FreeBSD/Linux Kernel Cross Reference
sys/net/bpf.c
1 /*-
2 * Copyright (c) 1990, 1991, 1993
3 * The Regents of the University of California. All rights reserved.
4 *
5 * This code is derived from the Stanford/CMU enet packet filter,
6 * (net/enet.c) distributed as part of 4.3BSD, and code contributed
7 * to Berkeley by Steven McCanne and Van Jacobson both of Lawrence
8 * Berkeley Laboratory.
9 *
10 * Redistribution and use in source and binary forms, with or without
11 * modification, are permitted provided that the following conditions
12 * are met:
13 * 1. Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer.
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in the
17 * documentation and/or other materials provided with the distribution.
18 * 4. Neither the name of the University nor the names of its contributors
19 * may be used to endorse or promote products derived from this software
20 * without specific prior written permission.
21 *
22 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
23 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
25 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
26 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
28 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
29 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
30 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
31 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32 * SUCH DAMAGE.
33 *
34 * @(#)bpf.c 8.4 (Berkeley) 1/9/95
35 *
36 * $FreeBSD$
37 */
38
39 #include "opt_bpf.h"
40 #include "opt_mac.h"
41 #include "opt_netgraph.h"
42
43 #include <sys/types.h>
44 #include <sys/param.h>
45 #include <sys/systm.h>
46 #include <sys/conf.h>
47 #include <sys/fcntl.h>
48 #include <sys/mac.h>
49 #include <sys/malloc.h>
50 #include <sys/mbuf.h>
51 #include <sys/time.h>
52 #include <sys/proc.h>
53 #include <sys/signalvar.h>
54 #include <sys/filio.h>
55 #include <sys/sockio.h>
56 #include <sys/ttycom.h>
57 #include <sys/uio.h>
58
59 #include <sys/event.h>
60 #include <sys/file.h>
61 #include <sys/poll.h>
62 #include <sys/proc.h>
63
64 #include <sys/socket.h>
65
66 #include <net/if.h>
67 #include <net/bpf.h>
68 #include <net/bpfdesc.h>
69
70 #include <netinet/in.h>
71 #include <netinet/if_ether.h>
72 #include <sys/kernel.h>
73 #include <sys/sysctl.h>
74
75 static MALLOC_DEFINE(M_BPF, "BPF", "BPF data");
76
77 #if defined(DEV_BPF) || defined(NETGRAPH_BPF)
78
79 #define PRINET 26 /* interruptible */
80
81 /*
82 * bpf_iflist is a list of BPF interface structures, each corresponding to a
83 * specific DLT. The same network interface might have several BPF interface
84 * structures registered by different layers in the stack (i.e., 802.11
85 * frames, ethernet frames, etc).
86 */
87 static LIST_HEAD(, bpf_if) bpf_iflist;
88 static struct mtx bpf_mtx; /* bpf global lock */
89 static int bpf_bpfd_cnt;
90
91 static int bpf_allocbufs(struct bpf_d *);
92 static void bpf_attachd(struct bpf_d *, struct bpf_if *);
93 static void bpf_detachd(struct bpf_d *);
94 static void bpf_freed(struct bpf_d *);
95 static void bpf_mcopy(const void *, void *, size_t);
96 static int bpf_movein(struct uio *, int, struct ifnet *,
97 struct mbuf **, struct sockaddr *, struct bpf_insn *);
98 static int bpf_setif(struct bpf_d *, struct ifreq *);
99 static void bpf_timed_out(void *);
100 static __inline void
101 bpf_wakeup(struct bpf_d *);
102 static void catchpacket(struct bpf_d *, u_char *, u_int,
103 u_int, void (*)(const void *, void *, size_t),
104 struct timeval *);
105 static void reset_d(struct bpf_d *);
106 static int bpf_setf(struct bpf_d *, struct bpf_program *, u_long cmd);
107 static int bpf_getdltlist(struct bpf_d *, struct bpf_dltlist *);
108 static int bpf_setdlt(struct bpf_d *, u_int);
109 static void filt_bpfdetach(struct knote *);
110 static int filt_bpfread(struct knote *, long);
111 static void bpf_drvinit(void *);
112 static void bpf_clone(void *, struct ucred *, char *, int, struct cdev **);
113 static int bpf_stats_sysctl(SYSCTL_HANDLER_ARGS);
114
115 /*
116 * The default read buffer size is patchable.
117 */
118 SYSCTL_NODE(_net, OID_AUTO, bpf, CTLFLAG_RW, 0, "bpf sysctl");
119 static int bpf_bufsize = 4096;
120 SYSCTL_INT(_net_bpf, OID_AUTO, bufsize, CTLFLAG_RW,
121 &bpf_bufsize, 0, "");
122 static int bpf_maxbufsize = BPF_MAXBUFSIZE;
123 SYSCTL_INT(_net_bpf, OID_AUTO, maxbufsize, CTLFLAG_RW,
124 &bpf_maxbufsize, 0, "");
125 static int bpf_maxinsns = BPF_MAXINSNS;
126 SYSCTL_INT(_net_bpf, OID_AUTO, maxinsns, CTLFLAG_RW,
127 &bpf_maxinsns, 0, "Maximum bpf program instructions");
128 SYSCTL_NODE(_net_bpf, OID_AUTO, stats, CTLFLAG_RW,
129 bpf_stats_sysctl, "bpf statistics portal");
130
131 static d_open_t bpfopen;
132 static d_close_t bpfclose;
133 static d_read_t bpfread;
134 static d_write_t bpfwrite;
135 static d_ioctl_t bpfioctl;
136 static d_poll_t bpfpoll;
137 static d_kqfilter_t bpfkqfilter;
138
139 static struct cdevsw bpf_cdevsw = {
140 .d_version = D_VERSION,
141 .d_flags = D_NEEDGIANT | D_TRACKCLOSE,
142 .d_open = bpfopen,
143 .d_close = bpfclose,
144 .d_read = bpfread,
145 .d_write = bpfwrite,
146 .d_ioctl = bpfioctl,
147 .d_poll = bpfpoll,
148 .d_name = "bpf",
149 .d_kqfilter = bpfkqfilter,
150 };
151
152 static struct filterops bpfread_filtops =
153 { 1, NULL, filt_bpfdetach, filt_bpfread };
154
155 static int
156 bpf_movein(struct uio *uio, int linktype, struct ifnet *ifp, struct mbuf **mp,
157 struct sockaddr *sockp, struct bpf_insn *wfilter)
158 {
159 struct ether_header *eh;
160 struct mbuf *m;
161 int error;
162 int len;
163 int hlen;
164 int slen;
165
166 /*
167 * Build a sockaddr based on the data link layer type.
168 * We do this at this level because the ethernet header
169 * is copied directly into the data field of the sockaddr.
170 * In the case of SLIP, there is no header and the packet
171 * is forwarded as is.
172 * Also, we are careful to leave room at the front of the mbuf
173 * for the link level header.
174 */
175 switch (linktype) {
176
177 case DLT_SLIP:
178 sockp->sa_family = AF_INET;
179 hlen = 0;
180 break;
181
182 case DLT_EN10MB:
183 sockp->sa_family = AF_UNSPEC;
184 /* XXX Would MAXLINKHDR be better? */
185 hlen = ETHER_HDR_LEN;
186 break;
187
188 case DLT_FDDI:
189 sockp->sa_family = AF_IMPLINK;
190 hlen = 0;
191 break;
192
193 case DLT_RAW:
194 sockp->sa_family = AF_UNSPEC;
195 hlen = 0;
196 break;
197
198 case DLT_NULL:
199 /*
200 * null interface types require a 4 byte pseudo header which
201 * corresponds to the address family of the packet.
202 */
203 sockp->sa_family = AF_UNSPEC;
204 hlen = 4;
205 break;
206
207 case DLT_ATM_RFC1483:
208 /*
209 * en atm driver requires 4-byte atm pseudo header.
