FreeBSD/Linux Kernel Cross Reference
sys/net/bpf.c
1 /*-
2 * Copyright (c) 1990, 1991, 1993
3 * The Regents of the University of California. All rights reserved.
4 *
5 * This code is derived from the Stanford/CMU enet packet filter,
6 * (net/enet.c) distributed as part of 4.3BSD, and code contributed
7 * to Berkeley by Steven McCanne and Van Jacobson both of Lawrence
8 * Berkeley Laboratory.
9 *
10 * Redistribution and use in source and binary forms, with or without
11 * modification, are permitted provided that the following conditions
12 * are met:
13 * 1. Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer.
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in the
17 * documentation and/or other materials provided with the distribution.
18 * 4. Neither the name of the University nor the names of its contributors
19 * may be used to endorse or promote products derived from this software
20 * without specific prior written permission.
21 *
22 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
23 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
25 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
26 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
28 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
29 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
30 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
31 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32 * SUCH DAMAGE.
33 *
34 * @(#)bpf.c 8.4 (Berkeley) 1/9/95
35 *
36 * $FreeBSD: releng/6.2/sys/net/bpf.c 161447 2006-08-18 15:58:16Z dwmalone $
37 */
38
39 #include "opt_bpf.h"
40 #include "opt_mac.h"
41 #include "opt_netgraph.h"
42
43 #include <sys/types.h>
44 #include <sys/param.h>
45 #include <sys/systm.h>
46 #include <sys/conf.h>
47 #include <sys/fcntl.h>
48 #include <sys/mac.h>
49 #include <sys/malloc.h>
50 #include <sys/mbuf.h>
51 #include <sys/time.h>
52 #include <sys/proc.h>
53 #include <sys/signalvar.h>
54 #include <sys/filio.h>
55 #include <sys/sockio.h>
56 #include <sys/ttycom.h>
57 #include <sys/uio.h>
58
59 #include <sys/event.h>
60 #include <sys/file.h>
61 #include <sys/poll.h>
62 #include <sys/proc.h>
63
64 #include <sys/socket.h>
65
66 #include <net/if.h>
67 #include <net/bpf.h>
68 #include <net/bpfdesc.h>
69
70 #include <netinet/in.h>
71 #include <netinet/if_ether.h>
72 #include <sys/kernel.h>
73 #include <sys/sysctl.h>
74
75 static MALLOC_DEFINE(M_BPF, "BPF", "BPF data");
76
77 #if defined(DEV_BPF) || defined(NETGRAPH_BPF)
78
79 #define PRINET 26 /* interruptible */
80
81 /*
82 * bpf_iflist is a list of BPF interface structures, each corresponding to a
83 * specific DLT. The same network interface might have several BPF interface
84 * structures registered by different layers in the stack (i.e., 802.11
85 * frames, ethernet frames, etc).
86 */
87 static LIST_HEAD(, bpf_if) bpf_iflist;
88 static struct mtx bpf_mtx; /* bpf global lock */
89 static int bpf_bpfd_cnt;
90
91 static int bpf_allocbufs(struct bpf_d *);
92 static void bpf_attachd(struct bpf_d *d, struct bpf_if *bp);
93 static void bpf_detachd(struct bpf_d *d);
94 static void bpf_freed(struct bpf_d *);
95 static void bpf_mcopy(const void *, void *, size_t);
96 static int bpf_movein(struct uio *, int, int,
97 struct mbuf **, struct sockaddr *, struct bpf_insn *);
98 static int bpf_setif(struct bpf_d *, struct ifreq *);
99 static void bpf_timed_out(void *);
100 static __inline void
101 bpf_wakeup(struct bpf_d *);
102 static void catchpacket(struct bpf_d *, u_char *, u_int,
103 u_int, void (*)(const void *, void *, size_t),
104 struct timeval *);
105 static void reset_d(struct bpf_d *);
106 static int bpf_setf(struct bpf_d *, struct bpf_program *, u_long cmd);
107 static int bpf_getdltlist(struct bpf_d *, struct bpf_dltlist *);
108 static int bpf_setdlt(struct bpf_d *, u_int);
109 static void filt_bpfdetach(struct knote *);
110 static int filt_bpfread(struct knote *, long);
111 static void bpf_drvinit(void *);
112 static void bpf_clone(void *, struct ucred *, char *, int, struct cdev **);
113 static int bpf_stats_sysctl(SYSCTL_HANDLER_ARGS);
114
115 /*
116 * The default read buffer size is patchable.
117 */
118 SYSCTL_NODE(_net, OID_AUTO, bpf, CTLFLAG_RW, 0, "bpf sysctl");
119 static int bpf_bufsize = 4096;
120 SYSCTL_INT(_net_bpf, OID_AUTO, bufsize, CTLFLAG_RW,
121 &bpf_bufsize, 0, "");
122 static int bpf_maxbufsize = BPF_MAXBUFSIZE;
123 SYSCTL_INT(_net_bpf, OID_AUTO, maxbufsize, CTLFLAG_RW,
124 &bpf_maxbufsize, 0, "");
125 static int bpf_maxinsns = BPF_MAXINSNS;
126 SYSCTL_INT(_net_bpf, OID_AUTO, maxinsns, CTLFLAG_RW,
127 &bpf_maxinsns, 0, "Maximum bpf program instructions");
128 SYSCTL_NODE(_net_bpf, OID_AUTO, stats, CTLFLAG_RW,
129 bpf_stats_sysctl, "bpf statistics portal");
130
131 static d_open_t bpfopen;
132 static d_close_t bpfclose;
133 static d_read_t bpfread;
134 static d_write_t bpfwrite;
135 static d_ioctl_t bpfioctl;
136 static d_poll_t bpfpoll;
137 static d_kqfilter_t bpfkqfilter;
138
139 static struct cdevsw bpf_cdevsw = {
140 .d_version = D_VERSION,
141 .d_flags = D_NEEDGIANT,
142 .d_open = bpfopen,
143 .d_close = bpfclose,
144 .d_read = bpfread,
145 .d_write = bpfwrite,
146 .d_ioctl = bpfioctl,
147 .d_poll = bpfpoll,
148 .d_name = "bpf",
149 .d_kqfilter = bpfkqfilter,
150 };
151
152 static struct filterops bpfread_filtops =
153 { 1, NULL, filt_bpfdetach, filt_bpfread };
154
155 static int
156 bpf_movein(uio, linktype, mtu, mp, sockp, wfilter)
157 struct uio *uio;
158 int linktype;
159 int mtu;
160 struct mbuf **mp;
161 struct sockaddr *sockp;
162 struct bpf_insn *wfilter;
163 {
164 struct mbuf *m;
165 int error;
166 int len;
167 int hlen;
168 int slen;
169
170 /*
171 * Build a sockaddr based on the data link layer type.
172 * We do this at this level because the ethernet header
173 * is copied directly into the data field of the sockaddr.
174 * In the case of SLIP, there is no header and the packet
175 * is forwarded as is.
176 * Also, we are careful to leave room at the front of the mbuf
177 * for the link level header.
178 */
179 switch (linktype) {
180
181 case DLT_SLIP:
182 sockp->sa_family = AF_INET;
183 hlen = 0;
184 break;
185
186 case DLT_EN10MB:
187 sockp->sa_family = AF_UNSPEC;
188 /* XXX Would MAXLINKHDR be better? */
189 hlen = ETHER_HDR_LEN;
190 break;
191
192 case DLT_FDDI:
193 sockp->sa_family = AF_IMPLINK;
194 hlen = 0;
195 break;
196
197 case DLT_RAW:
198 sockp->sa_family = AF_UNSPEC;
199 hlen = 0;
200 break;
201
202 case DLT_NULL:
203 /*
204 * null interface types require a 4 byte pseudo header which
205 * corresponds to the address family of the packet.
