1 /* $NetBSD: bpf.c,v 1.111 2005/09/05 18:32:24 rpaulo Exp $ */ 2 3 /* 4 * Copyright (c) 1990, 1991, 1993 5 * The Regents of the University of California. All rights reserved. 6 * 7 * This code is derived from the Stanford/CMU enet packet filter, 8 * (net/enet.c) distributed as part of 4.3BSD, and code contributed 9 * to Berkeley by Steven McCanne and Van Jacobson both of Lawrence 10 * Berkeley Laboratory. 11 * 12 * Redistribution and use in source and binary forms, with or without 13 * modification, are permitted provided that the following conditions 14 * are met: 15 * 1. Redistributions of source code must retain the above copyright 16 * notice, this list of conditions and the following disclaimer. 17 * 2. Redistributions in binary form must reproduce the above copyright 18 * notice, this list of conditions and the following disclaimer in the 19 * documentation and/or other materials provided with the distribution. 20 * 3. Neither the name of the University nor the names of its contributors 21 * may be used to endorse or promote products derived from this software 22 * without specific prior written permission. 23 * 24 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 25 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 26 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 27 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 28 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 29 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 30 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 31 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 32 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 33 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 34 * SUCH DAMAGE. 35 * 36 * @(#)bpf.c 8.4 (Berkeley) 1/9/95 37 * static char rcsid[] = 38 * "Header: bpf.c,v 1.67 96/09/26 22:00:52 leres Exp "; 39 */ 40 41 #include <sys/cdefs.h> 42 __KERNEL_RCSID(0, "$NetBSD: bpf.c,v 1.111 2005/09/05 18:32:24 rpaulo Exp $"); 43 44 #include <sys/param.h> 45 #include <sys/systm.h> 46 #include <sys/mbuf.h> 47 #include <sys/buf.h> 48 #include <sys/time.h> 49 #include <sys/proc.h> 50 #include <sys/user.h> 51 #include <sys/ioctl.h> 52 #include <sys/conf.h> 53 #include <sys/vnode.h> 54 #include <sys/queue.h> 55 56 #include <sys/file.h> 57 #include <sys/filedesc.h> 58 #include <sys/tty.h> 59 #include <sys/uio.h> 60 61 #include <sys/protosw.h> 62 #include <sys/socket.h> 63 #include <sys/errno.h> 64 #include <sys/kernel.h> 65 #include <sys/poll.h> 66 #include <sys/sysctl.h> 67 68 #include <net/if.h> 69 #include <net/slip.h> 70 71 #include <net/bpf.h> 72 #include <net/bpfdesc.h> 73 74 #include <net/if_arc.h> 75 #include <net/if_ether.h> 76 77 #include <netinet/in.h> 78 #include <netinet/if_inarp.h> 79 80 #if defined(_KERNEL_OPT) 81 #include "opt_bpf.h" 82 #include "sl.h" 83 #include "strip.h" 84 #endif 85 86 #ifndef BPF_BUFSIZE 87 /* 88 * 4096 is too small for FDDI frames. 8192 is too small for gigabit Ethernet 89 * jumbos (circa 9k), ATM, or Intel gig/10gig ethernet jumbos (16k). 90 */ 91 # define BPF_BUFSIZE 32768 92 #endif 93 94 #define PRINET 26 /* interruptible */ 95 96 /* 97 * The default read buffer size, and limit for BIOCSBLEN, is sysctl'able. 98 * XXX the default values should be computed dynamically based 99 * on available memory size and available mbuf clusters. 100 */ 101 int bpf_bufsize = BPF_BUFSIZE; 102 int bpf_maxbufsize = BPF_DFLTBUFSIZE; /* XXX set dynamically, see above */ 103 104 105 /* 106 * Global BPF statistics returned by net.bpf.stats sysctl. 107 */ 108 struct bpf_stat bpf_gstats; 109 110 /* 111 * Use a mutex to avoid a race condition between gathering the stats/peers 112 * and opening/closing the device. 113 */ 114 struct simplelock bpf_slock; 115 116 /* 117 * bpf_iflist is the list of interfaces; each corresponds to an ifnet 118 * bpf_dtab holds the descriptors, indexed by minor device # 119 */ 120 struct bpf_if *bpf_iflist; 121 LIST_HEAD(, bpf_d) bpf_list; 122 123 static int bpf_allocbufs(struct bpf_d *); 124 static void bpf_deliver(struct bpf_if *, 125 void *(*cpfn)(void *, const void *, size_t), 126 void *, u_int, u_int, struct ifnet *); 127 static void bpf_freed(struct bpf_d *); 128 static void bpf_ifname(struct ifnet *, struct ifreq *); 129 static void *bpf_mcpy(void *, const void *, size_t); 130 static int bpf_movein(struct uio *, int, int, 131 struct mbuf **, struct sockaddr *); 132 static void bpf_attachd(struct bpf_d *, struct bpf_if *); 133 static void bpf_detachd(struct bpf_d *); 134 static int bpf_setif(struct bpf_d *, struct ifreq *); 135 static void bpf_timed_out(void *); 136 static __inline void 137 bpf_wakeup(struct bpf_d *); 138 static void catchpacket(struct bpf_d *, u_char *, u_int, u_int, 139 void *(*)(void *, const void *, size_t)); 140 static void reset_d(struct bpf_d *); 141 static int bpf_getdltlist(struct bpf_d *, struct bpf_dltlist *); 142 static int bpf_setdlt(struct bpf_d *, u_int); 143 144 static int bpf_read(struct file *, off_t *, struct uio *, struct ucred *, 145 int); 146 static int bpf_write(struct file *, off_t *, struct uio *, struct ucred *, 147 int); 148 static int bpf_ioctl(struct file *, u_long, void *, struct proc *); 149 static int bpf_poll(struct file *, int, struct proc *); 150 static int bpf_close(struct file *, struct proc *); 151 static int bpf_kqfilter(struct file *, struct knote *); 152 153 static const struct fileops bpf_fileops = { 154 bpf_read, 155 bpf_write, 156 bpf_ioctl, 157 fnullop_fcntl, 158 bpf_poll, 159 fbadop_stat, 160 bpf_close, 161 bpf_kqfilter, 162 }; 163 164 dev_type_open(bpfopen); 165 166 const struct cdevsw bpf_cdevsw = { 167 bpfopen, noclose, noread, nowrite, noioctl, 168 nostop, notty, nopoll, nommap, nokqfilter, 169 }; 170 171 static int 172 bpf_movein(struct uio *uio, int linktype, int mtu, struct mbuf **mp, 173 struct sockaddr *sockp) 174 { 175 struct mbuf *m; 176 int error; 177 int len; 178 int hlen; 179 int align; 180 181 /* 182 * Build a sockaddr based on the data link layer type. 183 * We do this at this level because the ethernet header 184 * is copied directly into the data field of the sockaddr. 