2 * Copyright (c) 1990, 1991, 1993
3 * The Regents of the University of California. All rights reserved.
5 * This code is derived from the Stanford/CMU enet packet filter,
6 * (net/enet.c) distributed as part of 4.3BSD, and code contributed
7 * to Berkeley by Steven McCanne and Van Jacobson both of Lawrence
10 * Redistribution and use in source and binary forms, with or without
11 * modification, are permitted provided that the following conditions
13 * 1. Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer.
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in the
17 * documentation and/or other materials provided with the distribution.
18 * 3. All advertising materials mentioning features or use of this software
19 * must display the following acknowledgement:
20 * This product includes software developed by the University of
21 * California, Berkeley and its contributors.
22 * 4. Neither the name of the University nor the names of its contributors
23 * may be used to endorse or promote products derived from this software
24 * without specific prior written permission.
26 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
27 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
28 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
29 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
30 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
31 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
34 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
35 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
38 * @(#)bpf.c 8.2 (Berkeley) 3/28/94
40 * $FreeBSD: src/sys/net/bpf.c,v 1.59.2.12 2002/04/14 21:41:48 luigi Exp $
41 * $DragonFly: src/sys/net/bpf.c,v 1.40 2007/02/12 15:02:33 sephe Exp $
46 #include <sys/param.h>
47 #include <sys/systm.h>
49 #include <sys/device.h>
50 #include <sys/malloc.h>
54 #include <sys/signalvar.h>
55 #include <sys/filio.h>
56 #include <sys/sockio.h>
57 #include <sys/ttycom.h>
58 #include <sys/filedesc.h>
62 #include <sys/socket.h>
63 #include <sys/vnode.h>
65 #include <sys/thread2.h>
69 #include <net/bpfdesc.h>
71 #include <netinet/in.h>
72 #include <netinet/if_ether.h>
73 #include <sys/kernel.h>
74 #include <sys/sysctl.h>
76 MALLOC_DEFINE(M_BPF, "BPF", "BPF data");
81 * The default read buffer size is patchable.
83 static int bpf_bufsize = BPF_DEFAULTBUFSIZE;
84 SYSCTL_INT(_debug, OID_AUTO, bpf_bufsize, CTLFLAG_RW,
86 static int bpf_maxbufsize = BPF_MAXBUFSIZE;
87 SYSCTL_INT(_debug, OID_AUTO, bpf_maxbufsize, CTLFLAG_RW,
88 &bpf_maxbufsize, 0, "");
91 * bpf_iflist is the list of interfaces; each corresponds to an ifnet
93 static struct bpf_if *bpf_iflist;
95 static int bpf_allocbufs(struct bpf_d *);
96 static void bpf_attachd(struct bpf_d *d, struct bpf_if *bp);
97 static void bpf_detachd(struct bpf_d *d);
98 static void bpf_resetd(struct bpf_d *);
99 static void bpf_freed(struct bpf_d *);
100 static void bpf_mcopy(const void *, void *, size_t);
101 static int bpf_movein(struct uio *, int, struct mbuf **,
102 struct sockaddr *, int *);
103 static int bpf_setif(struct bpf_d *, struct ifreq *);
104 static void bpf_timed_out(void *);
105 static void bpf_wakeup(struct bpf_d *);
106 static void catchpacket(struct bpf_d *, u_char *, u_int, u_int,
107 void (*)(const void *, void *, size_t),
108 const struct timeval *);
109 static int bpf_setf(struct bpf_d *, struct bpf_program *);
110 static int bpf_getdltlist(struct bpf_d *, struct bpf_dltlist *);
111 static int bpf_setdlt(struct bpf_d *, u_int);
112 static void bpf_drvinit(void *unused);
114 static d_open_t bpfopen;
115 static d_close_t bpfclose;
116 static d_read_t bpfread;
117 static d_write_t bpfwrite;
118 static d_ioctl_t bpfioctl;
119 static d_poll_t bpfpoll;
121 #define CDEV_MAJOR 23
122 static struct dev_ops bpf_ops = {
123 { "bpf", CDEV_MAJOR, 0 },
134 bpf_movein(struct uio *uio, int linktype, struct mbuf **mp,
135 struct sockaddr *sockp, int *datlen)
143 * Build a sockaddr based on the data link layer type.