206 */
207 sockp->sa_family = AF_UNSPEC;
208 hlen = 4;
209 break;
210
211 case DLT_ATM_RFC1483:
212 /*
213 * en atm driver requires 4-byte atm pseudo header.
214 * though it isn't standard, vpi:vci needs to be
215 * specified anyway.
216 */
217 sockp->sa_family = AF_UNSPEC;
218 hlen = 12; /* XXX 4(ATM_PH) + 3(LLC) + 5(SNAP) */
219 break;
220
221 case DLT_PPP:
222 sockp->sa_family = AF_UNSPEC;
223 hlen = 4; /* This should match PPP_HDRLEN */
224 break;
225
226 default:
227 return (EIO);
228 }
229
230 len = uio->uio_resid;
231
232 if (len - hlen > mtu)
233 return (EMSGSIZE);
234
235 if ((unsigned)len > MCLBYTES)
236 return (EIO);
237
238 if (len > MHLEN) {
239 m = m_getcl(M_TRYWAIT, MT_DATA, M_PKTHDR);
240 } else {
241 MGETHDR(m, M_TRYWAIT, MT_DATA);
242 }
243 if (m == NULL)
244 return (ENOBUFS);
245 m->m_pkthdr.len = m->m_len = len;
246 m->m_pkthdr.rcvif = NULL;
247 *mp = m;
248
249 if (m->m_len < hlen) {
250 error = EPERM;
251 goto bad;
252 }
253
254 error = uiomove(mtod(m, u_char *), len, uio);
255 if (error)
256 goto bad;
257
258 slen = bpf_filter(wfilter, mtod(m, u_char *), len, len);
259 if (slen == 0) {
260 error = EPERM;
261 goto bad;
262 }
263
264 /*
265 * Make room for link header, and copy it to sockaddr
266 */
267 if (hlen != 0) {
268 bcopy(m->m_data, sockp->sa_data, hlen);
269 m->m_pkthdr.len -= hlen;
270 m->m_len -= hlen;
271 #if BSD >= 199103
272 m->m_data += hlen; /* XXX */
273 #else
274 m->m_off += hlen;
275 #endif
276 }
277
278 return (0);
279 bad:
280 m_freem(m);
281 return (error);
282 }
283
284 /*
285 * Attach file to the bpf interface, i.e. make d listen on bp.
286 */
287 static void
288 bpf_attachd(d, bp)
289 struct bpf_d *d;
290 struct bpf_if *bp;
291 {
292 /*
293 * Point d at bp, and add d to the interface's list of listeners.
294 * Finally, point the driver's bpf cookie at the interface so
295 * it will divert packets to bpf.
296 */
297 BPFIF_LOCK(bp);
298 d->bd_bif = bp;
299 LIST_INSERT_HEAD(&bp->bif_dlist, d, bd_next);
300
301 bpf_bpfd_cnt++;
302 *bp->bif_driverp = bp;
303 BPFIF_UNLOCK(bp);
304 }
305
306 /*
307 * Detach a file from its interface.
308 */
309 static void
310 bpf_detachd(d)
311 struct bpf_d *d;
312 {
313 int error;
314 struct bpf_if *bp;
315 struct ifnet *ifp;
316
317 bp = d->bd_bif;
318 BPFIF_LOCK(bp);
319 BPFD_LOCK(d);
320 ifp = d->bd_bif->bif_ifp;
321
322 /*
323 * Remove d from the interface's descriptor list.
324 */
325 LIST_REMOVE(d, bd_next);
326
327 bpf_bpfd_cnt--;
328 /*
329 * Let the driver know that there are no more listeners.
330 */
331 if (LIST_EMPTY(&bp->bif_dlist))
332 *bp->bif_driverp = NULL;
333
334 d->bd_bif = NULL;
335 BPFD_UNLOCK(d);
336 BPFIF_UNLOCK(bp);
337
338 /*
339 * Check if this descriptor had requested promiscuous mode.
340 * If so, turn it off.
341 */
342 if (d->bd_promisc) {
343 d->bd_promisc = 0;
344 error = ifpromisc(ifp, 0);
345 if (error != 0 && error != ENXIO) {
346 /*
347 * ENXIO can happen if a pccard is unplugged
348 * Something is really wrong if we were able to put
349 * the driver into promiscuous mode, but can't
350 * take it out.
351 */
352 if_printf(bp->bif_ifp,
353 "bpf_detach: ifpromisc failed (%d)\n", error);
354 }
355 }
356 }
357
358 /*
359 * Open ethernet device. Returns ENXIO for illegal minor device number,
360 * EBUSY if file is open by another process.
361 */
362 /* ARGSUSED */
363 static int
364 bpfopen(dev, flags, fmt, td)
365 struct cdev *dev;
366 int flags;
367 int fmt;
368 struct thread *td;
369 {
370 struct bpf_d *d;
371
372 mtx_lock(&bpf_mtx);
373 d = dev->si_drv1;
374 /*
375 * Each minor can be opened by only one process. If the requested
376 * minor is in use, return EBUSY.
377 */
378 if (d != NULL) {
379 mtx_unlock(&bpf_mtx);
380 return (EBUSY);
381 }
382 dev->si_drv1 = (struct bpf_d *)~0; /* mark device in use */
383 mtx_unlock(&bpf_mtx);
384
385 if ((dev->si_flags & SI_NAMED) == 0)
386 make_dev(&bpf_cdevsw, minor(dev), UID_ROOT, GID_WHEEL, 0600,
387 "bpf%d", dev2unit(dev));
388 MALLOC(d, struct bpf_d *, sizeof(*d), M_BPF, M_WAITOK | M_ZERO);
389 dev->si_drv1 = d;
390 d->bd_bufsize = bpf_bufsize;
391 d->bd_sig = SIGIO;
392 d->bd_seesent = 1;
393 d->bd_pid = td->td_proc->p_pid;
394 strlcpy(d->bd_pcomm, td->td_proc->p_comm, MAXCOMLEN);
395 #ifdef MAC
396 mac_init_bpfdesc(d);
397 mac_create_bpfdesc(td->td_ucred, d);
398 #endif
399 mtx_init(&d->bd_mtx, devtoname(dev), "bpf cdev lock", MTX_DEF);
400 callout_init(&d->bd_callout, NET_CALLOUT_MPSAFE);
401 knlist_init(&d->bd_sel.si_note, &d->bd_mtx, NULL, NULL, NULL);
402
403 return (0);
404 }
405
406 /*
407 * Close the descriptor by detaching it from its interface,
408 * deallocating its buffers, and marking it free.
409 */
410 /* ARGSUSED */
411 static int
412 bpfclose(dev, flags, fmt, td)
413 struct cdev *dev;
414 int flags;
415 int fmt;
416 struct thread *td;
417 {
418 struct bpf_d *d = dev->si_drv1;
419
420 BPFD_LOCK(d);
421 if (d->bd_state == BPF_WAITING)
422 callout_stop(&d->bd_callout);
423 d->bd_state = BPF_IDLE;
424 BPFD_UNLOCK(d);
425 funsetown(&d->bd_sigio);
426 mtx_lock(&bpf_mtx);
427 if (d->bd_bif)
428 bpf_detachd(d);
429 mtx_unlock(&bpf_mtx);
430 selwakeuppri(&d->bd_sel, PRINET);
431 #ifdef MAC
432 mac_destroy_bpfdesc(d);
433 #endif /* MAC */
434 knlist_destroy(&d->bd_sel.si_note);
435 bpf_freed(d);
436 dev->si_drv1 = NULL;
437 free(d, M_BPF);
438
439 return (0);
440 }
441
442
443 /*
444 * Rotate the packet buffers in descriptor d. Move the store buffer
445 * into the hold slot, and the free buffer into the store slot.
446 * Zero the length of the new store buffer.