185 * In the case of SLIP, there is no header and the packet 186 * is forwarded as is. 187 * Also, we are careful to leave room at the front of the mbuf 188 * for the link level header. 189 */ 190 switch (linktype) { 191 192 case DLT_SLIP: 193 sockp->sa_family = AF_INET; 194 hlen = 0; 195 align = 0; 196 break; 197 198 case DLT_PPP: 199 sockp->sa_family = AF_UNSPEC; 200 hlen = 0; 201 align = 0; 202 break; 203 204 case DLT_EN10MB: 205 sockp->sa_family = AF_UNSPEC; 206 /* XXX Would MAXLINKHDR be better? */ 207 /* 6(dst)+6(src)+2(type) */ 208 hlen = sizeof(struct ether_header); 209 align = 2; 210 break; 211 212 case DLT_ARCNET: 213 sockp->sa_family = AF_UNSPEC; 214 hlen = ARC_HDRLEN; 215 align = 5; 216 break; 217 218 case DLT_FDDI: 219 sockp->sa_family = AF_LINK; 220 /* XXX 4(FORMAC)+6(dst)+6(src) */ 221 hlen = 16; 222 align = 0; 223 break; 224 225 case DLT_ECONET: 226 sockp->sa_family = AF_UNSPEC; 227 hlen = 6; 228 align = 2; 229 break; 230 231 case DLT_NULL: 232 sockp->sa_family = AF_UNSPEC; 233 hlen = 0; 234 align = 0; 235 break; 236 237 default: 238 return (EIO); 239 } 240 241 len = uio->uio_resid; 242 /* 243 * If there aren't enough bytes for a link level header or the 244 * packet length exceeds the interface mtu, return an error. 245 */ 246 if (len < hlen || len - hlen > mtu) 247 return (EMSGSIZE); 248 249 /* 250 * XXX Avoid complicated buffer chaining --- 251 * bail if it won't fit in a single mbuf. 252 * (Take into account possible alignment bytes) 253 */ 254 if ((unsigned)len > MCLBYTES - align) 255 return (EIO); 256 257 m = m_gethdr(M_WAIT, MT_DATA); 258 m->m_pkthdr.rcvif = 0; 259 m->m_pkthdr.len = len - hlen; 260 if (len > MHLEN - align) { 261 m_clget(m, M_WAIT); 262 if ((m->m_flags & M_EXT) == 0) { 263 error = ENOBUFS; 264 goto bad; 265 } 266 } 267 268 /* Insure the data is properly aligned */ 269 if (align > 0) { 270 m->m_data += align; 271 m->m_len -= align; 272 } 273 274 error = uiomove(mtod(m, void *), len, uio); 275 if (error) 276 goto bad; 277 if (hlen != 0) { 278 memcpy(sockp->sa_data, mtod(m, void *), hlen); 279 m->m_data += hlen; /* XXX */ 280 len -= hlen; 281 } 282 m->m_len = len; 283 *mp = m; 284 return (0); 285 286 bad: 287 m_freem(m); 288 return (error); 289 } 290 291 /* 292 * Attach file to the bpf interface, i.e. make d listen on bp. 293 * Must be called at splnet. 294 */ 295 static void 296 bpf_attachd(struct bpf_d *d, struct bpf_if *bp) 297 { 298 /* 299 * Point d at bp, and add d to the interface's list of listeners. 300 * Finally, point the driver's bpf cookie at the interface so 301 * it will divert packets to bpf. 302 */ 303 d->bd_bif = bp; 304 d->bd_next = bp->bif_dlist; 305 bp->bif_dlist = d; 306 307 *bp->bif_driverp = bp; 308 } 309 310 /* 311 * Detach a file from its interface. 312 */ 313 static void 314 bpf_detachd(struct bpf_d *d) 315 { 316 struct bpf_d **p; 317 struct bpf_if *bp; 318 319 bp = d->bd_bif; 320 /* 321 * Check if this descriptor had requested promiscuous mode. 322 * If so, turn it off. 323 */ 324 if (d->bd_promisc) { 325 int error; 326 327 d->bd_promisc = 0; 328 /* 329 * Take device out of promiscuous mode. Since we were 330 * able to enter promiscuous mode, we should be able 331 * to turn it off. But we can get an error if 332 * the interface was configured down, so only panic 333 * if we don't get an unexpected error. 334 */ 335 error = ifpromisc(bp->bif_ifp, 0); 336 if (error && error != EINVAL) 337 panic("bpf: ifpromisc failed"); 338 } 339 /* Remove d from the interface's descriptor list. */ 340 p = &bp->bif_dlist; 341 while (*p != d) { 342 p = &(*p)->bd_next; 343 if (*p == 0) 344 panic("bpf_detachd: descriptor not in list"); 345 } 346 *p = (*p)->bd_next; 347 if (bp->bif_dlist == 0) 348 /* 349 * Let the driver know that there are no more listeners. 350 */ 351 *d->bd_bif->bif_driverp = 0; 352 d->bd_bif = 0; 353 } 354 355 356 /* 357 * Mark a descriptor free by making it point to itself. 358 * This is probably cheaper than marking with a constant since 359 * the address should be in a register anyway. 360 */ 361 362 /* 363 * bpfilterattach() is called at boot time. 364 */ 365 /* ARGSUSED */ 366 void 367 bpfilterattach(int n) 368 { 369 simple_lock_init(&bpf_slock); 370 371 simple_lock(&bpf_slock); 372 LIST_INIT(&bpf_list); 373 simple_unlock(&bpf_slock); 374 375 bpf_gstats.bs_recv = 0; 376 bpf_gstats.bs_drop = 0; 377 bpf_gstats.bs_capt = 0; 378 } 379 380 /* 381 * Open ethernet device. Clones. 382 */ 383 /* ARGSUSED */ 384 int 385 bpfopen(dev_t dev, int flag, int mode, struct proc *p) 386 { 387 struct bpf_d *d; 388 struct file *fp; 389 int error, fd; 390 391 /* falloc() will use the descriptor for us. */ 392 if ((error = falloc(p, &fp, &fd)) != 0) 393 return error; 394 395 d = malloc(sizeof(*d), M_DEVBUF, M_WAITOK); 396 (void)memset(d, 0, sizeof(*d)); 397 d->bd_bufsize = bpf_bufsize; 398 d->bd_seesent = 1; 399 d->bd_pid = p->p_pid; 400 callout_init(&d->bd_callout); 401 402 simple_lock(&bpf_slock); 403 LIST_INSERT_HEAD(&bpf_list, d, bd_list); 404 simple_unlock(&bpf_slock); 405 406 return fdclone(p, fp, fd, flag, &bpf_fileops, d); 407 } 408 409 /* 410 * Close the descriptor by detaching it from its interface, 411 * deallocating its buffers, and marking it free. 412 */ 413 /* ARGSUSED */ 414 static int 415 bpf_close(struct file *fp, struct proc *p) 416 { 417 struct bpf_d *d = fp->f_data; 418 int s; 419 420 /* 421 * Refresh the PID associated with this bpf file. 422 */ 423 d->bd_pid = p->p_pid; 424 425 s = splnet(); 426 if (d->bd_state == BPF_WAITING) 427 callout_stop(&d->bd_callout); 428 d->bd_state = BPF_IDLE; 429 if (d->bd_bif) 430 bpf_detachd(d); 431 splx(s); 432 bpf_freed(d); 433 simple_lock(&bpf_slock); 434 LIST_REMOVE(d, bd_list); 435 simple_unlock(&bpf_slock); 436 free(d, M_DEVBUF); 437 fp->f_data = NULL; 438 439 return (0); 440 } 441 442 /* 443 * Rotate the packet buffers in descriptor d. Move the store buffer 444 * into the hold slot, and the free buffer into the store slot. 445 * Zero the length of the new store buffer. 