1 /* $OpenBSD: bpf.c,v 1.103 2014/07/12 18:44:22 tedu Exp $ */ 2 /* $NetBSD: bpf.c,v 1.33 1997/02/21 23:59:35 thorpej Exp $ */ 3 4 /* 5 * Copyright (c) 1990, 1991, 1993 6 * The Regents of the University of California. All rights reserved. 7 * Copyright (c) 2010, 2014 Henning Brauer <henning@openbsd.org> 8 * 9 * This code is derived from the Stanford/CMU enet packet filter, 10 * (net/enet.c) distributed as part of 4.3BSD, and code contributed 11 * to Berkeley by Steven McCanne and Van Jacobson both of Lawrence 12 * Berkeley Laboratory. 13 * 14 * Redistribution and use in source and binary forms, with or without 15 * modification, are permitted provided that the following conditions 16 * are met: 17 * 1. Redistributions of source code must retain the above copyright 18 * notice, this list of conditions and the following disclaimer. 19 * 2. Redistributions in binary form must reproduce the above copyright 20 * notice, this list of conditions and the following disclaimer in the 21 * documentation and/or other materials provided with the distribution. 22 * 3. Neither the name of the University nor the names of its contributors 23 * may be used to endorse or promote products derived from this software 24 * without specific prior written permission. 25 * 26 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 27 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 28 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 29 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 30 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 31 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 34 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 35 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 36 * SUCH DAMAGE. 37 * 38 * @(#)bpf.c 8.2 (Berkeley) 3/28/94 39 */ 40 41 #include "bpfilter.h" 42 43 #include <sys/param.h> 44 #include <sys/mbuf.h> 45 #include <sys/proc.h> 46 #include <sys/signalvar.h> 47 #include <sys/ioctl.h> 48 #include <sys/conf.h> 49 #include <sys/vnode.h> 50 #include <sys/file.h> 51 #include <sys/socket.h> 52 #include <sys/poll.h> 53 #include <sys/kernel.h> 54 #include <sys/sysctl.h> 55 56 #include <net/if.h> 57 #include <net/bpf.h> 58 #include <net/bpfdesc.h> 59 60 #include <netinet/in.h> 61 #include <netinet/if_ether.h> 62 63 #include "vlan.h" 64 #if NVLAN > 0 65 #include <net/if_vlan_var.h> 66 #endif 67 68 #define BPF_BUFSIZE 32768 69 70 #define PRINET 26 /* interruptible */ 71 72 /* from kern/kern_clock.c; incremented each clock tick. */ 73 extern int ticks; 74 75 /* 76 * The default read buffer size is patchable. 77 */ 78 int bpf_bufsize = BPF_BUFSIZE; 79 int bpf_maxbufsize = BPF_MAXBUFSIZE; 80 81 /* 82 * bpf_iflist is the list of interfaces; each corresponds to an ifnet 83 * bpf_d_list is the list of descriptors 84 */ 85 struct bpf_if *bpf_iflist; 86 LIST_HEAD(, bpf_d) bpf_d_list; 87 88 void bpf_allocbufs(struct bpf_d *); 89 void bpf_freed(struct bpf_d *); 90 void bpf_ifname(struct ifnet *, struct ifreq *); 91 void _bpf_mtap(caddr_t, struct mbuf *, u_int, 92 void (*)(const void *, void *, size_t)); 93 void bpf_mcopy(const void *, void *, size_t); 94 void bpf_mcopy_stripvlan(const void *, void *, size_t); 95 int bpf_movein(struct uio *, u_int, struct mbuf **, 96 struct sockaddr *, struct bpf_insn *); 97 void bpf_attachd(struct bpf_d *, struct bpf_if *); 98 void bpf_detachd(struct bpf_d *); 99 int bpf_setif(struct bpf_d *, struct ifreq *); 100 int bpfpoll(dev_t, int, struct proc *); 101 int bpfkqfilter(dev_t, struct knote *); 102 void bpf_wakeup(struct bpf_d *); 103 void bpf_catchpacket(struct bpf_d *, u_char *, size_t, size_t, 104 void (*)(const void *, void *, size_t), struct timeval *); 105 void bpf_reset_d(struct bpf_d *); 106 int bpf_getdltlist(struct bpf_d *, struct bpf_dltlist *); 107 int bpf_setdlt(struct bpf_d *, u_int); 108 109 void filt_bpfrdetach(struct knote *); 110 int filt_bpfread(struct knote *, long); 111 112 struct bpf_d *bpfilter_lookup(int); 113 struct bpf_d *bpfilter_create(int); 114 void bpfilter_destroy(struct bpf_d *); 115 116 int 117 bpf_movein(struct uio *uio, u_int linktype, struct mbuf **mp, 118 struct sockaddr *sockp, struct bpf_insn *filter) 119 { 120 struct mbuf *m; 121 struct m_tag *mtag; 122 int error; 123 u_int hlen; 124 u_int len; 125 u_int slen; 126 127 /* 128 * Build a sockaddr based on the data link layer type. 129 * We do this at this level because the ethernet header 130 * is copied directly into the data field of the sockaddr. 131 * In the case of SLIP, there is no header and the packet 132 * is forwarded as is. 133 * Also, we are careful to leave room at the front of the mbuf 134 * for the link level header. 