1 /* $NetBSD: bpf.c,v 1.35 1997/03/17 06:45:20 scottr Exp $ */ 2 3 /* 4 * Copyright (c) 1990, 1991, 1993 5 * The Regents of the University of California. All rights reserved. 6 * 7 * This code is derived from the Stanford/CMU enet packet filter, 8 * (net/enet.c) distributed as part of 4.3BSD, and code contributed 9 * to Berkeley by Steven McCanne and Van Jacobson both of Lawrence 10 * Berkeley Laboratory. 11 * 12 * Redistribution and use in source and binary forms, with or without 13 * modification, are permitted provided that the following conditions 14 * are met: 15 * 1. Redistributions of source code must retain the above copyright 16 * notice, this list of conditions and the following disclaimer. 17 * 2. Redistributions in binary form must reproduce the above copyright 18 * notice, this list of conditions and the following disclaimer in the 19 * documentation and/or other materials provided with the distribution. 20 * 3. All advertising materials mentioning features or use of this software 21 * must display the following acknowledgement: 22 * This product includes software developed by the University of 23 * California, Berkeley and its contributors. 24 * 4. Neither the name of the University nor the names of its contributors 25 * may be used to endorse or promote products derived from this software 26 * without specific prior written permission. 27 * 28 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 29 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 30 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 31 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 32 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 33 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 34 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 35 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 36 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 37 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 38 * SUCH DAMAGE. 39 * 40 * @(#)bpf.c 8.2 (Berkeley) 3/28/94 41 */ 42 43 #include "bpfilter.h" 44 45 #include <sys/param.h> 46 #include <sys/systm.h> 47 #include <sys/mbuf.h> 48 #include <sys/buf.h> 49 #include <sys/time.h> 50 #include <sys/proc.h> 51 #include <sys/user.h> 52 #include <sys/ioctl.h> 53 #include <sys/map.h> 54 #include <sys/conf.h> 55 56 #include <sys/file.h> 57 #if defined(sparc) && BSD < 199103 58 #include <sys/stream.h> 59 #endif 60 #include <sys/tty.h> 61 #include <sys/uio.h> 62 63 #include <sys/protosw.h> 64 #include <sys/socket.h> 65 #include <sys/errno.h> 66 #include <sys/kernel.h> 67 #include <sys/poll.h> 68 69 #include <net/if.h> 70 71 #include <net/bpf.h> 72 #include <net/bpfdesc.h> 73 74 #include <net/if_arc.h> 75 #include <net/if_ether.h> 76 77 #include <netinet/in.h> 78 #include <netinet/if_inarp.h> 79 80 /* 81 * Older BSDs don't have kernel malloc. 82 */ 83 #if BSD < 199103 84 extern bcopy(); 85 static caddr_t bpf_alloc(); 86 #include <net/bpf_compat.h> 87 #define BPF_BUFSIZE (MCLBYTES-8) 88 #define UIOMOVE(cp, len, code, uio) uiomove(cp, len, code, uio) 89 #else 90 #define BPF_BUFSIZE 4096 91 #define UIOMOVE(cp, len, code, uio) uiomove(cp, len, uio) 92 #endif 93 94 #define PRINET 26 /* interruptible */ 95 96 /* 97 * The default read buffer size is patchable. 98 */ 99 int bpf_bufsize = BPF_BUFSIZE; 100 101 /* 102 * bpf_iflist is the list of interfaces; each corresponds to an ifnet 103 * bpf_dtab holds the descriptors, indexed by minor device # 104 */ 105 struct bpf_if *bpf_iflist; 106 struct bpf_d bpf_dtab[NBPFILTER]; 107 108 #if BSD >= 199207 || NetBSD0_9 >= 2 109 /* 110 * bpfilterattach() is called at boot time in new systems. We do 111 * nothing here since old systems will not call this. 112 */ 113 /* ARGSUSED */ 114 void 115 bpfilterattach(n) 116 int n; 117 { 118 } 119 #endif 120 121 static int bpf_allocbufs __P((struct bpf_d *)); 122 static int bpf_allocbufs __P((struct bpf_d *)); 123 static void bpf_freed __P((struct bpf_d *)); 124 static void bpf_freed __P((struct bpf_d *)); 125 static void bpf_ifname __P((struct ifnet *, struct ifreq *)); 126 static void bpf_ifname __P((struct ifnet *, struct ifreq *)); 127 static