 * SIOCGIFADDR Get interface address - convenient hook to driver. 622 * BIOCGBLEN Get buffer len [for read()]. 623 * BIOCSETF Set ethernet read filter. 624 * BIOCFLUSH Flush read packet buffer. 625 * BIOCPROMISC Put interface into promiscuous mode. 626 * BIOCGDLT Get link layer type. 627 * BIOCGETIF Get interface name. 628 * BIOCSETIF Set interface. 629 * BIOCSRTIMEOUT Set read timeout. 630 * BIOCGRTIMEOUT Get read timeout. 631 * BIOCGSTATS Get packet stats. 632 * BIOCIMMEDIATE Set immediate mode. 633 * BIOCVERSION Get filter language version. 634 */ 635/* ARGSUSED */ 636static int 637bpfioctl(dev, cmd, addr, flags, p) 638 dev_t dev; 639 u_long cmd; 640 caddr_t addr; 641 int flags; 642 struct proc *p; 643{ 644 register struct bpf_d *d = &bpf_dtab[minor(dev)]; 645 int s, error = 0; 646 647 switch (cmd) { 648 649 default: 650 error = EINVAL; 651 break; 652 653 /* 654 * Check for read packet available. 655 */ 656 case FIONREAD: 657 { 658 int n; 659 660 s = splimp(); 661 n = d->bd_slen; 662 if (d->bd_hbuf) 663 n += d->bd_hlen; 664 splx(s); 665 666 *(int *)addr = n; 667 break; 668 } 669 670 case SIOCGIFADDR: 671 { 672 struct ifnet *ifp; 673 674 if (d->bd_bif == 0) 675 error = EINVAL; 676 else { 677 ifp = d->bd_bif->bif_ifp; 678 error = (*ifp->if_ioctl)(ifp, cmd, addr); 679 } 680 break; 681 } 682 683 /* 684 * Get buffer len [for read()]. 685 */ 686 case BIOCGBLEN: 687 *(u_int *)addr = d->bd_bufsize; 688 break; 689 690 /* 691 * Set buffer length. 692 */ 693 case BIOCSBLEN: 694#if BSD < 199103 695 error = EINVAL; 696#else 697 if (d->bd_bif != 0) 698 error = EINVAL; 699 else { 700 register u_int size = *(u_int *)addr; 701 702 if (size > BPF_MAXBUFSIZE) 703 *(u_int *)addr = size = BPF_MAXBUFSIZE; 704 else if (size < BPF_MINBUFSIZE) 705 *(u_int *)addr = size = BPF_MINBUFSIZE; 706 d->bd_bufsize = size; 707 } 708#endif 709 break; 710 711 /* 712 * Set link layer read filter. 713 */ 714 case BIOCSETF: 715 error = bpf_setf(d, (struct bpf_program *)addr); 716 break; 717 718 /* 719 * Flush read packet buffer. 720 */ 721 case BIOCFLUSH: 722 s = splimp(); 723 reset_d(d); 724 splx(s); 725 break; 726 727 /* 728 * Put interface into promiscuous mode. 729 */ 730 case BIOCPROMISC: 731 if (d->bd_bif == 0) { 732 /* 733 * No interface attached yet. 734 */ 735 error = EINVAL; 736 break; 737 } 738 s = splimp(); 739 if (d->bd_promisc == 0) { 740 error = ifpromisc(d->bd_bif->bif_ifp, 1); 741 if (error == 0) 742 d->bd_promisc = 1; 743 } 744 splx(s); 745 break; 746 747 /* 748 * Get device parameters. 749 */ 750 case BIOCGDLT: 751 if (d->bd_bif == 0) 752 error = EINVAL; 753 else 754 *(u_int *)addr = d->bd_bif->bif_dlt; 755 break; 756 757 /* 758 * Set interface name. 759 */ 760 case BIOCGETIF: 761 if (d->bd_bif == 0) 762 error = EINVAL; 763 else 764 bpf_ifname(d->bd_bif->bif_ifp, (struct ifreq *)addr); 765 break; 766 767 /* 768 * Set interface. 769 */ 770 case BIOCSETIF: 771 error = bpf_setif(d, (struct ifreq *)addr); 772 break; 773 774 /* 775 * Set read timeout. 776 */ 777 case BIOCSRTIMEOUT: 778 { 779 struct timeval *tv = (struct timeval *)addr; 780 u_long msec; 781 782 /* Compute number of milliseconds. */ 783 msec = tv->tv_sec * 1000 + tv->tv_usec / 1000; 784 /* Scale milliseconds to ticks. Assume hard 785 clock has millisecond or greater resolution 786 (i.e. tick >= 1000). For 10ms hardclock, 787 tick/1000 = 10, so rtout<-msec/10. */ 788 d->bd_rtout = msec / (tick / 1000); 789 break; 790 } 791 792 /* 793 * Get read timeout. 