]>
git.saurik.com Git - apple/xnu.git/blob - bsd/net/bpf.c
8c95fcdb66fc9cf42710529faaadfbeaa25af603
2 * Copyright (c) 2000 Apple Computer, Inc. All rights reserved.
4 * @APPLE_LICENSE_HEADER_START@
6 * The contents of this file constitute Original Code as defined in and
7 * are subject to the Apple Public Source License Version 1.1 (the
8 * "License"). You may not use this file except in compliance with the
9 * License. Please obtain a copy of the License at
10 * http://www.apple.com/publicsource and read it before using this file.
12 * This Original Code and all software distributed under the License are
13 * distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER
14 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
15 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
16 * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the
17 * License for the specific language governing rights and limitations
20 * @APPLE_LICENSE_HEADER_END@
23 * Copyright (c) 1990, 1991, 1993
24 * The Regents of the University of California. All rights reserved.
26 * This code is derived from the Stanford/CMU enet packet filter,
27 * (net/enet.c) distributed as part of 4.3BSD, and code contributed
28 * to Berkeley by Steven McCanne and Van Jacobson both of Lawrence
29 * Berkeley Laboratory.
31 * Redistribution and use in source and binary forms, with or without
32 * modification, are permitted provided that the following conditions
34 * 1. Redistributions of source code must retain the above copyright
35 * notice, this list of conditions and the following disclaimer.
36 * 2. Redistributions in binary form must reproduce the above copyright
37 * notice, this list of conditions and the following disclaimer in the
38 * documentation and/or other materials provided with the distribution.
39 * 3. All advertising materials mentioning features or use of this software
40 * must display the following acknowledgement:
41 * This product includes software developed by the University of
42 * California, Berkeley and its contributors.
43 * 4. Neither the name of the University nor the names of its contributors
44 * may be used to endorse or promote products derived from this software
45 * without specific prior written permission.
47 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
48 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
49 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
50 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
51 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
52 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
53 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
54 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
55 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
56 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
59 * @(#)bpf.c 8.2 (Berkeley) 3/28/94
70 #define inline __inline
73 #include <sys/param.h>
74 #include <sys/systm.h>
76 #include <sys/malloc.h>
85 #include <sys/signalvar.h>
86 #include <sys/filio.h>
87 #include <sys/sockio.h>
88 #include <sys/ttycom.h>
89 #include <sys/filedesc.h>
91 #include <sys/socket.h>
92 #include <sys/vnode.h>
96 #include <net/bpfdesc.h>
98 #include <netinet/in.h>
99 #include <netinet/if_ether.h>
100 #include <sys/kernel.h>
101 #include <sys/sysctl.h>
104 #include <miscfs/devfs/devfs.h>
105 #include <net/dlil.h>
108 * Older BSDs don't have kernel malloc.
112 static caddr_t
bpf_alloc();
114 #define BPF_BUFSIZE (MCLBYTES-8)
115 #define UIOMOVE(cp, len, code, uio) uiomove(cp, len, code, uio)
117 #define BPF_BUFSIZE 4096
118 #define UIOMOVE(cp, len, code, uio) uiomove(cp, len, uio)
121 #define PRINET 26 /* interruptible */
124 * The default read buffer size is patchable.