144 * We do this at this level because the ethernet header
145 * is copied directly into the data field of the sockaddr.
146 * In the case of SLIP, there is no header and the packet
147 * is forwarded as is.
148 * Also, we are careful to leave room at the front of the mbuf
149 * for the link level header.
153 sockp->sa_family = AF_INET;
158 sockp->sa_family = AF_UNSPEC;
159 /* XXX Would MAXLINKHDR be better? */
160 hlen = sizeof(struct ether_header);
164 sockp->sa_family = AF_IMPLINK;
170 sockp->sa_family = AF_UNSPEC;
174 case DLT_ATM_RFC1483:
176 * en atm driver requires 4-byte atm pseudo header.
177 * though it isn't standard, vpi:vci needs to be
180 sockp->sa_family = AF_UNSPEC;
181 hlen = 12; /* XXX 4(ATM_PH) + 3(LLC) + 5(SNAP) */
185 sockp->sa_family = AF_UNSPEC;
186 hlen = 4; /* This should match PPP_HDRLEN */
193 len = uio->uio_resid;
194 *datlen = len - hlen;
195 if ((unsigned)len > MCLBYTES)
198 m = m_getl(len, MB_WAIT, MT_DATA, M_PKTHDR, NULL);
201 m->m_pkthdr.len = m->m_len = len;
202 m->m_pkthdr.rcvif = NULL;
205 * Make room for link header.
208 m->m_pkthdr.len -= hlen;
210 m->m_data += hlen; /* XXX */
211 error = uiomove(sockp->sa_data, hlen, uio);
215 error = uiomove(mtod(m, caddr_t), len - hlen, uio);
224 * Attach file to the bpf interface, i.e. make d listen on bp.
225 * Must be called at splimp.
228 bpf_attachd(struct bpf_d *d, struct bpf_if *bp)
231 * Point d at bp, and add d to the interface's list of listeners.
232 * Finally, point the driver's bpf cookie at the interface so
233 * it will divert packets to bpf.
236 SLIST_INSERT_HEAD(&bp->bif_dlist, d, bd_next);
237 *bp->bif_driverp = bp;
241 * Detach a file from its interface.
244 bpf_detachd(struct bpf_d *d)
253 /* Remove d from the interface's descriptor list. */
254 SLIST_REMOVE(&bp->bif_dlist, d, bpf_d, bd_next);
256 if (SLIST_EMPTY(&bp->bif_dlist)) {
258 * Let the driver know that there are no more listeners.
260 *bp->bif_driverp = NULL;
264 * Check if this descriptor had requested promiscuous mode.
265 * If so, turn it off.
269 error = ifpromisc(ifp, 0);
270 if (error != 0 && error != ENXIO) {
272 * ENXIO can happen if a pccard is unplugged,
273 * Something is really wrong if we were able to put
274 * the driver into promiscuous mode, but can't
277 if_printf(ifp, "bpf_detach: ifpromisc failed(%d)\n",
284 * Open ethernet device. Returns ENXIO for illegal minor device number,
285 * EBUSY if file is open by another process.
289 bpfopen(struct dev_open_args *ap)
291 cdev_t dev = ap->a_head.a_dev;
294 if (ap->a_cred->cr_prison)
299 * Each minor can be opened by only one process. If the requested
300 * minor is in use, return EBUSY.
304 make_dev(&bpf_ops, minor(dev), 0, 0, 0600, "bpf%d", lminor(dev));
305 MALLOC(d, struct bpf_d *, sizeof *d, M_BPF, M_WAITOK | M_ZERO);
307 d->bd_bufsize = bpf_bufsize;
310 callout_init(&d->bd_callout);
315 * Close the descriptor by detaching it from its interface,
316 * deallocating its buffers, and marking it free.
