1 /* $NetBSD: if_tun.c,v 1.144 2018/06/26 06:48:02 msaitoh Exp $ */ 2 3 /* 4 * Copyright (c) 1988, Julian Onions <jpo@cs.nott.ac.uk> 5 * Nottingham University 1987. 6 * 7 * This source may be freely distributed, however I would be interested 8 * in any changes that are made. 9 * 10 * This driver takes packets off the IP i/f and hands them up to a 11 * user process to have its wicked way with. This driver has its 12 * roots in a similar driver written by Phil Cockcroft (formerly) at 13 * UCL. This driver is based much more on read/write/poll mode of 14 * operation though. 15 */ 16 17 /* 18 * tun - tunnel software network interface. 19 */ 20 21 #include <sys/cdefs.h> 22 __KERNEL_RCSID(0, "$NetBSD: if_tun.c,v 1.144 2018/06/26 06:48:02 msaitoh Exp $"); 23 24 #ifdef _KERNEL_OPT 25 #include "opt_inet.h" 26 #endif 27 28 #include <sys/param.h> 29 30 #include <sys/buf.h> 31 #include <sys/conf.h> 32 #include <sys/cpu.h> 33 #include <sys/device.h> 34 #include <sys/file.h> 35 #include <sys/ioctl.h> 36 #include <sys/kauth.h> 37 #include <sys/kmem.h> 38 #include <sys/lwp.h> 39 #include <sys/mbuf.h> 40 #include <sys/module.h> 41 #include <sys/mutex.h> 42 #include <sys/poll.h> 43 #include <sys/select.h> 44 #include <sys/signalvar.h> 45 #include <sys/socket.h> 46 47 #include <net/bpf.h> 48 #include <net/if.h> 49 #include <net/if_types.h> 50 #include <net/route.h> 51 52 #ifdef INET 53 #include <netinet/in.h> 54 #include <netinet/in_systm.h> 55 #include <netinet/in_var.h> 56 #include <netinet/ip.h> 57 #include <netinet/if_inarp.h> 58 #endif 59 60 #include <net/if_tun.h> 61 62 #include "ioconf.h" 63 64 #define TUNDEBUG if (tundebug) printf 65 int tundebug = 0; 66 67 extern int ifqmaxlen; 68 69 static LIST_HEAD(, tun_softc) tun_softc_list; 70 static LIST_HEAD(, tun_softc) tunz_softc_list; 71 static kmutex_t tun_softc_lock; 72 73 static int tun_ioctl(struct ifnet *, u_long, void *); 74 static int tun_output(struct ifnet *, struct mbuf *, 75 const struct sockaddr *, const struct rtentry *rt); 76 static int tun_clone_create(struct if_clone *, int); 77 static int tun_clone_destroy(struct ifnet *); 78 79 static struct if_clone tun_cloner = 80 IF_CLONE_INITIALIZER("tun", tun_clone_create, tun_clone_destroy); 81 82 static void tunattach0(struct tun_softc *); 83 static void tun_enable(struct tun_softc *, const struct ifaddr *); 84 static void tun_i_softintr(void *); 85 static void tun_o_softintr(void *); 86 #ifdef ALTQ 87 static void tunstart(struct ifnet *); 88 #endif 89 static struct tun_softc *tun_find_unit(dev_t); 90 static struct tun_softc *tun_find_zunit(int); 91 92 static dev_type_open(tunopen); 93 static dev_type_close(tunclose); 94 static dev_type_read(tunread); 95 static dev_type_write(tunwrite); 96 static dev_type_ioctl(tunioctl); 97 static dev_type_poll(tunpoll); 98 static dev_type_kqfilter(tunkqfilter); 99 100 const struct cdevsw tun_cdevsw = { 101 .d_open = tunopen, 102 .d_close = tunclose, 103 .d_read = tunread, 104 .d_write = tunwrite, 105 .d_ioctl = tunioctl, 106 .d_stop = nostop, 107 .d_tty = notty, 108 .d_poll = tunpoll, 109 .d_mmap = nommap, 110 .d_kqfilter = tunkqfilter, 111 .d_discard = nodiscard, 112 .d_flag = D_OTHER | D_MPSAFE 113 }; 114 115 #ifdef _MODULE 116 devmajor_t tun_bmajor = -1, tun_cmajor = -1; 117 #endif 118 119 void 120 tunattach(int unused) 121 { 122 123 /* 124 * Nothing to do here, initialization is handled by the 125 * module initialization code in tuninit() below). 