if_tun.c revision 195022
1244951Sadrian/* $NetBSD: if_tun.c,v 1.14 1994/06/29 06:36:25 cgd Exp $ */ 2244951Sadrian 3244951Sadrian/*- 4244951Sadrian * Copyright (c) 1988, Julian Onions <jpo@cs.nott.ac.uk> 5244951Sadrian * Nottingham University 1987. 6244951Sadrian * 7244951Sadrian * This source may be freely distributed, however I would be interested 8244951Sadrian * in any changes that are made. 9244951Sadrian * 10244951Sadrian * This driver takes packets off the IP i/f and hands them up to a 11244951Sadrian * user process to have its wicked way with. This driver has it's 12244951Sadrian * roots in a similar driver written by Phil Cockcroft (formerly) at 13244951Sadrian * UCL. This driver is based much more on read/write/poll mode of 14244951Sadrian * operation though. 15244951Sadrian * 16244951Sadrian * $FreeBSD: head/sys/net/if_tun.c 195022 2009-06-26 00:45:20Z rwatson $ 17244951Sadrian */ 18244951Sadrian 19244951Sadrian#include "opt_atalk.h" 20244951Sadrian#include "opt_inet.h" 21244951Sadrian#include "opt_inet6.h" 22244951Sadrian#include "opt_ipx.h" 23244951Sadrian 24244951Sadrian#include <sys/param.h> 25244951Sadrian#include <sys/priv.h> 26244951Sadrian#include <sys/proc.h> 27244951Sadrian#include <sys/systm.h> 28244951Sadrian#include <sys/jail.h> 29244951Sadrian#include <sys/mbuf.h> 30244951Sadrian#include <sys/module.h> 31244951Sadrian#include <sys/socket.h> 32244951Sadrian#include <sys/fcntl.h> 33244951Sadrian#include <sys/filio.h> 34244951Sadrian#include <sys/sockio.h> 35244951Sadrian#include <sys/ttycom.h> 36244951Sadrian#include <sys/poll.h> 37244951Sadrian#include <sys/selinfo.h> 38244951Sadrian#include <sys/signalvar.h> 39244951Sadrian#include <sys/filedesc.h> 40244951Sadrian#include <sys/kernel.h> 41244951Sadrian#include <sys/sysctl.h> 42244951Sadrian#include <sys/conf.h> 43244951Sadrian#include <sys/uio.h> 44244951Sadrian#include <sys/malloc.h> 45244951Sadrian#include <sys/random.h> 46257176Sglebius#include <sys/vimage.h> 47244951Sadrian 48244951Sadrian#include <net/if.h> 49244951Sadrian#include <net/if_clone.h> 50244951Sadrian#include <net/if_types.h> 51244951Sadrian#include <net/netisr.h> 52244951Sadrian#include <net/route.h> 53244951Sadrian#ifdef INET 54244951Sadrian#include <netinet/in.h> 55244951Sadrian#endif 56244951Sadrian#include <net/bpf.h> 57257176Sglebius#include <net/if_tun.h> 58244951Sadrian 59244951Sadrian#include <sys/queue.h> 60244951Sadrian#include <sys/condvar.h> 61244951Sadrian 62244951Sadrian#include <security/mac/mac_framework.h> 63244951Sadrian 64244951Sadrian/* 65244951Sadrian * tun_list is protected by global tunmtx. Other mutable fields are 66244951Sadrian * protected by tun->tun_mtx, or by their owning subsystem. tun_dev is 67244951Sadrian * static for the duration of a tunnel interface. 68244951Sadrian */ 69244951Sadrianstruct tun_softc { 70244951Sadrian TAILQ_ENTRY(tun_softc) tun_list; 71244951Sadrian struct cdev *tun_dev; 72244951Sadrian u_short tun_flags; /* misc flags */ 73244951Sadrian#define TUN_OPEN 0x0001 74244951Sadrian#define TUN_INITED 0x0002 75244951Sadrian#define TUN_RCOLL 0x0004 76244951Sadrian#define TUN_IASET 0x0008 77244951Sadrian#define TUN_DSTADDR 0x0010 78245185Sadrian#define TUN_LMODE 0x0020 79245185Sadrian#define TUN_RWAIT 0x0040 80245185Sadrian#define TUN_ASYNC 0x0080 81245185Sadrian#define TUN_IFHEAD 0x0100 82245185Sadrian 83245185Sadrian#define TUN_READY (TUN_OPEN | TUN_INITED) 84245185Sadrian 85245185Sadrian /* 86245185Sadrian * XXXRW: tun_pid is used to exclusively lock /dev/tun. Is this 87245185Sadrian * actually needed? Can we just return EBUSY if already open? 88245185Sadrian * Problem is that this involved inherent races when a tun device 89245185Sadrian * is handed off from one process to another, as opposed to just 90245185Sadrian * being slightly stale informationally. 