1 /* $NetBSD: if_tun.c,v 1.111 2009/05/08 11:09:44 elad Exp $ */ 2 3 /* 4 * Copyright (c) 1988, Julian Onions <jpo@cs.nott.ac.uk> 5 * Nottingham University 1987. 6 * 7 * This source may be freely distributed, however I would be interested 8 * in any changes that are made. 9 * 10 * This driver takes packets off the IP i/f and hands them up to a 11 * user process to have its wicked way with. This driver has its 12 * roots in a similar driver written by Phil Cockcroft (formerly) at 13 * UCL. This driver is based much more on read/write/poll mode of 14 * operation though. 15 */ 16 17 #include <sys/cdefs.h> 18 __KERNEL_RCSID(0, "$NetBSD: if_tun.c,v 1.111 2009/05/08 11:09:44 elad Exp $"); 19 20 #include "opt_inet.h" 21 22 #include <sys/param.h> 23 #include <sys/proc.h> 24 #include <sys/systm.h> 25 #include <sys/mbuf.h> 26 #include <sys/buf.h> 27 #include <sys/protosw.h> 28 #include <sys/socket.h> 29 #include <sys/ioctl.h> 30 #include <sys/errno.h> 31 #include <sys/syslog.h> 32 #include <sys/select.h> 33 #include <sys/poll.h> 34 #include <sys/file.h> 35 #include <sys/signalvar.h> 36 #include <sys/conf.h> 37 #include <sys/kauth.h> 38 #include <sys/simplelock.h> 39 #include <sys/cpu.h> 40 41 #include <net/if.h> 42 #include <net/if_types.h> 43 #include <net/netisr.h> 44 #include <net/route.h> 45 46 47 #ifdef INET 48 #include <netinet/in.h> 49 #include <netinet/in_systm.h> 50 #include <netinet/in_var.h> 51 #include <netinet/ip.h> 52 #include <netinet/if_inarp.h> 53 #endif 54 55 56 #include "bpfilter.h" 57 #if NBPFILTER > 0 58 #include <sys/time.h> 59 #include <net/bpf.h> 60 #endif 61 62 #include <net/if_tun.h> 63 64 #define TUNDEBUG if (tundebug) printf 65 int tundebug = 0; 66 67 extern int ifqmaxlen; 68 void tunattach(int); 69 70 static LIST_HEAD(, tun_softc) tun_softc_list; 71 static LIST_HEAD(, tun_softc) tunz_softc_list; 72 static struct simplelock tun_softc_lock; 73 74 static int tun_ioctl(struct ifnet *, u_long, void *); 75 static int tun_output(struct ifnet *, struct mbuf *, 76 const struct sockaddr *, struct rtentry *rt); 77 static int tun_clone_create(struct if_clone *, int); 78 static int tun_clone_destroy(struct ifnet *); 79 80 static struct if_clone tun_cloner = 81 IF_CLONE_INITIALIZER("tun", tun_clone_create, tun_clone_destroy); 82 83 static void tunattach0(struct tun_softc *); 84 static void tuninit(struct tun_softc *); 85 static void tun_i_softintr(void *); 86 static void tun_o_softintr(void *); 87 #ifdef ALTQ 88 static void tunstart(struct ifnet *); 89 #endif 90 static struct tun_softc *tun_find_unit(dev_t); 91 static struct tun_softc *tun_find_zunit(int); 92 93 static dev_type_open(tunopen); 94 static dev_type_close(tunclose); 95 static dev_type_read(tunread); 96 static dev_type_write(tunwrite); 97 static dev_type_ioctl(tunioctl); 98 static dev_type_poll(tunpoll); 99 static dev_type_kqfilter(tunkqfilter); 100 101 const struct cdevsw tun_cdevsw = { 102 tunopen, tunclose, tunread, tunwrite, tunioctl, 103 nostop, notty, tunpoll, nommap, tunkqfilter, D_OTHER, 104 }; 105 106 void 107 tunattach(int unused) 108 { 109 110 simple_lock_init(&tun_softc_lock); 111 LIST_INIT(&tun_softc_list); 112 LIST_INIT(&tunz_softc_list); 113 if_clone_attach(&tun_cloner); 114 } 115 116 /* 117 * Find driver instance from dev_t. 118 * Call at splnet(). 