446 */ 447 #define ROTATE_BUFFERS(d) \ 448 (d)->bd_hbuf = (d)->bd_sbuf; \ 449 (d)->bd_hlen = (d)->bd_slen; \ 450 (d)->bd_sbuf = (d)->bd_fbuf; \ 451 (d)->bd_slen = 0; \ 452 (d)->bd_fbuf = 0; 453 /* 454 * bpfread - read next chunk of packets from buffers 455 */ 456 static int 457 bpf_read(struct file *fp, off_t *offp, struct uio *uio, 458 struct ucred *cred, int flags) 459 { 460 struct bpf_d *d = fp->f_data; 461 int timed_out; 462 int error; 463 int s; 464 465 /* 466 * Restrict application to use a buffer the same size as 467 * as kernel buffers. 468 */ 469 if (uio->uio_resid != d->bd_bufsize) 470 return (EINVAL); 471 472 s = splnet(); 473 if (d->bd_state == BPF_WAITING) 474 callout_stop(&d->bd_callout); 475 timed_out = (d->bd_state == BPF_TIMED_OUT); 476 d->bd_state = BPF_IDLE; 477 /* 478 * If the hold buffer is empty, then do a timed sleep, which 479 * ends when the timeout expires or when enough packets 480 * have arrived to fill the store buffer. 481 */ 482 while (d->bd_hbuf == 0) { 483 if (fp->f_flag & FNONBLOCK) { 484 if (d->bd_slen == 0) { 485 splx(s); 486 return (EWOULDBLOCK); 487 } 488 ROTATE_BUFFERS(d); 489 break; 490 } 491 492 if ((d->bd_immediate || timed_out) && d->bd_slen != 0) { 493 /* 494 * A packet(s) either arrived since the previous 495 * read or arrived while we were asleep. 496 * Rotate the buffers and return what's here. 497 */ 498 ROTATE_BUFFERS(d); 499 break; 500 } 501 error = tsleep(d, PRINET|PCATCH, "bpf", 502 d->bd_rtout); 503 if (error == EINTR || error == ERESTART) { 504 splx(s); 505 return (error); 506 } 507 if (error == EWOULDBLOCK) { 508 /* 509 * On a timeout, return what's in the buffer, 510 * which may be nothing. If there is something 511 * in the store buffer, we can rotate the buffers. 512 */ 513 if (d->bd_hbuf) 514 /* 515 * We filled up the buffer in between 516 * getting the timeout and arriving 517 * here, so we don't need to rotate. 518 */ 519 break; 520 521 if (d->bd_slen == 0) { 522 splx(s); 523 return (0); 524 } 525 ROTATE_BUFFERS(d); 526 break; 527 } 528 if (error != 0) 529 goto done; 530 } 531 /* 532 * At this point, we know we have something in the hold slot. 533 */ 534 splx(s); 535 536 /* 537 * Move data from hold buffer into user space. 538 * We know the entire buffer is transferred since 539 * we checked above that the read buffer is bpf_bufsize bytes. 540 */ 541 error = uiomove(d->bd_hbuf, d->bd_hlen, uio); 542 543 s = splnet(); 544 d->bd_fbuf = d->bd_hbuf; 545 d->bd_hbuf = 0; 546 d->bd_hlen = 0; 547 done: 548 splx(s); 549 return (error); 550 } 551 552 553 /* 554 * If there are processes sleeping on this descriptor, wake them up. 555 */ 556 static __inline void 557 bpf_wakeup(struct bpf_d *d) 558 { 559 wakeup(d); 560 if (d->bd_async) 561 fownsignal(d->bd_pgid, SIGIO, 0, 0, NULL); 562 563 selnotify(&d->bd_sel, 0); 564 /* XXX */ 565 d->bd_sel.sel_pid = 0; 566 } 567 568 569 static void 570 bpf_timed_out(void *arg) 571 { 572 struct bpf_d *d = arg; 573 int s; 574 575 s = splnet(); 576 if (d->bd_state == BPF_WAITING) { 577 d->bd_state = BPF_TIMED_OUT; 578 if (d->bd_slen != 0) 579 bpf_wakeup(d); 580 } 581 splx(s); 582 } 583 584 585 static int 586 bpf_write(struct file *fp, off_t *offp, struct uio *uio, 587 struct ucred *cred, int flags) 588 { 589 struct bpf_d *d = fp->f_data; 590 struct ifnet *ifp; 591 struct mbuf *m; 592 int error, s; 593 static struct sockaddr_storage dst; 594 595 if (d->bd_bif == 0) 596 return (ENXIO); 597 598 ifp = d->bd_bif->bif_ifp; 599 600 if (uio->uio_resid == 0) 601 return (0); 602 603 error = bpf_movein(uio, (int)d->bd_bif->bif_dlt, ifp->if_mtu, &m, 604 (struct sockaddr *) &dst); 605 if (error) 606 return (error); 607 608 if (m->m_pkthdr.len > ifp->if_mtu) { 609 m_freem(m); 610 return (EMSGSIZE); 611 } 612 613 if (d->bd_hdrcmplt) 614 dst.ss_family = pseudo_AF_HDRCMPLT; 615 616 s = splsoftnet(); 617 error = (*ifp->if_output)(ifp, m, (struct sockaddr *) &dst, NULL); 618 splx(s); 619 /* 620 * The driver frees the mbuf. 621 */ 622 return (error); 623 } 624 625 /* 626 * Reset a descriptor by flushing its packet buffer and clearing the 627 * receive and drop counts. Should be called at splnet. 628 */ 629 static void 630 reset_d(struct bpf_d *d) 631 { 632 if (d->bd_hbuf) { 633 /* Free the hold buffer. */ 634 d->bd_fbuf = d->bd_hbuf; 635 d->bd_hbuf = 0; 636 } 637 d->bd_slen = 0; 638 d->bd_hlen = 0; 639 d->bd_rcount = 0; 640 d->bd_dcount = 0; 641 d->bd_ccount = 0; 642 } 643 644 #ifdef BPF_KERN_FILTER 645 extern struct bpf_insn *bpf_tcp_filter; 646 extern struct bpf_insn *bpf_udp_filter; 647 #endif 648 649 /* 650 * FIONREAD Check for read packet available. 651 * BIOCGBLEN Get buffer len [for read()]. 652 * BIOCSETF Set ethernet read filter. 653 * BIOCFLUSH Flush read packet buffer. 654 * BIOCPROMISC Put interface into promiscuous mode. 655 * BIOCGDLT Get link layer type. 656 * BIOCGETIF Get interface name. 657 * BIOCSETIF Set interface. 658 * BIOCSRTIMEOUT Set read timeout. 659 * BIOCGRTIMEOUT Get read timeout. 