126 static int bpf_bufsize
= BPF_BUFSIZE
;
130 SYSCTL_INT(_debug
, OID_AUTO
, bpf_bufsize
, CTLFLAG_RW
,
131 &bpf_bufsize
, 0, "");
135 * bpf_iflist is the list of interfaces; each corresponds to an ifnet
136 * bpf_dtab holds the descriptors, indexed by minor device #
138 static struct bpf_if
*bpf_iflist
;
139 static struct bpf_d bpf_dtab
[NBPFILTER
];
140 static int bpf_dtab_init
;
141 static int nbpfilter
= NBPFILTER
;
143 static int bpf_allocbufs
__P((struct bpf_d
*));
144 static void bpf_attachd
__P((struct bpf_d
*d
, struct bpf_if
*bp
));
145 static void bpf_detachd
__P((struct bpf_d
*d
));
146 static void bpf_freed
__P((struct bpf_d
*));
147 static void bpf_ifname
__P((struct ifnet
*, struct ifreq
*));
148 static void bpf_mcopy
__P((const void *, void *, size_t));
149 static int bpf_movein
__P((struct uio
*, int,
150 struct mbuf
**, struct sockaddr
*, int *));
151 static int bpf_setif
__P((struct bpf_d
*, struct ifreq
*));
153 bpf_wakeup
__P((struct bpf_d
*));
154 static void catchpacket
__P((struct bpf_d
*, u_char
*, u_int
,
155 u_int
, void (*)(const void *, void *, size_t)));
156 static void reset_d
__P((struct bpf_d
*));
157 static int bpf_setf
__P((struct bpf_d
*, struct bpf_program
*));
168 void bpf_mtap(struct ifnet
*, struct mbuf
*);
170 int bpfopen(), bpfclose(), bpfread(), bpfwrite(), bpfioctl(),
174 static struct cdevsw bpf_cdevsw
= {
175 bpfopen
, bpfclose
, bpfread
, bpfwrite
,
176 bpfioctl
, nulldev
, nulldev
, NULL
, bpfpoll
,
177 eno_mmap
, eno_strat
, eno_getc
, eno_putc
, 0
181 bpf_movein(uio
, linktype
, mp
, sockp
, datlen
)
182 register struct uio
*uio
;
183 int linktype
, *datlen
;
184 register struct mbuf
**mp
;
185 register struct sockaddr
*sockp
;
193 * Build a sockaddr based on the data link layer type.
194 * We do this at this level because the ethernet header
195 * is copied directly into the data field of the sockaddr.
196 * In the case of SLIP, there is no header and the packet
197 * is forwarded as is.
198 * Also, we are careful to leave room at the front of the mbuf
199 * for the link level header.
204 sockp
->sa_family
= AF_INET
;
209 sockp
->sa_family
= AF_UNSPEC
;
210 /* XXX Would MAXLINKHDR be better? */
211 hlen
= sizeof(struct ether_header
);
215 #if defined(__FreeBSD__) || defined(__bsdi__)
216 sockp
->sa_family
= AF_IMPLINK
;
219 sockp
->sa_family
= AF_UNSPEC
;
220 /* XXX 4(FORMAC)+6(dst)+6(src)+3(LLC)+5(SNAP) */
227 sockp
->sa_family
= AF_UNSPEC
;
232 case DLT_ATM_RFC1483
:
234 * en atm driver requires 4-byte atm pseudo header.
235 * though it isn't standard, vpi:vci needs to be
238 sockp
->sa_family
= AF_UNSPEC
;
239 hlen
= 12; /* XXX 4(ATM_PH) + 3(LLC) + 5(SNAP) */
247 len
= uio
->uio_resid
;
248 *datlen
= len
- hlen
;
249 if ((unsigned)len
> MCLBYTES
)
252 MGETHDR(m
, M_WAIT
, MT_DATA
);
258 if ((m
->m_flags
& M_EXT
) == 0) {
261 if (m
->m_len
!= MCLBYTES
) {
267 m
->m_pkthdr
.len
= m
->m_len
= len
;
268 m
->m_pkthdr
.rcvif
= NULL
;
271 * Make room for link header.
274 m
->m_pkthdr
.len
-= hlen
;
277 m
->m_data
+= hlen
; /* XXX */
281 error
= UIOMOVE((caddr_t
)sockp
->sa_data
, hlen
, UIO_WRITE
, uio
);
285 error
= UIOMOVE(mtod(m
, caddr_t
), len
- hlen
, UIO_WRITE
, uio
);
293 int bpf_tap_callback(struct ifnet
*ifp
, struct mbuf
*m
)
295 boolean_t funnel_state
;
297 funnel_state
= thread_funnel_set(network_flock
, TRUE
);
300 * Do nothing if the BPF tap has been turned off.
301 * This is to protect from a potential race where this
302 * call blocks on the funnel lock. And in the meantime
303 * BPF is turned off, which will clear if_bpf.
308 thread_funnel_set(network_flock
, funnel_state
);
314 * Attach file to the bpf interface, i.e. make d listen on bp.
