bpf.c revision 9819
1/* 2 * Copyright (c) 1990, 1991, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * This code is derived from the Stanford/CMU enet packet filter, 6 * (net/enet.c) distributed as part of 4.3BSD, and code contributed 7 * to Berkeley by Steven McCanne and Van Jacobson both of Lawrence 8 * Berkeley Laboratory. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 3. All advertising materials mentioning features or use of this software 19 * must display the following acknowledgement: 20 * This product includes software developed by the University of 21 * California, Berkeley and its contributors. 22 * 4. Neither the name of the University nor the names of its contributors 23 * may be used to endorse or promote products derived from this software 24 * without specific prior written permission. 25 * 26 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 27 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 28 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 29 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 30 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 31 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 34 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 35 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 36 * SUCH DAMAGE. 37 * 38 * @(#)bpf.c 8.2 (Berkeley) 3/28/94 39 * 40 * $Id: bpf.c,v 1.9 1995/07/16 10:13:08 bde Exp $ 41 */ 42 43#include "bpfilter.h" 44 45#if NBPFILTER > 0 46 47#ifndef __GNUC__ 48#define inline 49#else 50#define inline __inline 51#endif 52 53#include <sys/param.h> 54#include <sys/systm.h> 55#include <sys/mbuf.h> 56#include <sys/buf.h> 57#include <sys/time.h> 58#include <sys/proc.h> 59#include <sys/user.h> 60#include <sys/ioctl.h> 61 62#include <sys/file.h> 63#if defined(sparc) && BSD < 199103 64#include <sys/stream.h> 65#endif 66#include <sys/uio.h> 67 68#include <sys/protosw.h> 69#include <sys/socket.h> 70#include <net/if.h> 71 72#include <net/bpf.h> 73#include <net/bpfdesc.h> 74 75#include <sys/errno.h> 76 77#include <netinet/in.h> 78#include <netinet/if_ether.h> 79#include <sys/kernel.h> 80 81/* 82 * Older BSDs don't have kernel malloc. 83 */ 84#if BSD < 199103 85extern bcopy(); 86static caddr_t bpf_alloc(); 87#include <net/bpf_compat.h> 88#define BPF_BUFSIZE (MCLBYTES-8) 89#define UIOMOVE(cp, len, code, uio) uiomove(cp, len, code, uio) 90#else 91#define BPF_BUFSIZE 4096 92#define UIOMOVE(cp, len, code, uio) uiomove(cp, len, uio) 93#endif 94 95#define PRINET 26 /* interruptible */ 96 97/* 98 * The default read buffer size is patchable. 99 */ 100int bpf_bufsize = BPF_BUFSIZE; 101 102/* 103 * bpf_iflist is the list of interfaces; each corresponds to an ifnet 104 * bpf_dtab holds the descriptors, indexed by minor device # 105 */ 106struct bpf_if *bpf_iflist; 107struct bpf_d bpf_dtab[NBPFILTER]; 108 109#if BSD >= 199207 110/* 111 * bpfilterattach() is called at boot time in new systems. We do 112 * nothing here since old systems will not call this. 113 */ 114/* ARGSUSED */ 115void 116bpfilterattach(n) 117 int n; 118{ 119} 120#endif 121 122static int bpf_allocbufs __P((struct bpf_d *)); 123static void bpf_freed __P((struct bpf_d *)); 124static void bpf_ifname __P((struct ifnet *, struct ifreq *)); 125static void bpf_mcopy __P((const void *, void *, u_int)); 126static int bpf_movein __P((struct uio *, int, 127 struct mbuf **, struct sockaddr *, int *)); 128static int bpf_setif __P((struct bpf_d *, struct ifreq *)); 129static inline void 130 bpf_wakeup __P((struct bpf_d *)); 131static void catchpacket __P((struct bpf_d *, u_char *, u_int, 132 u_int, void (*)(const void *, void *, u_int))); 133static void reset_d __P((struct bpf_d *)); 134 135static int 136bpf_movein(uio, linktype, mp, sockp, datlen) 137 register struct uio *uio; 138 int linktype, *datlen; 139 register struct mbuf **mp; 140 register struct sockaddr *sockp; 141{ 142 struct mbuf *m; 143 int error; 144 int len; 145 int hlen; 146 147 /* 148 * Build a sockaddr based on the data link layer type. 149 * We do this at this level because the ethernet header 150 * is copied directly into the data field of the sockaddr. 