1 /* $OpenBSD: bpf.c,v 1.80 2012/04/14 09:39:46 yasuoka Exp $ */ 2 /* $NetBSD: bpf.c,v 1.33 1997/02/21 23:59:35 thorpej Exp $ */ 3 4 /* 5 * Copyright (c) 1990, 1991, 1993 6 * The Regents of the University of California. All rights reserved. 7 * 8 * This code is derived from the Stanford/CMU enet packet filter, 9 * (net/enet.c) distributed as part of 4.3BSD, and code contributed 10 * to Berkeley by Steven McCanne and Van Jacobson both of Lawrence 11 * Berkeley Laboratory. 12 * 13 * Redistribution and use in source and binary forms, with or without 14 * modification, are permitted provided that the following conditions 15 * are met: 16 * 1. Redistributions of source code must retain the above copyright 17 * notice, this list of conditions and the following disclaimer. 18 * 2. Redistributions in binary form must reproduce the above copyright 19 * notice, this list of conditions and the following disclaimer in the 20 * documentation and/or other materials provided with the distribution. 21 * 3. Neither the name of the University nor the names of its contributors 22 * may be used to endorse or promote products derived from this software 23 * without specific prior written permission. 24 * 25 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 26 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 27 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 28 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 29 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 30 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 31 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 32 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 33 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 34 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 35 * SUCH DAMAGE. 36 * 37 * @(#)bpf.c 8.2 (Berkeley) 3/28/94 38 */ 39 40 #include "bpfilter.h" 41 42 #include <sys/param.h> 43 #include <sys/mbuf.h> 44 #include <sys/proc.h> 45 #include <sys/signalvar.h> 46 #include <sys/ioctl.h> 47 #include <sys/conf.h> 48 #include <sys/vnode.h> 49 #include <sys/file.h> 50 #include <sys/socket.h> 51 #include <sys/poll.h> 52 #include <sys/kernel.h> 53 #include <sys/sysctl.h> 54 55 #include <net/if.h> 56 #include <net/bpf.h> 57 #include <net/bpfdesc.h> 58 59 #include <netinet/in.h> 60 #include <netinet/if_ether.h> 61 62 #include "vlan.h" 63 #if NVLAN > 0 64 #include <net/if_vlan_var.h> 65 #endif 66 67 #include "pflog.h" 68 #if NPFLOG > 0 69 #include <net/if_pflog.h> 70 #endif 71 72 #define BPF_BUFSIZE 32768 73 74 #define PRINET 26 /* interruptible */ 75 76 /* from kern/kern_clock.c; incremented each clock tick. */ 77 extern int ticks; 78 79 /* 80 * The default read buffer size is patchable. 81 */ 82 int bpf_bufsize = BPF_BUFSIZE; 83 int bpf_maxbufsize = BPF_MAXBUFSIZE; 84 85 /* 86 * bpf_iflist is the list of interfaces; each corresponds to an ifnet 87 * bpf_d_list is the list of descriptors 88 */ 89 struct bpf_if *bpf_iflist; 90 LIST_HEAD(, bpf_d) bpf_d_list; 91 92 int bpf_allocbufs(struct bpf_d *); 93 void bpf_freed(struct bpf_d *); 94 void bpf_ifname(struct ifnet *, struct ifreq *); 95 void bpf_mcopy(const void *, void *, size_t); 96 int bpf_movein(struct uio *, u_int, struct mbuf **, 97 struct sockaddr *, struct bpf_insn *); 98 void bpf_attachd(struct bpf_d *, struct bpf_if *); 99 void bpf_detachd(struct bpf_d *); 100 int bpf_setif(struct bpf_d *, struct ifreq *); 101 int bpfpoll(dev_t, int, struct proc *); 102 int bpfkqfilter(dev_t, struct knote *); 103 void bpf_wakeup(struct bpf_d *); 104 void bpf_catchpacket(struct bpf_d *, u_char *, size_t, size_t, 105 void (*)(const void *, void *, size_t)); 106 void bpf_reset_d(struct bpf_d *); 107 int bpf_getdltlist(struct bpf_d *, struct bpf_dltlist *); 108 int bpf_setdlt(struct bpf_d *, u_int); 109 110 void filt_bpfrdetach(struct knote *); 111 int filt_bpfread(struct knote *, long); 112 113 struct bpf_d *bpfilter_lookup(int); 114 struct bpf_d *bpfilter_create(int); 115 void bpfilter_destroy(struct bpf_d *); 116 117 int 118 bpf_movein(struct uio *uio, u_int linktype, struct mbuf **mp, 119 struct sockaddr *sockp, struct bpf_insn *filter) 120 { 121 struct mbuf *m; 122 struct m_tag *mtag; 123 int error; 124 u_int hlen; 125 u_int len; 126 u_int slen; 127 128 /* 129 * Build a sockaddr based on the data link layer type. 130 * We do this at this level because the ethernet header 131 * is copied directly into the data field of the sockaddr. 132 * In the case of SLIP, there is no header and the packet 133 * is forwarded as is. 134 * Also, we are careful to leave room at the front of the mbuf 135 * for the link level header. 136 */ 137 switch (linktype) { 138 139 case DLT_SLIP: 140 sockp->sa_family = AF_INET; 141 hlen = 0; 142 break; 143 144 case DLT_PPP: 145 sockp->sa_family = AF_UNSPEC; 146 hlen = 0; 147 break; 148 149 case DLT_EN10MB: 150 sockp->sa_family = AF_UNSPEC; 151 /* XXX Would MAXLINKHDR be better? */ 152 hlen = ETHER_HDR_LEN; 153 break; 154 155 case DLT_FDDI: 156 sockp->sa_family = AF_UNSPEC; 157 /* XXX 4(FORMAC)+6(dst)+6(src)+3(LLC)+5(SNAP) */ 158 hlen = 24; 159 break; 160 161 case DLT_IEEE802_11: 162 case DLT_IEEE802_11_RADIO: 163 sockp->sa_family = AF_UNSPEC; 164 hlen = 0; 165 break; 166 167 case DLT_RAW: 168 case DLT_NULL: 169 sockp->sa_family = AF_UNSPEC; 170 hlen = 0; 171 break; 172 173 case DLT_ATM_RFC1483: 174 /* 175 * en atm driver requires 4-byte atm pseudo header. 