if_tun.c revision 204464
1/* $NetBSD: if_tun.c,v 1.14 1994/06/29 06:36:25 cgd Exp $ */ 2 3/*- 4 * Copyright (c) 1988, Julian Onions <jpo@cs.nott.ac.uk> 5 * Nottingham University 1987. 6 * 7 * This source may be freely distributed, however I would be interested 8 * in any changes that are made. 9 * 10 * This driver takes packets off the IP i/f and hands them up to a 11 * user process to have its wicked way with. This driver has it's 12 * roots in a similar driver written by Phil Cockcroft (formerly) at 13 * UCL. This driver is based much more on read/write/poll mode of 14 * operation though. 15 * 16 * $FreeBSD: head/sys/net/if_tun.c 204464 2010-02-28 16:25:49Z kib $ 17 */ 18 19#include "opt_atalk.h" 20#include "opt_inet.h" 21#include "opt_inet6.h" 22#include "opt_ipx.h" 23 24#include <sys/param.h> 25#include <sys/priv.h> 26#include <sys/proc.h> 27#include <sys/systm.h> 28#include <sys/jail.h> 29#include <sys/mbuf.h> 30#include <sys/module.h> 31#include <sys/socket.h> 32#include <sys/fcntl.h> 33#include <sys/filio.h> 34#include <sys/sockio.h> 35#include <sys/ttycom.h> 36#include <sys/poll.h> 37#include <sys/selinfo.h> 38#include <sys/signalvar.h> 39#include <sys/filedesc.h> 40#include <sys/kernel.h> 41#include <sys/sysctl.h> 42#include <sys/conf.h> 43#include <sys/uio.h> 44#include <sys/malloc.h> 45#include <sys/random.h> 46 47#include <net/if.h> 48#include <net/if_clone.h> 49#include <net/if_types.h> 50#include <net/netisr.h> 51#include <net/route.h> 52#include <net/vnet.h> 53#ifdef INET 54#include <netinet/in.h> 55#endif 56#include <net/bpf.h> 57#include <net/if_tun.h> 58 59#include <sys/queue.h> 60#include <sys/condvar.h> 61 62#include <security/mac/mac_framework.h> 63 64/* 65 * tun_list is protected by global tunmtx. Other mutable fields are 66 * protected by tun->tun_mtx, or by their owning subsystem. tun_dev is 67 * static for the duration of a tunnel interface. 68 */ 69struct tun_softc { 70 TAILQ_ENTRY(tun_softc) tun_list; 71 struct cdev *tun_dev; 72 u_short tun_flags; /* misc flags */ 73#define TUN_OPEN 0x0001 74#define TUN_INITED 0x0002 75#define TUN_RCOLL 0x0004 76#define TUN_IASET 0x0008 77#define TUN_DSTADDR 0x0010 78#define TUN_LMODE 0x0020 79#define TUN_RWAIT 0x0040 80#define TUN_ASYNC 0x0080 81#define TUN_IFHEAD 0x0100 82 83#define TUN_READY (TUN_OPEN | TUN_INITED) 84 85 /* 86 * XXXRW: tun_pid is used to exclusively lock /dev/tun. Is this 87 * actually needed? Can we just return EBUSY if already open? 88 * Problem is that this involved inherent races when a tun device 89 * is handed off from one process to another, as opposed to just 90 * being slightly stale informationally. 91 */ 92 pid_t tun_pid; /* owning pid */ 93 struct ifnet *tun_ifp; /* the interface */ 94 struct sigio *tun_sigio; /* information for async I/O */ 95 struct selinfo tun_rsel; /* read select */ 96 struct mtx tun_mtx; /* protect mutable softc fields */ 97 struct cv tun_cv; /* protect against ref'd dev destroy */ 98}; 99#define TUN2IFP(sc) ((sc)->tun_ifp) 100 101#define TUNDEBUG if (tundebug) if_printf 102#define TUNNAME "tun" 103 104/* 105 * All mutable global variables in if_tun are locked using tunmtx, with 106 * the exception of tundebug, which is used unlocked, and tunclones, 107 * which is static after setup. 