151 * In the case of SLIP, there is no header and the packet 152 * is forwarded as is. 153 * Also, we are careful to leave room at the front of the mbuf 154 * for the link level header. 155 */ 156 switch (linktype) { 157 158 case DLT_SLIP: 159 sockp->sa_family = AF_INET; 160 hlen = 0; 161 break; 162 163 case DLT_EN10MB: 164 sockp->sa_family = AF_UNSPEC; 165 /* XXX Would MAXLINKHDR be better? */ 166 hlen = sizeof(struct ether_header); 167 break; 168 169 case DLT_FDDI: 170#if defined(__FreeBSD__) || defined(__bsdi__) 171 sockp->sa_family = AF_IMPLINK; 172 hlen = 0; 173#else 174 sockp->sa_family = AF_UNSPEC; 175 /* XXX 4(FORMAC)+6(dst)+6(src)+3(LLC)+5(SNAP) */ 176 hlen = 24; 177#endif 178 break; 179 180 case DLT_NULL: 181 sockp->sa_family = AF_UNSPEC; 182 hlen = 0; 183 break; 184 185 default: 186 return (EIO); 187 } 188 189 len = uio->uio_resid; 190 *datlen = len - hlen; 191 if ((unsigned)len > MCLBYTES) 192 return (EIO); 193 194 MGET(m, M_WAIT, MT_DATA); 195 if (m == 0) 196 return (ENOBUFS); 197 if (len > MLEN) { 198#if BSD >= 199103 199 MCLGET(m, M_WAIT); 200 if ((m->m_flags & M_EXT) == 0) { 201#else 202 MCLGET(m); 203 if (m->m_len != MCLBYTES) { 204#endif 205 error = ENOBUFS; 206 goto bad; 207 } 208 } 209 m->m_len = len; 210 *mp = m; 211 /* 212 * Make room for link header. 213 */ 214 if (hlen != 0) { 215 m->m_len -= hlen; 216#if BSD >= 199103 217 m->m_data += hlen; /* XXX */ 218#else 219 m->m_off += hlen; 220#endif 221 error = UIOMOVE((caddr_t)sockp->sa_data, hlen, UIO_WRITE, uio); 222 if (error) 223 goto bad; 224 } 225 error = UIOMOVE(mtod(m, caddr_t), len - hlen, UIO_WRITE, uio); 226 if (!error) 227 return (0); 228 bad: 229 m_freem(m); 230 return (error); 231} 232 233/* 234 * Attach file to the bpf interface, i.e. make d listen on bp. 235 * Must be called at splimp. 236 */ 237static void 238bpf_attachd(d, bp) 239 struct bpf_d *d; 240 struct bpf_if *bp; 241{ 242 /* 243 * Point d at bp, and add d to the interface's list of listeners. 244 * Finally, point the driver's bpf cookie at the interface so 245 * it will divert packets to bpf. 246 */ 247 d->bd_bif = bp; 248 d->bd_next = bp->bif_dlist; 249 bp->bif_dlist = d; 250 251 *bp->bif_driverp = bp; 252} 253 254/* 255 * Detach a file from its interface. 256 */ 257static void 258bpf_detachd(d) 259 struct bpf_d *d; 260{ 261 struct bpf_d **p; 262 struct bpf_if *bp; 263 264 bp = d->bd_bif; 265 /* 266 * Check if this descriptor had requested promiscuous mode. 267 * If so, turn it off. 268 */ 269 if (d->bd_promisc) { 270 d->bd_promisc = 0; 271 if (ifpromisc(bp->bif_ifp, 0)) 272 /* 273 * Something is really wrong if we were able to put 274 * the driver into promiscuous mode, but can't 275 * take it out. 276 */ 277 panic("bpf: ifpromisc failed"); 278 } 279 /* Remove d from the interface's descriptor list. */ 280 p = &bp->bif_dlist; 281 while (*p != d) { 282 p = &(*p)->bd_next; 283 if (*p == 0) 284 panic("bpf_detachd: descriptor not in list"); 285 } 286 *p = (*p)->bd_next; 287 if (bp->bif_dlist == 0) 288 /* 289 * Let the driver know that there are no more listeners. 290 */ 291 *d->bd_bif->bif_driverp = 0; 292 d->bd_bif = 0; 293} 294 295 296/* 297 * Mark a descriptor free by making it point to itself. 298 * This is probably cheaper than marking with a constant since 299 * the address should be in a register anyway. 300 */ 301#define D_ISFREE(d) ((d) == (d)->bd_next) 302#define D_MARKFREE(d) ((d)->bd_next = (d)) 303#define D_MARKUSED(d) ((d)->bd_next = 0) 304 305/* 306 * Open ethernet device. Returns ENXIO for illegal minor device number, 307 * EBUSY if file is open by another process. 308 */ 309/* ARGSUSED */ 310int 311bpfopen(dev, flag) 312 dev_t dev; 313 int flag; 314{ 315 register struct bpf_d *d; 316 317 if (minor(dev) >= NBPFILTER) 318 return (ENXIO); 319 /* 320 * Each minor can be opened by only one process. If the requested 321 * minor is in use, return EBUSY. 