135 */ 136 switch (linktype) { 137 138 case DLT_SLIP: 139 sockp->sa_family = AF_INET; 140 hlen = 0; 141 break; 142 143 case DLT_PPP: 144 sockp->sa_family = AF_UNSPEC; 145 hlen = 0; 146 break; 147 148 case DLT_EN10MB: 149 sockp->sa_family = AF_UNSPEC; 150 /* XXX Would MAXLINKHDR be better? */ 151 hlen = ETHER_HDR_LEN; 152 break; 153 154 case DLT_IEEE802_11: 155 case DLT_IEEE802_11_RADIO: 156 sockp->sa_family = AF_UNSPEC; 157 hlen = 0; 158 break; 159 160 case DLT_RAW: 161 case DLT_NULL: 162 sockp->sa_family = AF_UNSPEC; 163 hlen = 0; 164 break; 165 166 case DLT_LOOP: 167 sockp->sa_family = AF_UNSPEC; 168 hlen = sizeof(u_int32_t); 169 break; 170 171 default: 172 return (EIO); 173 } 174 175 if (uio->uio_resid > MCLBYTES) 176 return (EIO); 177 len = uio->uio_resid; 178 179 MGETHDR(m, M_WAIT, MT_DATA); 180 m->m_pkthdr.rcvif = NULL; 181 m->m_pkthdr.len = len - hlen; 182 183 if (len > MHLEN) { 184 MCLGET(m, M_WAIT); 185 if ((m->m_flags & M_EXT) == 0) { 186 error = ENOBUFS; 187 goto bad; 188 } 189 } 190 m->m_len = len; 191 *mp = m; 192 193 error = uiomove(mtod(m, caddr_t), len, uio); 194 if (error) 195 goto bad; 196 197 slen = bpf_filter(filter, mtod(m, u_char *), len, len); 198 if (slen < len) { 199 error = EPERM; 200 goto bad; 201 } 202 203 if (m->m_len < hlen) { 204 error = EPERM; 205 goto bad; 206 } 207 /* 208 * Make room for link header, and copy it to sockaddr 209 */ 210 if (hlen != 0) { 211 if (linktype == DLT_LOOP) { 212 u_int32_t af; 213 214 /* the link header indicates the address family */ 215 KASSERT(hlen == sizeof(u_int32_t)); 216 memcpy(&af, m->m_data, hlen); 217 sockp->sa_family = ntohl(af); 218 } else 219 memcpy(sockp->sa_data, m->m_data, hlen); 220 m->m_len -= hlen; 221 m->m_data += hlen; /* XXX */ 222 } 223 224 /* 225 * Prepend the data link type as a mbuf tag 226 */ 227 mtag = m_tag_get(PACKET_TAG_DLT, sizeof(u_int), M_NOWAIT); 228 if (mtag == NULL) 229 return (ENOMEM); 230 *(u_int *)(mtag + 1) = linktype; 231 m_tag_prepend(m, mtag); 232 233 return (0); 234 bad: 235 m_freem(m); 236 return (error); 237 } 238 239 /* 240 * Attach file to the bpf interface, i.e. make d listen on bp. 241 * Must be called at splnet. 242 */ 243 void 244 bpf_attachd(struct bpf_d *d, struct bpf_if *bp) 245 { 246 /* 247 * Point d at bp, and add d to the interface's list of listeners. 248 * Finally, point the driver's bpf cookie at the interface so 249 * it will divert packets to bpf. 250 */ 251 d->bd_bif = bp; 252 d->bd_next = bp->bif_dlist; 253 bp->bif_dlist = d; 254 255 *bp->bif_driverp = bp; 256 } 257 258 /* 259 * Detach a file from its interface. 260 */ 261 void 262 bpf_detachd(struct bpf_d *d) 263 { 264 struct bpf_d **p; 265 struct bpf_if *bp; 266 267 bp = d->bd_bif; 268 /* 269 * Check if this descriptor had requested promiscuous mode. 270 * If so, turn it off. 271 */ 272 if (d->bd_promisc) { 273 int error; 274 275 d->bd_promisc = 0; 276 error = ifpromisc(bp->bif_ifp, 0); 277 if (error && !(error == EINVAL || error == ENODEV)) 278 /* 279 * Something is really wrong if we were able to put 280 * the driver into promiscuous mode, but can't 281 * take it out. 282 */ 283 panic("bpf: ifpromisc failed"); 284 } 285 /* Remove d from the interface's descriptor list. */ 286 p = &bp->bif_dlist; 287 while (*p != d) { 288 p = &(*p)->bd_next; 289 if (*p == 0) 290 panic("bpf_detachd: descriptor not in list"); 291 } 292 *p = (*p)->bd_next; 293 if (bp->bif_dlist == 0) 294 /* 295 * Let the driver know that there are no more listeners. 296 */ 297 *d->bd_bif->bif_driverp = 0; 298 d->bd_bif = NULL; 299 } 300 301 /* 302 * Reference count access to descriptor buffers 303 */ 304 #define D_GET(d) ((d)->bd_ref++) 305 #define D_PUT(d) bpf_freed(d) 306 307 /* 308 * bpfilterattach() is called at boot time in new systems. We do 309 * nothing here since old systems will not call this. 310 */ 311 /* ARGSUSED */ 312 void 313 bpfilterattach(int n) 314 { 315 LIST_INIT(&bpf_d_list); 316 } 317 318 /* 319 * Open ethernet device. Returns ENXIO for illegal minor device number, 320 * EBUSY if file is open by another process. 321 */ 322 /* ARGSUSED */ 323 int 324 bpfopen(dev_t dev, int flag, int mode, struct proc *p) 325 { 326 struct bpf_d *d; 327 328 /* create on demand */ 329 if ((d = bpfilter_create(minor(dev))) == NULL) 330 return (EBUSY); 331 332 /* Mark "free" and do most initialization. */ 333 d->bd_bufsize = bpf_bufsize; 334 d->bd_sig = SIGIO; 335 336 D_GET(d); 337 338 return (0); 339 } 340 341 /* 342 * Close the descriptor by detaching it from its interface, 343 * deallocating its buffers, and marking it free. 344 */ 345 /* ARGSUSED */ 346 int 347 bpfclose(dev_t dev, int flag, int mode, struct proc *p) 348 { 349 struct bpf_d *d; 350 int s; 351 352 d = bpfilter_lookup(minor(dev)); 353 s = splnet(); 354 if (d->bd_bif) 355 bpf_detachd(d); 356 bpf_wakeup(d); 357 D_PUT(d); 358 splx(s); 359 360 return (0); 361 } 362 363 /* 364 * Rotate the packet buffers in descriptor d. Move the store buffer 365 * into the hold slot, and the free buffer into the store slot. 366 * Zero the length of the new store buffer. 367 */ 368 #define ROTATE_BUFFERS(d) \ 369 (d)->bd_hbuf = (d)->bd_sbuf; \ 370 (d)->bd_hlen = (d)->bd_slen; \ 371 (d)->bd_sbuf = (d)->bd_fbuf; \ 372 (d)->bd_slen = 0; \ 373 (d)->bd_fbuf = 0; 374 /* 375 * bpfread - read next chunk of packets from buffers 376 */ 377 int 378 bpfread(dev_t dev, struct uio *uio, int ioflag) 379 { 380 struct bpf_d *d; 381 int error; 382 int s; 383 384 d = bpfilter_lookup(minor(dev)); 385 if (d->bd_bif == NULL) 386 return (ENXIO); 387 388 /* 389 * Restrict application to use a buffer the same size as 390 * as kernel buffers. 