315 * Must be called at splimp.
325 * Point d at bp, and add d to the interface's list of listeners.
326 * Finally, point the driver's bpf cookie at the interface so
327 * it will divert packets to bpf.
330 d
->bd_next
= bp
->bif_dlist
;
333 bp
->bif_ifp
->if_bpf
= bp
;
336 if (ifp
->if_set_bpf_tap
)
337 (*ifp
->if_set_bpf_tap
)(ifp
, BPF_TAP_INPUT_OUTPUT
, bpf_tap_callback
);
341 * Detach a file from its interface.
351 ifp
= d
->bd_bif
->bif_ifp
;
352 if (ifp
->if_set_bpf_tap
)
353 (*ifp
->if_set_bpf_tap
)(ifp
, BPF_TAP_DISABLE
, 0);
357 * Check if this descriptor had requested promiscuous mode.
358 * If so, turn it off.
362 if (ifpromisc(bp
->bif_ifp
, 0))
364 * Something is really wrong if we were able to put
365 * the driver into promiscuous mode, but can't
368 panic("bpf: ifpromisc failed");
370 /* Remove d from the interface's descriptor list. */
375 panic("bpf_detachd: descriptor not in list");
378 if (bp
->bif_dlist
== 0)
380 * Let the driver know that there are no more listeners.
382 d
->bd_bif
->bif_ifp
->if_bpf
= 0;
388 * Mark a descriptor free by making it point to itself.
389 * This is probably cheaper than marking with a constant since
390 * the address should be in a register anyway.
392 #define D_ISFREE(d) ((d) == (d)->bd_next)
393 #define D_MARKFREE(d) ((d)->bd_next = (d))
394 #define D_MARKUSED(d) ((d)->bd_next = 0)
397 * Open ethernet device. Returns ENXIO for illegal minor device number,
398 * EBUSY if file is open by another process.
402 bpfopen(dev
, flags
, fmt
, p
)
408 register struct bpf_d
*d
;
410 if (minor(dev
) >= nbpfilter
)
413 thread_funnel_switch(KERNEL_FUNNEL
, NETWORK_FUNNEL
);
415 * Each minor can be opened by only one process. If the requested
416 * minor is in use, return EBUSY.
418 d
= &bpf_dtab
[minor(dev
)];
420 thread_funnel_switch(NETWORK_FUNNEL
, KERNEL_FUNNEL
);
424 /* Mark "free" and do most initialization. */
425 bzero((char *)d
, sizeof(*d
));
426 d
->bd_bufsize
= bpf_bufsize
;
428 thread_funnel_switch(NETWORK_FUNNEL
, KERNEL_FUNNEL
);
433 * Close the descriptor by detaching it from its interface,
434 * deallocating its buffers, and marking it free.
438 bpfclose(dev
, flags
, fmt
, p
)
444 register struct bpf_d
*d
;
447 thread_funnel_switch(KERNEL_FUNNEL
, NETWORK_FUNNEL
);
450 d
= &bpf_dtab
[minor(dev
)];
454 selthreadclear(&d
->bd_sel
);
456 thread_funnel_switch(NETWORK_FUNNEL
, KERNEL_FUNNEL
);
461 * Support for SunOS, which does not have tsleep.
468 boolean_t funnel_state
;
469 struct bpf_d
*d
= (struct bpf_d
*)arg
;
472 funnel_state
= thread_funnel_set(network_flock
, TRUE
);
475 (void) thread_funnel_set(network_flock
, FALSE
);
478 #define BPF_SLEEP(chan, pri, s, t) bpf_sleep((struct bpf_d *)chan)
482 register struct bpf_d
*d
;
484 register int rto
= d
->bd_rtout
;
489 timeout(bpf_timeout
, (caddr_t
)d
, rto
);
491 st
= sleep((caddr_t
)d
, PRINET
|PCATCH
);
493 if (d
->bd_timedout
== 0)
494 untimeout(bpf_timeout
, (caddr_t
)d
);
498 return (st
!= 0) ? EINTR
: 0;
501 #define BPF_SLEEP tsleep
505 * Rotate the packet buffers in descriptor d. Move the store buffer
506 * into the hold slot, and the free buffer into the store slot.