794 */ 795 case BIOCGRTIMEOUT: 796 { 797 struct timeval *tv = (struct timeval *)addr; 798 u_long msec = d->bd_rtout; 799 800 msec *= tick / 1000; 801 tv->tv_sec = msec / 1000; 802 tv->tv_usec = msec % 1000; 803 break; 804 } 805 806 /* 807 * Get packet stats. 808 */ 809 case BIOCGSTATS: 810 { 811 struct bpf_stat *bs = (struct bpf_stat *)addr; 812 813 bs->bs_recv = d->bd_rcount; 814 bs->bs_drop = d->bd_dcount; 815 break; 816 } 817 818 /* 819 * Set immediate mode. 820 */ 821 case BIOCIMMEDIATE: 822 d->bd_immediate = *(u_int *)addr; 823 break; 824 825 case BIOCVERSION: 826 { 827 struct bpf_version *bv = (struct bpf_version *)addr; 828 829 bv->bv_major = BPF_MAJOR_VERSION; 830 bv->bv_minor = BPF_MINOR_VERSION; 831 break; 832 } 833 834 case FIONBIO: /* Non-blocking I/O */ 835 break; 836 837 case FIOASYNC: /* Send signal on receive packets */ 838 d->bd_async = *(int *)addr; 839 break; 840 841/* N.B. ioctl (FIOSETOWN) and fcntl (F_SETOWN) both end up doing the 842 equivalent of a TIOCSPGRP and hence end up here. *However* TIOCSPGRP's arg 843 is a process group if it's positive and a process id if it's negative. This 844 is exactly the opposite of what the other two functions want! Therefore 845 there is code in ioctl and fcntl to negate the arg before calling here. */ 846 847 case TIOCSPGRP: /* Process or group to send signals to */ 848 d->bd_pgid = *(int *)addr; 849 break; 850 851 case TIOCGPGRP: 852 *(int *)addr = d->bd_pgid; 853 break; 854 855 case BIOCSRSIG: /* Set receive signal */ 856 { 857 u_int sig; 858 859 sig = *(u_int *)addr; 860 861 if (sig >= NSIG) 862 error = EINVAL; 863 else 864 d->bd_sig = sig; 865 break; 866 } 867 case BIOCGRSIG: 868 *(u_int *)addr = d->bd_sig; 869 break; 870 } 871 return (error); 872} 873 874/* 875 * Set d's packet filter program to fp. If this file already has a filter, 876 * free it and replace it. Returns EINVAL for bogus requests. 877 */ 878static int 879bpf_setf(d, fp) 880 struct bpf_d *d; 881 struct bpf_program *fp; 882{ 883 struct bpf_insn *fcode, *old; 884 u_int flen, size; 885 int s; 886 887 old = d->bd_filter; 888 if (fp->bf_insns == 0) { 889 if (fp->bf_len != 0) 890 return (EINVAL); 891 s = splimp(); 892 d->bd_filter = 0; 893 reset_d(d); 894 splx(s); 895 if (old != 0) 896 free((caddr_t)old, M_DEVBUF); 897 return (0); 898 } 899 flen = fp->bf_len; 900 if (flen > BPF_MAXINSNS) 901 return (EINVAL); 902 903 size = flen * sizeof(*fp->bf_insns); 904 fcode = (struct bpf_insn *)malloc(size, M_DEVBUF, M_WAITOK); 905 if (copyin((caddr_t)fp->bf_insns, (caddr_t)fcode, size) == 0 && 906 bpf_validate(fcode, (int)flen)) { 907 s = splimp(); 908 d->bd_filter = fcode; 909 reset_d(d); 910 splx(s); 911 if (old != 0) 912 free((caddr_t)old, M_DEVBUF); 913 914 return (0); 915 } 916 free((caddr_t)fcode, M_DEVBUF); 917 return (EINVAL); 918} 919 920/* 921 * Detach a file from its current interface (if attached at all) and attach 922 * to the interface indicated by the name stored in ifr. 923 * Return an errno or 0. 