if_tun.c revision 172930
1/* $NetBSD: if_tun.c,v 1.14 1994/06/29 06:36:25 cgd Exp $ */ 2 3/*- 4 * Copyright (c) 1988, Julian Onions <jpo@cs.nott.ac.uk> 5 * Nottingham University 1987. 6 * 7 * This source may be freely distributed, however I would be interested 8 * in any changes that are made. 9 * 10 * This driver takes packets off the IP i/f and hands them up to a 11 * user process to have its wicked way with. This driver has it's 12 * roots in a similar driver written by Phil Cockcroft (formerly) at 13 * UCL. This driver is based much more on read/write/poll mode of 14 * operation though. 15 * 16 * $FreeBSD: head/sys/net/if_tun.c 172930 2007-10-24 19:04:04Z rwatson $ 17 */ 18 19#include "opt_atalk.h" 20#include "opt_inet.h" 21#include "opt_inet6.h" 22#include "opt_ipx.h" 23#include "opt_mac.h" 24 25#include <sys/param.h> 26#include <sys/priv.h> 27#include <sys/proc.h> 28#include <sys/systm.h> 29#include <sys/mbuf.h> 30#include <sys/module.h> 31#include <sys/socket.h> 32#include <sys/fcntl.h> 33#include <sys/filio.h> 34#include <sys/sockio.h> 35#include <sys/ttycom.h> 36#include <sys/poll.h> 37#include <sys/selinfo.h> 38#include <sys/signalvar.h> 39#include <sys/filedesc.h> 40#include <sys/kernel.h> 41#include <sys/sysctl.h> 42#include <sys/conf.h> 43#include <sys/uio.h> 44#include <sys/malloc.h> 45#include <sys/random.h> 46 47#include <net/if.h> 48#include <net/if_clone.h> 49#include <net/if_types.h> 50#include <net/netisr.h> 51#include <net/route.h> 52#ifdef INET 53#include <netinet/in.h> 54#endif 55#include <net/bpf.h> 56#include <net/if_tun.h> 57 58#include <sys/queue.h> 59 60#include <security/mac/mac_framework.h> 61 62/* 63 * tun_list is protected by global tunmtx. Other mutable fields are 64 * protected by tun->tun_mtx, or by their owning subsystem. tun_dev is 65 * static for the duration of a tunnel interface. 66 */ 67struct tun_softc { 68 TAILQ_ENTRY(tun_softc) tun_list; 69 struct cdev *tun_dev; 70 u_short tun_flags; /* misc flags */ 71#define TUN_OPEN 0x0001 72#define TUN_INITED 0x0002 73#define TUN_RCOLL 0x0004 74#define TUN_IASET 0x0008 75#define TUN_DSTADDR 0x0010 76#define TUN_LMODE 0x0020 77#define TUN_RWAIT 0x0040 78#define TUN_ASYNC 0x0080 79#define TUN_IFHEAD 0x0100 80 81#define TUN_READY (TUN_OPEN | TUN_INITED) 82 83 /* 84 * XXXRW: tun_pid is used to exclusively lock /dev/tun. Is this 85 * actually needed? Can we just return EBUSY if already open? 86 * Problem is that this involved inherent races when a tun device 87 * is handed off from one process to another, as opposed to just 88 * being slightly stale informationally. 89 */ 90 pid_t tun_pid; /* owning pid */ 91 struct ifnet *tun_ifp; /* the interface */ 92 struct sigio *tun_sigio; /* information for async I/O */ 93 struct selinfo tun_rsel; /* read select */ 94 struct mtx tun_mtx; /* protect mutable softc fields */ 95}; 96#define TUN2IFP(sc) ((sc)->tun_ifp) 97 98#define TUNDEBUG if (tundebug) if_printf 99#define TUNNAME "tun" 100 101/* 102 * All mutable global variables in if_tun are locked using tunmtx, with 103 * the exception of tundebug, which is used unlocked, and tunclones, 104 * which is static after setup. 