391 */ 392 if (uio->uio_resid != d->bd_bufsize) 393 return (EINVAL); 394 395 s = splnet(); 396 397 D_GET(d); 398 399 /* 400 * If there's a timeout, bd_rdStart is tagged when we start the read. 401 * we can then figure out when we're done reading. 402 */ 403 if (d->bd_rtout != -1 && d->bd_rdStart == 0) 404 d->bd_rdStart = ticks; 405 else 406 d->bd_rdStart = 0; 407 408 /* 409 * If the hold buffer is empty, then do a timed sleep, which 410 * ends when the timeout expires or when enough packets 411 * have arrived to fill the store buffer. 412 */ 413 while (d->bd_hbuf == 0) { 414 if (d->bd_bif == NULL) { 415 /* interface is gone */ 416 if (d->bd_slen == 0) { 417 D_PUT(d); 418 splx(s); 419 return (EIO); 420 } 421 ROTATE_BUFFERS(d); 422 break; 423 } 424 if (d->bd_immediate && d->bd_slen != 0) { 425 /* 426 * A packet(s) either arrived since the previous 427 * read or arrived while we were asleep. 428 * Rotate the buffers and return what's here. 429 */ 430 ROTATE_BUFFERS(d); 431 break; 432 } 433 if (d->bd_rtout == -1) { 434 /* User requested non-blocking I/O */ 435 error = EWOULDBLOCK; 436 } else { 437 if ((d->bd_rdStart + d->bd_rtout) < ticks) { 438 error = tsleep((caddr_t)d, PRINET|PCATCH, "bpf", 439 d->bd_rtout); 440 } else 441 error = EWOULDBLOCK; 442 } 443 if (error == EINTR || error == ERESTART) { 444 D_PUT(d); 445 splx(s); 446 return (error); 447 } 448 if (error == EWOULDBLOCK) { 449 /* 450 * On a timeout, return what's in the buffer, 451 * which may be nothing. If there is something 452 * in the store buffer, we can rotate the buffers. 453 */ 454 if (d->bd_hbuf) 455 /* 456 * We filled up the buffer in between 457 * getting the timeout and arriving 458 * here, so we don't need to rotate. 459 */ 460 break; 461 462 if (d->bd_slen == 0) { 463 D_PUT(d); 464 splx(s); 465 return (0); 466 } 467 ROTATE_BUFFERS(d); 468 break; 469 } 470 } 471 /* 472 * At this point, we know we have something in the hold slot. 473 */ 474 splx(s); 475 476 /* 477 * Move data from hold buffer into user space. 478 * We know the entire buffer is transferred since 479 * we checked above that the read buffer is bpf_bufsize bytes. 480 */ 481 error = uiomove(d->bd_hbuf, d->bd_hlen, uio); 482 483 s = splnet(); 484 d->bd_fbuf = d->bd_hbuf; 485 d->bd_hbuf = NULL; 486 d->bd_hlen = 0; 487 488 D_PUT(d); 489 splx(s); 490 491 return (error); 492 } 493 494 495 /* 496 * If there are processes sleeping on this descriptor, wake them up. 497 */ 498 void 499 bpf_wakeup(struct bpf_d *d) 500 { 501 wakeup((caddr_t)d); 502 if (d->bd_async && d->bd_sig) 503 csignal(d->bd_pgid, d->bd_sig, 504 d->bd_siguid, d->bd_sigeuid); 505 506 selwakeup(&d->bd_sel); 507 /* XXX */ 508 d->bd_sel.si_selpid = 0; 509 } 510 511 int 512 bpfwrite(dev_t dev, struct uio *uio, int ioflag) 513 { 514 struct bpf_d *d; 515 struct ifnet *ifp; 516 struct mbuf *m; 517 int error, s; 518 struct sockaddr_storage dst; 519 520 d = bpfilter_lookup(minor(dev)); 521 if (d->bd_bif == NULL) 522 return (ENXIO); 523 524 ifp = d->bd_bif->bif_ifp; 525 526 if ((ifp->if_flags & IFF_UP) == 0) 527 return (ENETDOWN); 528 529 if (uio->uio_resid == 0) 530 return (0); 531 532 error = bpf_movein(uio, d->bd_bif->bif_dlt, &m, 533 (struct sockaddr *)&dst, d->bd_wfilter); 534 if (error) 535 return (error); 536 537 if (m->m_pkthdr.len > ifp->if_mtu) { 538 m_freem(m); 539 return (EMSGSIZE); 540 } 541 542 m->m_pkthdr.ph_rtableid = ifp->if_rdomain; 543 544 if (d->bd_hdrcmplt && dst.ss_family == AF_UNSPEC) 545 dst.ss_family = pseudo_AF_HDRCMPLT; 546 547 s = splsoftnet(); 548 error = (*ifp->if_output)(ifp, m, (struct sockaddr *)&dst, NULL); 549 splx(s); 550 /* 551 * The driver frees the mbuf. 552 */ 553 return (error); 554 } 555 556 /* 557 * Reset a descriptor by flushing its packet buffer and clearing the 558 * receive and drop counts. Should be called at splnet. 559 */ 560 void 561 bpf_reset_d(struct bpf_d *d) 562 { 563 if (d->bd_hbuf) { 564 /* Free the hold buffer. */ 565 d->bd_fbuf = d->bd_hbuf; 566 d->bd_hbuf = NULL; 567 } 568 d->bd_slen = 0; 569 d->bd_hlen = 0; 570 d->bd_rcount = 0; 571 d->bd_dcount = 0; 572 } 573 574 /* 575 * FIONREAD Check for read packet available. 576 * BIOCGBLEN Get buffer len [for read()]. 577 * BIOCSETF Set ethernet read filter. 578 * BIOCFLUSH Flush read packet buffer. 579 * BIOCPROMISC Put interface into promiscuous mode. 580 * BIOCGDLTLIST Get supported link layer types. 581 * BIOCGDLT Get link layer type. 582 * BIOCSDLT Set link layer type. 583 * BIOCGETIF Get interface name. 584 * BIOCSETIF Set interface. 585 * BIOCSRTIMEOUT Set read timeout. 586 * BIOCGRTIMEOUT Get read timeout. 587 * BIOCGSTATS Get packet stats. 588 * BIOCIMMEDIATE Set immediate mode. 589 * BIOCVERSION Get filter language version. 