320 bpfclose(struct dev_close_args *ap)
322 cdev_t dev = ap->a_head.a_dev;
323 struct bpf_d *d = dev->si_drv1;
325 funsetown(d->bd_sigio);
327 if (d->bd_state == BPF_WAITING)
328 callout_stop(&d->bd_callout);
329 d->bd_state = BPF_IDLE;
330 if (d->bd_bif != NULL)
341 * Rotate the packet buffers in descriptor d. Move the store buffer
342 * into the hold slot, and the free buffer into the store slot.
343 * Zero the length of the new store buffer.
345 #define ROTATE_BUFFERS(d) \
346 (d)->bd_hbuf = (d)->bd_sbuf; \
347 (d)->bd_hlen = (d)->bd_slen; \
348 (d)->bd_sbuf = (d)->bd_fbuf; \
352 * bpfread - read next chunk of packets from buffers
355 bpfread(struct dev_read_args *ap)
357 cdev_t dev = ap->a_head.a_dev;
358 struct bpf_d *d = dev->si_drv1;
363 * Restrict application to use a buffer the same size as
366 if (ap->a_uio->uio_resid != d->bd_bufsize)
370 if (d->bd_state == BPF_WAITING)
371 callout_stop(&d->bd_callout);
372 timed_out = (d->bd_state == BPF_TIMED_OUT);
373 d->bd_state = BPF_IDLE;
375 * If the hold buffer is empty, then do a timed sleep, which
376 * ends when the timeout expires or when enough packets
377 * have arrived to fill the store buffer.
379 while (d->bd_hbuf == NULL) {
380 if ((d->bd_immediate || timed_out) && d->bd_slen != 0) {
382 * A packet(s) either arrived since the previous
383 * read or arrived while we were asleep.
384 * Rotate the buffers and return what's here.
391 * No data is available, check to see if the bpf device
392 * is still pointed at a real interface. If not, return
393 * ENXIO so that the userland process knows to rebind
394 * it before using it again.
396 if (d->bd_bif == NULL) {
401 if (ap->a_ioflag & IO_NDELAY) {
405 error = tsleep(d, PCATCH, "bpf", d->bd_rtout);
406 if (error == EINTR || error == ERESTART) {
410 if (error == EWOULDBLOCK) {
412 * On a timeout, return what's in the buffer,
413 * which may be nothing. If there is something
414 * in the store buffer, we can rotate the buffers.
418 * We filled up the buffer in between
419 * getting the timeout and arriving
420 * here, so we don't need to rotate.
424 if (d->bd_slen == 0) {
433 * At this point, we know we have something in the hold slot.
438 * Move data from hold buffer into user space.
439 * We know the entire buffer is transferred since
440 * we checked above that the read buffer is bpf_bufsize bytes.
442 error = uiomove(d->bd_hbuf, d->bd_hlen, ap->a_uio);
445 d->bd_fbuf = d->bd_hbuf;
455 * If there are processes sleeping on this descriptor, wake them up.
458 bpf_wakeup(struct bpf_d *d)
460 if (d->bd_state == BPF_WAITING) {
461 callout_stop(&d->bd_callout);
462 d->bd_state = BPF_IDLE;
465 if (d->bd_async && d->bd_sig && d->bd_sigio)
466 pgsigio(d->bd_sigio, d->bd_sig, 0);
469 selwakeup(&d->bd_sel);
472 d->bd_sel.si_pid = 0;
476 bpf_timed_out(void *arg)
478 struct bpf_d *d = (struct bpf_d *)arg;
481 if (d->bd_state == BPF_WAITING) {
482 d->bd_state = BPF_TIMED_OUT;
490 bpfwrite(struct dev_write_args *ap)
492 cdev_t dev = ap->a_head.a_dev;
493 struct bpf_d *d = dev->si_drv1;
497 static struct sockaddr dst;
500 if (d->bd_bif == NULL)
503 ifp = d->bd_bif->bif_ifp;
505 if (ap->a_uio->uio_resid == 0)
508 error = bpf_movein(ap->a_uio, (int)d->bd_bif->bif_dlt, &m,
513 if (datlen > ifp->if_mtu) {
519 dst.sa_family = pseudo_AF_HDRCMPLT;
522 lwkt_serialize_enter(ifp->if_serializer);
523 error = (*ifp->if_output)(ifp, m, &dst, (struct rtentry *)NULL);
524 lwkt_serialize_exit(ifp->if_serializer);
527 * The driver frees the mbuf.