660 * BIOCGSTATS Get packet stats. 661 * BIOCIMMEDIATE Set immediate mode. 662 * BIOCVERSION Get filter language version. 663 * BIOGHDRCMPLT Get "header already complete" flag. 664 * BIOSHDRCMPLT Set "header already complete" flag. 665 */ 666 /* ARGSUSED */ 667 static int 668 bpf_ioctl(struct file *fp, u_long cmd, void *addr, struct proc *p) 669 { 670 struct bpf_d *d = fp->f_data; 671 int s, error = 0; 672 #ifdef BPF_KERN_FILTER 673 struct bpf_insn **p; 674 #endif 675 676 /* 677 * Refresh the PID associated with this bpf file. 678 */ 679 d->bd_pid = p->p_pid; 680 681 s = splnet(); 682 if (d->bd_state == BPF_WAITING) 683 callout_stop(&d->bd_callout); 684 d->bd_state = BPF_IDLE; 685 splx(s); 686 687 switch (cmd) { 688 689 default: 690 error = EINVAL; 691 break; 692 693 /* 694 * Check for read packet available. 695 */ 696 case FIONREAD: 697 { 698 int n; 699 700 s = splnet(); 701 n = d->bd_slen; 702 if (d->bd_hbuf) 703 n += d->bd_hlen; 704 splx(s); 705 706 *(int *)addr = n; 707 break; 708 } 709 710 /* 711 * Get buffer len [for read()]. 712 */ 713 case BIOCGBLEN: 714 *(u_int *)addr = d->bd_bufsize; 715 break; 716 717 /* 718 * Set buffer length. 719 */ 720 case BIOCSBLEN: 721 if (d->bd_bif != 0) 722 error = EINVAL; 723 else { 724 u_int size = *(u_int *)addr; 725 726 if (size > bpf_maxbufsize) 727 *(u_int *)addr = size = bpf_maxbufsize; 728 else if (size < BPF_MINBUFSIZE) 729 *(u_int *)addr = size = BPF_MINBUFSIZE; 730 d->bd_bufsize = size; 731 } 732 break; 733 734 /* 735 * Set link layer read filter. 736 */ 737 case BIOCSETF: 738 error = bpf_setf(d, addr); 739 break; 740 741 #ifdef BPF_KERN_FILTER 742 /* 743 * Set TCP or UDP reject filter. 744 */ 745 case BIOCSTCPF: 746 case BIOCSUDPF: 747 if (!suser()) { 748 error = EPERM; 749 break; 750 } 751 752 /* Validate and store filter */ 753 error = bpf_setf(d, addr); 754 755 /* Free possible old filter */ 756 if (cmd == BIOCSTCPF) 757 p = &bpf_tcp_filter; 758 else 759 p = &bpf_udp_filter; 760 if (*p != NULL) 761 free(*p, M_DEVBUF); 762 763 /* Steal new filter (noop if error) */ 764 s = splnet(); 765 *p = d->bd_filter; 766 d->bd_filter = NULL; 767 splx(s); 768 break; 769 #endif 770 771 /* 772 * Flush read packet buffer. 773 */ 774 case BIOCFLUSH: 775 s = splnet(); 776 reset_d(d); 777 splx(s); 778 break; 779 780 /* 781 * Put interface into promiscuous mode. 782 */ 783 case BIOCPROMISC: 784 if (d->bd_bif == 0) { 785 /* 786 * No interface attached yet. 787 */ 788 error = EINVAL; 789 break; 790 } 791 s = splnet(); 792 if (d->bd_promisc == 0) { 793 error = ifpromisc(d->bd_bif->bif_ifp, 1); 794 if (error == 0) 795 d->bd_promisc = 1; 796 } 797 splx(s); 798 break; 799 800 /* 801 * Get device parameters. 802 */ 803 case BIOCGDLT: 804 if (d->bd_bif == 0) 805 error = EINVAL; 806 else 807 *(u_int *)addr = d->bd_bif->bif_dlt; 808 break; 809 810 /* 811 * Get a list of supported device parameters. 812 */ 813 case BIOCGDLTLIST: 814 if (d->bd_bif == 0) 815 error = EINVAL; 816 else 817 error = bpf_getdltlist(d, addr); 818 break; 819 820 /* 821 * Set device parameters. 822 */ 823 case BIOCSDLT: 824 if (d->bd_bif == 0) 825 error = EINVAL; 826 else 827 error = bpf_setdlt(d, *(u_int *)addr); 828 break; 829 830 /* 831 * Set interface name. 832 */ 833 case BIOCGETIF: 834 if (d->bd_bif == 0) 835 error = EINVAL; 836 else 837 bpf_ifname(d->bd_bif->bif_ifp, addr); 838 break; 839 840 /* 841 * Set interface. 842 */ 843 case BIOCSETIF: 844 error = bpf_setif(d, addr); 845 break; 846 847 /* 848 * Set read timeout. 849 */ 850 case BIOCSRTIMEOUT: 851 { 852 struct timeval *tv = addr; 853 854 /* Compute number of ticks. */ 855 d->bd_rtout = tv->tv_sec * hz + tv->tv_usec / tick; 856 if ((d->bd_rtout == 0) && (tv->tv_usec != 0)) 857 d->bd_rtout = 1; 858 break; 859 } 860 861 /* 862 * Get read timeout. 863 */ 864 case BIOCGRTIMEOUT: 865 { 866 struct timeval *tv = addr; 867 868 tv->tv_sec = d->bd_rtout / hz; 869 tv->tv_usec = (d->bd_rtout % hz) * tick; 870 break; 871 } 872 873 /* 874 * Get packet stats. 875 */ 876 case BIOCGSTATS: 877 { 878 struct bpf_stat *bs = addr; 879 880 bs->bs_recv = d->bd_rcount; 881 bs->bs_drop = d->bd_dcount; 882 bs->bs_capt = d->bd_ccount; 883 break; 884 } 885 886 case BIOCGSTATSOLD: 887 { 888 struct bpf_stat_old *bs = addr; 889 890 bs->bs_recv = d->bd_rcount; 891 bs->bs_drop = d->bd_dcount; 892 break; 893 } 894 895 /* 896 * Set immediate mode. 897 */ 898 case BIOCIMMEDIATE: 899 d->bd_immediate = *(u_int *)addr; 900 break; 901 902 case BIOCVERSION: 903 { 904 struct bpf_version *bv = addr; 905 906 bv->bv_major = BPF_MAJOR_VERSION; 907 bv->bv_minor = BPF_MINOR_VERSION; 908 break; 909 } 910 911 case BIOCGHDRCMPLT: /* get "header already complete" flag */ 912 *(u_int *)addr = d->bd_hdrcmplt; 913 break; 914 915 case BIOCSHDRCMPLT: /* set "header already complete" flag */ 916 d->bd_hdrcmplt = *(u_int *)addr ? 1 : 0; 917 break; 918 919 /* 920 * Get "see sent packets" flag 921 */ 922 case BIOCGSEESENT: 923 *(u_int *)addr = d->bd_seesent; 924 break; 925 926 /* 927 * Set "see sent" packets flag 928 */ 929 case BIOCSSEESENT: 930 d->bd_seesent = *(u_int *)addr; 931 break; 932 933 case FIONBIO: /* Non-blocking I/O */ 934 /* 935 * No need to do anything special as we use IO_NDELAY in 936 * bpfread() as an indication of whether or not to block 937 * the read. 938 */ 939 break; 940 941 case FIOASYNC: /* Send signal on receive packets */ 942 d->bd_async = *(int *)addr; 943 break; 944 945 case TIOCSPGRP: /* Process or group to send signals to */ 946 case FIOSETOWN: 947 error = fsetown(p, &d->bd_pgid, cmd, addr); 948 break; 949 950 case TIOCGPGRP: 951 case FIOGETOWN: 952 error = fgetown(p, d->bd_pgid, cmd, addr); 953 break; 954 } 955 return (error); 956 } 957 958 /* 959 * Set d's packet filter program to fp. If this file already has a filter, 960 * free it and replace it. Returns EINVAL for bogus requests. 