if_tun.c revision 194252
1/* $NetBSD: if_tun.c,v 1.14 1994/06/29 06:36:25 cgd Exp $ */ 2 3/*- 4 * Copyright (c) 1988, Julian Onions <jpo@cs.nott.ac.uk> 5 * Nottingham University 1987. 6 * 7 * This source may be freely distributed, however I would be interested 8 * in any changes that are made. 9 * 10 * This driver takes packets off the IP i/f and hands them up to a 11 * user process to have its wicked way with. This driver has it's 12 * roots in a similar driver written by Phil Cockcroft (formerly) at 13 * UCL. This driver is based much more on read/write/poll mode of 14 * operation though. 15 * 16 * $FreeBSD: head/sys/net/if_tun.c 194252 2009-06-15 19:01:53Z jamie $ 17 */ 18 19#include "opt_atalk.h" 20#include "opt_inet.h" 21#include "opt_inet6.h" 22#include "opt_ipx.h" 23 24#include <sys/param.h> 25#include <sys/priv.h> 26#include <sys/proc.h> 27#include <sys/systm.h> 28#include <sys/mbuf.h> 29#include <sys/module.h> 30#include <sys/socket.h> 31#include <sys/fcntl.h> 32#include <sys/filio.h> 33#include <sys/sockio.h> 34#include <sys/ttycom.h> 35#include <sys/poll.h> 36#include <sys/selinfo.h> 37#include <sys/signalvar.h> 38#include <sys/filedesc.h> 39#include <sys/kernel.h> 40#include <sys/sysctl.h> 41#include <sys/conf.h> 42#include <sys/uio.h> 43#include <sys/malloc.h> 44#include <sys/random.h> 45#include <sys/vimage.h> 46 47#include <net/if.h> 48#include <net/if_clone.h> 49#include <net/if_types.h> 50#include <net/netisr.h> 51#include <net/route.h> 52#ifdef INET 53#include <netinet/in.h> 54#endif 55#include <net/bpf.h> 56#include <net/if_tun.h> 57 58#include <sys/queue.h> 59#include <sys/condvar.h> 60 61#include <security/mac/mac_framework.h> 62 63/* 64 * tun_list is protected by global tunmtx. Other mutable fields are 65 * protected by tun->tun_mtx, or by their owning subsystem. tun_dev is 66 * static for the duration of a tunnel interface. 67 */ 68struct tun_softc { 69 TAILQ_ENTRY(tun_softc) tun_list; 70 struct cdev *tun_dev; 71 u_short tun_flags; /* misc flags */ 72#define TUN_OPEN 0x0001 73#define TUN_INITED 0x0002 74#define TUN_RCOLL 0x0004 75#define TUN_IASET 0x0008 76#define TUN_DSTADDR 0x0010 77#define TUN_LMODE 0x0020 78#define TUN_RWAIT 0x0040 79#define TUN_ASYNC 0x0080 80#define TUN_IFHEAD 0x0100 81 82#define TUN_READY (TUN_OPEN | TUN_INITED) 83 84 /* 85 * XXXRW: tun_pid is used to exclusively lock /dev/tun. Is this 86 * actually needed? Can we just return EBUSY if already open? 87 * Problem is that this involved inherent races when a tun device 88 * is handed off from one process to another, as opposed to just 89 * being slightly stale informationally. 90 */ 91 pid_t tun_pid; /* owning pid */ 92 struct ifnet *tun_ifp; /* the interface */ 93 struct sigio *tun_sigio; /* information for async I/O */ 94 struct selinfo tun_rsel; /* read select */ 95 struct mtx tun_mtx; /* protect mutable softc fields */ 96 struct cv tun_cv; /* protect against ref'd dev destroy */ 97}; 98#define TUN2IFP(sc) ((sc)->tun_ifp) 99 100#define TUNDEBUG if (tundebug) if_printf 101#define TUNNAME "tun" 102 103/* 104 * All mutable global variables in if_tun are locked using tunmtx, with 105 * the exception of tundebug, which is used unlocked, and tunclones, 106 * which is static after setup. 