533 * Reset a descriptor by flushing its packet buffer and clearing the
534 * receive and drop counts. Should be called at splimp.
537 bpf_resetd(struct bpf_d *d)
540 /* Free the hold buffer. */
541 d->bd_fbuf = d->bd_hbuf;
551 * FIONREAD Check for read packet available.
552 * SIOCGIFADDR Get interface address - convenient hook to driver.
553 * BIOCGBLEN Get buffer len [for read()].
554 * BIOCSETF Set ethernet read filter.
555 * BIOCFLUSH Flush read packet buffer.
556 * BIOCPROMISC Put interface into promiscuous mode.
557 * BIOCGDLT Get link layer type.
558 * BIOCGETIF Get interface name.
559 * BIOCSETIF Set interface.
560 * BIOCSRTIMEOUT Set read timeout.
561 * BIOCGRTIMEOUT Get read timeout.
562 * BIOCGSTATS Get packet stats.
563 * BIOCIMMEDIATE Set immediate mode.
564 * BIOCVERSION Get filter language version.
565 * BIOCGHDRCMPLT Get "header already complete" flag
566 * BIOCSHDRCMPLT Set "header already complete" flag
567 * BIOCGSEESENT Get "see packets sent" flag
568 * BIOCSSEESENT Set "see packets sent" flag
572 bpfioctl(struct dev_ioctl_args *ap)
574 cdev_t dev = ap->a_head.a_dev;
575 struct bpf_d *d = dev->si_drv1;
579 if (d->bd_state == BPF_WAITING)
580 callout_stop(&d->bd_callout);
581 d->bd_state = BPF_IDLE;
590 * Check for read packet available.
602 *(int *)ap->a_data = n;
610 if (d->bd_bif == NULL) {
613 ifp = d->bd_bif->bif_ifp;
614 lwkt_serialize_enter(ifp->if_serializer);
615 error = ifp->if_ioctl(ifp, ap->a_cmd,
616 ap->a_data, ap->a_cred);
617 lwkt_serialize_exit(ifp->if_serializer);
623 * Get buffer len [for read()].
626 *(u_int *)ap->a_data = d->bd_bufsize;
633 if (d->bd_bif != NULL) {
636 u_int size = *(u_int *)ap->a_data;
638 if (size > bpf_maxbufsize)
639 *(u_int *)ap->a_data = size = bpf_maxbufsize;
640 else if (size < BPF_MINBUFSIZE)
641 *(u_int *)ap->a_data = size = BPF_MINBUFSIZE;
642 d->bd_bufsize = size;
647 * Set link layer read filter.
650 error = bpf_setf(d, (struct bpf_program *)ap->a_data);
654 * Flush read packet buffer.
663 * Put interface into promiscuous mode.
666 if (d->bd_bif == NULL) {
668 * No interface attached yet.
674 if (d->bd_promisc == 0) {
675 error = ifpromisc(d->bd_bif->bif_ifp, 1);
683 * Get device parameters.
686 if (d->bd_bif == NULL)
689 *(u_int *)ap->a_data = d->bd_bif->bif_dlt;
693 * Get a list of supported data link types.
696 if (d->bd_bif == NULL) {
699 error = bpf_getdltlist(d,
700 (struct bpf_dltlist *)ap->a_data);
705 * Set data link type.
708 if (d->bd_bif == NULL)
711 error = bpf_setdlt(d, *(u_int *)ap->a_data);
715 * Get interface name.
