if_tun.c revision 254020
1/* $NetBSD: if_tun.c,v 1.14 1994/06/29 06:36:25 cgd Exp $ */ 2 3/*- 4 * Copyright (c) 1988, Julian Onions <jpo@cs.nott.ac.uk> 5 * Nottingham University 1987. 6 * 7 * This source may be freely distributed, however I would be interested 8 * in any changes that are made. 9 * 10 * This driver takes packets off the IP i/f and hands them up to a 11 * user process to have its wicked way with. This driver has it's 12 * roots in a similar driver written by Phil Cockcroft (formerly) at 13 * UCL. This driver is based much more on read/write/poll mode of 14 * operation though. 15 * 16 * $FreeBSD: head/sys/net/if_tun.c 254020 2013-08-07 01:32:08Z markj $ 17 */ 18 19#include "opt_atalk.h" 20#include "opt_inet.h" 21#include "opt_inet6.h" 22#include "opt_ipx.h" 23 24#include <sys/param.h> 25#include <sys/priv.h> 26#include <sys/proc.h> 27#include <sys/systm.h> 28#include <sys/jail.h> 29#include <sys/mbuf.h> 30#include <sys/module.h> 31#include <sys/socket.h> 32#include <sys/fcntl.h> 33#include <sys/filio.h> 34#include <sys/sockio.h> 35#include <sys/ttycom.h> 36#include <sys/poll.h> 37#include <sys/selinfo.h> 38#include <sys/signalvar.h> 39#include <sys/filedesc.h> 40#include <sys/kernel.h> 41#include <sys/sysctl.h> 42#include <sys/conf.h> 43#include <sys/uio.h> 44#include <sys/malloc.h> 45#include <sys/random.h> 46 47#include <net/if.h> 48#include <net/if_clone.h> 49#include <net/if_types.h> 50#include <net/netisr.h> 51#include <net/route.h> 52#include <net/vnet.h> 53#ifdef INET 54#include <netinet/in.h> 55#endif 56#include <net/bpf.h> 57#include <net/if_tun.h> 58 59#include <sys/queue.h> 60#include <sys/condvar.h> 61 62#include <security/mac/mac_framework.h> 63 64/* 65 * tun_list is protected by global tunmtx. Other mutable fields are 66 * protected by tun->tun_mtx, or by their owning subsystem. tun_dev is 67 * static for the duration of a tunnel interface. 68 */ 69struct tun_softc { 70 TAILQ_ENTRY(tun_softc) tun_list; 71 struct cdev *tun_dev; 72 u_short tun_flags; /* misc flags */ 73#define TUN_OPEN 0x0001 74#define TUN_INITED 0x0002 75#define TUN_RCOLL 0x0004 76#define TUN_IASET 0x0008 77#define TUN_DSTADDR 0x0010 78#define TUN_LMODE 0x0020 79#define TUN_RWAIT 0x0040 80#define TUN_ASYNC 0x0080 81#define TUN_IFHEAD 0x0100 82 83#define TUN_READY (TUN_OPEN | TUN_INITED) 84 85 /* 86 * XXXRW: tun_pid is used to exclusively lock /dev/tun. Is this 87 * actually needed? Can we just return EBUSY if already open? 88 * Problem is that this involved inherent races when a tun device 89 * is handed off from one process to another, as opposed to just 90 * being slightly stale informationally. 91 */ 92 pid_t tun_pid; /* owning pid */ 93 struct ifnet *tun_ifp; /* the interface */ 94 struct sigio *tun_sigio; /* information for async I/O */ 95 struct selinfo tun_rsel; /* read select */ 96 struct mtx tun_mtx; /* protect mutable softc fields */ 97 struct cv tun_cv; /* protect against ref'd dev destroy */ 98}; 99#define TUN2IFP(sc) ((sc)->tun_ifp) 100 101#define TUNDEBUG if (tundebug) if_printf 102 103/* 104 * All mutable global variables in if_tun are locked using tunmtx, with 105 * the exception of tundebug, which is used unlocked, and tunclones, 106 * which is static after setup. 