if_tun.c revision 300205
143412Snewton/* $NetBSD: if_tun.c,v 1.14 1994/06/29 06:36:25 cgd Exp $ */ 243412Snewton 343412Snewton/*- 443412Snewton * Copyright (c) 1988, Julian Onions <jpo@cs.nott.ac.uk> 543412Snewton * Nottingham University 1987. 643412Snewton * 743412Snewton * This source may be freely distributed, however I would be interested 843412Snewton * in any changes that are made. 943412Snewton * 1043412Snewton * This driver takes packets off the IP i/f and hands them up to a 1143412Snewton * user process to have its wicked way with. This driver has it's 1243412Snewton * roots in a similar driver written by Phil Cockcroft (formerly) at 1343412Snewton * UCL. This driver is based much more on read/write/poll mode of 1443412Snewton * operation though. 1543412Snewton * 1643412Snewton * $FreeBSD: head/sys/net/if_tun.c 300205 2016-05-19 13:52:12Z tuexen $ 1743412Snewton */ 1843412Snewton 1943412Snewton#include "opt_inet.h" 2043412Snewton#include "opt_inet6.h" 2143412Snewton 2243412Snewton#include <sys/param.h> 2343412Snewton#include <sys/priv.h> 2443412Snewton#include <sys/proc.h> 2543412Snewton#include <sys/systm.h> 2643412Snewton#include <sys/jail.h> 2743412Snewton#include <sys/mbuf.h> 2843412Snewton#include <sys/module.h> 2943412Snewton#include <sys/socket.h> 3043412Snewton#include <sys/fcntl.h> 3143412Snewton#include <sys/filio.h> 3243412Snewton#include <sys/sockio.h> 3343412Snewton#include <sys/ttycom.h> 3443412Snewton#include <sys/poll.h> 3543412Snewton#include <sys/selinfo.h> 3643412Snewton#include <sys/signalvar.h> 3743412Snewton#include <sys/filedesc.h> 3843412Snewton#include <sys/kernel.h> 3943412Snewton#include <sys/sysctl.h> 4043412Snewton#include <sys/conf.h> 4149267Snewton#include <sys/uio.h> 4250477Speter#include <sys/malloc.h> 4343412Snewton#include <sys/random.h> 4443412Snewton 4543412Snewton#include <net/if.h> 4643412Snewton#include <net/if_var.h> 4743412Snewton#include <net/if_clone.h> 4843412Snewton#include <net/if_types.h> 4943412Snewton#include <net/netisr.h> 5043412Snewton#include <net/route.h> 5143412Snewton#include <net/vnet.h> 5243412Snewton#ifdef INET 5343412Snewton#include <netinet/in.h> 5443412Snewton#endif 5543412Snewton#include <net/bpf.h> 5643412Snewton#include <net/if_tun.h> 5743412Snewton 5843412Snewton#include <sys/queue.h> 5943412Snewton#include <sys/condvar.h> 6043412Snewton 6143412Snewton#include <security/mac/mac_framework.h> 6243412Snewton 6343412Snewton/* 6443412Snewton * tun_list is protected by global tunmtx. Other mutable fields are 6543412Snewton * protected by tun->tun_mtx, or by their owning subsystem. tun_dev is 6643412Snewton * static for the duration of a tunnel interface. 6743412Snewton */ 6843412Snewtonstruct tun_softc { 6943412Snewton TAILQ_ENTRY(tun_softc) tun_list; 7043412Snewton struct cdev *tun_dev; 7143412Snewton u_short tun_flags; /* misc flags */ 7243412Snewton#define TUN_OPEN 0x0001 7343412Snewton#define TUN_INITED 0x0002 7443412Snewton#define TUN_RCOLL 0x0004 7543412Snewton#define TUN_IASET 0x0008 7643412Snewton#define TUN_DSTADDR 0x0010 7776166Smarkm#define TUN_LMODE 0x0020 7876166Smarkm#define TUN_RWAIT 0x0040 7943412Snewton#define TUN_ASYNC 0x0080 8043412Snewton#define TUN_IFHEAD 0x0100 8143412Snewton 8243412Snewton#define TUN_READY (TUN_OPEN | TUN_INITED) 8365302Sobrien 8465302Sobrien /* 8565302Sobrien * XXXRW: tun_pid is used to exclusively lock /dev/tun. Is this 8665302Sobrien * actually needed? Can we just return EBUSY if already open? 8765302Sobrien * Problem is that this involved inherent races when a tun device 8865302Sobrien * is handed off from one process to another, as opposed to just 8943412Snewton * being slightly stale informationally. 