176 * though it isn't standard, vpi:vci needs to be 177 * specified anyway. 178 */ 179 sockp->sa_family = AF_UNSPEC; 180 hlen = 12; /* XXX 4(ATM_PH) + 3(LLC) + 5(SNAP) */ 181 break; 182 183 default: 184 return (EIO); 185 } 186 187 if (uio->uio_resid > MCLBYTES) 188 return (EIO); 189 len = uio->uio_resid; 190 191 MGETHDR(m, M_WAIT, MT_DATA); 192 m->m_pkthdr.rcvif = 0; 193 m->m_pkthdr.len = len - hlen; 194 195 if (len > MHLEN) { 196 MCLGET(m, M_WAIT); 197 if ((m->m_flags & M_EXT) == 0) { 198 error = ENOBUFS; 199 goto bad; 200 } 201 } 202 m->m_len = len; 203 *mp = m; 204 205 error = uiomove(mtod(m, caddr_t), len, uio); 206 if (error) 207 goto bad; 208 209 slen = bpf_filter(filter, mtod(m, u_char *), len, len); 210 if (slen < len) { 211 error = EPERM; 212 goto bad; 213 } 214 215 if (m->m_len < hlen) { 216 error = EPERM; 217 goto bad; 218 } 219 /* 220 * Make room for link header, and copy it to sockaddr 221 */ 222 if (hlen != 0) { 223 bcopy(m->m_data, sockp->sa_data, hlen); 224 m->m_len -= hlen; 225 m->m_data += hlen; /* XXX */ 226 } 227 228 /* 229 * Prepend the data link type as a mbuf tag 230 */ 231 mtag = m_tag_get(PACKET_TAG_DLT, sizeof(u_int), M_NOWAIT); 232 if (mtag == NULL) 233 return (ENOMEM); 234 *(u_int *)(mtag + 1) = linktype; 235 m_tag_prepend(m, mtag); 236 237 return (0); 238 bad: 239 m_freem(m); 240 return (error); 241 } 242 243 /* 244 * Attach file to the bpf interface, i.e. make d listen on bp. 245 * Must be called at splnet. 246 */ 247 void 248 bpf_attachd(struct bpf_d *d, struct bpf_if *bp) 249 { 250 /* 251 * Point d at bp, and add d to the interface's list of listeners. 252 * Finally, point the driver's bpf cookie at the interface so 253 * it will divert packets to bpf. 254 */ 255 d->bd_bif = bp; 256 d->bd_next = bp->bif_dlist; 257 bp->bif_dlist = d; 258 259 *bp->bif_driverp = bp; 260 } 261 262 /* 263 * Detach a file from its interface. 264 */ 265 void 266 bpf_detachd(struct bpf_d *d) 267 { 268 struct bpf_d **p; 269 struct bpf_if *bp; 270 271 bp = d->bd_bif; 272 /* 273 * Check if this descriptor had requested promiscuous mode. 274 * If so, turn it off. 275 */ 276 if (d->bd_promisc) { 277 int error; 278 279 d->bd_promisc = 0; 280 error = ifpromisc(bp->bif_ifp, 0); 281 if (error && !(error == EINVAL || error == ENODEV)) 282 /* 283 * Something is really wrong if we were able to put 284 * the driver into promiscuous mode, but can't 285 * take it out. 286 */ 287 panic("bpf: ifpromisc failed"); 288 } 289 /* Remove d from the interface's descriptor list. */ 290 p = &bp->bif_dlist; 291 while (*p != d) { 292 p = &(*p)->bd_next; 293 if (*p == 0) 294 panic("bpf_detachd: descriptor not in list"); 295 } 296 *p = (*p)->bd_next; 297 if (bp->bif_dlist == 0) 298 /* 299 * Let the driver know that there are no more listeners. 300 */ 301 *d->bd_bif->bif_driverp = 0; 302 d->bd_bif = 0; 303 } 304 305 /* 306 * Reference count access to descriptor buffers 307 */ 308 #define D_GET(d) ((d)->bd_ref++) 309 #define D_PUT(d) bpf_freed(d) 310 311 /* 312 * bpfilterattach() is called at boot time in new systems. We do 313 * nothing here since old systems will not call this. 314 */ 315 /* ARGSUSED */ 316 void 317 bpfilterattach(int n) 318 { 319 LIST_INIT(&bpf_d_list); 320 } 321 322 /* 323 * Open ethernet device. Returns ENXIO for illegal minor device number, 324 * EBUSY if file is open by another process. 325 */ 326 /* ARGSUSED */ 327 int 328 bpfopen(dev_t dev, int flag, int mode, struct proc *p) 329 { 330 struct bpf_d *d; 331 332 /* create on demand */ 333 if ((d = bpfilter_create(minor(dev))) == NULL) 334 return (EBUSY); 335 336 /* Mark "free" and do most initialization. */ 337 d->bd_bufsize = bpf_bufsize; 338 d->bd_sig = SIGIO; 339 340 D_GET(d); 341 342 return (0); 343 } 344 345 /* 346 * Close the descriptor by detaching it from its interface, 347 * deallocating its buffers, and marking it free. 348 */ 349 /* ARGSUSED */ 350 int 351 bpfclose(dev_t dev, int flag, int mode, struct proc *p) 352 { 353 struct bpf_d *d; 354 int s; 355 356 d = bpfilter_lookup(minor(dev)); 357 s = splnet(); 358 if (d->bd_bif) 359 bpf_detachd(d); 360 bpf_wakeup(d); 361 D_PUT(d); 362 splx(s); 363 364 return (0); 365 } 366 367 /* 368 * Rotate the packet buffers in descriptor d. Move the store buffer 369 * into the hold slot, and the free buffer into the store slot. 370 * Zero the length of the new store buffer. 371 */ 372 #define ROTATE_BUFFERS(d) \ 373 (d)->bd_hbuf = (d)->bd_sbuf; \ 374 (d)->bd_hlen = (d)->bd_slen; \ 375 (d)->bd_sbuf = (d)->bd_fbuf; \ 376 (d)->bd_slen = 0; \ 377 (d)->bd_fbuf = 0; 378 /* 379 * bpfread - read next chunk of packets from buffers 380 */ 381 int 382 bpfread(dev_t dev, struct uio *uio, int ioflag) 383 { 384 struct bpf_d *d; 385 int error; 386 int s; 387 388 d = bpfilter_lookup(minor(dev)); 389 if (d->bd_bif == 0) 390 return (ENXIO); 391 392 /* 393 * Restrict application to use a buffer the same size as 394 * as kernel buffers. 