X-Git-Url: https://git.saurik.com/apple/xnu.git/blobdiff_plain/89b3af67bb32e691275bf6fa803d1834b2284115..2d21ac55c334faf3a56e5634905ed6987fc787d4:/bsd/net/bpf.c diff --git a/bsd/net/bpf.c b/bsd/net/bpf.c index 9a1af2a9b..5880506f1 100644 --- a/bsd/net/bpf.c +++ b/bsd/net/bpf.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000-2004 Apple Computer, Inc. All rights reserved. + * Copyright (c) 2000-2007 Apple Inc. All rights reserved. * * @APPLE_OSREFERENCE_LICENSE_HEADER_START@ * @@ -66,6 +66,12 @@ * * $FreeBSD: src/sys/net/bpf.c,v 1.59.2.5 2001/01/05 04:49:09 jdp Exp $ */ +/* + * NOTICE: This file was modified by SPARTA, Inc. in 2005 to introduce + * support for mandatory and extensible security protections. This notice + * is included in support of clause 2.2 (b) of the Apple Public License, + * Version 2.0. + */ #include "bpf.h" @@ -107,15 +113,16 @@ #include #include -#include #include #include #include -extern int tvtohz(struct timeval *); +#if CONFIG_MACF_NET +#include +#endif /* MAC_NET */ -#if NBPFILTER > 0 +extern int tvtohz(struct timeval *); /* * Older BSDs don't have kernel malloc. @@ -180,25 +187,27 @@ static lck_attr_t *bpf_mlock_attr; #endif /* __APPLE__ */ static int bpf_allocbufs(struct bpf_d *); -static void bpf_attachd(struct bpf_d *d, struct bpf_if *bp); +static errno_t bpf_attachd(struct bpf_d *d, struct bpf_if *bp); static void bpf_detachd(struct bpf_d *d); static void bpf_freed(struct bpf_d *); static void bpf_mcopy(const void *, void *, size_t); static int bpf_movein(struct uio *, int, struct mbuf **, struct sockaddr *, int *); -static int bpf_setif(struct bpf_d *, struct ifreq *); +static int bpf_setif(struct bpf_d *, ifnet_t ifp, u_int32_t dlt); static void bpf_wakeup(struct bpf_d *); static void catchpacket(struct bpf_d *, u_char *, u_int, u_int, void (*)(const void *, void *, size_t)); static void reset_d(struct bpf_d *); -static int bpf_setf(struct bpf_d *, struct user_bpf_program *); +static int bpf_setf(struct bpf_d *, u_int bf_len, user_addr_t bf_insns); +static int bpf_getdltlist(struct bpf_d *, struct bpf_dltlist *); +static int bpf_setdlt(struct bpf_d *, u_int); /*static void *bpf_devfs_token[MAXBPFILTER];*/ static int bpf_devsw_installed; void bpf_init(void *unused); -int bpf_tap_callback(struct ifnet *ifp, struct mbuf *m); +static int bpf_tap_callback(struct ifnet *ifp, struct mbuf *m); /* * Darwin differs from BSD here, the following are static @@ -239,86 +248,99 @@ bpf_movein(struct uio *uio, int linktype, struct mbuf **mp, struct sockaddr *soc struct mbuf *m; int error; int len; + uint8_t sa_family; int hlen; - if (sockp) { - /* - * Build a sockaddr based on the data link layer type. - * We do this at this level because the ethernet header - * is copied directly into the data field of the sockaddr. - * In the case of SLIP, there is no header and the packet - * is forwarded as is. - * Also, we are careful to leave room at the front of the mbuf - * for the link level header. - */ - switch (linktype) { + switch (linktype) { - case DLT_SLIP: - sockp->sa_family = AF_INET; - hlen = 0; - break; +#if SLIP + case DLT_SLIP: + sa_family = AF_INET; + hlen = 0; + break; +#endif /* SLIP */ - case DLT_EN10MB: - sockp->sa_family = AF_UNSPEC; - /* XXX Would MAXLINKHDR be better? */ - hlen = sizeof(struct ether_header); - break; + case DLT_EN10MB: + sa_family = AF_UNSPEC; + /* XXX Would MAXLINKHDR be better? */ + hlen = sizeof(struct ether_header); + break; - case DLT_FDDI: +#if FDDI + case DLT_FDDI: #if defined(__FreeBSD__) || defined(__bsdi__) - sockp->sa_family = AF_IMPLINK; - hlen = 0; + sa_family = AF_IMPLINK; + hlen = 0; #else - sockp->sa_family = AF_UNSPEC; - /* XXX 4(FORMAC)+6(dst)+6(src)+3(LLC)+5(SNAP) */ - hlen = 24; + sa_family = AF_UNSPEC; + /* XXX 4(FORMAC)+6(dst)+6(src)+3(LLC)+5(SNAP) */ + hlen = 24; #endif - break; + break; +#endif /* FDDI */ - case DLT_RAW: - case DLT_NULL: - sockp->sa_family = AF_UNSPEC; - hlen = 0; - break; + case DLT_RAW: + case DLT_NULL: + sa_family = AF_UNSPEC; + hlen = 0; + break; #ifdef __FreeBSD__ - case DLT_ATM_RFC1483: - /* - * en atm driver requires 4-byte atm pseudo header. - * though it isn't standard, vpi:vci needs to be - * specified anyway. - */ - sockp->sa_family = AF_UNSPEC; - hlen = 12; /* XXX 4(ATM_PH) + 3(LLC) + 5(SNAP) */ - break; + case DLT_ATM_RFC1483: + /* + * en atm driver requires 4-byte atm pseudo header. + * though it isn't standard, vpi:vci needs to be + * specified anyway. + */ + sa_family = AF_UNSPEC; + hlen = 12; /* XXX 4(ATM_PH) + 3(LLC) + 5(SNAP) */ + break; #endif - case DLT_PPP: - sockp->sa_family = AF_UNSPEC; - hlen = 