108 */ 109static struct mtx tunmtx; 110static MALLOC_DEFINE(M_TUN, TUNNAME, "Tunnel Interface"); 111static int tundebug = 0; 112static int tundclone = 1; 113static struct clonedevs *tunclones; 114static TAILQ_HEAD(,tun_softc) tunhead = TAILQ_HEAD_INITIALIZER(tunhead); 115SYSCTL_INT(_debug, OID_AUTO, if_tun_debug, CTLFLAG_RW, &tundebug, 0, ""); 116 117SYSCTL_DECL(_net_link); 118SYSCTL_NODE(_net_link, OID_AUTO, tun, CTLFLAG_RW, 0, 119 "IP tunnel software network interface."); 120SYSCTL_INT(_net_link_tun, OID_AUTO, devfs_cloning, CTLFLAG_RW, &tundclone, 0, 121 "Enable legacy devfs interface creation."); 122 123TUNABLE_INT("net.link.tun.devfs_cloning", &tundclone); 124 125static void tunclone(void *arg, struct ucred *cred, char *name, 126 int namelen, struct cdev **dev); 127static void tuncreate(const char *name, struct cdev *dev); 128static int tunifioctl(struct ifnet *, u_long, caddr_t); 129static int tuninit(struct ifnet *); 130static int tunmodevent(module_t, int, void *); 131static int tunoutput(struct ifnet *, struct mbuf *, struct sockaddr *, 132 struct route *ro); 133static void tunstart(struct ifnet *); 134 135static int tun_clone_create(struct if_clone *, int, caddr_t); 136static void tun_clone_destroy(struct ifnet *); 137 138IFC_SIMPLE_DECLARE(tun, 0); 139 140static d_open_t tunopen; 141static d_close_t tunclose; 142static d_read_t tunread; 143static d_write_t tunwrite; 144static d_ioctl_t tunioctl; 145static d_poll_t tunpoll; 146static d_kqfilter_t tunkqfilter; 147 148static int tunkqread(struct knote *, long); 149static int tunkqwrite(struct knote *, long); 150static void tunkqdetach(struct knote *); 151 152static struct filterops tun_read_filterops = { 153 .f_isfd = 1, 154 .f_attach = NULL, 155 .f_detach = tunkqdetach, 156 .f_event = tunkqread, 157}; 158 159static struct filterops tun_write_filterops = { 160 .f_isfd = 1, 161 .f_attach = NULL, 162 .f_detach = tunkqdetach, 163 .f_event = tunkqwrite, 164}; 165 166static struct cdevsw tun_cdevsw = { 167 .d_version = D_VERSION, 168 .d_flags = D_PSEUDO | D_NEEDGIANT | D_NEEDMINOR, 169 .d_open = tunopen, 170 .d_close = tunclose, 171 .d_read = tunread, 172 .d_write = tunwrite, 173 .d_ioctl = tunioctl, 174 .d_poll = tunpoll, 175 .d_kqfilter = tunkqfilter, 176 .d_name = TUNNAME, 177}; 178 179static int 180tun_clone_create(struct if_clone *ifc, int unit, caddr_t params) 181{ 182 struct cdev *dev; 183 int i; 184 185 /* find any existing device, or allocate new unit number */ 186 i = clone_create(&tunclones, &tun_cdevsw, &unit, &dev, 0); 187 if (i) { 188 /* No preexisting struct cdev *, create one */ 189 dev = make_dev(&tun_cdevsw, unit, 190 UID_UUCP, GID_DIALER, 0600, "%s%d", ifc->ifc_name, unit); 191 } 192 tuncreate(ifc->ifc_name, dev); 193 194 return (0); 195} 196 197static void 198tunclone(void *arg, struct ucred *cred, char *name, int namelen, 199 struct cdev **dev) 200{ 201 char devname[SPECNAMELEN + 1]; 202 int u, i, append_unit; 203 204 if (*dev != NULL) 205 return; 206 207 /* 208 * If tun cloning is enabled, only the superuser can create an 209 * interface. 210 */ 211 if (!tundclone || priv_check_cred(cred, PRIV_NET_IFCREATE, 0) != 0) 212 return; 213 214 if (strcmp(name, TUNNAME) == 0) { 215 u = -1; 216 } else if (dev_stdclone(name, NULL, TUNNAME, &u) != 1) 217 return; /* Don't recognise the name */ 218 if (u != -1 && u > IF_MAXUNIT) 219 return; /* Unit number too high */ 220 221 if (u == -1) 222 append_unit = 1; 223 else 224 append_unit = 0; 225 226 CURVNET_SET(CRED_TO_VNET(cred)); 227 /* find any existing device, or allocate new unit number */ 228 i = clone_create(&tunclones, &tun_cdevsw, &u, dev, 0); 229 if (i) { 230 if (append_unit) { 231 namelen = snprintf(devname, sizeof(devname), "%s%d", name, 232 u); 233 name = devname; 234 } 235 /* No preexisting struct cdev *, create one */ 236 *dev = make_dev_credf(MAKEDEV_REF, &tun_cdevsw, u, cred, 237 UID_UUCP, GID_DIALER, 0600, "%s", name); 238 } 239 240 if_clone_create(name, namelen, NULL); 241 CURVNET_RESTORE(); 242} 243 244static void 245tun_destroy(struct tun_softc *tp) 246{ 247 struct cdev *dev; 248 249 /* Unlocked read. */ 250 mtx_lock(&tp->tun_mtx); 251 if ((tp->tun_flags & TUN_OPEN) != 0) 252 cv_wait_unlock(&tp->tun_cv, &tp->tun_mtx); 253 else 254 mtx_unlock(&tp->tun_mtx); 255 256 CURVNET_SET(TUN2IFP(tp)->if_vnet); 257 dev = tp->tun_dev; 258 bpfdetach(TUN2IFP(tp)); 259 if_detach(TUN2IFP(tp)); 260 if_free(TUN2IFP(tp)); 261 destroy_dev(dev); 262 knlist_destroy(&tp->tun_rsel.si_note); 263 mtx_destroy(&tp->tun_mtx); 264 cv_destroy(&tp->tun_cv); 265 free(tp, M_TUN); 266 CURVNET_RESTORE(); 267} 268 269static void 270tun_clone_destroy(struct ifnet *ifp) 271{ 272 struct tun_softc *tp = ifp->if_softc; 273 274 mtx_lock(&tunmtx); 275 TAILQ_REMOVE(&tunhead, tp, tun_list); 276 mtx_unlock(&tunmtx); 277 tun_destroy(tp); 278} 279 280static int 281tunmodevent(module_t mod, int type, void *data) 282{ 283 static eventhandler_tag tag; 284 struct tun_softc *tp; 285 286 switch (type) { 287 case MOD_LOAD: 288 mtx_init(&tunmtx, "tunmtx", NULL, MTX_DEF); 289 clone_setup(&tunclones); 290 tag = EVENTHANDLER_REGISTER(dev_clone, tunclone, 0, 1000); 291 if (tag == NULL) 292 return (ENOMEM); 293 if_clone_attach(&tun_cloner); 294 break; 295 case MOD_UNLOAD: 296 if_clone_detach(&tun_cloner); 297 EVENTHANDLER_DEREGISTER(dev_clone, tag); 298 drain_dev_clone_events(); 299 300 mtx_lock(&tunmtx); 301 while ((tp = TAILQ_FIRST(&tunhead)) != NULL) { 302 TAILQ_REMOVE(&tunhead, tp, tun_list); 303 mtx_unlock(&tunmtx); 304 tun_destroy(tp); 305 mtx_lock(&tunmtx); 306 } 307 mtx_unlock(&tunmtx); 308 clone_cleanup(&tunclones); 309 mtx_destroy(&tunmtx); 310 break; 311 default: 312 return EOPNOTSUPP; 313 } 314 return 0; 315} 316 317static moduledata_t tun_mod = { 318 "if_tun", 319 tunmodevent, 320 0 321}; 322 323DECLARE_MODULE(if_tun, tun_mod, SI_SUB_PSEUDO, SI_ORDER_ANY); 324 325static void 326tunstart(struct ifnet *ifp) 327{ 328 struct tun_softc *tp = ifp->if_softc; 329 struct mbuf *m; 330 331 TUNDEBUG(ifp,"%s starting\n", ifp->if_xname); 332 if (ALTQ_IS_ENABLED(&ifp->if_snd)) { 333 IFQ_LOCK(&ifp->if_snd); 334 IFQ_POLL_NOLOCK(&ifp->if_snd, m); 335 if (m == NULL) { 336 IFQ_UNLOCK(&ifp->if_snd); 337 return; 338 } 339 IFQ_UNLOCK(&ifp->if_snd); 340 } 341 342 mtx_lock(&tp->tun_mtx); 343 if (tp->tun_flags & TUN_RWAIT) { 344 tp->tun_flags &= ~TUN_RWAIT; 345 wakeup(tp); 346 } 347 if (tp->tun_flags & TUN_ASYNC && tp->tun_sigio) { 348 mtx_unlock(&tp->tun_mtx); 349 pgsigio(&tp->tun_sigio, SIGIO, 0); 350 } else 351 mtx_unlock(&tp->tun_mtx); 352 selwakeuppri(&tp->tun_rsel, PZERO + 1); 353 KNOTE_UNLOCKED(&tp->tun_rsel.si_note, 0); 354} 355 356/* XXX: should return an error code so it can fail. */ 357static void 358tuncreate(const char *name, struct cdev *dev) 359{ 360 struct tun_softc *sc; 361 struct ifnet *ifp; 362 363 dev->si_flags &= ~SI_CHEAPCLONE; 364 365 sc = malloc(sizeof(*sc), M_TUN, M_WAITOK | M_ZERO); 366 mtx_init(&sc->tun_mtx, "tun_mtx", NULL, MTX_DEF); 367 cv_init(&sc->tun_cv, "tun_condvar"); 368 sc->tun_flags = TUN_INITED; 369 sc->tun_dev = dev; 370 mtx_lock(&tunmtx); 371 TAILQ_INSERT_TAIL(&tunhead, sc, tun_list); 372 mtx_unlock(&tunmtx); 373 374 ifp = sc->tun_ifp = if_alloc(IFT_PPP); 375 if (ifp == NULL) 376 panic("%s%d: failed to if_alloc() interface.