126 */ 127 } 128 129 static void 130 tuninit(void) 131 { 132 133 mutex_init(&tun_softc_lock, MUTEX_DEFAULT, IPL_NET); 134 LIST_INIT(&tun_softc_list); 135 LIST_INIT(&tunz_softc_list); 136 if_clone_attach(&tun_cloner); 137 #ifdef _MODULE 138 devsw_attach("tun", NULL, &tun_bmajor, &tun_cdevsw, &tun_cmajor); 139 #endif 140 } 141 142 static int 143 tundetach(void) 144 { 145 int error = 0; 146 147 if (!LIST_EMPTY(&tun_softc_list) || !LIST_EMPTY(&tunz_softc_list)) 148 error = EBUSY; 149 150 #ifdef _MODULE 151 if (error == 0) 152 error = devsw_detach(NULL, &tun_cdevsw); 153 #endif 154 if (error == 0) { 155 if_clone_detach(&tun_cloner); 156 mutex_destroy(&tun_softc_lock); 157 } 158 159 return error; 160 } 161 162 /* 163 * Find driver instance from dev_t. 164 * Returns with tp locked (if found). 165 */ 166 static struct tun_softc * 167 tun_find_unit(dev_t dev) 168 { 169 struct tun_softc *tp; 170 int unit = minor(dev); 171 172 mutex_enter(&tun_softc_lock); 173 LIST_FOREACH(tp, &tun_softc_list, tun_list) 174 if (unit == tp->tun_unit) 175 break; 176 if (tp) 177 mutex_enter(&tp->tun_lock); 178 mutex_exit(&tun_softc_lock); 179 180 return tp; 181 } 182 183 /* 184 * Find zombie driver instance by unit number. 185 * Remove tp from list and return it unlocked (if found). 186 */ 187 static struct tun_softc * 188 tun_find_zunit(int unit) 189 { 190 struct tun_softc *tp; 191 192 mutex_enter(&tun_softc_lock); 193 LIST_FOREACH(tp, &tunz_softc_list, tun_list) 194 if (unit == tp->tun_unit) 195 break; 196 if (tp) 197 LIST_REMOVE(tp, tun_list); 198 mutex_exit(&tun_softc_lock); 199 KASSERTMSG(!tp || (tp->tun_flags & (TUN_INITED|TUN_OPEN)) == TUN_OPEN, 200 "tun%d: inconsistent flags: %x", unit, tp->tun_flags); 201 202 return tp; 203 } 204 205 static int 206 tun_clone_create(struct if_clone *ifc, int unit) 207 { 208 struct tun_softc *tp; 209 210 if ((tp = tun_find_zunit(unit)) == NULL) { 211 tp = kmem_zalloc(sizeof(*tp), KM_SLEEP); 212 213 tp->tun_unit = unit; 214 mutex_init(&tp->tun_lock, MUTEX_DEFAULT, IPL_NET); 215 cv_init(&tp->tun_cv, "tunread"); 216 selinit(&tp->tun_rsel); 217 selinit(&tp->tun_wsel); 218 } else { 219 /* Revive tunnel instance; clear ifp part */ 220 (void)memset(&tp->tun_if, 0, sizeof(struct ifnet)); 221 } 222 223 if_initname(&tp->tun_if, ifc->ifc_name, unit); 224 tunattach0(tp); 225 tp->tun_flags |= TUN_INITED; 226 tp->tun_osih = softint_establish(SOFTINT_CLOCK, tun_o_softintr, tp); 227 tp->tun_isih = softint_establish(SOFTINT_CLOCK, tun_i_softintr, tp); 228 229 mutex_enter(&tun_softc_lock); 230 LIST_INSERT_HEAD(&tun_softc_list, tp, tun_list); 231 mutex_exit(&tun_softc_lock); 232 233 return 0; 234 } 235 236 static void 237 tunattach0(struct tun_softc *tp) 238 { 239 struct ifnet *ifp; 240 241 ifp = &tp->tun_if; 242 ifp->if_softc = tp; 243 ifp->if_mtu = TUNMTU; 244 ifp->if_ioctl = tun_ioctl; 245 ifp->if_output = tun_output; 246 #ifdef ALTQ 247 ifp->if_start = tunstart; 248 #endif 249 ifp->if_flags = IFF_POINTOPOINT; 250 ifp->if_extflags = IFEF_NO_LINK_STATE_CHANGE; 251 ifp->if_type = IFT_TUNNEL; 252 ifp->if_snd.ifq_maxlen = ifqmaxlen; 253 ifp->if_collisions = 0; 254 ifp->if_ierrors = 0; 255 ifp->if_oerrors = 0; 256 ifp->if_ipackets = 0; 257 ifp->if_opackets = 0; 258 ifp->if_ibytes = 0; 259 ifp->if_obytes = 0; 260 ifp->if_dlt = DLT_NULL; 261 IFQ_SET_READY(&ifp->if_snd); 262 if_attach(ifp); 263 if_alloc_sadl(ifp); 264 bpf_attach(ifp, DLT_NULL, sizeof(uint32_t)); 265 } 266 267 static int 268 tun_clone_destroy(struct ifnet *ifp) 269 { 270 struct tun_softc *tp = (void *)ifp; 271 bool zombie = false; 272 273 IF_PURGE(&ifp->if_snd); 274 ifp->if_flags &= ~IFF_RUNNING; 275 276 mutex_enter(&tun_softc_lock); 277 mutex_enter(&tp->tun_lock); 278 LIST_REMOVE(tp, tun_list); 279 if (tp->tun_flags & TUN_OPEN) { 280 /* Hang on to storage until last close. */ 281 tp->tun_flags &= ~TUN_INITED; 282 LIST_INSERT_HEAD(&tunz_softc_list, tp, tun_list); 283 zombie = true; 284 } 285 mutex_exit(&tun_softc_lock); 286 287 if (tp->tun_flags & TUN_RWAIT) { 288 tp->tun_flags &= ~TUN_RWAIT; 289 cv_broadcast(&tp->tun_cv); 290 } 291 selnotify(&tp->tun_rsel, 0, 0); 292 293 mutex_exit(&tp->tun_lock); 294 295 if (tp->tun_flags & TUN_ASYNC && tp->tun_pgid) 296 fownsignal(tp->tun_pgid, SIGIO, POLL_HUP, 0, NULL); 297 298 bpf_detach(ifp); 299 if_detach(ifp); 300 301 if (!zombie) { 302 seldestroy(&tp->tun_rsel); 303 seldestroy(&tp->tun_wsel); 304 softint_disestablish(tp->tun_osih); 305 softint_disestablish(tp->tun_isih); 306 mutex_destroy(&tp->tun_lock); 307 cv_destroy(&tp->tun_cv); 308 kmem_free(tp, sizeof(*tp)); 309 } 310 311 return 0; 312 } 313 314 /* 315 * tunnel open - must be superuser & the device must be 316 * configured in 317 */ 318 static int 319 tunopen(dev_t dev, int flag, int mode, struct lwp *l) 320 { 321 struct ifnet *ifp; 322 struct tun_softc *tp; 323 int error; 324 325 error = kauth_authorize_network(l->l_cred, KAUTH_NETWORK_INTERFACE_TUN, 326 KAUTH_REQ_NETWORK_INTERFACE_TUN_ADD, NULL, NULL, NULL); 327 if (error) 328 return error; 329 330 tp = tun_find_unit(dev); 331 332 if (tp == NULL) { 333 (void)tun_clone_create(&tun_cloner, minor(dev)); 334 tp = tun_find_unit(dev); 335 if (tp == NULL) { 336 return ENXIO; 337 } 338 } 339 340 if (tp->tun_flags & TUN_OPEN) { 341 mutex_exit(&tp->tun_lock); 342 return EBUSY; 343 } 344 345 ifp = &tp->tun_if; 346 tp->tun_flags |= TUN_OPEN; 347 TUNDEBUG("%s: open\n", ifp->if_xname); 348 349 mutex_exit(&tp->tun_lock); 350 351 return error; 352 } 353 354 /* 355 * tunclose - close the device - mark i/f down & delete 356 * routing info 357 */ 358 int 359 tunclose(dev_t dev, int flag, int mode, 360 struct lwp *l) 361 { 362 struct tun_softc *tp; 363 struct ifnet *ifp; 364 365 if ((tp = tun_find_zunit(minor(dev))) != NULL) { 366 /* interface was "destroyed" before the close */ 367 seldestroy(&tp->tun_rsel); 368 seldestroy(&tp->tun_wsel); 369 softint_disestablish(tp->tun_osih); 370 softint_disestablish(tp->tun_isih); 371 mutex_destroy(&tp->tun_lock); 372 kmem_free(tp, sizeof(*tp)); 373 return 0; 374 } 375 376 if ((tp = tun_find_unit(dev)) == NULL) 377 goto out_nolock; 378 379 ifp = &tp->tun_if; 380 381 tp->tun_flags &= ~TUN_OPEN; 382 383 tp->tun_pgid = 0; 384 selnotify(&tp->tun_rsel, 0, 0); 385 386 TUNDEBUG ("%s: closed\n", ifp->if_xname); 387 mutex_exit(&tp->tun_lock); 388 389 /* 390 * junk all pending output 391 */ 392 IFQ_PURGE(&ifp->if_snd); 393 394 if (ifp->if_flags & IFF_UP) { 395 if_down(ifp); 