395 */ 396 if (uio->uio_resid != d->bd_bufsize) 397 return (EINVAL); 398 399 s = splnet(); 400 401 D_GET(d); 402 403 /* 404 * bd_rdStart is tagged when we start the read, iff there's a timeout. 405 * we can then figure out when we're done reading. 406 */ 407 if (d->bd_rtout != -1 && d->bd_rdStart == 0) 408 d->bd_rdStart = ticks; 409 else 410 d->bd_rdStart = 0; 411 412 /* 413 * If the hold buffer is empty, then do a timed sleep, which 414 * ends when the timeout expires or when enough packets 415 * have arrived to fill the store buffer. 416 */ 417 while (d->bd_hbuf == 0) { 418 if (d->bd_bif == NULL) { 419 /* interface is gone */ 420 if (d->bd_slen == 0) { 421 D_PUT(d); 422 splx(s); 423 return (EIO); 424 } 425 ROTATE_BUFFERS(d); 426 break; 427 } 428 if (d->bd_immediate && d->bd_slen != 0) { 429 /* 430 * A packet(s) either arrived since the previous 431 * read or arrived while we were asleep. 432 * Rotate the buffers and return what's here. 433 */ 434 ROTATE_BUFFERS(d); 435 break; 436 } 437 if ((d->bd_rtout != -1) || 438 (d->bd_rdStart + d->bd_rtout) < ticks) { 439 error = tsleep((caddr_t)d, PRINET|PCATCH, "bpf", 440 d->bd_rtout); 441 } else { 442 if (d->bd_rtout == -1) { 443 /* User requested non-blocking I/O */ 444 error = EWOULDBLOCK; 445 } else 446 error = 0; 447 } 448 if (error == EINTR || error == ERESTART) { 449 D_PUT(d); 450 splx(s); 451 return (error); 452 } 453 if (error == EWOULDBLOCK) { 454 /* 455 * On a timeout, return what's in the buffer, 456 * which may be nothing. If there is something 457 * in the store buffer, we can rotate the buffers. 458 */ 459 if (d->bd_hbuf) 460 /* 461 * We filled up the buffer in between 462 * getting the timeout and arriving 463 * here, so we don't need to rotate. 464 */ 465 break; 466 467 if (d->bd_slen == 0) { 468 D_PUT(d); 469 splx(s); 470 return (0); 471 } 472 ROTATE_BUFFERS(d); 473 break; 474 } 475 } 476 /* 477 * At this point, we know we have something in the hold slot. 478 */ 479 splx(s); 480 481 /* 482 * Move data from hold buffer into user space. 483 * We know the entire buffer is transferred since 484 * we checked above that the read buffer is bpf_bufsize bytes. 485 */ 486 error = uiomove(d->bd_hbuf, d->bd_hlen, uio); 487 488 s = splnet(); 489 d->bd_fbuf = d->bd_hbuf; 490 d->bd_hbuf = 0; 491 d->bd_hlen = 0; 492 493 D_PUT(d); 494 splx(s); 495 496 return (error); 497 } 498 499 500 /* 501 * If there are processes sleeping on this descriptor, wake them up. 502 */ 503 void 504 bpf_wakeup(struct bpf_d *d) 505 { 506 wakeup((caddr_t)d); 507 if (d->bd_async && d->bd_sig) 508 csignal(d->bd_pgid, d->bd_sig, 509 d->bd_siguid, d->bd_sigeuid); 510 511 selwakeup(&d->bd_sel); 512 /* XXX */ 513 d->bd_sel.si_selpid = 0; 514 } 515 516 int 517 bpfwrite(dev_t dev, struct uio *uio, int ioflag) 518 { 519 struct bpf_d *d; 520 struct ifnet *ifp; 521 struct mbuf *m; 522 int error, s; 523 struct sockaddr_storage dst; 524 525 d = bpfilter_lookup(minor(dev)); 526 if (d->bd_bif == 0) 527 return (ENXIO); 528 529 ifp = d->bd_bif->bif_ifp; 530 531 if ((ifp->if_flags & IFF_UP) == 0) 532 return (ENETDOWN); 533 534 if (uio->uio_resid == 0) 535 return (0); 536 537 error = bpf_movein(uio, d->bd_bif->bif_dlt, &m, 538 (struct sockaddr *)&dst, d->bd_wfilter); 539 if (error) 540 return (error); 541 542 if (m->m_pkthdr.len > ifp->if_mtu) { 543 m_freem(m); 544 return (EMSGSIZE); 545 } 546 547 m->m_pkthdr.rdomain = ifp->if_rdomain; 548 549 if (d->bd_hdrcmplt) 550 dst.ss_family = pseudo_AF_HDRCMPLT; 551 552 s = splsoftnet(); 553 error = (*ifp->if_output)(ifp, m, (struct sockaddr *)&dst, 554 (struct rtentry *)0); 555 splx(s); 556 /* 557 * The driver frees the mbuf. 558 */ 559 return (error); 560 } 561 562 /* 563 * Reset a descriptor by flushing its packet buffer and clearing the 564 * receive and drop counts. Should be called at splnet. 565 */ 566 void 567 bpf_reset_d(struct bpf_d *d) 568 { 569 if (d->bd_hbuf) { 570 /* Free the hold buffer. */ 571 d->bd_fbuf = d->bd_hbuf; 572 d->bd_hbuf = 0; 573 } 574 d->bd_slen = 0; 575 d->bd_hlen = 0; 576 d->bd_rcount = 0; 577 d->bd_dcount = 0; 578 } 579 580 /* 581 * FIONREAD Check for read packet available. 582 * BIOCGBLEN Get buffer len [for read()]. 583 * BIOCSETF Set ethernet read filter. 584 * BIOCFLUSH Flush read packet buffer. 585 * BIOCPROMISC Put interface into promiscuous mode. 586 * BIOCGDLTLIST Get supported link layer types. 587 * BIOCGDLT Get link layer type. 588 * BIOCSDLT Set link layer type. 589 * BIOCGETIF Get interface name. 590 * BIOCSETIF Set interface. 591 * BIOCSRTIMEOUT Set read timeout. 592 * BIOCGRTIMEOUT Get read timeout. 593 * BIOCGSTATS Get packet stats. 594 * BIOCIMMEDIATE Set immediate mode. 595 * BIOCVERSION Get filter language version. 