447 */
448 #define ROTATE_BUFFERS(d) \
449 (d)->bd_hbuf = (d)->bd_sbuf; \
450 (d)->bd_hlen = (d)->bd_slen; \
451 (d)->bd_sbuf = (d)->bd_fbuf; \
452 (d)->bd_slen = 0; \
453 (d)->bd_fbuf = NULL;
454 /*
455 * bpfread - read next chunk of packets from buffers
456 */
457 static int
458 bpfread(dev, uio, ioflag)
459 struct cdev *dev;
460 struct uio *uio;
461 int ioflag;
462 {
463 struct bpf_d *d = dev->si_drv1;
464 int timed_out;
465 int error;
466
467 /*
468 * Restrict application to use a buffer the same size as
469 * as kernel buffers.
470 */
471 if (uio->uio_resid != d->bd_bufsize)
472 return (EINVAL);
473
474 BPFD_LOCK(d);
475 if (d->bd_state == BPF_WAITING)
476 callout_stop(&d->bd_callout);
477 timed_out = (d->bd_state == BPF_TIMED_OUT);
478 d->bd_state = BPF_IDLE;
479 /*
480 * If the hold buffer is empty, then do a timed sleep, which
481 * ends when the timeout expires or when enough packets
482 * have arrived to fill the store buffer.
483 */
484 while (d->bd_hbuf == NULL) {
485 if ((d->bd_immediate || timed_out) && d->bd_slen != 0) {
486 /*
487 * A packet(s) either arrived since the previous
488 * read or arrived while we were asleep.
489 * Rotate the buffers and return what's here.
490 */
491 ROTATE_BUFFERS(d);
492 break;
493 }
494
495 /*
496 * No data is available, check to see if the bpf device
497 * is still pointed at a real interface. If not, return
498 * ENXIO so that the userland process knows to rebind
499 * it before using it again.
500 */
501 if (d->bd_bif == NULL) {
502 BPFD_UNLOCK(d);
503 return (ENXIO);
504 }
505
506 if (ioflag & O_NONBLOCK) {
507 BPFD_UNLOCK(d);
508 return (EWOULDBLOCK);
509 }
510 error = msleep(d, &d->bd_mtx, PRINET|PCATCH,
511 "bpf", d->bd_rtout);
512 if (error == EINTR || error == ERESTART) {
513 BPFD_UNLOCK(d);
514 return (error);
515 }
516 if (error == EWOULDBLOCK) {
517 /*
518 * On a timeout, return what's in the buffer,
519 * which may be nothing. If there is something
520 * in the store buffer, we can rotate the buffers.
521 */
522 if (d->bd_hbuf)
523 /*
524 * We filled up the buffer in between
525 * getting the timeout and arriving
526 * here, so we don't need to rotate.
527 */
528 break;
529
530 if (d->bd_slen == 0) {
531 BPFD_UNLOCK(d);
532 return (0);
533 }
534 ROTATE_BUFFERS(d);
535 break;
536 }
537 }
538 /*
539 * At this point, we know we have something in the hold slot.
540 */
541 BPFD_UNLOCK(d);
542
543 /*
544 * Move data from hold buffer into user space.
545 * We know the entire buffer is transferred since
546 * we checked above that the read buffer is bpf_bufsize bytes.
547 */
548 error = uiomove(d->bd_hbuf, d->bd_hlen, uio);
549
550 BPFD_LOCK(d);
551 d->bd_fbuf = d->bd_hbuf;
552 d->bd_hbuf = NULL;
553 d->bd_hlen = 0;
554 BPFD_UNLOCK(d);
555
556 return (error);
557 }
558
559
560 /*
561 * If there are processes sleeping on this descriptor, wake them up.
562 */
563 static __inline void
564 bpf_wakeup(d)
565 struct bpf_d *d;
566 {
567
568 BPFD_LOCK_ASSERT(d);
569 if (d->bd_state == BPF_WAITING) {
570 callout_stop(&d->bd_callout);
571 d->bd_state = BPF_IDLE;
572 }
573 wakeup(d);
574 if (d->bd_async && d->bd_sig && d->bd_sigio)
575 pgsigio(&d->bd_sigio, d->bd_sig, 0);
576
577 selwakeuppri(&d->bd_sel, PRINET);
578 KNOTE_LOCKED(&d->bd_sel.si_note, 0);
579 }
580
581 static void
582 bpf_timed_out(arg)
583 void *arg;
584 {
585 struct bpf_d *d = (struct bpf_d *)arg;
586
587 BPFD_LOCK(d);
588 if (d->bd_state == BPF_WAITING) {
589 d->bd_state = BPF_TIMED_OUT;
590 if (d->bd_slen != 0)
591 bpf_wakeup(d);
592 }
593 BPFD_UNLOCK(d);
594 }
595
596 static int
597 bpfwrite(dev, uio, ioflag)
598 struct cdev *dev;
599 struct uio *uio;
600 int ioflag;
601 {
602 struct bpf_d *d = dev->si_drv1;
603 struct ifnet *ifp;
604 struct mbuf *m;
605 int error;
606 struct sockaddr dst;
607
608 if (d->bd_bif == NULL)
609 return (ENXIO);
610
611 ifp = d->bd_bif->bif_ifp;
612
613 if ((ifp->if_flags & IFF_UP) == 0)
614 return (ENETDOWN);
615
616 if (uio->uio_resid == 0)
617 return (0);
618
619 bzero(&dst, sizeof(dst));
620 error = bpf_movein(uio, (int)d->bd_bif->bif_dlt, ifp->if_mtu,
621 &m, &dst, d->bd_wfilter);
622 if (error)
623 return (error);
624
625 if (d->bd_hdrcmplt)
626 dst.sa_family = pseudo_AF_HDRCMPLT;
627
628 #ifdef MAC
629 BPFD_LOCK(d);
630 mac_create_mbuf_from_bpfdesc(d, m);
631 BPFD_UNLOCK(d);
632 #endif
633 NET_LOCK_GIANT();
634 error = (*ifp->if_output)(ifp, m, &dst, NULL);
635 NET_UNLOCK_GIANT();
636 /*
637 * The driver frees the mbuf.
638 */
639 return (error);
640 }
641
642 /*
643 * Reset a descriptor by flushing its packet buffer and clearing the
644 * receive and drop counts.
645 */
646 static void
647 reset_d(d)
648 struct bpf_d *d;
649 {
650
651 mtx_assert(&d->bd_mtx, MA_OWNED);
652 if (d->bd_hbuf) {
653 /* Free the hold buffer. */
654 d->bd_fbuf = d->bd_hbuf;
655 d->bd_hbuf = NULL;
656 }
657 d->bd_slen = 0;
658 d->bd_hlen = 0;
659 d->bd_rcount = 0;
660 d->bd_dcount = 0;
661 d->bd_fcount = 0;
662 }
663
664 /*
665 * FIONREAD Check for read packet available.
666 * SIOCGIFADDR Get interface address - convenient hook to driver.
667 * BIOCGBLEN Get buffer len [for read()].
668 * BIOCSETF Set ethernet read filter.
669 * BIOCSETWF Set ethernet write filter.
670 * BIOCFLUSH Flush read packet buffer.
671 * BIOCPROMISC Put interface into promiscuous mode.
672 * BIOCGDLT Get link layer type.
673 * BIOCGETIF Get interface name.
674 * BIOCSETIF Set interface.
675 * BIOCSRTIMEOUT Set read timeout.
676 * BIOCGRTIMEOUT Get read timeout.
677 * BIOCGSTATS Get packet stats.
678 * BIOCIMMEDIATE Set immediate mode.
679 * BIOCVERSION Get filter language version.
680 * BIOCGHDRCMPLT Get "header already complete" flag
681 * BIOCSHDRCMPLT Set "header already complete" flag
682 * BIOCGSEESENT Get "see packets sent" flag
683 * BIOCSSEESENT Set "see packets sent" flag
684 * BIOCLOCK Set "locked" flag
685 */
686 /* ARGSUSED */
687 static int
688 bpfioctl(dev, cmd, addr, flags, td)
689 struct cdev *dev;
690 u_long cmd;
691 caddr_t addr;
692 int flags;
693 struct thread *td;
694 {
695 struct bpf_d *d = dev->si_drv1;
696 int error = 0;
697
698 /*
699 * Refresh PID associated with this descriptor.