396 if (ifp->if_flags & IFF_RUNNING) { 397 /* find internet addresses and delete routes */ 398 struct ifaddr *ifa; 399 IFADDR_READER_FOREACH(ifa, ifp) { 400 #if defined(INET) || defined(INET6) 401 if (ifa->ifa_addr->sa_family == AF_INET || 402 ifa->ifa_addr->sa_family == AF_INET6) { 403 rtinit(ifa, (int)RTM_DELETE, 404 tp->tun_flags & TUN_DSTADDR 405 ? RTF_HOST 406 : 0); 407 } 408 #endif 409 } 410 } 411 } 412 out_nolock: 413 return 0; 414 } 415 416 static void 417 tun_enable(struct tun_softc *tp, const struct ifaddr *ifa) 418 { 419 struct ifnet *ifp = &tp->tun_if; 420 421 TUNDEBUG("%s: %s\n", __func__, ifp->if_xname); 422 423 mutex_enter(&tp->tun_lock); 424 tp->tun_flags &= ~(TUN_IASET|TUN_DSTADDR); 425 426 switch (ifa->ifa_addr->sa_family) { 427 #ifdef INET 428 case AF_INET: { 429 struct sockaddr_in *sin; 430 431 sin = satosin(ifa->ifa_addr); 432 if (sin && sin->sin_addr.s_addr) 433 tp->tun_flags |= TUN_IASET; 434 435 if (ifp->if_flags & IFF_POINTOPOINT) { 436 sin = satosin(ifa->ifa_dstaddr); 437 if (sin && sin->sin_addr.s_addr) 438 tp->tun_flags |= TUN_DSTADDR; 439 } 440 break; 441 } 442 #endif 443 #ifdef INET6 444 case AF_INET6: { 445 struct sockaddr_in6 *sin; 446 447 sin = satosin6(ifa->ifa_addr); 448 if (!IN6_IS_ADDR_UNSPECIFIED(&sin->sin6_addr)) 449 tp->tun_flags |= TUN_IASET; 450 451 if (ifp->if_flags & IFF_POINTOPOINT) { 452 sin = satosin6(ifa->ifa_dstaddr); 453 if (sin && !IN6_IS_ADDR_UNSPECIFIED(&sin->sin6_addr)) 454 tp->tun_flags |= TUN_DSTADDR; 455 } else 456 tp->tun_flags &= ~TUN_DSTADDR; 457 break; 458 } 459 #endif /* INET6 */ 460 default: 461 break; 462 } 463 ifp->if_flags |= IFF_UP | IFF_RUNNING; 464 mutex_exit(&tp->tun_lock); 465 } 466 467 /* 468 * Process an ioctl request. 469 */ 470 static int 471 tun_ioctl(struct ifnet *ifp, u_long cmd, void *data) 472 { 473 struct tun_softc *tp = (struct tun_softc *)(ifp->if_softc); 474 struct ifreq *ifr = (struct ifreq *)data; 475 struct ifaddr *ifa = (struct ifaddr *)data; 476 int error = 0; 477 478 switch (cmd) { 479 case SIOCINITIFADDR: 480 tun_enable(tp, ifa); 481 ifa->ifa_rtrequest = p2p_rtrequest; 482 TUNDEBUG("%s: address set\n", ifp->if_xname); 483 break; 484 case SIOCSIFBRDADDR: 485 TUNDEBUG("%s: broadcast address set\n", ifp->if_xname); 486 break; 487 case SIOCSIFMTU: 488 if (ifr->ifr_mtu > TUNMTU || ifr->ifr_mtu < 576) { 489 error = EINVAL; 490 break; 491 } 492 TUNDEBUG("%s: interface mtu set\n", ifp->if_xname); 493 if ((error = ifioctl_common(ifp, cmd, data)) == ENETRESET) 494 error = 0; 495 break; 496 case SIOCADDMULTI: 497 case SIOCDELMULTI: 498 if (ifr == NULL) { 499 error = EAFNOSUPPORT; /* XXX */ 500 break; 501 } 502 switch (ifreq_getaddr(cmd, ifr)->sa_family) { 503 #ifdef INET 504 case AF_INET: 505 break; 506 #endif 507 #ifdef INET6 508 case AF_INET6: 509 break; 510 #endif 511 default: 512 error = EAFNOSUPPORT; 513 break; 514 } 515 break; 516 default: 517 error = ifioctl_common(ifp, cmd, data); 518 } 519 520 return error; 521 } 522 523 /* 524 * tun_output - queue packets from higher level ready to put out. 525 */ 526 static int 527 tun_output(struct ifnet *ifp, struct mbuf *m0, const struct sockaddr *dst, 528 const struct rtentry *rt) 529 { 530 struct tun_softc *tp = ifp->if_softc; 531 int error; 532 #if defined(INET) || defined(INET6) 533 int mlen; 534 uint32_t *af; 535 #endif 536 537 mutex_enter(&tp->tun_lock); 538 TUNDEBUG ("%s: tun_output\n", ifp->if_xname); 539 540 if ((tp->tun_flags & TUN_READY) != TUN_READY) { 541 TUNDEBUG ("%s: not ready 0%o\n", ifp->if_xname, 542 tp->tun_flags); 543 error = EHOSTDOWN; 544 mutex_exit(&tp->tun_lock); 545 goto out; 546 } 547 // XXXrmind 548 mutex_exit(&tp->tun_lock); 549 550 /* 551 * if the queueing discipline needs packet classification, 552 * do it before prepending link headers. 