596 * BIOCGHDRCMPLT Get "header already complete" flag 597 * BIOCSHDRCMPLT Set "header already complete" flag 598 */ 599 /* ARGSUSED */ 600 int 601 bpfioctl(dev_t dev, u_long cmd, caddr_t addr, int flag, struct proc *p) 602 { 603 struct bpf_d *d; 604 int s, error = 0; 605 606 d = bpfilter_lookup(minor(dev)); 607 if (d->bd_locked && suser(p, 0) != 0) { 608 /* list of allowed ioctls when locked and not root */ 609 switch (cmd) { 610 case BIOCGBLEN: 611 case BIOCFLUSH: 612 case BIOCGDLT: 613 case BIOCGDLTLIST: 614 case BIOCGETIF: 615 case BIOCGRTIMEOUT: 616 case BIOCGSTATS: 617 case BIOCVERSION: 618 case BIOCGRSIG: 619 case BIOCGHDRCMPLT: 620 case FIONREAD: 621 case BIOCLOCK: 622 case BIOCSRTIMEOUT: 623 case BIOCIMMEDIATE: 624 case TIOCGPGRP: 625 case BIOCGDIRFILT: 626 break; 627 default: 628 return (EPERM); 629 } 630 } 631 632 switch (cmd) { 633 634 default: 635 error = EINVAL; 636 break; 637 638 /* 639 * Check for read packet available. 640 */ 641 case FIONREAD: 642 { 643 int n; 644 645 s = splnet(); 646 n = d->bd_slen; 647 if (d->bd_hbuf) 648 n += d->bd_hlen; 649 splx(s); 650 651 *(int *)addr = n; 652 break; 653 } 654 655 /* 656 * Get buffer len [for read()]. 657 */ 658 case BIOCGBLEN: 659 *(u_int *)addr = d->bd_bufsize; 660 break; 661 662 /* 663 * Set buffer length. 664 */ 665 case BIOCSBLEN: 666 if (d->bd_bif != 0) 667 error = EINVAL; 668 else { 669 u_int size = *(u_int *)addr; 670 671 if (size > bpf_maxbufsize) 672 *(u_int *)addr = size = bpf_maxbufsize; 673 else if (size < BPF_MINBUFSIZE) 674 *(u_int *)addr = size = BPF_MINBUFSIZE; 675 d->bd_bufsize = size; 676 } 677 break; 678 679 /* 680 * Set link layer read filter. 681 */ 682 case BIOCSETF: 683 error = bpf_setf(d, (struct bpf_program *)addr, 0); 684 break; 685 686 /* 687 * Set link layer write filter. 688 */ 689 case BIOCSETWF: 690 error = bpf_setf(d, (struct bpf_program *)addr, 1); 691 break; 692 693 /* 694 * Flush read packet buffer. 695 */ 696 case BIOCFLUSH: 697 s = splnet(); 698 bpf_reset_d(d); 699 splx(s); 700 break; 701 702 /* 703 * Put interface into promiscuous mode. 704 */ 705 case BIOCPROMISC: 706 if (d->bd_bif == 0) { 707 /* 708 * No interface attached yet. 709 */ 710 error = EINVAL; 711 break; 712 } 713 s = splnet(); 714 if (d->bd_promisc == 0) { 715 error = ifpromisc(d->bd_bif->bif_ifp, 1); 716 if (error == 0) 717 d->bd_promisc = 1; 718 } 719 splx(s); 720 break; 721 722 /* 723 * Get a list of supported device parameters. 724 */ 725 case BIOCGDLTLIST: 726 if (d->bd_bif == NULL) 727 error = EINVAL; 728 else 729 error = bpf_getdltlist(d, (struct bpf_dltlist *)addr); 730 break; 731 732 /* 733 * Get device parameters. 734 */ 735 case BIOCGDLT: 736 if (d->bd_bif == 0) 737 error = EINVAL; 738 else 739 *(u_int *)addr = d->bd_bif->bif_dlt; 740 break; 741 742 /* 743 * Set device parameters. 744 */ 745 case BIOCSDLT: 746 if (d->bd_bif == NULL) 747 error = EINVAL; 748 else 749 error = bpf_setdlt(d, *(u_int *)addr); 750 break; 751 752 /* 753 * Set interface name. 754 */ 755 case BIOCGETIF: 756 if (d->bd_bif == 0) 757 error = EINVAL; 758 else 759 bpf_ifname(d->bd_bif->bif_ifp, (struct ifreq *)addr); 760 break; 761 762 /* 763 * Set interface. 764 */ 765 case BIOCSETIF: 766 error = bpf_setif(d, (struct ifreq *)addr); 767 break; 768 769 /* 770 * Set read timeout. 771 */ 772 case BIOCSRTIMEOUT: 773 { 774 struct timeval *tv = (struct timeval *)addr; 775 776 /* Compute number of ticks. */ 777 d->bd_rtout = tv->tv_sec * hz + tv->tv_usec / tick; 778 if (d->bd_rtout == 0 && tv->tv_usec != 0) 779 d->bd_rtout = 1; 780 break; 781 } 782 783 /* 784 * Get read timeout. 785 */ 786 case BIOCGRTIMEOUT: 787 { 788 struct timeval *tv = (struct timeval *)addr; 789 790 tv->tv_sec = d->bd_rtout / hz; 791 tv->tv_usec = (d->bd_rtout % hz) * tick; 792 break; 793 } 794 795 /* 796 * Get packet stats. 797 */ 798 case BIOCGSTATS: 799 { 800 struct bpf_stat *bs = (struct bpf_stat *)addr; 801 802 bs->bs_recv = d->bd_rcount; 803 bs->bs_drop = d->bd_dcount; 804 break; 805 } 806 807 /* 808 * Set immediate mode. 809 */ 810 case BIOCIMMEDIATE: 811 d->bd_immediate = *(u_int *)addr; 812 break; 813 814 case BIOCVERSION: 815 { 816 struct bpf_version *bv = (struct bpf_version *)addr; 817 818 bv->bv_major = BPF_MAJOR_VERSION; 819 bv->bv_minor = BPF_MINOR_VERSION; 820 break; 821 } 822 823 case BIOCGHDRCMPLT: /* get "header already complete" flag */ 824 *(u_int *)addr = d->bd_hdrcmplt; 825 break; 826 827 case BIOCSHDRCMPLT: /* set "header already complete" flag */ 828 d->bd_hdrcmplt = *(u_int *)addr ? 1 : 0; 829 break; 830 831 case BIOCLOCK: /* set "locked" flag (no reset) */ 832 d->bd_locked = 1; 833 break; 834 835 case BIOCGFILDROP: /* get "filter-drop" flag */ 836 *(u_int *)addr = d->bd_fildrop; 837 break; 838 839 case BIOCSFILDROP: /* set "filter-drop" flag */ 840 d->bd_fildrop = *(u_int *)addr ? 