322 */ 323 d = &bpf_dtab[minor(dev)]; 324 if (!D_ISFREE(d)) 325 return (EBUSY); 326 327 /* Mark "free" and do most initialization. */ 328 bzero((char *)d, sizeof(*d)); 329 d->bd_bufsize = bpf_bufsize; 330 d->bd_sig = SIGIO; 331 332 return (0); 333} 334 335/* 336 * Close the descriptor by detaching it from its interface, 337 * deallocating its buffers, and marking it free. 338 */ 339/* ARGSUSED */ 340int 341bpfclose(dev, flag) 342 dev_t dev; 343 int flag; 344{ 345 register struct bpf_d *d = &bpf_dtab[minor(dev)]; 346 register int s; 347 348 s = splimp(); 349 if (d->bd_bif) 350 bpf_detachd(d); 351 splx(s); 352 bpf_freed(d); 353 354 return (0); 355} 356 357/* 358 * Support for SunOS, which does not have tsleep. 359 */ 360#if BSD < 199103 361static 362bpf_timeout(arg) 363 caddr_t arg; 364{ 365 struct bpf_d *d = (struct bpf_d *)arg; 366 d->bd_timedout = 1; 367 wakeup(arg); 368} 369 370#define BPF_SLEEP(chan, pri, s, t) bpf_sleep((struct bpf_d *)chan) 371 372int 373bpf_sleep(d) 374 register struct bpf_d *d; 375{ 376 register int rto = d->bd_rtout; 377 register int st; 378 379 if (rto != 0) { 380 d->bd_timedout = 0; 381 timeout(bpf_timeout, (caddr_t)d, rto); 382 } 383 st = sleep((caddr_t)d, PRINET|PCATCH); 384 if (rto != 0) { 385 if (d->bd_timedout == 0) 386 untimeout(bpf_timeout, (caddr_t)d); 387 else if (st == 0) 388 return EWOULDBLOCK; 389 } 390 return (st != 0) ? EINTR : 0; 391} 392#else 393#define BPF_SLEEP tsleep 394#endif 395 396/* 397 * Rotate the packet buffers in descriptor d. Move the store buffer 398 * into the hold slot, and the free buffer into the store slot. 399 * Zero the length of the new store buffer. 400 */ 401#define ROTATE_BUFFERS(d) \ 402 (d)->bd_hbuf = (d)->bd_sbuf; \ 403 (d)->bd_hlen = (d)->bd_slen; \ 404 (d)->bd_sbuf = (d)->bd_fbuf; \ 405 (d)->bd_slen = 0; \ 406 (d)->bd_fbuf = 0; 407/* 408 * bpfread - read next chunk of packets from buffers 409 */ 410int 411bpfread(dev, uio) 412 dev_t dev; 413 register struct uio *uio; 414{ 415 register struct bpf_d *d = &bpf_dtab[minor(dev)]; 416 int error; 417 int s; 418 419 /* 420 * Restrict application to use a buffer the same size as 421 * as kernel buffers. 422 */ 423 if (uio->uio_resid != d->bd_bufsize) 424 return (EINVAL); 425 426 s = splimp(); 427 /* 428 * If the hold buffer is empty, then do a timed sleep, which 429 * ends when the timeout expires or when enough packets 430 * have arrived to fill the store buffer. 431 */ 432 while (d->bd_hbuf == 0) { 433 if (d->bd_immediate && d->bd_slen != 0) { 434 /* 435 * A packet(s) either arrived since the previous 436 * read or arrived while we were asleep. 437 * Rotate the buffers and return what's here. 438 */ 439 ROTATE_BUFFERS(d); 440 break; 441 } 442 if (d->bd_rtout != -1) 443 error = BPF_SLEEP((caddr_t)d, PRINET|PCATCH, "bpf", 444 d->bd_rtout); 445 else 446 error = EWOULDBLOCK; /* User requested non-blocking I/O */ 447 if (error == EINTR || error == ERESTART) { 448 splx(s); 449 return (error); 450 } 451 if (error == EWOULDBLOCK) { 452 /* 453 * On a timeout, return what's in the buffer, 454 * which may be nothing. If there is something 455 * in the store buffer, we can rotate the buffers. 456 */ 457 if (d->bd_hbuf) 458 /* 459 * We filled up the buffer in between 460 * getting the timeout and arriving 461 * here, so we don't need to rotate. 462 */ 463 break; 464 465 if (d->bd_slen == 0) { 466 splx(s); 467 return (0); 468 } 469 ROTATE_BUFFERS(d); 470 break; 471 } 472 } 473 /* 474 * At this point, we know we have something in the hold slot. 475 */ 476 splx(s); 477 478 /* 479 * Move data from hold buffer into user space. 480 * We know the entire buffer is transferred since 481 * we checked above that the read buffer is bpf_bufsize bytes. 