void bpf_mcopy __P((const void *, void *, size_t)); 128 static int bpf_movein __P((struct uio *, int, 129 struct mbuf **, struct sockaddr *)); 130 static void bpf_attachd __P((struct bpf_d *, struct bpf_if *)); 131 static void bpf_detachd __P((struct bpf_d *)); 132 static int bpf_setif __P((struct bpf_d *, struct ifreq *)); 133 int bpfpoll __P((dev_t, int, struct proc *)); 134 static __inline void 135 bpf_wakeup __P((struct bpf_d *)); 136 static void catchpacket __P((struct bpf_d *, u_char *, size_t, size_t, 137 void (*)(const void *, void *, size_t))); 138 static void reset_d __P((struct bpf_d *)); 139 140 static int 141 bpf_movein(uio, linktype, mp, sockp) 142 register struct uio *uio; 143 int linktype; 144 register struct mbuf **mp; 145 register struct sockaddr *sockp; 146 { 147 struct mbuf *m; 148 int error; 149 int len; 150 int hlen; 151 152 /* 153 * Build a sockaddr based on the data link layer type. 154 * We do this at this level because the ethernet header 155 * is copied directly into the data field of the sockaddr. 156 * In the case of SLIP, there is no header and the packet 157 * is forwarded as is. 158 * Also, we are careful to leave room at the front of the mbuf 159 * for the link level header. 160 */ 161 switch (linktype) { 162 163 case DLT_SLIP: 164 sockp->sa_family = AF_INET; 165 hlen = 0; 166 break; 167 168 case DLT_PPP: 169 sockp->sa_family = AF_UNSPEC; 170 hlen = 0; 171 break; 172 173 case DLT_EN10MB: 174 sockp->sa_family = AF_UNSPEC; 175 /* XXX Would MAXLINKHDR be better? */ 176 hlen = sizeof(struct ether_header); 177 break; 178 179 case DLT_ARCNET: 180 sockp->sa_family = AF_UNSPEC; 181 hlen = ARC_HDRLEN; 182 break; 183 184 case DLT_FDDI: 185 sockp->sa_family = AF_UNSPEC; 186 /* XXX 4(FORMAC)+6(dst)+6(src)+3(LLC)+5(SNAP) */ 187 hlen = 24; 188 break; 189 190 case DLT_NULL: 191 sockp->sa_family = AF_UNSPEC; 192 hlen = 0; 193 break; 194 195 default: 196 return (EIO); 197 } 198 199 len = uio->uio_resid; 200 if ((unsigned)len > MCLBYTES) 201 return (EIO); 202 203 MGETHDR(m, M_WAIT, MT_DATA); 204 m->m_pkthdr.rcvif = 0; 205 m->m_pkthdr.len = len - hlen; 206 207 if (len > MHLEN) { 208 #if BSD >= 199103 209 MCLGET(m, M_WAIT); 210 if ((m->m_flags & M_EXT) == 0) { 211 #else 212 MCLGET(m); 213 if (m->m_len != MCLBYTES) { 214 #endif 215 error = ENOBUFS; 216 goto bad; 217 } 218 } 219 m->m_len = len; 220 *mp = m; 221 /* 222 * Make room for link header. 223 */ 224 if (hlen != 0) { 225 m->m_len -= hlen; 226 #if BSD >= 199103 227 m->m_data += hlen; /* XXX */ 228 #else 229 m->m_off += hlen; 230 #endif 231 error = UIOMOVE((caddr_t)sockp->sa_data, hlen, UIO_WRITE, uio); 232 if (error) 233 goto bad; 234 } 235 error = UIOMOVE(mtod(m, caddr_t), len - hlen, UIO_WRITE, uio); 236 if (!error) 237 return (0); 238 bad: 239 m_freem(m); 240 return (error); 241 } 242 243 /* 244 * Attach file to the bpf interface, i.e. make d listen on bp. 245 * Must be called at splimp. 246 */ 247 static void 248 bpf_attachd(d, bp) 249 struct bpf_d *d; 250 struct bpf_if *bp; 251 { 252 /* 253 * Point d at bp, and add d to the interface's list of listeners. 254 * Finally, point the driver's bpf cookie at the interface so 255 * it will divert packets to bpf. 256 */ 257 d->bd_bif = bp; 258 d->bd_next = bp->bif_dlist; 259 bp->bif_dlist = d; 260 261 *bp->bif_driverp = bp; 262 } 263 264 /* 265 * Detach a file from its interface. 266 */ 267 static void 268 bpf_detachd(d) 269 struct bpf_d *d; 270 { 271 struct bpf_d **p; 272 struct bpf_if *bp; 273 274 bp = d->bd_bif; 275 /* 276 * Check if this descriptor had requested promiscuous mode. 277 * If so, turn it off. 278 */ 279 if (d->bd_promisc) { 280 int error; 281 282 d->bd_promisc = 0; 283 error = ifpromisc(bp->bif_ifp, 0); 284 if (error && error != EINVAL) 285 /* 286 * Something is really wrong if we were able to put 287 * the driver into promiscuous mode, but can't 288 * take it out. 289 */ 290 panic("bpf: ifpromisc failed"); 291 } 292 /* Remove d from the interface's descriptor list. */ 293 p = &bp->bif_dlist; 294 while (*p != d) { 295 p = &(*p)->bd_next; 296 if (*p == 0) 297 panic("bpf_detachd: descriptor not in list"); 298 } 299 *p = (*p)->bd_next; 300 if (bp->bif_dlist == 0) 301 /* 302 * Let the driver know that there are no more listeners. 