553 */ 554 IFQ_CLASSIFY(&ifp->if_snd, m0, dst->sa_family); 555 556 bpf_mtap_af(ifp, dst->sa_family, m0, BPF_D_OUT); 557 558 if ((error = pfil_run_hooks(ifp->if_pfil, &m0, ifp, PFIL_OUT)) != 0) 559 goto out; 560 if (m0 == NULL) 561 goto out; 562 563 switch(dst->sa_family) { 564 #ifdef INET6 565 case AF_INET6: 566 #endif 567 #ifdef INET 568 case AF_INET: 569 #endif 570 #if defined(INET) || defined(INET6) 571 if (tp->tun_flags & TUN_PREPADDR) { 572 /* Simple link-layer header */ 573 M_PREPEND(m0, dst->sa_len, M_DONTWAIT); 574 if (m0 == NULL) { 575 IF_DROP(&ifp->if_snd); 576 error = ENOBUFS; 577 goto out; 578 } 579 memcpy(mtod(m0, char *), dst, dst->sa_len); 580 } 581 582 if (tp->tun_flags & TUN_IFHEAD) { 583 /* Prepend the address family */ 584 M_PREPEND(m0, sizeof(*af), M_DONTWAIT); 585 if (m0 == NULL) { 586 IF_DROP(&ifp->if_snd); 587 error = ENOBUFS; 588 goto out; 589 } 590 af = mtod(m0,uint32_t *); 591 *af = htonl(dst->sa_family); 592 } else { 593 #ifdef INET 594 if (dst->sa_family != AF_INET) 595 #endif 596 { 597 error = EAFNOSUPPORT; 598 goto out; 599 } 600 } 601 /* FALLTHROUGH */ 602 case AF_UNSPEC: 603 IFQ_ENQUEUE(&ifp->if_snd, m0, error); 604 if (error) { 605 ifp->if_collisions++; 606 error = EAFNOSUPPORT; 607 m0 = NULL; 608 goto out; 609 } 610 mlen = m0->m_pkthdr.len; 611 ifp->if_opackets++; 612 ifp->if_obytes += mlen; 613 break; 614 #endif 615 default: 616 error = EAFNOSUPPORT; 617 goto out; 618 } 619 620 mutex_enter(&tp->tun_lock); 621 if (tp->tun_flags & TUN_RWAIT) { 622 tp->tun_flags &= ~TUN_RWAIT; 623 cv_broadcast(&tp->tun_cv); 624 } 625 if (tp->tun_flags & TUN_ASYNC && tp->tun_pgid) 626 softint_schedule(tp->tun_isih); 627 628 selnotify(&tp->tun_rsel, 0, 0); 629 630 mutex_exit(&tp->tun_lock); 631 out: 632 if (error && m0) 633 m_freem(m0); 634 635 return error; 636 } 637 638 static void 639 tun_i_softintr(void *cookie) 640 { 641 struct tun_softc *tp = cookie; 642 643 if (tp->tun_flags & TUN_ASYNC && tp->tun_pgid) 644 fownsignal(tp->tun_pgid, SIGIO, POLL_IN, POLLIN|POLLRDNORM, 645 NULL); 646 } 647 648 static void 649 tun_o_softintr(void *cookie) 650 { 651 struct tun_softc *tp = cookie; 652 653 if (tp->tun_flags & TUN_ASYNC && tp->tun_pgid) 654 fownsignal(tp->tun_pgid, SIGIO, POLL_OUT, POLLOUT|POLLWRNORM, 655 NULL); 656 } 657 658 /* 659 * the cdevsw interface is now pretty minimal. 