700 */
701 d->bd_pid = td->td_proc->p_pid;
702 BPFD_LOCK(d);
703 if (d->bd_state == BPF_WAITING)
704 callout_stop(&d->bd_callout);
705 d->bd_state = BPF_IDLE;
706 BPFD_UNLOCK(d);
707
708 if (d->bd_locked == 1) {
709 switch (cmd) {
710 case BIOCGBLEN:
711 case BIOCFLUSH:
712 case BIOCGDLT:
713 case BIOCGDLTLIST:
714 case BIOCGETIF:
715 case BIOCGRTIMEOUT:
716 case BIOCGSTATS:
717 case BIOCVERSION:
718 case BIOCGRSIG:
719 case BIOCGHDRCMPLT:
720 case FIONREAD:
721 case BIOCLOCK:
722 case BIOCSRTIMEOUT:
723 case BIOCIMMEDIATE:
724 case TIOCGPGRP:
725 break;
726 default:
727 return (EPERM);
728 }
729 }
730 switch (cmd) {
731
732 default:
733 error = EINVAL;
734 break;
735
736 /*
737 * Check for read packet available.
738 */
739 case FIONREAD:
740 {
741 int n;
742
743 BPFD_LOCK(d);
744 n = d->bd_slen;
745 if (d->bd_hbuf)
746 n += d->bd_hlen;
747 BPFD_UNLOCK(d);
748
749 *(int *)addr = n;
750 break;
751 }
752
753 case SIOCGIFADDR:
754 {
755 struct ifnet *ifp;
756
757 if (d->bd_bif == NULL)
758 error = EINVAL;
759 else {
760 ifp = d->bd_bif->bif_ifp;
761 error = (*ifp->if_ioctl)(ifp, cmd, addr);
762 }
763 break;
764 }
765
766 /*
767 * Get buffer len [for read()].
768 */
769 case BIOCGBLEN:
770 *(u_int *)addr = d->bd_bufsize;
771 break;
772
773 /*
774 * Set buffer length.
775 */
776 case BIOCSBLEN:
777 if (d->bd_bif != NULL)
778 error = EINVAL;
779 else {
780 u_int size = *(u_int *)addr;
781
782 if (size > bpf_maxbufsize)
783 *(u_int *)addr = size = bpf_maxbufsize;
784 else if (size < BPF_MINBUFSIZE)
785 *(u_int *)addr = size = BPF_MINBUFSIZE;
786 d->bd_bufsize = size;
787 }
788 break;
789
790 /*
791 * Set link layer read filter.
792 */
793 case BIOCSETF:
794 case BIOCSETWF:
795 error = bpf_setf(d, (struct bpf_program *)addr, cmd);
796 break;
797
798 /*
799 * Flush read packet buffer.
800 */
801 case BIOCFLUSH:
802 BPFD_LOCK(d);
803 reset_d(d);
804 BPFD_UNLOCK(d);
805 break;
806
807 /*
808 * Put interface into promiscuous mode.
809 */
810 case BIOCPROMISC:
811 if (d->bd_bif == NULL) {
812 /*
813 * No interface attached yet.
814 */
815 error = EINVAL;
816 break;
817 }
818 if (d->bd_promisc == 0) {
819 mtx_lock(&Giant);
820 error = ifpromisc(d->bd_bif->bif_ifp, 1);
821 mtx_unlock(&Giant);
822 if (error == 0)
823 d->bd_promisc = 1;
824 }
825 break;
826
827 /*
828 * Get current data link type.
829 */
830 case BIOCGDLT:
831 if (d->bd_bif == NULL)
832 error = EINVAL;
833 else
834 *(u_int *)addr = d->bd_bif->bif_dlt;
835 break;
836
837 /*
838 * Get a list of supported data link types.
839 */
840 case BIOCGDLTLIST:
841 if (d->bd_bif == NULL)
842 error = EINVAL;
843 else
844 error = bpf_getdltlist(d, (struct bpf_dltlist *)addr);
845 break;
846
847 /*
848 * Set data link type.
849 */
850 case BIOCSDLT:
851 if (d->bd_bif == NULL)
852 error = EINVAL;
853 else
854 error = bpf_setdlt(d, *(u_int *)addr);
855 break;
856
857 /*
858 * Get interface name.
859 */
860 case BIOCGETIF:
861 if (d->bd_bif == NULL)
862 error = EINVAL;
863 else {
864 struct ifnet *const ifp = d->bd_bif->bif_ifp;
865 struct ifreq *const ifr = (struct ifreq *)addr;
866
867 strlcpy(ifr->ifr_name, ifp->if_xname,
868 sizeof(ifr->ifr_name));
869 }
870 break;
871
872 /*
873 * Set interface.
874 */
875 case BIOCSETIF:
876 error = bpf_setif(d, (struct ifreq *)addr);
877 break;
878
879 /*
880 * Set read timeout.
881 */
882 case BIOCSRTIMEOUT:
883 {
884 struct timeval *tv = (struct timeval *)addr;
885
886 /*
887 * Subtract 1 tick from tvtohz() since this isn't
888 * a one-shot timer.
889 */
890 if ((error = itimerfix(tv)) == 0)
891 d->bd_rtout = tvtohz(tv) - 1;
892 break;
893 }
894
895 /*
896 * Get read timeout.
897 */
898 case BIOCGRTIMEOUT:
899 {
900 struct timeval *tv = (struct timeval *)addr;
901
902 tv->tv_sec = d->bd_rtout / hz;
903 tv->tv_usec = (d->bd_rtout % hz) * tick;
904 break;
905 }
906
907 /*
908 * Get packet stats.
909 */
910 case BIOCGSTATS:
911 {
912 struct bpf_stat *bs = (struct bpf_stat *)addr;
913
914 bs->bs_recv = d->bd_rcount;
915 bs->bs_drop = d->bd_dcount;
916 break;
917 }
918
919 /*
920 * Set immediate mode.
921 */
922 case BIOCIMMEDIATE:
923 d->bd_immediate = *(u_int *)addr;
924 break;
925
926 case BIOCVERSION:
927 {
928 struct bpf_version *bv = (struct bpf_version *)addr;
929
930 bv->bv_major = BPF_MAJOR_VERSION;
931 bv->bv_minor = BPF_MINOR_VERSION;
932 break;
933 }
934
935 /*
936 * Get "header already complete" flag
937 */
938 case BIOCGHDRCMPLT:
939 *(u_int *)addr = d->bd_hdrcmplt;
940 break;
941
942 case BIOCLOCK:
943 d->bd_locked = 1;
944 break;
945 /*
946 * Set "header already complete" flag
947 */
948 case BIOCSHDRCMPLT:
949 d->bd_hdrcmplt = *(u_int *)addr ? 1 : 0;
950 break;
951
952 /*
953 * Get "see sent packets" flag
954 */
955 case BIOCGSEESENT:
956 *(u_int *)addr = d->bd_seesent;
957 break;
958
959 /*
960 * Set "see sent packets" flag
961 */
962 case BIOCSSEESENT:
963 d->bd_seesent = *(u_int *)addr;
964 break;
965
966 case FIONBIO: /* Non-blocking I/O */
967 break;
968
969 case FIOASYNC: /* Send signal on receive packets */
970 d->bd_async = *(int *)addr;
971 break;
972
973 case FIOSETOWN:
974 error = fsetown(*(int *)addr, &d->bd_sigio);
975 break;
976
977 case FIOGETOWN:
978 *(int *)addr = fgetown(&d->bd_sigio);
979 break;
980
981 /* This is deprecated, FIOSETOWN should be used instead. */
982 case TIOCSPGRP:
983 error = fsetown(-(*(int *)addr), &d->bd_sigio);
984 break;
985
986 /* This is deprecated, FIOGETOWN should be used instead. */
987 case TIOCGPGRP:
988 *(int *)addr = -fgetown(&d->bd_sigio);
989 break;
990
991 case BIOCSRSIG: /* Set receive signal */
992 {
993 u_int sig;
994
995 sig = *(u_int *)addr;
996
997 if (sig >= NSIG)
998 error = EINVAL;
999 else
1000 d->bd_sig = sig;
1001 break;
1002 }
1003 case BIOCGRSIG:
1004 *(u_int *)addr = d->bd_sig;
1005 break;
1006 }
1007 return (error);
1008 }
1009
1010 /*
1011 * Set d's packet filter program to fp. If this file already has a filter,
1012 * free it and replace it. Returns EINVAL for bogus requests.