1 : 0; 841 break; 842 843 case BIOCGDIRFILT: /* get direction filter */ 844 *(u_int *)addr = d->bd_dirfilt; 845 break; 846 847 case BIOCSDIRFILT: /* set direction filter */ 848 d->bd_dirfilt = (*(u_int *)addr) & 849 (BPF_DIRECTION_IN|BPF_DIRECTION_OUT); 850 break; 851 852 case FIONBIO: /* Non-blocking I/O */ 853 if (*(int *)addr) 854 d->bd_rtout = -1; 855 else 856 d->bd_rtout = 0; 857 break; 858 859 case FIOASYNC: /* Send signal on receive packets */ 860 d->bd_async = *(int *)addr; 861 break; 862 863 /* 864 * N.B. ioctl (FIOSETOWN) and fcntl (F_SETOWN) both end up doing 865 * the equivalent of a TIOCSPGRP and hence end up here. *However* 866 * TIOCSPGRP's arg is a process group if it's positive and a process 867 * id if it's negative. This is exactly the opposite of what the 868 * other two functions want! Therefore there is code in ioctl and 869 * fcntl to negate the arg before calling here. 870 */ 871 case TIOCSPGRP: /* Process or group to send signals to */ 872 d->bd_pgid = *(int *)addr; 873 d->bd_siguid = p->p_cred->p_ruid; 874 d->bd_sigeuid = p->p_ucred->cr_uid; 875 break; 876 877 case TIOCGPGRP: 878 *(int *)addr = d->bd_pgid; 879 break; 880 881 case BIOCSRSIG: /* Set receive signal */ 882 { 883 u_int sig; 884 885 sig = *(u_int *)addr; 886 887 if (sig >= NSIG) 888 error = EINVAL; 889 else 890 d->bd_sig = sig; 891 break; 892 } 893 case BIOCGRSIG: 894 *(u_int *)addr = d->bd_sig; 895 break; 896 } 897 return (error); 898 } 899 900 /* 901 * Set d's packet filter program to fp. If this file already has a filter, 902 * free it and replace it. Returns EINVAL for bogus requests. 903 */ 904 int 905 bpf_setf(struct bpf_d *d, struct bpf_program *fp, int wf) 906 { 907 struct bpf_insn *fcode, *old; 908 u_int flen, size; 909 int s; 910 911 old = wf ? d->bd_wfilter : d->bd_rfilter; 912 if (fp->bf_insns == 0) { 913 if (fp->bf_len != 0) 914 return (EINVAL); 915 s = splnet(); 916 if (wf) 917 d->bd_wfilter = 0; 918 else 919 d->bd_rfilter = 0; 920 bpf_reset_d(d); 921 splx(s); 922 if (old != 0) 923 free((caddr_t)old, M_DEVBUF); 924 return (0); 925 } 926 flen = fp->bf_len; 927 if (flen > BPF_MAXINSNS) 928 return (EINVAL); 929 930 size = flen * sizeof(*fp->bf_insns); 931 fcode = (struct bpf_insn *)malloc(size, M_DEVBUF, M_WAITOK); 932 if (copyin((caddr_t)fp->bf_insns, (caddr_t)fcode, size) == 0 && 933 bpf_validate(fcode, (int)flen)) { 934 s = splnet(); 935 if (wf) 936 d->bd_wfilter = fcode; 937 else 938 d->bd_rfilter = fcode; 939 bpf_reset_d(d); 940 splx(s); 941 if (old != 0) 942 free((caddr_t)old, M_DEVBUF); 943 944 return (0); 945 } 946 free((caddr_t)fcode, M_DEVBUF); 947 return (EINVAL); 948 } 949 950 /* 951 * Detach a file from its current interface (if attached at all) and attach 952 * to the interface indicated by the name stored in ifr. 953 * Return an errno or 0. 954 */ 955 int 956 bpf_setif(struct bpf_d *d, struct ifreq *ifr) 957 { 958 struct bpf_if *bp, *candidate = NULL; 959 int s, error; 960 961 /* 962 * Look through attached interfaces for the named one. 963 */ 964 for (bp = bpf_iflist; bp != 0; bp = bp->bif_next) { 965 struct ifnet *ifp = bp->bif_ifp; 966 967 if (ifp == 0 || 968 strcmp(ifp->if_xname, ifr->ifr_name) != 0) 969 continue; 970 971 /* 972 * We found the requested interface. 973 */ 974 if (candidate == NULL || candidate->bif_dlt > bp->bif_dlt) 975 candidate = bp; 976 } 977 978 if (candidate != NULL) { 979 /* 980 * Allocate the packet buffers if we need to. 981 * If we're already attached to requested interface, 982 * just flush the buffer. 983 */ 984 if (d->bd_sbuf == 0) { 985 error = bpf_allocbufs(d); 986 if (error != 0) 987 return (error); 988 } 989 s = splnet(); 990 if (candidate != d->bd_bif) { 991 if (d->bd_bif) 992 /* 993 * Detach if attached to something else. 994 */ 995 bpf_detachd(d); 996 997 bpf_attachd(d, candidate); 998 } 999 bpf_reset_d(d); 1000 splx(s); 1001 return (0); 1002 } 1003 /* Not found. */ 1004 return (ENXIO); 1005 } 1006 1007 /* 1008 * Copy the interface name to the ifreq. 1009 */ 1010 void 1011 bpf_ifname(struct ifnet *ifp, struct ifreq *ifr) 1012 { 1013 bcopy(ifp->if_xname, ifr->ifr_name, IFNAMSIZ); 1014 } 1015 1016 /* 1017 * Support for poll() system call 1018 */ 1019 int 1020 bpfpoll(dev_t dev, int events, struct proc *p) 1021 { 1022 struct bpf_d *d; 1023 int s, revents; 1024 1025 /* 1026 * An imitation of the FIONREAD ioctl code. 1027 */ 1028 d = bpfilter_lookup(minor(dev)); 1029 1030 /* 1031 * XXX The USB stack manages it to trigger some race condition 1032 * which causes bpfilter_lookup to return NULL when a USB device 1033 * gets detached while it is up and has an open bpf handler (e.g. 1034 * dhclient). We still should recheck if we can fix the root 1035 * cause of this issue. 1036 */ 1037 if (d == NULL) 1038 return (POLLERR); 1039 1040 /* Always ready to write data */ 1041 revents = events & (POLLOUT | POLLWRNORM); 1042 1043 if (events & (POLLIN | POLLRDNORM)) { 1044 s = splnet(); 1045 if (d->bd_hlen != 0 || (d->bd_immediate && d->bd_slen != 0)) 1046 revents |= events & (POLLIN | POLLRDNORM); 1047 else { 1048 /* 1049 * if there's a timeout, mark the time we 1050 * started waiting. 