1 /* $NetBSD: bpf.c,v 1.115 2005/12/26 15:45:48 rpaulo Exp $ */ 2 3 /* 4 * Copyright (c) 1990, 1991, 1993 5 * The Regents of the University of California. All rights reserved. 6 * 7 * This code is derived from the Stanford/CMU enet packet filter, 8 * (net/enet.c) distributed as part of 4.3BSD, and code contributed 9 * to Berkeley by Steven McCanne and Van Jacobson both of Lawrence 10 * Berkeley Laboratory. 11 * 12 * Redistribution and use in source and binary forms, with or without 13 * modification, are permitted provided that the following conditions 14 * are met: 15 * 1. Redistributions of source code must retain the above copyright 16 * notice, this list of conditions and the following disclaimer. 17 * 2. Redistributions in binary form must reproduce the above copyright 18 * notice, this list of conditions and the following disclaimer in the 19 * documentation and/or other materials provided with the distribution. 20 * 3. Neither the name of the University nor the names of its contributors 21 * may be used to endorse or promote products derived from this software 22 * without specific prior written permission. 23 * 24 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 25 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 26 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 27 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 28 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 29 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 30 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 31 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 32 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 33 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 34 * SUCH DAMAGE. 35 * 36 * @(#)bpf.c 8.4 (Berkeley) 1/9/95 37 * static char rcsid[] = 38 * "Header: bpf.c,v 1.67 96/09/26 22:00:52 leres Exp "; 39 */ 40 41 #include <sys/cdefs.h> 42 __KERNEL_RCSID(0, "$NetBSD: bpf.c,v 1.115 2005/12/26 15:45:48 rpaulo Exp $"); 43 44 #include <sys/param.h> 45 #include <sys/systm.h> 46 #include <sys/mbuf.h> 47 #include <sys/buf.h> 48 #include <sys/time.h> 49 #include <sys/proc.h> 50 #include <sys/user.h> 51 #include <sys/ioctl.h> 52 #include <sys/conf.h> 53 #include <sys/vnode.h> 54 #include <sys/queue.h> 55 56 #include <sys/file.h> 57 #include <sys/filedesc.h> 58 #include <sys/tty.h> 59 #include <sys/uio.h> 60 61 #include <sys/protosw.h> 62 #include <sys/socket.h> 63 #include <sys/errno.h> 64 #include <sys/kernel.h> 65 #include <sys/poll.h> 66 #include <sys/sysctl.h> 67 68 #include <net/if.h> 69 #include <net/slip.h> 70 71 #include <net/bpf.h> 72 #include <net/bpfdesc.h> 73 74 #include <net/if_arc.h> 75 #include <net/if_ether.h> 76 77 #include <netinet/in.h> 78 #include <netinet/if_inarp.h> 79 80 #if defined(_KERNEL_OPT) 81 #include "opt_bpf.h" 82 #include "sl.h" 83 #include "strip.h" 84 #endif 85 86 #ifndef BPF_BUFSIZE 87 /* 88 * 4096 is too small for FDDI frames. 8192 is too small for gigabit Ethernet 89 * jumbos (circa 9k), ATM, or Intel gig/10gig ethernet jumbos (16k). 90 */ 91 # define BPF_BUFSIZE 32768 92 #endif 93 94 #define PRINET 26 /* interruptible */ 95 96 /* 97 * The default read buffer size, and limit for BIOCSBLEN, is sysctl'able. 98 * XXX the default values should be computed dynamically based 99 * on available memory size and available mbuf clusters. 100 */ 101 int bpf_bufsize = BPF_BUFSIZE; 102 int bpf_maxbufsize = BPF_DFLTBUFSIZE; /* XXX set dynamically, see above */ 103 104 105 /* 106 * Global BPF statistics returned by net.bpf.stats sysctl. 107 */ 108 struct bpf_stat bpf_gstats; 109 110 /* 111 * Use a mutex to avoid a race condition between gathering the stats/peers 112 * and opening/closing the device. 113 */ 114 struct simplelock bpf_slock; 115 116 /* 117 * bpf_iflist is the list of interfaces; each corresponds to an ifnet 118 * bpf_dtab holds the descriptors, indexed by minor device # 119 */ 120 struct bpf_if *bpf_iflist; 121 LIST_HEAD(, bpf_d) bpf_list; 122 123 static int bpf_allocbufs(struct bpf_d *); 124 static void bpf_deliver(struct bpf_if *, 125 void *(*cpfn)(void *, const void *, size_t), 126 void *, u_int, u_int, struct ifnet *); 127 static void bpf_freed(struct bpf_d *); 128 static void bpf_ifname(struct ifnet *, struct ifreq *); 129 static void *bpf_mcpy(void *, const void *, size_t); 130 static int bpf_movein(struct uio *, int, int, 131 struct mbuf **, struct sockaddr *); 132 static void bpf_attachd(struct bpf_d *, struct bpf_if *); 133 static void bpf_detachd(struct bpf_d *); 134 static int bpf_setif(struct bpf_d *, struct ifreq *); 135 static void bpf_timed_out(void *); 136 static inline void 137 bpf_wakeup(struct bpf_d *); 138 static void catchpacket(struct bpf_d *, u_char *, u_int, u_int, 139 void *(*)(void *, const void *, size_t)); 140 static void reset_d(struct bpf_d *); 141 static int bpf_getdltlist(struct bpf_d *, struct bpf_dltlist *); 142 static int bpf_setdlt(struct bpf_d *, u_int); 143 144 static int bpf_read(struct file *, off_t *, struct uio *, struct ucred *, 145 int); 146 static int bpf_write(struct file *, off_t *, struct uio *, struct ucred *, 147 int); 148 static int bpf_ioctl(struct file *, u_long, void *, struct lwp *); 149 static int bpf_poll(struct file *, int, struct lwp *); 150 static int bpf_close(struct file *, struct lwp *); 151 static int bpf_kqfilter(struct file *, struct knote *); 152 153 static const struct fileops bpf_fileops = { 154 bpf_read, 155 bpf_write, 156 bpf_ioctl, 157 fnullop_fcntl, 158 bpf_poll, 159 fbadop_stat, 160 bpf_close, 161 bpf_kqfilter, 162 }; 163 164 dev_type_open(bpfopen); 165 166 const struct cdevsw bpf_cdevsw = { 167 bpfopen, noclose, noread, nowrite, noioctl, 168 nostop, notty, nopoll, nommap, nokqfilter, 169 }; 170 171 static int 172 bpf_movein(struct uio *uio, int linktype, int mtu, struct mbuf **mp, 173 struct sockaddr *sockp) 174 { 175 struct mbuf *m; 176 int error; 177 int len; 178 int hlen; 179 int align; 180 181 /* 182 * Build a sockaddr based on the data link layer type. 183 * We do this at this level because the ethernet header 184 * is copied directly into the data field of the sockaddr. 