d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
a779c60ce0
freebsd-skq/sys/net/bpf.c

2152 lines
47 KiB
C
Raw Normal View History

/* -> /*- for license, minor formatting changes
2005-01-07 01:45:51 +00:00
/*-
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
* Copyright (c) 1990, 1991, 1993
* The Regents of the University of California. All rights reserved.
*
* This code is derived from the Stanford/CMU enet packet filter,
* (net/enet.c) distributed as part of 4.3BSD, and code contributed
Remove trailing whitespace.
1995-05-30 08:16:23 +00:00
* to Berkeley by Steven McCanne and Van Jacobson both of Lawrence
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
* Berkeley Laboratory.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 4. Neither the name of the University nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
Record the fact that revision 1.39 corresponded to CSRG revision 8.4, and first hunk of revision 1.76 corresponded to CSRG revision 8.3.
2001-10-17 10:18:42 +00:00
* @(#)bpf.c 8.4 (Berkeley) 1/9/95
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
*/
Use __FBSDID() in the kernel BPF implementation. MFC after: 3 days
2007-12-25 13:24:02 +00:00
#include <sys/cdefs.h>
__FBSDID("$FreeBSD$");
Supply a stub bpf_validate() (always returning false - the script is not valid) if BPF is missing. The netgraph_bpf node forced bpf to be present, reflect that in the options. Stop doing a 'count bpf' - we provide stubs. Since a handful of drivers still refer to "bpf.h", provide a more accurate indication that the API is present always. (eg: netinet6)
2001-01-29 13:26:14 +00:00
#include "opt_bpf.h"
Introduce support for Mandatory Access Control and extensible kernel access control. Instrument BPF so that MAC labels are properly maintained on BPF descriptors. MAC framework entry points are invoked at BPF instantiation and allocation, permitting the MAC framework to derive the BPF descriptor label from the credential authorizing the device open. Also enter the MAC framework to label mbufs created using the BPF device. Obtained from: TrustedBSD Project Sponsored by: DARPA, NAI Labs
2002-07-31 16:09:38 +00:00
#include "opt_mac.h"
Supply a stub bpf_validate() (always returning false - the script is not valid) if BPF is missing. The netgraph_bpf node forced bpf to be present, reflect that in the options. Stop doing a 'count bpf' - we provide stubs. Since a handful of drivers still refer to "bpf.h", provide a more accurate indication that the API is present always. (eg: netinet6)
2001-01-29 13:26:14 +00:00
#include "opt_netgraph.h"
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
add support for using kqueue to watch bpf sockets. Submitted by: Brian Buchanan of nCircle, Inc. Tested on: i386 and sparc64
2003-08-05 07:12:49 +00:00
#include <sys/types.h>
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
#include <sys/param.h>
#include <sys/systm.h>
Completed function declarations and/or added prototypes.
1995-12-02 19:38:06 +00:00
#include <sys/conf.h>
Include fcntl.h Check O_NONBLOCK instead of IO_NDELAY Include uio.h Don't include vnode.h Don't include filedesc.h
2004-12-22 17:37:57 +00:00
#include <sys/fcntl.h>
Added used #include - don't depend on <sys/mbuf.h> including <sys/malloc.h> (unless we only use the bogusly shared M*WAIT flags).
1997-09-02 01:19:47 +00:00
#include <sys/malloc.h>
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
#include <sys/mbuf.h>
#include <sys/time.h>
Sweep kernel replacing suser(9) calls with priv(9) calls, assigning specific privilege names to a broad range of privileges. These may require some future tweaking. Sponsored by: nCircle Network Security, Inc. Obtained from: TrustedBSD Project Discussed on: arch@ Reviewed (at least in part) by: mlaier, jmg, pjd, bde, ceri, Alex Lyashkov <umka at sevcity dot net>, Skip Ford <skip dot ford at verizon dot net>, Antoine Brodin <antoine dot brodin at laposte dot net>
2006-11-06 13:42:10 +00:00
#include <sys/priv.h>
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
#include <sys/proc.h>
Replaced #includes of <sys/user.h> by less gross headers, usually <sys/vm.h>. Many device drivers need only the definition of vtophys() from vm. Added nearby #includes of <sys/conf.h> where appropriate.
1995-12-06 23:52:35 +00:00
#include <sys/signalvar.h>
Don't include <sys/ioctl.h> in the kernel. Stage 6: include <sys/filio.h>, <sys/sockio.h> and <sys/ttycom.h> instead of <sys/ioctl.h> in a couple of files. This is still only 1/3 as spammish as <sys/ioctl.h> - 5 or 6 old tty ioctl headers aren't needed.
1997-03-24 12:12:36 +00:00
#include <sys/filio.h>
#include <sys/sockio.h>
#include <sys/ttycom.h>
Include fcntl.h Check O_NONBLOCK instead of IO_NDELAY Include uio.h Don't include vnode.h Don't include filedesc.h
2004-12-22 17:37:57 +00:00
#include <sys/uio.h>
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
add support for using kqueue to watch bpf sockets. Submitted by: Brian Buchanan of nCircle, Inc. Tested on: i386 and sparc64
2003-08-05 07:12:49 +00:00
#include <sys/event.h>
#include <sys/file.h>
select -> poll Obtained from: NetBSD (I think)
1997-09-14 03:03:05 +00:00
#include <sys/poll.h>
add support for using kqueue to watch bpf sockets. Submitted by: Brian Buchanan of nCircle, Inc. Tested on: i386 and sparc64
2003-08-05 07:12:49 +00:00
#include <sys/proc.h>
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
#include <sys/socket.h>
Removed unused #includes. Fixed nonblocking mode. It was per-device instead of per-file. This also fixes clobbering of bd_rtout by overloading it to hold a wrong version of the blocking flag. I hope nothing depends on the bugs.
1997-11-18 16:29:53 +00:00
#include <net/if.h>
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
#include <net/bpf.h>
Introduce support for zero-copy BPF buffering, which reduces the overhead of packet capture by allowing a user process to directly "loan" buffer memory to the kernel rather than using read(2) to explicitly copy data from kernel address space. The user process will issue new BPF ioctls to set the shared memory buffer mode and provide pointers to buffers and their size. The kernel then wires and maps the pages into kernel address space using sf_buf(9), which on supporting architectures will use the direct map region. The current "buffered" access mode remains the default, and support for zero-copy buffers must, for the time being, be explicitly enabled using a sysctl for the kernel to accept requests to use it. The kernel and user process synchronize use of the buffers with atomic operations, avoiding the need for system calls under load; the user process may use select()/poll()/kqueue() to manage blocking while waiting for network data if the user process is able to consume data faster than the kernel generates it. Patchs to libpcap are available to allow libpcap applications to transparently take advantage of this support. Detailed information on the new API may be found in bpf(4), including specific atomic operations and memory barriers required to synchronize buffer use safely. These changes modify the base BPF implementation to (roughly) abstrac the current buffer model, allowing the new shared memory model to be added, and add new monitoring statistics for netstat to print. The implementation, with the exception of some monitoring hanges that break the netstat monitoring ABI for BPF, will be MFC'd. Zerocopy bpf buffers are still considered experimental are disabled by default. To experiment with this new facility, adjust the net.bpf.zerocopy_enable sysctl variable to 1. Changes to libpcap will be made available as a patch for the time being, and further refinements to the implementation are expected. Sponsored by: Seccuris Inc. In collaboration with: rwatson Tested by: pwood, gallatin MFC after: 4 months [1] [1] Certain portions will probably not be MFCed, specifically things that can break the monitoring ABI.
2008-03-24 13:49:17 +00:00
#include <net/bpf_buffer.h>
Add experimental BPF Just-In-Time compiler for amd64 and i386. Use the following kernel configuration option to enable: options BPF_JITTER If you want to use bpf_filter() instead (e. g., debugging), do: sysctl net.bpf.jitter.enable=0 to turn it off. Currently BIOCSETWF and bpf_mtap2() are unsupported, and bpf_mtap() is partially supported because 1) no need, 2) avoid expensive m_copydata(9). Obtained from: WinPcap 3.1 (for i386)
2005-12-06 02:58:12 +00:00
#ifdef BPF_JITTER
#include <net/bpf_jitter.h>
#endif
Introduce support for zero-copy BPF buffering, which reduces the overhead of packet capture by allowing a user process to directly "loan" buffer memory to the kernel rather than using read(2) to explicitly copy data from kernel address space. The user process will issue new BPF ioctls to set the shared memory buffer mode and provide pointers to buffers and their size. The kernel then wires and maps the pages into kernel address space using sf_buf(9), which on supporting architectures will use the direct map region. The current "buffered" access mode remains the default, and support for zero-copy buffers must, for the time being, be explicitly enabled using a sysctl for the kernel to accept requests to use it. The kernel and user process synchronize use of the buffers with atomic operations, avoiding the need for system calls under load; the user process may use select()/poll()/kqueue() to manage blocking while waiting for network data if the user process is able to consume data faster than the kernel generates it. Patchs to libpcap are available to allow libpcap applications to transparently take advantage of this support. Detailed information on the new API may be found in bpf(4), including specific atomic operations and memory barriers required to synchronize buffer use safely. These changes modify the base BPF implementation to (roughly) abstrac the current buffer model, allowing the new shared memory model to be added, and add new monitoring statistics for netstat to print. The implementation, with the exception of some monitoring hanges that break the netstat monitoring ABI for BPF, will be MFC'd. Zerocopy bpf buffers are still considered experimental are disabled by default. To experiment with this new facility, adjust the net.bpf.zerocopy_enable sysctl variable to 1. Changes to libpcap will be made available as a patch for the time being, and further refinements to the implementation are expected. Sponsored by: Seccuris Inc. In collaboration with: rwatson Tested by: pwood, gallatin MFC after: 4 months [1] [1] Certain portions will probably not be MFCed, specifically things that can break the monitoring ABI.
2008-03-24 13:49:17 +00:00
#include <net/bpf_zerocopy.h>
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
#include <net/bpfdesc.h>
#include <netinet/in.h>
#include <netinet/if_ether.h>
#include <sys/kernel.h>
Another mega commit to staticize things.
1995-12-14 09:55:16 +00:00
#include <sys/sysctl.h>
Make all file-system (MFS, FFS, NFS, LFS, DEVFS) related option new-style. This introduce an xxxFS_BOOT for each of the rootable filesystems. (Presently not required, but encouraged to allow a smooth move of option *FS to opt_dontuse.h later.) LFS is temporarily disabled, and will be re-enabled tomorrow.
1998-01-24 02:54:56 +00:00
add support for 802.11 packet injection via bpf Together with: Andrea Bittau <a.bittau@cs.ucl.ac.uk> Reviewed by: arch@ MFC after: 1 month
2006-07-26 03:15:16 +00:00
#include <net80211/ieee80211_freebsd.h>
Complete break-out of sys/sys/mac.h into sys/security/mac/mac_framework.h begun with a repo-copy of mac.h to mac_framework.h. sys/mac.h now contains the userspace and user<->kernel API and definitions, with all in-kernel interfaces moved to mac_framework.h, which is now included across most of the kernel instead. This change is the first step in a larger cleanup and sweep of MAC Framework interfaces in the kernel, and will not be MFC'd. Obtained from: TrustedBSD Project Sponsored by: SPARTA
2006-10-22 11:52:19 +00:00
#include <security/mac/mac_framework.h>
Introduce support for zero-copy BPF buffering, which reduces the overhead of packet capture by allowing a user process to directly "loan" buffer memory to the kernel rather than using read(2) to explicitly copy data from kernel address space. The user process will issue new BPF ioctls to set the shared memory buffer mode and provide pointers to buffers and their size. The kernel then wires and maps the pages into kernel address space using sf_buf(9), which on supporting architectures will use the direct map region. The current "buffered" access mode remains the default, and support for zero-copy buffers must, for the time being, be explicitly enabled using a sysctl for the kernel to accept requests to use it. The kernel and user process synchronize use of the buffers with atomic operations, avoiding the need for system calls under load; the user process may use select()/poll()/kqueue() to manage blocking while waiting for network data if the user process is able to consume data faster than the kernel generates it. Patchs to libpcap are available to allow libpcap applications to transparently take advantage of this support. Detailed information on the new API may be found in bpf(4), including specific atomic operations and memory barriers required to synchronize buffer use safely. These changes modify the base BPF implementation to (roughly) abstrac the current buffer model, allowing the new shared memory model to be added, and add new monitoring statistics for netstat to print. The implementation, with the exception of some monitoring hanges that break the netstat monitoring ABI for BPF, will be MFC'd. Zerocopy bpf buffers are still considered experimental are disabled by default. To experiment with this new facility, adjust the net.bpf.zerocopy_enable sysctl variable to 1. Changes to libpcap will be made available as a patch for the time being, and further refinements to the implementation are expected. Sponsored by: Seccuris Inc. In collaboration with: rwatson Tested by: pwood, gallatin MFC after: 4 months [1] [1] Certain portions will probably not be MFCed, specifically things that can break the monitoring ABI.
2008-03-24 13:49:17 +00:00
MALLOC_DEFINE(M_BPF, "BPF", "BPF data");
Pass 3 of the great devsw changes most devsw referenced functions are now static, as they are in the same file as their devsw structure. I've also added DEVFS support for nearly every device in the system, however many of the devices have 'incorrect' names under DEVFS because I couldn't quickly work out the correct naming conventions. (but devfs won't be coming on line for a month or so anyhow so that doesn't matter) If you "OWN" a device which would normally have an entry in /dev then search for the devfs_add_devsw() entries and munge to make them right.. check out similar devices to see what I might have done in them in you can't see what's going on.. for a laugh compare conf.c conf.h defore and after... :) I have not doen DEVFS entries for any DISKSLICE devices yet as that will be a much more complicated job.. (pass 5 :) pass 4 will be to make the devsw tables of type (cdevsw * ) rather than (cdevsw) seems to work here.. complaints to the usual places.. :)
1995-12-08 11:19:42 +00:00
Supply a stub bpf_validate() (always returning false - the script is not valid) if BPF is missing. The netgraph_bpf node forced bpf to be present, reflect that in the options. Stop doing a 'count bpf' - we provide stubs. Since a handful of drivers still refer to "bpf.h", provide a more accurate indication that the API is present always. (eg: netinet6)
2001-01-29 13:26:14 +00:00
#if defined(DEV_BPF) || defined(NETGRAPH_BPF)
OK, that's it.. That's EVERY SINGLE driver that has an entry in conf.c.. my next trick will be to define cdevsw[] and bdevsw[] as empty arrays and remove all those DAMNED defines as well.. Each of these drivers has a SYSINIT linker set entry that comes in very early.. and asks teh driver to add it's own entry to the two devsw[] tables. some slight reworking of the commits from yesterday (added the SYSINIT stuff and some usually wrong but token DEVFS entries to all these devices. BTW does anyone know where the 'ata' entries in conf.c actually reside? seems we don't actually have a 'ataopen() etc... If you want to add a new device in conf.c please make sure I know so I can keep it up to date too.. as before, this is all dependent on #if defined(JREMOD) (and #ifdef DEVFS in parts)
1995-11-29 10:49:16 +00:00
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
#define PRINET 26 /* interruptible */
/*
Update a comment describing bpf_iflist to indicate that the BPF interface structures correspond to specific link layers, so the same network interface may appear more than once. MFC after: 3 days
2005-02-28 12:35:52 +00:00
* bpf_iflist is a list of BPF interface structures, each corresponding to a
* specific DLT. The same network interface might have several BPF interface
* structures registered by different layers in the stack (i.e., 802.11
* frames, ethernet frames, etc).
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
*/
Reformulate use of linked lists in 'struct bpf_d' and 'struct bpf_if' to use queue(3) list macros rather than hand-crafted lists. While here, move to doubly linked lists to eliminate iterating lists in order to remove entries. This change simplifies and clarifies the list logic in the BPF descriptor code as a first step towards revising the locking strategy. RELENG_5 candidate. Reviewed by: fenner
2004-09-09 00:19:27 +00:00
static LIST_HEAD(, bpf_if) bpf_iflist;
Add mutexes to the entire bpf subsystem to make it MPSAFE. Previously reviewed by: jhb, bde
2001-02-16 17:10:28 +00:00
static struct mtx bpf_mtx; /* bpf global lock */
Introduce new sysctl variable: net.bpf.stats. This sysctl variable can be used to pass statistics regarding dropped, matched and received packet counts from the kernel to user-space. While we are here introduce a new counter for filtered or matched packets. We currently keep track of packets received or dropped by the bpf device, but not how many packets actually matched the bpf filter. -Introduce net.bpf.stats sysctl OID -Move sysctl variables after the function prototypes so we can reference bpf_stats_sysctl(9) without build errors. -Introduce bpf descriptor counter which is used mainly for sizing of the xbpf_d array. -Introduce a xbpf_d structure which will act as an external representation of the bpf_d structure. -Add a the following members to the bpfd structure: bd_fcount - Number of packets which matched bpf filter bd_pid - PID which opened the bpf device bd_pcomm - Process name which opened the device. It should be noted that it's possible that the process which opened the device could be long gone at the time of stats collection. An example might be a process that opens the bpf device forks then exits leaving the child process with the bpf fd. Reviewed by: mdodd
2005-07-24 17:21:17 +00:00
static int bpf_bpfd_cnt;
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
Since we are doing some bpf(4) clean up, change a couple of function prototypes to be consistent. Also, ANSI'fy function definitions. There is no functional change here.
2006-06-15 15:39:12 +00:00
static void bpf_attachd(struct bpf_d *, struct bpf_if *);
static void bpf_detachd(struct bpf_d *);
Remove __P.
2002-03-19 21:54:18 +00:00
static void bpf_freed(struct bpf_d *);
Check for multicast destination on bpf injected packets and update the M_*CAST flags, the absense of these flags causes problems in other areas such as bridging which expect them to be correct. At the moment only Ethernet DLTs are checked. Reviewed by: bms, csjp, sam Approved by: re (bmah)
2007-09-10 00:03:06 +00:00
static int bpf_movein(struct uio *, int, struct ifnet *, struct mbuf **,
Add three new ioctl(2) commands for bpf(4). - BIOCGDIRECTION and BIOCSDIRECTION get or set the setting determining whether incoming, outgoing, or all packets on the interface should be returned by BPF. Set to BPF_D_IN to see only incoming packets on the interface. Set to BPF_D_INOUT to see packets originating locally and remotely on the interface. Set to BPF_D_OUT to see only outgoing packets on the interface. This setting is initialized to BPF_D_INOUT by default. BIOCGSEESENT and BIOCSSEESENT are obsoleted by these but kept for backward compatibility. - BIOCFEEDBACK sets packet feedback mode. This allows injected packets to be fed back as input to the interface when output via the interface is successful. When BPF_D_INOUT direction is set, injected outgoing packet is not returned by BPF to avoid duplication. This flag is initialized to zero by default. Note that libpcap has been modified to support BPF_D_OUT direction for pcap_setdirection(3) and PCAP_D_OUT direction is functional now. Reviewed by: rwatson
2007-02-26 22:24:14 +00:00
struct sockaddr *, int *, struct bpf_insn *);
Remove __P.
2002-03-19 21:54:18 +00:00
static int bpf_setif(struct bpf_d *, struct ifreq *);
static void bpf_timed_out(void *);
Add mutexes to the entire bpf subsystem to make it MPSAFE. Previously reviewed by: jhb, bde
2001-02-16 17:10:28 +00:00
static __inline void
Remove __P.
2002-03-19 21:54:18 +00:00
bpf_wakeup(struct bpf_d *);
Introduce support for zero-copy BPF buffering, which reduces the overhead of packet capture by allowing a user process to directly "loan" buffer memory to the kernel rather than using read(2) to explicitly copy data from kernel address space. The user process will issue new BPF ioctls to set the shared memory buffer mode and provide pointers to buffers and their size. The kernel then wires and maps the pages into kernel address space using sf_buf(9), which on supporting architectures will use the direct map region. The current "buffered" access mode remains the default, and support for zero-copy buffers must, for the time being, be explicitly enabled using a sysctl for the kernel to accept requests to use it. The kernel and user process synchronize use of the buffers with atomic operations, avoiding the need for system calls under load; the user process may use select()/poll()/kqueue() to manage blocking while waiting for network data if the user process is able to consume data faster than the kernel generates it. Patchs to libpcap are available to allow libpcap applications to transparently take advantage of this support. Detailed information on the new API may be found in bpf(4), including specific atomic operations and memory barriers required to synchronize buffer use safely. These changes modify the base BPF implementation to (roughly) abstrac the current buffer model, allowing the new shared memory model to be added, and add new monitoring statistics for netstat to print. The implementation, with the exception of some monitoring hanges that break the netstat monitoring ABI for BPF, will be MFC'd. Zerocopy bpf buffers are still considered experimental are disabled by default. To experiment with this new facility, adjust the net.bpf.zerocopy_enable sysctl variable to 1. Changes to libpcap will be made available as a patch for the time being, and further refinements to the implementation are expected. Sponsored by: Seccuris Inc. In collaboration with: rwatson Tested by: pwood, gallatin MFC after: 4 months [1] [1] Certain portions will probably not be MFCed, specifically things that can break the monitoring ABI.
2008-03-24 13:49:17 +00:00
static void catchpacket(struct bpf_d *, u_char *, u_int, u_int,
void (*)(struct bpf_d *, caddr_t, u_int, void *, u_int),
Rather than calling mircotime() in catchpacket(), make catchpacket() take a timeval indicating when the packet was captured. Move microtime() to the calling functions and grab the timestamp as soon as we know that we're going to call catchpacket at least once. This means that we call microtime() once per matched packet, as opposed to once per matched packet per bpf listener. It also means that we return the same timestamp to all bpf listeners, rather than slightly different ones. It would be more accurate to call microtime() even earlier for all packets, as you have to grab (1+#listener) locks before you can determine if the packet will be logged. You could always grab a timestamp before the locks, but microtime() can be costly, so this didn't seem like a good idea. (I guess most ethernet interfaces will have a bpf listener these days because of dhclient. That means that we could be doing two bpf locks on most packets going through the interface.) PR: 71711
2006-07-24 15:42:04 +00:00
struct timeval *);
Remove __P.
2002-03-19 21:54:18 +00:00
static void reset_d(struct bpf_d *);
Introduce two new ioctl(2) commands, BIOCLOCK and BIOCSETWF. These commands enhance the security of bpf(4) by further relinquishing the privilege of the bpf(4) consumer (assuming the ioctl commands are being implemented). Once BIOCLOCK is executed, the device becomes locked which prevents the execution of ioctl(2) commands which can change the underly parameters of the bpf(4) device. An example might be the setting of bpf(4) filter programs or attaching to different network interfaces. BIOCSETWF can be used to set write filters for outgoing packets. Currently if a bpf(4) consumer is compromised, the bpf(4) descriptor can essentially be used as a raw socket, regardless of consumer's UID. Write filters give users the ability to constrain which packets can be sent through the bpf(4) descriptor. These features are currently implemented by a couple programs which came from OpenBSD, such as the new dhclient and pflogd. -Modify bpf_setf(9) to accept a "cmd" parameter. This will be used to specify whether a read or write filter is to be set. -Add a bpf(4) filter program as a parameter to bpf_movein(9) as we will run the filter program on the mbuf data once we move the packet in from user-space. -Rather than execute two uiomove operations, (one for the link header and the other for the packet data), execute one and manually copy the linker header into the sockaddr structure via bcopy. -Restructure bpf_setf to compensate for write filters, as well as read. -Adjust bpf(4) stats structures to include a bd_locked member. It should be noted that the FreeBSD and OpenBSD implementations differ a bit in the sense that we unconditionally enforce the lock, where OpenBSD enforces it only if the calling credential is not root. Idea from: OpenBSD Reviewed by: mlaier
2005-08-22 19:35:48 +00:00
static int bpf_setf(struct bpf_d *, struct bpf_program *, u_long cmd);
o add BIOCGDLTLIST and BIOCSDLT ioctls to get the data link type list and set the link type for use by libpcap and tcpdump o move mtx unlock in bpfdetach up; it doesn't need to be held so long o change printf in bpf_detach to distinguish it from the same one in bpfsetdlt Note there are locking issues here related to ioctl processing; they have not been addressed here. Submitted by: Guy Harris <guy@alum.mit.edu> Obtained from: NetBSD (w/ locking modifications)
2003-01-20 19:08:46 +00:00
static int bpf_getdltlist(struct bpf_d *, struct bpf_dltlist *);
static int bpf_setdlt(struct bpf_d *, u_int);
add support for using kqueue to watch bpf sockets. Submitted by: Brian Buchanan of nCircle, Inc. Tested on: i386 and sparc64
2003-08-05 07:12:49 +00:00
static void filt_bpfdetach(struct knote *);
static int filt_bpfread(struct knote *, long);
-introduce net.bpf sysctl instead of the less intuitive debug.* debug.bpf_bufsize is now net.bpf.bufsize debug.bpf_maxbufsize is now net.bpf.maxbufsize -move function prototypes for bpf_drvinit and bpf_clone up to the top of the file with the others -assert bpfd lock in catchpacket() and bpf_wakeup() MFC after: 2 weeks
2005-05-04 03:09:28 +00:00
static void bpf_drvinit(void *);
Introduce new sysctl variable: net.bpf.stats. This sysctl variable can be used to pass statistics regarding dropped, matched and received packet counts from the kernel to user-space. While we are here introduce a new counter for filtered or matched packets. We currently keep track of packets received or dropped by the bpf device, but not how many packets actually matched the bpf filter. -Introduce net.bpf.stats sysctl OID -Move sysctl variables after the function prototypes so we can reference bpf_stats_sysctl(9) without build errors. -Introduce bpf descriptor counter which is used mainly for sizing of the xbpf_d array. -Introduce a xbpf_d structure which will act as an external representation of the bpf_d structure. -Add a the following members to the bpfd structure: bd_fcount - Number of packets which matched bpf filter bd_pid - PID which opened the bpf device bd_pcomm - Process name which opened the device. It should be noted that it's possible that the process which opened the device could be long gone at the time of stats collection. An example might be a process that opens the bpf device forks then exits leaving the child process with the bpf fd. Reviewed by: mdodd
2005-07-24 17:21:17 +00:00
static int bpf_stats_sysctl(SYSCTL_HANDLER_ARGS);
SYSCTL_NODE(_net, OID_AUTO, bpf, CTLFLAG_RW, 0, "bpf sysctl");
Make bpf_maxinsns visible from ng_bpf.c. Pass me the pointyhat, please.
2008-08-29 20:34:06 +00:00
int bpf_maxinsns = BPF_MAXINSNS;
Introduce new sysctl variable: net.bpf.stats. This sysctl variable can be used to pass statistics regarding dropped, matched and received packet counts from the kernel to user-space. While we are here introduce a new counter for filtered or matched packets. We currently keep track of packets received or dropped by the bpf device, but not how many packets actually matched the bpf filter. -Introduce net.bpf.stats sysctl OID -Move sysctl variables after the function prototypes so we can reference bpf_stats_sysctl(9) without build errors. -Introduce bpf descriptor counter which is used mainly for sizing of the xbpf_d array. -Introduce a xbpf_d structure which will act as an external representation of the bpf_d structure. -Add a the following members to the bpfd structure: bd_fcount - Number of packets which matched bpf filter bd_pid - PID which opened the bpf device bd_pcomm - Process name which opened the device. It should be noted that it's possible that the process which opened the device could be long gone at the time of stats collection. An example might be a process that opens the bpf device forks then exits leaving the child process with the bpf fd. Reviewed by: mdodd
2005-07-24 17:21:17 +00:00
SYSCTL_INT(_net_bpf, OID_AUTO, maxinsns, CTLFLAG_RW,
&bpf_maxinsns, 0, "Maximum bpf program instructions");
Introduce support for zero-copy BPF buffering, which reduces the overhead of packet capture by allowing a user process to directly "loan" buffer memory to the kernel rather than using read(2) to explicitly copy data from kernel address space. The user process will issue new BPF ioctls to set the shared memory buffer mode and provide pointers to buffers and their size. The kernel then wires and maps the pages into kernel address space using sf_buf(9), which on supporting architectures will use the direct map region. The current "buffered" access mode remains the default, and support for zero-copy buffers must, for the time being, be explicitly enabled using a sysctl for the kernel to accept requests to use it. The kernel and user process synchronize use of the buffers with atomic operations, avoiding the need for system calls under load; the user process may use select()/poll()/kqueue() to manage blocking while waiting for network data if the user process is able to consume data faster than the kernel generates it. Patchs to libpcap are available to allow libpcap applications to transparently take advantage of this support. Detailed information on the new API may be found in bpf(4), including specific atomic operations and memory barriers required to synchronize buffer use safely. These changes modify the base BPF implementation to (roughly) abstrac the current buffer model, allowing the new shared memory model to be added, and add new monitoring statistics for netstat to print. The implementation, with the exception of some monitoring hanges that break the netstat monitoring ABI for BPF, will be MFC'd. Zerocopy bpf buffers are still considered experimental are disabled by default. To experiment with this new facility, adjust the net.bpf.zerocopy_enable sysctl variable to 1. Changes to libpcap will be made available as a patch for the time being, and further refinements to the implementation are expected. Sponsored by: Seccuris Inc. In collaboration with: rwatson Tested by: pwood, gallatin MFC after: 4 months [1] [1] Certain portions will probably not be MFCed, specifically things that can break the monitoring ABI.
2008-03-24 13:49:17 +00:00
static int bpf_zerocopy_enable = 0;
SYSCTL_INT(_net_bpf, OID_AUTO, zerocopy_enable, CTLFLAG_RW,
&bpf_zerocopy_enable, 0, "Enable new zero-copy BPF buffer sessions");
Introduce new sysctl variable: net.bpf.stats. This sysctl variable can be used to pass statistics regarding dropped, matched and received packet counts from the kernel to user-space. While we are here introduce a new counter for filtered or matched packets. We currently keep track of packets received or dropped by the bpf device, but not how many packets actually matched the bpf filter. -Introduce net.bpf.stats sysctl OID -Move sysctl variables after the function prototypes so we can reference bpf_stats_sysctl(9) without build errors. -Introduce bpf descriptor counter which is used mainly for sizing of the xbpf_d array. -Introduce a xbpf_d structure which will act as an external representation of the bpf_d structure. -Add a the following members to the bpfd structure: bd_fcount - Number of packets which matched bpf filter bd_pid - PID which opened the bpf device bd_pcomm - Process name which opened the device. It should be noted that it's possible that the process which opened the device could be long gone at the time of stats collection. An example might be a process that opens the bpf device forks then exits leaving the child process with the bpf fd. Reviewed by: mdodd
2005-07-24 17:21:17 +00:00
SYSCTL_NODE(_net_bpf, OID_AUTO, stats, CTLFLAG_RW,
bpf_stats_sysctl, "bpf statistics portal");
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
Pass 3 of the great devsw changes most devsw referenced functions are now static, as they are in the same file as their devsw structure. I've also added DEVFS support for nearly every device in the system, however many of the devices have 'incorrect' names under DEVFS because I couldn't quickly work out the correct naming conventions. (but devfs won't be coming on line for a month or so anyhow so that doesn't matter) If you "OWN" a device which would normally have an entry in /dev then search for the devfs_add_devsw() entries and munge to make them right.. check out similar devices to see what I might have done in them in you can't see what's going on.. for a laugh compare conf.c conf.h defore and after... :) I have not doen DEVFS entries for any DISKSLICE devices yet as that will be a much more complicated job.. (pass 5 :) pass 4 will be to make the devsw tables of type (cdevsw * ) rather than (cdevsw) seems to work here.. complaints to the usual places.. :)
1995-12-08 11:19:42 +00:00
static d_open_t bpfopen;
static d_read_t bpfread;
static d_write_t bpfwrite;
static d_ioctl_t bpfioctl;
select -> poll Obtained from: NetBSD (I think)
1997-09-14 03:03:05 +00:00
static d_poll_t bpfpoll;
add support for using kqueue to watch bpf sockets. Submitted by: Brian Buchanan of nCircle, Inc. Tested on: i386 and sparc64
2003-08-05 07:12:49 +00:00
static d_kqfilter_t bpfkqfilter;
Pass 3 of the great devsw changes most devsw referenced functions are now static, as they are in the same file as their devsw structure. I've also added DEVFS support for nearly every device in the system, however many of the devices have 'incorrect' names under DEVFS because I couldn't quickly work out the correct naming conventions. (but devfs won't be coming on line for a month or so anyhow so that doesn't matter) If you "OWN" a device which would normally have an entry in /dev then search for the devfs_add_devsw() entries and munge to make them right.. check out similar devices to see what I might have done in them in you can't see what's going on.. for a laugh compare conf.c conf.h defore and after... :) I have not doen DEVFS entries for any DISKSLICE devices yet as that will be a much more complicated job.. (pass 5 :) pass 4 will be to make the devsw tables of type (cdevsw * ) rather than (cdevsw) seems to work here.. complaints to the usual places.. :)
1995-12-08 11:19:42 +00:00
This commit should be a extensive NO-OP: Reformat and initialize correctly all "struct cdevsw". Initialize the d_maj and d_bmaj fields. The d_reset field was not removed, although it is never used. I used a program to do most of this, so all the files now use the same consistent format. Please keep it that way. Vinum and i4b not modified, patches emailed to respective authors.
1999-05-30 16:53:49 +00:00
static struct cdevsw bpf_cdevsw = {
Device megapatch 4/6: Introduce d_version field in struct cdevsw, this must always be initialized to D_VERSION. Flip sense of D_NOGIANT flag to D_NEEDGIANT, this involves removing four D_NOGIANT flags and adding 145 D_NEEDGIANT flags.
2004-02-21 21:10:55 +00:00
.d_version = D_VERSION,
Gigacommit to improve device-driver source compatibility between branches: Initialize struct cdevsw using C99 sparse initializtion and remove all initializations to default values. This patch is automatically generated and has been tested by compiling LINT with all the fields in struct cdevsw in reverse order on alpha, sparc64 and i386. Approved by: re(scottl)
2003-03-03 12:15:54 +00:00
.d_open = bpfopen,
.d_read = bpfread,
.d_write = bpfwrite,
.d_ioctl = bpfioctl,
.d_poll = bpfpoll,
.d_name = "bpf",
add support for using kqueue to watch bpf sockets. Submitted by: Brian Buchanan of nCircle, Inc. Tested on: i386 and sparc64
2003-08-05 07:12:49 +00:00
.d_kqfilter = bpfkqfilter,
This commit should be a extensive NO-OP: Reformat and initialize correctly all "struct cdevsw". Initialize the d_maj and d_bmaj fields. The d_reset field was not removed, although it is never used. I used a program to do most of this, so all the files now use the same consistent format. Please keep it that way. Vinum and i4b not modified, patches emailed to respective authors.
1999-05-30 16:53:49 +00:00
};
Pass 3 of the great devsw changes most devsw referenced functions are now static, as they are in the same file as their devsw structure. I've also added DEVFS support for nearly every device in the system, however many of the devices have 'incorrect' names under DEVFS because I couldn't quickly work out the correct naming conventions. (but devfs won't be coming on line for a month or so anyhow so that doesn't matter) If you "OWN" a device which would normally have an entry in /dev then search for the devfs_add_devsw() entries and munge to make them right.. check out similar devices to see what I might have done in them in you can't see what's going on.. for a laugh compare conf.c conf.h defore and after... :) I have not doen DEVFS entries for any DISKSLICE devices yet as that will be a much more complicated job.. (pass 5 :) pass 4 will be to make the devsw tables of type (cdevsw * ) rather than (cdevsw) seems to work here.. complaints to the usual places.. :)
1995-12-08 11:19:42 +00:00
add support for using kqueue to watch bpf sockets. Submitted by: Brian Buchanan of nCircle, Inc. Tested on: i386 and sparc64
2003-08-05 07:12:49 +00:00
static struct filterops bpfread_filtops =
Random style fixes and a comment update. No functional changes.
2004-02-16 18:19:15 +00:00
{ 1, NULL, filt_bpfdetach, filt_bpfread };
Pass 3 of the great devsw changes most devsw referenced functions are now static, as they are in the same file as their devsw structure. I've also added DEVFS support for nearly every device in the system, however many of the devices have 'incorrect' names under DEVFS because I couldn't quickly work out the correct naming conventions. (but devfs won't be coming on line for a month or so anyhow so that doesn't matter) If you "OWN" a device which would normally have an entry in /dev then search for the devfs_add_devsw() entries and munge to make them right.. check out similar devices to see what I might have done in them in you can't see what's going on.. for a laugh compare conf.c conf.h defore and after... :) I have not doen DEVFS entries for any DISKSLICE devices yet as that will be a much more complicated job.. (pass 5 :) pass 4 will be to make the devsw tables of type (cdevsw * ) rather than (cdevsw) seems to work here.. complaints to the usual places.. :)
1995-12-08 11:19:42 +00:00
Introduce support for zero-copy BPF buffering, which reduces the overhead of packet capture by allowing a user process to directly "loan" buffer memory to the kernel rather than using read(2) to explicitly copy data from kernel address space. The user process will issue new BPF ioctls to set the shared memory buffer mode and provide pointers to buffers and their size. The kernel then wires and maps the pages into kernel address space using sf_buf(9), which on supporting architectures will use the direct map region. The current "buffered" access mode remains the default, and support for zero-copy buffers must, for the time being, be explicitly enabled using a sysctl for the kernel to accept requests to use it. The kernel and user process synchronize use of the buffers with atomic operations, avoiding the need for system calls under load; the user process may use select()/poll()/kqueue() to manage blocking while waiting for network data if the user process is able to consume data faster than the kernel generates it. Patchs to libpcap are available to allow libpcap applications to transparently take advantage of this support. Detailed information on the new API may be found in bpf(4), including specific atomic operations and memory barriers required to synchronize buffer use safely. These changes modify the base BPF implementation to (roughly) abstrac the current buffer model, allowing the new shared memory model to be added, and add new monitoring statistics for netstat to print. The implementation, with the exception of some monitoring hanges that break the netstat monitoring ABI for BPF, will be MFC'd. Zerocopy bpf buffers are still considered experimental are disabled by default. To experiment with this new facility, adjust the net.bpf.zerocopy_enable sysctl variable to 1. Changes to libpcap will be made available as a patch for the time being, and further refinements to the implementation are expected. Sponsored by: Seccuris Inc. In collaboration with: rwatson Tested by: pwood, gallatin MFC after: 4 months [1] [1] Certain portions will probably not be MFCed, specifically things that can break the monitoring ABI.
2008-03-24 13:49:17 +00:00
/*
* Wrapper functions for various buffering methods. If the set of buffer
* modes expands, we will probably want to introduce a switch data structure
* similar to protosw, et.
*/
static void
bpf_append_bytes(struct bpf_d *d, caddr_t buf, u_int offset, void *src,
u_int len)
{
BPFD_LOCK_ASSERT(d);
switch (d->bd_bufmode) {
case BPF_BUFMODE_BUFFER:
return (bpf_buffer_append_bytes(d, buf, offset, src, len));
case BPF_BUFMODE_ZBUF:
d->bd_zcopy++;
return (bpf_zerocopy_append_bytes(d, buf, offset, src, len));
default:
panic("bpf_buf_append_bytes");
}
}
static void
bpf_append_mbuf(struct bpf_d *d, caddr_t buf, u_int offset, void *src,
u_int len)
{
BPFD_LOCK_ASSERT(d);
switch (d->bd_bufmode) {
case BPF_BUFMODE_BUFFER:
return (bpf_buffer_append_mbuf(d, buf, offset, src, len));
case BPF_BUFMODE_ZBUF:
d->bd_zcopy++;
return (bpf_zerocopy_append_mbuf(d, buf, offset, src, len));
default:
panic("bpf_buf_append_mbuf");
}
}
Make sure we are clearing the ZBUF_FLAG_IMMUTABLE any time a free buffer is reclaimed by the kernel. This fixes a bug resulted in the kernel over writing packet data while user-space was still processing it when zerocopy is enabled. (Or a panic if invariants was enabled). Discussed with: rwatson
2008-07-05 20:11:28 +00:00
/*
* This function gets called when the free buffer is re-assigned.
*/
static void
bpf_buf_reclaimed(struct bpf_d *d)
{
BPFD_LOCK_ASSERT(d);
switch (d->bd_bufmode) {
case BPF_BUFMODE_BUFFER:
return;
case BPF_BUFMODE_ZBUF:
bpf_zerocopy_buf_reclaimed(d);
return;
default:
panic("bpf_buf_reclaimed");
}
}
Introduce support for zero-copy BPF buffering, which reduces the overhead of packet capture by allowing a user process to directly "loan" buffer memory to the kernel rather than using read(2) to explicitly copy data from kernel address space. The user process will issue new BPF ioctls to set the shared memory buffer mode and provide pointers to buffers and their size. The kernel then wires and maps the pages into kernel address space using sf_buf(9), which on supporting architectures will use the direct map region. The current "buffered" access mode remains the default, and support for zero-copy buffers must, for the time being, be explicitly enabled using a sysctl for the kernel to accept requests to use it. The kernel and user process synchronize use of the buffers with atomic operations, avoiding the need for system calls under load; the user process may use select()/poll()/kqueue() to manage blocking while waiting for network data if the user process is able to consume data faster than the kernel generates it. Patchs to libpcap are available to allow libpcap applications to transparently take advantage of this support. Detailed information on the new API may be found in bpf(4), including specific atomic operations and memory barriers required to synchronize buffer use safely. These changes modify the base BPF implementation to (roughly) abstrac the current buffer model, allowing the new shared memory model to be added, and add new monitoring statistics for netstat to print. The implementation, with the exception of some monitoring hanges that break the netstat monitoring ABI for BPF, will be MFC'd. Zerocopy bpf buffers are still considered experimental are disabled by default. To experiment with this new facility, adjust the net.bpf.zerocopy_enable sysctl variable to 1. Changes to libpcap will be made available as a patch for the time being, and further refinements to the implementation are expected. Sponsored by: Seccuris Inc. In collaboration with: rwatson Tested by: pwood, gallatin MFC after: 4 months [1] [1] Certain portions will probably not be MFCed, specifically things that can break the monitoring ABI.
2008-03-24 13:49:17 +00:00
/*
* If the buffer mechanism has a way to decide that a held buffer can be made
* free, then it is exposed via the bpf_canfreebuf() interface. (1) is
* returned if the buffer can be discarded, (0) is returned if it cannot.
*/
static int
bpf_canfreebuf(struct bpf_d *d)
{
BPFD_LOCK_ASSERT(d);
switch (d->bd_bufmode) {
case BPF_BUFMODE_ZBUF:
return (bpf_zerocopy_canfreebuf(d));
}
return (0);
}
Maintain and observe a ZBUF_FLAG_IMMUTABLE flag on zero-copy BPF buffer kernel descriptors, which is used to allow the buffer currently in the BPF "store" position to be assigned to userspace when it fills, even if userspace hasn't acknowledged the buffer in the "hold" position yet. To implement this, notify the buffer model when a buffer becomes full, and check that the store buffer is writable, not just for it being full, before trying to append new packet data. Shared memory buffers will be assigned to userspace at most once per fill, be it in the store or in the hold position. This removes the restriction that at most one shared memory can by owned by userspace, reducing the chances that userspace will need to call select() after acknowledging one buffer in order to wait for the next buffer when under high load. This more fully realizes the goal of zero system calls in order to process a high-speed packet stream from BPF. Update bpf.4 to reflect that both buffers may be owned by userspace at once; caution against assuming this.
2008-04-07 02:51:00 +00:00
/*
* Allow the buffer model to indicate that the current store buffer is
* immutable, regardless of the appearance of space. Return (1) if the
* buffer is writable, and (0) if not.
*/
static int
bpf_canwritebuf(struct bpf_d *d)
{
BPFD_LOCK_ASSERT(d);
switch (d->bd_bufmode) {
case BPF_BUFMODE_ZBUF:
return (bpf_zerocopy_canwritebuf(d));
}
return (1);
}
/*
* Notify buffer model that an attempt to write to the store buffer has
* resulted in a dropped packet, in which case the buffer may be considered
* full.
*/
static void
bpf_buffull(struct bpf_d *d)
{
BPFD_LOCK_ASSERT(d);
switch (d->bd_bufmode) {
case BPF_BUFMODE_ZBUF:
bpf_zerocopy_buffull(d);
break;
}
}
/*
* Notify the buffer model that a buffer has moved into the hold position.
*/
Introduce support for zero-copy BPF buffering, which reduces the overhead of packet capture by allowing a user process to directly "loan" buffer memory to the kernel rather than using read(2) to explicitly copy data from kernel address space. The user process will issue new BPF ioctls to set the shared memory buffer mode and provide pointers to buffers and their size. The kernel then wires and maps the pages into kernel address space using sf_buf(9), which on supporting architectures will use the direct map region. The current "buffered" access mode remains the default, and support for zero-copy buffers must, for the time being, be explicitly enabled using a sysctl for the kernel to accept requests to use it. The kernel and user process synchronize use of the buffers with atomic operations, avoiding the need for system calls under load; the user process may use select()/poll()/kqueue() to manage blocking while waiting for network data if the user process is able to consume data faster than the kernel generates it. Patchs to libpcap are available to allow libpcap applications to transparently take advantage of this support. Detailed information on the new API may be found in bpf(4), including specific atomic operations and memory barriers required to synchronize buffer use safely. These changes modify the base BPF implementation to (roughly) abstrac the current buffer model, allowing the new shared memory model to be added, and add new monitoring statistics for netstat to print. The implementation, with the exception of some monitoring hanges that break the netstat monitoring ABI for BPF, will be MFC'd. Zerocopy bpf buffers are still considered experimental are disabled by default. To experiment with this new facility, adjust the net.bpf.zerocopy_enable sysctl variable to 1. Changes to libpcap will be made available as a patch for the time being, and further refinements to the implementation are expected. Sponsored by: Seccuris Inc. In collaboration with: rwatson Tested by: pwood, gallatin MFC after: 4 months [1] [1] Certain portions will probably not be MFCed, specifically things that can break the monitoring ABI.
2008-03-24 13:49:17 +00:00
void
bpf_bufheld(struct bpf_d *d)
{
BPFD_LOCK_ASSERT(d);
switch (d->bd_bufmode) {
case BPF_BUFMODE_ZBUF:
bpf_zerocopy_bufheld(d);
break;
}
}
static void
bpf_free(struct bpf_d *d)
{
switch (d->bd_bufmode) {
case BPF_BUFMODE_BUFFER:
return (bpf_buffer_free(d));
case BPF_BUFMODE_ZBUF:
return (bpf_zerocopy_free(d));
default:
panic("bpf_buf_free");
}
}
static int
bpf_uiomove(struct bpf_d *d, caddr_t buf, u_int len, struct uio *uio)
{
if (d->bd_bufmode != BPF_BUFMODE_BUFFER)
return (EOPNOTSUPP);
return (bpf_buffer_uiomove(d, buf, len, uio));
}
static int
bpf_ioctl_sblen(struct bpf_d *d, u_int *i)
{
if (d->bd_bufmode != BPF_BUFMODE_BUFFER)
return (EOPNOTSUPP);
return (bpf_buffer_ioctl_sblen(d, i));
}
static int
bpf_ioctl_getzmax(struct thread *td, struct bpf_d *d, size_t *i)
{
if (d->bd_bufmode != BPF_BUFMODE_ZBUF)
return (EOPNOTSUPP);
return (bpf_zerocopy_ioctl_getzmax(td, d, i));
}
static int
bpf_ioctl_rotzbuf(struct thread *td, struct bpf_d *d, struct bpf_zbuf *bz)
{
if (d->bd_bufmode != BPF_BUFMODE_ZBUF)
return (EOPNOTSUPP);
return (bpf_zerocopy_ioctl_rotzbuf(td, d, bz));
}
static int
bpf_ioctl_setzbuf(struct thread *td, struct bpf_d *d, struct bpf_zbuf *bz)
{
if (d->bd_bufmode != BPF_BUFMODE_ZBUF)
return (EOPNOTSUPP);
return (bpf_zerocopy_ioctl_setzbuf(td, d, bz));
}
/*
* General BPF functions.
*/
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
static int
Check for multicast destination on bpf injected packets and update the M_*CAST flags, the absense of these flags causes problems in other areas such as bridging which expect them to be correct. At the moment only Ethernet DLTs are checked. Reviewed by: bms, csjp, sam Approved by: re (bmah)
2007-09-10 00:03:06 +00:00
bpf_movein(struct uio *uio, int linktype, struct ifnet *ifp, struct mbuf **mp,
Add three new ioctl(2) commands for bpf(4). - BIOCGDIRECTION and BIOCSDIRECTION get or set the setting determining whether incoming, outgoing, or all packets on the interface should be returned by BPF. Set to BPF_D_IN to see only incoming packets on the interface. Set to BPF_D_INOUT to see packets originating locally and remotely on the interface. Set to BPF_D_OUT to see only outgoing packets on the interface. This setting is initialized to BPF_D_INOUT by default. BIOCGSEESENT and BIOCSSEESENT are obsoleted by these but kept for backward compatibility. - BIOCFEEDBACK sets packet feedback mode. This allows injected packets to be fed back as input to the interface when output via the interface is successful. When BPF_D_INOUT direction is set, injected outgoing packet is not returned by BPF to avoid duplication. This flag is initialized to zero by default. Note that libpcap has been modified to support BPF_D_OUT direction for pcap_setdirection(3) and PCAP_D_OUT direction is functional now. Reviewed by: rwatson
2007-02-26 22:24:14 +00:00
struct sockaddr *sockp, int *hdrlen, struct bpf_insn *wfilter)
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
{
add support for 802.11 packet injection via bpf Together with: Andrea Bittau <a.bittau@cs.ucl.ac.uk> Reviewed by: arch@ MFC after: 1 month
2006-07-26 03:15:16 +00:00
const struct ieee80211_bpf_params *p;
Check for multicast destination on bpf injected packets and update the M_*CAST flags, the absense of these flags causes problems in other areas such as bridging which expect them to be correct. At the moment only Ethernet DLTs are checked. Reviewed by: bms, csjp, sam Approved by: re (bmah)
2007-09-10 00:03:06 +00:00
struct ether_header *eh;
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
struct mbuf *m;
int error;
int len;
int hlen;
Introduce two new ioctl(2) commands, BIOCLOCK and BIOCSETWF. These commands enhance the security of bpf(4) by further relinquishing the privilege of the bpf(4) consumer (assuming the ioctl commands are being implemented). Once BIOCLOCK is executed, the device becomes locked which prevents the execution of ioctl(2) commands which can change the underly parameters of the bpf(4) device. An example might be the setting of bpf(4) filter programs or attaching to different network interfaces. BIOCSETWF can be used to set write filters for outgoing packets. Currently if a bpf(4) consumer is compromised, the bpf(4) descriptor can essentially be used as a raw socket, regardless of consumer's UID. Write filters give users the ability to constrain which packets can be sent through the bpf(4) descriptor. These features are currently implemented by a couple programs which came from OpenBSD, such as the new dhclient and pflogd. -Modify bpf_setf(9) to accept a "cmd" parameter. This will be used to specify whether a read or write filter is to be set. -Add a bpf(4) filter program as a parameter to bpf_movein(9) as we will run the filter program on the mbuf data once we move the packet in from user-space. -Rather than execute two uiomove operations, (one for the link header and the other for the packet data), execute one and manually copy the linker header into the sockaddr structure via bcopy. -Restructure bpf_setf to compensate for write filters, as well as read. -Adjust bpf(4) stats structures to include a bd_locked member. It should be noted that the FreeBSD and OpenBSD implementations differ a bit in the sense that we unconditionally enforce the lock, where OpenBSD enforces it only if the calling credential is not root. Idea from: OpenBSD Reviewed by: mlaier
2005-08-22 19:35:48 +00:00
int slen;
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
/*
* Build a sockaddr based on the data link layer type.