590 * BIOCGHDRCMPLT Get "header already complete" flag 591 * BIOCSHDRCMPLT Set "header already complete" flag 592 */ 593 /* ARGSUSED */ 594 int 595 bpfioctl(dev_t dev, u_long cmd, caddr_t addr, int flag, struct proc *p) 596 { 597 struct bpf_d *d; 598 int s, error = 0; 599 600 d = bpfilter_lookup(minor(dev)); 601 if (d->bd_locked && suser(p, 0) != 0) { 602 /* list of allowed ioctls when locked and not root */ 603 switch (cmd) { 604 case BIOCGBLEN: 605 case BIOCFLUSH: 606 case BIOCGDLT: 607 case BIOCGDLTLIST: 608 case BIOCGETIF: 609 case BIOCGRTIMEOUT: 610 case BIOCGSTATS: 611 case BIOCVERSION: 612 case BIOCGRSIG: 613 case BIOCGHDRCMPLT: 614 case FIONREAD: 615 case BIOCLOCK: 616 case BIOCSRTIMEOUT: 617 case BIOCIMMEDIATE: 618 case TIOCGPGRP: 619 case BIOCGDIRFILT: 620 break; 621 default: 622 return (EPERM); 623 } 624 } 625 626 switch (cmd) { 627 628 default: 629 error = EINVAL; 630 break; 631 632 /* 633 * Check for read packet available. 634 */ 635 case FIONREAD: 636 { 637 int n; 638 639 s = splnet(); 640 n = d->bd_slen; 641 if (d->bd_hbuf) 642 n += d->bd_hlen; 643 splx(s); 644 645 *(int *)addr = n; 646 break; 647 } 648 649 /* 650 * Get buffer len [for read()]. 651 */ 652 case BIOCGBLEN: 653 *(u_int *)addr = d->bd_bufsize; 654 break; 655 656 /* 657 * Set buffer length. 658 */ 659 case BIOCSBLEN: 660 if (d->bd_bif != NULL) 661 error = EINVAL; 662 else { 663 u_int size = *(u_int *)addr; 664 665 if (size > bpf_maxbufsize) 666 *(u_int *)addr = size = bpf_maxbufsize; 667 else if (size < BPF_MINBUFSIZE) 668 *(u_int *)addr = size = BPF_MINBUFSIZE; 669 d->bd_bufsize = size; 670 } 671 break; 672 673 /* 674 * Set link layer read filter. 675 */ 676 case BIOCSETF: 677 error = bpf_setf(d, (struct bpf_program *)addr, 0); 678 break; 679 680 /* 681 * Set link layer write filter. 682 */ 683 case BIOCSETWF: 684 error = bpf_setf(d, (struct bpf_program *)addr, 1); 685 break; 686 687 /* 688 * Flush read packet buffer. 689 */ 690 case BIOCFLUSH: 691 s = splnet(); 692 bpf_reset_d(d); 693 splx(s); 694 break; 695 696 /* 697 * Put interface into promiscuous mode. 698 */ 699 case BIOCPROMISC: 700 if (d->bd_bif == NULL) { 701 /* 702 * No interface attached yet. 703 */ 704 error = EINVAL; 705 break; 706 } 707 s = splnet(); 708 if (d->bd_promisc == 0) { 709 error = ifpromisc(d->bd_bif->bif_ifp, 1); 710 if (error == 0) 711 d->bd_promisc = 1; 712 } 713 splx(s); 714 break; 715 716 /* 717 * Get a list of supported device parameters. 718 */ 719 case BIOCGDLTLIST: 720 if (d->bd_bif == NULL) 721 error = EINVAL; 722 else 723 error = bpf_getdltlist(d, (struct bpf_dltlist *)addr); 724 break; 725 726 /* 727 * Get device parameters. 728 */ 729 case BIOCGDLT: 730 if (d->bd_bif == NULL) 731 error = EINVAL; 732 else 733 *(u_int *)addr = d->bd_bif->bif_dlt; 734 break; 735 736 /* 737 * Set device parameters. 738 */ 739 case BIOCSDLT: 740 if (d->bd_bif == NULL) 741 error = EINVAL; 742 else 743 error = bpf_setdlt(d, *(u_int *)addr); 744 break; 745 746 /* 747 * Set interface name. 748 */ 749 case BIOCGETIF: 750 if (d->bd_bif == NULL) 751 error = EINVAL; 752 else 753 bpf_ifname(d->bd_bif->bif_ifp, (struct ifreq *)addr); 754 break; 755 756 /* 757 * Set interface. 758 */ 759 case BIOCSETIF: 760 error = bpf_setif(d, (struct ifreq *)addr); 761 break; 762 763 /* 764 * Set read timeout. 765 */ 766 case BIOCSRTIMEOUT: 767 { 768 struct timeval *tv = (struct timeval *)addr; 769 770 /* Compute number of ticks. */ 771 d->bd_rtout = tv->tv_sec * hz + tv->tv_usec / tick; 772 if (d->bd_rtout == 0 && tv->tv_usec != 0) 773 d->bd_rtout = 1; 774 break; 775 } 776 777 /* 778 * Get read timeout. 779 */ 780 case BIOCGRTIMEOUT: 781 { 782 struct timeval *tv = (struct timeval *)addr; 783 784 tv->tv_sec = d->bd_rtout / hz; 785 tv->tv_usec = (d->bd_rtout % hz) * tick; 786 break; 787 } 788 789 /* 790 * Get packet stats. 791 */ 792 case BIOCGSTATS: 793 { 794 struct bpf_stat *bs = (struct bpf_stat *)addr; 795 796 bs->bs_recv = d->bd_rcount; 797 bs->bs_drop = d->bd_dcount; 798 break; 799 } 800 801 /* 802 * Set immediate mode. 803 */ 804 case BIOCIMMEDIATE: 805 d->bd_immediate = *(u_int *)addr; 806 break; 807 808 case BIOCVERSION: 809 { 810 struct bpf_version *bv = (struct bpf_version *)addr; 811 812 bv->bv_major = BPF_MAJOR_VERSION; 813 bv->bv_minor = BPF_MINOR_VERSION; 814 break; 815 } 816 817 case BIOCGHDRCMPLT: /* get "header already complete" flag */ 818 *(u_int *)addr = d->bd_hdrcmplt; 819 break; 820 821 case BIOCSHDRCMPLT: /* set "header already complete" flag */ 822 d->bd_hdrcmplt = *(u_int *)addr ? 1 : 0; 823 break; 824 825 case BIOCLOCK: /* set "locked" flag (no reset) */ 826 d->bd_locked = 1; 827 break; 828 829 case BIOCGFILDROP: /* get "filter-drop" flag */ 830 *(u_int *)addr = d->bd_fildrop; 831 break; 832 833 case BIOCSFILDROP: /* set "filter-drop" flag */ 834 d->bd_fildrop = *(u_int *)addr ? 1 : 0; 835 break; 836 837 case BIOCGDIRFILT: /* get direction filter */ 838 *(u_int *)addr = d->bd_dirfilt; 839 break; 840 841 case BIOCSDIRFILT: /* set direction filter */ 842 d->bd_dirfilt = (*(u_int *)addr) & 843 (BPF_DIRECTION_IN|BPF_DIRECTION_OUT); 844 break; 845 846 case FIONBIO: /* Non-blocking I/O */ 847 if (*(int *)addr) 848 d->bd_rtout = -1; 849 else 850 d->bd_rtout = 0; 851 break; 852 853 case FIOASYNC: /* Send signal on receive packets */ 854 d->bd_async = *(int *)addr; 855 break; 856 857 /* 858 * N.B. ioctl (FIOSETOWN) and fcntl (F_SETOWN) both end up doing 859 * the equivalent of a TIOCSPGRP and hence end up here. *However* 860 * TIOCSPGRP's arg is a process group if it's positive and a process 861 * id if it's negative. This is exactly the opposite