107 */ 108static struct mtx tunmtx; 109static MALLOC_DEFINE(M_TUN, TUNNAME, "Tunnel Interface"); 110static int tundebug = 0; 111static int tundclone = 1; 112static struct clonedevs *tunclones; 113static TAILQ_HEAD(,tun_softc) tunhead = TAILQ_HEAD_INITIALIZER(tunhead); 114SYSCTL_INT(_debug, OID_AUTO, if_tun_debug, CTLFLAG_RW, &tundebug, 0, ""); 115 116SYSCTL_DECL(_net_link); 117SYSCTL_NODE(_net_link, OID_AUTO, tun, CTLFLAG_RW, 0, 118 "IP tunnel software network interface."); 119SYSCTL_INT(_net_link_tun, OID_AUTO, devfs_cloning, CTLFLAG_RW, &tundclone, 0, 120 "Enable legacy devfs interface creation."); 121 122TUNABLE_INT("net.link.tun.devfs_cloning", &tundclone); 123 124static void tunclone(void *arg, struct ucred *cred, char *name, 125 int namelen, struct cdev **dev); 126static void tuncreate(const char *name, struct cdev *dev); 127static int tunifioctl(struct ifnet *, u_long, caddr_t); 128static int tuninit(struct ifnet *); 129static int tunmodevent(module_t, int, void *); 130static int tunoutput(struct ifnet *, struct mbuf *, struct sockaddr *, 131 struct route *ro); 132static void tunstart(struct ifnet *); 133 134static int tun_clone_create(struct if_clone *, int, caddr_t); 135static void tun_clone_destroy(struct ifnet *); 136 137IFC_SIMPLE_DECLARE(tun, 0); 138 139static d_open_t tunopen; 140static d_close_t tunclose; 141static d_read_t tunread; 142static d_write_t tunwrite; 143static d_ioctl_t tunioctl; 144static d_poll_t tunpoll; 145static d_kqfilter_t tunkqfilter; 146 147static int tunkqread(struct knote *, long); 148static int tunkqwrite(struct knote *, long); 149static void tunkqdetach(struct knote *); 150 151static struct filterops tun_read_filterops = { 152 .f_isfd = 1, 153 .f_attach = NULL, 154 .f_detach = tunkqdetach, 155 .f_event = tunkqread, 156}; 157 158static struct filterops tun_write_filterops = { 159 .f_isfd = 1, 160 .f_attach = NULL, 161 .f_detach = tunkqdetach, 162 .f_event = tunkqwrite, 163}; 164 165static struct cdevsw tun_cdevsw = { 166 .d_version = D_VERSION, 167 .d_flags = D_PSEUDO | D_NEEDGIANT | D_NEEDMINOR, 168 .d_open = tunopen, 169 .d_close = tunclose, 170 .d_read = tunread, 171 .d_write = tunwrite, 172 .d_ioctl = tunioctl, 173 .d_poll = tunpoll, 174 .d_kqfilter = tunkqfilter, 175 .d_name = TUNNAME, 176}; 177 178static int 179tun_clone_create(struct if_clone *ifc, int unit, caddr_t params) 180{ 181 struct cdev *dev; 182 int i; 183 184 /* find any existing device, or allocate new unit number */ 185 i = clone_create(&tunclones, &tun_cdevsw, &unit, &dev, 0); 186 if (i) { 187 /* No preexisting struct cdev *, create one */ 188 dev = make_dev(&tun_cdevsw, unit, 189 UID_UUCP, GID_DIALER, 0600, "%s%d", ifc->ifc_name, unit); 190 if (dev != NULL) { 191 dev_ref(dev); 192 dev->si_flags |= SI_CHEAPCLONE; 193 } 194 } 195 tuncreate(ifc->ifc_name, dev); 196 197 return (0); 198} 199 200static void 201tunclone(void *arg, struct ucred *cred, char *name, int namelen, 202 struct cdev **dev) 203{ 204 char devname[SPECNAMELEN + 1]; 205 int u, i, append_unit; 206 207 if (*dev != NULL) 208 return; 209 210 /* 211 * If tun cloning is enabled, only the superuser can create an 212 * interface. 