210 * though it isn't standard, vpi:vci needs to be
211 * specified anyway.
212 */
213 sockp->sa_family = AF_UNSPEC;
214 hlen = 12; /* XXX 4(ATM_PH) + 3(LLC) + 5(SNAP) */
215 break;
216
217 case DLT_PPP:
218 sockp->sa_family = AF_UNSPEC;
219 hlen = 4; /* This should match PPP_HDRLEN */
220 break;
221
222 default:
223 return (EIO);
224 }
225
226 len = uio->uio_resid;
227
228 if (len - hlen > ifp->if_mtu)
229 return (EMSGSIZE);
230
231 if ((unsigned)len > MJUM16BYTES)
232 return (EIO);
233
234 if (len <= MHLEN)
235 MGETHDR(m, M_TRYWAIT, MT_DATA);
236 else if (len <= MCLBYTES)
237 m = m_getcl(M_TRYWAIT, MT_DATA, M_PKTHDR);
238 else
239 m = m_getjcl(M_TRYWAIT, MT_DATA, M_PKTHDR,
240 #if (MJUMPAGESIZE > MCLBYTES)
241 len <= MJUMPAGESIZE ? MJUMPAGESIZE :
242 #endif
243 (len <= MJUM9BYTES ? MJUM9BYTES : MJUM16BYTES));
244 if (m == NULL)
245 return (ENOBUFS);
246 m->m_pkthdr.len = m->m_len = len;
247 m->m_pkthdr.rcvif = NULL;
248 *mp = m;
249
250 if (m->m_len < hlen) {
251 error = EPERM;
252 goto bad;
253 }
254
255 error = uiomove(mtod(m, u_char *), len, uio);
256 if (error)
257 goto bad;
258
259 slen = bpf_filter(wfilter, mtod(m, u_char *), len, len);
260 if (slen == 0) {
261 error = EPERM;
262 goto bad;
263 }
264
265 /* Check for multicast destination */
266 switch (linktype) {
267 case DLT_EN10MB:
268 eh = mtod(m, struct ether_header *);
269 if (ETHER_IS_MULTICAST(eh->ether_dhost)) {
270 if (bcmp(ifp->if_broadcastaddr, eh->ether_dhost,
271 ETHER_ADDR_LEN) == 0)
272 m->m_flags |= M_BCAST;
273 else
274 m->m_flags |= M_MCAST;
275 }
276 break;
277 }
278
279 /*
280 * Make room for link header, and copy it to sockaddr
281 */
282 if (hlen != 0) {
283 bcopy(m->m_data, sockp->sa_data, hlen);
284 m->m_pkthdr.len -= hlen;
285 m->m_len -= hlen;
286 #if BSD >= 199103
287 m->m_data += hlen; /* XXX */
288 #else
289 m->m_off += hlen;
290 #endif
291 }
292
293 return (0);
294 bad:
295 m_freem(m);
296 return (error);
297 }
298
299 /*
300 * Attach file to the bpf interface, i.e. make d listen on bp.
301 */
302 static void
303 bpf_attachd(struct bpf_d *d, struct bpf_if *bp)
304 {
305 /*
306 * Point d at bp, and add d to the interface's list of listeners.
307 * Finally, point the driver's bpf cookie at the interface so
308 * it will divert packets to bpf.
309 */
310 BPFIF_LOCK(bp);
311 d->bd_bif = bp;
312 LIST_INSERT_HEAD(&bp->bif_dlist, d, bd_next);
313
314 bpf_bpfd_cnt++;
315 BPFIF_UNLOCK(bp);
316 }
317
318 /*
319 * Detach a file from its interface.
320 */
321 static void
322 bpf_detachd(struct bpf_d *d)
323 {
324 int error;
325 struct bpf_if *bp;
326 struct ifnet *ifp;
327
328 bp = d->bd_bif;
329 BPFIF_LOCK(bp);
330 BPFD_LOCK(d);
331 ifp = d->bd_bif->bif_ifp;
332
333 /*
334 * Remove d from the interface's descriptor list.
335 */
336 LIST_REMOVE(d, bd_next);
337
338 bpf_bpfd_cnt--;
339 d->bd_bif = NULL;
340 BPFD_UNLOCK(d);
341 BPFIF_UNLOCK(bp);
342
343 /*
344 * Check if this descriptor had requested promiscuous mode.
345 * If so, turn it off.
346 */
347 if (d->bd_promisc) {
348 d->bd_promisc = 0;
349 error = ifpromisc(ifp, 0);
350 if (error != 0 && error != ENXIO) {
351 /*
352 * ENXIO can happen if a pccard is unplugged
353 * Something is really wrong if we were able to put
354 * the driver into promiscuous mode, but can't
355 * take it out.
356 */
357 if_printf(bp->bif_ifp,
358 "bpf_detach: ifpromisc failed (%d)\n", error);
359 }
360 }
361 }
362
363 /*
364 * Open ethernet device. Returns ENXIO for illegal minor device number,
365 * EBUSY if file is open by another process.
366 */
367 /* ARGSUSED */
368 static int
369 bpfopen(struct cdev *dev, int flags, int fmt, struct thread *td)
370 {
371 struct bpf_d *d;
372
373 mtx_lock(&bpf_mtx);
374 d = dev->si_drv1;
375 /*
376 * Each minor can be opened by only one process. If the requested
377 * minor is in use, return EBUSY.
378 */
379 if (d != NULL) {
380 mtx_unlock(&bpf_mtx);
381 return (EBUSY);
382 }
383 dev->si_drv1 = (struct bpf_d *)~0; /* mark device in use */
384 mtx_unlock(&bpf_mtx);
385
386 if ((dev->si_flags & SI_NAMED) == 0)
387 make_dev(&bpf_cdevsw, minor(dev), UID_ROOT, GID_WHEEL, 0600,
388 "bpf%d", dev2unit(dev));
389 MALLOC(d, struct bpf_d *, sizeof(*d), M_BPF, M_WAITOK | M_ZERO);
390 dev->si_drv1 = d;
391 d->bd_bufsize = bpf_bufsize;
392 d->bd_sig = SIGIO;
393 d->bd_seesent = 1;
394 d->bd_pid = td->td_proc->p_pid;
395 strlcpy(d->bd_pcomm, td->td_proc->p_comm, MAXCOMLEN);
396 #ifdef MAC
397 mac_init_bpfdesc(d);
398 mac_create_bpfdesc(td->td_ucred, d);
399 #endif
400 mtx_init(&d->bd_mtx, devtoname(dev), "bpf cdev lock", MTX_DEF);
401 callout_init_mtx(&d->bd_callout, &d->bd_mtx, 0);
402 knlist_init(&d->bd_sel.si_note, &d->bd_mtx, NULL, NULL, NULL);
403
404 return (0);
405 }
406
407 /*
408 * Close the descriptor by detaching it from its interface,
409 * deallocating its buffers, and marking it free.
410 */
411 /* ARGSUSED */
412 static int
413 bpfclose(struct cdev *dev, int flags, int fmt, struct thread *td)
414 {
415 struct bpf_d *d = dev->si_drv1;
416
417 BPFD_LOCK(d);
418 if (d->bd_state == BPF_WAITING)
419 callout_stop(&d->bd_callout);
420 d->bd_state = BPF_IDLE;
421 BPFD_UNLOCK(d);
422 funsetown(&d->bd_sigio);
423 mtx_lock(&bpf_mtx);
424 if (d->bd_bif)
425 bpf_detachd(d);
426 mtx_unlock(&bpf_mtx);
427 selwakeuppri(&d->bd_sel, PRINET);
428 #ifdef MAC
429 mac_destroy_bpfdesc(d);
430 #endif /* MAC */
431 knlist_destroy(&d->bd_sel.si_note);
432 callout_drain(&d->bd_callout);
433 bpf_freed(d);
434 dev->si_drv1 = NULL;
435 free(d, M_BPF);
436
437 return (0);
438 }
439
440
441 /*
442 * Rotate the packet buffers in descriptor d. Move the store buffer
443 * into the hold slot, and the free buffer into the store slot.