482 */ 483 error = UIOMOVE(d->bd_hbuf, d->bd_hlen, UIO_READ, uio); 484 485 s = splimp(); 486 d->bd_fbuf = d->bd_hbuf; 487 d->bd_hbuf = 0; 488 d->bd_hlen = 0; 489 splx(s); 490 491 return (error); 492} 493 494 495/* 496 * If there are processes sleeping on this descriptor, wake them up. 497 */ 498static inline void 499bpf_wakeup(d) 500 register struct bpf_d *d; 501{ 502 struct proc *p; 503 504 wakeup((caddr_t)d); 505 if (d->bd_async && d->bd_sig) 506 if (d->bd_pgid > 0) 507 gsignal (d->bd_pgid, d->bd_sig); 508 else if (p = pfind (-d->bd_pgid)) 509 psignal (p, d->bd_sig); 510 511#if BSD >= 199103 512 selwakeup(&d->bd_sel); 513 /* XXX */ 514 d->bd_sel.si_pid = 0; 515#else 516 if (d->bd_selproc) { 517 selwakeup(d->bd_selproc, (int)d->bd_selcoll); 518 d->bd_selcoll = 0; 519 d->bd_selproc = 0; 520 } 521#endif 522} 523 524int 525bpfwrite(dev, uio) 526 dev_t dev; 527 struct uio *uio; 528{ 529 register struct bpf_d *d = &bpf_dtab[minor(dev)]; 530 struct ifnet *ifp; 531 struct mbuf *m; 532 int error, s; 533 static struct sockaddr dst; 534 int datlen; 535 536 if (d->bd_bif == 0) 537 return (ENXIO); 538 539 ifp = d->bd_bif->bif_ifp; 540 541 if (uio->uio_resid == 0) 542 return (0); 543 544 error = bpf_movein(uio, (int)d->bd_bif->bif_dlt, &m, &dst, &datlen); 545 if (error) 546 return (error); 547 548 if (datlen > ifp->if_mtu) 549 return (EMSGSIZE); 550 551 s = splnet(); 552#if BSD >= 199103 553 error = (*ifp->if_output)(ifp, m, &dst, (struct rtentry *)0); 554#else 555 error = (*ifp->if_output)(ifp, m, &dst); 556#endif 557 splx(s); 558 /* 559 * The driver frees the mbuf. 560 */ 561 return (error); 562} 563 564/* 565 * Reset a descriptor by flushing its packet buffer and clearing the 566 * receive and drop counts. Should be called at splimp. 567 */ 568static void 569reset_d(d) 570 struct bpf_d *d; 571{ 572 if (d->bd_hbuf) { 573 /* Free the hold buffer. */ 574 d->bd_fbuf = d->bd_hbuf; 575 d->bd_hbuf = 0; 576 } 577 d->bd_slen = 0; 578 d->bd_hlen = 0; 579 d->bd_rcount = 0; 580 d->bd_dcount = 0; 581} 582 583/* 584 * FIONREAD Check for read packet available. 585 * SIOCGIFADDR Get interface address - convenient hook to driver. 586 * BIOCGBLEN Get buffer len [for read()]. 587 * BIOCSETF Set ethernet read filter. 588 * BIOCFLUSH Flush read packet buffer. 589 * BIOCPROMISC Put interface into promiscuous mode. 590 * BIOCGDLT Get link layer type. 591 * BIOCGETIF Get interface name. 592 * BIOCSETIF Set interface. 593 * BIOCSRTIMEOUT Set read timeout. 594 * BIOCGRTIMEOUT Get read timeout. 595 * BIOCGSTATS Get packet stats. 596 * BIOCIMMEDIATE Set immediate mode. 597 * BIOCVERSION Get filter language version. 598 */ 599/* ARGSUSED */ 600int 601bpfioctl(dev, cmd, addr, flag) 602 dev_t dev; 603 int cmd; 604 caddr_t addr; 605 int flag; 606{ 607 register struct bpf_d *d = &bpf_dtab[minor(dev)]; 608 int s, error = 0; 609 610 switch (cmd) { 611 612 default: 613 error = EINVAL; 614 break; 615 616 /* 617 * Check for read packet available. 618 */ 619 case FIONREAD: 620 { 621 int n; 622 623 s = splimp(); 624 n = d->bd_slen; 625 if (d->bd_hbuf) 626 n += d->bd_hlen; 627 splx(s); 628 629 *(int *)addr = n; 630 break; 631 } 632 633 case SIOCGIFADDR: 634 { 635 struct ifnet *ifp; 636 637 if (d->bd_bif == 0) 638 error = EINVAL; 639 else { 640 ifp = d->bd_bif->bif_ifp; 641 error = (*ifp->if_ioctl)(ifp, cmd, addr); 642 } 643 break; 644 } 645 646 /* 647 * Get buffer len [for read()]. 648 */ 649 case BIOCGBLEN: 650 *(u_int *)addr = d->bd_bufsize; 651 break; 652 653 /* 654 * Set buffer length. 655 */ 656 case BIOCSBLEN: 657#if BSD < 199103 658 error = EINVAL; 659#else 660 if (d->bd_bif != 0) 661 error = EINVAL; 662 else { 663 register u_int size = *(u_int *)addr; 664 665 if (size > BPF_MAXBUFSIZE) 666 *(u_int *)addr = size = BPF_MAXBUFSIZE; 667 else if (size < BPF_MINBUFSIZE) 668 *(u_int *)addr = size = BPF_MINBUFSIZE; 669 d->bd_bufsize = size; 670 } 671#endif 672 break; 673 674 /* 675 * Set link layer read filter. 676 */ 677 case BIOCSETF: 678 error = bpf_setf(d, (struct bpf_program *)addr); 679 break; 680 681 /* 682 * Flush read packet buffer. 683 */ 684 case BIOCFLUSH: 685 s = splimp(); 686 reset_d(d); 687 splx(s); 688 break; 689 690 /* 691 * Put interface into promiscuous mode. 692 */ 693 case BIOCPROMISC: 694 if (d->bd_bif == 0) { 695 /* 696 * No interface attached yet. 697 */ 698 error = EINVAL; 699 break; 700 } 701 s = splimp(); 702 if (d->bd_promisc == 0) { 703 error = ifpromisc(d->bd_bif->bif_ifp, 1); 704 if (error == 0) 705 d->bd_promisc = 1; 706 } 707 splx(s); 708 break; 709 710 /* 711 * Get device parameters. 