105 */ 106static struct mtx tunmtx; 107static MALLOC_DEFINE(M_TUN, TUNNAME, "Tunnel Interface"); 108static int tundebug = 0; 109static int tundclone = 1; 110static struct clonedevs *tunclones; 111static TAILQ_HEAD(,tun_softc) tunhead = TAILQ_HEAD_INITIALIZER(tunhead); 112SYSCTL_INT(_debug, OID_AUTO, if_tun_debug, CTLFLAG_RW, &tundebug, 0, ""); 113 114SYSCTL_DECL(_net_link); 115SYSCTL_NODE(_net_link, OID_AUTO, tun, CTLFLAG_RW, 0, 116 "IP tunnel software network interface."); 117SYSCTL_INT(_net_link_tun, OID_AUTO, devfs_cloning, CTLFLAG_RW, &tundclone, 0, 118 "Enable legacy devfs interface creation."); 119 120TUNABLE_INT("net.link.tun.devfs_cloning", &tundclone); 121 122static void tunclone(void *arg, struct ucred *cred, char *name, 123 int namelen, struct cdev **dev); 124static void tuncreate(const char *name, struct cdev *dev); 125static int tunifioctl(struct ifnet *, u_long, caddr_t); 126static int tuninit(struct ifnet *); 127static int tunmodevent(module_t, int, void *); 128static int tunoutput(struct ifnet *, struct mbuf *, struct sockaddr *, 129 struct rtentry *rt); 130static void tunstart(struct ifnet *); 131 132static int tun_clone_create(struct if_clone *, int, caddr_t); 133static void tun_clone_destroy(struct ifnet *); 134 135IFC_SIMPLE_DECLARE(tun, 0); 136 137static d_open_t tunopen; 138static d_close_t tunclose; 139static d_read_t tunread; 140static d_write_t tunwrite; 141static d_ioctl_t tunioctl; 142static d_poll_t tunpoll; 143static d_kqfilter_t tunkqfilter; 144 145static int tunkqread(struct knote *, long); 146static int tunkqwrite(struct knote *, long); 147static void tunkqdetach(struct knote *); 148 149static struct filterops tun_read_filterops = { 150 .f_isfd = 1, 151 .f_attach = NULL, 152 .f_detach = tunkqdetach, 153 .f_event = tunkqread, 154}; 155 156static struct filterops tun_write_filterops = { 157 .f_isfd = 1, 158 .f_attach = NULL, 159 .f_detach = tunkqdetach, 160 .f_event = tunkqwrite, 161}; 162 163static struct cdevsw tun_cdevsw = { 164 .d_version = D_VERSION, 165 .d_flags = D_PSEUDO | D_NEEDGIANT, 166 .d_open = tunopen, 167 .d_close = tunclose, 168 .d_read = tunread, 169 .d_write = tunwrite, 170 .d_ioctl = tunioctl, 171 .d_poll = tunpoll, 172 .d_kqfilter = tunkqfilter, 173 .d_name = TUNNAME, 174}; 175 176static int 177tun_clone_create(struct if_clone *ifc, int unit, caddr_t params) 178{ 179 struct cdev *dev; 180 int i; 181 182 /* find any existing device, or allocate new unit number */ 183 i = clone_create(&tunclones, &tun_cdevsw, &unit, &dev, 0); 184 if (i) { 185 /* No preexisting struct cdev *, create one */ 186 dev = make_dev(&tun_cdevsw, unit2minor(unit), 187 UID_UUCP, GID_DIALER, 0600, "%s%d", ifc->ifc_name, unit); 188 if (dev != NULL) { 189 dev_ref(dev); 190 dev->si_flags |= SI_CHEAPCLONE; 191 } 192 } 193 tuncreate(ifc->ifc_name, dev); 194 195 return (0); 196} 197 198static void 199tunclone(void *arg, struct ucred *cred, char *name, int namelen, 200 struct cdev **dev) 201{ 202 char devname[SPECNAMELEN + 1]; 203 int u, i, append_unit; 204 205 if (*dev != NULL) 206 return; 207 208 /* 209 * If tun cloning is enabled, only the superuser can create an 210 * interface. 