1013 */
1014 static int
1015 bpf_setf(d, fp, cmd)
1016 struct bpf_d *d;
1017 struct bpf_program *fp;
1018 u_long cmd;
1019 {
1020 struct bpf_insn *fcode, *old;
1021 u_int wfilter, flen, size;
1022
1023 if (cmd == BIOCSETWF) {
1024 old = d->bd_wfilter;
1025 wfilter = 1;
1026 } else {
1027 wfilter = 0;
1028 old = d->bd_rfilter;
1029 }
1030 if (fp->bf_insns == NULL) {
1031 if (fp->bf_len != 0)
1032 return (EINVAL);
1033 BPFD_LOCK(d);
1034 if (wfilter)
1035 d->bd_wfilter = NULL;
1036 else
1037 d->bd_rfilter = NULL;
1038 reset_d(d);
1039 BPFD_UNLOCK(d);
1040 if (old != NULL)
1041 free((caddr_t)old, M_BPF);
1042 return (0);
1043 }
1044 flen = fp->bf_len;
1045 if (flen > bpf_maxinsns)
1046 return (EINVAL);
1047
1048 size = flen * sizeof(*fp->bf_insns);
1049 fcode = (struct bpf_insn *)malloc(size, M_BPF, M_WAITOK);
1050 if (copyin((caddr_t)fp->bf_insns, (caddr_t)fcode, size) == 0 &&
1051 bpf_validate(fcode, (int)flen)) {
1052 BPFD_LOCK(d);
1053 if (wfilter)
1054 d->bd_wfilter = fcode;
1055 else
1056 d->bd_rfilter = fcode;
1057 reset_d(d);
1058 BPFD_UNLOCK(d);
1059 if (old != NULL)
1060 free((caddr_t)old, M_BPF);
1061
1062 return (0);
1063 }
1064 free((caddr_t)fcode, M_BPF);
1065 return (EINVAL);
1066 }
1067
1068 /*
1069 * Detach a file from its current interface (if attached at all) and attach
1070 * to the interface indicated by the name stored in ifr.
1071 * Return an errno or 0.
1072 */
1073 static int
1074 bpf_setif(d, ifr)
1075 struct bpf_d *d;
1076 struct ifreq *ifr;
1077 {
1078 struct bpf_if *bp;
1079 int error;
1080 struct ifnet *theywant;
1081
1082 theywant = ifunit(ifr->ifr_name);
1083 if (theywant == NULL)
1084 return ENXIO;
1085
1086 /*
1087 * Look through attached interfaces for the named one.
1088 */
1089 mtx_lock(&bpf_mtx);
1090 LIST_FOREACH(bp, &bpf_iflist, bif_next) {
1091 struct ifnet *ifp = bp->bif_ifp;
1092
1093 if (ifp == NULL || ifp != theywant)
1094 continue;
1095 /* skip additional entry */
1096 if (bp->bif_driverp != &ifp->if_bpf)
1097 continue;
1098
1099 mtx_unlock(&bpf_mtx);
1100 /*
1101 * We found the requested interface.
1102 * Allocate the packet buffers if we need to.
1103 * If we're already attached to requested interface,
1104 * just flush the buffer.
1105 */
1106 if (d->bd_sbuf == NULL) {
1107 error = bpf_allocbufs(d);
1108 if (error != 0)
1109 return (error);
1110 }
1111 if (bp != d->bd_bif) {
1112 if (d->bd_bif)
1113 /*
1114 * Detach if attached to something else.
1115 */
1116 bpf_detachd(d);
1117
1118 bpf_attachd(d, bp);
1119 }
1120 BPFD_LOCK(d);
1121 reset_d(d);
1122 BPFD_UNLOCK(d);
1123 return (0);
1124 }
1125 mtx_unlock(&bpf_mtx);
1126 /* Not found. */
1127 return (ENXIO);
1128 }
1129
1130 /*
1131 * Support for select() and poll() system calls
1132 *
1133 * Return true iff the specific operation will not block indefinitely.
1134 * Otherwise, return false but make a note that a selwakeup() must be done.
1135 */
1136 static int
1137 bpfpoll(dev, events, td)
1138 struct cdev *dev;
1139 int events;
1140 struct thread *td;
1141 {
1142 struct bpf_d *d;
1143 int revents;
1144
1145 d = dev->si_drv1;
1146 if (d->bd_bif == NULL)
1147 return (ENXIO);
1148
1149 /*
1150 * Refresh PID associated with this descriptor.
1151 */
1152 d->bd_pid = td->td_proc->p_pid;
1153 revents = events & (POLLOUT | POLLWRNORM);
1154 BPFD_LOCK(d);
1155 if (events & (POLLIN | POLLRDNORM)) {
1156 if (bpf_ready(d))
1157 revents |= events & (POLLIN | POLLRDNORM);
1158 else {
1159 selrecord(td, &d->bd_sel);
1160 /* Start the read timeout if necessary. */
1161 if (d->bd_rtout > 0 && d->bd_state == BPF_IDLE) {
1162 callout_reset(&d->bd_callout, d->bd_rtout,
1163 bpf_timed_out, d);
1164 d->bd_state = BPF_WAITING;
1165 }
1166 }
1167 }
1168 BPFD_UNLOCK(d);
1169 return (revents);
1170 }
1171
1172 /*
1173 * Support for kevent() system call. Register EVFILT_READ filters and
1174 * reject all others.
1175 */
1176 int
1177 bpfkqfilter(dev, kn)
1178 struct cdev *dev;
1179 struct knote *kn;
1180 {
1181 struct bpf_d *d = (struct bpf_d *)dev->si_drv1;
1182
1183 if (kn->kn_filter != EVFILT_READ)
1184 return (1);
1185
1186 /*
1187 * Refresh PID associated with this descriptor.
1188 */
1189 d->bd_pid = curthread->td_proc->p_pid;
1190 kn->kn_fop = &bpfread_filtops;
1191 kn->kn_hook = d;
1192 knlist_add(&d->bd_sel.si_note, kn, 0);
1193
1194 return (0);
1195 }
1196
1197 static void
1198 filt_bpfdetach(kn)
1199 struct knote *kn;
1200 {
1201 struct bpf_d *d = (struct bpf_d *)kn->kn_hook;
1202
1203 knlist_remove(&d->bd_sel.si_note, kn, 0);
1204 }
1205
1206 static int
1207 filt_bpfread(kn, hint)
1208 struct knote *kn;
1209 long hint;
1210 {
1211 struct bpf_d *d = (struct bpf_d *)kn->kn_hook;
1212 int ready;
1213
1214 BPFD_LOCK_ASSERT(d);
1215 ready = bpf_ready(d);
1216 if (ready) {
1217 kn->kn_data = d->bd_slen;
1218 if (d->bd_hbuf)
1219 kn->kn_data += d->bd_hlen;
1220 }
1221 else if (d->bd_rtout > 0 && d->bd_state == BPF_IDLE) {
1222 callout_reset(&d->bd_callout, d->bd_rtout,
1223 bpf_timed_out, d);
1224 d->bd_state = BPF_WAITING;
1225 }
1226
1227 return (ready);
1228 }
1229
1230 /*
1231 * Incoming linkage from device drivers. Process the packet pkt, of length
1232 * pktlen, which is stored in a contiguous buffer. The packet is parsed
1233 * by each process' filter, and if accepted, stashed into the corresponding
1234 * buffer.