712 */ 713 case BIOCGDLT: 714 if (d->bd_bif == 0) 715 error = EINVAL; 716 else 717 *(u_int *)addr = d->bd_bif->bif_dlt; 718 break; 719 720 /* 721 * Set interface name. 722 */ 723 case BIOCGETIF: 724 if (d->bd_bif == 0) 725 error = EINVAL; 726 else 727 bpf_ifname(d->bd_bif->bif_ifp, (struct ifreq *)addr); 728 break; 729 730 /* 731 * Set interface. 732 */ 733 case BIOCSETIF: 734 error = bpf_setif(d, (struct ifreq *)addr); 735 break; 736 737 /* 738 * Set read timeout. 739 */ 740 case BIOCSRTIMEOUT: 741 { 742 struct timeval *tv = (struct timeval *)addr; 743 u_long msec; 744 745 /* Compute number of milliseconds. */ 746 msec = tv->tv_sec * 1000 + tv->tv_usec / 1000; 747 /* Scale milliseconds to ticks. Assume hard 748 clock has millisecond or greater resolution 749 (i.e. tick >= 1000). For 10ms hardclock, 750 tick/1000 = 10, so rtout<-msec/10. */ 751 d->bd_rtout = msec / (tick / 1000); 752 break; 753 } 754 755 /* 756 * Get read timeout. 757 */ 758 case BIOCGRTIMEOUT: 759 { 760 struct timeval *tv = (struct timeval *)addr; 761 u_long msec = d->bd_rtout; 762 763 msec *= tick / 1000; 764 tv->tv_sec = msec / 1000; 765 tv->tv_usec = msec % 1000; 766 break; 767 } 768 769 /* 770 * Get packet stats. 771 */ 772 case BIOCGSTATS: 773 { 774 struct bpf_stat *bs = (struct bpf_stat *)addr; 775 776 bs->bs_recv = d->bd_rcount; 777 bs->bs_drop = d->bd_dcount; 778 break; 779 } 780 781 /* 782 * Set immediate mode. 783 */ 784 case BIOCIMMEDIATE: 785 d->bd_immediate = *(u_int *)addr; 786 break; 787 788 case BIOCVERSION: 789 { 790 struct bpf_version *bv = (struct bpf_version *)addr; 791 792 bv->bv_major = BPF_MAJOR_VERSION; 793 bv->bv_minor = BPF_MINOR_VERSION; 794 break; 795 } 796 797 798 case FIONBIO: /* Non-blocking I/O */ 799 if (*(int *)addr) 800 d->bd_rtout = -1; 801 else 802 d->bd_rtout = 0; 803 break; 804 805 case FIOASYNC: /* Send signal on receive packets */ 806 d->bd_async = *(int *)addr; 807 break; 808 809/* N.B. ioctl (FIOSETOWN) and fcntl (F_SETOWN) both end up doing the 810 equivalent of a TIOCSPGRP and hence end up here. *However* TIOCSPGRP's arg 811 is a process group if it's positive and a process id if it's negative. This 812 is exactly the opposite of what the other two functions want! Therefore 813 there is code in ioctl and fcntl to negate the arg before calling here. */ 814 815 case TIOCSPGRP: /* Process or group to send signals to */ 816 d->bd_pgid = *(int *)addr; 817 break; 818 819 case TIOCGPGRP: 820 *(int *)addr = d->bd_pgid; 821 break; 822 823 case BIOCSRSIG: /* Set receive signal */ 824 { 825 u_int sig; 826 827 sig = *(u_int *)addr; 828 829 if (sig >= NSIG) 830 error = EINVAL; 831 else 832 d->bd_sig = sig; 833 break; 834 } 835 case BIOCGRSIG: 836 *(u_int *)addr = d->bd_sig; 837 break; 838 } 839 return (error); 840} 841 842/* 843 * Set d's packet filter program to fp. If this file already has a filter, 844 * free it and replace it. Returns EINVAL for bogus requests. 845 */ 846int 847bpf_setf(d, fp) 848 struct bpf_d *d; 849 struct bpf_program *fp; 850{ 851 struct bpf_insn *fcode, *old; 852 u_int flen, size; 853 int s; 854 855 old = d->bd_filter; 856 if (fp->bf_insns == 0) { 857 if (fp->bf_len != 0) 858 return (EINVAL); 859 s = splimp(); 860 d->bd_filter = 0; 861 reset_d(d); 862 splx(s); 863 if (old != 0) 864 free((caddr_t)old, M_DEVBUF); 865 return (0); 866 } 867 flen = fp->bf_len; 868 if (flen > BPF_MAXINSNS) 869 return (EINVAL); 870 871 size = flen * sizeof(*fp->bf_insns); 872 fcode = (struct bpf_insn *)malloc(size, M_DEVBUF, M_WAITOK); 873 if (copyin((caddr_t)fp->bf_insns, (caddr_t)fcode, size) == 0 && 874 bpf_validate(fcode, (int)flen)) { 875 s = splimp(); 876 d->bd_filter = fcode; 877 reset_d(d); 878 splx(s); 879 if (old != 0) 880 free((caddr_t)old, M_DEVBUF); 881 882 return (0); 883 } 884 free((caddr_t)fcode, M_DEVBUF); 885 return (EINVAL); 886} 887 888/* 889 * Detach a file from its current interface (if attached at all) and attach 890 * to the interface indicated by the name stored in ifr. 891 * Return an errno or 0. 892 */ 893static int 894bpf_setif(d, ifr) 895 struct bpf_d *d; 896 struct ifreq *ifr; 897{ 898 struct bpf_if *bp; 899 char *cp; 900 int unit, s, error; 901 902 /* 903 * Separate string into name part and unit number. Put a null 904 * byte at the end of the name part, and compute the number. 