444 * Zero the length of the new store buffer.
445 */
446 #define ROTATE_BUFFERS(d) \
447 (d)->bd_hbuf = (d)->bd_sbuf; \
448 (d)->bd_hlen = (d)->bd_slen; \
449 (d)->bd_sbuf = (d)->bd_fbuf; \
450 (d)->bd_slen = 0; \
451 (d)->bd_fbuf = NULL;
452 /*
453 * bpfread - read next chunk of packets from buffers
454 */
455 static int
456 bpfread(struct cdev *dev, struct uio *uio, int ioflag)
457 {
458 struct bpf_d *d = dev->si_drv1;
459 int error;
460 int non_block;
461 int timed_out;
462
463 /*
464 * Restrict application to use a buffer the same size as
465 * as kernel buffers.
466 */
467 if (uio->uio_resid != d->bd_bufsize)
468 return (EINVAL);
469
470 non_block = ((ioflag & O_NONBLOCK) != 0);
471
472 BPFD_LOCK(d);
473 d->bd_pid = curthread->td_proc->p_pid;
474 if (d->bd_state == BPF_WAITING)
475 callout_stop(&d->bd_callout);
476 timed_out = (d->bd_state == BPF_TIMED_OUT);
477 d->bd_state = BPF_IDLE;
478 /*
479 * If the hold buffer is empty, then do a timed sleep, which
480 * ends when the timeout expires or when enough packets
481 * have arrived to fill the store buffer.
482 */
483 while (d->bd_hbuf == NULL) {
484 if (d->bd_slen != 0) {
485 /*
486 * A packet(s) either arrived since the previous
487 * read or arrived while we were asleep.
488 */
489 if (d->bd_immediate || non_block || timed_out) {
490 /*
491 * Rotate the buffers and return what's here
492 * if we are in immediate mode, non-blocking
493 * flag is set, or this descriptor timed out.
494 */
495 ROTATE_BUFFERS(d);
496 break;
497 }
498 }
499
500 /*
501 * No data is available, check to see if the bpf device
502 * is still pointed at a real interface. If not, return
503 * ENXIO so that the userland process knows to rebind
504 * it before using it again.
505 */
506 if (d->bd_bif == NULL) {
507 BPFD_UNLOCK(d);
508 return (ENXIO);
509 }
510
511 if (non_block) {
512 BPFD_UNLOCK(d);
513 return (EWOULDBLOCK);
514 }
515 error = msleep(d, &d->bd_mtx, PRINET|PCATCH,
516 "bpf", d->bd_rtout);
517 if (error == EINTR || error == ERESTART) {
518 BPFD_UNLOCK(d);
519 return (error);
520 }
521 if (error == EWOULDBLOCK) {
522 /*
523 * On a timeout, return what's in the buffer,
524 * which may be nothing. If there is something
525 * in the store buffer, we can rotate the buffers.
526 */
527 if (d->bd_hbuf)
528 /*
529 * We filled up the buffer in between
530 * getting the timeout and arriving
531 * here, so we don't need to rotate.
532 */
533 break;
534
535 if (d->bd_slen == 0) {
536 BPFD_UNLOCK(d);
537 return (0);
538 }
539 ROTATE_BUFFERS(d);
540 break;
541 }
542 }
543 /*
544 * At this point, we know we have something in the hold slot.
545 */
546 BPFD_UNLOCK(d);
547
548 /*
549 * Move data from hold buffer into user space.
550 * We know the entire buffer is transferred since
551 * we checked above that the read buffer is bpf_bufsize bytes.
552 */
553 error = uiomove(d->bd_hbuf, d->bd_hlen, uio);
554
555 BPFD_LOCK(d);
556 d->bd_fbuf = d->bd_hbuf;
557 d->bd_hbuf = NULL;
558 d->bd_hlen = 0;
559 BPFD_UNLOCK(d);
560
561 return (error);
562 }
563
564
565 /*
566 * If there are processes sleeping on this descriptor, wake them up.
567 */
568 static __inline void
569 bpf_wakeup(struct bpf_d *d)
570 {
571
572 BPFD_LOCK_ASSERT(d);
573 if (d->bd_state == BPF_WAITING) {
574 callout_stop(&d->bd_callout);
575 d->bd_state = BPF_IDLE;
576 }
577 wakeup(d);
578 if (d->bd_async && d->bd_sig && d->bd_sigio)
579 pgsigio(&d->bd_sigio, d->bd_sig, 0);
580
581 selwakeuppri(&d->bd_sel, PRINET);
582 KNOTE_LOCKED(&d->bd_sel.si_note, 0);
583 }
584
585 static void
586 bpf_timed_out(void *arg)
587 {
588 struct bpf_d *d = (struct bpf_d *)arg;
589
590 BPFD_LOCK_ASSERT(d);
591
592 if (callout_pending(&d->bd_callout) || !callout_active(&d->bd_callout))
593 return;
594 if (d->bd_state == BPF_WAITING) {
595 d->bd_state = BPF_TIMED_OUT;
596 if (d->bd_slen != 0)
597 bpf_wakeup(d);
598 }
599 }
600
601 static int
602 bpfwrite(struct cdev *dev, struct uio *uio, int ioflag)
603 {
604 struct bpf_d *d = dev->si_drv1;
605 struct ifnet *ifp;
606 struct mbuf *m;
607 int error;
608 struct sockaddr dst;
609
610 d->bd_pid = curthread->td_proc->p_pid;
611 if (d->bd_bif == NULL)
612 return (ENXIO);
613
614 ifp = d->bd_bif->bif_ifp;
615
616 if ((ifp->if_flags & IFF_UP) == 0)
617 return (ENETDOWN);
618
619 if (uio->uio_resid == 0)
620 return (0);
621
622 bzero(&dst, sizeof(dst));
623 error = bpf_movein(uio, (int)d->bd_bif->bif_dlt, ifp,
624 &m, &dst, d->bd_wfilter);
625 if (error)
626 return (error);
627
628 if (d->bd_hdrcmplt)
629 dst.sa_family = pseudo_AF_HDRCMPLT;
630
631 #ifdef MAC
632 BPFD_LOCK(d);
633 mac_create_mbuf_from_bpfdesc(d, m);
634 BPFD_UNLOCK(d);
635 #endif
636 NET_LOCK_GIANT();
637 error = (*ifp->if_output)(ifp, m, &dst, NULL);
638 NET_UNLOCK_GIANT();
639 /*
640 * The driver frees the mbuf.
641 */
642 return (error);
643 }
644
645 /*
646 * Reset a descriptor by flushing its packet buffer and clearing the
647 * receive and drop counts.
648 */
649 static void
650 reset_d(struct bpf_d *d)
651 {
652
653 mtx_assert(&d->bd_mtx, MA_OWNED);
654 if (d->bd_hbuf) {
655 /* Free the hold buffer. */
656 d->bd_fbuf = d->bd_hbuf;
657 d->bd_hbuf = NULL;
658 }
659 d->bd_slen = 0;
660 d->bd_hlen = 0;
661 d->bd_rcount = 0;
662 d->bd_dcount = 0;
663 d->bd_fcount = 0;
664 }
665
666 /*
667 * FIONREAD Check for read packet available.
668 * SIOCGIFADDR Get interface address - convenient hook to driver.
669 * BIOCGBLEN Get buffer len [for read()].
670 * BIOCSETF Set ethernet read filter.
671 * BIOCSETWF Set ethernet write filter.
672 * BIOCFLUSH Flush read packet buffer.
673 * BIOCPROMISC Put interface into promiscuous mode.
674 * BIOCGDLT Get link layer type.
675 * BIOCGETIF Get interface name.
676 * BIOCSETIF Set interface.