961 */ 962 int 963 bpf_setf(struct bpf_d *d, struct bpf_program *fp) 964 { 965 struct bpf_insn *fcode, *old; 966 u_int flen, size; 967 int s; 968 969 old = d->bd_filter; 970 if (fp->bf_insns == 0) { 971 if (fp->bf_len != 0) 972 return (EINVAL); 973 s = splnet(); 974 d->bd_filter = 0; 975 reset_d(d); 976 splx(s); 977 if (old != 0) 978 free(old, M_DEVBUF); 979 return (0); 980 } 981 flen = fp->bf_len; 982 if (flen > BPF_MAXINSNS) 983 return (EINVAL); 984 985 size = flen * sizeof(*fp->bf_insns); 986 fcode = malloc(size, M_DEVBUF, M_WAITOK); 987 if (copyin(fp->bf_insns, fcode, size) == 0 && 988 bpf_validate(fcode, (int)flen)) { 989 s = splnet(); 990 d->bd_filter = fcode; 991 reset_d(d); 992 splx(s); 993 if (old != 0) 994 free(old, M_DEVBUF); 995 996 return (0); 997 } 998 free(fcode, M_DEVBUF); 999 return (EINVAL); 1000 } 1001 1002 /* 1003 * Detach a file from its current interface (if attached at all) and attach 1004 * to the interface indicated by the name stored in ifr. 1005 * Return an errno or 0. 1006 */ 1007 static int 1008 bpf_setif(struct bpf_d *d, struct ifreq *ifr) 1009 { 1010 struct bpf_if *bp; 1011 char *cp; 1012 int unit_seen, i, s, error; 1013 1014 /* 1015 * Make sure the provided name has a unit number, and default 1016 * it to '0' if not specified. 1017 * XXX This is ugly ... do this differently? 1018 */ 1019 unit_seen = 0; 1020 cp = ifr->ifr_name; 1021 cp[sizeof(ifr->ifr_name) - 1] = '\0'; /* sanity */ 1022 while (*cp++) 1023 if (*cp >= '0' && *cp <= '9') 1024 unit_seen = 1; 1025 if (!unit_seen) { 1026 /* Make sure to leave room for the '\0'. */ 1027 for (i = 0; i < (IFNAMSIZ - 1); ++i) { 1028 if ((ifr->ifr_name[i] >= 'a' && 1029 ifr->ifr_name[i] <= 'z') || 1030 (ifr->ifr_name[i] >= 'A' && 1031 ifr->ifr_name[i] <= 'Z')) 1032 continue; 1033 ifr->ifr_name[i] = '0'; 1034 } 1035 } 1036 1037 /* 1038 * Look through attached interfaces for the named one. 1039 */ 1040 for (bp = bpf_iflist; bp != 0; bp = bp->bif_next) { 1041 struct ifnet *ifp = bp->bif_ifp; 1042 1043 if (ifp == 0 || 1044 strcmp(ifp->if_xname, ifr->ifr_name) != 0) 1045 continue; 1046 /* skip additional entry */ 1047 if (bp->bif_driverp != (struct bpf_if **)&ifp->if_bpf) 1048 continue; 1049 /* 1050 * We found the requested interface. 1051 * Allocate the packet buffers if we need to. 1052 * If we're already attached to requested interface, 1053 * just flush the buffer. 1054 */ 1055 if (d->bd_sbuf == 0) { 1056 error = bpf_allocbufs(d); 1057 if (error != 0) 1058 return (error); 1059 } 1060 s = splnet(); 1061 if (bp != d->bd_bif) { 1062 if (d->bd_bif) 1063 /* 1064 * Detach if attached to something else. 1065 */ 1066 bpf_detachd(d); 1067 1068 bpf_attachd(d, bp); 1069 } 1070 reset_d(d); 1071 splx(s); 1072 return (0); 1073 } 1074 /* Not found. */ 1075 return (ENXIO); 1076 } 1077 1078 /* 1079 * Copy the interface name to the ifreq. 1080 */ 1081 static void 1082 bpf_ifname(struct ifnet *ifp, struct ifreq *ifr) 1083 { 1084 memcpy(ifr->ifr_name, ifp->if_xname, IFNAMSIZ); 1085 } 1086 1087 /* 1088 * Support for poll() system call 1089 * 1090 * Return true iff the specific operation will not block indefinitely - with 1091 * the assumption that it is safe to positively acknowledge a request for the 1092 * ability to write to the BPF device. 1093 * Otherwise, return false but make a note that a selwakeup() must be done. 1094 */ 1095 static int 1096 bpf_poll(struct file *fp, int events, struct proc *p) 1097 { 1098 struct bpf_d *d = fp->f_data; 1099 int s = splnet(); 1100 int revents; 1101 1102 /* 1103 * Refresh the PID associated with this bpf file. 1104 */ 1105 d->bd_pid = p->p_pid; 1106 1107 revents = events & (POLLOUT | POLLWRNORM); 1108 if (events & (POLLIN | POLLRDNORM)) { 1109 /* 1110 * An imitation of the FIONREAD ioctl code. 1111 */ 1112 if ((d->bd_hlen != 0) || 1113 (d->bd_immediate && d->bd_slen != 0)) { 1114 revents |= events & (POLLIN | POLLRDNORM); 1115 } else if (d->bd_state == BPF_TIMED_OUT) { 1116 if (d->bd_slen != 0) 1117 revents |= events & (POLLIN | POLLRDNORM); 1118 else 1119 revents |= events & POLLIN; 1120 } else { 1121 selrecord(p, &d->bd_sel); 1122 /* Start the read timeout if necessary */ 1123 if (d->bd_rtout > 0 && d->bd_state == BPF_IDLE) { 1124 callout_reset(&d->bd_callout, d->bd_rtout, 1125 bpf_timed_out, d); 1126 d->bd_state = BPF_WAITING; 1127 } 1128 } 1129 } 1130 1131 splx(s); 1132 return (revents); 1133 } 1134 1135 static void 1136 filt_bpfrdetach(struct knote *kn) 1137 { 1138 struct bpf_d *d = kn->kn_hook; 1139 int s; 1140 1141 s = splnet(); 1142 SLIST_REMOVE(&d->bd_sel.sel_klist, kn, knote, kn_selnext); 1143 splx(s); 1144 } 1145 1146 static int 1147 filt_bpfread(struct knote *kn, long hint) 1148 { 1149 struct bpf_d *d = kn->kn_hook; 1150 1151 kn->kn_data = d->bd_hlen; 1152 if (d->bd_immediate) 1153 kn->kn_data += d->bd_slen; 1154 return (kn->kn_data > 0); 1155 } 1156 1157 static const struct filterops bpfread_filtops = 1158 { 1, NULL, filt_bpfrdetach, filt_bpfread }; 1159 1160 static int 1161 bpf_kqfilter(struct file *fp, struct knote *kn) 1162 { 1163 struct bpf_d *d = fp->f_data; 1164 struct klist *klist; 1165 int s; 1166 1167 switch (kn->kn_filter) { 1168 case EVFILT_READ: 1169 klist = &d->bd_sel.sel_klist; 1170 kn->kn_fop = &bpfread_filtops; 1171 break; 1172 1173 default: 1174 return (1); 1175 } 1176 1177 kn->kn_hook = d; 1178 1179 s = splnet(); 1180 SLIST_INSERT_HEAD(klist, kn, kn_selnext); 1181 splx(s); 1182 1183 return (0); 1184 } 1185 1186 /* 1187 * Incoming linkage from device drivers. Process the packet pkt, of length 1188 * pktlen, which is stored in a contiguous buffer. The packet is parsed 1189 * by each process' filter, and if accepted, stashed into the corresponding 1190 * buffer. 