303 */ 304 *d->bd_bif->bif_driverp = 0; 305 d->bd_bif = 0; 306 } 307 308 309 /* 310 * Mark a descriptor free by making it point to itself. 311 * This is probably cheaper than marking with a constant since 312 * the address should be in a register anyway. 313 */ 314 #define D_ISFREE(d) ((d) == (d)->bd_next) 315 #define D_MARKFREE(d) ((d)->bd_next = (d)) 316 #define D_MARKUSED(d) ((d)->bd_next = 0) 317 318 /* 319 * Open ethernet device. Returns ENXIO for illegal minor device number, 320 * EBUSY if file is open by another process. 321 */ 322 /* ARGSUSED */ 323 int 324 bpfopen(dev, flag, mode, p) 325 dev_t dev; 326 int flag; 327 int mode; 328 struct proc *p; 329 { 330 register struct bpf_d *d; 331 332 if (minor(dev) >= NBPFILTER) 333 return (ENXIO); 334 /* 335 * Each minor can be opened by only one process. If the requested 336 * minor is in use, return EBUSY. 337 */ 338 d = &bpf_dtab[minor(dev)]; 339 if (!D_ISFREE(d)) 340 return (EBUSY); 341 342 /* Mark "free" and do most initialization. */ 343 bzero((char *)d, sizeof(*d)); 344 d->bd_bufsize = bpf_bufsize; 345 d->bd_sig = SIGIO; 346 347 return (0); 348 } 349 350 /* 351 * Close the descriptor by detaching it from its interface, 352 * deallocating its buffers, and marking it free. 353 */ 354 /* ARGSUSED */ 355 int 356 bpfclose(dev, flag, mode, p) 357 dev_t dev; 358 int flag; 359 int mode; 360 struct proc *p; 361 { 362 register struct bpf_d *d = &bpf_dtab[minor(dev)]; 363 register int s; 364 365 s = splimp(); 366 if (d->bd_bif) 367 bpf_detachd(d); 368 splx(s); 369 bpf_freed(d); 370 371 return (0); 372 } 373 374 /* 375 * Support for SunOS, which does not have tsleep. 376 */ 377 #if BSD < 199103 378 static 379 bpf_timeout(arg) 380 caddr_t arg; 381 { 382 struct bpf_d *d = (struct bpf_d *)arg; 383 d->bd_timedout = 1; 384 wakeup(arg); 385 } 386 387 #define BPF_SLEEP(chan, pri, s, t) bpf_sleep((struct bpf_d *)chan) 388 389 int 390 bpf_sleep(d) 391 register struct bpf_d *d; 392 { 393 register int rto = d->bd_rtout; 394 register int st; 395 396 if (rto != 0) { 397 d->bd_timedout = 0; 398 timeout(bpf_timeout, (caddr_t)d, rto); 399 } 400 st = sleep((caddr_t)d, PRINET|PCATCH); 401 if (rto != 0) { 402 if (d->bd_timedout == 0) 403 untimeout(bpf_timeout, (caddr_t)d); 404 else if (st == 0) 405 return EWOULDBLOCK; 406 } 407 return (st != 0) ? EINTR : 0; 408 } 409 #else 410 #define BPF_SLEEP tsleep 411 #endif 412 413 /* 414 * Rotate the packet buffers in descriptor d. Move the store buffer 415 * into the hold slot, and the free buffer into the store slot. 416 * Zero the length of the new store buffer. 417 */ 418 #define ROTATE_BUFFERS(d) \ 419 (d)->bd_hbuf = (d)->bd_sbuf; \ 420 (d)->bd_hlen = (d)->bd_slen; \ 421 (d)->bd_sbuf = (d)->bd_fbuf; \ 422 (d)->bd_slen = 0; \ 423 (d)->bd_fbuf = 0; 424 /* 425 * bpfread - read next chunk of packets from buffers 426 */ 427 int 428 bpfread(dev, uio, ioflag) 429 dev_t dev; 430 register struct uio *uio; 431 int ioflag; 432 { 433 register struct bpf_d *d = &bpf_dtab[minor(dev)]; 434 int error; 435 int s; 436 437 /* 438 * Restrict application to use a buffer the same size as 439 * as kernel buffers. 440 */ 441 if (uio->uio_resid != d->bd_bufsize) 442 return (EINVAL); 443 444 s = splimp(); 445 /* 446 * If the hold buffer is empty, then do a timed sleep, which 447 * ends when the timeout expires or when enough packets 448 * have arrived to fill the store buffer. 449 */ 450 while (d->bd_hbuf == 0) { 451 if (d->bd_immediate && d->bd_slen != 0) { 452 /* 453 * A packet(s) either arrived since the previous 454 * read or arrived while we were asleep. 455 * Rotate the buffers and return what's here. 456 */ 457 ROTATE_BUFFERS(d); 458 break; 459 } 460 if (d->bd_rtout != -1) 461 error = BPF_SLEEP((caddr_t)d, PRINET|PCATCH, "bpf", 462 d->bd_rtout); 463 else 464 error = EWOULDBLOCK; /* User requested non-blocking I/O */ 465 if (error == EINTR || error == ERESTART) { 466 splx(s); 467 return (error); 468 } 469 if (error == EWOULDBLOCK) { 470 /* 471 * On a timeout, return what's in the buffer, 472 * which may be nothing. If there is something 473 * in the store buffer, we can rotate the buffers. 