677 * BIOCSRTIMEOUT Set read timeout.
678 * BIOCGRTIMEOUT Get read timeout.
679 * BIOCGSTATS Get packet stats.
680 * BIOCIMMEDIATE Set immediate mode.
681 * BIOCVERSION Get filter language version.
682 * BIOCGHDRCMPLT Get "header already complete" flag
683 * BIOCSHDRCMPLT Set "header already complete" flag
684 * BIOCGSEESENT Get "see packets sent" flag
685 * BIOCSSEESENT Set "see packets sent" flag
686 * BIOCLOCK Set "locked" flag
687 */
688 /* ARGSUSED */
689 static int
690 bpfioctl(struct cdev *dev, u_long cmd, caddr_t addr, int flags,
691 struct thread *td)
692 {
693 struct bpf_d *d = dev->si_drv1;
694 int error = 0;
695
696 /*
697 * Refresh PID associated with this descriptor.
698 */
699 d->bd_pid = td->td_proc->p_pid;
700 BPFD_LOCK(d);
701 if (d->bd_state == BPF_WAITING)
702 callout_stop(&d->bd_callout);
703 d->bd_state = BPF_IDLE;
704 BPFD_UNLOCK(d);
705
706 if (d->bd_locked == 1) {
707 switch (cmd) {
708 case BIOCGBLEN:
709 case BIOCFLUSH:
710 case BIOCGDLT:
711 case BIOCGDLTLIST:
712 case BIOCGETIF:
713 case BIOCGRTIMEOUT:
714 case BIOCGSTATS:
715 case BIOCVERSION:
716 case BIOCGRSIG:
717 case BIOCGHDRCMPLT:
718 case FIONREAD:
719 case BIOCLOCK:
720 case BIOCSRTIMEOUT:
721 case BIOCIMMEDIATE:
722 case TIOCGPGRP:
723 break;
724 default:
725 return (EPERM);
726 }
727 }
728 switch (cmd) {
729
730 default:
731 error = EINVAL;
732 break;
733
734 /*
735 * Check for read packet available.
736 */
737 case FIONREAD:
738 {
739 int n;
740
741 BPFD_LOCK(d);
742 n = d->bd_slen;
743 if (d->bd_hbuf)
744 n += d->bd_hlen;
745 BPFD_UNLOCK(d);
746
747 *(int *)addr = n;
748 break;
749 }
750
751 case SIOCGIFADDR:
752 {
753 struct ifnet *ifp;
754
755 if (d->bd_bif == NULL)
756 error = EINVAL;
757 else {
758 ifp = d->bd_bif->bif_ifp;
759 error = (*ifp->if_ioctl)(ifp, cmd, addr);
760 }
761 break;
762 }
763
764 /*
765 * Get buffer len [for read()].
766 */
767 case BIOCGBLEN:
768 *(u_int *)addr = d->bd_bufsize;
769 break;
770
771 /*
772 * Set buffer length.
773 */
774 case BIOCSBLEN:
775 if (d->bd_bif != NULL)
776 error = EINVAL;
777 else {
778 u_int size = *(u_int *)addr;
779
780 if (size > bpf_maxbufsize)
781 *(u_int *)addr = size = bpf_maxbufsize;
782 else if (size < BPF_MINBUFSIZE)
783 *(u_int *)addr = size = BPF_MINBUFSIZE;
784 d->bd_bufsize = size;
785 }
786 break;
787
788 /*
789 * Set link layer read filter.
790 */
791 case BIOCSETF:
792 case BIOCSETWF:
793 error = bpf_setf(d, (struct bpf_program *)addr, cmd);
794 break;
795
796 /*
797 * Flush read packet buffer.
798 */
799 case BIOCFLUSH:
800 BPFD_LOCK(d);
801 reset_d(d);
802 BPFD_UNLOCK(d);
803 break;
804
805 /*
806 * Put interface into promiscuous mode.
807 */
808 case BIOCPROMISC:
809 if (d->bd_bif == NULL) {
810 /*
811 * No interface attached yet.
812 */
813 error = EINVAL;
814 break;
815 }
816 if (d->bd_promisc == 0) {
817 mtx_lock(&Giant);
818 error = ifpromisc(d->bd_bif->bif_ifp, 1);
819 mtx_unlock(&Giant);
820 if (error == 0)
821 d->bd_promisc = 1;
822 }
823 break;
824
825 /*
826 * Get current data link type.
827 */
828 case BIOCGDLT:
829 if (d->bd_bif == NULL)
830 error = EINVAL;
831 else
832 *(u_int *)addr = d->bd_bif->bif_dlt;
833 break;
834
835 /*
836 * Get a list of supported data link types.
837 */
838 case BIOCGDLTLIST:
839 if (d->bd_bif == NULL)
840 error = EINVAL;
841 else
842 error = bpf_getdltlist(d, (struct bpf_dltlist *)addr);
843 break;
844
845 /*
846 * Set data link type.
847 */
848 case BIOCSDLT:
849 if (d->bd_bif == NULL)
850 error = EINVAL;
851 else
852 error = bpf_setdlt(d, *(u_int *)addr);
853 break;
854
855 /*
856 * Get interface name.
857 */
858 case BIOCGETIF:
859 if (d->bd_bif == NULL)
860 error = EINVAL;
861 else {
862 struct ifnet *const ifp = d->bd_bif->bif_ifp;
863 struct ifreq *const ifr = (struct ifreq *)addr;
864
865 strlcpy(ifr->ifr_name, ifp->if_xname,
866 sizeof(ifr->ifr_name));
867 }
868 break;
869
870 /*
871 * Set interface.
872 */
873 case BIOCSETIF:
874 error = bpf_setif(d, (struct ifreq *)addr);
875 break;
876
877 /*
878 * Set read timeout.
879 */
880 case BIOCSRTIMEOUT:
881 {
882 struct timeval *tv = (struct timeval *)addr;
883
884 /*
885 * Subtract 1 tick from tvtohz() since this isn't
886 * a one-shot timer.
887 */
888 if ((error = itimerfix(tv)) == 0)
889 d->bd_rtout = tvtohz(tv) - 1;
890 break;
891 }
892
893 /*
894 * Get read timeout.
895 */
896 case BIOCGRTIMEOUT:
897 {
898 struct timeval *tv = (struct timeval *)addr;
899
900 tv->tv_sec = d->bd_rtout / hz;
901 tv->tv_usec = (d->bd_rtout % hz) * tick;
902 break;
903 }
904
905 /*
906 * Get packet stats.
907 */
908 case BIOCGSTATS:
909 {
910 struct bpf_stat *bs = (struct bpf_stat *)addr;
911
912 bs->bs_recv = d->bd_rcount;
913 bs->bs_drop = d->bd_dcount;
914 break;
915 }
916
917 /*
918 * Set immediate mode.