185 * In the case of SLIP, there is no header and the packet 186 * is forwarded as is. 187 * Also, we are careful to leave room at the front of the mbuf 188 * for the link level header. 189 */ 190 switch (linktype) { 191 192 case DLT_SLIP: 193 sockp->sa_family = AF_INET; 194 hlen = 0; 195 align = 0; 196 break; 197 198 case DLT_PPP: 199 sockp->sa_family = AF_UNSPEC; 200 hlen = 0; 201 align = 0; 202 break; 203 204 case DLT_EN10MB: 205 sockp->sa_family = AF_UNSPEC; 206 /* XXX Would MAXLINKHDR be better? */ 207 /* 6(dst)+6(src)+2(type) */ 208 hlen = sizeof(struct ether_header); 209 align = 2; 210 break; 211 212 case DLT_ARCNET: 213 sockp->sa_family = AF_UNSPEC; 214 hlen = ARC_HDRLEN; 215 align = 5; 216 break; 217 218 case DLT_FDDI: 219 sockp->sa_family = AF_LINK; 220 /* XXX 4(FORMAC)+6(dst)+6(src) */ 221 hlen = 16; 222 align = 0; 223 break; 224 225 case DLT_ECONET: 226 sockp->sa_family = AF_UNSPEC; 227 hlen = 6; 228 align = 2; 229 break; 230 231 case DLT_NULL: 232 sockp->sa_family = AF_UNSPEC; 233 hlen = 0; 234 align = 0; 235 break; 236 237 default: 238 return (EIO); 239 } 240 241 len = uio->uio_resid; 242 /* 243 * If there aren't enough bytes for a link level header or the 244 * packet length exceeds the interface mtu, return an error. 245 */ 246 if (len < hlen || len - hlen > mtu) 247 return (EMSGSIZE); 248 249 /* 250 * XXX Avoid complicated buffer chaining --- 251 * bail if it won't fit in a single mbuf. 252 * (Take into account possible alignment bytes) 253 */ 254 if ((unsigned)len > MCLBYTES - align) 255 return (EIO); 256 257 m = m_gethdr(M_WAIT, MT_DATA); 258 m->m_pkthdr.rcvif = 0; 259 m->m_pkthdr.len = len - hlen; 260 if (len > MHLEN - align) { 261 m_clget(m, M_WAIT); 262 if ((m->m_flags & M_EXT) == 0) { 263 error = ENOBUFS; 264 goto bad; 265 } 266 } 267 268 /* Insure the data is properly aligned */ 269 if (align > 0) { 270 m->m_data += align; 271 m->m_len -= align; 272 } 273 274 error = uiomove(mtod(m, void *), len, uio); 275 if (error) 276 goto bad; 277 if (hlen != 0) { 278 memcpy(sockp->sa_data, mtod(m, void *), hlen); 279 m->m_data += hlen; /* XXX */ 280 len -= hlen; 281 } 282 m->m_len = len; 283 *mp = m; 284 return (0); 285 286 bad: 287 m_freem(m); 288 return (error); 289 } 290 291 /* 292 * Attach file to the bpf interface, i.e. make d listen on bp. 293 * Must be called at splnet. 294 */ 295 static void 296 bpf_attachd(struct bpf_d *d, struct bpf_if *bp) 297 { 298 /* 299 * Point d at bp, and add d to the interface's list of listeners. 300 * Finally, point the driver's bpf cookie at the interface so 301 * it will divert packets to bpf. 302 */ 303 d->bd_bif = bp; 304 d->bd_next = bp->bif_dlist; 305 bp->bif_dlist = d; 306 307 *bp->bif_driverp = bp; 308 } 309 310 /* 311 * Detach a file from its interface. 312 */ 313 static void 314 bpf_detachd(struct bpf_d *d) 315 { 316 struct bpf_d **p; 317 struct bpf_if *bp; 318 319 bp = d->bd_bif; 320 /* 321 * Check if this descriptor had requested promiscuous mode. 322 * If so, turn it off. 323 */ 324 if (d->bd_promisc) { 325 int error; 326 327 d->bd_promisc = 0; 328 /* 329 * Take device out of promiscuous mode. Since we were 330 * able to enter promiscuous mode, we should be able 331 * to turn it off. But we can get an error if 332 * the interface was configured down, so only panic 333 * if we don't get an unexpected error. 334 */ 335 error = ifpromisc(bp->bif_ifp, 0); 336 if (error && error != EINVAL) 337 panic("bpf: ifpromisc failed"); 338 } 339 /* Remove d from the interface's descriptor list. */ 340 p = &bp->bif_dlist; 341 while (*p != d) { 342 p = &(*p)->bd_next; 343 if (*p == 0) 344 panic("bpf_detachd: descriptor not in list"); 345 } 346 *p = (*p)->bd_next; 347 if (bp->bif_dlist == 0) 348 /* 349 * Let the driver know that there are no more listeners. 350 */ 351 *d->bd_bif->bif_driverp = 0; 352 d->bd_bif = 0; 353 } 354 355 356 /* 357 * Mark a descriptor free by making it point to itself. 358 * This is probably cheaper than marking with a constant since 359 * the address should be in a register anyway. 360 */ 361 362 /* 363 * bpfilterattach() is called at boot time. 364 */ 365 /* ARGSUSED */ 366 void 367 bpfilterattach(int n) 368 { 369 simple_lock_init(&bpf_slock); 370 371 simple_lock(&bpf_slock); 372 LIST_INIT(&bpf_list); 373 simple_unlock(&bpf_slock); 374 375 bpf_gstats.bs_recv = 0; 376 bpf_gstats.bs_drop = 0; 377 bpf_gstats.bs_capt = 0; 378 } 379 380 /* 381 * Open ethernet device. Clones. 