107 */ 108static struct mtx tunmtx; 109static const char tunname[] = "tun"; 110static MALLOC_DEFINE(M_TUN, tunname, "Tunnel Interface"); 111static int tundebug = 0; 112static int tundclone = 1; 113static struct clonedevs *tunclones; 114static TAILQ_HEAD(,tun_softc) tunhead = TAILQ_HEAD_INITIALIZER(tunhead); 115SYSCTL_INT(_debug, OID_AUTO, if_tun_debug, CTLFLAG_RW, &tundebug, 0, ""); 116 117SYSCTL_DECL(_net_link); 118static SYSCTL_NODE(_net_link, OID_AUTO, tun, CTLFLAG_RW, 0, 119 "IP tunnel software network interface."); 120SYSCTL_INT(_net_link_tun, OID_AUTO, devfs_cloning, CTLFLAG_RW, &tundclone, 0, 121 "Enable legacy devfs interface creation."); 122 123TUNABLE_INT("net.link.tun.devfs_cloning", &tundclone); 124 125static void tunclone(void *arg, struct ucred *cred, char *name, 126 int namelen, struct cdev **dev); 127static void tuncreate(const char *name, struct cdev *dev); 128static int tunifioctl(struct ifnet *, u_long, caddr_t); 129static void tuninit(struct ifnet *); 130static int tunmodevent(module_t, int, void *); 131static int tunoutput(struct ifnet *, struct mbuf *, 132 const struct sockaddr *, struct route *ro); 133static void tunstart(struct ifnet *); 134 135static int tun_clone_create(struct if_clone *, int, caddr_t); 136static void tun_clone_destroy(struct ifnet *); 137static struct if_clone *tun_cloner; 138 139static d_open_t tunopen; 140static d_close_t tunclose; 141static d_read_t tunread; 142static d_write_t tunwrite; 143static d_ioctl_t tunioctl; 144static d_poll_t tunpoll; 145static d_kqfilter_t tunkqfilter; 146 147static int tunkqread(struct knote *, long); 148static int tunkqwrite(struct knote *, long); 149static void tunkqdetach(struct knote *); 150 151static struct filterops tun_read_filterops = { 152 .f_isfd = 1, 153 .f_attach = NULL, 154 .f_detach = tunkqdetach, 155 .f_event = tunkqread, 156}; 157 158static struct filterops tun_write_filterops = { 159 .f_isfd = 1, 160 .f_attach = NULL, 161 .f_detach = tunkqdetach, 162 .f_event = tunkqwrite, 163}; 164 165static struct cdevsw tun_cdevsw = { 166 .d_version = D_VERSION, 167 .d_flags = D_NEEDMINOR, 168 .d_open = tunopen, 169 .d_close = tunclose, 170 .d_read = tunread, 171 .d_write = tunwrite, 172 .d_ioctl = tunioctl, 173 .d_poll = tunpoll, 174 .d_kqfilter = tunkqfilter, 175 .d_name = tunname, 176}; 177 178static int 179tun_clone_create(struct if_clone *ifc, int unit, caddr_t params) 180{ 181 struct cdev *dev; 182 int i; 183 184 /* find any existing device, or allocate new unit number */ 185 i = clone_create(&tunclones, &tun_cdevsw, &unit, &dev, 0); 186 if (i) { 187 /* No preexisting struct cdev *, create one */ 188 dev = make_dev(&tun_cdevsw, unit, 189 UID_UUCP, GID_DIALER, 0600, "%s%d", tunname, unit); 190 } 191 tuncreate(tunname, dev); 192 193 return (0); 194} 195 196static void 197tunclone(void *arg, struct ucred *cred, char *name, int namelen, 198 struct cdev **dev) 199{ 200 char devname[SPECNAMELEN + 1]; 201 int u, i, append_unit; 202 203 if (*dev != NULL) 204 return; 205 206 /* 207 * If tun cloning is enabled, only the superuser can create an 208 * interface. 