213 */ 214 if (!tundclone || priv_check_cred(cred, PRIV_NET_IFCREATE, 0) != 0) 215 return; 216 217 if (strcmp(name, TUNNAME) == 0) { 218 u = -1; 219 } else if (dev_stdclone(name, NULL, TUNNAME, &u) != 1) 220 return; /* Don't recognise the name */ 221 if (u != -1 && u > IF_MAXUNIT) 222 return; /* Unit number too high */ 223 224 if (u == -1) 225 append_unit = 1; 226 else 227 append_unit = 0; 228 229 CURVNET_SET(CRED_TO_VNET(cred)); 230 /* find any existing device, or allocate new unit number */ 231 i = clone_create(&tunclones, &tun_cdevsw, &u, dev, 0); 232 if (i) { 233 if (append_unit) { 234 namelen = snprintf(devname, sizeof(devname), "%s%d", name, 235 u); 236 name = devname; 237 } 238 /* No preexisting struct cdev *, create one */ 239 *dev = make_dev(&tun_cdevsw, u, 240 UID_UUCP, GID_DIALER, 0600, "%s", name); 241 if (*dev != NULL) { 242 dev_ref(*dev); 243 (*dev)->si_flags |= SI_CHEAPCLONE; 244 } 245 } 246 247 if_clone_create(name, namelen, NULL); 248 CURVNET_RESTORE(); 249} 250 251static void 252tun_destroy(struct tun_softc *tp) 253{ 254 struct cdev *dev; 255 256 /* Unlocked read. */ 257 mtx_lock(&tp->tun_mtx); 258 if ((tp->tun_flags & TUN_OPEN) != 0) 259 cv_wait_unlock(&tp->tun_cv, &tp->tun_mtx); 260 else 261 mtx_unlock(&tp->tun_mtx); 262 263 CURVNET_SET(TUN2IFP(tp)->if_vnet); 264 dev = tp->tun_dev; 265 bpfdetach(TUN2IFP(tp)); 266 if_detach(TUN2IFP(tp)); 267 if_free(TUN2IFP(tp)); 268 destroy_dev(dev); 269 knlist_destroy(&tp->tun_rsel.si_note); 270 mtx_destroy(&tp->tun_mtx); 271 cv_destroy(&tp->tun_cv); 272 free(tp, M_TUN); 273 CURVNET_RESTORE(); 274} 275 276static void 277tun_clone_destroy(struct ifnet *ifp) 278{ 279 struct tun_softc *tp = ifp->if_softc; 280 281 mtx_lock(&tunmtx); 282 TAILQ_REMOVE(&tunhead, tp, tun_list); 283 mtx_unlock(&tunmtx); 284 tun_destroy(tp); 285} 286 287static int 288tunmodevent(module_t mod, int type, void *data) 289{ 290 static eventhandler_tag tag; 291 struct tun_softc *tp; 292 293 switch (type) { 294 case MOD_LOAD: 295 mtx_init(&tunmtx, "tunmtx", NULL, MTX_DEF); 296 clone_setup(&tunclones); 297 tag = EVENTHANDLER_REGISTER(dev_clone, tunclone, 0, 1000); 298 if (tag == NULL) 299 return (ENOMEM); 300 if_clone_attach(&tun_cloner); 301 break; 302 case MOD_UNLOAD: 303 if_clone_detach(&tun_cloner); 304 EVENTHANDLER_DEREGISTER(dev_clone, tag); 305 306 mtx_lock(&tunmtx); 307 while ((tp = TAILQ_FIRST(&tunhead)) != NULL) { 308 TAILQ_REMOVE(&tunhead, tp, tun_list); 309 mtx_unlock(&tunmtx); 310 tun_destroy(tp); 311 mtx_lock(&tunmtx); 312 } 313 mtx_unlock(&tunmtx); 314 clone_cleanup(&tunclones); 315 mtx_destroy(&tunmtx); 316 break; 317 default: 318 return EOPNOTSUPP; 319 } 320 return 0; 321} 322 323static moduledata_t tun_mod = { 324 "if_tun", 325 tunmodevent, 326 0 327}; 328 329DECLARE_MODULE(if_tun, tun_mod, SI_SUB_PSEUDO, SI_ORDER_ANY); 330 331static void 332tunstart(struct ifnet *ifp) 333{ 334 struct tun_softc *tp = ifp->if_softc; 335 struct mbuf *m; 336 337 TUNDEBUG(ifp,"%s starting\n", ifp->if_xname); 338 if (ALTQ_IS_ENABLED(&ifp->if_snd)) { 339 IFQ_LOCK(&ifp->if_snd); 340 IFQ_POLL_NOLOCK(&ifp->if_snd, m); 341 if (m == NULL) { 342 IFQ_UNLOCK(&ifp->if_snd); 343 return; 344 } 345 IFQ_UNLOCK(&ifp->if_snd); 346 } 347 348 mtx_lock(&tp->tun_mtx); 349 if (tp->tun_flags & TUN_RWAIT) { 350 tp->tun_flags &= ~TUN_RWAIT; 351 wakeup(tp); 352 } 353 if (tp->tun_flags & TUN_ASYNC && tp->tun_sigio) { 354 mtx_unlock(&tp->tun_mtx); 355 pgsigio(&tp->tun_sigio, SIGIO, 0); 356 } else 357 mtx_unlock(&tp->tun_mtx); 358 selwakeuppri(&tp->tun_rsel, PZERO + 1); 359 KNOTE_UNLOCKED(&tp->tun_rsel.si_note, 0); 360} 361 362/* XXX: should return an error code so it can fail. */ 363static void 364tuncreate(const char *name, struct cdev *dev) 365{ 366 struct tun_softc *sc; 367 struct ifnet *ifp; 368 369 dev->si_flags &= ~SI_CHEAPCLONE; 370 371 sc = malloc(sizeof(*sc), M_TUN, M_WAITOK | M_ZERO); 372 mtx_init(&sc->tun_mtx, "tun_mtx", NULL, MTX_DEF); 373 cv_init(&sc->tun_cv, "tun_condvar"); 374 sc->tun_flags = TUN_INITED; 375 sc->tun_dev = dev; 376 mtx_lock(&tunmtx); 377 TAILQ_INSERT_TAIL(&tunhead, sc, tun_list); 378 mtx_unlock(&tunmtx); 379 380 ifp = sc->tun_ifp = if_alloc(IFT_PPP); 381 if (ifp == NULL) 382 panic("%s%d: failed to if_alloc() interface.