507 * Zero the length of the new store buffer.
509 #define ROTATE_BUFFERS(d) \
510 (d)->bd_hbuf = (d)->bd_sbuf; \
511 (d)->bd_hlen = (d)->bd_slen; \
512 (d)->bd_sbuf = (d)->bd_fbuf; \
516 * bpfread - read next chunk of packets from buffers
519 bpfread(dev
, uio
, ioflag
)
524 register struct bpf_d
*d
;
530 thread_funnel_switch(KERNEL_FUNNEL
, NETWORK_FUNNEL
);
531 d
= &bpf_dtab
[minor(dev
)];
534 * Restrict application to use a buffer the same size as
537 if (uio
->uio_resid
!= d
->bd_bufsize
) {
538 thread_funnel_switch(NETWORK_FUNNEL
, KERNEL_FUNNEL
);
544 * If the hold buffer is empty, then do a timed sleep, which
545 * ends when the timeout expires or when enough packets
546 * have arrived to fill the store buffer.
548 while (d
->bd_hbuf
== 0) {
549 if (d
->bd_immediate
&& d
->bd_slen
!= 0) {
551 * A packet(s) either arrived since the previous
552 * read or arrived while we were asleep.
553 * Rotate the buffers and return what's here.
558 if (ioflag
& IO_NDELAY
)
561 error
= BPF_SLEEP((caddr_t
)d
, PRINET
|PCATCH
, "bpf",
563 if (error
== EINTR
|| error
== ERESTART
) {
565 thread_funnel_switch(NETWORK_FUNNEL
, KERNEL_FUNNEL
);
568 if (error
== EWOULDBLOCK
) {
570 * On a timeout, return what's in the buffer,
571 * which may be nothing. If there is something
572 * in the store buffer, we can rotate the buffers.
576 * We filled up the buffer in between
577 * getting the timeout and arriving
578 * here, so we don't need to rotate.
582 if (d
->bd_slen
== 0) {
584 thread_funnel_switch(NETWORK_FUNNEL
, KERNEL_FUNNEL
);
592 * At this point, we know we have something in the hold slot.
597 * Move data from hold buffer into user space.
598 * We know the entire buffer is transferred since
599 * we checked above that the read buffer is bpf_bufsize bytes.
601 error
= UIOMOVE(d
->bd_hbuf
, d
->bd_hlen
, UIO_READ
, uio
);
604 d
->bd_fbuf
= d
->bd_hbuf
;
608 thread_funnel_switch(NETWORK_FUNNEL
, KERNEL_FUNNEL
);
614 * If there are processes sleeping on this descriptor, wake them up.
618 register struct bpf_d
*d
;
621 if (d
->bd_async
&& d
->bd_sig
&& d
->bd_sigio
)
622 pgsigio(d
->bd_sigio
, d
->bd_sig
, 0);
625 selwakeup(&d
->bd_sel
);
628 selwakeup(d
->bd_selproc
, (int)d
->bd_selcoll
);
636 bpfwrite(dev
, uio
, ioflag
)
641 register struct bpf_d
*d
;
646 static struct sockaddr dst
;
651 thread_funnel_switch(KERNEL_FUNNEL
, NETWORK_FUNNEL
);
652 d
= &bpf_dtab
[minor(dev
)];
653 if (d
->bd_bif
== 0) {
654 thread_funnel_switch(NETWORK_FUNNEL
, KERNEL_FUNNEL
);
658 ifp
= d
->bd_bif
->bif_ifp
;
660 if (uio
->uio_resid
== 0) {
661 thread_funnel_switch(NETWORK_FUNNEL
, KERNEL_FUNNEL
);
665 error
= bpf_movein(uio
, (int)d
->bd_bif
->bif_dlt
, &m
, &dst
, &datlen
);
667 thread_funnel_switch(NETWORK_FUNNEL
, KERNEL_FUNNEL
);
671 if (datlen
> ifp
->if_mtu
) {
672 thread_funnel_switch(NETWORK_FUNNEL
, KERNEL_FUNNEL
);
678 error
= dlil_output((u_long
) ifp
, m
,
679 (caddr_t
) 0, &dst
, 0);
682 error = dlil_inject_if_output(m, DLIL_NULL_FILTER);
686 thread_funnel_switch(NETWORK_FUNNEL
, KERNEL_FUNNEL
);
689 * The driver frees the mbuf.