91245185Sadrian */ 92245185Sadrian pid_t tun_pid; /* owning pid */ 93244951Sadrian struct ifnet *tun_ifp; /* the interface */ 94244951Sadrian struct sigio *tun_sigio; /* information for async I/O */ 95244951Sadrian struct selinfo tun_rsel; /* read select */ 96244951Sadrian struct mtx tun_mtx; /* protect mutable softc fields */ 97244951Sadrian struct cv tun_cv; /* protect against ref'd dev destroy */ 98244951Sadrian}; 99244951Sadrian#define TUN2IFP(sc) ((sc)->tun_ifp) 100245002Sadrian 101244951Sadrian#define TUNDEBUG if (tundebug) if_printf 102244951Sadrian#define TUNNAME "tun" 103244951Sadrian 104244951Sadrian/* 105244951Sadrian * All mutable global variables in if_tun are locked using tunmtx, with 106244951Sadrian * the exception of tundebug, which is used unlocked, and tunclones, 107245002Sadrian * which is static after setup. 108245002Sadrian */ 109245002Sadrianstatic struct mtx tunmtx; 110245002Sadrianstatic MALLOC_DEFINE(M_TUN, TUNNAME, "Tunnel Interface"); 111245002Sadrianstatic int tundebug = 0; 112245002Sadrianstatic int tundclone = 1; 113245002Sadrianstatic struct clonedevs *tunclones; 114244951Sadrianstatic TAILQ_HEAD(,tun_softc) tunhead = TAILQ_HEAD_INITIALIZER(tunhead); 115244951SadrianSYSCTL_INT(_debug, OID_AUTO, if_tun_debug, CTLFLAG_RW, &tundebug, 0, ""); 116244951Sadrian 117244951SadrianSYSCTL_DECL(_net_link); 118244951SadrianSYSCTL_NODE(_net_link, OID_AUTO, tun, CTLFLAG_RW, 0, 119244951Sadrian "IP tunnel software network interface."); 120244951SadrianSYSCTL_INT(_net_link_tun, OID_AUTO, devfs_cloning, CTLFLAG_RW, &tundclone, 0, 121244951Sadrian "Enable legacy devfs interface creation."); 122244951Sadrian 123244951SadrianTUNABLE_INT("net.link.tun.devfs_cloning", &tundclone); 124244951Sadrian 125244951Sadrianstatic void tunclone(void *arg, struct ucred *cred, char *name, 126244951Sadrian int namelen, struct cdev **dev); 127244951Sadrianstatic void tuncreate(const char *name, struct cdev *dev); 128244951Sadrianstatic int tunifioctl(struct ifnet *, u_long, caddr_t); 129244951Sadrianstatic int tuninit(struct ifnet *); 130244951Sadrianstatic int tunmodevent(module_t, int, void *); 131245002Sadrianstatic int tunoutput(struct ifnet *, struct mbuf *, struct sockaddr *, 132244951Sadrian struct route *ro); 133244951Sadrianstatic void tunstart(struct ifnet *); 134244951Sadrian 135244951Sadrianstatic int tun_clone_create(struct if_clone *, int, caddr_t); 136245002Sadrianstatic void tun_clone_destroy(struct ifnet *); 137245002Sadrian 138245002SadrianIFC_SIMPLE_DECLARE(tun, 0); 139245002Sadrian 140244951Sadrianstatic d_open_t tunopen; 141244951Sadrianstatic d_close_t tunclose; 142244951Sadrianstatic d_read_t tunread; 143244951Sadrianstatic d_write_t tunwrite; 144244951Sadrianstatic d_ioctl_t tunioctl; 145244951Sadrianstatic d_poll_t tunpoll; 146244951Sadrianstatic d_kqfilter_t tunkqfilter; 147244951Sadrian 148244951Sadrianstatic int tunkqread(struct knote *, long); 149244951Sadrianstatic int tunkqwrite(struct knote *, long); 150244951Sadrianstatic void tunkqdetach(struct knote *); 151244951Sadrian 152244951Sadrianstatic struct filterops tun_read_filterops = { 153245185Sadrian .f_isfd = 1, 154244951Sadrian .f_attach = NULL, 155245185Sadrian .f_detach = tunkqdetach, 156245185Sadrian .f_event = tunkqread, 157245185Sadrian}; 158245185Sadrian 159245185Sadrianstatic struct filterops tun_write_filterops = { 160245185Sadrian .f_isfd = 1, 161245185Sadrian .f_attach = NULL, 162245185Sadrian .f_detach = tunkqdetach, 163245185Sadrian .f_event = tunkqwrite, 164245185Sadrian}; 165245185Sadrian 166245185Sadrianstatic struct cdevsw tun_cdevsw = { 167244951Sadrian .d_version = D_VERSION, 168244951Sadrian .d_flags = D_PSEUDO | D_NEEDGIANT | D_NEEDMINOR, 169244951Sadrian .d_open = tunopen, 170244951Sadrian .d_close = tunclose, 171244951Sadrian .d_read = tunread, 172244951Sadrian .d_write = tunwrite, 173244951Sadrian .d_ioctl = tunioctl, 174244951Sadrian .d_poll = tunpoll, 175244951Sadrian .d_kqfilter = tunkqfilter, 176244951Sadrian .d_name = TUNNAME, 