Now available: The Design and Implementation of the FreeBSD Operating System (Second Edition)
[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]
FreeBSD/Linux Kernel Cross Reference
sys/net/if_tuntap.c
Version:
- FREEBSD - FREEBSD-13-STABLE - FREEBSD-13-0 - FREEBSD-12-STABLE - FREEBSD-12-0 - FREEBSD-11-STABLE - FREEBSD-11-0 - FREEBSD-10-STABLE - FREEBSD-10-0 - FREEBSD-9-STABLE - FREEBSD-9-0 - FREEBSD-8-STABLE - FREEBSD-8-0 - FREEBSD-7-STABLE - FREEBSD-7-0 - FREEBSD-6-STABLE - FREEBSD-6-0 - FREEBSD-5-STABLE - FREEBSD-5-0 - FREEBSD-4-STABLE - FREEBSD-3-STABLE - FREEBSD22 - l41 - OPENBSD - linux-2.6 - MK84 - PLAN9 - xnu-8792
SearchContext: - none - 3 - 10
SearchContext: - none - 3 - 10
1 /* $NetBSD: if_tun.c,v 1.14 1994/06/29 06:36:25 cgd Exp $ */ 2 /*- 3 * SPDX-License-Identifier: BSD-2-Clause-FreeBSD 4 * 5 * Copyright (C) 1999-2000 by Maksim Yevmenkin <m_evmenkin@yahoo.com> 6 * All rights reserved. 7 * Copyright (c) 2019 Kyle Evans <kevans@FreeBSD.org> 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 * SUCH DAMAGE. 30 * 31 * BASED ON: 32 * ------------------------------------------------------------------------- 33 * 34 * Copyright (c) 1988, Julian Onions <jpo@cs.nott.ac.uk> 35 * Nottingham University 1987. 36 * 37 * This source may be freely distributed, however I would be interested 38 * in any changes that are made. 39 * 40 * This driver takes packets off the IP i/f and hands them up to a 41 * user process to have its wicked way with. This driver has it's 42 * roots in a similar driver written by Phil Cockcroft (formerly) at 43 * UCL. This driver is based much more on read/write/poll mode of 44 * operation though. 45 * 46 * $FreeBSD$ 47 */ 48 49 #include "opt_inet.h" 50 #include "opt_inet6.h" 51 52 #include <sys/param.h> 53 #include <sys/lock.h> 54 #include <sys/priv.h> 55 #include <sys/proc.h> 56 #include <sys/systm.h> 57 #include <sys/jail.h> 58 #include <sys/mbuf.h> 59 #include <sys/module.h> 60 #include <sys/socket.h> 61 #include <sys/fcntl.h> 62 #include <sys/filio.h> 63 #include <sys/sockio.h> 64 #include <sys/sx.h> 65 #include <sys/syslog.h> 66 #include <sys/ttycom.h> 67 #include <sys/poll.h> 68 #include <sys/selinfo.h> 69 #include <sys/signalvar.h> 70 #include <sys/filedesc.h> 71 #include <sys/kernel.h> 72 #include <sys/sysctl.h> 73 #include <sys/conf.h> 74 #include <sys/uio.h> 75 #include <sys/malloc.h> 76 #include <sys/random.h> 77 #include <sys/ctype.h> 78 79 #include <net/ethernet.h> 80 #include <net/if.h> 81 #include <net/if_var.h> 82 #include <net/if_clone.h> 83 #include <net/if_dl.h> 84 #include <net/if_media.h> 85 #include <net/if_types.h> 86 #include <net/netisr.h> 87 #include <net/route.h> 88 #include <net/vnet.h> 89 #ifdef INET 90 #include <netinet/in.h> 91 #endif 92 #include <net/bpf.h> 93 #include <net/if_tap.h> 94 #include <net/if_tun.h> 95 96 #include <sys/queue.h> 97 #include <sys/condvar.h> 98 #include <security/mac/mac_framework.h> 99 100 struct tuntap_driver; 101 102 /* 103 * tun_list is protected by global tunmtx. Other mutable fields are 104 * protected by tun->tun_mtx, or by their owning subsystem. tun_dev is 105 * static for the duration of a tunnel interface. 106 */ 107 struct tuntap_softc { 108 TAILQ_ENTRY(tuntap_softc) tun_list; 109 struct cdev *tun_alias; 110 struct cdev *tun_dev; 111 u_short tun_flags; /* misc flags */ 112 #define TUN_OPEN 0x0001 113 #define TUN_INITED 0x0002 114 #define TUN_UNUSED1 0x0008 115 #define TUN_DSTADDR 0x0010 116 #define TUN_LMODE 0x0020 117 #define TUN_RWAIT 0x0040 118 #define TUN_ASYNC 0x0080 119 #define TUN_IFHEAD 0x0100 120 #define TUN_DYING 0x0200 121 #define TUN_L2 0x0400 122 #define TUN_VMNET 0x0800 123 124 #define TUN_DRIVER_IDENT_MASK (TUN_L2 | TUN_VMNET) 125 #define TUN_READY (TUN_OPEN | TUN_INITED) 126 127 pid_t tun_pid; /* owning pid */ 128 struct ifnet *tun_ifp; /* the interface */ 129 struct sigio *tun_sigio; /* async I/O info */ 130 struct tuntap_driver *tun_drv; /* appropriate driver */ 131 struct selinfo tun_rsel; /* read select */ 132 struct mtx tun_mtx; /* softc field mutex */ 133 struct cv tun_cv; /* for ref'd dev destroy */ 134 struct ether_addr tun_ether; /* remote address */ 135 int tun_busy; /* busy count */ 136 }; 137 #define TUN2IFP(sc) ((sc)->tun_ifp) 138 139 #define TUNDEBUG if (tundebug) if_printf 140 141 #define TUN_LOCK(tp) mtx_lock(&(tp)->tun_mtx) 142 #define TUN_UNLOCK(tp) mtx_unlock(&(tp)->tun_mtx) 143 #define TUN_LOCK_ASSERT(tp) mtx_assert(&(tp)->tun_mtx, MA_OWNED); 144 145 #define TUN_VMIO_FLAG_MASK 0x0fff 146 147 /* 148 * All mutable global variables in if_tun are locked using tunmtx, with 149 * the exception of tundebug, which is used unlocked, and the drivers' *clones, 150 * which are static after setup. 151 */ 152 static struct mtx tunmtx; 153 static eventhandler_tag arrival_tag; 154 static eventhandler_tag clone_tag; 155 static const char tunname[] = "tun"; 156 static const char tapname[] = "tap"; 157 static const char vmnetname[] = "vmnet"; 158 static MALLOC_DEFINE(M_TUN, tunname, "Tunnel Interface"); 159 static int tundebug = 0; 160 static int tundclone = 1; 161 static int tap_allow_uopen = 0; /* allow user open() */ 162 static int tapuponopen = 0; /* IFF_UP on open() */ 163 static int tapdclone = 1; /* enable devfs cloning */ 164 165 static TAILQ_HEAD(,tuntap_softc) tunhead = TAILQ_HEAD_INITIALIZER(tunhead); 166 SYSCTL_INT(_debug, OID_AUTO, if_tun_debug, CTLFLAG_RW, &tundebug, 0, ""); 167 168 static struct sx tun_ioctl_sx; 169 SX_SYSINIT(tun_ioctl_sx, &tun_ioctl_sx, "tun_ioctl"); 170 171 SYSCTL_DECL(_net_link); 172 /* tun */ 173 static SYSCTL_NODE(_net_link, OID_AUTO, tun, CTLFLAG_RW, 0, 174 "IP tunnel software network interface"); 175 SYSCTL_INT(_net_link_tun, OID_AUTO, devfs_cloning, CTLFLAG_RWTUN, &tundclone, 0, 176 "Enable legacy devfs interface creation"); 177 178 /* tap */ 179 static SYSCTL_NODE(_net_link, OID_AUTO, tap, CTLFLAG_RW, 0, 180 "Ethernet tunnel software network interface"); 181 SYSCTL_INT(_net_link_tap, OID_AUTO, user_open, CTLFLAG_RW, &tap_allow_uopen, 0, 182 "Allow user to open /dev/tap (based on node permissions)"); 183 SYSCTL_INT(_net_link_tap, OID_AUTO, up_on_open, CTLFLAG_RW, &tapuponopen, 0, 184 "Bring interface up when /dev/tap is opened"); 185 SYSCTL_INT(_net_link_tap, OID_AUTO, devfs_cloning, CTLFLAG_RWTUN, &tapdclone, 0, 186 "Enable legacy devfs interface creation"); 187 SYSCTL_INT(_net_link_tap, OID_AUTO, debug, CTLFLAG_RW, &tundebug, 