209 */ 210 if (!tundclone || priv_check_cred(cred, PRIV_NET_IFCREATE, 0) != 0) 211 return; 212 213 if (strcmp(name, tunname) == 0) { 214 u = -1; 215 } else if (dev_stdclone(name, NULL, tunname, &u) != 1) 216 return; /* Don't recognise the name */ 217 if (u != -1 && u > IF_MAXUNIT) 218 return; /* Unit number too high */ 219 220 if (u == -1) 221 append_unit = 1; 222 else 223 append_unit = 0; 224 225 CURVNET_SET(CRED_TO_VNET(cred)); 226 /* find any existing device, or allocate new unit number */ 227 i = clone_create(&tunclones, &tun_cdevsw, &u, dev, 0); 228 if (i) { 229 if (append_unit) { 230 namelen = snprintf(devname, sizeof(devname), "%s%d", 231 name, u); 232 name = devname; 233 } 234 /* No preexisting struct cdev *, create one */ 235 *dev = make_dev_credf(MAKEDEV_REF, &tun_cdevsw, u, cred, 236 UID_UUCP, GID_DIALER, 0600, "%s", name); 237 } 238 239 if_clone_create(name, namelen, NULL); 240 CURVNET_RESTORE(); 241} 242 243static void 244tun_destroy(struct tun_softc *tp) 245{ 246 struct cdev *dev; 247 248 mtx_lock(&tp->tun_mtx); 249 if ((tp->tun_flags & TUN_OPEN) != 0) 250 cv_wait_unlock(&tp->tun_cv, &tp->tun_mtx); 251 else 252 mtx_unlock(&tp->tun_mtx); 253 254 CURVNET_SET(TUN2IFP(tp)->if_vnet); 255 dev = tp->tun_dev; 256 bpfdetach(TUN2IFP(tp)); 257 if_detach(TUN2IFP(tp)); 258 if_free(TUN2IFP(tp)); 259 destroy_dev(dev); 260 seldrain(&tp->tun_rsel); 261 knlist_destroy(&tp->tun_rsel.si_note); 262 mtx_destroy(&tp->tun_mtx); 263 cv_destroy(&tp->tun_cv); 264 free(tp, M_TUN); 265 CURVNET_RESTORE(); 266} 267 268static void 269tun_clone_destroy(struct ifnet *ifp) 270{ 271 struct tun_softc *tp = ifp->if_softc; 272 273 mtx_lock(&tunmtx); 274 TAILQ_REMOVE(&tunhead, tp, tun_list); 275 mtx_unlock(&tunmtx); 276 tun_destroy(tp); 277} 278 279static int 280tunmodevent(module_t mod, int type, void *data) 281{ 282 static eventhandler_tag tag; 283 struct tun_softc *tp; 284 285 switch (type) { 286 case MOD_LOAD: 287 mtx_init(&tunmtx, "tunmtx", NULL, MTX_DEF); 288 clone_setup(&tunclones); 289 tag = EVENTHANDLER_REGISTER(dev_clone, tunclone, 0, 1000); 290 if (tag == NULL) 291 return (ENOMEM); 292 tun_cloner = if_clone_simple(tunname, tun_clone_create, 293 tun_clone_destroy, 0); 294 break; 295 case MOD_UNLOAD: 296 if_clone_detach(tun_cloner); 297 EVENTHANDLER_DEREGISTER(dev_clone, tag); 298 drain_dev_clone_events(); 299 300 mtx_lock(&tunmtx); 301 while ((tp = TAILQ_FIRST(&tunhead)) != NULL) { 302 TAILQ_REMOVE(&tunhead, tp, tun_list); 303 mtx_unlock(&tunmtx); 304 tun_destroy(tp); 305 mtx_lock(&tunmtx); 306 } 307 mtx_unlock(&tunmtx); 308 clone_cleanup(&tunclones); 309 mtx_destroy(&tunmtx); 310 break; 311 default: 312 return EOPNOTSUPP; 313 } 314 return 0; 315} 316 317static moduledata_t tun_mod = { 318 "if_tun", 319 tunmodevent, 320 0 321}; 322 323DECLARE_MODULE(if_tun, tun_mod, SI_SUB_PSEUDO, SI_ORDER_ANY); 324MODULE_VERSION(if_tun, 1); 325 326static void 327tunstart(struct ifnet *ifp) 328{ 329 struct tun_softc *tp = ifp->if_softc; 330 struct mbuf *m; 331 332 TUNDEBUG(ifp,"%s starting\n", ifp->if_xname); 333 if (ALTQ_IS_ENABLED(&ifp->if_snd)) { 334 IFQ_LOCK(&ifp->if_snd); 335 IFQ_POLL_NOLOCK(&ifp->if_snd, m); 336 if (m == NULL) { 337 IFQ_UNLOCK(&ifp->if_snd); 338 return; 339 } 340 IFQ_UNLOCK(&ifp->if_snd); 341 } 342 343 mtx_lock(&tp->tun_mtx); 344 if (tp->tun_flags & TUN_RWAIT) { 345 tp->tun_flags &= ~TUN_RWAIT; 346 wakeup(tp); 347 } 348 selwakeuppri(&tp->tun_rsel, PZERO + 1); 349 KNOTE_LOCKED(&tp->tun_rsel.si_note, 0); 350 if (tp->tun_flags & TUN_ASYNC && tp->tun_sigio) { 351 mtx_unlock(&tp->tun_mtx); 352 pgsigio(&tp->tun_sigio, SIGIO, 0); 353 } else 354 mtx_unlock(&tp->tun_mtx); 355} 356 357/* XXX: should return an error code so it can fail. */ 358static void 359tuncreate(const char *name, struct cdev *dev) 360{ 361 struct tun_softc *sc; 362 struct ifnet *ifp; 363 364 dev->si_flags &= ~SI_CHEAPCLONE; 365 366 sc = malloc(sizeof(*sc), M_TUN, M_WAITOK | M_ZERO); 367 mtx_init(&sc->tun_mtx, "tun_mtx", NULL, MTX_DEF); 368 cv_init(&sc->tun_cv, "tun_condvar"); 369 sc->tun_flags = TUN_INITED; 370 sc->tun_dev = dev; 371 mtx_lock(&tunmtx); 372 TAILQ_INSERT_TAIL(&tunhead, sc, tun_list); 373 mtx_unlock(&tunmtx); 374 375 ifp = sc->tun_ifp = if_alloc(IFT_PPP); 376 if (ifp == NULL) 377 panic("%s%d: failed to if_alloc() interface.