\n", 377 name, dev2unit(dev)); 378 if_initname(ifp, name, dev2unit(dev)); 379 ifp->if_mtu = TUNMTU; 380 ifp->if_ioctl = tunifioctl; 381 ifp->if_output = tunoutput; 382 ifp->if_start = tunstart; 383 ifp->if_flags = IFF_POINTOPOINT | IFF_MULTICAST; 384 ifp->if_softc = sc; 385 IFQ_SET_MAXLEN(&ifp->if_snd, ifqmaxlen); 386 ifp->if_snd.ifq_drv_maxlen = 0; 387 IFQ_SET_READY(&ifp->if_snd); 388 knlist_init_mtx(&sc->tun_rsel.si_note, NULL); 389 390 if_attach(ifp); 391 bpfattach(ifp, DLT_NULL, sizeof(u_int32_t)); 392 dev->si_drv1 = sc; 393 TUNDEBUG(ifp, "interface %s is created, minor = %#x\n", 394 ifp->if_xname, dev2unit(dev)); 395} 396 397static int 398tunopen(struct cdev *dev, int flag, int mode, struct thread *td) 399{ 400 struct ifnet *ifp; 401 struct tun_softc *tp; 402 403 /* 404 * XXXRW: Non-atomic test and set of dev->si_drv1 requires 405 * synchronization. 406 */ 407 tp = dev->si_drv1; 408 if (!tp) { 409 tuncreate(TUNNAME, dev); 410 tp = dev->si_drv1; 411 } 412 413 /* 414 * XXXRW: This use of tun_pid is subject to error due to the 415 * fact that a reference to the tunnel can live beyond the 416 * death of the process that created it. Can we replace this 417 * with a simple busy flag? 418 */ 419 mtx_lock(&tp->tun_mtx); 420 if (tp->tun_pid != 0 && tp->tun_pid != td->td_proc->p_pid) { 421 mtx_unlock(&tp->tun_mtx); 422 return (EBUSY); 423 } 424 tp->tun_pid = td->td_proc->p_pid; 425 426 tp->tun_flags |= TUN_OPEN; 427 mtx_unlock(&tp->tun_mtx); 428 ifp = TUN2IFP(tp); 429 if_link_state_change(ifp, LINK_STATE_UP); 430 TUNDEBUG(ifp, "open\n"); 431 432 return (0); 433} 434 435/* 436 * tunclose - close the device - mark i/f down & delete 437 * routing info 438 */ 439static int 440tunclose(struct cdev *dev, int foo, int bar, struct thread *td) 441{ 442 struct tun_softc *tp; 443 struct ifnet *ifp; 444 int s; 445 446 tp = dev->si_drv1; 447 ifp = TUN2IFP(tp); 448 449 mtx_lock(&tp->tun_mtx); 450 tp->tun_flags &= ~TUN_OPEN; 451 tp->tun_pid = 0; 452 mtx_unlock(&tp->tun_mtx); 453 454 /* 455 * junk all pending output 456 */ 457 CURVNET_SET(ifp->if_vnet); 458 s = splimp(); 459 IFQ_PURGE(&ifp->if_snd); 460 splx(s); 461 462 if (ifp->if_flags & IFF_UP) { 463 s = splimp(); 464 if_down(ifp); 465 splx(s); 466 } 467 468 /* Delete all addresses and routes which reference this interface. */ 469 if (ifp->if_drv_flags & IFF_DRV_RUNNING) { 470 struct ifaddr *ifa; 471 472 s = splimp(); 473 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) { 474 /* deal w/IPv4 PtP destination; unlocked read */ 475 if (ifa->ifa_addr->sa_family == AF_INET) { 476 rtinit(ifa, (int)RTM_DELETE, 477 tp->tun_flags & TUN_DSTADDR ? RTF_HOST : 0); 478 } else { 479 rtinit(ifa, (int)RTM_DELETE, 0); 480 } 481 } 482 if_purgeaddrs(ifp); 483 ifp->if_drv_flags &= ~IFF_DRV_RUNNING; 484 splx(s); 485 } 486 if_link_state_change(ifp, LINK_STATE_DOWN); 487 CURVNET_RESTORE(); 488 489 mtx_lock(&tp->tun_mtx); 490 funsetown(&tp->tun_sigio); 491 selwakeuppri(&tp->tun_rsel, PZERO + 1); 492 KNOTE_UNLOCKED(&tp->tun_rsel.si_note, 0); 493 TUNDEBUG (ifp, "closed\n"); 494 495 cv_broadcast(&tp->tun_cv); 496 mtx_unlock(&tp->tun_mtx); 497 return (0); 498} 499 500static int 501tuninit(struct ifnet *ifp) 