]> git.saurik.com Git - apple/xnu.git/blame - bsd/net/bpf.c
projects / apple / xnu.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
xnu-1456.1.26.tar.gz
[apple/xnu.git] / bsd / net / bpf.c
CommitLineData
1c79356b 1/*
b0d623f7 2 * Copyright (c) 2000-2008 Apple Inc. All rights reserved.
5d5c5d0d 3 *
2d21ac55 4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
1c79356b 5 *
2d21ac55
A		 6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. The rights granted to you under the License
10 * may not be used to create, or enable the creation or redistribution of,
11 * unlawful or unlicensed copies of an Apple operating system, or to
12 * circumvent, violate, or enable the circumvention or violation of, any
13 * terms of an Apple operating system software license agreement.
8f6c56a5 14 *
2d21ac55
A		 15 * Please obtain a copy of the License at
16 * http://www.opensource.apple.com/apsl/ and read it before using this file.
17 *
18 * The Original Code and all software distributed under the License are
19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
8f6c56a5
A		 20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
2d21ac55
A		 22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23 * Please see the License for the specific language governing rights and
24 * limitations under the License.
8f6c56a5 25 *
2d21ac55 26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
1c79356b
A		 27 */
28/*
29 * Copyright (c) 1990, 1991, 1993
30 * The Regents of the University of California. All rights reserved.
31 *
32 * This code is derived from the Stanford/CMU enet packet filter,
33 * (net/enet.c) distributed as part of 4.3BSD, and code contributed
34 * to Berkeley by Steven McCanne and Van Jacobson both of Lawrence
35 * Berkeley Laboratory.
36 *
37 * Redistribution and use in source and binary forms, with or without
38 * modification, are permitted provided that the following conditions
39 * are met:
40 * 1. Redistributions of source code must retain the above copyright
41 * notice, this list of conditions and the following disclaimer.
42 * 2. Redistributions in binary form must reproduce the above copyright
43 * notice, this list of conditions and the following disclaimer in the
44 * documentation and/or other materials provided with the distribution.
45 * 3. All advertising materials mentioning features or use of this software
46 * must display the following acknowledgement:
47 * This product includes software developed by the University of
48 * California, Berkeley and its contributors.
49 * 4. Neither the name of the University nor the names of its contributors
50 * may be used to endorse or promote products derived from this software
51 * without specific prior written permission.
52 *
53 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
54 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
55 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
56 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
57 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
58 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
59 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
60 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
61 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
62 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
63 * SUCH DAMAGE.
64 *
65 * @(#)bpf.c 8.2 (Berkeley) 3/28/94
66 *
9bccf70c 67 * $FreeBSD: src/sys/net/bpf.c,v 1.59.2.5 2001/01/05 04:49:09 jdp Exp $
1c79356b 68 */
2d21ac55
A		 69/*
70 * NOTICE: This file was modified by SPARTA, Inc. in 2005 to introduce
71 * support for mandatory and extensible security protections. This notice
72 * is included in support of clause 2.2 (b) of the Apple Public License,
73 * Version 2.0.
74 */
1c79356b 75
9bccf70c 76#include "bpf.h"
1c79356b
A		 77
78#ifndef __GNUC__
79#define inline
80#else
81#define inline __inline
82#endif
83
84#include <sys/param.h>
85#include <sys/systm.h>
86#include <sys/conf.h>
87#include <sys/malloc.h>
88#include <sys/mbuf.h>
89#include <sys/time.h>
90#include <sys/proc.h>
1c79356b
A		 91#include <sys/signalvar.h>
92#include <sys/filio.h>
93#include <sys/sockio.h>
94#include <sys/ttycom.h>
95#include <sys/filedesc.h>
91447636 96#include <sys/uio_internal.h>
b0d623f7
A		 97#include <sys/fcntl.h>
98#include <sys/file_internal.h>
99#include <sys/event.h>
1c79356b 100
9bccf70c
A		 101#if defined(sparc) && BSD < 199103
102#include <sys/stream.h>
103#endif
104#include <sys/poll.h>
105
1c79356b
A		 106#include <sys/socket.h>
107#include <sys/vnode.h>
108
109#include <net/if.h>
110#include <net/bpf.h>
111#include <net/bpfdesc.h>
112
113#include <netinet/in.h>
114#include <netinet/if_ether.h>
115#include <sys/kernel.h>
116#include <sys/sysctl.h>
55e303ae 117#include <net/firewire.h>
1c79356b 118
1c79356b
A		 119#include <miscfs/devfs/devfs.h>
120#include <net/dlil.h>
121
91447636
A		 122#include <kern/locks.h>
123
2d21ac55
A		 124#if CONFIG_MACF_NET
125#include <security/mac_framework.h>
126#endif /* MAC_NET */
91447636 127
2d21ac55 128extern int tvtohz(struct timeval *);
9bccf70c 129
1c79356b
A		 130/*
131 * Older BSDs don't have kernel malloc.
132 */
133#if BSD < 199103
134extern bcopy();
135static caddr_t bpf_alloc();
9bccf70c 136#include <net/bpf_compat.h>
1c79356b
A		 137#define BPF_BUFSIZE (MCLBYTES-8)
138#define UIOMOVE(cp, len, code, uio) uiomove(cp, len, code, uio)
139#else
140#define BPF_BUFSIZE 4096
141#define UIOMOVE(cp, len, code, uio) uiomove(cp, len, uio)
142#endif
143
55e303ae 144
1c79356b
A		 145#define PRINET 26 /* interruptible */
146
147/*
148 * The default read buffer size is patchable.
149 */
91447636 150static unsigned int bpf_bufsize = BPF_BUFSIZE;
1c79356b
A		 151SYSCTL_INT(_debug, OID_AUTO, bpf_bufsize, CTLFLAG_RW,
152 &bpf_bufsize, 0, "");
91447636 153static unsigned int bpf_maxbufsize = BPF_MAXBUFSIZE;
9bccf70c
A		 154SYSCTL_INT(_debug, OID_AUTO, bpf_maxbufsize, CTLFLAG_RW,
155 &bpf_maxbufsize, 0, "");
91447636
A		 156static unsigned int bpf_maxdevices = 256;
157SYSCTL_UINT(_debug, OID_AUTO, bpf_maxdevices, CTLFLAG_RW,
158 &bpf_maxdevices, 0, "");
1c79356b
A		 159
160/*
161 * bpf_iflist is the list of interfaces; each corresponds to an ifnet
55e303ae 162 * bpf_dtab holds pointer to the descriptors, indexed by minor device #
1c79356b
A		 163 */
164static struct bpf_if *bpf_iflist;
9bccf70c
A		 165#ifdef __APPLE__
166/*
167 * BSD now stores the bpf_d in the dev_t which is a struct
168 * on their system. Our dev_t is an int, so we still store
169 * the bpf_d in a separate table indexed by minor device #.
91447636
A		 170 *
171 * The value stored in bpf_dtab[n] represent three states:
172 * 0: device not opened
173 * 1: device opening or closing
174 * other: device <n> opened with pointer to storage
9bccf70c 175 */
55e303ae 176static struct bpf_d **bpf_dtab = NULL;
91447636
A		 177static unsigned int bpf_dtab_size = 0;
178static unsigned int nbpfilter = 0;
179
180static lck_mtx_t *bpf_mlock;
181static lck_grp_t *bpf_mlock_grp;
182static lck_grp_attr_t *bpf_mlock_grp_attr;
183static lck_attr_t *bpf_mlock_attr;
55e303ae
A		 184
185/*
186 * Mark a descriptor free by making it point to itself.
187 * This is probably cheaper than marking with a constant since
188 * the address should be in a register anyway.
189 */
55e303ae 190#endif /* __APPLE__ */
1c79356b 191
91447636 192static int bpf_allocbufs(struct bpf_d *);
2d21ac55 193static errno_t bpf_attachd(struct bpf_d *d, struct bpf_if *bp);
91447636
A		 194static void bpf_detachd(struct bpf_d *d);
195static void bpf_freed(struct bpf_d *);
196static void bpf_mcopy(const void *, void *, size_t);
197static int bpf_movein(struct uio *, int,
198 struct mbuf **, struct sockaddr *, int *);
2d21ac55 199static int bpf_setif(struct bpf_d *, ifnet_t ifp, u_int32_t dlt);
91447636
A		 200static void bpf_wakeup(struct bpf_d *);
201static void catchpacket(struct bpf_d *, u_char *, u_int,
202 u_int, void (*)(const void *, void *, size_t));
203static void reset_d(struct bpf_d *);
2d21ac55 204static int bpf_setf(struct bpf_d *, u_int bf_len, user_addr_t bf_insns);
b0d623f7
A		 205static int bpf_getdltlist(struct bpf_d *, struct bpf_dltlist *,
206 struct proc *);
2d21ac55 207static int bpf_setdlt(struct bpf_d *, u_int);
1c79356b 208
55e303ae
A		 209/*static void *bpf_devfs_token[MAXBPFILTER];*/
210
211static int bpf_devsw_installed;
212
91447636 213void bpf_init(void *unused);
2d21ac55 214static int bpf_tap_callback(struct ifnet *ifp, struct mbuf *m);
55e303ae 215
9bccf70c
A		 216/*
217 * Darwin differs from BSD here, the following are static
218 * on BSD and not static on Darwin.