177244951Sadrian}; 178244951Sadrian 179244951Sadrianstatic int 180244951Sadriantun_clone_create(struct if_clone *ifc, int unit, caddr_t params) 181244951Sadrian{ 182244951Sadrian struct cdev *dev; 183244951Sadrian int i; 184244951Sadrian 185244951Sadrian /* find any existing device, or allocate new unit number */ 186244951Sadrian i = clone_create(&tunclones, &tun_cdevsw, &unit, &dev, 0); 187244951Sadrian if (i) { 188244951Sadrian /* No preexisting struct cdev *, create one */ 189245185Sadrian dev = make_dev(&tun_cdevsw, unit, 190244951Sadrian UID_UUCP, GID_DIALER, 0600, "%s%d", ifc->ifc_name, unit); 191245002Sadrian if (dev != NULL) { 192245002Sadrian dev_ref(dev); 193245002Sadrian dev->si_flags |= SI_CHEAPCLONE; 194244951Sadrian } 195244951Sadrian } 196244951Sadrian tuncreate(ifc->ifc_name, dev); 197244951Sadrian 198244951Sadrian return (0); 199244951Sadrian} 200244951Sadrian 201244951Sadrianstatic void 202244951Sadriantunclone(void *arg, struct ucred *cred, char *name, int namelen, 203244951Sadrian struct cdev **dev) 204244951Sadrian{ 205244951Sadrian char devname[SPECNAMELEN + 1]; 206244951Sadrian int u, i, append_unit; 207244951Sadrian 208244951Sadrian if (*dev != NULL) 209244951Sadrian return; 210244951Sadrian 211244951Sadrian /* 212244951Sadrian * If tun cloning is enabled, only the superuser can create an 213244951Sadrian * interface. 214244951Sadrian */ 215244951Sadrian if (!tundclone || priv_check_cred(cred, PRIV_NET_IFCREATE, 0) != 0) 216244951Sadrian return; 217244951Sadrian 218244951Sadrian if (strcmp(name, TUNNAME) == 0) { 219244951Sadrian u = -1; 220244951Sadrian } else if (dev_stdclone(name, NULL, TUNNAME, &u) != 1) 221244951Sadrian return; /* Don't recognise the name */ 222244951Sadrian if (u != -1 && u > IF_MAXUNIT) 223244951Sadrian return; /* Unit number too high */ 224244951Sadrian 225244951Sadrian if (u == -1) 226244951Sadrian append_unit = 1; 227244951Sadrian else 228244951Sadrian append_unit = 0; 229244951Sadrian 230244951Sadrian CURVNET_SET(CRED_TO_VNET(cred)); 231244951Sadrian /* find any existing device, or allocate new unit number */ 232244951Sadrian i = clone_create(&tunclones, &tun_cdevsw, &u, dev, 0); 233244951Sadrian if (i) { 234244951Sadrian if (append_unit) { 235244951Sadrian namelen = snprintf(devname, sizeof(devname), "%s%d", name, 236244951Sadrian u); 237244951Sadrian name = devname; 238244951Sadrian } 239244951Sadrian /* No preexisting struct cdev *, create one */ 240244951Sadrian *dev = make_dev(&tun_cdevsw, u, 241244951Sadrian UID_UUCP, GID_DIALER, 0600, "%s", name); 242244951Sadrian if (*dev != NULL) { 243244951Sadrian dev_ref(*dev); 244245185Sadrian (*dev)->si_flags |= SI_CHEAPCLONE; 245245185Sadrian } 246244951Sadrian } 247244951Sadrian 248244951Sadrian if_clone_create(name, namelen, NULL); 249245185Sadrian CURVNET_RESTORE(); 250245185Sadrian} 251244951Sadrian 252245185Sadrianstatic void 253245185Sadriantun_destroy(struct tun_softc *tp) 254245185Sadrian{ 255245185Sadrian struct cdev *dev; 256245190Sadrian 257245185Sadrian /* Unlocked read. */ 258245185Sadrian mtx_lock(&tp->tun_mtx); 259245185Sadrian if ((tp->tun_flags & TUN_OPEN) != 0) 260245185Sadrian cv_wait_unlock(&tp->tun_cv, &tp->tun_mtx); 261245185Sadrian else 262245185Sadrian mtx_unlock(&tp->tun_mtx); 263245185Sadrian 264245185Sadrian CURVNET_SET(TUN2IFP(tp)->if_vnet); 265245185Sadrian dev = tp->tun_dev; 266245185Sadrian bpfdetach(TUN2IFP(tp)); 267245185Sadrian if_detach(TUN2IFP(tp)); 268245185Sadrian if_free(TUN2IFP(tp)); 269245185Sadrian destroy_dev(dev); 270245185Sadrian knlist_destroy(&tp->tun_rsel.si_note); 271244951Sadrian mtx_destroy(&tp->tun_mtx); 272244951Sadrian cv_destroy(&tp->tun_cv); 273244951Sadrian free(tp, M_TUN); 274244951Sadrian CURVNET_RESTORE(); 275244951Sadrian} 276244951Sadrian 277244951Sadrianstatic void 278244951Sadriantun_clone_destroy(struct ifnet *ifp) 279244951Sadrian{ 280244951Sadrian struct tun_softc *tp = ifp->if_softc; 281244951Sadrian 282244951Sadrian mtx_lock(&tunmtx); 283244951Sadrian TAILQ_REMOVE(&tunhead, tp, tun_list); 284244951Sadrian mtx_unlock(&tunmtx); 285244951Sadrian tun_destroy(tp); 286244951Sadrian} 287244951Sadrian 288244951Sadrianstatic int 289244951Sadriantunmodevent(module_t mod, int type, void *data) 290244951Sadrian{ 291 static eventhandler_tag tag; 292 struct tun_softc *tp; 293 294 switch (type) { 295 case MOD_LOAD: 296 mtx_init(&tunmtx, "tunmtx", NULL, MTX_DEF); 297 clone_setup(&tunclones); 298 tag = EVENTHANDLER_REGISTER(dev_clone, tunclone, 0, 1000); 299 if (tag == NULL) 300 return (ENOMEM); 301 if_clone_attach(&tun_cloner); 302 break; 303 case MOD_UNLOAD: 304 if_clone_detach(&tun_cloner); 305 EVENTHANDLER_DEREGISTER(dev_clone, tag); 306 307 mtx_lock(&tunmtx); 308 while ((tp = TAILQ_FIRST(&tunhead)) != NULL) { 309 TAILQ_REMOVE(&tunhead, tp, tun_list); 310 mtx_unlock(&tunmtx); 311 tun_destroy(tp); 312 mtx_lock(&tunmtx); 313 } 314 mtx_unlock(&tunmtx); 315 clone_cleanup(&tunclones); 316 mtx_destroy(&tunmtx); 317 break; 318 default: 319 return EOPNOTSUPP; 320 } 321 return 0; 322} 323 324static moduledata_t tun_mod = { 325 "if_tun", 326 tunmodevent, 327 0 328}; 329 330DECLARE_MODULE(if_tun, tun_mod, SI_SUB_PSEUDO, SI_ORDER_ANY); 331 332static void 333tunstart(struct ifnet *ifp) 334{ 335 struct tun_softc *tp = ifp->if_softc; 336 struct mbuf *m; 337 338 TUNDEBUG(ifp,"%s starting\n", ifp->if_xname); 339 if (ALTQ_IS_ENABLED(&ifp->if_snd)) { 340 IFQ_LOCK(&ifp->if_snd); 341 IFQ_POLL_NOLOCK(&ifp->if_snd, m); 342 if (m == NULL) { 343 IFQ_UNLOCK(&ifp->if_snd); 344 return; 345 } 346 IFQ_UNLOCK(&ifp->if_snd); 347 } 348 349 mtx_lock(&tp->tun_mtx); 350 if (tp->tun_flags & TUN_RWAIT) { 351 tp->tun_flags &= ~TUN_RWAIT; 352 wakeup(tp); 353 } 354 if (tp->tun_flags & TUN_ASYNC && tp->tun_sigio) { 355 mtx_unlock(&tp->tun_mtx); 356 pgsigio(&tp->tun_sigio, SIGIO, 0); 357 } else 358 mtx_unlock(&tp->tun_mtx); 359 selwakeuppri(&tp->tun_rsel, PZERO + 1); 360 KNOTE_UNLOCKED(&tp->tun_rsel.si_note, 0); 361} 362 363/* XXX: should return an error code so it can fail. */ 364static void 365tuncreate(const char *name, struct cdev *dev) 366{ 367 struct tun_softc *sc; 368 struct ifnet *ifp; 369 370 dev->si_flags &= ~SI_CHEAPCLONE; 371 372 sc = malloc(sizeof(*sc), M_TUN, M_WAITOK | M_ZERO); 373 mtx_init(&sc->tun_mtx, "tun_mtx", NULL, MTX_DEF); 374 cv_init(&sc->tun_cv, "tun_condvar"); 375 sc->tun_flags = TUN_INITED; 376 sc->tun_dev = dev; 377 mtx_lock(&tunmtx); 378 TAILQ_INSERT_TAIL(&tunhead, sc, tun_list); 379 mtx_unlock(&tunmtx); 380 381 ifp = sc->tun_ifp = if_alloc(IFT_PPP); 382 if (ifp == NULL) 383 panic("%s%d: failed to if_alloc() interface.\n", 384 name, dev2unit(dev)); 385 if_initname(ifp, name, dev2unit(dev)); 386 ifp->if_mtu = TUNMTU; 387 ifp->if_ioctl = tunifioctl; 388 ifp->if_output = tunoutput; 389 ifp->if_start = tunstart; 390 ifp->if_flags = IFF_POINTOPOINT | IFF_MULTICAST; 391 ifp->if_softc = sc; 392 IFQ_SET_MAXLEN(&ifp->if_snd, ifqmaxlen); 393 ifp->if_snd.ifq_drv_maxlen = 0; 394 IFQ_SET_READY(&ifp->if_snd); 395 knlist_init_mtx(&sc->tun_rsel.si_note, NULL); 396 397 if_attach(ifp); 398 bpfattach(ifp, DLT_NULL, sizeof(u_int32_t)); 399 dev->si_drv1 = sc; 400 TUNDEBUG(ifp, "interface %s is created, minor = %#x\n", 401 ifp->if_xname, dev2unit(dev)); 402} 403 404static int 405tunopen(struct cdev *dev, int flag, int mode, struct thread *td) 406{ 407 struct ifnet *ifp; 408 struct tun_softc *tp; 409 410 /* 411 * XXXRW: Non-atomic test and set of dev->si_drv1 requires 412 * synchronization. 