of what the 862 * other two functions want! Therefore there is code in ioctl and 863 * fcntl to negate the arg before calling here. 864 */ 865 case TIOCSPGRP: /* Process or group to send signals to */ 866 d->bd_pgid = *(int *)addr; 867 d->bd_siguid = p->p_ucred->cr_ruid; 868 d->bd_sigeuid = p->p_ucred->cr_uid; 869 break; 870 871 case TIOCGPGRP: 872 *(int *)addr = d->bd_pgid; 873 break; 874 875 case BIOCSRSIG: /* Set receive signal */ 876 { 877 u_int sig; 878 879 sig = *(u_int *)addr; 880 881 if (sig >= NSIG) 882 error = EINVAL; 883 else 884 d->bd_sig = sig; 885 break; 886 } 887 case BIOCGRSIG: 888 *(u_int *)addr = d->bd_sig; 889 break; 890 } 891 return (error); 892 } 893 894 /* 895 * Set d's packet filter program to fp. If this file already has a filter, 896 * free it and replace it. Returns EINVAL for bogus requests. 897 */ 898 int 899 bpf_setf(struct bpf_d *d, struct bpf_program *fp, int wf) 900 { 901 struct bpf_insn *fcode, *old; 902 u_int flen, size; 903 int s; 904 905 old = wf ? d->bd_wfilter : d->bd_rfilter; 906 if (fp->bf_insns == 0) { 907 if (fp->bf_len != 0) 908 return (EINVAL); 909 s = splnet(); 910 if (wf) 911 d->bd_wfilter = NULL; 912 else 913 d->bd_rfilter = NULL; 914 bpf_reset_d(d); 915 splx(s); 916 free(old, M_DEVBUF, 0); 917 return (0); 918 } 919 flen = fp->bf_len; 920 if (flen > BPF_MAXINSNS) 921 return (EINVAL); 922 923 size = flen * sizeof(*fp->bf_insns); 924 fcode = (struct bpf_insn *)malloc(size, M_DEVBUF, M_WAITOK); 925 if (copyin((caddr_t)fp->bf_insns, (caddr_t)fcode, size) == 0 && 926 bpf_validate(fcode, (int)flen)) { 927 s = splnet(); 928 if (wf) 929 d->bd_wfilter = fcode; 930 else 931 d->bd_rfilter = fcode; 932 bpf_reset_d(d); 933 splx(s); 934 free(old, M_DEVBUF, 0); 935 936 return (0); 937 } 938 free(fcode, M_DEVBUF, 0); 939 return (EINVAL); 940 } 941 942 /* 943 * Detach a file from its current interface (if attached at all) and attach 944 * to the interface indicated by the name stored in ifr. 945 * Return an errno or 0. 946 */ 947 int 948 bpf_setif(struct bpf_d *d, struct ifreq *ifr) 949 { 950 struct bpf_if *bp, *candidate = NULL; 951 int s; 952 953 /* 954 * Look through attached interfaces for the named one. 955 */ 956 for (bp = bpf_iflist; bp != NULL; bp = bp->bif_next) { 957 struct ifnet *ifp = bp->bif_ifp; 958 959 if (ifp == NULL || 960 strcmp(ifp->if_xname, ifr->ifr_name) != 0) 961 continue; 962 963 if (candidate == NULL || candidate->bif_dlt > bp->bif_dlt) 964 candidate = bp; 965 } 966 967 if (candidate != NULL) { 968 /* 969 * Allocate the packet buffers if we need to. 970 * If we're already attached to requested interface, 971 * just flush the buffer. 972 */ 973 if (d->bd_sbuf == NULL) 974 bpf_allocbufs(d); 975 s = splnet(); 976 if (candidate != d->bd_bif) { 977 if (d->bd_bif) 978 /* 979 * Detach if attached to something else. 980 */ 981 bpf_detachd(d); 982 983 bpf_attachd(d, candidate); 984 } 985 bpf_reset_d(d); 986 splx(s); 987 return (0); 988 } 989 /* Not found. */ 990 return (ENXIO); 991 } 992 993 /* 994 * Copy the interface name to the ifreq. 995 */ 996 void 997 bpf_ifname(struct ifnet *ifp, struct ifreq *ifr) 998 { 999 bcopy(ifp->if_xname, ifr->ifr_name, IFNAMSIZ); 1000 } 1001 1002 /* 1003 * Support for poll() system call 1004 */ 1005 int 1006 bpfpoll(dev_t dev, int events, struct proc *p) 1007 { 1008 struct bpf_d *d; 1009 int s, revents; 1010 1011 /* 1012 * An imitation of the FIONREAD ioctl code. 1013 */ 1014 d = bpfilter_lookup(minor(dev)); 1015 1016 /* 1017 * XXX The USB stack manages it to trigger some race condition 1018 * which causes bpfilter_lookup to return NULL when a USB device 1019 * gets detached while it is up and has an open bpf handler (e.g. 1020 * dhclient). We still should recheck if we can fix the root 1021 * cause of this issue. 1022 */ 1023 if (d == NULL) 1024 return (POLLERR); 1025 1026 /* Always ready to write data */ 1027 revents = events & (POLLOUT | POLLWRNORM); 1028 1029 if (events & (POLLIN | POLLRDNORM)) { 1030 s = splnet(); 1031 if (d->bd_hlen != 0 || (d->bd_immediate && d->bd_slen != 0)) 1032 revents |= events & (POLLIN | POLLRDNORM); 1033 else { 1034 /* 1035 * if there's a timeout, mark the time we 1036 * started waiting. 1037 */ 1038 if (d->bd_rtout != -1 && d->bd_rdStart == 0) 1039 d->bd_rdStart = ticks; 1040 selrecord(p, &d->bd_sel); 1041 } 1042 splx(s); 1043 } 1044 return (revents); 1045 } 1046 1047 struct filterops bpfread_filtops = 1048 { 1, NULL, filt_bpfrdetach, filt_bpfread }; 1049 1050 int 1051 bpfkqfilter(dev_t dev, struct knote *kn) 1052 { 1053 struct bpf_d *d; 1054 struct klist *klist; 1055 int s; 1056 1057 d = bpfilter_lookup(minor(dev)); 1058 switch (kn->kn_filter) { 1059 case EVFILT_READ: 1060 klist = &d->bd_sel.si_note; 1061 kn->kn_fop = &bpfread_filtops; 1062 break; 1063 default: 1064 return (EINVAL); 1065 } 1066 1067 kn->kn_hook = (caddr_t)((u_long)dev); 1068 1069 s = splnet(); 1070 D_GET(d); 1071 SLIST_INSERT_HEAD(klist, kn, kn_selnext); 1072 splx(s); 1073 1074 return (0); 1075 } 1076 1077 void 1078 filt_bpfrdetach(struct knote *kn) 1079 { 1080 dev_t dev = (dev_t)((u_long)kn->kn_hook); 1081 struct bpf_d *d; 1082 int s; 1083 1084 d = bpfilter_lookup(minor(dev)); 1085 s = splnet(); 1086 SLIST_REMOVE(&d->bd_sel.si_note, kn, knote, kn_selnext); 1087 D_PUT(d); 1088 splx(s); 1089 } 1090 1091 int 1092 filt_bpfread(struct knote *kn, long hint) 1093 { 1094 dev_t dev = (dev_t)((u_long)kn->kn_hook); 1095 struct bpf_d *d; 1096 1097 d = bpfilter_lookup(minor(dev)); 1098 kn->kn_data = d->bd_hlen; 1099 if (d->bd_immediate) 1100 kn->kn_data += d->bd_slen; 1101 return (kn->kn_data > 0); 1102 } 1103 1104 /* 1105 * Incoming linkage from device drivers. Process the packet pkt, of length 1106 * pktlen, which is stored in a contiguous buffer. The packet is parsed 1107 * by each process' filter, and if accepted, stashed into the corresponding 1108 * buffer. 