1235 */
1236 void
1237 bpf_tap(bp, pkt, pktlen)
1238 struct bpf_if *bp;
1239 u_char *pkt;
1240 u_int pktlen;
1241 {
1242 struct bpf_d *d;
1243 u_int slen;
1244 int gottime;
1245 struct timeval tv;
1246
1247 /*
1248 * Lockless read to avoid cost of locking the interface if there are
1249 * no descriptors attached.
1250 */
1251 if (LIST_EMPTY(&bp->bif_dlist))
1252 return;
1253
1254 gottime = 0;
1255 BPFIF_LOCK(bp);
1256 LIST_FOREACH(d, &bp->bif_dlist, bd_next) {
1257 BPFD_LOCK(d);
1258 ++d->bd_rcount;
1259 slen = bpf_filter(d->bd_rfilter, pkt, pktlen, pktlen);
1260 if (slen != 0) {
1261 d->bd_fcount++;
1262 if (!gottime) {
1263 microtime(&tv);
1264 gottime = 1;
1265 }
1266 #ifdef MAC
1267 if (mac_check_bpfdesc_receive(d, bp->bif_ifp) == 0)
1268 #endif
1269 catchpacket(d, pkt, pktlen, slen, bcopy, &tv);
1270 }
1271 BPFD_UNLOCK(d);
1272 }
1273 BPFIF_UNLOCK(bp);
1274 }
1275
1276 /*
1277 * Copy data from an mbuf chain into a buffer. This code is derived
1278 * from m_copydata in sys/uipc_mbuf.c.
1279 */
1280 static void
1281 bpf_mcopy(src_arg, dst_arg, len)
1282 const void *src_arg;
1283 void *dst_arg;
1284 size_t len;
1285 {
1286 const struct mbuf *m;
1287 u_int count;
1288 u_char *dst;
1289
1290 m = src_arg;
1291 dst = dst_arg;
1292 while (len > 0) {
1293 if (m == NULL)
1294 panic("bpf_mcopy");
1295 count = min(m->m_len, len);
1296 bcopy(mtod(m, void *), dst, count);
1297 m = m->m_next;
1298 dst += count;
1299 len -= count;
1300 }
1301 }
1302
1303 /*
1304 * Incoming linkage from device drivers, when packet is in an mbuf chain.
1305 */
1306 void
1307 bpf_mtap(bp, m)
1308 struct bpf_if *bp;
1309 struct mbuf *m;
1310 {
1311 struct bpf_d *d;
1312 u_int pktlen, slen;
1313 int gottime;
1314 struct timeval tv;
1315
1316 gottime = 0;
1317
1318 /*
1319 * Lockless read to avoid cost of locking the interface if there are
1320 * no descriptors attached.
1321 */
1322 if (LIST_EMPTY(&bp->bif_dlist))
1323 return;
1324
1325 pktlen = m_length(m, NULL);
1326
1327 BPFIF_LOCK(bp);
1328 LIST_FOREACH(d, &bp->bif_dlist, bd_next) {
1329 if (!d->bd_seesent && (m->m_pkthdr.rcvif == NULL))
1330 continue;
1331 BPFD_LOCK(d);
1332 ++d->bd_rcount;
1333 slen = bpf_filter(d->bd_rfilter, (u_char *)m, pktlen, 0);
1334 if (slen != 0) {
1335 d->bd_fcount++;
1336 if (!gottime) {
1337 microtime(&tv);
1338 gottime = 1;
1339 }
1340 #ifdef MAC
1341 if (mac_check_bpfdesc_receive(d, bp->bif_ifp) == 0)
1342 #endif
1343 catchpacket(d, (u_char *)m, pktlen, slen,
1344 bpf_mcopy, &tv);
1345 }
1346 BPFD_UNLOCK(d);
1347 }
1348 BPFIF_UNLOCK(bp);
1349 }
1350
1351 /*
1352 * Incoming linkage from device drivers, when packet is in
1353 * an mbuf chain and to be prepended by a contiguous header.
1354 */
1355 void
1356 bpf_mtap2(bp, data, dlen, m)
1357 struct bpf_if *bp;
1358 void *data;
1359 u_int dlen;
1360 struct mbuf *m;
1361 {
1362 struct mbuf mb;
1363 struct bpf_d *d;
1364 u_int pktlen, slen;
1365 int gottime;
1366 struct timeval tv;
1367
1368 gottime = 0;
1369
1370 /*
1371 * Lockless read to avoid cost of locking the interface if there are
1372 * no descriptors attached.
1373 */
1374 if (LIST_EMPTY(&bp->bif_dlist))
1375 return;
1376
1377 pktlen = m_length(m, NULL);
1378 /*
1379 * Craft on-stack mbuf suitable for passing to bpf_filter.
1380 * Note that we cut corners here; we only setup what's
1381 * absolutely needed--this mbuf should never go anywhere else.
1382 */
1383 mb.m_next = m;
1384 mb.m_data = data;
1385 mb.m_len = dlen;
1386 pktlen += dlen;
1387
1388 BPFIF_LOCK(bp);
1389 LIST_FOREACH(d, &bp->bif_dlist, bd_next) {
1390 if (!d->bd_seesent && (m->m_pkthdr.rcvif == NULL))
1391 continue;
1392 BPFD_LOCK(d);
1393 ++d->bd_rcount;
1394 slen = bpf_filter(d->bd_rfilter, (u_char *)&mb, pktlen, 0);
1395 if (slen != 0) {
1396 d->bd_fcount++;
1397 if (!gottime) {
1398 microtime(&tv);
1399 gottime = 1;
1400 }
1401 #ifdef MAC
1402 if (mac_check_bpfdesc_receive(d, bp->bif_ifp) == 0)
1403 #endif
1404 catchpacket(d, (u_char *)&mb, pktlen, slen,
1405 bpf_mcopy, &tv);
1406 }
1407 BPFD_UNLOCK(d);
1408 }
1409 BPFIF_UNLOCK(bp);
1410 }
1411
1412 /*
1413 * Move the packet data from interface memory (pkt) into the
1414 * store buffer. "cpfn" is the routine called to do the actual data
1415 * transfer. bcopy is passed in to copy contiguous chunks, while
1416 * bpf_mcopy is passed in to copy mbuf chains. In the latter case,
1417 * pkt is really an mbuf.
1418 */
1419 static void
1420 catchpacket(d, pkt, pktlen, snaplen, cpfn, tv)
1421 struct bpf_d *d;
1422 u_char *pkt;
1423 u_int pktlen, snaplen;
1424 void (*cpfn)(const void *, void *, size_t);
1425 struct timeval *tv;
1426 {
1427 struct bpf_hdr *hp;
1428 int totlen, curlen;
1429 int hdrlen = d->bd_bif->bif_hdrlen;
1430 int do_wakeup = 0;
1431
1432 BPFD_LOCK_ASSERT(d);
1433 /*
1434 * Figure out how many bytes to move. If the packet is
1435 * greater or equal to the snapshot length, transfer that
1436 * much. Otherwise, transfer the whole packet (unless
1437 * we hit the buffer size limit).
1438 */
1439 totlen = hdrlen + min(snaplen, pktlen);
1440 if (totlen > d->bd_bufsize)
1441 totlen = d->bd_bufsize;
1442
1443 /*
1444 * Round up the end of the previous packet to the next longword.
1445 */
1446 curlen = BPF_WORDALIGN(d->bd_slen);
1447 if (curlen + totlen > d->bd_bufsize) {
1448 /*
1449 * This packet will overflow the storage buffer.
1450 * Rotate the buffers if we can, then wakeup any
1451 * pending reads.