695 * Reset a descriptor by flushing its packet buffer and clearing the
696 * receive and drop counts. Should be called at splimp.
703 /* Free the hold buffer. */
704 d
->bd_fbuf
= d
->bd_hbuf
;
714 * FIONREAD Check for read packet available.
715 * SIOCGIFADDR Get interface address - convenient hook to driver.
716 * BIOCGBLEN Get buffer len [for read()].
717 * BIOCSETF Set ethernet read filter.
718 * BIOCFLUSH Flush read packet buffer.
719 * BIOCPROMISC Put interface into promiscuous mode.
720 * BIOCGDLT Get link layer type.
721 * BIOCGETIF Get interface name.
722 * BIOCSETIF Set interface.
723 * BIOCSRTIMEOUT Set read timeout.
724 * BIOCGRTIMEOUT Get read timeout.
725 * BIOCGSTATS Get packet stats.
726 * BIOCIMMEDIATE Set immediate mode.
727 * BIOCVERSION Get filter language version.
731 bpfioctl(dev
, cmd
, addr
, flags
, p
)
738 register struct bpf_d
*d
;
742 thread_funnel_switch(KERNEL_FUNNEL
, NETWORK_FUNNEL
);
743 d
= &bpf_dtab
[minor(dev
)];
752 * Check for read packet available.
775 ifp
= d
->bd_bif
->bif_ifp
;
776 error
= (*ifp
->if_ioctl
)(ifp
, cmd
, addr
);
782 * Get buffer len [for read()].
785 *(u_int
*)addr
= d
->bd_bufsize
;
798 register u_int size
= *(u_int
*)addr
;
800 if (size
> BPF_MAXBUFSIZE
)
801 *(u_int
*)addr
= size
= BPF_MAXBUFSIZE
;
802 else if (size
< BPF_MINBUFSIZE
)
803 *(u_int
*)addr
= size
= BPF_MINBUFSIZE
;
804 d
->bd_bufsize
= size
;
810 * Set link layer read filter.
813 error
= bpf_setf(d
, (struct bpf_program
*)addr
);
817 * Flush read packet buffer.
826 * Put interface into promiscuous mode.
829 if (d
->bd_bif
== 0) {
831 * No interface attached yet.
837 if (d
->bd_promisc
== 0) {
838 error
= ifpromisc(d
->bd_bif
->bif_ifp
, 1);
846 * Get device parameters.
852 *(u_int
*)addr
= d
->bd_bif
->bif_dlt
;
856 * Set interface name.
862 bpf_ifname(d
->bd_bif
->bif_ifp
, (struct ifreq
*)addr
);
869 error
= bpf_setif(d
, (struct ifreq
*)addr
);
877 struct timeval
*tv
= (struct timeval
*)addr
;
880 * Subtract 1 tick from tvtohz() since this isn't
883 if ((error
= itimerfix(tv
)) == 0)
884 d
->bd_rtout
= tvtohz(tv
) - 1;
893 struct timeval
*tv
= (struct timeval
*)addr
;
895 tv
->tv_sec
= d
->bd_rtout
/ hz
;
896 tv
->tv_usec
= (d
->bd_rtout
% hz
) * tick
;
905 struct bpf_stat
*bs
= (struct bpf_stat
*)addr
;
907 bs
->bs_recv
= d
->bd_rcount
;
908 bs
->bs_drop
= d
->bd_dcount
;
913 * Set immediate mode.