119 * Returns with tp locked (if found). 120 */ 121 static struct tun_softc * 122 tun_find_unit(dev_t dev) 123 { 124 struct tun_softc *tp; 125 int unit = minor(dev); 126 127 simple_lock(&tun_softc_lock); 128 LIST_FOREACH(tp, &tun_softc_list, tun_list) 129 if (unit == tp->tun_unit) 130 break; 131 if (tp) 132 simple_lock(&tp->tun_lock); 133 simple_unlock(&tun_softc_lock); 134 135 return (tp); 136 } 137 138 /* 139 * Find zombie driver instance by unit number. 140 * Call at splnet(). 141 * Remove tp from list and return it unlocked (if found). 142 */ 143 static struct tun_softc * 144 tun_find_zunit(int unit) 145 { 146 struct tun_softc *tp; 147 148 simple_lock(&tun_softc_lock); 149 LIST_FOREACH(tp, &tunz_softc_list, tun_list) 150 if (unit == tp->tun_unit) 151 break; 152 if (tp) 153 LIST_REMOVE(tp, tun_list); 154 simple_unlock(&tun_softc_lock); 155 #ifdef DIAGNOSTIC 156 if (tp != NULL && (tp->tun_flags & (TUN_INITED|TUN_OPEN)) != TUN_OPEN) 157 printf("tun%d: inconsistent flags: %x\n", unit, tp->tun_flags); 158 #endif 159 160 return (tp); 161 } 162 163 static int 164 tun_clone_create(struct if_clone *ifc, int unit) 165 { 166 struct tun_softc *tp; 167 168 if ((tp = tun_find_zunit(unit)) == NULL) { 169 /* Allocate a new instance */ 170 tp = malloc(sizeof(*tp), M_DEVBUF, M_WAITOK|M_ZERO); 171 172 tp->tun_unit = unit; 173 simple_lock_init(&tp->tun_lock); 174 selinit(&tp->tun_rsel); 175 selinit(&tp->tun_wsel); 176 } else { 177 /* Revive tunnel instance; clear ifp part */ 178 (void)memset(&tp->tun_if, 0, sizeof(struct ifnet)); 179 } 180 181 if_initname(&tp->tun_if, ifc->ifc_name, unit); 182 tunattach0(tp); 183 tp->tun_flags |= TUN_INITED; 184 tp->tun_osih = softint_establish(SOFTINT_CLOCK, tun_o_softintr, tp); 185 tp->tun_isih = softint_establish(SOFTINT_CLOCK, tun_i_softintr, tp); 186 187 simple_lock(&tun_softc_lock); 188 LIST_INSERT_HEAD(&tun_softc_list, tp, tun_list); 189 simple_unlock(&tun_softc_lock); 190 191 return (0); 192 } 193 194 static void 195 tunattach0(struct tun_softc *tp) 196 { 197 struct ifnet *ifp; 198 199 ifp = &tp->tun_if; 200 ifp->if_softc = tp; 201 ifp->if_mtu = TUNMTU; 202 ifp->if_ioctl = tun_ioctl; 203 ifp->if_output = tun_output; 204 #ifdef ALTQ 205 ifp->if_start = tunstart; 206 #endif 207 ifp->if_flags = IFF_POINTOPOINT; 208 ifp->if_type = IFT_TUNNEL; 209 ifp->if_snd.ifq_maxlen = ifqmaxlen; 210 ifp->if_collisions = 0; 211 ifp->if_ierrors = 0; 212 ifp->if_oerrors = 0; 213 ifp->if_ipackets = 0; 214 ifp->if_opackets = 0; 215 ifp->if_ibytes = 0; 216 ifp->if_obytes = 0; 217 ifp->if_dlt = DLT_NULL; 218 IFQ_SET_READY(&ifp->if_snd); 219 if_attach(ifp); 220 if_alloc_sadl(ifp); 221 #if NBPFILTER > 0 222 bpfattach(ifp, DLT_NULL, sizeof(uint32_t)); 223 #endif 224 } 225 226 static int 227 tun_clone_destroy(struct ifnet *ifp) 228 { 229 struct tun_softc *tp = (void *)ifp; 230 int s, zombie = 0; 231 232 s = splnet(); 233 simple_lock(&tun_softc_lock); 234 simple_lock(&tp->tun_lock); 235 LIST_REMOVE(tp, tun_list); 236 if (tp->tun_flags & TUN_OPEN) { 237 /* Hang on to storage until last close */ 238 zombie = 1; 239 tp->tun_flags &= ~TUN_INITED; 240 LIST_INSERT_HEAD(&tunz_softc_list, tp, tun_list); 241 } 242 simple_unlock(&tun_softc_lock); 243 244 IF_PURGE(&ifp->if_snd); 