924 */ 925static int 926bpf_setif(d, ifr) 927 struct bpf_d *d; 928 struct ifreq *ifr; 929{ 930 struct bpf_if *bp; 931 int s, error; 932 struct ifnet *theywant; 933 934 theywant = ifunit(ifr->ifr_name); 935 if (theywant == 0) 936 return ENXIO; 937 938 /* 939 * Look through attached interfaces for the named one. 940 */ 941 for (bp = bpf_iflist; bp != 0; bp = bp->bif_next) { 942 struct ifnet *ifp = bp->bif_ifp; 943 944 if (ifp == 0 || ifp != theywant) 945 continue; 946 /* 947 * We found the requested interface. 948 * If it's not up, return an error. 949 * Allocate the packet buffers if we need to. 950 * If we're already attached to requested interface, 951 * just flush the buffer. 952 */ 953 if ((ifp->if_flags & IFF_UP) == 0) 954 return (ENETDOWN); 955 956 if (d->bd_sbuf == 0) { 957 error = bpf_allocbufs(d); 958 if (error != 0) 959 return (error); 960 } 961 s = splimp(); 962 if (bp != d->bd_bif) { 963 if (d->bd_bif) 964 /* 965 * Detach if attached to something else. 966 */ 967 bpf_detachd(d); 968 969 bpf_attachd(d, bp); 970 } 971 reset_d(d); 972 splx(s); 973 return (0); 974 } 975 /* Not found. */ 976 return (ENXIO); 977} 978 979/* 980 * Convert an interface name plus unit number of an ifp to a single 981 * name which is returned in the ifr. 982 */ 983static void 984bpf_ifname(ifp, ifr) 985 struct ifnet *ifp; 986 struct ifreq *ifr; 987{ 988 char *s = ifp->if_name; 989 char *d = ifr->ifr_name; 990 991 while (*d++ = *s++) 992 continue; 993 d--; /* back to the null */ 994 /* XXX Assume that unit number is less than 10. */ 995 *d++ = ifp->if_unit + '0'; 996 *d = '\0'; 997} 998 999/* 1000 * Support for select() and poll() system calls 1001 * 1002 * Return true iff the specific operation will not block indefinitely. 1003 * Otherwise, return false but make a note that a selwakeup() must be done. 1004 */ 1005int 1006bpfpoll(dev, events, p) 1007 register dev_t dev; 1008 int events; 1009 struct proc *p; 1010{ 1011 register struct bpf_d *d; 1012 register int s; 1013 int revents = 0; 1014 1015 /* 1016 * An imitation of the FIONREAD ioctl code. 1017 */ 1018 d = &bpf_dtab[minor(dev)]; 1019 1020 s = splimp(); 1021 if (events & (POLLIN | POLLRDNORM)) 1022 if (d->bd_hlen != 0 || (d->bd_immediate && d->bd_slen != 0)) 1023 revents |= events & (POLLIN | POLLRDNORM); 1024 else 1025 selrecord(p, &d->bd_sel); 1026 1027 splx(s); 1028 return (revents); 1029} 1030 1031/* 1032 * Incoming linkage from device drivers. Process the packet pkt, of length 1033 * pktlen, which is stored in a contiguous buffer. The packet is parsed 1034 * by each process' filter, and if accepted, stashed into the corresponding 1035 * buffer. 1036 */ 1037void 1038bpf_tap(ifp, pkt, pktlen) 1039 struct ifnet *ifp; 1040 register u_char *pkt; 1041 register u_int pktlen; 1042{ 1043 struct bpf_if *bp; 1044 register struct bpf_d *d; 1045 register u_int slen; 1046 /* 1047 * Note that the ipl does not have to be raised at this point. 1048 * The only problem that could arise here is that if two different 1049 * interfaces shared any data. This is not the case. 1050 */ 1051 bp = ifp->if_bpf; 1052 for (d = bp->bif_dlist; d != 0; d = d->bd_next) { 1053 ++d->bd_rcount; 1054 slen = bpf_filter(d->bd_filter, pkt, pktlen, pktlen); 1055 if (slen != 0) 1056 catchpacket(d, pkt, pktlen, slen, bcopy); 1057 } 1058} 1059 1060/* 1061 * Copy data from an mbuf chain into a buffer. This code is derived 1062 * from m_copydata in sys/uipc_mbuf.c. 1063 */ 1064static void 