1452 */
1453 if (d->bd_fbuf == NULL) {
1454 /*
1455 * We haven't completed the previous read yet,
1456 * so drop the packet.
1457 */
1458 ++d->bd_dcount;
1459 return;
1460 }
1461 ROTATE_BUFFERS(d);
1462 do_wakeup = 1;
1463 curlen = 0;
1464 }
1465 else if (d->bd_immediate || d->bd_state == BPF_TIMED_OUT)
1466 /*
1467 * Immediate mode is set, or the read timeout has
1468 * already expired during a select call. A packet
1469 * arrived, so the reader should be woken up.
1470 */
1471 do_wakeup = 1;
1472
1473 /*
1474 * Append the bpf header.
1475 */
1476 hp = (struct bpf_hdr *)(d->bd_sbuf + curlen);
1477 hp->bh_tstamp = *tv;
1478 hp->bh_datalen = pktlen;
1479 hp->bh_hdrlen = hdrlen;
1480 /*
1481 * Copy the packet data into the store buffer and update its length.
1482 */
1483 (*cpfn)(pkt, (u_char *)hp + hdrlen, (hp->bh_caplen = totlen - hdrlen));
1484 d->bd_slen = curlen + totlen;
1485
1486 if (do_wakeup)
1487 bpf_wakeup(d);
1488 }
1489
1490 /*
1491 * Initialize all nonzero fields of a descriptor.
1492 */
1493 static int
1494 bpf_allocbufs(d)
1495 struct bpf_d *d;
1496 {
1497 d->bd_fbuf = (caddr_t)malloc(d->bd_bufsize, M_BPF, M_WAITOK);
1498 if (d->bd_fbuf == NULL)
1499 return (ENOBUFS);
1500
1501 d->bd_sbuf = (caddr_t)malloc(d->bd_bufsize, M_BPF, M_WAITOK);
1502 if (d->bd_sbuf == NULL) {
1503 free(d->bd_fbuf, M_BPF);
1504 return (ENOBUFS);
1505 }
1506 d->bd_slen = 0;
1507 d->bd_hlen = 0;
1508 return (0);
1509 }
1510
1511 /*
1512 * Free buffers currently in use by a descriptor.
1513 * Called on close.
1514 */
1515 static void
1516 bpf_freed(d)
1517 struct bpf_d *d;
1518 {
1519 /*
1520 * We don't need to lock out interrupts since this descriptor has
1521 * been detached from its interface and it yet hasn't been marked
1522 * free.
1523 */
1524 if (d->bd_sbuf != NULL) {
1525 free(d->bd_sbuf, M_BPF);
1526 if (d->bd_hbuf != NULL)
1527 free(d->bd_hbuf, M_BPF);
1528 if (d->bd_fbuf != NULL)
1529 free(d->bd_fbuf, M_BPF);
1530 }
1531 if (d->bd_rfilter)
1532 free((caddr_t)d->bd_rfilter, M_BPF);
1533 if (d->bd_wfilter)
1534 free((caddr_t)d->bd_wfilter, M_BPF);
1535 mtx_destroy(&d->bd_mtx);
1536 }
1537
1538 /*
1539 * Attach an interface to bpf. dlt is the link layer type; hdrlen is the
1540 * fixed size of the link header (variable length headers not yet supported).
1541 */
1542 void
1543 bpfattach(ifp, dlt, hdrlen)
1544 struct ifnet *ifp;
1545 u_int dlt, hdrlen;
1546 {
1547
1548 bpfattach2(ifp, dlt, hdrlen, &ifp->if_bpf);
1549 }
1550
1551 /*
1552 * Attach an interface to bpf. ifp is a pointer to the structure
1553 * defining the interface to be attached, dlt is the link layer type,
1554 * and hdrlen is the fixed size of the link header (variable length
1555 * headers are not yet supporrted).
1556 */
1557 void
1558 bpfattach2(ifp, dlt, hdrlen, driverp)
1559 struct ifnet *ifp;
1560 u_int dlt, hdrlen;
1561 struct bpf_if **driverp;
1562 {
1563 struct bpf_if *bp;
1564 bp = (struct bpf_if *)malloc(sizeof(*bp), M_BPF, M_NOWAIT | M_ZERO);
1565 if (bp == NULL)
1566 panic("bpfattach");
1567
1568 LIST_INIT(&bp->bif_dlist);
1569 bp->bif_driverp = driverp;
1570 bp->bif_ifp = ifp;
1571 bp->bif_dlt = dlt;
1572 mtx_init(&bp->bif_mtx, "bpf interface lock", NULL, MTX_DEF);
1573
1574 mtx_lock(&bpf_mtx);
1575 LIST_INSERT_HEAD(&bpf_iflist, bp, bif_next);
1576 mtx_unlock(&bpf_mtx);
1577
1578 *bp->bif_driverp = NULL;
1579
1580 /*
1581 * Compute the length of the bpf header. This is not necessarily
1582 * equal to SIZEOF_BPF_HDR because we want to insert spacing such
1583 * that the network layer header begins on a longword boundary (for
1584 * performance reasons and to alleviate alignment restrictions).
1585 */
1586 bp->bif_hdrlen = BPF_WORDALIGN(hdrlen + SIZEOF_BPF_HDR) - hdrlen;
1587
1588 if (bootverbose)
1589 if_printf(ifp, "bpf attached\n");
1590 }
1591
1592 /*
1593 * Detach bpf from an interface. This involves detaching each descriptor
1594 * associated with the interface, and leaving bd_bif NULL. Notify each
1595 * descriptor as it's detached so that any sleepers wake up and get
1596 * ENXIO.
1597 */
1598 void
1599 bpfdetach(ifp)
1600 struct ifnet *ifp;
1601 {
1602 struct bpf_if *bp;
1603 struct bpf_d *d;
1604
1605 /* Locate BPF interface information */
1606 mtx_lock(&bpf_mtx);
1607 LIST_FOREACH(bp, &bpf_iflist, bif_next) {
1608 if (ifp == bp->bif_ifp)
1609 break;
1610 }
1611
1612 /* Interface wasn't attached */
1613 if ((bp == NULL) || (bp->bif_ifp == NULL)) {
1614 mtx_unlock(&bpf_mtx);
1615 printf("bpfdetach: %s was not attached\n", ifp->if_xname);
1616 return;
1617 }
1618
1619 LIST_REMOVE(bp, bif_next);
1620 mtx_unlock(&bpf_mtx);
1621
1622 while ((d = LIST_FIRST(&bp->bif_dlist)) != NULL) {
1623 bpf_detachd(d);
1624 BPFD_LOCK(d);
1625 bpf_wakeup(d);
1626 BPFD_UNLOCK(d);
1627 }
1628
1629 mtx_destroy(&bp->bif_mtx);
1630 free(bp, M_BPF);
1631 }
1632
1633 /*
1634 * Get a list of available data link type of the interface.
1635 */
1636 static int
1637 bpf_getdltlist(d, bfl)
1638 struct bpf_d *d;
1639 struct bpf_dltlist *bfl;
1640 {
1641 int n, error;
1642 struct ifnet *ifp;
1643 struct bpf_if *bp;
1644
1645 ifp = d->bd_bif->bif_ifp;
1646 n = 0;
1647 error = 0;
1648 mtx_lock(&bpf_mtx);
1649 LIST_FOREACH(bp, &bpf_iflist, bif_next) {
1650 if (bp->bif_ifp != ifp)
1651 continue;
1652 if (bfl->bfl_list != NULL) {
1653 if (n >= bfl->bfl_len) {
1654 mtx_unlock(&bpf_mtx);
1655 return (ENOMEM);
1656 }
1657 error = copyout(&bp->bif_dlt,
1658 bfl->bfl_list + n, sizeof(u_int));
1659 }
1660 n++;
1661 }
1662 mtx_unlock(&bpf_mtx);
1663 bfl->bfl_len = n;
1664 return (error);
1665 }
1666
1667 /*
1668 * Set the data link type of a BPF instance.