4; /* This should match PPP_HDRLEN */ - break; + + case DLT_PPP: + sa_family = AF_UNSPEC; + hlen = 4; /* This should match PPP_HDRLEN */ + break; - case DLT_APPLE_IP_OVER_IEEE1394: - sockp->sa_family = AF_UNSPEC; - hlen = sizeof(struct firewire_header); - break; + case DLT_APPLE_IP_OVER_IEEE1394: + sa_family = AF_UNSPEC; + hlen = sizeof(struct firewire_header); + break; - default: - return (EIO); - } - if ((hlen + SOCKADDR_HDR_LEN) > sockp->sa_len) { - return (EIO); - } - } - else { - hlen = 0; + default: + return (EIO); } - + // LP64todo - fix this! len = uio_resid(uio); *datlen = len - hlen; if ((unsigned)len > MCLBYTES) return (EIO); + if (sockp) { + /* + * Build a sockaddr based on the data link layer type. + * We do this at this level because the ethernet header + * is copied directly into the data field of the sockaddr. + * In the case of SLIP, there is no header and the packet + * is forwarded as is. + * Also, we are careful to leave room at the front of the mbuf + * for the link level header. + */ + if ((hlen + SOCKADDR_HDR_LEN) > sockp->sa_len) { + return (EIO); + } + sockp->sa_family = sa_family; + } else { + /* + * We're directly sending the packet data supplied by + * the user; we don't need to make room for the link + * header, and don't need the header length value any + * more, so set it to 0. + */ + hlen = 0; + } + MGETHDR(m, M_WAIT, MT_DATA); if (m == 0) return (ENOBUFS); @@ -361,19 +383,6 @@ bpf_movein(struct uio *uio, int linktype, struct mbuf **mp, struct sockaddr *soc } #ifdef __APPLE__ -/* Callback registered with Ethernet driver. */ -int bpf_tap_callback(struct ifnet *ifp, struct mbuf *m) -{ - /* - * Do nothing if the BPF tap has been turned off. - * This is to protect from a potential race where this - * call blocks on the lock. And in the meantime - * BPF is turned off, which will clear if_bpf. - */ - if (ifp->if_bpf) - bpf_mtap(ifp, m); - return 0; -} /* * The dynamic addition of a new device node must block all processes that are opening @@ -435,11 +444,13 @@ done: /* * Attach file to the bpf interface, i.e. make d listen on bp. - * Must be called at splimp. */ -static void +static errno_t bpf_attachd(struct bpf_d *d, struct bpf_if *bp) { + int first = bp->bif_dlist == NULL; + int error = 0; + /* * Point d at bp, and add d to the interface's list of listeners. * Finally, point the driver's bpf cookie at the interface so @@ -448,12 +459,28 @@ bpf_attachd(struct bpf_d *d, struct bpf_if *bp) d->bd_bif = bp; d->bd_next = bp->bif_dlist; bp->bif_dlist = d; + + if (first) { + /* Find the default bpf entry for this ifp */ + if (bp->bif_ifp->if_bpf == NULL) { + struct bpf_if *primary; + + for (primary = bpf_iflist; primary && primary->bif_ifp != bp->bif_ifp; + primary = primary->bif_next) + ; + + bp->bif_ifp->if_bpf = primary; + } + + /* Only call dlil_set_bpf_tap for primary dlt */ + if (bp->bif_ifp->if_bpf == bp) + dlil_set_bpf_tap(bp->bif_ifp, BPF_TAP_INPUT_OUTPUT, bpf_tap_callback); + + if (bp->bif_tap) + error = bp->bif_tap(bp->bif_ifp, bp->bif_dlt, BPF_TAP_INPUT_OUTPUT); + } - bp->bif_ifp->if_bpf = bp; - -#ifdef __APPLE__ - dlil_set_bpf_tap(bp->bif_ifp, BPF_TAP_INPUT_OUTPUT, bpf_tap_callback); -#endif + return error; } /* @@ -464,21 +491,44 @@ bpf_detachd(struct bpf_d *d) { struct bpf_d **p; struct bpf_if *bp; -#ifdef __APPLE__ struct ifnet *ifp; ifp = d->bd_bif->bif_ifp; - -#endif - bp = d->bd_bif; + + /* Remove d from the interface's descriptor list. */ + p = &bp->bif_dlist; + while (*p != d) { + p = &(*p)->bd_next; + if (*p == 0) + panic("bpf_detachd: descriptor not in list"); + } + *p = (*p)->bd_next; + if (bp->bif_dlist == 0) { + /* + * Let the driver know that there are no more listeners. + */ + /* Only call dlil_set_bpf_tap for primary dlt */ + if (bp->bif_ifp->if_bpf == bp) + dlil_set_bpf_tap(ifp, BPF_TAP_DISABLE, NULL); + if (bp->bif_tap) + bp->bif_tap(ifp, bp->bif_dlt, BPF_TAP_DISABLE); + + for (bp = bpf_iflist; bp; bp = bp->bif_next) + if (bp->bif_ifp == ifp && bp->bif_dlist != 0) + break; + if (bp == NULL) + ifp->if_bpf = NULL; + } + d->bd_bif = NULL; /* * Check if this descriptor had requested promiscuous mode. * If so, turn it off. */ if (d->bd_promisc) { d->bd_promisc = 0; - if (ifnet_set_promiscuous(bp->bif_ifp, 0)) + lck_mtx_unlock(bpf_mlock); + if (ifnet_set_promiscuous(ifp, 0)) { /* * Something is really wrong if we were able to put * the driver into promiscuous mode, but can't @@ -486,24 +536,9 @@ bpf_detachd(struct bpf_d *d) * Most likely the network interface is gone. */ printf("bpf: ifnet_set_promiscuous failed"); + } + lck_mtx_lock(bpf_mlock); } - /* Remove d from the