219 */
1c79356b
A		 220 d_open_t bpfopen;
221 d_close_t bpfclose;
222 d_read_t bpfread;
223 d_write_t bpfwrite;
91447636 224 ioctl_fcn_t bpfioctl;
9bccf70c 225 select_fcn_t bpfpoll;
1c79356b 226
1c79356b 227
9bccf70c
A		 228/* Darwin's cdevsw struct differs slightly from BSDs */
229#define CDEV_MAJOR 23
1c79356b 230static struct cdevsw bpf_cdevsw = {
9bccf70c
A		 231 /* open */ bpfopen,
232 /* close */ bpfclose,
233 /* read */ bpfread,
234 /* write */ bpfwrite,
235 /* ioctl */ bpfioctl,
91447636
A		 236 /* stop */ eno_stop,
237 /* reset */ eno_reset,
238 /* tty */ NULL,
9bccf70c 239 /* select */ bpfpoll,
91447636 240 /* mmap */ eno_mmap,
9bccf70c 241 /* strategy*/ eno_strat,
91447636
A		 242 /* getc */ eno_getc,
243 /* putc */ eno_putc,
244 /* type */ 0
1c79356b
A		 245};
246
55e303ae 247#define SOCKADDR_HDR_LEN offsetof(struct sockaddr, sa_data)
9bccf70c 248
1c79356b 249static int
91447636 250bpf_movein(struct uio *uio, int linktype, struct mbuf **mp, struct sockaddr *sockp, int *datlen)
1c79356b
A		 251{
252 struct mbuf *m;
253 int error;
254 int len;
2d21ac55 255 uint8_t sa_family;
1c79356b
A		 256 int hlen;
257
2d21ac55 258 switch (linktype) {
91447636 259
2d21ac55
A		 260#if SLIP
261 case DLT_SLIP:
262 sa_family = AF_INET;
263 hlen = 0;
264 break;
265#endif /* SLIP */
91447636 266
2d21ac55
A		 267 case DLT_EN10MB:
268 sa_family = AF_UNSPEC;
269 /* XXX Would MAXLINKHDR be better? */
270 hlen = sizeof(struct ether_header);
271 break;
91447636 272
2d21ac55
A		 273#if FDDI
274 case DLT_FDDI:
91447636 275 #if defined(__FreeBSD__) || defined(__bsdi__)
2d21ac55
A		 276 sa_family = AF_IMPLINK;
277 hlen = 0;
91447636 278 #else
2d21ac55
A		 279 sa_family = AF_UNSPEC;
280 /* XXX 4(FORMAC)+6(dst)+6(src)+3(LLC)+5(SNAP) */
281 hlen = 24;
91447636 282 #endif
2d21ac55
A		 283 break;
284#endif /* FDDI */
91447636 285
2d21ac55
A		 286 case DLT_RAW:
287 case DLT_NULL:
288 sa_family = AF_UNSPEC;
289 hlen = 0;
290 break;
91447636
A		 291
292 #ifdef __FreeBSD__
2d21ac55
A		 293 case DLT_ATM_RFC1483:
294 /*
295 * en atm driver requires 4-byte atm pseudo header.
296 * though it isn't standard, vpi:vci needs to be
297 * specified anyway.
298 */
299 sa_family = AF_UNSPEC;
300 hlen = 12; /* XXX 4(ATM_PH) + 3(LLC) + 5(SNAP) */
301 break;
91447636 302 #endif
2d21ac55
A		 303
304 case DLT_PPP:
305 sa_family = AF_UNSPEC;
306 hlen = 4; /* This should match PPP_HDRLEN */
307 break;
91447636 308
2d21ac55
A		 309 case DLT_APPLE_IP_OVER_IEEE1394:
310 sa_family = AF_UNSPEC;
311 hlen = sizeof(struct firewire_header);
312 break;
b0d623f7
A		 313
314 case DLT_IEEE802_11: /* IEEE 802.11 wireless */
315 sa_family = AF_IEEE80211;
316 hlen = 0;
317 break;
318
2d21ac55
A		 319 default:
320 return (EIO);
55e303ae 321 }
2d21ac55 322
91447636
A		 323 // LP64todo - fix this!
324 len = uio_resid(uio);
1c79356b
A		 325 *datlen = len - hlen;
326 if ((unsigned)len > MCLBYTES)
327 return (EIO);
328
2d21ac55
A		 329 if (sockp) {
330 /*
331 * Build a sockaddr based on the data link layer type.
332 * We do this at this level because the ethernet header
333 * is copied directly into the data field of the sockaddr.
334 * In the case of SLIP, there is no header and the packet
335 * is forwarded as is.
336 * Also, we are careful to leave room at the front of the mbuf
337 * for the link level header.
338 */
339 if ((hlen + SOCKADDR_HDR_LEN) > sockp->sa_len) {
340 return (EIO);
341 }
342 sockp->sa_family = sa_family;
343 } else {
344 /*
345 * We're directly sending the packet data supplied by
346 * the user; we don't need to make room for the link
347 * header, and don't need the header length value any
348 * more, so set it to 0.
349 */
350 hlen = 0;
351 }
352
1c79356b
A		 353 MGETHDR(m, M_WAIT, MT_DATA);
354 if (m == 0)
355 return (ENOBUFS);
91447636 356 if ((unsigned)len > MHLEN) {
1c79356b
A		 357#if BSD >= 199103
358 MCLGET(m, M_WAIT);
359 if ((m->m_flags & M_EXT) == 0) {
360#else
361 MCLGET(m);
362 if (m->m_len != MCLBYTES) {
363#endif
364 error = ENOBUFS;
365 goto bad;
366 }
367 }
368 m->m_pkthdr.len = m->m_len = len;
369 m->m_pkthdr.rcvif = NULL;
370 *mp = m;
371 /*
372 * Make room for link header.
373 */
374 if (hlen != 0) {
375 m->m_pkthdr.len -= hlen;
376 m->m_len -= hlen;
377#if BSD >= 199103
378 m->m_data += hlen; /* XXX */
379#else
380 m->m_off += hlen;
381#endif
382 error = UIOMOVE((caddr_t)sockp->sa_data, hlen, UIO_WRITE, uio);
383 if (error)
384 goto bad;
385 }
386 error = UIOMOVE(mtod(m, caddr_t), len - hlen, UIO_WRITE, uio);
387 if (!error)
388 return (0);
389 bad:
390 m_freem(m);
391 return (error);
392}
393
9bccf70c 394#ifdef __APPLE__
55e303ae
A		 395
396/*
91447636
A		 397 * The dynamic addition of a new device node must block all processes that are opening
398 * the last device so that no process will get an unexpected ENOENT
55e303ae 399 */
91447636
A		 400static void
401bpf_make_dev_t(int maj)
55e303ae 402{
91447636
A		 403 static int bpf_growing = 0;
404 unsigned int cur_size = nbpfilter, i;
55e303ae 405
91447636
A		 406 if (nbpfilter >= bpf_maxdevices)
407 return;
55e303ae 408
91447636
A		 409 while (bpf_growing) {
410 /* Wait until new device has been created */
411 (void)tsleep((caddr_t)&bpf_growing, PZERO, "bpf_growing", 0);
412 }
413 if (nbpfilter > cur_size) {
414 /* other thread grew it already */
415 return;
416 }
417 bpf_growing = 1;
55e303ae 418
91447636
A		 419 /* need to grow bpf_dtab first */
420 if (nbpfilter == bpf_dtab_size) {
421 int new_dtab_size;
422 struct bpf_d **new_dtab = NULL;
423 struct bpf_d **old_dtab = NULL;
424
425 new_dtab_size = bpf_dtab_size + NBPFILTER;
426 new_dtab = (struct bpf_d **)_MALLOC(sizeof(struct bpf_d *) * new_dtab_size, M_DEVBUF, M_WAIT);
427 if (new_dtab == 0) {
428 printf("bpf_make_dev_t: malloc bpf_dtab failed\n");
429 goto done;
430 }
431 if (bpf_dtab) {
432 bcopy(bpf_dtab, new_dtab,
433 sizeof(struct bpf_d *) * bpf_dtab_size);
434 }
435 bzero(new_dtab + bpf_dtab_size,
436 sizeof(struct bpf_d *) * NBPFILTER);
437 old_dtab = bpf_dtab;
438 bpf_dtab = new_dtab;
439 bpf_dtab_size = new_dtab_size;
440 if (old_dtab != NULL)
441 _FREE(old_dtab, M_DEVBUF);
55e303ae 442 }
91447636
A		 443 i = nbpfilter++;
444 (void) devfs_make_node(makedev(maj, i),
445 DEVFS_CHAR, UID_ROOT, GID_WHEEL, 0600,
446 "bpf%d", i);
447done:
448 bpf_growing = 0;
449 wakeup((caddr_t)&bpf_growing);
55e303ae
A		 450}
451
9bccf70c 452#endif
1c79356b
A		 453
454/*
455 * Attach file to the bpf interface, i.e. make d listen on bp.
1c79356b 456 */
2d21ac55 457static errno_t
91447636 458bpf_attachd(struct bpf_d *d, struct bpf_if *bp)
1c79356b 459{
2d21ac55
A		 460 int first = bp->bif_dlist == NULL;
461 int error = 0;
462
1c79356b
A		 463 /*
464 * Point d at bp, and add d to the interface's list of listeners.
465 * Finally, point the driver's bpf cookie at the interface so
466 * it will divert packets to bpf.
467 */
468 d->bd_bif = bp;
469 d->bd_next = bp->bif_dlist;
470 bp->bif_dlist = d;
2d21ac55
A		 471
472 if (first) {
b0d623f7
A		 473 bpf_tap_mode tap_mode;
474
475 switch ((d->bd_oflags & (FREAD | FWRITE))) {
476 case FREAD:
477 tap_mode = BPF_TAP_INPUT;
478 break;
479 case FWRITE:
480 tap_mode = BPF_TAP_OUTPUT;
481 break;
482 default:
483 tap_mode = BPF_TAP_INPUT_OUTPUT;
484 break;
485 }
486
2d21ac55
A		 487 /* Find the default bpf entry for this ifp */
488 if (bp->bif_ifp->if_bpf == NULL) {
489 struct bpf_if *primary;
490
491 for (primary = bpf_iflist; primary && primary->bif_ifp != bp->bif_ifp;
492 primary = primary->bif_next)
493 ;
494
495 bp->bif_ifp->if_bpf = primary;
496 }
497
498 /* Only call dlil_set_bpf_tap for primary dlt */
499 if (bp->bif_ifp->if_bpf == bp)
b0d623f7 500 dlil_set_bpf_tap(bp->bif_ifp, tap_mode, bpf_tap_callback);
2d21ac55
A		 501
502 if (bp->bif_tap)
b0d623f7 503 error = bp->bif_tap(bp->bif_ifp, bp->bif_dlt, tap_mode);
2d21ac55 504 }
1c79356b 505
2d21ac55 506 return error;
1c79356b
A		 507}
508
509/*
510 * Detach a file from its interface.