1669 */
1670 static int
1671 bpf_setdlt(d, dlt)
1672 struct bpf_d *d;
1673 u_int dlt;
1674 {
1675 int error, opromisc;
1676 struct ifnet *ifp;
1677 struct bpf_if *bp;
1678
1679 if (d->bd_bif->bif_dlt == dlt)
1680 return (0);
1681 ifp = d->bd_bif->bif_ifp;
1682 mtx_lock(&bpf_mtx);
1683 LIST_FOREACH(bp, &bpf_iflist, bif_next) {
1684 if (bp->bif_ifp == ifp && bp->bif_dlt == dlt)
1685 break;
1686 }
1687 mtx_unlock(&bpf_mtx);
1688 if (bp != NULL) {
1689 opromisc = d->bd_promisc;
1690 bpf_detachd(d);
1691 bpf_attachd(d, bp);
1692 BPFD_LOCK(d);
1693 reset_d(d);
1694 BPFD_UNLOCK(d);
1695 if (opromisc) {
1696 error = ifpromisc(bp->bif_ifp, 1);
1697 if (error)
1698 if_printf(bp->bif_ifp,
1699 "bpf_setdlt: ifpromisc failed (%d)\n",
1700 error);
1701 else
1702 d->bd_promisc = 1;
1703 }
1704 }
1705 return (bp == NULL ? EINVAL : 0);
1706 }
1707
1708 static void
1709 bpf_clone(arg, cred, name, namelen, dev)
1710 void *arg;
1711 struct ucred *cred;
1712 char *name;
1713 int namelen;
1714 struct cdev **dev;
1715 {
1716 int u;
1717
1718 if (*dev != NULL)
1719 return;
1720 if (dev_stdclone(name, NULL, "bpf", &u) != 1)
1721 return;
1722 *dev = make_dev(&bpf_cdevsw, unit2minor(u), UID_ROOT, GID_WHEEL, 0600,
1723 "bpf%d", u);
1724 dev_ref(*dev);
1725 (*dev)->si_flags |= SI_CHEAPCLONE;
1726 return;
1727 }
1728
1729 static void
1730 bpf_drvinit(unused)
1731 void *unused;
1732 {
1733
1734 mtx_init(&bpf_mtx, "bpf global lock", NULL, MTX_DEF);
1735 LIST_INIT(&bpf_iflist);
1736 EVENTHANDLER_REGISTER(dev_clone, bpf_clone, 0, 1000);
1737 }
1738
1739 static void
1740 bpfstats_fill_xbpf(struct xbpf_d *d, struct bpf_d *bd)
1741 {
1742
1743 bzero(d, sizeof(*d));
1744 BPFD_LOCK_ASSERT(bd);
1745 d->bd_immediate = bd->bd_immediate;
1746 d->bd_promisc = bd->bd_promisc;
1747 d->bd_hdrcmplt = bd->bd_hdrcmplt;
1748 d->bd_seesent = bd->bd_seesent;
1749 d->bd_async = bd->bd_async;
1750 d->bd_rcount = bd->bd_rcount;
1751 d->bd_dcount = bd->bd_dcount;
1752 d->bd_fcount = bd->bd_fcount;
1753 d->bd_sig = bd->bd_sig;
1754 d->bd_slen = bd->bd_slen;
1755 d->bd_hlen = bd->bd_hlen;
1756 d->bd_bufsize = bd->bd_bufsize;
1757 d->bd_pid = bd->bd_pid;
1758 strlcpy(d->bd_ifname,
1759 bd->bd_bif->bif_ifp->if_xname, IFNAMSIZ);
1760 strlcpy(d->bd_pcomm, bd->bd_pcomm, MAXCOMLEN);
1761 d->bd_locked = bd->bd_locked;
1762 }
1763
1764 static int
1765 bpf_stats_sysctl(SYSCTL_HANDLER_ARGS)
1766 {
1767 struct xbpf_d *xbdbuf, *xbd;
1768 int index, error;
1769 struct bpf_if *bp;
1770 struct bpf_d *bd;
1771
1772 /*
1773 * XXX This is not technically correct. It is possible for non
1774 * privileged users to open bpf devices. It would make sense
1775 * if the users who opened the devices were able to retrieve
1776 * the statistics for them, too.
1777 */
1778 error = suser(req->td);
1779 if (error)
1780 return (error);
1781 if (req->oldptr == NULL)
1782 return (SYSCTL_OUT(req, 0, bpf_bpfd_cnt * sizeof(*xbd)));
1783 if (bpf_bpfd_cnt == 0)
1784 return (SYSCTL_OUT(req, 0, 0));
1785 xbdbuf = malloc(req->oldlen, M_BPF, M_WAITOK);
1786 mtx_lock(&bpf_mtx);
1787 if (req->oldlen < (bpf_bpfd_cnt * sizeof(*xbd))) {
1788 mtx_unlock(&bpf_mtx);
1789 free(xbdbuf, M_BPF);
1790 return (ENOMEM);
1791 }
1792 index = 0;
1793 LIST_FOREACH(bp, &bpf_iflist, bif_next) {
1794 BPFIF_LOCK(bp);
1795 LIST_FOREACH(bd, &bp->bif_dlist, bd_next) {
1796 xbd = &xbdbuf[index++];
1797 BPFD_LOCK(bd);
1798 bpfstats_fill_xbpf(xbd, bd);
1799 BPFD_UNLOCK(bd);
1800 }
1801 BPFIF_UNLOCK(bp);
1802 }
1803 mtx_unlock(&bpf_mtx);
1804 error = SYSCTL_OUT(req, xbdbuf, index * sizeof(*xbd));
1805 free(xbdbuf, M_BPF);
1806 return (error);
1807 }
1808
1809 SYSINIT(bpfdev,SI_SUB_DRIVERS,SI_ORDER_MIDDLE,bpf_drvinit,NULL)
1810
1811 #else /* !DEV_BPF && !NETGRAPH_BPF */
1812 /*
1813 * NOP stubs to allow bpf-using drivers to load and function.
1814 *
1815 * A 'better' implementation would allow the core bpf functionality
1816 * to be loaded at runtime.
1817 */
1818
1819 void
1820 bpf_tap(bp, pkt, pktlen)
1821 struct bpf_if *bp;
1822 u_char *pkt;
1823 u_int pktlen;
1824 {
1825 }
1826
1827 void
1828 bpf_mtap(bp, m)
1829 struct bpf_if *bp;
1830 struct mbuf *m;
1831 {
1832 }
1833
1834 void
1835 bpf_mtap2(bp, d, l, m)
1836 struct bpf_if *bp;
1837 void *d;
1838 u_int l;
1839 struct mbuf *m;
1840 {
1841 }
1842
1843 void
1844 bpfattach(ifp, dlt, hdrlen)
1845 struct ifnet *ifp;
1846 u_int dlt, hdrlen;
1847 {
1848 }
1849
1850 void
1851 bpfattach2(ifp, dlt, hdrlen, driverp)
1852 struct ifnet *ifp;
1853 u_int dlt, hdrlen;
1854 struct bpf_if **driverp;
1855 {
1856 }
1857
1858 void
1859 bpfdetach(ifp)
1860 struct ifnet *ifp;
1861 {
1862 }
1863
1864 u_int
1865 bpf_filter(pc, p, wirelen, buflen)
1866 const struct bpf_insn *pc;
1867 u_char *p;
1868 u_int wirelen;
1869 u_int buflen;
1870 {
1871 return -1; /* "no filter" behaviour */
1872 }
1873
1874 int
1875 bpf_validate(f, len)
1876 const struct bpf_insn *f;
1877 int len;
1878 {
1879 return 0; /* false */
1880 }
1881
1882 #endif /* !DEV_BPF && !NETGRAPH_BPF */
Cache object: adcb92ee751e4bd93ce17146cbf4efdd
|