718 if (d->bd_bif == NULL) {
721 struct ifnet *const ifp = d->bd_bif->bif_ifp;
722 struct ifreq *const ifr = (struct ifreq *)ap->a_data;
724 strlcpy(ifr->ifr_name, ifp->if_xname,
725 sizeof ifr->ifr_name);
733 error = bpf_setif(d, (struct ifreq *)ap->a_data);
741 struct timeval *tv = (struct timeval *)ap->a_data;
744 * Subtract 1 tick from tvtohz() since this isn't
747 if ((error = itimerfix(tv)) == 0)
748 d->bd_rtout = tvtohz_low(tv);
757 struct timeval *tv = (struct timeval *)ap->a_data;
759 tv->tv_sec = d->bd_rtout / hz;
760 tv->tv_usec = (d->bd_rtout % hz) * tick;
769 struct bpf_stat *bs = (struct bpf_stat *)ap->a_data;
771 bs->bs_recv = d->bd_rcount;
772 bs->bs_drop = d->bd_dcount;
777 * Set immediate mode.
780 d->bd_immediate = *(u_int *)ap->a_data;
785 struct bpf_version *bv = (struct bpf_version *)ap->a_data;
787 bv->bv_major = BPF_MAJOR_VERSION;
788 bv->bv_minor = BPF_MINOR_VERSION;
793 * Get "header already complete" flag
796 *(u_int *)ap->a_data = d->bd_hdrcmplt;
800 * Set "header already complete" flag
803 d->bd_hdrcmplt = *(u_int *)ap->a_data ? 1 : 0;
807 * Get "see sent packets" flag
810 *(u_int *)ap->a_data = d->bd_seesent;
814 * Set "see sent packets" flag
817 d->bd_seesent = *(u_int *)ap->a_data;
820 case FIOASYNC: /* Send signal on receive packets */
821 d->bd_async = *(int *)ap->a_data;
825 error = fsetown(*(int *)ap->a_data, &d->bd_sigio);
829 *(int *)ap->a_data = fgetown(d->bd_sigio);
832 /* This is deprecated, FIOSETOWN should be used instead. */
834 error = fsetown(-(*(int *)ap->a_data), &d->bd_sigio);
837 /* This is deprecated, FIOGETOWN should be used instead. */
839 *(int *)ap->a_data = -fgetown(d->bd_sigio);
842 case BIOCSRSIG: /* Set receive signal */
846 sig = *(u_int *)ap->a_data;
855 *(u_int *)ap->a_data = d->bd_sig;
862 * Set d's packet filter program to fp. If this file already has a filter,
863 * free it and replace it. Returns EINVAL for bogus requests.
866 bpf_setf(struct bpf_d *d, struct bpf_program *fp)
868 struct bpf_insn *fcode, *old;
872 if (fp->bf_insns == NULL) {
884 if (flen > BPF_MAXINSNS)
887 size = flen * sizeof *fp->bf_insns;
888 fcode = (struct bpf_insn *)kmalloc(size, M_BPF, M_WAITOK);
889 if (copyin(fp->bf_insns, fcode, size) == 0 &&
890 bpf_validate(fcode, (int)flen)) {
892 d->bd_filter = fcode;
905 * Detach a file from its current interface (if attached at all) and attach
906 * to the interface indicated by the name stored in ifr.
907 * Return an errno or 0.
910 bpf_setif(struct bpf_d *d, struct ifreq *ifr)
914 struct ifnet *theywant;
916 theywant = ifunit(ifr->ifr_name);
917 if (theywant == NULL)
921 * Look through attached interfaces for the named one.
923 for (bp = bpf_iflist; bp != NULL; bp = bp->bif_next) {
924 struct ifnet *ifp = bp->bif_ifp;
926 if (ifp == NULL || ifp != theywant)
928 /* skip additional entry */
929 if (bp->bif_driverp != &ifp->if_bpf)
932 * We found the requested interface.
933 * If it's not up, return an error.
934 * Allocate the packet buffers if we need to.
935 * If we're already attached to requested interface,
936 * just flush the buffer.
938 if (!(ifp->if_flags & IFF_UP))
941 if (d->bd_sbuf == NULL) {
942 error = bpf_allocbufs(d);
947 if (bp != d->bd_bif) {
948 if (d->bd_bif != NULL) {
950 * Detach if attached to something else.