1191 */ 1192 void 1193 bpf_tap(void *arg, u_char *pkt, u_int pktlen) 1194 { 1195 struct bpf_if *bp; 1196 struct bpf_d *d; 1197 u_int slen; 1198 /* 1199 * Note that the ipl does not have to be raised at this point. 1200 * The only problem that could arise here is that if two different 1201 * interfaces shared any data. This is not the case. 1202 */ 1203 bp = arg; 1204 for (d = bp->bif_dlist; d != 0; d = d->bd_next) { 1205 ++d->bd_rcount; 1206 ++bpf_gstats.bs_recv; 1207 slen = bpf_filter(d->bd_filter, pkt, pktlen, pktlen); 1208 if (slen != 0) 1209 catchpacket(d, pkt, pktlen, slen, memcpy); 1210 } 1211 } 1212 1213 /* 1214 * Copy data from an mbuf chain into a buffer. This code is derived 1215 * from m_copydata in sys/uipc_mbuf.c. 1216 */ 1217 static void * 1218 bpf_mcpy(void *dst_arg, const void *src_arg, size_t len) 1219 { 1220 const struct mbuf *m; 1221 u_int count; 1222 u_char *dst; 1223 1224 m = src_arg; 1225 dst = dst_arg; 1226 while (len > 0) { 1227 if (m == 0) 1228 panic("bpf_mcpy"); 1229 count = min(m->m_len, len); 1230 memcpy(dst, mtod(m, void *), count); 1231 m = m->m_next; 1232 dst += count; 1233 len -= count; 1234 } 1235 return (dst_arg); 1236 } 1237 1238 /* 1239 * Dispatch a packet to all the listeners on interface bp. 1240 * 1241 * marg pointer to the packet, either a data buffer or an mbuf chain 1242 * buflen buffer length, if marg is a data buffer 1243 * cpfn a function that can copy marg into the listener's buffer 1244 * pktlen length of the packet 1245 * rcvif either NULL or the interface the packet came in on. 1246 */ 1247 static __inline void 1248 bpf_deliver(struct bpf_if *bp, void *(*cpfn)(void *, const void *, size_t), 1249 void *marg, u_int pktlen, u_int buflen, struct ifnet *rcvif) 1250 { 1251 u_int slen; 1252 struct bpf_d *d; 1253 1254 for (d = bp->bif_dlist; d != 0; d = d->bd_next) { 1255 if (!d->bd_seesent && (rcvif == NULL)) 1256 continue; 1257 ++d->bd_rcount; 1258 ++bpf_gstats.bs_recv; 1259 slen = bpf_filter(d->bd_filter, marg, pktlen, buflen); 1260 if (slen != 0) 1261 catchpacket(d, marg, pktlen, slen, cpfn); 1262 } 1263 } 1264 1265 /* 1266 * Incoming linkage from device drivers, when the head of the packet is in 1267 * a buffer, and the tail is in an mbuf chain. 1268 */ 1269 void 1270 bpf_mtap2(void *arg, void *data, u_int dlen, struct mbuf *m) 1271 { 1272 struct bpf_if *bp = arg; 1273 u_int pktlen; 1274 struct mbuf mb; 1275 1276 pktlen = m_length(m) + dlen; 1277 1278 /* 1279 * Craft on-stack mbuf suitable for passing to bpf_filter. 1280 * Note that we cut corners here; we only setup what's 1281 * absolutely needed--this mbuf should never go anywhere else. 1282 */ 1283 (void)memset(&mb, 0, sizeof(mb)); 1284 mb.m_next = m; 1285 mb.m_data = data; 1286 mb.m_len = dlen; 1287 1288 bpf_deliver(bp, bpf_mcpy, &mb, pktlen, 0, m->m_pkthdr.rcvif); 1289 } 1290 1291 /* 1292 * Incoming linkage from device drivers, when packet is in an mbuf chain. 1293 */ 1294 void 1295 bpf_mtap(void *arg, struct mbuf *m) 1296 { 1297 void *(*cpfn)(void *, const void *, size_t); 1298 struct bpf_if *bp = arg; 1299 u_int pktlen, buflen; 1300 void *marg; 1301 1302 pktlen = m_length(m); 1303 1304 if (pktlen == m->m_len) { 1305 cpfn = memcpy; 1306 marg = mtod(m, void *); 1307 buflen = pktlen; 1308 } else { 1309 cpfn = bpf_mcpy; 1310 marg = m; 1311 buflen = 0; 1312 } 1313 1314 bpf_deliver(bp, cpfn, marg, pktlen, buflen, m->m_pkthdr.rcvif); 1315 } 1316 1317 /* 1318 * We need to prepend the address family as 1319 * a four byte field. Cons up a dummy header 1320 * to pacify bpf. This is safe because bpf 1321 * will only read from the mbuf (i.e., it won't 1322 * try to free it or keep a pointer a to it). 1323 */ 1324 void 1325 bpf_mtap_af(void *arg, u_int32_t af, struct mbuf *m) 1326 { 1327 struct mbuf m0; 1328 1329 m0.m_flags = 0; 1330 m0.m_next = m; 1331 m0.m_len = 4; 1332 m0.m_data = (char *)⁡ 1333 1334 bpf_mtap(arg, &m0); 1335 } 1336 1337 void 1338 bpf_mtap_et(void *arg, u_int16_t et, struct mbuf *m) 1339 { 1340 struct mbuf m0; 1341 1342 m0.m_flags = 0; 1343 m0.m_next = m; 1344 m0.m_len = 14; 1345 m0.m_data = m0.m_dat; 1346 1347 ((u_int32_t *)m0.m_data)[0] = 0; 1348 ((u_int32_t *)m0.m_data)[1] = 0; 1349 ((u_int32_t *)m0.m_data)[2] = 0; 1350 ((u_int16_t *)m0.m_data)[6] = et; 1351 1352 bpf_mtap(arg, &m0); 1353 } 1354 1355 #if NSL > 0 || NSTRIP > 0 1356 /* 1357 * Put the SLIP pseudo-"link header" in place. 1358 * Note this M_PREPEND() should never fail, 1359 * swince we know we always have enough space 1360 * in the input buffer. 1361 */ 1362 void 1363 bpf_mtap_sl_in(void *arg, u_char *chdr, struct mbuf **m) 1364 { 1365 int s; 1366 u_char *hp; 1367 1368 M_PREPEND(*m, SLIP_HDRLEN, M_DONTWAIT); 1369 if (*m == NULL) 1370 return; 1371 1372 hp = mtod(*m, u_char *); 1373 hp[SLX_DIR] = SLIPDIR_IN; 1374 (void)memcpy(&hp[SLX_CHDR], chdr, CHDR_LEN); 1375 1376 s = splnet(); 1377 bpf_mtap(arg, *m); 1378 splx(s); 1379 1380 m_adj(*m, SLIP_HDRLEN); 1381 } 1382 1383 /* 1384 * Put the SLIP pseudo-"link header" in 1385 * place. The compressed header is now 1386 * at the beginning of the mbuf. 1387 */ 1388 void 1389 bpf_mtap_sl_out(void *arg, u_char *chdr, struct mbuf *m) 1390 { 1391 struct mbuf m0; 1392 u_char *hp; 1393 int s; 1394 1395 m0.m_flags = 0; 1396 m0.m_next = m; 1397 m0.m_data = m0.m_dat; 1398 m0.m_len = SLIP_HDRLEN; 1399 1400 hp = mtod(&m0, u_char *); 1401 1402 hp[SLX_DIR] = SLIPDIR_OUT; 1403 (void)memcpy(&hp[SLX_CHDR], chdr, CHDR_LEN); 1404 1405 s = splnet(); 1406 bpf_mtap(arg, &m0); 1407 splx(s); 1408 m_freem(m); 1409 } 1410 #endif 