245 ifp->if_flags &= ~IFF_RUNNING; 246 247 if (tp->tun_flags & TUN_RWAIT) { 248 tp->tun_flags &= ~TUN_RWAIT; 249 wakeup((void *)tp); 250 } 251 selnotify(&tp->tun_rsel, 0, 0); 252 253 simple_unlock(&tp->tun_lock); 254 splx(s); 255 256 if (tp->tun_flags & TUN_ASYNC && tp->tun_pgid) 257 fownsignal(tp->tun_pgid, SIGIO, POLL_HUP, 0, NULL); 258 259 #if NBPFILTER > 0 260 bpfdetach(ifp); 261 #endif 262 if_detach(ifp); 263 264 if (!zombie) { 265 seldestroy(&tp->tun_rsel); 266 seldestroy(&tp->tun_wsel); 267 softint_disestablish(tp->tun_osih); 268 softint_disestablish(tp->tun_isih); 269 free(tp, M_DEVBUF); 270 } 271 272 return (0); 273 } 274 275 /* 276 * tunnel open - must be superuser & the device must be 277 * configured in 278 */ 279 static int 280 tunopen(dev_t dev, int flag, int mode, struct lwp *l) 281 { 282 struct ifnet *ifp; 283 struct tun_softc *tp; 284 int s, error; 285 286 error = kauth_authorize_network(l->l_cred, KAUTH_NETWORK_INTERFACE_TUN, 287 KAUTH_REQ_NETWORK_INTERFACE_TUN_ADD, NULL, NULL, NULL); 288 if (error) 289 return (error); 290 291 s = splnet(); 292 tp = tun_find_unit(dev); 293 294 if (tp == NULL) { 295 (void)tun_clone_create(&tun_cloner, minor(dev)); 296 tp = tun_find_unit(dev); 297 if (tp == NULL) { 298 error = ENXIO; 299 goto out_nolock; 300 } 301 } 302 303 if (tp->tun_flags & TUN_OPEN) { 304 error = EBUSY; 305 goto out; 306 } 307 308 ifp = &tp->tun_if; 309 tp->tun_flags |= TUN_OPEN; 310 TUNDEBUG("%s: open\n", ifp->if_xname); 311 out: 312 simple_unlock(&tp->tun_lock); 313 out_nolock: 314 splx(s); 315 return (error); 316 } 317 318 /* 319 * tunclose - close the device - mark i/f down & delete 320 * routing info 321 */ 322 int 323 tunclose(dev_t dev, int flag, int mode, 324 struct lwp *l) 325 { 326 int s; 327 struct tun_softc *tp; 328 struct ifnet *ifp; 329 330 s = splnet(); 331 if ((tp = tun_find_zunit(minor(dev))) != NULL) { 332 /* interface was "destroyed" before the close */ 333 seldestroy(&tp->tun_rsel); 334 seldestroy(&tp->tun_wsel); 335 softint_disestablish(tp->tun_osih); 336 softint_disestablish(tp->tun_isih); 337 free(tp, M_DEVBUF); 338 goto out_nolock; 339 } 340 341 if ((tp = tun_find_unit(dev)) == NULL) 342 goto out_nolock; 343 344 ifp = &tp->tun_if; 345 346 tp->tun_flags &= ~TUN_OPEN; 347 348 /* 349 * junk all pending output 350 */ 351 IFQ_PURGE(&ifp->if_snd); 352 353 if (ifp->if_flags & IFF_UP) { 354 if_down(ifp); 355 if (ifp->if_flags & IFF_RUNNING) { 356 /* find internet addresses and delete routes */ 357 struct ifaddr *ifa; 358 IFADDR_FOREACH(ifa, ifp) { 359 #if defined(INET) || defined(INET6) 360 if (ifa->ifa_addr->sa_family == AF_INET || 361 ifa->ifa_addr->sa_family == AF_INET6) { 362 rtinit(ifa, (int)RTM_DELETE, 363 tp->tun_flags & TUN_DSTADDR 364 ? RTF_HOST 365 : 0); 366 } 367 #endif 368 } 369 } 370 } 371 tp->tun_pgid = 0; 372 selnotify(&tp->tun_rsel, 0, 0); 373 374 TUNDEBUG ("%s: closed\n", ifp->if_xname); 375 simple_unlock(&tp->tun_lock); 376 out_nolock: 377 splx(s); 378 return (0); 379 } 380 381 /* 382 * Call at splnet(). 