905 * If the a unit number is unspecified, the default is 0, 906 * as initialized above. XXX This should be common code. 907 */ 908 unit = 0; 909 cp = ifr->ifr_name; 910 cp[sizeof(ifr->ifr_name) - 1] = '\0'; 911 while (*cp++) { 912 if (*cp >= '0' && *cp <= '9') { 913 unit = *cp - '0'; 914 *cp++ = '\0'; 915 while (*cp) 916 unit = 10 * unit + *cp++ - '0'; 917 break; 918 } 919 } 920 /* 921 * Look through attached interfaces for the named one. 922 */ 923 for (bp = bpf_iflist; bp != 0; bp = bp->bif_next) { 924 struct ifnet *ifp = bp->bif_ifp; 925 926 if (ifp == 0 || unit != ifp->if_unit 927 || strcmp(ifp->if_name, ifr->ifr_name) != 0) 928 continue; 929 /* 930 * We found the requested interface. 931 * If it's not up, return an error. 932 * Allocate the packet buffers if we need to. 933 * If we're already attached to requested interface, 934 * just flush the buffer. 935 */ 936 if ((ifp->if_flags & IFF_UP) == 0) 937 return (ENETDOWN); 938 939 if (d->bd_sbuf == 0) { 940 error = bpf_allocbufs(d); 941 if (error != 0) 942 return (error); 943 } 944 s = splimp(); 945 if (bp != d->bd_bif) { 946 if (d->bd_bif) 947 /* 948 * Detach if attached to something else. 949 */ 950 bpf_detachd(d); 951 952 bpf_attachd(d, bp); 953 } 954 reset_d(d); 955 splx(s); 956 return (0); 957 } 958 /* Not found. */ 959 return (ENXIO); 960} 961 962/* 963 * Convert an interface name plus unit number of an ifp to a single 964 * name which is returned in the ifr. 965 */ 966static void 967bpf_ifname(ifp, ifr) 968 struct ifnet *ifp; 969 struct ifreq *ifr; 970{ 971 char *s = ifp->if_name; 972 char *d = ifr->ifr_name; 973 974 while (*d++ = *s++) 975 continue; 976 /* XXX Assume that unit number is less than 10. */ 977 *d++ = ifp->if_unit + '0'; 978 *d = '\0'; 979} 980 981/* 982 * The new select interface passes down the proc pointer; the old select 983 * stubs had to grab it out of the user struct. This glue allows either case. 984 */ 985#if BSD >= 199103 986#define bpf_select bpfselect 987#else 988int 989bpfselect(dev, rw) 990 register dev_t dev; 991 int rw; 992{ 993 return (bpf_select(dev, rw, u.u_procp)); 994} 995#endif 996 997/* 998 * Support for select() system call 999 * 1000 * Return true iff the specific operation will not block indefinitely. 1001 * Otherwise, return false but make a note that a selwakeup() must be done. 1002 */ 1003int 1004bpf_select(dev, rw, p) 1005 register dev_t dev; 1006 int rw; 1007 struct proc *p; 1008{ 1009 register struct bpf_d *d; 1010 register int s; 1011 1012 if (rw != FREAD) 1013 return (0); 1014 /* 1015 * An imitation of the FIONREAD ioctl code. 1016 */ 1017 d = &bpf_dtab[minor(dev)]; 1018 1019 s = splimp(); 1020 if (d->bd_hlen != 0 || (d->bd_immediate && d->bd_slen != 0)) { 1021 /* 1022 * There is data waiting. 1023 */ 1024 splx(s); 1025 return (1); 1026 } 1027#if BSD >= 199103 1028 selrecord(p, &d->bd_sel); 1029#else 1030 /* 1031 * No data ready. If there's already a select() waiting on this 1032 * minor device then this is a collision. This shouldn't happen 1033 * because minors really should not be shared, but if a process 1034 * forks while one of these is open, it is possible that both 1035 * processes could select on the same descriptor. 1036 */ 1037 if (d->bd_selproc && d->bd_selproc->p_wchan == (caddr_t)&selwait) 1038 d->bd_selcoll = 1; 1039 else 1040 d->bd_selproc = p; 1041#endif 1042 splx(s); 1043 return (0); 1044} 1045 1046/* 1047 * Incoming linkage from device drivers. Process the packet pkt, of length 1048 * pktlen, which is stored in a contiguous buffer. The packet is parsed 1049 * by each process' filter, and if accepted, stashed into the corresponding 1050 * buffer. 1051 */ 1052void 1053bpf_tap(arg, pkt, pktlen) 1054 caddr_t arg; 1055 register u_char *pkt; 1056 register u_int pktlen; 1057{ 1058 struct bpf_if *bp; 1059 register struct bpf_d *d; 1060 register u_int slen; 1061 /* 1062 * Note that the ipl does not have to be raised at this point. 