0, ""); 188 189 static int tun_create_device(struct tuntap_driver *drv, int unit, 190 struct ucred *cr, struct cdev **dev, const char *name); 191 static int tun_busy_locked(struct tuntap_softc *tp); 192 static void tun_unbusy_locked(struct tuntap_softc *tp); 193 static int tun_busy(struct tuntap_softc *tp); 194 static void tun_unbusy(struct tuntap_softc *tp); 195 196 static int tuntap_name2info(const char *name, int *unit, int *flags); 197 static void tunclone(void *arg, struct ucred *cred, char *name, 198 int namelen, struct cdev **dev); 199 static void tuncreate(struct cdev *dev); 200 static void tundtor(void *data); 201 static void tunrename(void *arg, struct ifnet *ifp); 202 static int tunifioctl(struct ifnet *, u_long, caddr_t); 203 static void tuninit(struct ifnet *); 204 static void tunifinit(void *xtp); 205 static int tuntapmodevent(module_t, int, void *); 206 static int tunoutput(struct ifnet *, struct mbuf *, 207 const struct sockaddr *, struct route *ro); 208 static void tunstart(struct ifnet *); 209 static void tunstart_l2(struct ifnet *); 210 211 static int tun_clone_match(struct if_clone *ifc, const char *name); 212 static int tap_clone_match(struct if_clone *ifc, const char *name); 213 static int vmnet_clone_match(struct if_clone *ifc, const char *name); 214 static int tun_clone_create(struct if_clone *, char *, size_t, caddr_t); 215 static int tun_clone_destroy(struct if_clone *, struct ifnet *); 216 217 static d_open_t tunopen; 218 static d_read_t tunread; 219 static d_write_t tunwrite; 220 static d_ioctl_t tunioctl; 221 static d_poll_t tunpoll; 222 static d_kqfilter_t tunkqfilter; 223 224 static int tunkqread(struct knote *, long); 225 static int tunkqwrite(struct knote *, long); 226 static void tunkqdetach(struct knote *); 227 228 static struct filterops tun_read_filterops = { 229 .f_isfd = 1, 230 .f_attach = NULL, 231 .f_detach = tunkqdetach, 232 .f_event = tunkqread, 233 }; 234 235 static struct filterops tun_write_filterops = { 236 .f_isfd = 1, 237 .f_attach = NULL, 238 .f_detach = tunkqdetach, 239 .f_event = tunkqwrite, 240 }; 241 242 static struct tuntap_driver { 243 struct cdevsw cdevsw; 244 int ident_flags; 245 struct unrhdr *unrhdr; 246 struct clonedevs *clones; 247 ifc_match_t *clone_match_fn; 248 ifc_create_t *clone_create_fn; 249 ifc_destroy_t *clone_destroy_fn; 250 } tuntap_drivers[] = { 251 { 252 .ident_flags = 0, 253 .cdevsw = { 254 .d_version = D_VERSION, 255 .d_flags = D_NEEDMINOR, 256 .d_open = tunopen, 257 .d_read = tunread, 258 .d_write = tunwrite, 259 .d_ioctl = tunioctl, 260 .d_poll = tunpoll, 261 .d_kqfilter = tunkqfilter, 262 .d_name = tunname, 263 }, 264 .clone_match_fn = tun_clone_match, 265 .clone_create_fn = tun_clone_create, 266 .clone_destroy_fn = tun_clone_destroy, 267 }, 268 { 269 .ident_flags = TUN_L2, 270 .cdevsw = { 271 .d_version = D_VERSION, 272 .d_flags = D_NEEDMINOR, 273 .d_open = tunopen, 274 .d_read = tunread, 275 .d_write = tunwrite, 276 .d_ioctl = tunioctl, 277 .d_poll = tunpoll, 278 .d_kqfilter = tunkqfilter, 279 .d_name = tapname, 280 }, 281 .clone_match_fn = tap_clone_match, 282 .clone_create_fn = tun_clone_create, 283 .clone_destroy_fn = tun_clone_destroy, 284 }, 285 { 286 .ident_flags = TUN_L2 | TUN_VMNET, 287 .cdevsw = { 288 .d_version = D_VERSION, 289 .d_flags = D_NEEDMINOR, 290 .d_open = tunopen, 291 .d_read = tunread, 292 .d_write = tunwrite, 293 .d_ioctl = tunioctl, 294 .d_poll = tunpoll, 295 .d_kqfilter = tunkqfilter, 296 .d_name = vmnetname, 297 }, 298 .clone_match_fn = vmnet_clone_match, 299 .clone_create_fn = tun_clone_create, 300 .clone_destroy_fn = tun_clone_destroy, 301 }, 302 }; 303 304 struct tuntap_driver_cloner { 305 SLIST_ENTRY(tuntap_driver_cloner) link; 306 struct tuntap_driver *drv; 307 struct if_clone *cloner; 308 }; 309 310 VNET_DEFINE_STATIC(SLIST_HEAD(, tuntap_driver_cloner), tuntap_driver_cloners) = 311 SLIST_HEAD_INITIALIZER(tuntap_driver_cloners); 312 313 #define V_tuntap_driver_cloners VNET(tuntap_driver_cloners) 314 315 /* 316 * Mechanism for marking a tunnel device as busy so that we can safely do some 317 * orthogonal operations (such as operations on devices) without racing against 318 * tun_destroy. tun_destroy will wait on the condvar if we're at all busy or 319 * open, to be woken up when the condition is alleviated. 320 */ 321 static int 322 tun_busy_locked(struct tuntap_softc *tp) 323 { 324 325 TUN_LOCK_ASSERT(tp); 326 if ((tp->tun_flags & TUN_DYING) != 0) { 327 /* 328 * Perhaps unintuitive, but the device is busy going away. 329 * Other interpretations of EBUSY from tun_busy make little 330 * sense, since making a busy device even more busy doesn't 331 * sound like a problem. 332 */ 333 return (EBUSY); 334 } 335 336 ++tp->tun_busy; 337 return (0); 338 } 339 340 static void 341 tun_unbusy_locked(struct tuntap_softc *tp) 342 { 343 344 TUN_LOCK_ASSERT(tp); 345 KASSERT(tp->tun_busy != 0, ("tun_unbusy: called for non-busy tunnel")); 346 347 --tp->tun_busy; 348 /* Wake up anything that may be waiting on our busy tunnel. */ 349 if (tp->tun_busy == 0) 350 cv_broadcast(&tp->tun_cv); 351 } 352 353 static int 354 tun_busy(struct tuntap_softc *tp) 355 { 356 int ret; 357 358 TUN_LOCK(tp); 359 ret = tun_busy_locked(tp); 360 TUN_UNLOCK(tp); 361 return (ret); 362 } 363 364 365 static void 366 tun_unbusy(struct tuntap_softc *tp) 367 { 368 369 TUN_LOCK(tp); 370 tun_unbusy_locked(tp); 371 TUN_UNLOCK(tp); 372 } 373 374 /* 375 * Sets unit and/or flags given the device name. Must be called with correct 376 * vnet context. 377 */ 378 static int 379 tuntap_name2info(const char *name, int *outunit, int *outflags) 380 { 381 struct tuntap_driver *drv; 382 struct tuntap_driver_cloner *drvc; 383 char *dname; 384 int flags, unit; 385 bool found; 386 387 if (name == NULL) 388 return (EINVAL); 389 390 /* 391 * Needed for dev_stdclone, but dev_stdclone will not modify, it just 392 * wants to be able to pass back a char * through the second param. We 393 * will always set that as NULL here, so we'll fake it. 394 */ 395 dname = __DECONST(char *, name); 396 found = false; 397 398 KASSERT(!SLIST_EMPTY(&V_tuntap_driver_cloners), 399 ("tuntap_driver_cloners failed to initialize")); 400 SLIST_FOREACH(drvc, &V_tuntap_driver_cloners, link) { 401 KASSERT(drvc->drv != NULL, 402 ("tuntap_driver_cloners entry not properly initialized")); 403 drv = drvc->drv; 404 405 if (strcmp(name, drv->cdevsw.d_name) == 0) { 406 found = true; 407 unit = -1; 408 flags = drv->ident_flags; 409 break; 410 } 411 412 if (dev_stdclone(dname, NULL, drv->cdevsw.d_name, &unit) == 1) { 413 found = true; 414 flags = drv->ident_flags; 415 break; 416 } 417 } 418 419 if (!found) 420 return (ENXIO); 421 422 if (outunit != NULL) 423 *outunit = unit; 424 if (outflags != NULL) 425 *outflags = flags; 426 return (0); 427 } 428 429 /* 430 * Get driver information from a set of flags specified. Masks the identifying 431 * part of the flags and compares it against all of the available 432 * tuntap_drivers. Must be called with correct vnet context. 