9043412Snewton */ 9143412Snewton pid_t tun_pid; /* owning pid */ 9243412Snewton struct ifnet *tun_ifp; /* the interface */ 9343412Snewton struct sigio *tun_sigio; /* information for async I/O */ 9443412Snewton struct selinfo tun_rsel; /* read select */ 9543412Snewton struct mtx tun_mtx; /* protect mutable softc fields */ 9643412Snewton struct cv tun_cv; /* protect against ref'd dev destroy */ 9743412Snewton}; 9843412Snewton#define TUN2IFP(sc) ((sc)->tun_ifp) 9943412Snewton 10043412Snewton#define TUNDEBUG if (tundebug) if_printf 10143412Snewton 10243412Snewton/* 10343412Snewton * All mutable global variables in if_tun are locked using tunmtx, with 10443412Snewton * the exception of tundebug, which is used unlocked, and tunclones, 10543412Snewton * which is static after setup. 10643412Snewton */ 10743412Snewtonstatic struct mtx tunmtx; 10843412Snewtonstatic const char tunname[] = "tun"; 10943412Snewtonstatic MALLOC_DEFINE(M_TUN, tunname, "Tunnel Interface"); 11043412Snewtonstatic int tundebug = 0; 11143412Snewtonstatic int tundclone = 1; 11243412Snewtonstatic struct clonedevs *tunclones; 11343412Snewtonstatic TAILQ_HEAD(,tun_softc) tunhead = TAILQ_HEAD_INITIALIZER(tunhead); 11443412SnewtonSYSCTL_INT(_debug, OID_AUTO, if_tun_debug, CTLFLAG_RW, &tundebug, 0, ""); 11543412Snewton 11643412SnewtonSYSCTL_DECL(_net_link); 11743412Snewtonstatic SYSCTL_NODE(_net_link, OID_AUTO, tun, CTLFLAG_RW, 0, 11843412Snewton "IP tunnel software network interface."); 11943412SnewtonSYSCTL_INT(_net_link_tun, OID_AUTO, devfs_cloning, CTLFLAG_RWTUN, &tundclone, 0, 12043412Snewton "Enable legacy devfs interface creation."); 12143412Snewton 12243412Snewtonstatic void tunclone(void *arg, struct ucred *cred, char *name, 12343412Snewton int namelen, struct cdev **dev); 12443412Snewtonstatic void tuncreate(const char *name, struct cdev *dev); 12543412Snewtonstatic int tunifioctl(struct ifnet *, u_long, caddr_t); 12643412Snewtonstatic void tuninit(struct ifnet *); 12743412Snewtonstatic int tunmodevent(module_t, int, void *); 12843412Snewtonstatic int tunoutput(struct ifnet *, struct mbuf *, 12943412Snewton const struct sockaddr *, struct route *ro); 13043412Snewtonstatic void tunstart(struct ifnet *); 13183366Sjulian 13283366Sjulianstatic int tun_clone_create(struct if_clone *, int, caddr_t); 13343412Snewtonstatic void tun_clone_destroy(struct ifnet *); 13443412Snewtonstatic struct if_clone *tun_cloner; 13543412Snewton 13643412Snewtonstatic d_open_t tunopen; 13743412Snewtonstatic d_close_t tunclose; 13843412Snewtonstatic d_read_t tunread; 13943412Snewtonstatic d_write_t tunwrite; 14043412Snewtonstatic d_ioctl_t tunioctl; 14143412Snewtonstatic d_poll_t tunpoll; 14271454Sjhbstatic d_kqfilter_t tunkqfilter; 14371454Sjhb 14483366Sjulianstatic int tunkqread(struct knote *, long); 14543412Snewtonstatic int tunkqwrite(struct knote *, long); 14643412Snewtonstatic void tunkqdetach(struct knote *); 14743412Snewton 14843412Snewtonstatic struct filterops tun_read_filterops = { 14943412Snewton .f_isfd = 1, 15043412Snewton .f_attach = NULL, 15143412Snewton .f_detach = tunkqdetach, 15243412Snewton .f_event = tunkqread, 15343412Snewton}; 15443412Snewton 15543412Snewtonstatic struct filterops tun_write_filterops = { 15643412Snewton .f_isfd = 1, 15743412Snewton .f_attach = NULL, 15843412Snewton .f_detach = tunkqdetach, 15943412Snewton .f_event = tunkqwrite, 16043412Snewton}; 16143412Snewton 16243412Snewtonstatic struct cdevsw tun_cdevsw = { 16343412Snewton .d_version = D_VERSION, 16443412Snewton .d_flags = D_NEEDMINOR, 16543412Snewton .d_open = tunopen, 16643412Snewton .d_close = tunclose, 16743412Snewton .d_read = tunread, 16843412Snewton .d_write = tunwrite, 16943412Snewton .d_ioctl = tunioctl, 17043412Snewton .d_poll = tunpoll, 17143412Snewton .d_kqfilter = tunkqfilter, 17243412Snewton .d_name = tunname, 17343412Snewton}; 17443412Snewton 17543412Snewtonstatic int 17643412Snewtontun_clone_create(struct if_clone *ifc, int unit, caddr_t params) 17743412Snewton{ 17883366Sjulian struct cdev *dev; 