511 */
512static void
91447636 513bpf_detachd(struct bpf_d *d)
1c79356b
A		 514{
515 struct bpf_d **p;
516 struct bpf_if *bp;
517 struct ifnet *ifp;
518
519 ifp = d->bd_bif->bif_ifp;
1c79356b 520 bp = d->bd_bif;
2d21ac55
A		 521
522 /* Remove d from the interface's descriptor list. */
523 p = &bp->bif_dlist;
524 while (*p != d) {
525 p = &(*p)->bd_next;
526 if (*p == 0)
527 panic("bpf_detachd: descriptor not in list");
528 }
529 *p = (*p)->bd_next;
530 if (bp->bif_dlist == 0) {
531 /*
532 * Let the driver know that there are no more listeners.
533 */
534 /* Only call dlil_set_bpf_tap for primary dlt */
535 if (bp->bif_ifp->if_bpf == bp)
536 dlil_set_bpf_tap(ifp, BPF_TAP_DISABLE, NULL);
537 if (bp->bif_tap)
538 bp->bif_tap(ifp, bp->bif_dlt, BPF_TAP_DISABLE);
539
540 for (bp = bpf_iflist; bp; bp = bp->bif_next)
541 if (bp->bif_ifp == ifp && bp->bif_dlist != 0)
542 break;
543 if (bp == NULL)
544 ifp->if_bpf = NULL;
545 }
546 d->bd_bif = NULL;
1c79356b
A		 547 /*
548 * Check if this descriptor had requested promiscuous mode.
549 * If so, turn it off.
550 */
551 if (d->bd_promisc) {
552 d->bd_promisc = 0;
2d21ac55
A		 553 lck_mtx_unlock(bpf_mlock);
554 if (ifnet_set_promiscuous(ifp, 0)) {
1c79356b
A		 555 /*
556 * Something is really wrong if we were able to put
557 * the driver into promiscuous mode, but can't
558 * take it out.
9bccf70c 559 * Most likely the network interface is gone.
1c79356b 560 */
91447636 561 printf("bpf: ifnet_set_promiscuous failed");
2d21ac55
A		 562 }
563 lck_mtx_lock(bpf_mlock);
1c79356b 564 }
1c79356b
A		 565}
566
567
1c79356b
A		 568/*
569 * Open ethernet device. Returns ENXIO for illegal minor device number,
570 * EBUSY if file is open by another process.
571 */
572/* ARGSUSED */
2d21ac55 573int
b0d623f7 574bpfopen(dev_t dev, int flags, __unused int fmt,
2d21ac55 575 __unused struct proc *p)
1c79356b 576{
2d21ac55 577 struct bpf_d *d;
1c79356b 578
2d21ac55
A		 579 lck_mtx_lock(bpf_mlock);
580 if ((unsigned int) minor(dev) >= nbpfilter) {
581 lck_mtx_unlock(bpf_mlock);
1c79356b 582 return (ENXIO);
2d21ac55 583 }
91447636
A		 584 /*
585 * New device nodes are created on demand when opening the last one.
586 * The programming model is for processes to loop on the minor starting at 0
587 * as long as EBUSY is returned. The loop stops when either the open succeeds or
588 * an error other that EBUSY is returned. That means that bpf_make_dev_t() must
589 * block all processes that are opening the last node. If not all
590 * processes are blocked, they could unexpectedly get ENOENT and abort their
591 * opening loop.
592 */
593 if ((unsigned int) minor(dev) == (nbpfilter - 1))
594 bpf_make_dev_t(major(dev));
9bccf70c 595
1c79356b 596 /*
9bccf70c 597 * Each minor can be opened by only one process. If the requested
1c79356b 598 * minor is in use, return EBUSY.
91447636
A		 599 *
600 * Important: bpfopen() and bpfclose() have to check and set the status of a device
601 * in the same lockin context otherwise the device may be leaked because the vnode use count
602 * will be unpextectly greater than 1 when close() is called.
1c79356b 603 */
2d21ac55 604 if (bpf_dtab[minor(dev)] == 0) {
91447636 605 bpf_dtab[minor(dev)] = (void *)1; /* Mark opening */
2d21ac55
A		 606 } else {
607 lck_mtx_unlock(bpf_mlock);
91447636 608 return (EBUSY);
2d21ac55 609 }
91447636
A		 610 d = (struct bpf_d *)_MALLOC(sizeof(struct bpf_d), M_DEVBUF, M_WAIT);
611 if (d == NULL) {
612 /* this really is a catastrophic failure */
613 printf("bpfopen: malloc bpf_d failed\n");
2d21ac55
A		 614 bpf_dtab[minor(dev)] = NULL;
615 lck_mtx_unlock(bpf_mlock);
91447636 616 return ENOMEM;
1c79356b 617 }
91447636 618 bzero(d, sizeof(struct bpf_d));
9bccf70c 619
91447636
A		 620 /*
621 * It is not necessary to take the BPF lock here because no other
622 * thread can access the device until it is marked opened...
623 */
624
625 /* Mark "in use" and do most initialization. */
1c79356b
A		 626 d->bd_bufsize = bpf_bufsize;
627 d->bd_sig = SIGIO;
9bccf70c 628 d->bd_seesent = 1;
b0d623f7 629 d->bd_oflags = flags;
2d21ac55
A		 630#if CONFIG_MACF_NET
631 mac_bpfdesc_label_init(d);
632 mac_bpfdesc_label_associate(kauth_cred_get(), d);
633#endif
91447636 634 bpf_dtab[minor(dev)] = d; /* Mark opened */
2d21ac55 635 lck_mtx_unlock(bpf_mlock);
55e303ae 636
1c79356b
A		 637 return (0);
638}
639
640/*
641 * Close the descriptor by detaching it from its interface,
642 * deallocating its buffers, and marking it free.
643 */
644/* ARGSUSED */
2d21ac55
A		 645int
646bpfclose(dev_t dev, __unused int flags, __unused int fmt,
647 __unused struct proc *p)
1c79356b 648{
2d21ac55
A		 649 struct bpf_d *d;
650
651 /* Take BPF lock to ensure no other thread is using the device */
652 lck_mtx_lock(bpf_mlock);
1c79356b 653
55e303ae 654 d = bpf_dtab[minor(dev)];
2d21ac55
A		 655 if (d == 0 || d == (void *)1) {
656 lck_mtx_unlock(bpf_mlock);
91447636 657 return (ENXIO);
2d21ac55 658 }
91447636 659 bpf_dtab[minor(dev)] = (void *)1; /* Mark closing */
55e303ae 660
1c79356b
A		 661 if (d->bd_bif)
662 bpf_detachd(d);
0b4e3aa0 663 selthreadclear(&d->bd_sel);
2d21ac55
A		 664#if CONFIG_MACF_NET
665 mac_bpfdesc_label_destroy(d);
666#endif
1c79356b 667 bpf_freed(d);
91447636 668
2d21ac55
A		 669 /* Mark free in same context as bpfopen comes to check */
670 bpf_dtab[minor(dev)] = NULL; /* Mark closed */
91447636
A		 671 lck_mtx_unlock(bpf_mlock);
672
91447636
A		 673 _FREE(d, M_DEVBUF);
674
1c79356b
A		 675 return (0);
676}
677
1c79356b 678
91447636 679#define BPF_SLEEP bpf_sleep
1c79356b 680
91447636
A		 681static int
682bpf_sleep(struct bpf_d *d, int pri, const char *wmesg, int timo)
1c79356b 683{
2d21ac55 684 int st;
1c79356b 685
91447636
A		 686 lck_mtx_unlock(bpf_mlock);
687
688 st = tsleep((caddr_t)d, pri, wmesg, timo);
689
690 lck_mtx_lock(bpf_mlock);
691
692 return st;
1c79356b 693}
1c79356b
A		 694
695/*
696 * Rotate the packet buffers in descriptor d. Move the store buffer
697 * into the hold slot, and the free buffer into the store slot.
698 * Zero the length of the new store buffer.
699 */
700#define ROTATE_BUFFERS(d) \
701 (d)->bd_hbuf = (d)->bd_sbuf; \
702 (d)->bd_hlen = (d)->bd_slen; \
703 (d)->bd_sbuf = (d)->bd_fbuf; \
704 (d)->bd_slen = 0; \
2d21ac55 705 (d)->bd_fbuf = NULL;
1c79356b
A		 706/*
707 * bpfread - read next chunk of packets from buffers
708 */
2d21ac55 709int
91447636 710bpfread(dev_t dev, struct uio *uio, int ioflag)
1c79356b 711{
2d21ac55 712 struct bpf_d *d;
1c79356b 713 int error;
2d21ac55
A		 714
715 lck_mtx_lock(bpf_mlock);
1c79356b 716
55e303ae 717 d = bpf_dtab[minor(dev)];
2d21ac55
A		 718 if (d == 0 || d == (void *)1) {
719 lck_mtx_unlock(bpf_mlock);
91447636 720 return (ENXIO);
2d21ac55 721 }
55e303ae 722
1c79356b
A		 723
724 /*
725 * Restrict application to use a buffer the same size as
726 * as kernel buffers.
727 */
b0d623f7 728 if (uio_resid(uio) != d->bd_bufsize) {
91447636 729 lck_mtx_unlock(bpf_mlock);
1c79356b
A		 730 return (EINVAL);
731 }
732
1c79356b
A		 733 /*
734 * If the hold buffer is empty, then do a timed sleep, which
735 * ends when the timeout expires or when enough packets
736 * have arrived to fill the store buffer.