919 */
920 case BIOCIMMEDIATE:
921 d->bd_immediate = *(u_int *)addr;
922 break;
923
924 case BIOCVERSION:
925 {
926 struct bpf_version *bv = (struct bpf_version *)addr;
927
928 bv->bv_major = BPF_MAJOR_VERSION;
929 bv->bv_minor = BPF_MINOR_VERSION;
930 break;
931 }
932
933 /*
934 * Get "header already complete" flag
935 */
936 case BIOCGHDRCMPLT:
937 *(u_int *)addr = d->bd_hdrcmplt;
938 break;
939
940 case BIOCLOCK:
941 d->bd_locked = 1;
942 break;
943 /*
944 * Set "header already complete" flag
945 */
946 case BIOCSHDRCMPLT:
947 d->bd_hdrcmplt = *(u_int *)addr ? 1 : 0;
948 break;
949
950 /*
951 * Get "see sent packets" flag
952 */
953 case BIOCGSEESENT:
954 *(u_int *)addr = d->bd_seesent;
955 break;
956
957 /*
958 * Set "see sent packets" flag
959 */
960 case BIOCSSEESENT:
961 d->bd_seesent = *(u_int *)addr;
962 break;
963
964 case FIONBIO: /* Non-blocking I/O */
965 break;
966
967 case FIOASYNC: /* Send signal on receive packets */
968 d->bd_async = *(int *)addr;
969 break;
970
971 case FIOSETOWN:
972 error = fsetown(*(int *)addr, &d->bd_sigio);
973 break;
974
975 case FIOGETOWN:
976 *(int *)addr = fgetown(&d->bd_sigio);
977 break;
978
979 /* This is deprecated, FIOSETOWN should be used instead. */
980 case TIOCSPGRP:
981 error = fsetown(-(*(int *)addr), &d->bd_sigio);
982 break;
983
984 /* This is deprecated, FIOGETOWN should be used instead. */
985 case TIOCGPGRP:
986 *(int *)addr = -fgetown(&d->bd_sigio);
987 break;
988
989 case BIOCSRSIG: /* Set receive signal */
990 {
991 u_int sig;
992
993 sig = *(u_int *)addr;
994
995 if (sig >= NSIG)
996 error = EINVAL;
997 else
998 d->bd_sig = sig;
999 break;
1000 }
1001 case BIOCGRSIG:
1002 *(u_int *)addr = d->bd_sig;
1003 break;
1004 }
1005 return (error);
1006 }
1007
1008 /*
1009 * Set d's packet filter program to fp. If this file already has a filter,
1010 * free it and replace it. Returns EINVAL for bogus requests.
1011 */
1012 static int
1013 bpf_setf(struct bpf_d *d, struct bpf_program *fp, u_long cmd)
1014 {
1015 struct bpf_insn *fcode, *old;
1016 u_int wfilter, flen, size;
1017
1018 if (cmd == BIOCSETWF) {
1019 old = d->bd_wfilter;
1020 wfilter = 1;
1021 } else {
1022 wfilter = 0;
1023 old = d->bd_rfilter;
1024 }
1025 if (fp->bf_insns == NULL) {
1026 if (fp->bf_len != 0)
1027 return (EINVAL);
1028 BPFD_LOCK(d);
1029 if (wfilter)
1030 d->bd_wfilter = NULL;
1031 else
1032 d->bd_rfilter = NULL;
1033 reset_d(d);
1034 BPFD_UNLOCK(d);
1035 if (old != NULL)
1036 free((caddr_t)old, M_BPF);
1037 return (0);
1038 }
1039 flen = fp->bf_len;
1040 if (flen > bpf_maxinsns)
1041 return (EINVAL);
1042
1043 size = flen * sizeof(*fp->bf_insns);
1044 fcode = (struct bpf_insn *)malloc(size, M_BPF, M_WAITOK);
1045 if (copyin((caddr_t)fp->bf_insns, (caddr_t)fcode, size) == 0 &&
1046 bpf_validate(fcode, (int)flen)) {
1047 BPFD_LOCK(d);
1048 if (wfilter)
1049 d->bd_wfilter = fcode;
1050 else
1051 d->bd_rfilter = fcode;
1052 reset_d(d);
1053 BPFD_UNLOCK(d);
1054 if (old != NULL)
1055 free((caddr_t)old, M_BPF);
1056
1057 return (0);
1058 }
1059 free((caddr_t)fcode, M_BPF);
1060 return (EINVAL);
1061 }
1062
1063 /*
1064 * Detach a file from its current interface (if attached at all) and attach
1065 * to the interface indicated by the name stored in ifr.
1066 * Return an errno or 0.
1067 */
1068 static int
1069 bpf_setif(struct bpf_d *d, struct ifreq *ifr)
1070 {
1071 struct bpf_if *bp;
1072 int error;
1073 struct ifnet *theywant;
1074
1075 theywant = ifunit(ifr->ifr_name);
1076 if (theywant == NULL || theywant->if_bpf == NULL)
1077 return (ENXIO);
1078
1079 bp = theywant->if_bpf;
1080 /*
1081 * Allocate the packet buffers if we need to.
1082 * If we're already attached to requested interface,
1083 * just flush the buffer.
1084 */
1085 if (d->bd_sbuf == NULL) {
1086 error = bpf_allocbufs(d);
1087 if (error != 0)
1088 return (error);
1089 }
1090 if (bp != d->bd_bif) {
1091 if (d->bd_bif)
1092 /*
1093 * Detach if attached to something else.
1094 */
1095 bpf_detachd(d);
1096
1097 bpf_attachd(d, bp);
1098 }
1099 BPFD_LOCK(d);
1100 reset_d(d);
1101 BPFD_UNLOCK(d);
1102 return (0);
1103 }
1104
1105 /*
1106 * Support for select() and poll() system calls
1107 *
1108 * Return true iff the specific operation will not block indefinitely.
1109 * Otherwise, return false but make a note that a selwakeup() must be done.
1110 */
1111 static int
1112 bpfpoll(struct cdev *dev, int events, struct thread *td)
1113 {
1114 struct bpf_d *d;
1115 int revents;
1116
1117 d = dev->si_drv1;
1118 if (d->bd_bif == NULL)
1119 return (ENXIO);
1120
1121 /*
1122 * Refresh PID associated with this descriptor.
1123 */
1124 d->bd_pid = td->td_proc->p_pid;
1125 revents = events & (POLLOUT | POLLWRNORM);
1126 BPFD_LOCK(d);
1127 if (events & (POLLIN | POLLRDNORM)) {
1128 if (bpf_ready(d))
1129 revents |= events & (POLLIN | POLLRDNORM);
1130 else {
1131 selrecord(td, &d->bd_sel);
1132 /* Start the read timeout if necessary. */
1133 if (d->bd_rtout > 0 && d->bd_state == BPF_IDLE) {
1134 callout_reset(&d->bd_callout, d->bd_rtout,
1135 bpf_timed_out, d);
1136 d->bd_state = BPF_WAITING;
1137 }
1138 }
1139 }
1140 BPFD_UNLOCK(d);
1141 return (revents);
1142 }
1143
1144 /*
1145 * Support for kevent() system call. Register EVFILT_READ filters and
1146 * reject all others.
1147 */
1148 int
1149 bpfkqfilter(struct cdev *dev, struct knote *kn)
1150 {
1151 struct bpf_d *d = (struct bpf_d *)dev->si_drv1;
1152
1153 if (kn->kn_filter != EVFILT_READ)
1154 return (1);
1155
1156 /*
1157 * Refresh PID associated with this descriptor.
1158 */
1159 d->bd_pid = curthread->td_proc->p_pid;
1160 kn->kn_fop = &bpfread_filtops;
1161 kn->kn_hook = d;
1162 knlist_add(&d->bd_sel.si_note, kn, 0);
1163
1164 return (0);
1165 }
1166
1167 static void
1168 filt_bpfdetach(struct knote *kn)
1169 {
1170 struct bpf_d *d = (struct bpf_d *)kn->kn_hook;
1171
1172 knlist_remove(&d->bd_sel.si_note, kn, 0);
1173 }
1174
1175 static int
1176 filt_bpfread(struct knote *kn, long hint)
1177 {
1178 struct bpf_d *d = (struct bpf_d *)kn->kn_hook;
1179 int ready;
1180
1181 BPFD_LOCK_ASSERT(d);
1182 ready = bpf_ready(d);
1183 if (ready) {
1184 kn->kn_data = d->bd_slen;
1185 if (d->bd_hbuf)
1186 kn->kn_data += d->bd_hlen;
1187 }
1188 else if (d->bd_rtout > 0 && d->bd_state == BPF_IDLE) {
1189 callout_reset(&d->bd_callout, d->bd_rtout,
1190 bpf_timed_out, d);
1191 d->bd_state = BPF_WAITING;
1192 }
1193
1194 return (ready);
1195 }
1196
1197 /*
1198 * Incoming linkage from device drivers. Process the packet pkt, of length
1199 * pktlen, which is stored in a contiguous buffer. The packet is parsed
1200 * by each process' filter, and if accepted, stashed into the corresponding
1201 * buffer.