382 */ 383 /* ARGSUSED */ 384 int 385 bpfopen(dev_t dev, int flag, int mode, struct lwp *l) 386 { 387 struct bpf_d *d; 388 struct file *fp; 389 int error, fd; 390 391 /* falloc() will use the descriptor for us. */ 392 if ((error = falloc(l->l_proc, &fp, &fd)) != 0) 393 return error; 394 395 d = malloc(sizeof(*d), M_DEVBUF, M_WAITOK); 396 (void)memset(d, 0, sizeof(*d)); 397 d->bd_bufsize = bpf_bufsize; 398 d->bd_seesent = 1; 399 d->bd_pid = l->l_proc->p_pid; 400 callout_init(&d->bd_callout); 401 402 simple_lock(&bpf_slock); 403 LIST_INSERT_HEAD(&bpf_list, d, bd_list); 404 simple_unlock(&bpf_slock); 405 406 return fdclone(l, fp, fd, flag, &bpf_fileops, d); 407 } 408 409 /* 410 * Close the descriptor by detaching it from its interface, 411 * deallocating its buffers, and marking it free. 412 */ 413 /* ARGSUSED */ 414 static int 415 bpf_close(struct file *fp, struct lwp *l) 416 { 417 struct bpf_d *d = fp->f_data; 418 int s; 419 420 /* 421 * Refresh the PID associated with this bpf file. 422 */ 423 d->bd_pid = l->l_proc->p_pid; 424 425 s = splnet(); 426 if (d->bd_state == BPF_WAITING) 427 callout_stop(&d->bd_callout); 428 d->bd_state = BPF_IDLE; 429 if (d->bd_bif) 430 bpf_detachd(d); 431 splx(s); 432 bpf_freed(d); 433 simple_lock(&bpf_slock); 434 LIST_REMOVE(d, bd_list); 435 simple_unlock(&bpf_slock); 436 free(d, M_DEVBUF); 437 fp->f_data = NULL; 438 439 return (0); 440 } 441 442 /* 443 * Rotate the packet buffers in descriptor d. Move the store buffer 444 * into the hold slot, and the free buffer into the store slot. 445 * Zero the length of the new store buffer. 446 */ 447 #define ROTATE_BUFFERS(d) \ 448 (d)->bd_hbuf = (d)->bd_sbuf; \ 449 (d)->bd_hlen = (d)->bd_slen; \ 450 (d)->bd_sbuf = (d)->bd_fbuf; \ 451 (d)->bd_slen = 0; \ 452 (d)->bd_fbuf = 0; 453 /* 454 * bpfread - read next chunk of packets from buffers 455 */ 456 static int 457 bpf_read(struct file *fp, off_t *offp, struct uio *uio, 458 struct ucred *cred, int flags) 459 { 460 struct bpf_d *d = fp->f_data; 461 int timed_out; 462 int error; 463 int s; 464 465 /* 466 * Restrict application to use a buffer the same size as 467 * as kernel buffers. 468 */ 469 if (uio->uio_resid != d->bd_bufsize) 470 return (EINVAL); 471 472 s = splnet(); 473 if (d->bd_state == BPF_WAITING) 474 callout_stop(&d->bd_callout); 475 timed_out = (d->bd_state == BPF_TIMED_OUT); 476 d->bd_state = BPF_IDLE; 477 /* 478 * If the hold buffer is empty, then do a timed sleep, which 479 * ends when the timeout expires or when enough packets 480 * have arrived to fill the store buffer. 481 */ 482 while (d->bd_hbuf == 0) { 483 if (fp->f_flag & FNONBLOCK) { 484 if (d->bd_slen == 0) { 485 splx(s); 486 return (EWOULDBLOCK); 487 } 488 ROTATE_BUFFERS(d); 489 break; 490 } 491 492 if ((d->bd_immediate || timed_out) && d->bd_slen != 0) { 493 /* 494 * A packet(s) either arrived since the previous 495 * read or arrived while we were asleep. 496 * Rotate the buffers and return what's here. 497 */ 498 ROTATE_BUFFERS(d); 499 break; 500 } 501 error = tsleep(d, PRINET|PCATCH, "bpf", 502 d->bd_rtout); 503 if (error == EINTR || error == ERESTART) { 504 splx(s); 505 return (error); 506 } 507 if (error == EWOULDBLOCK) { 508 /* 509 * On a timeout, return what's in the buffer, 510 * which may be nothing. If there is something 511 * in the store buffer, we can rotate the buffers. 512 */ 513 if (d->bd_hbuf) 514 /* 515 * We filled up the buffer in between 516 * getting the timeout and arriving 517 * here, so we don't need to rotate. 518 */ 519 break; 520 521 if (d->bd_slen == 0) { 522 splx(s); 523 return (0); 524 } 525 ROTATE_BUFFERS(d); 526 break; 527 } 528 if (error != 0) 529 goto done; 530 } 531 /* 532 * At this point, we know we have something in the hold slot. 533 */ 534 splx(s); 535 536 /* 537 * Move data from hold buffer into user space. 538 * We know the entire buffer is transferred since 539 * we checked above that the read buffer is bpf_bufsize bytes. 540 */ 541 error = uiomove(d->bd_hbuf, d->bd_hlen, uio); 542 543 s = splnet(); 544 d->bd_fbuf = d->bd_hbuf; 545 d->bd_hbuf = 0; 546 d->bd_hlen = 0; 547 done: 548 splx(s); 549 return (error); 550 } 551 552 553 /* 554 * If there are processes sleeping on this descriptor, wake them up. 555 */ 556 static inline void 557 bpf_wakeup(struct bpf_d *d) 558 { 559 wakeup(d); 560 if (d->bd_async) 561 fownsignal(d->bd_pgid, SIGIO, 0, 0, NULL); 562 563 selnotify(&d->bd_sel, 0); 564 /* XXX */ 565 d->bd_sel.sel_pid = 0; 566 } 567 568 569 static void 570 bpf_timed_out(void *arg) 571 { 572 struct bpf_d *d = arg; 573 int s; 574 575 s = splnet(); 576 if (d->bd_state == BPF_WAITING) { 577 d->bd_state = BPF_TIMED_OUT; 578 if (d->bd_slen != 0) 579 bpf_wakeup(d); 580 } 581 splx(s); 582 } 583 584 585 static int 586 bpf_write(struct file *fp, off_t *offp, struct uio *uio, 587 struct ucred *cred, int flags) 588 { 589 struct bpf_d *d = fp->f_data; 590 struct ifnet *ifp; 591 struct mbuf *m; 592 int error, s; 593 static struct sockaddr_storage dst; 594 595 if (d->bd_bif == 0) 596 return (ENXIO); 597 598 ifp = d->bd_bif->bif_ifp; 599 600 if (uio->uio_resid == 0) 601 return (0); 602 603 error = bpf_movein(uio, (int)d->bd_bif->bif_dlt, ifp->if_mtu, &m, 604 (struct sockaddr *) &dst); 605 if (error) 606 return (error); 607 608 if (m->m_pkthdr.len > ifp->if_mtu) { 609 m_freem(m); 610 return (EMSGSIZE); 611 } 612 613 if (d->bd_hdrcmplt) 614 dst.ss_family = pseudo_AF_HDRCMPLT; 615 616 s = splsoftnet(); 617 error = (*ifp->if_output)(ifp, m, (struct sockaddr *) &dst, NULL); 618 splx(s); 619 /* 620 * The driver frees the mbuf. 621 */ 622 return (error); 623 } 624 625 /* 626 * Reset a descriptor by flushing its packet buffer and clearing the 627 * receive and drop counts. Should be called at splnet. 628 */ 629 static void 630 reset_d(struct bpf_d *d) 631 { 632 if (d->bd_hbuf) { 633 /* Free the hold buffer. */ 634 d->bd_fbuf = d->bd_hbuf; 635 d->bd_hbuf = 0; 636 } 637 d->bd_slen = 0; 638 d->bd_hlen = 0; 639 d->bd_rcount = 0; 640 d->bd_dcount = 0; 641 d->bd_ccount = 0; 642 } 643 644 /* 645 * FIONREAD Check for read packet available. 646 * BIOCGBLEN Get buffer len [for read()]. 647 * BIOCSETF Set ethernet read filter. 648 * BIOCFLUSH Flush read packet buffer. 