737 */
738 while (d->bd_hbuf == 0) {
739 if (d->bd_immediate && d->bd_slen != 0) {
740 /*
741 * A packet(s) either arrived since the previous
742 * read or arrived while we were asleep.
743 * Rotate the buffers and return what's here.
744 */
745 ROTATE_BUFFERS(d);
746 break;
747 }
9bccf70c
A		 748
749 /*
750 * No data is available, check to see if the bpf device
751 * is still pointed at a real interface. If not, return
752 * ENXIO so that the userland process knows to rebind
753 * it before using it again.
754 */
755 if (d->bd_bif == NULL) {
91447636 756 lck_mtx_unlock(bpf_mlock);
9bccf70c
A		 757 return (ENXIO);
758 }
b0d623f7
A		 759 if (ioflag & IO_NDELAY) {
760 lck_mtx_unlock(bpf_mlock);
761 return (EWOULDBLOCK);
762 }
763 error = BPF_SLEEP(d, PRINET|PCATCH, "bpf",
764 d->bd_rtout);
2d21ac55
A		 765 /*
766 * Make sure device is still opened
767 */
768 d = bpf_dtab[minor(dev)];
769 if (d == 0 || d == (void *)1) {
770 lck_mtx_unlock(bpf_mlock);
771 return (ENXIO);
772 }
1c79356b 773 if (error == EINTR || error == ERESTART) {
91447636 774 lck_mtx_unlock(bpf_mlock);
1c79356b
A		 775 return (error);
776 }
777 if (error == EWOULDBLOCK) {
778 /*
779 * On a timeout, return what's in the buffer,
780 * which may be nothing. If there is something
781 * in the store buffer, we can rotate the buffers.
782 */
783 if (d->bd_hbuf)
784 /*
785 * We filled up the buffer in between
786 * getting the timeout and arriving
787 * here, so we don't need to rotate.
788 */
789 break;
790
791 if (d->bd_slen == 0) {
91447636 792 lck_mtx_unlock(bpf_mlock);
1c79356b
A		 793 return (0);
794 }
795 ROTATE_BUFFERS(d);
796 break;
797 }
798 }
799 /*
800 * At this point, we know we have something in the hold slot.
801 */
1c79356b
A		 802
803 /*
804 * Move data from hold buffer into user space.
805 * We know the entire buffer is transferred since
806 * we checked above that the read buffer is bpf_bufsize bytes.
807 */
808 error = UIOMOVE(d->bd_hbuf, d->bd_hlen, UIO_READ, uio);
809
1c79356b 810 d->bd_fbuf = d->bd_hbuf;
2d21ac55 811 d->bd_hbuf = NULL;
1c79356b 812 d->bd_hlen = 0;
91447636 813 lck_mtx_unlock(bpf_mlock);
1c79356b
A		 814 return (error);
815}
816
817
818/*
819 * If there are processes sleeping on this descriptor, wake them up.
820 */
91447636
A		 821static void
822bpf_wakeup(struct bpf_d *d)
1c79356b
A		 823{
824 wakeup((caddr_t)d);
825 if (d->bd_async && d->bd_sig && d->bd_sigio)
2d21ac55 826 pgsigio(d->bd_sigio, d->bd_sig);
1c79356b
A		 827
828#if BSD >= 199103
1c79356b 829 selwakeup(&d->bd_sel);
b0d623f7 830 KNOTE(&d->bd_sel.si_note, 1);
9bccf70c
A		 831#ifndef __APPLE__
832 /* XXX */
833 d->bd_sel.si_pid = 0;
834#endif
1c79356b
A		 835#else
836 if (d->bd_selproc) {
1c79356b 837 selwakeup(d->bd_selproc, (int)d->bd_selcoll);
1c79356b
A		 838 d->bd_selcoll = 0;
839 d->bd_selproc = 0;
840 }
841#endif
842}
843
55e303ae
A		 844/* keep in sync with bpf_movein above: */
845#define MAX_DATALINK_HDR_LEN (sizeof(struct firewire_header))
846
2d21ac55 847int
91447636 848bpfwrite(dev_t dev, struct uio *uio, __unused int ioflag)
1c79356b 849{
2d21ac55 850 struct bpf_d *d;
1c79356b 851 struct ifnet *ifp;
2d21ac55 852 struct mbuf *m = NULL;
91447636 853 int error;
55e303ae 854 char dst_buf[SOCKADDR_HDR_LEN + MAX_DATALINK_HDR_LEN];
b0d623f7 855 int datlen = 0;
1c79356b 856
2d21ac55
A		 857 lck_mtx_lock(bpf_mlock);
858
55e303ae 859 d = bpf_dtab[minor(dev)];
2d21ac55
A		 860 if (d == 0 || d == (void *)1) {
861 lck_mtx_unlock(bpf_mlock);
91447636 862 return (ENXIO);
2d21ac55 863 }
1c79356b 864 if (d->bd_bif == 0) {
91447636 865 lck_mtx_unlock(bpf_mlock);
2d21ac55 866 return (ENXIO);
1c79356b
A		 867 }
868
869 ifp = d->bd_bif->bif_ifp;
870
b0d623f7 871 if (uio_resid(uio) == 0) {
91447636 872 lck_mtx_unlock(bpf_mlock);
2d21ac55 873 return (0);
1c79356b 874 }
55e303ae
A		 875 ((struct sockaddr *)dst_buf)->sa_len = sizeof(dst_buf);
876 error = bpf_movein(uio, (int)d->bd_bif->bif_dlt, &m,
2d21ac55
A		 877 d->bd_hdrcmplt ? NULL : (struct sockaddr *)dst_buf,
878 &datlen);
1c79356b 879 if (error) {
91447636 880 lck_mtx_unlock(bpf_mlock);
2d21ac55 881 return (error);
1c79356b
A		 882 }
883
91447636
A		 884 if ((unsigned)datlen > ifp->if_mtu) {
885 lck_mtx_unlock(bpf_mlock);
2d21ac55
A		 886 m_freem(m);
887 return (EMSGSIZE);
888 }
889
890 if ((error = ifp_use(ifp, kIfNetUseCount_MustNotBeZero)) != 0) {
891 lck_mtx_unlock(bpf_mlock);
892 m_freem(m);
893 return (error);
1c79356b
A		 894 }
895
2d21ac55
A		 896#if CONFIG_MACF_NET
897 mac_mbuf_label_associate_bpfdesc(d, m);
898#endif
91447636
A		 899 lck_mtx_unlock(bpf_mlock);
900
55e303ae 901 if (d->bd_hdrcmplt) {
2d21ac55
A		 902 if (d->bd_bif->bif_send)
903 error = d->bd_bif->bif_send(ifp, d->bd_bif->bif_dlt, m);
904 else
905 error = dlil_output(ifp, 0, m, NULL, NULL, 1);
55e303ae 906 }
91447636
A		 907 else {
908 error = dlil_output(ifp, PF_INET, m, NULL, (struct sockaddr *)dst_buf, 0);
909 }
910
2d21ac55
A		 911 if (ifp_unuse(ifp) != 0)
912 ifp_use_reached_zero(ifp);
913
1c79356b
A		 914 /*
915 * The driver frees the mbuf.
916 */
917 return (error);
918}
919
920/*
921 * Reset a descriptor by flushing its packet buffer and clearing the
2d21ac55 922 * receive and drop counts.
1c79356b
A		 923 */
924static void
91447636 925reset_d(struct bpf_d *d)
1c79356b
A		 926{
927 if (d->bd_hbuf) {
928 /* Free the hold buffer. */
929 d->bd_fbuf = d->bd_hbuf;
2d21ac55 930 d->bd_hbuf = NULL;
1c79356b
A		 931 }
932 d->bd_slen = 0;
933 d->bd_hlen = 0;
934 d->bd_rcount = 0;
935 d->bd_dcount = 0;
936}
937
938/*
939 * FIONREAD Check for read packet available.
940 * SIOCGIFADDR Get interface address - convenient hook to driver.
941 * BIOCGBLEN Get buffer len [for read()].
942 * BIOCSETF Set ethernet read filter.
943 * BIOCFLUSH Flush read packet buffer.
944 * BIOCPROMISC Put interface into promiscuous mode.
945 * BIOCGDLT Get link layer type.
946 * BIOCGETIF Get interface name.
947 * BIOCSETIF Set interface.
948 * BIOCSRTIMEOUT Set read timeout.
949 * BIOCGRTIMEOUT Get read timeout.
950 * BIOCGSTATS Get packet stats.
951 * BIOCIMMEDIATE Set immediate mode.
952 * BIOCVERSION Get filter language version.
9bccf70c
A		 953 * BIOCGHDRCMPLT Get "header already complete" flag
954 * BIOCSHDRCMPLT Set "header already complete" flag
955 * BIOCGSEESENT Get "see packets sent" flag
956 * BIOCSSEESENT Set "see packets sent" flag
1c79356b
A		 957 */
958/* ARGSUSED */
9bccf70c 959int
2d21ac55 960bpfioctl(dev_t dev, u_long cmd, caddr_t addr, __unused int flags,
b0d623f7 961 struct proc *p)
1c79356b 962{
2d21ac55
A		 963 struct bpf_d *d;
964 int error = 0;
965
966 lck_mtx_lock(bpf_mlock);
1c79356b 967
55e303ae 968 d = bpf_dtab[minor(dev)];
2d21ac55
A		 969 if (d == 0 || d == (void *)1) {
970 lck_mtx_unlock(bpf_mlock);
91447636 971 return (ENXIO);
2d21ac55 972 }
1c79356b
A		 973
974 switch (cmd) {
975
976 default:
977 error = EINVAL;
978 break;
979
980 /*
981 * Check for read packet available.
982 */
983 case FIONREAD:
984 {
985 int n;
986
1c79356b
A		 987 n = d->bd_slen;
988 if (d->bd_hbuf)
989 n += d->bd_hlen;
1c79356b
A		 990
991 *(int *)addr = n;
992 break;
993 }
994
995 case SIOCGIFADDR:
996 {
997 struct ifnet *ifp;
998
999 if (d->bd_bif == 0)
1000 error = EINVAL;
1001 else {
1002 ifp = d->bd_bif->bif_ifp;
2d21ac55 1003 error = ifnet_ioctl(ifp, 0, cmd, addr);
1c79356b
A		 1004 }
1005 break;
1006 }
1007
1008 /*
1009 * Get buffer len [for read()].