interface's descriptor list. */ - p = &bp->bif_dlist; - while (*p != d) { - p = &(*p)->bd_next; - if (*p == 0) - panic("bpf_detachd: descriptor not in list"); - } - *p = (*p)->bd_next; - if (bp->bif_dlist == 0) { - /* - * Let the driver know that there are no more listeners. - */ - if (ifp->if_set_bpf_tap) - (*ifp->if_set_bpf_tap)(ifp, BPF_TAP_DISABLE, 0); - d->bd_bif->bif_ifp->if_bpf = 0; - } - d->bd_bif = 0; } @@ -512,14 +547,17 @@ bpf_detachd(struct bpf_d *d) * EBUSY if file is open by another process. */ /* ARGSUSED */ - int -bpfopen(dev_t dev, __unused int flags, __unused int fmt, __unused struct proc *p) +int +bpfopen(dev_t dev, __unused int flags, __unused int fmt, + __unused struct proc *p) { - register struct bpf_d *d; + struct bpf_d *d; - if ((unsigned int) minor(dev) >= nbpfilter) + lck_mtx_lock(bpf_mlock); + if ((unsigned int) minor(dev) >= nbpfilter) { + lck_mtx_unlock(bpf_mlock); return (ENXIO); - + } /* * New device nodes are created on demand when opening the last one. * The programming model is for processes to loop on the minor starting at 0 @@ -540,16 +578,18 @@ bpfopen(dev_t dev, __unused int flags, __unused int fmt, __unused struct proc *p * in the same lockin context otherwise the device may be leaked because the vnode use count * will be unpextectly greater than 1 when close() is called. */ - if (bpf_dtab[minor(dev)] == 0) + if (bpf_dtab[minor(dev)] == 0) { bpf_dtab[minor(dev)] = (void *)1; /* Mark opening */ - else + } else { + lck_mtx_unlock(bpf_mlock); return (EBUSY); - + } d = (struct bpf_d *)_MALLOC(sizeof(struct bpf_d), M_DEVBUF, M_WAIT); if (d == NULL) { /* this really is a catastrophic failure */ printf("bpfopen: malloc bpf_d failed\n"); - bpf_dtab[minor(dev)] = 0; + bpf_dtab[minor(dev)] = NULL; + lck_mtx_unlock(bpf_mlock); return ENOMEM; } bzero(d, sizeof(struct bpf_d)); @@ -563,7 +603,12 @@ bpfopen(dev_t dev, __unused int flags, __unused int fmt, __unused struct proc *p d->bd_bufsize = bpf_bufsize; d->bd_sig = SIGIO; d->bd_seesent = 1; +#if CONFIG_MACF_NET + mac_bpfdesc_label_init(d); + mac_bpfdesc_label_associate(kauth_cred_get(), d); +#endif bpf_dtab[minor(dev)] = d; /* Mark opened */ + lck_mtx_unlock(bpf_mlock); return (0); } @@ -573,29 +618,34 @@ bpfopen(dev_t dev, __unused int flags, __unused int fmt, __unused struct proc *p * deallocating its buffers, and marking it free. */ /* ARGSUSED */ - int -bpfclose(dev_t dev, __unused int flags, __unused int fmt, __unused struct proc *p) +int +bpfclose(dev_t dev, __unused int flags, __unused int fmt, + __unused struct proc *p) { - register struct bpf_d *d; + struct bpf_d *d; + + /* Take BPF lock to ensure no other thread is using the device */ + lck_mtx_lock(bpf_mlock); d = bpf_dtab[minor(dev)]; - if (d == 0 || d == (void *)1) + if (d == 0 || d == (void *)1) { + lck_mtx_unlock(bpf_mlock); return (ENXIO); - + } bpf_dtab[minor(dev)] = (void *)1; /* Mark closing */ - /* Take BPF lock to ensure no other thread is using the device */ - lck_mtx_lock(bpf_mlock); - if (d->bd_bif) bpf_detachd(d); selthreadclear(&d->bd_sel); +#if CONFIG_MACF_NET + mac_bpfdesc_label_destroy(d); +#endif bpf_freed(d); + /* Mark free in same context as bpfopen comes to check */ + bpf_dtab[minor(dev)] = NULL; /* Mark closed */ lck_mtx_unlock(bpf_mlock); - /* Mark free in same context as bpfopen comes to check */ - bpf_dtab[minor(dev)] = 0; /* Mark closed */ _FREE(d, M_DEVBUF); return (0); @@ -607,7 +657,7 @@ bpfclose(dev_t dev, __unused int flags, __unused int fmt, __unused struct proc * static int bpf_sleep(struct bpf_d *d, int pri, const char *wmesg, int timo) { - register int st; + int st; lck_mtx_unlock(bpf_mlock); @@ -628,22 +678,23 @@ bpf_sleep(struct bpf_d *d, int pri, const char *wmesg, int timo) (d)->bd_hlen = (d)->bd_slen; \ (d)->bd_sbuf = (d)->bd_fbuf; \ (d)->bd_slen = 0; \ - (d)->bd_fbuf = 0; + (d)->bd_fbuf = NULL; /* * bpfread - read next chunk of packets from buffers */ - int +int bpfread(dev_t dev, struct uio *uio, int ioflag) { - register struct bpf_d *d; + struct bpf_d *d; int error; - int s; + + lck_mtx_lock(bpf_mlock); d = bpf_dtab[minor(dev)]; - if (d == 0 || d == (void *)1) + if (d == 0 || d == (void *)1) { + lck_mtx_unlock(bpf_mlock); return (ENXIO); - - lck_mtx_lock(bpf_mlock); + } /* @@ -656,7 +707,6 @@ bpfread(dev_t dev, struct uio *uio, int ioflag) return (EINVAL); } - s = splimp(); /* * If the hold buffer is empty, then do a timed sleep, which * ends when the timeout expires or when enough packets @@ -680,7 +730,6 @@ bpfread(dev_t dev, struct uio *uio, int ioflag) * it before using it again. */ if (d->bd_bif == NULL) { - splx(s); lck_mtx_unlock(bpf_mlock); return (ENXIO); } @@ -690,8 +739,15 @@ bpfread(dev_t dev, struct uio *uio, int ioflag) else error = BPF_SLEEP(d, PRINET|PCATCH, "bpf", d->bd_rtout); + /* + * Make sure device is still opened + */ + d = bpf_dtab[minor(dev)]; + if (d == 0 || d == (void *)1) { + lck_mtx_unlock(bpf_mlock); + return (ENXIO); + } if (error == EINTR || error == ERESTART) { - splx(s); lck_mtx_unlock(bpf_mlock); return (error); } @@ -710,7 +766,6 @@ bpfread(dev_t dev, struct uio *uio, int ioflag) break; if (d->bd_slen == 0) { - splx(s); lck_mtx_unlock(bpf_mlock); return (0); } @@ -721,7 +776,6 @@ bpfread(dev_t dev, struct uio *uio, int ioflag) /* * At this point, we know we have something in the hold slot. */ - splx(s); /* * Move data from hold buffer into user space. @@ -730,11 +784,9 @@ bpfread(dev_t dev, struct uio *uio, int ioflag) */ error = UIOMOVE(d->bd_hbuf, d->bd_hlen, UIO_READ, uio); - s = splimp(); d->bd_fbuf = d->bd_hbuf; - d->bd_hbuf = 0; + d->bd_hbuf = NULL; d->bd_hlen = 0; - splx(s); lck_mtx_unlock(bpf_mlock); return (error); } @@ -748,7 +800,7 @@ bpf_wakeup(struct bpf_d *d) { wakeup((caddr_t)d); if (d->bd_async && d->bd_sig && d->bd_sigio) - pgsigio(d->bd_sigio, d->bd_sig, 0); + pgsigio(d->bd_sigio, d->bd_sig); #if BSD >= 199103 selwakeup(&d->bd_sel); @@ -768,55 +820,73 @@ bpf_wakeup(struct bpf_d *d) /* keep in sync with bpf_movein above: */ #define MAX_DATALINK_HDR_LEN (sizeof(struct firewire_header)) - int +int bpfwrite(dev_t dev, struct uio *uio, __unused int ioflag) { - register struct bpf_d *d; + struct bpf_d *d; struct ifnet *ifp; - struct mbuf *m; + struct mbuf *m = NULL; int error; char dst_buf[SOCKADDR_HDR_LEN + MAX_DATALINK_HDR_LEN]; int datlen; + lck_mtx_lock(bpf_mlock); + d = bpf_dtab[minor(dev)]; - if (d == 0 || d == (void *)1) + if (d == 0 || d == (void *)1) { + lck_mtx_unlock(bpf_mlock); return (ENXIO); - - lck_mtx_lock(bpf_mlock); - + } if (d->bd_bif == 0) { lck_mtx_unlock(bpf_mlock); - return (ENXIO); + return (ENXIO); } ifp = d->bd_bif->bif_ifp; if (uio->uio_resid == 0) { lck_mtx_unlock(bpf_mlock); - return (0); + return (0); } ((struct sockaddr *)dst_buf)->sa_len = sizeof(dst_buf); error = bpf_movein(uio, (int)d->bd_bif->bif_dlt, &m, - d->bd_hdrcmplt ? 0 : (struct sockaddr *)dst_buf, &datlen); + d->bd_hdrcmplt ? NULL : (struct sockaddr *)dst_buf, + &datlen); if (error) { lck_mtx_unlock(bpf_mlock); - return (error); + return (error); } if ((unsigned)datlen > ifp->if_mtu) { lck_mtx_unlock(bpf_mlock); - return (EMSGSIZE); + m_freem(m); + return (EMSGSIZE); + } + + if ((error = ifp_use(ifp, kIfNetUseCount_MustNotBeZero)) != 0) { + lck_mtx_unlock(bpf_mlock); + m_freem(m); + return (error); } +#if CONFIG_MACF_NET + mac_mbuf_label_associate_bpfdesc(d, m); +#endif lck_mtx_unlock(bpf_mlock); if (d->bd_hdrcmplt) { - error = dlil_output(ifp, 0, m, NULL, NULL, 1); + if (d->bd_bif->bif_send) + error = d->bd_bif->bif_send(ifp, d->bd_bif->bif_dlt, m); + else + error = dlil_output(ifp, 0, m, NULL, NULL, 1); } else { error = dlil_output(ifp, PF_INET, m, NULL, (struct sockaddr *)dst_buf, 0); } + if (ifp_unuse(ifp) != 0) + ifp_use_reached_zero(ifp); + /* * The driver frees the mbuf. */ @@ -825,7 +895,7 @@ bpfwrite(dev_t dev, struct uio *uio, __unused int ioflag) /* * Reset a descriptor by flushing its packet buffer and clearing the - * receive and drop counts. Should be called at splimp. + * receive and drop counts. */ static void reset_d(struct bpf_d *d) @@ -833,7 +903,7 @@ reset_d(struct bpf_d *d) if (d->bd_hbuf) { /* Free the hold buffer. */ d->bd_fbuf = d->bd_hbuf; - d->bd_hbuf = 0; + d->bd_hbuf = NULL; } d->bd_slen = 0; d->bd_hlen = 0; @@ -863,16 +933,19 @@ reset_d(struct bpf_d *d) */ /* ARGSUSED */ int -bpfioctl(dev_t dev, u_long cmd, caddr_t addr, __unused int flags, struct proc *p) +bpfioctl(dev_t dev, u_long cmd, caddr_t addr, __unused int flags, + __unused struct proc *p) { - register struct bpf_d *d; - int s, error = 0; + struct bpf_d *d; + int error = 0; + + lck_mtx_lock(bpf_mlock); d = bpf_dtab[minor(dev)]; - if (d == 0 || d == (void *)1) + if (d == 0 || d == (void *)1) { + lck_mtx_unlock(bpf_mlock); return (ENXIO); - - lck_mtx_lock(bpf_mlock); + } switch (cmd) { @@ -887,11 +960,9 @@ bpfioctl(dev_t dev, u_long cmd, caddr_t addr, __unused int flags, struct proc *p { int n; - s = splimp(); n = d->bd_slen; if (d->bd_hbuf) n += d->bd_hlen; - splx(s); *(int *)addr = n; break; @@ -905,7 +976,7 @@ bpfioctl(dev_t dev, u_long cmd, caddr_t addr, __unused int flags, struct proc *p error = EINVAL; else { ifp = d->bd_bif->bif_ifp; - error = dlil_ioctl(0, ifp, cmd, addr); + error = ifnet_ioctl(ifp, 