649 * BIOCPROMISC Put interface into promiscuous mode. 650 * BIOCGDLT Get link layer type. 651 * BIOCGETIF Get interface name. 652 * BIOCSETIF Set interface. 653 * BIOCSRTIMEOUT Set read timeout. 654 * BIOCGRTIMEOUT Get read timeout. 655 * BIOCGSTATS Get packet stats. 656 * BIOCIMMEDIATE Set immediate mode. 657 * BIOCVERSION Get filter language version. 658 * BIOCGHDRCMPLT Get "header already complete" flag. 659 * BIOCSHDRCMPLT Set "header already complete" flag. 660 */ 661 /* ARGSUSED */ 662 static int 663 bpf_ioctl(struct file *fp, u_long cmd, void *addr, struct lwp *l) 664 { 665 struct bpf_d *d = fp->f_data; 666 int s, error = 0; 667 668 /* 669 * Refresh the PID associated with this bpf file. 670 */ 671 d->bd_pid = l->l_proc->p_pid; 672 673 s = splnet(); 674 if (d->bd_state == BPF_WAITING) 675 callout_stop(&d->bd_callout); 676 d->bd_state = BPF_IDLE; 677 splx(s); 678 679 switch (cmd) { 680 681 default: 682 error = EINVAL; 683 break; 684 685 /* 686 * Check for read packet available. 687 */ 688 case FIONREAD: 689 { 690 int n; 691 692 s = splnet(); 693 n = d->bd_slen; 694 if (d->bd_hbuf) 695 n += d->bd_hlen; 696 splx(s); 697 698 *(int *)addr = n; 699 break; 700 } 701 702 /* 703 * Get buffer len [for read()]. 704 */ 705 case BIOCGBLEN: 706 *(u_int *)addr = d->bd_bufsize; 707 break; 708 709 /* 710 * Set buffer length. 711 */ 712 case BIOCSBLEN: 713 if (d->bd_bif != 0) 714 error = EINVAL; 715 else { 716 u_int size = *(u_int *)addr; 717 718 if (size > bpf_maxbufsize) 719 *(u_int *)addr = size = bpf_maxbufsize; 720 else if (size < BPF_MINBUFSIZE) 721 *(u_int *)addr = size = BPF_MINBUFSIZE; 722 d->bd_bufsize = size; 723 } 724 break; 725 726 /* 727 * Set link layer read filter. 728 */ 729 case BIOCSETF: 730 error = bpf_setf(d, addr); 731 break; 732 733 /* 734 * Flush read packet buffer. 735 */ 736 case BIOCFLUSH: 737 s = splnet(); 738 reset_d(d); 739 splx(s); 740 break; 741 742 /* 743 * Put interface into promiscuous mode. 744 */ 745 case BIOCPROMISC: 746 if (d->bd_bif == 0) { 747 /* 748 * No interface attached yet. 749 */ 750 error = EINVAL; 751 break; 752 } 753 s = splnet(); 754 if (d->bd_promisc == 0) { 755 error = ifpromisc(d->bd_bif->bif_ifp, 1); 756 if (error == 0) 757 d->bd_promisc = 1; 758 } 759 splx(s); 760 break; 761 762 /* 763 * Get device parameters. 764 */ 765 case BIOCGDLT: 766 if (d->bd_bif == 0) 767 error = EINVAL; 768 else 769 *(u_int *)addr = d->bd_bif->bif_dlt; 770 break; 771 772 /* 773 * Get a list of supported device parameters. 774 */ 775 case BIOCGDLTLIST: 776 if (d->bd_bif == 0) 777 error = EINVAL; 778 else 779 error = bpf_getdltlist(d, addr); 780 break; 781 782 /* 783 * Set device parameters. 784 */ 785 case BIOCSDLT: 786 if (d->bd_bif == 0) 787 error = EINVAL; 788 else 789 error = bpf_setdlt(d, *(u_int *)addr); 790 break; 791 792 /* 793 * Set interface name. 794 */ 795 case BIOCGETIF: 796 if (d->bd_bif == 0) 797 error = EINVAL; 798 else 799 bpf_ifname(d->bd_bif->bif_ifp, addr); 800 break; 801 802 /* 803 * Set interface. 804 */ 805 case BIOCSETIF: 806 error = bpf_setif(d, addr); 807 break; 808 809 /* 810 * Set read timeout. 811 */ 812 case BIOCSRTIMEOUT: 813 { 814 struct timeval *tv = addr; 815 816 /* Compute number of ticks. */ 817 d->bd_rtout = tv->tv_sec * hz + tv->tv_usec / tick; 818 if ((d->bd_rtout == 0) && (tv->tv_usec != 0)) 819 d->bd_rtout = 1; 820 break; 821 } 822 823 /* 824 * Get read timeout. 825 */ 826 case BIOCGRTIMEOUT: 827 { 828 struct timeval *tv = addr; 829 830 tv->tv_sec = d->bd_rtout / hz; 831 tv->tv_usec = (d->bd_rtout % hz) * tick; 832 break; 833 } 834 835 /* 836 * Get packet stats. 837 */ 838 case BIOCGSTATS: 839 { 840 struct bpf_stat *bs = addr; 841 842 bs->bs_recv = d->bd_rcount; 843 bs->bs_drop = d->bd_dcount; 844 bs->bs_capt = d->bd_ccount; 845 break; 846 } 847 848 case BIOCGSTATSOLD: 849 { 850 struct bpf_stat_old *bs = addr; 851 852 bs->bs_recv = d->bd_rcount; 853 bs->bs_drop = d->bd_dcount; 854 break; 855 } 856 857 /* 858 * Set immediate mode. 859 */ 860 case BIOCIMMEDIATE: 861 d->bd_immediate = *(u_int *)addr; 862 break; 863 864 case BIOCVERSION: 865 { 866 struct bpf_version *bv = addr; 867 868 bv->bv_major = BPF_MAJOR_VERSION; 869 bv->bv_minor = BPF_MINOR_VERSION; 870 break; 871 } 872 873 case BIOCGHDRCMPLT: /* get "header already complete" flag */ 874 *(u_int *)addr = d->bd_hdrcmplt; 875 break; 876 877 case BIOCSHDRCMPLT: /* set "header already complete" flag */ 878 d->bd_hdrcmplt = *(u_int *)addr ? 1 : 0; 879 break; 880 881 /* 882 * Get "see sent packets" flag 883 */ 884 case BIOCGSEESENT: 885 *(u_int *)addr = d->bd_seesent; 886 break; 887 888 /* 889 * Set "see sent" packets flag 890 */ 891 case BIOCSSEESENT: 892 d->bd_seesent = *(u_int *)addr; 893 break; 894 895 case FIONBIO: /* Non-blocking I/O */ 896 /* 897 * No need to do anything special as we use IO_NDELAY in 898 * bpfread() as an indication of whether or not to block 899 * the read. 900 */ 901 break; 902 903 case FIOASYNC: /* Send signal on receive packets */ 904 d->bd_async = *(int *)addr; 905 break; 906 907 case TIOCSPGRP: /* Process or group to send signals to */ 908 case FIOSETOWN: 909 error = fsetown(l->l_proc, &d->bd_pgid, cmd, addr); 910 break; 911 912 case TIOCGPGRP: 913 case FIOGETOWN: 914 error = fgetown(l->l_proc, d->bd_pgid, cmd, addr); 915 break; 916 } 917 return (error); 918 } 919 920 /* 921 * Set d's packet filter program to fp. If this file already has a filter, 922 * free it and replace it. Returns EINVAL for bogus requests. 