\n", 378 name, dev2unit(dev)); 379 if_initname(ifp, name, dev2unit(dev)); 380 ifp->if_mtu = TUNMTU; 381 ifp->if_ioctl = tunifioctl; 382 ifp->if_output = tunoutput; 383 ifp->if_start = tunstart; 384 ifp->if_flags = IFF_POINTOPOINT | IFF_MULTICAST; 385 ifp->if_softc = sc; 386 IFQ_SET_MAXLEN(&ifp->if_snd, ifqmaxlen); 387 ifp->if_snd.ifq_drv_maxlen = 0; 388 IFQ_SET_READY(&ifp->if_snd); 389 knlist_init_mtx(&sc->tun_rsel.si_note, &sc->tun_mtx); 390 ifp->if_capabilities |= IFCAP_LINKSTATE; 391 ifp->if_capenable |= IFCAP_LINKSTATE; 392 393 if_attach(ifp); 394 bpfattach(ifp, DLT_NULL, sizeof(u_int32_t)); 395 dev->si_drv1 = sc; 396 TUNDEBUG(ifp, "interface %s is created, minor = %#x\n", 397 ifp->if_xname, dev2unit(dev)); 398} 399 400static int 401tunopen(struct cdev *dev, int flag, int mode, struct thread *td) 402{ 403 struct ifnet *ifp; 404 struct tun_softc *tp; 405 406 /* 407 * XXXRW: Non-atomic test and set of dev->si_drv1 requires 408 * synchronization. 409 */ 410 tp = dev->si_drv1; 411 if (!tp) { 412 tuncreate(tunname, dev); 413 tp = dev->si_drv1; 414 } 415 416 /* 417 * XXXRW: This use of tun_pid is subject to error due to the 418 * fact that a reference to the tunnel can live beyond the 419 * death of the process that created it. Can we replace this 420 * with a simple busy flag? 421 */ 422 mtx_lock(&tp->tun_mtx); 423 if (tp->tun_pid != 0 && tp->tun_pid != td->td_proc->p_pid) { 424 mtx_unlock(&tp->tun_mtx); 425 return (EBUSY); 426 } 427 tp->tun_pid = td->td_proc->p_pid; 428 429 tp->tun_flags |= TUN_OPEN; 430 ifp = TUN2IFP(tp); 431 if_link_state_change(ifp, LINK_STATE_UP); 432 TUNDEBUG(ifp, "open\n"); 433 mtx_unlock(&tp->tun_mtx); 434 435 return (0); 436} 437 438/* 439 * tunclose - close the device - mark i/f down & delete 440 * routing info 441 */ 442static int 443tunclose(struct cdev *dev, int foo, int bar, struct thread *td) 444{ 445 struct tun_softc *tp; 446 struct ifnet *ifp; 447 448 tp = dev->si_drv1; 449 ifp = TUN2IFP(tp); 450 451 mtx_lock(&tp->tun_mtx); 452 tp->tun_flags &= ~TUN_OPEN; 453 tp->tun_pid = 0; 454 455 /* 456 * junk all pending output 457 */ 458 CURVNET_SET(ifp->if_vnet); 459 IFQ_PURGE(&ifp->if_snd); 460 461 if (ifp->if_flags & IFF_UP) { 462 mtx_unlock(&tp->tun_mtx); 463 if_down(ifp); 464 mtx_lock(&tp->tun_mtx); 465 } 466 467 /* Delete all addresses and routes which reference this interface. */ 468 if (ifp->if_drv_flags & IFF_DRV_RUNNING) { 469 struct ifaddr *ifa; 470 471 ifp->if_drv_flags &= ~IFF_DRV_RUNNING; 472 mtx_unlock(&tp->tun_mtx); 473 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) { 474 /* deal w/IPv4 PtP destination; unlocked read */ 475 if (ifa->ifa_addr->sa_family == AF_INET) { 476 rtinit(ifa, (int)RTM_DELETE, 477 tp->tun_flags & TUN_DSTADDR ? RTF_HOST : 0); 478 } else { 479 rtinit(ifa, (int)RTM_DELETE, 0); 480 } 481 } 482 if_purgeaddrs(ifp); 483 mtx_lock(&tp->tun_mtx); 484 } 485 if_link_state_change(ifp, LINK_STATE_DOWN); 486 CURVNET_RESTORE(); 487 488 