660 */ 661 int 662 tunioctl(dev_t dev, u_long cmd, void *data, int flag, struct lwp *l) 663 { 664 struct tun_softc *tp; 665 int error = 0; 666 667 tp = tun_find_unit(dev); 668 669 /* interface was "destroyed" already */ 670 if (tp == NULL) { 671 return ENXIO; 672 } 673 674 switch (cmd) { 675 case TUNSDEBUG: 676 tundebug = *(int *)data; 677 break; 678 679 case TUNGDEBUG: 680 *(int *)data = tundebug; 681 break; 682 683 case TUNSIFMODE: 684 switch (*(int *)data & (IFF_POINTOPOINT|IFF_BROADCAST)) { 685 case IFF_POINTOPOINT: 686 case IFF_BROADCAST: 687 if (tp->tun_if.if_flags & IFF_UP) { 688 error = EBUSY; 689 goto out; 690 } 691 tp->tun_if.if_flags &= 692 ~(IFF_BROADCAST|IFF_POINTOPOINT|IFF_MULTICAST); 693 tp->tun_if.if_flags |= *(int *)data; 694 break; 695 default: 696 error = EINVAL; 697 goto out; 698 } 699 break; 700 701 case TUNSLMODE: 702 if (*(int *)data) { 703 tp->tun_flags |= TUN_PREPADDR; 704 tp->tun_flags &= ~TUN_IFHEAD; 705 } else 706 tp->tun_flags &= ~TUN_PREPADDR; 707 break; 708 709 case TUNSIFHEAD: 710 if (*(int *)data) { 711 tp->tun_flags |= TUN_IFHEAD; 712 tp->tun_flags &= ~TUN_PREPADDR; 713 } else 714 tp->tun_flags &= ~TUN_IFHEAD; 715 break; 716 717 case TUNGIFHEAD: 718 *(int *)data = (tp->tun_flags & TUN_IFHEAD); 719 break; 720 721 case FIONBIO: 722 if (*(int *)data) 723 tp->tun_flags |= TUN_NBIO; 724 else 725 tp->tun_flags &= ~TUN_NBIO; 726 break; 727 728 case FIOASYNC: 729 if (*(int *)data) 730 tp->tun_flags |= TUN_ASYNC; 731 else 732 tp->tun_flags &= ~TUN_ASYNC; 733 break; 734 735 case FIONREAD: 736 if (tp->tun_if.if_snd.ifq_head) 737 *(int *)data = tp->tun_if.if_snd.ifq_head->m_pkthdr.len; 738 else 739 *(int *)data = 0; 740 break; 741 742 case TIOCSPGRP: 743 case FIOSETOWN: 744 error = fsetown(&tp->tun_pgid, cmd, data); 745 break; 746 747 case TIOCGPGRP: 748 case FIOGETOWN: 749 error = fgetown(tp->tun_pgid, cmd, data); 750 break; 751 752 default: 753 error = ENOTTY; 754 } 755 756 out: 757 mutex_exit(&tp->tun_lock); 758 759 return error; 760 } 761 762 /* 763 * The cdevsw read interface - reads a packet at a time, or at 764 * least as much of a packet as can be read. 765 */ 766 int 767 tunread(dev_t dev, struct uio *uio, int ioflag) 768 { 769 struct tun_softc *tp; 770 struct ifnet *ifp; 771 struct mbuf *m, *m0; 772 int error = 0, len; 773 774 tp = tun_find_unit(dev); 775 776 /* interface was "destroyed" already */ 777 if (tp == NULL) { 778 return ENXIO; 779 } 780 781 ifp = &tp->tun_if; 782 783 TUNDEBUG ("%s: read\n", ifp->if_xname); 784 if ((tp->tun_flags & TUN_READY) != TUN_READY) { 785 TUNDEBUG ("%s: not ready 0%o\n", ifp->if_xname, tp->tun_flags); 786 error = EHOSTDOWN; 787 goto out; 788 } 789 790 tp->tun_flags &= ~TUN_RWAIT; 791 792 do { 793 IFQ_DEQUEUE(&ifp->if_snd, m0); 794 if (m0 == 0) { 795 if (tp->tun_flags & TUN_NBIO) { 796 error = EWOULDBLOCK; 797 goto out; 798 } 799 tp->tun_flags |= TUN_RWAIT; 800 if (cv_wait_sig(&tp->tun_cv, &tp->tun_lock)) { 801 error = EINTR; 802 goto out; 803 } 804 } 805 } while (m0 == 0); 806 807 mutex_exit(&tp->tun_lock); 808 809 /* Copy the mbuf chain */ 810 while (m0 && uio->uio_resid > 0 && error == 0) { 811 len = min(uio->uio_resid, m0->m_len); 812 if (len != 0) 813 error = uiomove(mtod(m0, void *), len, uio); 814 m0 = m = m_free(m0); 815 } 816 817 if (m0) { 818 TUNDEBUG("Dropping mbuf\n"); 819 m_freem(m0); 820 } 821 if (error) 822 ifp->if_ierrors++; 823 824 return error; 825 826 out: 827 mutex_exit(&tp->tun_lock); 828 829 return error; 830 } 831 832 /* 833 * the cdevsw write interface - an atomic write is a packet - or else! 834 */ 835 int 836 tunwrite(dev_t dev, struct uio *uio, int ioflag) 837 { 838 struct tun_softc *tp; 839 struct ifnet *ifp; 840 struct mbuf *top, **mp, *m; 841 pktqueue_t *pktq; 842 struct sockaddr