\n", 383 name, dev2unit(dev)); 384 if_initname(ifp, name, dev2unit(dev)); 385 ifp->if_mtu = TUNMTU; 386 ifp->if_ioctl = tunifioctl; 387 ifp->if_output = tunoutput; 388 ifp->if_start = tunstart; 389 ifp->if_flags = IFF_POINTOPOINT | IFF_MULTICAST; 390 ifp->if_softc = sc; 391 IFQ_SET_MAXLEN(&ifp->if_snd, ifqmaxlen); 392 ifp->if_snd.ifq_drv_maxlen = 0; 393 IFQ_SET_READY(&ifp->if_snd); 394 knlist_init_mtx(&sc->tun_rsel.si_note, NULL); 395 396 if_attach(ifp); 397 bpfattach(ifp, DLT_NULL, sizeof(u_int32_t)); 398 dev->si_drv1 = sc; 399 TUNDEBUG(ifp, "interface %s is created, minor = %#x\n", 400 ifp->if_xname, dev2unit(dev)); 401} 402 403static int 404tunopen(struct cdev *dev, int flag, int mode, struct thread *td) 405{ 406 struct ifnet *ifp; 407 struct tun_softc *tp; 408 409 /* 410 * XXXRW: Non-atomic test and set of dev->si_drv1 requires 411 * synchronization. 412 */ 413 tp = dev->si_drv1; 414 if (!tp) { 415 tuncreate(TUNNAME, dev); 416 tp = dev->si_drv1; 417 } 418 419 /* 420 * XXXRW: This use of tun_pid is subject to error due to the 421 * fact that a reference to the tunnel can live beyond the 422 * death of the process that created it. Can we replace this 423 * with a simple busy flag? 424 */ 425 mtx_lock(&tp->tun_mtx); 426 if (tp->tun_pid != 0 && tp->tun_pid != td->td_proc->p_pid) { 427 mtx_unlock(&tp->tun_mtx); 428 return (EBUSY); 429 } 430 tp->tun_pid = td->td_proc->p_pid; 431 432 tp->tun_flags |= TUN_OPEN; 433 mtx_unlock(&tp->tun_mtx); 434 ifp = TUN2IFP(tp); 435 if_link_state_change(ifp, LINK_STATE_UP); 436 TUNDEBUG(ifp, "open\n"); 437 438 return (0); 439} 440 441/* 442 * tunclose - close the device - mark i/f down & delete 443 * routing info 444 */ 445static int 446tunclose(struct cdev *dev, int foo, int bar, struct thread *td) 447{ 448 struct tun_softc *tp; 449 struct ifnet *ifp; 450 int s; 451 452 tp = dev->si_drv1; 453 ifp = TUN2IFP(tp); 454 455 mtx_lock(&tp->tun_mtx); 456 tp->tun_flags &= ~TUN_OPEN; 457 tp->tun_pid = 0; 458 mtx_unlock(&tp->tun_mtx); 459 460 /* 461 * junk all pending output 462 */ 463 CURVNET_SET(ifp->if_vnet); 464 s = splimp(); 465 IFQ_PURGE(&ifp->if_snd); 466 splx(s); 467 468 if (ifp->if_flags & IFF_UP) { 469 s = splimp(); 470 if_down(ifp); 471 splx(s); 472 } 473 474 /* Delete all addresses and routes which reference this interface. */ 475 if (ifp->if_drv_flags & IFF_DRV_RUNNING) { 476 struct ifaddr *ifa; 477 478 s = splimp(); 479 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) { 480 /* deal w/IPv4 PtP destination; unlocked read */ 481 if (ifa->ifa_addr->sa_family == AF_INET) { 482 rtinit(ifa, (int)RTM_DELETE, 483 tp->tun_flags & TUN_DSTADDR ? RTF_HOST : 0); 484 } else { 485 rtinit(ifa, (int)RTM_DELETE, 0); 486 } 487 } 488 if_purgeaddrs(ifp); 489 ifp->if_drv_flags &= ~IFF_DRV_RUNNING; 490 splx(s); 491 } 492 if_link_state_change(ifp, LINK_STATE_DOWN); 493 CURVNET_RESTORE(); 494 495 mtx_lock(&tp->tun_mtx); 496 funsetown(&tp->tun_sigio); 497 selwakeuppri(&tp->tun_rsel, PZERO + 1); 498 KNOTE_UNLOCKED(&tp->tun_rsel.si_note, 0); 499 TUNDEBUG (ifp, "closed\n"); 500 501 cv_broadcast(&tp->tun_cv); 502 mtx_unlock(&tp->tun_mtx); 503 return (0); 504} 505 