1411 1412 /* 1413 * Move the packet data from interface memory (pkt) into the 1414 * store buffer. Return 1 if it's time to wakeup a listener (buffer full), 1415 * otherwise 0. "copy" is the routine called to do the actual data 1416 * transfer. memcpy is passed in to copy contiguous chunks, while 1417 * bpf_mcpy is passed in to copy mbuf chains. In the latter case, 1418 * pkt is really an mbuf. 1419 */ 1420 static void 1421 catchpacket(struct bpf_d *d, u_char *pkt, u_int pktlen, u_int snaplen, 1422 void *(*cpfn)(void *, const void *, size_t)) 1423 { 1424 struct bpf_hdr *hp; 1425 int totlen, curlen; 1426 int hdrlen = d->bd_bif->bif_hdrlen; 1427 1428 ++d->bd_ccount; 1429 ++bpf_gstats.bs_capt; 1430 /* 1431 * Figure out how many bytes to move. If the packet is 1432 * greater or equal to the snapshot length, transfer that 1433 * much. Otherwise, transfer the whole packet (unless 1434 * we hit the buffer size limit). 1435 */ 1436 totlen = hdrlen + min(snaplen, pktlen); 1437 if (totlen > d->bd_bufsize) 1438 totlen = d->bd_bufsize; 1439 1440 /* 1441 * Round up the end of the previous packet to the next longword. 1442 */ 1443 curlen = BPF_WORDALIGN(d->bd_slen); 1444 if (curlen + totlen > d->bd_bufsize) { 1445 /* 1446 * This packet will overflow the storage buffer. 1447 * Rotate the buffers if we can, then wakeup any 1448 * pending reads. 1449 */ 1450 if (d->bd_fbuf == 0) { 1451 /* 1452 * We haven't completed the previous read yet, 1453 * so drop the packet. 1454 */ 1455 ++d->bd_dcount; 1456 ++bpf_gstats.bs_drop; 1457 return; 1458 } 1459 ROTATE_BUFFERS(d); 1460 bpf_wakeup(d); 1461 curlen = 0; 1462 } 1463 1464 /* 1465 * Append the bpf header. 1466 */ 1467 hp = (struct bpf_hdr *)(d->bd_sbuf + curlen); 1468 microtime(&hp->bh_tstamp); 1469 hp->bh_datalen = pktlen; 1470 hp->bh_hdrlen = hdrlen; 1471 /* 1472 * Copy the packet data into the store buffer and update its length. 1473 */ 1474 (*cpfn)((u_char *)hp + hdrlen, pkt, (hp->bh_caplen = totlen - hdrlen)); 1475 d->bd_slen = curlen + totlen; 1476 1477 /* 1478 * Call bpf_wakeup after bd_slen has been updated so that kevent(2) 1479 * will cause filt_bpfread() to be called with it adjusted. 1480 */ 1481 if (d->bd_immediate || d->bd_state == BPF_TIMED_OUT) 1482 /* 1483 * Immediate mode is set, or the read timeout has 1484 * already expired during a select call. A packet 1485 * arrived, so the reader should be woken up. 1486 */ 1487 bpf_wakeup(d); 1488 } 1489 1490 /* 1491 * Initialize all nonzero fields of a descriptor. 1492 */ 1493 static int 1494 bpf_allocbufs(struct bpf_d *d) 1495 { 1496 1497 d->bd_fbuf = malloc(d->bd_bufsize, M_DEVBUF, M_NOWAIT); 1498 if (!d->bd_fbuf) 1499 return (ENOBUFS); 1500 d->bd_sbuf = malloc(d->bd_bufsize, M_DEVBUF, M_NOWAIT); 1501 if (!d->bd_sbuf) { 1502 free(d->bd_fbuf, M_DEVBUF); 1503 return (ENOBUFS); 1504 } 1505 d->bd_slen = 0; 1506 d->bd_hlen = 0; 1507 return (0); 1508 } 1509 1510 /* 1511 * Free buffers currently in use by a descriptor. 1512 * Called on close. 1513 */ 1514 static void 1515 bpf_freed(struct bpf_d *d) 1516 { 1517 /* 1518 * We don't need to lock out interrupts since this descriptor has 1519 * been detached from its interface and it yet hasn't been marked 1520 * free. 1521 */ 1522 if (d->bd_sbuf != 0) { 1523 free(d->bd_sbuf, M_DEVBUF); 1524 if (d->bd_hbuf != 0) 1525 free(d->bd_hbuf, M_DEVBUF); 1526 if (d->bd_fbuf != 0) 1527 free(d->bd_fbuf, M_DEVBUF); 1528 } 1529 if (d->bd_filter) 1530 free(d->bd_filter, M_DEVBUF); 1531 } 1532 1533 /* 1534 * Attach an interface to bpf. dlt is the link layer type; hdrlen is the 1535 * fixed size of the link header (variable length headers not yet supported). 1536 */ 1537 void 1538 bpfattach(struct ifnet *ifp, u_int dlt, u_int hdrlen) 1539 { 1540 1541 bpfattach2(ifp, dlt, hdrlen, &ifp->if_bpf); 1542 } 1543 1544 /* 1545 * Attach additional dlt for a interface to bpf. dlt is the link layer type; 1546 * hdrlen is the fixed size of the link header for the specified dlt 1547 * (variable length headers not yet supported). 1548 */ 1549 void 1550 bpfattach2(struct ifnet *ifp, u_int dlt, u_int hdrlen, void *driverp) 1551 { 1552 struct bpf_if *bp; 1553 bp = malloc(sizeof(*bp), M_DEVBUF, M_DONTWAIT); 1554 if (bp == 0) 1555 panic("bpfattach"); 1556 1557 bp->bif_dlist = 0; 1558 bp->bif_driverp = driverp; 1559 bp->bif_ifp = ifp; 1560 bp->bif_dlt = dlt; 1561 1562 bp->bif_next = bpf_iflist; 1563 bpf_iflist = bp; 1564 1565 *bp->bif_driverp = 0; 1566 1567 /* 1568 * Compute the length of the bpf header. This is not necessarily 1569 * equal to SIZEOF_BPF_HDR because we want to insert spacing such 1570 * that the network layer header begins on a longword boundary (for 1571 * performance reasons and to alleviate alignment restrictions). 1572 */ 1573 bp->bif_hdrlen = BPF_WORDALIGN(hdrlen + SIZEOF_BPF_HDR) - hdrlen; 1574 1575 #if 0 1576 printf("bpf: %s attached\n", ifp->if_xname); 1577 #endif 1578 } 1579 1580 /* 1581 * Remove an interface from bpf. 1582 */ 1583 void 1584 bpfdetach(struct ifnet *ifp) 1585 { 1586 struct bpf_if *bp, **pbp; 1587 struct bpf_d *d; 1588 int s; 1589 1590 /* Nuke the vnodes for any open instances */ 1591 for (d = LIST_FIRST(&bpf_list); d != NULL; d = LIST_NEXT(d, bd_list)) { 1592 if (d->bd_bif != NULL && d->bd_bif->bif_ifp == ifp) { 1593 /* 1594 * Detach the descriptor from an interface now. 1595 * It will be free'ed later by close routine. 1596 */ 1597 s = splnet(); 1598 d->bd_promisc = 0; /* we can't touch device. */ 1599 bpf_detachd(d); 1600 splx(s); 1601 } 1602 } 1603 1604 again: 1605 for (bp = bpf_iflist, pbp = &bpf_iflist; 1606 bp != NULL; pbp = &bp->bif_next, bp = bp->bif_next) { 1607 if (bp->bif_ifp == ifp) { 1608 *pbp = bp->bif_next; 1609 free(bp, M_DEVBUF); 1610 goto again; 1611 } 1612 } 1613 } 1614 1615 /* 1616 * Change the data link type of a interface. 