433 */ 434 static struct tuntap_driver * 435 tuntap_driver_from_flags(int tun_flags) 436 { 437 struct tuntap_driver *drv; 438 struct tuntap_driver_cloner *drvc; 439 440 KASSERT(!SLIST_EMPTY(&V_tuntap_driver_cloners), 441 ("tuntap_driver_cloners failed to initialize")); 442 SLIST_FOREACH(drvc, &V_tuntap_driver_cloners, link) { 443 KASSERT(drvc->drv != NULL, 444 ("tuntap_driver_cloners entry not properly initialized")); 445 drv = drvc->drv; 446 if ((tun_flags & TUN_DRIVER_IDENT_MASK) == drv->ident_flags) 447 return (drv); 448 } 449 450 return (NULL); 451 } 452 453 454 455 static int 456 tun_clone_match(struct if_clone *ifc, const char *name) 457 { 458 int tunflags; 459 460 if (tuntap_name2info(name, NULL, &tunflags) == 0) { 461 if ((tunflags & TUN_L2) == 0) 462 return (1); 463 } 464 465 return (0); 466 } 467 468 static int 469 tap_clone_match(struct if_clone *ifc, const char *name) 470 { 471 int tunflags; 472 473 if (tuntap_name2info(name, NULL, &tunflags) == 0) { 474 if ((tunflags & (TUN_L2 | TUN_VMNET)) == TUN_L2) 475 return (1); 476 } 477 478 return (0); 479 } 480 481 static int 482 vmnet_clone_match(struct if_clone *ifc, const char *name) 483 { 484 int tunflags; 485 486 if (tuntap_name2info(name, NULL, &tunflags) == 0) { 487 if ((tunflags & TUN_VMNET) != 0) 488 return (1); 489 } 490 491 return (0); 492 } 493 494 static int 495 tun_clone_create(struct if_clone *ifc, char *name, size_t len, caddr_t params) 496 { 497 struct tuntap_driver *drv; 498 struct cdev *dev; 499 int err, i, tunflags, unit; 500 501 tunflags = 0; 502 /* The name here tells us exactly what we're creating */ 503 err = tuntap_name2info(name, &unit, &tunflags); 504 if (err != 0) 505 return (err); 506 507 drv = tuntap_driver_from_flags(tunflags); 508 if (drv == NULL) 509 return (ENXIO); 510 511 if (unit != -1) { 512 /* If this unit number is still available that's okay. */ 513 if (alloc_unr_specific(drv->unrhdr, unit) == -1) 514 return (EEXIST); 515 } else { 516 unit = alloc_unr(drv->unrhdr); 517 } 518 519 snprintf(name, IFNAMSIZ, "%s%d", drv->cdevsw.d_name, unit); 520 521 /* find any existing device, or allocate new unit number */ 522 dev = NULL; 523 i = clone_create(&drv->clones, &drv->cdevsw, &unit, &dev, 0); 524 /* No preexisting struct cdev *, create one */ 525 if (i != 0) 526 i = tun_create_device(drv, unit, NULL, &dev, name); 527 if (i == 0) 528 tuncreate(dev); 529 530 return (i); 531 } 532 533 static void 534 tunclone(void *arg, struct ucred *cred, char *name, int namelen, 535 struct cdev **dev) 536 { 537 char devname[SPECNAMELEN + 1]; 538 struct tuntap_driver *drv; 539 int append_unit, i, u, tunflags; 540 bool mayclone; 541 542 if (*dev != NULL) 543 return; 544 545 tunflags = 0; 546 CURVNET_SET(CRED_TO_VNET(cred)); 547 if (tuntap_name2info(name, &u, &tunflags) != 0) 548 goto out; /* Not recognized */ 549 550 if (u != -1 && u > IF_MAXUNIT) 551 goto out; /* Unit number too high */ 552 553 mayclone = priv_check_cred(cred, PRIV_NET_IFCREATE, 0) == 0; 554 if ((tunflags & TUN_L2) != 0) { 555 /* tap/vmnet allow user open with a sysctl */ 556 mayclone = (mayclone || tap_allow_uopen) && tapdclone; 557 } else { 558 mayclone = mayclone && tundclone; 559 } 560 561 /* 562 * If tun cloning is enabled, only the superuser can create an 563 * interface. 564 */ 565 if (!mayclone) 566 goto out; 567 568 if (u == -1) 569 append_unit = 1; 570 else 571 append_unit = 0; 572 573 drv = tuntap_driver_from_flags(tunflags); 574 if (drv == NULL) 575 goto out; 576 577 /* find any existing device, or allocate new unit number */ 578 i = clone_create(&drv->clones, &drv->cdevsw, &u, dev, 0); 579 if (i) { 580 if (append_unit) { 581 namelen = snprintf(devname, sizeof(devname), "%s%d", 582 name, u); 583 name = devname; 584 } 585 586 i = tun_create_device(drv, u, cred, dev, name); 587 } 588 if (i == 0) 589 if_clone_create(name, namelen, NULL); 590 out: 591 CURVNET_RESTORE(); 592 } 593 594 static void 595 tun_destroy(struct tuntap_softc *tp) 596 { 597 598 TUN_LOCK(tp); 599 tp->tun_flags |= TUN_DYING; 600 if (tp->tun_busy != 0) 601 cv_wait_unlock(&tp->tun_cv, &tp->tun_mtx); 602 else 603 TUN_UNLOCK(tp); 604 605 CURVNET_SET(TUN2IFP(tp)->if_vnet); 606 607 /* destroy_dev will take care of any alias. */ 608 destroy_dev(tp->tun_dev); 609 seldrain(&tp->tun_rsel); 610 knlist_clear(&tp->tun_rsel.si_note, 0); 611 knlist_destroy(&tp->tun_rsel.si_note); 612 if ((tp->tun_flags & TUN_L2) != 0) { 613 ether_ifdetach(TUN2IFP(tp)); 614 } else { 615 bpfdetach(TUN2IFP(tp)); 616 if_detach(TUN2IFP(tp)); 617 } 618 sx_xlock(&tun_ioctl_sx); 619 TUN2IFP(tp)->if_softc = NULL; 620 sx_xunlock(&tun_ioctl_sx); 621 free_unr(tp->tun_drv->unrhdr, TUN2IFP(tp)->if_dunit); 622 if_free(TUN2IFP(tp)); 623 mtx_destroy(&tp->tun_mtx); 624 cv_destroy(&tp->tun_cv); 625 free(tp, M_TUN); 626 CURVNET_RESTORE(); 627 } 628 629 static int 630 tun_clone_destroy(struct if_clone *ifc __unused, struct ifnet *ifp) 631 { 632 struct tuntap_softc *tp = ifp->if_softc; 633 634 mtx_lock(&tunmtx); 635 TAILQ_REMOVE(&tunhead, tp, tun_list); 636 mtx_unlock(&tunmtx); 637 tun_destroy(tp); 638 639 return (0); 640 } 641 642 static void 643 vnet_tun_init(const void *unused __unused) 644 { 645 struct tuntap_driver *drv; 646 struct tuntap_driver_cloner *drvc; 647 int i; 648 649 for (i = 0; i < nitems(tuntap_drivers); ++i) { 650 drv = &tuntap_drivers[i]; 651 drvc = malloc(sizeof(*drvc), M_TUN, M_WAITOK | M_ZERO); 652 653 drvc->drv = drv; 654 drvc->cloner = if_clone_advanced(drv->cdevsw.d_name, 0, 655 drv->clone_match_fn, drv->clone_create_fn, 656 drv->clone_destroy_fn); 657 SLIST_INSERT_HEAD(&V_tuntap_driver_cloners, drvc, link); 658 }; 659 } 660 VNET_SYSINIT(vnet_tun_init, SI_SUB_PROTO_IF, SI_ORDER_ANY, 661 vnet_tun_init, NULL); 662 663 static void 664 vnet_tun_uninit(const void *unused __unused) 