506static int 507tuninit(struct ifnet *ifp) 508{ 509#ifdef INET 510 struct tun_softc *tp = ifp->if_softc; 511 struct ifaddr *ifa; 512#endif 513 int error = 0; 514 515 TUNDEBUG(ifp, "tuninit\n"); 516 517 ifp->if_flags |= IFF_UP; 518 ifp->if_drv_flags |= IFF_DRV_RUNNING; 519 getmicrotime(&ifp->if_lastchange); 520 521#ifdef INET 522 IF_ADDR_LOCK(ifp); 523 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) { 524 if (ifa->ifa_addr->sa_family == AF_INET) { 525 struct sockaddr_in *si; 526 527 si = (struct sockaddr_in *)ifa->ifa_addr; 528 mtx_lock(&tp->tun_mtx); 529 if (si->sin_addr.s_addr) 530 tp->tun_flags |= TUN_IASET; 531 532 si = (struct sockaddr_in *)ifa->ifa_dstaddr; 533 if (si && si->sin_addr.s_addr) 534 tp->tun_flags |= TUN_DSTADDR; 535 mtx_unlock(&tp->tun_mtx); 536 } 537 } 538 IF_ADDR_UNLOCK(ifp); 539#endif 540 return (error); 541} 542 543/* 544 * Process an ioctl request. 545 */ 546static int 547tunifioctl(struct ifnet *ifp, u_long cmd, caddr_t data) 548{ 549 struct ifreq *ifr = (struct ifreq *)data; 550 struct tun_softc *tp = ifp->if_softc; 551 struct ifstat *ifs; 552 int error = 0, s; 553 554 s = splimp(); 555 switch(cmd) { 556 case SIOCGIFSTATUS: 557 ifs = (struct ifstat *)data; 558 mtx_lock(&tp->tun_mtx); 559 if (tp->tun_pid) 560 sprintf(ifs->ascii + strlen(ifs->ascii), 561 "\tOpened by PID %d\n", tp->tun_pid); 562 mtx_unlock(&tp->tun_mtx); 563 break; 564 case SIOCSIFADDR: 565 error = tuninit(ifp); 566 TUNDEBUG(ifp, "address set, error=%d\n", error); 567 break; 568 case SIOCSIFDSTADDR: 569 error = tuninit(ifp); 570 TUNDEBUG(ifp, "destination address set, error=%d\n", error); 571 break; 572 case SIOCSIFMTU: 573 ifp->if_mtu = ifr->ifr_mtu; 574 TUNDEBUG(ifp, "mtu set\n"); 575 break; 576 case SIOCSIFFLAGS: 577 case SIOCADDMULTI: 578 case SIOCDELMULTI: 579 break; 580 default: 581 error = EINVAL; 582 } 583 splx(s); 584 return (error); 585} 586 587/* 588 * tunoutput - queue packets from higher level ready to put out. 589 */ 590static int 591tunoutput( 592 struct ifnet *ifp, 593 struct mbuf *m0, 594 struct sockaddr *dst, 595 struct route *ro) 596{ 597 struct tun_softc *tp = ifp->if_softc; 598 u_short cached_tun_flags; 599 int error; 600 u_int32_t af; 601 602 TUNDEBUG (ifp, "tunoutput\n"); 603 604#ifdef MAC 605 error = mac_ifnet_check_transmit(ifp, m0); 606 if (error) { 607 m_freem(m0); 608 return (error); 609 } 610#endif 611 612 /* Could be unlocked read? */ 613 mtx_lock(&tp->tun_mtx); 614 cached_tun_flags = tp->tun_flags; 615 mtx_unlock(&tp->tun_mtx); 616 if ((cached_tun_flags & TUN_READY) != TUN_READY) { 617 TUNDEBUG (ifp, "not ready 0%o\n", tp->tun_flags); 618 m_freem (m0); 619 return (EHOSTDOWN); 620 } 621 622 if ((ifp->if_flags & IFF_UP) != IFF_UP) { 623 m_freem (m0); 624 return (EHOSTDOWN); 625 } 626 627 /* BPF writes need to be handled specially. */ 628 if (dst->sa_family == AF_UNSPEC) { 629 bcopy(dst->sa_data, &af, sizeof(af)); 630 dst->sa_family = af; 631 } 632 633 if (bpf_peers_present(ifp->if_bpf)) { 634 af = dst->sa_family; 635 bpf_mtap2(ifp->if_bpf, &af, sizeof(af), m0); 636 } 637 638 /* prepend sockaddr? this may abort if the mbuf allocation fails */ 639 if (cached_tun_flags & TUN_LMODE) { 640 /* allocate space for sockaddr */ 641 M_PREPEND(m0, dst->sa_len, M_DONTWAIT); 642 643 /* if allocation failed drop packet */ 644 if (m0 == NULL) { 645 ifp->if_iqdrops++; 646 ifp->if_oerrors++; 647 return (ENOBUFS); 648 } else { 649 bcopy(dst, m0->m_data, dst->sa_len); 