1051 */ 1052 if (d->bd_rtout != -1 && d->bd_rdStart == 0) 1053 d->bd_rdStart = ticks; 1054 selrecord(p, &d->bd_sel); 1055 } 1056 splx(s); 1057 } 1058 return (revents); 1059 } 1060 1061 struct filterops bpfread_filtops = 1062 { 1, NULL, filt_bpfrdetach, filt_bpfread }; 1063 1064 int 1065 bpfkqfilter(dev_t dev, struct knote *kn) 1066 { 1067 struct bpf_d *d; 1068 struct klist *klist; 1069 int s; 1070 1071 d = bpfilter_lookup(minor(dev)); 1072 switch (kn->kn_filter) { 1073 case EVFILT_READ: 1074 klist = &d->bd_sel.si_note; 1075 kn->kn_fop = &bpfread_filtops; 1076 break; 1077 default: 1078 return (EINVAL); 1079 } 1080 1081 kn->kn_hook = (caddr_t)((u_long)dev); 1082 1083 s = splnet(); 1084 D_GET(d); 1085 SLIST_INSERT_HEAD(klist, kn, kn_selnext); 1086 splx(s); 1087 1088 return (0); 1089 } 1090 1091 void 1092 filt_bpfrdetach(struct knote *kn) 1093 { 1094 dev_t dev = (dev_t)((u_long)kn->kn_hook); 1095 struct bpf_d *d; 1096 int s; 1097 1098 d = bpfilter_lookup(minor(dev)); 1099 s = splnet(); 1100 SLIST_REMOVE(&d->bd_sel.si_note, kn, knote, kn_selnext); 1101 D_PUT(d); 1102 splx(s); 1103 } 1104 1105 int 1106 filt_bpfread(struct knote *kn, long hint) 1107 { 1108 dev_t dev = (dev_t)((u_long)kn->kn_hook); 1109 struct bpf_d *d; 1110 1111 d = bpfilter_lookup(minor(dev)); 1112 kn->kn_data = d->bd_hlen; 1113 if (d->bd_immediate) 1114 kn->kn_data += d->bd_slen; 1115 return (kn->kn_data > 0); 1116 } 1117 1118 /* 1119 * Incoming linkage from device drivers. Process the packet pkt, of length 1120 * pktlen, which is stored in a contiguous buffer. The packet is parsed 1121 * by each process' filter, and if accepted, stashed into the corresponding 1122 * buffer. 1123 */ 1124 int 1125 bpf_tap(caddr_t arg, u_char *pkt, u_int pktlen, u_int direction) 1126 { 1127 struct bpf_if *bp; 1128 struct bpf_d *d; 1129 size_t slen; 1130 int drop = 0; 1131 1132 /* 1133 * Note that the ipl does not have to be raised at this point. 1134 * The only problem that could arise here is that if two different 1135 * interfaces shared any data. This is not the case. 1136 */ 1137 bp = (struct bpf_if *)arg; 1138 for (d = bp->bif_dlist; d != 0; d = d->bd_next) { 1139 ++d->bd_rcount; 1140 if ((direction & d->bd_dirfilt) != 0) 1141 slen = 0; 1142 else 1143 slen = bpf_filter(d->bd_rfilter, pkt, pktlen, pktlen); 1144 if (slen != 0) { 1145 bpf_catchpacket(d, pkt, pktlen, slen, bcopy); 1146 if (d->bd_fildrop) 1147 drop++; 1148 } 1149 } 1150 1151 return (drop); 1152 } 1153 1154 /* 1155 * Copy data from an mbuf chain into a buffer. This code is derived 1156 * from m_copydata in sys/uipc_mbuf.c. 1157 */ 1158 void 1159 bpf_mcopy(const void *src_arg, void *dst_arg, size_t len) 1160 { 1161 const struct mbuf *m; 1162 u_int count; 1163 u_char *dst; 1164 1165 m = src_arg; 1166 dst = dst_arg; 1167 while (len > 0) { 1168 if (m == 0) 1169 panic("bpf_mcopy"); 1170 count = min(m->m_len, len); 1171 bcopy(mtod(m, caddr_t), (caddr_t)dst, count); 1172 m = m->m_next; 1173 dst += count; 1174 len -= count; 1175 } 1176 } 1177 1178 /* 1179 * Incoming linkage from device drivers, when packet is in an mbuf chain. 1180 */ 1181 void 1182 bpf_mtap(caddr_t arg, struct mbuf *m, u_int direction) 1183 { 1184 struct bpf_if *bp = (struct bpf_if *)arg; 1185 struct bpf_d *d; 1186 size_t pktlen, slen; 1187 struct mbuf *m0; 1188 1189 if (m == NULL) 1190 return; 1191 1192 pktlen = 0; 1193 for (m0 = m; m0 != 0; m0 = m0->m_next) 1194 pktlen += m0->m_len; 1195 1196 for (d = bp->bif_dlist; d != 0; d = d->bd_next) { 1197 ++d->bd_rcount; 1198 if ((direction & d->bd_dirfilt) != 0) 1199 slen = 0; 1200 else 1201 slen = bpf_filter(d->bd_rfilter, (u_char *)m, 1202 pktlen, 0); 1203 1204 if (slen == 0) 1205 continue; 1206 1207 bpf_catchpacket(d, (u_char *)m, pktlen, slen, bpf_mcopy); 1208 if (d->bd_fildrop) 1209 m->m_flags |= M_FILDROP; 1210 } 1211 } 1212 1213 /* 1214 * Incoming linkage from device drivers, where we have a mbuf chain 1215 * but need to prepend some arbitrary header from a linear buffer. 1216 * 1217 * Con up a minimal dummy header to pacify bpf. Allocate (only) a 1218 * struct m_hdr on the stack. This is safe as bpf only reads from the 1219 * fields in this header that we initialize, and will not try to free 1220 * it or keep a pointer to it. 1221 */ 1222 void 1223 bpf_mtap_hdr(caddr_t arg, caddr_t data, u_int dlen, struct mbuf *m, 1224 u_int direction) 1225 { 1226 struct m_hdr mh; 1227 1228 mh.mh_flags = 0; 1229 mh.mh_next = m; 1230 mh.mh_len = dlen; 1231 mh.mh_data = data; 1232 1233 bpf_mtap(arg, (struct mbuf *) &mh, direction); 1234 m->m_flags |= mh.mh_flags & M_FILDROP; 1235 } 1236 1237 /* 1238 * Incoming linkage from device drivers, where we have a mbuf chain 1239 * but need to prepend the address family. 1240 * 1241 * Con up a minimal dummy header to pacify bpf. We allocate (only) a 1242 * struct m_hdr on the stack. This is safe as bpf only reads from the 1243 * fields in this header that we initialize, and will not try to free 1244 * it or keep a pointer to it. 1245 */ 1246 void 1247 bpf_mtap_af(caddr_t arg, u_int32_t af, struct mbuf *m, u_int direction) 1248 { 1249 struct m_hdr mh; 1250 u_int32_t afh; 1251 1252 mh.mh_flags = 0; 1253 mh.mh_next = m; 1254 mh.mh_len = 4; 1255 afh = htonl(af); 1256 mh.mh_data = (caddr_t)&afh; 1257 1258 bpf_mtap(arg, (struct mbuf *) &mh, direction); 1259 m->m_flags |= mh.mh_flags & M_FILDROP; 1260 } 1261 1262 /* 1263 * Incoming linkage from device drivers, where we have a mbuf chain 1264 * but need to prepend a VLAN encapsulation header. 