17983366Sjulian int i; 18043412Snewton 18143412Snewton /* find any existing device, or allocate new unit number */ 18243412Snewton i = clone_create(&tunclones, &tun_cdevsw, &unit, &dev, 0); 18343412Snewton if (i) { 18443412Snewton /* No preexisting struct cdev *, create one */ 18543412Snewton dev = make_dev(&tun_cdevsw, unit, 18643412Snewton UID_UUCP, GID_DIALER, 0600, "%s%d", tunname, unit); 18743412Snewton } 18843412Snewton tuncreate(tunname, dev); 18943412Snewton 19071454Sjhb return (0); 19171454Sjhb} 19283366Sjulian 19343412Snewtonstatic void 19443412Snewtontunclone(void *arg, struct ucred *cred, char *name, int namelen, 19543412Snewton struct cdev **dev) 19643412Snewton{ 19743412Snewton char devname[SPECNAMELEN + 1]; 19843412Snewton int u, i, append_unit; 19943412Snewton 20043412Snewton if (*dev != NULL) 20143412Snewton return; 20243412Snewton 20343412Snewton /* 20443412Snewton * If tun cloning is enabled, only the superuser can create an 20543412Snewton * interface. 20643412Snewton */ 20743412Snewton if (!tundclone || priv_check_cred(cred, PRIV_NET_IFCREATE, 0) != 0) 20843412Snewton return; 20943412Snewton 21043412Snewton if (strcmp(name, tunname) == 0) { 21143412Snewton u = -1; 21243412Snewton } else if (dev_stdclone(name, NULL, tunname, &u) != 1) 21343412Snewton return; /* Don't recognise the name */ 21443412Snewton if (u != -1 && u > IF_MAXUNIT) 21543412Snewton return; /* Unit number too high */ 21643412Snewton 21743412Snewton if (u == -1) 21843412Snewton append_unit = 1; 21943412Snewton else 22043412Snewton append_unit = 0; 22143412Snewton 22243412Snewton CURVNET_SET(CRED_TO_VNET(cred)); 22343412Snewton /* find any existing device, or allocate new unit number */ 22483366Sjulian i = clone_create(&tunclones, &tun_cdevsw, &u, dev, 0); 22543412Snewton if (i) { 22643412Snewton if (append_unit) { 22743412Snewton namelen = snprintf(devname, sizeof(devname), "%s%d", 22843412Snewton name, u); 22983366Sjulian name = devname; 23083366Sjulian } 23143412Snewton /* No preexisting struct cdev *, create one */ 23243412Snewton *dev = make_dev_credf(MAKEDEV_REF, &tun_cdevsw, u, cred, 23343412Snewton UID_UUCP, GID_DIALER, 0600, "%s", name); 23443412Snewton } 23543412Snewton 23643412Snewton if_clone_create(name, namelen, NULL); 23743412Snewton CURVNET_RESTORE(); 23843412Snewton} 23943412Snewton 24071454Sjhbstatic void 24171454Sjhbtun_destroy(struct tun_softc *tp) 24283366Sjulian{ 24343412Snewton struct cdev *dev; 24443412Snewton 24543412Snewton mtx_lock(&tp->tun_mtx); 24643412Snewton if ((tp->tun_flags & TUN_OPEN) != 0) 24743412Snewton cv_wait_unlock(&tp->tun_cv, &tp->tun_mtx); 24843412Snewton else 24943412Snewton mtx_unlock(&tp->tun_mtx); 25043412Snewton 25143412Snewton CURVNET_SET(TUN2IFP(tp)->if_vnet); 25243412Snewton dev = tp->tun_dev; 25343412Snewton bpfdetach(TUN2IFP(tp)); 25443412Snewton if_detach(TUN2IFP(tp)); 25543412Snewton if_free(TUN2IFP(tp)); 25643412Snewton destroy_dev(dev); 25743412Snewton seldrain(&tp->tun_rsel); 25843412Snewton knlist_clear(&tp->tun_rsel.si_note, 0); 25943412Snewton knlist_destroy(&tp->tun_rsel.si_note); 26043412Snewton mtx_destroy(&tp->tun_mtx); 26143412Snewton cv_destroy(&tp->tun_cv); 26243412Snewton free(tp, M_TUN); 26343412Snewton CURVNET_RESTORE(); 26443412Snewton} 26543412Snewton 26643412Snewtonstatic void 26743412Snewtontun_clone_destroy(struct ifnet *ifp) 26843412Snewton{ 26943412Snewton struct tun_softc *tp = ifp->if_softc; 27043412Snewton 27143412Snewton mtx_lock(&tunmtx); 27243412Snewton TAILQ_REMOVE(&tunhead, tp, tun_list); 27343412Snewton mtx_unlock(&tunmtx); 27443412Snewton tun_destroy(tp); 27543412Snewton} 27683366Sjulian 27783366Sjulianstatic int 27843412Snewtontunmodevent(module_t mod, int type, void *data) 27943412Snewton{ 28043412Snewton static eventhandler_tag tag; 28143412Snewton struct tun_softc *tp; 28243412Snewton 28343412Snewton switch (type) { 28443412Snewton case MOD_LOAD: 28543412Snewton mtx_init(&tunmtx, "tunmtx", NULL, MTX_DEF); 28643412Snewton clone_setup(&tunclones); 28743412Snewton tag = EVENTHANDLER_REGISTER(dev_clone, tunclone, 0, 1000); 28871454Sjhb if (tag == NULL) 28971454Sjhb return (ENOMEM); 29083366Sjulian tun_cloner = if_clone_simple(tunname, tun_clone_create, 29143412Snewton tun_clone_destroy, 0); 29243412Snewton break; 29343412Snewton case MOD_UNLOAD: 29443412Snewton if_clone_detach(tun_cloner); 29543412Snewton EVENTHANDLER_DEREGISTER(dev_clone, tag); 29643412Snewton drain_dev_clone_events(); 29743412Snewton 29843412Snewton mtx_lock(&tunmtx); 29943412Snewton while ((tp = TAILQ_FIRST(&tunhead)) != NULL) { 30043412Snewton TAILQ_REMOVE(&tunhead, tp, tun_list); 30143412Snewton mtx_unlock(&tunmtx); 30243412Snewton tun_destroy(tp); 30343412Snewton mtx_lock(&tunmtx); 30443412Snewton } 30543412Snewton mtx_unlock(&tunmtx); 30643412Snewton clone_cleanup(&tunclones); 30743412Snewton mtx_destroy(&tunmtx); 30843412Snewton break; 30943412Snewton default: 31043412Snewton return EOPNOTSUPP; 31143412Snewton } 31243412Snewton return 0; 31343412Snewton} 31443412Snewton 31543412Snewtonstatic moduledata_t tun_mod = { 31643412Snewton "if_tun", 31743412Snewton tunmodevent, 31843412Snewton 0 31943412Snewton}; 32043412Snewton 32143412SnewtonDECLARE_MODULE(if_tun, tun_mod, SI_SUB_PSEUDO, SI_ORDER_ANY); 32283366SjulianMODULE_VERSION(if_tun, 1); 32343412Snewton 324static void 325tunstart(struct ifnet *ifp) 326{ 327 struct tun_softc *tp = ifp->if_softc; 328 struct mbuf *m; 329 330 TUNDEBUG(ifp,"%s starting\n", ifp->if_xname); 331 if (ALTQ_IS_ENABLED(&ifp->if_snd)) { 332 IFQ_LOCK(&ifp->if_snd); 333 IFQ_POLL_NOLOCK(&ifp->if_snd, m); 334 if (m == NULL) { 335 IFQ_UNLOCK(&ifp->if_snd); 336 return; 337 } 338 IFQ_UNLOCK(&ifp->if_snd); 339 } 340 341 mtx_lock(&tp->tun_mtx); 342 if (tp->tun_flags & TUN_RWAIT) { 343 tp->tun_flags &= ~TUN_RWAIT; 344 wakeup(tp); 345 } 346 selwakeuppri(&tp->tun_rsel, PZERO + 1); 347 KNOTE_LOCKED(&tp->tun_rsel.si_note, 0); 348 if (tp->tun_flags & TUN_ASYNC && tp->tun_sigio) { 349 mtx_unlock(&tp->tun_mtx); 350 pgsigio(&tp->tun_sigio, SIGIO, 0); 351 } else 352 mtx_unlock(&tp->tun_mtx); 353} 354 355/* XXX: should return an error code so it can fail. */ 356static void 357tuncreate(const char *name, struct cdev *dev) 358{ 359 struct tun_softc *sc; 360 struct ifnet *ifp; 361 362 sc = malloc(sizeof(*sc), M_TUN, M_WAITOK | M_ZERO); 363 mtx_init(&sc->tun_mtx, "tun_mtx", NULL, MTX_DEF); 364 cv_init(&sc->tun_cv, "tun_condvar"); 365 sc->tun_flags = TUN_INITED; 366 sc->tun_dev = dev; 367 mtx_lock(&tunmtx); 368 TAILQ_INSERT_TAIL(&tunhead, sc, tun_list); 369 mtx_unlock(&tunmtx); 370 371 ifp = sc->tun_ifp = if_alloc(IFT_PPP); 372 if (ifp == NULL) 373 panic("%s%d: failed to if_alloc() interface.\n", 374 name, dev2unit(dev)); 375 if_initname(ifp, name, dev2unit(dev)); 376 ifp->if_mtu = TUNMTU; 377 ifp->if_ioctl = tunifioctl; 378 ifp->if_output = tunoutput; 379 ifp->if_start = tunstart; 380 ifp->if_flags = IFF_POINTOPOINT | IFF_MULTICAST; 381 ifp->if_softc = sc; 382 IFQ_SET_MAXLEN(&ifp->if_snd, ifqmaxlen); 383 ifp->if_snd.ifq_drv_maxlen = 0; 384 IFQ_SET_READY(&ifp->if_snd); 385 knlist_init_mtx(&sc->tun_rsel.si_note, &sc->tun_mtx); 386 ifp->if_capabilities |= IFCAP_LINKSTATE; 387 ifp->if_capenable |= IFCAP_LINKSTATE; 388 389 if_attach(ifp); 390 bpfattach(ifp, DLT_NULL, sizeof(u_int32_t)); 391 dev->si_drv1 = sc; 392 TUNDEBUG(ifp, "interface %s is created, minor = %#x\n", 393 ifp->if_xname, dev2unit(dev)); 394} 395 396static int 397tunopen(struct cdev *dev, int flag, int mode, struct thread *td) 398{ 399 struct ifnet *ifp; 400 struct tun_softc *tp; 401 402 /* 403 * XXXRW: Non-atomic test and set of dev->si_drv1 requires 404 * synchronization. 