650 } 651 } 652 653 if (cached_tun_flags & TUN_IFHEAD) { 654 /* Prepend the address family */ 655 M_PREPEND(m0, 4, M_DONTWAIT); 656 657 /* if allocation failed drop packet */ 658 if (m0 == NULL) { 659 ifp->if_iqdrops++; 660 ifp->if_oerrors++; 661 return (ENOBUFS); 662 } else 663 *(u_int32_t *)m0->m_data = htonl(dst->sa_family); 664 } else { 665#ifdef INET 666 if (dst->sa_family != AF_INET) 667#endif 668 { 669 m_freem(m0); 670 return (EAFNOSUPPORT); 671 } 672 } 673 674 error = (ifp->if_transmit)(ifp, m0); 675 if (error) { 676 ifp->if_collisions++; 677 return (ENOBUFS); 678 } 679 ifp->if_opackets++; 680 return (0); 681} 682 683/* 684 * the cdevsw interface is now pretty minimal. 685 */ 686static int 687tunioctl(struct cdev *dev, u_long cmd, caddr_t data, int flag, struct thread *td) 688{ 689 int s; 690 int error; 691 struct tun_softc *tp = dev->si_drv1; 692 struct tuninfo *tunp; 693 694 switch (cmd) { 695 case TUNSIFINFO: 696 tunp = (struct tuninfo *)data; 697 if (tunp->mtu < IF_MINMTU) 698 return (EINVAL); 699 if (TUN2IFP(tp)->if_mtu != tunp->mtu) { 700 error = priv_check(td, PRIV_NET_SETIFMTU); 701 if (error) 702 return (error); 703 } 704 TUN2IFP(tp)->if_mtu = tunp->mtu; 705 TUN2IFP(tp)->if_type = tunp->type; 706 TUN2IFP(tp)->if_baudrate = tunp->baudrate; 707 break; 708 case TUNGIFINFO: 709 tunp = (struct tuninfo *)data; 710 tunp->mtu = TUN2IFP(tp)->if_mtu; 711 tunp->type = TUN2IFP(tp)->if_type; 712 tunp->baudrate = TUN2IFP(tp)->if_baudrate; 713 break; 714 case TUNSDEBUG: 715 tundebug = *(int *)data; 716 break; 717 case TUNGDEBUG: 718 *(int *)data = tundebug; 719 break; 720 case TUNSLMODE: 721 mtx_lock(&tp->tun_mtx); 722 if (*(int *)data) { 723 tp->tun_flags |= TUN_LMODE; 724 tp->tun_flags &= ~TUN_IFHEAD; 725 } else 726 tp->tun_flags &= ~TUN_LMODE; 727 mtx_unlock(&tp->tun_mtx); 728 break; 729 case TUNSIFHEAD: 730 mtx_lock(&tp->tun_mtx); 731 if (*(int *)data) { 732 tp->tun_flags |= TUN_IFHEAD; 733 tp->tun_flags &= ~TUN_LMODE; 734 } else 735 tp->tun_flags &= ~TUN_IFHEAD; 736 mtx_unlock(&tp->tun_mtx); 737 break; 738 case TUNGIFHEAD: 739 /* Could be unlocked read? */ 740 mtx_lock(&tp->tun_mtx); 741 *(int *)data = (tp->tun_flags & TUN_IFHEAD) ? 1 : 0; 742 mtx_unlock(&tp->tun_mtx); 743 break; 744 case TUNSIFMODE: 745 /* deny this if UP */ 746 if (TUN2IFP(tp)->if_flags & IFF_UP) 747 return(EBUSY); 748 749 switch (*(int *)data & ~IFF_MULTICAST) { 750 case IFF_POINTOPOINT: 751 case IFF_BROADCAST: 752 TUN2IFP(tp)->if_flags &= 753 ~(IFF_BROADCAST|IFF_POINTOPOINT|IFF_MULTICAST); 754 TUN2IFP(tp)->if_flags |= *(int *)data; 755 break; 756 default: 757 return(EINVAL); 758 } 759 break; 760 case TUNSIFPID: 761 mtx_lock(&tp->tun_mtx); 762 tp->tun_pid = curthread->td_proc->p_pid; 763 mtx_unlock(&tp->tun_mtx); 764 break; 765 case FIONBIO: 766 break; 767 case FIOASYNC: 768 mtx_lock(&tp->tun_mtx); 769 if (*(int *)data) 770 tp->tun_flags |= TUN_ASYNC; 771 else 772 tp->tun_flags &= ~TUN_ASYNC; 773 mtx_unlock(&tp->tun_mtx); 774 break; 775 case FIONREAD: 776 s = splimp(); 777 if (!IFQ_IS_EMPTY(&TUN2IFP(tp)->if_snd)) { 778 struct mbuf *mb; 779 IFQ_LOCK(&TUN2IFP(tp)->if_snd); 780 IFQ_POLL_NOLOCK(&TUN2IFP(tp)->if_snd, mb); 781 for( *(int *)data = 0; mb != 0; mb = mb->m_next) 782 *(int *)data += mb->m_len; 783 IFQ_UNLOCK(&TUN2IFP(tp)->if_snd); 784 } else 785 *(int *)data = 0; 786 splx(s); 787 break; 788 case FIOSETOWN: 789 return (fsetown(*(int *)data, &tp->tun_sigio)); 790 791 case FIOGETOWN: 