474 */ 475 if (d->bd_hbuf) 476 /* 477 * We filled up the buffer in between 478 * getting the timeout and arriving 479 * here, so we don't need to rotate. 480 */ 481 break; 482 483 if (d->bd_slen == 0) { 484 splx(s); 485 return (0); 486 } 487 ROTATE_BUFFERS(d); 488 break; 489 } 490 } 491 /* 492 * At this point, we know we have something in the hold slot. 493 */ 494 splx(s); 495 496 /* 497 * Move data from hold buffer into user space. 498 * We know the entire buffer is transferred since 499 * we checked above that the read buffer is bpf_bufsize bytes. 500 */ 501 error = UIOMOVE(d->bd_hbuf, d->bd_hlen, UIO_READ, uio); 502 503 s = splimp(); 504 d->bd_fbuf = d->bd_hbuf; 505 d->bd_hbuf = 0; 506 d->bd_hlen = 0; 507 splx(s); 508 509 return (error); 510 } 511 512 513 /* 514 * If there are processes sleeping on this descriptor, wake them up. 515 */ 516 static __inline void 517 bpf_wakeup(d) 518 register struct bpf_d *d; 519 { 520 struct proc *p; 521 522 wakeup((caddr_t)d); 523 if (d->bd_async && d->bd_sig) 524 if (d->bd_pgid > 0) 525 gsignal (d->bd_pgid, d->bd_sig); 526 else if ((p = pfind (-d->bd_pgid)) != NULL) 527 psignal (p, d->bd_sig); 528 529 #if BSD >= 199103 530 selwakeup(&d->bd_sel); 531 /* XXX */ 532 d->bd_sel.si_pid = 0; 533 #else 534 if (d->bd_selproc) { 535 selwakeup(d->bd_selproc, (int)d->bd_selcoll); 536 d->bd_selcoll = 0; 537 d->bd_selproc = 0; 538 } 539 #endif 540 } 541 542 int 543 bpfwrite(dev, uio, ioflag) 544 dev_t dev; 545 struct uio *uio; 546 int ioflag; 547 { 548 register struct bpf_d *d = &bpf_dtab[minor(dev)]; 549 struct ifnet *ifp; 550 struct mbuf *m; 551 int error, s; 552 static struct sockaddr dst; 553 554 if (d->bd_bif == 0) 555 return (ENXIO); 556 557 ifp = d->bd_bif->bif_ifp; 558 559 if (uio->uio_resid == 0) 560 return (0); 561 562 error = bpf_movein(uio, (int)d->bd_bif->bif_dlt, &m, &dst); 563 if (error) 564 return (error); 565 566 if (m->m_pkthdr.len > ifp->if_mtu) 567 return (EMSGSIZE); 568 569 s = splsoftnet(); 570 #if BSD >= 199103 571 error = (*ifp->if_output)(ifp, m, &dst, (struct rtentry *)0); 572 #else 573 error = (*ifp->if_output)(ifp, m, &dst); 574 #endif 575 splx(s); 576 /* 577 * The driver frees the mbuf. 578 */ 579 return (error); 580 } 581 582 /* 583 * Reset a descriptor by flushing its packet buffer and clearing the 584 * receive and drop counts. Should be called at splimp. 585 */ 586 static void 587 reset_d(d) 588 struct bpf_d *d; 589 { 590 if (d->bd_hbuf) { 591 /* Free the hold buffer. */ 592 d->bd_fbuf = d->bd_hbuf; 593 d->bd_hbuf = 0; 594 } 595 d->bd_slen = 0; 596 d->bd_hlen = 0; 597 d->bd_rcount = 0; 598 d->bd_dcount = 0; 599 } 600 601 /* 602 * FIONREAD Check for read packet available. 603 * BIOCGBLEN Get buffer len [for read()]. 604 * BIOCSETF Set ethernet read filter. 605 * BIOCFLUSH Flush read packet buffer. 606 * BIOCPROMISC Put interface into promiscuous mode. 607 * BIOCGDLT Get link layer type. 608 * BIOCGETIF Get interface name. 609 * BIOCSETIF Set interface. 610 * BIOCSRTIMEOUT Set read timeout. 611 * BIOCGRTIMEOUT Get read timeout. 612 * BIOCGSTATS Get packet stats. 613 * BIOCIMMEDIATE Set immediate mode. 614 * BIOCVERSION Get filter language version. 615 */ 616 /* ARGSUSED */ 617 int 618 bpfioctl(dev, cmd, addr, flag, p) 619 dev_t dev; 620 u_long cmd; 621 caddr_t addr; 622 int flag; 623 struct proc *p; 624 { 625 register struct bpf_d *d = &bpf_dtab[minor(dev)]; 626 int s, error = 0; 627 628 switch (cmd) { 629 630 default: 631 error = EINVAL; 632 break; 633 634 /* 635 * Check for read packet available. 636 */ 637 case FIONREAD: 638 { 639 int n; 640 641 s = splimp(); 642 n = d->bd_slen; 643 if (d->bd_hbuf) 644 n += d->bd_hlen; 645 splx(s); 646 647 *(int *)addr = n; 648 break; 649 } 650 651 /* 652 * Get buffer len [for read()]. 653 */ 654 case BIOCGBLEN: 655 *(u_int *)addr = d->bd_bufsize; 656 break; 657 658 /* 659 * Set buffer length. 