923 */ 924 int 925 bpf_setf(struct bpf_d *d, struct bpf_program *fp) 926 { 927 struct bpf_insn *fcode, *old; 928 u_int flen, size; 929 int s; 930 931 old = d->bd_filter; 932 if (fp->bf_insns == 0) { 933 if (fp->bf_len != 0) 934 return (EINVAL); 935 s = splnet(); 936 d->bd_filter = 0; 937 reset_d(d); 938 splx(s); 939 if (old != 0) 940 free(old, M_DEVBUF); 941 return (0); 942 } 943 flen = fp->bf_len; 944 if (flen > BPF_MAXINSNS) 945 return (EINVAL); 946 947 size = flen * sizeof(*fp->bf_insns); 948 fcode = malloc(size, M_DEVBUF, M_WAITOK); 949 if (copyin(fp->bf_insns, fcode, size) == 0 && 950 bpf_validate(fcode, (int)flen)) { 951 s = splnet(); 952 d->bd_filter = fcode; 953 reset_d(d); 954 splx(s); 955 if (old != 0) 956 free(old, M_DEVBUF); 957 958 return (0); 959 } 960 free(fcode, M_DEVBUF); 961 return (EINVAL); 962 } 963 964 /* 965 * Detach a file from its current interface (if attached at all) and attach 966 * to the interface indicated by the name stored in ifr. 967 * Return an errno or 0. 968 */ 969 static int 970 bpf_setif(struct bpf_d *d, struct ifreq *ifr) 971 { 972 struct bpf_if *bp; 973 char *cp; 974 int unit_seen, i, s, error; 975 976 /* 977 * Make sure the provided name has a unit number, and default 978 * it to '0' if not specified. 979 * XXX This is ugly ... do this differently? 980 */ 981 unit_seen = 0; 982 cp = ifr->ifr_name; 983 cp[sizeof(ifr->ifr_name) - 1] = '\0'; /* sanity */ 984 while (*cp++) 985 if (*cp >= '0' && *cp <= '9') 986 unit_seen = 1; 987 if (!unit_seen) { 988 /* Make sure to leave room for the '\0'. */ 989 for (i = 0; i < (IFNAMSIZ - 1); ++i) { 990 if ((ifr->ifr_name[i] >= 'a' && 991 ifr->ifr_name[i] <= 'z') || 992 (ifr->ifr_name[i] >= 'A' && 993 ifr->ifr_name[i] <= 'Z')) 994 continue; 995 ifr->ifr_name[i] = '0'; 996 } 997 } 998 999 /* 1000 * Look through attached interfaces for the named one. 1001 */ 1002 for (bp = bpf_iflist; bp != 0; bp = bp->bif_next) { 1003 struct ifnet *ifp = bp->bif_ifp; 1004 1005 if (ifp == 0 || 1006 strcmp(ifp->if_xname, ifr->ifr_name) != 0) 1007 continue; 1008 /* skip additional entry */ 1009 if (bp->bif_driverp != (struct bpf_if **)&ifp->if_bpf) 1010 continue; 1011 /* 1012 * We found the requested interface. 1013 * Allocate the packet buffers if we need to. 1014 * If we're already attached to requested interface, 1015 * just flush the buffer. 1016 */ 1017 if (d->bd_sbuf == 0) { 1018 error = bpf_allocbufs(d); 1019 if (error != 0) 1020 return (error); 1021 } 1022 s = splnet(); 1023 if (bp != d->bd_bif) { 1024 if (d->bd_bif) 1025 /* 1026 * Detach if attached to something else. 1027 */ 1028 bpf_detachd(d); 1029 1030 bpf_attachd(d, bp); 1031 } 1032 reset_d(d); 1033 splx(s); 1034 return (0); 1035 } 1036 /* Not found. */ 1037 return (ENXIO); 1038 } 1039 1040 /* 1041 * Copy the interface name to the ifreq. 1042 */ 1043 static void 1044 bpf_ifname(struct ifnet *ifp, struct ifreq *ifr) 1045 { 1046 memcpy(ifr->ifr_name, ifp->if_xname, IFNAMSIZ); 1047 } 1048 1049 /* 1050 * Support for poll() system call 1051 * 1052 * Return true iff the specific operation will not block indefinitely - with 1053 * the assumption that it is safe to positively acknowledge a request for the 1054 * ability to write to the BPF device. 1055 * Otherwise, return false but make a note that a selwakeup() must be done. 1056 */ 1057 static int 1058 bpf_poll(struct file *fp, int events, struct lwp *l) 1059 { 1060 struct bpf_d *d = fp->f_data; 1061 int s = splnet(); 1062 int revents; 1063 1064 /* 1065 * Refresh the PID associated with this bpf file. 1066 */ 1067 d->bd_pid = l->l_proc->p_pid; 1068 1069 revents = events & (POLLOUT | POLLWRNORM); 1070 if (events & (POLLIN | POLLRDNORM)) { 1071 /* 1072 * An imitation of the FIONREAD ioctl code. 1073 */ 1074 if ((d->bd_hlen != 0) || 1075 (d->bd_immediate && d->bd_slen != 0)) { 1076 revents |= events & (POLLIN | POLLRDNORM); 1077 } else if (d->bd_state == BPF_TIMED_OUT) { 1078 if (d->bd_slen != 0) 1079 revents |= events & (POLLIN | POLLRDNORM); 1080 else 1081 revents |= events & POLLIN; 1082 } else { 1083 selrecord(l, &d->bd_sel); 1084 /* Start the read timeout if necessary */ 1085 if (d->bd_rtout > 0 && d->bd_state == BPF_IDLE) { 1086 callout_reset(&d->bd_callout, d->bd_rtout, 1087 bpf_timed_out, d); 1088 d->bd_state = BPF_WAITING; 1089 } 1090 } 1091 } 1092 1093 splx(s); 1094 return (revents); 1095 } 1096 1097 static void 1098 filt_bpfrdetach(struct knote *kn) 1099 { 1100 struct bpf_d *d = kn->kn_hook; 1101 int s; 1102 1103 s = splnet(); 1104 SLIST_REMOVE(&d->bd_sel.sel_klist, kn, knote, kn_selnext); 1105 splx(s); 1106 } 1107 1108 static int 1109 filt_bpfread(struct knote *kn, long hint) 1110 { 1111 struct bpf_d *d = kn->kn_hook; 1112 1113 kn->kn_data = d->bd_hlen; 1114 if (d->bd_immediate) 1115 kn->kn_data += d->bd_slen; 1116 return (kn->kn_data > 0); 1117 } 1118 1119 static const struct filterops bpfread_filtops = 1120 { 1, NULL, filt_bpfrdetach, filt_bpfread }; 1121 1122 static int 1123 bpf_kqfilter(struct file *fp, struct knote *kn) 1124 { 1125 struct bpf_d *d = fp->f_data; 1126 struct klist *klist; 1127 int s; 1128 1129 switch (kn->kn_filter) { 1130 case EVFILT_READ: 1131 klist = &d->bd_sel.sel_klist; 1132 kn->kn_fop = &bpfread_filtops; 1133 break; 1134 1135 default: 1136 return (1); 1137 } 1138 1139 kn->kn_hook = d; 1140 1141 s = splnet(); 1142 SLIST_INSERT_HEAD(klist, kn, kn_selnext); 1143 splx(s); 1144 1145 return (0); 1146 } 1147 1148 /* 1149 * Incoming linkage from device drivers. Process the packet pkt, of length 1150 * pktlen, which is stored in a contiguous buffer. The packet is parsed 1151 * by each process' filter, and if accepted, stashed into the corresponding 1152 * buffer. 1153 */ 1154 void 1155 bpf_tap(void *arg, u_char *pkt, u_int pktlen) 1156 { 1157 struct bpf_if *bp; 1158 struct bpf_d *d; 1159 u_int slen; 1160 /* 1161 * Note that the ipl does not have to be raised at this point. 