1010 */
1011 case BIOCGBLEN:
1012 *(u_int *)addr = d->bd_bufsize;
1013 break;
1014
1015 /*
1016 * Set buffer length.
1017 */
1018 case BIOCSBLEN:
1019#if BSD < 199103
1020 error = EINVAL;
1021#else
1022 if (d->bd_bif != 0)
1023 error = EINVAL;
1024 else {
2d21ac55 1025 u_int size = *(u_int *)addr;
1c79356b 1026
9bccf70c
A		 1027 if (size > bpf_maxbufsize)
1028 *(u_int *)addr = size = bpf_maxbufsize;
1c79356b
A		 1029 else if (size < BPF_MINBUFSIZE)
1030 *(u_int *)addr = size = BPF_MINBUFSIZE;
1031 d->bd_bufsize = size;
1032 }
1033#endif
1034 break;
1035
1036 /*
1037 * Set link layer read filter.
1038 */
b0d623f7
A		 1039 case BIOCSETF32: {
1040 struct bpf_program32 *prg32 = (struct bpf_program32 *)addr;
1041 error = bpf_setf(d, prg32->bf_len,
1042 CAST_USER_ADDR_T(prg32->bf_insns));
1c79356b 1043 break;
2d21ac55 1044 }
b0d623f7
A		 1045
1046 case BIOCSETF64: {
1047 struct bpf_program64 *prg64 = (struct bpf_program64 *)addr;
1048 error = bpf_setf(d, prg64->bf_len, prg64->bf_insns);
1049 break;
1050 }
1051
1c79356b
A		 1052 /*
1053 * Flush read packet buffer.
1054 */
1055 case BIOCFLUSH:
1c79356b 1056 reset_d(d);
1c79356b
A		 1057 break;
1058
1059 /*
1060 * Put interface into promiscuous mode.
1061 */
1062 case BIOCPROMISC:
1063 if (d->bd_bif == 0) {
1064 /*
1065 * No interface attached yet.
1066 */
1067 error = EINVAL;
1068 break;
1069 }
1c79356b 1070 if (d->bd_promisc == 0) {
2d21ac55 1071 lck_mtx_unlock(bpf_mlock);
91447636 1072 error = ifnet_set_promiscuous(d->bd_bif->bif_ifp, 1);
2d21ac55 1073 lck_mtx_lock(bpf_mlock);
1c79356b
A		 1074 if (error == 0)
1075 d->bd_promisc = 1;
1076 }
1c79356b
A		 1077 break;
1078
1079 /*
1080 * Get device parameters.
1081 */
1082 case BIOCGDLT:
1083 if (d->bd_bif == 0)
1084 error = EINVAL;
1085 else
1086 *(u_int *)addr = d->bd_bif->bif_dlt;
1087 break;
1088
2d21ac55
A		 1089 /*
1090 * Get a list of supported data link types.
1091 */
1092 case BIOCGDLTLIST:
b0d623f7
A		 1093 if (d->bd_bif == NULL) {
1094 error = EINVAL;
1095 } else {
1096 error = bpf_getdltlist(d,
1097 (struct bpf_dltlist *)addr, p);
1098 }
1099 break;
2d21ac55
A		 1100
1101 /*
1102 * Set data link type.
1103 */
1104 case BIOCSDLT:
1105 if (d->bd_bif == NULL)
1106 error = EINVAL;
1107 else
1108 error = bpf_setdlt(d, *(u_int *)addr);
1109 break;
1110
1c79356b 1111 /*
9bccf70c 1112 * Get interface name.
1c79356b
A		 1113 */
1114 case BIOCGETIF:
1115 if (d->bd_bif == 0)
1116 error = EINVAL;
9bccf70c
A		 1117 else {
1118 struct ifnet *const ifp = d->bd_bif->bif_ifp;
1119 struct ifreq *const ifr = (struct ifreq *)addr;
1120
1121 snprintf(ifr->ifr_name, sizeof(ifr->ifr_name),
1122 "%s%d", ifp->if_name, ifp->if_unit);
1123 }
1c79356b
A		 1124 break;
1125
1126 /*
1127 * Set interface.
1128 */
2d21ac55
A		 1129 case BIOCSETIF: {
1130 ifnet_t ifp;
1131 ifp = ifunit(((struct ifreq *)addr)->ifr_name);
1132 if (ifp == NULL)
1133 error = ENXIO;
1134 else
1135 error = bpf_setif(d, ifp, 0);
1c79356b 1136 break;
2d21ac55 1137 }
1c79356b
A		 1138
1139 /*
1140 * Set read timeout.
1141 */
1142 case BIOCSRTIMEOUT:
1143 {
b0d623f7
A		 1144 struct BPF_TIMEVAL *_tv = (struct BPF_TIMEVAL *)addr;
1145 struct timeval tv;
1146
1147 tv.tv_sec = _tv->tv_sec;
1148 tv.tv_usec = _tv->tv_usec;
1c79356b
A		 1149
1150 /*
1151 * Subtract 1 tick from tvtohz() since this isn't
1152 * a one-shot timer.
1153 */
b0d623f7
A		 1154 if ((error = itimerfix(&tv)) == 0)
1155 d->bd_rtout = tvtohz(&tv) - 1;
1c79356b
A		 1156 break;
1157 }
1158
1159 /*
1160 * Get read timeout.
1161 */
1162 case BIOCGRTIMEOUT:
1163 {
b0d623f7 1164 struct BPF_TIMEVAL *tv = (struct BPF_TIMEVAL *)addr;
1c79356b
A		 1165
1166 tv->tv_sec = d->bd_rtout / hz;
1167 tv->tv_usec = (d->bd_rtout % hz) * tick;
1168 break;
1169 }
1170
1171 /*
1172 * Get packet stats.
1173 */
1174 case BIOCGSTATS:
1175 {
1176 struct bpf_stat *bs = (struct bpf_stat *)addr;
1177
1178 bs->bs_recv = d->bd_rcount;
1179 bs->bs_drop = d->bd_dcount;
1180 break;
1181 }
1182
1183 /*
1184 * Set immediate mode.
1185 */
1186 case BIOCIMMEDIATE:
1187 d->bd_immediate = *(u_int *)addr;
1188 break;
1189
1190 case BIOCVERSION:
1191 {
1192 struct bpf_version *bv = (struct bpf_version *)addr;
1193
1194 bv->bv_major = BPF_MAJOR_VERSION;
1195 bv->bv_minor = BPF_MINOR_VERSION;
1196 break;
1197 }
1198
9bccf70c
A		 1199 /*
1200 * Get "header already complete" flag
1201 */
1202 case BIOCGHDRCMPLT:
1203 *(u_int *)addr = d->bd_hdrcmplt;
1204 break;
1205
1206 /*
1207 * Set "header already complete" flag
1208 */
1209 case BIOCSHDRCMPLT:
1210 d->bd_hdrcmplt = *(u_int *)addr ? 1 : 0;
1211 break;
1212
1213 /*
1214 * Get "see sent packets" flag
1215 */
1216 case BIOCGSEESENT:
1217 *(u_int *)addr = d->bd_seesent;
1218 break;
1219
1220 /*
1221 * Set "see sent packets" flag
1222 */
1223 case BIOCSSEESENT:
1224 d->bd_seesent = *(u_int *)addr;
1225 break;
1226
1c79356b
A		 1227 case FIONBIO: /* Non-blocking I/O */
1228 break;
1229
1230 case FIOASYNC: /* Send signal on receive packets */
1231 d->bd_async = *(int *)addr;
1232 break;
9bccf70c 1233#ifndef __APPLE__
1c79356b
A		 1234 case FIOSETOWN:
1235 error = fsetown(*(int *)addr, &d->bd_sigio);
1236 break;
1237
1238 case FIOGETOWN:
1239 *(int *)addr = fgetown(d->bd_sigio);
1240 break;
1241
1242 /* This is deprecated, FIOSETOWN should be used instead. */
1243 case TIOCSPGRP:
1244 error = fsetown(-(*(int *)addr), &d->bd_sigio);
1245 break;
1246
1247 /* This is deprecated, FIOGETOWN should be used instead. */
1248 case TIOCGPGRP:
1249 *(int *)addr = -fgetown(d->bd_sigio);
1250 break;
1251#endif
1252 case BIOCSRSIG: /* Set receive signal */
1253 {
1254 u_int sig;
1255
1256 sig = *(u_int *)addr;
1257
1258 if (sig >= NSIG)
1259 error = EINVAL;
1260 else
1261 d->bd_sig = sig;
1262 break;
1263 }
1264 case BIOCGRSIG:
1265 *(u_int *)addr = d->bd_sig;
1266 break;
1267 }
91447636
A		 1268
1269 lck_mtx_unlock(bpf_mlock);
b0d623f7 1270
1c79356b
A		 1271 return (error);
1272}
1273
1274/*
1275 * Set d's packet filter program to fp. If this file already has a filter,
1276 * free it and replace it. Returns EINVAL for bogus requests.