660 */ 661 case BIOCSBLEN: 662 #if BSD < 199103 663 error = EINVAL; 664 #else 665 if (d->bd_bif != 0) 666 error = EINVAL; 667 else { 668 register u_int size = *(u_int *)addr; 669 670 if (size > BPF_MAXBUFSIZE) 671 *(u_int *)addr = size = BPF_MAXBUFSIZE; 672 else if (size < BPF_MINBUFSIZE) 673 *(u_int *)addr = size = BPF_MINBUFSIZE; 674 d->bd_bufsize = size; 675 } 676 #endif 677 break; 678 679 /* 680 * Set link layer read filter. 681 */ 682 case BIOCSETF: 683 error = bpf_setf(d, (struct bpf_program *)addr); 684 break; 685 686 /* 687 * Flush read packet buffer. 688 */ 689 case BIOCFLUSH: 690 s = splimp(); 691 reset_d(d); 692 splx(s); 693 break; 694 695 /* 696 * Put interface into promiscuous mode. 697 */ 698 case BIOCPROMISC: 699 if (d->bd_bif == 0) { 700 /* 701 * No interface attached yet. 702 */ 703 error = EINVAL; 704 break; 705 } 706 s = splimp(); 707 if (d->bd_promisc == 0) { 708 error = ifpromisc(d->bd_bif->bif_ifp, 1); 709 if (error == 0) 710 d->bd_promisc = 1; 711 } 712 splx(s); 713 break; 714 715 /* 716 * Get device parameters. 717 */ 718 case BIOCGDLT: 719 if (d->bd_bif == 0) 720 error = EINVAL; 721 else 722 *(u_int *)addr = d->bd_bif->bif_dlt; 723 break; 724 725 /* 726 * Set interface name. 727 */ 728 case BIOCGETIF: 729 if (d->bd_bif == 0) 730 error = EINVAL; 731 else 732 bpf_ifname(d->bd_bif->bif_ifp, (struct ifreq *)addr); 733 break; 734 735 /* 736 * Set interface. 737 */ 738 case BIOCSETIF: 739 error = bpf_setif(d, (struct ifreq *)addr); 740 break; 741 742 /* 743 * Set read timeout. 744 */ 745 case BIOCSRTIMEOUT: 746 { 747 struct timeval *tv = (struct timeval *)addr; 748 749 /* Compute number of ticks. */ 750 d->bd_rtout = tv->tv_sec * hz + tv->tv_usec / tick; 751 if ((d->bd_rtout == 0) && (tv->tv_usec != 0)) 752 d->bd_rtout = 1; 753 break; 754 } 755 756 /* 757 * Get read timeout. 758 */ 759 case BIOCGRTIMEOUT: 760 { 761 struct timeval *tv = (struct timeval *)addr; 762 763 tv->tv_sec = d->bd_rtout / hz; 764 tv->tv_usec = (d->bd_rtout % hz) * tick; 765 break; 766 } 767 768 /* 769 * Get packet stats. 770 */ 771 case BIOCGSTATS: 772 { 773 struct bpf_stat *bs = (struct bpf_stat *)addr; 774 775 bs->bs_recv = d->bd_rcount; 776 bs->bs_drop = d->bd_dcount; 777 break; 778 } 779 780 /* 781 * Set immediate mode. 782 */ 783 case BIOCIMMEDIATE: 784 d->bd_immediate = *(u_int *)addr; 785 break; 786 787 case BIOCVERSION: 788 { 789 struct bpf_version *bv = (struct bpf_version *)addr; 790 791 bv->bv_major = BPF_MAJOR_VERSION; 792 bv->bv_minor = BPF_MINOR_VERSION; 793 break; 794 } 795 796 797 case FIONBIO: /* Non-blocking I/O */ 798 if (*(int *)addr) 799 d->bd_rtout = -1; 800 else 801 d->bd_rtout = 0; 802 break; 803 804 case FIOASYNC: /* Send signal on receive packets */ 805 d->bd_async = *(int *)addr; 806 break; 807 808 /* 809 * N.B. ioctl (FIOSETOWN) and fcntl (F_SETOWN) both end up doing 810 * the equivalent of a TIOCSPGRP and hence end up here. *However* 811 * TIOCSPGRP's arg is a process group if it's positive and a process 812 * id if it's negative. This is exactly the opposite of what the 813 * other two functions want! Therefore there is code in ioctl and 814 * fcntl to negate the arg before calling here. 815 */ 816 case TIOCSPGRP: /* Process or group to send signals to */ 817 d->bd_pgid = *(int *)addr; 818 break; 819 820 case TIOCGPGRP: 821 *(int *)addr = d->bd_pgid; 822 break; 823 824 case BIOCSRSIG: /* Set receive signal */ 825 { 826 u_int sig; 827 828 sig = *(u_int *)addr; 829 830 if (sig >= NSIG) 831 error = EINVAL; 832 else 833 d->bd_sig = sig; 834 break; 835 } 836 case BIOCGRSIG: 837 *(u_int *)addr = d->bd_sig; 838 break; 839 } 840 return (error); 841 } 842 843 /* 844 * Set d's packet filter program to fp. If this file already has a filter, 845 * free it and replace it. Returns EINVAL for bogus requests. 846 */ 847 int 848 bpf_setf(d, fp) 849 struct bpf_d *d; 850 struct bpf_program *fp; 851 { 852 struct bpf_insn *fcode, *old; 853 u_int flen, size; 854 int s; 855 856 old = d->bd_filter; 857 if (fp->bf_insns == 0) { 858 if (fp->bf_len != 0) 859 return (EINVAL); 860 s = splimp(); 861 d->bd_filter = 0; 862 reset_d(d); 863 splx(s); 864 if (old != 0) 865 free((caddr_t)old, M_DEVBUF); 866 return (0); 867 } 868 flen = fp->bf_len; 869 if (flen > BPF_MAXINSNS) 870 return (EINVAL); 871 872 size = flen * sizeof(*fp->bf_insns); 873 fcode = (struct bpf_insn *)malloc(size, M_DEVBUF, M_WAITOK); 874 if (copyin((caddr_t)fp->bf_insns, (caddr_t)fcode, size) == 0 && 875 bpf_validate(fcode, (int)flen)) { 876 s = splimp(); 877 d->bd_filter = fcode; 878 reset_d(d); 879 splx(s); 880 if (old != 0) 881 free((caddr_t)old, M_DEVBUF); 882 883 return (0); 884 } 885 free((caddr_t)fcode, M_DEVBUF); 886 return (EINVAL); 887 } 888 889 /* 890 * Detach a file from its current interface (if attached at all) and attach 891 * to the interface indicated by the name stored in ifr. 892 * Return an errno or 0. 