792 *(int *)data = fgetown(&tp->tun_sigio); 793 return (0); 794 795 /* This is deprecated, FIOSETOWN should be used instead. */ 796 case TIOCSPGRP: 797 return (fsetown(-(*(int *)data), &tp->tun_sigio)); 798 799 /* This is deprecated, FIOGETOWN should be used instead. */ 800 case TIOCGPGRP: 801 *(int *)data = -fgetown(&tp->tun_sigio); 802 return (0); 803 804 default: 805 return (ENOTTY); 806 } 807 return (0); 808} 809 810/* 811 * The cdevsw read interface - reads a packet at a time, or at 812 * least as much of a packet as can be read. 813 */ 814static int 815tunread(struct cdev *dev, struct uio *uio, int flag) 816{ 817 struct tun_softc *tp = dev->si_drv1; 818 struct ifnet *ifp = TUN2IFP(tp); 819 struct mbuf *m; 820 int error=0, len, s; 821 822 TUNDEBUG (ifp, "read\n"); 823 mtx_lock(&tp->tun_mtx); 824 if ((tp->tun_flags & TUN_READY) != TUN_READY) { 825 mtx_unlock(&tp->tun_mtx); 826 TUNDEBUG (ifp, "not ready 0%o\n", tp->tun_flags); 827 return (EHOSTDOWN); 828 } 829 830 tp->tun_flags &= ~TUN_RWAIT; 831 mtx_unlock(&tp->tun_mtx); 832 833 s = splimp(); 834 do { 835 IFQ_DEQUEUE(&ifp->if_snd, m); 836 if (m == NULL) { 837 if (flag & O_NONBLOCK) { 838 splx(s); 839 return (EWOULDBLOCK); 840 } 841 mtx_lock(&tp->tun_mtx); 842 tp->tun_flags |= TUN_RWAIT; 843 mtx_unlock(&tp->tun_mtx); 844 if ((error = tsleep(tp, PCATCH | (PZERO + 1), 845 "tunread", 0)) != 0) { 846 splx(s); 847 return (error); 848 } 849 } 850 } while (m == NULL); 851 splx(s); 852 853 while (m && uio->uio_resid > 0 && error == 0) { 854 len = min(uio->uio_resid, m->m_len); 855 if (len != 0) 856 error = uiomove(mtod(m, void *), len, uio); 857 m = m_free(m); 858 } 859 860 if (m) { 861 TUNDEBUG(ifp, "Dropping mbuf\n"); 862 m_freem(m); 863 } 864 return (error); 865} 866 867/* 868 * the cdevsw write interface - an atomic write is a packet - or else! 869 */ 870static int 871tunwrite(struct cdev *dev, struct uio *uio, int flag) 872{ 873 struct tun_softc *tp = dev->si_drv1; 874 struct ifnet *ifp = TUN2IFP(tp); 875 struct mbuf *m; 876 int error = 0; 877 uint32_t family; 878 int isr; 879 880 TUNDEBUG(ifp, "tunwrite\n"); 881 882 if ((ifp->if_flags & IFF_UP) != IFF_UP) 883 /* ignore silently */ 884 return (0); 885 886 if (uio->uio_resid == 0) 887 return (0); 888 889 if (uio->uio_resid < 0 || uio->uio_resid > TUNMRU) { 890 TUNDEBUG(ifp, "len=%d!\n", uio->uio_resid); 891 return (EIO); 892 } 893 894 if ((m = m_uiotombuf(uio, M_DONTWAIT, 0, 0, M_PKTHDR)) == NULL) { 895 ifp->if_ierrors++; 896 return (error); 897 } 898 899 m->m_pkthdr.rcvif = ifp; 900#ifdef MAC 901 mac_ifnet_create_mbuf(ifp, m); 902#endif 903 904 /* Could be unlocked read? */ 905 mtx_lock(&tp->tun_mtx); 906 if (tp->tun_flags & TUN_IFHEAD) { 907 mtx_unlock(&tp->tun_mtx); 908 if (m->m_len < sizeof(family) && 909 (m = m_pullup(m, sizeof(family))) == NULL) 910 return (ENOBUFS); 911 family = ntohl(*mtod(m, u_int32_t *)); 912 m_adj(m, sizeof(family)); 913 } else { 914 mtx_unlock(&tp->tun_mtx); 915 family = AF_INET; 916 } 917 918 BPF_MTAP2(ifp, &family, sizeof(family), m); 919 920 switch (family) { 921#ifdef INET 922 case AF_INET: 923 isr = NETISR_IP; 924 break; 925#endif 926#ifdef INET6 927 case AF_INET6: 928 isr = NETISR_IPV6; 929 break; 930#endif 931#ifdef IPX 932 case AF_IPX: 933 isr = NETISR_IPX; 934 break; 935#endif 936#ifdef NETATALK 937 case AF_APPLETALK: 938 isr = NETISR_ATALK2; 939 break; 940#endif 941 default: 942 m_freem(m); 943 return (EAFNOSUPPORT); 944 } 945 /* First