665 { 666 struct tuntap_driver_cloner *drvc; 667 668 while (!SLIST_EMPTY(&V_tuntap_driver_cloners)) { 669 drvc = SLIST_FIRST(&V_tuntap_driver_cloners); 670 SLIST_REMOVE_HEAD(&V_tuntap_driver_cloners, link); 671 672 if_clone_detach(drvc->cloner); 673 free(drvc, M_TUN); 674 } 675 } 676 VNET_SYSUNINIT(vnet_tun_uninit, SI_SUB_PROTO_IF, SI_ORDER_ANY, 677 vnet_tun_uninit, NULL); 678 679 static void 680 tun_uninit(const void *unused __unused) 681 { 682 struct tuntap_driver *drv; 683 struct tuntap_softc *tp; 684 int i; 685 686 EVENTHANDLER_DEREGISTER(ifnet_arrival_event, arrival_tag); 687 EVENTHANDLER_DEREGISTER(dev_clone, clone_tag); 688 drain_dev_clone_events(); 689 690 mtx_lock(&tunmtx); 691 while ((tp = TAILQ_FIRST(&tunhead)) != NULL) { 692 TAILQ_REMOVE(&tunhead, tp, tun_list); 693 mtx_unlock(&tunmtx); 694 tun_destroy(tp); 695 mtx_lock(&tunmtx); 696 } 697 mtx_unlock(&tunmtx); 698 for (i = 0; i < nitems(tuntap_drivers); ++i) { 699 drv = &tuntap_drivers[i]; 700 delete_unrhdr(drv->unrhdr); 701 clone_cleanup(&drv->clones); 702 } 703 mtx_destroy(&tunmtx); 704 } 705 SYSUNINIT(tun_uninit, SI_SUB_PROTO_IF, SI_ORDER_ANY, tun_uninit, NULL); 706 707 static struct tuntap_driver * 708 tuntap_driver_from_ifnet(const struct ifnet *ifp) 709 { 710 struct tuntap_driver *drv; 711 int i; 712 713 if (ifp == NULL) 714 return (NULL); 715 716 for (i = 0; i < nitems(tuntap_drivers); ++i) { 717 drv = &tuntap_drivers[i]; 718 if (strcmp(ifp->if_dname, drv->cdevsw.d_name) == 0) 719 return (drv); 720 } 721 722 return (NULL); 723 } 724 725 static int 726 tuntapmodevent(module_t mod, int type, void *data) 727 { 728 struct tuntap_driver *drv; 729 int i; 730 731 switch (type) { 732 case MOD_LOAD: 733 mtx_init(&tunmtx, "tunmtx", NULL, MTX_DEF); 734 for (i = 0; i < nitems(tuntap_drivers); ++i) { 735 drv = &tuntap_drivers[i]; 736 clone_setup(&drv->clones); 737 drv->unrhdr = new_unrhdr(0, IF_MAXUNIT, &tunmtx); 738 } 739 arrival_tag = EVENTHANDLER_REGISTER(ifnet_arrival_event, 740 tunrename, 0, 1000); 741 if (arrival_tag == NULL) 742 return (ENOMEM); 743 clone_tag = EVENTHANDLER_REGISTER(dev_clone, tunclone, 0, 1000); 744 if (clone_tag == NULL) 745 return (ENOMEM); 746 break; 747 case MOD_UNLOAD: 748 /* See tun_uninit, so it's done after the vnet_sysuninit() */ 749 break; 750 default: 751 return EOPNOTSUPP; 752 } 753 return 0; 754 } 755 756 static moduledata_t tuntap_mod = { 757 "if_tuntap", 758 tuntapmodevent, 759 0 760 }; 761 762 /* We'll only ever have these two, so no need for a macro. */ 763 static moduledata_t tun_mod = { "if_tun", NULL, 0 }; 764 static moduledata_t tap_mod = { "if_tap", NULL, 0 }; 765 766 DECLARE_MODULE(if_tuntap, tuntap_mod, SI_SUB_PSEUDO, SI_ORDER_ANY); 767 MODULE_VERSION(if_tuntap, 1); 768 DECLARE_MODULE(if_tun, tun_mod, SI_SUB_PSEUDO, SI_ORDER_ANY); 769 MODULE_VERSION(if_tun, 1); 770 DECLARE_MODULE(if_tap, tap_mod, SI_SUB_PSEUDO, SI_ORDER_ANY); 771 MODULE_VERSION(if_tap, 1); 772 773 static int 774 tun_create_device(struct tuntap_driver *drv, int unit, struct ucred *cr, 775 struct cdev **dev, const char *name) 776 { 777 struct make_dev_args args; 778 struct tuntap_softc *tp; 779 int error; 780 781 tp = malloc(sizeof(*tp), M_TUN, M_WAITOK | M_ZERO); 782 mtx_init(&tp->tun_mtx, "tun_mtx", NULL, MTX_DEF); 783 cv_init(&tp->tun_cv, "tun_condvar"); 784 tp->tun_flags = drv->ident_flags; 785 tp->tun_drv = drv; 786 787 make_dev_args_init(&args); 788 if (cr != NULL) 789 args.mda_flags = MAKEDEV_REF; 790 args.mda_devsw = &drv->cdevsw; 791 args.mda_cr = cr; 792 args.mda_uid = UID_UUCP; 793 args.mda_gid = GID_DIALER; 794 args.mda_mode = 0600; 795 args.mda_unit = unit; 796 args.mda_si_drv1 = tp; 797 error = make_dev_s(&args, dev, "%s", name); 798 if (error != 0) { 799 free(tp, M_TUN); 800 return (error); 801 } 802 803 KASSERT((*dev)->si_drv1 != NULL, 804 ("Failed to set si_drv1 at %s creation", name)); 805 tp->tun_dev = *dev; 806 knlist_init_mtx(&tp->tun_rsel.si_note, &tp->tun_mtx); 807 mtx_lock(&tunmtx); 808 TAILQ_INSERT_TAIL(&tunhead, tp, tun_list); 809 mtx_unlock(&tunmtx); 810 return (0); 811 } 812 813 static void 814 tunstart(struct ifnet *ifp) 815 { 816 struct tuntap_softc *tp = ifp->if_softc; 817 struct mbuf *m; 818 819 TUNDEBUG(ifp, "starting\n"); 820 if (ALTQ_IS_ENABLED(&ifp->if_snd)) { 821 IFQ_LOCK(&ifp->if_snd); 822 IFQ_POLL_NOLOCK(&ifp->if_snd, m); 823 if (m == NULL) { 824 IFQ_UNLOCK(&ifp->if_snd); 825 return; 826 } 827 IFQ_UNLOCK(&ifp->if_snd); 828 } 829 830 TUN_LOCK(tp); 831 if (tp->tun_flags & TUN_RWAIT) { 832 tp->tun_flags &= ~TUN_RWAIT; 833 wakeup(tp); 834 } 835 selwakeuppri(&tp->tun_rsel, PZERO + 1); 836 KNOTE_LOCKED(&tp->tun_rsel.si_note, 0); 837 if (tp->tun_flags & TUN_ASYNC && tp->tun_sigio) { 838 TUN_UNLOCK(tp); 839 pgsigio(&tp->tun_sigio, SIGIO, 0); 840 } else 841 TUN_UNLOCK(tp); 842 } 843 844 /* 845 * tunstart_l2 846 * 847 * queue packets from higher level ready to put out 848 */ 849 static void 850 tunstart_l2(struct ifnet *ifp) 851 { 852 struct tuntap_softc *tp = ifp->if_softc; 853 854 TUNDEBUG(ifp, "starting\n"); 855 856 /* 857 * do not junk pending output if we are in VMnet mode. 858 * XXX: can this do any harm because of queue overflow? 859 */ 860 861 TUN_LOCK(tp); 862 if (((tp->tun_flags & TUN_VMNET) == 0) && 863 ((tp->tun_flags & TUN_READY) != TUN_READY)) { 864 struct mbuf *m; 865 866 /* Unlocked read. */ 867 TUNDEBUG(ifp, "not ready, tun_flags = 0x%x\n", tp->tun_flags); 868 869 for (;;) { 870 IF_DEQUEUE(&ifp->if_snd, m); 871 if (m != NULL) { 872 m_freem(m); 873 if_inc_counter(ifp, IFCOUNTER_OERRORS, 1); 874 } else 875 break; 876 } 877 TUN_UNLOCK(tp); 878 879 return; 880 } 881 882 ifp->if_drv_flags |= IFF_DRV_OACTIVE; 883 884 if (!IFQ_IS_EMPTY(&ifp->if_snd)) { 885 if (tp->tun_flags & TUN_RWAIT) { 886 tp->tun_flags &= ~TUN_RWAIT; 887 wakeup(tp); 888 } 889 890 if ((tp->tun_flags & TUN_ASYNC) && (tp->tun_sigio != NULL)) { 891 TUN_UNLOCK(tp); 892 pgsigio(&tp->tun_sigio, SIGIO, 0); 893 TUN_LOCK(tp); 894 } 895 896 selwakeuppri(&tp->tun_rsel, PZERO+1); 897 KNOTE_LOCKED(&tp->tun_rsel.si_note, 0); 898 if_inc_counter(ifp, IFCOUNTER_OPACKETS, 1); /* obytes are counted in ether_output */ 899 } 900 901 ifp->if_drv_flags &= ~IFF_DRV_OACTIVE; 902 TUN_UNLOCK(tp); 903 } /* tunstart_l2 */ 904 905 /* XXX: should return an error code so it can fail. */ 906 static void 907 tuncreate(struct cdev *dev) 908 { 909 struct tuntap_driver *drv; 910 struct tuntap_softc *tp; 911 struct ifnet *ifp; 912 struct ether_addr eaddr; 913 int iflags; 914 u_char type; 915 916 tp = dev->si_drv1; 917 KASSERT(tp != NULL, 918 ("si_drv1 should have been initialized at creation")); 919 920 drv = tp->tun_drv; 921 iflags = IFF_MULTICAST; 922 if ((tp->tun_flags & TUN_L2) != 0) { 923 type = IFT_ETHER; 924 iflags |= IFF_BROADCAST | IFF_SIMPLEX; 925 } else { 926 type = IFT_PPP; 927 iflags |= IFF_POINTOPOINT; 928 } 929 ifp = tp->tun_ifp = if_alloc(type); 930 if (ifp == NULL) 931 panic("%s%d: failed to if_alloc() interface.