211 */ 212 if (!tundclone || priv_check_cred(cred, PRIV_NET_IFCREATE, 0) != 0) 213 return; 214 215 if (strcmp(name, TUNNAME) == 0) { 216 u = -1; 217 } else if (dev_stdclone(name, NULL, TUNNAME, &u) != 1) 218 return; /* Don't recognise the name */ 219 if (u != -1 && u > IF_MAXUNIT) 220 return; /* Unit number too high */ 221 222 if (u == -1) 223 append_unit = 1; 224 else 225 append_unit = 0; 226 227 /* find any existing device, or allocate new unit number */ 228 i = clone_create(&tunclones, &tun_cdevsw, &u, dev, 0); 229 if (i) { 230 if (append_unit) { 231 namelen = snprintf(devname, sizeof(devname), "%s%d", name, 232 u); 233 name = devname; 234 } 235 /* No preexisting struct cdev *, create one */ 236 *dev = make_dev(&tun_cdevsw, unit2minor(u), 237 UID_UUCP, GID_DIALER, 0600, "%s", name); 238 if (*dev != NULL) { 239 dev_ref(*dev); 240 (*dev)->si_flags |= SI_CHEAPCLONE; 241 } 242 } 243 244 if_clone_create(name, namelen, NULL); 245} 246 247static void 248tun_destroy(struct tun_softc *tp) 249{ 250 struct cdev *dev; 251 252 /* Unlocked read. */ 253 KASSERT((tp->tun_flags & TUN_OPEN) == 0, 254 ("tununits is out of sync - unit %d", TUN2IFP(tp)->if_dunit)); 255 256 dev = tp->tun_dev; 257 bpfdetach(TUN2IFP(tp)); 258 if_detach(TUN2IFP(tp)); 259 if_free(TUN2IFP(tp)); 260 destroy_dev(dev); 261 knlist_destroy(&tp->tun_rsel.si_note); 262 mtx_destroy(&tp->tun_mtx); 263 free(tp, M_TUN); 264} 265 266static void 267tun_clone_destroy(struct ifnet *ifp) 268{ 269 struct tun_softc *tp = ifp->if_softc; 270 271 mtx_lock(&tunmtx); 272 TAILQ_REMOVE(&tunhead, tp, tun_list); 273 mtx_unlock(&tunmtx); 274 tun_destroy(tp); 275} 276 277static int 278tunmodevent(module_t mod, int type, void *data) 279{ 280 static eventhandler_tag tag; 281 struct tun_softc *tp; 282 283 switch (type) { 284 case MOD_LOAD: 285 mtx_init(&tunmtx, "tunmtx", NULL, MTX_DEF); 286 clone_setup(&tunclones); 287 tag = EVENTHANDLER_REGISTER(dev_clone, tunclone, 0, 1000); 288 if (tag == NULL) 289 return (ENOMEM); 290 if_clone_attach(&tun_cloner); 291 break; 292 case MOD_UNLOAD: 293 if_clone_detach(&tun_cloner); 294 EVENTHANDLER_DEREGISTER(dev_clone, tag); 295 296 mtx_lock(&tunmtx); 297 while ((tp = TAILQ_FIRST(&tunhead)) != NULL) { 298 TAILQ_REMOVE(&tunhead, tp, tun_list); 299 mtx_unlock(&tunmtx); 300 tun_destroy(tp); 301 mtx_lock(&tunmtx); 302 } 303 mtx_unlock(&tunmtx); 304 clone_cleanup(&tunclones); 305 mtx_destroy(&tunmtx); 306 break; 307 default: 308 return EOPNOTSUPP; 309 } 310 return 0; 311} 312 313static moduledata_t tun_mod = { 314 "if_tun", 315 tunmodevent, 316 0 317}; 318 319DECLARE_MODULE(if_tun, tun_mod, SI_SUB_PSEUDO, SI_ORDER_ANY); 320 321static void 322tunstart(struct ifnet *ifp) 323{ 324 struct tun_softc *tp = ifp->if_softc; 325 struct mbuf *m; 326 327 TUNDEBUG(ifp,"%s starting\n", ifp->if_xname); 328 if (ALTQ_IS_ENABLED(&ifp->if_snd)) { 329 IFQ_LOCK(&ifp->if_snd); 330 IFQ_POLL_NOLOCK(&ifp->if_snd, m); 331 if (m == NULL) { 332 IFQ_UNLOCK(&ifp->if_snd); 333 return; 334 } 335 IFQ_UNLOCK(&ifp->if_snd); 336 } 337 338 mtx_lock(&tp->tun_mtx); 339 if (tp->tun_flags & TUN_RWAIT) { 340 tp->tun_flags &= ~TUN_RWAIT; 341 wakeup(tp); 342 } 343 if (tp->tun_flags & TUN_ASYNC && tp->tun_sigio) { 344 mtx_unlock(&tp->tun_mtx); 345 pgsigio(&tp->tun_sigio, SIGIO, 0); 346 } else 347 mtx_unlock(&tp->tun_mtx); 348 selwakeuppri(&tp->tun_rsel, PZERO + 1); 349 KNOTE_UNLOCKED(&tp->tun_rsel.si_note, 0); 350} 351 352/* XXX: should return an error code so it can fail. */ 353static void 354tuncreate(const char *name, struct cdev *dev) 355{ 356 struct tun_softc *sc; 357 struct ifnet *ifp; 358 359 dev->si_flags &= ~SI_CHEAPCLONE; 360 361 MALLOC(sc, struct tun_softc *, sizeof(*sc), M_TUN, M_WAITOK | M_ZERO); 362 mtx_init(&sc->tun_mtx, "tun_mtx", NULL, MTX_DEF); 363 sc->tun_flags = TUN_INITED; 364 sc->tun_dev = dev; 365 mtx_lock(&tunmtx); 366 TAILQ_INSERT_TAIL(&tunhead, sc, tun_list); 367 mtx_unlock(&tunmtx); 368 369 ifp = sc->tun_ifp = if_alloc(IFT_PPP); 370 if (ifp == NULL) 371 panic("%s%d: failed to if_alloc() interface.