893 */ 894 static int 895 bpf_setif(d, ifr) 896 struct bpf_d *d; 897 struct ifreq *ifr; 898 { 899 struct bpf_if *bp; 900 char *cp; 901 int unit_seen, i, s, error; 902 903 /* 904 * Make sure the provided name has a unit number, and default 905 * it to '0' if not specified. 906 * XXX This is ugly ... do this differently? 907 */ 908 unit_seen = 0; 909 cp = ifr->ifr_name; 910 cp[sizeof(ifr->ifr_name) - 1] = '\0'; /* sanity */ 911 while (*cp++) 912 if (*cp >= '0' && *cp <= '9') 913 unit_seen = 1; 914 if (!unit_seen) { 915 /* Make sure to leave room for the '\0'. */ 916 for (i = 0; i < (IFNAMSIZ - 1); ++i) { 917 if ((ifr->ifr_name[i] >= 'a' && 918 ifr->ifr_name[i] <= 'z') || 919 (ifr->ifr_name[i] >= 'A' && 920 ifr->ifr_name[i] <= 'Z')) 921 continue; 922 ifr->ifr_name[i] = '0'; 923 } 924 } 925 926 /* 927 * Look through attached interfaces for the named one. 928 */ 929 for (bp = bpf_iflist; bp != 0; bp = bp->bif_next) { 930 struct ifnet *ifp = bp->bif_ifp; 931 932 if (ifp == 0 || 933 strcmp(ifp->if_xname, ifr->ifr_name) != 0) 934 continue; 935 /* 936 * We found the requested interface. 937 * If it's not up, return an error. 938 * Allocate the packet buffers if we need to. 939 * If we're already attached to requested interface, 940 * just flush the buffer. 941 */ 942 if ((ifp->if_flags & IFF_UP) == 0) 943 return (ENETDOWN); 944 945 if (d->bd_sbuf == 0) { 946 error = bpf_allocbufs(d); 947 if (error != 0) 948 return (error); 949 } 950 s = splimp(); 951 if (bp != d->bd_bif) { 952 if (d->bd_bif) 953 /* 954 * Detach if attached to something else. 955 */ 956 bpf_detachd(d); 957 958 bpf_attachd(d, bp); 959 } 960 reset_d(d); 961 splx(s); 962 return (0); 963 } 964 /* Not found. */ 965 return (ENXIO); 966 } 967 968 /* 969 * Copy the interface name to the ifreq. 970 */ 971 static void 972 bpf_ifname(ifp, ifr) 973 struct ifnet *ifp; 974 struct ifreq *ifr; 975 { 976 977 bcopy(ifp->if_xname, ifr->ifr_name, IFNAMSIZ); 978 } 979 980 /* 981 * Support for select() system call 982 * 983 * Return true iff the specific operation will not block indefinitely. 984 * Otherwise, return false but make a note that a selwakeup() must be done. 985 */ 986 int 987 bpfpoll(dev, events, p) 988 register dev_t dev; 989 int events; 990 struct proc *p; 991 { 992 register struct bpf_d *d = &bpf_dtab[minor(dev)]; 993 int revents = 0; 994 register int s = splimp(); 995 996 /* 997 * An imitation of the FIONREAD ioctl code. 998 */ 999 if (events & (POLLIN | POLLRDNORM)) 1000 if (d->bd_hlen != 0 || (d->bd_immediate && d->bd_slen != 0)) 1001 revents |= events & (POLLIN | POLLRDNORM); 1002 else 1003 selrecord(p, &d->bd_sel); 1004 1005 splx(s); 1006 return (revents); 1007 } 1008 1009 /* 1010 * Incoming linkage from device drivers. Process the packet pkt, of length 1011 * pktlen, which is stored in a contiguous buffer. The packet is parsed 1012 * by each process' filter, and if accepted, stashed into the corresponding 1013 * buffer. 1014 */ 1015 void 1016 bpf_tap(arg, pkt, pktlen) 1017 caddr_t arg; 1018 register u_char *pkt; 1019 register u_int pktlen; 1020 { 1021 struct bpf_if *bp; 1022 register struct bpf_d *d; 1023 register size_t slen; 1024 /* 1025 * Note that the ipl does not have to be raised at this point. 