1202 */
1203 void
1204 bpf_tap(struct bpf_if *bp, u_char *pkt, u_int pktlen)
1205 {
1206 struct bpf_d *d;
1207 u_int slen;
1208 int gottime;
1209 struct timeval tv;
1210
1211 gottime = 0;
1212 BPFIF_LOCK(bp);
1213 LIST_FOREACH(d, &bp->bif_dlist, bd_next) {
1214 BPFD_LOCK(d);
1215 ++d->bd_rcount;
1216 slen = bpf_filter(d->bd_rfilter, pkt, pktlen, pktlen);
1217 if (slen != 0) {
1218 d->bd_fcount++;
1219 if (!gottime) {
1220 microtime(&tv);
1221 gottime = 1;
1222 }
1223 #ifdef MAC
1224 if (mac_check_bpfdesc_receive(d, bp->bif_ifp) == 0)
1225 #endif
1226 catchpacket(d, pkt, pktlen, slen, bcopy, &tv);
1227 }
1228 BPFD_UNLOCK(d);
1229 }
1230 BPFIF_UNLOCK(bp);
1231 }
1232
1233 /*
1234 * Copy data from an mbuf chain into a buffer. This code is derived
1235 * from m_copydata in sys/uipc_mbuf.c.
1236 */
1237 static void
1238 bpf_mcopy(const void *src_arg, void *dst_arg, size_t len)
1239 {
1240 const struct mbuf *m;
1241 u_int count;
1242 u_char *dst;
1243
1244 m = src_arg;
1245 dst = dst_arg;
1246 while (len > 0) {
1247 if (m == NULL)
1248 panic("bpf_mcopy");
1249 count = min(m->m_len, len);
1250 bcopy(mtod(m, void *), dst, count);
1251 m = m->m_next;
1252 dst += count;
1253 len -= count;
1254 }
1255 }
1256
1257 /*
1258 * Incoming linkage from device drivers, when packet is in an mbuf chain.
1259 */
1260 void
1261 bpf_mtap(struct bpf_if *bp, struct mbuf *m)
1262 {
1263 struct bpf_d *d;
1264 u_int pktlen, slen;
1265 int gottime;
1266 struct timeval tv;
1267
1268 gottime = 0;
1269
1270 pktlen = m_length(m, NULL);
1271
1272 BPFIF_LOCK(bp);
1273 LIST_FOREACH(d, &bp->bif_dlist, bd_next) {
1274 if (!d->bd_seesent && (m->m_pkthdr.rcvif == NULL))
1275 continue;
1276 BPFD_LOCK(d);
1277 ++d->bd_rcount;
1278 slen = bpf_filter(d->bd_rfilter, (u_char *)m, pktlen, 0);
1279 if (slen != 0) {
1280 d->bd_fcount++;
1281 if (!gottime) {
1282 microtime(&tv);
1283 gottime = 1;
1284 }
1285 #ifdef MAC
1286 if (mac_check_bpfdesc_receive(d, bp->bif_ifp) == 0)
1287 #endif
1288 catchpacket(d, (u_char *)m, pktlen, slen,
1289 bpf_mcopy, &tv);
1290 }
1291 BPFD_UNLOCK(d);
1292 }
1293 BPFIF_UNLOCK(bp);
1294 }
1295
1296 /*
1297 * Incoming linkage from device drivers, when packet is in
1298 * an mbuf chain and to be prepended by a contiguous header.
1299 */
1300 void
1301 bpf_mtap2(struct bpf_if *bp, void *data, u_int dlen, struct mbuf *m)
1302 {
1303 struct mbuf mb;
1304 struct bpf_d *d;
1305 u_int pktlen, slen;
1306 int gottime;
1307 struct timeval tv;
1308
1309 gottime = 0;
1310
1311 pktlen = m_length(m, NULL);
1312 /*
1313 * Craft on-stack mbuf suitable for passing to bpf_filter.
1314 * Note that we cut corners here; we only setup what's
1315 * absolutely needed--this mbuf should never go anywhere else.
1316 */
1317 mb.m_next = m;
1318 mb.m_data = data;
1319 mb.m_len = dlen;
1320 pktlen += dlen;
1321
1322 BPFIF_LOCK(bp);
1323 LIST_FOREACH(d, &bp->bif_dlist, bd_next) {
1324 if (!d->bd_seesent && (m->m_pkthdr.rcvif == NULL))
1325 continue;
1326 BPFD_LOCK(d);
1327 ++d->bd_rcount;
1328 slen = bpf_filter(d->bd_rfilter, (u_char *)&mb, pktlen, 0);
1329 if (slen != 0) {
1330 d->bd_fcount++;
1331 if (!gottime) {
1332 microtime(&tv);
1333 gottime = 1;
1334 }
1335 #ifdef MAC
1336 if (mac_check_bpfdesc_receive(d, bp->bif_ifp) == 0)
1337 #endif
1338 catchpacket(d, (u_char *)&mb, pktlen, slen,
1339 bpf_mcopy, &tv);
1340 }
1341 BPFD_UNLOCK(d);
1342 }
1343 BPFIF_UNLOCK(bp);
1344 }
1345
1346 /*
1347 * Move the packet data from interface memory (pkt) into the
1348 * store buffer. "cpfn" is the routine called to do the actual data
1349 * transfer. bcopy is passed in to copy contiguous chunks, while
1350 * bpf_mcopy is passed in to copy mbuf chains. In the latter case,
1351 * pkt is really an mbuf.
1352 */
1353 static void
1354 catchpacket(struct bpf_d *d, u_char *pkt, u_int pktlen, u_int snaplen,
1355 void (*cpfn)(const void *, void *, size_t), struct timeval *tv)
1356 {
1357 struct bpf_hdr *hp;
1358 int totlen, curlen;
1359 int hdrlen = d->bd_bif->bif_hdrlen;
1360 int do_wakeup = 0;
1361
1362 BPFD_LOCK_ASSERT(d);
1363 /*
1364 * Figure out how many bytes to move. If the packet is
1365 * greater or equal to the snapshot length, transfer that
1366 * much. Otherwise, transfer the whole packet (unless
1367 * we hit the buffer size limit).
1368 */
1369 totlen = hdrlen + min(snaplen, pktlen);
1370 if (totlen > d->bd_bufsize)
1371 totlen = d->bd_bufsize;
1372
1373 /*
1374 * Round up the end of the previous packet to the next longword.
1375 */
1376 curlen = BPF_WORDALIGN(d->bd_slen);
1377 if (curlen + totlen > d->bd_bufsize) {
1378 /*
1379 * This packet will overflow the storage buffer.
1380 * Rotate the buffers if we can, then wakeup any
1381 * pending reads.
1382 */
1383 if (d->bd_fbuf == NULL) {
1384 /*
1385 * We haven't completed the previous read yet,
1386 * so drop the packet.
1387 */
1388 ++d->bd_dcount;
1389 return;
1390 }
1391 ROTATE_BUFFERS(d);
1392 do_wakeup = 1;
1393 curlen = 0;
1394 }
1395 else if (d->bd_immediate || d->bd_state == BPF_TIMED_OUT)
1396 /*
1397 * Immediate mode is set, or the read timeout has
1398 * already expired during a select call. A packet
1399 * arrived, so the reader should be woken up.
1400 */
1401 do_wakeup = 1;
1402
1403 /*
1404 * Append the bpf header.
1405 */
1406 hp = (struct bpf_hdr *)(d->bd_sbuf + curlen);
1407 hp->bh_tstamp = *tv;
1408 hp->bh_datalen = pktlen;
1409 hp->bh_hdrlen = hdrlen;
1410 /*
1411 * Copy the packet data into the store buffer and update its length.