\n", 372 name, dev2unit(dev)); 373 if_initname(ifp, name, dev2unit(dev)); 374 ifp->if_mtu = TUNMTU; 375 ifp->if_ioctl = tunifioctl; 376 ifp->if_output = tunoutput; 377 ifp->if_start = tunstart; 378 ifp->if_flags = IFF_POINTOPOINT | IFF_MULTICAST; 379 ifp->if_softc = sc; 380 IFQ_SET_MAXLEN(&ifp->if_snd, ifqmaxlen); 381 ifp->if_snd.ifq_drv_maxlen = 0; 382 IFQ_SET_READY(&ifp->if_snd); 383 knlist_init(&sc->tun_rsel.si_note, NULL, NULL, NULL, NULL); 384 385 if_attach(ifp); 386 bpfattach(ifp, DLT_NULL, sizeof(u_int32_t)); 387 dev->si_drv1 = sc; 388 TUNDEBUG(ifp, "interface %s is created, minor = %#x\n", 389 ifp->if_xname, minor(dev)); 390} 391 392static int 393tunopen(struct cdev *dev, int flag, int mode, struct thread *td) 394{ 395 struct ifnet *ifp; 396 struct tun_softc *tp; 397 398 /* 399 * XXXRW: Non-atomic test and set of dev->si_drv1 requires 400 * synchronization. 401 */ 402 tp = dev->si_drv1; 403 if (!tp) { 404 tuncreate(TUNNAME, dev); 405 tp = dev->si_drv1; 406 } 407 408 /* 409 * XXXRW: This use of tun_pid is subject to error due to the 410 * fact that a reference to the tunnel can live beyond the 411 * death of the process that created it. Can we replace this 412 * with a simple busy flag? 413 */ 414 mtx_lock(&tp->tun_mtx); 415 if (tp->tun_pid != 0 && tp->tun_pid != td->td_proc->p_pid) { 416 mtx_unlock(&tp->tun_mtx); 417 return (EBUSY); 418 } 419 tp->tun_pid = td->td_proc->p_pid; 420 421 tp->tun_flags |= TUN_OPEN; 422 mtx_unlock(&tp->tun_mtx); 423 ifp = TUN2IFP(tp); 424 TUNDEBUG(ifp, "open\n"); 425 426 return (0); 427} 428 429/* 430 * tunclose - close the device - mark i/f down & delete 431 * routing info 432 */ 433static int 434tunclose(struct cdev *dev, int foo, int bar, struct thread *td) 435{ 436 struct tun_softc *tp; 437 struct ifnet *ifp; 438 int s; 439 440 tp = dev->si_drv1; 441 ifp = TUN2IFP(tp); 442 443 mtx_lock(&tp->tun_mtx); 444 tp->tun_flags &= ~TUN_OPEN; 445 tp->tun_pid = 0; 446 447 /* 448 * junk all pending output 449 */ 450 s = splimp(); 451 IFQ_PURGE(&ifp->if_snd); 452 splx(s); 453 mtx_unlock(&tp->tun_mtx); 454 455 if (ifp->if_flags & IFF_UP) { 456 s = splimp(); 457 if_down(ifp); 458 splx(s); 459 } 460 461 /* Delete all addresses and routes which reference this interface. */ 462 if (ifp->if_drv_flags & IFF_DRV_RUNNING) { 463 struct ifaddr *ifa; 464 465 s = splimp(); 466 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) { 467 /* deal w/IPv4 PtP destination; unlocked read */ 468 if (ifa->ifa_addr->sa_family == AF_INET) { 469 rtinit(ifa, (int)RTM_DELETE, 470 tp->tun_flags & TUN_DSTADDR ? RTF_HOST : 0); 471 } else { 472 rtinit(ifa, (int)RTM_DELETE, 0); 473 } 474 } 475 if_purgeaddrs(ifp); 476 ifp->if_drv_flags &= ~IFF_DRV_RUNNING; 477 splx(s); 478 } 479 480 funsetown(&tp->tun_sigio); 481 selwakeuppri(&tp->tun_rsel, PZERO + 1); 482 KNOTE_UNLOCKED(&tp->tun_rsel.si_note, 0); 483 TUNDEBUG (ifp, "closed\n"); 484 return (0); 485} 486 487static int 488tuninit(struct ifnet *ifp) 489{ 490 struct tun_softc *tp = ifp->if_softc; 491 struct ifaddr *ifa; 492 int error = 0; 493 494 TUNDEBUG(ifp, "tuninit\n"); 495 