* We do this at this level because the ethernet header
* is copied directly into the data field of the sockaddr.
* In the case of SLIP, there is no header and the packet
* is forwarded as is.
* Also, we are careful to leave room at the front of the mbuf
* for the link level header.
*/
switch (linktype) {
case DLT_SLIP:
sockp->sa_family = AF_INET;
hlen = 0;
break;
case DLT_EN10MB:
sockp->sa_family = AF_UNSPEC;
/* XXX Would MAXLINKHDR be better? */
sizeof(struct llc) -> LLC_SNAPFRAMELEN sizeof(struct ether_header) -> ETHER_HDR_LEN sizeof(struct fddi_header) -> FDDI_HDR_LEN
2003-03-03 05:04:57 +00:00
hlen = ETHER_HDR_LEN;
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
break;
case DLT_FDDI:
Added support for generic FDDI and the DEC DEFEA and DEFPA FDDI adapters. Submitted by: Matt Thomas
1995-03-14 09:16:07 +00:00
sockp->sa_family = AF_IMPLINK;
hlen = 0;
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
break;
Implement DLT_RAW from libpcap
1998-08-18 10:13:11 +00:00
case DLT_RAW:
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
sockp->sa_family = AF_UNSPEC;
hlen = 0;
break;
Fix some long standing bugs in writing to the BPF device attached to a DLT_NULL interface. In particular: 1) Consistently use type u_int32_t for the header of a DLT_NULL device - it continues to represent the address family as always. 2) In the DLT_NULL case get bpf_movein to store the u_int32_t in a sockaddr rather than in the mbuf, to be consistent with all the DLT types. 3) Consequently fix a bug in bpf_movein/bpfwrite which only permitted packets up to 4 bytes less than the MTU to be written. 4) Fix all DLT_NULL devices to have the code required to allow writing to their bpf devices. 5) Move the code to allow writing to if_lo from if_simloop to looutput, because it only applies to DLT_NULL devices but was being applied to other devices that use if_simloop possibly incorrectly. PR: 82157 Submitted by: Matthew Luckie <mjl@luckie.org.nz> Approved by: re (scottl)
2005-06-26 18:11:11 +00:00
case DLT_NULL:
/*
* null interface types require a 4 byte pseudo header which
* corresponds to the address family of the packet.
*/
sockp->sa_family = AF_UNSPEC;
hlen = 4;
break;
update ATM driver. (base version: midway.c 1.67 --> 1.68) several new features are added: - support vc/vp shaping - support pvc shadow interface code cleanup: - remove WMAYBE related code. ENI WMAYBE DMA doen't work. - remove updating if_lastchange for every packet. - BPF related code is moved to midway.c as it should be. (bpfwrite should work if atm_pseudohdr and LLC/SNAP are prepended.) - BPF link type is changed to DLT_ATM_RFC1483. BPF now understands only LLC/SNAP!! (because bpf can't handle variable link header length.) It is recommended to use LLC/SNAP instead of NULL encapsulation for various reasons. (BPF, IPv6, interoperability, etc.) the code has been used for months in ALTQ and KAME IPv6. OKed by phk long time ago.
1998-07-29 05:35:16 +00:00
case DLT_ATM_RFC1483:
/*
* en atm driver requires 4-byte atm pseudo header.
* though it isn't standard, vpi:vci needs to be
* specified anyway.
*/
sockp->sa_family = AF_UNSPEC;
Clean up whitespace, s/register //, refrain from strong urge to ANSIfy.
2003-03-02 15:56:49 +00:00
hlen = 12; /* XXX 4(ATM_PH) + 3(LLC) + 5(SNAP) */
update ATM driver. (base version: midway.c 1.67 --> 1.68) several new features are added: - support vc/vp shaping - support pvc shadow interface code cleanup: - remove WMAYBE related code. ENI WMAYBE DMA doen't work. - remove updating if_lastchange for every packet. - BPF related code is moved to midway.c as it should be. (bpfwrite should work if atm_pseudohdr and LLC/SNAP are prepended.) - BPF link type is changed to DLT_ATM_RFC1483. BPF now understands only LLC/SNAP!! (because bpf can't handle variable link header length.) It is recommended to use LLC/SNAP instead of NULL encapsulation for various reasons. (BPF, IPv6, interoperability, etc.) the code has been used for months in ALTQ and KAME IPv6. OKed by phk long time ago.
1998-07-29 05:35:16 +00:00
break;
Call bpfattach() correctly from if_ppp.c Submitted by: Andy Adams <ala@merit.edu> PR: 18506
2000-09-16 14:17:15 +00:00
case DLT_PPP:
sockp->sa_family = AF_UNSPEC;
hlen = 4; /* This should match PPP_HDRLEN */
break;
add support for 802.11 packet injection via bpf Together with: Andrea Bittau <a.bittau@cs.ucl.ac.uk> Reviewed by: arch@ MFC after: 1 month
2006-07-26 03:15:16 +00:00
case DLT_IEEE802_11: /* IEEE 802.11 wireless */
sockp->sa_family = AF_IEEE80211;
hlen = 0;
break;
case DLT_IEEE802_11_RADIO: /* IEEE 802.11 wireless w/ phy params */
sockp->sa_family = AF_IEEE80211;
sockp->sa_len = 12; /* XXX != 0 */
hlen = sizeof(struct ieee80211_bpf_params);
break;
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
default:
return (EIO);
}
len = uio->uio_resid;
Fix some long standing bugs in writing to the BPF device attached to a DLT_NULL interface. In particular: 1) Consistently use type u_int32_t for the header of a DLT_NULL device - it continues to represent the address family as always. 2) In the DLT_NULL case get bpf_movein to store the u_int32_t in a sockaddr rather than in the mbuf, to be consistent with all the DLT types. 3) Consequently fix a bug in bpf_movein/bpfwrite which only permitted packets up to 4 bytes less than the MTU to be written. 4) Fix all DLT_NULL devices to have the code required to allow writing to their bpf devices. 5) Move the code to allow writing to if_lo from if_simloop to looutput, because it only applies to DLT_NULL devices but was being applied to other devices that use if_simloop possibly incorrectly. PR: 82157 Submitted by: Matthew Luckie <mjl@luckie.org.nz> Approved by: re (scottl)
2005-06-26 18:11:11 +00:00
Check for multicast destination on bpf injected packets and update the M_*CAST flags, the absense of these flags causes problems in other areas such as bridging which expect them to be correct. At the moment only Ethernet DLTs are checked. Reviewed by: bms, csjp, sam Approved by: re (bmah)
2007-09-10 00:03:06 +00:00
if (len - hlen > ifp->if_mtu)
Fix some long standing bugs in writing to the BPF device attached to a DLT_NULL interface. In particular: 1) Consistently use type u_int32_t for the header of a DLT_NULL device - it continues to represent the address family as always. 2) In the DLT_NULL case get bpf_movein to store the u_int32_t in a sockaddr rather than in the mbuf, to be consistent with all the DLT types. 3) Consequently fix a bug in bpf_movein/bpfwrite which only permitted packets up to 4 bytes less than the MTU to be written. 4) Fix all DLT_NULL devices to have the code required to allow writing to their bpf devices. 5) Move the code to allow writing to if_lo from if_simloop to looutput, because it only applies to DLT_NULL devices but was being applied to other devices that use if_simloop possibly incorrectly. PR: 82157 Submitted by: Matthew Luckie <mjl@luckie.org.nz> Approved by: re (scottl)
2005-06-26 18:11:11 +00:00
return (EMSGSIZE);
Allow injecting big packets via bpf(4) up to min(MTU, 16K-byte). MFC after: 1 week
2008-07-14 22:41:48 +00:00
if ((unsigned)len > MJUM16BYTES)
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
return (EIO);
Allow injecting big packets via bpf(4) up to min(MTU, 16K-byte). MFC after: 1 week
2008-07-14 22:41:48 +00:00
if (len <= MHLEN)
MGETHDR(m, M_WAIT, MT_DATA);
else if (len <= MCLBYTES)
Replaced the misleading uses of a historical artefact M_TRYWAIT with M_WAIT. Removed dead code that assumed that M_TRYWAIT can return NULL; it's not true since the advent of MBUMA. Reviewed by: arch There are ongoing disputes as to whether we want to switch to directly using UMA flags M_WAITOK/M_NOWAIT for mbuf(9) allocation.
2008-03-25 09:39:02 +00:00
m = m_getcl(M_WAIT, MT_DATA, M_PKTHDR);
else
Allow injecting big packets via bpf(4) up to min(MTU, 16K-byte). MFC after: 1 week
2008-07-14 22:41:48 +00:00
m = m_getjcl(M_WAIT, MT_DATA, M_PKTHDR,
#if (MJUMPAGESIZE > MCLBYTES)
len <= MJUMPAGESIZE ? MJUMPAGESIZE :
#endif
(len <= MJUM9BYTES ? MJUM9BYTES : MJUM16BYTES));
Fix BPf to generate a header mbuf for writes. Fix loopback and discard interfaces to understand BPF writes. (These two from Bill Fenner to fix PR 512.) Move ifpromisc() from bpf.c to if.c as suggested by comment in BPF. Send a notice to the log when promiscuous mode is enabled.
1995-09-22 17:57:48 +00:00
m->m_pkthdr.len = m->m_len = len;
m->m_pkthdr.rcvif = NULL;
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
*mp = m;
o add support for multiple link types per interface (e.g. 802.11 and Ethernet) o introduce BPF_TAP and BPF_MTAP macros to hide implementation details and ease code portability o use m_getcl where appropriate Reviewed by: many Approved by: re Obtained from: NetBSD (multiple link type support)
2002-11-14 23:24:13 +00:00
Introduce two new ioctl(2) commands, BIOCLOCK and BIOCSETWF. These commands enhance the security of bpf(4) by further relinquishing the privilege of the bpf(4) consumer (assuming the ioctl commands are being implemented). Once BIOCLOCK is executed, the device becomes locked which prevents the execution of ioctl(2) commands which can change the underly parameters of the bpf(4) device. An example might be the setting of bpf(4) filter programs or attaching to different network interfaces. BIOCSETWF can be used to set write filters for outgoing packets. Currently if a bpf(4) consumer is compromised, the bpf(4) descriptor can essentially be used as a raw socket, regardless of consumer's UID. Write filters give users the ability to constrain which packets can be sent through the bpf(4) descriptor. These features are currently implemented by a couple programs which came from OpenBSD, such as the new dhclient and pflogd. -Modify bpf_setf(9) to accept a "cmd" parameter. This will be used to specify whether a read or write filter is to be set. -Add a bpf(4) filter program as a parameter to bpf_movein(9) as we will run the filter program on the mbuf data once we move the packet in from user-space. -Rather than execute two uiomove operations, (one for the link header and the other for the packet data), execute one and manually copy the linker header into the sockaddr structure via bcopy. -Restructure bpf_setf to compensate for write filters, as well as read. -Adjust bpf(4) stats structures to include a bd_locked member. It should be noted that the FreeBSD and OpenBSD implementations differ a bit in the sense that we unconditionally enforce the lock, where OpenBSD enforces it only if the calling credential is not root. Idea from: OpenBSD Reviewed by: mlaier
2005-08-22 19:35:48 +00:00
if (m->m_len < hlen) {
error = EPERM;
goto bad;
}
error = uiomove(mtod(m, u_char *), len, uio);
if (error)
goto bad;
slen = bpf_filter(wfilter, mtod(m, u_char *), len, len);
if (slen == 0) {
error = EPERM;
goto bad;
}
Check for multicast destination on bpf injected packets and update the M_*CAST flags, the absense of these flags causes problems in other areas such as bridging which expect them to be correct. At the moment only Ethernet DLTs are checked. Reviewed by: bms, csjp, sam Approved by: re (bmah)
2007-09-10 00:03:06 +00:00
/* Check for multicast destination */
switch (linktype) {
case DLT_EN10MB:
eh = mtod(m, struct ether_header *);
if (ETHER_IS_MULTICAST(eh->ether_dhost)) {
if (bcmp(ifp->if_broadcastaddr, eh->ether_dhost,
ETHER_ADDR_LEN) == 0)
m->m_flags |= M_BCAST;
else
m->m_flags |= M_MCAST;
}
break;
}
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
/*
Introduce two new ioctl(2) commands, BIOCLOCK and BIOCSETWF. These commands enhance the security of bpf(4) by further relinquishing the privilege of the bpf(4) consumer (assuming the ioctl commands are being implemented). Once BIOCLOCK is executed, the device becomes locked which prevents the execution of ioctl(2) commands which can change the underly parameters of the bpf(4) device. An example might be the setting of bpf(4) filter programs or attaching to different network interfaces. BIOCSETWF can be used to set write filters for outgoing packets. Currently if a bpf(4) consumer is compromised, the bpf(4) descriptor can essentially be used as a raw socket, regardless of consumer's UID. Write filters give users the ability to constrain which packets can be sent through the bpf(4) descriptor. These features are currently implemented by a couple programs which came from OpenBSD, such as the new dhclient and pflogd. -Modify bpf_setf(9) to accept a "cmd" parameter. This will be used to specify whether a read or write filter is to be set. -Add a bpf(4) filter program as a parameter to bpf_movein(9) as we will run the filter program on the mbuf data once we move the packet in from user-space. -Rather than execute two uiomove operations, (one for the link header and the other for the packet data), execute one and manually copy the linker header into the sockaddr structure via bcopy. -Restructure bpf_setf to compensate for write filters, as well as read. -Adjust bpf(4) stats structures to include a bd_locked member. It should be noted that the FreeBSD and OpenBSD implementations differ a bit in the sense that we unconditionally enforce the lock, where OpenBSD enforces it only if the calling credential is not root. Idea from: OpenBSD Reviewed by: mlaier
2005-08-22 19:35:48 +00:00
* Make room for link header, and copy it to sockaddr
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
*/
if (hlen != 0) {
add support for 802.11 packet injection via bpf Together with: Andrea Bittau <a.bittau@cs.ucl.ac.uk> Reviewed by: arch@ MFC after: 1 month
2006-07-26 03:15:16 +00:00
if (sockp->sa_family == AF_IEEE80211) {
/*
* Collect true length from the parameter header
* NB: sockp is known to be zero'd so if we do a
* short copy unspecified parameters will be
* zero.
* NB: packet may not be aligned after stripping
* bpf params
* XXX check ibp_vers
*/
p = mtod(m, const struct ieee80211_bpf_params *);
hlen = p->ibp_len;
if (hlen > sizeof(sockp->sa_data)) {
error = EINVAL;
goto bad;
}
}
Introduce two new ioctl(2) commands, BIOCLOCK and BIOCSETWF. These commands enhance the security of bpf(4) by further relinquishing the privilege of the bpf(4) consumer (assuming the ioctl commands are being implemented). Once BIOCLOCK is executed, the device becomes locked which prevents the execution of ioctl(2) commands which can change the underly parameters of the bpf(4) device. An example might be the setting of bpf(4) filter programs or attaching to different network interfaces. BIOCSETWF can be used to set write filters for outgoing packets. Currently if a bpf(4) consumer is compromised, the bpf(4) descriptor can essentially be used as a raw socket, regardless of consumer's UID. Write filters give users the ability to constrain which packets can be sent through the bpf(4) descriptor. These features are currently implemented by a couple programs which came from OpenBSD, such as the new dhclient and pflogd. -Modify bpf_setf(9) to accept a "cmd" parameter. This will be used to specify whether a read or write filter is to be set. -Add a bpf(4) filter program as a parameter to bpf_movein(9) as we will run the filter program on the mbuf data once we move the packet in from user-space. -Rather than execute two uiomove operations, (one for the link header and the other for the packet data), execute one and manually copy the linker header into the sockaddr structure via bcopy. -Restructure bpf_setf to compensate for write filters, as well as read. -Adjust bpf(4) stats structures to include a bd_locked member. It should be noted that the FreeBSD and OpenBSD implementations differ a bit in the sense that we unconditionally enforce the lock, where OpenBSD enforces it only if the calling credential is not root. Idea from: OpenBSD Reviewed by: mlaier
2005-08-22 19:35:48 +00:00
bcopy(m->m_data, sockp->sa_data, hlen);
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
}
Add three new ioctl(2) commands for bpf(4). - BIOCGDIRECTION and BIOCSDIRECTION get or set the setting determining whether incoming, outgoing, or all packets on the interface should be returned by BPF. Set to BPF_D_IN to see only incoming packets on the interface. Set to BPF_D_INOUT to see packets originating locally and remotely on the interface. Set to BPF_D_OUT to see only outgoing packets on the interface. This setting is initialized to BPF_D_INOUT by default. BIOCGSEESENT and BIOCSSEESENT are obsoleted by these but kept for backward compatibility. - BIOCFEEDBACK sets packet feedback mode. This allows injected packets to be fed back as input to the interface when output via the interface is successful. When BPF_D_INOUT direction is set, injected outgoing packet is not returned by BPF to avoid duplication. This flag is initialized to zero by default. Note that libpcap has been modified to support BPF_D_OUT direction for pcap_setdirection(3) and PCAP_D_OUT direction is functional now. Reviewed by: rwatson
2007-02-26 22:24:14 +00:00
*hdrlen = hlen;
Introduce two new ioctl(2) commands, BIOCLOCK and BIOCSETWF. These commands enhance the security of bpf(4) by further relinquishing the privilege of the bpf(4) consumer (assuming the ioctl commands are being implemented). Once BIOCLOCK is executed, the device becomes locked which prevents the execution of ioctl(2) commands which can change the underly parameters of the bpf(4) device. An example might be the setting of bpf(4) filter programs or attaching to different network interfaces. BIOCSETWF can be used to set write filters for outgoing packets. Currently if a bpf(4) consumer is compromised, the bpf(4) descriptor can essentially be used as a raw socket, regardless of consumer's UID. Write filters give users the ability to constrain which packets can be sent through the bpf(4) descriptor. These features are currently implemented by a couple programs which came from OpenBSD, such as the new dhclient and pflogd. -Modify bpf_setf(9) to accept a "cmd" parameter. This will be used to specify whether a read or write filter is to be set. -Add a bpf(4) filter program as a parameter to bpf_movein(9) as we will run the filter program on the mbuf data once we move the packet in from user-space. -Rather than execute two uiomove operations, (one for the link header and the other for the packet data), execute one and manually copy the linker header into the sockaddr structure via bcopy. -Restructure bpf_setf to compensate for write filters, as well as read. -Adjust bpf(4) stats structures to include a bd_locked member. It should be noted that the FreeBSD and OpenBSD implementations differ a bit in the sense that we unconditionally enforce the lock, where OpenBSD enforces it only if the calling credential is not root. Idea from: OpenBSD Reviewed by: mlaier
2005-08-22 19:35:48 +00:00
return (0);
o add support for multiple link types per interface (e.g. 802.11 and Ethernet) o introduce BPF_TAP and BPF_MTAP macros to hide implementation details and ease code portability o use m_getcl where appropriate Reviewed by: many Approved by: re Obtained from: NetBSD (multiple link type support)
2002-11-14 23:24:13 +00:00
bad:
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
m_freem(m);
return (error);
}
/*
* Attach file to the bpf interface, i.e. make d listen on bp.
*/
static void
Since we are doing some bpf(4) clean up, change a couple of function prototypes to be consistent. Also, ANSI'fy function definitions. There is no functional change here.
2006-06-15 15:39:12 +00:00
bpf_attachd(struct bpf_d *d, struct bpf_if *bp)
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
{
/*
* Point d at bp, and add d to the interface's list of listeners.
* Finally, point the driver's bpf cookie at the interface so
* it will divert packets to bpf.
*/
Add mutexes to the entire bpf subsystem to make it MPSAFE. Previously reviewed by: jhb, bde
2001-02-16 17:10:28 +00:00
BPFIF_LOCK(bp);
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
d->bd_bif = bp;
Reformulate use of linked lists in 'struct bpf_d' and 'struct bpf_if' to use queue(3) list macros rather than hand-crafted lists. While here, move to doubly linked lists to eliminate iterating lists in order to remove entries. This change simplifies and clarifies the list logic in the BPF descriptor code as a first step towards revising the locking strategy. RELENG_5 candidate. Reviewed by: fenner
2004-09-09 00:19:27 +00:00
LIST_INSERT_HEAD(&bp->bif_dlist, d, bd_next);
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
Introduce new sysctl variable: net.bpf.stats. This sysctl variable can be used to pass statistics regarding dropped, matched and received packet counts from the kernel to user-space. While we are here introduce a new counter for filtered or matched packets. We currently keep track of packets received or dropped by the bpf device, but not how many packets actually matched the bpf filter. -Introduce net.bpf.stats sysctl OID -Move sysctl variables after the function prototypes so we can reference bpf_stats_sysctl(9) without build errors. -Introduce bpf descriptor counter which is used mainly for sizing of the xbpf_d array. -Introduce a xbpf_d structure which will act as an external representation of the bpf_d structure. -Add a the following members to the bpfd structure: bd_fcount - Number of packets which matched bpf filter bd_pid - PID which opened the bpf device bd_pcomm - Process name which opened the device. It should be noted that it's possible that the process which opened the device could be long gone at the time of stats collection. An example might be a process that opens the bpf device forks then exits leaving the child process with the bpf fd. Reviewed by: mdodd
2005-07-24 17:21:17 +00:00
bpf_bpfd_cnt++;
Add mutexes to the entire bpf subsystem to make it MPSAFE. Previously reviewed by: jhb, bde
2001-02-16 17:10:28 +00:00
BPFIF_UNLOCK(bp);
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
}
/*
* Detach a file from its interface.
*/
static void
Since we are doing some bpf(4) clean up, change a couple of function prototypes to be consistent. Also, ANSI'fy function definitions. There is no functional change here.
2006-06-15 15:39:12 +00:00
bpf_detachd(struct bpf_d *d)
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
{
Don't panic if ifpromisc() returnes ENXIO, it's probably just an pccard which have been pulled.
2000-06-01 21:57:13 +00:00
int error;
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
struct bpf_if *bp;
Reformulate bpf_dettachd() to acquire the BIF_LOCK() as well as BPFD_LOCK() when removing a descriptor from an interface descriptor list. Hold both over the operation, and do a better job at maintaining the invariant that you can't find partially connected descriptors on an active interface descriptor list. This appears to close a race that resulted in the kernel performing a NULL pointer dereference when BPF sessions are detached during heavy network activity on SMP systems. RELENG_5 candidate.
2004-09-09 04:11:12 +00:00
struct ifnet *ifp;
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
bp = d->bd_bif;
Reformulate bpf_dettachd() to acquire the BIF_LOCK() as well as BPFD_LOCK() when removing a descriptor from an interface descriptor list. Hold both over the operation, and do a better job at maintaining the invariant that you can't find partially connected descriptors on an active interface descriptor list. This appears to close a race that resulted in the kernel performing a NULL pointer dereference when BPF sessions are detached during heavy network activity on SMP systems. RELENG_5 candidate.
2004-09-09 04:11:12 +00:00
BPFIF_LOCK(bp);
BPFD_LOCK(d);
ifp = d->bd_bif->bif_ifp;
/*
* Remove d from the interface's descriptor list.
*/
LIST_REMOVE(d, bd_next);
Introduce new sysctl variable: net.bpf.stats. This sysctl variable can be used to pass statistics regarding dropped, matched and received packet counts from the kernel to user-space. While we are here introduce a new counter for filtered or matched packets. We currently keep track of packets received or dropped by the bpf device, but not how many packets actually matched the bpf filter. -Introduce net.bpf.stats sysctl OID -Move sysctl variables after the function prototypes so we can reference bpf_stats_sysctl(9) without build errors. -Introduce bpf descriptor counter which is used mainly for sizing of the xbpf_d array. -Introduce a xbpf_d structure which will act as an external representation of the bpf_d structure. -Add a the following members to the bpfd structure: bd_fcount - Number of packets which matched bpf filter bd_pid - PID which opened the bpf device bd_pcomm - Process name which opened the device. It should be noted that it's possible that the process which opened the device could be long gone at the time of stats collection. An example might be a process that opens the bpf device forks then exits leaving the child process with the bpf fd. Reviewed by: mdodd
2005-07-24 17:21:17 +00:00
bpf_bpfd_cnt--;
Prefer NULL to '0' when checking a pointer value.
2004-07-24 16:58:56 +00:00
d->bd_bif = NULL;
Reformulate bpf_dettachd() to acquire the BIF_LOCK() as well as BPFD_LOCK() when removing a descriptor from an interface descriptor list. Hold both over the operation, and do a better job at maintaining the invariant that you can't find partially connected descriptors on an active interface descriptor list. This appears to close a race that resulted in the kernel performing a NULL pointer dereference when BPF sessions are detached during heavy network activity on SMP systems. RELENG_5 candidate.
2004-09-09 04:11:12 +00:00
BPFD_UNLOCK(d);
BPFIF_UNLOCK(bp);
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
/*
* Check if this descriptor had requested promiscuous mode.
* If so, turn it off.
*/
if (d->bd_promisc) {
d->bd_promisc = 0;
Reformulate bpf_dettachd() to acquire the BIF_LOCK() as well as BPFD_LOCK() when removing a descriptor from an interface descriptor list. Hold both over the operation, and do a better job at maintaining the invariant that you can't find partially connected descriptors on an active interface descriptor list. This appears to close a race that resulted in the kernel performing a NULL pointer dereference when BPF sessions are detached during heavy network activity on SMP systems. RELENG_5 candidate.
2004-09-09 04:11:12 +00:00
error = ifpromisc(ifp, 0);
Don't panic if ifpromisc() returnes ENXIO, it's probably just an pccard which have been pulled.
2000-06-01 21:57:13 +00:00
if (error != 0 && error != ENXIO) {
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
/*
Don't panic if ifpromisc() returnes ENXIO, it's probably just an pccard which have been pulled.
2000-06-01 21:57:13 +00:00
* ENXIO can happen if a pccard is unplugged
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
* Something is really wrong if we were able to put
* the driver into promiscuous mode, but can't
* take it out.
*/
o add BIOCGDLTLIST and BIOCSDLT ioctls to get the data link type list and set the link type for use by libpcap and tcpdump o move mtx unlock in bpfdetach up; it doesn't need to be held so long o change printf in bpf_detach to distinguish it from the same one in bpfsetdlt Note there are locking issues here related to ioctl processing; they have not been addressed here. Submitted by: Guy Harris <guy@alum.mit.edu> Obtained from: NetBSD (w/ locking modifications)
2003-01-20 19:08:46 +00:00
if_printf(bp->bif_ifp,
"bpf_detach: ifpromisc failed (%d)\n", error);
Don't panic if ifpromisc() returnes ENXIO, it's probably just an pccard which have been pulled.
2000-06-01 21:57:13 +00:00
}
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
}
}
Change bpf(4) to use the cdevpriv API. Right now the bpf(4) driver uses the cloning API to generate /dev/bpf%u. When an application such as tcpdump needs a BPF, it opens /dev/bpf0, /dev/bpf1, etc. until it opens the first available device node. We used this approach, because our devfs implementation didn't allow per-descriptor data. Now that we can, make it use devfs_get_cdevpriv() to obtain the private data. To remain compatible with the existing implementation, add a symlink from /dev/bpf0 to /dev/bpf. I've already changed libpcap to compile with HAVE_CLONING_BPF, which makes it use /dev/bpf. There may be other applications in the base system (dhclient) that use the loop to obtain a valid bpf. Discussed on: src-committers Approved by: csjp
2008-08-13 15:41:21 +00:00
/*
* Close the descriptor by detaching it from its interface,
* deallocating its buffers, and marking it free.
*/
static void
bpf_dtor(void *data)
{
struct bpf_d *d = data;
BPFD_LOCK(d);
if (d->bd_state == BPF_WAITING)
callout_stop(&d->bd_callout);
d->bd_state = BPF_IDLE;
BPFD_UNLOCK(d);
funsetown(&d->bd_sigio);
mtx_lock(&bpf_mtx);
if (d->bd_bif)
bpf_detachd(d);
mtx_unlock(&bpf_mtx);
selwakeuppri(&d->bd_sel, PRINET);
#ifdef MAC
mac_bpfdesc_destroy(d);
#endif /* MAC */
knlist_destroy(&d->bd_sel.si_note);
bpf_freed(d);
free(d, M_BPF);
}
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
/*
* Open ethernet device. Returns ENXIO for illegal minor device number,
* EBUSY if file is open by another process.
*/
/* ARGSUSED */
Pass 3 of the great devsw changes most devsw referenced functions are now static, as they are in the same file as their devsw structure. I've also added DEVFS support for nearly every device in the system, however many of the devices have 'incorrect' names under DEVFS because I couldn't quickly work out the correct naming conventions. (but devfs won't be coming on line for a month or so anyhow so that doesn't matter) If you "OWN" a device which would normally have an entry in /dev then search for the devfs_add_devsw() entries and munge to make them right.. check out similar devices to see what I might have done in them in you can't see what's going on.. for a laugh compare conf.c conf.h defore and after... :) I have not doen DEVFS entries for any DISKSLICE devices yet as that will be a much more complicated job.. (pass 5 :) pass 4 will be to make the devsw tables of type (cdevsw * ) rather than (cdevsw) seems to work here.. complaints to the usual places.. :)
1995-12-08 11:19:42 +00:00
static int
Since we are doing some bpf(4) clean up, change a couple of function prototypes to be consistent. Also, ANSI'fy function definitions. There is no functional change here.
2006-06-15 15:39:12 +00:00
bpfopen(struct cdev *dev, int flags, int fmt, struct thread *td)
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
{
Add mutexes to the entire bpf subsystem to make it MPSAFE. Previously reviewed by: jhb, bde
2001-02-16 17:10:28 +00:00
struct bpf_d *d;
Change bpf(4) to use the cdevpriv API. Right now the bpf(4) driver uses the cloning API to generate /dev/bpf%u. When an application such as tcpdump needs a BPF, it opens /dev/bpf0, /dev/bpf1, etc. until it opens the first available device node. We used this approach, because our devfs implementation didn't allow per-descriptor data. Now that we can, make it use devfs_get_cdevpriv() to obtain the private data. To remain compatible with the existing implementation, add a symlink from /dev/bpf0 to /dev/bpf. I've already changed libpcap to compile with HAVE_CLONING_BPF, which makes it use /dev/bpf. There may be other applications in the base system (dhclient) that use the loop to obtain a valid bpf. Discussed on: src-committers Approved by: csjp
2008-08-13 15:41:21 +00:00
int error;
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
Back out M_* changes, per decision of the TRB. Approved by: trb
2003-02-19 05:47:46 +00:00
MALLOC(d, struct bpf_d *, sizeof(*d), M_BPF, M_WAITOK | M_ZERO);
Change bpf(4) to use the cdevpriv API. Right now the bpf(4) driver uses the cloning API to generate /dev/bpf%u. When an application such as tcpdump needs a BPF, it opens /dev/bpf0, /dev/bpf1, etc. until it opens the first available device node. We used this approach, because our devfs implementation didn't allow per-descriptor data. Now that we can, make it use devfs_get_cdevpriv() to obtain the private data. To remain compatible with the existing implementation, add a symlink from /dev/bpf0 to /dev/bpf. I've already changed libpcap to compile with HAVE_CLONING_BPF, which makes it use /dev/bpf. There may be other applications in the base system (dhclient) that use the loop to obtain a valid bpf. Discussed on: src-committers Approved by: csjp
2008-08-13 15:41:21 +00:00
error = devfs_set_cdevpriv(d, bpf_dtor);
if (error != 0) {
free(d, M_BPF);
return (error);
}
Introduce support for zero-copy BPF buffering, which reduces the overhead of packet capture by allowing a user process to directly "loan" buffer memory to the kernel rather than using read(2) to explicitly copy data from kernel address space. The user process will issue new BPF ioctls to set the shared memory buffer mode and provide pointers to buffers and their size. The kernel then wires and maps the pages into kernel address space using sf_buf(9), which on supporting architectures will use the direct map region. The current "buffered" access mode remains the default, and support for zero-copy buffers must, for the time being, be explicitly enabled using a sysctl for the kernel to accept requests to use it. The kernel and user process synchronize use of the buffers with atomic operations, avoiding the need for system calls under load; the user process may use select()/poll()/kqueue() to manage blocking while waiting for network data if the user process is able to consume data faster than the kernel generates it. Patchs to libpcap are available to allow libpcap applications to transparently take advantage of this support. Detailed information on the new API may be found in bpf(4), including specific atomic operations and memory barriers required to synchronize buffer use safely. These changes modify the base BPF implementation to (roughly) abstrac the current buffer model, allowing the new shared memory model to be added, and add new monitoring statistics for netstat to print. The implementation, with the exception of some monitoring hanges that break the netstat monitoring ABI for BPF, will be MFC'd. Zerocopy bpf buffers are still considered experimental are disabled by default. To experiment with this new facility, adjust the net.bpf.zerocopy_enable sysctl variable to 1. Changes to libpcap will be made available as a patch for the time being, and further refinements to the implementation are expected. Sponsored by: Seccuris Inc. In collaboration with: rwatson Tested by: pwood, gallatin MFC after: 4 months [1] [1] Certain portions will probably not be MFCed, specifically things that can break the monitoring ABI.
2008-03-24 13:49:17 +00:00
/*
* For historical reasons, perform a one-time initialization call to
* the buffer routines, even though we're not yet committed to a
* particular buffer method.
*/
bpf_buffer_init(d);
d->bd_bufmode = BPF_BUFMODE_BUFFER;
Give the BPF the ability to generate signals when a packet is available. Reviewed by: pst & wollman Submitted by: grossman@cygnus.com
1995-06-15 18:11:00 +00:00
d->bd_sig = SIGIO;
Add three new ioctl(2) commands for bpf(4). - BIOCGDIRECTION and BIOCSDIRECTION get or set the setting determining whether incoming, outgoing, or all packets on the interface should be returned by BPF. Set to BPF_D_IN to see only incoming packets on the interface. Set to BPF_D_INOUT to see packets originating locally and remotely on the interface. Set to BPF_D_OUT to see only outgoing packets on the interface. This setting is initialized to BPF_D_INOUT by default. BIOCGSEESENT and BIOCSSEESENT are obsoleted by these but kept for backward compatibility. - BIOCFEEDBACK sets packet feedback mode. This allows injected packets to be fed back as input to the interface when output via the interface is successful. When BPF_D_INOUT direction is set, injected outgoing packet is not returned by BPF to avoid duplication. This flag is initialized to zero by default. Note that libpcap has been modified to support BPF_D_OUT direction for pcap_setdirection(3) and PCAP_D_OUT direction is functional now. Reviewed by: rwatson
2007-02-26 22:24:14 +00:00
d->bd_direction = BPF_D_INOUT;
Introduce new sysctl variable: net.bpf.stats. This sysctl variable can be used to pass statistics regarding dropped, matched and received packet counts from the kernel to user-space. While we are here introduce a new counter for filtered or matched packets. We currently keep track of packets received or dropped by the bpf device, but not how many packets actually matched the bpf filter. -Introduce net.bpf.stats sysctl OID -Move sysctl variables after the function prototypes so we can reference bpf_stats_sysctl(9) without build errors. -Introduce bpf descriptor counter which is used mainly for sizing of the xbpf_d array. -Introduce a xbpf_d structure which will act as an external representation of the bpf_d structure. -Add a the following members to the bpfd structure: bd_fcount - Number of packets which matched bpf filter bd_pid - PID which opened the bpf device bd_pcomm - Process name which opened the device. It should be noted that it's possible that the process which opened the device could be long gone at the time of stats collection. An example might be a process that opens the bpf device forks then exits leaving the child process with the bpf fd. Reviewed by: mdodd
2005-07-24 17:21:17 +00:00
d->bd_pid = td->td_proc->p_pid;
Introduce support for Mandatory Access Control and extensible kernel access control. Instrument BPF so that MAC labels are properly maintained on BPF descriptors. MAC framework entry points are invoked at BPF instantiation and allocation, permitting the MAC framework to derive the BPF descriptor label from the credential authorizing the device open. Also enter the MAC framework to label mbufs created using the BPF device. Obtained from: TrustedBSD Project Sponsored by: DARPA, NAI Labs
2002-07-31 16:09:38 +00:00
#ifdef MAC
Merge first in a series of TrustedBSD MAC Framework KPI changes from Mac OS X Leopard--rationalize naming for entry points to the following general forms: mac_<object>_<method/action> mac_<object>_check_<method/action> The previous naming scheme was inconsistent and mostly reversed from the new scheme. Also, make object types more consistent and remove spaces from object types that contain multiple parts ("posix_sem" -> "posixsem") to make mechanical parsing easier. Introduce a new "netinet" object type for certain IPv4/IPv6-related methods. Also simplify, slightly, some entry point names. All MAC policy modules will need to be recompiled, and modules not updates as part of this commit will need to be modified to conform to the new KPI. Sponsored by: SPARTA (original patches against Mac OS X) Obtained from: TrustedBSD Project, Apple Computer
2007-10-24 19:04:04 +00:00
mac_bpfdesc_init(d);
mac_bpfdesc_create(td->td_ucred, d);
Introduce support for Mandatory Access Control and extensible kernel access control. Instrument BPF so that MAC labels are properly maintained on BPF descriptors. MAC framework entry points are invoked at BPF instantiation and allocation, permitting the MAC framework to derive the BPF descriptor label from the credential authorizing the device open. Also enter the MAC framework to label mbufs created using the BPF device. Obtained from: TrustedBSD Project Sponsored by: DARPA, NAI Labs
2002-07-31 16:09:38 +00:00
#endif
Change callers of mtx_init() to pass in an appropriate lock type name. In most cases NULL is passed, but in some cases such as network driver locks (which use the MTX_NETWORK_LOCK macro) and UMA zone locks, a name is used. Tested on: i386, alpha, sparc64
2002-04-04 21:03:38 +00:00
mtx_init(&d->bd_mtx, devtoname(dev), "bpf cdev lock", MTX_DEF);
Replace references to NET_CALLOUT_MPSAFE with CALLOUT_MPSAFE, and remove definition of NET_CALLOUT_MPSAFE, which is no longer required now that debug.mpsafenet has been removed. The once over: bz Approved by: re (kensmith)
2007-07-28 07:31:30 +00:00
callout_init(&d->bd_callout, CALLOUT_MPSAFE);
Fix the recent panics/LORs/hangs created by my kqueue commit by: - Introducing the possibility of using locks different than mutexes for the knlist locking. In order to do this, we add three arguments to knlist_init() to specify the functions to use to lock, unlock and check if the lock is owned. If these arguments are NULL, we assume mtx_lock, mtx_unlock and mtx_owned, respectively. - Using the vnode lock for the knlist locking, when doing kqueue operations on a vnode. This way, we don't have to lock the vnode while holding a mutex, in filt_vfsread. Reviewed by: jmg Approved by: re (scottl), scottl (mentor override) Pointyhat to: ssouhlal Will be happy: everyone
2005-07-01 16:28:32 +00:00
knlist_init(&d->bd_sel.si_note, &d->bd_mtx, NULL, NULL, NULL);
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
return (0);
}
/*
* bpfread - read next chunk of packets from buffers
*/
Pass 3 of the great devsw changes most devsw referenced functions are now static, as they are in the same file as their devsw structure. I've also added DEVFS support for nearly every device in the system, however many of the devices have 'incorrect' names under DEVFS because I couldn't quickly work out the correct naming conventions. (but devfs won't be coming on line for a month or so anyhow so that doesn't matter) If you "OWN" a device which would normally have an entry in /dev then search for the devfs_add_devsw() entries and munge to make them right.. check out similar devices to see what I might have done in them in you can't see what's going on.. for a laugh compare conf.c conf.h defore and after... :) I have not doen DEVFS entries for any DISKSLICE devices yet as that will be a much more complicated job.. (pass 5 :) pass 4 will be to make the devsw tables of type (cdevsw * ) rather than (cdevsw) seems to work here.. complaints to the usual places.. :)
1995-12-08 11:19:42 +00:00
static int
Since we are doing some bpf(4) clean up, change a couple of function prototypes to be consistent. Also, ANSI'fy function definitions. There is no functional change here.
2006-06-15 15:39:12 +00:00
bpfread(struct cdev *dev, struct uio *uio, int ioflag)
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
{
Change bpf(4) to use the cdevpriv API. Right now the bpf(4) driver uses the cloning API to generate /dev/bpf%u. When an application such as tcpdump needs a BPF, it opens /dev/bpf0, /dev/bpf1, etc. until it opens the first available device node. We used this approach, because our devfs implementation didn't allow per-descriptor data. Now that we can, make it use devfs_get_cdevpriv() to obtain the private data. To remain compatible with the existing implementation, add a symlink from /dev/bpf0 to /dev/bpf. I've already changed libpcap to compile with HAVE_CLONING_BPF, which makes it use /dev/bpf. There may be other applications in the base system (dhclient) that use the loop to obtain a valid bpf. Discussed on: src-committers Approved by: csjp
2008-08-13 15:41:21 +00:00
struct bpf_d *d;
Make bpf's read timeout feature work more correctly with select/poll, and therefore with pthreads. I doubt there is any way to make this 100% semantically identical to the way it behaves in unthreaded programs with blocking reads, but the solution here should do the right thing for all reasonable usage patterns. The basic idea is to schedule a callout for the read timeout when a select/poll is done. When the callout fires, it ends the select if it is still in progress, or marks the state as "timed out" if the select has already ended for some other reason. Additional logic in bpfread then does the right thing in the case where the timeout has fired. Note, I co-opted the bd_state member of the bpf_d structure. It has been present in the structure since the initial import of 4.4-lite, but as far as I can tell it has never been used. PR: kern/22063 and bin/31649 MFC after: 3 days
2001-12-14 22:17:54 +00:00
int timed_out;
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
int error;
Change bpf(4) to use the cdevpriv API. Right now the bpf(4) driver uses the cloning API to generate /dev/bpf%u. When an application such as tcpdump needs a BPF, it opens /dev/bpf0, /dev/bpf1, etc. until it opens the first available device node. We used this approach, because our devfs implementation didn't allow per-descriptor data. Now that we can, make it use devfs_get_cdevpriv() to obtain the private data. To remain compatible with the existing implementation, add a symlink from /dev/bpf0 to /dev/bpf. I've already changed libpcap to compile with HAVE_CLONING_BPF, which makes it use /dev/bpf. There may be other applications in the base system (dhclient) that use the loop to obtain a valid bpf. Discussed on: src-committers Approved by: csjp
2008-08-13 15:41:21 +00:00
error = devfs_get_cdevpriv((void **)&d);
if (error != 0)
return (error);
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
/*
* Restrict application to use a buffer the same size as
* as kernel buffers.
*/
if (uio->uio_resid != d->bd_bufsize)
return (EINVAL);
Add mutexes to the entire bpf subsystem to make it MPSAFE. Previously reviewed by: jhb, bde
2001-02-16 17:10:28 +00:00
BPFD_LOCK(d);
Make sure that we refresh the PID on read(2) and write(2) operations. This fixes the process portion of the bpf(4) stats if the peer forks into the background after it's opened the descriptor. This bug results in the following behavior for netstat -B: # netstat -B Pid Netif Flags Recv Drop Match Sblen Hblen Command netstat: kern.proc.pid failed: No such process 78023 em0 p--s-- 2237404 43119 2237404 13986 0 ?????? MFC after: 1 week
2007-10-12 14:58:34 +00:00
d->bd_pid = curthread->td_proc->p_pid;
Introduce support for zero-copy BPF buffering, which reduces the overhead of packet capture by allowing a user process to directly "loan" buffer memory to the kernel rather than using read(2) to explicitly copy data from kernel address space. The user process will issue new BPF ioctls to set the shared memory buffer mode and provide pointers to buffers and their size. The kernel then wires and maps the pages into kernel address space using sf_buf(9), which on supporting architectures will use the direct map region. The current "buffered" access mode remains the default, and support for zero-copy buffers must, for the time being, be explicitly enabled using a sysctl for the kernel to accept requests to use it. The kernel and user process synchronize use of the buffers with atomic operations, avoiding the need for system calls under load; the user process may use select()/poll()/kqueue() to manage blocking while waiting for network data if the user process is able to consume data faster than the kernel generates it. Patchs to libpcap are available to allow libpcap applications to transparently take advantage of this support. Detailed information on the new API may be found in bpf(4), including specific atomic operations and memory barriers required to synchronize buffer use safely. These changes modify the base BPF implementation to (roughly) abstrac the current buffer model, allowing the new shared memory model to be added, and add new monitoring statistics for netstat to print. The implementation, with the exception of some monitoring hanges that break the netstat monitoring ABI for BPF, will be MFC'd. Zerocopy bpf buffers are still considered experimental are disabled by default. To experiment with this new facility, adjust the net.bpf.zerocopy_enable sysctl variable to 1. Changes to libpcap will be made available as a patch for the time being, and further refinements to the implementation are expected. Sponsored by: Seccuris Inc. In collaboration with: rwatson Tested by: pwood, gallatin MFC after: 4 months [1] [1] Certain portions will probably not be MFCed, specifically things that can break the monitoring ABI.
2008-03-24 13:49:17 +00:00
if (d->bd_bufmode != BPF_BUFMODE_BUFFER) {
BPFD_UNLOCK(d);
return (EOPNOTSUPP);
}
Make bpf's read timeout feature work more correctly with select/poll, and therefore with pthreads. I doubt there is any way to make this 100% semantically identical to the way it behaves in unthreaded programs with blocking reads, but the solution here should do the right thing for all reasonable usage patterns. The basic idea is to schedule a callout for the read timeout when a select/poll is done. When the callout fires, it ends the select if it is still in progress, or marks the state as "timed out" if the select has already ended for some other reason. Additional logic in bpfread then does the right thing in the case where the timeout has fired. Note, I co-opted the bd_state member of the bpf_d structure. It has been present in the structure since the initial import of 4.4-lite, but as far as I can tell it has never been used. PR: kern/22063 and bin/31649 MFC after: 3 days
2001-12-14 22:17:54 +00:00
if (d->bd_state == BPF_WAITING)
callout_stop(&d->bd_callout);
timed_out = (d->bd_state == BPF_TIMED_OUT);
d->bd_state = BPF_IDLE;
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
/*
* If the hold buffer is empty, then do a timed sleep, which
* ends when the timeout expires or when enough packets
* have arrived to fill the store buffer.
*/
Prefer NULL to '0' when checking a pointer value.
2004-07-24 16:58:56 +00:00
while (d->bd_hbuf == NULL) {
Make bpf's read timeout feature work more correctly with select/poll, and therefore with pthreads. I doubt there is any way to make this 100% semantically identical to the way it behaves in unthreaded programs with blocking reads, but the solution here should do the right thing for all reasonable usage patterns. The basic idea is to schedule a callout for the read timeout when a select/poll is done. When the callout fires, it ends the select if it is still in progress, or marks the state as "timed out" if the select has already ended for some other reason. Additional logic in bpfread then does the right thing in the case where the timeout has fired. Note, I co-opted the bd_state member of the bpf_d structure. It has been present in the structure since the initial import of 4.4-lite, but as far as I can tell it has never been used. PR: kern/22063 and bin/31649 MFC after: 3 days
2001-12-14 22:17:54 +00:00
if ((d->bd_immediate || timed_out) && d->bd_slen != 0) {
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
/*
* A packet(s) either arrived since the previous
* read or arrived while we were asleep.
* Rotate the buffers and return what's here.
*/
ROTATE_BUFFERS(d);
break;
}
The advent of if_detach, allowing interface removal at runtime, makes it possible for a panic to occur if BPF is in use on the interface at the time of the call to if_detach. This happens because BPF maintains pointers to the struct ifnet describing the interface, which is freed by if_detach. To correct this problem, a new call, bpfdetach, is introduced. bpfdetach locates BPF descriptor references to the interface, and NULLs them. Other BPF code is modified so that discovery of a NULL interface results in ENXIO (already implemented for some calls). Processes blocked on a BPF call will also be woken up so that they can receive ENXIO. Interface drivers that invoke bpfattach and if_detach must be modified to also call bpfattach(ifp) before calling if_detach(ifp). This is relevant for buses that support hot removal, such as pccard and usb. Patches to all effected devices will not be committed, only to if_wi.c, due to testing limitations. To reproduce the crash, load up tcpdump on you favorite pccard ethernet card, and then eject the card. As some pccard drivers do not invoke if_detach(ifp), this bug will not manifest itself for those drivers. Reviewed by: wes
2000-03-19 05:42:34 +00:00
/*
* No data is available, check to see if the bpf device
* is still pointed at a real interface. If not, return
* ENXIO so that the userland process knows to rebind
* it before using it again.
*/
if (d->bd_bif == NULL) {
Add mutexes to the entire bpf subsystem to make it MPSAFE. Previously reviewed by: jhb, bde
2001-02-16 17:10:28 +00:00
BPFD_UNLOCK(d);
The advent of if_detach, allowing interface removal at runtime, makes it possible for a panic to occur if BPF is in use on the interface at the time of the call to if_detach. This happens because BPF maintains pointers to the struct ifnet describing the interface, which is freed by if_detach. To correct this problem, a new call, bpfdetach, is introduced. bpfdetach locates BPF descriptor references to the interface, and NULLs them. Other BPF code is modified so that discovery of a NULL interface results in ENXIO (already implemented for some calls). Processes blocked on a BPF call will also be woken up so that they can receive ENXIO. Interface drivers that invoke bpfattach and if_detach must be modified to also call bpfattach(ifp) before calling if_detach(ifp). This is relevant for buses that support hot removal, such as pccard and usb. Patches to all effected devices will not be committed, only to if_wi.c, due to testing limitations. To reproduce the crash, load up tcpdump on you favorite pccard ethernet card, and then eject the card. As some pccard drivers do not invoke if_detach(ifp), this bug will not manifest itself for those drivers. Reviewed by: wes
2000-03-19 05:42:34 +00:00
return (ENXIO);
}
Include fcntl.h Check O_NONBLOCK instead of IO_NDELAY Include uio.h Don't include vnode.h Don't include filedesc.h
2004-12-22 17:37:57 +00:00
if (ioflag & O_NONBLOCK) {
Add mutexes to the entire bpf subsystem to make it MPSAFE. Previously reviewed by: jhb, bde
2001-02-16 17:10:28 +00:00
BPFD_UNLOCK(d);
Fix bug: a read() on a bpf device which was in non-blocking mode and had no data available returned 0. Now it returns -1 with errno set to EWOULDBLOCK (== EAGAIN) as it should. This fix makes the bpf device usable in threaded programs. Reviewed by: bde
2000-12-17 20:50:22 +00:00
return (EWOULDBLOCK);
}
More low-hanging fruit: kill caddr_t in calls to wakeup(9) / [mt]sleep(9).