1277 */
1278static int
2d21ac55 1279bpf_setf(struct bpf_d *d, u_int bf_len, user_addr_t bf_insns)
1c79356b
A		 1280{
1281 struct bpf_insn *fcode, *old;
1282 u_int flen, size;
1c79356b
A		 1283
1284 old = d->bd_filter;
2d21ac55
A		 1285 if (bf_insns == USER_ADDR_NULL) {
1286 if (bf_len != 0)
1c79356b 1287 return (EINVAL);
2d21ac55 1288 d->bd_filter = NULL;
1c79356b 1289 reset_d(d);
1c79356b
A		 1290 if (old != 0)
1291 FREE((caddr_t)old, M_DEVBUF);
1292 return (0);
1293 }
2d21ac55 1294 flen = bf_len;
1c79356b
A		 1295 if (flen > BPF_MAXINSNS)
1296 return (EINVAL);
1297
91447636 1298 size = flen * sizeof(struct bpf_insn);
1c79356b 1299 fcode = (struct bpf_insn *) _MALLOC(size, M_DEVBUF, M_WAIT);
9bccf70c 1300#ifdef __APPLE__
0b4e3aa0
A		 1301 if (fcode == NULL)
1302 return (ENOBUFS);
9bccf70c 1303#endif
2d21ac55 1304 if (copyin(bf_insns, (caddr_t)fcode, size) == 0 &&
1c79356b 1305 bpf_validate(fcode, (int)flen)) {
1c79356b
A		 1306 d->bd_filter = fcode;
1307 reset_d(d);
1c79356b
A		 1308 if (old != 0)
1309 FREE((caddr_t)old, M_DEVBUF);
1310
1311 return (0);
1312 }
1313 FREE((caddr_t)fcode, M_DEVBUF);
1314 return (EINVAL);
1315}
1316
1317/*
1318 * Detach a file from its current interface (if attached at all) and attach
1319 * to the interface indicated by the name stored in ifr.
1320 * Return an errno or 0.
1321 */
1322static int
2d21ac55 1323bpf_setif(struct bpf_d *d, ifnet_t theywant, u_int32_t dlt)
1c79356b
A		 1324{
1325 struct bpf_if *bp;
2d21ac55
A		 1326 int error;
1327
1c79356b
A		 1328 /*
1329 * Look through attached interfaces for the named one.
1330 */
1331 for (bp = bpf_iflist; bp != 0; bp = bp->bif_next) {
1332 struct ifnet *ifp = bp->bif_ifp;
1333
2d21ac55 1334 if (ifp == 0 || ifp != theywant || (dlt != 0 && dlt != bp->bif_dlt))
1c79356b
A		 1335 continue;
1336 /*
1337 * We found the requested interface.
1338 * If it's not up, return an error.
1339 * Allocate the packet buffers if we need to.
1340 * If we're already attached to requested interface,
1341 * just flush the buffer.
1342 */
1343 if ((ifp->if_flags & IFF_UP) == 0)
1344 return (ENETDOWN);
1345
1346 if (d->bd_sbuf == 0) {
1347 error = bpf_allocbufs(d);
1348 if (error != 0)
1349 return (error);
1350 }
1c79356b
A		 1351 if (bp != d->bd_bif) {
1352 if (d->bd_bif)
1353 /*
1354 * Detach if attached to something else.
1355 */
1356 bpf_detachd(d);
1357
2d21ac55
A		 1358 if (bpf_attachd(d, bp) != 0) {
1359 return ENXIO;
1360 }
1c79356b
A		 1361 }
1362 reset_d(d);
1c79356b
A		 1363 return (0);
1364 }
1365 /* Not found. */
1366 return (ENXIO);
1367}
1368
2d21ac55
A		 1369
1370
1371/*
1372 * Get a list of available data link type of the interface.
1373 */
1374static int
b0d623f7 1375bpf_getdltlist(struct bpf_d *d, struct bpf_dltlist *bfl, struct proc *p)
2d21ac55 1376{
b0d623f7
A		 1377 u_int n;
1378 int error;
2d21ac55
A		 1379 struct ifnet *ifp;
1380 struct bpf_if *bp;
b0d623f7
A		 1381 user_addr_t dlist;
1382
1383 if (proc_is64bit(p)) {
1384 dlist = (user_addr_t)bfl->bfl_u.bflu_pad;
1385 } else {
2d21ac55
A		 1386 dlist = CAST_USER_ADDR_T(bfl->bfl_u.bflu_list);
1387 }
b0d623f7 1388
2d21ac55
A		 1389 ifp = d->bd_bif->bif_ifp;
1390 n = 0;
1391 error = 0;
1392 for (bp = bpf_iflist; bp; bp = bp->bif_next) {
1393 if (bp->bif_ifp != ifp)
1394 continue;
b0d623f7 1395 if (dlist != USER_ADDR_NULL) {
2d21ac55
A		 1396 if (n >= bfl->bfl_len) {
1397 return (ENOMEM);
1398 }
b0d623f7
A		 1399 error = copyout(&bp->bif_dlt, dlist,
1400 sizeof (bp->bif_dlt));
1401 dlist += sizeof (bp->bif_dlt);
2d21ac55
A		 1402 }
1403 n++;
1404 }
1405 bfl->bfl_len = n;
1406 return (error);
1407}
1408
1409/*
1410 * Set the data link type of a BPF instance.
1411 */
1412static int
1413bpf_setdlt(struct bpf_d *d, uint32_t dlt)
1414
1415
1416{
1417 int error, opromisc;
1418 struct ifnet *ifp;
1419 struct bpf_if *bp;
1420
1421 if (d->bd_bif->bif_dlt == dlt)
1422 return (0);
1423 ifp = d->bd_bif->bif_ifp;
1424 for (bp = bpf_iflist; bp; bp = bp->bif_next) {
1425 if (bp->bif_ifp == ifp && bp->bif_dlt == dlt)
1426 break;
1427 }
1428 if (bp != NULL) {
1429 opromisc = d->bd_promisc;
1430 bpf_detachd(d);
1431 error = bpf_attachd(d, bp);
1432 if (error) {
1433 printf("bpf_setdlt: bpf_attachd %s%d failed (%d)\n",
1434 ifnet_name(bp->bif_ifp), ifnet_unit(bp->bif_ifp), error);
1435 return error;
1436 }
1437 reset_d(d);
1438 if (opromisc) {
1439 lck_mtx_unlock(bpf_mlock);
1440 error = ifnet_set_promiscuous(bp->bif_ifp, 1);
1441 lck_mtx_lock(bpf_mlock);
1442 if (error)
1443 printf("bpf_setdlt: ifpromisc %s%d failed (%d)\n",
1444 ifnet_name(bp->bif_ifp), ifnet_unit(bp->bif_ifp), error);
1445 else
1446 d->bd_promisc = 1;
1447 }
1448 }
1449 return (bp == NULL ? EINVAL : 0);
1450}
1451
1c79356b 1452/*
b0d623f7 1453 * Support for select()
1c79356b
A		 1454 *
1455 * Return true iff the specific operation will not block indefinitely.
1456 * Otherwise, return false but make a note that a selwakeup() must be done.
1457 */
1458int
91447636 1459bpfpoll(dev_t dev, int events, void * wql, struct proc *p)
1c79356b 1460{
2d21ac55 1461 struct bpf_d *d;
1c79356b
A		 1462 int revents = 0;
1463
2d21ac55
A		 1464 lck_mtx_lock(bpf_mlock);
1465
55e303ae 1466 d = bpf_dtab[minor(dev)];
2d21ac55
A		 1467 if (d == 0 || d == (void *)1) {
1468 lck_mtx_unlock(bpf_mlock);
91447636 1469 return (ENXIO);
2d21ac55 1470 }
55e303ae 1471
1c79356b
A		 1472 /*
1473 * An imitation of the FIONREAD ioctl code.
1474 */
9bccf70c 1475 if (d->bd_bif == NULL) {
91447636 1476 lck_mtx_unlock(bpf_mlock);
9bccf70c
A		 1477 return (ENXIO);
1478 }
1479
9bccf70c 1480 if (events & (POLLIN | POLLRDNORM)) {
1c79356b
A		 1481 if (d->bd_hlen != 0 || (d->bd_immediate && d->bd_slen != 0))
1482 revents |= events & (POLLIN | POLLRDNORM);
1483 else
0b4e3aa0 1484 selrecord(p, &d->bd_sel, wql);
9bccf70c 1485 }
91447636
A		 1486
1487 lck_mtx_unlock(bpf_mlock);
1c79356b
A		 1488 return (revents);
1489}
1490
b0d623f7
A		 1491/*
1492 * Support for kevent() system call. Register EVFILT_READ filters and
1493 * reject all others.
1494 */
1495int bpfkqfilter(dev_t dev, struct knote *kn);
1496static void filt_bpfdetach(struct knote *);
1497static int filt_bpfread(struct knote *, long);
1498
1499static struct filterops bpfread_filtops = {
1500 .f_isfd = 1,
1501 .f_detach = filt_bpfdetach,
1502 .f_event = filt_bpfread,
1503};
1504
1505int
1506bpfkqfilter(dev_t dev, struct knote *kn)
1507{
1508 struct bpf_d *d;
1509
1510 /*
1511 * Is this device a bpf?
1512 */
1513 if (major(dev) != CDEV_MAJOR) {
1514 return (EINVAL);
1515 }
1516
1517 if (kn->kn_filter != EVFILT_READ) {
1518 return (EINVAL);
1519 }
1520
1521 lck_mtx_lock(bpf_mlock);
1522
1523 d = bpf_dtab[minor(dev)];
1524 if (d == 0 || d == (void *)1) {
1525 lck_mtx_unlock(bpf_mlock);
1526 return (ENXIO);
1527 }
1528
1529 /*
1530 * An imitation of the FIONREAD ioctl code.
1531 */
1532 if (d->bd_bif == NULL) {
1533 lck_mtx_unlock(bpf_mlock);
1534 return (ENXIO);
1535 }
1536
1537 kn->kn_hook = d;
1538 kn->kn_fop = &bpfread_filtops;
1539 KNOTE_ATTACH(&d->bd_sel.si_note, kn);
1540 lck_mtx_unlock(bpf_mlock);
1541 return 0;
1542}
1543
1544static void
1545filt_bpfdetach(struct knote *kn)
1546{
1547 struct bpf_d *d = (struct bpf_d *)kn->kn_hook;
1548
1549 lck_mtx_lock(bpf_mlock);
1550 KNOTE_DETACH(&d->bd_sel.si_note, kn);
1551 lck_mtx_unlock(bpf_mlock);
1552}
1553
1554static int
1555filt_bpfread(struct knote *kn, long hint)
1556{
1557 struct bpf_d *d = (struct bpf_d *)kn->kn_hook;
1558 int ready = 0;
1559
1560 if (hint == 0)
1561 lck_mtx_lock(bpf_mlock);
1562
1563 if (d->bd_immediate) {
1564 kn->kn_data = (d->bd_hlen == 0 ? d->bd_slen : d->bd_hlen);
1565 ready = (kn->kn_data >= ((kn->kn_sfflags & NOTE_LOWAT) ?