496 ifp->if_flags |= IFF_UP; 497 ifp->if_drv_flags |= IFF_DRV_RUNNING; 498 getmicrotime(&ifp->if_lastchange); 499 500#ifdef INET 501 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) { 502 if (ifa->ifa_addr->sa_family == AF_INET) { 503 struct sockaddr_in *si; 504 505 si = (struct sockaddr_in *)ifa->ifa_addr; 506 mtx_lock(&tp->tun_mtx); 507 if (si->sin_addr.s_addr) 508 tp->tun_flags |= TUN_IASET; 509 510 si = (struct sockaddr_in *)ifa->ifa_dstaddr; 511 if (si && si->sin_addr.s_addr) 512 tp->tun_flags |= TUN_DSTADDR; 513 mtx_unlock(&tp->tun_mtx); 514 } 515 } 516#endif 517 return (error); 518} 519 520/* 521 * Process an ioctl request. 522 */ 523static int 524tunifioctl(struct ifnet *ifp, u_long cmd, caddr_t data) 525{ 526 struct ifreq *ifr = (struct ifreq *)data; 527 struct tun_softc *tp = ifp->if_softc; 528 struct ifstat *ifs; 529 int error = 0, s; 530 531 s = splimp(); 532 switch(cmd) { 533 case SIOCGIFSTATUS: 534 ifs = (struct ifstat *)data; 535 mtx_lock(&tp->tun_mtx); 536 if (tp->tun_pid) 537 sprintf(ifs->ascii + strlen(ifs->ascii), 538 "\tOpened by PID %d\n", tp->tun_pid); 539 mtx_unlock(&tp->tun_mtx); 540 break; 541 case SIOCSIFADDR: 542 error = tuninit(ifp); 543 TUNDEBUG(ifp, "address set, error=%d\n", error); 544 break; 545 case SIOCSIFDSTADDR: 546 error = tuninit(ifp); 547 TUNDEBUG(ifp, "destination address set, error=%d\n", error); 548 break; 549 case SIOCSIFMTU: 550 ifp->if_mtu = ifr->ifr_mtu; 551 TUNDEBUG(ifp, "mtu set\n"); 552 break; 553 case SIOCSIFFLAGS: 554 case SIOCADDMULTI: 555 case SIOCDELMULTI: 556 break; 557 default: 558 error = EINVAL; 559 } 560 splx(s); 561 return (error); 562} 563 564/* 565 * tunoutput - queue packets from higher level ready to put out. 566 */ 567static int 568tunoutput( 569 struct ifnet *ifp, 570 struct mbuf *m0, 571 struct sockaddr *dst, 572 struct rtentry *rt) 573{ 574 struct tun_softc *tp = ifp->if_softc; 575 u_short cached_tun_flags; 576 int error; 577 u_int32_t af; 578 579 TUNDEBUG (ifp, "tunoutput\n"); 580 581#ifdef MAC 582 error = mac_ifnet_check_transmit(ifp, m0); 583 if (error) { 584 m_freem(m0); 585 return (error); 586 } 587#endif 588 589 /* Could be unlocked read? */ 590 mtx_lock(&tp->tun_mtx); 591 cached_tun_flags = tp->tun_flags; 592 mtx_unlock(&tp->tun_mtx); 593 if ((cached_tun_flags & TUN_READY) != TUN_READY) { 594 TUNDEBUG (ifp, "not ready 0%o\n", tp->tun_flags); 595 m_freem (m0); 596 return (EHOSTDOWN); 597 } 598 599 if ((ifp->if_flags & IFF_UP) != IFF_UP) { 600 m_freem (m0); 601 return (EHOSTDOWN); 602 } 603 604 /* BPF writes need to be handled specially. */ 605 if (dst->sa_family == AF_UNSPEC) { 606 bcopy(dst->sa_data, &af, sizeof(af)); 607 dst->sa_family = af; 608 } 609 610 if (bpf_peers_present(ifp->if_bpf)) { 611 af = dst->sa_family; 612 bpf_mtap2(ifp->if_bpf, &af, sizeof(af), m0); 613 } 614 615 /* prepend sockaddr? this may abort if the mbuf allocation fails */ 616 if (cached_tun_flags & TUN_LMODE) { 617 /* allocate space for sockaddr */ 618 M_PREPEND(m0, dst->sa_len, M_DONTWAIT); 619 620 /* if allocation failed drop packet */ 621 if (m0 == NULL) { 622 ifp->if_iqdrops++; 623 ifp->if_oerrors++; 624 return (ENOBUFS); 625 } else { 626 bcopy(dst, m0->m_data, dst->sa_len); 627 } 628 } 629 630 if (cached_tun_flags & TUN_IFHEAD) { 631 /* Prepend the address family */ 632 M_PREPEND(m0, 4, M_DONTWAIT); 633 634 /* if allocation