1026 * The only problem that could arise here is that if two different 1027 * interfaces shared any data. This is not the case. 1028 */ 1029 bp = (struct bpf_if *)arg; 1030 for (d = bp->bif_dlist; d != 0; d = d->bd_next) { 1031 ++d->bd_rcount; 1032 slen = bpf_filter(d->bd_filter, pkt, pktlen, pktlen); 1033 if (slen != 0) 1034 catchpacket(d, pkt, pktlen, slen, bcopy); 1035 } 1036 } 1037 1038 /* 1039 * Copy data from an mbuf chain into a buffer. This code is derived 1040 * from m_copydata in sys/uipc_mbuf.c. 1041 */ 1042 static void 1043 bpf_mcopy(src_arg, dst_arg, len) 1044 const void *src_arg; 1045 void *dst_arg; 1046 register size_t len; 1047 { 1048 register const struct mbuf *m; 1049 register u_int count; 1050 u_char *dst; 1051 1052 m = src_arg; 1053 dst = dst_arg; 1054 while (len > 0) { 1055 if (m == 0) 1056 panic("bpf_mcopy"); 1057 count = min(m->m_len, len); 1058 bcopy(mtod(m, caddr_t), (caddr_t)dst, count); 1059 m = m->m_next; 1060 dst += count; 1061 len -= count; 1062 } 1063 } 1064 1065 /* 1066 * Incoming linkage from device drivers, when packet is in an mbuf chain. 1067 */ 1068 void 1069 bpf_mtap(arg, m) 1070 caddr_t arg; 1071 struct mbuf *m; 1072 { 1073 struct bpf_if *bp = (struct bpf_if *)arg; 1074 struct bpf_d *d; 1075 size_t pktlen, slen; 1076 struct mbuf *m0; 1077 1078 pktlen = 0; 1079 for (m0 = m; m0 != 0; m0 = m0->m_next) 1080 pktlen += m0->m_len; 1081 1082 for (d = bp->bif_dlist; d != 0; d = d->bd_next) { 1083 ++d->bd_rcount; 1084 slen = bpf_filter(d->bd_filter, (u_char *)m, pktlen, 0); 1085 if (slen != 0) 1086 catchpacket(d, (u_char *)m, pktlen, slen, bpf_mcopy); 1087 } 1088 } 1089 1090 /* 1091 * Move the packet data from interface memory (pkt) into the 1092 * store buffer. Return 1 if it's time to wakeup a listener (buffer full), 1093 * otherwise 0. "copy" is the routine called to do the actual data 1094 * transfer. bcopy is passed in to copy contiguous chunks, while 1095 * bpf_mcopy is passed in to copy mbuf chains. In the latter case, 1096 * pkt is really an mbuf. 1097 */ 1098 static void 1099 catchpacket(d, pkt, pktlen, snaplen, cpfn) 1100 register struct bpf_d *d; 1101 register u_char *pkt; 1102 register size_t pktlen, snaplen; 1103 register void (*cpfn) __P((const void *, void *, size_t)); 1104 { 1105 register struct bpf_hdr *hp; 1106 register int totlen, curlen; 1107 register int hdrlen = d->bd_bif->bif_hdrlen; 1108 /* 1109 * Figure out how many bytes to move. If the packet is 1110 * greater or equal to the snapshot length, transfer that 1111 * much. Otherwise, transfer the whole packet (unless 1112 * we hit the buffer size limit). 1113 */ 1114 totlen = hdrlen + min(snaplen, pktlen); 1115 if (totlen > d->bd_bufsize) 1116 totlen = d->bd_bufsize; 1117 1118 /* 1119 * Round up the end of the previous packet to the next longword. 1120 */ 1121 curlen = BPF_WORDALIGN(d->bd_slen); 1122 if (curlen + totlen > d->bd_bufsize) { 1123 /* 1124 * This packet will overflow the storage buffer. 1125 * Rotate the buffers if we can, then wakeup any 1126 * pending reads. 1127 */ 1128 if (d->bd_fbuf == 0) { 1129 /* 1130 * We haven't completed the previous read yet, 1131 * so drop the packet. 1132 */ 1133 ++d->bd_dcount; 1134 return; 1135 } 1136 ROTATE_BUFFERS(d); 1137 bpf_wakeup(d); 1138 curlen = 0; 1139 } 1140 else if (d->bd_immediate) 1141 /* 1142 * Immediate mode is set. A packet arrived so any 1143 * reads should be woken up. 1144 */ 1145 bpf_wakeup(d); 1146 1147 /* 1148 * Append the bpf header. 1149 */ 1150 hp = (struct bpf_hdr *)(d->bd_sbuf + curlen); 1151 #if BSD >= 199103 1152 microtime(&hp->bh_tstamp); 1153 #elif defined(sun) 1154 uniqtime(&hp->bh_tstamp); 1155 #else 1156 hp->bh_tstamp = time; 1157 #endif 1158 hp->bh_datalen = pktlen; 1159 hp->bh_hdrlen = hdrlen; 1160 /* 1161 * Copy the packet data into the store buffer and update its length. 1162 */ 1163 (*cpfn)(pkt, (u_char *)hp + hdrlen, (hp->bh_caplen = totlen - hdrlen)); 1164 d->bd_slen = curlen + totlen; 1165 } 1166 1167 /* 1168 * Initialize all nonzero fields of a descriptor. 1169 */ 1170 static int 1171 bpf_allocbufs(d) 1172 register struct bpf_d *d; 1173 { 1174 d->bd_fbuf = (caddr_t)malloc(d->bd_bufsize, M_DEVBUF, M_WAITOK); 1175 if (d->bd_fbuf == 0) 1176 return (ENOBUFS); 1177 1178 d->bd_sbuf = (caddr_t)malloc(d->bd_bufsize, M_DEVBUF, M_WAITOK); 1179 if (d->bd_sbuf == 0) { 1180 free(d->bd_fbuf, M_DEVBUF); 1181 return (ENOBUFS); 1182 } 1183 d->bd_slen = 0; 1184 d->bd_hlen = 0; 1185 return (0); 1186 } 1187 1188 /* 1189 * Free buffers currently in use by a descriptor. 