dst; 843 int error = 0, tlen, mlen; 844 uint32_t family; 845 846 tp = tun_find_unit(dev); 847 if (tp == NULL) { 848 /* Interface was "destroyed" already. */ 849 return ENXIO; 850 } 851 852 /* Unlock until we've got the data */ 853 mutex_exit(&tp->tun_lock); 854 855 ifp = &tp->tun_if; 856 857 TUNDEBUG("%s: tunwrite\n", ifp->if_xname); 858 859 if (tp->tun_flags & TUN_PREPADDR) { 860 if (uio->uio_resid < sizeof(dst)) { 861 error = EIO; 862 goto out0; 863 } 864 error = uiomove((void *)&dst, sizeof(dst), uio); 865 if (dst.sa_len > sizeof(dst)) { 866 /* Duh.. */ 867 int n = dst.sa_len - sizeof(dst); 868 while (n--) { 869 char discard; 870 error = uiomove(&discard, 1, uio); 871 if (error) { 872 goto out0; 873 } 874 } 875 } 876 } else if (tp->tun_flags & TUN_IFHEAD) { 877 if (uio->uio_resid < sizeof(family)){ 878 error = EIO; 879 goto out0; 880 } 881 error = uiomove((void *)&family, sizeof(family), uio); 882 dst.sa_family = ntohl(family); 883 } else { 884 #ifdef INET 885 dst.sa_family = AF_INET; 886 #endif 887 } 888 889 if (uio->uio_resid > TUNMTU) { 890 TUNDEBUG("%s: len=%lu!\n", ifp->if_xname, 891 (unsigned long)uio->uio_resid); 892 error = EIO; 893 goto out0; 894 } 895 896 switch (dst.sa_family) { 897 #ifdef INET 898 case AF_INET: 899 pktq = ip_pktq; 900 break; 901 #endif 902 #ifdef INET6 903 case AF_INET6: 904 pktq = ip6_pktq; 905 break; 906 #endif 907 default: 908 error = EAFNOSUPPORT; 909 goto out0; 910 } 911 912 tlen = uio->uio_resid; 913 914 /* get a header mbuf */ 915 MGETHDR(m, M_DONTWAIT, MT_DATA); 916 if (m == NULL) { 917 return ENOBUFS; 918 } 919 mlen = MHLEN; 920 921 top = NULL; 922 mp = ⊤ 923 while (error == 0 && uio->uio_resid > 0) { 924 m->m_len = min(mlen, uio->uio_resid); 925 error = uiomove(mtod(m, void *), m->m_len, uio); 926 *mp = m; 927 mp = &m->m_next; 928 if (error == 0 && uio->uio_resid > 0) { 929 MGET(m, M_DONTWAIT, MT_DATA); 930 if (m == NULL) { 931 error = ENOBUFS; 932 break; 933 } 934 mlen = MLEN; 935 } 936 } 937 if (error) { 938 if (top != NULL) 939 m_freem(top); 940 ifp->if_ierrors++; 941 goto out0; 942 } 943 944 top->m_pkthdr.len = tlen; 945 m_set_rcvif(top, ifp); 946 947 bpf_mtap_af(ifp, dst.sa_family, top, BPF_D_IN); 948 949 if ((error = pfil_run_hooks(ifp->if_pfil, &top, ifp, PFIL_IN)) != 0) 950 goto out0; 951 if (top == NULL) 952 goto out0; 953 954 mutex_enter(&tp->tun_lock); 955 if ((tp->tun_flags & TUN_INITED) == 0) { 956 /* Interface was destroyed */ 957 error = ENXIO; 958 goto out; 959 } 960 if (__predict_false(!pktq_enqueue(pktq, top, 0))) { 961 ifp->if_collisions++; 962 mutex_exit(&tp->tun_lock); 963 error = ENOBUFS; 964 m_freem(top); 965 goto out0; 966 } 967 ifp->if_ipackets++; 968 ifp->if_ibytes += tlen; 969 out: 970 mutex_exit(&tp->tun_lock); 971 out0: 972 return error; 973 } 974 975 #ifdef ALTQ 976 /* 977 * Start packet transmission on the interface. 978 * when the interface queue is rate-limited by ALTQ or TBR, 979 * if_start is needed to drain packets from the queue in order 980 * to notify readers when outgoing packets become ready. 