916 d
->bd_immediate
= *(u_int
*)addr
;
921 struct bpf_version
*bv
= (struct bpf_version
*)addr
;
923 bv
->bv_major
= BPF_MAJOR_VERSION
;
924 bv
->bv_minor
= BPF_MINOR_VERSION
;
928 case FIONBIO
: /* Non-blocking I/O */
931 case FIOASYNC
: /* Send signal on receive packets */
932 d
->bd_async
= *(int *)addr
;
936 error
= fsetown(*(int *)addr
, &d
->bd_sigio
);
940 *(int *)addr
= fgetown(d
->bd_sigio
);
943 /* This is deprecated, FIOSETOWN should be used instead. */
945 error
= fsetown(-(*(int *)addr
), &d
->bd_sigio
);
948 /* This is deprecated, FIOGETOWN should be used instead. */
950 *(int *)addr
= -fgetown(d
->bd_sigio
);
953 case BIOCSRSIG
: /* Set receive signal */
957 sig
= *(u_int
*)addr
;
966 *(u_int
*)addr
= d
->bd_sig
;
969 thread_funnel_switch(NETWORK_FUNNEL
, KERNEL_FUNNEL
);
974 * Set d's packet filter program to fp. If this file already has a filter,
975 * free it and replace it. Returns EINVAL for bogus requests.
980 struct bpf_program
*fp
;
982 struct bpf_insn
*fcode
, *old
;
987 if (fp
->bf_insns
== 0) {
995 FREE((caddr_t
)old
, M_DEVBUF
);
999 if (flen
> BPF_MAXINSNS
)
1002 size
= flen
* sizeof(*fp
->bf_insns
);
1003 fcode
= (struct bpf_insn
*) _MALLOC(size
, M_DEVBUF
, M_WAIT
);
1006 if (copyin((caddr_t
)fp
->bf_insns
, (caddr_t
)fcode
, size
) == 0 &&
1007 bpf_validate(fcode
, (int)flen
)) {
1009 d
->bd_filter
= fcode
;
1013 FREE((caddr_t
)old
, M_DEVBUF
);
1017 FREE((caddr_t
)fcode
, M_DEVBUF
);
1022 * Detach a file from its current interface (if attached at all) and attach
1023 * to the interface indicated by the name stored in ifr.
1024 * Return an errno or 0.
1033 struct ifnet
*theywant
;
1035 theywant
= ifunit(ifr
->ifr_name
);
1040 * Look through attached interfaces for the named one.
1042 for (bp
= bpf_iflist
; bp
!= 0; bp
= bp
->bif_next
) {
1043 struct ifnet
*ifp
= bp
->bif_ifp
;
1045 if (ifp
== 0 || ifp
!= theywant
)
1048 * We found the requested interface.
1049 * If it's not up, return an error.
1050 * Allocate the packet buffers if we need to.
1051 * If we're already attached to requested interface,
1052 * just flush the buffer.
1054 if ((ifp
->if_flags
& IFF_UP
) == 0)
1057 if (d
->bd_sbuf
== 0) {
1058 error
= bpf_allocbufs(d
);
1063 if (bp
!= d
->bd_bif
) {
1066 * Detach if attached to something else.
1081 * Convert an interface name plus unit number of an ifp to a single
1082 * name which is returned in the ifr.
1085 bpf_ifname(ifp
, ifr
)
1089 char *s
= ifp
->if_name
;
1090 char *d
= ifr
->ifr_name
;
1094 d
--; /* back to the null */
1095 /* XXX Assume that unit number is less than 10. */
1096 *d
++ = ifp
->if_unit
+ '0';
1103 * Support for select() and poll() system calls
1105 * Return true iff the specific operation will not block indefinitely.
1106 * Otherwise, return false but make a note that a selwakeup() must be done.
1109 bpfpoll(dev
, events
, wql
, p
)
1115 register struct bpf_d
*d
;
1119 thread_funnel_switch(KERNEL_FUNNEL
, NETWORK_FUNNEL
);
1121 * An imitation of the FIONREAD ioctl code.