funsetown(&tp->tun_sigio); 489 selwakeuppri(&tp->tun_rsel, PZERO + 1); 490 KNOTE_LOCKED(&tp->tun_rsel.si_note, 0); 491 TUNDEBUG (ifp, "closed\n"); 492 493 cv_broadcast(&tp->tun_cv); 494 mtx_unlock(&tp->tun_mtx); 495 return (0); 496} 497 498static void 499tuninit(struct ifnet *ifp) 500{ 501 struct tun_softc *tp = ifp->if_softc; 502#ifdef INET 503 struct ifaddr *ifa; 504#endif 505 506 TUNDEBUG(ifp, "tuninit\n"); 507 508 mtx_lock(&tp->tun_mtx); 509 ifp->if_flags |= IFF_UP; 510 ifp->if_drv_flags |= IFF_DRV_RUNNING; 511 getmicrotime(&ifp->if_lastchange); 512 513#ifdef INET 514 if_addr_rlock(ifp); 515 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) { 516 if (ifa->ifa_addr->sa_family == AF_INET) { 517 struct sockaddr_in *si; 518 519 si = (struct sockaddr_in *)ifa->ifa_addr; 520 if (si->sin_addr.s_addr) 521 tp->tun_flags |= TUN_IASET; 522 523 si = (struct sockaddr_in *)ifa->ifa_dstaddr; 524 if (si && si->sin_addr.s_addr) 525 tp->tun_flags |= TUN_DSTADDR; 526 } 527 } 528 if_addr_runlock(ifp); 529#endif 530 mtx_unlock(&tp->tun_mtx); 531} 532 533/* 534 * Process an ioctl request. 535 */ 536static int 537tunifioctl(struct ifnet *ifp, u_long cmd, caddr_t data) 538{ 539 struct ifreq *ifr = (struct ifreq *)data; 540 struct tun_softc *tp = ifp->if_softc; 541 struct ifstat *ifs; 542 int error = 0; 543 544 switch(cmd) { 545 case SIOCGIFSTATUS: 546 ifs = (struct ifstat *)data; 547 mtx_lock(&tp->tun_mtx); 548 if (tp->tun_pid) 549 sprintf(ifs->ascii + strlen(ifs->ascii), 550 "\tOpened by PID %d\n", tp->tun_pid); 551 mtx_unlock(&tp->tun_mtx); 552 break; 553 case SIOCSIFADDR: 554 tuninit(ifp); 555 TUNDEBUG(ifp, "address set\n"); 556 break; 557 case SIOCSIFDSTADDR: 558 tuninit(ifp); 559 TUNDEBUG(ifp, "destination address set\n"); 560 break; 561 case SIOCSIFMTU: 562 ifp->if_mtu = ifr->ifr_mtu; 563 TUNDEBUG(ifp, "mtu set\n"); 564 break; 565 case SIOCSIFFLAGS: 566 case SIOCADDMULTI: 567 case SIOCDELMULTI: 568 break; 569 default: 570 error = EINVAL; 571 } 572 return (error); 573} 574 575/* 576 * tunoutput - queue packets from higher level ready to put out. 577 */ 578static int 579tunoutput(struct ifnet *ifp, struct mbuf *m0, const struct sockaddr *dst, 580 struct route *ro) 581{ 582 struct tun_softc *tp = ifp->if_softc; 583 u_short cached_tun_flags; 584 int error; 585 u_int32_t af; 586 587 TUNDEBUG (ifp, "tunoutput\n"); 588 589#ifdef MAC 590 error = mac_ifnet_check_transmit(ifp, m0); 591 if (error) { 592 m_freem(m0); 593 return (error); 594 } 595#endif 596 597 /* Could be unlocked read? */ 598 mtx_lock(&tp->tun_mtx); 599 cached_tun_flags = tp->tun_flags; 600 mtx_unlock(&tp->tun_mtx); 601 if ((cached_tun_flags & TUN_READY) != TUN_READY) { 602 TUNDEBUG (ifp, "not ready 0%o\n", tp->tun_flags); 603 m_freem (m0); 604 return (EHOSTDOWN); 605 } 606 607 if ((ifp->if_flags & IFF_UP) != IFF_UP) { 608 m_freem (m0); 609 return (EHOSTDOWN); 610 } 611 612 /* BPF writes need to be handled specially. */ 613 if (dst->sa_family == AF_UNSPEC) 614 bcopy(dst->sa_data, &af, sizeof(af)); 615 else 616 af = dst->sa_family; 617 618 if (bpf_peers_present(ifp->if_bpf)) 619 bpf_mtap2(ifp->if_bpf, &af, sizeof(af), m0); 620 621 /* prepend sockaddr? this may abort if the mbuf allocation fails */ 622 if (cached_tun_flags & TUN_LMODE) { 623 /* allocate space for sockaddr */ 624 M_PREPEND(m0, dst->sa_len, M_NOWAIT); 625 626 /* if allocation failed drop packet */ 627 if (m0 == NULL) { 