1063 * The only problem that could arise here is that if two different 1064 * interfaces shared any data. This is not the case. 1065 */ 1066 bp = (struct bpf_if *)arg; 1067 for (d = bp->bif_dlist; d != 0; d = d->bd_next) { 1068 ++d->bd_rcount; 1069 slen = bpf_filter(d->bd_filter, pkt, pktlen, pktlen); 1070 if (slen != 0) 1071 catchpacket(d, pkt, pktlen, slen, bcopy); 1072 } 1073} 1074 1075/* 1076 * Copy data from an mbuf chain into a buffer. This code is derived 1077 * from m_copydata in sys/uipc_mbuf.c. 1078 */ 1079static void 1080bpf_mcopy(src_arg, dst_arg, len) 1081 const void *src_arg; 1082 void *dst_arg; 1083 register u_int len; 1084{ 1085 register const struct mbuf *m; 1086 register u_int count; 1087 u_char *dst; 1088 1089 m = src_arg; 1090 dst = dst_arg; 1091 while (len > 0) { 1092 if (m == 0) 1093 panic("bpf_mcopy"); 1094 count = min(m->m_len, len); 1095 (void)memcpy((caddr_t)dst, mtod(m, caddr_t), count); 1096 m = m->m_next; 1097 dst += count; 1098 len -= count; 1099 } 1100} 1101 1102/* 1103 * Incoming linkage from device drivers, when packet is in an mbuf chain. 1104 */ 1105void 1106bpf_mtap(arg, m) 1107 caddr_t arg; 1108 struct mbuf *m; 1109{ 1110 struct bpf_if *bp = (struct bpf_if *)arg; 1111 struct bpf_d *d; 1112 u_int pktlen, slen; 1113 struct mbuf *m0; 1114 1115 pktlen = 0; 1116 for (m0 = m; m0 != 0; m0 = m0->m_next) 1117 pktlen += m0->m_len; 1118 1119 for (d = bp->bif_dlist; d != 0; d = d->bd_next) { 1120 ++d->bd_rcount; 1121 slen = bpf_filter(d->bd_filter, (u_char *)m, pktlen, 0); 1122 if (slen != 0) 1123 catchpacket(d, (u_char *)m, pktlen, slen, bpf_mcopy); 1124 } 1125} 1126 1127/* 1128 * Move the packet data from interface memory (pkt) into the 1129 * store buffer. Return 1 if it's time to wakeup a listener (buffer full), 1130 * otherwise 0. "copy" is the routine called to do the actual data 1131 * transfer. bcopy is passed in to copy contiguous chunks, while 1132 * bpf_mcopy is passed in to copy mbuf chains. In the latter case, 1133 * pkt is really an mbuf. 1134 */ 1135static void 1136catchpacket(d, pkt, pktlen, snaplen, cpfn) 1137 register struct bpf_d *d; 1138 register u_char *pkt; 1139 register u_int pktlen, snaplen; 1140 register void (*cpfn)(const void *, void *, u_int); 1141{ 1142 register struct bpf_hdr *hp; 1143 register int totlen, curlen; 1144 register int hdrlen = d->bd_bif->bif_hdrlen; 1145 /* 1146 * Figure out how many bytes to move. If the packet is 1147 * greater or equal to the snapshot length, transfer that 1148 * much. Otherwise, transfer the whole packet (unless 1149 * we hit the buffer size limit). 1150 */ 1151 totlen = hdrlen + min(snaplen, pktlen); 1152 if (totlen > d->bd_bufsize) 1153 totlen = d->bd_bufsize; 1154 1155 /* 1156 * Round up the end of the previous packet to the next longword. 1157 */ 1158 curlen = BPF_WORDALIGN(d->bd_slen); 1159 if (curlen + totlen > d->bd_bufsize) { 1160 /* 1161 * This packet will overflow the storage buffer. 1162 * Rotate the buffers if we can, then wakeup any 1163 * pending reads. 1164 */ 1165 if (d->bd_fbuf == 0) { 1166 /* 1167 * We haven't completed the previous read yet, 1168 * so drop the packet. 1169 */ 1170 ++d->bd_dcount; 1171 return; 1172 } 1173 ROTATE_BUFFERS(d); 1174 bpf_wakeup(d); 1175 curlen = 0; 1176 } 1177 else if (d->bd_immediate) 1178 /* 1179 * Immediate mode is set. A packet arrived so any 1180 * reads should be woken up. 1181 */ 1182 bpf_wakeup(d); 1183 1184 /* 1185 * Append the bpf header. 1186 */ 1187 hp = (struct bpf_hdr *)(d->bd_sbuf + curlen); 1188#if BSD >= 199103 1189 microtime(&hp->bh_tstamp); 1190#elif defined(sun) 1191 uniqtime(&hp->bh_tstamp); 1192#else 1193 hp->bh_tstamp = time; 1194#endif 1195 hp->bh_datalen = pktlen; 1196 hp->bh_hdrlen = hdrlen; 1197 /* 1198 * Copy the packet data into the store buffer and update its length. 1199 */ 1200 (*cpfn)(pkt, (u_char *)hp + hdrlen, (hp->bh_caplen = totlen - hdrlen)); 1201 d->bd_slen = curlen + totlen; 1202} 1203 1204/* 1205 * Initialize all nonzero fields of a descriptor. 