1123 d
= &bpf_dtab
[minor(dev
)];
1126 if (events
& (POLLIN
| POLLRDNORM
))
1127 if (d
->bd_hlen
!= 0 || (d
->bd_immediate
&& d
->bd_slen
!= 0))
1128 revents
|= events
& (POLLIN
| POLLRDNORM
);
1130 selrecord(p
, &d
->bd_sel
, wql
);
1133 thread_funnel_switch(NETWORK_FUNNEL
, KERNEL_FUNNEL
);
1138 * Incoming linkage from device drivers. Process the packet pkt, of length
1139 * pktlen, which is stored in a contiguous buffer. The packet is parsed
1140 * by each process' filter, and if accepted, stashed into the corresponding
1144 bpf_tap(ifp
, pkt
, pktlen
)
1146 register u_char
*pkt
;
1147 register u_int pktlen
;
1150 register struct bpf_d
*d
;
1151 register u_int slen
;
1153 * Note that the ipl does not have to be raised at this point.
1154 * The only problem that could arise here is that if two different
1155 * interfaces shared any data. This is not the case.
1157 thread_funnel_switch(KERNEL_FUNNEL
, NETWORK_FUNNEL
);
1158 if ((bp
= ifp
->if_bpf
)) {
1159 for (d
= bp
->bif_dlist
; d
!= 0; d
= d
->bd_next
) {
1161 slen
= bpf_filter(d
->bd_filter
, pkt
, pktlen
, pktlen
);
1163 catchpacket(d
, pkt
, pktlen
, slen
, bcopy
);
1166 thread_funnel_switch(KERNEL_FUNNEL
, NETWORK_FUNNEL
);
1170 * Copy data from an mbuf chain into a buffer. This code is derived
1171 * from m_copydata in sys/uipc_mbuf.c.
1174 bpf_mcopy(src_arg
, dst_arg
, len
)
1175 const void *src_arg
;
1177 register size_t len
;
1179 register const struct mbuf
*m
;
1180 register u_int count
;
1188 count
= min(m
->m_len
, len
);
1189 bcopy(mtod(m
, void *), dst
, count
);
1197 * Incoming linkage from device drivers, when packet is in an mbuf chain.
1204 struct bpf_if
*bp
= ifp
->if_bpf
;
1210 for (m0
= m
; m0
!= 0; m0
= m0
->m_next
)
1211 pktlen
+= m0
->m_len
;
1213 for (d
= bp
->bif_dlist
; d
!= 0; d
= d
->bd_next
) {
1215 slen
= bpf_filter(d
->bd_filter
, (u_char
*)m
, pktlen
, 0);
1217 catchpacket(d
, (u_char
*)m
, pktlen
, slen
, bpf_mcopy
);
1222 * Move the packet data from interface memory (pkt) into the
1223 * store buffer. Return 1 if it's time to wakeup a listener (buffer full),
1224 * otherwise 0. "copy" is the routine called to do the actual data
1225 * transfer. bcopy is passed in to copy contiguous chunks, while
1226 * bpf_mcopy is passed in to copy mbuf chains. In the latter case,
1227 * pkt is really an mbuf.
1230 catchpacket(d
, pkt
, pktlen
, snaplen
, cpfn
)
1231 register struct bpf_d
*d
;
1232 register u_char
*pkt
;
1233 register u_int pktlen
, snaplen
;
1234 register void (*cpfn
) __P((const void *, void *, size_t));
1236 register struct bpf_hdr
*hp
;
1237 register int totlen
, curlen
;
1238 register int hdrlen
= d
->bd_bif
->bif_hdrlen
;
1240 * Figure out how many bytes to move. If the packet is
1241 * greater or equal to the snapshot length, transfer that
1242 * much. Otherwise, transfer the whole packet (unless
1243 * we hit the buffer size limit).
1245 totlen
= hdrlen
+ min(snaplen
, pktlen
);
1246 if (totlen
> d
->bd_bufsize
)
1247 totlen
= d
->bd_bufsize
;
1250 * Round up the end of the previous packet to the next longword.
1252 curlen
= BPF_WORDALIGN(d
->bd_slen
);
1253 if (curlen
+ totlen
> d
->bd_bufsize
) {
1255 * This packet will overflow the storage buffer.
1256 * Rotate the buffers if we can, then wakeup any
1259 if (d
->bd_fbuf
== 0) {
1261 * We haven't completed the previous read yet,
1262 * so drop the packet.
1271 else if (d
->bd_immediate
)
1273 * Immediate mode is set. A packet arrived so any
1274 * reads should be woken up.
1279 * Append the bpf header.