1190 * Called on close. 1191 */ 1192 static void 1193 bpf_freed(d) 1194 register struct bpf_d *d; 1195 { 1196 /* 1197 * We don't need to lock out interrupts since this descriptor has 1198 * been detached from its interface and it yet hasn't been marked 1199 * free. 1200 */ 1201 if (d->bd_sbuf != 0) { 1202 free(d->bd_sbuf, M_DEVBUF); 1203 if (d->bd_hbuf != 0) 1204 free(d->bd_hbuf, M_DEVBUF); 1205 if (d->bd_fbuf != 0) 1206 free(d->bd_fbuf, M_DEVBUF); 1207 } 1208 if (d->bd_filter) 1209 free((caddr_t)d->bd_filter, M_DEVBUF); 1210 1211 D_MARKFREE(d); 1212 } 1213 1214 /* 1215 * Attach an interface to bpf. driverp is a pointer to a (struct bpf_if *) 1216 * in the driver's softc; dlt is the link layer type; hdrlen is the fixed 1217 * size of the link header (variable length headers not yet supported). 1218 */ 1219 void 1220 bpfattach(driverp, ifp, dlt, hdrlen) 1221 caddr_t *driverp; 1222 struct ifnet *ifp; 1223 u_int dlt, hdrlen; 1224 { 1225 struct bpf_if *bp; 1226 int i; 1227 #if BSD < 199103 1228 static struct bpf_if bpf_ifs[NBPFILTER]; 1229 static int bpfifno; 1230 1231 bp = (bpfifno < NBPFILTER) ? &bpf_ifs[bpfifno++] : 0; 1232 #else 1233 bp = (struct bpf_if *)malloc(sizeof(*bp), M_DEVBUF, M_DONTWAIT); 1234 #endif 1235 if (bp == 0) 1236 panic("bpfattach"); 1237 1238 bp->bif_dlist = 0; 1239 bp->bif_driverp = (struct bpf_if **)driverp; 1240 bp->bif_ifp = ifp; 1241 bp->bif_dlt = dlt; 1242 1243 bp->bif_next = bpf_iflist; 1244 bpf_iflist = bp; 1245 1246 *bp->bif_driverp = 0; 1247 1248 /* 1249 * Compute the length of the bpf header. This is not necessarily 1250 * equal to SIZEOF_BPF_HDR because we want to insert spacing such 1251 * that the network layer header begins on a longword boundary (for 1252 * performance reasons and to alleviate alignment restrictions). 1253 */ 1254 bp->bif_hdrlen = BPF_WORDALIGN(hdrlen + SIZEOF_BPF_HDR) - hdrlen; 1255 1256 /* 1257 * Mark all the descriptors free if this hasn't been done. 1258 */ 1259 if (!D_ISFREE(&bpf_dtab[0])) 1260 for (i = 0; i < NBPFILTER; ++i) 1261 D_MARKFREE(&bpf_dtab[i]); 1262 1263 #if 0 1264 printf("bpf: %s attached\n", ifp->if_xname); 1265 #endif 1266 } 1267 1268 #if BSD >= 199103 1269 /* XXX This routine belongs in net/if.c. */ 1270 /* 1271 * Set/clear promiscuous mode on interface ifp based on the truth value 1272 * of pswitch. The calls are reference counted so that only the first 1273 * "on" request actually has an effect, as does the final "off" request. 1274 * Results are undefined if the "off" and "on" requests are not matched. 1275 */ 1276 int 1277 ifpromisc(ifp, pswitch) 1278 struct ifnet *ifp; 1279 int pswitch; 1280 { 1281 struct ifreq ifr; 1282 1283 if (pswitch) { 1284 /* 1285 * If the device is not configured up, we cannot put it in 1286 * promiscuous mode. 1287 */ 1288 if ((ifp->if_flags & IFF_UP) == 0) 1289 return (ENETDOWN); 1290 if (ifp->if_pcount++ != 0) 1291 return (0); 1292 ifp->if_flags |= IFF_PROMISC; 1293 } else { 1294 if (--ifp->if_pcount > 0) 1295 return (0); 1296 ifp->if_flags &= ~IFF_PROMISC; 1297 /* 1298 * If the device is not configured up, we should not need to 1299 * turn off promiscuous mode (device should have turned it 1300 * off when interface went down; and will look at IFF_PROMISC 1301 * again next time interface comes up). 1302 */ 1303 if ((ifp->if_flags & IFF_UP) == 0) 1304 return (0); 1305 } 1306 ifr.ifr_flags = ifp->if_flags; 1307 return ((*ifp->if_ioctl)(ifp, SIOCSIFFLAGS, (caddr_t)&ifr)); 1308 } 1309 #endif 1310 1311 #if BSD < 199103 1312 /* 1313 * Allocate some memory for bpf. This is temporary SunOS support, and 1314 * is admittedly a hack. 1315 * If resources unavaiable, return 0. 1316 */ 1317 static caddr_t 1318 bpf_alloc(size, canwait) 1319 register int size; 1320 register int canwait; 1321 { 1322 register struct mbuf *m; 1323 1324 if ((unsigned)size > (MCLBYTES-8)) 1325 return 0; 1326 1327 MGET(m, canwait, MT_DATA); 1328 if (m == 0) 1329 return 0; 1330 if ((unsigned)size > (MLEN-8)) { 1331 MCLGET(m); 1332 if (m->m_len != MCLBYTES) { 1333 m_freem(m); 1334 return 0; 1335 } 1336 } 1337 *mtod(m, struct mbuf **) = m; 1338 return mtod(m, caddr_t) + 8; 1339 } 1340 #endif 1341