981 */ 982 static void 983 tunstart(struct ifnet *ifp) 984 { 985 struct tun_softc *tp = ifp->if_softc; 986 987 if (!ALTQ_IS_ENABLED(&ifp->if_snd) && !TBR_IS_ENABLED(&ifp->if_snd)) 988 return; 989 990 mutex_enter(&tp->tun_lock); 991 if (!IF_IS_EMPTY(&ifp->if_snd)) { 992 if (tp->tun_flags & TUN_RWAIT) { 993 tp->tun_flags &= ~TUN_RWAIT; 994 cv_broadcast(&tp->tun_cv); 995 } 996 if (tp->tun_flags & TUN_ASYNC && tp->tun_pgid) 997 softint_schedule(tp->tun_osih); 998 999 selnotify(&tp->tun_rsel, 0, 0); 1000 } 1001 mutex_exit(&tp->tun_lock); 1002 } 1003 #endif /* ALTQ */ 1004 /* 1005 * tunpoll - the poll interface, this is only useful on reads 1006 * really. The write detect always returns true, write never blocks 1007 * anyway, it either accepts the packet or drops it. 1008 */ 1009 int 1010 tunpoll(dev_t dev, int events, struct lwp *l) 1011 { 1012 struct tun_softc *tp; 1013 struct ifnet *ifp; 1014 int revents = 0; 1015 1016 tp = tun_find_unit(dev); 1017 if (tp == NULL) { 1018 /* Interface was "destroyed" already. */ 1019 return 0; 1020 } 1021 ifp = &tp->tun_if; 1022 1023 TUNDEBUG("%s: tunpoll\n", ifp->if_xname); 1024 1025 if (events & (POLLIN | POLLRDNORM)) { 1026 if (!IFQ_IS_EMPTY(&ifp->if_snd)) { 1027 TUNDEBUG("%s: tunpoll q=%d\n", ifp->if_xname, 1028 ifp->if_snd.ifq_len); 1029 revents |= events & (POLLIN | POLLRDNORM); 1030 } else { 1031 TUNDEBUG("%s: tunpoll waiting\n", ifp->if_xname); 1032 selrecord(l, &tp->tun_rsel); 1033 } 1034 } 1035 1036 if (events & (POLLOUT | POLLWRNORM)) 1037 revents |= events & (POLLOUT | POLLWRNORM); 1038 1039 mutex_exit(&tp->tun_lock); 1040 1041 return revents; 1042 } 1043 1044 static void 1045 filt_tunrdetach(struct knote *kn) 1046 { 1047 struct tun_softc *tp = kn->kn_hook; 1048 1049 mutex_enter(&tp->tun_lock); 1050 SLIST_REMOVE(&tp->tun_rsel.sel_klist, kn, knote, kn_selnext); 1051 mutex_exit(&tp->tun_lock); 1052 } 1053 1054 static int 1055 filt_tunread(struct knote *kn, long hint) 1056 { 1057 struct tun_softc *tp = kn->kn_hook; 1058 struct ifnet *ifp = &tp->tun_if; 1059 struct mbuf *m; 1060 1061 mutex_enter(&tp->tun_lock); 1062 IF_POLL(&ifp->if_snd, m); 1063 if (m == NULL) { 1064 mutex_exit(&tp->tun_lock); 1065 return 0; 1066 } 1067 1068 for (kn->kn_data = 0; m != NULL; m = m->m_next) 1069 kn->kn_data += m->m_len; 1070 1071 mutex_exit(&tp->tun_lock); 1072 1073 return 1; 1074 } 1075 1076 static const struct filterops tunread_filtops = { 1077 .f_isfd = 1, 1078 .f_attach = NULL, 1079 .f_detach = filt_tunrdetach, 1080 .f_event = filt_tunread, 1081 }; 1082 1083 static const struct filterops tun_seltrue_filtops = { 1084 .f_isfd = 1, 1085 .f_attach = NULL, 1086 .f_detach = filt_tunrdetach, 1087 .f_event = filt_seltrue, 1088 }; 1089 1090 int 1091 tunkqfilter(dev_t dev, struct knote *kn) 1092 { 1093 struct tun_softc *tp; 1094 struct klist *klist; 1095 int rv = 0; 1096 1097 tp = tun_find_unit(dev); 1098 if (tp == NULL) 1099 goto out_nolock; 1100 1101 switch (kn->kn_filter) { 1102 case EVFILT_READ: 1103 klist = &tp->tun_rsel.sel_klist; 1104 kn->kn_fop = &tunread_filtops; 1105 break; 1106 1107 case EVFILT_WRITE: 1108 klist = &tp->tun_rsel.sel_klist; 1109 kn->kn_fop = &tun_seltrue_filtops; 1110 break; 1111 1112 default: 1113 rv = EINVAL; 1114 goto out; 1115 } 1116 1117 kn->kn_hook = tp; 1118 1119 SLIST_INSERT_HEAD(klist, kn, kn_selnext); 1120 1121 out: 1122 mutex_exit(&tp->tun_lock); 1123 out_nolock: 1124 return rv; 1125 } 1126 1127 /* 1128 * Module infrastructure 1129 */ 1130 #include "if_module.h" 1131 1132 IF_MODULE(MODULE_CLASS_DRIVER, tun, "") 1133