628 ifp->if_iqdrops++; 629 ifp->if_oerrors++; 630 return (ENOBUFS); 631 } else { 632 bcopy(dst, m0->m_data, dst->sa_len); 633 } 634 } 635 636 if (cached_tun_flags & TUN_IFHEAD) { 637 /* Prepend the address family */ 638 M_PREPEND(m0, 4, M_NOWAIT); 639 640 /* if allocation failed drop packet */ 641 if (m0 == NULL) { 642 ifp->if_iqdrops++; 643 ifp->if_oerrors++; 644 return (ENOBUFS); 645 } else 646 *(u_int32_t *)m0->m_data = htonl(af); 647 } else { 648#ifdef INET 649 if (af != AF_INET) 650#endif 651 { 652 m_freem(m0); 653 return (EAFNOSUPPORT); 654 } 655 } 656 657 error = (ifp->if_transmit)(ifp, m0); 658 if (error) 659 return (ENOBUFS); 660 ifp->if_opackets++; 661 return (0); 662} 663 664/* 665 * the cdevsw interface is now pretty minimal. 666 */ 667static int 668tunioctl(struct cdev *dev, u_long cmd, caddr_t data, int flag, 669 struct thread *td) 670{ 671 int error; 672 struct tun_softc *tp = dev->si_drv1; 673 struct tuninfo *tunp; 674 675 switch (cmd) { 676 case TUNSIFINFO: 677 tunp = (struct tuninfo *)data; 678 if (tunp->mtu < IF_MINMTU) 679 return (EINVAL); 680 if (TUN2IFP(tp)->if_mtu != tunp->mtu) { 681 error = priv_check(td, PRIV_NET_SETIFMTU); 682 if (error) 683 return (error); 684 } 685 mtx_lock(&tp->tun_mtx); 686 TUN2IFP(tp)->if_mtu = tunp->mtu; 687 TUN2IFP(tp)->if_type = tunp->type; 688 TUN2IFP(tp)->if_baudrate = tunp->baudrate; 689 mtx_unlock(&tp->tun_mtx); 690 break; 691 case TUNGIFINFO: 692 tunp = (struct tuninfo *)data; 693 mtx_lock(&tp->tun_mtx); 694 tunp->mtu = TUN2IFP(tp)->if_mtu; 695 tunp->type = TUN2IFP(tp)->if_type; 696 tunp->baudrate = TUN2IFP(tp)->if_baudrate; 697 mtx_unlock(&tp->tun_mtx); 698 break; 699 case TUNSDEBUG: 700 tundebug = *(int *)data; 701 break; 702 case TUNGDEBUG: 703 *(int *)data = tundebug; 704 break; 705 case TUNSLMODE: 706 mtx_lock(&tp->tun_mtx); 707 if (*(int *)data) { 708 tp->tun_flags |= TUN_LMODE; 709 tp->tun_flags &= ~TUN_IFHEAD; 710 } else 711 tp->tun_flags &= ~TUN_LMODE; 712 mtx_unlock(&tp->tun_mtx); 713 break; 714 case TUNSIFHEAD: 715 mtx_lock(&tp->tun_mtx); 716 if (*(int *)data) { 717 tp->tun_flags |= TUN_IFHEAD; 718 tp->tun_flags &= ~TUN_LMODE; 719 } else 720 tp->tun_flags &= ~TUN_IFHEAD; 721 mtx_unlock(&tp->tun_mtx); 722 break; 723 case TUNGIFHEAD: 724 mtx_lock(&tp->tun_mtx); 725 *(int *)data = (tp->tun_flags & TUN_IFHEAD) ? 1 : 0; 726 mtx_unlock(&tp->tun_mtx); 727 break; 728 case TUNSIFMODE: 729 /* deny this if UP */ 730 if (TUN2IFP(tp)->if_flags & IFF_UP) 731 return(EBUSY); 732 733 switch (*(int *)data & ~IFF_MULTICAST) { 734 case IFF_POINTOPOINT: 735 case IFF_BROADCAST: 736 mtx_lock(&tp->tun_mtx); 737 TUN2IFP(tp)->if_flags &= 738 ~(IFF_BROADCAST|IFF_POINTOPOINT|IFF_MULTICAST); 739 TUN2IFP(tp)->if_flags |= *(int *)data; 740 mtx_unlock(&tp->tun_mtx); 741 break; 742 default: 743 return(EINVAL); 744 } 745 break; 746 case TUNSIFPID: 747 mtx_lock(&tp->tun_mtx); 748 tp->tun_pid = curthread->td_proc->p_pid; 749 mtx_unlock(&tp->tun_mtx); 750 break; 751 case FIONBIO: 752 break; 753 case FIOASYNC: 754 mtx_lock(&tp->tun_mtx); 755 if (*(int *)data) 756 tp->tun_flags |= TUN_ASYNC; 757 else 758 tp->tun_flags &= ~TUN_ASYNC; 759 mtx_unlock(&tp->tun_mtx); 760 break; 761 case FIONREAD: 762 if (!IFQ_IS_EMPTY(&TUN2IFP(tp)->if_snd)) { 763 struct mbuf *mb; 764 IFQ_LOCK(&TUN2IFP(tp)->if_snd); 765 IFQ_POLL_NOLOCK(&TUN2IFP(tp)->if_snd, mb); 766 for (*(int *)data = 0; mb != NULL; mb = mb->m_next) 