413 */ 414 tp = dev->si_drv1; 415 if (!tp) { 416 tuncreate(TUNNAME, dev); 417 tp = dev->si_drv1; 418 } 419 420 /* 421 * XXXRW: This use of tun_pid is subject to error due to the 422 * fact that a reference to the tunnel can live beyond the 423 * death of the process that created it. Can we replace this 424 * with a simple busy flag? 425 */ 426 mtx_lock(&tp->tun_mtx); 427 if (tp->tun_pid != 0 && tp->tun_pid != td->td_proc->p_pid) { 428 mtx_unlock(&tp->tun_mtx); 429 return (EBUSY); 430 } 431 tp->tun_pid = td->td_proc->p_pid; 432 433 tp->tun_flags |= TUN_OPEN; 434 mtx_unlock(&tp->tun_mtx); 435 ifp = TUN2IFP(tp); 436 if_link_state_change(ifp, LINK_STATE_UP); 437 TUNDEBUG(ifp, "open\n"); 438 439 return (0); 440} 441 442/* 443 * tunclose - close the device - mark i/f down & delete 444 * routing info 445 */ 446static int 447tunclose(struct cdev *dev, int foo, int bar, struct thread *td) 448{ 449 struct tun_softc *tp; 450 struct ifnet *ifp; 451 int s; 452 453 tp = dev->si_drv1; 454 ifp = TUN2IFP(tp); 455 456 mtx_lock(&tp->tun_mtx); 457 tp->tun_flags &= ~TUN_OPEN; 458 tp->tun_pid = 0; 459 mtx_unlock(&tp->tun_mtx); 460 461 /* 462 * junk all pending output 463 */ 464 CURVNET_SET(ifp->if_vnet); 465 s = splimp(); 466 IFQ_PURGE(&ifp->if_snd); 467 splx(s); 468 469 if (ifp->if_flags & IFF_UP) { 470 s = splimp(); 471 if_down(ifp); 472 splx(s); 473 } 474 475 /* Delete all addresses and routes which reference this interface. */ 476 if (ifp->if_drv_flags & IFF_DRV_RUNNING) { 477 struct ifaddr *ifa; 478 479 s = splimp(); 480 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) { 481 /* deal w/IPv4 PtP destination; unlocked read */ 482 if (ifa->ifa_addr->sa_family == AF_INET) { 483 rtinit(ifa, (int)RTM_DELETE, 484 tp->tun_flags & TUN_DSTADDR ? RTF_HOST : 0); 485 } else { 486 rtinit(ifa, (int)RTM_DELETE, 0); 487 } 488 } 489 if_purgeaddrs(ifp); 490 ifp->if_drv_flags &= ~IFF_DRV_RUNNING; 491 splx(s); 492 } 493 if_link_state_change(ifp, LINK_STATE_DOWN); 494 CURVNET_RESTORE(); 495 496 mtx_lock(&tp->tun_mtx); 497 funsetown(&tp->tun_sigio); 498 selwakeuppri(&tp->tun_rsel, PZERO + 1); 499 KNOTE_UNLOCKED(&tp->tun_rsel.si_note, 0); 500 TUNDEBUG (ifp, "closed\n"); 501 502 cv_broadcast(&tp->tun_cv); 503 mtx_unlock(&tp->tun_mtx); 504 return (0); 505} 506 507static int 508tuninit(struct ifnet *ifp) 509{ 510#ifdef INET 511 struct tun_softc *tp = ifp->if_softc; 512 struct ifaddr *ifa; 513#endif 514 int error = 0; 515 516 TUNDEBUG(ifp, "tuninit\n"); 517 518 ifp->if_flags |= IFF_UP; 519 ifp->if_drv_flags |= IFF_DRV_RUNNING; 520 getmicrotime(&ifp->if_lastchange); 521 522#ifdef INET 523 if_addr_rlock(ifp); 524 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) { 525 if (ifa->ifa_addr->sa_family == AF_INET) { 526 struct sockaddr_in *si; 527 528 si = (struct sockaddr_in *)ifa->ifa_addr; 529 mtx_lock(&tp->tun_mtx); 530 if (si->sin_addr.s_addr) 531 tp->tun_flags |= TUN_IASET; 532 533 si = (struct sockaddr_in *)ifa->ifa_dstaddr; 534 if (si && si->sin_addr.s_addr) 535 tp->tun_flags |= TUN_DSTADDR; 536 mtx_unlock(&tp->tun_mtx); 537 } 538 } 539 if_addr_runlock(ifp); 540#endif 541 return (error); 542} 543 544/* 545 * Process an ioctl request. 546 */ 547static int 548tunifioctl(struct ifnet *ifp, u_long cmd, caddr_t data) 549{ 550 struct ifreq *ifr = (struct ifreq *)data; 551 struct tun_softc *tp = ifp->if_softc; 552 struct ifstat *ifs; 553 int error = 0, s; 554 555 s = splimp(); 556 switch(cmd) { 557 case SIOCGIFSTATUS: 558 ifs = (struct ifstat *)data; 559 mtx_lock(&tp->tun_mtx); 560 if (tp->tun_pid) 561 sprintf(ifs->ascii + strlen(ifs->ascii), 562 "\tOpened by PID %d\n", tp->tun_pid); 563 mtx_unlock(&tp->tun_mtx); 564 break; 565 case SIOCSIFADDR: 566 error = tuninit(ifp); 567 TUNDEBUG(ifp, "address set, error=%d\n", error); 568 break; 569 case SIOCSIFDSTADDR: 570 error = tuninit(ifp); 571 TUNDEBUG(ifp, "destination address set, error=%d\n", error); 572 break; 573 case SIOCSIFMTU: 574 ifp->if_mtu = ifr->ifr_mtu; 575 TUNDEBUG(ifp, "mtu set\n"); 576 break; 577 case SIOCSIFFLAGS: 578 case SIOCADDMULTI: 579 case SIOCDELMULTI: 580 break; 581 default: 582 error = EINVAL; 583 } 584 splx(s); 585 return (error); 586} 587 588/* 589 * tunoutput - queue packets from higher level ready to put out. 590 */ 591static int 592tunoutput( 593 struct ifnet *ifp, 594 struct mbuf *m0, 595 struct sockaddr *dst, 596 struct route *ro) 597{ 598 struct tun_softc *tp = ifp->if_softc; 599 u_short cached_tun_flags; 600 int error; 601 u_int32_t af; 602 603 TUNDEBUG (ifp, "tunoutput\n"); 604 605#ifdef MAC 606 error = mac_ifnet_check_transmit(ifp, m0); 607 if (error) { 608 m_freem(m0); 609 return (error); 610 } 611#endif 612 613 /* Could be unlocked read? */ 614 mtx_lock(&tp->tun_mtx); 615 cached_tun_flags = tp->tun_flags; 616 mtx_unlock(&tp->tun_mtx); 617 if ((cached_tun_flags & TUN_READY) != TUN_READY) { 618 TUNDEBUG (ifp, "not ready 0%o\n", tp->tun_flags); 619 m_freem (m0); 620 return (EHOSTDOWN); 621 } 622 623 if ((ifp->if_flags & IFF_UP) != IFF_UP) { 624 m_freem (m0); 625 return (EHOSTDOWN); 626 } 627 628 /* BPF writes need to be handled specially. */ 629 if (dst->sa_family == AF_UNSPEC) { 630 bcopy(dst->sa_data, &af, sizeof(af)); 631 dst->sa_family = af; 632 } 633 634 if (bpf_peers_present(ifp->if_bpf)) { 635 af = dst->sa_family; 636 bpf_mtap2(ifp->if_bpf, &af, sizeof(af), m0); 637 } 638 639 /* prepend sockaddr? this may abort if the mbuf allocation fails */ 640 if (cached_tun_flags & TUN_LMODE) { 641 /* allocate space for sockaddr */ 642 M_PREPEND(m0, dst->sa_len, M_DONTWAIT); 643 644 /* if allocation failed drop packet */ 645 if (m0 == NULL) { 646 ifp->if_iqdrops++; 647 ifp->if_oerrors++; 648 return (ENOBUFS); 649 } else { 650 bcopy(dst, m0->m_data, dst->sa_len); 651 } 652 } 653 654 if (cached_tun_flags & TUN_IFHEAD) { 655 /* Prepend the address family */ 656 M_PREPEND(m0, 4, M_DONTWAIT); 657 658 /* if allocation failed drop packet */ 659 if (m0 == NULL) { 660 ifp->if_iqdrops++; 661 ifp->if_oerrors++; 662 return (ENOBUFS); 663 } else 664 *(u_int32_t *)m0->m_data = htonl(dst->sa_family); 665 } else { 666#ifdef INET 667 if (dst->sa_family != AF_INET) 668#endif 669 { 670 m_freem(m0); 671 return (EAFNOSUPPORT); 672 } 673 } 674 675 error = (ifp->if_transmit)(ifp, m0); 676 if (error) { 677 ifp->if_collisions++; 678 return (ENOBUFS); 679 } 680 ifp->if_opackets++; 681 return (0); 682} 683 684/* 685 * the cdevsw interface is now pretty minimal. 686 */ 687static int 688tunioctl(struct cdev *dev, u_long cmd, caddr_t data, int flag, struct thread *td) 689{ 690 int s; 691 int error; 692 struct tun_softc *tp = dev->si_drv1; 693 struct tuninfo *tunp; 694 695 switch (cmd) { 696 case TUNSIFINFO: 697 tunp = (struct tuninfo *)data; 698 if (tunp->mtu < IF_MINMTU) 699 return (EINVAL); 700 if (TUN2IFP(tp)->if_mtu != tunp->mtu) { 701 error = priv_check(td, PRIV_NET_SETIFMTU); 702 if (error) 703 return (error); 704 } 705 TUN2IFP(tp)->if_mtu = tunp->mtu; 706 TUN2IFP(tp)->if_type = tunp->type; 707 TUN2IFP(tp)->if_baudrate = tunp->baudrate; 708 break; 709 case TUNGIFINFO: 710 tunp = (struct tuninfo *)data; 711 tunp->mtu = TUN2IFP(tp)->if_mtu; 712 tunp->type = TUN2IFP(tp)->if_type; 713 tunp->baudrate = TUN2IFP(tp)->if_baudrate; 714 break; 715 case TUNSDEBUG: 716 tundebug = *(int *)data; 717 break; 718 case TUNGDEBUG: 719 *(int *)data = tundebug; 720 break; 721 case TUNSLMODE: 722 mtx_lock(&tp->tun_mtx); 723 if (*(int *)data) { 724 tp->tun_flags |= TUN_LMODE; 725 tp->tun_flags &= ~TUN_IFHEAD; 726 } else 727 tp->tun_flags &= ~TUN_LMODE; 728 mtx_unlock(&tp->tun_mtx); 729 break; 730 case TUNSIFHEAD: 731 mtx_lock(&tp->tun_mtx); 732 if (*(int *)data) { 733 tp->tun_flags |= TUN_IFHEAD; 734 tp->tun_flags &= ~TUN_LMODE; 735 } else 736 tp->tun_flags &= ~TUN_IFHEAD; 737 mtx_unlock(&tp->tun_mtx); 738 break; 739 case TUNGIFHEAD: 740 /* Could be unlocked read? */ 741 mtx_lock(&tp->tun_mtx); 742 *(int *)data = (tp->tun_flags & TUN_IFHEAD) ? 