1109 */ 1110 int 1111 bpf_tap(caddr_t arg, u_char *pkt, u_int pktlen, u_int direction) 1112 { 1113 struct bpf_if *bp; 1114 struct bpf_d *d; 1115 size_t slen; 1116 struct timeval tv; 1117 int drop = 0, gottime = 0; 1118 1119 /* 1120 * Note that the ipl does not have to be raised at this point. 1121 * The only problem that could arise here is that if two different 1122 * interfaces shared any data. This is not the case. 1123 */ 1124 bp = (struct bpf_if *)arg; 1125 for (d = bp->bif_dlist; d != NULL; d = d->bd_next) { 1126 ++d->bd_rcount; 1127 if ((direction & d->bd_dirfilt) != 0) 1128 slen = 0; 1129 else 1130 slen = bpf_filter(d->bd_rfilter, pkt, pktlen, pktlen); 1131 if (slen != 0) { 1132 if (!gottime++) 1133 microtime(&tv); 1134 bpf_catchpacket(d, pkt, pktlen, slen, bcopy, &tv); 1135 if (d->bd_fildrop) 1136 drop++; 1137 } 1138 } 1139 1140 return (drop); 1141 } 1142 1143 /* 1144 * Copy data from an mbuf chain into a buffer. This code is derived 1145 * from m_copydata in sys/uipc_mbuf.c. 1146 */ 1147 void 1148 bpf_mcopy(const void *src_arg, void *dst_arg, size_t len) 1149 { 1150 const struct mbuf *m; 1151 u_int count; 1152 u_char *dst; 1153 1154 m = src_arg; 1155 dst = dst_arg; 1156 while (len > 0) { 1157 if (m == 0) 1158 panic("bpf_mcopy"); 1159 count = min(m->m_len, len); 1160 bcopy(mtod(m, caddr_t), (caddr_t)dst, count); 1161 m = m->m_next; 1162 dst += count; 1163 len -= count; 1164 } 1165 } 1166 1167 /* 1168 * Copy an ethernet frame from an mbuf chain into a buffer, strip the 1169 * vlan header bits 1170 */ 1171 void 1172 bpf_mcopy_stripvlan(const void *src_arg, void *dst_arg, size_t len) 1173 { 1174 #if NVLAN > 0 1175 const struct mbuf *m; 1176 u_int count, copied = 0, hdrdone = 0; 1177 u_char *dst; 1178 struct ether_vlan_header *evh; 1179 1180 m = src_arg; 1181 dst = dst_arg; 1182 evh = dst_arg; 1183 while (len > 0) { 1184 if (m == 0) 1185 panic("bpf_mcopy_stripvlan"); 1186 count = min(m->m_len, len); 1187 bcopy(mtod(m, caddr_t), (caddr_t)dst, count); 1188 m = m->m_next; 1189 dst += count; 1190 len -= count; 1191 copied += count; 1192 if (!hdrdone && copied >= sizeof(struct ether_vlan_header) && 1193 (ntohs(evh->evl_encap_proto) == ETHERTYPE_VLAN || 1194 ntohs(evh->evl_encap_proto) == ETHERTYPE_QINQ)) { 1195 /* move up by 4 bytes, overwrite encap_proto + tag */ 1196 memmove(&evh->evl_encap_proto, &evh->evl_proto, copied - 1197 offsetof(struct ether_vlan_header, evl_proto)); 1198 dst -= (offsetof(struct ether_vlan_header, evl_proto) - 1199 offsetof(struct ether_vlan_header, 1200 evl_encap_proto)); /* long expression for "4" */ 1201 hdrdone = 1; 1202 } 1203 } 1204 #endif 1205 } 1206 1207 /* 1208 * like bpf_mtap, but copy fn can be given. used by various bpf_mtap* 1209 */ 1210 void 1211 _bpf_mtap(caddr_t arg, struct mbuf *m, u_int direction, 1212 void (*cpfn)(const void *, void *, size_t)) 1213 { 1214 struct bpf_if *bp = (struct bpf_if *)arg; 1215 struct bpf_d *d; 1216 size_t pktlen, slen; 1217 struct mbuf *m0; 1218 struct timeval tv; 1219 int gottime = 0; 1220 1221 if (m == NULL) 1222 return; 1223 1224 if (cpfn == NULL) 1225 cpfn = bpf_mcopy; 1226 1227 pktlen = 0; 1228 for (m0 = m; m0 != NULL; m0 = m0->m_next) 1229 pktlen += m0->m_len; 1230 1231 for (d = bp->bif_dlist; d != NULL; d = d->bd_next) { 1232 ++d->bd_rcount; 1233 if ((direction & d->bd_dirfilt) != 0) 1234 slen = 0; 1235 else 1236 slen = bpf_filter(d->bd_rfilter, (u_char *)m, 1237 pktlen, 0); 1238 1239 if (slen == 0) 1240 continue; 1241 1242 if (!gottime++) 1243 microtime(&tv); 1244 bpf_catchpacket(d, (u_char *)m, pktlen, slen, cpfn, &tv); 1245 if (d->bd_fildrop) 1246 m->m_flags |= M_FILDROP; 1247 } 1248 } 1249 1250 /* 1251 * Incoming linkage from device drivers, when packet is in an mbuf chain. 1252 */ 1253 void 1254 bpf_mtap(caddr_t arg, struct mbuf *m, u_int direction) 1255 { 1256 _bpf_mtap(arg, m, direction, NULL); 1257 } 1258 1259 /* like bpf_mtap, but strip the vlan header, leave regular ethernet hdr */ 1260 void 1261 bpf_mtap_stripvlan(caddr_t arg, struct mbuf *m, u_int direction) 1262 { 1263 _bpf_mtap(arg, m, direction, bpf_mcopy_stripvlan); 1264 } 1265 1266 /* 1267 * Incoming linkage from device drivers, where we have a mbuf chain 1268 * but need to prepend some arbitrary header from a linear buffer. 