767 *(int *)data += mb->m_len; 768 IFQ_UNLOCK(&TUN2IFP(tp)->if_snd); 769 } else 770 *(int *)data = 0; 771 break; 772 case FIOSETOWN: 773 return (fsetown(*(int *)data, &tp->tun_sigio)); 774 775 case FIOGETOWN: 776 *(int *)data = fgetown(&tp->tun_sigio); 777 return (0); 778 779 /* This is deprecated, FIOSETOWN should be used instead. */ 780 case TIOCSPGRP: 781 return (fsetown(-(*(int *)data), &tp->tun_sigio)); 782 783 /* This is deprecated, FIOGETOWN should be used instead. */ 784 case TIOCGPGRP: 785 *(int *)data = -fgetown(&tp->tun_sigio); 786 return (0); 787 788 default: 789 return (ENOTTY); 790 } 791 return (0); 792} 793 794/* 795 * The cdevsw read interface - reads a packet at a time, or at 796 * least as much of a packet as can be read. 797 */ 798static int 799tunread(struct cdev *dev, struct uio *uio, int flag) 800{ 801 struct tun_softc *tp = dev->si_drv1; 802 struct ifnet *ifp = TUN2IFP(tp); 803 struct mbuf *m; 804 int error=0, len; 805 806 TUNDEBUG (ifp, "read\n"); 807 mtx_lock(&tp->tun_mtx); 808 if ((tp->tun_flags & TUN_READY) != TUN_READY) { 809 mtx_unlock(&tp->tun_mtx); 810 TUNDEBUG (ifp, "not ready 0%o\n", tp->tun_flags); 811 return (EHOSTDOWN); 812 } 813 814 tp->tun_flags &= ~TUN_RWAIT; 815 816 do { 817 IFQ_DEQUEUE(&ifp->if_snd, m); 818 if (m == NULL) { 819 if (flag & O_NONBLOCK) { 820 mtx_unlock(&tp->tun_mtx); 821 return (EWOULDBLOCK); 822 } 823 tp->tun_flags |= TUN_RWAIT; 824 error = mtx_sleep(tp, &tp->tun_mtx, PCATCH | (PZERO + 1), 825 "tunread", 0); 826 if (error != 0) { 827 mtx_unlock(&tp->tun_mtx); 828 return (error); 829 } 830 } 831 } while (m == NULL); 832 mtx_unlock(&tp->tun_mtx); 833 834 while (m && uio->uio_resid > 0 && error == 0) { 835 len = min(uio->uio_resid, m->m_len); 836 if (len != 0) 837 error = uiomove(mtod(m, void *), len, uio); 838 m = m_free(m); 839 } 840 841 if (m) { 842 TUNDEBUG(ifp, "Dropping mbuf\n"); 843 m_freem(m); 844 } 845 return (error); 846} 847 848/* 849 * the cdevsw write interface - an atomic write is a packet - or else! 850 */ 851static int 852tunwrite(struct cdev *dev, struct uio *uio, int flag) 853{ 854 struct tun_softc *tp = dev->si_drv1; 855 struct ifnet *ifp = TUN2IFP(tp); 856 struct mbuf *m; 857 uint32_t family; 858 int isr; 859 860 TUNDEBUG(ifp, "tunwrite\n"); 861 862 if ((ifp->if_flags & IFF_UP) != IFF_UP) 863 /* ignore silently */ 864 return (0); 865 866 if (uio->uio_resid == 0) 867 return (0); 868 869 if (uio->uio_resid < 0 || uio->uio_resid > TUNMRU) { 870 TUNDEBUG(ifp, "len=%zd!\n", uio->uio_resid); 871 return (EIO); 872 } 873 874 if ((m = m_uiotombuf(uio, M_NOWAIT, 0, 0, M_PKTHDR)) == NULL) { 875 ifp->if_ierrors++; 876 return (ENOBUFS); 877 } 878 879 m->m_pkthdr.rcvif = ifp; 880#ifdef MAC 881 mac_ifnet_create_mbuf(ifp, m); 882#endif 883 884 /* Could be unlocked read? */ 885 mtx_lock(&tp->tun_mtx); 886 if (tp->tun_flags & TUN_IFHEAD) { 887 mtx_unlock(&tp->tun_mtx); 888 if (m->m_len < sizeof(family) && 889 (m = m_pullup(m, sizeof(family))) == NULL) 890 return (ENOBUFS); 891 family = ntohl(*mtod(m, u_int32_t *)); 892 m_adj(m, sizeof(family)); 893 } else { 894 mtx_unlock(&tp->tun_mtx); 895 family = AF_INET; 896 } 897 898 BPF_MTAP2(ifp, &family, sizeof(family), m); 899 900 switch (family) { 901#ifdef INET 902 case AF_INET: 903 isr = NETISR_IP; 904 break; 905#endif 906#ifdef INET6 907 case AF_INET6: 908 isr = NETISR_IPV6; 909 break; 910#endif 911#ifdef IPX 912 case AF_IPX: 