502{ 503#ifdef INET 504 struct tun_softc *tp = ifp->if_softc; 505 struct ifaddr *ifa; 506#endif 507 int error = 0; 508 509 TUNDEBUG(ifp, "tuninit\n"); 510 511 ifp->if_flags |= IFF_UP; 512 ifp->if_drv_flags |= IFF_DRV_RUNNING; 513 getmicrotime(&ifp->if_lastchange); 514 515#ifdef INET 516 if_addr_rlock(ifp); 517 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) { 518 if (ifa->ifa_addr->sa_family == AF_INET) { 519 struct sockaddr_in *si; 520 521 si = (struct sockaddr_in *)ifa->ifa_addr; 522 mtx_lock(&tp->tun_mtx); 523 if (si->sin_addr.s_addr) 524 tp->tun_flags |= TUN_IASET; 525 526 si = (struct sockaddr_in *)ifa->ifa_dstaddr; 527 if (si && si->sin_addr.s_addr) 528 tp->tun_flags |= TUN_DSTADDR; 529 mtx_unlock(&tp->tun_mtx); 530 } 531 } 532 if_addr_runlock(ifp); 533#endif 534 return (error); 535} 536 537/* 538 * Process an ioctl request. 539 */ 540static int 541tunifioctl(struct ifnet *ifp, u_long cmd, caddr_t data) 542{ 543 struct ifreq *ifr = (struct ifreq *)data; 544 struct tun_softc *tp = ifp->if_softc; 545 struct ifstat *ifs; 546 int error = 0, s; 547 548 s = splimp(); 549 switch(cmd) { 550 case SIOCGIFSTATUS: 551 ifs = (struct ifstat *)data; 552 mtx_lock(&tp->tun_mtx); 553 if (tp->tun_pid) 554 sprintf(ifs->ascii + strlen(ifs->ascii), 555 "\tOpened by PID %d\n", tp->tun_pid); 556 mtx_unlock(&tp->tun_mtx); 557 break; 558 case SIOCSIFADDR: 559 error = tuninit(ifp); 560 TUNDEBUG(ifp, "address set, error=%d\n", error); 561 break; 562 case SIOCSIFDSTADDR: 563 error = tuninit(ifp); 564 TUNDEBUG(ifp, "destination address set, error=%d\n", error); 565 break; 566 case SIOCSIFMTU: 567 ifp->if_mtu = ifr->ifr_mtu; 568 TUNDEBUG(ifp, "mtu set\n"); 569 break; 570 case SIOCSIFFLAGS: 571 case SIOCADDMULTI: 572 case SIOCDELMULTI: 573 break; 574 default: 575 error = EINVAL; 576 } 577 splx(s); 578 return (error); 579} 580 581/* 582 * tunoutput - queue packets from higher level ready to put out. 583 */ 584static int 585tunoutput( 586 struct ifnet *ifp, 587 struct mbuf *m0, 588 struct sockaddr *dst, 589 struct route *ro) 590{ 591 struct tun_softc *tp = ifp->if_softc; 592 u_short cached_tun_flags; 593 int error; 594 u_int32_t af; 595 596 TUNDEBUG (ifp, "tunoutput\n"); 597 598#ifdef MAC 599 error = mac_ifnet_check_transmit(ifp, m0); 600 if (error) { 601 m_freem(m0); 602 return (error); 603 } 604#endif 605 606 /* Could be unlocked read? */ 607 mtx_lock(&tp->tun_mtx); 608 cached_tun_flags = tp->tun_flags; 609 mtx_unlock(&tp->tun_mtx); 610 if ((cached_tun_flags & TUN_READY) != TUN_READY) { 611 TUNDEBUG (ifp, "not ready 0%o\n", tp->tun_flags); 612 m_freem (m0); 613 return (EHOSTDOWN); 614 } 615 616 if ((ifp->if_flags & IFF_UP) != IFF_UP) { 617 m_freem (m0); 618 return (EHOSTDOWN); 619 } 620 621 /* BPF writes need to be handled specially. */ 622 if (dst->sa_family == AF_UNSPEC) { 623 bcopy(dst->sa_data, &af, sizeof(af)); 624 dst->sa_family = af; 625 } 626 627 if (bpf_peers_present(ifp->if_bpf)) { 628 af = dst->sa_family; 629 bpf_mtap2(ifp->if_bpf, &af, sizeof(af), m0); 630 } 631 632 /* prepend sockaddr? this may abort if the mbuf allocation fails */ 633 if (cached_tun_flags & TUN_LMODE) { 634 /* allocate space for sockaddr */ 635 M_PREPEND(m0, dst->sa_len, M_DONTWAIT); 636 637 /* if allocation failed drop packet */ 638 if (m0 == NULL) { 639 ifp->if_iqdrops++; 640 ifp->if_oerrors++; 641 return (ENOBUFS); 642 } else { 643 bcopy(dst, m0->m_data, dst->sa_len); 644 } 645 } 646 647 if (cached_tun_flags & TUN_IFHEAD) { 648 /* Prepend the address family */ 649 M_PREPEND(m0, 4, M_DONTWAIT); 650 651 /* if allocation failed drop packet */ 652 if (m0 == NULL) { 653 ifp->if_iqdrops++; 654 ifp->if_oerrors++; 655 return (ENOBUFS); 656 } else 657 *(u_int32_t *)m0->m_data = htonl(dst->sa_family); 658 } else { 659#ifdef INET 660 if (dst->sa_family != AF_INET) 661#endif 662 { 663 m_freem(m0); 664 return (EAFNOSUPPORT); 665 } 666 } 667 668 error = (ifp->if_transmit)(ifp, m0); 669 if (error) { 670 ifp->if_collisions++; 671 return (ENOBUFS); 672 } 673 ifp->if_opackets++; 674 return (0); 675} 676 677/* 678 * the cdevsw interface is now pretty minimal. 679 */ 680static int 681tunioctl(struct cdev *dev, u_long cmd, caddr_t data, int flag, struct thread *td) 682{ 683 int s; 684 int error; 685 struct tun_softc *tp = dev->si_drv1; 686 struct tuninfo *tunp; 687 688 switch (cmd) { 689 case TUNSIFINFO: 690 tunp = (struct tuninfo *)data; 691 if (tunp->mtu < IF_MINMTU) 692 return (EINVAL); 693 if (TUN2IFP(tp)->if_mtu != tunp->mtu) { 694 error = priv_check(td, PRIV_NET_SETIFMTU); 695 if (error) 696 return (error); 697 } 698 TUN2IFP(tp)->if_mtu = tunp->mtu; 699 TUN2IFP(tp)->if_type = tunp->type; 700 TUN2IFP(tp)->if_baudrate = tunp->baudrate; 701 break; 702 case TUNGIFINFO: 703 tunp = (struct tuninfo *)data; 704 tunp->mtu = TUN2IFP(tp)->if_mtu; 705 tunp->type = TUN2IFP(tp)->if_type; 706 tunp->baudrate = TUN2IFP(tp)->if_baudrate; 707 break; 708 case TUNSDEBUG: 709 tundebug = *(int *)data; 710 break; 711 case TUNGDEBUG: 712 *(int *)data = tundebug; 713 break; 714 case TUNSLMODE: 715 mtx_lock(&tp->tun_mtx); 716 if (*(int *)data) { 717 tp->tun_flags |= TUN_LMODE; 718 tp->tun_flags &= ~TUN_IFHEAD; 719 } else 720 tp->tun_flags &= ~TUN_LMODE; 721 mtx_unlock(&tp->tun_mtx); 722 break; 723 case TUNSIFHEAD: 724 mtx_lock(&tp->tun_mtx); 725 if (*(int *)data) { 726 tp->tun_flags |= TUN_IFHEAD; 727 tp->tun_flags &= ~TUN_LMODE; 728 } else 729 tp->tun_flags &= ~TUN_IFHEAD; 730 mtx_unlock(&tp->tun_mtx); 731 break; 732 case TUNGIFHEAD: 733 /* Could be unlocked read? */ 734 mtx_lock(&tp->tun_mtx); 735 *(int *)data = (tp->tun_flags & TUN_IFHEAD) ? 1 : 0; 736 mtx_unlock(&tp->tun_mtx); 737 break; 738 case TUNSIFMODE: 739 /* deny this if UP */ 740 if (TUN2IFP(tp)->if_flags & IFF_UP) 741 return(EBUSY); 742 743 switch (*(int *)data & ~IFF_MULTICAST) { 744 case IFF_POINTOPOINT: 745 case IFF_BROADCAST: 746 TUN2IFP(tp)->if_flags &= 747 ~(IFF_BROADCAST|IFF_POINTOPOINT|IFF_MULTICAST); 748 TUN2IFP(tp)->if_flags |= *(int *)data; 749 break; 750 default: 751 return(EINVAL); 752 } 753 break; 754 case TUNSIFPID: 755 mtx_lock(&tp->tun_mtx); 756 tp->tun_pid = curthread->td_proc->p_pid; 757 mtx_unlock(&tp->tun_mtx); 758 break; 759 case FIONBIO: 760 break; 761 case FIOASYNC: 762 mtx_lock(&tp->tun_mtx); 763 if (*(int *)data) 764 tp->tun_flags |= TUN_ASYNC; 765 else 766 tp->tun_flags &= ~TUN_ASYNC; 767 mtx_unlock(&tp->tun_mtx); 768 break; 769 case FIONREAD: 770 s = splimp(); 771 if (!IFQ_IS_EMPTY(&TUN2IFP(tp)->if_snd)) { 772 struct mbuf *mb; 773 IFQ_LOCK(&TUN2IFP(tp)->if_snd); 774 IFQ_POLL_NOLOCK(&TUN2IFP(tp)->if_snd, mb); 775 for( *(int *)data = 0; mb != 0; mb = mb->m_next) 776 *(int *)data += mb->m_len; 777 IFQ_UNLOCK(&TUN2IFP(tp)->if_snd); 778 } else 779 *(int *)data = 0; 780 splx(s); 781 break; 782 case FIOSETOWN: 783 return (fsetown(*(int *)data, &tp->tun_sigio)); 784 785 case FIOGETOWN: 786 *(int *)data = fgetown(&tp->tun_sigio); 787 return (0); 788 789 /* This is deprecated, FIOSETOWN should be used instead. */ 790 case TIOCSPGRP: 791 return (fsetown(-(*(int *)data), &tp->tun_sigio)); 792 793 /* This is deprecated, FIOGETOWN should be used instead. */ 794 case TIOCGPGRP: 795 *(int *)data = -fgetown(&tp->tun_sigio); 796 return (0); 797 798 default: 799 return (ENOTTY); 800 } 801 return (0); 802} 803 804/* 805 * The cdevsw read interface - reads a packet at a time, or at 806 * least as much of a packet as can be read. 807 */ 808static int 809tunread(struct cdev *dev, struct uio *uio, int flag) 810{ 811 struct tun_softc *tp = dev->si_drv1; 812 struct ifnet *ifp = TUN2IFP(tp); 813 struct mbuf *m; 814 int error=0, len, s; 815 816 TUNDEBUG (ifp, "read\n"); 817 mtx_lock(&tp->tun_mtx); 818 if ((tp->tun_flags & TUN_READY) != TUN_READY) { 819 mtx_unlock(&tp->tun_mtx); 820 TUNDEBUG (ifp, "not ready 0%o\n", tp->tun_flags); 821 return (EHOSTDOWN); 822 } 823 824 tp->tun_flags &= ~TUN_RWAIT; 825 mtx_unlock(&tp->tun_mtx); 826 827 s = splimp(); 828 do { 829 IFQ_DEQUEUE(&ifp->if_snd, m); 830 if (m == NULL) { 831 if (flag & O_NONBLOCK) { 832 splx(s); 833 return (EWOULDBLOCK); 834 } 835 mtx_lock(&tp->tun_mtx); 836 tp->tun_flags |= TUN_RWAIT; 837 mtx_unlock(&tp->tun_mtx); 838 if ((error = tsleep(tp, PCATCH | (PZERO + 1), 839 "tunread", 0)) != 0) { 840 splx(s); 841 return (error); 842 } 843 } 844 } while (m == NULL); 845 splx(s); 846 847 while (m && uio->uio_resid > 0 && error == 0) { 848 len = min(uio->uio_resid, m->m_len); 849 if (len != 0) 850 error = uiomove(mtod(m, void *), len, uio); 851 m = m_free(m); 852 } 853 854 if (m) { 855 TUNDEBUG(ifp, "Dropping mbuf\n"); 856 m_freem(m); 857 } 858 return (error); 859} 860 861/* 862 * the cdevsw write interface - an atomic write is a packet - or else! 863 */ 864static int 865tunwrite(struct cdev *dev, struct uio *uio, int flag) 866{ 867 struct tun_softc *tp = dev->si_drv1; 868 struct ifnet *ifp = TUN2IFP(tp); 869 struct mbuf *m; 870 int error = 0; 871 uint32_t family; 872 int isr; 873 874 TUNDEBUG(ifp, "tunwrite\n"); 875 876 if ((ifp->if_flags & IFF_UP) != IFF_UP) 877 /* ignore silently */ 878 return (0); 879 880 if (uio->uio_resid == 0) 881 return (0); 882 883 if (uio->uio_resid < 0 || uio->uio_resid > TUNMRU) { 884 TUNDEBUG(ifp, "len=%zd!\n", uio->uio_resid); 885 return (EIO); 886 } 887 888 if ((m = m_uiotombuf(uio, M_DONTWAIT, 0, 0, M_PKTHDR)) == NULL) { 889 ifp->if_ierrors++; 890 return (error); 891 } 892 893 m->m_pkthdr.rcvif = ifp; 894#ifdef MAC 895 mac_ifnet_create_mbuf(ifp, m); 896#endif 897 898 /* Could be unlocked read? */ 899 mtx_lock(&tp->tun_mtx); 900 if (tp->tun_flags & TUN_IFHEAD) { 901 mtx_unlock(&tp->tun_mtx); 902 if (m->m_len < sizeof(family) && 903 (m = m_pullup(m, sizeof(family))) == NULL) 904 return (ENOBUFS); 905 family = ntohl(*mtod(m, u_int32_t *)); 906 m_adj(m, sizeof(family)); 907 } else { 908 mtx_unlock(&tp->tun_mtx); 909 family = AF_INET; 910 } 911 912 BPF_MTAP2(ifp, &family, sizeof(family), m); 913 914 switch (family) { 915#ifdef INET 916 case AF_INET: 917 isr = NETISR_IP; 918 break; 919#endif 920#ifdef INET6 921 case AF_INET6: 922 isr = NETISR_IPV6; 923 break; 924#endif 925#ifdef IPX 926 case AF_IPX: 927 isr = NETISR_IPX; 928 break; 929#endif 930#ifdef NETATALK 931 case AF_APPLETALK: 932 isr = NETISR_ATALK2; 933 break; 934#endif 935 default: 936 m_freem(m); 937 return (EAFNOSUPPORT); 938 } 939 /* First chunk