1065bpf_mcopy(src_arg, dst_arg, len) 1066 const void *src_arg; 1067 void *dst_arg; 1068 register u_int len; 1069{ 1070 register const struct mbuf *m; 1071 register u_int count; 1072 u_char *dst; 1073 1074 m = src_arg; 1075 dst = dst_arg; 1076 while (len > 0) { 1077 if (m == 0) 1078 panic("bpf_mcopy"); 1079 count = min(m->m_len, len); 1080 bcopy(mtod(m, void *), dst, count); 1081 m = m->m_next; 1082 dst += count; 1083 len -= count; 1084 } 1085} 1086 1087/* 1088 * Incoming linkage from device drivers, when packet is in an mbuf chain. 1089 */ 1090void 1091bpf_mtap(ifp, m) 1092 struct ifnet *ifp; 1093 struct mbuf *m; 1094{ 1095 struct bpf_if *bp = ifp->if_bpf; 1096 struct bpf_d *d; 1097 u_int pktlen, slen; 1098 struct mbuf *m0; 1099 1100 pktlen = 0; 1101 for (m0 = m; m0 != 0; m0 = m0->m_next) 1102 pktlen += m0->m_len; 1103 1104 for (d = bp->bif_dlist; d != 0; d = d->bd_next) { 1105 ++d->bd_rcount; 1106 slen = bpf_filter(d->bd_filter, (u_char *)m, pktlen, 0); 1107 if (slen != 0) 1108 catchpacket(d, (u_char *)m, pktlen, slen, bpf_mcopy); 1109 } 1110} 1111 1112/* 1113 * Move the packet data from interface memory (pkt) into the 1114 * store buffer. Return 1 if it's time to wakeup a listener (buffer full), 1115 * otherwise 0. "copy" is the routine called to do the actual data 1116 * transfer. bcopy is passed in to copy contiguous chunks, while 1117 * bpf_mcopy is passed in to copy mbuf chains. In the latter case, 1118 * pkt is really an mbuf. 1119 */ 1120static void 1121catchpacket(d, pkt, pktlen, snaplen, cpfn) 1122 register struct bpf_d *d; 1123 register u_char *pkt; 1124 register u_int pktlen, snaplen; 1125 register void (*cpfn) __P((const void *, void *, u_int)); 1126{ 1127 register struct bpf_hdr *hp; 1128 register int totlen, curlen; 1129 register int hdrlen = d->bd_bif->bif_hdrlen; 1130 /* 1131 * Figure out how many bytes to move. If the packet is 1132 * greater or equal to the snapshot length, transfer that 1133 * much. Otherwise, transfer the whole packet (unless 1134 * we hit the buffer size limit). 1135 */ 1136 totlen = hdrlen + min(snaplen, pktlen); 1137 if (totlen > d->bd_bufsize) 1138 totlen = d->bd_bufsize; 1139 1140 /* 1141 * Round up the end of the previous packet to the next longword. 1142 */ 1143 curlen = BPF_WORDALIGN(d->bd_slen); 1144 if (curlen + totlen > d->bd_bufsize) { 1145 /* 1146 * This packet will overflow the storage buffer. 1147 * Rotate the buffers if we can, then wakeup any 1148 * pending reads. 1149 */ 1150 if (d->bd_fbuf == 0) { 1151 /* 1152 * We haven't completed the previous read yet, 1153 * so drop the packet. 1154 */ 1155 ++d->bd_dcount; 1156 return; 1157 } 1158 ROTATE_BUFFERS(d); 1159 bpf_wakeup(d); 1160 curlen = 0; 1161 } 1162 else if (d->bd_immediate) 1163 /* 1164 * Immediate mode is set. A packet arrived so any 1165 * reads should be woken up. 1166 */ 1167 bpf_wakeup(d); 1168 1169 /* 1170 * Append the bpf header. 1171 */ 1172 hp = (struct bpf_hdr *)(d->bd_sbuf + curlen); 1173#if BSD >= 199103 1174 microtime(&hp->bh_tstamp); 1175#elif defined(sun) 1176 uniqtime(&hp->bh_tstamp); 1177#else 1178 hp->bh_tstamp = time; 1179#endif 1180 hp->bh_datalen = pktlen; 1181 hp->bh_hdrlen = hdrlen; 1182 /* 1183 * Copy the packet data into the store buffer and update its length. 