383 */ 384 static void 385 tuninit(struct tun_softc *tp) 386 { 387 struct ifnet *ifp = &tp->tun_if; 388 struct ifaddr *ifa; 389 390 TUNDEBUG("%s: tuninit\n", ifp->if_xname); 391 392 simple_lock(&tp->tun_lock); 393 ifp->if_flags |= IFF_UP | IFF_RUNNING; 394 395 tp->tun_flags &= ~(TUN_IASET|TUN_DSTADDR); 396 IFADDR_FOREACH(ifa, ifp) { 397 #ifdef INET 398 if (ifa->ifa_addr->sa_family == AF_INET) { 399 struct sockaddr_in *sin; 400 401 sin = satosin(ifa->ifa_addr); 402 if (sin && sin->sin_addr.s_addr) 403 tp->tun_flags |= TUN_IASET; 404 405 if (ifp->if_flags & IFF_POINTOPOINT) { 406 sin = satosin(ifa->ifa_dstaddr); 407 if (sin && sin->sin_addr.s_addr) 408 tp->tun_flags |= TUN_DSTADDR; 409 } 410 } 411 #endif 412 #ifdef INET6 413 if (ifa->ifa_addr->sa_family == AF_INET6) { 414 struct sockaddr_in6 *sin; 415 416 sin = (struct sockaddr_in6 *)ifa->ifa_addr; 417 if (!IN6_IS_ADDR_UNSPECIFIED(&sin->sin6_addr)) 418 tp->tun_flags |= TUN_IASET; 419 420 if (ifp->if_flags & IFF_POINTOPOINT) { 421 sin = (struct sockaddr_in6 *)ifa->ifa_dstaddr; 422 if (sin && 423 !IN6_IS_ADDR_UNSPECIFIED(&sin->sin6_addr)) 424 tp->tun_flags |= TUN_DSTADDR; 425 } else 426 tp->tun_flags &= ~TUN_DSTADDR; 427 } 428 #endif /* INET6 */ 429 } 430 431 simple_unlock(&tp->tun_lock); 432 return; 433 } 434 435 /* 436 * Process an ioctl request. 437 */ 438 static int 439 tun_ioctl(struct ifnet *ifp, u_long cmd, void *data) 440 { 441 int error = 0, s; 442 struct tun_softc *tp = (struct tun_softc *)(ifp->if_softc); 443 struct ifreq *ifr = data; 444 445 s = splnet(); 446 447 switch (cmd) { 448 case SIOCINITIFADDR: 449 tuninit(tp); 450 TUNDEBUG("%s: address set\n", ifp->if_xname); 451 break; 452 case SIOCSIFDSTADDR: 453 tuninit(tp); 454 TUNDEBUG("%s: destination address set\n", ifp->if_xname); 455 break; 456 case SIOCSIFBRDADDR: 457 TUNDEBUG("%s: broadcast address set\n", ifp->if_xname); 458 break; 459 case SIOCSIFMTU: 460 if (ifr->ifr_mtu > TUNMTU || ifr->ifr_mtu < 576) { 461 error = EINVAL; 462 break; 463 } 464 TUNDEBUG("%s: interface mtu set\n", ifp->if_xname); 465 if ((error = ifioctl_common(ifp, cmd, data)) == ENETRESET) 466 error = 0; 467 break; 468 case SIOCADDMULTI: 469 case SIOCDELMULTI: 470 if (ifr == NULL) { 471 error = EAFNOSUPPORT; /* XXX */ 472 break; 473 } 474 switch (ifreq_getaddr(cmd, ifr)->sa_family) { 475 #ifdef INET 476 case AF_INET: 477 break; 478 #endif 479 #ifdef INET6 480 case AF_INET6: 481 break; 482 #endif 483 default: 484 error = EAFNOSUPPORT; 485 break; 486 } 487 break; 488 default: 489 error = ifioctl_common(ifp, cmd, data); 490 } 491 492 splx(s); 493 return (error); 494 } 495 496 /* 497 * tun_output - queue packets from higher level ready to put out. 498 */ 499 static int 500 tun_output(struct ifnet *ifp, struct mbuf *m0, const struct sockaddr *dst, 501 struct rtentry *rt) 502 { 503 struct tun_softc *tp = ifp->if_softc; 504 int s; 505 int error; 506 #if defined(INET) || defined(INET6) 507 int mlen; 508 uint32_t *af; 509 #endif 510 ALTQ_DECL(struct altq_pktattr pktattr;) 511 512 s = splnet(); 513 simple_lock(&tp->tun_lock); 514 TUNDEBUG ("%s: tun_output\n", ifp->if_xname); 515 516 if ((tp->tun_flags & TUN_READY) != TUN_READY) { 517 TUNDEBUG ("%s: not ready 0%o\n", ifp->if_xname, 518 tp->tun_flags); 519 m_freem (m0); 520 error = EHOSTDOWN; 521 goto out; 522 } 523 524 /* 525 * if the queueing discipline needs packet classification, 526 * do it before prepending link headers. 