2003-03-02 16:54:40 +00:00
error = msleep(d, &d->bd_mtx, PRINET|PCATCH,
Add mutexes to the entire bpf subsystem to make it MPSAFE. Previously reviewed by: jhb, bde
2001-02-16 17:10:28 +00:00
"bpf", d->bd_rtout);
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
if (error == EINTR || error == ERESTART) {
Add mutexes to the entire bpf subsystem to make it MPSAFE. Previously reviewed by: jhb, bde
2001-02-16 17:10:28 +00:00
BPFD_UNLOCK(d);
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
return (error);
}
if (error == EWOULDBLOCK) {
/*
* On a timeout, return what's in the buffer,
* which may be nothing. If there is something
* in the store buffer, we can rotate the buffers.
*/
if (d->bd_hbuf)
/*
* We filled up the buffer in between
* getting the timeout and arriving
* here, so we don't need to rotate.
*/
break;
if (d->bd_slen == 0) {
Add mutexes to the entire bpf subsystem to make it MPSAFE. Previously reviewed by: jhb, bde
2001-02-16 17:10:28 +00:00
BPFD_UNLOCK(d);
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
return (0);
}
ROTATE_BUFFERS(d);
break;
}
}
/*
* At this point, we know we have something in the hold slot.
*/
Add mutexes to the entire bpf subsystem to make it MPSAFE. Previously reviewed by: jhb, bde
2001-02-16 17:10:28 +00:00
BPFD_UNLOCK(d);
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
/*
* Move data from hold buffer into user space.
* We know the entire buffer is transferred since
* we checked above that the read buffer is bpf_bufsize bytes.
Add comment that bpfread() has multi-threading issues. Fix minor white space nit.
2008-02-02 20:35:05 +00:00
*
* XXXRW: More synchronization needed here: what if a second thread
* issues a read on the same fd at the same time? Don't want this
* getting invalidated.
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
*/
Introduce support for zero-copy BPF buffering, which reduces the overhead of packet capture by allowing a user process to directly "loan" buffer memory to the kernel rather than using read(2) to explicitly copy data from kernel address space. The user process will issue new BPF ioctls to set the shared memory buffer mode and provide pointers to buffers and their size. The kernel then wires and maps the pages into kernel address space using sf_buf(9), which on supporting architectures will use the direct map region. The current "buffered" access mode remains the default, and support for zero-copy buffers must, for the time being, be explicitly enabled using a sysctl for the kernel to accept requests to use it. The kernel and user process synchronize use of the buffers with atomic operations, avoiding the need for system calls under load; the user process may use select()/poll()/kqueue() to manage blocking while waiting for network data if the user process is able to consume data faster than the kernel generates it. Patchs to libpcap are available to allow libpcap applications to transparently take advantage of this support. Detailed information on the new API may be found in bpf(4), including specific atomic operations and memory barriers required to synchronize buffer use safely. These changes modify the base BPF implementation to (roughly) abstrac the current buffer model, allowing the new shared memory model to be added, and add new monitoring statistics for netstat to print. The implementation, with the exception of some monitoring hanges that break the netstat monitoring ABI for BPF, will be MFC'd. Zerocopy bpf buffers are still considered experimental are disabled by default. To experiment with this new facility, adjust the net.bpf.zerocopy_enable sysctl variable to 1. Changes to libpcap will be made available as a patch for the time being, and further refinements to the implementation are expected. Sponsored by: Seccuris Inc. In collaboration with: rwatson Tested by: pwood, gallatin MFC after: 4 months [1] [1] Certain portions will probably not be MFCed, specifically things that can break the monitoring ABI.
2008-03-24 13:49:17 +00:00
error = bpf_uiomove(d, d->bd_hbuf, d->bd_hlen, uio);
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
Add mutexes to the entire bpf subsystem to make it MPSAFE. Previously reviewed by: jhb, bde
2001-02-16 17:10:28 +00:00
BPFD_LOCK(d);
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
d->bd_fbuf = d->bd_hbuf;
Prefer NULL to '0' when checking a pointer value.
2004-07-24 16:58:56 +00:00
d->bd_hbuf = NULL;
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
d->bd_hlen = 0;
Make sure we are clearing the ZBUF_FLAG_IMMUTABLE any time a free buffer is reclaimed by the kernel. This fixes a bug resulted in the kernel over writing packet data while user-space was still processing it when zerocopy is enabled. (Or a panic if invariants was enabled). Discussed with: rwatson
2008-07-05 20:11:28 +00:00
bpf_buf_reclaimed(d);
Add mutexes to the entire bpf subsystem to make it MPSAFE. Previously reviewed by: jhb, bde
2001-02-16 17:10:28 +00:00
BPFD_UNLOCK(d);
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
return (error);
}
/*
* If there are processes sleeping on this descriptor, wake them up.
*/
Add mutexes to the entire bpf subsystem to make it MPSAFE. Previously reviewed by: jhb, bde
2001-02-16 17:10:28 +00:00
static __inline void
Since we are doing some bpf(4) clean up, change a couple of function prototypes to be consistent. Also, ANSI'fy function definitions. There is no functional change here.
2006-06-15 15:39:12 +00:00
bpf_wakeup(struct bpf_d *d)
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
{
-introduce net.bpf sysctl instead of the less intuitive debug.* debug.bpf_bufsize is now net.bpf.bufsize debug.bpf_maxbufsize is now net.bpf.maxbufsize -move function prototypes for bpf_drvinit and bpf_clone up to the top of the file with the others -assert bpfd lock in catchpacket() and bpf_wakeup() MFC after: 2 weeks
2005-05-04 03:09:28 +00:00
BPFD_LOCK_ASSERT(d);
Make bpf's read timeout feature work more correctly with select/poll, and therefore with pthreads. I doubt there is any way to make this 100% semantically identical to the way it behaves in unthreaded programs with blocking reads, but the solution here should do the right thing for all reasonable usage patterns. The basic idea is to schedule a callout for the read timeout when a select/poll is done. When the callout fires, it ends the select if it is still in progress, or marks the state as "timed out" if the select has already ended for some other reason. Additional logic in bpfread then does the right thing in the case where the timeout has fired. Note, I co-opted the bd_state member of the bpf_d structure. It has been present in the structure since the initial import of 4.4-lite, but as far as I can tell it has never been used. PR: kern/22063 and bin/31649 MFC after: 3 days
2001-12-14 22:17:54 +00:00
if (d->bd_state == BPF_WAITING) {
callout_stop(&d->bd_callout);
d->bd_state = BPF_IDLE;
}
More low-hanging fruit: kill caddr_t in calls to wakeup(9) / [mt]sleep(9).
2003-03-02 16:54:40 +00:00
wakeup(d);
Installed the second patch attached to kern/7899 with some changes suggested by bde, a few other tweaks to get the patch to apply cleanly again and some improvements to the comments. This change closes some fairly minor security holes associated with F_SETOWN, fixes a few bugs, and removes some limitations that F_SETOWN had on tty devices. For more details, see the description on the PR. Because this patch increases the size of the proc and pgrp structures, it is necessary to re-install the includes and recompile libkvm, the vinum lkm, fstat, gcore, gdb, ipfilter, ps, top, and w. PR: kern/7899 Reviewed by: bde, elvind
1998-11-11 10:04:13 +00:00
if (d->bd_async && d->bd_sig && d->bd_sigio)
Redo the sigio locking. Turn the sigio sx into a mutex. Sigio lock is really only needed to protect interrupts from dereferencing the sigio pointer in an object when the sigio itself is being destroyed. In order to do this in the most unintrusive manner change pgsigio's sigio * argument into a **, that way we can lock internally to the function.
2002-05-01 20:44:46 +00:00
pgsigio(&d->bd_sigio, d->bd_sig, 0);
Give the BPF the ability to generate signals when a packet is available. Reviewed by: pst & wollman Submitted by: grossman@cygnus.com
1995-06-15 18:11:00 +00:00
- Implement selwakeuppri() which allows raising the priority of a thread being waken up. The thread waken up can run at a priority as high as after tsleep(). - Replace selwakeup()s with selwakeuppri()s and pass appropriate priorities. - Add cv_broadcastpri() which raises the priority of the broadcast threads. Used by selwakeuppri() if collision occurs. Not objected in: -arch, -current
2003-11-09 09:17:26 +00:00
selwakeuppri(&d->bd_sel, PRINET);
Add locking to the kqueue subsystem. This also makes the kqueue subsystem a more complete subsystem, and removes the knowlege of how things are implemented from the drivers. Include locking around filter ops, so a module like aio will know when not to be unloaded if there are outstanding knotes using it's filter ops. Currently, it uses the MTX_DUPOK even though it is not always safe to aquire duplicate locks. Witness currently doesn't support the ability to discover if a dup lock is ok (in some cases). Reviewed by: green, rwatson (both earlier versions)
2004-08-15 06:24:42 +00:00
KNOTE_LOCKED(&d->bd_sel.si_note, 0);
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
}
Make bpf's read timeout feature work more correctly with select/poll, and therefore with pthreads. I doubt there is any way to make this 100% semantically identical to the way it behaves in unthreaded programs with blocking reads, but the solution here should do the right thing for all reasonable usage patterns. The basic idea is to schedule a callout for the read timeout when a select/poll is done. When the callout fires, it ends the select if it is still in progress, or marks the state as "timed out" if the select has already ended for some other reason. Additional logic in bpfread then does the right thing in the case where the timeout has fired. Note, I co-opted the bd_state member of the bpf_d structure. It has been present in the structure since the initial import of 4.4-lite, but as far as I can tell it has never been used. PR: kern/22063 and bin/31649 MFC after: 3 days
2001-12-14 22:17:54 +00:00
static void
Since we are doing some bpf(4) clean up, change a couple of function prototypes to be consistent. Also, ANSI'fy function definitions. There is no functional change here.
2006-06-15 15:39:12 +00:00
bpf_timed_out(void *arg)
Make bpf's read timeout feature work more correctly with select/poll, and therefore with pthreads. I doubt there is any way to make this 100% semantically identical to the way it behaves in unthreaded programs with blocking reads, but the solution here should do the right thing for all reasonable usage patterns. The basic idea is to schedule a callout for the read timeout when a select/poll is done. When the callout fires, it ends the select if it is still in progress, or marks the state as "timed out" if the select has already ended for some other reason. Additional logic in bpfread then does the right thing in the case where the timeout has fired. Note, I co-opted the bd_state member of the bpf_d structure. It has been present in the structure since the initial import of 4.4-lite, but as far as I can tell it has never been used. PR: kern/22063 and bin/31649 MFC after: 3 days
2001-12-14 22:17:54 +00:00
{
struct bpf_d *d = (struct bpf_d *)arg;
BPFD_LOCK(d);
if (d->bd_state == BPF_WAITING) {
d->bd_state = BPF_TIMED_OUT;
if (d->bd_slen != 0)
bpf_wakeup(d);
}
BPFD_UNLOCK(d);
}
Introduce support for zero-copy BPF buffering, which reduces the overhead of packet capture by allowing a user process to directly "loan" buffer memory to the kernel rather than using read(2) to explicitly copy data from kernel address space. The user process will issue new BPF ioctls to set the shared memory buffer mode and provide pointers to buffers and their size. The kernel then wires and maps the pages into kernel address space using sf_buf(9), which on supporting architectures will use the direct map region. The current "buffered" access mode remains the default, and support for zero-copy buffers must, for the time being, be explicitly enabled using a sysctl for the kernel to accept requests to use it. The kernel and user process synchronize use of the buffers with atomic operations, avoiding the need for system calls under load; the user process may use select()/poll()/kqueue() to manage blocking while waiting for network data if the user process is able to consume data faster than the kernel generates it. Patchs to libpcap are available to allow libpcap applications to transparently take advantage of this support. Detailed information on the new API may be found in bpf(4), including specific atomic operations and memory barriers required to synchronize buffer use safely. These changes modify the base BPF implementation to (roughly) abstrac the current buffer model, allowing the new shared memory model to be added, and add new monitoring statistics for netstat to print. The implementation, with the exception of some monitoring hanges that break the netstat monitoring ABI for BPF, will be MFC'd. Zerocopy bpf buffers are still considered experimental are disabled by default. To experiment with this new facility, adjust the net.bpf.zerocopy_enable sysctl variable to 1. Changes to libpcap will be made available as a patch for the time being, and further refinements to the implementation are expected. Sponsored by: Seccuris Inc. In collaboration with: rwatson Tested by: pwood, gallatin MFC after: 4 months [1] [1] Certain portions will probably not be MFCed, specifically things that can break the monitoring ABI.
2008-03-24 13:49:17 +00:00
static int
bpf_ready(struct bpf_d *d)
{
BPFD_LOCK_ASSERT(d);
if (!bpf_canfreebuf(d) && d->bd_hlen != 0)
return (1);
if ((d->bd_immediate || d->bd_state == BPF_TIMED_OUT) &&
d->bd_slen != 0)
return (1);
return (0);
}
Since we are doing some bpf(4) clean up, change a couple of function prototypes to be consistent. Also, ANSI'fy function definitions. There is no functional change here.
2006-06-15 15:39:12 +00:00
static int
bpfwrite(struct cdev *dev, struct uio *uio, int ioflag)
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
{
Change bpf(4) to use the cdevpriv API. Right now the bpf(4) driver uses the cloning API to generate /dev/bpf%u. When an application such as tcpdump needs a BPF, it opens /dev/bpf0, /dev/bpf1, etc. until it opens the first available device node. We used this approach, because our devfs implementation didn't allow per-descriptor data. Now that we can, make it use devfs_get_cdevpriv() to obtain the private data. To remain compatible with the existing implementation, add a symlink from /dev/bpf0 to /dev/bpf. I've already changed libpcap to compile with HAVE_CLONING_BPF, which makes it use /dev/bpf. There may be other applications in the base system (dhclient) that use the loop to obtain a valid bpf. Discussed on: src-committers Approved by: csjp
2008-08-13 15:41:21 +00:00
struct bpf_d *d;
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
struct ifnet *ifp;
Add three new ioctl(2) commands for bpf(4). - BIOCGDIRECTION and BIOCSDIRECTION get or set the setting determining whether incoming, outgoing, or all packets on the interface should be returned by BPF. Set to BPF_D_IN to see only incoming packets on the interface. Set to BPF_D_INOUT to see packets originating locally and remotely on the interface. Set to BPF_D_OUT to see only outgoing packets on the interface. This setting is initialized to BPF_D_INOUT by default. BIOCGSEESENT and BIOCSSEESENT are obsoleted by these but kept for backward compatibility. - BIOCFEEDBACK sets packet feedback mode. This allows injected packets to be fed back as input to the interface when output via the interface is successful. When BPF_D_INOUT direction is set, injected outgoing packet is not returned by BPF to avoid duplication. This flag is initialized to zero by default. Note that libpcap has been modified to support BPF_D_OUT direction for pcap_setdirection(3) and PCAP_D_OUT direction is functional now. Reviewed by: rwatson
2007-02-26 22:24:14 +00:00
struct mbuf *m, *mc;
Un-staticize 'dst' sockaddr in the stack of bpfwrite() to prevent the need to synchronize access to the structure. I believe this should fit into the stack under the necessary circumstances, but if not we can either add synchronization or use a thread-local malloc for the duration.
2004-06-11 03:45:42 +00:00
struct sockaddr dst;
Add three new ioctl(2) commands for bpf(4). - BIOCGDIRECTION and BIOCSDIRECTION get or set the setting determining whether incoming, outgoing, or all packets on the interface should be returned by BPF. Set to BPF_D_IN to see only incoming packets on the interface. Set to BPF_D_INOUT to see packets originating locally and remotely on the interface. Set to BPF_D_OUT to see only outgoing packets on the interface. This setting is initialized to BPF_D_INOUT by default. BIOCGSEESENT and BIOCSSEESENT are obsoleted by these but kept for backward compatibility. - BIOCFEEDBACK sets packet feedback mode. This allows injected packets to be fed back as input to the interface when output via the interface is successful. When BPF_D_INOUT direction is set, injected outgoing packet is not returned by BPF to avoid duplication. This flag is initialized to zero by default. Note that libpcap has been modified to support BPF_D_OUT direction for pcap_setdirection(3) and PCAP_D_OUT direction is functional now. Reviewed by: rwatson
2007-02-26 22:24:14 +00:00
int error, hlen;
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
Change bpf(4) to use the cdevpriv API. Right now the bpf(4) driver uses the cloning API to generate /dev/bpf%u. When an application such as tcpdump needs a BPF, it opens /dev/bpf0, /dev/bpf1, etc. until it opens the first available device node. We used this approach, because our devfs implementation didn't allow per-descriptor data. Now that we can, make it use devfs_get_cdevpriv() to obtain the private data. To remain compatible with the existing implementation, add a symlink from /dev/bpf0 to /dev/bpf. I've already changed libpcap to compile with HAVE_CLONING_BPF, which makes it use /dev/bpf. There may be other applications in the base system (dhclient) that use the loop to obtain a valid bpf. Discussed on: src-committers Approved by: csjp
2008-08-13 15:41:21 +00:00
error = devfs_get_cdevpriv((void **)&d);
if (error != 0)
return (error);
Make sure that we refresh the PID on read(2) and write(2) operations. This fixes the process portion of the bpf(4) stats if the peer forks into the background after it's opened the descriptor. This bug results in the following behavior for netstat -B: # netstat -B Pid Netif Flags Recv Drop Match Sblen Hblen Command netstat: kern.proc.pid failed: No such process 78023 em0 p--s-- 2237404 43119 2237404 13986 0 ?????? MFC after: 1 week
2007-10-12 14:58:34 +00:00
d->bd_pid = curthread->td_proc->p_pid;
Introduce support for zero-copy BPF buffering, which reduces the overhead of packet capture by allowing a user process to directly "loan" buffer memory to the kernel rather than using read(2) to explicitly copy data from kernel address space. The user process will issue new BPF ioctls to set the shared memory buffer mode and provide pointers to buffers and their size. The kernel then wires and maps the pages into kernel address space using sf_buf(9), which on supporting architectures will use the direct map region. The current "buffered" access mode remains the default, and support for zero-copy buffers must, for the time being, be explicitly enabled using a sysctl for the kernel to accept requests to use it. The kernel and user process synchronize use of the buffers with atomic operations, avoiding the need for system calls under load; the user process may use select()/poll()/kqueue() to manage blocking while waiting for network data if the user process is able to consume data faster than the kernel generates it. Patchs to libpcap are available to allow libpcap applications to transparently take advantage of this support. Detailed information on the new API may be found in bpf(4), including specific atomic operations and memory barriers required to synchronize buffer use safely. These changes modify the base BPF implementation to (roughly) abstrac the current buffer model, allowing the new shared memory model to be added, and add new monitoring statistics for netstat to print. The implementation, with the exception of some monitoring hanges that break the netstat monitoring ABI for BPF, will be MFC'd. Zerocopy bpf buffers are still considered experimental are disabled by default. To experiment with this new facility, adjust the net.bpf.zerocopy_enable sysctl variable to 1. Changes to libpcap will be made available as a patch for the time being, and further refinements to the implementation are expected. Sponsored by: Seccuris Inc. In collaboration with: rwatson Tested by: pwood, gallatin MFC after: 4 months [1] [1] Certain portions will probably not be MFCed, specifically things that can break the monitoring ABI.
2008-03-24 13:49:17 +00:00
d->bd_wcount++;
if (d->bd_bif == NULL) {
d->bd_wdcount++;
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
return (ENXIO);
Introduce support for zero-copy BPF buffering, which reduces the overhead of packet capture by allowing a user process to directly "loan" buffer memory to the kernel rather than using read(2) to explicitly copy data from kernel address space. The user process will issue new BPF ioctls to set the shared memory buffer mode and provide pointers to buffers and their size. The kernel then wires and maps the pages into kernel address space using sf_buf(9), which on supporting architectures will use the direct map region. The current "buffered" access mode remains the default, and support for zero-copy buffers must, for the time being, be explicitly enabled using a sysctl for the kernel to accept requests to use it. The kernel and user process synchronize use of the buffers with atomic operations, avoiding the need for system calls under load; the user process may use select()/poll()/kqueue() to manage blocking while waiting for network data if the user process is able to consume data faster than the kernel generates it. Patchs to libpcap are available to allow libpcap applications to transparently take advantage of this support. Detailed information on the new API may be found in bpf(4), including specific atomic operations and memory barriers required to synchronize buffer use safely. These changes modify the base BPF implementation to (roughly) abstrac the current buffer model, allowing the new shared memory model to be added, and add new monitoring statistics for netstat to print. The implementation, with the exception of some monitoring hanges that break the netstat monitoring ABI for BPF, will be MFC'd. Zerocopy bpf buffers are still considered experimental are disabled by default. To experiment with this new facility, adjust the net.bpf.zerocopy_enable sysctl variable to 1. Changes to libpcap will be made available as a patch for the time being, and further refinements to the implementation are expected. Sponsored by: Seccuris Inc. In collaboration with: rwatson Tested by: pwood, gallatin MFC after: 4 months [1] [1] Certain portions will probably not be MFCed, specifically things that can break the monitoring ABI.
2008-03-24 13:49:17 +00:00
}
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
ifp = d->bd_bif->bif_ifp;
Introduce support for zero-copy BPF buffering, which reduces the overhead of packet capture by allowing a user process to directly "loan" buffer memory to the kernel rather than using read(2) to explicitly copy data from kernel address space. The user process will issue new BPF ioctls to set the shared memory buffer mode and provide pointers to buffers and their size. The kernel then wires and maps the pages into kernel address space using sf_buf(9), which on supporting architectures will use the direct map region. The current "buffered" access mode remains the default, and support for zero-copy buffers must, for the time being, be explicitly enabled using a sysctl for the kernel to accept requests to use it. The kernel and user process synchronize use of the buffers with atomic operations, avoiding the need for system calls under load; the user process may use select()/poll()/kqueue() to manage blocking while waiting for network data if the user process is able to consume data faster than the kernel generates it. Patchs to libpcap are available to allow libpcap applications to transparently take advantage of this support. Detailed information on the new API may be found in bpf(4), including specific atomic operations and memory barriers required to synchronize buffer use safely. These changes modify the base BPF implementation to (roughly) abstrac the current buffer model, allowing the new shared memory model to be added, and add new monitoring statistics for netstat to print. The implementation, with the exception of some monitoring hanges that break the netstat monitoring ABI for BPF, will be MFC'd. Zerocopy bpf buffers are still considered experimental are disabled by default. To experiment with this new facility, adjust the net.bpf.zerocopy_enable sysctl variable to 1. Changes to libpcap will be made available as a patch for the time being, and further refinements to the implementation are expected. Sponsored by: Seccuris Inc. In collaboration with: rwatson Tested by: pwood, gallatin MFC after: 4 months [1] [1] Certain portions will probably not be MFCed, specifically things that can break the monitoring ABI.
2008-03-24 13:49:17 +00:00
if ((ifp->if_flags & IFF_UP) == 0) {
d->bd_wdcount++;
Don't require a device to be marked up when issuing BIOCSETIF.
2004-12-08 05:40:02 +00:00
return (ENETDOWN);
Introduce support for zero-copy BPF buffering, which reduces the overhead of packet capture by allowing a user process to directly "loan" buffer memory to the kernel rather than using read(2) to explicitly copy data from kernel address space. The user process will issue new BPF ioctls to set the shared memory buffer mode and provide pointers to buffers and their size. The kernel then wires and maps the pages into kernel address space using sf_buf(9), which on supporting architectures will use the direct map region. The current "buffered" access mode remains the default, and support for zero-copy buffers must, for the time being, be explicitly enabled using a sysctl for the kernel to accept requests to use it. The kernel and user process synchronize use of the buffers with atomic operations, avoiding the need for system calls under load; the user process may use select()/poll()/kqueue() to manage blocking while waiting for network data if the user process is able to consume data faster than the kernel generates it. Patchs to libpcap are available to allow libpcap applications to transparently take advantage of this support. Detailed information on the new API may be found in bpf(4), including specific atomic operations and memory barriers required to synchronize buffer use safely. These changes modify the base BPF implementation to (roughly) abstrac the current buffer model, allowing the new shared memory model to be added, and add new monitoring statistics for netstat to print. The implementation, with the exception of some monitoring hanges that break the netstat monitoring ABI for BPF, will be MFC'd. Zerocopy bpf buffers are still considered experimental are disabled by default. To experiment with this new facility, adjust the net.bpf.zerocopy_enable sysctl variable to 1. Changes to libpcap will be made available as a patch for the time being, and further refinements to the implementation are expected. Sponsored by: Seccuris Inc. In collaboration with: rwatson Tested by: pwood, gallatin MFC after: 4 months [1] [1] Certain portions will probably not be MFCed, specifically things that can break the monitoring ABI.
2008-03-24 13:49:17 +00:00
}
Don't require a device to be marked up when issuing BIOCSETIF.
2004-12-08 05:40:02 +00:00
Introduce support for zero-copy BPF buffering, which reduces the overhead of packet capture by allowing a user process to directly "loan" buffer memory to the kernel rather than using read(2) to explicitly copy data from kernel address space. The user process will issue new BPF ioctls to set the shared memory buffer mode and provide pointers to buffers and their size. The kernel then wires and maps the pages into kernel address space using sf_buf(9), which on supporting architectures will use the direct map region. The current "buffered" access mode remains the default, and support for zero-copy buffers must, for the time being, be explicitly enabled using a sysctl for the kernel to accept requests to use it. The kernel and user process synchronize use of the buffers with atomic operations, avoiding the need for system calls under load; the user process may use select()/poll()/kqueue() to manage blocking while waiting for network data if the user process is able to consume data faster than the kernel generates it. Patchs to libpcap are available to allow libpcap applications to transparently take advantage of this support. Detailed information on the new API may be found in bpf(4), including specific atomic operations and memory barriers required to synchronize buffer use safely. These changes modify the base BPF implementation to (roughly) abstrac the current buffer model, allowing the new shared memory model to be added, and add new monitoring statistics for netstat to print. The implementation, with the exception of some monitoring hanges that break the netstat monitoring ABI for BPF, will be MFC'd. Zerocopy bpf buffers are still considered experimental are disabled by default. To experiment with this new facility, adjust the net.bpf.zerocopy_enable sysctl variable to 1. Changes to libpcap will be made available as a patch for the time being, and further refinements to the implementation are expected. Sponsored by: Seccuris Inc. In collaboration with: rwatson Tested by: pwood, gallatin MFC after: 4 months [1] [1] Certain portions will probably not be MFCed, specifically things that can break the monitoring ABI.
2008-03-24 13:49:17 +00:00
if (uio->uio_resid == 0) {
d->bd_wdcount++;
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
return (0);
Introduce support for zero-copy BPF buffering, which reduces the overhead of packet capture by allowing a user process to directly "loan" buffer memory to the kernel rather than using read(2) to explicitly copy data from kernel address space. The user process will issue new BPF ioctls to set the shared memory buffer mode and provide pointers to buffers and their size. The kernel then wires and maps the pages into kernel address space using sf_buf(9), which on supporting architectures will use the direct map region. The current "buffered" access mode remains the default, and support for zero-copy buffers must, for the time being, be explicitly enabled using a sysctl for the kernel to accept requests to use it. The kernel and user process synchronize use of the buffers with atomic operations, avoiding the need for system calls under load; the user process may use select()/poll()/kqueue() to manage blocking while waiting for network data if the user process is able to consume data faster than the kernel generates it. Patchs to libpcap are available to allow libpcap applications to transparently take advantage of this support. Detailed information on the new API may be found in bpf(4), including specific atomic operations and memory barriers required to synchronize buffer use safely. These changes modify the base BPF implementation to (roughly) abstrac the current buffer model, allowing the new shared memory model to be added, and add new monitoring statistics for netstat to print. The implementation, with the exception of some monitoring hanges that break the netstat monitoring ABI for BPF, will be MFC'd. Zerocopy bpf buffers are still considered experimental are disabled by default. To experiment with this new facility, adjust the net.bpf.zerocopy_enable sysctl variable to 1. Changes to libpcap will be made available as a patch for the time being, and further refinements to the implementation are expected. Sponsored by: Seccuris Inc. In collaboration with: rwatson Tested by: pwood, gallatin MFC after: 4 months [1] [1] Certain portions will probably not be MFCed, specifically things that can break the monitoring ABI.
2008-03-24 13:49:17 +00:00
}
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
Un-staticize 'dst' sockaddr in the stack of bpfwrite() to prevent the need to synchronize access to the structure. I believe this should fit into the stack under the necessary circumstances, but if not we can either add synchronization or use a thread-local malloc for the duration.
2004-06-11 03:45:42 +00:00
bzero(&dst, sizeof(dst));
Silence some gcc 4 warnings. It is expected that the bpf_movein() routine will intialize the the header length and re-initialize the mbuf pointer to reference the mbuf that is allocated after moving user supplied packet data in.
2007-06-17 21:51:43 +00:00
m = NULL;
hlen = 0;
Check for multicast destination on bpf injected packets and update the M_*CAST flags, the absense of these flags causes problems in other areas such as bridging which expect them to be correct. At the moment only Ethernet DLTs are checked. Reviewed by: bms, csjp, sam Approved by: re (bmah)
2007-09-10 00:03:06 +00:00
error = bpf_movein(uio, (int)d->bd_bif->bif_dlt, ifp,
Add three new ioctl(2) commands for bpf(4). - BIOCGDIRECTION and BIOCSDIRECTION get or set the setting determining whether incoming, outgoing, or all packets on the interface should be returned by BPF. Set to BPF_D_IN to see only incoming packets on the interface. Set to BPF_D_INOUT to see packets originating locally and remotely on the interface. Set to BPF_D_OUT to see only outgoing packets on the interface. This setting is initialized to BPF_D_INOUT by default. BIOCGSEESENT and BIOCSSEESENT are obsoleted by these but kept for backward compatibility. - BIOCFEEDBACK sets packet feedback mode. This allows injected packets to be fed back as input to the interface when output via the interface is successful. When BPF_D_INOUT direction is set, injected outgoing packet is not returned by BPF to avoid duplication. This flag is initialized to zero by default. Note that libpcap has been modified to support BPF_D_OUT direction for pcap_setdirection(3) and PCAP_D_OUT direction is functional now. Reviewed by: rwatson
2007-02-26 22:24:14 +00:00
&m, &dst, &hlen, d->bd_wfilter);
Introduce support for zero-copy BPF buffering, which reduces the overhead of packet capture by allowing a user process to directly "loan" buffer memory to the kernel rather than using read(2) to explicitly copy data from kernel address space. The user process will issue new BPF ioctls to set the shared memory buffer mode and provide pointers to buffers and their size. The kernel then wires and maps the pages into kernel address space using sf_buf(9), which on supporting architectures will use the direct map region. The current "buffered" access mode remains the default, and support for zero-copy buffers must, for the time being, be explicitly enabled using a sysctl for the kernel to accept requests to use it. The kernel and user process synchronize use of the buffers with atomic operations, avoiding the need for system calls under load; the user process may use select()/poll()/kqueue() to manage blocking while waiting for network data if the user process is able to consume data faster than the kernel generates it. Patchs to libpcap are available to allow libpcap applications to transparently take advantage of this support. Detailed information on the new API may be found in bpf(4), including specific atomic operations and memory barriers required to synchronize buffer use safely. These changes modify the base BPF implementation to (roughly) abstrac the current buffer model, allowing the new shared memory model to be added, and add new monitoring statistics for netstat to print. The implementation, with the exception of some monitoring hanges that break the netstat monitoring ABI for BPF, will be MFC'd. Zerocopy bpf buffers are still considered experimental are disabled by default. To experiment with this new facility, adjust the net.bpf.zerocopy_enable sysctl variable to 1. Changes to libpcap will be made available as a patch for the time being, and further refinements to the implementation are expected. Sponsored by: Seccuris Inc. In collaboration with: rwatson Tested by: pwood, gallatin MFC after: 4 months [1] [1] Certain portions will probably not be MFCed, specifically things that can break the monitoring ABI.
2008-03-24 13:49:17 +00:00
if (error) {
d->bd_wdcount++;
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
return (error);
Introduce support for zero-copy BPF buffering, which reduces the overhead of packet capture by allowing a user process to directly "loan" buffer memory to the kernel rather than using read(2) to explicitly copy data from kernel address space. The user process will issue new BPF ioctls to set the shared memory buffer mode and provide pointers to buffers and their size. The kernel then wires and maps the pages into kernel address space using sf_buf(9), which on supporting architectures will use the direct map region. The current "buffered" access mode remains the default, and support for zero-copy buffers must, for the time being, be explicitly enabled using a sysctl for the kernel to accept requests to use it. The kernel and user process synchronize use of the buffers with atomic operations, avoiding the need for system calls under load; the user process may use select()/poll()/kqueue() to manage blocking while waiting for network data if the user process is able to consume data faster than the kernel generates it. Patchs to libpcap are available to allow libpcap applications to transparently take advantage of this support. Detailed information on the new API may be found in bpf(4), including specific atomic operations and memory barriers required to synchronize buffer use safely. These changes modify the base BPF implementation to (roughly) abstrac the current buffer model, allowing the new shared memory model to be added, and add new monitoring statistics for netstat to print. The implementation, with the exception of some monitoring hanges that break the netstat monitoring ABI for BPF, will be MFC'd. Zerocopy bpf buffers are still considered experimental are disabled by default. To experiment with this new facility, adjust the net.bpf.zerocopy_enable sysctl variable to 1. Changes to libpcap will be made available as a patch for the time being, and further refinements to the implementation are expected. Sponsored by: Seccuris Inc. In collaboration with: rwatson Tested by: pwood, gallatin MFC after: 4 months [1] [1] Certain portions will probably not be MFCed, specifically things that can break the monitoring ABI.
2008-03-24 13:49:17 +00:00
}
d->bd_wfcount++;
Implement pseudo_AF_HDRCMPLT, which controls the state of the 'header completion' flag. If set, the interface output routine will assume that the packet already has a valid link-level source address. This defaults to off (the address is overwritten) PR: kern/10680 Submitted by: "Christopher N . Harrell" <cnh@mindspring.net> Obtained from: NetBSD
1999-10-15 05:07:00 +00:00
if (d->bd_hdrcmplt)
dst.sa_family = pseudo_AF_HDRCMPLT;
Add three new ioctl(2) commands for bpf(4). - BIOCGDIRECTION and BIOCSDIRECTION get or set the setting determining whether incoming, outgoing, or all packets on the interface should be returned by BPF. Set to BPF_D_IN to see only incoming packets on the interface. Set to BPF_D_INOUT to see packets originating locally and remotely on the interface. Set to BPF_D_OUT to see only outgoing packets on the interface. This setting is initialized to BPF_D_INOUT by default. BIOCGSEESENT and BIOCSSEESENT are obsoleted by these but kept for backward compatibility. - BIOCFEEDBACK sets packet feedback mode. This allows injected packets to be fed back as input to the interface when output via the interface is successful. When BPF_D_INOUT direction is set, injected outgoing packet is not returned by BPF to avoid duplication. This flag is initialized to zero by default. Note that libpcap has been modified to support BPF_D_OUT direction for pcap_setdirection(3) and PCAP_D_OUT direction is functional now. Reviewed by: rwatson
2007-02-26 22:24:14 +00:00
if (d->bd_feedback) {
mc = m_dup(m, M_DONTWAIT);
if (mc != NULL)
mc->m_pkthdr.rcvif = ifp;
Revert the previous commit and use M_PROMISC flag instead. It is safer because it will never be used for outgoing packets.
2008-04-15 17:08:24 +00:00
/* Set M_PROMISC for outgoing packets to be discarded. */
if (d->bd_direction == BPF_D_INOUT)
m->m_flags |= M_PROMISC;
Add three new ioctl(2) commands for bpf(4). - BIOCGDIRECTION and BIOCSDIRECTION get or set the setting determining whether incoming, outgoing, or all packets on the interface should be returned by BPF. Set to BPF_D_IN to see only incoming packets on the interface. Set to BPF_D_INOUT to see packets originating locally and remotely on the interface. Set to BPF_D_OUT to see only outgoing packets on the interface. This setting is initialized to BPF_D_INOUT by default. BIOCGSEESENT and BIOCSSEESENT are obsoleted by these but kept for backward compatibility. - BIOCFEEDBACK sets packet feedback mode. This allows injected packets to be fed back as input to the interface when output via the interface is successful. When BPF_D_INOUT direction is set, injected outgoing packet is not returned by BPF to avoid duplication. This flag is initialized to zero by default. Note that libpcap has been modified to support BPF_D_OUT direction for pcap_setdirection(3) and PCAP_D_OUT direction is functional now. Reviewed by: rwatson
2007-02-26 22:24:14 +00:00
} else
mc = NULL;
m->m_pkthdr.len -= hlen;
m->m_len -= hlen;
m->m_data += hlen; /* XXX */
Introduce support for Mandatory Access Control and extensible kernel access control. Instrument BPF so that MAC labels are properly maintained on BPF descriptors. MAC framework entry points are invoked at BPF instantiation and allocation, permitting the MAC framework to derive the BPF descriptor label from the credential authorizing the device open. Also enter the MAC framework to label mbufs created using the BPF device. Obtained from: TrustedBSD Project Sponsored by: DARPA, NAI Labs
2002-07-31 16:09:38 +00:00
#ifdef MAC
Grab Giant after MAC processing on outgoing packets being sent via BPF. Grab the BPF descriptor lock before entering MAC since the MAC Framework references BPF descriptor fields, including the BPF descriptor label. Submitted by: sam
2004-02-29 15:32:33 +00:00
BPFD_LOCK(d);
Merge first in a series of TrustedBSD MAC Framework KPI changes from Mac OS X Leopard--rationalize naming for entry points to the following general forms: mac_<object>_<method/action> mac_<object>_check_<method/action> The previous naming scheme was inconsistent and mostly reversed from the new scheme. Also, make object types more consistent and remove spaces from object types that contain multiple parts ("posix_sem" -> "posixsem") to make mechanical parsing easier. Introduce a new "netinet" object type for certain IPv4/IPv6-related methods. Also simplify, slightly, some entry point names. All MAC policy modules will need to be recompiled, and modules not updates as part of this commit will need to be modified to conform to the new KPI. Sponsored by: SPARTA (original patches against Mac OS X) Obtained from: TrustedBSD Project, Apple Computer
2007-10-24 19:04:04 +00:00
mac_bpfdesc_create_mbuf(d, m);
Add three new ioctl(2) commands for bpf(4). - BIOCGDIRECTION and BIOCSDIRECTION get or set the setting determining whether incoming, outgoing, or all packets on the interface should be returned by BPF. Set to BPF_D_IN to see only incoming packets on the interface. Set to BPF_D_INOUT to see packets originating locally and remotely on the interface. Set to BPF_D_OUT to see only outgoing packets on the interface. This setting is initialized to BPF_D_INOUT by default. BIOCGSEESENT and BIOCSSEESENT are obsoleted by these but kept for backward compatibility. - BIOCFEEDBACK sets packet feedback mode. This allows injected packets to be fed back as input to the interface when output via the interface is successful. When BPF_D_INOUT direction is set, injected outgoing packet is not returned by BPF to avoid duplication. This flag is initialized to zero by default. Note that libpcap has been modified to support BPF_D_OUT direction for pcap_setdirection(3) and PCAP_D_OUT direction is functional now. Reviewed by: rwatson
2007-02-26 22:24:14 +00:00
if (mc != NULL)
Merge first in a series of TrustedBSD MAC Framework KPI changes from Mac OS X Leopard--rationalize naming for entry points to the following general forms: mac_<object>_<method/action> mac_<object>_check_<method/action> The previous naming scheme was inconsistent and mostly reversed from the new scheme. Also, make object types more consistent and remove spaces from object types that contain multiple parts ("posix_sem" -> "posixsem") to make mechanical parsing easier. Introduce a new "netinet" object type for certain IPv4/IPv6-related methods. Also simplify, slightly, some entry point names. All MAC policy modules will need to be recompiled, and modules not updates as part of this commit will need to be modified to conform to the new KPI. Sponsored by: SPARTA (original patches against Mac OS X) Obtained from: TrustedBSD Project, Apple Computer
2007-10-24 19:04:04 +00:00
mac_bpfdesc_create_mbuf(d, mc);
Grab Giant after MAC processing on outgoing packets being sent via BPF. Grab the BPF descriptor lock before entering MAC since the MAC Framework references BPF descriptor fields, including the BPF descriptor label. Submitted by: sam
2004-02-29 15:32:33 +00:00
BPFD_UNLOCK(d);
Introduce support for Mandatory Access Control and extensible kernel access control. Instrument BPF so that MAC labels are properly maintained on BPF descriptors. MAC framework entry points are invoked at BPF instantiation and allocation, permitting the MAC framework to derive the BPF descriptor label from the credential authorizing the device open. Also enter the MAC framework to label mbufs created using the BPF device. Obtained from: TrustedBSD Project Sponsored by: DARPA, NAI Labs
2002-07-31 16:09:38 +00:00
#endif
Add three new ioctl(2) commands for bpf(4). - BIOCGDIRECTION and BIOCSDIRECTION get or set the setting determining whether incoming, outgoing, or all packets on the interface should be returned by BPF. Set to BPF_D_IN to see only incoming packets on the interface. Set to BPF_D_INOUT to see packets originating locally and remotely on the interface. Set to BPF_D_OUT to see only outgoing packets on the interface. This setting is initialized to BPF_D_INOUT by default. BIOCGSEESENT and BIOCSSEESENT are obsoleted by these but kept for backward compatibility. - BIOCFEEDBACK sets packet feedback mode. This allows injected packets to be fed back as input to the interface when output via the interface is successful. When BPF_D_INOUT direction is set, injected outgoing packet is not returned by BPF to avoid duplication. This flag is initialized to zero by default. Note that libpcap has been modified to support BPF_D_OUT direction for pcap_setdirection(3) and PCAP_D_OUT direction is functional now. Reviewed by: rwatson
2007-02-26 22:24:14 +00:00
Prefer NULL to '0' when checking a pointer value.
2004-07-24 16:58:56 +00:00
error = (*ifp->if_output)(ifp, m, &dst, NULL);
Introduce support for zero-copy BPF buffering, which reduces the overhead of packet capture by allowing a user process to directly "loan" buffer memory to the kernel rather than using read(2) to explicitly copy data from kernel address space. The user process will issue new BPF ioctls to set the shared memory buffer mode and provide pointers to buffers and their size. The kernel then wires and maps the pages into kernel address space using sf_buf(9), which on supporting architectures will use the direct map region. The current "buffered" access mode remains the default, and support for zero-copy buffers must, for the time being, be explicitly enabled using a sysctl for the kernel to accept requests to use it. The kernel and user process synchronize use of the buffers with atomic operations, avoiding the need for system calls under load; the user process may use select()/poll()/kqueue() to manage blocking while waiting for network data if the user process is able to consume data faster than the kernel generates it. Patchs to libpcap are available to allow libpcap applications to transparently take advantage of this support. Detailed information on the new API may be found in bpf(4), including specific atomic operations and memory barriers required to synchronize buffer use safely. These changes modify the base BPF implementation to (roughly) abstrac the current buffer model, allowing the new shared memory model to be added, and add new monitoring statistics for netstat to print. The implementation, with the exception of some monitoring hanges that break the netstat monitoring ABI for BPF, will be MFC'd. Zerocopy bpf buffers are still considered experimental are disabled by default. To experiment with this new facility, adjust the net.bpf.zerocopy_enable sysctl variable to 1. Changes to libpcap will be made available as a patch for the time being, and further refinements to the implementation are expected. Sponsored by: Seccuris Inc. In collaboration with: rwatson Tested by: pwood, gallatin MFC after: 4 months [1] [1] Certain portions will probably not be MFCed, specifically things that can break the monitoring ABI.
2008-03-24 13:49:17 +00:00
if (error)
d->bd_wdcount++;
Add three new ioctl(2) commands for bpf(4). - BIOCGDIRECTION and BIOCSDIRECTION get or set the setting determining whether incoming, outgoing, or all packets on the interface should be returned by BPF. Set to BPF_D_IN to see only incoming packets on the interface. Set to BPF_D_INOUT to see packets originating locally and remotely on the interface. Set to BPF_D_OUT to see only outgoing packets on the interface. This setting is initialized to BPF_D_INOUT by default. BIOCGSEESENT and BIOCSSEESENT are obsoleted by these but kept for backward compatibility. - BIOCFEEDBACK sets packet feedback mode. This allows injected packets to be fed back as input to the interface when output via the interface is successful. When BPF_D_INOUT direction is set, injected outgoing packet is not returned by BPF to avoid duplication. This flag is initialized to zero by default. Note that libpcap has been modified to support BPF_D_OUT direction for pcap_setdirection(3) and PCAP_D_OUT direction is functional now. Reviewed by: rwatson
2007-02-26 22:24:14 +00:00
if (mc != NULL) {
Remove the now-unused NET_{LOCK,UNLOCK,ASSERT}_GIANT() macros, which previously conditionally acquired Giant based on debug.mpsafenet. As that has now been removed, they are no longer required. Removing them significantly simplifies error-handling in the socket layer, eliminated quite a bit of unwinding of locking in error cases. While here clean up the now unneeded opt_net.h, which previously was used for the NET_WITH_GIANT kernel option. Clean up some related gotos for consistency. Reviewed by: bz, csjp Tested by: kris Approved by: re (kensmith)
2007-08-06 14:26:03 +00:00
if (error == 0)
Add three new ioctl(2) commands for bpf(4). - BIOCGDIRECTION and BIOCSDIRECTION get or set the setting determining whether incoming, outgoing, or all packets on the interface should be returned by BPF. Set to BPF_D_IN to see only incoming packets on the interface. Set to BPF_D_INOUT to see packets originating locally and remotely on the interface. Set to BPF_D_OUT to see only outgoing packets on the interface. This setting is initialized to BPF_D_INOUT by default. BIOCGSEESENT and BIOCSSEESENT are obsoleted by these but kept for backward compatibility. - BIOCFEEDBACK sets packet feedback mode. This allows injected packets to be fed back as input to the interface when output via the interface is successful. When BPF_D_INOUT direction is set, injected outgoing packet is not returned by BPF to avoid duplication. This flag is initialized to zero by default. Note that libpcap has been modified to support BPF_D_OUT direction for pcap_setdirection(3) and PCAP_D_OUT direction is functional now. Reviewed by: rwatson
2007-02-26 22:24:14 +00:00
(*ifp->if_input)(ifp, mc);
Remove the now-unused NET_{LOCK,UNLOCK,ASSERT}_GIANT() macros, which previously conditionally acquired Giant based on debug.mpsafenet. As that has now been removed, they are no longer required. Removing them significantly simplifies error-handling in the socket layer, eliminated quite a bit of unwinding of locking in error cases. While here clean up the now unneeded opt_net.h, which previously was used for the NET_WITH_GIANT kernel option. Clean up some related gotos for consistency. Reviewed by: bz, csjp Tested by: kris Approved by: re (kensmith)
2007-08-06 14:26:03 +00:00
else
Add three new ioctl(2) commands for bpf(4). - BIOCGDIRECTION and BIOCSDIRECTION get or set the setting determining whether incoming, outgoing, or all packets on the interface should be returned by BPF. Set to BPF_D_IN to see only incoming packets on the interface. Set to BPF_D_INOUT to see packets originating locally and remotely on the interface. Set to BPF_D_OUT to see only outgoing packets on the interface. This setting is initialized to BPF_D_INOUT by default. BIOCGSEESENT and BIOCSSEESENT are obsoleted by these but kept for backward compatibility. - BIOCFEEDBACK sets packet feedback mode. This allows injected packets to be fed back as input to the interface when output via the interface is successful. When BPF_D_INOUT direction is set, injected outgoing packet is not returned by BPF to avoid duplication. This flag is initialized to zero by default. Note that libpcap has been modified to support BPF_D_OUT direction for pcap_setdirection(3) and PCAP_D_OUT direction is functional now. Reviewed by: rwatson
2007-02-26 22:24:14 +00:00
m_freem(mc);
}
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
return (error);
}
/*
* Reset a descriptor by flushing its packet buffer and clearing the
Add mutexes to the entire bpf subsystem to make it MPSAFE. Previously reviewed by: jhb, bde
2001-02-16 17:10:28 +00:00
* receive and drop counts.
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
*/
static void
Since we are doing some bpf(4) clean up, change a couple of function prototypes to be consistent. Also, ANSI'fy function definitions. There is no functional change here.
2006-06-15 15:39:12 +00:00
reset_d(struct bpf_d *d)
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
{
Add mutexes to the entire bpf subsystem to make it MPSAFE. Previously reviewed by: jhb, bde
2001-02-16 17:10:28 +00:00
mtx_assert(&d->bd_mtx, MA_OWNED);
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
if (d->bd_hbuf) {
/* Free the hold buffer. */
d->bd_fbuf = d->bd_hbuf;
Prefer NULL to '0' when checking a pointer value.
2004-07-24 16:58:56 +00:00
d->bd_hbuf = NULL;
Make sure we are clearing the ZBUF_FLAG_IMMUTABLE any time a free buffer is reclaimed by the kernel. This fixes a bug resulted in the kernel over writing packet data while user-space was still processing it when zerocopy is enabled. (Or a panic if invariants was enabled). Discussed with: rwatson
2008-07-05 20:11:28 +00:00
bpf_buf_reclaimed(d);
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
}
d->bd_slen = 0;
d->bd_hlen = 0;
d->bd_rcount = 0;
d->bd_dcount = 0;
Introduce new sysctl variable: net.bpf.stats. This sysctl variable can be used to pass statistics regarding dropped, matched and received packet counts from the kernel to user-space. While we are here introduce a new counter for filtered or matched packets. We currently keep track of packets received or dropped by the bpf device, but not how many packets actually matched the bpf filter. -Introduce net.bpf.stats sysctl OID -Move sysctl variables after the function prototypes so we can reference bpf_stats_sysctl(9) without build errors. -Introduce bpf descriptor counter which is used mainly for sizing of the xbpf_d array. -Introduce a xbpf_d structure which will act as an external representation of the bpf_d structure. -Add a the following members to the bpfd structure: bd_fcount - Number of packets which matched bpf filter bd_pid - PID which opened the bpf device bd_pcomm - Process name which opened the device. It should be noted that it's possible that the process which opened the device could be long gone at the time of stats collection. An example might be a process that opens the bpf device forks then exits leaving the child process with the bpf fd. Reviewed by: mdodd
2005-07-24 17:21:17 +00:00
d->bd_fcount = 0;
Introduce support for zero-copy BPF buffering, which reduces the overhead of packet capture by allowing a user process to directly "loan" buffer memory to the kernel rather than using read(2) to explicitly copy data from kernel address space. The user process will issue new BPF ioctls to set the shared memory buffer mode and provide pointers to buffers and their size. The kernel then wires and maps the pages into kernel address space using sf_buf(9), which on supporting architectures will use the direct map region. The current "buffered" access mode remains the default, and support for zero-copy buffers must, for the time being, be explicitly enabled using a sysctl for the kernel to accept requests to use it. The kernel and user process synchronize use of the buffers with atomic operations, avoiding the need for system calls under load; the user process may use select()/poll()/kqueue() to manage blocking while waiting for network data if the user process is able to consume data faster than the kernel generates it. Patchs to libpcap are available to allow libpcap applications to transparently take advantage of this support. Detailed information on the new API may be found in bpf(4), including specific atomic operations and memory barriers required to synchronize buffer use safely. These changes modify the base BPF implementation to (roughly) abstrac the current buffer model, allowing the new shared memory model to be added, and add new monitoring statistics for netstat to print. The implementation, with the exception of some monitoring hanges that break the netstat monitoring ABI for BPF, will be MFC'd. Zerocopy bpf buffers are still considered experimental are disabled by default. To experiment with this new facility, adjust the net.bpf.zerocopy_enable sysctl variable to 1. Changes to libpcap will be made available as a patch for the time being, and further refinements to the implementation are expected. Sponsored by: Seccuris Inc. In collaboration with: rwatson Tested by: pwood, gallatin MFC after: 4 months [1] [1] Certain portions will probably not be MFCed, specifically things that can break the monitoring ABI.