967 * Support for select() and poll() system calls
969 * Return true iff the specific operation will not block indefinitely.
970 * Otherwise, return false but make a note that a selwakeup() must be done.
973 bpfpoll(struct dev_poll_args *ap)
975 cdev_t dev = ap->a_head.a_dev;
980 if (d->bd_bif == NULL)
983 revents = ap->a_events & (POLLOUT | POLLWRNORM);
985 if (ap->a_events & (POLLIN | POLLRDNORM)) {
987 * An imitation of the FIONREAD ioctl code.
988 * XXX not quite. An exact imitation:
989 * if (d->b_slen != 0 ||
990 * (d->bd_hbuf != NULL && d->bd_hlen != 0)
992 if (d->bd_hlen != 0 ||
993 ((d->bd_immediate || d->bd_state == BPF_TIMED_OUT) &&
995 revents |= ap->a_events & (POLLIN | POLLRDNORM);
997 selrecord(curthread, &d->bd_sel);
998 /* Start the read timeout if necessary. */
999 if (d->bd_rtout > 0 && d->bd_state == BPF_IDLE) {
1000 callout_reset(&d->bd_callout, d->bd_rtout,
1002 d->bd_state = BPF_WAITING;
1007 ap->a_events = revents;
1012 * Process the packet pkt of length pktlen. The packet is parsed
1013 * by each listener's filter, and if accepted, stashed into the
1014 * corresponding buffer.
1017 bpf_tap(struct bpf_if *bp, u_char *pkt, u_int pktlen)
1025 * Note that the ipl does not have to be raised at this point.
1026 * The only problem that could arise here is that if two different
1027 * interfaces shared any data. This is not the case.
1029 SLIST_FOREACH(d, &bp->bif_dlist, bd_next) {
1031 slen = bpf_filter(d->bd_filter, pkt, pktlen, pktlen);
1037 catchpacket(d, pkt, pktlen, slen, ovbcopy, &tv);
1043 * Copy data from an mbuf chain into a buffer. This code is derived
1044 * from m_copydata in sys/uipc_mbuf.c.
1047 bpf_mcopy(const void *src_arg, void *dst_arg, size_t len)
1049 const struct mbuf *m;
1058 count = min(m->m_len, len);
1059 bcopy(mtod(m, void *), dst, count);
1067 * Process the packet in the mbuf chain m. The packet is parsed by each
1068 * listener's filter, and if accepted, stashed into the corresponding
1072 bpf_mtap(struct bpf_if *bp, struct mbuf *m)
1079 /* Don't compute pktlen, if no descriptor is attached. */
1080 if (SLIST_EMPTY(&bp->bif_dlist))
1083 pktlen = m_lengthm(m, NULL);
1085 SLIST_FOREACH(d, &bp->bif_dlist, bd_next) {
1086 if (!d->bd_seesent && (m->m_pkthdr.rcvif == NULL))
1089 slen = bpf_filter(d->bd_filter, (u_char *)m, pktlen, 0);
1095 catchpacket(d, (u_char *)m, pktlen, slen, bpf_mcopy,
1102 bpf_mtap_family(struct bpf_if *bp, struct mbuf *m, sa_family_t family)
1106 KKASSERT(family != AF_UNSPEC);
1108 family4 = (u_int)family;
1109 bpf_ptap(bp, m, &family4, sizeof(family4));
1113 * Process the packet in the mbuf chain m with the header in m prepended.
1114 * The packet is parsed by each listener's filter, and if accepted,
1115 * stashed into the corresponding buffer.
1118 bpf_ptap(struct bpf_if *bp, struct mbuf *m, const void *data, u_int dlen)
1123 * Craft on-stack mbuf suitable for passing to bpf_mtap.
1124 * Note that we cut corners here; we only setup what's
1125 * absolutely needed--this mbuf should never go anywhere else.