1162 * The only problem that could arise here is that if two different 1163 * interfaces shared any data. This is not the case. 1164 */ 1165 bp = arg; 1166 for (d = bp->bif_dlist; d != 0; d = d->bd_next) { 1167 ++d->bd_rcount; 1168 ++bpf_gstats.bs_recv; 1169 slen = bpf_filter(d->bd_filter, pkt, pktlen, pktlen); 1170 if (slen != 0) 1171 catchpacket(d, pkt, pktlen, slen, memcpy); 1172 } 1173 } 1174 1175 /* 1176 * Copy data from an mbuf chain into a buffer. This code is derived 1177 * from m_copydata in sys/uipc_mbuf.c. 1178 */ 1179 static void * 1180 bpf_mcpy(void *dst_arg, const void *src_arg, size_t len) 1181 { 1182 const struct mbuf *m; 1183 u_int count; 1184 u_char *dst; 1185 1186 m = src_arg; 1187 dst = dst_arg; 1188 while (len > 0) { 1189 if (m == 0) 1190 panic("bpf_mcpy"); 1191 count = min(m->m_len, len); 1192 memcpy(dst, mtod(m, void *), count); 1193 m = m->m_next; 1194 dst += count; 1195 len -= count; 1196 } 1197 return (dst_arg); 1198 } 1199 1200 /* 1201 * Dispatch a packet to all the listeners on interface bp. 1202 * 1203 * marg pointer to the packet, either a data buffer or an mbuf chain 1204 * buflen buffer length, if marg is a data buffer 1205 * cpfn a function that can copy marg into the listener's buffer 1206 * pktlen length of the packet 1207 * rcvif either NULL or the interface the packet came in on. 1208 */ 1209 static inline void 1210 bpf_deliver(struct bpf_if *bp, void *(*cpfn)(void *, const void *, size_t), 1211 void *marg, u_int pktlen, u_int buflen, struct ifnet *rcvif) 1212 { 1213 u_int slen; 1214 struct bpf_d *d; 1215 1216 for (d = bp->bif_dlist; d != 0; d = d->bd_next) { 1217 if (!d->bd_seesent && (rcvif == NULL)) 1218 continue; 1219 ++d->bd_rcount; 1220 ++bpf_gstats.bs_recv; 1221 slen = bpf_filter(d->bd_filter, marg, pktlen, buflen); 1222 if (slen != 0) 1223 catchpacket(d, marg, pktlen, slen, cpfn); 1224 } 1225 } 1226 1227 /* 1228 * Incoming linkage from device drivers, when the head of the packet is in 1229 * a buffer, and the tail is in an mbuf chain. 1230 */ 1231 void 1232 bpf_mtap2(void *arg, void *data, u_int dlen, struct mbuf *m) 1233 { 1234 struct bpf_if *bp = arg; 1235 u_int pktlen; 1236 struct mbuf mb; 1237 1238 pktlen = m_length(m) + dlen; 1239 1240 /* 1241 * Craft on-stack mbuf suitable for passing to bpf_filter. 1242 * Note that we cut corners here; we only setup what's 1243 * absolutely needed--this mbuf should never go anywhere else. 1244 */ 1245 (void)memset(&mb, 0, sizeof(mb)); 1246 mb.m_next = m; 1247 mb.m_data = data; 1248 mb.m_len = dlen; 1249 1250 bpf_deliver(bp, bpf_mcpy, &mb, pktlen, 0, m->m_pkthdr.rcvif); 1251 } 1252 1253 /* 1254 * Incoming linkage from device drivers, when packet is in an mbuf chain. 1255 */ 1256 void 1257 bpf_mtap(void *arg, struct mbuf *m) 1258 { 1259 void *(*cpfn)(void *, const void *, size_t); 1260 struct bpf_if *bp = arg; 1261 u_int pktlen, buflen; 1262 void *marg; 1263 1264 pktlen = m_length(m); 1265 1266 if (pktlen == m->m_len) { 1267 cpfn = memcpy; 1268 marg = mtod(m, void *); 1269 buflen = pktlen; 1270 } else { 1271 cpfn = bpf_mcpy; 1272 marg = m; 1273 buflen = 0; 1274 } 1275 1276 bpf_deliver(bp, cpfn, marg, pktlen, buflen, m->m_pkthdr.rcvif); 1277 } 1278 1279 /* 1280 * We need to prepend the address family as 1281 * a four byte field. Cons up a dummy header 1282 * to pacify bpf. This is safe because bpf 1283 * will only read from the mbuf (i.e., it won't 1284 * try to free it or keep a pointer a to it). 1285 */ 1286 void 1287 bpf_mtap_af(void *arg, u_int32_t af, struct mbuf *m) 1288 { 1289 struct mbuf m0; 1290 1291 m0.m_flags = 0; 1292 m0.m_next = m; 1293 m0.m_len = 4; 1294 m0.m_data = (char *)⁡ 1295 1296 bpf_mtap(arg, &m0); 1297 } 1298 1299 void 1300 bpf_mtap_et(void *arg, u_int16_t et, struct mbuf *m) 1301 { 1302 struct mbuf m0; 1303 1304 m0.m_flags = 0; 1305 m0.m_next = m; 1306 m0.m_len = 14; 1307 m0.m_data = m0.m_dat; 1308 1309 ((u_int32_t *)m0.m_data)[0] = 0; 1310 ((u_int32_t *)m0.m_data)[1] = 0; 1311 ((u_int32_t *)m0.m_data)[2] = 0; 1312 ((u_int16_t *)m0.m_data)[6] = et; 1313 1314 bpf_mtap(arg, &m0); 1315 } 1316 1317 #if NSL > 0 || NSTRIP > 0 1318 /* 1319 * Put the SLIP pseudo-"link header" in place. 1320 * Note this M_PREPEND() should never fail, 1321 * swince we know we always have enough space 1322 * in the input buffer. 1323 */ 1324 void 1325 bpf_mtap_sl_in(void *arg, u_char *chdr, struct mbuf **m) 1326 { 1327 int s; 1328 u_char *hp; 1329 1330 M_PREPEND(*m, SLIP_HDRLEN, M_DONTWAIT); 1331 if (*m == NULL) 1332 return; 1333 1334 hp = mtod(*m, u_char *); 1335 hp[SLX_DIR] = SLIPDIR_IN; 1336 (void)memcpy(&hp[SLX_CHDR], chdr, CHDR_LEN); 1337 1338 s = splnet(); 1339 bpf_mtap(arg, *m); 1340 splx(s); 1341 1342 m_adj(*m, SLIP_HDRLEN); 1343 } 1344 1345 /* 1346 * Put the SLIP pseudo-"link header" in 1347 * place. The compressed header is now 1348 * at the beginning of the mbuf. 1349 */ 1350 void 1351 bpf_mtap_sl_out(void *arg, u_char *chdr, struct mbuf *m) 1352 { 1353 struct mbuf m0; 1354 u_char *hp; 1355 int s; 1356 1357 m0.m_flags = 0; 1358 m0.m_next = m; 1359 m0.m_data = m0.m_dat; 1360 m0.m_len = SLIP_HDRLEN; 1361 1362 hp = mtod(&m0, u_char *); 1363 1364 hp[SLX_DIR] = SLIPDIR_OUT; 1365 (void)memcpy(&hp[SLX_CHDR], chdr, CHDR_LEN); 1366 1367 s = splnet(); 1368 bpf_mtap(arg, &m0); 1369 splx(s); 1370 m_freem(m); 1371 } 1372 #endif 1373 1374 /* 1375 * Move the packet data from interface memory (pkt) into the 1376 * store buffer. Return 1 if it's time to wakeup a listener (buffer full), 1377 * otherwise 0. "copy" is the routine called to do the actual data 1378 * transfer. memcpy is passed in to copy contiguous chunks, while 1379 * bpf_mcpy is passed in to copy mbuf chains. In the latter case, 1380 * pkt is really an mbuf. 1381 */ 1382 static void 1383 catchpacket(struct bpf_d *d, u_char *pkt, u_int pktlen, u_int snaplen, 1384 void *(*cpfn)(void *, const void *, size_t)) 1385 { 1386 struct bpf_hdr *hp; 1387 int totlen, curlen; 1388 int hdrlen = d->bd_bif->bif_hdrlen; 1389 1390 ++d->bd_ccount; 1391 ++bpf_gstats.bs_capt; 1392 /* 1393 * Figure out how many bytes to move. If the packet is 1394 * greater or equal to the snapshot length, transfer that 1395 * much. Otherwise, transfer the whole packet (unless 1396 * we hit the buffer size limit). 