of an mbuf contains good junk */ 940 if (harvest.point_to_point) 941 random_harvest(m, 16, 3, 0, RANDOM_NET); 942 ifp->if_ibytes += m->m_pkthdr.len; 943 ifp->if_ipackets++; 944 CURVNET_SET(ifp->if_vnet); 945 netisr_dispatch(isr, m); 946 CURVNET_RESTORE(); 947 return (0); 948} 949 950/* 951 * tunpoll - the poll interface, this is only useful on reads 952 * really. The write detect always returns true, write never blocks 953 * anyway, it either accepts the packet or drops it. 954 */ 955static int 956tunpoll(struct cdev *dev, int events, struct thread *td) 957{ 958 int s; 959 struct tun_softc *tp = dev->si_drv1; 960 struct ifnet *ifp = TUN2IFP(tp); 961 int revents = 0; 962 struct mbuf *m; 963 964 s = splimp(); 965 TUNDEBUG(ifp, "tunpoll\n"); 966 967 if (events & (POLLIN | POLLRDNORM)) { 968 IFQ_LOCK(&ifp->if_snd); 969 IFQ_POLL_NOLOCK(&ifp->if_snd, m); 970 if (m != NULL) { 971 TUNDEBUG(ifp, "tunpoll q=%d\n", ifp->if_snd.ifq_len); 972 revents |= events & (POLLIN | POLLRDNORM); 973 } else { 974 TUNDEBUG(ifp, "tunpoll waiting\n"); 975 selrecord(td, &tp->tun_rsel); 976 } 977 IFQ_UNLOCK(&ifp->if_snd); 978 } 979 if (events & (POLLOUT | POLLWRNORM)) 980 revents |= events & (POLLOUT | POLLWRNORM); 981 982 splx(s); 983 return (revents); 984} 985 986/* 987 * tunkqfilter - support for the kevent() system call. 988 */ 989static int 990tunkqfilter(struct cdev *dev, struct knote *kn) 991{ 992 int s; 993 struct tun_softc *tp = dev->si_drv1; 994 struct ifnet *ifp = TUN2IFP(tp); 995 996 s = splimp(); 997 switch(kn->kn_filter) { 998 case EVFILT_READ: 999 TUNDEBUG(ifp, "%s kqfilter: EVFILT_READ, minor = %#x\n", 1000 ifp->if_xname, dev2unit(dev)); 1001 kn->kn_fop = &tun_read_filterops; 1002 break; 1003 1004 case EVFILT_WRITE: 1005 TUNDEBUG(ifp, "%s kqfilter: EVFILT_WRITE, minor = %#x\n", 1006 ifp->if_xname, dev2unit(dev)); 1007 kn->kn_fop = &tun_write_filterops; 1008 break; 1009 1010 default: 1011 TUNDEBUG(ifp, "%s kqfilter: invalid filter, minor = %#x\n", 1012 ifp->if_xname, dev2unit(dev)); 1013 splx(s); 1014 return(EINVAL); 1015 } 1016 splx(s); 1017 1018 kn->kn_hook = (caddr_t) dev; 1019 knlist_add(&tp->tun_rsel.si_note, kn, 0); 1020 1021 return (0); 1022} 1023 1024/* 1025 * Return true of there is data in the interface queue. 1026 */ 1027static int 1028tunkqread(struct knote *kn, long hint) 1029{ 1030 int ret, s; 1031 struct cdev *dev = (struct cdev *)(kn->kn_hook); 1032 struct tun_softc *tp = dev->si_drv1; 1033 struct ifnet *ifp = TUN2IFP(tp); 1034 1035 s = splimp(); 1036 if ((kn->kn_data = ifp->if_snd.ifq_len) > 0) { 1037 TUNDEBUG(ifp, 1038 "%s have data in the queue. Len = %d, minor = %#x\n", 1039 ifp->if_xname, ifp->if_snd.ifq_len, dev2unit(dev)); 1040 ret = 1; 1041 } else { 1042 TUNDEBUG(ifp, 1043 "%s waiting for data, minor = %#x\n", ifp->if_xname, 1044 dev2unit(dev)); 1045 ret = 0; 1046 } 1047 splx(s); 1048 1049 return (ret); 1050} 1051 1052/* 1053 * Always can write, always return MTU in kn->data. 1054 */ 1055static int 1056tunkqwrite(struct knote *kn, long hint) 1057{ 1058 int s; 1059 struct tun_softc *tp = ((struct cdev *)kn->kn_hook)->si_drv1; 1060 struct ifnet *ifp = TUN2IFP(tp); 1061 1062 s = splimp(); 1063 kn->kn_data = ifp->if_mtu; 1064 splx(s); 1065 1066 return (1); 1067} 1068 1069static void 1070tunkqdetach(struct knote *kn) 1071{ 1072 struct tun_softc *tp = ((struct cdev *)kn->kn_hook)->si_drv1; 1073 1074 knlist_remove(&tp->tun_rsel.si_note, kn, 0); 1075} 1076