1 : 0; 743 mtx_unlock(&tp->tun_mtx); 744 break; 745 case TUNSIFMODE: 746 /* deny this if UP */ 747 if (TUN2IFP(tp)->if_flags & IFF_UP) 748 return(EBUSY); 749 750 switch (*(int *)data & ~IFF_MULTICAST) { 751 case IFF_POINTOPOINT: 752 case IFF_BROADCAST: 753 TUN2IFP(tp)->if_flags &= 754 ~(IFF_BROADCAST|IFF_POINTOPOINT|IFF_MULTICAST); 755 TUN2IFP(tp)->if_flags |= *(int *)data; 756 break; 757 default: 758 return(EINVAL); 759 } 760 break; 761 case TUNSIFPID: 762 mtx_lock(&tp->tun_mtx); 763 tp->tun_pid = curthread->td_proc->p_pid; 764 mtx_unlock(&tp->tun_mtx); 765 break; 766 case FIONBIO: 767 break; 768 case FIOASYNC: 769 mtx_lock(&tp->tun_mtx); 770 if (*(int *)data) 771 tp->tun_flags |= TUN_ASYNC; 772 else 773 tp->tun_flags &= ~TUN_ASYNC; 774 mtx_unlock(&tp->tun_mtx); 775 break; 776 case FIONREAD: 777 s = splimp(); 778 if (!IFQ_IS_EMPTY(&TUN2IFP(tp)->if_snd)) { 779 struct mbuf *mb; 780 IFQ_LOCK(&TUN2IFP(tp)->if_snd); 781 IFQ_POLL_NOLOCK(&TUN2IFP(tp)->if_snd, mb); 782 for( *(int *)data = 0; mb != 0; mb = mb->m_next) 783 *(int *)data += mb->m_len; 784 IFQ_UNLOCK(&TUN2IFP(tp)->if_snd); 785 } else 786 *(int *)data = 0; 787 splx(s); 788 break; 789 case FIOSETOWN: 790 return (fsetown(*(int *)data, &tp->tun_sigio)); 791 792 case FIOGETOWN: 793 *(int *)data = fgetown(&tp->tun_sigio); 794 return (0); 795 796 /* This is deprecated, FIOSETOWN should be used instead. */ 797 case TIOCSPGRP: 798 return (fsetown(-(*(int *)data), &tp->tun_sigio)); 799 800 /* This is deprecated, FIOGETOWN should be used instead. */ 801 case TIOCGPGRP: 802 *(int *)data = -fgetown(&tp->tun_sigio); 803 return (0); 804 805 default: 806 return (ENOTTY); 807 } 808 return (0); 809} 810 811/* 812 * The cdevsw read interface - reads a packet at a time, or at 813 * least as much of a packet as can be read. 814 */ 815static int 816tunread(struct cdev *dev, struct uio *uio, int flag) 817{ 818 struct tun_softc *tp = dev->si_drv1; 819 struct ifnet *ifp = TUN2IFP(tp); 820 struct mbuf *m; 821 int error=0, len, s; 822 823 TUNDEBUG (ifp, "read\n"); 824 mtx_lock(&tp->tun_mtx); 825 if ((tp->tun_flags & TUN_READY) != TUN_READY) { 826 mtx_unlock(&tp->tun_mtx); 827 TUNDEBUG (ifp, "not ready 0%o\n", tp->tun_flags); 828 return (EHOSTDOWN); 829 } 830 831 tp->tun_flags &= ~TUN_RWAIT; 832 mtx_unlock(&tp->tun_mtx); 833 834 s = splimp(); 835 do { 836 IFQ_DEQUEUE(&ifp->if_snd, m); 837 if (m == NULL) { 838 if (flag & O_NONBLOCK) { 839 splx(s); 840 return (EWOULDBLOCK); 841 } 842 mtx_lock(&tp->tun_mtx); 843 tp->tun_flags |= TUN_RWAIT; 844 mtx_unlock(&tp->tun_mtx); 845 if ((error = tsleep(tp, PCATCH | (PZERO + 1), 846 "tunread", 0)) != 0) { 847 splx(s); 848 return (error); 849 } 850 } 851 } while (m == NULL); 852 splx(s); 853 854 while (m && uio->uio_resid > 0 && error == 0) { 855 len = min(uio->uio_resid, m->m_len); 856 if (len != 0) 857 error = uiomove(mtod(m, void *), len, uio); 858 m = m_free(m); 859 } 860 861 if (m) { 862 TUNDEBUG(ifp, "Dropping mbuf\n"); 863 m_freem(m); 864 } 865 return (error); 866} 867 868/* 869 * the cdevsw write interface - an atomic write is a packet - or else! 870 */ 871static int 872tunwrite(struct cdev *dev, struct uio *uio, int flag) 873{ 874 struct tun_softc *tp = dev->si_drv1; 875 struct ifnet *ifp = TUN2IFP(tp); 876 struct mbuf *m; 877 int error = 0; 878 uint32_t family; 879 int isr; 880 881 TUNDEBUG(ifp, "tunwrite\n"); 882 883 if ((ifp->if_flags & IFF_UP) != IFF_UP) 884 /* ignore silently */ 885 return (0); 886 887 if (uio->uio_resid == 0) 888 return (0); 889 890 if (uio->uio_resid < 0 || uio->uio_resid > TUNMRU) { 891 TUNDEBUG(ifp, "len=%zd!\n", uio->uio_resid); 892 return (EIO); 893 } 894 895 if ((m = m_uiotombuf(uio, M_DONTWAIT, 0, 0, M_PKTHDR)) == NULL) { 896 ifp->if_ierrors++; 897 return (error); 898 } 899 900 m->m_pkthdr.rcvif = ifp; 901#ifdef MAC 902 mac_ifnet_create_mbuf(ifp, m); 903#endif 904 905 /* Could be unlocked read? */ 906 mtx_lock(&tp->tun_mtx); 907 if (tp->tun_flags & TUN_IFHEAD) { 908 mtx_unlock(&tp->tun_mtx); 909 if (m->m_len < sizeof(family) && 910 (m = m_pullup(m, sizeof(family))) == NULL) 911 return (ENOBUFS); 912 family = ntohl(*mtod(m, u_int32_t *)); 913 m_adj(m, sizeof(family)); 914 } else { 915 mtx_unlock(&tp->tun_mtx); 916 family = AF_INET; 