1397 */ 1398 totlen = hdrlen + min(snaplen, pktlen); 1399 if (totlen > d->bd_bufsize) 1400 totlen = d->bd_bufsize; 1401 1402 /* 1403 * Round up the end of the previous packet to the next longword. 1404 */ 1405 curlen = BPF_WORDALIGN(d->bd_slen); 1406 if (curlen + totlen > d->bd_bufsize) { 1407 /* 1408 * This packet will overflow the storage buffer. 1409 * Rotate the buffers if we can, then wakeup any 1410 * pending reads. 1411 */ 1412 if (d->bd_fbuf == 0) { 1413 /* 1414 * We haven't completed the previous read yet, 1415 * so drop the packet. 1416 */ 1417 ++d->bd_dcount; 1418 ++bpf_gstats.bs_drop; 1419 return; 1420 } 1421 ROTATE_BUFFERS(d); 1422 bpf_wakeup(d); 1423 curlen = 0; 1424 } 1425 1426 /* 1427 * Append the bpf header. 1428 */ 1429 hp = (struct bpf_hdr *)(d->bd_sbuf + curlen); 1430 microtime(&hp->bh_tstamp); 1431 hp->bh_datalen = pktlen; 1432 hp->bh_hdrlen = hdrlen; 1433 /* 1434 * Copy the packet data into the store buffer and update its length. 1435 */ 1436 (*cpfn)((u_char *)hp + hdrlen, pkt, (hp->bh_caplen = totlen - hdrlen)); 1437 d->bd_slen = curlen + totlen; 1438 1439 /* 1440 * Call bpf_wakeup after bd_slen has been updated so that kevent(2) 1441 * will cause filt_bpfread() to be called with it adjusted. 1442 */ 1443 if (d->bd_immediate || d->bd_state == BPF_TIMED_OUT) 1444 /* 1445 * Immediate mode is set, or the read timeout has 1446 * already expired during a select call. A packet 1447 * arrived, so the reader should be woken up. 1448 */ 1449 bpf_wakeup(d); 1450 } 1451 1452 /* 1453 * Initialize all nonzero fields of a descriptor. 1454 */ 1455 static int 1456 bpf_allocbufs(struct bpf_d *d) 1457 { 1458 1459 d->bd_fbuf = malloc(d->bd_bufsize, M_DEVBUF, M_NOWAIT); 1460 if (!d->bd_fbuf) 1461 return (ENOBUFS); 1462 d->bd_sbuf = malloc(d->bd_bufsize, M_DEVBUF, M_NOWAIT); 1463 if (!d->bd_sbuf) { 1464 free(d->bd_fbuf, M_DEVBUF); 1465 return (ENOBUFS); 1466 } 1467 d->bd_slen = 0; 1468 d->bd_hlen = 0; 1469 return (0); 1470 } 1471 1472 /* 1473 * Free buffers currently in use by a descriptor. 1474 * Called on close. 1475 */ 1476 static void 1477 bpf_freed(struct bpf_d *d) 1478 { 1479 /* 1480 * We don't need to lock out interrupts since this descriptor has 1481 * been detached from its interface and it yet hasn't been marked 1482 * free. 1483 */ 1484 if (d->bd_sbuf != 0) { 1485 free(d->bd_sbuf, M_DEVBUF); 1486 if (d->bd_hbuf != 0) 1487 free(d->bd_hbuf, M_DEVBUF); 1488 if (d->bd_fbuf != 0) 1489 free(d->bd_fbuf, M_DEVBUF); 1490 } 1491 if (d->bd_filter) 1492 free(d->bd_filter, M_DEVBUF); 1493 } 1494 1495 /* 1496 * Attach an interface to bpf. dlt is the link layer type; hdrlen is the 1497 * fixed size of the link header (variable length headers not yet supported). 1498 */ 1499 void 1500 bpfattach(struct ifnet *ifp, u_int dlt, u_int hdrlen) 1501 { 1502 1503 bpfattach2(ifp, dlt, hdrlen, &ifp->if_bpf); 1504 } 1505 1506 /* 1507 * Attach additional dlt for a interface to bpf. dlt is the link layer type; 1508 * hdrlen is the fixed size of the link header for the specified dlt 1509 * (variable length headers not yet supported). 1510 */ 1511 void 1512 bpfattach2(struct ifnet *ifp, u_int dlt, u_int hdrlen, void *driverp) 1513 { 1514 struct bpf_if *bp; 1515 bp = malloc(sizeof(*bp), M_DEVBUF, M_DONTWAIT); 1516 if (bp == 0) 1517 panic("bpfattach"); 1518 1519 bp->bif_dlist = 0; 1520 bp->bif_driverp = driverp; 1521 bp->bif_ifp = ifp; 1522 bp->bif_dlt = dlt; 1523 1524 bp->bif_next = bpf_iflist; 1525 bpf_iflist = bp; 1526 1527 *bp->bif_driverp = 0; 1528 1529 /* 1530 * Compute the length of the bpf header. This is not necessarily 1531 * equal to SIZEOF_BPF_HDR because we want to insert spacing such 1532 * that the network layer header begins on a longword boundary (for 1533 * performance reasons and to alleviate alignment restrictions). 1534 */ 1535 bp->bif_hdrlen = BPF_WORDALIGN(hdrlen + SIZEOF_BPF_HDR) - hdrlen; 1536 1537 #if 0 1538 printf("bpf: %s attached\n", ifp->if_xname); 1539 #endif 1540 } 1541 1542 /* 1543 * Remove an interface from bpf. 1544 */ 1545 void 1546 bpfdetach(struct ifnet *ifp) 1547 { 1548 struct bpf_if *bp, **pbp; 1549 struct bpf_d *d; 1550 int s; 1551 1552 /* Nuke the vnodes for any open instances */ 1553 for (d = LIST_FIRST(&bpf_list); d != NULL; d = LIST_NEXT(d, bd_list)) { 1554 if (d->bd_bif != NULL && d->bd_bif->bif_ifp == ifp) { 1555 /* 1556 * Detach the descriptor from an interface now. 1557 * It will be free'ed later by close routine. 1558 */ 1559 s = splnet(); 1560 d->bd_promisc = 0; /* we can't touch device. */ 1561 bpf_detachd(d); 1562 splx(s); 1563 } 1564 } 1565 1566 again: 1567 for (bp = bpf_iflist, pbp = &bpf_iflist; 1568 bp != NULL; pbp = &bp->bif_next, bp = bp->bif_next) { 1569 if (bp->bif_ifp == ifp) { 1570 *pbp = bp->bif_next; 1571 free(bp, M_DEVBUF); 1572 goto again; 1573 } 1574 } 1575 } 1576 1577 /* 1578 * Change the data link type of a interface. 