1412 */
1413 (*cpfn)(pkt, (u_char *)hp + hdrlen, (hp->bh_caplen = totlen - hdrlen));
1414 d->bd_slen = curlen + totlen;
1415
1416 if (do_wakeup)
1417 bpf_wakeup(d);
1418 }
1419
1420 /*
1421 * Initialize all nonzero fields of a descriptor.
1422 */
1423 static int
1424 bpf_allocbufs(struct bpf_d *d)
1425 {
1426 d->bd_fbuf = (caddr_t)malloc(d->bd_bufsize, M_BPF, M_WAITOK);
1427 if (d->bd_fbuf == NULL)
1428 return (ENOBUFS);
1429
1430 d->bd_sbuf = (caddr_t)malloc(d->bd_bufsize, M_BPF, M_WAITOK);
1431 if (d->bd_sbuf == NULL) {
1432 free(d->bd_fbuf, M_BPF);
1433 return (ENOBUFS);
1434 }
1435 d->bd_slen = 0;
1436 d->bd_hlen = 0;
1437 return (0);
1438 }
1439
1440 /*
1441 * Free buffers currently in use by a descriptor.
1442 * Called on close.
1443 */
1444 static void
1445 bpf_freed(struct bpf_d *d)
1446 {
1447 /*
1448 * We don't need to lock out interrupts since this descriptor has
1449 * been detached from its interface and it yet hasn't been marked
1450 * free.
1451 */
1452 if (d->bd_sbuf != NULL) {
1453 free(d->bd_sbuf, M_BPF);
1454 if (d->bd_hbuf != NULL)
1455 free(d->bd_hbuf, M_BPF);
1456 if (d->bd_fbuf != NULL)
1457 free(d->bd_fbuf, M_BPF);
1458 }
1459 if (d->bd_rfilter)
1460 free((caddr_t)d->bd_rfilter, M_BPF);
1461 if (d->bd_wfilter)
1462 free((caddr_t)d->bd_wfilter, M_BPF);
1463 mtx_destroy(&d->bd_mtx);
1464 }
1465
1466 /*
1467 * Attach an interface to bpf. dlt is the link layer type; hdrlen is the
1468 * fixed size of the link header (variable length headers not yet supported).
1469 */
1470 void
1471 bpfattach(struct ifnet *ifp, u_int dlt, u_int hdrlen)
1472 {
1473
1474 bpfattach2(ifp, dlt, hdrlen, &ifp->if_bpf);
1475 }
1476
1477 /*
1478 * Attach an interface to bpf. ifp is a pointer to the structure
1479 * defining the interface to be attached, dlt is the link layer type,
1480 * and hdrlen is the fixed size of the link header (variable length
1481 * headers are not yet supporrted).
1482 */
1483 void
1484 bpfattach2(struct ifnet *ifp, u_int dlt, u_int hdrlen, struct bpf_if **driverp)
1485 {
1486 struct bpf_if *bp;
1487
1488 bp = malloc(sizeof(*bp), M_BPF, M_NOWAIT | M_ZERO);
1489 if (bp == NULL)
1490 panic("bpfattach");
1491
1492 LIST_INIT(&bp->bif_dlist);
1493 bp->bif_ifp = ifp;
1494 bp->bif_dlt = dlt;
1495 mtx_init(&bp->bif_mtx, "bpf interface lock", NULL, MTX_DEF);
1496 KASSERT(*driverp == NULL, ("bpfattach2: driverp already initialized"));
1497 *driverp = bp;
1498
1499 mtx_lock(&bpf_mtx);
1500 LIST_INSERT_HEAD(&bpf_iflist, bp, bif_next);
1501 mtx_unlock(&bpf_mtx);
1502
1503 /*
1504 * Compute the length of the bpf header. This is not necessarily
1505 * equal to SIZEOF_BPF_HDR because we want to insert spacing such
1506 * that the network layer header begins on a longword boundary (for
1507 * performance reasons and to alleviate alignment restrictions).
1508 */
1509 bp->bif_hdrlen = BPF_WORDALIGN(hdrlen + SIZEOF_BPF_HDR) - hdrlen;
1510
1511 if (bootverbose)
1512 if_printf(ifp, "bpf attached\n");
1513 }
1514
1515 /*
1516 * Detach bpf from an interface. This involves detaching each descriptor
1517 * associated with the interface, and leaving bd_bif NULL. Notify each
1518 * descriptor as it's detached so that any sleepers wake up and get
1519 * ENXIO.
1520 */
1521 void
1522 bpfdetach(struct ifnet *ifp)
1523 {
1524 struct bpf_if *bp;
1525 struct bpf_d *d;
1526
1527 /* Locate BPF interface information */
1528 mtx_lock(&bpf_mtx);
1529 LIST_FOREACH(bp, &bpf_iflist, bif_next) {
1530 if (ifp == bp->bif_ifp)
1531 break;
1532 }
1533
1534 /* Interface wasn't attached */
1535 if ((bp == NULL) || (bp->bif_ifp == NULL)) {
1536 mtx_unlock(&bpf_mtx);
1537 printf("bpfdetach: %s was not attached\n", ifp->if_xname);
1538 return;
1539 }
1540
1541 LIST_REMOVE(bp, bif_next);
1542 mtx_unlock(&bpf_mtx);
1543
1544 while ((d = LIST_FIRST(&bp->bif_dlist)) != NULL) {
1545 bpf_detachd(d);
1546 BPFD_LOCK(d);
1547 bpf_wakeup(d);
1548 BPFD_UNLOCK(d);
1549 }
1550
1551 mtx_destroy(&bp->bif_mtx);
1552 free(bp, M_BPF);
1553 }
1554
1555 /*
1556 * Get a list of available data link type of the interface.
1557 */
1558 static int
1559 bpf_getdltlist(struct bpf_d *d, struct bpf_dltlist *bfl)
1560 {
1561 int n, error;
1562 struct ifnet *ifp;
1563 struct bpf_if *bp;
1564
1565 ifp = d->bd_bif->bif_ifp;
1566 n = 0;
1567 error = 0;
1568 mtx_lock(&bpf_mtx);
1569 LIST_FOREACH(bp, &bpf_iflist, bif_next) {
1570 if (bp->bif_ifp != ifp)
1571 continue;
1572 if (bfl->bfl_list != NULL) {
1573 if (n >= bfl->bfl_len) {
1574 mtx_unlock(&bpf_mtx);
1575 return (ENOMEM);
1576 }
1577 error = copyout(&bp->bif_dlt,
1578 bfl->bfl_list + n, sizeof(u_int));
1579 }
1580 n++;
1581 }
1582 mtx_unlock(&bpf_mtx);
1583 bfl->bfl_len = n;
1584 return (error);
1585 }
1586
1587 /*
1588 * Set the data link type of a BPF instance.