1617 */ 1618 void 1619 bpf_change_type(struct ifnet *ifp, u_int dlt, u_int hdrlen) 1620 { 1621 struct bpf_if *bp; 1622 1623 for (bp = bpf_iflist; bp != NULL; bp = bp->bif_next) { 1624 if (bp->bif_driverp == (struct bpf_if **)&ifp->if_bpf) 1625 break; 1626 } 1627 if (bp == NULL) 1628 panic("bpf_change_type"); 1629 1630 bp->bif_dlt = dlt; 1631 1632 /* 1633 * Compute the length of the bpf header. This is not necessarily 1634 * equal to SIZEOF_BPF_HDR because we want to insert spacing such 1635 * that the network layer header begins on a longword boundary (for 1636 * performance reasons and to alleviate alignment restrictions). 1637 */ 1638 bp->bif_hdrlen = BPF_WORDALIGN(hdrlen + SIZEOF_BPF_HDR) - hdrlen; 1639 } 1640 1641 /* 1642 * Get a list of available data link type of the interface. 1643 */ 1644 static int 1645 bpf_getdltlist(struct bpf_d *d, struct bpf_dltlist *bfl) 1646 { 1647 int n, error; 1648 struct ifnet *ifp; 1649 struct bpf_if *bp; 1650 1651 ifp = d->bd_bif->bif_ifp; 1652 n = 0; 1653 error = 0; 1654 for (bp = bpf_iflist; bp != NULL; bp = bp->bif_next) { 1655 if (bp->bif_ifp != ifp) 1656 continue; 1657 if (bfl->bfl_list != NULL) { 1658 if (n >= bfl->bfl_len) 1659 return ENOMEM; 1660 error = copyout(&bp->bif_dlt, 1661 bfl->bfl_list + n, sizeof(u_int)); 1662 } 1663 n++; 1664 } 1665 bfl->bfl_len = n; 1666 return error; 1667 } 1668 1669 /* 1670 * Set the data link type of a BPF instance. 1671 */ 1672 static int 1673 bpf_setdlt(struct bpf_d *d, u_int dlt) 1674 { 1675 int s, error, opromisc; 1676 struct ifnet *ifp; 1677 struct bpf_if *bp; 1678 1679 if (d->bd_bif->bif_dlt == dlt) 1680 return 0; 1681 ifp = d->bd_bif->bif_ifp; 1682 for (bp = bpf_iflist; bp != NULL; bp = bp->bif_next) { 1683 if (bp->bif_ifp == ifp && bp->bif_dlt == dlt) 1684 break; 1685 } 1686 if (bp == NULL) 1687 return EINVAL; 1688 s = splnet(); 1689 opromisc = d->bd_promisc; 1690 bpf_detachd(d); 1691 bpf_attachd(d, bp); 1692 reset_d(d); 1693 if (opromisc) { 1694 error = ifpromisc(bp->bif_ifp, 1); 1695 if (error) 1696 printf("%s: bpf_setdlt: ifpromisc failed (%d)\n", 1697 bp->bif_ifp->if_xname, error); 1698 else 1699 d->bd_promisc = 1; 1700 } 1701 splx(s); 1702 return 0; 1703 } 1704 1705 static int 1706 sysctl_net_bpf_maxbufsize(SYSCTLFN_ARGS) 1707 { 1708 int newsize, error; 1709 struct sysctlnode node; 1710 1711 node = *rnode; 1712 node.sysctl_data = &newsize; 1713 newsize = bpf_maxbufsize; 1714 error = sysctl_lookup(SYSCTLFN_CALL(&node)); 1715 if (error || newp == NULL) 1716 return (error); 1717 1718 if (newsize < BPF_MINBUFSIZE || newsize > BPF_MAXBUFSIZE) 1719 return (EINVAL); 1720 1721 bpf_maxbufsize = newsize; 1722 1723 return (0); 1724 } 1725 1726 static int 1727 sysctl_net_bpf_peers(SYSCTLFN_ARGS) 1728 { 1729 int error, elem_count; 1730 struct bpf_d *dp; 1731 struct bpf_d_ext dpe; 1732 size_t len, needed, elem_size, out_size; 1733 char *sp; 1734 1735 if (namelen == 1 && name[0] == CTL_QUERY) 1736 return (sysctl_query(SYSCTLFN_CALL(rnode))); 1737 1738 if (namelen != 2) 1739 return (EINVAL); 1740 1741 if ((error = suser(l->l_proc->p_ucred, &l->l_proc->p_acflag))) 1742 return (error); 1743 1744 len = (oldp != NULL) ? *oldlenp : 0; 1745 sp = oldp; 1746 elem_size = name[0]; 1747 elem_count = name[1]; 1748 out_size = MIN(sizeof(dpe), elem_size); 1749 needed = 0; 1750 1751 if (elem_size < 1 || elem_count < 0) 1752 return (EINVAL); 1753 1754 simple_lock(&bpf_slock); 1755 LIST_FOREACH(dp, &bpf_list, bd_list) { 1756 if (len >= elem_size && elem_count > 0) { 1757 #define BPF_EXT(field) dpe.bde_ ## field = dp->bd_ ## field 1758 BPF_EXT(bufsize); 1759 BPF_EXT(promisc); 1760 BPF_EXT(promisc); 1761 BPF_EXT(state); 1762 BPF_EXT(immediate); 1763 BPF_EXT(hdrcmplt); 1764 BPF_EXT(seesent); 1765 BPF_EXT(pid); 1766 BPF_EXT(rcount); 1767 BPF_EXT(dcount); 1768 BPF_EXT(ccount); 1769 #undef BPF_EXT 1770 if (dp->bd_bif) 1771 (void)strlcpy(dpe.bde_ifname, 1772 dp->bd_bif->bif_ifp->if_xname, 1773 IFNAMSIZ - 1); 1774 else 1775 dpe.bde_ifname[0] = '\0'; 1776 1777 error = copyout(&dpe, sp, out_size); 1778 if (error) 1779 break; 1780 sp += elem_size; 1781 len -= elem_size; 1782 } 1783 if (elem_count > 0) { 1784 needed += elem_size; 1785 if (elem_count != INT_MAX) 1786 elem_count--; 1787 } 1788 } 1789 simple_unlock(&bpf_slock); 1790 1791 *oldlenp = needed; 1792 1793 return (error); 1794 } 1795 1796 SYSCTL_SETUP(sysctl_net_bpf_setup, "sysctl net.bpf subtree setup") 1797 { 1798 const struct sysctlnode *node; 1799 1800 sysctl_createv(clog, 0, NULL, NULL, 1801 CTLFLAG_PERMANENT, 1802 CTLTYPE_NODE, "net", NULL, 1803 NULL, 0, NULL, 0, 1804 CTL_NET, CTL_EOL); 1805 1806 node = NULL; 1807 sysctl_createv(clog, 0, NULL, &node, 1808 CTLFLAG_PERMANENT, 1809 CTLTYPE_NODE, "bpf", 1810 SYSCTL_DESCR("BPF options"), 1811 NULL, 0, NULL, 0, 1812 CTL_NET, CTL_CREATE, CTL_EOL); 1813 if (node != NULL) { 1814 sysctl_createv(clog, 0, NULL, NULL, 1815 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1816 CTLTYPE_INT, "maxbufsize", 1817 SYSCTL_DESCR("Maximum size for data capture buffer"), 1818 sysctl_net_bpf_maxbufsize, 0, &bpf_maxbufsize, 0, 1819 CTL_NET, node->sysctl_num, CTL_CREATE, CTL_EOL); 1820 sysctl_createv(clog, 0, NULL, NULL, 1821 CTLFLAG_PERMANENT, 1822 CTLTYPE_STRUCT, "stats", 1823 SYSCTL_DESCR("BPF stats"), 1824 NULL, 0, &bpf_gstats, sizeof(bpf_gstats), 1825 CTL_NET, node->sysctl_num, CTL_CREATE, CTL_EOL); 1826 sysctl_createv(clog, 0, NULL, NULL, 1827 CTLFLAG_PERMANENT, 1828 CTLTYPE_STRUCT, "peers", 1829 SYSCTL_DESCR("BPF peers"), 1830 sysctl_net_bpf_peers, 0, NULL, 0, 1831 CTL_NET, node->sysctl_num, CTL_CREATE, CTL_EOL); 1832 } 1833 1834 } 1835