1579 */ 1580 void 1581 bpf_change_type(struct ifnet *ifp, u_int dlt, u_int hdrlen) 1582 { 1583 struct bpf_if *bp; 1584 1585 for (bp = bpf_iflist; bp != NULL; bp = bp->bif_next) { 1586 if (bp->bif_driverp == (struct bpf_if **)&ifp->if_bpf) 1587 break; 1588 } 1589 if (bp == NULL) 1590 panic("bpf_change_type"); 1591 1592 bp->bif_dlt = dlt; 1593 1594 /* 1595 * Compute the length of the bpf header. This is not necessarily 1596 * equal to SIZEOF_BPF_HDR because we want to insert spacing such 1597 * that the network layer header begins on a longword boundary (for 1598 * performance reasons and to alleviate alignment restrictions). 1599 */ 1600 bp->bif_hdrlen = BPF_WORDALIGN(hdrlen + SIZEOF_BPF_HDR) - hdrlen; 1601 } 1602 1603 /* 1604 * Get a list of available data link type of the interface. 1605 */ 1606 static int 1607 bpf_getdltlist(struct bpf_d *d, struct bpf_dltlist *bfl) 1608 { 1609 int n, error; 1610 struct ifnet *ifp; 1611 struct bpf_if *bp; 1612 1613 ifp = d->bd_bif->bif_ifp; 1614 n = 0; 1615 error = 0; 1616 for (bp = bpf_iflist; bp != NULL; bp = bp->bif_next) { 1617 if (bp->bif_ifp != ifp) 1618 continue; 1619 if (bfl->bfl_list != NULL) { 1620 if (n >= bfl->bfl_len) 1621 return ENOMEM; 1622 error = copyout(&bp->bif_dlt, 1623 bfl->bfl_list + n, sizeof(u_int)); 1624 } 1625 n++; 1626 } 1627 bfl->bfl_len = n; 1628 return error; 1629 } 1630 1631 /* 1632 * Set the data link type of a BPF instance. 1633 */ 1634 static int 1635 bpf_setdlt(struct bpf_d *d, u_int dlt) 1636 { 1637 int s, error, opromisc; 1638 struct ifnet *ifp; 1639 struct bpf_if *bp; 1640 1641 if (d->bd_bif->bif_dlt == dlt) 1642 return 0; 1643 ifp = d->bd_bif->bif_ifp; 1644 for (bp = bpf_iflist; bp != NULL; bp = bp->bif_next) { 1645 if (bp->bif_ifp == ifp && bp->bif_dlt == dlt) 1646 break; 1647 } 1648 if (bp == NULL) 1649 return EINVAL; 1650 s = splnet(); 1651 opromisc = d->bd_promisc; 1652 bpf_detachd(d); 1653 bpf_attachd(d, bp); 1654 reset_d(d); 1655 if (opromisc) { 1656 error = ifpromisc(bp->bif_ifp, 1); 1657 if (error) 1658 printf("%s: bpf_setdlt: ifpromisc failed (%d)\n", 1659 bp->bif_ifp->if_xname, error); 1660 else 1661 d->bd_promisc = 1; 1662 } 1663 splx(s); 1664 return 0; 1665 } 1666 1667 static int 1668 sysctl_net_bpf_maxbufsize(SYSCTLFN_ARGS) 1669 { 1670 int newsize, error; 1671 struct sysctlnode node; 1672 1673 node = *rnode; 1674 node.sysctl_data = &newsize; 1675 newsize = bpf_maxbufsize; 1676 error = sysctl_lookup(SYSCTLFN_CALL(&node)); 1677 if (error || newp == NULL) 1678 return (error); 1679 1680 if (newsize < BPF_MINBUFSIZE || newsize > BPF_MAXBUFSIZE) 1681 return (EINVAL); 1682 1683 bpf_maxbufsize = newsize; 1684 1685 return (0); 1686 } 1687 1688 static int 1689 sysctl_net_bpf_peers(SYSCTLFN_ARGS) 1690 { 1691 int error, elem_count; 1692 struct bpf_d *dp; 1693 struct bpf_d_ext dpe; 1694 size_t len, needed, elem_size, out_size; 1695 char *sp; 1696 1697 if (namelen == 1 && name[0] == CTL_QUERY) 1698 return (sysctl_query(SYSCTLFN_CALL(rnode))); 1699 1700 if (namelen != 2) 1701 return (EINVAL); 1702 1703 if ((error = suser(l->l_proc->p_ucred, &l->l_proc->p_acflag))) 1704 return (error); 1705 1706 len = (oldp != NULL) ? *oldlenp : 0; 1707 sp = oldp; 1708 elem_size = name[0]; 1709 elem_count = name[1]; 1710 out_size = MIN(sizeof(dpe), elem_size); 1711 needed = 0; 1712 1713 if (elem_size < 1 || elem_count < 0) 1714 return (EINVAL); 1715 1716 simple_lock(&bpf_slock); 1717 LIST_FOREACH(dp, &bpf_list, bd_list) { 1718 if (len >= elem_size && elem_count > 0) { 1719 #define BPF_EXT(field) dpe.bde_ ## field = dp->bd_ ## field 1720 BPF_EXT(bufsize); 1721 BPF_EXT(promisc); 1722 BPF_EXT(promisc); 1723 BPF_EXT(state); 1724 BPF_EXT(immediate); 1725 BPF_EXT(hdrcmplt); 1726 BPF_EXT(seesent); 1727 BPF_EXT(pid); 1728 BPF_EXT(rcount); 1729 BPF_EXT(dcount); 1730 BPF_EXT(ccount); 1731 #undef BPF_EXT 1732 if (dp->bd_bif) 1733 (void)strlcpy(dpe.bde_ifname, 1734 dp->bd_bif->bif_ifp->if_xname, 1735 IFNAMSIZ - 1); 1736 else 1737 dpe.bde_ifname[0] = '\0'; 1738 1739 error = copyout(&dpe, sp, out_size); 1740 if (error) 1741 break; 1742 sp += elem_size; 1743 len -= elem_size; 1744 } 1745 if (elem_count > 0) { 1746 needed += elem_size; 1747 if (elem_count != INT_MAX) 1748 elem_count--; 1749 } 1750 } 1751 simple_unlock(&bpf_slock); 1752 1753 *oldlenp = needed; 1754 1755 return (error); 1756 } 1757 1758 SYSCTL_SETUP(sysctl_net_bpf_setup, "sysctl net.bpf subtree setup") 1759 { 1760 const struct sysctlnode *node; 1761 1762 sysctl_createv(clog, 0, NULL, NULL, 1763 CTLFLAG_PERMANENT, 1764 CTLTYPE_NODE, "net", NULL, 1765 NULL, 0, NULL, 0, 1766 CTL_NET, CTL_EOL); 1767 1768 node = NULL; 1769 sysctl_createv(clog, 0, NULL, &node, 1770 CTLFLAG_PERMANENT, 1771 CTLTYPE_NODE, "bpf", 1772 SYSCTL_DESCR("BPF options"), 1773 NULL, 0, NULL, 0, 1774 CTL_NET, CTL_CREATE, CTL_EOL); 1775 if (node != NULL) { 1776 sysctl_createv(clog, 0, NULL, NULL, 1777 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1778 CTLTYPE_INT, "maxbufsize", 1779 SYSCTL_DESCR("Maximum size for data capture buffer"), 1780 sysctl_net_bpf_maxbufsize, 0, &bpf_maxbufsize, 0, 1781 CTL_NET, node->sysctl_num, CTL_CREATE, CTL_EOL); 1782 sysctl_createv(clog, 0, NULL, NULL, 1783 CTLFLAG_PERMANENT, 1784 CTLTYPE_STRUCT, "stats", 1785 SYSCTL_DESCR("BPF stats"), 1786 NULL, 0, &bpf_gstats, sizeof(bpf_gstats), 1787 CTL_NET, node->sysctl_num, CTL_CREATE, CTL_EOL); 1788 sysctl_createv(clog, 0, NULL, NULL, 1789 CTLFLAG_PERMANENT, 1790 CTLTYPE_STRUCT, "peers", 1791 SYSCTL_DESCR("BPF peers"), 1792 sysctl_net_bpf_peers, 0, NULL, 0, 1793 CTL_NET, node->sysctl_num, CTL_CREATE, CTL_EOL); 1794 } 1795 1796 } 1797