2008-03-24 13:49:17 +00:00
d->bd_wcount = 0;
d->bd_wfcount = 0;
d->bd_wdcount = 0;
d->bd_zcopy = 0;
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
}
/*
* FIONREAD Check for read packet available.
* SIOCGIFADDR Get interface address - convenient hook to driver.
* BIOCGBLEN Get buffer len [for read()].
Add a new ioctl for changing the read filter (BIOCSETFNR). This is just like BIOCSETF but it doesn't drop all the packets buffered on the discriptor and reset the statistics. Also, when setting the write filter, don't drop packets waiting to be read or reset the statistics. PR: 118486 Submitted by: Matthew Luckie <mluckie@cs.waikato.ac.nz> MFC after: 1 month
2008-07-07 09:25:49 +00:00
* BIOCSETF Set read filter.
* BIOCSETFNR Set read filter without resetting descriptor.
* BIOCSETWF Set write filter.
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
* BIOCFLUSH Flush read packet buffer.
* BIOCPROMISC Put interface into promiscuous mode.
* BIOCGDLT Get link layer type.
* BIOCGETIF Get interface name.
* BIOCSETIF Set interface.
* BIOCSRTIMEOUT Set read timeout.
* BIOCGRTIMEOUT Get read timeout.
* BIOCGSTATS Get packet stats.
* BIOCIMMEDIATE Set immediate mode.
* BIOCVERSION Get filter language version.
Implement pseudo_AF_HDRCMPLT, which controls the state of the 'header completion' flag. If set, the interface output routine will assume that the packet already has a valid link-level source address. This defaults to off (the address is overwritten) PR: kern/10680 Submitted by: "Christopher N . Harrell" <cnh@mindspring.net> Obtained from: NetBSD
1999-10-15 05:07:00 +00:00
* BIOCGHDRCMPLT Get "header already complete" flag
* BIOCSHDRCMPLT Set "header already complete" flag
Add three new ioctl(2) commands for bpf(4). - BIOCGDIRECTION and BIOCSDIRECTION get or set the setting determining whether incoming, outgoing, or all packets on the interface should be returned by BPF. Set to BPF_D_IN to see only incoming packets on the interface. Set to BPF_D_INOUT to see packets originating locally and remotely on the interface. Set to BPF_D_OUT to see only outgoing packets on the interface. This setting is initialized to BPF_D_INOUT by default. BIOCGSEESENT and BIOCSSEESENT are obsoleted by these but kept for backward compatibility. - BIOCFEEDBACK sets packet feedback mode. This allows injected packets to be fed back as input to the interface when output via the interface is successful. When BPF_D_INOUT direction is set, injected outgoing packet is not returned by BPF to avoid duplication. This flag is initialized to zero by default. Note that libpcap has been modified to support BPF_D_OUT direction for pcap_setdirection(3) and PCAP_D_OUT direction is functional now. Reviewed by: rwatson
2007-02-26 22:24:14 +00:00
* BIOCGDIRECTION Get packet direction flag
* BIOCSDIRECTION Set packet direction flag
Introduce two new ioctl(2) commands, BIOCLOCK and BIOCSETWF. These commands enhance the security of bpf(4) by further relinquishing the privilege of the bpf(4) consumer (assuming the ioctl commands are being implemented). Once BIOCLOCK is executed, the device becomes locked which prevents the execution of ioctl(2) commands which can change the underly parameters of the bpf(4) device. An example might be the setting of bpf(4) filter programs or attaching to different network interfaces. BIOCSETWF can be used to set write filters for outgoing packets. Currently if a bpf(4) consumer is compromised, the bpf(4) descriptor can essentially be used as a raw socket, regardless of consumer's UID. Write filters give users the ability to constrain which packets can be sent through the bpf(4) descriptor. These features are currently implemented by a couple programs which came from OpenBSD, such as the new dhclient and pflogd. -Modify bpf_setf(9) to accept a "cmd" parameter. This will be used to specify whether a read or write filter is to be set. -Add a bpf(4) filter program as a parameter to bpf_movein(9) as we will run the filter program on the mbuf data once we move the packet in from user-space. -Rather than execute two uiomove operations, (one for the link header and the other for the packet data), execute one and manually copy the linker header into the sockaddr structure via bcopy. -Restructure bpf_setf to compensate for write filters, as well as read. -Adjust bpf(4) stats structures to include a bd_locked member. It should be noted that the FreeBSD and OpenBSD implementations differ a bit in the sense that we unconditionally enforce the lock, where OpenBSD enforces it only if the calling credential is not root. Idea from: OpenBSD Reviewed by: mlaier
2005-08-22 19:35:48 +00:00
* BIOCLOCK Set "locked" flag
Add three new ioctl(2) commands for bpf(4). - BIOCGDIRECTION and BIOCSDIRECTION get or set the setting determining whether incoming, outgoing, or all packets on the interface should be returned by BPF. Set to BPF_D_IN to see only incoming packets on the interface. Set to BPF_D_INOUT to see packets originating locally and remotely on the interface. Set to BPF_D_OUT to see only outgoing packets on the interface. This setting is initialized to BPF_D_INOUT by default. BIOCGSEESENT and BIOCSSEESENT are obsoleted by these but kept for backward compatibility. - BIOCFEEDBACK sets packet feedback mode. This allows injected packets to be fed back as input to the interface when output via the interface is successful. When BPF_D_INOUT direction is set, injected outgoing packet is not returned by BPF to avoid duplication. This flag is initialized to zero by default. Note that libpcap has been modified to support BPF_D_OUT direction for pcap_setdirection(3) and PCAP_D_OUT direction is functional now. Reviewed by: rwatson
2007-02-26 22:24:14 +00:00
* BIOCFEEDBACK Set packet feedback mode.
Introduce support for zero-copy BPF buffering, which reduces the overhead of packet capture by allowing a user process to directly "loan" buffer memory to the kernel rather than using read(2) to explicitly copy data from kernel address space. The user process will issue new BPF ioctls to set the shared memory buffer mode and provide pointers to buffers and their size. The kernel then wires and maps the pages into kernel address space using sf_buf(9), which on supporting architectures will use the direct map region. The current "buffered" access mode remains the default, and support for zero-copy buffers must, for the time being, be explicitly enabled using a sysctl for the kernel to accept requests to use it. The kernel and user process synchronize use of the buffers with atomic operations, avoiding the need for system calls under load; the user process may use select()/poll()/kqueue() to manage blocking while waiting for network data if the user process is able to consume data faster than the kernel generates it. Patchs to libpcap are available to allow libpcap applications to transparently take advantage of this support. Detailed information on the new API may be found in bpf(4), including specific atomic operations and memory barriers required to synchronize buffer use safely. These changes modify the base BPF implementation to (roughly) abstrac the current buffer model, allowing the new shared memory model to be added, and add new monitoring statistics for netstat to print. The implementation, with the exception of some monitoring hanges that break the netstat monitoring ABI for BPF, will be MFC'd. Zerocopy bpf buffers are still considered experimental are disabled by default. To experiment with this new facility, adjust the net.bpf.zerocopy_enable sysctl variable to 1. Changes to libpcap will be made available as a patch for the time being, and further refinements to the implementation are expected. Sponsored by: Seccuris Inc. In collaboration with: rwatson Tested by: pwood, gallatin MFC after: 4 months [1] [1] Certain portions will probably not be MFCed, specifically things that can break the monitoring ABI.
2008-03-24 13:49:17 +00:00
* BIOCSETZBUF Set current zero-copy buffer locations.
* BIOCGETZMAX Get maximum zero-copy buffer size.
* BIOCROTZBUF Force rotation of zero-copy buffer
* BIOCSETBUFMODE Set buffer mode.
* BIOCGETBUFMODE Get current buffer mode.
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
*/
/* ARGSUSED */
Pass 3 of the great devsw changes most devsw referenced functions are now static, as they are in the same file as their devsw structure. I've also added DEVFS support for nearly every device in the system, however many of the devices have 'incorrect' names under DEVFS because I couldn't quickly work out the correct naming conventions. (but devfs won't be coming on line for a month or so anyhow so that doesn't matter) If you "OWN" a device which would normally have an entry in /dev then search for the devfs_add_devsw() entries and munge to make them right.. check out similar devices to see what I might have done in them in you can't see what's going on.. for a laugh compare conf.c conf.h defore and after... :) I have not doen DEVFS entries for any DISKSLICE devices yet as that will be a much more complicated job.. (pass 5 :) pass 4 will be to make the devsw tables of type (cdevsw * ) rather than (cdevsw) seems to work here.. complaints to the usual places.. :)
1995-12-08 11:19:42 +00:00
static int
Since we are doing some bpf(4) clean up, change a couple of function prototypes to be consistent. Also, ANSI'fy function definitions. There is no functional change here.
2006-06-15 15:39:12 +00:00
bpfioctl(struct cdev *dev, u_long cmd, caddr_t addr, int flags,
struct thread *td)
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
{
Change bpf(4) to use the cdevpriv API. Right now the bpf(4) driver uses the cloning API to generate /dev/bpf%u. When an application such as tcpdump needs a BPF, it opens /dev/bpf0, /dev/bpf1, etc. until it opens the first available device node. We used this approach, because our devfs implementation didn't allow per-descriptor data. Now that we can, make it use devfs_get_cdevpriv() to obtain the private data. To remain compatible with the existing implementation, add a symlink from /dev/bpf0 to /dev/bpf. I've already changed libpcap to compile with HAVE_CLONING_BPF, which makes it use /dev/bpf. There may be other applications in the base system (dhclient) that use the loop to obtain a valid bpf. Discussed on: src-committers Approved by: csjp
2008-08-13 15:41:21 +00:00
struct bpf_d *d;
int error;
error = devfs_get_cdevpriv((void **)&d);
if (error != 0)
return (error);
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
Remove trailing whitespace from lines in BPF. MFC after: 3 days
2007-12-23 14:10:33 +00:00
/*
Instead of caching the PID which opened the bpf descriptor, continuously refresh the PID which has the descriptor open. The PID is refreshed in various operations like ioctl(2), kevent(2) or poll(2). This produces more accurate information about current bpf consumers. While we are here remove the bd_pcomm member of the bpf stats structure because now that we have an accurate PID we can lookup the via the kern.proc.pid sysctl variable. This is the trick that NetBSD decided to use to deal with this issue. Special care needs to be taken when MFC'ing this change, as we have made a change to the bpf stats structure. What will end up happening is we will leave the pcomm structure but just mark it as being un-used. This way we keep the ABI in tact. MFC after: 1 month Discussed with: Rui Paulo < rpaulo at NetBSD dot org >
2005-09-05 23:08:04 +00:00
* Refresh PID associated with this descriptor.
*/
Make bpf's read timeout feature work more correctly with select/poll, and therefore with pthreads. I doubt there is any way to make this 100% semantically identical to the way it behaves in unthreaded programs with blocking reads, but the solution here should do the right thing for all reasonable usage patterns. The basic idea is to schedule a callout for the read timeout when a select/poll is done. When the callout fires, it ends the select if it is still in progress, or marks the state as "timed out" if the select has already ended for some other reason. Additional logic in bpfread then does the right thing in the case where the timeout has fired. Note, I co-opted the bd_state member of the bpf_d structure. It has been present in the structure since the initial import of 4.4-lite, but as far as I can tell it has never been used. PR: kern/22063 and bin/31649 MFC after: 3 days
2001-12-14 22:17:54 +00:00
BPFD_LOCK(d);
Protect PID initializations for statistics by the bpf descriptor locks. Also while we are here, protect the bpf descriptor during knlist_remove{add} operations. Discussed with: rwatson
2005-10-04 15:06:10 +00:00
d->bd_pid = td->td_proc->p_pid;
Make bpf's read timeout feature work more correctly with select/poll, and therefore with pthreads. I doubt there is any way to make this 100% semantically identical to the way it behaves in unthreaded programs with blocking reads, but the solution here should do the right thing for all reasonable usage patterns. The basic idea is to schedule a callout for the read timeout when a select/poll is done. When the callout fires, it ends the select if it is still in progress, or marks the state as "timed out" if the select has already ended for some other reason. Additional logic in bpfread then does the right thing in the case where the timeout has fired. Note, I co-opted the bd_state member of the bpf_d structure. It has been present in the structure since the initial import of 4.4-lite, but as far as I can tell it has never been used. PR: kern/22063 and bin/31649 MFC after: 3 days
2001-12-14 22:17:54 +00:00
if (d->bd_state == BPF_WAITING)
callout_stop(&d->bd_callout);
d->bd_state = BPF_IDLE;
BPFD_UNLOCK(d);
Introduce two new ioctl(2) commands, BIOCLOCK and BIOCSETWF. These commands enhance the security of bpf(4) by further relinquishing the privilege of the bpf(4) consumer (assuming the ioctl commands are being implemented). Once BIOCLOCK is executed, the device becomes locked which prevents the execution of ioctl(2) commands which can change the underly parameters of the bpf(4) device. An example might be the setting of bpf(4) filter programs or attaching to different network interfaces. BIOCSETWF can be used to set write filters for outgoing packets. Currently if a bpf(4) consumer is compromised, the bpf(4) descriptor can essentially be used as a raw socket, regardless of consumer's UID. Write filters give users the ability to constrain which packets can be sent through the bpf(4) descriptor. These features are currently implemented by a couple programs which came from OpenBSD, such as the new dhclient and pflogd. -Modify bpf_setf(9) to accept a "cmd" parameter. This will be used to specify whether a read or write filter is to be set. -Add a bpf(4) filter program as a parameter to bpf_movein(9) as we will run the filter program on the mbuf data once we move the packet in from user-space. -Rather than execute two uiomove operations, (one for the link header and the other for the packet data), execute one and manually copy the linker header into the sockaddr structure via bcopy. -Restructure bpf_setf to compensate for write filters, as well as read. -Adjust bpf(4) stats structures to include a bd_locked member. It should be noted that the FreeBSD and OpenBSD implementations differ a bit in the sense that we unconditionally enforce the lock, where OpenBSD enforces it only if the calling credential is not root. Idea from: OpenBSD Reviewed by: mlaier
2005-08-22 19:35:48 +00:00
if (d->bd_locked == 1) {
switch (cmd) {
case BIOCGBLEN:
case BIOCFLUSH:
case BIOCGDLT:
Remove trailing whitespace from lines in BPF. MFC after: 3 days
2007-12-23 14:10:33 +00:00
case BIOCGDLTLIST:
Introduce two new ioctl(2) commands, BIOCLOCK and BIOCSETWF. These commands enhance the security of bpf(4) by further relinquishing the privilege of the bpf(4) consumer (assuming the ioctl commands are being implemented). Once BIOCLOCK is executed, the device becomes locked which prevents the execution of ioctl(2) commands which can change the underly parameters of the bpf(4) device. An example might be the setting of bpf(4) filter programs or attaching to different network interfaces. BIOCSETWF can be used to set write filters for outgoing packets. Currently if a bpf(4) consumer is compromised, the bpf(4) descriptor can essentially be used as a raw socket, regardless of consumer's UID. Write filters give users the ability to constrain which packets can be sent through the bpf(4) descriptor. These features are currently implemented by a couple programs which came from OpenBSD, such as the new dhclient and pflogd. -Modify bpf_setf(9) to accept a "cmd" parameter. This will be used to specify whether a read or write filter is to be set. -Add a bpf(4) filter program as a parameter to bpf_movein(9) as we will run the filter program on the mbuf data once we move the packet in from user-space. -Rather than execute two uiomove operations, (one for the link header and the other for the packet data), execute one and manually copy the linker header into the sockaddr structure via bcopy. -Restructure bpf_setf to compensate for write filters, as well as read. -Adjust bpf(4) stats structures to include a bd_locked member. It should be noted that the FreeBSD and OpenBSD implementations differ a bit in the sense that we unconditionally enforce the lock, where OpenBSD enforces it only if the calling credential is not root. Idea from: OpenBSD Reviewed by: mlaier
2005-08-22 19:35:48 +00:00
case BIOCGETIF:
case BIOCGRTIMEOUT:
case BIOCGSTATS:
case BIOCVERSION:
case BIOCGRSIG:
case BIOCGHDRCMPLT:
Add three new ioctl(2) commands for bpf(4). - BIOCGDIRECTION and BIOCSDIRECTION get or set the setting determining whether incoming, outgoing, or all packets on the interface should be returned by BPF. Set to BPF_D_IN to see only incoming packets on the interface. Set to BPF_D_INOUT to see packets originating locally and remotely on the interface. Set to BPF_D_OUT to see only outgoing packets on the interface. This setting is initialized to BPF_D_INOUT by default. BIOCGSEESENT and BIOCSSEESENT are obsoleted by these but kept for backward compatibility. - BIOCFEEDBACK sets packet feedback mode. This allows injected packets to be fed back as input to the interface when output via the interface is successful. When BPF_D_INOUT direction is set, injected outgoing packet is not returned by BPF to avoid duplication. This flag is initialized to zero by default. Note that libpcap has been modified to support BPF_D_OUT direction for pcap_setdirection(3) and PCAP_D_OUT direction is functional now. Reviewed by: rwatson
2007-02-26 22:24:14 +00:00
case BIOCFEEDBACK:
Introduce two new ioctl(2) commands, BIOCLOCK and BIOCSETWF. These commands enhance the security of bpf(4) by further relinquishing the privilege of the bpf(4) consumer (assuming the ioctl commands are being implemented). Once BIOCLOCK is executed, the device becomes locked which prevents the execution of ioctl(2) commands which can change the underly parameters of the bpf(4) device. An example might be the setting of bpf(4) filter programs or attaching to different network interfaces. BIOCSETWF can be used to set write filters for outgoing packets. Currently if a bpf(4) consumer is compromised, the bpf(4) descriptor can essentially be used as a raw socket, regardless of consumer's UID. Write filters give users the ability to constrain which packets can be sent through the bpf(4) descriptor. These features are currently implemented by a couple programs which came from OpenBSD, such as the new dhclient and pflogd. -Modify bpf_setf(9) to accept a "cmd" parameter. This will be used to specify whether a read or write filter is to be set. -Add a bpf(4) filter program as a parameter to bpf_movein(9) as we will run the filter program on the mbuf data once we move the packet in from user-space. -Rather than execute two uiomove operations, (one for the link header and the other for the packet data), execute one and manually copy the linker header into the sockaddr structure via bcopy. -Restructure bpf_setf to compensate for write filters, as well as read. -Adjust bpf(4) stats structures to include a bd_locked member. It should be noted that the FreeBSD and OpenBSD implementations differ a bit in the sense that we unconditionally enforce the lock, where OpenBSD enforces it only if the calling credential is not root. Idea from: OpenBSD Reviewed by: mlaier
2005-08-22 19:35:48 +00:00
case FIONREAD:
case BIOCLOCK:
case BIOCSRTIMEOUT:
case BIOCIMMEDIATE:
case TIOCGPGRP:
Introduce support for zero-copy BPF buffering, which reduces the overhead of packet capture by allowing a user process to directly "loan" buffer memory to the kernel rather than using read(2) to explicitly copy data from kernel address space. The user process will issue new BPF ioctls to set the shared memory buffer mode and provide pointers to buffers and their size. The kernel then wires and maps the pages into kernel address space using sf_buf(9), which on supporting architectures will use the direct map region. The current "buffered" access mode remains the default, and support for zero-copy buffers must, for the time being, be explicitly enabled using a sysctl for the kernel to accept requests to use it. The kernel and user process synchronize use of the buffers with atomic operations, avoiding the need for system calls under load; the user process may use select()/poll()/kqueue() to manage blocking while waiting for network data if the user process is able to consume data faster than the kernel generates it. Patchs to libpcap are available to allow libpcap applications to transparently take advantage of this support. Detailed information on the new API may be found in bpf(4), including specific atomic operations and memory barriers required to synchronize buffer use safely. These changes modify the base BPF implementation to (roughly) abstrac the current buffer model, allowing the new shared memory model to be added, and add new monitoring statistics for netstat to print. The implementation, with the exception of some monitoring hanges that break the netstat monitoring ABI for BPF, will be MFC'd. Zerocopy bpf buffers are still considered experimental are disabled by default. To experiment with this new facility, adjust the net.bpf.zerocopy_enable sysctl variable to 1. Changes to libpcap will be made available as a patch for the time being, and further refinements to the implementation are expected. Sponsored by: Seccuris Inc. In collaboration with: rwatson Tested by: pwood, gallatin MFC after: 4 months [1] [1] Certain portions will probably not be MFCed, specifically things that can break the monitoring ABI.
2008-03-24 13:49:17 +00:00
case BIOCROTZBUF:
Introduce two new ioctl(2) commands, BIOCLOCK and BIOCSETWF. These commands enhance the security of bpf(4) by further relinquishing the privilege of the bpf(4) consumer (assuming the ioctl commands are being implemented). Once BIOCLOCK is executed, the device becomes locked which prevents the execution of ioctl(2) commands which can change the underly parameters of the bpf(4) device. An example might be the setting of bpf(4) filter programs or attaching to different network interfaces. BIOCSETWF can be used to set write filters for outgoing packets. Currently if a bpf(4) consumer is compromised, the bpf(4) descriptor can essentially be used as a raw socket, regardless of consumer's UID. Write filters give users the ability to constrain which packets can be sent through the bpf(4) descriptor. These features are currently implemented by a couple programs which came from OpenBSD, such as the new dhclient and pflogd. -Modify bpf_setf(9) to accept a "cmd" parameter. This will be used to specify whether a read or write filter is to be set. -Add a bpf(4) filter program as a parameter to bpf_movein(9) as we will run the filter program on the mbuf data once we move the packet in from user-space. -Rather than execute two uiomove operations, (one for the link header and the other for the packet data), execute one and manually copy the linker header into the sockaddr structure via bcopy. -Restructure bpf_setf to compensate for write filters, as well as read. -Adjust bpf(4) stats structures to include a bd_locked member. It should be noted that the FreeBSD and OpenBSD implementations differ a bit in the sense that we unconditionally enforce the lock, where OpenBSD enforces it only if the calling credential is not root. Idea from: OpenBSD Reviewed by: mlaier
2005-08-22 19:35:48 +00:00
break;
default:
return (EPERM);
}
}
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
switch (cmd) {
default:
error = EINVAL;
break;
/*
* Check for read packet available.
*/
case FIONREAD:
{
int n;
Add mutexes to the entire bpf subsystem to make it MPSAFE. Previously reviewed by: jhb, bde
2001-02-16 17:10:28 +00:00
BPFD_LOCK(d);
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
n = d->bd_slen;
if (d->bd_hbuf)
n += d->bd_hlen;
Add mutexes to the entire bpf subsystem to make it MPSAFE. Previously reviewed by: jhb, bde
2001-02-16 17:10:28 +00:00
BPFD_UNLOCK(d);
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
*(int *)addr = n;
break;
}
case SIOCGIFADDR:
{
struct ifnet *ifp;
Prefer NULL to '0' when checking a pointer value.
2004-07-24 16:58:56 +00:00
if (d->bd_bif == NULL)
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
error = EINVAL;
else {
ifp = d->bd_bif->bif_ifp;
error = (*ifp->if_ioctl)(ifp, cmd, addr);
}
break;
}
/*
* Get buffer len [for read()].
*/
case BIOCGBLEN:
*(u_int *)addr = d->bd_bufsize;
break;
/*
* Set buffer length.
*/
case BIOCSBLEN:
Introduce support for zero-copy BPF buffering, which reduces the overhead of packet capture by allowing a user process to directly "loan" buffer memory to the kernel rather than using read(2) to explicitly copy data from kernel address space. The user process will issue new BPF ioctls to set the shared memory buffer mode and provide pointers to buffers and their size. The kernel then wires and maps the pages into kernel address space using sf_buf(9), which on supporting architectures will use the direct map region. The current "buffered" access mode remains the default, and support for zero-copy buffers must, for the time being, be explicitly enabled using a sysctl for the kernel to accept requests to use it. The kernel and user process synchronize use of the buffers with atomic operations, avoiding the need for system calls under load; the user process may use select()/poll()/kqueue() to manage blocking while waiting for network data if the user process is able to consume data faster than the kernel generates it. Patchs to libpcap are available to allow libpcap applications to transparently take advantage of this support. Detailed information on the new API may be found in bpf(4), including specific atomic operations and memory barriers required to synchronize buffer use safely. These changes modify the base BPF implementation to (roughly) abstrac the current buffer model, allowing the new shared memory model to be added, and add new monitoring statistics for netstat to print. The implementation, with the exception of some monitoring hanges that break the netstat monitoring ABI for BPF, will be MFC'd. Zerocopy bpf buffers are still considered experimental are disabled by default. To experiment with this new facility, adjust the net.bpf.zerocopy_enable sysctl variable to 1. Changes to libpcap will be made available as a patch for the time being, and further refinements to the implementation are expected. Sponsored by: Seccuris Inc. In collaboration with: rwatson Tested by: pwood, gallatin MFC after: 4 months [1] [1] Certain portions will probably not be MFCed, specifically things that can break the monitoring ABI.
2008-03-24 13:49:17 +00:00
error = bpf_ioctl_sblen(d, (u_int *)addr);
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
break;
/*
* Set link layer read filter.
*/
case BIOCSETF:
Add a new ioctl for changing the read filter (BIOCSETFNR). This is just like BIOCSETF but it doesn't drop all the packets buffered on the discriptor and reset the statistics. Also, when setting the write filter, don't drop packets waiting to be read or reset the statistics. PR: 118486 Submitted by: Matthew Luckie <mluckie@cs.waikato.ac.nz> MFC after: 1 month
2008-07-07 09:25:49 +00:00
case BIOCSETFNR:
Introduce two new ioctl(2) commands, BIOCLOCK and BIOCSETWF. These commands enhance the security of bpf(4) by further relinquishing the privilege of the bpf(4) consumer (assuming the ioctl commands are being implemented). Once BIOCLOCK is executed, the device becomes locked which prevents the execution of ioctl(2) commands which can change the underly parameters of the bpf(4) device. An example might be the setting of bpf(4) filter programs or attaching to different network interfaces. BIOCSETWF can be used to set write filters for outgoing packets. Currently if a bpf(4) consumer is compromised, the bpf(4) descriptor can essentially be used as a raw socket, regardless of consumer's UID. Write filters give users the ability to constrain which packets can be sent through the bpf(4) descriptor. These features are currently implemented by a couple programs which came from OpenBSD, such as the new dhclient and pflogd. -Modify bpf_setf(9) to accept a "cmd" parameter. This will be used to specify whether a read or write filter is to be set. -Add a bpf(4) filter program as a parameter to bpf_movein(9) as we will run the filter program on the mbuf data once we move the packet in from user-space. -Rather than execute two uiomove operations, (one for the link header and the other for the packet data), execute one and manually copy the linker header into the sockaddr structure via bcopy. -Restructure bpf_setf to compensate for write filters, as well as read. -Adjust bpf(4) stats structures to include a bd_locked member. It should be noted that the FreeBSD and OpenBSD implementations differ a bit in the sense that we unconditionally enforce the lock, where OpenBSD enforces it only if the calling credential is not root. Idea from: OpenBSD Reviewed by: mlaier
2005-08-22 19:35:48 +00:00
case BIOCSETWF:
error = bpf_setf(d, (struct bpf_program *)addr, cmd);
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
break;
/*
* Flush read packet buffer.
*/
case BIOCFLUSH:
Add mutexes to the entire bpf subsystem to make it MPSAFE. Previously reviewed by: jhb, bde
2001-02-16 17:10:28 +00:00
BPFD_LOCK(d);
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
reset_d(d);
Add mutexes to the entire bpf subsystem to make it MPSAFE. Previously reviewed by: jhb, bde
2001-02-16 17:10:28 +00:00
BPFD_UNLOCK(d);
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
break;
/*
* Put interface into promiscuous mode.
*/
case BIOCPROMISC:
Prefer NULL to '0' when checking a pointer value.
2004-07-24 16:58:56 +00:00
if (d->bd_bif == NULL) {
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
/*
* No interface attached yet.
*/
error = EINVAL;
break;
}
if (d->bd_promisc == 0) {
error = ifpromisc(d->bd_bif->bif_ifp, 1);
if (error == 0)
d->bd_promisc = 1;
}
break;
/*
o add BIOCGDLTLIST and BIOCSDLT ioctls to get the data link type list and set the link type for use by libpcap and tcpdump o move mtx unlock in bpfdetach up; it doesn't need to be held so long o change printf in bpf_detach to distinguish it from the same one in bpfsetdlt Note there are locking issues here related to ioctl processing; they have not been addressed here. Submitted by: Guy Harris <guy@alum.mit.edu> Obtained from: NetBSD (w/ locking modifications)
2003-01-20 19:08:46 +00:00
* Get current data link type.
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
*/
case BIOCGDLT:
Prefer NULL to '0' when checking a pointer value.
2004-07-24 16:58:56 +00:00
if (d->bd_bif == NULL)
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
error = EINVAL;
else
*(u_int *)addr = d->bd_bif->bif_dlt;
break;
Clean up whitespace, s/register //, refrain from strong urge to ANSIfy.
2003-03-02 15:56:49 +00:00
/*
o add BIOCGDLTLIST and BIOCSDLT ioctls to get the data link type list and set the link type for use by libpcap and tcpdump o move mtx unlock in bpfdetach up; it doesn't need to be held so long o change printf in bpf_detach to distinguish it from the same one in bpfsetdlt Note there are locking issues here related to ioctl processing; they have not been addressed here. Submitted by: Guy Harris <guy@alum.mit.edu> Obtained from: NetBSD (w/ locking modifications)
2003-01-20 19:08:46 +00:00
* Get a list of supported data link types.
*/
case BIOCGDLTLIST:
Prefer NULL to '0' when checking a pointer value.
2004-07-24 16:58:56 +00:00
if (d->bd_bif == NULL)
o add BIOCGDLTLIST and BIOCSDLT ioctls to get the data link type list and set the link type for use by libpcap and tcpdump o move mtx unlock in bpfdetach up; it doesn't need to be held so long o change printf in bpf_detach to distinguish it from the same one in bpfsetdlt Note there are locking issues here related to ioctl processing; they have not been addressed here. Submitted by: Guy Harris <guy@alum.mit.edu> Obtained from: NetBSD (w/ locking modifications)
2003-01-20 19:08:46 +00:00
error = EINVAL;
else
error = bpf_getdltlist(d, (struct bpf_dltlist *)addr);
break;
/*
* Set data link type.
*/
case BIOCSDLT:
Prefer NULL to '0' when checking a pointer value.
2004-07-24 16:58:56 +00:00
if (d->bd_bif == NULL)
o add BIOCGDLTLIST and BIOCSDLT ioctls to get the data link type list and set the link type for use by libpcap and tcpdump o move mtx unlock in bpfdetach up; it doesn't need to be held so long o change printf in bpf_detach to distinguish it from the same one in bpfsetdlt Note there are locking issues here related to ioctl processing; they have not been addressed here. Submitted by: Guy Harris <guy@alum.mit.edu> Obtained from: NetBSD (w/ locking modifications)
2003-01-20 19:08:46 +00:00
error = EINVAL;
else
error = bpf_setdlt(d, *(u_int *)addr);
break;
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
/*
Fix bug in BIOCGETIF ioctl() where it would return a bogus interface name if the interface unit number was greater than 9.
1999-11-03 21:32:28 +00:00
* Get interface name.
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
*/
case BIOCGETIF:
Prefer NULL to '0' when checking a pointer value.
2004-07-24 16:58:56 +00:00
if (d->bd_bif == NULL)
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
error = EINVAL;
Fix bug in BIOCGETIF ioctl() where it would return a bogus interface name if the interface unit number was greater than 9.
1999-11-03 21:32:28 +00:00
else {
struct ifnet *const ifp = d->bd_bif->bif_ifp;
struct ifreq *const ifr = (struct ifreq *)addr;
Replace the if_name and if_unit members of struct ifnet with new members if_xname, if_dname, and if_dunit. if_xname is the name of the interface and if_dname/unit are the driver name and instance. This change paves the way for interface renaming and enhanced pseudo device creation and configuration symantics. Approved By: re (in principle) Reviewed By: njl, imp Tested On: i386, amd64, sparc64 Obtained From: NetBSD (if_xname)
2003-10-31 18:32:15 +00:00
strlcpy(ifr->ifr_name, ifp->if_xname,
sizeof(ifr->ifr_name));
Fix bug in BIOCGETIF ioctl() where it would return a bogus interface name if the interface unit number was greater than 9.
1999-11-03 21:32:28 +00:00
}
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
break;
/*
* Set interface.
*/
case BIOCSETIF:
error = bpf_setif(d, (struct ifreq *)addr);
break;
/*
* Set read timeout.
*/
case BIOCSRTIMEOUT:
{
struct timeval *tv = (struct timeval *)addr;
Support hz > 1000 (Alpha) in BIOCSRTIMEOUT. Obtained from: OpenBSD
1998-10-04 17:20:22 +00:00
Check the timeval passed to BIOCSRTIMEOUT with itimerfix. Use tvtohz() to convert the timeval into a tick count. Suggested by: bde Reviewed by: bde Handle hz > 1000 in BIOCGRTIMEOUT. Pointed out by: bde Reviewed by: bde Obtained from: OpenBSD
1998-10-08 00:32:08 +00:00
/*
* Subtract 1 tick from tvtohz() since this isn't
* a one-shot timer.
*/
if ((error = itimerfix(tv)) == 0)
d->bd_rtout = tvtohz(tv) - 1;
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
break;
}
/*
* Get read timeout.
*/
case BIOCGRTIMEOUT:
{
struct timeval *tv = (struct timeval *)addr;
Check the timeval passed to BIOCSRTIMEOUT with itimerfix. Use tvtohz() to convert the timeval into a tick count. Suggested by: bde Reviewed by: bde Handle hz > 1000 in BIOCGRTIMEOUT. Pointed out by: bde Reviewed by: bde Obtained from: OpenBSD
1998-10-08 00:32:08 +00:00
tv->tv_sec = d->bd_rtout / hz;
tv->tv_usec = (d->bd_rtout % hz) * tick;
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
break;
}
/*
* Get packet stats.
*/
case BIOCGSTATS:
{
struct bpf_stat *bs = (struct bpf_stat *)addr;
Introduce support for zero-copy BPF buffering, which reduces the overhead of packet capture by allowing a user process to directly "loan" buffer memory to the kernel rather than using read(2) to explicitly copy data from kernel address space. The user process will issue new BPF ioctls to set the shared memory buffer mode and provide pointers to buffers and their size. The kernel then wires and maps the pages into kernel address space using sf_buf(9), which on supporting architectures will use the direct map region. The current "buffered" access mode remains the default, and support for zero-copy buffers must, for the time being, be explicitly enabled using a sysctl for the kernel to accept requests to use it. The kernel and user process synchronize use of the buffers with atomic operations, avoiding the need for system calls under load; the user process may use select()/poll()/kqueue() to manage blocking while waiting for network data if the user process is able to consume data faster than the kernel generates it. Patchs to libpcap are available to allow libpcap applications to transparently take advantage of this support. Detailed information on the new API may be found in bpf(4), including specific atomic operations and memory barriers required to synchronize buffer use safely. These changes modify the base BPF implementation to (roughly) abstrac the current buffer model, allowing the new shared memory model to be added, and add new monitoring statistics for netstat to print. The implementation, with the exception of some monitoring hanges that break the netstat monitoring ABI for BPF, will be MFC'd. Zerocopy bpf buffers are still considered experimental are disabled by default. To experiment with this new facility, adjust the net.bpf.zerocopy_enable sysctl variable to 1. Changes to libpcap will be made available as a patch for the time being, and further refinements to the implementation are expected. Sponsored by: Seccuris Inc. In collaboration with: rwatson Tested by: pwood, gallatin MFC after: 4 months [1] [1] Certain portions will probably not be MFCed, specifically things that can break the monitoring ABI.
2008-03-24 13:49:17 +00:00
/* XXXCSJP overflow */
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
bs->bs_recv = d->bd_rcount;
bs->bs_drop = d->bd_dcount;
break;
}
/*
* Set immediate mode.
*/
case BIOCIMMEDIATE:
d->bd_immediate = *(u_int *)addr;
break;
case BIOCVERSION:
{
struct bpf_version *bv = (struct bpf_version *)addr;
bv->bv_major = BPF_MAJOR_VERSION;
bv->bv_minor = BPF_MINOR_VERSION;
break;
}
Give the BPF the ability to generate signals when a packet is available. Reviewed by: pst & wollman Submitted by: grossman@cygnus.com
1995-06-15 18:11:00 +00:00
Implement pseudo_AF_HDRCMPLT, which controls the state of the 'header completion' flag. If set, the interface output routine will assume that the packet already has a valid link-level source address. This defaults to off (the address is overwritten) PR: kern/10680 Submitted by: "Christopher N . Harrell" <cnh@mindspring.net> Obtained from: NetBSD
1999-10-15 05:07:00 +00:00
/*
* Get "header already complete" flag
*/
case BIOCGHDRCMPLT:
*(u_int *)addr = d->bd_hdrcmplt;
break;
/*
* Set "header already complete" flag
*/
case BIOCSHDRCMPLT:
d->bd_hdrcmplt = *(u_int *)addr ? 1 : 0;
break;
Introduce a new bd_seesent flag to the BPF descriptor, indicating whether or not the current BPF device should report locally generated packets or not. This allows sniffing applications to see only packets that are not generated locally, which can be useful for debugging bridging problems, or other situations where MAC addresses are not sufficient to identify locally sourced packets. Default to true for this flag, so as to provide existing behavior by default. Introduce two new ioctls, BIOCGSEESENT and BIOCSSEESENT, which may be used to manipulate this flag from userland, given appropriate privilege. Modify bpf.4 to document these two new ioctl arguments. Reviewed by: asmodai
2000-03-18 06:30:42 +00:00
/*
Add three new ioctl(2) commands for bpf(4). - BIOCGDIRECTION and BIOCSDIRECTION get or set the setting determining whether incoming, outgoing, or all packets on the interface should be returned by BPF. Set to BPF_D_IN to see only incoming packets on the interface. Set to BPF_D_INOUT to see packets originating locally and remotely on the interface. Set to BPF_D_OUT to see only outgoing packets on the interface. This setting is initialized to BPF_D_INOUT by default. BIOCGSEESENT and BIOCSSEESENT are obsoleted by these but kept for backward compatibility. - BIOCFEEDBACK sets packet feedback mode. This allows injected packets to be fed back as input to the interface when output via the interface is successful. When BPF_D_INOUT direction is set, injected outgoing packet is not returned by BPF to avoid duplication. This flag is initialized to zero by default. Note that libpcap has been modified to support BPF_D_OUT direction for pcap_setdirection(3) and PCAP_D_OUT direction is functional now. Reviewed by: rwatson
2007-02-26 22:24:14 +00:00
* Get packet direction flag
Introduce a new bd_seesent flag to the BPF descriptor, indicating whether or not the current BPF device should report locally generated packets or not. This allows sniffing applications to see only packets that are not generated locally, which can be useful for debugging bridging problems, or other situations where MAC addresses are not sufficient to identify locally sourced packets. Default to true for this flag, so as to provide existing behavior by default. Introduce two new ioctls, BIOCGSEESENT and BIOCSSEESENT, which may be used to manipulate this flag from userland, given appropriate privilege. Modify bpf.4 to document these two new ioctl arguments. Reviewed by: asmodai
2000-03-18 06:30:42 +00:00
*/
Add three new ioctl(2) commands for bpf(4). - BIOCGDIRECTION and BIOCSDIRECTION get or set the setting determining whether incoming, outgoing, or all packets on the interface should be returned by BPF. Set to BPF_D_IN to see only incoming packets on the interface. Set to BPF_D_INOUT to see packets originating locally and remotely on the interface. Set to BPF_D_OUT to see only outgoing packets on the interface. This setting is initialized to BPF_D_INOUT by default. BIOCGSEESENT and BIOCSSEESENT are obsoleted by these but kept for backward compatibility. - BIOCFEEDBACK sets packet feedback mode. This allows injected packets to be fed back as input to the interface when output via the interface is successful. When BPF_D_INOUT direction is set, injected outgoing packet is not returned by BPF to avoid duplication. This flag is initialized to zero by default. Note that libpcap has been modified to support BPF_D_OUT direction for pcap_setdirection(3) and PCAP_D_OUT direction is functional now. Reviewed by: rwatson
2007-02-26 22:24:14 +00:00
case BIOCGDIRECTION:
*(u_int *)addr = d->bd_direction;
Introduce a new bd_seesent flag to the BPF descriptor, indicating whether or not the current BPF device should report locally generated packets or not. This allows sniffing applications to see only packets that are not generated locally, which can be useful for debugging bridging problems, or other situations where MAC addresses are not sufficient to identify locally sourced packets. Default to true for this flag, so as to provide existing behavior by default. Introduce two new ioctls, BIOCGSEESENT and BIOCSSEESENT, which may be used to manipulate this flag from userland, given appropriate privilege. Modify bpf.4 to document these two new ioctl arguments. Reviewed by: asmodai
2000-03-18 06:30:42 +00:00
break;
/*
Add three new ioctl(2) commands for bpf(4). - BIOCGDIRECTION and BIOCSDIRECTION get or set the setting determining whether incoming, outgoing, or all packets on the interface should be returned by BPF. Set to BPF_D_IN to see only incoming packets on the interface. Set to BPF_D_INOUT to see packets originating locally and remotely on the interface. Set to BPF_D_OUT to see only outgoing packets on the interface. This setting is initialized to BPF_D_INOUT by default. BIOCGSEESENT and BIOCSSEESENT are obsoleted by these but kept for backward compatibility. - BIOCFEEDBACK sets packet feedback mode. This allows injected packets to be fed back as input to the interface when output via the interface is successful. When BPF_D_INOUT direction is set, injected outgoing packet is not returned by BPF to avoid duplication. This flag is initialized to zero by default. Note that libpcap has been modified to support BPF_D_OUT direction for pcap_setdirection(3) and PCAP_D_OUT direction is functional now. Reviewed by: rwatson
2007-02-26 22:24:14 +00:00
* Set packet direction flag
Introduce a new bd_seesent flag to the BPF descriptor, indicating whether or not the current BPF device should report locally generated packets or not. This allows sniffing applications to see only packets that are not generated locally, which can be useful for debugging bridging problems, or other situations where MAC addresses are not sufficient to identify locally sourced packets. Default to true for this flag, so as to provide existing behavior by default. Introduce two new ioctls, BIOCGSEESENT and BIOCSSEESENT, which may be used to manipulate this flag from userland, given appropriate privilege. Modify bpf.4 to document these two new ioctl arguments. Reviewed by: asmodai
2000-03-18 06:30:42 +00:00
*/
Add three new ioctl(2) commands for bpf(4). - BIOCGDIRECTION and BIOCSDIRECTION get or set the setting determining whether incoming, outgoing, or all packets on the interface should be returned by BPF. Set to BPF_D_IN to see only incoming packets on the interface. Set to BPF_D_INOUT to see packets originating locally and remotely on the interface. Set to BPF_D_OUT to see only outgoing packets on the interface. This setting is initialized to BPF_D_INOUT by default. BIOCGSEESENT and BIOCSSEESENT are obsoleted by these but kept for backward compatibility. - BIOCFEEDBACK sets packet feedback mode. This allows injected packets to be fed back as input to the interface when output via the interface is successful. When BPF_D_INOUT direction is set, injected outgoing packet is not returned by BPF to avoid duplication. This flag is initialized to zero by default. Note that libpcap has been modified to support BPF_D_OUT direction for pcap_setdirection(3) and PCAP_D_OUT direction is functional now. Reviewed by: rwatson
2007-02-26 22:24:14 +00:00
case BIOCSDIRECTION:
{
u_int direction;
direction = *(u_int *)addr;
switch (direction) {
case BPF_D_IN:
case BPF_D_INOUT:
case BPF_D_OUT:
d->bd_direction = direction;
break;
default:
error = EINVAL;
}
}
break;
case BIOCFEEDBACK:
d->bd_feedback = *(u_int *)addr;
break;
case BIOCLOCK:
d->bd_locked = 1;
Introduce a new bd_seesent flag to the BPF descriptor, indicating whether or not the current BPF device should report locally generated packets or not. This allows sniffing applications to see only packets that are not generated locally, which can be useful for debugging bridging problems, or other situations where MAC addresses are not sufficient to identify locally sourced packets. Default to true for this flag, so as to provide existing behavior by default. Introduce two new ioctls, BIOCGSEESENT and BIOCSSEESENT, which may be used to manipulate this flag from userland, given appropriate privilege. Modify bpf.4 to document these two new ioctl arguments. Reviewed by: asmodai
2000-03-18 06:30:42 +00:00
break;
Give the BPF the ability to generate signals when a packet is available. Reviewed by: pst & wollman Submitted by: grossman@cygnus.com
1995-06-15 18:11:00 +00:00
case FIONBIO: /* Non-blocking I/O */
break;
case FIOASYNC: /* Send signal on receive packets */
d->bd_async = *(int *)addr;
break;
Installed the second patch attached to kern/7899 with some changes suggested by bde, a few other tweaks to get the patch to apply cleanly again and some improvements to the comments. This change closes some fairly minor security holes associated with F_SETOWN, fixes a few bugs, and removes some limitations that F_SETOWN had on tty devices. For more details, see the description on the PR. Because this patch increases the size of the proc and pgrp structures, it is necessary to re-install the includes and recompile libkvm, the vinum lkm, fstat, gcore, gdb, ipfilter, ps, top, and w. PR: kern/7899 Reviewed by: bde, elvind
1998-11-11 10:04:13 +00:00
case FIOSETOWN:
error = fsetown(*(int *)addr, &d->bd_sigio);
break;
case FIOGETOWN:
In an SMP environment post-Giant it is no longer safe to blindly dereference the struct sigio pointer without any locking. Change fgetown() to take a reference to the pointer instead of a copy of the pointer and call SIGIO_LOCK() before copying the pointer and dereferencing it. Reviewed by: rwatson
2002-10-03 02:13:00 +00:00
*(int *)addr = fgetown(&d->bd_sigio);
Installed the second patch attached to kern/7899 with some changes suggested by bde, a few other tweaks to get the patch to apply cleanly again and some improvements to the comments. This change closes some fairly minor security holes associated with F_SETOWN, fixes a few bugs, and removes some limitations that F_SETOWN had on tty devices. For more details, see the description on the PR. Because this patch increases the size of the proc and pgrp structures, it is necessary to re-install the includes and recompile libkvm, the vinum lkm, fstat, gcore, gdb, ipfilter, ps, top, and w. PR: kern/7899 Reviewed by: bde, elvind
1998-11-11 10:04:13 +00:00
break;
Give the BPF the ability to generate signals when a packet is available. Reviewed by: pst & wollman Submitted by: grossman@cygnus.com
1995-06-15 18:11:00 +00:00
Installed the second patch attached to kern/7899 with some changes suggested by bde, a few other tweaks to get the patch to apply cleanly again and some improvements to the comments. This change closes some fairly minor security holes associated with F_SETOWN, fixes a few bugs, and removes some limitations that F_SETOWN had on tty devices. For more details, see the description on the PR. Because this patch increases the size of the proc and pgrp structures, it is necessary to re-install the includes and recompile libkvm, the vinum lkm, fstat, gcore, gdb, ipfilter, ps, top, and w. PR: kern/7899 Reviewed by: bde, elvind
1998-11-11 10:04:13 +00:00
/* This is deprecated, FIOSETOWN should be used instead. */
case TIOCSPGRP:
error = fsetown(-(*(int *)addr), &d->bd_sigio);
Give the BPF the ability to generate signals when a packet is available. Reviewed by: pst & wollman Submitted by: grossman@cygnus.com
1995-06-15 18:11:00 +00:00
break;
Installed the second patch attached to kern/7899 with some changes suggested by bde, a few other tweaks to get the patch to apply cleanly again and some improvements to the comments. This change closes some fairly minor security holes associated with F_SETOWN, fixes a few bugs, and removes some limitations that F_SETOWN had on tty devices. For more details, see the description on the PR. Because this patch increases the size of the proc and pgrp structures, it is necessary to re-install the includes and recompile libkvm, the vinum lkm, fstat, gcore, gdb, ipfilter, ps, top, and w. PR: kern/7899 Reviewed by: bde, elvind
1998-11-11 10:04:13 +00:00
/* This is deprecated, FIOGETOWN should be used instead. */
Give the BPF the ability to generate signals when a packet is available. Reviewed by: pst & wollman Submitted by: grossman@cygnus.com
1995-06-15 18:11:00 +00:00
case TIOCGPGRP:
In an SMP environment post-Giant it is no longer safe to blindly dereference the struct sigio pointer without any locking. Change fgetown() to take a reference to the pointer instead of a copy of the pointer and call SIGIO_LOCK() before copying the pointer and dereferencing it. Reviewed by: rwatson
2002-10-03 02:13:00 +00:00
*(int *)addr = -fgetown(&d->bd_sigio);
Give the BPF the ability to generate signals when a packet is available. Reviewed by: pst & wollman Submitted by: grossman@cygnus.com
1995-06-15 18:11:00 +00:00
break;
case BIOCSRSIG: /* Set receive signal */
{
Clean up whitespace, s/register //, refrain from strong urge to ANSIfy.