\n", 932 drv->cdevsw.d_name, dev2unit(dev)); 933 ifp->if_softc = tp; 934 if_initname(ifp, drv->cdevsw.d_name, dev2unit(dev)); 935 ifp->if_ioctl = tunifioctl; 936 ifp->if_flags = iflags; 937 IFQ_SET_MAXLEN(&ifp->if_snd, ifqmaxlen); 938 ifp->if_capabilities |= IFCAP_LINKSTATE; 939 ifp->if_capenable |= IFCAP_LINKSTATE; 940 941 if ((tp->tun_flags & TUN_L2) != 0) { 942 ifp->if_init = tunifinit; 943 ifp->if_start = tunstart_l2; 944 945 ether_gen_addr(ifp, &eaddr); 946 ether_ifattach(ifp, eaddr.octet); 947 } else { 948 ifp->if_mtu = TUNMTU; 949 ifp->if_start = tunstart; 950 ifp->if_output = tunoutput; 951 952 ifp->if_snd.ifq_drv_maxlen = 0; 953 IFQ_SET_READY(&ifp->if_snd); 954 955 if_attach(ifp); 956 bpfattach(ifp, DLT_NULL, sizeof(u_int32_t)); 957 } 958 959 TUN_LOCK(tp); 960 tp->tun_flags |= TUN_INITED; 961 TUN_UNLOCK(tp); 962 963 TUNDEBUG(ifp, "interface %s is created, minor = %#x\n", 964 ifp->if_xname, dev2unit(dev)); 965 } 966 967 static void 968 tunrename(void *arg __unused, struct ifnet *ifp) 969 { 970 struct tuntap_softc *tp; 971 int error; 972 973 if ((ifp->if_flags & IFF_RENAMING) == 0) 974 return; 975 976 if (tuntap_driver_from_ifnet(ifp) == NULL) 977 return; 978 979 /* 980 * We need to grab the ioctl sx long enough to make sure the softc is 981 * still there. If it is, we can safely try to busy the tun device. 982 * The busy may fail if the device is currently dying, in which case 983 * we do nothing. If it doesn't fail, the busy count stops the device 984 * from dying until we've created the alias (that will then be 985 * subsequently destroyed). 986 */ 987 sx_xlock(&tun_ioctl_sx); 988 tp = ifp->if_softc; 989 if (tp == NULL) { 990 sx_xunlock(&tun_ioctl_sx); 991 return; 992 } 993 error = tun_busy(tp); 994 sx_xunlock(&tun_ioctl_sx); 995 if (error != 0) 996 return; 997 if (tp->tun_alias != NULL) { 998 destroy_dev(tp->tun_alias); 999 tp->tun_alias = NULL; 1000 } 1001 1002 if (strcmp(ifp->if_xname, tp->tun_dev->si_name) == 0) 1003 goto out; 1004 1005 /* 1006 * Failure's ok, aliases are created on a best effort basis. If a 1007 * tun user/consumer decides to rename the interface to conflict with 1008 * another device (non-ifnet) on the system, we will assume they know 1009 * what they are doing. make_dev_alias_p won't touch tun_alias on 1010 * failure, so we use it but ignore the return value. 1011 */ 1012 make_dev_alias_p(MAKEDEV_CHECKNAME, &tp->tun_alias, tp->tun_dev, "%s", 1013 ifp->if_xname); 1014 out: 1015 tun_unbusy(tp); 1016 } 1017 1018 static int 1019 tunopen(struct cdev *dev, int flag, int mode, struct thread *td) 1020 { 1021 struct ifnet *ifp; 1022 struct tuntap_softc *tp; 1023 int error, tunflags; 1024 1025 tunflags = 0; 1026 CURVNET_SET(TD_TO_VNET(td)); 1027 error = tuntap_name2info(dev->si_name, NULL, &tunflags); 1028 if (error != 0) { 1029 CURVNET_RESTORE(); 1030 return (error); /* Shouldn't happen */ 1031 } 1032 1033 if ((tunflags & TUN_L2) != 0) { 1034 /* Restrict? */ 1035 if (tap_allow_uopen == 0) { 1036 error = priv_check(td, PRIV_NET_TAP); 1037 if (error != 0) { 1038 CURVNET_RESTORE(); 1039 return (error); 1040 } 1041 } 1042 } 1043 1044 tp = dev->si_drv1; 1045 KASSERT(tp != NULL, 1046 ("si_drv1 should have been initialized at creation")); 1047 1048 TUN_LOCK(tp); 1049 if ((tp->tun_flags & TUN_INITED) == 0) { 1050 TUN_UNLOCK(tp); 1051 CURVNET_RESTORE(); 1052 return (ENXIO); 1053 } 1054 if ((tp->tun_flags & (TUN_OPEN | TUN_DYING)) != 0) { 1055 TUN_UNLOCK(tp); 1056 CURVNET_RESTORE(); 1057 return (EBUSY); 1058 } 1059 1060 error = tun_busy_locked(tp); 1061 KASSERT(error == 0, ("Must be able to busy an unopen tunnel")); 1062 ifp = TUN2IFP(tp); 1063 1064 if ((tp->tun_flags & TUN_L2) != 0) { 1065 bcopy(IF_LLADDR(ifp), tp->tun_ether.octet, 1066 sizeof(tp->tun_ether.octet)); 1067 1068 ifp->if_drv_flags |= IFF_DRV_RUNNING; 1069 ifp->if_drv_flags &= ~IFF_DRV_OACTIVE; 1070 1071 if (tapuponopen) 1072 ifp->if_flags |= IFF_UP; 1073 } 1074 1075 tp->tun_pid = td->td_proc->p_pid; 1076 tp->tun_flags |= TUN_OPEN; 1077 1078 if_link_state_change(ifp, LINK_STATE_UP); 1079 TUNDEBUG(ifp, "open\n"); 1080 TUN_UNLOCK(tp); 1081 1082 /* 1083 * This can fail with either ENOENT or EBUSY. This is in the middle of 1084 * d_open, so ENOENT should not be possible. EBUSY is possible, but 1085 * the only cdevpriv dtor being set will be tundtor and the softc being 1086 * passed is constant for a given cdev. We ignore the possible error 1087 * because of this as either "unlikely" or "not actually a problem." 1088 */ 1089 (void)devfs_set_cdevpriv(tp, tundtor); 1090 CURVNET_RESTORE(); 1091 return (0); 1092 } 1093 1094 /* 1095 * tundtor - tear down the device - mark i/f down & delete 1096 * routing info 1097 */ 1098 static void 1099 tundtor(void *data) 1100 { 1101 struct proc *p; 1102 struct tuntap_softc *tp; 1103 struct ifnet *ifp; 1104 bool l2tun; 1105 1106 tp = data; 1107 p = curproc; 1108 ifp = TUN2IFP(tp); 1109 1110 TUN_LOCK(tp); 1111 1112 /* 1113 * Realistically, we can't be obstinate here. This only means that the 1114 * tuntap device was closed out of order, and the last closer wasn't the 1115 * controller. These are still good to know about, though, as software 1116 * should avoid multiple processes with a tuntap device open and 1117 * ill-defined transfer of control (e.g., handoff, TUNSIFPID, close in 1118 * parent). 1119 */ 1120 if (p->p_pid != tp->tun_pid) { 1121 log(LOG_INFO, 1122 "pid %d (%s), %s: tun/tap protocol violation, non-controlling process closed last.