527 */ 528 IFQ_CLASSIFY(&ifp->if_snd, m0, dst->sa_family, &pktattr); 529 530 #if NBPFILTER > 0 531 if (ifp->if_bpf) 532 bpf_mtap_af(ifp->if_bpf, dst->sa_family, m0); 533 #endif 534 535 switch(dst->sa_family) { 536 #ifdef INET6 537 case AF_INET6: 538 #endif 539 #ifdef INET 540 case AF_INET: 541 #endif 542 #if defined(INET) || defined(INET6) 543 if (tp->tun_flags & TUN_PREPADDR) { 544 /* Simple link-layer header */ 545 M_PREPEND(m0, dst->sa_len, M_DONTWAIT); 546 if (m0 == NULL) { 547 IF_DROP(&ifp->if_snd); 548 error = ENOBUFS; 549 goto out; 550 } 551 bcopy(dst, mtod(m0, char *), dst->sa_len); 552 } 553 554 if (tp->tun_flags & TUN_IFHEAD) { 555 /* Prepend the address family */ 556 M_PREPEND(m0, sizeof(*af), M_DONTWAIT); 557 if (m0 == NULL) { 558 IF_DROP(&ifp->if_snd); 559 error = ENOBUFS; 560 goto out; 561 } 562 af = mtod(m0,uint32_t *); 563 *af = htonl(dst->sa_family); 564 } else { 565 #ifdef INET 566 if (dst->sa_family != AF_INET) 567 #endif 568 { 569 m_freem(m0); 570 error = EAFNOSUPPORT; 571 goto out; 572 } 573 } 574 /* FALLTHROUGH */ 575 case AF_UNSPEC: 576 IFQ_ENQUEUE(&ifp->if_snd, m0, &pktattr, error); 577 if (error) { 578 ifp->if_collisions++; 579 error = EAFNOSUPPORT; 580 goto out; 581 } 582 mlen = m0->m_pkthdr.len; 583 ifp->if_opackets++; 584 ifp->if_obytes += mlen; 585 break; 586 #endif 587 default: 588 m_freem(m0); 589 error = EAFNOSUPPORT; 590 goto out; 591 } 592 593 if (tp->tun_flags & TUN_RWAIT) { 594 tp->tun_flags &= ~TUN_RWAIT; 595 wakeup((void *)tp); 596 } 597 if (tp->tun_flags & TUN_ASYNC && tp->tun_pgid) 598 softint_schedule(tp->tun_isih); 599 600 selnotify(&tp->tun_rsel, 0, 0); 601 out: 602 simple_unlock(&tp->tun_lock); 603 splx(s); 604 return (0); 605 } 606 607 static void 608 tun_i_softintr(void *cookie) 609 { 610 struct tun_softc *tp = cookie; 611 612 if (tp->tun_flags & TUN_ASYNC && tp->tun_pgid) 613 fownsignal(tp->tun_pgid, SIGIO, POLL_IN, POLLIN|POLLRDNORM, 614 NULL); 615 } 616 617 static void 618 tun_o_softintr(void *cookie) 619 { 620 struct tun_softc *tp = cookie; 621 622 if (tp->tun_flags & TUN_ASYNC && tp->tun_pgid) 623 fownsignal(tp->tun_pgid, SIGIO, POLL_OUT, POLLOUT|POLLWRNORM, 624 NULL); 625 } 626 627 /* 628 * the cdevsw interface is now pretty minimal. 629 */ 630 int 631 tunioctl(dev_t dev, u_long cmd, void *data, int flag, struct lwp *l) 632 { 633 struct tun_softc *tp; 634 int s, error = 0; 635 636 s = splnet(); 637 tp = tun_find_unit(dev); 638 639 /* interface was "destroyed" already */ 640 if (tp == NULL) { 641 error = ENXIO; 642 goto out_nolock; 643 } 644 645 switch (cmd) { 646 case TUNSDEBUG: 647 tundebug = *(int *)data; 648 break; 649 650 case TUNGDEBUG: 651 *(int *)data = tundebug; 652 break; 653 654 case TUNSIFMODE: 655 switch (*(int *)data & (IFF_POINTOPOINT|IFF_BROADCAST)) { 656 case IFF_POINTOPOINT: 657 case IFF_BROADCAST: 658 if (tp->tun_if.if_flags & IFF_UP) { 659 error = EBUSY; 660 goto out; 661 } 662 tp->tun_if.if_flags &= 663 ~(IFF_BROADCAST|IFF_POINTOPOINT|IFF_MULTICAST); 664 tp->tun_if.if_flags |= *(int *)data; 665 break; 666 default: 667 error = EINVAL; 668 goto out; 669 } 670 break; 671 672 case TUNSLMODE: 673 if (*(int *)data) { 674 tp->tun_flags |= TUN_PREPADDR; 675 tp->tun_flags &= ~TUN_IFHEAD; 676 } else 677 tp->tun_flags &= ~TUN_PREPADDR; 678 break; 679 680 case TUNSIFHEAD: 681 if (*(int *)data) { 682 tp->tun_flags |= TUN_IFHEAD; 683 tp->tun_flags &= ~TUN_PREPADDR; 684 } else 685 tp->tun_flags &= ~TUN_IFHEAD; 686 break; 687 688 case TUNGIFHEAD: 689 *(int *)data = (tp->tun_flags & TUN_IFHEAD); 690 break; 691 692 case FIONBIO: 693 if (*(int *)data) 694 tp->tun_flags |= TUN_NBIO; 695 else 696 tp->tun_flags &= ~TUN_NBIO; 697 break; 698 699 case FIOASYNC: 700 if (*(int *)data) 701 tp->tun_flags |= TUN_ASYNC; 702 else 703 tp->tun_flags &= ~TUN_ASYNC; 704 break; 705 706 case FIONREAD: 707 if (tp->tun_if.if_snd.ifq_head) 708 *(int *)data = tp->tun_if.if_snd.ifq_head->m_pkthdr.len; 709 else 710 *(int *)data = 0; 711 break; 712 713 case TIOCSPGRP: 714 case FIOSETOWN: 715 error = fsetown(&tp->tun_pgid, cmd, data); 716 break; 717 718 case TIOCGPGRP: 719 case FIOGETOWN: 720 error = fgetown(tp->tun_pgid, cmd, data); 721 break; 722 723 default: 724 error = ENOTTY; 725 } 726 727 out: 728 simple_unlock(&tp->tun_lock); 729 out_nolock: 730 splx(s); 731 return (error); 732 } 733 734 /* 735 * The cdevsw read interface - reads a packet at a time, or at 736 * least as much of a packet as can be read. 737 */ 738 int 739 tunread(dev_t dev, struct uio *uio, int ioflag) 740 { 741 struct tun_softc *tp; 742 struct ifnet *ifp; 743 struct mbuf *m, *m0; 744 int error = 0, len, s, index; 745 746 s = splnet(); 747 tp = tun_find_unit(dev); 748 749 /* interface was "destroyed" already */ 750 if (tp == NULL) { 751 error = ENXIO; 752 goto out_nolock; 753 } 754 755 index = tp->tun_if.if_index; 756 ifp = &tp->tun_if; 757 758 TUNDEBUG ("%s: read\n", ifp->if_xname); 759 if ((tp->tun_flags & TUN_READY) != TUN_READY) { 760 TUNDEBUG ("%s: not ready 0%o\n", ifp->if_xname, tp->tun_flags); 761 error = EHOSTDOWN; 762 goto out; 763 } 764 765 tp->tun_flags &= ~TUN_RWAIT; 766 767 do { 768 IFQ_DEQUEUE(&ifp->if_snd, m0); 769 if (m0 == 0) { 770 if (tp->tun_flags & TUN_NBIO) { 771 error = EWOULDBLOCK; 772 goto out; 773 } 774 tp->tun_flags |= TUN_RWAIT; 775 if (ltsleep((void *)tp, PZERO|PCATCH|PNORELOCK, 776 "tunread", 0, &tp->tun_lock) != 0) { 777 error = EINTR; 778 goto out_nolock; 779 } else { 780 /* 781 * Maybe the interface was destroyed while 782 * we were sleeping, so let's ensure that 783 * we're looking at the same (valid) tun 784 * interface before looping. 785 */ 786 tp = tun_find_unit(dev); 787 if (tp == NULL) { 788 error = ENXIO; 789 goto out_nolock; 790 } 791 if (tp->tun_if.if_index != index) { 792 error = ENXIO; 793 goto out; 794 } 795 } 796 } 797 } while (m0 == 0); 798 799 simple_unlock(&tp->tun_lock); 800 splx(s); 801 802 /* Copy the mbuf chain */ 803 while (m0 && uio->uio_resid > 0 && error == 0) { 804 len = min(uio->uio_resid, m0->m_len); 805 if (len != 0) 806 error = uiomove(mtod(m0, void *), len, uio); 807 MFREE(m0, m); 808 m0 = m; 809 } 810 811 if (m0) { 812 TUNDEBUG("Dropping mbuf\n"); 813 m_freem(m0); 814 } 815 if (error) 816 ifp->if_ierrors++; 817 818 return (error); 819 820 out: 821 simple_unlock(&tp->tun_lock); 822 out_nolock: 823 splx(s); 824 return (error); 825 } 826 827 /* 828 * the cdevsw write interface - an atomic write is a packet - or else! 829 */ 830 int 831 tunwrite(dev_t dev, struct uio *uio, int ioflag) 832 { 833 struct tun_softc *tp; 834 struct ifnet *ifp; 835 struct mbuf *top, **mp, *m; 836 struct ifqueue *ifq; 