1269 * 1270 * Con up a minimal dummy header to pacify bpf. Allocate (only) a 1271 * struct m_hdr on the stack. This is safe as bpf only reads from the 1272 * fields in this header that we initialize, and will not try to free 1273 * it or keep a pointer to it. 1274 */ 1275 void 1276 bpf_mtap_hdr(caddr_t arg, caddr_t data, u_int dlen, struct mbuf *m, 1277 u_int direction, void (*cpfn)(const void *, void *, size_t)) 1278 { 1279 struct m_hdr mh; 1280 struct mbuf *m0; 1281 1282 if (dlen > 0) { 1283 mh.mh_flags = 0; 1284 mh.mh_next = m; 1285 mh.mh_len = dlen; 1286 mh.mh_data = data; 1287 m0 = (struct mbuf *)&mh; 1288 } else 1289 m0 = m; 1290 1291 _bpf_mtap(arg, m0, direction, cpfn); 1292 if (m0 != m) 1293 m->m_flags |= m0->m_flags & M_FILDROP; 1294 } 1295 1296 /* 1297 * Incoming linkage from device drivers, where we have a mbuf chain 1298 * but need to prepend the address family. 1299 * 1300 * Con up a minimal dummy header to pacify bpf. We allocate (only) a 1301 * struct m_hdr on the stack. This is safe as bpf only reads from the 1302 * fields in this header that we initialize, and will not try to free 1303 * it or keep a pointer to it. 1304 */ 1305 void 1306 bpf_mtap_af(caddr_t arg, u_int32_t af, struct mbuf *m, u_int direction) 1307 { 1308 u_int32_t afh; 1309 1310 afh = htonl(af); 1311 bpf_mtap_hdr(arg, (caddr_t)&afh, sizeof(afh), m, direction, NULL); 1312 } 1313 1314 /* 1315 * Incoming linkage from device drivers, where we have a mbuf chain 1316 * but need to prepend a VLAN encapsulation header. 1317 * 1318 * Con up a minimal dummy header to pacify bpf. Allocate (only) a 1319 * struct m_hdr on the stack. This is safe as bpf only reads from the 1320 * fields in this header that we initialize, and will not try to free 1321 * it or keep a pointer to it. 1322 */ 1323 void 1324 bpf_mtap_ether(caddr_t arg, struct mbuf *m, u_int direction) 1325 { 1326 #if NVLAN > 0 1327 struct ether_vlan_header evh; 1328 1329 if ((m->m_flags & M_VLANTAG) == 0) 1330 #endif 1331 { 1332 bpf_mtap(arg, m, direction); 1333 return; 1334 } 1335 1336 #if NVLAN > 0 1337 bcopy(mtod(m, char *), &evh, ETHER_HDR_LEN); 1338 evh.evl_proto = evh.evl_encap_proto; 1339 evh.evl_encap_proto = htons(ETHERTYPE_VLAN); 1340 evh.evl_tag = htons(m->m_pkthdr.ether_vtag); 1341 m->m_len -= ETHER_HDR_LEN; 1342 m->m_data += ETHER_HDR_LEN; 1343 1344 bpf_mtap_hdr(arg, (caddr_t)&evh, sizeof(evh), m, direction, NULL); 1345 1346 m->m_len += ETHER_HDR_LEN; 1347 m->m_data -= ETHER_HDR_LEN; 1348 #endif 1349 } 1350 1351 /* 1352 * Move the packet data from interface memory (pkt) into the 1353 * store buffer. Return 1 if it's time to wakeup a listener (buffer full), 1354 * otherwise 0. "copy" is the routine called to do the actual data 1355 * transfer. bcopy is passed in to copy contiguous chunks, while 1356 * bpf_mcopy is passed in to copy mbuf chains. In the latter case, 1357 * pkt is really an mbuf. 1358 */ 1359 void 1360 bpf_catchpacket(struct bpf_d *d, u_char *pkt, size_t pktlen, size_t snaplen, 1361 void (*cpfn)(const void *, void *, size_t), struct timeval *tv) 1362 { 1363 struct bpf_hdr *hp; 1364 int totlen, curlen; 1365 int hdrlen = d->bd_bif->bif_hdrlen; 1366 1367 /* 1368 * Figure out how many bytes to move. If the packet is 1369 * greater or equal to the snapshot length, transfer that 1370 * much. Otherwise, transfer the whole packet (unless 1371 * we hit the buffer size limit). 1372 */ 1373 totlen = hdrlen + min(snaplen, pktlen); 1374 if (totlen > d->bd_bufsize) 1375 totlen = d->bd_bufsize; 1376 1377 /* 1378 * Round up the end of the previous packet to the next longword. 1379 */ 1380 curlen = BPF_WORDALIGN(d->bd_slen); 1381 if (curlen + totlen > d->bd_bufsize) { 1382 /* 1383 * This packet will overflow the storage buffer. 1384 * Rotate the buffers if we can, then wakeup any 1385 * pending reads. 1386 */ 1387 if (d->bd_fbuf == NULL) { 1388 /* 1389 * We haven't completed the previous read yet, 1390 * so drop the packet. 1391 */ 1392 ++d->bd_dcount; 1393 return; 1394 } 1395 ROTATE_BUFFERS(d); 1396 bpf_wakeup(d); 1397 curlen = 0; 1398 } 1399 1400 /* 1401 * Append the bpf header. 1402 */ 1403 hp = (struct bpf_hdr *)(d->bd_sbuf + curlen); 1404 hp->bh_tstamp.tv_sec = tv->tv_sec; 1405 hp->bh_tstamp.tv_usec = tv->tv_usec; 1406 hp->bh_datalen = pktlen; 1407 hp->bh_hdrlen = hdrlen; 1408 /* 1409 * Copy the packet data into the store buffer and update its length. 1410 */ 1411 (*cpfn)(pkt, (u_char *)hp + hdrlen, (hp->bh_caplen = totlen - hdrlen)); 1412 d->bd_slen = curlen + totlen; 1413 1414 if (d->bd_immediate) { 1415 /* 1416 * Immediate mode is set. A packet arrived so any 1417 * reads should be woken up. 1418 */ 1419 bpf_wakeup(d); 1420 } 1421 1422 if (d->bd_rdStart && (d->bd_rtout + d->bd_rdStart < ticks)) { 1423 /* 1424 * we could be selecting on the bpf, and we 1425 * may have timeouts set. We got here by getting 1426 * a packet, so wake up the reader. 1427 */ 1428 if (d->bd_fbuf) { 1429 d->bd_rdStart = 0; 1430 ROTATE_BUFFERS(d); 1431 bpf_wakeup(d); 1432 } 1433 } 1434 } 1435 1436 /* 1437 * Initialize all nonzero fields of a descriptor. 