chunk of an mbuf contains good junk */ 946 if (harvest.point_to_point) 947 random_harvest(m, 16, 3, 0, RANDOM_NET); 948 ifp->if_ibytes += m->m_pkthdr.len; 949 ifp->if_ipackets++; 950 CURVNET_SET(ifp->if_vnet); 951 netisr_dispatch(isr, m); 952 CURVNET_RESTORE(); 953 return (0); 954} 955 956/* 957 * tunpoll - the poll interface, this is only useful on reads 958 * really. The write detect always returns true, write never blocks 959 * anyway, it either accepts the packet or drops it. 960 */ 961static int 962tunpoll(struct cdev *dev, int events, struct thread *td) 963{ 964 int s; 965 struct tun_softc *tp = dev->si_drv1; 966 struct ifnet *ifp = TUN2IFP(tp); 967 int revents = 0; 968 struct mbuf *m; 969 970 s = splimp(); 971 TUNDEBUG(ifp, "tunpoll\n"); 972 973 if (events & (POLLIN | POLLRDNORM)) { 974 IFQ_LOCK(&ifp->if_snd); 975 IFQ_POLL_NOLOCK(&ifp->if_snd, m); 976 if (m != NULL) { 977 TUNDEBUG(ifp, "tunpoll q=%d\n", ifp->if_snd.ifq_len); 978 revents |= events & (POLLIN | POLLRDNORM); 979 } else { 980 TUNDEBUG(ifp, "tunpoll waiting\n"); 981 selrecord(td, &tp->tun_rsel); 982 } 983 IFQ_UNLOCK(&ifp->if_snd); 984 } 985 if (events & (POLLOUT | POLLWRNORM)) 986 revents |= events & (POLLOUT | POLLWRNORM); 987 988 splx(s); 989 return (revents); 990} 991 992/* 993 * tunkqfilter - support for the kevent() system call. 994 */ 995static int 996tunkqfilter(struct cdev *dev, struct knote *kn) 997{ 998 int s; 999 struct tun_softc *tp = dev->si_drv1; 1000 struct ifnet *ifp = TUN2IFP(tp); 1001 1002 s = splimp(); 1003 switch(kn->kn_filter) { 1004 case EVFILT_READ: 1005 TUNDEBUG(ifp, "%s kqfilter: EVFILT_READ, minor = %#x\n", 1006 ifp->if_xname, dev2unit(dev)); 1007 kn->kn_fop = &tun_read_filterops; 1008 break; 1009 1010 case EVFILT_WRITE: 1011 TUNDEBUG(ifp, "%s kqfilter: EVFILT_WRITE, minor = %#x\n", 1012 ifp->if_xname, dev2unit(dev)); 1013 kn->kn_fop = &tun_write_filterops; 1014 break; 1015 1016 default: 1017 TUNDEBUG(ifp, "%s kqfilter: invalid filter, minor = %#x\n", 1018 ifp->if_xname, dev2unit(dev)); 1019 splx(s); 1020 return(EINVAL); 1021 } 1022 splx(s); 1023 1024 kn->kn_hook = (caddr_t) dev; 1025 knlist_add(&tp->tun_rsel.si_note, kn, 0); 1026 1027 return (0); 1028} 1029 1030/* 1031 * Return true of there is data in the interface queue. 1032 */ 1033static int 1034tunkqread(struct knote *kn, long hint) 1035{ 1036 int ret, s; 1037 struct cdev *dev = (struct cdev *)(kn->kn_hook); 1038 struct tun_softc *tp = dev->si_drv1; 1039 struct ifnet *ifp = TUN2IFP(tp); 1040 1041 s = splimp(); 1042 if ((kn->kn_data = ifp->if_snd.ifq_len) > 0) { 1043 TUNDEBUG(ifp, 1044 "%s have data in the queue. Len = %d, minor = %#x\n", 1045 ifp->if_xname, ifp->if_snd.ifq_len, dev2unit(dev)); 1046 ret = 1; 1047 } else { 1048 TUNDEBUG(ifp, 1049 "%s waiting for data, minor = %#x\n", ifp->if_xname, 1050 dev2unit(dev)); 1051 ret = 0; 1052 } 1053 splx(s); 1054 1055 return (ret); 1056} 1057 1058/* 1059 * Always can write, always return MTU in kn->data. 1060 */ 1061static int 1062tunkqwrite(struct knote *kn, long hint) 1063{ 1064 int s; 1065 struct tun_softc *tp = ((struct cdev *)kn->kn_hook)->si_drv1; 1066 struct ifnet *ifp = TUN2IFP(tp); 1067 1068 s = splimp(); 1069 kn->kn_data = ifp->if_mtu; 1070 splx(s); 1071 1072 return (1); 1073} 1074 1075static void 1076tunkqdetach(struct knote *kn) 1077{ 1078 struct tun_softc *tp = ((struct cdev *)kn->kn_hook)->si_drv1; 1079 1080 knlist_remove(&tp->tun_rsel.si_note, kn, 0); 1081} 1082