failed drop packet */ 635 if (m0 == NULL) { 636 ifp->if_iqdrops++; 637 ifp->if_oerrors++; 638 return (ENOBUFS); 639 } else 640 *(u_int32_t *)m0->m_data = htonl(dst->sa_family); 641 } else { 642#ifdef INET 643 if (dst->sa_family != AF_INET) 644#endif 645 { 646 m_freem(m0); 647 return (EAFNOSUPPORT); 648 } 649 } 650 651 IFQ_HANDOFF(ifp, m0, error); 652 if (error) { 653 ifp->if_collisions++; 654 return (ENOBUFS); 655 } 656 ifp->if_opackets++; 657 return (0); 658} 659 660/* 661 * the cdevsw interface is now pretty minimal. 662 */ 663static int 664tunioctl(struct cdev *dev, u_long cmd, caddr_t data, int flag, struct thread *td) 665{ 666 int s; 667 int error; 668 struct tun_softc *tp = dev->si_drv1; 669 struct tuninfo *tunp; 670 671 switch (cmd) { 672 case TUNSIFINFO: 673 tunp = (struct tuninfo *)data; 674 if (tunp->mtu < IF_MINMTU) 675 return (EINVAL); 676 if (TUN2IFP(tp)->if_mtu != tunp->mtu) { 677 error = priv_check(td, PRIV_NET_SETIFMTU); 678 if (error) 679 return (error); 680 } 681 TUN2IFP(tp)->if_mtu = tunp->mtu; 682 TUN2IFP(tp)->if_type = tunp->type; 683 TUN2IFP(tp)->if_baudrate = tunp->baudrate; 684 break; 685 case TUNGIFINFO: 686 tunp = (struct tuninfo *)data; 687 tunp->mtu = TUN2IFP(tp)->if_mtu; 688 tunp->type = TUN2IFP(tp)->if_type; 689 tunp->baudrate = TUN2IFP(tp)->if_baudrate; 690 break; 691 case TUNSDEBUG: 692 tundebug = *(int *)data; 693 break; 694 case TUNGDEBUG: 695 *(int *)data = tundebug; 696 break; 697 case TUNSLMODE: 698 mtx_lock(&tp->tun_mtx); 699 if (*(int *)data) { 700 tp->tun_flags |= TUN_LMODE; 701 tp->tun_flags &= ~TUN_IFHEAD; 702 } else 703 tp->tun_flags &= ~TUN_LMODE; 704 mtx_unlock(&tp->tun_mtx); 705 break; 706 case TUNSIFHEAD: 707 mtx_lock(&tp->tun_mtx); 708 if (*(int *)data) { 709 tp->tun_flags |= TUN_IFHEAD; 710 tp->tun_flags &= ~TUN_LMODE; 711 } else 712 tp->tun_flags &= ~TUN_IFHEAD; 713 mtx_unlock(&tp->tun_mtx); 714 break; 715 case TUNGIFHEAD: 716 /* Could be unlocked read? */ 717 mtx_lock(&tp->tun_mtx); 718 *(int *)data = (tp->tun_flags & TUN_IFHEAD) ? 1 : 0; 719 mtx_unlock(&tp->tun_mtx); 720 break; 721 case TUNSIFMODE: 722 /* deny this if UP */ 723 if (TUN2IFP(tp)->if_flags & IFF_UP) 724 return(EBUSY); 725 726 switch (*(int *)data & ~IFF_MULTICAST) { 727 case IFF_POINTOPOINT: 728 case IFF_BROADCAST: 729 TUN2IFP(tp)->if_flags &= 730 ~(IFF_BROADCAST|IFF_POINTOPOINT|IFF_MULTICAST); 731 TUN2IFP(tp)->if_flags |= *(int *)data; 732 break; 733 default: 734 return(EINVAL); 735 } 736 break; 737 case TUNSIFPID: 738 mtx_lock(&tp->tun_mtx); 739 tp->tun_pid = curthread->td_proc->p_pid; 740 mtx_unlock(&tp->tun_mtx); 741 break; 742 case FIONBIO: 743 break; 744 case FIOASYNC: 745 mtx_lock(&tp->tun_mtx); 746 if (*(int *)data) 747 tp->tun_flags |= TUN_ASYNC; 748 else 749 tp->tun_flags &= ~TUN_ASYNC; 750 mtx_unlock(&tp->tun_mtx); 751 break; 752 case FIONREAD: 753 s = splimp(); 754 if (!IFQ_IS_EMPTY(&TUN2IFP(tp)->if_snd)) { 755 struct mbuf *mb; 756 IFQ_LOCK(&TUN2IFP(tp)->if_snd); 757 IFQ_POLL_NOLOCK(&TUN2IFP(tp)->if_snd, mb); 758 for( *(int *)data = 0; mb != 0; mb = mb->m_next) 759 *(int *)data += mb->m_len; 760 IFQ_UNLOCK(&TUN2IFP(tp)->if_snd); 761 } else 762 *(int *)data = 0; 763 splx(s); 764 break; 765 case FIOSETOWN: 766 return (fsetown(*(int *)data, &tp->tun_sigio)); 767 768 case FIOGETOWN: 769 *(int *)data = fgetown(&tp->tun_sigio); 770 return (0); 771 772 /* This is