1128 mb.m_data = __DECONST(void *, data); /* LINTED */
1130 mb.m_pkthdr.rcvif = m->m_pkthdr.rcvif;
1136 * Move the packet data from interface memory (pkt) into the
1137 * store buffer. Return 1 if it's time to wakeup a listener (buffer full),
1138 * otherwise 0. "copy" is the routine called to do the actual data
1139 * transfer. bcopy is passed in to copy contiguous chunks, while
1140 * bpf_mcopy is passed in to copy mbuf chains. In the latter case,
1141 * pkt is really an mbuf.
1144 catchpacket(struct bpf_d *d, u_char *pkt, u_int pktlen, u_int snaplen,
1145 void (*cpfn)(const void *, void *, size_t),
1146 const struct timeval *tv)
1150 int hdrlen = d->bd_bif->bif_hdrlen;
1152 * Figure out how many bytes to move. If the packet is
1153 * greater or equal to the snapshot length, transfer that
1154 * much. Otherwise, transfer the whole packet (unless
1155 * we hit the buffer size limit).
1157 totlen = hdrlen + min(snaplen, pktlen);
1158 if (totlen > d->bd_bufsize)
1159 totlen = d->bd_bufsize;
1162 * Round up the end of the previous packet to the next longword.
1164 curlen = BPF_WORDALIGN(d->bd_slen);
1165 if (curlen + totlen > d->bd_bufsize) {
1167 * This packet will overflow the storage buffer.
1168 * Rotate the buffers if we can, then wakeup any
1171 if (d->bd_fbuf == NULL) {
1173 * We haven't completed the previous read yet,
1174 * so drop the packet.
1182 } else if (d->bd_immediate || d->bd_state == BPF_TIMED_OUT) {
1184 * Immediate mode is set, or the read timeout has
1185 * already expired during a select call. A packet
1186 * arrived, so the reader should be woken up.
1192 * Append the bpf header.
1194 hp = (struct bpf_hdr *)(d->bd_sbuf + curlen);
1195 hp->bh_tstamp = *tv;
1196 hp->bh_datalen = pktlen;
1197 hp->bh_hdrlen = hdrlen;
1199 * Copy the packet data into the store buffer and update its length.
1201 (*cpfn)(pkt, (u_char *)hp + hdrlen, (hp->bh_caplen = totlen - hdrlen));
1202 d->bd_slen = curlen + totlen;
1206 * Initialize all nonzero fields of a descriptor.
1209 bpf_allocbufs(struct bpf_d *d)
1211 d->bd_fbuf = kmalloc(d->bd_bufsize, M_BPF, M_WAITOK);
1212 d->bd_sbuf = kmalloc(d->bd_bufsize, M_BPF, M_WAITOK);
1219 * Free buffers and packet filter program currently in use by a descriptor.
1223 bpf_freed(struct bpf_d *d)
1226 * We don't need to lock out interrupts since this descriptor has
1227 * been detached from its interface and it yet hasn't been marked
1230 if (d->bd_sbuf != NULL) {
1231 kfree(d->bd_sbuf, M_BPF);
1232 if (d->bd_hbuf != NULL)
1233 kfree(d->bd_hbuf, M_BPF);
1234 if (d->bd_fbuf != NULL)
1235 kfree(d->bd_fbuf, M_BPF);
1237 if (d->bd_filter != NULL)
1238 kfree(d->bd_filter, M_BPF);
1242 * Attach an interface to bpf. ifp is a pointer to the structure
1243 * defining the interface to be attached, dlt is the link layer type,
1244 * and hdrlen is the fixed size of the link header (variable length
1245 * headers are not yet supported).
1248 bpfattach(struct ifnet *ifp, u_int dlt, u_int hdrlen)
1250 bpfattach_dlt(ifp, dlt, hdrlen, &ifp->if_bpf);
1254 bpfattach_dlt(struct ifnet *ifp, u_int dlt, u_int hdrlen, struct bpf_if **driverp)
1258 bp = kmalloc(sizeof *bp, M_BPF, M_WAITOK | M_ZERO);
1260 SLIST_INIT(&bp->bif_dlist);
1263 bp->bif_driverp = driverp;
1264 *bp->bif_driverp = NULL;
1266 bp->bif_next = bpf_iflist;
1270 * Compute the length of the bpf header. This is not necessarily
1271 * equal to SIZEOF_BPF_HDR because we want to insert spacing such
1272 * that the network layer header begins on a longword boundary (for
1273 * performance reasons and to alleviate alignment restrictions).