2003-03-02 15:56:49 +00:00
u_int sig;
Give the BPF the ability to generate signals when a packet is available. Reviewed by: pst & wollman Submitted by: grossman@cygnus.com
1995-06-15 18:11:00 +00:00
sig = *(u_int *)addr;
if (sig >= NSIG)
error = EINVAL;
else
d->bd_sig = sig;
break;
}
case BIOCGRSIG:
*(u_int *)addr = d->bd_sig;
break;
Introduce support for zero-copy BPF buffering, which reduces the overhead of packet capture by allowing a user process to directly "loan" buffer memory to the kernel rather than using read(2) to explicitly copy data from kernel address space. The user process will issue new BPF ioctls to set the shared memory buffer mode and provide pointers to buffers and their size. The kernel then wires and maps the pages into kernel address space using sf_buf(9), which on supporting architectures will use the direct map region. The current "buffered" access mode remains the default, and support for zero-copy buffers must, for the time being, be explicitly enabled using a sysctl for the kernel to accept requests to use it. The kernel and user process synchronize use of the buffers with atomic operations, avoiding the need for system calls under load; the user process may use select()/poll()/kqueue() to manage blocking while waiting for network data if the user process is able to consume data faster than the kernel generates it. Patchs to libpcap are available to allow libpcap applications to transparently take advantage of this support. Detailed information on the new API may be found in bpf(4), including specific atomic operations and memory barriers required to synchronize buffer use safely. These changes modify the base BPF implementation to (roughly) abstrac the current buffer model, allowing the new shared memory model to be added, and add new monitoring statistics for netstat to print. The implementation, with the exception of some monitoring hanges that break the netstat monitoring ABI for BPF, will be MFC'd. Zerocopy bpf buffers are still considered experimental are disabled by default. To experiment with this new facility, adjust the net.bpf.zerocopy_enable sysctl variable to 1. Changes to libpcap will be made available as a patch for the time being, and further refinements to the implementation are expected. Sponsored by: Seccuris Inc. In collaboration with: rwatson Tested by: pwood, gallatin MFC after: 4 months [1] [1] Certain portions will probably not be MFCed, specifically things that can break the monitoring ABI.
2008-03-24 13:49:17 +00:00
case BIOCGETBUFMODE:
*(u_int *)addr = d->bd_bufmode;
break;
case BIOCSETBUFMODE:
/*
* Allow the buffering mode to be changed as long as we
* haven't yet committed to a particular mode. Our
* definition of commitment, for now, is whether or not a
* buffer has been allocated or an interface attached, since
* that's the point where things get tricky.
*/
switch (*(u_int *)addr) {
case BPF_BUFMODE_BUFFER:
break;
case BPF_BUFMODE_ZBUF:
if (bpf_zerocopy_enable)
break;
/* FALLSTHROUGH */
default:
return (EINVAL);
}
BPFD_LOCK(d);
if (d->bd_sbuf != NULL || d->bd_hbuf != NULL ||
d->bd_fbuf != NULL || d->bd_bif != NULL) {
BPFD_UNLOCK(d);
return (EBUSY);
}
d->bd_bufmode = *(u_int *)addr;
BPFD_UNLOCK(d);
break;
case BIOCGETZMAX:
return (bpf_ioctl_getzmax(td, d, (size_t *)addr));
case BIOCSETZBUF:
return (bpf_ioctl_setzbuf(td, d, (struct bpf_zbuf *)addr));
case BIOCROTZBUF:
return (bpf_ioctl_rotzbuf(td, d, (struct bpf_zbuf *)addr));
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
}
return (error);
}
/*
* Set d's packet filter program to fp. If this file already has a filter,
* free it and replace it. Returns EINVAL for bogus requests.
*/
Another mega commit to staticize things.
1995-12-14 09:55:16 +00:00
static int
Since we are doing some bpf(4) clean up, change a couple of function prototypes to be consistent. Also, ANSI'fy function definitions. There is no functional change here.
2006-06-15 15:39:12 +00:00
bpf_setf(struct bpf_d *d, struct bpf_program *fp, u_long cmd)
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
{
struct bpf_insn *fcode, *old;
Introduce two new ioctl(2) commands, BIOCLOCK and BIOCSETWF. These commands enhance the security of bpf(4) by further relinquishing the privilege of the bpf(4) consumer (assuming the ioctl commands are being implemented). Once BIOCLOCK is executed, the device becomes locked which prevents the execution of ioctl(2) commands which can change the underly parameters of the bpf(4) device. An example might be the setting of bpf(4) filter programs or attaching to different network interfaces. BIOCSETWF can be used to set write filters for outgoing packets. Currently if a bpf(4) consumer is compromised, the bpf(4) descriptor can essentially be used as a raw socket, regardless of consumer's UID. Write filters give users the ability to constrain which packets can be sent through the bpf(4) descriptor. These features are currently implemented by a couple programs which came from OpenBSD, such as the new dhclient and pflogd. -Modify bpf_setf(9) to accept a "cmd" parameter. This will be used to specify whether a read or write filter is to be set. -Add a bpf(4) filter program as a parameter to bpf_movein(9) as we will run the filter program on the mbuf data once we move the packet in from user-space. -Rather than execute two uiomove operations, (one for the link header and the other for the packet data), execute one and manually copy the linker header into the sockaddr structure via bcopy. -Restructure bpf_setf to compensate for write filters, as well as read. -Adjust bpf(4) stats structures to include a bd_locked member. It should be noted that the FreeBSD and OpenBSD implementations differ a bit in the sense that we unconditionally enforce the lock, where OpenBSD enforces it only if the calling credential is not root. Idea from: OpenBSD Reviewed by: mlaier
2005-08-22 19:35:48 +00:00
u_int wfilter, flen, size;
Fix -Wundef warnings.
2006-05-30 19:24:01 +00:00
#ifdef BPF_JITTER
Add experimental BPF Just-In-Time compiler for amd64 and i386. Use the following kernel configuration option to enable: options BPF_JITTER If you want to use bpf_filter() instead (e. g., debugging), do: sysctl net.bpf.jitter.enable=0 to turn it off. Currently BIOCSETWF and bpf_mtap2() are unsupported, and bpf_mtap() is partially supported because 1) no need, 2) avoid expensive m_copydata(9). Obtained from: WinPcap 3.1 (for i386)
2005-12-06 02:58:12 +00:00
bpf_jit_filter *ofunc;
#endif
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
Introduce two new ioctl(2) commands, BIOCLOCK and BIOCSETWF. These commands enhance the security of bpf(4) by further relinquishing the privilege of the bpf(4) consumer (assuming the ioctl commands are being implemented). Once BIOCLOCK is executed, the device becomes locked which prevents the execution of ioctl(2) commands which can change the underly parameters of the bpf(4) device. An example might be the setting of bpf(4) filter programs or attaching to different network interfaces. BIOCSETWF can be used to set write filters for outgoing packets. Currently if a bpf(4) consumer is compromised, the bpf(4) descriptor can essentially be used as a raw socket, regardless of consumer's UID. Write filters give users the ability to constrain which packets can be sent through the bpf(4) descriptor. These features are currently implemented by a couple programs which came from OpenBSD, such as the new dhclient and pflogd. -Modify bpf_setf(9) to accept a "cmd" parameter. This will be used to specify whether a read or write filter is to be set. -Add a bpf(4) filter program as a parameter to bpf_movein(9) as we will run the filter program on the mbuf data once we move the packet in from user-space. -Rather than execute two uiomove operations, (one for the link header and the other for the packet data), execute one and manually copy the linker header into the sockaddr structure via bcopy. -Restructure bpf_setf to compensate for write filters, as well as read. -Adjust bpf(4) stats structures to include a bd_locked member. It should be noted that the FreeBSD and OpenBSD implementations differ a bit in the sense that we unconditionally enforce the lock, where OpenBSD enforces it only if the calling credential is not root. Idea from: OpenBSD Reviewed by: mlaier
2005-08-22 19:35:48 +00:00
if (cmd == BIOCSETWF) {
old = d->bd_wfilter;
wfilter = 1;
Fix -Wundef warnings.
2006-05-30 19:24:01 +00:00
#ifdef BPF_JITTER
Add experimental BPF Just-In-Time compiler for amd64 and i386. Use the following kernel configuration option to enable: options BPF_JITTER If you want to use bpf_filter() instead (e. g., debugging), do: sysctl net.bpf.jitter.enable=0 to turn it off. Currently BIOCSETWF and bpf_mtap2() are unsupported, and bpf_mtap() is partially supported because 1) no need, 2) avoid expensive m_copydata(9). Obtained from: WinPcap 3.1 (for i386)
2005-12-06 02:58:12 +00:00
ofunc = NULL;
#endif
Introduce two new ioctl(2) commands, BIOCLOCK and BIOCSETWF. These commands enhance the security of bpf(4) by further relinquishing the privilege of the bpf(4) consumer (assuming the ioctl commands are being implemented). Once BIOCLOCK is executed, the device becomes locked which prevents the execution of ioctl(2) commands which can change the underly parameters of the bpf(4) device. An example might be the setting of bpf(4) filter programs or attaching to different network interfaces. BIOCSETWF can be used to set write filters for outgoing packets. Currently if a bpf(4) consumer is compromised, the bpf(4) descriptor can essentially be used as a raw socket, regardless of consumer's UID. Write filters give users the ability to constrain which packets can be sent through the bpf(4) descriptor. These features are currently implemented by a couple programs which came from OpenBSD, such as the new dhclient and pflogd. -Modify bpf_setf(9) to accept a "cmd" parameter. This will be used to specify whether a read or write filter is to be set. -Add a bpf(4) filter program as a parameter to bpf_movein(9) as we will run the filter program on the mbuf data once we move the packet in from user-space. -Rather than execute two uiomove operations, (one for the link header and the other for the packet data), execute one and manually copy the linker header into the sockaddr structure via bcopy. -Restructure bpf_setf to compensate for write filters, as well as read. -Adjust bpf(4) stats structures to include a bd_locked member. It should be noted that the FreeBSD and OpenBSD implementations differ a bit in the sense that we unconditionally enforce the lock, where OpenBSD enforces it only if the calling credential is not root. Idea from: OpenBSD Reviewed by: mlaier
2005-08-22 19:35:48 +00:00
} else {
wfilter = 0;
old = d->bd_rfilter;
Fix -Wundef warnings.
2006-05-30 19:24:01 +00:00
#ifdef BPF_JITTER
Add experimental BPF Just-In-Time compiler for amd64 and i386. Use the following kernel configuration option to enable: options BPF_JITTER If you want to use bpf_filter() instead (e. g., debugging), do: sysctl net.bpf.jitter.enable=0 to turn it off. Currently BIOCSETWF and bpf_mtap2() are unsupported, and bpf_mtap() is partially supported because 1) no need, 2) avoid expensive m_copydata(9). Obtained from: WinPcap 3.1 (for i386)
2005-12-06 02:58:12 +00:00
ofunc = d->bd_bfilter;
#endif
Introduce two new ioctl(2) commands, BIOCLOCK and BIOCSETWF. These commands enhance the security of bpf(4) by further relinquishing the privilege of the bpf(4) consumer (assuming the ioctl commands are being implemented). Once BIOCLOCK is executed, the device becomes locked which prevents the execution of ioctl(2) commands which can change the underly parameters of the bpf(4) device. An example might be the setting of bpf(4) filter programs or attaching to different network interfaces. BIOCSETWF can be used to set write filters for outgoing packets. Currently if a bpf(4) consumer is compromised, the bpf(4) descriptor can essentially be used as a raw socket, regardless of consumer's UID. Write filters give users the ability to constrain which packets can be sent through the bpf(4) descriptor. These features are currently implemented by a couple programs which came from OpenBSD, such as the new dhclient and pflogd. -Modify bpf_setf(9) to accept a "cmd" parameter. This will be used to specify whether a read or write filter is to be set. -Add a bpf(4) filter program as a parameter to bpf_movein(9) as we will run the filter program on the mbuf data once we move the packet in from user-space. -Rather than execute two uiomove operations, (one for the link header and the other for the packet data), execute one and manually copy the linker header into the sockaddr structure via bcopy. -Restructure bpf_setf to compensate for write filters, as well as read. -Adjust bpf(4) stats structures to include a bd_locked member. It should be noted that the FreeBSD and OpenBSD implementations differ a bit in the sense that we unconditionally enforce the lock, where OpenBSD enforces it only if the calling credential is not root. Idea from: OpenBSD Reviewed by: mlaier
2005-08-22 19:35:48 +00:00
}
Prefer NULL to '0' when checking a pointer value.
2004-07-24 16:58:56 +00:00
if (fp->bf_insns == NULL) {
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
if (fp->bf_len != 0)
return (EINVAL);
Add mutexes to the entire bpf subsystem to make it MPSAFE. Previously reviewed by: jhb, bde
2001-02-16 17:10:28 +00:00
BPFD_LOCK(d);
Introduce two new ioctl(2) commands, BIOCLOCK and BIOCSETWF. These commands enhance the security of bpf(4) by further relinquishing the privilege of the bpf(4) consumer (assuming the ioctl commands are being implemented). Once BIOCLOCK is executed, the device becomes locked which prevents the execution of ioctl(2) commands which can change the underly parameters of the bpf(4) device. An example might be the setting of bpf(4) filter programs or attaching to different network interfaces. BIOCSETWF can be used to set write filters for outgoing packets. Currently if a bpf(4) consumer is compromised, the bpf(4) descriptor can essentially be used as a raw socket, regardless of consumer's UID. Write filters give users the ability to constrain which packets can be sent through the bpf(4) descriptor. These features are currently implemented by a couple programs which came from OpenBSD, such as the new dhclient and pflogd. -Modify bpf_setf(9) to accept a "cmd" parameter. This will be used to specify whether a read or write filter is to be set. -Add a bpf(4) filter program as a parameter to bpf_movein(9) as we will run the filter program on the mbuf data once we move the packet in from user-space. -Rather than execute two uiomove operations, (one for the link header and the other for the packet data), execute one and manually copy the linker header into the sockaddr structure via bcopy. -Restructure bpf_setf to compensate for write filters, as well as read. -Adjust bpf(4) stats structures to include a bd_locked member. It should be noted that the FreeBSD and OpenBSD implementations differ a bit in the sense that we unconditionally enforce the lock, where OpenBSD enforces it only if the calling credential is not root. Idea from: OpenBSD Reviewed by: mlaier
2005-08-22 19:35:48 +00:00
if (wfilter)
d->bd_wfilter = NULL;
Add experimental BPF Just-In-Time compiler for amd64 and i386. Use the following kernel configuration option to enable: options BPF_JITTER If you want to use bpf_filter() instead (e. g., debugging), do: sysctl net.bpf.jitter.enable=0 to turn it off. Currently BIOCSETWF and bpf_mtap2() are unsupported, and bpf_mtap() is partially supported because 1) no need, 2) avoid expensive m_copydata(9). Obtained from: WinPcap 3.1 (for i386)
2005-12-06 02:58:12 +00:00
else {
Introduce two new ioctl(2) commands, BIOCLOCK and BIOCSETWF. These commands enhance the security of bpf(4) by further relinquishing the privilege of the bpf(4) consumer (assuming the ioctl commands are being implemented). Once BIOCLOCK is executed, the device becomes locked which prevents the execution of ioctl(2) commands which can change the underly parameters of the bpf(4) device. An example might be the setting of bpf(4) filter programs or attaching to different network interfaces. BIOCSETWF can be used to set write filters for outgoing packets. Currently if a bpf(4) consumer is compromised, the bpf(4) descriptor can essentially be used as a raw socket, regardless of consumer's UID. Write filters give users the ability to constrain which packets can be sent through the bpf(4) descriptor. These features are currently implemented by a couple programs which came from OpenBSD, such as the new dhclient and pflogd. -Modify bpf_setf(9) to accept a "cmd" parameter. This will be used to specify whether a read or write filter is to be set. -Add a bpf(4) filter program as a parameter to bpf_movein(9) as we will run the filter program on the mbuf data once we move the packet in from user-space. -Rather than execute two uiomove operations, (one for the link header and the other for the packet data), execute one and manually copy the linker header into the sockaddr structure via bcopy. -Restructure bpf_setf to compensate for write filters, as well as read. -Adjust bpf(4) stats structures to include a bd_locked member. It should be noted that the FreeBSD and OpenBSD implementations differ a bit in the sense that we unconditionally enforce the lock, where OpenBSD enforces it only if the calling credential is not root. Idea from: OpenBSD Reviewed by: mlaier
2005-08-22 19:35:48 +00:00
d->bd_rfilter = NULL;
Fix -Wundef warnings.
2006-05-30 19:24:01 +00:00
#ifdef BPF_JITTER
Add experimental BPF Just-In-Time compiler for amd64 and i386. Use the following kernel configuration option to enable: options BPF_JITTER If you want to use bpf_filter() instead (e. g., debugging), do: sysctl net.bpf.jitter.enable=0 to turn it off. Currently BIOCSETWF and bpf_mtap2() are unsupported, and bpf_mtap() is partially supported because 1) no need, 2) avoid expensive m_copydata(9). Obtained from: WinPcap 3.1 (for i386)
2005-12-06 02:58:12 +00:00
d->bd_bfilter = NULL;
#endif
Add a new ioctl for changing the read filter (BIOCSETFNR). This is just like BIOCSETF but it doesn't drop all the packets buffered on the discriptor and reset the statistics. Also, when setting the write filter, don't drop packets waiting to be read or reset the statistics. PR: 118486 Submitted by: Matthew Luckie <mluckie@cs.waikato.ac.nz> MFC after: 1 month
2008-07-07 09:25:49 +00:00
if (cmd == BIOCSETF)
reset_d(d);
Add experimental BPF Just-In-Time compiler for amd64 and i386. Use the following kernel configuration option to enable: options BPF_JITTER If you want to use bpf_filter() instead (e. g., debugging), do: sysctl net.bpf.jitter.enable=0 to turn it off. Currently BIOCSETWF and bpf_mtap2() are unsupported, and bpf_mtap() is partially supported because 1) no need, 2) avoid expensive m_copydata(9). Obtained from: WinPcap 3.1 (for i386)
2005-12-06 02:58:12 +00:00
}
Add mutexes to the entire bpf subsystem to make it MPSAFE. Previously reviewed by: jhb, bde
2001-02-16 17:10:28 +00:00
BPFD_UNLOCK(d);
Prefer NULL to '0' when checking a pointer value.
2004-07-24 16:58:56 +00:00
if (old != NULL)
Give BPF the "almost-clone" update. If you need more of them, make more entries in /dev and be happy you don't need to recompile your kernel.
1999-08-15 09:38:21 +00:00
free((caddr_t)old, M_BPF);
Fix -Wundef warnings.
2006-05-30 19:24:01 +00:00
#ifdef BPF_JITTER
Add experimental BPF Just-In-Time compiler for amd64 and i386. Use the following kernel configuration option to enable: options BPF_JITTER If you want to use bpf_filter() instead (e. g., debugging), do: sysctl net.bpf.jitter.enable=0 to turn it off. Currently BIOCSETWF and bpf_mtap2() are unsupported, and bpf_mtap() is partially supported because 1) no need, 2) avoid expensive m_copydata(9). Obtained from: WinPcap 3.1 (for i386)
2005-12-06 02:58:12 +00:00
if (ofunc != NULL)
bpf_destroy_jit_filter(ofunc);
#endif
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
return (0);
}
flen = fp->bf_len;
Change the maximum bpf program instruction limitation from being hard- coded at 512 (BPF_MAXINSNS) to being tunable. This is useful for users who wish to use complex or large bpf programs when filtering traffic. For now we will default it to BPF_MAXINSNS. I have tested bpf programs with well over 21,000 instructions without any problems. Discussed with: phk
2005-06-06 22:19:59 +00:00
if (flen > bpf_maxinsns)
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
return (EINVAL);
size = flen * sizeof(*fp->bf_insns);
Back out M_* changes, per decision of the TRB. Approved by: trb
2003-02-19 05:47:46 +00:00
fcode = (struct bpf_insn *)malloc(size, M_BPF, M_WAITOK);
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
if (copyin((caddr_t)fp->bf_insns, (caddr_t)fcode, size) == 0 &&
bpf_validate(fcode, (int)flen)) {
Add mutexes to the entire bpf subsystem to make it MPSAFE. Previously reviewed by: jhb, bde
2001-02-16 17:10:28 +00:00
BPFD_LOCK(d);
Introduce two new ioctl(2) commands, BIOCLOCK and BIOCSETWF. These commands enhance the security of bpf(4) by further relinquishing the privilege of the bpf(4) consumer (assuming the ioctl commands are being implemented). Once BIOCLOCK is executed, the device becomes locked which prevents the execution of ioctl(2) commands which can change the underly parameters of the bpf(4) device. An example might be the setting of bpf(4) filter programs or attaching to different network interfaces. BIOCSETWF can be used to set write filters for outgoing packets. Currently if a bpf(4) consumer is compromised, the bpf(4) descriptor can essentially be used as a raw socket, regardless of consumer's UID. Write filters give users the ability to constrain which packets can be sent through the bpf(4) descriptor. These features are currently implemented by a couple programs which came from OpenBSD, such as the new dhclient and pflogd. -Modify bpf_setf(9) to accept a "cmd" parameter. This will be used to specify whether a read or write filter is to be set. -Add a bpf(4) filter program as a parameter to bpf_movein(9) as we will run the filter program on the mbuf data once we move the packet in from user-space. -Rather than execute two uiomove operations, (one for the link header and the other for the packet data), execute one and manually copy the linker header into the sockaddr structure via bcopy. -Restructure bpf_setf to compensate for write filters, as well as read. -Adjust bpf(4) stats structures to include a bd_locked member. It should be noted that the FreeBSD and OpenBSD implementations differ a bit in the sense that we unconditionally enforce the lock, where OpenBSD enforces it only if the calling credential is not root. Idea from: OpenBSD Reviewed by: mlaier
2005-08-22 19:35:48 +00:00
if (wfilter)
d->bd_wfilter = fcode;
Add experimental BPF Just-In-Time compiler for amd64 and i386. Use the following kernel configuration option to enable: options BPF_JITTER If you want to use bpf_filter() instead (e. g., debugging), do: sysctl net.bpf.jitter.enable=0 to turn it off. Currently BIOCSETWF and bpf_mtap2() are unsupported, and bpf_mtap() is partially supported because 1) no need, 2) avoid expensive m_copydata(9). Obtained from: WinPcap 3.1 (for i386)
2005-12-06 02:58:12 +00:00
else {
Introduce two new ioctl(2) commands, BIOCLOCK and BIOCSETWF. These commands enhance the security of bpf(4) by further relinquishing the privilege of the bpf(4) consumer (assuming the ioctl commands are being implemented). Once BIOCLOCK is executed, the device becomes locked which prevents the execution of ioctl(2) commands which can change the underly parameters of the bpf(4) device. An example might be the setting of bpf(4) filter programs or attaching to different network interfaces. BIOCSETWF can be used to set write filters for outgoing packets. Currently if a bpf(4) consumer is compromised, the bpf(4) descriptor can essentially be used as a raw socket, regardless of consumer's UID. Write filters give users the ability to constrain which packets can be sent through the bpf(4) descriptor. These features are currently implemented by a couple programs which came from OpenBSD, such as the new dhclient and pflogd. -Modify bpf_setf(9) to accept a "cmd" parameter. This will be used to specify whether a read or write filter is to be set. -Add a bpf(4) filter program as a parameter to bpf_movein(9) as we will run the filter program on the mbuf data once we move the packet in from user-space. -Rather than execute two uiomove operations, (one for the link header and the other for the packet data), execute one and manually copy the linker header into the sockaddr structure via bcopy. -Restructure bpf_setf to compensate for write filters, as well as read. -Adjust bpf(4) stats structures to include a bd_locked member. It should be noted that the FreeBSD and OpenBSD implementations differ a bit in the sense that we unconditionally enforce the lock, where OpenBSD enforces it only if the calling credential is not root. Idea from: OpenBSD Reviewed by: mlaier
2005-08-22 19:35:48 +00:00
d->bd_rfilter = fcode;
Fix -Wundef warnings.
2006-05-30 19:24:01 +00:00
#ifdef BPF_JITTER
Add experimental BPF Just-In-Time compiler for amd64 and i386. Use the following kernel configuration option to enable: options BPF_JITTER If you want to use bpf_filter() instead (e. g., debugging), do: sysctl net.bpf.jitter.enable=0 to turn it off. Currently BIOCSETWF and bpf_mtap2() are unsupported, and bpf_mtap() is partially supported because 1) no need, 2) avoid expensive m_copydata(9). Obtained from: WinPcap 3.1 (for i386)
2005-12-06 02:58:12 +00:00
d->bd_bfilter = bpf_jitter(fcode, flen);
#endif
Add a new ioctl for changing the read filter (BIOCSETFNR). This is just like BIOCSETF but it doesn't drop all the packets buffered on the discriptor and reset the statistics. Also, when setting the write filter, don't drop packets waiting to be read or reset the statistics. PR: 118486 Submitted by: Matthew Luckie <mluckie@cs.waikato.ac.nz> MFC after: 1 month
2008-07-07 09:25:49 +00:00
if (cmd == BIOCSETF)
reset_d(d);
Add experimental BPF Just-In-Time compiler for amd64 and i386. Use the following kernel configuration option to enable: options BPF_JITTER If you want to use bpf_filter() instead (e. g., debugging), do: sysctl net.bpf.jitter.enable=0 to turn it off. Currently BIOCSETWF and bpf_mtap2() are unsupported, and bpf_mtap() is partially supported because 1) no need, 2) avoid expensive m_copydata(9). Obtained from: WinPcap 3.1 (for i386)
2005-12-06 02:58:12 +00:00
}
Add mutexes to the entire bpf subsystem to make it MPSAFE. Previously reviewed by: jhb, bde
2001-02-16 17:10:28 +00:00
BPFD_UNLOCK(d);
Prefer NULL to '0' when checking a pointer value.
2004-07-24 16:58:56 +00:00
if (old != NULL)
Give BPF the "almost-clone" update. If you need more of them, make more entries in /dev and be happy you don't need to recompile your kernel.
1999-08-15 09:38:21 +00:00
free((caddr_t)old, M_BPF);
Fix -Wundef warnings.
2006-05-30 19:24:01 +00:00
#ifdef BPF_JITTER
Add experimental BPF Just-In-Time compiler for amd64 and i386. Use the following kernel configuration option to enable: options BPF_JITTER If you want to use bpf_filter() instead (e. g., debugging), do: sysctl net.bpf.jitter.enable=0 to turn it off. Currently BIOCSETWF and bpf_mtap2() are unsupported, and bpf_mtap() is partially supported because 1) no need, 2) avoid expensive m_copydata(9). Obtained from: WinPcap 3.1 (for i386)
2005-12-06 02:58:12 +00:00
if (ofunc != NULL)
bpf_destroy_jit_filter(ofunc);
#endif
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
return (0);
}
Give BPF the "almost-clone" update. If you need more of them, make more entries in /dev and be happy you don't need to recompile your kernel.
1999-08-15 09:38:21 +00:00
free((caddr_t)fcode, M_BPF);
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
return (EINVAL);
}
/*
* Detach a file from its current interface (if attached at all) and attach
* to the interface indicated by the name stored in ifr.
* Return an errno or 0.
*/
static int
Since we are doing some bpf(4) clean up, change a couple of function prototypes to be consistent. Also, ANSI'fy function definitions. There is no functional change here.
2006-06-15 15:39:12 +00:00
bpf_setif(struct bpf_d *d, struct ifreq *ifr)
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
{
struct bpf_if *bp;
Clean up Ethernet drivers: - fill in and use ifp->if_softc - use if_bpf rather than private cookie variables - change bpf interface to take advantage of this - call ether_ifattach() directly from Ethernet drivers - delete kludge in if_attach() that did this indirectly
1996-02-06 18:51:28 +00:00
struct ifnet *theywant;
theywant = ifunit(ifr->ifr_name);
Fix the following bpf(4) race condition which can result in a panic: (1) bpf peer attaches to interface netif0 (2) Packet is received by netif0 (3) ifp->if_bpf pointer is checked and handed off to bpf (4) bpf peer detaches from netif0 resulting in ifp->if_bpf being initialized to NULL. (5) ifp->if_bpf is dereferenced by bpf machinery (6) Kaboom This race condition likely explains the various different kernel panics reported around sending SIGINT to tcpdump or dhclient processes. But really this race can result in kernel panics anywhere you have frequent bpf attach and detach operations with high packet per second load. Summary of changes: - Remove the bpf interface's "driverp" member - When we attach bpf interfaces, we now set the ifp->if_bpf member to the bpf interface structure. Once this is done, ifp->if_bpf should never be NULL. [1] - Introduce bpf_peers_present function, an inline operation which will do a lockless read bpf peer list associated with the interface. It should be noted that the bpf code will pickup the bpf_interface lock before adding or removing bpf peers. This should serialize the access to the bpf descriptor list, removing the race. - Expose the bpf_if structure in bpf.h so that the bpf_peers_present function can use it. This also removes the struct bpf_if; hack that was there. - Adjust all consumers of the raw if_bpf structure to use bpf_peers_present Now what happens is: (1) Packet is received by netif0 (2) Check to see if bpf descriptor list is empty (3) Pickup the bpf interface lock (4) Hand packet off to process From the attach/detach side: (1) Pickup the bpf interface lock (2) Add/remove from bpf descriptor list Now that we are storing the bpf interface structure with the ifnet, there is is no need to walk the bpf interface list to locate the correct bpf interface. We now simply look up the interface, and initialize the pointer. This has a nice side effect of changing a bpf interface attach operation from O(N) (where N is the number of bpf interfaces), to O(1). [1] From now on, we can no longer check ifp->if_bpf to tell us whether or not we have any bpf peers that might be interested in receiving packets. In collaboration with: sam@ MFC after: 1 month
2006-06-02 19:59:33 +00:00
if (theywant == NULL || theywant->if_bpf == NULL)
return (ENXIO);
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
Fix the following bpf(4) race condition which can result in a panic: (1) bpf peer attaches to interface netif0 (2) Packet is received by netif0 (3) ifp->if_bpf pointer is checked and handed off to bpf (4) bpf peer detaches from netif0 resulting in ifp->if_bpf being initialized to NULL. (5) ifp->if_bpf is dereferenced by bpf machinery (6) Kaboom This race condition likely explains the various different kernel panics reported around sending SIGINT to tcpdump or dhclient processes. But really this race can result in kernel panics anywhere you have frequent bpf attach and detach operations with high packet per second load. Summary of changes: - Remove the bpf interface's "driverp" member - When we attach bpf interfaces, we now set the ifp->if_bpf member to the bpf interface structure. Once this is done, ifp->if_bpf should never be NULL. [1] - Introduce bpf_peers_present function, an inline operation which will do a lockless read bpf peer list associated with the interface. It should be noted that the bpf code will pickup the bpf_interface lock before adding or removing bpf peers. This should serialize the access to the bpf descriptor list, removing the race. - Expose the bpf_if structure in bpf.h so that the bpf_peers_present function can use it. This also removes the struct bpf_if; hack that was there. - Adjust all consumers of the raw if_bpf structure to use bpf_peers_present Now what happens is: (1) Packet is received by netif0 (2) Check to see if bpf descriptor list is empty (3) Pickup the bpf interface lock (4) Hand packet off to process From the attach/detach side: (1) Pickup the bpf interface lock (2) Add/remove from bpf descriptor list Now that we are storing the bpf interface structure with the ifnet, there is is no need to walk the bpf interface list to locate the correct bpf interface. We now simply look up the interface, and initialize the pointer. This has a nice side effect of changing a bpf interface attach operation from O(N) (where N is the number of bpf interfaces), to O(1). [1] From now on, we can no longer check ifp->if_bpf to tell us whether or not we have any bpf peers that might be interested in receiving packets. In collaboration with: sam@ MFC after: 1 month
2006-06-02 19:59:33 +00:00
bp = theywant->if_bpf;
Introduce support for zero-copy BPF buffering, which reduces the overhead of packet capture by allowing a user process to directly "loan" buffer memory to the kernel rather than using read(2) to explicitly copy data from kernel address space. The user process will issue new BPF ioctls to set the shared memory buffer mode and provide pointers to buffers and their size. The kernel then wires and maps the pages into kernel address space using sf_buf(9), which on supporting architectures will use the direct map region. The current "buffered" access mode remains the default, and support for zero-copy buffers must, for the time being, be explicitly enabled using a sysctl for the kernel to accept requests to use it. The kernel and user process synchronize use of the buffers with atomic operations, avoiding the need for system calls under load; the user process may use select()/poll()/kqueue() to manage blocking while waiting for network data if the user process is able to consume data faster than the kernel generates it. Patchs to libpcap are available to allow libpcap applications to transparently take advantage of this support. Detailed information on the new API may be found in bpf(4), including specific atomic operations and memory barriers required to synchronize buffer use safely. These changes modify the base BPF implementation to (roughly) abstrac the current buffer model, allowing the new shared memory model to be added, and add new monitoring statistics for netstat to print. The implementation, with the exception of some monitoring hanges that break the netstat monitoring ABI for BPF, will be MFC'd. Zerocopy bpf buffers are still considered experimental are disabled by default. To experiment with this new facility, adjust the net.bpf.zerocopy_enable sysctl variable to 1. Changes to libpcap will be made available as a patch for the time being, and further refinements to the implementation are expected. Sponsored by: Seccuris Inc. In collaboration with: rwatson Tested by: pwood, gallatin MFC after: 4 months [1] [1] Certain portions will probably not be MFCed, specifically things that can break the monitoring ABI.
2008-03-24 13:49:17 +00:00
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
/*
Introduce support for zero-copy BPF buffering, which reduces the overhead of packet capture by allowing a user process to directly "loan" buffer memory to the kernel rather than using read(2) to explicitly copy data from kernel address space. The user process will issue new BPF ioctls to set the shared memory buffer mode and provide pointers to buffers and their size. The kernel then wires and maps the pages into kernel address space using sf_buf(9), which on supporting architectures will use the direct map region. The current "buffered" access mode remains the default, and support for zero-copy buffers must, for the time being, be explicitly enabled using a sysctl for the kernel to accept requests to use it. The kernel and user process synchronize use of the buffers with atomic operations, avoiding the need for system calls under load; the user process may use select()/poll()/kqueue() to manage blocking while waiting for network data if the user process is able to consume data faster than the kernel generates it. Patchs to libpcap are available to allow libpcap applications to transparently take advantage of this support. Detailed information on the new API may be found in bpf(4), including specific atomic operations and memory barriers required to synchronize buffer use safely. These changes modify the base BPF implementation to (roughly) abstrac the current buffer model, allowing the new shared memory model to be added, and add new monitoring statistics for netstat to print. The implementation, with the exception of some monitoring hanges that break the netstat monitoring ABI for BPF, will be MFC'd. Zerocopy bpf buffers are still considered experimental are disabled by default. To experiment with this new facility, adjust the net.bpf.zerocopy_enable sysctl variable to 1. Changes to libpcap will be made available as a patch for the time being, and further refinements to the implementation are expected. Sponsored by: Seccuris Inc. In collaboration with: rwatson Tested by: pwood, gallatin MFC after: 4 months [1] [1] Certain portions will probably not be MFCed, specifically things that can break the monitoring ABI.
2008-03-24 13:49:17 +00:00
* Behavior here depends on the buffering model. If we're using
* kernel memory buffers, then we can allocate them here. If we're
* using zero-copy, then the user process must have registered
* buffers by the time we get here. If not, return an error.
*
* XXXRW: There are locking issues here with multi-threaded use: what
* if two threads try to set the interface at once?
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
*/
Introduce support for zero-copy BPF buffering, which reduces the overhead of packet capture by allowing a user process to directly "loan" buffer memory to the kernel rather than using read(2) to explicitly copy data from kernel address space. The user process will issue new BPF ioctls to set the shared memory buffer mode and provide pointers to buffers and their size. The kernel then wires and maps the pages into kernel address space using sf_buf(9), which on supporting architectures will use the direct map region. The current "buffered" access mode remains the default, and support for zero-copy buffers must, for the time being, be explicitly enabled using a sysctl for the kernel to accept requests to use it. The kernel and user process synchronize use of the buffers with atomic operations, avoiding the need for system calls under load; the user process may use select()/poll()/kqueue() to manage blocking while waiting for network data if the user process is able to consume data faster than the kernel generates it. Patchs to libpcap are available to allow libpcap applications to transparently take advantage of this support. Detailed information on the new API may be found in bpf(4), including specific atomic operations and memory barriers required to synchronize buffer use safely. These changes modify the base BPF implementation to (roughly) abstrac the current buffer model, allowing the new shared memory model to be added, and add new monitoring statistics for netstat to print. The implementation, with the exception of some monitoring hanges that break the netstat monitoring ABI for BPF, will be MFC'd. Zerocopy bpf buffers are still considered experimental are disabled by default. To experiment with this new facility, adjust the net.bpf.zerocopy_enable sysctl variable to 1. Changes to libpcap will be made available as a patch for the time being, and further refinements to the implementation are expected. Sponsored by: Seccuris Inc. In collaboration with: rwatson Tested by: pwood, gallatin MFC after: 4 months [1] [1] Certain portions will probably not be MFCed, specifically things that can break the monitoring ABI.
2008-03-24 13:49:17 +00:00
switch (d->bd_bufmode) {
case BPF_BUFMODE_BUFFER:
if (d->bd_sbuf == NULL)
bpf_buffer_alloc(d);
KASSERT(d->bd_sbuf != NULL, ("bpf_setif: bd_sbuf NULL"));
break;
case BPF_BUFMODE_ZBUF:
if (d->bd_sbuf == NULL)
return (EINVAL);
break;
default:
panic("bpf_setif: bufmode %d", d->bd_bufmode);
}
Fix the following bpf(4) race condition which can result in a panic: (1) bpf peer attaches to interface netif0 (2) Packet is received by netif0 (3) ifp->if_bpf pointer is checked and handed off to bpf (4) bpf peer detaches from netif0 resulting in ifp->if_bpf being initialized to NULL. (5) ifp->if_bpf is dereferenced by bpf machinery (6) Kaboom This race condition likely explains the various different kernel panics reported around sending SIGINT to tcpdump or dhclient processes. But really this race can result in kernel panics anywhere you have frequent bpf attach and detach operations with high packet per second load. Summary of changes: - Remove the bpf interface's "driverp" member - When we attach bpf interfaces, we now set the ifp->if_bpf member to the bpf interface structure. Once this is done, ifp->if_bpf should never be NULL. [1] - Introduce bpf_peers_present function, an inline operation which will do a lockless read bpf peer list associated with the interface. It should be noted that the bpf code will pickup the bpf_interface lock before adding or removing bpf peers. This should serialize the access to the bpf descriptor list, removing the race. - Expose the bpf_if structure in bpf.h so that the bpf_peers_present function can use it. This also removes the struct bpf_if; hack that was there. - Adjust all consumers of the raw if_bpf structure to use bpf_peers_present Now what happens is: (1) Packet is received by netif0 (2) Check to see if bpf descriptor list is empty (3) Pickup the bpf interface lock (4) Hand packet off to process From the attach/detach side: (1) Pickup the bpf interface lock (2) Add/remove from bpf descriptor list Now that we are storing the bpf interface structure with the ifnet, there is is no need to walk the bpf interface list to locate the correct bpf interface. We now simply look up the interface, and initialize the pointer. This has a nice side effect of changing a bpf interface attach operation from O(N) (where N is the number of bpf interfaces), to O(1). [1] From now on, we can no longer check ifp->if_bpf to tell us whether or not we have any bpf peers that might be interested in receiving packets. In collaboration with: sam@ MFC after: 1 month
2006-06-02 19:59:33 +00:00
if (bp != d->bd_bif) {
if (d->bd_bif)
/*
* Detach if attached to something else.
*/
bpf_detachd(d);
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
Fix the following bpf(4) race condition which can result in a panic: (1) bpf peer attaches to interface netif0 (2) Packet is received by netif0 (3) ifp->if_bpf pointer is checked and handed off to bpf (4) bpf peer detaches from netif0 resulting in ifp->if_bpf being initialized to NULL. (5) ifp->if_bpf is dereferenced by bpf machinery (6) Kaboom This race condition likely explains the various different kernel panics reported around sending SIGINT to tcpdump or dhclient processes. But really this race can result in kernel panics anywhere you have frequent bpf attach and detach operations with high packet per second load. Summary of changes: - Remove the bpf interface's "driverp" member - When we attach bpf interfaces, we now set the ifp->if_bpf member to the bpf interface structure. Once this is done, ifp->if_bpf should never be NULL. [1] - Introduce bpf_peers_present function, an inline operation which will do a lockless read bpf peer list associated with the interface. It should be noted that the bpf code will pickup the bpf_interface lock before adding or removing bpf peers. This should serialize the access to the bpf descriptor list, removing the race. - Expose the bpf_if structure in bpf.h so that the bpf_peers_present function can use it. This also removes the struct bpf_if; hack that was there. - Adjust all consumers of the raw if_bpf structure to use bpf_peers_present Now what happens is: (1) Packet is received by netif0 (2) Check to see if bpf descriptor list is empty (3) Pickup the bpf interface lock (4) Hand packet off to process From the attach/detach side: (1) Pickup the bpf interface lock (2) Add/remove from bpf descriptor list Now that we are storing the bpf interface structure with the ifnet, there is is no need to walk the bpf interface list to locate the correct bpf interface. We now simply look up the interface, and initialize the pointer. This has a nice side effect of changing a bpf interface attach operation from O(N) (where N is the number of bpf interfaces), to O(1). [1] From now on, we can no longer check ifp->if_bpf to tell us whether or not we have any bpf peers that might be interested in receiving packets. In collaboration with: sam@ MFC after: 1 month
2006-06-02 19:59:33 +00:00
bpf_attachd(d, bp);
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
}
Fix the following bpf(4) race condition which can result in a panic: (1) bpf peer attaches to interface netif0 (2) Packet is received by netif0 (3) ifp->if_bpf pointer is checked and handed off to bpf (4) bpf peer detaches from netif0 resulting in ifp->if_bpf being initialized to NULL. (5) ifp->if_bpf is dereferenced by bpf machinery (6) Kaboom This race condition likely explains the various different kernel panics reported around sending SIGINT to tcpdump or dhclient processes. But really this race can result in kernel panics anywhere you have frequent bpf attach and detach operations with high packet per second load. Summary of changes: - Remove the bpf interface's "driverp" member - When we attach bpf interfaces, we now set the ifp->if_bpf member to the bpf interface structure. Once this is done, ifp->if_bpf should never be NULL. [1] - Introduce bpf_peers_present function, an inline operation which will do a lockless read bpf peer list associated with the interface. It should be noted that the bpf code will pickup the bpf_interface lock before adding or removing bpf peers. This should serialize the access to the bpf descriptor list, removing the race. - Expose the bpf_if structure in bpf.h so that the bpf_peers_present function can use it. This also removes the struct bpf_if; hack that was there. - Adjust all consumers of the raw if_bpf structure to use bpf_peers_present Now what happens is: (1) Packet is received by netif0 (2) Check to see if bpf descriptor list is empty (3) Pickup the bpf interface lock (4) Hand packet off to process From the attach/detach side: (1) Pickup the bpf interface lock (2) Add/remove from bpf descriptor list Now that we are storing the bpf interface structure with the ifnet, there is is no need to walk the bpf interface list to locate the correct bpf interface. We now simply look up the interface, and initialize the pointer. This has a nice side effect of changing a bpf interface attach operation from O(N) (where N is the number of bpf interfaces), to O(1). [1] From now on, we can no longer check ifp->if_bpf to tell us whether or not we have any bpf peers that might be interested in receiving packets. In collaboration with: sam@ MFC after: 1 month
2006-06-02 19:59:33 +00:00
BPFD_LOCK(d);
reset_d(d);
BPFD_UNLOCK(d);
return (0);
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
}
/*
select -> poll Obtained from: NetBSD (I think)
1997-09-14 03:03:05 +00:00
* Support for select() and poll() system calls
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
*
* Return true iff the specific operation will not block indefinitely.
* Otherwise, return false but make a note that a selwakeup() must be done.
*/
Be consistent about "static" functions: if the function is marked static in its prototype, mark it static at the definition too. Inspired by: FlexeLint warning #512
2002-09-28 17:15:38 +00:00
static int
Since we are doing some bpf(4) clean up, change a couple of function prototypes to be consistent. Also, ANSI'fy function definitions. There is no functional change here.
2006-06-15 15:39:12 +00:00
bpfpoll(struct cdev *dev, int events, struct thread *td)
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
{
Add mutexes to the entire bpf subsystem to make it MPSAFE. Previously reviewed by: jhb, bde
2001-02-16 17:10:28 +00:00
struct bpf_d *d;
Fix bpf devices so select() recognizes that they are always writable. PR: 9355 Submitted by: Bruce Evans <bde@zeta.org.au> Reviewed by: Garrett Rooney <rooneg@electricjellyfish.net> (see pr :-)
2001-04-04 23:27:35 +00:00
int revents;
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
Change bpf(4) to use the cdevpriv API. Right now the bpf(4) driver uses the cloning API to generate /dev/bpf%u. When an application such as tcpdump needs a BPF, it opens /dev/bpf0, /dev/bpf1, etc. until it opens the first available device node. We used this approach, because our devfs implementation didn't allow per-descriptor data. Now that we can, make it use devfs_get_cdevpriv() to obtain the private data. To remain compatible with the existing implementation, add a symlink from /dev/bpf0 to /dev/bpf. I've already changed libpcap to compile with HAVE_CLONING_BPF, which makes it use /dev/bpf. There may be other applications in the base system (dhclient) that use the loop to obtain a valid bpf. Discussed on: src-committers Approved by: csjp
2008-08-13 15:41:21 +00:00
if (devfs_get_cdevpriv((void **)&d) != 0 || d->bd_bif == NULL)
return (events &
(POLLHUP|POLLIN|POLLRDNORM|POLLOUT|POLLWRNORM));
The advent of if_detach, allowing interface removal at runtime, makes it possible for a panic to occur if BPF is in use on the interface at the time of the call to if_detach. This happens because BPF maintains pointers to the struct ifnet describing the interface, which is freed by if_detach. To correct this problem, a new call, bpfdetach, is introduced. bpfdetach locates BPF descriptor references to the interface, and NULLs them. Other BPF code is modified so that discovery of a NULL interface results in ENXIO (already implemented for some calls). Processes blocked on a BPF call will also be woken up so that they can receive ENXIO. Interface drivers that invoke bpfattach and if_detach must be modified to also call bpfattach(ifp) before calling if_detach(ifp). This is relevant for buses that support hot removal, such as pccard and usb. Patches to all effected devices will not be committed, only to if_wi.c, due to testing limitations. To reproduce the crash, load up tcpdump on you favorite pccard ethernet card, and then eject the card. As some pccard drivers do not invoke if_detach(ifp), this bug will not manifest itself for those drivers. Reviewed by: wes
2000-03-19 05:42:34 +00:00
Instead of caching the PID which opened the bpf descriptor, continuously refresh the PID which has the descriptor open. The PID is refreshed in various operations like ioctl(2), kevent(2) or poll(2). This produces more accurate information about current bpf consumers. While we are here remove the bd_pcomm member of the bpf stats structure because now that we have an accurate PID we can lookup the via the kern.proc.pid sysctl variable. This is the trick that NetBSD decided to use to deal with this issue. Special care needs to be taken when MFC'ing this change, as we have made a change to the bpf stats structure. What will end up happening is we will leave the pcomm structure but just mark it as being un-used. This way we keep the ABI in tact. MFC after: 1 month Discussed with: Rui Paulo < rpaulo at NetBSD dot org >
2005-09-05 23:08:04 +00:00
/*
* Refresh PID associated with this descriptor.
*/
Fix bpf devices so select() recognizes that they are always writable. PR: 9355 Submitted by: Bruce Evans <bde@zeta.org.au> Reviewed by: Garrett Rooney <rooneg@electricjellyfish.net> (see pr :-)
2001-04-04 23:27:35 +00:00
revents = events & (POLLOUT | POLLWRNORM);
Add mutexes to the entire bpf subsystem to make it MPSAFE. Previously reviewed by: jhb, bde
2001-02-16 17:10:28 +00:00
BPFD_LOCK(d);
Protect PID initializations for statistics by the bpf descriptor locks. Also while we are here, protect the bpf descriptor during knlist_remove{add} operations. Discussed with: rwatson
2005-10-04 15:06:10 +00:00
d->bd_pid = td->td_proc->p_pid;
This Implements the mumbled about "Jail" feature. This is a seriously beefed up chroot kind of thing. The process is jailed along the same lines as a chroot does it, but with additional tough restrictions imposed on what the superuser can do. For all I know, it is safe to hand over the root bit inside a prison to the customer living in that prison, this is what it was developed for in fact: "real virtual servers". Each prison has an ip number associated with it, which all IP communications will be coerced to use and each prison has its own hostname. Needless to say, you need more RAM this way, but the advantage is that each customer can run their own particular version of apache and not stomp on the toes of their neighbors. It generally does what one would expect, but setting up a jail still takes a little knowledge. A few notes: I have no scripts for setting up a jail, don't ask me for them. The IP number should be an alias on one of the interfaces. mount a /proc in each jail, it will make ps more useable. /proc/<pid>/status tells the hostname of the prison for jailed processes. Quotas are only sensible if you have a mountpoint per prison. There are no privisions for stopping resource-hogging. Some "#ifdef INET" and similar may be missing (send patches!) If somebody wants to take it from here and develop it into more of a "virtual machine" they should be most welcome! Tools, comments, patches & documentation most welcome. Have fun... Sponsored by: http://www.rndassociates.com/ Run for almost a year by: http://www.servetheweb.com/
1999-04-28 11:38:52 +00:00
if (events & (POLLIN | POLLRDNORM)) {
add support for using kqueue to watch bpf sockets. Submitted by: Brian Buchanan of nCircle, Inc. Tested on: i386 and sparc64
2003-08-05 07:12:49 +00:00
if (bpf_ready(d))
select -> poll Obtained from: NetBSD (I think)
1997-09-14 03:03:05 +00:00
revents |= events & (POLLIN | POLLRDNORM);
Make bpf's read timeout feature work more correctly with select/poll, and therefore with pthreads. I doubt there is any way to make this 100% semantically identical to the way it behaves in unthreaded programs with blocking reads, but the solution here should do the right thing for all reasonable usage patterns. The basic idea is to schedule a callout for the read timeout when a select/poll is done. When the callout fires, it ends the select if it is still in progress, or marks the state as "timed out" if the select has already ended for some other reason. Additional logic in bpfread then does the right thing in the case where the timeout has fired. Note, I co-opted the bd_state member of the bpf_d structure. It has been present in the structure since the initial import of 4.4-lite, but as far as I can tell it has never been used. PR: kern/22063 and bin/31649 MFC after: 3 days
2001-12-14 22:17:54 +00:00
else {
Use the passed in thread to selrecord() instead of curthread.