405 */ 406 tp = dev->si_drv1; 407 if (!tp) { 408 tuncreate(tunname, dev); 409 tp = dev->si_drv1; 410 } 411 412 /* 413 * XXXRW: This use of tun_pid is subject to error due to the 414 * fact that a reference to the tunnel can live beyond the 415 * death of the process that created it. Can we replace this 416 * with a simple busy flag? 417 */ 418 mtx_lock(&tp->tun_mtx); 419 if (tp->tun_pid != 0 && tp->tun_pid != td->td_proc->p_pid) { 420 mtx_unlock(&tp->tun_mtx); 421 return (EBUSY); 422 } 423 tp->tun_pid = td->td_proc->p_pid; 424 425 tp->tun_flags |= TUN_OPEN; 426 ifp = TUN2IFP(tp); 427 if_link_state_change(ifp, LINK_STATE_UP); 428 TUNDEBUG(ifp, "open\n"); 429 mtx_unlock(&tp->tun_mtx); 430 431 return (0); 432} 433 434/* 435 * tunclose - close the device - mark i/f down & delete 436 * routing info 437 */ 438static int 439tunclose(struct cdev *dev, int foo, int bar, struct thread *td) 440{ 441 struct tun_softc *tp; 442 struct ifnet *ifp; 443 444 tp = dev->si_drv1; 445 ifp = TUN2IFP(tp); 446 447 mtx_lock(&tp->tun_mtx); 448 tp->tun_flags &= ~TUN_OPEN; 449 tp->tun_pid = 0; 450 451 /* 452 * junk all pending output 453 */ 454 CURVNET_SET(ifp->if_vnet); 455 IFQ_PURGE(&ifp->if_snd); 456 457 if (ifp->if_flags & IFF_UP) { 458 mtx_unlock(&tp->tun_mtx); 459 if_down(ifp); 460 mtx_lock(&tp->tun_mtx); 461 } 462 463 /* Delete all addresses and routes which reference this interface. */ 464 if (ifp->if_drv_flags & IFF_DRV_RUNNING) { 465 struct ifaddr *ifa; 466 467 ifp->if_drv_flags &= ~IFF_DRV_RUNNING; 468 mtx_unlock(&tp->tun_mtx); 469 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) { 470 /* deal w/IPv4 PtP destination; unlocked read */ 471 if (ifa->ifa_addr->sa_family == AF_INET) { 472 rtinit(ifa, (int)RTM_DELETE, 473 tp->tun_flags & TUN_DSTADDR ? RTF_HOST : 0); 474 } else { 475 rtinit(ifa, (int)RTM_DELETE, 0); 476 } 477 } 478 if_purgeaddrs(ifp); 479 mtx_lock(&tp->tun_mtx); 480 } 481 if_link_state_change(ifp, LINK_STATE_DOWN); 482 CURVNET_RESTORE(); 483 484 funsetown(&tp->tun_sigio); 485 selwakeuppri(&tp->tun_rsel, PZERO + 1); 486 KNOTE_LOCKED(&tp->tun_rsel.si_note, 0); 487 TUNDEBUG (ifp, "closed\n"); 488 489 cv_broadcast(&tp->tun_cv); 490 mtx_unlock(&tp->tun_mtx); 491 return (0); 492} 493 494static void 495tuninit(struct ifnet *ifp) 496{ 497 struct tun_softc *tp = ifp->if_softc; 498#ifdef INET 499 struct ifaddr *ifa; 500#endif 501 502 TUNDEBUG(ifp, "tuninit\n"); 503 504 mtx_lock(&tp->tun_mtx); 505 ifp->if_flags |= IFF_UP; 506 ifp->if_drv_flags |= IFF_DRV_RUNNING; 507 getmicrotime(&ifp->if_lastchange); 508 509#ifdef INET 510 if_addr_rlock(ifp); 511 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) { 512 if (ifa->ifa_addr->sa_family == AF_INET) { 513 struct sockaddr_in *si; 514 515 si = (struct sockaddr_in *)ifa->ifa_addr; 516 if (si->sin_addr.s_addr) 517 tp->tun_flags |= TUN_IASET; 518 519 si = (struct sockaddr_in *)ifa->ifa_dstaddr; 520 if (si && si->sin_addr.s_addr) 521 tp->tun_flags |= TUN_DSTADDR; 522 } 523 } 524 if_addr_runlock(ifp); 525#endif 526 mtx_unlock(&tp->tun_mtx); 527} 528 529/* 530 * Process an ioctl request. 531 */ 532static int 533tunifioctl(struct ifnet *ifp, u_long cmd, caddr_t data) 534{ 535 struct ifreq *ifr = (struct ifreq *)data; 536 struct tun_softc *tp = ifp->if_softc; 537 struct ifstat *ifs; 538 int error = 0; 539 540 switch(cmd) { 541 case SIOCGIFSTATUS: 542 ifs = (struct ifstat *)data; 543 mtx_lock(&tp->tun_mtx); 544 if (tp->tun_pid) 545 snprintf(ifs->ascii, sizeof(ifs->ascii), 546 "\tOpened by PID %d\n", tp->tun_pid); 547 else 548 ifs->ascii[0] = '\0'; 549 mtx_unlock(&tp->tun_mtx); 550 break; 551 case SIOCSIFADDR: 552 tuninit(ifp); 553 TUNDEBUG(ifp, "address set\n"); 554 break; 555 case SIOCSIFMTU: 556 ifp->if_mtu = ifr->ifr_mtu; 557 TUNDEBUG(ifp, "mtu set\n"); 558 break; 559 case SIOCSIFFLAGS: 560 case SIOCADDMULTI: 561 case SIOCDELMULTI: 562 break; 563 default: 564 error = EINVAL; 565 } 566 return (error); 567} 568 569/* 570 * tunoutput - queue packets from higher level ready to put out. 571 */ 572static int 573tunoutput(struct ifnet *ifp, struct mbuf *m0, const struct sockaddr *dst, 574 struct route *ro) 575{ 576 struct tun_softc *tp = ifp->if_softc; 577 u_short cached_tun_flags; 578 int error; 579 u_int32_t af; 580 581 TUNDEBUG (ifp, "tunoutput\n"); 582 583#ifdef MAC 584 error = mac_ifnet_check_transmit(ifp, m0); 585 if (error) { 586 m_freem(m0); 587 return (error); 588 } 589#endif 590 591 /* Could be unlocked read? */ 592 mtx_lock(&tp->tun_mtx); 593 cached_tun_flags = tp->tun_flags; 594 mtx_unlock(&tp->tun_mtx); 595 if ((cached_tun_flags & TUN_READY) != TUN_READY) { 596 TUNDEBUG (ifp, "not ready 0%o\n", tp->tun_flags); 597 m_freem (m0); 598 return (EHOSTDOWN); 599 } 600 601 if ((ifp->if_flags & IFF_UP) != IFF_UP) { 602 m_freem (m0); 603 return (EHOSTDOWN); 604 } 605 606 /* BPF writes need to be handled specially. */ 607 if (dst->sa_family == AF_UNSPEC) 608 bcopy(dst->sa_data, &af, sizeof(af)); 609 else 610 af = dst->sa_family; 611 612 if (bpf_peers_present(ifp->if_bpf)) 613 bpf_mtap2(ifp->if_bpf, &af, sizeof(af), m0); 614 615 /* prepend sockaddr? this may abort if the mbuf allocation fails */ 616 if (cached_tun_flags & TUN_LMODE) { 617 /* allocate space for sockaddr */ 618 M_PREPEND(m0, dst->sa_len, M_NOWAIT); 619 620 /* if allocation failed drop packet */ 621 if (m0 == NULL) { 622 if_inc_counter(ifp, IFCOUNTER_IQDROPS, 1); 623 if_inc_counter(ifp, IFCOUNTER_OERRORS, 1); 624 return (ENOBUFS); 625 } else { 626 bcopy(dst, m0->m_data, dst->sa_len); 627 } 628 } 629 630 if (cached_tun_flags & TUN_IFHEAD) { 631 /* Prepend the address family */ 632 M_PREPEND(m0, 4, M_NOWAIT); 633 634 /* if allocation failed drop packet */ 635 if (m0 == NULL) { 636 if_inc_counter(ifp, IFCOUNTER_IQDROPS, 1); 637 if_inc_counter(ifp, IFCOUNTER_OERRORS, 1); 638 return (ENOBUFS); 639 } else 640 *(u_int32_t *)m0->m_data = htonl(af); 641 } else { 642#ifdef INET 643 if (af != AF_INET) 644#endif 645 { 646 m_freem(m0); 647 return (EAFNOSUPPORT); 648 } 649 } 650 651 error = (ifp->if_transmit)(ifp, m0); 652 if (error) 653 return (ENOBUFS); 654 if_inc_counter(ifp, IFCOUNTER_OPACKETS, 1); 655 return (0); 656} 657 658/* 659 * the cdevsw interface is now pretty minimal. 660 */ 661static int 662tunioctl(struct cdev *dev, u_long cmd, caddr_t data, int flag, 663 struct thread *td) 664{ 665 int error; 666 struct tun_softc *tp = dev->si_drv1; 667 struct tuninfo *tunp; 668 669 switch (cmd) { 670 case TUNSIFINFO: 671 tunp = (struct tuninfo *)data; 672 if (tunp->mtu < IF_MINMTU) 673 return (EINVAL); 674 if (TUN2IFP(tp)->if_mtu != tunp->mtu) { 675 error = priv_check(td, PRIV_NET_SETIFMTU); 676 if (error) 677 return (error); 678 } 679 mtx_lock(&tp->tun_mtx); 680 TUN2IFP(tp)->if_mtu = tunp->mtu; 681 TUN2IFP(tp)->if_type = tunp->type; 682 TUN2IFP(tp)->if_baudrate = tunp->baudrate; 683 mtx_unlock(&tp->tun_mtx); 684 break; 685 case TUNGIFINFO: 686 tunp = (struct tuninfo *)data; 687 mtx_lock(&tp->tun_mtx); 688 tunp->mtu = TUN2IFP(tp)->if_mtu; 689 tunp->type = TUN2IFP(tp)->if_type; 690 tunp->baudrate = TUN2IFP(tp)->if_baudrate; 691 mtx_unlock(&tp->tun_mtx); 692 break; 693 case TUNSDEBUG: 694 tundebug = *(int *)data; 695 break; 696 case TUNGDEBUG: 697 *(int *)data = tundebug; 698 break; 699 case TUNSLMODE: 700 mtx_lock(&tp->tun_mtx); 701 if (*(int *)data) { 702 tp->tun_flags |= TUN_LMODE; 703 tp->tun_flags &= ~TUN_IFHEAD; 704 } else 705 tp->tun_flags &= ~TUN_LMODE; 706 mtx_unlock(&tp->tun_mtx); 707 break; 708 case TUNSIFHEAD: 709 mtx_lock(&tp->tun_mtx); 710 if (*(int *)data) { 711 tp->tun_flags |= TUN_IFHEAD; 712 tp->tun_flags &= ~TUN_LMODE; 713 } else 714 tp->tun_flags &= ~TUN_IFHEAD; 715 mtx_unlock(&tp->tun_mtx); 716 break; 717 case TUNGIFHEAD: 718 mtx_lock(&tp->tun_mtx); 719 *(int *)data = (tp->tun_flags & TUN_IFHEAD) ? 