\n", 1123 p->p_pid, p->p_comm, tp->tun_dev->si_name); 1124 } 1125 1126 /* 1127 * junk all pending output 1128 */ 1129 CURVNET_SET(ifp->if_vnet); 1130 1131 l2tun = false; 1132 if ((tp->tun_flags & TUN_L2) != 0) { 1133 l2tun = true; 1134 IF_DRAIN(&ifp->if_snd); 1135 } else { 1136 IFQ_PURGE(&ifp->if_snd); 1137 } 1138 1139 /* For vmnet, we won't do most of the address/route bits */ 1140 if ((tp->tun_flags & TUN_VMNET) != 0 || 1141 (l2tun && (ifp->if_flags & IFF_LINK0) != 0)) 1142 goto out; 1143 1144 if (ifp->if_flags & IFF_UP) { 1145 TUN_UNLOCK(tp); 1146 if_down(ifp); 1147 TUN_LOCK(tp); 1148 } 1149 1150 /* Delete all addresses and routes which reference this interface. */ 1151 if (ifp->if_drv_flags & IFF_DRV_RUNNING) { 1152 struct ifaddr *ifa; 1153 1154 ifp->if_drv_flags &= ~IFF_DRV_RUNNING; 1155 TUN_UNLOCK(tp); 1156 CK_STAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) { 1157 /* deal w/IPv4 PtP destination; unlocked read */ 1158 if (!l2tun && ifa->ifa_addr->sa_family == AF_INET) { 1159 rtinit(ifa, (int)RTM_DELETE, 1160 tp->tun_flags & TUN_DSTADDR ? RTF_HOST : 0); 1161 } else { 1162 rtinit(ifa, (int)RTM_DELETE, 0); 1163 } 1164 } 1165 if_purgeaddrs(ifp); 1166 TUN_LOCK(tp); 1167 } 1168 1169 out: 1170 if_link_state_change(ifp, LINK_STATE_DOWN); 1171 CURVNET_RESTORE(); 1172 1173 funsetown(&tp->tun_sigio); 1174 selwakeuppri(&tp->tun_rsel, PZERO + 1); 1175 KNOTE_LOCKED(&tp->tun_rsel.si_note, 0); 1176 TUNDEBUG (ifp, "closed\n"); 1177 tp->tun_flags &= ~TUN_OPEN; 1178 tp->tun_pid = 0; 1179 1180 tun_unbusy_locked(tp); 1181 TUN_UNLOCK(tp); 1182 } 1183 1184 static void 1185 tuninit(struct ifnet *ifp) 1186 { 1187 struct tuntap_softc *tp = ifp->if_softc; 1188 #ifdef INET 1189 struct ifaddr *ifa; 1190 #endif 1191 1192 TUNDEBUG(ifp, "tuninit\n"); 1193 1194 TUN_LOCK(tp); 1195 ifp->if_drv_flags |= IFF_DRV_RUNNING; 1196 if ((tp->tun_flags & TUN_L2) == 0) { 1197 ifp->if_flags |= IFF_UP; 1198 getmicrotime(&ifp->if_lastchange); 1199 #ifdef INET 1200 if_addr_rlock(ifp); 1201 CK_STAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) { 1202 if (ifa->ifa_addr->sa_family == AF_INET) { 1203 struct sockaddr_in *si; 1204 1205 si = (struct sockaddr_in *)ifa->ifa_dstaddr; 1206 if (si && si->sin_addr.s_addr) { 1207 tp->tun_flags |= TUN_DSTADDR; 1208 break; 1209 } 1210 } 1211 } 1212 if_addr_runlock(ifp); 1213 #endif 1214 TUN_UNLOCK(tp); 1215 } else { 1216 ifp->if_drv_flags &= ~IFF_DRV_OACTIVE; 1217 TUN_UNLOCK(tp); 1218 /* attempt to start output */ 1219 tunstart_l2(ifp); 1220 } 1221 1222 } 1223 1224 /* 1225 * Used only for l2 tunnel. 1226 */ 1227 static void 1228 tunifinit(void *xtp) 1229 { 1230 struct tuntap_softc *tp; 1231 1232 tp = (struct tuntap_softc *)xtp; 1233 tuninit(tp->tun_ifp); 1234 } 1235 1236 /* 1237 * Process an ioctl request. 1238 */ 1239 static int 1240 tunifioctl(struct ifnet *ifp, u_long cmd, caddr_t data) 1241 { 1242 struct ifreq *ifr = (struct ifreq *)data; 1243 struct tuntap_softc *tp; 1244 struct ifstat *ifs; 1245 struct ifmediareq *ifmr; 1246 int dummy, error = 0; 1247 bool l2tun; 1248 1249 ifmr = NULL; 1250 sx_xlock(&tun_ioctl_sx); 1251 tp = ifp->if_softc; 1252 if (tp == NULL) { 1253 error = ENXIO; 1254 goto bad; 1255 } 1256 l2tun = (tp->tun_flags & TUN_L2) != 0; 1257 switch(cmd) { 1258 case SIOCGIFSTATUS: 1259 ifs = (struct ifstat *)data; 1260 TUN_LOCK(tp); 1261 if (tp->tun_pid) 1262 snprintf(ifs->ascii, sizeof(ifs->ascii), 1263 "\tOpened by PID %d\n", tp->tun_pid); 1264 else 1265 ifs->ascii[0] = '\0'; 1266 TUN_UNLOCK(tp); 1267 break; 1268 case SIOCSIFADDR: 1269 if (l2tun) 1270 error = ether_ioctl(ifp, cmd, data); 1271 else 1272 tuninit(ifp); 1273 if (error == 0) 1274 TUNDEBUG(ifp, "address set\n"); 1275 break; 1276 case SIOCSIFMTU: 1277 ifp->if_mtu = ifr->ifr_mtu; 1278 TUNDEBUG(ifp, "mtu set\n"); 1279 break; 1280 case SIOCSIFFLAGS: 1281 case SIOCADDMULTI: 1282 case SIOCDELMULTI: 1283 break; 1284 case SIOCGIFMEDIA: 1285 if (!l2tun) { 1286 error = EINVAL; 1287 break; 1288 } 1289 1290 ifmr = (struct ifmediareq *)data; 1291 dummy = ifmr->ifm_count; 1292 ifmr->ifm_count = 1; 1293 ifmr->ifm_status = IFM_AVALID; 1294 ifmr->ifm_active = IFM_ETHER; 1295 if (tp->tun_flags & TUN_OPEN) 1296 ifmr->ifm_status |= IFM_ACTIVE; 1297 ifmr->ifm_current = ifmr->ifm_active; 1298 if (dummy >= 1) { 1299 int media = IFM_ETHER; 1300 error = copyout(&media, ifmr->ifm_ulist, sizeof(int)); 1301 } 1302 break; 1303 default: 1304 if (l2tun) { 1305 error = ether_ioctl(ifp, cmd, data); 1306 } else { 1307 error = EINVAL; 1308 } 1309 } 1310 bad: 1311 sx_xunlock(&tun_ioctl_sx); 1312 return (error); 1313 } 1314 1315 /* 1316 * tunoutput - queue packets from higher level ready to put out. 1317 */ 1318 static int 1319 tunoutput(struct ifnet *ifp, struct mbuf *m0, const struct sockaddr *dst, 1320 struct route *ro) 1321 { 1322 struct tuntap_softc *tp = ifp->if_softc; 1323 u_short cached_tun_flags; 1324 int error; 1325 u_int32_t af; 1326 1327 TUNDEBUG (ifp, "tunoutput\n"); 1328 1329 #ifdef MAC 1330 error = mac_ifnet_check_transmit(ifp, m0); 1331 if (error) { 1332 m_freem(m0); 1333 return (error); 1334 } 1335 #endif 1336 1337 /* Could be unlocked read? */ 1338 TUN_LOCK(tp); 1339 cached_tun_flags = tp->tun_flags; 1340 TUN_UNLOCK(tp); 1341 if ((cached_tun_flags & TUN_READY) != TUN_READY) { 1342 TUNDEBUG (ifp, "not ready 0%o\n", tp->tun_flags); 1343 m_freem (m0); 1344 return (EHOSTDOWN); 1345 } 1346 1347 if ((ifp->if_flags & IFF_UP) != IFF_UP) { 1348 m_freem (m0); 1349 return (EHOSTDOWN); 1350 } 1351 1352 /* BPF writes need to be handled specially. */ 1353 if (dst->sa_family == AF_UNSPEC) 1354 bcopy(dst->sa_data, &af, sizeof(af)); 1355 else 1356 af = dst->sa_family; 1357 1358 if (bpf_peers_present(ifp->if_bpf)) 1359 bpf_mtap2(ifp->if_bpf, &af, sizeof(af), m0); 1360 1361 /* prepend sockaddr? this may abort if the mbuf allocation fails */ 1362 if (cached_tun_flags & TUN_LMODE) { 1363 /* allocate space for sockaddr */ 1364 M_PREPEND(m0, dst->sa_len, M_NOWAIT); 1365 1366 /* if allocation failed drop packet */ 1367 if (m0 == NULL) { 1368 if_inc_counter(ifp, IFCOUNTER_IQDROPS, 1); 1369 if_inc_counter(ifp, IFCOUNTER_OERRORS, 1); 1370 return (ENOBUFS); 1371 } else { 1372 bcopy(dst, m0->m_data, dst->sa_len); 1373 } 1374 } 1375 1376 if (cached_tun_flags & TUN_IFHEAD) { 1377 /* Prepend the address family */ 1378 M_PREPEND(m0, 4, M_NOWAIT); 1379 1380 /* if allocation failed drop packet */ 1381 if (m0 == NULL) { 1382 if_inc_counter(ifp, IFCOUNTER_IQDROPS, 1); 1383 if_inc_counter(ifp, IFCOUNTER_OERRORS, 1); 1384 return (ENOBUFS); 1385 } else 1386 *(u_int32_t *)m0->m_data = htonl(af); 1387 } else { 1388 #ifdef INET 1389 if (af != AF_INET) 1390 #endif 1391 { 1392 m_freem(m0); 1393 return (EAFNOSUPPORT); 1394 } 1395 } 1396 1397 error = (ifp->if_transmit)(ifp, m0); 1398 if (error) 1399 return (ENOBUFS); 1400 if_inc_counter(ifp, IFCOUNTER_OPACKETS, 1); 1401 return (0); 1402 } 1403 1404 /* 1405 * the cdevsw interface is now pretty minimal. 