913 isr = NETISR_IPX; 914 break; 915#endif 916#ifdef NETATALK 917 case AF_APPLETALK: 918 isr = NETISR_ATALK2; 919 break; 920#endif 921 default: 922 m_freem(m); 923 return (EAFNOSUPPORT); 924 } 925 /* First chunk of an mbuf contains good junk */ 926 if (harvest.point_to_point) 927 random_harvest(m, 16, 3, 0, RANDOM_NET); 928 ifp->if_ibytes += m->m_pkthdr.len; 929 ifp->if_ipackets++; 930 CURVNET_SET(ifp->if_vnet); 931 M_SETFIB(m, ifp->if_fib); 932 netisr_dispatch(isr, m); 933 CURVNET_RESTORE(); 934 return (0); 935} 936 937/* 938 * tunpoll - the poll interface, this is only useful on reads 939 * really. The write detect always returns true, write never blocks 940 * anyway, it either accepts the packet or drops it. 941 */ 942static int 943tunpoll(struct cdev *dev, int events, struct thread *td) 944{ 945 struct tun_softc *tp = dev->si_drv1; 946 struct ifnet *ifp = TUN2IFP(tp); 947 int revents = 0; 948 struct mbuf *m; 949 950 TUNDEBUG(ifp, "tunpoll\n"); 951 952 if (events & (POLLIN | POLLRDNORM)) { 953 IFQ_LOCK(&ifp->if_snd); 954 IFQ_POLL_NOLOCK(&ifp->if_snd, m); 955 if (m != NULL) { 956 TUNDEBUG(ifp, "tunpoll q=%d\n", ifp->if_snd.ifq_len); 957 revents |= events & (POLLIN | POLLRDNORM); 958 } else { 959 TUNDEBUG(ifp, "tunpoll waiting\n"); 960 selrecord(td, &tp->tun_rsel); 961 } 962 IFQ_UNLOCK(&ifp->if_snd); 963 } 964 if (events & (POLLOUT | POLLWRNORM)) 965 revents |= events & (POLLOUT | POLLWRNORM); 966 967 return (revents); 968} 969 970/* 971 * tunkqfilter - support for the kevent() system call. 972 */ 973static int 974tunkqfilter(struct cdev *dev, struct knote *kn) 975{ 976 struct tun_softc *tp = dev->si_drv1; 977 struct ifnet *ifp = TUN2IFP(tp); 978 979 switch(kn->kn_filter) { 980 case EVFILT_READ: 981 TUNDEBUG(ifp, "%s kqfilter: EVFILT_READ, minor = %#x\n", 982 ifp->if_xname, dev2unit(dev)); 983 kn->kn_fop = &tun_read_filterops; 984 break; 985 986 case EVFILT_WRITE: 987 TUNDEBUG(ifp, "%s kqfilter: EVFILT_WRITE, minor = %#x\n", 988 ifp->if_xname, dev2unit(dev)); 989 kn->kn_fop = &tun_write_filterops; 990 break; 991 992 default: 993 TUNDEBUG(ifp, "%s kqfilter: invalid filter, minor = %#x\n", 994 ifp->if_xname, dev2unit(dev)); 995 return(EINVAL); 996 } 997 998 kn->kn_hook = tp; 999 knlist_add(&tp->tun_rsel.si_note, kn, 0); 1000 1001 return (0); 1002} 1003 1004/* 1005 * Return true of there is data in the interface queue. 1006 */ 1007static int 1008tunkqread(struct knote *kn, long hint) 1009{ 1010 int ret; 1011 struct tun_softc *tp = kn->kn_hook; 1012 struct cdev *dev = tp->tun_dev; 1013 struct ifnet *ifp = TUN2IFP(tp); 1014 1015 if ((kn->kn_data = ifp->if_snd.ifq_len) > 0) { 1016 TUNDEBUG(ifp, 1017 "%s have data in the queue. Len = %d, minor = %#x\n", 1018 ifp->if_xname, ifp->if_snd.ifq_len, dev2unit(dev)); 1019 ret = 1; 1020 } else { 1021 TUNDEBUG(ifp, 1022 "%s waiting for data, minor = %#x\n", ifp->if_xname, 1023 dev2unit(dev)); 1024 ret = 0; 1025 } 1026 1027 return (ret); 1028} 1029 1030/* 1031 * Always can write, always return MTU in kn->data. 1032 */ 1033static int 1034tunkqwrite(struct knote *kn, long hint) 1035{ 1036 struct tun_softc *tp = kn->kn_hook; 1037 struct ifnet *ifp = TUN2IFP(tp); 1038 1039 kn->kn_data = ifp->if_mtu; 1040 1041 return (1); 1042} 1043 1044static void 1045tunkqdetach(struct knote *kn) 1046{ 1047 struct tun_softc *tp = kn->kn_hook; 1048 1049 knlist_remove(&tp->tun_rsel.si_note, kn, 0); 1050} 1051