1 : 0; 720 mtx_unlock(&tp->tun_mtx); 721 break; 722 case TUNSIFMODE: 723 /* deny this if UP */ 724 if (TUN2IFP(tp)->if_flags & IFF_UP) 725 return(EBUSY); 726 727 switch (*(int *)data & ~IFF_MULTICAST) { 728 case IFF_POINTOPOINT: 729 case IFF_BROADCAST: 730 mtx_lock(&tp->tun_mtx); 731 TUN2IFP(tp)->if_flags &= 732 ~(IFF_BROADCAST|IFF_POINTOPOINT|IFF_MULTICAST); 733 TUN2IFP(tp)->if_flags |= *(int *)data; 734 mtx_unlock(&tp->tun_mtx); 735 break; 736 default: 737 return(EINVAL); 738 } 739 break; 740 case TUNSIFPID: 741 mtx_lock(&tp->tun_mtx); 742 tp->tun_pid = curthread->td_proc->p_pid; 743 mtx_unlock(&tp->tun_mtx); 744 break; 745 case FIONBIO: 746 break; 747 case FIOASYNC: 748 mtx_lock(&tp->tun_mtx); 749 if (*(int *)data) 750 tp->tun_flags |= TUN_ASYNC; 751 else 752 tp->tun_flags &= ~TUN_ASYNC; 753 mtx_unlock(&tp->tun_mtx); 754 break; 755 case FIONREAD: 756 if (!IFQ_IS_EMPTY(&TUN2IFP(tp)->if_snd)) { 757 struct mbuf *mb; 758 IFQ_LOCK(&TUN2IFP(tp)->if_snd); 759 IFQ_POLL_NOLOCK(&TUN2IFP(tp)->if_snd, mb); 760 for (*(int *)data = 0; mb != NULL; mb = mb->m_next) 761 *(int *)data += mb->m_len; 762 IFQ_UNLOCK(&TUN2IFP(tp)->if_snd); 763 } else 764 *(int *)data = 0; 765 break; 766 case FIOSETOWN: 767 return (fsetown(*(int *)data, &tp->tun_sigio)); 768 769 case FIOGETOWN: 770 *(int *)data = fgetown(&tp->tun_sigio); 771 return (0); 772 773 /* This is deprecated, FIOSETOWN should be used instead. */ 774 case TIOCSPGRP: 775 return (fsetown(-(*(int *)data), &tp->tun_sigio)); 776 777 /* This is deprecated, FIOGETOWN should be used instead. */ 778 case TIOCGPGRP: 779 *(int *)data = -fgetown(&tp->tun_sigio); 780 return (0); 781 782 default: 783 return (ENOTTY); 784 } 785 return (0); 786} 787 788/* 789 * The cdevsw read interface - reads a packet at a time, or at 790 * least as much of a packet as can be read. 791 */ 792static int 793tunread(struct cdev *dev, struct uio *uio, int flag) 794{ 795 struct tun_softc *tp = dev->si_drv1; 796 struct ifnet *ifp = TUN2IFP(tp); 797 struct mbuf *m; 798 int error=0, len; 799 800 TUNDEBUG (ifp, "read\n"); 801 mtx_lock(&tp->tun_mtx); 802 if ((tp->tun_flags & TUN_READY) != TUN_READY) { 803 mtx_unlock(&tp->tun_mtx); 804 TUNDEBUG (ifp, "not ready 0%o\n", tp->tun_flags); 805 return (EHOSTDOWN); 806 } 807 808 tp->tun_flags &= ~TUN_RWAIT; 809 810 do { 811 IFQ_DEQUEUE(&ifp->if_snd, m); 812 if (m == NULL) { 813 if (flag & O_NONBLOCK) { 814 mtx_unlock(&tp->tun_mtx); 815 return (EWOULDBLOCK); 816 } 817 tp->tun_flags |= TUN_RWAIT; 818 error = mtx_sleep(tp, &tp->tun_mtx, PCATCH | (PZERO + 1), 819 "tunread", 0); 820 if (error != 0) { 821 mtx_unlock(&tp->tun_mtx); 822 return (error); 823 } 824 } 825 } while (m == NULL); 826 mtx_unlock(&tp->tun_mtx); 827 828 while (m && uio->uio_resid > 0 && error == 0) { 829 len = min(uio->uio_resid, m->m_len); 830 if (len != 0) 831 error = uiomove(mtod(m, void *), len, uio); 832 m = m_free(m); 833 } 834 835 if (m) { 836 TUNDEBUG(ifp, "Dropping mbuf\n"); 837 m_freem(m); 838 } 839 return (error); 840} 841 842/* 843 * the cdevsw write interface - an atomic write is a packet - or else! 844 */ 845static int 846tunwrite(struct cdev *dev, struct uio *uio, int flag) 847{ 848 struct tun_softc *tp = dev->si_drv1; 849 struct ifnet *ifp = TUN2IFP(tp); 850 struct mbuf *m; 851 uint32_t family, mru; 852 int isr; 853 854 TUNDEBUG(ifp, "tunwrite\n"); 855 856 if ((ifp->if_flags & IFF_UP) != IFF_UP) 857 /* ignore silently */ 858 return (0); 859 860 if (uio->uio_resid == 0) 861 return (0); 862 863 mru = TUNMRU; 864 if (tp->tun_flags & TUN_IFHEAD) 865 mru += sizeof(family); 866 if (uio->uio_resid < 0 || uio->uio_resid > mru) { 867 TUNDEBUG(ifp, "len=%zd!