2001-09-21 22:46:54 +00:00
selrecord(td, &d->bd_sel);
Make bpf's read timeout feature work more correctly with select/poll, and therefore with pthreads. I doubt there is any way to make this 100% semantically identical to the way it behaves in unthreaded programs with blocking reads, but the solution here should do the right thing for all reasonable usage patterns. The basic idea is to schedule a callout for the read timeout when a select/poll is done. When the callout fires, it ends the select if it is still in progress, or marks the state as "timed out" if the select has already ended for some other reason. Additional logic in bpfread then does the right thing in the case where the timeout has fired. Note, I co-opted the bd_state member of the bpf_d structure. It has been present in the structure since the initial import of 4.4-lite, but as far as I can tell it has never been used. PR: kern/22063 and bin/31649 MFC after: 3 days
2001-12-14 22:17:54 +00:00
/* Start the read timeout if necessary. */
if (d->bd_rtout > 0 && d->bd_state == BPF_IDLE) {
callout_reset(&d->bd_callout, d->bd_rtout,
bpf_timed_out, d);
d->bd_state = BPF_WAITING;
}
}
This Implements the mumbled about "Jail" feature. This is a seriously beefed up chroot kind of thing. The process is jailed along the same lines as a chroot does it, but with additional tough restrictions imposed on what the superuser can do. For all I know, it is safe to hand over the root bit inside a prison to the customer living in that prison, this is what it was developed for in fact: "real virtual servers". Each prison has an ip number associated with it, which all IP communications will be coerced to use and each prison has its own hostname. Needless to say, you need more RAM this way, but the advantage is that each customer can run their own particular version of apache and not stomp on the toes of their neighbors. It generally does what one would expect, but setting up a jail still takes a little knowledge. A few notes: I have no scripts for setting up a jail, don't ask me for them. The IP number should be an alias on one of the interfaces. mount a /proc in each jail, it will make ps more useable. /proc/<pid>/status tells the hostname of the prison for jailed processes. Quotas are only sensible if you have a mountpoint per prison. There are no privisions for stopping resource-hogging. Some "#ifdef INET" and similar may be missing (send patches!) If somebody wants to take it from here and develop it into more of a "virtual machine" they should be most welcome! Tools, comments, patches & documentation most welcome. Have fun... Sponsored by: http://www.rndassociates.com/ Run for almost a year by: http://www.servetheweb.com/
1999-04-28 11:38:52 +00:00
}
Add mutexes to the entire bpf subsystem to make it MPSAFE. Previously reviewed by: jhb, bde
2001-02-16 17:10:28 +00:00
BPFD_UNLOCK(d);
select -> poll Obtained from: NetBSD (I think)
1997-09-14 03:03:05 +00:00
return (revents);
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
}
add support for using kqueue to watch bpf sockets. Submitted by: Brian Buchanan of nCircle, Inc. Tested on: i386 and sparc64
2003-08-05 07:12:49 +00:00
/*
* Support for kevent() system call. Register EVFILT_READ filters and
* reject all others.
*/
int
Since we are doing some bpf(4) clean up, change a couple of function prototypes to be consistent. Also, ANSI'fy function definitions. There is no functional change here.
2006-06-15 15:39:12 +00:00
bpfkqfilter(struct cdev *dev, struct knote *kn)
add support for using kqueue to watch bpf sockets. Submitted by: Brian Buchanan of nCircle, Inc. Tested on: i386 and sparc64
2003-08-05 07:12:49 +00:00
{
Change bpf(4) to use the cdevpriv API. Right now the bpf(4) driver uses the cloning API to generate /dev/bpf%u. When an application such as tcpdump needs a BPF, it opens /dev/bpf0, /dev/bpf1, etc. until it opens the first available device node. We used this approach, because our devfs implementation didn't allow per-descriptor data. Now that we can, make it use devfs_get_cdevpriv() to obtain the private data. To remain compatible with the existing implementation, add a symlink from /dev/bpf0 to /dev/bpf. I've already changed libpcap to compile with HAVE_CLONING_BPF, which makes it use /dev/bpf. There may be other applications in the base system (dhclient) that use the loop to obtain a valid bpf. Discussed on: src-committers Approved by: csjp
2008-08-13 15:41:21 +00:00
struct bpf_d *d;
add support for using kqueue to watch bpf sockets. Submitted by: Brian Buchanan of nCircle, Inc. Tested on: i386 and sparc64
2003-08-05 07:12:49 +00:00
Change bpf(4) to use the cdevpriv API. Right now the bpf(4) driver uses the cloning API to generate /dev/bpf%u. When an application such as tcpdump needs a BPF, it opens /dev/bpf0, /dev/bpf1, etc. until it opens the first available device node. We used this approach, because our devfs implementation didn't allow per-descriptor data. Now that we can, make it use devfs_get_cdevpriv() to obtain the private data. To remain compatible with the existing implementation, add a symlink from /dev/bpf0 to /dev/bpf. I've already changed libpcap to compile with HAVE_CLONING_BPF, which makes it use /dev/bpf. There may be other applications in the base system (dhclient) that use the loop to obtain a valid bpf. Discussed on: src-committers Approved by: csjp
2008-08-13 15:41:21 +00:00
if (devfs_get_cdevpriv((void **)&d) != 0 ||
kn->kn_filter != EVFILT_READ)
add support for using kqueue to watch bpf sockets. Submitted by: Brian Buchanan of nCircle, Inc. Tested on: i386 and sparc64
2003-08-05 07:12:49 +00:00
return (1);
Remove trailing whitespace from lines in BPF. MFC after: 3 days
2007-12-23 14:10:33 +00:00
/*
Instead of caching the PID which opened the bpf descriptor, continuously refresh the PID which has the descriptor open. The PID is refreshed in various operations like ioctl(2), kevent(2) or poll(2). This produces more accurate information about current bpf consumers. While we are here remove the bd_pcomm member of the bpf stats structure because now that we have an accurate PID we can lookup the via the kern.proc.pid sysctl variable. This is the trick that NetBSD decided to use to deal with this issue. Special care needs to be taken when MFC'ing this change, as we have made a change to the bpf stats structure. What will end up happening is we will leave the pcomm structure but just mark it as being un-used. This way we keep the ABI in tact. MFC after: 1 month Discussed with: Rui Paulo < rpaulo at NetBSD dot org >
2005-09-05 23:08:04 +00:00
* Refresh PID associated with this descriptor.
*/
Protect PID initializations for statistics by the bpf descriptor locks. Also while we are here, protect the bpf descriptor during knlist_remove{add} operations. Discussed with: rwatson
2005-10-04 15:06:10 +00:00
BPFD_LOCK(d);
Instead of caching the PID which opened the bpf descriptor, continuously refresh the PID which has the descriptor open. The PID is refreshed in various operations like ioctl(2), kevent(2) or poll(2). This produces more accurate information about current bpf consumers. While we are here remove the bd_pcomm member of the bpf stats structure because now that we have an accurate PID we can lookup the via the kern.proc.pid sysctl variable. This is the trick that NetBSD decided to use to deal with this issue. Special care needs to be taken when MFC'ing this change, as we have made a change to the bpf stats structure. What will end up happening is we will leave the pcomm structure but just mark it as being un-used. This way we keep the ABI in tact. MFC after: 1 month Discussed with: Rui Paulo < rpaulo at NetBSD dot org >
2005-09-05 23:08:04 +00:00
d->bd_pid = curthread->td_proc->p_pid;
add support for using kqueue to watch bpf sockets. Submitted by: Brian Buchanan of nCircle, Inc. Tested on: i386 and sparc64
2003-08-05 07:12:49 +00:00
kn->kn_fop = &bpfread_filtops;
kn->kn_hook = d;
Adjust descriptor locking to tell the kqueue subsystem that our descriptor is already locked. The reason to do this is to avoid two lock+unlock operations in a row. We need the lock here to serialize access to bd_pid for stats collection purposes. Drop the locks all together on detach, as they will be picked up by knlist_remove. This should fix a failed locking assertion when kqueue is being used with bpf descriptors. Discussed with: jmg
2006-07-03 20:02:06 +00:00
knlist_add(&d->bd_sel.si_note, kn, 1);
Protect PID initializations for statistics by the bpf descriptor locks. Also while we are here, protect the bpf descriptor during knlist_remove{add} operations. Discussed with: rwatson
2005-10-04 15:06:10 +00:00
BPFD_UNLOCK(d);
add support for using kqueue to watch bpf sockets. Submitted by: Brian Buchanan of nCircle, Inc. Tested on: i386 and sparc64
2003-08-05 07:12:49 +00:00
return (0);
}
static void
Since we are doing some bpf(4) clean up, change a couple of function prototypes to be consistent. Also, ANSI'fy function definitions. There is no functional change here.
2006-06-15 15:39:12 +00:00
filt_bpfdetach(struct knote *kn)
add support for using kqueue to watch bpf sockets. Submitted by: Brian Buchanan of nCircle, Inc. Tested on: i386 and sparc64
2003-08-05 07:12:49 +00:00
{
struct bpf_d *d = (struct bpf_d *)kn->kn_hook;
Add locking to the kqueue subsystem. This also makes the kqueue subsystem a more complete subsystem, and removes the knowlege of how things are implemented from the drivers. Include locking around filter ops, so a module like aio will know when not to be unloaded if there are outstanding knotes using it's filter ops. Currently, it uses the MTX_DUPOK even though it is not always safe to aquire duplicate locks. Witness currently doesn't support the ability to discover if a dup lock is ok (in some cases). Reviewed by: green, rwatson (both earlier versions)
2004-08-15 06:24:42 +00:00
knlist_remove(&d->bd_sel.si_note, kn, 0);
add support for using kqueue to watch bpf sockets. Submitted by: Brian Buchanan of nCircle, Inc. Tested on: i386 and sparc64
2003-08-05 07:12:49 +00:00
}
static int
Since we are doing some bpf(4) clean up, change a couple of function prototypes to be consistent. Also, ANSI'fy function definitions. There is no functional change here.
2006-06-15 15:39:12 +00:00
filt_bpfread(struct knote *kn, long hint)
add support for using kqueue to watch bpf sockets. Submitted by: Brian Buchanan of nCircle, Inc. Tested on: i386 and sparc64
2003-08-05 07:12:49 +00:00
{
struct bpf_d *d = (struct bpf_d *)kn->kn_hook;
int ready;
don't try to recurse on the bpf lock.. kqueue already locks the bpf lock now... Submitted by: Ed Maste of Sandvine Inc. MFC after: 1 week
2004-12-17 03:21:46 +00:00
BPFD_LOCK_ASSERT(d);
add support for using kqueue to watch bpf sockets. Submitted by: Brian Buchanan of nCircle, Inc. Tested on: i386 and sparc64
2003-08-05 07:12:49 +00:00
ready = bpf_ready(d);
if (ready) {
kn->kn_data = d->bd_slen;
if (d->bd_hbuf)
kn->kn_data += d->bd_hlen;
}
else if (d->bd_rtout > 0 && d->bd_state == BPF_IDLE) {
callout_reset(&d->bd_callout, d->bd_rtout,
bpf_timed_out, d);
d->bd_state = BPF_WAITING;
}
Random style fixes and a comment update. No functional changes.
2004-02-16 18:19:15 +00:00
add support for using kqueue to watch bpf sockets. Submitted by: Brian Buchanan of nCircle, Inc. Tested on: i386 and sparc64
2003-08-05 07:12:49 +00:00
return (ready);
}
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
/*
* Incoming linkage from device drivers. Process the packet pkt, of length
* pktlen, which is stored in a contiguous buffer. The packet is parsed
* by each process' filter, and if accepted, stashed into the corresponding
* buffer.
*/
void
Since we are doing some bpf(4) clean up, change a couple of function prototypes to be consistent. Also, ANSI'fy function definitions. There is no functional change here.
2006-06-15 15:39:12 +00:00
bpf_tap(struct bpf_if *bp, u_char *pkt, u_int pktlen)
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
{
Clean up whitespace, s/register //, refrain from strong urge to ANSIfy.
2003-03-02 15:56:49 +00:00
struct bpf_d *d;
u_int slen;
Rather than calling mircotime() in catchpacket(), make catchpacket() take a timeval indicating when the packet was captured. Move microtime() to the calling functions and grab the timestamp as soon as we know that we're going to call catchpacket at least once. This means that we call microtime() once per matched packet, as opposed to once per matched packet per bpf listener. It also means that we return the same timestamp to all bpf listeners, rather than slightly different ones. It would be more accurate to call microtime() even earlier for all packets, as you have to grab (1+#listener) locks before you can determine if the packet will be logged. You could always grab a timestamp before the locks, but microtime() can be costly, so this didn't seem like a good idea. (I guess most ethernet interfaces will have a bpf listener these days because of dhclient. That means that we could be doing two bpf locks on most packets going through the interface.) PR: 71711
2006-07-24 15:42:04 +00:00
int gottime;
struct timeval tv;
Add mutexes to the entire bpf subsystem to make it MPSAFE. Previously reviewed by: jhb, bde
2001-02-16 17:10:28 +00:00
Rather than calling mircotime() in catchpacket(), make catchpacket() take a timeval indicating when the packet was captured. Move microtime() to the calling functions and grab the timestamp as soon as we know that we're going to call catchpacket at least once. This means that we call microtime() once per matched packet, as opposed to once per matched packet per bpf listener. It also means that we return the same timestamp to all bpf listeners, rather than slightly different ones. It would be more accurate to call microtime() even earlier for all packets, as you have to grab (1+#listener) locks before you can determine if the packet will be logged. You could always grab a timestamp before the locks, but microtime() can be costly, so this didn't seem like a good idea. (I guess most ethernet interfaces will have a bpf listener these days because of dhclient. That means that we could be doing two bpf locks on most packets going through the interface.) PR: 71711
2006-07-24 15:42:04 +00:00
gottime = 0;
Add mutexes to the entire bpf subsystem to make it MPSAFE. Previously reviewed by: jhb, bde
2001-02-16 17:10:28 +00:00
BPFIF_LOCK(bp);
Reformulate use of linked lists in 'struct bpf_d' and 'struct bpf_if' to use queue(3) list macros rather than hand-crafted lists. While here, move to doubly linked lists to eliminate iterating lists in order to remove entries. This change simplifies and clarifies the list logic in the BPF descriptor code as a first step towards revising the locking strategy. RELENG_5 candidate. Reviewed by: fenner
2004-09-09 00:19:27 +00:00
LIST_FOREACH(d, &bp->bif_dlist, bd_next) {
Add mutexes to the entire bpf subsystem to make it MPSAFE. Previously reviewed by: jhb, bde
2001-02-16 17:10:28 +00:00
BPFD_LOCK(d);
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
++d->bd_rcount;
Annotate why we do not call BPF_CHECK_DIRECTION() in this tapping routine. There is no way for the caller to tell us which direction this packet is going. With the bpf_mtap{2} routines, we can check the interface pointer. MFC after: 2 weeks
2008-08-01 21:38:46 +00:00
/*
* NB: We dont call BPF_CHECK_DIRECTION() here since there is no
* way for the caller to indiciate to us whether this packet
* is inbound or outbound. In the bpf_mtap() routines, we use
* the interface pointers on the mbuf to figure it out.
*/
Add experimental BPF Just-In-Time compiler for amd64 and i386. Use the following kernel configuration option to enable: options BPF_JITTER If you want to use bpf_filter() instead (e. g., debugging), do: sysctl net.bpf.jitter.enable=0 to turn it off. Currently BIOCSETWF and bpf_mtap2() are unsupported, and bpf_mtap() is partially supported because 1) no need, 2) avoid expensive m_copydata(9). Obtained from: WinPcap 3.1 (for i386)
2005-12-06 02:58:12 +00:00
#ifdef BPF_JITTER
if (bpf_jitter_enable != 0 && d->bd_bfilter != NULL)
slen = (*(d->bd_bfilter->func))(pkt, pktlen, pktlen);
else
#endif
Introduce two new ioctl(2) commands, BIOCLOCK and BIOCSETWF. These commands enhance the security of bpf(4) by further relinquishing the privilege of the bpf(4) consumer (assuming the ioctl commands are being implemented). Once BIOCLOCK is executed, the device becomes locked which prevents the execution of ioctl(2) commands which can change the underly parameters of the bpf(4) device. An example might be the setting of bpf(4) filter programs or attaching to different network interfaces. BIOCSETWF can be used to set write filters for outgoing packets. Currently if a bpf(4) consumer is compromised, the bpf(4) descriptor can essentially be used as a raw socket, regardless of consumer's UID. Write filters give users the ability to constrain which packets can be sent through the bpf(4) descriptor. These features are currently implemented by a couple programs which came from OpenBSD, such as the new dhclient and pflogd. -Modify bpf_setf(9) to accept a "cmd" parameter. This will be used to specify whether a read or write filter is to be set. -Add a bpf(4) filter program as a parameter to bpf_movein(9) as we will run the filter program on the mbuf data once we move the packet in from user-space. -Rather than execute two uiomove operations, (one for the link header and the other for the packet data), execute one and manually copy the linker header into the sockaddr structure via bcopy. -Restructure bpf_setf to compensate for write filters, as well as read. -Adjust bpf(4) stats structures to include a bd_locked member. It should be noted that the FreeBSD and OpenBSD implementations differ a bit in the sense that we unconditionally enforce the lock, where OpenBSD enforces it only if the calling credential is not root. Idea from: OpenBSD Reviewed by: mlaier
2005-08-22 19:35:48 +00:00
slen = bpf_filter(d->bd_rfilter, pkt, pktlen, pktlen);
Introduce support for Mandatory Access Control and extensible kernel access control. Invoke a MAC framework entry point to authorize reception of an incoming mbuf by the BPF descriptor, permitting MAC policies to limit the visibility of packets delivered to particular BPF descriptors. Obtained from: TrustedBSD Project Sponsored by: DARPA, NAI Labs
2002-07-31 16:11:32 +00:00
if (slen != 0) {
Introduce new sysctl variable: net.bpf.stats. This sysctl variable can be used to pass statistics regarding dropped, matched and received packet counts from the kernel to user-space. While we are here introduce a new counter for filtered or matched packets. We currently keep track of packets received or dropped by the bpf device, but not how many packets actually matched the bpf filter. -Introduce net.bpf.stats sysctl OID -Move sysctl variables after the function prototypes so we can reference bpf_stats_sysctl(9) without build errors. -Introduce bpf descriptor counter which is used mainly for sizing of the xbpf_d array. -Introduce a xbpf_d structure which will act as an external representation of the bpf_d structure. -Add a the following members to the bpfd structure: bd_fcount - Number of packets which matched bpf filter bd_pid - PID which opened the bpf device bd_pcomm - Process name which opened the device. It should be noted that it's possible that the process which opened the device could be long gone at the time of stats collection. An example might be a process that opens the bpf device forks then exits leaving the child process with the bpf fd. Reviewed by: mdodd
2005-07-24 17:21:17 +00:00
d->bd_fcount++;
Rather than calling mircotime() in catchpacket(), make catchpacket() take a timeval indicating when the packet was captured. Move microtime() to the calling functions and grab the timestamp as soon as we know that we're going to call catchpacket at least once. This means that we call microtime() once per matched packet, as opposed to once per matched packet per bpf listener. It also means that we return the same timestamp to all bpf listeners, rather than slightly different ones. It would be more accurate to call microtime() even earlier for all packets, as you have to grab (1+#listener) locks before you can determine if the packet will be logged. You could always grab a timestamp before the locks, but microtime() can be costly, so this didn't seem like a good idea. (I guess most ethernet interfaces will have a bpf listener these days because of dhclient. That means that we could be doing two bpf locks on most packets going through the interface.) PR: 71711
2006-07-24 15:42:04 +00:00
if (!gottime) {
microtime(&tv);
gottime = 1;
}
Introduce support for Mandatory Access Control and extensible kernel access control. Invoke a MAC framework entry point to authorize reception of an incoming mbuf by the BPF descriptor, permitting MAC policies to limit the visibility of packets delivered to particular BPF descriptors. Obtained from: TrustedBSD Project Sponsored by: DARPA, NAI Labs
2002-07-31 16:11:32 +00:00
#ifdef MAC
Merge first in a series of TrustedBSD MAC Framework KPI changes from Mac OS X Leopard--rationalize naming for entry points to the following general forms: mac_<object>_<method/action> mac_<object>_check_<method/action> The previous naming scheme was inconsistent and mostly reversed from the new scheme. Also, make object types more consistent and remove spaces from object types that contain multiple parts ("posix_sem" -> "posixsem") to make mechanical parsing easier. Introduce a new "netinet" object type for certain IPv4/IPv6-related methods. Also simplify, slightly, some entry point names. All MAC policy modules will need to be recompiled, and modules not updates as part of this commit will need to be modified to conform to the new KPI. Sponsored by: SPARTA (original patches against Mac OS X) Obtained from: TrustedBSD Project, Apple Computer
2007-10-24 19:04:04 +00:00
if (mac_bpfdesc_check_receive(d, bp->bif_ifp) == 0)
Introduce support for Mandatory Access Control and extensible kernel access control. Invoke a MAC framework entry point to authorize reception of an incoming mbuf by the BPF descriptor, permitting MAC policies to limit the visibility of packets delivered to particular BPF descriptors. Obtained from: TrustedBSD Project Sponsored by: DARPA, NAI Labs
2002-07-31 16:11:32 +00:00
#endif
Introduce support for zero-copy BPF buffering, which reduces the overhead of packet capture by allowing a user process to directly "loan" buffer memory to the kernel rather than using read(2) to explicitly copy data from kernel address space. The user process will issue new BPF ioctls to set the shared memory buffer mode and provide pointers to buffers and their size. The kernel then wires and maps the pages into kernel address space using sf_buf(9), which on supporting architectures will use the direct map region. The current "buffered" access mode remains the default, and support for zero-copy buffers must, for the time being, be explicitly enabled using a sysctl for the kernel to accept requests to use it. The kernel and user process synchronize use of the buffers with atomic operations, avoiding the need for system calls under load; the user process may use select()/poll()/kqueue() to manage blocking while waiting for network data if the user process is able to consume data faster than the kernel generates it. Patchs to libpcap are available to allow libpcap applications to transparently take advantage of this support. Detailed information on the new API may be found in bpf(4), including specific atomic operations and memory barriers required to synchronize buffer use safely. These changes modify the base BPF implementation to (roughly) abstrac the current buffer model, allowing the new shared memory model to be added, and add new monitoring statistics for netstat to print. The implementation, with the exception of some monitoring hanges that break the netstat monitoring ABI for BPF, will be MFC'd. Zerocopy bpf buffers are still considered experimental are disabled by default. To experiment with this new facility, adjust the net.bpf.zerocopy_enable sysctl variable to 1. Changes to libpcap will be made available as a patch for the time being, and further refinements to the implementation are expected. Sponsored by: Seccuris Inc. In collaboration with: rwatson Tested by: pwood, gallatin MFC after: 4 months [1] [1] Certain portions will probably not be MFCed, specifically things that can break the monitoring ABI.
2008-03-24 13:49:17 +00:00
catchpacket(d, pkt, pktlen, slen,
bpf_append_bytes, &tv);
Introduce support for Mandatory Access Control and extensible kernel access control. Invoke a MAC framework entry point to authorize reception of an incoming mbuf by the BPF descriptor, permitting MAC policies to limit the visibility of packets delivered to particular BPF descriptors. Obtained from: TrustedBSD Project Sponsored by: DARPA, NAI Labs
2002-07-31 16:11:32 +00:00
}
Add mutexes to the entire bpf subsystem to make it MPSAFE. Previously reviewed by: jhb, bde
2001-02-16 17:10:28 +00:00
BPFD_UNLOCK(d);
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
}
Add mutexes to the entire bpf subsystem to make it MPSAFE. Previously reviewed by: jhb, bde
2001-02-16 17:10:28 +00:00
BPFIF_UNLOCK(bp);
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
}
Check packet directions more properly instead of just checking received interface is null. PR: kern/123138 Submitted by: Dmitry (hanabana at mail dot ru) MFC after: 1 week
2008-04-28 19:42:11 +00:00
#define BPF_CHECK_DIRECTION(d, r, i) \
(((d)->bd_direction == BPF_D_IN && (r) != (i)) || \
((d)->bd_direction == BPF_D_OUT && (r) == (i)))
Add three new ioctl(2) commands for bpf(4). - BIOCGDIRECTION and BIOCSDIRECTION get or set the setting determining whether incoming, outgoing, or all packets on the interface should be returned by BPF. Set to BPF_D_IN to see only incoming packets on the interface. Set to BPF_D_INOUT to see packets originating locally and remotely on the interface. Set to BPF_D_OUT to see only outgoing packets on the interface. This setting is initialized to BPF_D_INOUT by default. BIOCGSEESENT and BIOCSSEESENT are obsoleted by these but kept for backward compatibility. - BIOCFEEDBACK sets packet feedback mode. This allows injected packets to be fed back as input to the interface when output via the interface is successful. When BPF_D_INOUT direction is set, injected outgoing packet is not returned by BPF to avoid duplication. This flag is initialized to zero by default. Note that libpcap has been modified to support BPF_D_OUT direction for pcap_setdirection(3) and PCAP_D_OUT direction is functional now. Reviewed by: rwatson
2007-02-26 22:24:14 +00:00
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
/*
* Incoming linkage from device drivers, when packet is in an mbuf chain.
*/
void
Since we are doing some bpf(4) clean up, change a couple of function prototypes to be consistent. Also, ANSI'fy function definitions. There is no functional change here.
2006-06-15 15:39:12 +00:00
bpf_mtap(struct bpf_if *bp, struct mbuf *m)
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
{
struct bpf_d *d;
u_int pktlen, slen;
Rather than calling mircotime() in catchpacket(), make catchpacket() take a timeval indicating when the packet was captured. Move microtime() to the calling functions and grab the timestamp as soon as we know that we're going to call catchpacket at least once. This means that we call microtime() once per matched packet, as opposed to once per matched packet per bpf listener. It also means that we return the same timestamp to all bpf listeners, rather than slightly different ones. It would be more accurate to call microtime() even earlier for all packets, as you have to grab (1+#listener) locks before you can determine if the packet will be logged. You could always grab a timestamp before the locks, but microtime() can be costly, so this didn't seem like a good idea. (I guess most ethernet interfaces will have a bpf listener these days because of dhclient. That means that we could be doing two bpf locks on most packets going through the interface.) PR: 71711
2006-07-24 15:42:04 +00:00
int gottime;
struct timeval tv;
Revert the previous commit and use M_PROMISC flag instead. It is safer because it will never be used for outgoing packets.
2008-04-15 17:08:24 +00:00
/* Skip outgoing duplicate packets. */
if ((m->m_flags & M_PROMISC) != 0 && m->m_pkthdr.rcvif == NULL) {
m->m_flags &= ~M_PROMISC;
return;
}
Rather than calling mircotime() in catchpacket(), make catchpacket() take a timeval indicating when the packet was captured. Move microtime() to the calling functions and grab the timestamp as soon as we know that we're going to call catchpacket at least once. This means that we call microtime() once per matched packet, as opposed to once per matched packet per bpf listener. It also means that we return the same timestamp to all bpf listeners, rather than slightly different ones. It would be more accurate to call microtime() even earlier for all packets, as you have to grab (1+#listener) locks before you can determine if the packet will be logged. You could always grab a timestamp before the locks, but microtime() can be costly, so this didn't seem like a good idea. (I guess most ethernet interfaces will have a bpf listener these days because of dhclient. That means that we could be doing two bpf locks on most packets going through the interface.) PR: 71711
2006-07-24 15:42:04 +00:00
gottime = 0;
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
Use m_length() instead of home-rolled. In bpf_mtap(), if the entire packet is in one mbuf, call bpf_tap() instead since it is a tad faster. Sponsored by: http://www.babeltech.dk/
2002-09-18 19:48:59 +00:00
pktlen = m_length(m, NULL);
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
Add mutexes to the entire bpf subsystem to make it MPSAFE. Previously reviewed by: jhb, bde
2001-02-16 17:10:28 +00:00
BPFIF_LOCK(bp);
Reformulate use of linked lists in 'struct bpf_d' and 'struct bpf_if' to use queue(3) list macros rather than hand-crafted lists. While here, move to doubly linked lists to eliminate iterating lists in order to remove entries. This change simplifies and clarifies the list logic in the BPF descriptor code as a first step towards revising the locking strategy. RELENG_5 candidate. Reviewed by: fenner
2004-09-09 00:19:27 +00:00
LIST_FOREACH(d, &bp->bif_dlist, bd_next) {
Check packet directions more properly instead of just checking received interface is null. PR: kern/123138 Submitted by: Dmitry (hanabana at mail dot ru) MFC after: 1 week
2008-04-28 19:42:11 +00:00
if (BPF_CHECK_DIRECTION(d, m->m_pkthdr.rcvif, bp->bif_ifp))
Introduce a new bd_seesent flag to the BPF descriptor, indicating whether or not the current BPF device should report locally generated packets or not. This allows sniffing applications to see only packets that are not generated locally, which can be useful for debugging bridging problems, or other situations where MAC addresses are not sufficient to identify locally sourced packets. Default to true for this flag, so as to provide existing behavior by default. Introduce two new ioctls, BIOCGSEESENT and BIOCSSEESENT, which may be used to manipulate this flag from userland, given appropriate privilege. Modify bpf.4 to document these two new ioctl arguments. Reviewed by: asmodai
2000-03-18 06:30:42 +00:00
continue;
Add mutexes to the entire bpf subsystem to make it MPSAFE. Previously reviewed by: jhb, bde
2001-02-16 17:10:28 +00:00
BPFD_LOCK(d);
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
++d->bd_rcount;
Add experimental BPF Just-In-Time compiler for amd64 and i386. Use the following kernel configuration option to enable: options BPF_JITTER If you want to use bpf_filter() instead (e. g., debugging), do: sysctl net.bpf.jitter.enable=0 to turn it off. Currently BIOCSETWF and bpf_mtap2() are unsupported, and bpf_mtap() is partially supported because 1) no need, 2) avoid expensive m_copydata(9). Obtained from: WinPcap 3.1 (for i386)
2005-12-06 02:58:12 +00:00
#ifdef BPF_JITTER
/* XXX We cannot handle multiple mbufs. */
if (bpf_jitter_enable != 0 && d->bd_bfilter != NULL &&
m->m_next == NULL)
slen = (*(d->bd_bfilter->func))(mtod(m, u_char *),
pktlen, pktlen);
else
#endif
Introduce two new ioctl(2) commands, BIOCLOCK and BIOCSETWF. These commands enhance the security of bpf(4) by further relinquishing the privilege of the bpf(4) consumer (assuming the ioctl commands are being implemented). Once BIOCLOCK is executed, the device becomes locked which prevents the execution of ioctl(2) commands which can change the underly parameters of the bpf(4) device. An example might be the setting of bpf(4) filter programs or attaching to different network interfaces. BIOCSETWF can be used to set write filters for outgoing packets. Currently if a bpf(4) consumer is compromised, the bpf(4) descriptor can essentially be used as a raw socket, regardless of consumer's UID. Write filters give users the ability to constrain which packets can be sent through the bpf(4) descriptor. These features are currently implemented by a couple programs which came from OpenBSD, such as the new dhclient and pflogd. -Modify bpf_setf(9) to accept a "cmd" parameter. This will be used to specify whether a read or write filter is to be set. -Add a bpf(4) filter program as a parameter to bpf_movein(9) as we will run the filter program on the mbuf data once we move the packet in from user-space. -Rather than execute two uiomove operations, (one for the link header and the other for the packet data), execute one and manually copy the linker header into the sockaddr structure via bcopy. -Restructure bpf_setf to compensate for write filters, as well as read. -Adjust bpf(4) stats structures to include a bd_locked member. It should be noted that the FreeBSD and OpenBSD implementations differ a bit in the sense that we unconditionally enforce the lock, where OpenBSD enforces it only if the calling credential is not root. Idea from: OpenBSD Reviewed by: mlaier
2005-08-22 19:35:48 +00:00
slen = bpf_filter(d->bd_rfilter, (u_char *)m, pktlen, 0);
Add missing braces around bpf_filter which were missed when I merged the bpfstat code. Pointed out by: iedowse Pointy hat to: csjp MFC after: 3 days
2005-08-18 22:30:52 +00:00
if (slen != 0) {
Introduce new sysctl variable: net.bpf.stats. This sysctl variable can be used to pass statistics regarding dropped, matched and received packet counts from the kernel to user-space. While we are here introduce a new counter for filtered or matched packets. We currently keep track of packets received or dropped by the bpf device, but not how many packets actually matched the bpf filter. -Introduce net.bpf.stats sysctl OID -Move sysctl variables after the function prototypes so we can reference bpf_stats_sysctl(9) without build errors. -Introduce bpf descriptor counter which is used mainly for sizing of the xbpf_d array. -Introduce a xbpf_d structure which will act as an external representation of the bpf_d structure. -Add a the following members to the bpfd structure: bd_fcount - Number of packets which matched bpf filter bd_pid - PID which opened the bpf device bd_pcomm - Process name which opened the device. It should be noted that it's possible that the process which opened the device could be long gone at the time of stats collection. An example might be a process that opens the bpf device forks then exits leaving the child process with the bpf fd. Reviewed by: mdodd
2005-07-24 17:21:17 +00:00
d->bd_fcount++;
Rather than calling mircotime() in catchpacket(), make catchpacket() take a timeval indicating when the packet was captured. Move microtime() to the calling functions and grab the timestamp as soon as we know that we're going to call catchpacket at least once. This means that we call microtime() once per matched packet, as opposed to once per matched packet per bpf listener. It also means that we return the same timestamp to all bpf listeners, rather than slightly different ones. It would be more accurate to call microtime() even earlier for all packets, as you have to grab (1+#listener) locks before you can determine if the packet will be logged. You could always grab a timestamp before the locks, but microtime() can be costly, so this didn't seem like a good idea. (I guess most ethernet interfaces will have a bpf listener these days because of dhclient. That means that we could be doing two bpf locks on most packets going through the interface.) PR: 71711
2006-07-24 15:42:04 +00:00
if (!gottime) {
microtime(&tv);
gottime = 1;
}
Insert a missing call to MAC protection check for delivering an mbuf to a bpf device. Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories Submitted by: phk
2002-09-21 00:59:56 +00:00
#ifdef MAC
Merge first in a series of TrustedBSD MAC Framework KPI changes from Mac OS X Leopard--rationalize naming for entry points to the following general forms: mac_<object>_<method/action> mac_<object>_check_<method/action> The previous naming scheme was inconsistent and mostly reversed from the new scheme. Also, make object types more consistent and remove spaces from object types that contain multiple parts ("posix_sem" -> "posixsem") to make mechanical parsing easier. Introduce a new "netinet" object type for certain IPv4/IPv6-related methods. Also simplify, slightly, some entry point names. All MAC policy modules will need to be recompiled, and modules not updates as part of this commit will need to be modified to conform to the new KPI. Sponsored by: SPARTA (original patches against Mac OS X) Obtained from: TrustedBSD Project, Apple Computer
2007-10-24 19:04:04 +00:00
if (mac_bpfdesc_check_receive(d, bp->bif_ifp) == 0)
Insert a missing call to MAC protection check for delivering an mbuf to a bpf device. Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories Submitted by: phk
2002-09-21 00:59:56 +00:00
#endif
catchpacket(d, (u_char *)m, pktlen, slen,
Introduce support for zero-copy BPF buffering, which reduces the overhead of packet capture by allowing a user process to directly "loan" buffer memory to the kernel rather than using read(2) to explicitly copy data from kernel address space. The user process will issue new BPF ioctls to set the shared memory buffer mode and provide pointers to buffers and their size. The kernel then wires and maps the pages into kernel address space using sf_buf(9), which on supporting architectures will use the direct map region. The current "buffered" access mode remains the default, and support for zero-copy buffers must, for the time being, be explicitly enabled using a sysctl for the kernel to accept requests to use it. The kernel and user process synchronize use of the buffers with atomic operations, avoiding the need for system calls under load; the user process may use select()/poll()/kqueue() to manage blocking while waiting for network data if the user process is able to consume data faster than the kernel generates it. Patchs to libpcap are available to allow libpcap applications to transparently take advantage of this support. Detailed information on the new API may be found in bpf(4), including specific atomic operations and memory barriers required to synchronize buffer use safely. These changes modify the base BPF implementation to (roughly) abstrac the current buffer model, allowing the new shared memory model to be added, and add new monitoring statistics for netstat to print. The implementation, with the exception of some monitoring hanges that break the netstat monitoring ABI for BPF, will be MFC'd. Zerocopy bpf buffers are still considered experimental are disabled by default. To experiment with this new facility, adjust the net.bpf.zerocopy_enable sysctl variable to 1. Changes to libpcap will be made available as a patch for the time being, and further refinements to the implementation are expected. Sponsored by: Seccuris Inc. In collaboration with: rwatson Tested by: pwood, gallatin MFC after: 4 months [1] [1] Certain portions will probably not be MFCed, specifically things that can break the monitoring ABI.
2008-03-24 13:49:17 +00:00
bpf_append_mbuf, &tv);
Add missing braces around bpf_filter which were missed when I merged the bpfstat code. Pointed out by: iedowse Pointy hat to: csjp MFC after: 3 days
2005-08-18 22:30:52 +00:00
}
Add mutexes to the entire bpf subsystem to make it MPSAFE. Previously reviewed by: jhb, bde
2001-02-16 17:10:28 +00:00
BPFD_UNLOCK(d);
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
}
Add mutexes to the entire bpf subsystem to make it MPSAFE. Previously reviewed by: jhb, bde
2001-02-16 17:10:28 +00:00
BPFIF_UNLOCK(bp);
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
}
o eliminate widespread on-stack mbuf use for bpf by introducing a new bpf_mtap2 routine that does the right thing for an mbuf and a variable-length chunk of data that should be prepended. o while we're sweeping the drivers, use u_int32_t uniformly when when prepending the address family (several places were assuming sizeof(int) was 4) o return M_ASSERTVALID to BPF_MTAP* now that all stack-allocated mbufs have been eliminated; this may better be moved to the bpf routines Reviewed by: arch@ and several others
2003-12-28 03:56:00 +00:00
/*
* Incoming linkage from device drivers, when packet is in
* an mbuf chain and to be prepended by a contiguous header.
*/
void
Since we are doing some bpf(4) clean up, change a couple of function prototypes to be consistent. Also, ANSI'fy function definitions. There is no functional change here.
2006-06-15 15:39:12 +00:00
bpf_mtap2(struct bpf_if *bp, void *data, u_int dlen, struct mbuf *m)
o eliminate widespread on-stack mbuf use for bpf by introducing a new bpf_mtap2 routine that does the right thing for an mbuf and a variable-length chunk of data that should be prepended. o while we're sweeping the drivers, use u_int32_t uniformly when when prepending the address family (several places were assuming sizeof(int) was 4) o return M_ASSERTVALID to BPF_MTAP* now that all stack-allocated mbufs have been eliminated; this may better be moved to the bpf routines Reviewed by: arch@ and several others
2003-12-28 03:56:00 +00:00
{
struct mbuf mb;
struct bpf_d *d;
u_int pktlen, slen;
Rather than calling mircotime() in catchpacket(), make catchpacket() take a timeval indicating when the packet was captured. Move microtime() to the calling functions and grab the timestamp as soon as we know that we're going to call catchpacket at least once. This means that we call microtime() once per matched packet, as opposed to once per matched packet per bpf listener. It also means that we return the same timestamp to all bpf listeners, rather than slightly different ones. It would be more accurate to call microtime() even earlier for all packets, as you have to grab (1+#listener) locks before you can determine if the packet will be logged. You could always grab a timestamp before the locks, but microtime() can be costly, so this didn't seem like a good idea. (I guess most ethernet interfaces will have a bpf listener these days because of dhclient. That means that we could be doing two bpf locks on most packets going through the interface.) PR: 71711
2006-07-24 15:42:04 +00:00
int gottime;
struct timeval tv;
Revert the previous commit and use M_PROMISC flag instead. It is safer because it will never be used for outgoing packets.
2008-04-15 17:08:24 +00:00
/* Skip outgoing duplicate packets. */
if ((m->m_flags & M_PROMISC) != 0 && m->m_pkthdr.rcvif == NULL) {
m->m_flags &= ~M_PROMISC;
return;
}
Rather than calling mircotime() in catchpacket(), make catchpacket() take a timeval indicating when the packet was captured. Move microtime() to the calling functions and grab the timestamp as soon as we know that we're going to call catchpacket at least once. This means that we call microtime() once per matched packet, as opposed to once per matched packet per bpf listener. It also means that we return the same timestamp to all bpf listeners, rather than slightly different ones. It would be more accurate to call microtime() even earlier for all packets, as you have to grab (1+#listener) locks before you can determine if the packet will be logged. You could always grab a timestamp before the locks, but microtime() can be costly, so this didn't seem like a good idea. (I guess most ethernet interfaces will have a bpf listener these days because of dhclient. That means that we could be doing two bpf locks on most packets going through the interface.) PR: 71711
2006-07-24 15:42:04 +00:00
gottime = 0;
o eliminate widespread on-stack mbuf use for bpf by introducing a new bpf_mtap2 routine that does the right thing for an mbuf and a variable-length chunk of data that should be prepended. o while we're sweeping the drivers, use u_int32_t uniformly when when prepending the address family (several places were assuming sizeof(int) was 4) o return M_ASSERTVALID to BPF_MTAP* now that all stack-allocated mbufs have been eliminated; this may better be moved to the bpf routines Reviewed by: arch@ and several others
2003-12-28 03:56:00 +00:00
pktlen = m_length(m, NULL);
/*
* Craft on-stack mbuf suitable for passing to bpf_filter.
* Note that we cut corners here; we only setup what's
* absolutely needed--this mbuf should never go anywhere else.
*/
mb.m_next = m;
mb.m_data = data;
mb.m_len = dlen;
pktlen += dlen;
BPFIF_LOCK(bp);
Reformulate use of linked lists in 'struct bpf_d' and 'struct bpf_if' to use queue(3) list macros rather than hand-crafted lists. While here, move to doubly linked lists to eliminate iterating lists in order to remove entries. This change simplifies and clarifies the list logic in the BPF descriptor code as a first step towards revising the locking strategy. RELENG_5 candidate. Reviewed by: fenner
2004-09-09 00:19:27 +00:00
LIST_FOREACH(d, &bp->bif_dlist, bd_next) {
Check packet directions more properly instead of just checking received interface is null. PR: kern/123138 Submitted by: Dmitry (hanabana at mail dot ru) MFC after: 1 week
2008-04-28 19:42:11 +00:00
if (BPF_CHECK_DIRECTION(d, m->m_pkthdr.rcvif, bp->bif_ifp))
o eliminate widespread on-stack mbuf use for bpf by introducing a new bpf_mtap2 routine that does the right thing for an mbuf and a variable-length chunk of data that should be prepended. o while we're sweeping the drivers, use u_int32_t uniformly when when prepending the address family (several places were assuming sizeof(int) was 4) o return M_ASSERTVALID to BPF_MTAP* now that all stack-allocated mbufs have been eliminated; this may better be moved to the bpf routines Reviewed by: arch@ and several others
2003-12-28 03:56:00 +00:00
continue;
BPFD_LOCK(d);
++d->bd_rcount;
Introduce two new ioctl(2) commands, BIOCLOCK and BIOCSETWF. These commands enhance the security of bpf(4) by further relinquishing the privilege of the bpf(4) consumer (assuming the ioctl commands are being implemented). Once BIOCLOCK is executed, the device becomes locked which prevents the execution of ioctl(2) commands which can change the underly parameters of the bpf(4) device. An example might be the setting of bpf(4) filter programs or attaching to different network interfaces. BIOCSETWF can be used to set write filters for outgoing packets. Currently if a bpf(4) consumer is compromised, the bpf(4) descriptor can essentially be used as a raw socket, regardless of consumer's UID. Write filters give users the ability to constrain which packets can be sent through the bpf(4) descriptor. These features are currently implemented by a couple programs which came from OpenBSD, such as the new dhclient and pflogd. -Modify bpf_setf(9) to accept a "cmd" parameter. This will be used to specify whether a read or write filter is to be set. -Add a bpf(4) filter program as a parameter to bpf_movein(9) as we will run the filter program on the mbuf data once we move the packet in from user-space. -Rather than execute two uiomove operations, (one for the link header and the other for the packet data), execute one and manually copy the linker header into the sockaddr structure via bcopy. -Restructure bpf_setf to compensate for write filters, as well as read. -Adjust bpf(4) stats structures to include a bd_locked member. It should be noted that the FreeBSD and OpenBSD implementations differ a bit in the sense that we unconditionally enforce the lock, where OpenBSD enforces it only if the calling credential is not root. Idea from: OpenBSD Reviewed by: mlaier
2005-08-22 19:35:48 +00:00
slen = bpf_filter(d->bd_rfilter, (u_char *)&mb, pktlen, 0);
Add missing braces around bpf_filter which were missed when I merged the bpfstat code. Pointed out by: iedowse Pointy hat to: csjp MFC after: 3 days
2005-08-18 22:30:52 +00:00
if (slen != 0) {
Introduce new sysctl variable: net.bpf.stats. This sysctl variable can be used to pass statistics regarding dropped, matched and received packet counts from the kernel to user-space. While we are here introduce a new counter for filtered or matched packets. We currently keep track of packets received or dropped by the bpf device, but not how many packets actually matched the bpf filter. -Introduce net.bpf.stats sysctl OID -Move sysctl variables after the function prototypes so we can reference bpf_stats_sysctl(9) without build errors. -Introduce bpf descriptor counter which is used mainly for sizing of the xbpf_d array. -Introduce a xbpf_d structure which will act as an external representation of the bpf_d structure. -Add a the following members to the bpfd structure: bd_fcount - Number of packets which matched bpf filter bd_pid - PID which opened the bpf device bd_pcomm - Process name which opened the device. It should be noted that it's possible that the process which opened the device could be long gone at the time of stats collection. An example might be a process that opens the bpf device forks then exits leaving the child process with the bpf fd. Reviewed by: mdodd
2005-07-24 17:21:17 +00:00
d->bd_fcount++;
Rather than calling mircotime() in catchpacket(), make catchpacket() take a timeval indicating when the packet was captured. Move microtime() to the calling functions and grab the timestamp as soon as we know that we're going to call catchpacket at least once. This means that we call microtime() once per matched packet, as opposed to once per matched packet per bpf listener. It also means that we return the same timestamp to all bpf listeners, rather than slightly different ones. It would be more accurate to call microtime() even earlier for all packets, as you have to grab (1+#listener) locks before you can determine if the packet will be logged. You could always grab a timestamp before the locks, but microtime() can be costly, so this didn't seem like a good idea. (I guess most ethernet interfaces will have a bpf listener these days because of dhclient. That means that we could be doing two bpf locks on most packets going through the interface.) PR: 71711
2006-07-24 15:42:04 +00:00
if (!gottime) {
microtime(&tv);
gottime = 1;
}
o eliminate widespread on-stack mbuf use for bpf by introducing a new bpf_mtap2 routine that does the right thing for an mbuf and a variable-length chunk of data that should be prepended. o while we're sweeping the drivers, use u_int32_t uniformly when when prepending the address family (several places were assuming sizeof(int) was 4) o return M_ASSERTVALID to BPF_MTAP* now that all stack-allocated mbufs have been eliminated; this may better be moved to the bpf routines Reviewed by: arch@ and several others
2003-12-28 03:56:00 +00:00
#ifdef MAC
Merge first in a series of TrustedBSD MAC Framework KPI changes from Mac OS X Leopard--rationalize naming for entry points to the following general forms: mac_<object>_<method/action> mac_<object>_check_<method/action> The previous naming scheme was inconsistent and mostly reversed from the new scheme. Also, make object types more consistent and remove spaces from object types that contain multiple parts ("posix_sem" -> "posixsem") to make mechanical parsing easier. Introduce a new "netinet" object type for certain IPv4/IPv6-related methods. Also simplify, slightly, some entry point names. All MAC policy modules will need to be recompiled, and modules not updates as part of this commit will need to be modified to conform to the new KPI. Sponsored by: SPARTA (original patches against Mac OS X) Obtained from: TrustedBSD Project, Apple Computer
2007-10-24 19:04:04 +00:00
if (mac_bpfdesc_check_receive(d, bp->bif_ifp) == 0)
o eliminate widespread on-stack mbuf use for bpf by introducing a new bpf_mtap2 routine that does the right thing for an mbuf and a variable-length chunk of data that should be prepended. o while we're sweeping the drivers, use u_int32_t uniformly when when prepending the address family (several places were assuming sizeof(int) was 4) o return M_ASSERTVALID to BPF_MTAP* now that all stack-allocated mbufs have been eliminated; this may better be moved to the bpf routines Reviewed by: arch@ and several others
2003-12-28 03:56:00 +00:00
#endif
catchpacket(d, (u_char *)&mb, pktlen, slen,
Introduce support for zero-copy BPF buffering, which reduces the overhead of packet capture by allowing a user process to directly "loan" buffer memory to the kernel rather than using read(2) to explicitly copy data from kernel address space. The user process will issue new BPF ioctls to set the shared memory buffer mode and provide pointers to buffers and their size. The kernel then wires and maps the pages into kernel address space using sf_buf(9), which on supporting architectures will use the direct map region. The current "buffered" access mode remains the default, and support for zero-copy buffers must, for the time being, be explicitly enabled using a sysctl for the kernel to accept requests to use it. The kernel and user process synchronize use of the buffers with atomic operations, avoiding the need for system calls under load; the user process may use select()/poll()/kqueue() to manage blocking while waiting for network data if the user process is able to consume data faster than the kernel generates it. Patchs to libpcap are available to allow libpcap applications to transparently take advantage of this support. Detailed information on the new API may be found in bpf(4), including specific atomic operations and memory barriers required to synchronize buffer use safely. These changes modify the base BPF implementation to (roughly) abstrac the current buffer model, allowing the new shared memory model to be added, and add new monitoring statistics for netstat to print. The implementation, with the exception of some monitoring hanges that break the netstat monitoring ABI for BPF, will be MFC'd. Zerocopy bpf buffers are still considered experimental are disabled by default. To experiment with this new facility, adjust the net.bpf.zerocopy_enable sysctl variable to 1. Changes to libpcap will be made available as a patch for the time being, and further refinements to the implementation are expected. Sponsored by: Seccuris Inc. In collaboration with: rwatson Tested by: pwood, gallatin MFC after: 4 months [1] [1] Certain portions will probably not be MFCed, specifically things that can break the monitoring ABI.