0, cmd, addr); } break; } @@ -927,7 +998,7 @@ bpfioctl(dev_t dev, u_long cmd, caddr_t addr, __unused int flags, struct proc *p if (d->bd_bif != 0) error = EINVAL; else { - register u_int size = *(u_int *)addr; + u_int size = *(u_int *)addr; if (size > bpf_maxbufsize) *(u_int *)addr = size = bpf_maxbufsize; @@ -941,28 +1012,29 @@ bpfioctl(dev_t dev, u_long cmd, caddr_t addr, __unused int flags, struct proc *p /* * Set link layer read filter. */ - case BIOCSETF: - if (proc_is64bit(p)) { - error = bpf_setf(d, (struct user_bpf_program *)addr); + case BIOCSETF64: + case BIOCSETF: { + if (proc_is64bit(current_proc())) { + struct bpf_program64 * prg64; + + prg64 = (struct bpf_program64 *)addr; + error = bpf_setf(d, prg64->bf_len, + prg64->bf_insns); } else { - struct bpf_program * tmpp; - struct user_bpf_program tmp; - - tmpp = (struct bpf_program *)addr; - tmp.bf_len = tmpp->bf_len; - tmp.bf_insns = CAST_USER_ADDR_T(tmpp->bf_insns); - error = bpf_setf(d, &tmp); + struct bpf_program * prg; + + prg = (struct bpf_program *)addr; + error = bpf_setf(d, prg->bf_len, + CAST_USER_ADDR_T(prg->bf_insns)); } break; - + } /* * Flush read packet buffer. */ case BIOCFLUSH: - s = splimp(); reset_d(d); - splx(s); break; /* @@ -976,13 +1048,13 @@ bpfioctl(dev_t dev, u_long cmd, caddr_t addr, __unused int flags, struct proc *p error = EINVAL; break; } - s = splimp(); if (d->bd_promisc == 0) { + lck_mtx_unlock(bpf_mlock); error = ifnet_set_promiscuous(d->bd_bif->bif_ifp, 1); + lck_mtx_lock(bpf_mlock); if (error == 0) d->bd_promisc = 1; } - splx(s); break; /* @@ -995,6 +1067,26 @@ bpfioctl(dev_t dev, u_long cmd, caddr_t addr, __unused int flags, struct proc *p *(u_int *)addr = d->bd_bif->bif_dlt; break; + /* + * Get a list of supported data link types. + */ + case BIOCGDLTLIST: + if (d->bd_bif == NULL) + error = EINVAL; + else + error = bpf_getdltlist(d, (struct bpf_dltlist *)addr); + break; + + /* + * Set data link type. + */ + case BIOCSDLT: + if (d->bd_bif == NULL) + error = EINVAL; + else + error = bpf_setdlt(d, *(u_int *)addr); + break; + /* * Get interface name. */ @@ -1013,9 +1105,15 @@ bpfioctl(dev_t dev, u_long cmd, caddr_t addr, __unused int flags, struct proc *p /* * Set interface. */ - case BIOCSETIF: - error = bpf_setif(d, (struct ifreq *)addr); + case BIOCSETIF: { + ifnet_t ifp; + ifp = ifunit(((struct ifreq *)addr)->ifr_name); + if (ifp == NULL) + error = ENXIO; + else + error = bpf_setif(d, ifp, 0); break; + } /* * Set read timeout. @@ -1153,25 +1251,22 @@ bpfioctl(dev_t dev, u_long cmd, caddr_t addr, __unused int flags, struct proc *p * free it and replace it. Returns EINVAL for bogus requests. */ static int -bpf_setf(struct bpf_d *d, struct user_bpf_program *fp) +bpf_setf(struct bpf_d *d, u_int bf_len, user_addr_t bf_insns) { struct bpf_insn *fcode, *old; u_int flen, size; - int s; old = d->bd_filter; - if (fp->bf_insns == USER_ADDR_NULL) { - if (fp->bf_len != 0) + if (bf_insns == USER_ADDR_NULL) { + if (bf_len != 0) return (EINVAL); - s = splimp(); - d->bd_filter = 0; + d->bd_filter = NULL; reset_d(d); - splx(s); if (old != 0) FREE((caddr_t)old, M_DEVBUF); return (0); } - flen = fp->bf_len; + flen = bf_len; if (flen > BPF_MAXINSNS) return (EINVAL); @@ -1181,12 +1276,10 @@ bpf_setf(struct bpf_d *d, struct user_bpf_program *fp) if (fcode == NULL) return (ENOBUFS); #endif - if (copyin(fp->bf_insns, (caddr_t)fcode, size) == 0 && + if (copyin(bf_insns, (caddr_t)fcode, size) == 0 && bpf_validate(fcode, (int)flen)) { - s = splimp(); d->bd_filter = fcode; reset_d(d); - splx(s); if (old != 0) FREE((caddr_t)old, M_DEVBUF); @@ -1202,23 +1295,18 @@ bpf_setf(struct bpf_d *d, struct user_bpf_program *fp) * Return an errno or 0. */ static int -bpf_setif(struct bpf_d *d, struct ifreq *ifr) +bpf_setif(struct bpf_d *d, ifnet_t theywant, u_int32_t dlt) { struct bpf_if *bp; - int s, error; - struct ifnet *theywant; - - theywant = ifunit(ifr->ifr_name); - if (theywant == 0) - return ENXIO; - + int error; + /* * Look through attached interfaces for the named one. */ for (bp = bpf_iflist; bp != 0; bp = bp->bif_next) { struct ifnet *ifp = bp->bif_ifp; - if (ifp == 0 || ifp != theywant) + if (ifp == 0 || ifp != theywant || (dlt != 0 && dlt != bp->bif_dlt)) continue; /* * We found the requested interface. @@ -1235,7 +1323,6 @@ bpf_setif(struct bpf_d *d, struct ifreq *ifr) if (error != 0) return (error); } - s = splimp(); if (bp != d->bd_bif) { if (d->bd_bif) /* @@ -1243,16 +1330,102 @@ bpf_setif(struct bpf_d *d, struct ifreq *ifr) */ bpf_detachd(d); - bpf_attachd(d, bp); + if (bpf_attachd(d, bp) != 0) { + return ENXIO; + } } reset_d(d); - splx(s); return (0); } /* Not found. */ return (ENXIO); } + + +/* + * Get a list of available data link type of the interface. + */ +static int +bpf_getdltlist( + struct bpf_d *d, + struct bpf_dltlist *bfl) +{ + u_int n; + int error; + struct ifnet *ifp; + struct bpf_if *bp; + user_addr_t dlist; + + if (IS_64BIT_PROCESS(current_proc())) { + dlist = CAST_USER_ADDR_T(bfl->bfl_u.bflu_pad); + } + else { + dlist = CAST_USER_ADDR_T(bfl->bfl_u.bflu_list); + } + + ifp = d->bd_bif->bif_ifp; + n = 0; + error = 0; + for (bp = bpf_iflist; bp; bp = bp->bif_next) { + if (bp->bif_ifp != ifp) + continue; + if (dlist != 0) { + if (n >= bfl->bfl_len) { + return (ENOMEM); + } + error = copyout(&bp->bif_dlt, dlist, sizeof(bp->bif_dlt)); + dlist += sizeof(bp->bif_dlt); + } + n++; + } + bfl->bfl_len = n; + return (error); +} + +/* + * Set the data link type of a BPF instance. + */ +static int +bpf_setdlt(struct bpf_d *d, uint32_t dlt) + + +{ + int error, opromisc; + struct ifnet *ifp; + struct bpf_if *bp; + + if (d->bd_bif->bif_dlt == dlt) + return (0); + ifp = d->bd_bif->bif_ifp; + for (bp = bpf_iflist; bp; bp = bp->bif_next) { + if (bp->bif_ifp == ifp && bp->bif_dlt == dlt) + break; + } + if (bp != NULL) { + opromisc = d->bd_promisc; + bpf_detachd(d); + error = bpf_attachd(d, bp); + if (error) { + printf("bpf_setdlt: bpf_attachd %s%d failed (%d)\n", + ifnet_name(bp->bif_ifp), ifnet_unit(bp->bif_ifp), error); + return error; + } + reset_d(d); + if (opromisc) { + lck_mtx_unlock(bpf_mlock); + error = ifnet_set_promiscuous(bp->bif_ifp, 1); + lck_mtx_lock(bpf_mlock); + if (error) + printf("bpf_setdlt: ifpromisc %s%d failed (%d)\n", + ifnet_name(bp->bif_ifp), ifnet_unit(bp->bif_ifp), error); + else + d->bd_promisc = 1; + } + } + return (bp == NULL ? EINVAL : 0); +} + /* * Support for select() and poll() system calls * @@ -1262,15 +1435,16 @@ bpf_setif(struct bpf_d *d, struct ifreq *ifr) int bpfpoll(dev_t dev, int events, void * wql, struct proc *p) { - register struct bpf_d *d; - register int s; + struct bpf_d *d; int revents = 0; + lck_mtx_lock(bpf_mlock); + d = bpf_dtab[minor(dev)]; - if (d == 0 || d == (void *)1) + if (d == 0 || d == (void *)1) { + lck_mtx_unlock(bpf_mlock); return (ENXIO); - - lck_mtx_lock(bpf_mlock); + } /* * An imitation of the FIONREAD ioctl code. @@ -1280,52 +1454,26 @@ bpfpoll(dev_t dev, int events, void * wql, struct proc *p) return (ENXIO); } - s = splimp(); if (events & (POLLIN | POLLRDNORM)) { if (d->bd_hlen != 0 || (d->bd_immediate && d->bd_slen != 0)) revents |= events & (POLLIN | POLLRDNORM); else selrecord(p, &d->bd_sel, wql); } - splx(s); lck_mtx_unlock(bpf_mlock); return (revents); } -/* - * Incoming linkage from device drivers. Process the packet pkt, of length - * pktlen, which is stored in a contiguous buffer. The packet is parsed - * by each process' filter, and if accepted, stashed into the corresponding - * buffer. - */ -void -bpf_tap(struct ifnet *ifp, u_char *pkt, u_int pktlen) -{ - struct bpf_if *bp; - register struct bpf_d *d; - register u_int slen; - /* - * Note that the ipl does not have to be raised at this point. - * The only problem that could arise here is that if two different - * interfaces shared any data. This is not the case. - */ - lck_mtx_lock(bpf_mlock); +static inline void* +_cast_non_const(const void * ptr) { + union { + const void* cval; + void* val; + } ret; - bp = ifp->if_bpf; -#ifdef __APPLE__ - if (bp) { -#endif - for (d = bp->bif_dlist; d != 0; d = d->bd_next) { - ++d->bd_rcount; - slen = bpf_filter(d->bd_filter, pkt, pktlen, pktlen); - if (slen != 0) - catchpacket(d, pkt, pktlen, slen, bcopy); - } -#ifdef __APPLE__ - } - lck_mtx_unlock(bpf_mlock); -#endif + ret.cval = ptr; + return (ret.val); } /* @@ -1335,55 +1483,135 @@ bpf_tap(struct ifnet *ifp, u_char *pkt, u_int pktlen) static void bpf_mcopy(const void *src_arg, void *dst_arg, size_t len) { - const struct mbuf *m; + struct mbuf *m = _cast_non_const(src_arg); u_int count; u_char *dst; - m = src_arg; dst = dst_arg; while (len > 0) { if (m == 0) panic("bpf_mcopy"); count = min(m->m_len, len); - bcopy(mtod(m, const void *), dst, count); + bcopy(mbuf_data(m), dst, count); m = m->m_next; dst += count; len -= count; } } -/* - * Incoming linkage from device drivers, when packet is in an mbuf chain. - */ -void -bpf_mtap(struct ifnet *ifp, struct mbuf *m) +static inline void +bpf_tap_imp( + ifnet_t ifp, + u_int32_t dlt, + mbuf_t m, + void* hdr, + size_t hlen, + int outbound) { struct bpf_if *bp; - struct bpf_d *d; - u_int pktlen, slen; - struct mbuf *m0; + /* + * It's possible that we get here after the bpf descriptor has been + * detached