1406 */ 1407 static int 1408 tunioctl(struct cdev *dev, u_long cmd, caddr_t data, int flag, 1409 struct thread *td) 1410 { 1411 struct ifreq ifr, *ifrp; 1412 struct tuntap_softc *tp = dev->si_drv1; 1413 struct tuninfo *tunp; 1414 int error, iflags; 1415 #if defined(COMPAT_FREEBSD6) || defined(COMPAT_FREEBSD5) || \ 1416 defined(COMPAT_FREEBSD4) 1417 int ival; 1418 #endif 1419 bool l2tun; 1420 1421 l2tun = (tp->tun_flags & TUN_L2) != 0; 1422 if (l2tun) { 1423 /* tap specific ioctls */ 1424 switch(cmd) { 1425 /* VMware/VMnet port ioctl's */ 1426 #if defined(COMPAT_FREEBSD6) || defined(COMPAT_FREEBSD5) || \ 1427 defined(COMPAT_FREEBSD4) 1428 case _IO('V', 0): 1429 ival = IOCPARM_IVAL(data); 1430 data = (caddr_t)&ival; 1431 /* FALLTHROUGH */ 1432 #endif 1433 case VMIO_SIOCSIFFLAGS: /* VMware/VMnet SIOCSIFFLAGS */ 1434 iflags = *(int *)data; 1435 iflags &= TUN_VMIO_FLAG_MASK; 1436 iflags &= ~IFF_CANTCHANGE; 1437 iflags |= IFF_UP; 1438 1439 TUN_LOCK(tp); 1440 TUN2IFP(tp)->if_flags = iflags | 1441 (TUN2IFP(tp)->if_flags & IFF_CANTCHANGE); 1442 TUN_UNLOCK(tp); 1443 1444 return (0); 1445 case SIOCGIFADDR: /* get MAC address of the remote side */ 1446 TUN_LOCK(tp); 1447 bcopy(&tp->tun_ether.octet, data, 1448 sizeof(tp->tun_ether.octet)); 1449 TUN_UNLOCK(tp); 1450 1451 return (0); 1452 case SIOCSIFADDR: /* set MAC address of the remote side */ 1453 TUN_LOCK(tp); 1454 bcopy(data, &tp->tun_ether.octet, 1455 sizeof(tp->tun_ether.octet)); 1456 TUN_UNLOCK(tp); 1457 1458 return (0); 1459 } 1460 1461 /* Fall through to the common ioctls if unhandled */ 1462 } else { 1463 switch (cmd) { 1464 case TUNSLMODE: 1465 TUN_LOCK(tp); 1466 if (*(int *)data) { 1467 tp->tun_flags |= TUN_LMODE; 1468 tp->tun_flags &= ~TUN_IFHEAD; 1469 } else 1470 tp->tun_flags &= ~TUN_LMODE; 1471 TUN_UNLOCK(tp); 1472 1473 return (0); 1474 case TUNSIFHEAD: 1475 TUN_LOCK(tp); 1476 if (*(int *)data) { 1477 tp->tun_flags |= TUN_IFHEAD; 1478 tp->tun_flags &= ~TUN_LMODE; 1479 } else 1480 tp->tun_flags &= ~TUN_IFHEAD; 1481 TUN_UNLOCK(tp); 1482 1483 return (0); 1484 case TUNGIFHEAD: 1485 TUN_LOCK(tp); 1486 *(int *)data = (tp->tun_flags & TUN_IFHEAD) ? 1 : 0; 1487 TUN_UNLOCK(tp); 1488 1489 return (0); 1490 case TUNSIFMODE: 1491 /* deny this if UP */ 1492 if (TUN2IFP(tp)->if_flags & IFF_UP) 1493 return (EBUSY); 1494 1495 switch (*(int *)data & ~IFF_MULTICAST) { 1496 case IFF_POINTOPOINT: 1497 case IFF_BROADCAST: 1498 TUN_LOCK(tp); 1499 TUN2IFP(tp)->if_flags &= 1500 ~(IFF_BROADCAST|IFF_POINTOPOINT|IFF_MULTICAST); 1501 TUN2IFP(tp)->if_flags |= *(int *)data; 1502 TUN_UNLOCK(tp); 1503 1504 break; 1505 default: 1506 return (EINVAL); 1507 } 1508 1509 return (0); 1510 case TUNSIFPID: 1511 TUN_LOCK(tp); 1512 tp->tun_pid = curthread->td_proc->p_pid; 1513 TUN_UNLOCK(tp); 1514 1515 return (0); 1516 } 1517 /* Fall through to the common ioctls if unhandled */ 1518 } 1519 1520 switch (cmd) { 1521 case TUNGIFNAME: 1522 ifrp = (struct ifreq *)data; 1523 strlcpy(ifrp->ifr_name, TUN2IFP(tp)->if_xname, IFNAMSIZ); 1524 1525 return (0); 1526 case TUNSIFINFO: 1527 tunp = (struct tuninfo *)data; 1528 if (TUN2IFP(tp)->if_type != tunp->type) 1529 return (EPROTOTYPE); 1530 TUN_LOCK(tp); 1531 if (TUN2IFP(tp)->if_mtu != tunp->mtu) { 1532 strlcpy(ifr.ifr_name, if_name(TUN2IFP(tp)), IFNAMSIZ); 1533 ifr.ifr_mtu = tunp->mtu; 1534 CURVNET_SET(TUN2IFP(tp)->if_vnet); 1535 error = ifhwioctl(SIOCSIFMTU, TUN2IFP(tp), 1536 (caddr_t)&ifr, td); 1537 CURVNET_RESTORE(); 1538 if (error) { 1539 TUN_UNLOCK(tp); 1540 return (error); 1541 } 1542 } 1543 TUN2IFP(tp)->if_baudrate = tunp->baudrate; 1544 TUN_UNLOCK(tp); 1545 break; 1546 case TUNGIFINFO: 1547 tunp = (struct tuninfo *)data; 1548 TUN_LOCK(tp); 1549 tunp->mtu = TUN2IFP(tp)->if_mtu; 1550 tunp->type = TUN2IFP(tp)->if_type; 1551 tunp->baudrate = TUN2IFP(tp)->if_baudrate; 1552 TUN_UNLOCK(tp); 1553 break; 1554 case TUNSDEBUG: 1555 tundebug = *(int *)data; 1556 break; 1557 case TUNGDEBUG: 1558 *(int *)data = tundebug; 1559 break; 1560 case FIONBIO: 1561 break; 1562 case FIOASYNC: 1563 TUN_LOCK(tp); 1564 if (*(int *)data) 1565 tp->tun_flags |= TUN_ASYNC; 1566 else 1567 tp->tun_flags &= ~TUN_ASYNC; 1568 TUN_UNLOCK(tp); 1569 break; 1570 case FIONREAD: 1571 if (!IFQ_IS_EMPTY(&TUN2IFP(tp)->if_snd)) { 1572 struct mbuf *mb; 1573 IFQ_LOCK(&TUN2IFP(tp)->if_snd); 1574 IFQ_POLL_NOLOCK(&TUN2IFP(tp)->if_snd, mb); 1575 for (*(int *)data = 0; mb != NULL; mb = mb->m_next) 1576 *(int *)data += mb->m_len; 1577 IFQ_UNLOCK(&TUN2IFP(tp)->if_snd); 1578 } else 1579 *(int *)data = 0; 1580 break; 1581 case FIOSETOWN: 1582 return (fsetown(*(int *)data, &tp->tun_sigio)); 1583 1584 case FIOGETOWN: 1585 *(int *)data = fgetown(&tp->tun_sigio); 1586 return (0); 1587 1588 /* This is deprecated, FIOSETOWN should be used instead. */ 1589 case TIOCSPGRP: 1590 return (fsetown(-(*(int *)data), &tp->tun_sigio)); 1591 1592 /* This is deprecated, FIOGETOWN should be used instead. */ 1593 case TIOCGPGRP: 1594 *(int *)data = -fgetown(&tp->tun_sigio); 1595 return (0); 1596 1597 default: 1598 return (ENOTTY); 1599 } 1600 return (0); 1601 } 1602 1603 /* 1604 * The cdevsw read interface - reads a packet at a time, or at 1605 * least as much of a packet as can be read. 1606 */ 1607 static int 1608 tunread(struct cdev *dev, struct uio *uio, int flag) 1609 { 1610 struct tuntap_softc *tp = dev->si_drv1; 1611 struct ifnet *ifp = TUN2IFP(tp); 1612 struct mbuf *m; 1613 int error=0, len; 1614 1615 TUNDEBUG (ifp, "read\n"); 1616 TUN_LOCK(tp); 1617 if ((tp->tun_flags & TUN_READY) != TUN_READY) { 1618 TUN_UNLOCK(tp); 1619 TUNDEBUG (ifp, "not ready 0%o\n", tp->tun_flags); 1620 return (EHOSTDOWN); 1621 } 1622 1623 tp->tun_flags &= ~TUN_RWAIT; 1624 1625 for (;;) { 1626 IFQ_DEQUEUE(&ifp->if_snd, m); 1627 if (m != NULL) 1628 break; 1629 if (flag & O_NONBLOCK) { 1630 TUN_UNLOCK(tp); 1631 return (EWOULDBLOCK); 1632 } 1633 tp->tun_flags |= TUN_RWAIT; 1634 error = mtx_sleep(tp, &tp->tun_mtx, PCATCH | (PZERO + 1), 1635 "tunread", 0); 1636 if (error != 0) { 1637 TUN_UNLOCK(tp); 1638 return (error); 1639 } 1640 } 1641 TUN_UNLOCK(tp); 1642 1643 if ((tp->tun_flags & TUN_L2) != 0) 1644 BPF_MTAP(ifp, m); 1645 1646 while (m && uio->uio_resid > 0 && error == 0) { 1647 len = min(uio->uio_resid, m->m_len); 1648 if (len != 0) 1649 error = uiomove(mtod(m, void *), len, uio); 1650 m = m_free(m); 1651 } 1652 1653 if (m) { 1654 TUNDEBUG(ifp, "Dropping mbuf\n"); 1655 m_freem(m); 1656 } 1657 return (error); 1658 } 1659 1660 static int 1661 tunwrite_l2(struct tuntap_softc *tp, struct mbuf *m) 1662 { 1663 struct ether_header *eh; 1664 struct ifnet *ifp; 1665 1666 ifp = TUN2IFP(tp); 1667 1668 /* 1669 * Only pass a unicast frame to ether_input(), if it would 1670 * actually have been received by non-virtual hardware. 