1589 */
1590 static int
1591 bpf_setdlt(struct bpf_d *d, u_int dlt)
1592 {
1593 int error, opromisc;
1594 struct ifnet *ifp;
1595 struct bpf_if *bp;
1596
1597 if (d->bd_bif->bif_dlt == dlt)
1598 return (0);
1599 ifp = d->bd_bif->bif_ifp;
1600 mtx_lock(&bpf_mtx);
1601 LIST_FOREACH(bp, &bpf_iflist, bif_next) {
1602 if (bp->bif_ifp == ifp && bp->bif_dlt == dlt)
1603 break;
1604 }
1605 mtx_unlock(&bpf_mtx);
1606 if (bp != NULL) {
1607 opromisc = d->bd_promisc;
1608 bpf_detachd(d);
1609 bpf_attachd(d, bp);
1610 BPFD_LOCK(d);
1611 reset_d(d);
1612 BPFD_UNLOCK(d);
1613 if (opromisc) {
1614 error = ifpromisc(bp->bif_ifp, 1);
1615 if (error)
1616 if_printf(bp->bif_ifp,
1617 "bpf_setdlt: ifpromisc failed (%d)\n",
1618 error);
1619 else
1620 d->bd_promisc = 1;
1621 }
1622 }
1623 return (bp == NULL ? EINVAL : 0);
1624 }
1625
1626 static void
1627 bpf_clone(void *arg, struct ucred *cred, char *name, int namelen,
1628 struct cdev **dev)
1629 {
1630 int u;
1631
1632 if (*dev != NULL)
1633 return;
1634 if (dev_stdclone(name, NULL, "bpf", &u) != 1)
1635 return;
1636 *dev = make_dev(&bpf_cdevsw, unit2minor(u), UID_ROOT, GID_WHEEL, 0600,
1637 "bpf%d", u);
1638 dev_ref(*dev);
1639 (*dev)->si_flags |= SI_CHEAPCLONE;
1640 return;
1641 }
1642
1643 static void
1644 bpf_drvinit(void *unused)
1645 {
1646
1647 mtx_init(&bpf_mtx, "bpf global lock", NULL, MTX_DEF);
1648 LIST_INIT(&bpf_iflist);
1649 EVENTHANDLER_REGISTER(dev_clone, bpf_clone, 0, 1000);
1650 }
1651
1652 static void
1653 bpfstats_fill_xbpf(struct xbpf_d *d, struct bpf_d *bd)
1654 {
1655
1656 bzero(d, sizeof(*d));
1657 BPFD_LOCK_ASSERT(bd);
1658 d->bd_immediate = bd->bd_immediate;
1659 d->bd_promisc = bd->bd_promisc;
1660 d->bd_hdrcmplt = bd->bd_hdrcmplt;
1661 d->bd_seesent = bd->bd_seesent;
1662 d->bd_async = bd->bd_async;
1663 d->bd_rcount = bd->bd_rcount;
1664 d->bd_dcount = bd->bd_dcount;
1665 d->bd_fcount = bd->bd_fcount;
1666 d->bd_sig = bd->bd_sig;
1667 d->bd_slen = bd->bd_slen;
1668 d->bd_hlen = bd->bd_hlen;
1669 d->bd_bufsize = bd->bd_bufsize;
1670 d->bd_pid = bd->bd_pid;
1671 strlcpy(d->bd_ifname,
1672 bd->bd_bif->bif_ifp->if_xname, IFNAMSIZ);
1673 strlcpy(d->bd_pcomm, bd->bd_pcomm, MAXCOMLEN);
1674 d->bd_locked = bd->bd_locked;
1675 }
1676
1677 static int
1678 bpf_stats_sysctl(SYSCTL_HANDLER_ARGS)
1679 {
1680 struct xbpf_d *xbdbuf, *xbd;
1681 int index, error;
1682 struct bpf_if *bp;
1683 struct bpf_d *bd;
1684
1685 /*
1686 * XXX This is not technically correct. It is possible for non
1687 * privileged users to open bpf devices. It would make sense
1688 * if the users who opened the devices were able to retrieve
1689 * the statistics for them, too.
1690 */
1691 error = suser(req->td);
1692 if (error)
1693 return (error);
1694 if (req->oldptr == NULL)
1695 return (SYSCTL_OUT(req, 0, bpf_bpfd_cnt * sizeof(*xbd)));
1696 if (bpf_bpfd_cnt == 0)
1697 return (SYSCTL_OUT(req, 0, 0));
1698 xbdbuf = malloc(req->oldlen, M_BPF, M_WAITOK);
1699 mtx_lock(&bpf_mtx);
1700 if (req->oldlen < (bpf_bpfd_cnt * sizeof(*xbd))) {
1701 mtx_unlock(&bpf_mtx);
1702 free(xbdbuf, M_BPF);
1703 return (ENOMEM);
1704 }
1705 index = 0;
1706 LIST_FOREACH(bp, &bpf_iflist, bif_next) {
1707 BPFIF_LOCK(bp);
1708 LIST_FOREACH(bd, &bp->bif_dlist, bd_next) {
1709 xbd = &xbdbuf[index++];
1710 BPFD_LOCK(bd);
1711 bpfstats_fill_xbpf(xbd, bd);
1712 BPFD_UNLOCK(bd);
1713 }
1714 BPFIF_UNLOCK(bp);
1715 }
1716 mtx_unlock(&bpf_mtx);
1717 error = SYSCTL_OUT(req, xbdbuf, index * sizeof(*xbd));
1718 free(xbdbuf, M_BPF);
1719 return (error);
1720 }
1721
1722 SYSINIT(bpfdev,SI_SUB_DRIVERS,SI_ORDER_MIDDLE,bpf_drvinit,NULL)
1723
1724 #else /* !DEV_BPF && !NETGRAPH_BPF */
1725 /*
1726 * NOP stubs to allow bpf-using drivers to load and function.
1727 *
1728 * A 'better' implementation would allow the core bpf functionality
1729 * to be loaded at runtime.
1730 */
1731 static struct bpf_if bp_null;
1732
1733 void
1734 bpf_tap(struct bpf_if *bp, u_char *pkt, u_int pktlen)
1735 {
1736 }
1737
1738 void
1739 bpf_mtap(struct bpf_if *bp, struct mbuf *m)
1740 {
1741 }
1742
1743 void
1744 bpf_mtap2(struct bpf_if *bp, void *d, u_int l, struct mbuf *m)
1745 {
1746 }
1747
1748 void
1749 bpfattach(struct ifnet *ifp, u_int dlt, u_int hdrlen)
1750 {
1751
1752 bpfattach2(ifp, dlt, hdrlen, &ifp->if_bpf);
1753 }
1754
1755 void
1756 bpfattach2(struct ifnet *ifp, u_int dlt, u_int hdrlen, struct bpf_if **driverp)
1757 {
1758
1759 *driverp = &bp_null;
1760 }
1761
1762 void
1763 bpfdetach(struct ifnet *ifp)
1764 {
1765 }
1766
1767 u_int
1768 bpf_filter(const struct bpf_insn *pc, u_char *p, u_int wirelen, u_int buflen)
1769 {
1770 return -1; /* "no filter" behaviour */
1771 }
1772
1773 int
1774 bpf_validate(const struct bpf_insn *f, int len)
1775 {
1776 return 0; /* false */
1777 }
1778
1779 #endif /* !DEV_BPF && !NETGRAPH_BPF */
1780
1781 /*
1782 * ABI compatibility hacks. Older drivers check if_bpf against NULL
1783 * to see if there are active listeners. In the new ABI, if_bpf is
1784 * always non-NULL, so bpf_*tap() are always invoked. We check for
1785 * listeners in these wrappers and call the real functions if needed.
1786 */
1787 #undef bpf_tap
1788 #undef bpf_mtap
1789 #undef bpf_mtap2
1790
1791 void bpf_tap(struct bpf_if *, u_char *, u_int);
1792 void bpf_mtap(struct bpf_if *, struct mbuf *);
1793 void bpf_mtap2(struct bpf_if *, void *, u_int, struct mbuf *);
1794
1795 void
1796 bpf_tap(bp, pkt, pktlen)
1797 struct bpf_if *bp;
1798 u_char *pkt;
1799 u_int pktlen;
1800 {
1801
1802 if (bpf_peers_present(bp))
1803 bpf_tap_new(bp, pkt, pktlen);
1804 }
1805
1806 void
1807 bpf_mtap(bp, m)
1808 struct bpf_if *bp;
1809 struct mbuf *m;
1810 {
1811
1812 if (bpf_peers_present(bp))
1813 bpf_mtap_new(bp, m);
1814 }
1815
1816 void
1817 bpf_mtap2(bp, d, l, m)
1818 struct bpf_if *bp;
1819 void *d;
1820 u_int l;
1821 struct mbuf *m;
1822 {
1823
1824 if (bpf_peers_present(bp))
1825 bpf_mtap2_new(bp, d, l, m);
1826 }
Cache object: fd8b330d784d2e16a4a3d243d1c5c582
|