1206 */ 1207static int 1208bpf_allocbufs(d) 1209 register struct bpf_d *d; 1210{ 1211 d->bd_fbuf = (caddr_t)malloc(d->bd_bufsize, M_DEVBUF, M_WAITOK); 1212 if (d->bd_fbuf == 0) 1213 return (ENOBUFS); 1214 1215 d->bd_sbuf = (caddr_t)malloc(d->bd_bufsize, M_DEVBUF, M_WAITOK); 1216 if (d->bd_sbuf == 0) { 1217 free(d->bd_fbuf, M_DEVBUF); 1218 return (ENOBUFS); 1219 } 1220 d->bd_slen = 0; 1221 d->bd_hlen = 0; 1222 return (0); 1223} 1224 1225/* 1226 * Free buffers currently in use by a descriptor. 1227 * Called on close. 1228 */ 1229static void 1230bpf_freed(d) 1231 register struct bpf_d *d; 1232{ 1233 /* 1234 * We don't need to lock out interrupts since this descriptor has 1235 * been detached from its interface and it yet hasn't been marked 1236 * free. 1237 */ 1238 if (d->bd_sbuf != 0) { 1239 free(d->bd_sbuf, M_DEVBUF); 1240 if (d->bd_hbuf != 0) 1241 free(d->bd_hbuf, M_DEVBUF); 1242 if (d->bd_fbuf != 0) 1243 free(d->bd_fbuf, M_DEVBUF); 1244 } 1245 if (d->bd_filter) 1246 free((caddr_t)d->bd_filter, M_DEVBUF); 1247 1248 D_MARKFREE(d); 1249} 1250 1251/* 1252 * Attach an interface to bpf. driverp is a pointer to a (struct bpf_if *) 1253 * in the driver's softc; dlt is the link layer type; hdrlen is the fixed 1254 * size of the link header (variable length headers not yet supported). 1255 */ 1256void 1257bpfattach(driverp, ifp, dlt, hdrlen) 1258 caddr_t *driverp; 1259 struct ifnet *ifp; 1260 u_int dlt, hdrlen; 1261{ 1262 struct bpf_if *bp; 1263 int i; 1264#if BSD < 199103 1265 static struct bpf_if bpf_ifs[NBPFILTER]; 1266 static int bpfifno; 1267 1268 bp = (bpfifno < NBPFILTER) ? &bpf_ifs[bpfifno++] : 0; 1269#else 1270 bp = (struct bpf_if *)malloc(sizeof(*bp), M_DEVBUF, M_DONTWAIT); 1271#endif 1272 if (bp == 0) 1273 panic("bpfattach"); 1274 1275 bp->bif_dlist = 0; 1276 bp->bif_driverp = (struct bpf_if **)driverp; 1277 bp->bif_ifp = ifp; 1278 bp->bif_dlt = dlt; 1279 1280 bp->bif_next = bpf_iflist; 1281 bpf_iflist = bp; 1282 1283 *bp->bif_driverp = 0; 1284 1285 /* 1286 * Compute the length of the bpf header. This is not necessarily 1287 * equal to SIZEOF_BPF_HDR because we want to insert spacing such 1288 * that the network layer header begins on a longword boundary (for 1289 * performance reasons and to alleviate alignment restrictions). 1290 */ 1291 bp->bif_hdrlen = BPF_WORDALIGN(hdrlen + SIZEOF_BPF_HDR) - hdrlen; 1292 1293 /* 1294 * Mark all the descriptors free if this hasn't been done. 1295 */ 1296 if (!D_ISFREE(&bpf_dtab[0])) 1297 for (i = 0; i < NBPFILTER; ++i) 1298 D_MARKFREE(&bpf_dtab[i]); 1299 1300 printf("bpf: %s%d attached\n", ifp->if_name, ifp->if_unit); 1301} 1302 1303#if BSD >= 199103 1304/* XXX This routine belongs in net/if.c. */ 1305/* 1306 * Set/clear promiscuous mode on interface ifp based on the truth value 1307 * of pswitch. The calls are reference counted so that only the first 1308 * "on" request actually has an effect, as does the final "off" request. 1309 * Results are undefined if the "off" and "on" requests are not matched. 1310 */ 1311int 1312ifpromisc(ifp, pswitch) 1313 struct ifnet *ifp; 1314 int pswitch; 1315{ 1316 struct ifreq ifr; 1317 1318 if (pswitch) { 1319 /* 1320 * If the device is not configured up, we cannot put it in 1321 * promiscuous mode. 1322 */ 1323 if ((ifp->if_flags & IFF_UP) == 0) 1324 return (ENETDOWN); 1325 if (ifp->if_pcount++ != 0) 1326 return (0); 1327 ifp->if_flags |= IFF_PROMISC; 1328 } else { 1329 if (--ifp->if_pcount > 0) 1330 return (0); 1331 ifp->if_flags &= ~IFF_PROMISC; 1332 } 1333 ifr.ifr_flags = ifp->if_flags; 1334 return ((*ifp->if_ioctl)(ifp, SIOCSIFFLAGS, (caddr_t)&ifr)); 1335} 1336#endif 1337 1338#if BSD < 199103 1339/* 1340 * Allocate some memory for bpf. This is temporary SunOS support, and 1341 * is admittedly a hack. 1342 * If resources unavaiable, return 0. 1343 */ 1344static caddr_t 1345bpf_alloc(size, canwait) 1346 register int size; 1347 register int canwait; 1348{ 1349 register struct mbuf *m; 1350 1351 if ((unsigned)size > (MCLBYTES-8)) 1352 return 0; 1353 1354 MGET(m, canwait, MT_DATA); 1355 if (m == 0) 1356 return 0; 1357 if ((unsigned)size > (MLEN-8)) { 1358 MCLGET(m); 1359 if (m->m_len != MCLBYTES) { 1360 m_freem(m); 1361 return 0; 1362 } 1363 } 1364 *mtod(m, struct mbuf **) = m; 1365 return mtod(m, caddr_t) + 8; 1366} 1367#endif 1368#endif 1369