2008-03-24 13:49:17 +00:00
bpf_append_mbuf, &tv);
Add missing braces around bpf_filter which were missed when I merged the bpfstat code. Pointed out by: iedowse Pointy hat to: csjp MFC after: 3 days
2005-08-18 22:30:52 +00:00
}
o eliminate widespread on-stack mbuf use for bpf by introducing a new bpf_mtap2 routine that does the right thing for an mbuf and a variable-length chunk of data that should be prepended. o while we're sweeping the drivers, use u_int32_t uniformly when when prepending the address family (several places were assuming sizeof(int) was 4) o return M_ASSERTVALID to BPF_MTAP* now that all stack-allocated mbufs have been eliminated; this may better be moved to the bpf routines Reviewed by: arch@ and several others
2003-12-28 03:56:00 +00:00
BPFD_UNLOCK(d);
}
BPFIF_UNLOCK(bp);
}
Add three new ioctl(2) commands for bpf(4). - BIOCGDIRECTION and BIOCSDIRECTION get or set the setting determining whether incoming, outgoing, or all packets on the interface should be returned by BPF. Set to BPF_D_IN to see only incoming packets on the interface. Set to BPF_D_INOUT to see packets originating locally and remotely on the interface. Set to BPF_D_OUT to see only outgoing packets on the interface. This setting is initialized to BPF_D_INOUT by default. BIOCGSEESENT and BIOCSSEESENT are obsoleted by these but kept for backward compatibility. - BIOCFEEDBACK sets packet feedback mode. This allows injected packets to be fed back as input to the interface when output via the interface is successful. When BPF_D_INOUT direction is set, injected outgoing packet is not returned by BPF to avoid duplication. This flag is initialized to zero by default. Note that libpcap has been modified to support BPF_D_OUT direction for pcap_setdirection(3) and PCAP_D_OUT direction is functional now. Reviewed by: rwatson
2007-02-26 22:24:14 +00:00
#undef BPF_CHECK_DIRECTION
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
/*
* Move the packet data from interface memory (pkt) into the
Random style fixes and a comment update. No functional changes.
2004-02-16 18:19:15 +00:00
* store buffer. "cpfn" is the routine called to do the actual data
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
* transfer. bcopy is passed in to copy contiguous chunks, while
Introduce support for zero-copy BPF buffering, which reduces the overhead of packet capture by allowing a user process to directly "loan" buffer memory to the kernel rather than using read(2) to explicitly copy data from kernel address space. The user process will issue new BPF ioctls to set the shared memory buffer mode and provide pointers to buffers and their size. The kernel then wires and maps the pages into kernel address space using sf_buf(9), which on supporting architectures will use the direct map region. The current "buffered" access mode remains the default, and support for zero-copy buffers must, for the time being, be explicitly enabled using a sysctl for the kernel to accept requests to use it. The kernel and user process synchronize use of the buffers with atomic operations, avoiding the need for system calls under load; the user process may use select()/poll()/kqueue() to manage blocking while waiting for network data if the user process is able to consume data faster than the kernel generates it. Patchs to libpcap are available to allow libpcap applications to transparently take advantage of this support. Detailed information on the new API may be found in bpf(4), including specific atomic operations and memory barriers required to synchronize buffer use safely. These changes modify the base BPF implementation to (roughly) abstrac the current buffer model, allowing the new shared memory model to be added, and add new monitoring statistics for netstat to print. The implementation, with the exception of some monitoring hanges that break the netstat monitoring ABI for BPF, will be MFC'd. Zerocopy bpf buffers are still considered experimental are disabled by default. To experiment with this new facility, adjust the net.bpf.zerocopy_enable sysctl variable to 1. Changes to libpcap will be made available as a patch for the time being, and further refinements to the implementation are expected. Sponsored by: Seccuris Inc. In collaboration with: rwatson Tested by: pwood, gallatin MFC after: 4 months [1] [1] Certain portions will probably not be MFCed, specifically things that can break the monitoring ABI.
2008-03-24 13:49:17 +00:00
* bpf_append_mbuf is passed in to copy mbuf chains. In the latter case,
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
* pkt is really an mbuf.
*/
static void
Since we are doing some bpf(4) clean up, change a couple of function prototypes to be consistent. Also, ANSI'fy function definitions. There is no functional change here.
2006-06-15 15:39:12 +00:00
catchpacket(struct bpf_d *d, u_char *pkt, u_int pktlen, u_int snaplen,
Introduce support for zero-copy BPF buffering, which reduces the overhead of packet capture by allowing a user process to directly "loan" buffer memory to the kernel rather than using read(2) to explicitly copy data from kernel address space. The user process will issue new BPF ioctls to set the shared memory buffer mode and provide pointers to buffers and their size. The kernel then wires and maps the pages into kernel address space using sf_buf(9), which on supporting architectures will use the direct map region. The current "buffered" access mode remains the default, and support for zero-copy buffers must, for the time being, be explicitly enabled using a sysctl for the kernel to accept requests to use it. The kernel and user process synchronize use of the buffers with atomic operations, avoiding the need for system calls under load; the user process may use select()/poll()/kqueue() to manage blocking while waiting for network data if the user process is able to consume data faster than the kernel generates it. Patchs to libpcap are available to allow libpcap applications to transparently take advantage of this support. Detailed information on the new API may be found in bpf(4), including specific atomic operations and memory barriers required to synchronize buffer use safely. These changes modify the base BPF implementation to (roughly) abstrac the current buffer model, allowing the new shared memory model to be added, and add new monitoring statistics for netstat to print. The implementation, with the exception of some monitoring hanges that break the netstat monitoring ABI for BPF, will be MFC'd. Zerocopy bpf buffers are still considered experimental are disabled by default. To experiment with this new facility, adjust the net.bpf.zerocopy_enable sysctl variable to 1. Changes to libpcap will be made available as a patch for the time being, and further refinements to the implementation are expected. Sponsored by: Seccuris Inc. In collaboration with: rwatson Tested by: pwood, gallatin MFC after: 4 months [1] [1] Certain portions will probably not be MFCed, specifically things that can break the monitoring ABI.
2008-03-24 13:49:17 +00:00
void (*cpfn)(struct bpf_d *, caddr_t, u_int, void *, u_int),
struct timeval *tv)
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
{
Introduce support for zero-copy BPF buffering, which reduces the overhead of packet capture by allowing a user process to directly "loan" buffer memory to the kernel rather than using read(2) to explicitly copy data from kernel address space. The user process will issue new BPF ioctls to set the shared memory buffer mode and provide pointers to buffers and their size. The kernel then wires and maps the pages into kernel address space using sf_buf(9), which on supporting architectures will use the direct map region. The current "buffered" access mode remains the default, and support for zero-copy buffers must, for the time being, be explicitly enabled using a sysctl for the kernel to accept requests to use it. The kernel and user process synchronize use of the buffers with atomic operations, avoiding the need for system calls under load; the user process may use select()/poll()/kqueue() to manage blocking while waiting for network data if the user process is able to consume data faster than the kernel generates it. Patchs to libpcap are available to allow libpcap applications to transparently take advantage of this support. Detailed information on the new API may be found in bpf(4), including specific atomic operations and memory barriers required to synchronize buffer use safely. These changes modify the base BPF implementation to (roughly) abstrac the current buffer model, allowing the new shared memory model to be added, and add new monitoring statistics for netstat to print. The implementation, with the exception of some monitoring hanges that break the netstat monitoring ABI for BPF, will be MFC'd. Zerocopy bpf buffers are still considered experimental are disabled by default. To experiment with this new facility, adjust the net.bpf.zerocopy_enable sysctl variable to 1. Changes to libpcap will be made available as a patch for the time being, and further refinements to the implementation are expected. Sponsored by: Seccuris Inc. In collaboration with: rwatson Tested by: pwood, gallatin MFC after: 4 months [1] [1] Certain portions will probably not be MFCed, specifically things that can break the monitoring ABI.
2008-03-24 13:49:17 +00:00
struct bpf_hdr hdr;
Clean up whitespace, s/register //, refrain from strong urge to ANSIfy.
2003-03-02 15:56:49 +00:00
int totlen, curlen;
int hdrlen = d->bd_bif->bif_hdrlen;
fix a bug where bpf would try to wakeup before updating the state.. This was causing kqueue not to see the correct state and not wake up a process that is waiting... Submitted by: nCircle Network Security, Inc.
2005-03-02 21:59:39 +00:00
int do_wakeup = 0;
Random style fixes and a comment update. No functional changes.
2004-02-16 18:19:15 +00:00
-introduce net.bpf sysctl instead of the less intuitive debug.* debug.bpf_bufsize is now net.bpf.bufsize debug.bpf_maxbufsize is now net.bpf.maxbufsize -move function prototypes for bpf_drvinit and bpf_clone up to the top of the file with the others -assert bpfd lock in catchpacket() and bpf_wakeup() MFC after: 2 weeks
2005-05-04 03:09:28 +00:00
BPFD_LOCK_ASSERT(d);
Introduce support for zero-copy BPF buffering, which reduces the overhead of packet capture by allowing a user process to directly "loan" buffer memory to the kernel rather than using read(2) to explicitly copy data from kernel address space. The user process will issue new BPF ioctls to set the shared memory buffer mode and provide pointers to buffers and their size. The kernel then wires and maps the pages into kernel address space using sf_buf(9), which on supporting architectures will use the direct map region. The current "buffered" access mode remains the default, and support for zero-copy buffers must, for the time being, be explicitly enabled using a sysctl for the kernel to accept requests to use it. The kernel and user process synchronize use of the buffers with atomic operations, avoiding the need for system calls under load; the user process may use select()/poll()/kqueue() to manage blocking while waiting for network data if the user process is able to consume data faster than the kernel generates it. Patchs to libpcap are available to allow libpcap applications to transparently take advantage of this support. Detailed information on the new API may be found in bpf(4), including specific atomic operations and memory barriers required to synchronize buffer use safely. These changes modify the base BPF implementation to (roughly) abstrac the current buffer model, allowing the new shared memory model to be added, and add new monitoring statistics for netstat to print. The implementation, with the exception of some monitoring hanges that break the netstat monitoring ABI for BPF, will be MFC'd. Zerocopy bpf buffers are still considered experimental are disabled by default. To experiment with this new facility, adjust the net.bpf.zerocopy_enable sysctl variable to 1. Changes to libpcap will be made available as a patch for the time being, and further refinements to the implementation are expected. Sponsored by: Seccuris Inc. In collaboration with: rwatson Tested by: pwood, gallatin MFC after: 4 months [1] [1] Certain portions will probably not be MFCed, specifically things that can break the monitoring ABI.
2008-03-24 13:49:17 +00:00
/*
* Detect whether user space has released a buffer back to us, and if
* so, move it from being a hold buffer to a free buffer. This may
* not be the best place to do it (for example, we might only want to
* run this check if we need the space), but for now it's a reliable
* spot to do it.
*/
Check for a NULL free buffer pointer in BPF before invoking bpf_canfreebuf() in order to avoid potentially calling a non-inlinable but trivial function in zero-copy buffer mode for every packet received when we couldn't free the buffer anyway. MFC after: 4 months
2008-03-25 07:41:33 +00:00
if (d->bd_fbuf == NULL && bpf_canfreebuf(d)) {
Introduce support for zero-copy BPF buffering, which reduces the overhead of packet capture by allowing a user process to directly "loan" buffer memory to the kernel rather than using read(2) to explicitly copy data from kernel address space. The user process will issue new BPF ioctls to set the shared memory buffer mode and provide pointers to buffers and their size. The kernel then wires and maps the pages into kernel address space using sf_buf(9), which on supporting architectures will use the direct map region. The current "buffered" access mode remains the default, and support for zero-copy buffers must, for the time being, be explicitly enabled using a sysctl for the kernel to accept requests to use it. The kernel and user process synchronize use of the buffers with atomic operations, avoiding the need for system calls under load; the user process may use select()/poll()/kqueue() to manage blocking while waiting for network data if the user process is able to consume data faster than the kernel generates it. Patchs to libpcap are available to allow libpcap applications to transparently take advantage of this support. Detailed information on the new API may be found in bpf(4), including specific atomic operations and memory barriers required to synchronize buffer use safely. These changes modify the base BPF implementation to (roughly) abstrac the current buffer model, allowing the new shared memory model to be added, and add new monitoring statistics for netstat to print. The implementation, with the exception of some monitoring hanges that break the netstat monitoring ABI for BPF, will be MFC'd. Zerocopy bpf buffers are still considered experimental are disabled by default. To experiment with this new facility, adjust the net.bpf.zerocopy_enable sysctl variable to 1. Changes to libpcap will be made available as a patch for the time being, and further refinements to the implementation are expected. Sponsored by: Seccuris Inc. In collaboration with: rwatson Tested by: pwood, gallatin MFC after: 4 months [1] [1] Certain portions will probably not be MFCed, specifically things that can break the monitoring ABI.
2008-03-24 13:49:17 +00:00
d->bd_fbuf = d->bd_hbuf;
d->bd_hbuf = NULL;
d->bd_hlen = 0;
Make sure we are clearing the ZBUF_FLAG_IMMUTABLE any time a free buffer is reclaimed by the kernel. This fixes a bug resulted in the kernel over writing packet data while user-space was still processing it when zerocopy is enabled. (Or a panic if invariants was enabled). Discussed with: rwatson
2008-07-05 20:11:28 +00:00
bpf_buf_reclaimed(d);
Introduce support for zero-copy BPF buffering, which reduces the overhead of packet capture by allowing a user process to directly "loan" buffer memory to the kernel rather than using read(2) to explicitly copy data from kernel address space. The user process will issue new BPF ioctls to set the shared memory buffer mode and provide pointers to buffers and their size. The kernel then wires and maps the pages into kernel address space using sf_buf(9), which on supporting architectures will use the direct map region. The current "buffered" access mode remains the default, and support for zero-copy buffers must, for the time being, be explicitly enabled using a sysctl for the kernel to accept requests to use it. The kernel and user process synchronize use of the buffers with atomic operations, avoiding the need for system calls under load; the user process may use select()/poll()/kqueue() to manage blocking while waiting for network data if the user process is able to consume data faster than the kernel generates it. Patchs to libpcap are available to allow libpcap applications to transparently take advantage of this support. Detailed information on the new API may be found in bpf(4), including specific atomic operations and memory barriers required to synchronize buffer use safely. These changes modify the base BPF implementation to (roughly) abstrac the current buffer model, allowing the new shared memory model to be added, and add new monitoring statistics for netstat to print. The implementation, with the exception of some monitoring hanges that break the netstat monitoring ABI for BPF, will be MFC'd. Zerocopy bpf buffers are still considered experimental are disabled by default. To experiment with this new facility, adjust the net.bpf.zerocopy_enable sysctl variable to 1. Changes to libpcap will be made available as a patch for the time being, and further refinements to the implementation are expected. Sponsored by: Seccuris Inc. In collaboration with: rwatson Tested by: pwood, gallatin MFC after: 4 months [1] [1] Certain portions will probably not be MFCed, specifically things that can break the monitoring ABI.
2008-03-24 13:49:17 +00:00
}
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
/*
* Figure out how many bytes to move. If the packet is
* greater or equal to the snapshot length, transfer that
* much. Otherwise, transfer the whole packet (unless
* we hit the buffer size limit).
*/
totlen = hdrlen + min(snaplen, pktlen);
if (totlen > d->bd_bufsize)
totlen = d->bd_bufsize;
/*
* Round up the end of the previous packet to the next longword.
Maintain and observe a ZBUF_FLAG_IMMUTABLE flag on zero-copy BPF buffer kernel descriptors, which is used to allow the buffer currently in the BPF "store" position to be assigned to userspace when it fills, even if userspace hasn't acknowledged the buffer in the "hold" position yet. To implement this, notify the buffer model when a buffer becomes full, and check that the store buffer is writable, not just for it being full, before trying to append new packet data. Shared memory buffers will be assigned to userspace at most once per fill, be it in the store or in the hold position. This removes the restriction that at most one shared memory can by owned by userspace, reducing the chances that userspace will need to call select() after acknowledging one buffer in order to wait for the next buffer when under high load. This more fully realizes the goal of zero system calls in order to process a high-speed packet stream from BPF. Update bpf.4 to reflect that both buffers may be owned by userspace at once; caution against assuming this.
2008-04-07 02:51:00 +00:00
*
* Drop the packet if there's no room and no hope of room
* If the packet would overflow the storage buffer or the storage
* buffer is considered immutable by the buffer model, try to rotate
* the buffer and wakeup pending processes.
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
*/
curlen = BPF_WORDALIGN(d->bd_slen);
Maintain and observe a ZBUF_FLAG_IMMUTABLE flag on zero-copy BPF buffer kernel descriptors, which is used to allow the buffer currently in the BPF "store" position to be assigned to userspace when it fills, even if userspace hasn't acknowledged the buffer in the "hold" position yet. To implement this, notify the buffer model when a buffer becomes full, and check that the store buffer is writable, not just for it being full, before trying to append new packet data. Shared memory buffers will be assigned to userspace at most once per fill, be it in the store or in the hold position. This removes the restriction that at most one shared memory can by owned by userspace, reducing the chances that userspace will need to call select() after acknowledging one buffer in order to wait for the next buffer when under high load. This more fully realizes the goal of zero system calls in order to process a high-speed packet stream from BPF. Update bpf.4 to reflect that both buffers may be owned by userspace at once; caution against assuming this.
2008-04-07 02:51:00 +00:00
if (curlen + totlen > d->bd_bufsize || !bpf_canwritebuf(d)) {
Prefer NULL to '0' when checking a pointer value.
2004-07-24 16:58:56 +00:00
if (d->bd_fbuf == NULL) {
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
/*
Maintain and observe a ZBUF_FLAG_IMMUTABLE flag on zero-copy BPF buffer kernel descriptors, which is used to allow the buffer currently in the BPF "store" position to be assigned to userspace when it fills, even if userspace hasn't acknowledged the buffer in the "hold" position yet. To implement this, notify the buffer model when a buffer becomes full, and check that the store buffer is writable, not just for it being full, before trying to append new packet data. Shared memory buffers will be assigned to userspace at most once per fill, be it in the store or in the hold position. This removes the restriction that at most one shared memory can by owned by userspace, reducing the chances that userspace will need to call select() after acknowledging one buffer in order to wait for the next buffer when under high load. This more fully realizes the goal of zero system calls in order to process a high-speed packet stream from BPF. Update bpf.4 to reflect that both buffers may be owned by userspace at once; caution against assuming this.
2008-04-07 02:51:00 +00:00
* There's no room in the store buffer, and no
* prospect of room, so drop the packet. Notify the
* buffer model.
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
*/
Maintain and observe a ZBUF_FLAG_IMMUTABLE flag on zero-copy BPF buffer kernel descriptors, which is used to allow the buffer currently in the BPF "store" position to be assigned to userspace when it fills, even if userspace hasn't acknowledged the buffer in the "hold" position yet. To implement this, notify the buffer model when a buffer becomes full, and check that the store buffer is writable, not just for it being full, before trying to append new packet data. Shared memory buffers will be assigned to userspace at most once per fill, be it in the store or in the hold position. This removes the restriction that at most one shared memory can by owned by userspace, reducing the chances that userspace will need to call select() after acknowledging one buffer in order to wait for the next buffer when under high load. This more fully realizes the goal of zero system calls in order to process a high-speed packet stream from BPF. Update bpf.4 to reflect that both buffers may be owned by userspace at once; caution against assuming this.
2008-04-07 02:51:00 +00:00
bpf_buffull(d);
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
++d->bd_dcount;
return;
}
ROTATE_BUFFERS(d);
fix a bug where bpf would try to wakeup before updating the state.. This was causing kqueue not to see the correct state and not wake up a process that is waiting... Submitted by: nCircle Network Security, Inc.
2005-03-02 21:59:39 +00:00
do_wakeup = 1;
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
curlen = 0;
Maintain and observe a ZBUF_FLAG_IMMUTABLE flag on zero-copy BPF buffer kernel descriptors, which is used to allow the buffer currently in the BPF "store" position to be assigned to userspace when it fills, even if userspace hasn't acknowledged the buffer in the "hold" position yet. To implement this, notify the buffer model when a buffer becomes full, and check that the store buffer is writable, not just for it being full, before trying to append new packet data. Shared memory buffers will be assigned to userspace at most once per fill, be it in the store or in the hold position. This removes the restriction that at most one shared memory can by owned by userspace, reducing the chances that userspace will need to call select() after acknowledging one buffer in order to wait for the next buffer when under high load. This more fully realizes the goal of zero system calls in order to process a high-speed packet stream from BPF. Update bpf.4 to reflect that both buffers may be owned by userspace at once; caution against assuming this.
2008-04-07 02:51:00 +00:00
} else if (d->bd_immediate || d->bd_state == BPF_TIMED_OUT)
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
/*
Introduce support for zero-copy BPF buffering, which reduces the overhead of packet capture by allowing a user process to directly "loan" buffer memory to the kernel rather than using read(2) to explicitly copy data from kernel address space. The user process will issue new BPF ioctls to set the shared memory buffer mode and provide pointers to buffers and their size. The kernel then wires and maps the pages into kernel address space using sf_buf(9), which on supporting architectures will use the direct map region. The current "buffered" access mode remains the default, and support for zero-copy buffers must, for the time being, be explicitly enabled using a sysctl for the kernel to accept requests to use it. The kernel and user process synchronize use of the buffers with atomic operations, avoiding the need for system calls under load; the user process may use select()/poll()/kqueue() to manage blocking while waiting for network data if the user process is able to consume data faster than the kernel generates it. Patchs to libpcap are available to allow libpcap applications to transparently take advantage of this support. Detailed information on the new API may be found in bpf(4), including specific atomic operations and memory barriers required to synchronize buffer use safely. These changes modify the base BPF implementation to (roughly) abstrac the current buffer model, allowing the new shared memory model to be added, and add new monitoring statistics for netstat to print. The implementation, with the exception of some monitoring hanges that break the netstat monitoring ABI for BPF, will be MFC'd. Zerocopy bpf buffers are still considered experimental are disabled by default. To experiment with this new facility, adjust the net.bpf.zerocopy_enable sysctl variable to 1. Changes to libpcap will be made available as a patch for the time being, and further refinements to the implementation are expected. Sponsored by: Seccuris Inc. In collaboration with: rwatson Tested by: pwood, gallatin MFC after: 4 months [1] [1] Certain portions will probably not be MFCed, specifically things that can break the monitoring ABI.
2008-03-24 13:49:17 +00:00
* Immediate mode is set, or the read timeout has already
* expired during a select call. A packet arrived, so the
* reader should be woken up.
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
*/
fix a bug where bpf would try to wakeup before updating the state.. This was causing kqueue not to see the correct state and not wake up a process that is waiting... Submitted by: nCircle Network Security, Inc.
2005-03-02 21:59:39 +00:00
do_wakeup = 1;
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
/*
Introduce support for zero-copy BPF buffering, which reduces the overhead of packet capture by allowing a user process to directly "loan" buffer memory to the kernel rather than using read(2) to explicitly copy data from kernel address space. The user process will issue new BPF ioctls to set the shared memory buffer mode and provide pointers to buffers and their size. The kernel then wires and maps the pages into kernel address space using sf_buf(9), which on supporting architectures will use the direct map region. The current "buffered" access mode remains the default, and support for zero-copy buffers must, for the time being, be explicitly enabled using a sysctl for the kernel to accept requests to use it. The kernel and user process synchronize use of the buffers with atomic operations, avoiding the need for system calls under load; the user process may use select()/poll()/kqueue() to manage blocking while waiting for network data if the user process is able to consume data faster than the kernel generates it. Patchs to libpcap are available to allow libpcap applications to transparently take advantage of this support. Detailed information on the new API may be found in bpf(4), including specific atomic operations and memory barriers required to synchronize buffer use safely. These changes modify the base BPF implementation to (roughly) abstrac the current buffer model, allowing the new shared memory model to be added, and add new monitoring statistics for netstat to print. The implementation, with the exception of some monitoring hanges that break the netstat monitoring ABI for BPF, will be MFC'd. Zerocopy bpf buffers are still considered experimental are disabled by default. To experiment with this new facility, adjust the net.bpf.zerocopy_enable sysctl variable to 1. Changes to libpcap will be made available as a patch for the time being, and further refinements to the implementation are expected. Sponsored by: Seccuris Inc. In collaboration with: rwatson Tested by: pwood, gallatin MFC after: 4 months [1] [1] Certain portions will probably not be MFCed, specifically things that can break the monitoring ABI.
2008-03-24 13:49:17 +00:00
* Append the bpf header. Note we append the actual header size, but
* move forward the length of the header plus padding.
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
*/
Introduce support for zero-copy BPF buffering, which reduces the overhead of packet capture by allowing a user process to directly "loan" buffer memory to the kernel rather than using read(2) to explicitly copy data from kernel address space. The user process will issue new BPF ioctls to set the shared memory buffer mode and provide pointers to buffers and their size. The kernel then wires and maps the pages into kernel address space using sf_buf(9), which on supporting architectures will use the direct map region. The current "buffered" access mode remains the default, and support for zero-copy buffers must, for the time being, be explicitly enabled using a sysctl for the kernel to accept requests to use it. The kernel and user process synchronize use of the buffers with atomic operations, avoiding the need for system calls under load; the user process may use select()/poll()/kqueue() to manage blocking while waiting for network data if the user process is able to consume data faster than the kernel generates it. Patchs to libpcap are available to allow libpcap applications to transparently take advantage of this support. Detailed information on the new API may be found in bpf(4), including specific atomic operations and memory barriers required to synchronize buffer use safely. These changes modify the base BPF implementation to (roughly) abstrac the current buffer model, allowing the new shared memory model to be added, and add new monitoring statistics for netstat to print. The implementation, with the exception of some monitoring hanges that break the netstat monitoring ABI for BPF, will be MFC'd. Zerocopy bpf buffers are still considered experimental are disabled by default. To experiment with this new facility, adjust the net.bpf.zerocopy_enable sysctl variable to 1. Changes to libpcap will be made available as a patch for the time being, and further refinements to the implementation are expected. Sponsored by: Seccuris Inc. In collaboration with: rwatson Tested by: pwood, gallatin MFC after: 4 months [1] [1] Certain portions will probably not be MFCed, specifically things that can break the monitoring ABI.
2008-03-24 13:49:17 +00:00
bzero(&hdr, sizeof(hdr));
hdr.bh_tstamp = *tv;
hdr.bh_datalen = pktlen;
hdr.bh_hdrlen = hdrlen;
hdr.bh_caplen = totlen - hdrlen;
bpf_append_bytes(d, d->bd_sbuf, curlen, &hdr, sizeof(hdr));
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
/*
* Copy the packet data into the store buffer and update its length.
*/
Introduce support for zero-copy BPF buffering, which reduces the overhead of packet capture by allowing a user process to directly "loan" buffer memory to the kernel rather than using read(2) to explicitly copy data from kernel address space. The user process will issue new BPF ioctls to set the shared memory buffer mode and provide pointers to buffers and their size. The kernel then wires and maps the pages into kernel address space using sf_buf(9), which on supporting architectures will use the direct map region. The current "buffered" access mode remains the default, and support for zero-copy buffers must, for the time being, be explicitly enabled using a sysctl for the kernel to accept requests to use it. The kernel and user process synchronize use of the buffers with atomic operations, avoiding the need for system calls under load; the user process may use select()/poll()/kqueue() to manage blocking while waiting for network data if the user process is able to consume data faster than the kernel generates it. Patchs to libpcap are available to allow libpcap applications to transparently take advantage of this support. Detailed information on the new API may be found in bpf(4), including specific atomic operations and memory barriers required to synchronize buffer use safely. These changes modify the base BPF implementation to (roughly) abstrac the current buffer model, allowing the new shared memory model to be added, and add new monitoring statistics for netstat to print. The implementation, with the exception of some monitoring hanges that break the netstat monitoring ABI for BPF, will be MFC'd. Zerocopy bpf buffers are still considered experimental are disabled by default. To experiment with this new facility, adjust the net.bpf.zerocopy_enable sysctl variable to 1. Changes to libpcap will be made available as a patch for the time being, and further refinements to the implementation are expected. Sponsored by: Seccuris Inc. In collaboration with: rwatson Tested by: pwood, gallatin MFC after: 4 months [1] [1] Certain portions will probably not be MFCed, specifically things that can break the monitoring ABI.
2008-03-24 13:49:17 +00:00
(*cpfn)(d, d->bd_sbuf, curlen + hdrlen, pkt, hdr.bh_caplen);
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
d->bd_slen = curlen + totlen;
fix a bug where bpf would try to wakeup before updating the state.. This was causing kqueue not to see the correct state and not wake up a process that is waiting... Submitted by: nCircle Network Security, Inc.
2005-03-02 21:59:39 +00:00
if (do_wakeup)
bpf_wakeup(d);
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
}
/*
* Free buffers currently in use by a descriptor.
* Called on close.
*/
static void
Since we are doing some bpf(4) clean up, change a couple of function prototypes to be consistent. Also, ANSI'fy function definitions. There is no functional change here.
2006-06-15 15:39:12 +00:00
bpf_freed(struct bpf_d *d)
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
{
Introduce support for zero-copy BPF buffering, which reduces the overhead of packet capture by allowing a user process to directly "loan" buffer memory to the kernel rather than using read(2) to explicitly copy data from kernel address space. The user process will issue new BPF ioctls to set the shared memory buffer mode and provide pointers to buffers and their size. The kernel then wires and maps the pages into kernel address space using sf_buf(9), which on supporting architectures will use the direct map region. The current "buffered" access mode remains the default, and support for zero-copy buffers must, for the time being, be explicitly enabled using a sysctl for the kernel to accept requests to use it. The kernel and user process synchronize use of the buffers with atomic operations, avoiding the need for system calls under load; the user process may use select()/poll()/kqueue() to manage blocking while waiting for network data if the user process is able to consume data faster than the kernel generates it. Patchs to libpcap are available to allow libpcap applications to transparently take advantage of this support. Detailed information on the new API may be found in bpf(4), including specific atomic operations and memory barriers required to synchronize buffer use safely. These changes modify the base BPF implementation to (roughly) abstrac the current buffer model, allowing the new shared memory model to be added, and add new monitoring statistics for netstat to print. The implementation, with the exception of some monitoring hanges that break the netstat monitoring ABI for BPF, will be MFC'd. Zerocopy bpf buffers are still considered experimental are disabled by default. To experiment with this new facility, adjust the net.bpf.zerocopy_enable sysctl variable to 1. Changes to libpcap will be made available as a patch for the time being, and further refinements to the implementation are expected. Sponsored by: Seccuris Inc. In collaboration with: rwatson Tested by: pwood, gallatin MFC after: 4 months [1] [1] Certain portions will probably not be MFCed, specifically things that can break the monitoring ABI.
2008-03-24 13:49:17 +00:00
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
/*
* We don't need to lock out interrupts since this descriptor has
* been detached from its interface and it yet hasn't been marked
* free.
*/
Introduce support for zero-copy BPF buffering, which reduces the overhead of packet capture by allowing a user process to directly "loan" buffer memory to the kernel rather than using read(2) to explicitly copy data from kernel address space. The user process will issue new BPF ioctls to set the shared memory buffer mode and provide pointers to buffers and their size. The kernel then wires and maps the pages into kernel address space using sf_buf(9), which on supporting architectures will use the direct map region. The current "buffered" access mode remains the default, and support for zero-copy buffers must, for the time being, be explicitly enabled using a sysctl for the kernel to accept requests to use it. The kernel and user process synchronize use of the buffers with atomic operations, avoiding the need for system calls under load; the user process may use select()/poll()/kqueue() to manage blocking while waiting for network data if the user process is able to consume data faster than the kernel generates it. Patchs to libpcap are available to allow libpcap applications to transparently take advantage of this support. Detailed information on the new API may be found in bpf(4), including specific atomic operations and memory barriers required to synchronize buffer use safely. These changes modify the base BPF implementation to (roughly) abstrac the current buffer model, allowing the new shared memory model to be added, and add new monitoring statistics for netstat to print. The implementation, with the exception of some monitoring hanges that break the netstat monitoring ABI for BPF, will be MFC'd. Zerocopy bpf buffers are still considered experimental are disabled by default. To experiment with this new facility, adjust the net.bpf.zerocopy_enable sysctl variable to 1. Changes to libpcap will be made available as a patch for the time being, and further refinements to the implementation are expected. Sponsored by: Seccuris Inc. In collaboration with: rwatson Tested by: pwood, gallatin MFC after: 4 months [1] [1] Certain portions will probably not be MFCed, specifically things that can break the monitoring ABI.
2008-03-24 13:49:17 +00:00
bpf_free(d);
Add experimental BPF Just-In-Time compiler for amd64 and i386. Use the following kernel configuration option to enable: options BPF_JITTER If you want to use bpf_filter() instead (e. g., debugging), do: sysctl net.bpf.jitter.enable=0 to turn it off. Currently BIOCSETWF and bpf_mtap2() are unsupported, and bpf_mtap() is partially supported because 1) no need, 2) avoid expensive m_copydata(9). Obtained from: WinPcap 3.1 (for i386)
2005-12-06 02:58:12 +00:00
if (d->bd_rfilter) {
Introduce two new ioctl(2) commands, BIOCLOCK and BIOCSETWF. These commands enhance the security of bpf(4) by further relinquishing the privilege of the bpf(4) consumer (assuming the ioctl commands are being implemented). Once BIOCLOCK is executed, the device becomes locked which prevents the execution of ioctl(2) commands which can change the underly parameters of the bpf(4) device. An example might be the setting of bpf(4) filter programs or attaching to different network interfaces. BIOCSETWF can be used to set write filters for outgoing packets. Currently if a bpf(4) consumer is compromised, the bpf(4) descriptor can essentially be used as a raw socket, regardless of consumer's UID. Write filters give users the ability to constrain which packets can be sent through the bpf(4) descriptor. These features are currently implemented by a couple programs which came from OpenBSD, such as the new dhclient and pflogd. -Modify bpf_setf(9) to accept a "cmd" parameter. This will be used to specify whether a read or write filter is to be set. -Add a bpf(4) filter program as a parameter to bpf_movein(9) as we will run the filter program on the mbuf data once we move the packet in from user-space. -Rather than execute two uiomove operations, (one for the link header and the other for the packet data), execute one and manually copy the linker header into the sockaddr structure via bcopy. -Restructure bpf_setf to compensate for write filters, as well as read. -Adjust bpf(4) stats structures to include a bd_locked member. It should be noted that the FreeBSD and OpenBSD implementations differ a bit in the sense that we unconditionally enforce the lock, where OpenBSD enforces it only if the calling credential is not root. Idea from: OpenBSD Reviewed by: mlaier
2005-08-22 19:35:48 +00:00
free((caddr_t)d->bd_rfilter, M_BPF);
Add experimental BPF Just-In-Time compiler for amd64 and i386. Use the following kernel configuration option to enable: options BPF_JITTER If you want to use bpf_filter() instead (e. g., debugging), do: sysctl net.bpf.jitter.enable=0 to turn it off. Currently BIOCSETWF and bpf_mtap2() are unsupported, and bpf_mtap() is partially supported because 1) no need, 2) avoid expensive m_copydata(9). Obtained from: WinPcap 3.1 (for i386)
2005-12-06 02:58:12 +00:00
#ifdef BPF_JITTER
bpf_destroy_jit_filter(d->bd_bfilter);
#endif
}
Introduce two new ioctl(2) commands, BIOCLOCK and BIOCSETWF. These commands enhance the security of bpf(4) by further relinquishing the privilege of the bpf(4) consumer (assuming the ioctl commands are being implemented). Once BIOCLOCK is executed, the device becomes locked which prevents the execution of ioctl(2) commands which can change the underly parameters of the bpf(4) device. An example might be the setting of bpf(4) filter programs or attaching to different network interfaces. BIOCSETWF can be used to set write filters for outgoing packets. Currently if a bpf(4) consumer is compromised, the bpf(4) descriptor can essentially be used as a raw socket, regardless of consumer's UID. Write filters give users the ability to constrain which packets can be sent through the bpf(4) descriptor. These features are currently implemented by a couple programs which came from OpenBSD, such as the new dhclient and pflogd. -Modify bpf_setf(9) to accept a "cmd" parameter. This will be used to specify whether a read or write filter is to be set. -Add a bpf(4) filter program as a parameter to bpf_movein(9) as we will run the filter program on the mbuf data once we move the packet in from user-space. -Rather than execute two uiomove operations, (one for the link header and the other for the packet data), execute one and manually copy the linker header into the sockaddr structure via bcopy. -Restructure bpf_setf to compensate for write filters, as well as read. -Adjust bpf(4) stats structures to include a bd_locked member. It should be noted that the FreeBSD and OpenBSD implementations differ a bit in the sense that we unconditionally enforce the lock, where OpenBSD enforces it only if the calling credential is not root. Idea from: OpenBSD Reviewed by: mlaier
2005-08-22 19:35:48 +00:00
if (d->bd_wfilter)
free((caddr_t)d->bd_wfilter, M_BPF);
Add mutexes to the entire bpf subsystem to make it MPSAFE. Previously reviewed by: jhb, bde
2001-02-16 17:10:28 +00:00
mtx_destroy(&d->bd_mtx);
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
}
o add support for multiple link types per interface (e.g. 802.11 and Ethernet) o introduce BPF_TAP and BPF_MTAP macros to hide implementation details and ease code portability o use m_getcl where appropriate Reviewed by: many Approved by: re Obtained from: NetBSD (multiple link type support)
2002-11-14 23:24:13 +00:00
/*
* Attach an interface to bpf. dlt is the link layer type; hdrlen is the
* fixed size of the link header (variable length headers not yet supported).
*/
void
Since we are doing some bpf(4) clean up, change a couple of function prototypes to be consistent. Also, ANSI'fy function definitions. There is no functional change here.
2006-06-15 15:39:12 +00:00
bpfattach(struct ifnet *ifp, u_int dlt, u_int hdrlen)
o add support for multiple link types per interface (e.g. 802.11 and Ethernet) o introduce BPF_TAP and BPF_MTAP macros to hide implementation details and ease code portability o use m_getcl where appropriate Reviewed by: many Approved by: re Obtained from: NetBSD (multiple link type support)
2002-11-14 23:24:13 +00:00
{
bpfattach2(ifp, dlt, hdrlen, &ifp->if_bpf);
}
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
/*
Correct the comment about bpfattach() to match reality. PR: 29967 Submitted by: Joseph Mallett <jmallett@xMach.org>
2001-08-23 22:38:08 +00:00
* Attach an interface to bpf. ifp is a pointer to the structure
* defining the interface to be attached, dlt is the link layer type,
* and hdrlen is the fixed size of the link header (variable length
* headers are not yet supporrted).
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
*/
void
Since we are doing some bpf(4) clean up, change a couple of function prototypes to be consistent. Also, ANSI'fy function definitions. There is no functional change here.
2006-06-15 15:39:12 +00:00
bpfattach2(struct ifnet *ifp, u_int dlt, u_int hdrlen, struct bpf_if **driverp)
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
{
struct bpf_if *bp;
Since we are doing some bpf(4) clean up, change a couple of function prototypes to be consistent. Also, ANSI'fy function definitions. There is no functional change here.
2006-06-15 15:39:12 +00:00
bp = malloc(sizeof(*bp), M_BPF, M_NOWAIT | M_ZERO);
Prefer NULL to '0' when checking a pointer value.
2004-07-24 16:58:56 +00:00
if (bp == NULL)
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
panic("bpfattach");
Reformulate use of linked lists in 'struct bpf_d' and 'struct bpf_if' to use queue(3) list macros rather than hand-crafted lists. While here, move to doubly linked lists to eliminate iterating lists in order to remove entries. This change simplifies and clarifies the list logic in the BPF descriptor code as a first step towards revising the locking strategy. RELENG_5 candidate. Reviewed by: fenner
2004-09-09 00:19:27 +00:00
LIST_INIT(&bp->bif_dlist);
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
bp->bif_ifp = ifp;
bp->bif_dlt = dlt;
Change callers of mtx_init() to pass in an appropriate lock type name. In most cases NULL is passed, but in some cases such as network driver locks (which use the MTX_NETWORK_LOCK macro) and UMA zone locks, a name is used. Tested on: i386, alpha, sparc64
2002-04-04 21:03:38 +00:00
mtx_init(&bp->bif_mtx, "bpf interface lock", NULL, MTX_DEF);
Fix the following bpf(4) race condition which can result in a panic: (1) bpf peer attaches to interface netif0 (2) Packet is received by netif0 (3) ifp->if_bpf pointer is checked and handed off to bpf (4) bpf peer detaches from netif0 resulting in ifp->if_bpf being initialized to NULL. (5) ifp->if_bpf is dereferenced by bpf machinery (6) Kaboom This race condition likely explains the various different kernel panics reported around sending SIGINT to tcpdump or dhclient processes. But really this race can result in kernel panics anywhere you have frequent bpf attach and detach operations with high packet per second load. Summary of changes: - Remove the bpf interface's "driverp" member - When we attach bpf interfaces, we now set the ifp->if_bpf member to the bpf interface structure. Once this is done, ifp->if_bpf should never be NULL. [1] - Introduce bpf_peers_present function, an inline operation which will do a lockless read bpf peer list associated with the interface. It should be noted that the bpf code will pickup the bpf_interface lock before adding or removing bpf peers. This should serialize the access to the bpf descriptor list, removing the race. - Expose the bpf_if structure in bpf.h so that the bpf_peers_present function can use it. This also removes the struct bpf_if; hack that was there. - Adjust all consumers of the raw if_bpf structure to use bpf_peers_present Now what happens is: (1) Packet is received by netif0 (2) Check to see if bpf descriptor list is empty (3) Pickup the bpf interface lock (4) Hand packet off to process From the attach/detach side: (1) Pickup the bpf interface lock (2) Add/remove from bpf descriptor list Now that we are storing the bpf interface structure with the ifnet, there is is no need to walk the bpf interface list to locate the correct bpf interface. We now simply look up the interface, and initialize the pointer. This has a nice side effect of changing a bpf interface attach operation from O(N) (where N is the number of bpf interfaces), to O(1). [1] From now on, we can no longer check ifp->if_bpf to tell us whether or not we have any bpf peers that might be interested in receiving packets. In collaboration with: sam@ MFC after: 1 month
2006-06-02 19:59:33 +00:00
KASSERT(*driverp == NULL, ("bpfattach2: driverp already initialized"));
*driverp = bp;
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
Add mutexes to the entire bpf subsystem to make it MPSAFE. Previously reviewed by: jhb, bde
2001-02-16 17:10:28 +00:00
mtx_lock(&bpf_mtx);
Reformulate use of linked lists in 'struct bpf_d' and 'struct bpf_if' to use queue(3) list macros rather than hand-crafted lists. While here, move to doubly linked lists to eliminate iterating lists in order to remove entries. This change simplifies and clarifies the list logic in the BPF descriptor code as a first step towards revising the locking strategy. RELENG_5 candidate. Reviewed by: fenner
2004-09-09 00:19:27 +00:00
LIST_INSERT_HEAD(&bpf_iflist, bp, bif_next);
Add mutexes to the entire bpf subsystem to make it MPSAFE. Previously reviewed by: jhb, bde
2001-02-16 17:10:28 +00:00
mtx_unlock(&bpf_mtx);
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
/*
* Compute the length of the bpf header. This is not necessarily
* equal to SIZEOF_BPF_HDR because we want to insert spacing such
* that the network layer header begins on a longword boundary (for
* performance reasons and to alleviate alignment restrictions).
*/
bp->bif_hdrlen = BPF_WORDALIGN(hdrlen + SIZEOF_BPF_HDR) - hdrlen;
Only print `bpf: foo0 attached' if bootverbose.
1995-09-20 20:48:29 +00:00
if (bootverbose)
o add support for multiple link types per interface (e.g. 802.11 and Ethernet) o introduce BPF_TAP and BPF_MTAP macros to hide implementation details and ease code portability o use m_getcl where appropriate Reviewed by: many Approved by: re Obtained from: NetBSD (multiple link type support)
2002-11-14 23:24:13 +00:00
if_printf(ifp, "bpf attached\n");
BSD 4.4 Lite Kernel Sources
1994-05-24 10:09:53 +00:00
}
OK, that's it.. That's EVERY SINGLE driver that has an entry in conf.c.. my next trick will be to define cdevsw[] and bdevsw[] as empty arrays and remove all those DAMNED defines as well.. Each of these drivers has a SYSINIT linker set entry that comes in very early.. and asks teh driver to add it's own entry to the two devsw[] tables. some slight reworking of the commits from yesterday (added the SYSINIT stuff and some usually wrong but token DEVFS entries to all these devices. BTW does anyone know where the 'ata' entries in conf.c actually reside? seems we don't actually have a 'ataopen() etc... If you want to add a new device in conf.c please make sure I know so I can keep it up to date too.. as before, this is all dependent on #if defined(JREMOD) (and #ifdef DEVFS in parts)
1995-11-29 10:49:16 +00:00
The advent of if_detach, allowing interface removal at runtime, makes it possible for a panic to occur if BPF is in use on the interface at the time of the call to if_detach. This happens because BPF maintains pointers to the struct ifnet describing the interface, which is freed by if_detach. To correct this problem, a new call, bpfdetach, is introduced. bpfdetach locates BPF descriptor references to the interface, and NULLs them. Other BPF code is modified so that discovery of a NULL interface results in ENXIO (already implemented for some calls). Processes blocked on a BPF call will also be woken up so that they can receive ENXIO. Interface drivers that invoke bpfattach and if_detach must be modified to also call bpfattach(ifp) before calling if_detach(ifp). This is relevant for buses that support hot removal, such as pccard and usb. Patches to all effected devices will not be committed, only to if_wi.c, due to testing limitations. To reproduce the crash, load up tcpdump on you favorite pccard ethernet card, and then eject the card. As some pccard drivers do not invoke if_detach(ifp), this bug will not manifest itself for those drivers. Reviewed by: wes
2000-03-19 05:42:34 +00:00
/*
* Detach bpf from an interface. This involves detaching each descriptor
* associated with the interface, and leaving bd_bif NULL. Notify each
* descriptor as it's detached so that any sleepers wake up and get
* ENXIO.
*/
void
Since we are doing some bpf(4) clean up, change a couple of function prototypes to be consistent. Also, ANSI'fy function definitions. There is no functional change here.
2006-06-15 15:39:12 +00:00
bpfdetach(struct ifnet *ifp)
The advent of if_detach, allowing interface removal at runtime, makes it possible for a panic to occur if BPF is in use on the interface at the time of the call to if_detach. This happens because BPF maintains pointers to the struct ifnet describing the interface, which is freed by if_detach. To correct this problem, a new call, bpfdetach, is introduced. bpfdetach locates BPF descriptor references to the interface, and NULLs them. Other BPF code is modified so that discovery of a NULL interface results in ENXIO (already implemented for some calls). Processes blocked on a BPF call will also be woken up so that they can receive ENXIO. Interface drivers that invoke bpfattach and if_detach must be modified to also call bpfattach(ifp) before calling if_detach(ifp). This is relevant for buses that support hot removal, such as pccard and usb. Patches to all effected devices will not be committed, only to if_wi.c, due to testing limitations. To reproduce the crash, load up tcpdump on you favorite pccard ethernet card, and then eject the card. As some pccard drivers do not invoke if_detach(ifp), this bug will not manifest itself for those drivers. Reviewed by: wes
2000-03-19 05:42:34 +00:00
{
Reformulate use of linked lists in 'struct bpf_d' and 'struct bpf_if' to use queue(3) list macros rather than hand-crafted lists. While here, move to doubly linked lists to eliminate iterating lists in order to remove entries. This change simplifies and clarifies the list logic in the BPF descriptor code as a first step towards revising the locking strategy. RELENG_5 candidate. Reviewed by: fenner
2004-09-09 00:19:27 +00:00
struct bpf_if *bp;
The advent of if_detach, allowing interface removal at runtime, makes it possible for a panic to occur if BPF is in use on the interface at the time of the call to if_detach. This happens because BPF maintains pointers to the struct ifnet describing the interface, which is freed by if_detach. To correct this problem, a new call, bpfdetach, is introduced. bpfdetach locates BPF descriptor references to the interface, and NULLs them. Other BPF code is modified so that discovery of a NULL interface results in ENXIO (already implemented for some calls). Processes blocked on a BPF call will also be woken up so that they can receive ENXIO. Interface drivers that invoke bpfattach and if_detach must be modified to also call bpfattach(ifp) before calling if_detach(ifp). This is relevant for buses that support hot removal, such as pccard and usb. Patches to all effected devices will not be committed, only to if_wi.c, due to testing limitations. To reproduce the crash, load up tcpdump on you favorite pccard ethernet card, and then eject the card. As some pccard drivers do not invoke if_detach(ifp), this bug will not manifest itself for those drivers. Reviewed by: wes
2000-03-19 05:42:34 +00:00
struct bpf_d *d;
/* Locate BPF interface information */
o add BIOCGDLTLIST and BIOCSDLT ioctls to get the data link type list and set the link type for use by libpcap and tcpdump o move mtx unlock in bpfdetach up; it doesn't need to be held so long o change printf in bpf_detach to distinguish it from the same one in bpfsetdlt Note there are locking issues here related to ioctl processing; they have not been addressed here. Submitted by: Guy Harris <guy@alum.mit.edu> Obtained from: NetBSD (w/ locking modifications)
2003-01-20 19:08:46 +00:00
mtx_lock(&bpf_mtx);
Reformulate use of linked lists in 'struct bpf_d' and 'struct bpf_if' to use queue(3) list macros rather than hand-crafted lists. While here, move to doubly linked lists to eliminate iterating lists in order to remove entries. This change simplifies and clarifies the list logic in the BPF descriptor code as a first step towards revising the locking strategy. RELENG_5 candidate. Reviewed by: fenner
2004-09-09 00:19:27 +00:00
LIST_FOREACH(bp, &bpf_iflist, bif_next) {
The advent of if_detach, allowing interface removal at runtime, makes it possible for a panic to occur if BPF is in use on the interface at the time of the call to if_detach. This happens because BPF maintains pointers to the struct ifnet describing the interface, which is freed by if_detach. To correct this problem, a new call, bpfdetach, is introduced. bpfdetach locates BPF descriptor references to the interface, and NULLs them. Other BPF code is modified so that discovery of a NULL interface results in ENXIO (already implemented for some calls). Processes blocked on a BPF call will also be woken up so that they can receive ENXIO. Interface drivers that invoke bpfattach and if_detach must be modified to also call bpfattach(ifp) before calling if_detach(ifp). This is relevant for buses that support hot removal, such as pccard and usb. Patches to all effected devices will not be committed, only to if_wi.c, due to testing limitations. To reproduce the crash, load up tcpdump on you favorite pccard ethernet card, and then eject the card. As some pccard drivers do not invoke if_detach(ifp), this bug will not manifest itself for those drivers. Reviewed by: wes
2000-03-19 05:42:34 +00:00
if (ifp == bp->bif_ifp)
break;
}
/* Interface wasn't attached */
Assignment could be NULL, check.