1671 */ 1672 if (m->m_len < sizeof(struct ether_header)) { 1673 m_freem(m); 1674 return (0); 1675 } 1676 1677 eh = mtod(m, struct ether_header *); 1678 1679 if (eh && (ifp->if_flags & IFF_PROMISC) == 0 && 1680 !ETHER_IS_MULTICAST(eh->ether_dhost) && 1681 bcmp(eh->ether_dhost, IF_LLADDR(ifp), ETHER_ADDR_LEN) != 0) { 1682 m_freem(m); 1683 return (0); 1684 } 1685 1686 /* Pass packet up to parent. */ 1687 CURVNET_SET(ifp->if_vnet); 1688 (*ifp->if_input)(ifp, m); 1689 CURVNET_RESTORE(); 1690 /* ibytes are counted in parent */ 1691 if_inc_counter(ifp, IFCOUNTER_IPACKETS, 1); 1692 return (0); 1693 } 1694 1695 static int 1696 tunwrite_l3(struct tuntap_softc *tp, struct mbuf *m) 1697 { 1698 struct ifnet *ifp; 1699 int family, isr; 1700 1701 ifp = TUN2IFP(tp); 1702 /* Could be unlocked read? */ 1703 TUN_LOCK(tp); 1704 if (tp->tun_flags & TUN_IFHEAD) { 1705 TUN_UNLOCK(tp); 1706 if (m->m_len < sizeof(family) && 1707 (m = m_pullup(m, sizeof(family))) == NULL) 1708 return (ENOBUFS); 1709 family = ntohl(*mtod(m, u_int32_t *)); 1710 m_adj(m, sizeof(family)); 1711 } else { 1712 TUN_UNLOCK(tp); 1713 family = AF_INET; 1714 } 1715 1716 BPF_MTAP2(ifp, &family, sizeof(family), m); 1717 1718 switch (family) { 1719 #ifdef INET 1720 case AF_INET: 1721 isr = NETISR_IP; 1722 break; 1723 #endif 1724 #ifdef INET6 1725 case AF_INET6: 1726 isr = NETISR_IPV6; 1727 break; 1728 #endif 1729 default: 1730 m_freem(m); 1731 return (EAFNOSUPPORT); 1732 } 1733 random_harvest_queue(m, sizeof(*m), RANDOM_NET_TUN); 1734 if_inc_counter(ifp, IFCOUNTER_IBYTES, m->m_pkthdr.len); 1735 if_inc_counter(ifp, IFCOUNTER_IPACKETS, 1); 1736 CURVNET_SET(ifp->if_vnet); 1737 M_SETFIB(m, ifp->if_fib); 1738 netisr_dispatch(isr, m); 1739 CURVNET_RESTORE(); 1740 return (0); 1741 } 1742 1743 /* 1744 * the cdevsw write interface - an atomic write is a packet - or else! 1745 */ 1746 static int 1747 tunwrite(struct cdev *dev, struct uio *uio, int flag) 1748 { 1749 struct tuntap_softc *tp; 1750 struct ifnet *ifp; 1751 struct mbuf *m; 1752 uint32_t mru; 1753 int align; 1754 bool l2tun; 1755 1756 tp = dev->si_drv1; 1757 ifp = TUN2IFP(tp); 1758 TUNDEBUG(ifp, "tunwrite\n"); 1759 if ((ifp->if_flags & IFF_UP) != IFF_UP) 1760 /* ignore silently */ 1761 return (0); 1762 1763 if (uio->uio_resid == 0) 1764 return (0); 1765 1766 l2tun = (tp->tun_flags & TUN_L2) != 0; 1767 align = 0; 1768 mru = l2tun ? TAPMRU : TUNMRU; 1769 if (l2tun) 1770 align = ETHER_ALIGN; 1771 else if ((tp->tun_flags & TUN_IFHEAD) != 0) 1772 mru += sizeof(uint32_t); /* family */ 1773 if (uio->uio_resid < 0 || uio->uio_resid > mru) { 1774 TUNDEBUG(ifp, "len=%zd!\n", uio->uio_resid); 1775 return (EIO); 1776 } 1777 1778 if ((m = m_uiotombuf(uio, M_NOWAIT, 0, align, M_PKTHDR)) == NULL) { 1779 if_inc_counter(ifp, IFCOUNTER_IERRORS, 1); 1780 return (ENOBUFS); 1781 } 1782 1783 m->m_pkthdr.rcvif = ifp; 1784 #ifdef MAC 1785 mac_ifnet_create_mbuf(ifp, m); 1786 #endif 1787 1788 if (l2tun) 1789 return (tunwrite_l2(tp, m)); 1790 1791 return (tunwrite_l3(tp, m)); 1792 } 1793 1794 /* 1795 * tunpoll - the poll interface, this is only useful on reads 1796 * really. The write detect always returns true, write never blocks 1797 * anyway, it either accepts the packet or drops it. 1798 */ 1799 static int 1800 tunpoll(struct cdev *dev, int events, struct thread *td) 1801 { 1802 struct tuntap_softc *tp = dev->si_drv1; 1803 struct ifnet *ifp = TUN2IFP(tp); 1804 int revents = 0; 1805 1806 TUNDEBUG(ifp, "tunpoll\n"); 1807 1808 if (events & (POLLIN | POLLRDNORM)) { 1809 IFQ_LOCK(&ifp->if_snd); 1810 if (!IFQ_IS_EMPTY(&ifp->if_snd)) { 1811 TUNDEBUG(ifp, "tunpoll q=%d\n", ifp->if_snd.ifq_len); 1812 revents |= events & (POLLIN | POLLRDNORM); 1813 } else { 1814 TUNDEBUG(ifp, "tunpoll waiting\n"); 1815 selrecord(td, &tp->tun_rsel); 1816 } 1817 IFQ_UNLOCK(&ifp->if_snd); 1818 } 1819 revents |= events & (POLLOUT | POLLWRNORM); 1820 1821 return (revents); 1822 } 1823 1824 /* 1825 * tunkqfilter - support for the kevent() system call. 1826 */ 1827 static int 1828 tunkqfilter(struct cdev *dev, struct knote *kn) 1829 { 1830 struct tuntap_softc *tp = dev->si_drv1; 1831 struct ifnet *ifp = TUN2IFP(tp); 1832 1833 switch(kn->kn_filter) { 1834 case EVFILT_READ: 1835 TUNDEBUG(ifp, "%s kqfilter: EVFILT_READ, minor = %#x\n", 1836 ifp->if_xname, dev2unit(dev)); 1837 kn->kn_fop = &tun_read_filterops; 1838 break; 1839 1840 case EVFILT_WRITE: 1841 TUNDEBUG(ifp, "%s kqfilter: EVFILT_WRITE, minor = %#x\n", 1842 ifp->if_xname, dev2unit(dev)); 1843 kn->kn_fop = &tun_write_filterops; 1844 break; 1845 1846 default: 1847 TUNDEBUG(ifp, "%s kqfilter: invalid filter, minor = %#x\n", 1848 ifp->if_xname, dev2unit(dev)); 1849 return(EINVAL); 1850 } 1851 1852 kn->kn_hook = tp; 1853 knlist_add(&tp->tun_rsel.si_note, kn, 0); 1854 1855 return (0); 1856 } 1857 1858 /* 1859 * Return true of there is data in the interface queue. 1860 */ 1861 static int 1862 tunkqread(struct knote *kn, long hint) 1863 { 1864 int ret; 1865 struct tuntap_softc *tp = kn->kn_hook; 1866 struct cdev *dev = tp->tun_dev; 1867 struct ifnet *ifp = TUN2IFP(tp); 1868 1869 if ((kn->kn_data = ifp->if_snd.ifq_len) > 0) { 1870 TUNDEBUG(ifp, 1871 "%s have data in the queue. Len = %d, minor = %#x\n", 1872 ifp->if_xname, ifp->if_snd.ifq_len, dev2unit(dev)); 1873 ret = 1; 1874 } else { 1875 TUNDEBUG(ifp, 1876 "%s waiting for data, minor = %#x\n", ifp->if_xname, 1877 dev2unit(dev)); 1878 ret = 0; 1879 } 1880 1881 return (ret); 1882 } 1883 1884 /* 1885 * Always can write, always return MTU in kn->data. 1886 */ 1887 static int 1888 tunkqwrite(struct knote *kn, long hint) 1889 { 1890 struct tuntap_softc *tp = kn->kn_hook; 1891 struct ifnet *ifp = TUN2IFP(tp); 1892 1893 kn->kn_data = ifp->if_mtu; 1894 1895 return (1); 1896 } 1897 1898 static void 1899 tunkqdetach(struct knote *kn) 1900 { 1901 struct tuntap_softc *tp = kn->kn_hook; 1902 1903 knlist_remove(&tp->tun_rsel.si_note, kn, 0); 1904 }
Cache object: a2266a408f321f9c034ab6c954a6cb8c
[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]