1265 * 1266 * Con up a minimal dummy header to pacify bpf. Allocate (only) a 1267 * struct m_hdr on the stack. This is safe as bpf only reads from the 1268 * fields in this header that we initialize, and will not try to free 1269 * it or keep a pointer to it. 1270 */ 1271 void 1272 bpf_mtap_ether(caddr_t arg, struct mbuf *m, u_int direction) 1273 { 1274 #if NVLAN > 0 1275 struct m_hdr mh; 1276 struct ether_vlan_header evh; 1277 1278 if ((m->m_flags & M_VLANTAG) == 0) 1279 #endif 1280 { 1281 bpf_mtap(arg, m, direction); 1282 return; 1283 } 1284 1285 #if NVLAN > 0 1286 bcopy(mtod(m, char *), &evh, ETHER_HDR_LEN); 1287 evh.evl_proto = evh.evl_encap_proto; 1288 evh.evl_encap_proto = htons(ETHERTYPE_VLAN); 1289 evh.evl_tag = htons(m->m_pkthdr.ether_vtag); 1290 m->m_len -= ETHER_HDR_LEN; 1291 m->m_data += ETHER_HDR_LEN; 1292 1293 mh.mh_flags = 0; 1294 mh.mh_next = m; 1295 mh.mh_len = sizeof(evh); 1296 mh.mh_data = (caddr_t)&evh; 1297 1298 bpf_mtap(arg, (struct mbuf *) &mh, direction); 1299 m->m_flags |= mh.mh_flags & M_FILDROP; 1300 1301 m->m_len += ETHER_HDR_LEN; 1302 m->m_data -= ETHER_HDR_LEN; 1303 #endif 1304 } 1305 1306 void 1307 bpf_mtap_pflog(caddr_t arg, caddr_t data, struct mbuf *m) 1308 { 1309 #if NPFLOG > 0 1310 struct m_hdr mh; 1311 struct bpf_if *bp = (struct bpf_if *)arg; 1312 struct bpf_d *d; 1313 size_t pktlen, slen; 1314 struct mbuf *m0; 1315 1316 if (m == NULL) 1317 return; 1318 1319 mh.mh_flags = 0; 1320 mh.mh_next = m; 1321 mh.mh_len = PFLOG_HDRLEN; 1322 mh.mh_data = data; 1323 1324 pktlen = mh.mh_len; 1325 for (m0 = m; m0 != 0; m0 = m0->m_next) 1326 pktlen += m0->m_len; 1327 1328 for (d = bp->bif_dlist; d != 0; d = d->bd_next) { 1329 ++d->bd_rcount; 1330 if ((BPF_DIRECTION_OUT & d->bd_dirfilt) != 0) 1331 slen = 0; 1332 else 1333 slen = bpf_filter(d->bd_rfilter, (u_char *)&mh, 1334 pktlen, 0); 1335 1336 if (slen == 0) 1337 continue; 1338 1339 bpf_catchpacket(d, (u_char *)&mh, pktlen, slen, pflog_bpfcopy); 1340 } 1341 #endif 1342 } 1343 1344 1345 /* 1346 * Move the packet data from interface memory (pkt) into the 1347 * store buffer. Return 1 if it's time to wakeup a listener (buffer full), 1348 * otherwise 0. "copy" is the routine called to do the actual data 1349 * transfer. bcopy is passed in to copy contiguous chunks, while 1350 * bpf_mcopy is passed in to copy mbuf chains. In the latter case, 1351 * pkt is really an mbuf. 1352 */ 1353 void 1354 bpf_catchpacket(struct bpf_d *d, u_char *pkt, size_t pktlen, size_t snaplen, 1355 void (*cpfn)(const void *, void *, size_t)) 1356 { 1357 struct bpf_hdr *hp; 1358 int totlen, curlen; 1359 int hdrlen = d->bd_bif->bif_hdrlen; 1360 struct timeval tv; 1361 1362 /* 1363 * Figure out how many bytes to move. If the packet is 1364 * greater or equal to the snapshot length, transfer that 1365 * much. Otherwise, transfer the whole packet (unless 1366 * we hit the buffer size limit). 1367 */ 1368 totlen = hdrlen + min(snaplen, pktlen); 1369 if (totlen > d->bd_bufsize) 1370 totlen = d->bd_bufsize; 1371 1372 /* 1373 * Round up the end of the previous packet to the next longword. 1374 */ 1375 curlen = BPF_WORDALIGN(d->bd_slen); 1376 if (curlen + totlen > d->bd_bufsize) { 1377 /* 1378 * This packet will overflow the storage buffer. 1379 * Rotate the buffers if we can, then wakeup any 1380 * pending reads. 1381 */ 1382 if (d->bd_fbuf == 0) { 1383 /* 1384 * We haven't completed the previous read yet, 1385 * so drop the packet. 1386 */ 1387 ++d->bd_dcount; 1388 return; 1389 } 1390 ROTATE_BUFFERS(d); 1391 bpf_wakeup(d); 1392 curlen = 0; 1393 } 1394 1395 /* 1396 * Append the bpf header. 1397 */ 1398 hp = (struct bpf_hdr *)(d->bd_sbuf + curlen); 1399 microtime(&tv); 1400 hp->bh_tstamp.tv_sec = tv.tv_sec; 1401 hp->bh_tstamp.tv_usec = tv.tv_usec; 1402 hp->bh_datalen = pktlen; 1403 hp->bh_hdrlen = hdrlen; 1404 /* 1405 * Copy the packet data into the store buffer and update its length. 1406 */ 1407 (*cpfn)(pkt, (u_char *)hp + hdrlen, (hp->bh_caplen = totlen - hdrlen)); 1408 d->bd_slen = curlen + totlen; 1409 1410 if (d->bd_immediate) { 1411 /* 1412 * Immediate mode is set. A packet arrived so any 1413 * reads should be woken up. 1414 */ 1415 bpf_wakeup(d); 1416 } 1417 1418 if (d->bd_rdStart && (d->bd_rtout + d->bd_rdStart < ticks)) { 1419 /* 1420 * we could be selecting on the bpf, and we 1421 * may have timeouts set. We got here by getting 1422 * a packet, so wake up the reader. 1423 */ 1424 if (d->bd_fbuf) { 1425 d->bd_rdStart = 0; 1426 ROTATE_BUFFERS(d); 1427 bpf_wakeup(d); 1428 } 1429 } 1430 } 1431 1432 /* 1433 * Initialize all nonzero fields of a descriptor. 1434 */ 1435 int 1436 bpf_allocbufs(struct bpf_d *d) 1437 { 1438 d->bd_fbuf = (caddr_t)malloc(d->bd_bufsize, M_DEVBUF, M_NOWAIT); 1439 if (d->bd_fbuf == NULL) 1440 return (ENOBUFS); 1441 d->bd_sbuf = (caddr_t)malloc(d->bd_bufsize, M_DEVBUF, M_NOWAIT); 1442 if (d->bd_sbuf == NULL) { 1443 free(d->bd_fbuf, M_DEVBUF); 1444 return (ENOBUFS); 1445 } 1446 d->bd_slen = 0; 1447 d->bd_hlen = 0; 1448 return (0); 1449 } 1450 1451 /* 1452 * Free buffers currently in use by a descriptor 1453 * when the reference count drops to zero. 1454 */ 1455 void 1456 bpf_freed(struct bpf_d *d) 1457 { 1458 if (--d->bd_ref > 0) 1459 return; 1460 1461 if (d->bd_sbuf != 0) { 1462 free(d->bd_sbuf, M_DEVBUF); 1463 if (d->bd_hbuf != 0) 1464 free(d->bd_hbuf, M_DEVBUF); 1465 if (d->bd_fbuf != 0) 1466 free(d->bd_fbuf, M_DEVBUF); 1467 } 1468 if (d->bd_rfilter) 1469 free((caddr_t)d->bd_rfilter, M_DEVBUF); 1470 if (d->bd_wfilter) 1471 free((caddr_t)d->bd_wfilter, M_DEVBUF); 1472 1473 bpfilter_destroy(d); 1474 } 1475 1476 /* 1477 * Attach an interface to bpf. driverp is a pointer to a (struct bpf_if *) 1478 * in the driver's softc; dlt is the link layer type; hdrlen is the fixed 1479 * size of the link header (variable length headers not yet supported). 