1566 kn->kn_sdata : 1));
1567 } else {
1568 kn->kn_data = d->bd_hlen;
1569 ready = (kn->kn_data > 0);
1570 }
1571
1572 if (hint == 0)
1573 lck_mtx_unlock(bpf_mlock);
1574 return (ready);
1575}
1576
2d21ac55
A		 1577static inline void*
1578_cast_non_const(const void * ptr) {
1579 union {
1580 const void* cval;
1581 void* val;
1582 } ret;
91447636 1583
2d21ac55
A		 1584 ret.cval = ptr;
1585 return (ret.val);
1c79356b
A		 1586}
1587
1588/*
1589 * Copy data from an mbuf chain into a buffer. This code is derived
1590 * from m_copydata in sys/uipc_mbuf.c.
1591 */
1592static void
91447636 1593bpf_mcopy(const void *src_arg, void *dst_arg, size_t len)
1c79356b 1594{
2d21ac55 1595 struct mbuf *m = _cast_non_const(src_arg);
91447636 1596 u_int count;
1c79356b
A		 1597 u_char *dst;
1598
1c79356b
A		 1599 dst = dst_arg;
1600 while (len > 0) {
1601 if (m == 0)
1602 panic("bpf_mcopy");
1603 count = min(m->m_len, len);
2d21ac55 1604 bcopy(mbuf_data(m), dst, count);
1c79356b
A		 1605 m = m->m_next;
1606 dst += count;
1607 len -= count;
1608 }
1609}
1610
2d21ac55
A		 1611static inline void
1612bpf_tap_imp(
1613 ifnet_t ifp,
1614 u_int32_t dlt,
1615 mbuf_t m,
1616 void* hdr,
1617 size_t hlen,
1618 int outbound)
1c79356b 1619{
91447636 1620 struct bpf_if *bp;
1c79356b 1621
2d21ac55
A		 1622 /*
1623 * It's possible that we get here after the bpf descriptor has been
1624 * detached from the interface; in such a case we simply return.
1625 * Lock ordering is important since we can be called asynchronously
1626 * (from the IOKit) to process an inbound packet; when that happens
1627 * we would have been holding its "gateLock" and will be acquiring
1628 * "bpf_mlock" upon entering this routine. Due to that, we release
1629 * "bpf_mlock" prior to calling ifnet_set_promiscuous (which will
1630 * acquire "gateLock" in the IOKit), in order to avoid a deadlock
1631 * when a ifnet_set_promiscuous request simultaneously collides with
1632 * an inbound packet being passed into the tap callback.
1633 */
91447636 1634 lck_mtx_lock(bpf_mlock);
2d21ac55
A		 1635 if (ifp->if_bpf == NULL) {
1636 lck_mtx_unlock(bpf_mlock);
1637 return;
1638 }
91447636 1639 bp = ifp->if_bpf;
2d21ac55
A		 1640 for (bp = ifp->if_bpf; bp && bp->bif_ifp == ifp &&
1641 (dlt != 0 && bp->bif_dlt != dlt); bp = bp->bif_next)
1642 ;
1643 if (bp && bp->bif_ifp == ifp && bp->bif_dlist != NULL) {
1644 struct bpf_d *d;
1645 struct m_hdr hack_hdr;
1646 u_int pktlen = 0;
1647 u_int slen = 0;
1648 struct mbuf *m0;
1649
1650 if (hdr) {
1651 /*
1652 * This is gross. We mock up an mbuf that points to the
1653 * header buffer. This means we don't have to copy the
1654 * header. A number of interfaces prepended headers just
1655 * for bpf by allocating an mbuf on the stack. We want to
1656 * give developers an easy way to prepend a header for bpf.
1657 * Since a developer allocating an mbuf on the stack is bad,
1658 * we do even worse here, allocating only a header to point
1659 * to a buffer the developer supplied. This makes assumptions
1660 * that bpf_filter and catchpacket will not look at anything
1661 * in the mbuf other than the header. This was true at the
1662 * time this code was written.
1663 */
1664 hack_hdr.mh_next = m;
1665 hack_hdr.mh_nextpkt = NULL;
1666 hack_hdr.mh_len = hlen;
1667 hack_hdr.mh_data = hdr;
1668 hack_hdr.mh_type = m->m_type;
1669 hack_hdr.mh_flags = 0;
1670
1671 m = (mbuf_t)&hack_hdr;
1672 }
1673
1674 for (m0 = m; m0 != 0; m0 = m0->m_next)
1675 pktlen += m0->m_len;
1676
1677 for (d = bp->bif_dlist; d; d = d->bd_next) {
1678 if (outbound && !d->bd_seesent)
91447636
A		 1679 continue;
1680 ++d->bd_rcount;
1681 slen = bpf_filter(d->bd_filter, (u_char *)m, pktlen, 0);
2d21ac55
A		 1682 if (slen != 0) {
1683#if CONFIG_MACF_NET
1684 if (mac_bpfdesc_check_receive(d, bp->bif_ifp) != 0)
1685 continue;
1686#endif
91447636 1687 catchpacket(d, (u_char *)m, pktlen, slen, bpf_mcopy);
2d21ac55 1688 }
91447636 1689 }
1c79356b 1690 }
91447636 1691 lck_mtx_unlock(bpf_mlock);
1c79356b
A		 1692}
1693
2d21ac55
A		 1694void
1695bpf_tap_out(
1696 ifnet_t ifp,
1697 u_int32_t dlt,
1698 mbuf_t m,
1699 void* hdr,
1700 size_t hlen)
1701{
1702 bpf_tap_imp(ifp, dlt, m, hdr, hlen, 1);
1703}
1704
1705void
1706bpf_tap_in(
1707 ifnet_t ifp,
1708 u_int32_t dlt,
1709 mbuf_t m,
1710 void* hdr,
1711 size_t hlen)
1712{
1713 bpf_tap_imp(ifp, dlt, m, hdr, hlen, 0);
1714}
1715
1716/* Callback registered with Ethernet driver. */
1717static int bpf_tap_callback(struct ifnet *ifp, struct mbuf *m)
1718{
1719 bpf_tap_imp(ifp, 0, m, NULL, 0, mbuf_pkthdr_rcvif(m) == NULL);
1720
1721 return 0;
1722}
1723
1c79356b
A		 1724/*
1725 * Move the packet data from interface memory (pkt) into the
1726 * store buffer. Return 1 if it's time to wakeup a listener (buffer full),
1727 * otherwise 0. "copy" is the routine called to do the actual data
1728 * transfer. bcopy is passed in to copy contiguous chunks, while
1729 * bpf_mcopy is passed in to copy mbuf chains. In the latter case,
1730 * pkt is really an mbuf.
1731 */
1732static void
91447636
A		 1733catchpacket(struct bpf_d *d, u_char *pkt, u_int pktlen, u_int snaplen,
1734 void (*cpfn)(const void *, void *, size_t))
1c79356b 1735{
2d21ac55
A		 1736 struct bpf_hdr *hp;
1737 int totlen, curlen;
1738 int hdrlen = d->bd_bif->bif_hdrlen;
1c79356b
A		 1739 /*
1740 * Figure out how many bytes to move. If the packet is
1741 * greater or equal to the snapshot length, transfer that
1742 * much. Otherwise, transfer the whole packet (unless
1743 * we hit the buffer size limit).
1744 */
1745 totlen = hdrlen + min(snaplen, pktlen);
1746 if (totlen > d->bd_bufsize)
1747 totlen = d->bd_bufsize;
1748
1749 /*
1750 * Round up the end of the previous packet to the next longword.
1751 */
1752 curlen = BPF_WORDALIGN(d->bd_slen);
1753 if (curlen + totlen > d->bd_bufsize) {
1754 /*
1755 * This packet will overflow the storage buffer.
1756 * Rotate the buffers if we can, then wakeup any
1757 * pending reads.
1758 */
1759 if (d->bd_fbuf == 0) {
1760 /*
1761 * We haven't completed the previous read yet,
1762 * so drop the packet.
1763 */
1764 ++d->bd_dcount;
1765 return;
1766 }
1767 ROTATE_BUFFERS(d);
1768 bpf_wakeup(d);
1769 curlen = 0;
1770 }
1771 else if (d->bd_immediate)
1772 /*
1773 * Immediate mode is set. A packet arrived so any
1774 * reads should be woken up.
1775 */
1776 bpf_wakeup(d);
1777
1778 /*
1779 * Append the bpf header.
1780 */
1781 hp = (struct bpf_hdr *)(d->bd_sbuf + curlen);
b0d623f7
A		 1782 struct timeval tv;
1783 microtime(&tv);
1784 hp->bh_tstamp.tv_sec = tv.tv_sec;
1785 hp->bh_tstamp.tv_usec = tv.tv_usec;
1c79356b
A		 1786 hp->bh_datalen = pktlen;
1787 hp->bh_hdrlen = hdrlen;
1788 /*
1789 * Copy the packet data into the store buffer and update its length.
1790 */
1791 (*cpfn)(pkt, (u_char *)hp + hdrlen, (hp->bh_caplen = totlen - hdrlen));
1792 d->bd_slen = curlen + totlen;
1793}
1794
1795/*
1796 * Initialize all nonzero fields of a descriptor.