917 } 918 919 BPF_MTAP2(ifp, &family, sizeof(family), m); 920 921 switch (family) { 922#ifdef INET 923 case AF_INET: 924 isr = NETISR_IP; 925 break; 926#endif 927#ifdef INET6 928 case AF_INET6: 929 isr = NETISR_IPV6; 930 break; 931#endif 932#ifdef IPX 933 case AF_IPX: 934 isr = NETISR_IPX; 935 break; 936#endif 937#ifdef NETATALK 938 case AF_APPLETALK: 939 isr = NETISR_ATALK2; 940 break; 941#endif 942 default: 943 m_freem(m); 944 return (EAFNOSUPPORT); 945 } 946 /* First chunk of an mbuf contains good junk */ 947 if (harvest.point_to_point) 948 random_harvest(m, 16, 3, 0, RANDOM_NET); 949 ifp->if_ibytes += m->m_pkthdr.len; 950 ifp->if_ipackets++; 951 CURVNET_SET(ifp->if_vnet); 952 netisr_dispatch(isr, m); 953 CURVNET_RESTORE(); 954 return (0); 955} 956 957/* 958 * tunpoll - the poll interface, this is only useful on reads 959 * really. The write detect always returns true, write never blocks 960 * anyway, it either accepts the packet or drops it. 961 */ 962static int 963tunpoll(struct cdev *dev, int events, struct thread *td) 964{ 965 int s; 966 struct tun_softc *tp = dev->si_drv1; 967 struct ifnet *ifp = TUN2IFP(tp); 968 int revents = 0; 969 struct mbuf *m; 970 971 s = splimp(); 972 TUNDEBUG(ifp, "tunpoll\n"); 973 974 if (events & (POLLIN | POLLRDNORM)) { 975 IFQ_LOCK(&ifp->if_snd); 976 IFQ_POLL_NOLOCK(&ifp->if_snd, m); 977 if (m != NULL) { 978 TUNDEBUG(ifp, "tunpoll q=%d\n", ifp->if_snd.ifq_len); 979 revents |= events & (POLLIN | POLLRDNORM); 980 } else { 981 TUNDEBUG(ifp, "tunpoll waiting\n"); 982 selrecord(td, &tp->tun_rsel); 983 } 984 IFQ_UNLOCK(&ifp->if_snd); 985 } 986 if (events & (POLLOUT | POLLWRNORM)) 987 revents |= events & (POLLOUT | POLLWRNORM); 988 989 splx(s); 990 return (revents); 991} 992 993/* 994 * tunkqfilter - support for the kevent() system call. 995 */ 996static int 997tunkqfilter(struct cdev *dev, struct knote *kn) 998{ 999 int s; 1000 struct tun_softc *tp = dev->si_drv1; 1001 struct ifnet *ifp = TUN2IFP(tp); 1002 1003 s = splimp(); 1004 switch(kn->kn_filter) { 1005 case EVFILT_READ: 1006 TUNDEBUG(ifp, "%s kqfilter: EVFILT_READ, minor = %#x\n", 1007 ifp->if_xname, dev2unit(dev)); 1008 kn->kn_fop = &tun_read_filterops; 1009 break; 1010 1011 case EVFILT_WRITE: 1012 TUNDEBUG(ifp, "%s kqfilter: EVFILT_WRITE, minor = %#x\n", 1013 ifp->if_xname, dev2unit(dev)); 1014 kn->kn_fop = &tun_write_filterops; 1015 break; 1016 1017 default: 1018 TUNDEBUG(ifp, "%s kqfilter: invalid filter, minor = %#x\n", 1019 ifp->if_xname, dev2unit(dev)); 1020 splx(s); 1021 return(EINVAL); 1022 } 1023 splx(s); 1024 1025 kn->kn_hook = (caddr_t) dev; 1026 knlist_add(&tp->tun_rsel.si_note, kn, 0); 1027 1028 return (0); 1029} 1030 1031/* 1032 * Return true of there is data in the interface queue. 1033 */ 1034static int 1035tunkqread(struct knote *kn, long hint) 1036{ 1037 int ret, s; 1038 struct cdev *dev = (struct cdev *)(kn->kn_hook); 1039 struct tun_softc *tp = dev->si_drv1; 1040 struct ifnet *ifp = TUN2IFP(tp); 1041 1042 s = splimp(); 1043 if ((kn->kn_data = ifp->if_snd.ifq_len) > 0) { 1044 TUNDEBUG(ifp, 1045 "%s have data in the queue. Len = %d, minor = %#x\n", 1046 ifp->if_xname, ifp->if_snd.ifq_len, dev2unit(dev)); 1047 ret = 1; 1048 } else { 1049 TUNDEBUG(ifp, 1050 "%s waiting for data, minor = %#x\n", ifp->if_xname, 1051 dev2unit(dev)); 1052 ret = 0; 1053 } 1054 splx(s); 1055 1056 return (ret); 1057} 1058 1059/* 1060 * Always can write, always return MTU in kn->data. 1061 */ 1062static int 1063tunkqwrite(struct knote *kn, long hint) 1064{ 1065 int s; 1066 struct tun_softc *tp = ((struct cdev *)kn->kn_hook)->si_drv1; 1067 struct ifnet *ifp = TUN2IFP(tp); 1068 1069 s = splimp(); 1070 kn->kn_data = ifp->if_mtu; 1071 splx(s); 1072 1073 return (1); 1074} 1075 1076static void 1077tunkqdetach(struct knote *kn) 1078{ 1079 struct tun_softc *tp = ((struct cdev *)kn->kn_hook)->si_drv1; 1080 1081 knlist_remove(&tp->tun_rsel.si_note, kn, 0); 1082} 1083