1184 */ 1185 (*cpfn)(pkt, (u_char *)hp + hdrlen, (hp->bh_caplen = totlen - hdrlen)); 1186 d->bd_slen = curlen + totlen; 1187} 1188 1189/* 1190 * Initialize all nonzero fields of a descriptor. 1191 */ 1192static int 1193bpf_allocbufs(d) 1194 register struct bpf_d *d; 1195{ 1196 d->bd_fbuf = (caddr_t)malloc(d->bd_bufsize, M_DEVBUF, M_WAITOK); 1197 if (d->bd_fbuf == 0) 1198 return (ENOBUFS); 1199 1200 d->bd_sbuf = (caddr_t)malloc(d->bd_bufsize, M_DEVBUF, M_WAITOK); 1201 if (d->bd_sbuf == 0) { 1202 free(d->bd_fbuf, M_DEVBUF); 1203 return (ENOBUFS); 1204 } 1205 d->bd_slen = 0; 1206 d->bd_hlen = 0; 1207 return (0); 1208} 1209 1210/* 1211 * Free buffers currently in use by a descriptor. 1212 * Called on close. 1213 */ 1214static void 1215bpf_freed(d) 1216 register struct bpf_d *d; 1217{ 1218 /* 1219 * We don't need to lock out interrupts since this descriptor has 1220 * been detached from its interface and it yet hasn't been marked 1221 * free. 1222 */ 1223 if (d->bd_sbuf != 0) { 1224 free(d->bd_sbuf, M_DEVBUF); 1225 if (d->bd_hbuf != 0) 1226 free(d->bd_hbuf, M_DEVBUF); 1227 if (d->bd_fbuf != 0) 1228 free(d->bd_fbuf, M_DEVBUF); 1229 } 1230 if (d->bd_filter) 1231 free((caddr_t)d->bd_filter, M_DEVBUF); 1232 1233 D_MARKFREE(d); 1234} 1235 1236/* 1237 * Attach an interface to bpf. driverp is a pointer to a (struct bpf_if *) 1238 * in the driver's softc; dlt is the link layer type; hdrlen is the fixed 1239 * size of the link header (variable length headers not yet supported). 1240 */ 1241void 1242bpfattach(ifp, dlt, hdrlen) 1243 struct ifnet *ifp; 1244 u_int dlt, hdrlen; 1245{ 1246 struct bpf_if *bp; 1247 int i; 1248 bp = (struct bpf_if *)malloc(sizeof(*bp), M_DEVBUF, M_DONTWAIT); 1249 if (bp == 0) 1250 panic("bpfattach"); 1251 1252 bp->bif_dlist = 0; 1253 bp->bif_ifp = ifp; 1254 bp->bif_dlt = dlt; 1255 1256 bp->bif_next = bpf_iflist; 1257 bpf_iflist = bp; 1258 1259 bp->bif_ifp->if_bpf = 0; 1260 1261 /* 1262 * Compute the length of the bpf header. This is not necessarily 1263 * equal to SIZEOF_BPF_HDR because we want to insert spacing such 1264 * that the network layer header begins on a longword boundary (for 1265 * performance reasons and to alleviate alignment restrictions). 1266 */ 1267 bp->bif_hdrlen = BPF_WORDALIGN(hdrlen + SIZEOF_BPF_HDR) - hdrlen; 1268 1269 /* 1270 * Mark all the descriptors free if this hasn't been done. 1271 */ 1272 if (!bpf_dtab_init) { 1273 for (i = 0; i < NBPFILTER; ++i) 1274 D_MARKFREE(&bpf_dtab[i]); 1275 bpf_dtab_init = 1; 1276 } 1277 1278 if (bootverbose) 1279 printf("bpf: %s%d attached\n", ifp->if_name, ifp->if_unit); 1280} 1281 1282#ifdef DEVFS 1283static void *bpf_devfs_token[NBPFILTER]; 1284#endif 1285 1286static int bpf_devsw_installed; 1287 1288static void bpf_drvinit __P((void *unused)); 1289static void 1290bpf_drvinit(unused) 1291 void *unused; 1292{ 1293 dev_t dev; 1294#ifdef DEVFS 1295 int i; 1296#endif 1297 1298 if( ! bpf_devsw_installed ) { 1299 dev = makedev(CDEV_MAJOR, 0); 1300 cdevsw_add(&dev,&bpf_cdevsw, NULL); 1301 bpf_devsw_installed = 1; 1302#ifdef DEVFS 1303 1304 for ( i = 0 ; i < NBPFILTER ; i++ ) { 1305 bpf_devfs_token[i] = 1306 devfs_add_devswf(&bpf_cdevsw, i, DV_CHR, 0, 0, 1307 0600, "bpf%d", i); 1308 } 1309#endif 1310 } 1311} 1312 1313SYSINIT(bpfdev,SI_SUB_DRIVERS,SI_ORDER_MIDDLE+CDEV_MAJOR,bpf_drvinit,NULL) 1314 1315#endif 1316