1281 hp
= (struct bpf_hdr
*)(d
->bd_sbuf
+ curlen
);
1283 microtime(&hp
->bh_tstamp
);
1285 uniqtime(&hp
->bh_tstamp
);
1287 hp
->bh_tstamp
= time
;
1289 hp
->bh_datalen
= pktlen
;
1290 hp
->bh_hdrlen
= hdrlen
;
1292 * Copy the packet data into the store buffer and update its length.
1294 (*cpfn
)(pkt
, (u_char
*)hp
+ hdrlen
, (hp
->bh_caplen
= totlen
- hdrlen
));
1295 d
->bd_slen
= curlen
+ totlen
;
1299 * Initialize all nonzero fields of a descriptor.
1303 register struct bpf_d
*d
;
1305 d
->bd_fbuf
= (caddr_t
) _MALLOC(d
->bd_bufsize
, M_DEVBUF
, M_WAIT
);
1306 if (d
->bd_fbuf
== 0)
1309 d
->bd_sbuf
= (caddr_t
) _MALLOC(d
->bd_bufsize
, M_DEVBUF
, M_WAIT
);
1310 if (d
->bd_sbuf
== 0) {
1311 FREE(d
->bd_fbuf
, M_DEVBUF
);
1320 * Free buffers currently in use by a descriptor.
1325 register struct bpf_d
*d
;
1328 * We don't need to lock out interrupts since this descriptor has
1329 * been detached from its interface and it yet hasn't been marked
1332 if (d
->bd_sbuf
!= 0) {
1333 FREE(d
->bd_sbuf
, M_DEVBUF
);
1334 if (d
->bd_hbuf
!= 0)
1335 FREE(d
->bd_hbuf
, M_DEVBUF
);
1336 if (d
->bd_fbuf
!= 0)
1337 FREE(d
->bd_fbuf
, M_DEVBUF
);
1340 FREE((caddr_t
)d
->bd_filter
, M_DEVBUF
);
1346 * Attach an interface to bpf. driverp is a pointer to a (struct bpf_if *)
1347 * in the driver's softc; dlt is the link layer type; hdrlen is the fixed
1348 * size of the link header (variable length headers not yet supported).
1351 bpfattach(ifp
, dlt
, hdrlen
)
1357 bp
= (struct bpf_if
*) _MALLOC(sizeof(*bp
), M_DEVBUF
, M_WAIT
);
1365 bp
->bif_next
= bpf_iflist
;
1368 bp
->bif_ifp
->if_bpf
= 0;
1371 * Compute the length of the bpf header. This is not necessarily
1372 * equal to SIZEOF_BPF_HDR because we want to insert spacing such
1373 * that the network layer header begins on a longword boundary (for
1374 * performance reasons and to alleviate alignment restrictions).
1376 bp
->bif_hdrlen
= BPF_WORDALIGN(hdrlen
+ SIZEOF_BPF_HDR
) - hdrlen
;
1379 * Mark all the descriptors free if this hasn't been done.
1381 if (!bpf_dtab_init
) {
1382 for (i
= 0; i
< nbpfilter
; ++i
)
1383 D_MARKFREE(&bpf_dtab
[i
]);
1388 printf("bpf: %s%d attached\n", ifp
->if_name
, ifp
->if_unit
);
1392 static void *bpf_devfs_token
[NBPFILTER
];
1394 static int bpf_devsw_installed
;
1396 void bpf_init
__P((void *unused
));
1404 if (!bpf_devsw_installed
) {
1405 bpf_devsw_installed
= 1;
1406 maj
= cdevsw_add(BPF_MAJOR
, &bpf_cdevsw
);
1408 printf("bpf_init: failed to allocate a major number!\n");
1412 for (i
= 0 ; i
< nbpfilter
; i
++) {
1413 bpf_devfs_token
[i
] = devfs_make_node(makedev(maj
, i
),
1414 DEVFS_CHAR
, UID_ROOT
, GID_WHEEL
, 0600,
1421 SYSINIT(bpfdev,SI_SUB_DRIVERS,SI_ORDER_MIDDLE+CDEV_MAJOR,bpf_drvinit,NULL)