1438 */ 1439 void 1440 bpf_allocbufs(struct bpf_d *d) 1441 { 1442 d->bd_fbuf = malloc(d->bd_bufsize, M_DEVBUF, M_WAITOK); 1443 d->bd_sbuf = malloc(d->bd_bufsize, M_DEVBUF, M_WAITOK); 1444 d->bd_slen = 0; 1445 d->bd_hlen = 0; 1446 } 1447 1448 /* 1449 * Free buffers currently in use by a descriptor 1450 * when the reference count drops to zero. 1451 */ 1452 void 1453 bpf_freed(struct bpf_d *d) 1454 { 1455 if (--d->bd_ref > 0) 1456 return; 1457 1458 free(d->bd_sbuf, M_DEVBUF, 0); 1459 free(d->bd_hbuf, M_DEVBUF, 0); 1460 free(d->bd_fbuf, M_DEVBUF, 0); 1461 free(d->bd_rfilter, M_DEVBUF, 0); 1462 free(d->bd_wfilter, M_DEVBUF, 0); 1463 1464 bpfilter_destroy(d); 1465 } 1466 1467 /* 1468 * Attach an interface to bpf. driverp is a pointer to a (struct bpf_if *) 1469 * in the driver's softc; dlt is the link layer type; hdrlen is the fixed 1470 * size of the link header (variable length headers not yet supported). 1471 */ 1472 void 1473 bpfattach(caddr_t *driverp, struct ifnet *ifp, u_int dlt, u_int hdrlen) 1474 { 1475 struct bpf_if *bp; 1476 1477 if ((bp = malloc(sizeof(*bp), M_DEVBUF, M_NOWAIT)) == NULL) 1478 panic("bpfattach"); 1479 bp->bif_dlist = 0; 1480 bp->bif_driverp = (struct bpf_if **)driverp; 1481 bp->bif_ifp = ifp; 1482 bp->bif_dlt = dlt; 1483 1484 bp->bif_next = bpf_iflist; 1485 bpf_iflist = bp; 1486 1487 *bp->bif_driverp = NULL; 1488 1489 /* 1490 * Compute the length of the bpf header. This is not necessarily 1491 * equal to SIZEOF_BPF_HDR because we want to insert spacing such 1492 * that the network layer header begins on a longword boundary (for 1493 * performance reasons and to alleviate alignment restrictions). 1494 */ 1495 bp->bif_hdrlen = BPF_WORDALIGN(hdrlen + SIZEOF_BPF_HDR) - hdrlen; 1496 } 1497 1498 /* Detach an interface from its attached bpf device. */ 1499 void 1500 bpfdetach(struct ifnet *ifp) 1501 { 1502 struct bpf_if *bp, *nbp, **pbp = &bpf_iflist; 1503 struct bpf_d *bd; 1504 int maj; 1505 1506 for (bp = bpf_iflist; bp; bp = nbp) { 1507 nbp= bp->bif_next; 1508 if (bp->bif_ifp == ifp) { 1509 *pbp = nbp; 1510 1511 /* Locate the major number. */ 1512 for (maj = 0; maj < nchrdev; maj++) 1513 if (cdevsw[maj].d_open == bpfopen) 1514 break; 1515 1516 for (bd = bp->bif_dlist; bd; bd = bp->bif_dlist) { 1517 struct bpf_d *d; 1518 1519 /* 1520 * Locate the minor number and nuke the vnode 1521 * for any open instance. 1522 */ 1523 LIST_FOREACH(d, &bpf_d_list, bd_list) 1524 if (d == bd) { 1525 vdevgone(maj, d->bd_unit, 1526 d->bd_unit, VCHR); 1527 break; 1528 } 1529 } 1530 1531 free(bp, M_DEVBUF, 0); 1532 } else 1533 pbp = &bp->bif_next; 1534 } 1535 ifp->if_bpf = NULL; 1536 } 1537 1538 int 1539 bpf_sysctl(int *name, u_int namelen, void *oldp, size_t *oldlenp, void *newp, 1540 size_t newlen) 1541 { 1542 int newval; 1543 int error; 1544 1545 if (namelen != 1) 1546 return (ENOTDIR); 1547 1548 switch (name[0]) { 1549 case NET_BPF_BUFSIZE: 1550 newval = bpf_bufsize; 1551 error = sysctl_int(oldp, oldlenp, newp, newlen, &newval); 1552 if (error) 1553 return (error); 1554 if (newval < BPF_MINBUFSIZE || newval > bpf_maxbufsize) 1555 return (EINVAL); 1556 bpf_bufsize = newval; 1557 break; 1558 case NET_BPF_MAXBUFSIZE: 1559 newval = bpf_maxbufsize; 1560 error = sysctl_int(oldp, oldlenp, newp, newlen, &newval); 1561 if (error) 1562 return (error); 1563 if (newval < BPF_MINBUFSIZE) 1564 return (EINVAL); 1565 bpf_maxbufsize = newval; 1566 break; 1567 default: 1568 return (EOPNOTSUPP); 1569 } 1570 return (0); 1571 } 1572 1573 struct bpf_d * 1574 bpfilter_lookup(int unit) 1575 { 1576 struct bpf_d *bd; 1577 1578 LIST_FOREACH(bd, &bpf_d_list, bd_list) 1579 if (bd->bd_unit == unit) 1580 return (bd); 1581 return (NULL); 1582 } 1583 1584 struct bpf_d * 1585 bpfilter_create(int unit) 1586 { 1587 struct bpf_d *bd; 1588 1589 if ((bd = bpfilter_lookup(unit)) != NULL) 1590 return (NULL); 1591 if ((bd = malloc(sizeof(*bd), M_DEVBUF, M_NOWAIT|M_ZERO)) != NULL) { 1592 bd->bd_unit = unit; 1593 LIST_INSERT_HEAD(&bpf_d_list, bd, bd_list); 1594 } 1595 return (bd); 1596 } 1597 1598 void 1599 bpfilter_destroy(struct bpf_d *bd) 1600 { 1601 LIST_REMOVE(bd, bd_list); 1602 free(bd, M_DEVBUF, 0); 1603 } 1604 1605 /* 1606 * Get a list of available data link type of the interface. 1607 */ 1608 int 1609 bpf_getdltlist(struct bpf_d *d, struct bpf_dltlist *bfl) 1610 { 1611 int n, error; 1612 struct ifnet *ifp; 1613 struct bpf_if *bp; 1614 1615 ifp = d->bd_bif->bif_ifp; 1616 n = 0; 1617 error = 0; 1618 for (bp = bpf_iflist; bp != NULL; bp = bp->bif_next) { 1619 if (bp->bif_ifp != ifp) 1620 continue; 1621 if (bfl->bfl_list != NULL) { 1622 if (n >= bfl->bfl_len) 1623 return (ENOMEM); 1624 error = copyout(&bp->bif_dlt, 1625 bfl->bfl_list + n, sizeof(u_int)); 1626 if (error) 1627 break; 1628 } 1629 n++; 1630 } 1631 1632 bfl->bfl_len = n; 1633 return (error); 1634 } 1635 1636 /* 1637 * Set the data link type of a BPF instance. 1638 */ 1639 int 1640 bpf_setdlt(struct bpf_d *d, u_int dlt) 1641 { 1642 int s; 1643 struct ifnet *ifp; 1644 struct bpf_if *bp; 1645 1646 if (d->bd_bif->bif_dlt == dlt) 1647 return (0); 1648 ifp = d->bd_bif->bif_ifp; 1649 for (bp = bpf_iflist; bp != NULL; bp = bp->bif_next) { 1650 if (bp->bif_ifp == ifp && bp->bif_dlt == dlt) 1651 break; 1652 } 1653 if (bp == NULL) 1654 return (EINVAL); 1655 s = splnet(); 1656 bpf_detachd(d); 1657 bpf_attachd(d, bp); 1658 bpf_reset_d(d); 1659 splx(s); 1660 return (0); 1661 } 1662