\n", uio->uio_resid); 868 return (EIO); 869 } 870 871 if ((m = m_uiotombuf(uio, M_NOWAIT, 0, 0, M_PKTHDR)) == NULL) { 872 if_inc_counter(ifp, IFCOUNTER_IERRORS, 1); 873 return (ENOBUFS); 874 } 875 876 m->m_pkthdr.rcvif = ifp; 877#ifdef MAC 878 mac_ifnet_create_mbuf(ifp, m); 879#endif 880 881 /* Could be unlocked read? */ 882 mtx_lock(&tp->tun_mtx); 883 if (tp->tun_flags & TUN_IFHEAD) { 884 mtx_unlock(&tp->tun_mtx); 885 if (m->m_len < sizeof(family) && 886 (m = m_pullup(m, sizeof(family))) == NULL) 887 return (ENOBUFS); 888 family = ntohl(*mtod(m, u_int32_t *)); 889 m_adj(m, sizeof(family)); 890 } else { 891 mtx_unlock(&tp->tun_mtx); 892 family = AF_INET; 893 } 894 895 BPF_MTAP2(ifp, &family, sizeof(family), m); 896 897 switch (family) { 898#ifdef INET 899 case AF_INET: 900 isr = NETISR_IP; 901 break; 902#endif 903#ifdef INET6 904 case AF_INET6: 905 isr = NETISR_IPV6; 906 break; 907#endif 908 default: 909 m_freem(m); 910 return (EAFNOSUPPORT); 911 } 912 random_harvest_queue(m, sizeof(*m), 2, RANDOM_NET_TUN); 913 if_inc_counter(ifp, IFCOUNTER_IBYTES, m->m_pkthdr.len); 914 if_inc_counter(ifp, IFCOUNTER_IPACKETS, 1); 915 CURVNET_SET(ifp->if_vnet); 916 M_SETFIB(m, ifp->if_fib); 917 netisr_dispatch(isr, m); 918 CURVNET_RESTORE(); 919 return (0); 920} 921 922/* 923 * tunpoll - the poll interface, this is only useful on reads 924 * really. The write detect always returns true, write never blocks 925 * anyway, it either accepts the packet or drops it. 926 */ 927static int 928tunpoll(struct cdev *dev, int events, struct thread *td) 929{ 930 struct tun_softc *tp = dev->si_drv1; 931 struct ifnet *ifp = TUN2IFP(tp); 932 int revents = 0; 933 struct mbuf *m; 934 935 TUNDEBUG(ifp, "tunpoll\n"); 936 937 if (events & (POLLIN | POLLRDNORM)) { 938 IFQ_LOCK(&ifp->if_snd); 939 IFQ_POLL_NOLOCK(&ifp->if_snd, m); 940 if (m != NULL) { 941 TUNDEBUG(ifp, "tunpoll q=%d\n", ifp->if_snd.ifq_len); 942 revents |= events & (POLLIN | POLLRDNORM); 943 } else { 944 TUNDEBUG(ifp, "tunpoll waiting\n"); 945 selrecord(td, &tp->tun_rsel); 946 } 947 IFQ_UNLOCK(&ifp->if_snd); 948 } 949 if (events & (POLLOUT | POLLWRNORM)) 950 revents |= events & (POLLOUT | POLLWRNORM); 951 952 return (revents); 953} 954 955/* 956 * tunkqfilter - support for the kevent() system call. 957 */ 958static int 959tunkqfilter(struct cdev *dev, struct knote *kn) 960{ 961 struct tun_softc *tp = dev->si_drv1; 962 struct ifnet *ifp = TUN2IFP(tp); 963 964 switch(kn->kn_filter) { 965 case EVFILT_READ: 966 TUNDEBUG(ifp, "%s kqfilter: EVFILT_READ, minor = %#x\n", 967 ifp->if_xname, dev2unit(dev)); 968 kn->kn_fop = &tun_read_filterops; 969 break; 970 971 case EVFILT_WRITE: 972 TUNDEBUG(ifp, "%s kqfilter: EVFILT_WRITE, minor = %#x\n", 973 ifp->if_xname, dev2unit(dev)); 974 kn->kn_fop = &tun_write_filterops; 975 break; 976 977 default: 978 TUNDEBUG(ifp, "%s kqfilter: invalid filter, minor = %#x\n", 979 ifp->if_xname, dev2unit(dev)); 980 return(EINVAL); 981 } 982 983 kn->kn_hook = tp; 984 knlist_add(&tp->tun_rsel.si_note, kn, 0); 985 986 return (0); 987} 988 989/* 990 * Return true of there is data in the interface queue. 991 */ 992static int 993tunkqread(struct knote *kn, long hint) 994{ 995 int ret; 996 struct tun_softc *tp = kn->kn_hook; 997 struct cdev *dev = tp->tun_dev; 998 struct ifnet *ifp = TUN2IFP(tp); 999 1000 if ((kn->kn_data = ifp->if_snd.ifq_len) > 0) { 1001 TUNDEBUG(ifp, 1002 "%s have data in the queue. Len = %d, minor = %#x\n", 1003 ifp->if_xname, ifp->if_snd.ifq_len, dev2unit(dev)); 1004 ret = 1; 1005 } else { 1006 TUNDEBUG(ifp, 1007 "%s waiting for data, minor = %#x\n", ifp->if_xname, 1008 dev2unit(dev)); 1009 ret = 0; 1010 } 1011 1012 return (ret); 1013} 1014 1015/* 1016 * Always can write, always return MTU in kn->data. 1017 */ 1018static int 1019tunkqwrite(struct knote *kn, long hint) 1020{ 1021 struct tun_softc *tp = kn->kn_hook; 1022 struct ifnet *ifp = TUN2IFP(tp); 1023 1024 kn->kn_data = ifp->if_mtu; 1025 1026 return (1); 1027} 1028 1029static void 1030tunkqdetach(struct knote *kn) 1031{ 1032 struct tun_softc *tp = kn->kn_hook; 1033 1034 knlist_remove(&tp->tun_rsel.si_note, kn, 0); 1035} 1036