1797 */
1798static int
91447636 1799bpf_allocbufs(struct bpf_d *d)
1c79356b
A		 1800{
1801 d->bd_fbuf = (caddr_t) _MALLOC(d->bd_bufsize, M_DEVBUF, M_WAIT);
1802 if (d->bd_fbuf == 0)
1803 return (ENOBUFS);
1804
1805 d->bd_sbuf = (caddr_t) _MALLOC(d->bd_bufsize, M_DEVBUF, M_WAIT);
1806 if (d->bd_sbuf == 0) {
1807 FREE(d->bd_fbuf, M_DEVBUF);
1808 return (ENOBUFS);
1809 }
1810 d->bd_slen = 0;
1811 d->bd_hlen = 0;
1812 return (0);
1813}
1814
1815/*
1816 * Free buffers currently in use by a descriptor.
1817 * Called on close.
1818 */
1819static void
91447636 1820bpf_freed(struct bpf_d *d)
1c79356b
A		 1821{
1822 /*
1823 * We don't need to lock out interrupts since this descriptor has
1824 * been detached from its interface and it yet hasn't been marked
1825 * free.
1826 */
1827 if (d->bd_sbuf != 0) {
1828 FREE(d->bd_sbuf, M_DEVBUF);
1829 if (d->bd_hbuf != 0)
1830 FREE(d->bd_hbuf, M_DEVBUF);
1831 if (d->bd_fbuf != 0)
1832 FREE(d->bd_fbuf, M_DEVBUF);
1833 }
1834 if (d->bd_filter)
1835 FREE((caddr_t)d->bd_filter, M_DEVBUF);
1c79356b
A		 1836}
1837
1838/*
1839 * Attach an interface to bpf. driverp is a pointer to a (struct bpf_if *)
1840 * in the driver's softc; dlt is the link layer type; hdrlen is the fixed
1841 * size of the link header (variable length headers not yet supported).
1842 */
1843void
91447636 1844bpfattach(struct ifnet *ifp, u_int dlt, u_int hdrlen)
1c79356b 1845{
2d21ac55
A		 1846 bpf_attach(ifp, dlt, hdrlen, NULL, NULL);
1847}
1848
1849errno_t
1850bpf_attach(
1851 ifnet_t ifp,
1852 u_int32_t dlt,
1853 u_int32_t hdrlen,
1854 bpf_send_func send,
1855 bpf_tap_func tap)
1856{
1857 struct bpf_if *bp_new;
1858 struct bpf_if *bp_temp;
1859 struct bpf_if *bp_first = NULL;
1860
1861 bp_new = (struct bpf_if *) _MALLOC(sizeof(*bp_new), M_DEVBUF, M_WAIT);
1862 if (bp_new == 0)
1c79356b
A		 1863 panic("bpfattach");
1864
91447636
A		 1865 lck_mtx_lock(bpf_mlock);
1866
2d21ac55
A		 1867 /*
1868 * Check if this interface/dlt is already attached, record first
1869 * attachment for this interface.
1870 */
1871 for (bp_temp = bpf_iflist; bp_temp && (bp_temp->bif_ifp != ifp ||
1872 bp_temp->bif_dlt != dlt); bp_temp = bp_temp->bif_next) {
1873 if (bp_temp->bif_ifp == ifp && bp_first == NULL)
1874 bp_first = bp_temp;
1875 }
1876
1877 if (bp_temp != NULL) {
1878 printf("bpfattach - %s%d with dlt %d is already attached\n",
1879 ifp->if_name, ifp->if_unit, dlt);
1880 FREE(bp_new, M_DEVBUF);
1881 lck_mtx_unlock(bpf_mlock);
1882 return EEXIST;
1883 }
1884
1885 bzero(bp_new, sizeof(*bp_new));
1886 bp_new->bif_ifp = ifp;
1887 bp_new->bif_dlt = dlt;
1888 bp_new->bif_send = send;
1889 bp_new->bif_tap = tap;
1890
1891 if (bp_first == NULL) {
1892 /* No other entries for this ifp */
1893 bp_new->bif_next = bpf_iflist;
1894 bpf_iflist = bp_new;
1895 }
1896 else {
1897 /* Add this after the first entry for this interface */
1898 bp_new->bif_next = bp_first->bif_next;
1899 bp_first->bif_next = bp_new;
1900 }
1901
1c79356b
A		 1902 /*
1903 * Compute the length of the bpf header. This is not necessarily
1904 * equal to SIZEOF_BPF_HDR because we want to insert spacing such
1905 * that the network layer header begins on a longword boundary (for
1906 * performance reasons and to alleviate alignment restrictions).
1907 */
2d21ac55 1908 bp_new->bif_hdrlen = BPF_WORDALIGN(hdrlen + SIZEOF_BPF_HDR) - hdrlen;
91447636
A		 1909
1910 /* Take a reference on the interface */
2d21ac55 1911 ifnet_reference(ifp);
91447636
A		 1912
1913 lck_mtx_unlock(bpf_mlock);
1c79356b 1914
55e303ae 1915#ifndef __APPLE__
1c79356b
A		 1916 if (bootverbose)
1917 printf("bpf: %s%d attached\n", ifp->if_name, ifp->if_unit);
1918#endif
2d21ac55
A		 1919
1920 return 0;
1c79356b
A		 1921}
1922
9bccf70c
A		 1923/*
1924 * Detach bpf from an interface. This involves detaching each descriptor
1925 * associated with the interface, and leaving bd_bif NULL. Notify each
1926 * descriptor as it's detached so that any sleepers wake up and get
1927 * ENXIO.
1928 */
1929void
91447636 1930bpfdetach(struct ifnet *ifp)
9bccf70c 1931{
2d21ac55
A		 1932 struct bpf_if *bp, *bp_prev, *bp_next;
1933 struct bpf_if *bp_free = NULL;
9bccf70c 1934 struct bpf_d *d;
9bccf70c 1935
91447636
A		 1936
1937 lck_mtx_lock(bpf_mlock);
9bccf70c
A		 1938
1939 /* Locate BPF interface information */
1940 bp_prev = NULL;
2d21ac55
A		 1941 for (bp = bpf_iflist; bp != NULL; bp = bp_next) {
1942 bp_next = bp->bif_next;
1943 if (ifp != bp->bif_ifp) {
1944 bp_prev = bp;
1945 continue;
1946 }
1947
1948 while ((d = bp->bif_dlist) != NULL) {
1949 bpf_detachd(d);
1950 bpf_wakeup(d);
1951 }
1952
1953 if (bp_prev) {
1954 bp_prev->bif_next = bp->bif_next;
1955 } else {
1956 bpf_iflist = bp->bif_next;
1957 }
1958
1959 bp->bif_next = bp_free;
1960 bp_free = bp;
1961
1962 ifnet_release(ifp);
9bccf70c
A		 1963 }
1964
91447636 1965 lck_mtx_unlock(bpf_mlock);
9bccf70c
A		 1966
1967 FREE(bp, M_DEVBUF);
1968
9bccf70c
A		 1969}
1970
1c79356b 1971void
91447636 1972bpf_init(__unused void *unused)
1c79356b 1973{
9bccf70c 1974#ifdef __APPLE__
1c79356b 1975 int i;
9bccf70c 1976 int maj;
1c79356b 1977
91447636 1978 if (bpf_devsw_installed == 0) {
9bccf70c 1979 bpf_devsw_installed = 1;
91447636
A		 1980
1981 bpf_mlock_grp_attr = lck_grp_attr_alloc_init();
91447636
A		 1982
1983 bpf_mlock_grp = lck_grp_alloc_init("bpf", bpf_mlock_grp_attr);
1984
1985 bpf_mlock_attr = lck_attr_alloc_init();
91447636
A		 1986
1987 bpf_mlock = lck_mtx_alloc_init(bpf_mlock_grp, bpf_mlock_attr);
1988
1989 if (bpf_mlock == 0) {
1990 printf("bpf_init: failed to allocate bpf_mlock\n");
1991 bpf_devsw_installed = 0;
1992 return;
1993 }
1994
9bccf70c
A		 1995 maj = cdevsw_add(CDEV_MAJOR, &bpf_cdevsw);
1996 if (maj == -1) {
91447636
A		 1997 if (bpf_mlock)
1998 lck_mtx_free(bpf_mlock, bpf_mlock_grp);
1999 if (bpf_mlock_attr)
2000 lck_attr_free(bpf_mlock_attr);
2001 if (bpf_mlock_grp)
2002 lck_grp_free(bpf_mlock_grp);
2003 if (bpf_mlock_grp_attr)
2004 lck_grp_attr_free(bpf_mlock_grp_attr);
2005
2d21ac55
A		 2006 bpf_mlock = NULL;
2007 bpf_mlock_attr = NULL;
2008 bpf_mlock_grp = NULL;
2009 bpf_mlock_grp_attr = NULL;
91447636 2010 bpf_devsw_installed = 0;
9bccf70c 2011 printf("bpf_init: failed to allocate a major number!\n");
55e303ae 2012 return;
9bccf70c 2013 }
91447636 2014
55e303ae
A		 2015 for (i = 0 ; i < NBPFILTER; i++)
2016 bpf_make_dev_t(maj);
9bccf70c
A		 2017 }
2018#else
2019 cdevsw_add(&bpf_cdevsw);
2020#endif
1c79356b
A		 2021}
2022
9bccf70c 2023#ifndef __APPLE__
1c79356b 2024SYSINIT(bpfdev,SI_SUB_DRIVERS,SI_ORDER_MIDDLE+CDEV_MAJOR,bpf_drvinit,NULL)
1c79356b 2025#endif
9bccf70c 2026
2d21ac55
A		 2027#if CONFIG_MACF_NET
2028struct label *
2029mac_bpfdesc_label_get(struct bpf_d *d)
9bccf70c 2030{
9bccf70c 2031
2d21ac55 2032 return (d->bd_label);
9bccf70c
A		 2033}
2034
2035void
2d21ac55 2036mac_bpfdesc_label_set(struct bpf_d *d, struct label *label)
9bccf70c 2037{
9bccf70c 2038
2d21ac55 2039 d->bd_label = label;
9bccf70c 2040}
2d21ac55 2041#endif
mirror of XNU