837 struct sockaddr dst; 838 int isr, error = 0, s, tlen, mlen; 839 uint32_t family; 840 841 s = splnet(); 842 tp = tun_find_unit(dev); 843 844 /* interface was "destroyed" already */ 845 if (tp == NULL) { 846 error = ENXIO; 847 goto out_nolock; 848 } 849 850 /* Unlock until we've got the data */ 851 simple_unlock(&tp->tun_lock); 852 splx(s); 853 854 ifp = &tp->tun_if; 855 856 TUNDEBUG("%s: tunwrite\n", ifp->if_xname); 857 858 if (tp->tun_flags & TUN_PREPADDR) { 859 if (uio->uio_resid < sizeof(dst)) { 860 error = EIO; 861 goto out0; 862 } 863 error = uiomove((void *)&dst, sizeof(dst), uio); 864 if (dst.sa_len > sizeof(dst)) { 865 /* Duh.. */ 866 char discard; 867 int n = dst.sa_len - sizeof(dst); 868 while (n--) 869 if ((error = uiomove(&discard, 1, uio)) != 0) { 870 goto out0; 871 } 872 } 873 } else if (tp->tun_flags & TUN_IFHEAD) { 874 if (uio->uio_resid < sizeof(family)){ 875 error = EIO; 876 goto out0; 877 } 878 error = uiomove((void *)&family, sizeof(family), uio); 879 dst.sa_family = ntohl(family); 880 } else { 881 #ifdef INET 882 dst.sa_family = AF_INET; 883 #endif 884 } 885 886 if (uio->uio_resid > TUNMTU) { 887 TUNDEBUG("%s: len=%lu!\n", ifp->if_xname, 888 (unsigned long)uio->uio_resid); 889 error = EIO; 890 goto out0; 891 } 892 893 switch (dst.sa_family) { 894 #ifdef INET 895 case AF_INET: 896 ifq = &ipintrq; 897 isr = NETISR_IP; 898 break; 899 #endif 900 #ifdef INET6 901 case AF_INET6: 902 ifq = &ip6intrq; 903 isr = NETISR_IPV6; 904 break; 905 #endif 906 default: 907 error = EAFNOSUPPORT; 908 goto out0; 909 } 910 911 tlen = uio->uio_resid; 912 913 /* get a header mbuf */ 914 MGETHDR(m, M_DONTWAIT, MT_DATA); 915 if (m == NULL) { 916 error = ENOBUFS; 917 goto out0; 918 } 919 mlen = MHLEN; 920 921 top = NULL; 922 mp = ⊤ 923 while (error == 0 && uio->uio_resid > 0) { 924 m->m_len = min(mlen, uio->uio_resid); 925 error = uiomove(mtod(m, void *), m->m_len, uio); 926 *mp = m; 927 mp = &m->m_next; 928 if (error == 0 && uio->uio_resid > 0) { 929 MGET(m, M_DONTWAIT, MT_DATA); 930 if (m == NULL) { 931 error = ENOBUFS; 932 break; 933 } 934 mlen = MLEN; 935 } 936 } 937 if (error) { 938 if (top != NULL) 939 m_freem (top); 940 ifp->if_ierrors++; 941 goto out0; 942 } 943 944 top->m_pkthdr.len = tlen; 945 top->m_pkthdr.rcvif = ifp; 946 947 #if NBPFILTER > 0 948 if (ifp->if_bpf) 949 bpf_mtap_af(ifp->if_bpf, dst.sa_family, top); 950 #endif 951 952 s = splnet(); 953 simple_lock(&tp->tun_lock); 954 if ((tp->tun_flags & TUN_INITED) == 0) { 955 /* Interface was destroyed */ 956 error = ENXIO; 957 goto out; 958 } 959 if (IF_QFULL(ifq)) { 960 IF_DROP(ifq); 961 ifp->if_collisions++; 962 m_freem(top); 963 error = ENOBUFS; 964 goto out; 965 } 966 967 IF_ENQUEUE(ifq, top); 968 ifp->if_ipackets++; 969 ifp->if_ibytes += tlen; 970 schednetisr(isr); 971 out: 972 simple_unlock(&tp->tun_lock); 973 out_nolock: 974 splx(s); 975 out0: 976 return (error); 977 } 978 979 #ifdef ALTQ 980 /* 981 * Start packet transmission on the interface. 982 * when the interface queue is rate-limited by ALTQ or TBR, 983 * if_start is needed to drain packets from the queue in order 984 * to notify readers when outgoing packets become ready. 985 * 986 * Should be called at splnet. 