from the interface; in such a case we simply return. + * Lock ordering is important since we can be called asynchronously + * (from the IOKit) to process an inbound packet; when that happens + * we would have been holding its "gateLock" and will be acquiring + * "bpf_mlock" upon entering this routine. Due to that, we release + * "bpf_mlock" prior to calling ifnet_set_promiscuous (which will + * acquire "gateLock" in the IOKit), in order to avoid a deadlock + * when a ifnet_set_promiscuous request simultaneously collides with + * an inbound packet being passed into the tap callback. + */ lck_mtx_lock(bpf_mlock); - + if (ifp->if_bpf == NULL) { + lck_mtx_unlock(bpf_mlock); + return; + } bp = ifp->if_bpf; - if (bp) { - pktlen = 0; - for (m0 = m; m0 != 0; m0 = m0->m_next) - pktlen += m0->m_len; - - for (d = bp->bif_dlist; d != 0; d = d->bd_next) { - if (!d->bd_seesent && (m->m_pkthdr.rcvif == NULL)) + for (bp = ifp->if_bpf; bp && bp->bif_ifp == ifp && + (dlt != 0 && bp->bif_dlt != dlt); bp = bp->bif_next) + ; + if (bp && bp->bif_ifp == ifp && bp->bif_dlist != NULL) { + struct bpf_d *d; + struct m_hdr hack_hdr; + u_int pktlen = 0; + u_int slen = 0; + struct mbuf *m0; + + if (hdr) { + /* + * This is gross. We mock up an mbuf that points to the + * header buffer. This means we don't have to copy the + * header. A number of interfaces prepended headers just + * for bpf by allocating an mbuf on the stack. We want to + * give developers an easy way to prepend a header for bpf. + * Since a developer allocating an mbuf on the stack is bad, + * we do even worse here, allocating only a header to point + * to a buffer the developer supplied. This makes assumptions + * that bpf_filter and catchpacket will not look at anything + * in the mbuf other than the header. This was true at the + * time this code was written. + */ + hack_hdr.mh_next = m; + hack_hdr.mh_nextpkt = NULL; + hack_hdr.mh_len = hlen; + hack_hdr.mh_data = hdr; + hack_hdr.mh_type = m->m_type; + hack_hdr.mh_flags = 0; + + m = (mbuf_t)&hack_hdr; + } + + for (m0 = m; m0 != 0; m0 = m0->m_next) + pktlen += m0->m_len; + + for (d = bp->bif_dlist; d; d = d->bd_next) { + if (outbound && !d->bd_seesent) continue; ++d->bd_rcount; slen = bpf_filter(d->bd_filter, (u_char *)m, pktlen, 0); - if (slen != 0) + if (slen != 0) { +#if CONFIG_MACF_NET + if (mac_bpfdesc_check_receive(d, bp->bif_ifp) != 0) + continue; +#endif catchpacket(d, (u_char *)m, pktlen, slen, bpf_mcopy); + } } } - lck_mtx_unlock(bpf_mlock); } +void +bpf_tap_out( + ifnet_t ifp, + u_int32_t dlt, + mbuf_t m, + void* hdr, + size_t hlen) +{ + bpf_tap_imp(ifp, dlt, m, hdr, hlen, 1); +} + +void +bpf_tap_in( + ifnet_t ifp, + u_int32_t dlt, + mbuf_t m, + void* hdr, + size_t hlen) +{ + bpf_tap_imp(ifp, dlt, m, hdr, hlen, 0); +} + +/* Callback registered with Ethernet driver. */ +static int bpf_tap_callback(struct ifnet *ifp, struct mbuf *m) +{ + bpf_tap_imp(ifp, 0, m, NULL, 0, mbuf_pkthdr_rcvif(m) == NULL); + + return 0; +} + /* * Move the packet data from interface memory (pkt) into the * store buffer. Return 1 if it's time to wakeup a listener (buffer full), @@ -1396,9 +1624,9 @@ static void catchpacket(struct bpf_d *d, u_char *pkt, u_int pktlen, u_int snaplen, void (*cpfn)(const void *, void *, size_t)) { - register struct bpf_hdr *hp; - register int totlen, curlen; - register int hdrlen = d->bd_bif->bif_hdrlen; + struct bpf_hdr *hp; + int totlen, curlen; + int hdrlen = d->bd_bif->bif_hdrlen; /* * Figure out how many bytes to move. If the packet is * greater or equal to the snapshot length, transfer that @@ -1442,13 +1670,7 @@ catchpacket(struct bpf_d *d, u_char *pkt, u_int pktlen, u_int snaplen, * Append the bpf header. */ hp = (struct bpf_hdr *)(d->bd_sbuf + curlen); -#if BSD >= 199103 microtime(&hp->bh_tstamp); -#elif defined(sun) - uniqtime(&hp->bh_tstamp); -#else - hp->bh_tstamp = time; -#endif hp->bh_datalen = pktlen; hp->bh_hdrlen = hdrlen; /* @@ -1509,32 +1731,72 @@ bpf_freed(struct bpf_d *d) void bpfattach(struct ifnet *ifp, u_int dlt, u_int hdrlen) { - struct bpf_if *bp; - bp = (struct bpf_if *) _MALLOC(sizeof(*bp), M_DEVBUF, M_WAIT); - if (bp == 0) + bpf_attach(ifp, dlt, hdrlen, NULL, NULL); +} + +errno_t +bpf_attach( + ifnet_t ifp, + u_int32_t dlt, + u_int32_t hdrlen, + bpf_send_func send, + bpf_tap_func tap) +{ + struct bpf_if *bp_new; + struct bpf_if *bp_temp; + struct bpf_if *bp_first = NULL; + + bp_new = (struct bpf_if *) _MALLOC(sizeof(*bp_new), M_DEVBUF, M_WAIT); + if (bp_new == 0) panic("bpfattach"); lck_mtx_lock(bpf_mlock); - bp->bif_dlist = 0; - bp->bif_ifp = ifp; - bp->bif_dlt = dlt; - - bp->bif_next = bpf_iflist; - bpf_iflist = bp; - - bp->bif_ifp->if_bpf = 0; - + /* + * Check if this interface/dlt is already attached, record first + * attachment for this interface. + */ + for (bp_temp = bpf_iflist; bp_temp && (bp_temp->bif_ifp != ifp || + bp_temp->bif_dlt != dlt); bp_temp = bp_temp->bif_next) { + if (bp_temp->bif_ifp == ifp && bp_first == NULL) + bp_first = bp_temp; + } + + if (bp_temp != NULL) { + printf("bpfattach - %s%d with dlt %d is already attached\n", + ifp->if_name, ifp->if_unit, dlt); + FREE(bp_new, M_DEVBUF); + lck_mtx_unlock(bpf_mlock); + return EEXIST; + } + + bzero(bp_new, sizeof(*bp_new)); + bp_new->bif_ifp = ifp; + bp_new->bif_dlt = dlt; + bp_new->bif_send = send; + bp_new->bif_tap = tap; + + if (bp_first == NULL) { + /* No other entries for this ifp */ + bp_new->bif_next = bpf_iflist; + bpf_iflist = bp_new; + } + else { + /* Add this after the first entry for this interface */ + bp_new->bif_next = bp_first->bif_next; + bp_first->bif_next = bp_new; + } + /* * Compute the length of the bpf header. This is not necessarily * equal to SIZEOF_BPF_HDR because we want to insert spacing such * that the network layer header begins on a longword boundary (for * performance reasons and to alleviate alignment restrictions). */ - bp->bif_hdrlen = BPF_WORDALIGN(hdrlen + SIZEOF_BPF_HDR) - hdrlen; + bp_new->bif_hdrlen = BPF_WORDALIGN(hdrlen + SIZEOF_BPF_HDR) - hdrlen; /* Take a reference on the interface */ - ifp_reference(ifp); + ifnet_reference(ifp); lck_mtx_unlock(bpf_mlock); @@ -1542,6 +1804,8 @@ bpfattach(struct ifnet *ifp, u_int dlt, u_int hdrlen) if (bootverbose) printf("bpf: %s%d attached\n", ifp->if_name, ifp->if_unit); #endif + + return 0; } /* @@ -1553,57 +1817,43 @@ bpfattach(struct ifnet *ifp, u_int dlt, u_int hdrlen) void bpfdetach(struct ifnet *ifp) { - struct bpf_if *bp, *bp_prev; + struct bpf_if *bp, *bp_prev, *bp_next; + struct bpf_if *bp_free = NULL; struct bpf_d *d; - int s; - s = splimp(); lck_mtx_lock(bpf_mlock); /* Locate BPF interface information */ bp_prev = NULL; - for (bp = bpf_iflist; bp != NULL; bp = bp->bif_next) { - if (ifp == bp->bif_ifp) - break; - bp_prev = bp; - } - -#ifdef __APPLE__ - /* Check for no BPF interface information */ - if (bp == NULL) { - return; - } -#endif - - /* Interface wasn't attached */ - if (bp->bif_ifp == NULL) { - splx(s); -#ifndef __APPLE__ - printf("bpfdetach: %s%d was not attached\n", ifp->if_name, - ifp->if_unit); -#endif - return; - } - - while ((d = bp->bif_dlist) != NULL) { - bpf_detachd(d); - bpf_wakeup(d); + for (bp = bpf_iflist; bp != NULL; bp = bp_next) { + bp_next = bp->bif_next; + if (ifp != bp->bif_ifp) { + bp_prev = bp; + continue; + } + + while ((d = bp->bif_dlist) != NULL) { + bpf_detachd(d); + bpf_wakeup(d); + } + + if (bp_prev) { + bp_prev->bif_next = bp->bif_next; + } else { + bpf_iflist = bp->bif_next; + } + + bp->bif_next = bp_free; + bp_free = bp; + + ifnet_release(ifp); } - if (bp_prev) { - bp_prev->bif_next = bp->bif_next; - } else { - bpf_iflist = bp->bif_next; - } - - ifp_release(ifp); - lck_mtx_unlock(bpf_mlock); FREE(bp, M_DEVBUF); - splx(s); } void @@ -1641,10 +1891,10 @@ bpf_init(__unused void *unused) if (bpf_mlock_grp_attr) lck_grp_attr_free(bpf_mlock_grp_attr); - bpf_mlock = 0; - bpf_mlock_attr = 0; - bpf_mlock_grp = 0; - bpf_mlock_grp_attr = 0; + bpf_mlock = NULL; + bpf_mlock_attr = NULL; + bpf_mlock_grp = NULL; + bpf_mlock_grp_attr = NULL; bpf_devsw_installed = 0; printf("bpf_init: failed to allocate a major number!\n"); return; @@ -1662,51 +1912,18 @@ bpf_init(__unused void *unused) SYSINIT(bpfdev,SI_SUB_DRIVERS,SI_ORDER_MIDDLE+CDEV_MAJOR,bpf_drvinit,NULL) #endif -#else /* !BPF */ -#ifndef __APPLE__ -/* - * NOP stubs to allow bpf-using drivers to load and function. - * - * A 'better' implementation would allow the core bpf functionality - * to be loaded at runtime. - */ - -void -bpf_tap(ifp, pkt, pktlen) - struct ifnet *ifp; - register u_char *pkt; - register u_int pktlen; +#if CONFIG_MACF_NET +struct label * +mac_bpfdesc_label_get(struct bpf_d *d) { -} -void -bpf_mtap(ifp, m) - struct ifnet *ifp; - struct mbuf *m; -{ + return (d->bd_label); } void -bpfattach(ifp, dlt, hdrlen) - struct ifnet *ifp; - u_int dlt, hdrlen; +mac_bpfdesc_label_set(struct bpf_d *d, struct label *label) { -} -void -bpfdetach(ifp) - struct ifnet *ifp; -{ + d->bd_label = label; } - -u_int -bpf_filter(pc, p, wirelen, buflen) - register const struct bpf_insn *pc; - register u_char *p; - u_int wirelen; - register u_int buflen; -{ - return -1; /* "no filter" behaviour */ -} -#endif /* !defined(__APPLE__) */ -#endif /* NBPFILTER > 0 */ +#endif