deprecated, FIOSETOWN should be used instead. */ 773 case TIOCSPGRP: 774 return (fsetown(-(*(int *)data), &tp->tun_sigio)); 775 776 /* This is deprecated, FIOGETOWN should be used instead. */ 777 case TIOCGPGRP: 778 *(int *)data = -fgetown(&tp->tun_sigio); 779 return (0); 780 781 default: 782 return (ENOTTY); 783 } 784 return (0); 785} 786 787/* 788 * The cdevsw read interface - reads a packet at a time, or at 789 * least as much of a packet as can be read. 790 */ 791static int 792tunread(struct cdev *dev, struct uio *uio, int flag) 793{ 794 struct tun_softc *tp = dev->si_drv1; 795 struct ifnet *ifp = TUN2IFP(tp); 796 struct mbuf *m; 797 int error=0, len, s; 798 799 TUNDEBUG (ifp, "read\n"); 800 mtx_lock(&tp->tun_mtx); 801 if ((tp->tun_flags & TUN_READY) != TUN_READY) { 802 mtx_unlock(&tp->tun_mtx); 803 TUNDEBUG (ifp, "not ready 0%o\n", tp->tun_flags); 804 return (EHOSTDOWN); 805 } 806 807 tp->tun_flags &= ~TUN_RWAIT; 808 mtx_unlock(&tp->tun_mtx); 809 810 s = splimp(); 811 do { 812 IFQ_DEQUEUE(&ifp->if_snd, m); 813 if (m == NULL) { 814 if (flag & O_NONBLOCK) { 815 splx(s); 816 return (EWOULDBLOCK); 817 } 818 mtx_lock(&tp->tun_mtx); 819 tp->tun_flags |= TUN_RWAIT; 820 mtx_unlock(&tp->tun_mtx); 821 if ((error = tsleep(tp, PCATCH | (PZERO + 1), 822 "tunread", 0)) != 0) { 823 splx(s); 824 return (error); 825 } 826 } 827 } while (m == NULL); 828 splx(s); 829 830 while (m && uio->uio_resid > 0 && error == 0) { 831 len = min(uio->uio_resid, m->m_len); 832 if (len != 0) 833 error = uiomove(mtod(m, void *), len, uio); 834 m = m_free(m); 835 } 836 837 if (m) { 838 TUNDEBUG(ifp, "Dropping mbuf\n"); 839 m_freem(m); 840 } 841 return (error); 842} 843 844/* 845 * the cdevsw write interface - an atomic write is a packet - or else! 846 */ 847static int 848tunwrite(struct cdev *dev, struct uio *uio, int flag) 849{ 850 struct tun_softc *tp = dev->si_drv1; 851 struct ifnet *ifp = TUN2IFP(tp); 852 struct mbuf *m; 853 int error = 0; 854 uint32_t family; 855 int isr; 856 857 TUNDEBUG(ifp, "tunwrite\n"); 858 859 if ((ifp->if_flags & IFF_UP) != IFF_UP) 860 /* ignore silently */ 861 return (0); 862 863 if (uio->uio_resid == 0) 864 return (0); 865 866 if (uio->uio_resid < 0 || uio->uio_resid > TUNMRU) { 867 TUNDEBUG(ifp, "len=%d!\n", uio->uio_resid); 868 return (EIO); 869 } 870 871 if ((m = m_uiotombuf(uio, M_DONTWAIT, 0, 0, M_PKTHDR)) == NULL) { 872 ifp->if_ierrors++; 873 return (error); 874 } 875 876 m->m_pkthdr.rcvif = ifp; 877#ifdef MAC 878 mac_ifnet_create_mbuf(ifp, m); 879#endif 880 881 /* Could be unlocked read? */ 882 mtx_lock(&tp->tun_mtx); 883 if (tp->tun_flags & TUN_IFHEAD) { 884 mtx_unlock(&tp->tun_mtx); 885 if (m->m_len < sizeof(family) && 886 (m = m_pullup(m, sizeof(family))) == NULL) 887 return (ENOBUFS); 888 family = ntohl(*mtod(m, u_int32_t *)); 889 m_adj(m, sizeof(family)); 890 } else { 891 mtx_unlock(&tp->tun_mtx); 892 family = AF_INET; 893 } 894 895 BPF_MTAP2(ifp, &family, sizeof(family), m); 896 897 switch (family) { 898#ifdef INET 899 case AF_INET: 900 isr = NETISR_IP; 901 break; 902#endif 903#ifdef INET6 904 case AF_INET6: 905 isr = NETISR_IPV6; 906 break; 907#endif 908#ifdef IPX 909 case AF_IPX: 910 isr = NETISR_IPX; 911 break; 912#endif 913#ifdef NETATALK 914 case AF_APPLETALK: 915 isr = NETISR_ATALK2; 916 break; 917#endif 918 default: 919 m_freem(m); 920 return (EAFNOSUPPORT); 921 } 922 /* First chunk of an mbuf contains good junk */ 923 if (harvest.point_to_point) 924 random_harvest(m, 16, 3, 0, RANDOM_NET); 925 ifp->if_ibytes += m->m_pkthdr.len; 926 ifp->if_ipackets++; 927 netisr_dispatch(isr, m); 928 return (0); 929} 930 931/* 932 * tunpoll - the poll interface, this is only useful on reads 933 * really. The write detect always returns true, write never blocks 934 * anyway, it either accepts the packet or drops it. 935 */ 936static int 937tunpoll(struct cdev *dev, int events, struct thread *td) 938{ 939 int s; 940 struct tun_softc *tp = dev->si_drv1; 941 struct ifnet *ifp = TUN2IFP(tp); 942 int revents = 0; 943 struct mbuf *m; 944 945 s = splimp(); 946 TUNDEBUG(ifp, "tunpoll\n"); 947 948 if (events & (POLLIN | POLLRDNORM)) { 949 IFQ_LOCK(&ifp->if_snd); 950 IFQ_POLL_NOLOCK(&ifp->if_snd, m); 951 if (m != NULL) { 952 TUNDEBUG(ifp, "tunpoll q=%d\n", ifp->if_snd.ifq_len); 953 revents |= events & (POLLIN | POLLRDNORM); 954 } else { 955 TUNDEBUG(ifp, "tunpoll waiting\n"); 956 selrecord(td, &tp->tun_rsel); 957 } 958 IFQ_UNLOCK(&ifp->if_snd); 959 } 960 if (events & (POLLOUT | POLLWRNORM)) 961 revents |= events & (POLLOUT | POLLWRNORM); 962 963 splx(s); 964 return (revents); 965} 966 967/* 968 * tunkqfilter - support for the kevent() system call. 969 */ 970static int 971tunkqfilter(struct cdev *dev, struct knote *kn) 972{ 973 int s; 974 struct tun_softc *tp = dev->si_drv1; 975 struct ifnet *ifp = TUN2IFP(tp); 976 977 s = splimp(); 978 switch(kn->kn_filter) { 979 case EVFILT_READ: 980 TUNDEBUG(ifp, "%s kqfilter: EVFILT_READ, minor = %#x\n", 981 ifp->if_xname, minor(dev)); 982 kn->kn_fop = &tun_read_filterops; 983 break; 984 985 case EVFILT_WRITE: 986 TUNDEBUG(ifp, "%s kqfilter: EVFILT_WRITE, minor = %#x\n", 987 ifp->if_xname, minor(dev)); 988 kn->kn_fop = &tun_write_filterops; 989 break; 990 991 default: 992 TUNDEBUG(ifp, "%s kqfilter: invalid filter, minor = %#x\n", 993 ifp->if_xname, minor(dev)); 994 splx(s); 995 return(EINVAL); 996 } 997 splx(s); 998 999 kn->kn_hook = (caddr_t) dev; 1000 knlist_add(&tp->tun_rsel.si_note, kn, 0); 1001 1002 return (0); 1003} 1004 1005/* 1006 * Return true of there is data in the interface queue. 1007 */ 1008static int 1009tunkqread(struct knote *kn, long hint) 1010{ 1011 int ret, s; 1012 struct cdev *dev = (struct cdev *)(kn->kn_hook); 1013 struct tun_softc *tp = dev->si_drv1; 1014 struct ifnet *ifp = TUN2IFP(tp); 1015 1016 s = splimp(); 1017 if ((kn->kn_data = ifp->if_snd.ifq_len) > 0) { 1018 TUNDEBUG(ifp, 1019 "%s have data in the queue. Len = %d, minor = %#x\n", 1020 ifp->if_xname, ifp->if_snd.ifq_len, minor(dev)); 1021 ret = 1; 1022 } else { 1023 TUNDEBUG(ifp, 1024 "%s waiting for data, minor = %#x\n", ifp->if_xname, 1025 minor(dev)); 1026 ret = 0; 1027 } 1028 splx(s); 1029 1030 return (ret); 1031} 1032 1033/* 1034 * Always can write, always return MTU in kn->data. 1035 */ 1036static int 1037tunkqwrite(struct knote *kn, long hint) 1038{ 1039 int s; 1040 struct tun_softc *tp = ((struct cdev *)kn->kn_hook)->si_drv1; 1041 struct ifnet *ifp = TUN2IFP(tp); 1042 1043 s = splimp(); 1044 kn->kn_data = ifp->if_mtu; 1045 splx(s); 1046 1047 return (1); 1048} 1049 1050static void 1051tunkqdetach(struct knote *kn) 1052{ 1053 struct tun_softc *tp = ((struct cdev *)kn->kn_hook)->si_drv1; 1054 1055 knlist_remove(&tp->tun_rsel.si_note, kn, 0); 1056} 1057