987 */ 988 static void 989 tunstart(struct ifnet *ifp) 990 { 991 struct tun_softc *tp = ifp->if_softc; 992 993 if (!ALTQ_IS_ENABLED(&ifp->if_snd) && !TBR_IS_ENABLED(&ifp->if_snd)) 994 return; 995 996 simple_lock(&tp->tun_lock); 997 if (!IF_IS_EMPTY(&ifp->if_snd)) { 998 if (tp->tun_flags & TUN_RWAIT) { 999 tp->tun_flags &= ~TUN_RWAIT; 1000 wakeup((void *)tp); 1001 } 1002 if (tp->tun_flags & TUN_ASYNC && tp->tun_pgid) 1003 softint_schedule(tp->tun_osih); 1004 1005 selnotify(&tp->tun_rsel, 0, 0); 1006 } 1007 simple_unlock(&tp->tun_lock); 1008 } 1009 #endif /* ALTQ */ 1010 /* 1011 * tunpoll - the poll interface, this is only useful on reads 1012 * really. The write detect always returns true, write never blocks 1013 * anyway, it either accepts the packet or drops it. 1014 */ 1015 int 1016 tunpoll(dev_t dev, int events, struct lwp *l) 1017 { 1018 struct tun_softc *tp; 1019 struct ifnet *ifp; 1020 int s, revents = 0; 1021 1022 s = splnet(); 1023 tp = tun_find_unit(dev); 1024 1025 /* interface was "destroyed" already */ 1026 if (tp == NULL) 1027 goto out_nolock; 1028 1029 ifp = &tp->tun_if; 1030 1031 TUNDEBUG("%s: tunpoll\n", ifp->if_xname); 1032 1033 if (events & (POLLIN | POLLRDNORM)) { 1034 if (!IFQ_IS_EMPTY(&ifp->if_snd)) { 1035 TUNDEBUG("%s: tunpoll q=%d\n", ifp->if_xname, 1036 ifp->if_snd.ifq_len); 1037 revents |= events & (POLLIN | POLLRDNORM); 1038 } else { 1039 TUNDEBUG("%s: tunpoll waiting\n", ifp->if_xname); 1040 selrecord(l, &tp->tun_rsel); 1041 } 1042 } 1043 1044 if (events & (POLLOUT | POLLWRNORM)) 1045 revents |= events & (POLLOUT | POLLWRNORM); 1046 1047 simple_unlock(&tp->tun_lock); 1048 out_nolock: 1049 splx(s); 1050 return (revents); 1051 } 1052 1053 static void 1054 filt_tunrdetach(struct knote *kn) 1055 { 1056 struct tun_softc *tp = kn->kn_hook; 1057 int s; 1058 1059 s = splnet(); 1060 SLIST_REMOVE(&tp->tun_rsel.sel_klist, kn, knote, kn_selnext); 1061 splx(s); 1062 } 1063 1064 static int 1065 filt_tunread(struct knote *kn, long hint) 1066 { 1067 struct tun_softc *tp = kn->kn_hook; 1068 struct ifnet *ifp = &tp->tun_if; 1069 struct mbuf *m; 1070 int s; 1071 1072 s = splnet(); 1073 IF_POLL(&ifp->if_snd, m); 1074 if (m == NULL) { 1075 splx(s); 1076 return (0); 1077 } 1078 1079 for (kn->kn_data = 0; m != NULL; m = m->m_next) 1080 kn->kn_data += m->m_len; 1081 1082 splx(s); 1083 return (1); 1084 } 1085 1086 static const struct filterops tunread_filtops = 1087 { 1, NULL, filt_tunrdetach, filt_tunread }; 1088 1089 static const struct filterops tun_seltrue_filtops = 1090 { 1, NULL, filt_tunrdetach, filt_seltrue }; 1091 1092 int 1093 tunkqfilter(dev_t dev, struct knote *kn) 1094 { 1095 struct tun_softc *tp; 1096 struct klist *klist; 1097 int rv = 0, s; 1098 1099 s = splnet(); 1100 tp = tun_find_unit(dev); 1101 if (tp == NULL) 1102 goto out_nolock; 1103 1104 switch (kn->kn_filter) { 1105 case EVFILT_READ: 1106 klist = &tp->tun_rsel.sel_klist; 1107 kn->kn_fop = &tunread_filtops; 1108 break; 1109 1110 case EVFILT_WRITE: 1111 klist = &tp->tun_rsel.sel_klist; 1112 kn->kn_fop = &tun_seltrue_filtops; 1113 break; 1114 1115 default: 1116 rv = EINVAL; 1117 goto out; 1118 } 1119 1120 kn->kn_hook = tp; 1121 1122 SLIST_INSERT_HEAD(klist, kn, kn_selnext); 1123 1124 out: 1125 simple_unlock(&tp->tun_lock); 1126 out_nolock: 1127 splx(s); 1128 return (rv); 1129 } 1130