1480 */ 1481 void 1482 bpfattach(caddr_t *driverp, struct ifnet *ifp, u_int dlt, u_int hdrlen) 1483 { 1484 struct bpf_if *bp; 1485 bp = (struct bpf_if *)malloc(sizeof(*bp), M_DEVBUF, M_DONTWAIT); 1486 1487 if (bp == 0) 1488 panic("bpfattach"); 1489 1490 bp->bif_dlist = 0; 1491 bp->bif_driverp = (struct bpf_if **)driverp; 1492 bp->bif_ifp = ifp; 1493 bp->bif_dlt = dlt; 1494 1495 bp->bif_next = bpf_iflist; 1496 bpf_iflist = bp; 1497 1498 *bp->bif_driverp = NULL; 1499 1500 /* 1501 * Compute the length of the bpf header. This is not necessarily 1502 * equal to SIZEOF_BPF_HDR because we want to insert spacing such 1503 * that the network layer header begins on a longword boundary (for 1504 * performance reasons and to alleviate alignment restrictions). 1505 */ 1506 bp->bif_hdrlen = BPF_WORDALIGN(hdrlen + SIZEOF_BPF_HDR) - hdrlen; 1507 } 1508 1509 /* Detach an interface from its attached bpf device. */ 1510 void 1511 bpfdetach(struct ifnet *ifp) 1512 { 1513 struct bpf_if *bp, *nbp, **pbp = &bpf_iflist; 1514 struct bpf_d *bd; 1515 int maj; 1516 1517 for (bp = bpf_iflist; bp; bp = nbp) { 1518 nbp= bp->bif_next; 1519 if (bp->bif_ifp == ifp) { 1520 *pbp = nbp; 1521 1522 /* Locate the major number. */ 1523 for (maj = 0; maj < nchrdev; maj++) 1524 if (cdevsw[maj].d_open == bpfopen) 1525 break; 1526 1527 for (bd = bp->bif_dlist; bd; bd = bp->bif_dlist) { 1528 struct bpf_d *d; 1529 1530 /* 1531 * Locate the minor number and nuke the vnode 1532 * for any open instance. 1533 */ 1534 LIST_FOREACH(d, &bpf_d_list, bd_list) 1535 if (d == bd) { 1536 vdevgone(maj, d->bd_unit, 1537 d->bd_unit, VCHR); 1538 break; 1539 } 1540 } 1541 1542 free(bp, M_DEVBUF); 1543 } else 1544 pbp = &bp->bif_next; 1545 } 1546 ifp->if_bpf = NULL; 1547 } 1548 1549 int 1550 bpf_sysctl(int *name, u_int namelen, void *oldp, size_t *oldlenp, void *newp, 1551 size_t newlen) 1552 { 1553 int newval; 1554 int error; 1555 1556 if (namelen != 1) 1557 return (ENOTDIR); 1558 1559 switch (name[0]) { 1560 case NET_BPF_BUFSIZE: 1561 newval = bpf_bufsize; 1562 error = sysctl_int(oldp, oldlenp, newp, newlen, &newval); 1563 if (error) 1564 return (error); 1565 if (newval < BPF_MINBUFSIZE || newval > bpf_maxbufsize) 1566 return (EINVAL); 1567 bpf_bufsize = newval; 1568 break; 1569 case NET_BPF_MAXBUFSIZE: 1570 newval = bpf_maxbufsize; 1571 error = sysctl_int(oldp, oldlenp, newp, newlen, &newval); 1572 if (error) 1573 return (error); 1574 if (newval < BPF_MINBUFSIZE) 1575 return (EINVAL); 1576 bpf_maxbufsize = newval; 1577 break; 1578 default: 1579 return (EOPNOTSUPP); 1580 } 1581 return (0); 1582 } 1583 1584 struct bpf_d * 1585 bpfilter_lookup(int unit) 1586 { 1587 struct bpf_d *bd; 1588 1589 LIST_FOREACH(bd, &bpf_d_list, bd_list) 1590 if (bd->bd_unit == unit) 1591 return (bd); 1592 return (NULL); 1593 } 1594 1595 struct bpf_d * 1596 bpfilter_create(int unit) 1597 { 1598 struct bpf_d *bd; 1599 1600 if ((bd = bpfilter_lookup(unit)) != NULL) 1601 return (NULL); 1602 if ((bd = malloc(sizeof(*bd), M_DEVBUF, M_NOWAIT|M_ZERO)) != NULL) { 1603 bd->bd_unit = unit; 1604 LIST_INSERT_HEAD(&bpf_d_list, bd, bd_list); 1605 } 1606 return (bd); 1607 } 1608 1609 void 1610 bpfilter_destroy(struct bpf_d *bd) 1611 { 1612 LIST_REMOVE(bd, bd_list); 1613 free(bd, M_DEVBUF); 1614 } 1615 1616 /* 1617 * Get a list of available data link type of the interface. 1618 */ 1619 int 1620 bpf_getdltlist(struct bpf_d *d, struct bpf_dltlist *bfl) 1621 { 1622 int n, error; 1623 struct ifnet *ifp; 1624 struct bpf_if *bp; 1625 1626 ifp = d->bd_bif->bif_ifp; 1627 n = 0; 1628 error = 0; 1629 for (bp = bpf_iflist; bp != NULL; bp = bp->bif_next) { 1630 if (bp->bif_ifp != ifp) 1631 continue; 1632 if (bfl->bfl_list != NULL) { 1633 if (n >= bfl->bfl_len) 1634 return (ENOMEM); 1635 error = copyout(&bp->bif_dlt, 1636 bfl->bfl_list + n, sizeof(u_int)); 1637 if (error) 1638 break; 1639 } 1640 n++; 1641 } 1642 1643 bfl->bfl_len = n; 1644 return (error); 1645 } 1646 1647 /* 1648 * Set the data link type of a BPF instance. 1649 */ 1650 int 1651 bpf_setdlt(struct bpf_d *d, u_int dlt) 1652 { 1653 int s; 1654 struct ifnet *ifp; 1655 struct bpf_if *bp; 1656 1657 if (d->bd_bif->bif_dlt == dlt) 1658 return (0); 1659 ifp = d->bd_bif->bif_ifp; 1660 for (bp = bpf_iflist; bp != NULL; bp = bp->bif_next) { 1661 if (bp->bif_ifp == ifp && bp->bif_dlt == dlt) 1662 break; 1663 } 1664 if (bp == NULL) 1665 return (EINVAL); 1666 s = splnet(); 1667 bpf_detachd(d); 1668 bpf_attachd(d, bp); 1669 bpf_reset_d(d); 1670 splx(s); 1671 return (0); 1672 } 1673