1275 bp->bif_hdrlen = BPF_WORDALIGN(hdrlen + SIZEOF_BPF_HDR) - hdrlen;
1278 if_printf(ifp, "bpf attached\n");
1282 * Detach bpf from an interface. This involves detaching each descriptor
1283 * associated with the interface, and leaving bd_bif NULL. Notify each
1284 * descriptor as it's detached so that any sleepers wake up and get
1288 bpfdetach(struct ifnet *ifp)
1290 struct bpf_if *bp, *bp_prev;
1295 /* Locate BPF interface information */
1297 for (bp = bpf_iflist; bp != NULL; bp = bp->bif_next) {
1298 if (ifp == bp->bif_ifp)
1303 /* Interface wasn't attached */
1304 if (bp->bif_ifp == NULL) {
1306 kprintf("bpfdetach: %s was not attached\n", ifp->if_xname);
1310 while ((d = SLIST_FIRST(&bp->bif_dlist)) != NULL) {
1315 if (bp_prev != NULL)
1316 bp_prev->bif_next = bp->bif_next;
1318 bpf_iflist = bp->bif_next;
1326 * Get a list of available data link type of the interface.
1329 bpf_getdltlist(struct bpf_d *d, struct bpf_dltlist *bfl)
1335 ifp = d->bd_bif->bif_ifp;
1338 for (bp = bpf_iflist; bp != NULL; bp = bp->bif_next) {
1339 if (bp->bif_ifp != ifp)
1341 if (bfl->bfl_list != NULL) {
1342 if (n >= bfl->bfl_len) {
1345 error = copyout(&bp->bif_dlt,
1346 bfl->bfl_list + n, sizeof(u_int));
1355 * Set the data link type of a BPF instance.
1358 bpf_setdlt(struct bpf_d *d, u_int dlt)
1360 int error, opromisc;
1364 if (d->bd_bif->bif_dlt == dlt)
1366 ifp = d->bd_bif->bif_ifp;
1367 for (bp = bpf_iflist; bp != NULL; bp = bp->bif_next) {
1368 if (bp->bif_ifp == ifp && bp->bif_dlt == dlt)
1372 opromisc = d->bd_promisc;
1378 error = ifpromisc(bp->bif_ifp, 1);
1380 if_printf(bp->bif_ifp,
1381 "bpf_setdlt: ifpromisc failed (%d)\n",
1389 return(bp == NULL ? EINVAL : 0);
1393 bpf_drvinit(void *unused)
1395 dev_ops_add(&bpf_ops, 0, 0);
1398 SYSINIT(bpfdev,SI_SUB_DRIVERS,SI_ORDER_MIDDLE+CDEV_MAJOR,bpf_drvinit,NULL)
1402 * NOP stubs to allow bpf-using drivers to load and function.
1404 * A 'better' implementation would allow the core bpf functionality
1405 * to be loaded at runtime.
1409 bpf_tap(struct bpf_if *bp, u_char *pkt, u_int pktlen)
1414 bpf_mtap(struct bpf_if *bp, struct mbuf *m)
1419 bpf_ptap(struct bpf_if *bp, struct mbuf *m, const void *data, u_int dlen)
1424 bpfattach(struct ifnet *ifp, u_int dlt, u_int hdrlen)
1429 bpfattach_dlt(struct ifnet *ifp, u_int dlt, u_int hdrlen, struct bpf_if **driverp)
1434 bpfdetach(struct ifnet *ifp)
1439 bpf_filter(const struct bpf_insn *pc, u_char *p, u_int wirelen, u_int buflen)
1441 return -1; /* "no filter" behaviour */
projects / dragonfly.git / blob