2003-03-21 15:13:29 +00:00
if ((bp == NULL) || (bp->bif_ifp == NULL)) {
Add mutexes to the entire bpf subsystem to make it MPSAFE. Previously reviewed by: jhb, bde
2001-02-16 17:10:28 +00:00
mtx_unlock(&bpf_mtx);
Replace the if_name and if_unit members of struct ifnet with new members if_xname, if_dname, and if_dunit. if_xname is the name of the interface and if_dname/unit are the driver name and instance. This change paves the way for interface renaming and enhanced pseudo device creation and configuration symantics. Approved By: re (in principle) Reviewed By: njl, imp Tested On: i386, amd64, sparc64 Obtained From: NetBSD (if_xname)
2003-10-31 18:32:15 +00:00
printf("bpfdetach: %s was not attached\n", ifp->if_xname);
The advent of if_detach, allowing interface removal at runtime, makes it possible for a panic to occur if BPF is in use on the interface at the time of the call to if_detach. This happens because BPF maintains pointers to the struct ifnet describing the interface, which is freed by if_detach. To correct this problem, a new call, bpfdetach, is introduced. bpfdetach locates BPF descriptor references to the interface, and NULLs them. Other BPF code is modified so that discovery of a NULL interface results in ENXIO (already implemented for some calls). Processes blocked on a BPF call will also be woken up so that they can receive ENXIO. Interface drivers that invoke bpfattach and if_detach must be modified to also call bpfattach(ifp) before calling if_detach(ifp). This is relevant for buses that support hot removal, such as pccard and usb. Patches to all effected devices will not be committed, only to if_wi.c, due to testing limitations. To reproduce the crash, load up tcpdump on you favorite pccard ethernet card, and then eject the card. As some pccard drivers do not invoke if_detach(ifp), this bug will not manifest itself for those drivers. Reviewed by: wes
2000-03-19 05:42:34 +00:00
return;
}
Reformulate use of linked lists in 'struct bpf_d' and 'struct bpf_if' to use queue(3) list macros rather than hand-crafted lists. While here, move to doubly linked lists to eliminate iterating lists in order to remove entries. This change simplifies and clarifies the list logic in the BPF descriptor code as a first step towards revising the locking strategy. RELENG_5 candidate. Reviewed by: fenner
2004-09-09 00:19:27 +00:00
LIST_REMOVE(bp, bif_next);
o add BIOCGDLTLIST and BIOCSDLT ioctls to get the data link type list and set the link type for use by libpcap and tcpdump o move mtx unlock in bpfdetach up; it doesn't need to be held so long o change printf in bpf_detach to distinguish it from the same one in bpfsetdlt Note there are locking issues here related to ioctl processing; they have not been addressed here. Submitted by: Guy Harris <guy@alum.mit.edu> Obtained from: NetBSD (w/ locking modifications)
2003-01-20 19:08:46 +00:00
mtx_unlock(&bpf_mtx);
The advent of if_detach, allowing interface removal at runtime, makes it possible for a panic to occur if BPF is in use on the interface at the time of the call to if_detach. This happens because BPF maintains pointers to the struct ifnet describing the interface, which is freed by if_detach. To correct this problem, a new call, bpfdetach, is introduced. bpfdetach locates BPF descriptor references to the interface, and NULLs them. Other BPF code is modified so that discovery of a NULL interface results in ENXIO (already implemented for some calls). Processes blocked on a BPF call will also be woken up so that they can receive ENXIO. Interface drivers that invoke bpfattach and if_detach must be modified to also call bpfattach(ifp) before calling if_detach(ifp). This is relevant for buses that support hot removal, such as pccard and usb. Patches to all effected devices will not be committed, only to if_wi.c, due to testing limitations. To reproduce the crash, load up tcpdump on you favorite pccard ethernet card, and then eject the card. As some pccard drivers do not invoke if_detach(ifp), this bug will not manifest itself for those drivers. Reviewed by: wes
2000-03-19 05:42:34 +00:00
Reformulate use of linked lists in 'struct bpf_d' and 'struct bpf_if' to use queue(3) list macros rather than hand-crafted lists. While here, move to doubly linked lists to eliminate iterating lists in order to remove entries. This change simplifies and clarifies the list logic in the BPF descriptor code as a first step towards revising the locking strategy. RELENG_5 candidate. Reviewed by: fenner
2004-09-09 00:19:27 +00:00
while ((d = LIST_FIRST(&bp->bif_dlist)) != NULL) {
Add mutexes to the entire bpf subsystem to make it MPSAFE. Previously reviewed by: jhb, bde
2001-02-16 17:10:28 +00:00
bpf_detachd(d);
BPFD_LOCK(d);
bpf_wakeup(d);
BPFD_UNLOCK(d);
}
mtx_destroy(&bp->bif_mtx);
The advent of if_detach, allowing interface removal at runtime, makes it possible for a panic to occur if BPF is in use on the interface at the time of the call to if_detach. This happens because BPF maintains pointers to the struct ifnet describing the interface, which is freed by if_detach. To correct this problem, a new call, bpfdetach, is introduced. bpfdetach locates BPF descriptor references to the interface, and NULLs them. Other BPF code is modified so that discovery of a NULL interface results in ENXIO (already implemented for some calls). Processes blocked on a BPF call will also be woken up so that they can receive ENXIO. Interface drivers that invoke bpfattach and if_detach must be modified to also call bpfattach(ifp) before calling if_detach(ifp). This is relevant for buses that support hot removal, such as pccard and usb. Patches to all effected devices will not be committed, only to if_wi.c, due to testing limitations. To reproduce the crash, load up tcpdump on you favorite pccard ethernet card, and then eject the card. As some pccard drivers do not invoke if_detach(ifp), this bug will not manifest itself for those drivers. Reviewed by: wes
2000-03-19 05:42:34 +00:00
free(bp, M_BPF);
o add BIOCGDLTLIST and BIOCSDLT ioctls to get the data link type list and set the link type for use by libpcap and tcpdump o move mtx unlock in bpfdetach up; it doesn't need to be held so long o change printf in bpf_detach to distinguish it from the same one in bpfsetdlt Note there are locking issues here related to ioctl processing; they have not been addressed here. Submitted by: Guy Harris <guy@alum.mit.edu> Obtained from: NetBSD (w/ locking modifications)
2003-01-20 19:08:46 +00:00
}
/*
* Get a list of available data link type of the interface.
*/
static int
Since we are doing some bpf(4) clean up, change a couple of function prototypes to be consistent. Also, ANSI'fy function definitions. There is no functional change here.
2006-06-15 15:39:12 +00:00
bpf_getdltlist(struct bpf_d *d, struct bpf_dltlist *bfl)
o add BIOCGDLTLIST and BIOCSDLT ioctls to get the data link type list and set the link type for use by libpcap and tcpdump o move mtx unlock in bpfdetach up; it doesn't need to be held so long o change printf in bpf_detach to distinguish it from the same one in bpfsetdlt Note there are locking issues here related to ioctl processing; they have not been addressed here. Submitted by: Guy Harris <guy@alum.mit.edu> Obtained from: NetBSD (w/ locking modifications)
2003-01-20 19:08:46 +00:00
{
int n, error;
struct ifnet *ifp;
struct bpf_if *bp;
ifp = d->bd_bif->bif_ifp;
n = 0;
error = 0;
mtx_lock(&bpf_mtx);
Reformulate use of linked lists in 'struct bpf_d' and 'struct bpf_if' to use queue(3) list macros rather than hand-crafted lists. While here, move to doubly linked lists to eliminate iterating lists in order to remove entries. This change simplifies and clarifies the list logic in the BPF descriptor code as a first step towards revising the locking strategy. RELENG_5 candidate. Reviewed by: fenner
2004-09-09 00:19:27 +00:00
LIST_FOREACH(bp, &bpf_iflist, bif_next) {
o add BIOCGDLTLIST and BIOCSDLT ioctls to get the data link type list and set the link type for use by libpcap and tcpdump o move mtx unlock in bpfdetach up; it doesn't need to be held so long o change printf in bpf_detach to distinguish it from the same one in bpfsetdlt Note there are locking issues here related to ioctl processing; they have not been addressed here. Submitted by: Guy Harris <guy@alum.mit.edu> Obtained from: NetBSD (w/ locking modifications)
2003-01-20 19:08:46 +00:00
if (bp->bif_ifp != ifp)
continue;
if (bfl->bfl_list != NULL) {
if (n >= bfl->bfl_len) {
mtx_unlock(&bpf_mtx);
return (ENOMEM);
}
error = copyout(&bp->bif_dlt,
bfl->bfl_list + n, sizeof(u_int));
}
n++;
}
mtx_unlock(&bpf_mtx);
bfl->bfl_len = n;
return (error);
}
/*
* Set the data link type of a BPF instance.
*/
static int
Since we are doing some bpf(4) clean up, change a couple of function prototypes to be consistent. Also, ANSI'fy function definitions. There is no functional change here.
2006-06-15 15:39:12 +00:00
bpf_setdlt(struct bpf_d *d, u_int dlt)
o add BIOCGDLTLIST and BIOCSDLT ioctls to get the data link type list and set the link type for use by libpcap and tcpdump o move mtx unlock in bpfdetach up; it doesn't need to be held so long o change printf in bpf_detach to distinguish it from the same one in bpfsetdlt Note there are locking issues here related to ioctl processing; they have not been addressed here. Submitted by: Guy Harris <guy@alum.mit.edu> Obtained from: NetBSD (w/ locking modifications)
2003-01-20 19:08:46 +00:00
{
int error, opromisc;
struct ifnet *ifp;
struct bpf_if *bp;
The advent of if_detach, allowing interface removal at runtime, makes it possible for a panic to occur if BPF is in use on the interface at the time of the call to if_detach. This happens because BPF maintains pointers to the struct ifnet describing the interface, which is freed by if_detach. To correct this problem, a new call, bpfdetach, is introduced. bpfdetach locates BPF descriptor references to the interface, and NULLs them. Other BPF code is modified so that discovery of a NULL interface results in ENXIO (already implemented for some calls). Processes blocked on a BPF call will also be woken up so that they can receive ENXIO. Interface drivers that invoke bpfattach and if_detach must be modified to also call bpfattach(ifp) before calling if_detach(ifp). This is relevant for buses that support hot removal, such as pccard and usb. Patches to all effected devices will not be committed, only to if_wi.c, due to testing limitations. To reproduce the crash, load up tcpdump on you favorite pccard ethernet card, and then eject the card. As some pccard drivers do not invoke if_detach(ifp), this bug will not manifest itself for those drivers. Reviewed by: wes
2000-03-19 05:42:34 +00:00
o add BIOCGDLTLIST and BIOCSDLT ioctls to get the data link type list and set the link type for use by libpcap and tcpdump o move mtx unlock in bpfdetach up; it doesn't need to be held so long o change printf in bpf_detach to distinguish it from the same one in bpfsetdlt Note there are locking issues here related to ioctl processing; they have not been addressed here. Submitted by: Guy Harris <guy@alum.mit.edu> Obtained from: NetBSD (w/ locking modifications)
2003-01-20 19:08:46 +00:00
if (d->bd_bif->bif_dlt == dlt)
return (0);
ifp = d->bd_bif->bif_ifp;
mtx_lock(&bpf_mtx);
Reformulate use of linked lists in 'struct bpf_d' and 'struct bpf_if' to use queue(3) list macros rather than hand-crafted lists. While here, move to doubly linked lists to eliminate iterating lists in order to remove entries. This change simplifies and clarifies the list logic in the BPF descriptor code as a first step towards revising the locking strategy. RELENG_5 candidate. Reviewed by: fenner
2004-09-09 00:19:27 +00:00
LIST_FOREACH(bp, &bpf_iflist, bif_next) {
o add BIOCGDLTLIST and BIOCSDLT ioctls to get the data link type list and set the link type for use by libpcap and tcpdump o move mtx unlock in bpfdetach up; it doesn't need to be held so long o change printf in bpf_detach to distinguish it from the same one in bpfsetdlt Note there are locking issues here related to ioctl processing; they have not been addressed here. Submitted by: Guy Harris <guy@alum.mit.edu> Obtained from: NetBSD (w/ locking modifications)
2003-01-20 19:08:46 +00:00
if (bp->bif_ifp == ifp && bp->bif_dlt == dlt)
break;
}
Add mutexes to the entire bpf subsystem to make it MPSAFE. Previously reviewed by: jhb, bde
2001-02-16 17:10:28 +00:00
mtx_unlock(&bpf_mtx);
o add BIOCGDLTLIST and BIOCSDLT ioctls to get the data link type list and set the link type for use by libpcap and tcpdump o move mtx unlock in bpfdetach up; it doesn't need to be held so long o change printf in bpf_detach to distinguish it from the same one in bpfsetdlt Note there are locking issues here related to ioctl processing; they have not been addressed here. Submitted by: Guy Harris <guy@alum.mit.edu> Obtained from: NetBSD (w/ locking modifications)
2003-01-20 19:08:46 +00:00
if (bp != NULL) {
opromisc = d->bd_promisc;
bpf_detachd(d);
bpf_attachd(d, bp);
Don't recurse the BPF descriptor lock during the BIOCSDLT operation (and panic). To try to finish making BPF safe, at the very least, the BPF descriptor lock really needs to change into a reader/writer lock that controls access to "settings," and a mutex that controls access to the selinfo/knote/callout. Also, use of callout_drain() instead of callout_stop() (which is really a much more widespread issue).
2004-10-06 04:25:37 +00:00
BPFD_LOCK(d);
o add BIOCGDLTLIST and BIOCSDLT ioctls to get the data link type list and set the link type for use by libpcap and tcpdump o move mtx unlock in bpfdetach up; it doesn't need to be held so long o change printf in bpf_detach to distinguish it from the same one in bpfsetdlt Note there are locking issues here related to ioctl processing; they have not been addressed here. Submitted by: Guy Harris <guy@alum.mit.edu> Obtained from: NetBSD (w/ locking modifications)
2003-01-20 19:08:46 +00:00
reset_d(d);
BPFD_UNLOCK(d);
if (opromisc) {
error = ifpromisc(bp->bif_ifp, 1);
if (error)
if_printf(bp->bif_ifp,
"bpf_setdlt: ifpromisc failed (%d)\n",
error);
else
d->bd_promisc = 1;
}
}
return (bp == NULL ? EINVAL : 0);
The advent of if_detach, allowing interface removal at runtime, makes it possible for a panic to occur if BPF is in use on the interface at the time of the call to if_detach. This happens because BPF maintains pointers to the struct ifnet describing the interface, which is freed by if_detach. To correct this problem, a new call, bpfdetach, is introduced. bpfdetach locates BPF descriptor references to the interface, and NULLs them. Other BPF code is modified so that discovery of a NULL interface results in ENXIO (already implemented for some calls). Processes blocked on a BPF call will also be woken up so that they can receive ENXIO. Interface drivers that invoke bpfattach and if_detach must be modified to also call bpfattach(ifp) before calling if_detach(ifp). This is relevant for buses that support hot removal, such as pccard and usb. Patches to all effected devices will not be committed, only to if_wi.c, due to testing limitations. To reproduce the crash, load up tcpdump on you favorite pccard ethernet card, and then eject the card. As some pccard drivers do not invoke if_detach(ifp), this bug will not manifest itself for those drivers. Reviewed by: wes
2000-03-19 05:42:34 +00:00
}
Fixed gratuitous ANSIisms.
1997-09-16 11:44:05 +00:00
static void
Since we are doing some bpf(4) clean up, change a couple of function prototypes to be consistent. Also, ANSI'fy function definitions. There is no functional change here.
2006-06-15 15:39:12 +00:00
bpf_drvinit(void *unused)
OK, that's it.. That's EVERY SINGLE driver that has an entry in conf.c.. my next trick will be to define cdevsw[] and bdevsw[] as empty arrays and remove all those DAMNED defines as well.. Each of these drivers has a SYSINIT linker set entry that comes in very early.. and asks teh driver to add it's own entry to the two devsw[] tables. some slight reworking of the commits from yesterday (added the SYSINIT stuff and some usually wrong but token DEVFS entries to all these devices. BTW does anyone know where the 'ata' entries in conf.c actually reside? seems we don't actually have a 'ataopen() etc... If you want to add a new device in conf.c please make sure I know so I can keep it up to date too.. as before, this is all dependent on #if defined(JREMOD) (and #ifdef DEVFS in parts)
1995-11-29 10:49:16 +00:00
{
Change bpf(4) to use the cdevpriv API. Right now the bpf(4) driver uses the cloning API to generate /dev/bpf%u. When an application such as tcpdump needs a BPF, it opens /dev/bpf0, /dev/bpf1, etc. until it opens the first available device node. We used this approach, because our devfs implementation didn't allow per-descriptor data. Now that we can, make it use devfs_get_cdevpriv() to obtain the private data. To remain compatible with the existing implementation, add a symlink from /dev/bpf0 to /dev/bpf. I've already changed libpcap to compile with HAVE_CLONING_BPF, which makes it use /dev/bpf. There may be other applications in the base system (dhclient) that use the loop to obtain a valid bpf. Discussed on: src-committers Approved by: csjp
2008-08-13 15:41:21 +00:00
struct cdev *dev;
Using devfs_add_devswf() instead of devfs_add_devsw() Reviewed by: julian@freebsd.org
1996-03-28 14:33:59 +00:00
Change callers of mtx_init() to pass in an appropriate lock type name. In most cases NULL is passed, but in some cases such as network driver locks (which use the MTX_NETWORK_LOCK macro) and UMA zone locks, a name is used. Tested on: i386, alpha, sparc64
2002-04-04 21:03:38 +00:00
mtx_init(&bpf_mtx, "bpf global lock", NULL, MTX_DEF);
Reformulate use of linked lists in 'struct bpf_d' and 'struct bpf_if' to use queue(3) list macros rather than hand-crafted lists. While here, move to doubly linked lists to eliminate iterating lists in order to remove entries. This change simplifies and clarifies the list logic in the BPF descriptor code as a first step towards revising the locking strategy. RELENG_5 candidate. Reviewed by: fenner
2004-09-09 00:19:27 +00:00
LIST_INIT(&bpf_iflist);
Change bpf(4) to use the cdevpriv API. Right now the bpf(4) driver uses the cloning API to generate /dev/bpf%u. When an application such as tcpdump needs a BPF, it opens /dev/bpf0, /dev/bpf1, etc. until it opens the first available device node. We used this approach, because our devfs implementation didn't allow per-descriptor data. Now that we can, make it use devfs_get_cdevpriv() to obtain the private data. To remain compatible with the existing implementation, add a symlink from /dev/bpf0 to /dev/bpf. I've already changed libpcap to compile with HAVE_CLONING_BPF, which makes it use /dev/bpf. There may be other applications in the base system (dhclient) that use the loop to obtain a valid bpf. Discussed on: src-committers Approved by: csjp
2008-08-13 15:41:21 +00:00
dev = make_dev(&bpf_cdevsw, 0, UID_ROOT, GID_WHEEL, 0600, "bpf");
/* For compatibility */
make_dev_alias(dev, "bpf0");
OK, that's it.. That's EVERY SINGLE driver that has an entry in conf.c.. my next trick will be to define cdevsw[] and bdevsw[] as empty arrays and remove all those DAMNED defines as well.. Each of these drivers has a SYSINIT linker set entry that comes in very early.. and asks teh driver to add it's own entry to the two devsw[] tables. some slight reworking of the commits from yesterday (added the SYSINIT stuff and some usually wrong but token DEVFS entries to all these devices. BTW does anyone know where the 'ata' entries in conf.c actually reside? seems we don't actually have a 'ataopen() etc... If you want to add a new device in conf.c please make sure I know so I can keep it up to date too.. as before, this is all dependent on #if defined(JREMOD) (and #ifdef DEVFS in parts)
1995-11-29 10:49:16 +00:00
}
Introduce new sysctl variable: net.bpf.stats. This sysctl variable can be used to pass statistics regarding dropped, matched and received packet counts from the kernel to user-space. While we are here introduce a new counter for filtered or matched packets. We currently keep track of packets received or dropped by the bpf device, but not how many packets actually matched the bpf filter. -Introduce net.bpf.stats sysctl OID -Move sysctl variables after the function prototypes so we can reference bpf_stats_sysctl(9) without build errors. -Introduce bpf descriptor counter which is used mainly for sizing of the xbpf_d array. -Introduce a xbpf_d structure which will act as an external representation of the bpf_d structure. -Add a the following members to the bpfd structure: bd_fcount - Number of packets which matched bpf filter bd_pid - PID which opened the bpf device bd_pcomm - Process name which opened the device. It should be noted that it's possible that the process which opened the device could be long gone at the time of stats collection. An example might be a process that opens the bpf device forks then exits leaving the child process with the bpf fd. Reviewed by: mdodd
2005-07-24 17:21:17 +00:00
static void
bpfstats_fill_xbpf(struct xbpf_d *d, struct bpf_d *bd)
{
bzero(d, sizeof(*d));
BPFD_LOCK_ASSERT(bd);
Introduce support for zero-copy BPF buffering, which reduces the overhead of packet capture by allowing a user process to directly "loan" buffer memory to the kernel rather than using read(2) to explicitly copy data from kernel address space. The user process will issue new BPF ioctls to set the shared memory buffer mode and provide pointers to buffers and their size. The kernel then wires and maps the pages into kernel address space using sf_buf(9), which on supporting architectures will use the direct map region. The current "buffered" access mode remains the default, and support for zero-copy buffers must, for the time being, be explicitly enabled using a sysctl for the kernel to accept requests to use it. The kernel and user process synchronize use of the buffers with atomic operations, avoiding the need for system calls under load; the user process may use select()/poll()/kqueue() to manage blocking while waiting for network data if the user process is able to consume data faster than the kernel generates it. Patchs to libpcap are available to allow libpcap applications to transparently take advantage of this support. Detailed information on the new API may be found in bpf(4), including specific atomic operations and memory barriers required to synchronize buffer use safely. These changes modify the base BPF implementation to (roughly) abstrac the current buffer model, allowing the new shared memory model to be added, and add new monitoring statistics for netstat to print. The implementation, with the exception of some monitoring hanges that break the netstat monitoring ABI for BPF, will be MFC'd. Zerocopy bpf buffers are still considered experimental are disabled by default. To experiment with this new facility, adjust the net.bpf.zerocopy_enable sysctl variable to 1. Changes to libpcap will be made available as a patch for the time being, and further refinements to the implementation are expected. Sponsored by: Seccuris Inc. In collaboration with: rwatson Tested by: pwood, gallatin MFC after: 4 months [1] [1] Certain portions will probably not be MFCed, specifically things that can break the monitoring ABI.
2008-03-24 13:49:17 +00:00
d->bd_structsize = sizeof(*d);
Introduce new sysctl variable: net.bpf.stats. This sysctl variable can be used to pass statistics regarding dropped, matched and received packet counts from the kernel to user-space. While we are here introduce a new counter for filtered or matched packets. We currently keep track of packets received or dropped by the bpf device, but not how many packets actually matched the bpf filter. -Introduce net.bpf.stats sysctl OID -Move sysctl variables after the function prototypes so we can reference bpf_stats_sysctl(9) without build errors. -Introduce bpf descriptor counter which is used mainly for sizing of the xbpf_d array. -Introduce a xbpf_d structure which will act as an external representation of the bpf_d structure. -Add a the following members to the bpfd structure: bd_fcount - Number of packets which matched bpf filter bd_pid - PID which opened the bpf device bd_pcomm - Process name which opened the device. It should be noted that it's possible that the process which opened the device could be long gone at the time of stats collection. An example might be a process that opens the bpf device forks then exits leaving the child process with the bpf fd. Reviewed by: mdodd
2005-07-24 17:21:17 +00:00
d->bd_immediate = bd->bd_immediate;
d->bd_promisc = bd->bd_promisc;
d->bd_hdrcmplt = bd->bd_hdrcmplt;
Add three new ioctl(2) commands for bpf(4). - BIOCGDIRECTION and BIOCSDIRECTION get or set the setting determining whether incoming, outgoing, or all packets on the interface should be returned by BPF. Set to BPF_D_IN to see only incoming packets on the interface. Set to BPF_D_INOUT to see packets originating locally and remotely on the interface. Set to BPF_D_OUT to see only outgoing packets on the interface. This setting is initialized to BPF_D_INOUT by default. BIOCGSEESENT and BIOCSSEESENT are obsoleted by these but kept for backward compatibility. - BIOCFEEDBACK sets packet feedback mode. This allows injected packets to be fed back as input to the interface when output via the interface is successful. When BPF_D_INOUT direction is set, injected outgoing packet is not returned by BPF to avoid duplication. This flag is initialized to zero by default. Note that libpcap has been modified to support BPF_D_OUT direction for pcap_setdirection(3) and PCAP_D_OUT direction is functional now. Reviewed by: rwatson
2007-02-26 22:24:14 +00:00
d->bd_direction = bd->bd_direction;
d->bd_feedback = bd->bd_feedback;
Introduce new sysctl variable: net.bpf.stats. This sysctl variable can be used to pass statistics regarding dropped, matched and received packet counts from the kernel to user-space. While we are here introduce a new counter for filtered or matched packets. We currently keep track of packets received or dropped by the bpf device, but not how many packets actually matched the bpf filter. -Introduce net.bpf.stats sysctl OID -Move sysctl variables after the function prototypes so we can reference bpf_stats_sysctl(9) without build errors. -Introduce bpf descriptor counter which is used mainly for sizing of the xbpf_d array. -Introduce a xbpf_d structure which will act as an external representation of the bpf_d structure. -Add a the following members to the bpfd structure: bd_fcount - Number of packets which matched bpf filter bd_pid - PID which opened the bpf device bd_pcomm - Process name which opened the device. It should be noted that it's possible that the process which opened the device could be long gone at the time of stats collection. An example might be a process that opens the bpf device forks then exits leaving the child process with the bpf fd. Reviewed by: mdodd
2005-07-24 17:21:17 +00:00
d->bd_async = bd->bd_async;
d->bd_rcount = bd->bd_rcount;
d->bd_dcount = bd->bd_dcount;
d->bd_fcount = bd->bd_fcount;
d->bd_sig = bd->bd_sig;
d->bd_slen = bd->bd_slen;
d->bd_hlen = bd->bd_hlen;
d->bd_bufsize = bd->bd_bufsize;
d->bd_pid = bd->bd_pid;
strlcpy(d->bd_ifname,
bd->bd_bif->bif_ifp->if_xname, IFNAMSIZ);
Introduce two new ioctl(2) commands, BIOCLOCK and BIOCSETWF. These commands enhance the security of bpf(4) by further relinquishing the privilege of the bpf(4) consumer (assuming the ioctl commands are being implemented). Once BIOCLOCK is executed, the device becomes locked which prevents the execution of ioctl(2) commands which can change the underly parameters of the bpf(4) device. An example might be the setting of bpf(4) filter programs or attaching to different network interfaces. BIOCSETWF can be used to set write filters for outgoing packets. Currently if a bpf(4) consumer is compromised, the bpf(4) descriptor can essentially be used as a raw socket, regardless of consumer's UID. Write filters give users the ability to constrain which packets can be sent through the bpf(4) descriptor. These features are currently implemented by a couple programs which came from OpenBSD, such as the new dhclient and pflogd. -Modify bpf_setf(9) to accept a "cmd" parameter. This will be used to specify whether a read or write filter is to be set. -Add a bpf(4) filter program as a parameter to bpf_movein(9) as we will run the filter program on the mbuf data once we move the packet in from user-space. -Rather than execute two uiomove operations, (one for the link header and the other for the packet data), execute one and manually copy the linker header into the sockaddr structure via bcopy. -Restructure bpf_setf to compensate for write filters, as well as read. -Adjust bpf(4) stats structures to include a bd_locked member. It should be noted that the FreeBSD and OpenBSD implementations differ a bit in the sense that we unconditionally enforce the lock, where OpenBSD enforces it only if the calling credential is not root. Idea from: OpenBSD Reviewed by: mlaier
2005-08-22 19:35:48 +00:00
d->bd_locked = bd->bd_locked;
Introduce support for zero-copy BPF buffering, which reduces the overhead of packet capture by allowing a user process to directly "loan" buffer memory to the kernel rather than using read(2) to explicitly copy data from kernel address space. The user process will issue new BPF ioctls to set the shared memory buffer mode and provide pointers to buffers and their size. The kernel then wires and maps the pages into kernel address space using sf_buf(9), which on supporting architectures will use the direct map region. The current "buffered" access mode remains the default, and support for zero-copy buffers must, for the time being, be explicitly enabled using a sysctl for the kernel to accept requests to use it. The kernel and user process synchronize use of the buffers with atomic operations, avoiding the need for system calls under load; the user process may use select()/poll()/kqueue() to manage blocking while waiting for network data if the user process is able to consume data faster than the kernel generates it. Patchs to libpcap are available to allow libpcap applications to transparently take advantage of this support. Detailed information on the new API may be found in bpf(4), including specific atomic operations and memory barriers required to synchronize buffer use safely. These changes modify the base BPF implementation to (roughly) abstrac the current buffer model, allowing the new shared memory model to be added, and add new monitoring statistics for netstat to print. The implementation, with the exception of some monitoring hanges that break the netstat monitoring ABI for BPF, will be MFC'd. Zerocopy bpf buffers are still considered experimental are disabled by default. To experiment with this new facility, adjust the net.bpf.zerocopy_enable sysctl variable to 1. Changes to libpcap will be made available as a patch for the time being, and further refinements to the implementation are expected. Sponsored by: Seccuris Inc. In collaboration with: rwatson Tested by: pwood, gallatin MFC after: 4 months [1] [1] Certain portions will probably not be MFCed, specifically things that can break the monitoring ABI.
2008-03-24 13:49:17 +00:00
d->bd_wcount = bd->bd_wcount;
d->bd_wdcount = bd->bd_wdcount;
d->bd_wfcount = bd->bd_wfcount;
d->bd_zcopy = bd->bd_zcopy;
d->bd_bufmode = bd->bd_bufmode;
Introduce new sysctl variable: net.bpf.stats. This sysctl variable can be used to pass statistics regarding dropped, matched and received packet counts from the kernel to user-space. While we are here introduce a new counter for filtered or matched packets. We currently keep track of packets received or dropped by the bpf device, but not how many packets actually matched the bpf filter. -Introduce net.bpf.stats sysctl OID -Move sysctl variables after the function prototypes so we can reference bpf_stats_sysctl(9) without build errors. -Introduce bpf descriptor counter which is used mainly for sizing of the xbpf_d array. -Introduce a xbpf_d structure which will act as an external representation of the bpf_d structure. -Add a the following members to the bpfd structure: bd_fcount - Number of packets which matched bpf filter bd_pid - PID which opened the bpf device bd_pcomm - Process name which opened the device. It should be noted that it's possible that the process which opened the device could be long gone at the time of stats collection. An example might be a process that opens the bpf device forks then exits leaving the child process with the bpf fd. Reviewed by: mdodd
2005-07-24 17:21:17 +00:00
}
static int
bpf_stats_sysctl(SYSCTL_HANDLER_ARGS)
{
Rather than hold a mutex over calls to SYSCTL_OUT allocate a temporary buffer then pass the array to user-space once we have dropped the lock. While we are here, drop an assertion which could result in a kernel panic under certain race conditions. Pointed out by: rwatson
2005-07-26 17:21:56 +00:00
struct xbpf_d *xbdbuf, *xbd;
int index, error;
Introduce new sysctl variable: net.bpf.stats. This sysctl variable can be used to pass statistics regarding dropped, matched and received packet counts from the kernel to user-space. While we are here introduce a new counter for filtered or matched packets. We currently keep track of packets received or dropped by the bpf device, but not how many packets actually matched the bpf filter. -Introduce net.bpf.stats sysctl OID -Move sysctl variables after the function prototypes so we can reference bpf_stats_sysctl(9) without build errors. -Introduce bpf descriptor counter which is used mainly for sizing of the xbpf_d array. -Introduce a xbpf_d structure which will act as an external representation of the bpf_d structure. -Add a the following members to the bpfd structure: bd_fcount - Number of packets which matched bpf filter bd_pid - PID which opened the bpf device bd_pcomm - Process name which opened the device. It should be noted that it's possible that the process which opened the device could be long gone at the time of stats collection. An example might be a process that opens the bpf device forks then exits leaving the child process with the bpf fd. Reviewed by: mdodd
2005-07-24 17:21:17 +00:00
struct bpf_if *bp;
struct bpf_d *bd;
/*
* XXX This is not technically correct. It is possible for non
* privileged users to open bpf devices. It would make sense
* if the users who opened the devices were able to retrieve
* the statistics for them, too.
*/
Sweep kernel replacing suser(9) calls with priv(9) calls, assigning specific privilege names to a broad range of privileges. These may require some future tweaking. Sponsored by: nCircle Network Security, Inc. Obtained from: TrustedBSD Project Discussed on: arch@ Reviewed (at least in part) by: mlaier, jmg, pjd, bde, ceri, Alex Lyashkov <umka at sevcity dot net>, Skip Ford <skip dot ford at verizon dot net>, Antoine Brodin <antoine dot brodin at laposte dot net>
2006-11-06 13:42:10 +00:00
error = priv_check(req->td, PRIV_NET_BPF);
Introduce new sysctl variable: net.bpf.stats. This sysctl variable can be used to pass statistics regarding dropped, matched and received packet counts from the kernel to user-space. While we are here introduce a new counter for filtered or matched packets. We currently keep track of packets received or dropped by the bpf device, but not how many packets actually matched the bpf filter. -Introduce net.bpf.stats sysctl OID -Move sysctl variables after the function prototypes so we can reference bpf_stats_sysctl(9) without build errors. -Introduce bpf descriptor counter which is used mainly for sizing of the xbpf_d array. -Introduce a xbpf_d structure which will act as an external representation of the bpf_d structure. -Add a the following members to the bpfd structure: bd_fcount - Number of packets which matched bpf filter bd_pid - PID which opened the bpf device bd_pcomm - Process name which opened the device. It should be noted that it's possible that the process which opened the device could be long gone at the time of stats collection. An example might be a process that opens the bpf device forks then exits leaving the child process with the bpf fd. Reviewed by: mdodd
2005-07-24 17:21:17 +00:00
if (error)
return (error);
if (req->oldptr == NULL)
Rather than hold a mutex over calls to SYSCTL_OUT allocate a temporary buffer then pass the array to user-space once we have dropped the lock. While we are here, drop an assertion which could result in a kernel panic under certain race conditions. Pointed out by: rwatson
2005-07-26 17:21:56 +00:00
return (SYSCTL_OUT(req, 0, bpf_bpfd_cnt * sizeof(*xbd)));
Introduce new sysctl variable: net.bpf.stats. This sysctl variable can be used to pass statistics regarding dropped, matched and received packet counts from the kernel to user-space. While we are here introduce a new counter for filtered or matched packets. We currently keep track of packets received or dropped by the bpf device, but not how many packets actually matched the bpf filter. -Introduce net.bpf.stats sysctl OID -Move sysctl variables after the function prototypes so we can reference bpf_stats_sysctl(9) without build errors. -Introduce bpf descriptor counter which is used mainly for sizing of the xbpf_d array. -Introduce a xbpf_d structure which will act as an external representation of the bpf_d structure. -Add a the following members to the bpfd structure: bd_fcount - Number of packets which matched bpf filter bd_pid - PID which opened the bpf device bd_pcomm - Process name which opened the device. It should be noted that it's possible that the process which opened the device could be long gone at the time of stats collection. An example might be a process that opens the bpf device forks then exits leaving the child process with the bpf fd. Reviewed by: mdodd
2005-07-24 17:21:17 +00:00
if (bpf_bpfd_cnt == 0)
return (SYSCTL_OUT(req, 0, 0));
Rather than hold a mutex over calls to SYSCTL_OUT allocate a temporary buffer then pass the array to user-space once we have dropped the lock. While we are here, drop an assertion which could result in a kernel panic under certain race conditions. Pointed out by: rwatson
2005-07-26 17:21:56 +00:00
xbdbuf = malloc(req->oldlen, M_BPF, M_WAITOK);
Introduce new sysctl variable: net.bpf.stats. This sysctl variable can be used to pass statistics regarding dropped, matched and received packet counts from the kernel to user-space. While we are here introduce a new counter for filtered or matched packets. We currently keep track of packets received or dropped by the bpf device, but not how many packets actually matched the bpf filter. -Introduce net.bpf.stats sysctl OID -Move sysctl variables after the function prototypes so we can reference bpf_stats_sysctl(9) without build errors. -Introduce bpf descriptor counter which is used mainly for sizing of the xbpf_d array. -Introduce a xbpf_d structure which will act as an external representation of the bpf_d structure. -Add a the following members to the bpfd structure: bd_fcount - Number of packets which matched bpf filter bd_pid - PID which opened the bpf device bd_pcomm - Process name which opened the device. It should be noted that it's possible that the process which opened the device could be long gone at the time of stats collection. An example might be a process that opens the bpf device forks then exits leaving the child process with the bpf fd. Reviewed by: mdodd
2005-07-24 17:21:17 +00:00
mtx_lock(&bpf_mtx);
Rather than hold a mutex over calls to SYSCTL_OUT allocate a temporary buffer then pass the array to user-space once we have dropped the lock. While we are here, drop an assertion which could result in a kernel panic under certain race conditions. Pointed out by: rwatson
2005-07-26 17:21:56 +00:00
if (req->oldlen < (bpf_bpfd_cnt * sizeof(*xbd))) {
mtx_unlock(&bpf_mtx);
free(xbdbuf, M_BPF);
return (ENOMEM);
}
index = 0;
Introduce new sysctl variable: net.bpf.stats. This sysctl variable can be used to pass statistics regarding dropped, matched and received packet counts from the kernel to user-space. While we are here introduce a new counter for filtered or matched packets. We currently keep track of packets received or dropped by the bpf device, but not how many packets actually matched the bpf filter. -Introduce net.bpf.stats sysctl OID -Move sysctl variables after the function prototypes so we can reference bpf_stats_sysctl(9) without build errors. -Introduce bpf descriptor counter which is used mainly for sizing of the xbpf_d array. -Introduce a xbpf_d structure which will act as an external representation of the bpf_d structure. -Add a the following members to the bpfd structure: bd_fcount - Number of packets which matched bpf filter bd_pid - PID which opened the bpf device bd_pcomm - Process name which opened the device. It should be noted that it's possible that the process which opened the device could be long gone at the time of stats collection. An example might be a process that opens the bpf device forks then exits leaving the child process with the bpf fd. Reviewed by: mdodd
2005-07-24 17:21:17 +00:00
LIST_FOREACH(bp, &bpf_iflist, bif_next) {
Pickup locks for the BPF interface structure. It's quite possible that bpf(4) descriptors can be added and removed on this interface while we are processing stats. MFC after: 2 weeks
2006-05-07 03:21:43 +00:00
BPFIF_LOCK(bp);
Introduce new sysctl variable: net.bpf.stats. This sysctl variable can be used to pass statistics regarding dropped, matched and received packet counts from the kernel to user-space. While we are here introduce a new counter for filtered or matched packets. We currently keep track of packets received or dropped by the bpf device, but not how many packets actually matched the bpf filter. -Introduce net.bpf.stats sysctl OID -Move sysctl variables after the function prototypes so we can reference bpf_stats_sysctl(9) without build errors. -Introduce bpf descriptor counter which is used mainly for sizing of the xbpf_d array. -Introduce a xbpf_d structure which will act as an external representation of the bpf_d structure. -Add a the following members to the bpfd structure: bd_fcount - Number of packets which matched bpf filter bd_pid - PID which opened the bpf device bd_pcomm - Process name which opened the device. It should be noted that it's possible that the process which opened the device could be long gone at the time of stats collection. An example might be a process that opens the bpf device forks then exits leaving the child process with the bpf fd. Reviewed by: mdodd
2005-07-24 17:21:17 +00:00
LIST_FOREACH(bd, &bp->bif_dlist, bd_next) {
Rather than hold a mutex over calls to SYSCTL_OUT allocate a temporary buffer then pass the array to user-space once we have dropped the lock. While we are here, drop an assertion which could result in a kernel panic under certain race conditions. Pointed out by: rwatson
2005-07-26 17:21:56 +00:00
xbd = &xbdbuf[index++];
Introduce new sysctl variable: net.bpf.stats. This sysctl variable can be used to pass statistics regarding dropped, matched and received packet counts from the kernel to user-space. While we are here introduce a new counter for filtered or matched packets. We currently keep track of packets received or dropped by the bpf device, but not how many packets actually matched the bpf filter. -Introduce net.bpf.stats sysctl OID -Move sysctl variables after the function prototypes so we can reference bpf_stats_sysctl(9) without build errors. -Introduce bpf descriptor counter which is used mainly for sizing of the xbpf_d array. -Introduce a xbpf_d structure which will act as an external representation of the bpf_d structure. -Add a the following members to the bpfd structure: bd_fcount - Number of packets which matched bpf filter bd_pid - PID which opened the bpf device bd_pcomm - Process name which opened the device. It should be noted that it's possible that the process which opened the device could be long gone at the time of stats collection. An example might be a process that opens the bpf device forks then exits leaving the child process with the bpf fd. Reviewed by: mdodd
2005-07-24 17:21:17 +00:00
BPFD_LOCK(bd);
Rather than hold a mutex over calls to SYSCTL_OUT allocate a temporary buffer then pass the array to user-space once we have dropped the lock. While we are here, drop an assertion which could result in a kernel panic under certain race conditions. Pointed out by: rwatson
2005-07-26 17:21:56 +00:00
bpfstats_fill_xbpf(xbd, bd);
Introduce new sysctl variable: net.bpf.stats. This sysctl variable can be used to pass statistics regarding dropped, matched and received packet counts from the kernel to user-space. While we are here introduce a new counter for filtered or matched packets. We currently keep track of packets received or dropped by the bpf device, but not how many packets actually matched the bpf filter. -Introduce net.bpf.stats sysctl OID -Move sysctl variables after the function prototypes so we can reference bpf_stats_sysctl(9) without build errors. -Introduce bpf descriptor counter which is used mainly for sizing of the xbpf_d array. -Introduce a xbpf_d structure which will act as an external representation of the bpf_d structure. -Add a the following members to the bpfd structure: bd_fcount - Number of packets which matched bpf filter bd_pid - PID which opened the bpf device bd_pcomm - Process name which opened the device. It should be noted that it's possible that the process which opened the device could be long gone at the time of stats collection. An example might be a process that opens the bpf device forks then exits leaving the child process with the bpf fd. Reviewed by: mdodd
2005-07-24 17:21:17 +00:00
BPFD_UNLOCK(bd);
}
Pickup locks for the BPF interface structure. It's quite possible that bpf(4) descriptors can be added and removed on this interface while we are processing stats. MFC after: 2 weeks
2006-05-07 03:21:43 +00:00
BPFIF_UNLOCK(bp);
Introduce new sysctl variable: net.bpf.stats. This sysctl variable can be used to pass statistics regarding dropped, matched and received packet counts from the kernel to user-space. While we are here introduce a new counter for filtered or matched packets. We currently keep track of packets received or dropped by the bpf device, but not how many packets actually matched the bpf filter. -Introduce net.bpf.stats sysctl OID -Move sysctl variables after the function prototypes so we can reference bpf_stats_sysctl(9) without build errors. -Introduce bpf descriptor counter which is used mainly for sizing of the xbpf_d array. -Introduce a xbpf_d structure which will act as an external representation of the bpf_d structure. -Add a the following members to the bpfd structure: bd_fcount - Number of packets which matched bpf filter bd_pid - PID which opened the bpf device bd_pcomm - Process name which opened the device. It should be noted that it's possible that the process which opened the device could be long gone at the time of stats collection. An example might be a process that opens the bpf device forks then exits leaving the child process with the bpf fd. Reviewed by: mdodd
2005-07-24 17:21:17 +00:00
}
mtx_unlock(&bpf_mtx);
Rather than hold a mutex over calls to SYSCTL_OUT allocate a temporary buffer then pass the array to user-space once we have dropped the lock. While we are here, drop an assertion which could result in a kernel panic under certain race conditions. Pointed out by: rwatson
2005-07-26 17:21:56 +00:00
error = SYSCTL_OUT(req, xbdbuf, index * sizeof(*xbd));
free(xbdbuf, M_BPF);
Introduce new sysctl variable: net.bpf.stats. This sysctl variable can be used to pass statistics regarding dropped, matched and received packet counts from the kernel to user-space. While we are here introduce a new counter for filtered or matched packets. We currently keep track of packets received or dropped by the bpf device, but not how many packets actually matched the bpf filter. -Introduce net.bpf.stats sysctl OID -Move sysctl variables after the function prototypes so we can reference bpf_stats_sysctl(9) without build errors. -Introduce bpf descriptor counter which is used mainly for sizing of the xbpf_d array. -Introduce a xbpf_d structure which will act as an external representation of the bpf_d structure. -Add a the following members to the bpfd structure: bd_fcount - Number of packets which matched bpf filter bd_pid - PID which opened the bpf device bd_pcomm - Process name which opened the device. It should be noted that it's possible that the process which opened the device could be long gone at the time of stats collection. An example might be a process that opens the bpf device forks then exits leaving the child process with the bpf fd. Reviewed by: mdodd
2005-07-24 17:21:17 +00:00
return (error);
}
In keeping with style(9)'s recommendations on macros, use a ';' after each SYSINIT() macro invocation. This makes a number of lightweight C parsers much happier with the FreeBSD kernel source, including cflow's prcc and lxr. MFC after: 1 month Discussed with: imp, rink
2008-03-16 10:58:09 +00:00
SYSINIT(bpfdev,SI_SUB_DRIVERS,SI_ORDER_MIDDLE,bpf_drvinit,NULL);
OK, that's it.. That's EVERY SINGLE driver that has an entry in conf.c.. my next trick will be to define cdevsw[] and bdevsw[] as empty arrays and remove all those DAMNED defines as well.. Each of these drivers has a SYSINIT linker set entry that comes in very early.. and asks teh driver to add it's own entry to the two devsw[] tables. some slight reworking of the commits from yesterday (added the SYSINIT stuff and some usually wrong but token DEVFS entries to all these devices. BTW does anyone know where the 'ata' entries in conf.c actually reside? seems we don't actually have a 'ataopen() etc... If you want to add a new device in conf.c please make sure I know so I can keep it up to date too.. as before, this is all dependent on #if defined(JREMOD) (and #ifdef DEVFS in parts)
1995-11-29 10:49:16 +00:00
Supply a stub bpf_validate() (always returning false - the script is not valid) if BPF is missing. The netgraph_bpf node forced bpf to be present, reflect that in the options. Stop doing a 'count bpf' - we provide stubs. Since a handful of drivers still refer to "bpf.h", provide a more accurate indication that the API is present always. (eg: netinet6)
2001-01-29 13:26:14 +00:00
#else /* !DEV_BPF && !NETGRAPH_BPF */
Allow loadable interface drivers with BPF support to be loaded into a kernel that doesn't have it. This is achieved by having minimal do-nothing stubs enabled when there are no bpfilter devices configured. Driver modules should be built with BPF enabled for maximum convenience (but can be built without it for maximum performance).
1999-04-28 01:18:13 +00:00
/*
* NOP stubs to allow bpf-using drivers to load and function.
*
* A 'better' implementation would allow the core bpf functionality
* to be loaded at runtime.
*/
If bpf(4) has not been compiled into the kernel, initialize the bpf interface pointer to a zeroed, statically allocated bpf_if structure. This way the LIST_EMPTY() macro will always return true. This allows us to remove the additional unconditional memory reference for each packet in the fast path. Discussed with: sam
2006-06-14 02:23:28 +00:00
static struct bpf_if bp_null;
Allow loadable interface drivers with BPF support to be loaded into a kernel that doesn't have it. This is achieved by having minimal do-nothing stubs enabled when there are no bpfilter devices configured. Driver modules should be built with BPF enabled for maximum convenience (but can be built without it for maximum performance).
1999-04-28 01:18:13 +00:00
void
Since we are doing some bpf(4) clean up, change a couple of function prototypes to be consistent. Also, ANSI'fy function definitions. There is no functional change here.
2006-06-15 15:39:12 +00:00
bpf_tap(struct bpf_if *bp, u_char *pkt, u_int pktlen)
Allow loadable interface drivers with BPF support to be loaded into a kernel that doesn't have it. This is achieved by having minimal do-nothing stubs enabled when there are no bpfilter devices configured. Driver modules should be built with BPF enabled for maximum convenience (but can be built without it for maximum performance).
1999-04-28 01:18:13 +00:00
{
}
void
Since we are doing some bpf(4) clean up, change a couple of function prototypes to be consistent. Also, ANSI'fy function definitions. There is no functional change here.
2006-06-15 15:39:12 +00:00
bpf_mtap(struct bpf_if *bp, struct mbuf *m)
Allow loadable interface drivers with BPF support to be loaded into a kernel that doesn't have it. This is achieved by having minimal do-nothing stubs enabled when there are no bpfilter devices configured. Driver modules should be built with BPF enabled for maximum convenience (but can be built without it for maximum performance).
1999-04-28 01:18:13 +00:00
{
}
o eliminate widespread on-stack mbuf use for bpf by introducing a new bpf_mtap2 routine that does the right thing for an mbuf and a variable-length chunk of data that should be prepended. o while we're sweeping the drivers, use u_int32_t uniformly when when prepending the address family (several places were assuming sizeof(int) was 4) o return M_ASSERTVALID to BPF_MTAP* now that all stack-allocated mbufs have been eliminated; this may better be moved to the bpf routines Reviewed by: arch@ and several others
2003-12-28 03:56:00 +00:00
void
Since we are doing some bpf(4) clean up, change a couple of function prototypes to be consistent. Also, ANSI'fy function definitions. There is no functional change here.
2006-06-15 15:39:12 +00:00
bpf_mtap2(struct bpf_if *bp, void *d, u_int l, struct mbuf *m)
o eliminate widespread on-stack mbuf use for bpf by introducing a new bpf_mtap2 routine that does the right thing for an mbuf and a variable-length chunk of data that should be prepended. o while we're sweeping the drivers, use u_int32_t uniformly when when prepending the address family (several places were assuming sizeof(int) was 4) o return M_ASSERTVALID to BPF_MTAP* now that all stack-allocated mbufs have been eliminated; this may better be moved to the bpf routines Reviewed by: arch@ and several others
2003-12-28 03:56:00 +00:00
{
}
Allow loadable interface drivers with BPF support to be loaded into a kernel that doesn't have it. This is achieved by having minimal do-nothing stubs enabled when there are no bpfilter devices configured. Driver modules should be built with BPF enabled for maximum convenience (but can be built without it for maximum performance).
1999-04-28 01:18:13 +00:00
void
Since we are doing some bpf(4) clean up, change a couple of function prototypes to be consistent. Also, ANSI'fy function definitions. There is no functional change here.
2006-06-15 15:39:12 +00:00
bpfattach(struct ifnet *ifp, u_int dlt, u_int hdrlen)
Allow loadable interface drivers with BPF support to be loaded into a kernel that doesn't have it. This is achieved by having minimal do-nothing stubs enabled when there are no bpfilter devices configured. Driver modules should be built with BPF enabled for maximum convenience (but can be built without it for maximum performance).
1999-04-28 01:18:13 +00:00
{
If bpf(4) has not been compiled into the kernel, initialize the bpf interface pointer to a zeroed, statically allocated bpf_if structure. This way the LIST_EMPTY() macro will always return true. This allows us to remove the additional unconditional memory reference for each packet in the fast path. Discussed with: sam
2006-06-14 02:23:28 +00:00
bpfattach2(ifp, dlt, hdrlen, &ifp->if_bpf);
Allow loadable interface drivers with BPF support to be loaded into a kernel that doesn't have it. This is achieved by having minimal do-nothing stubs enabled when there are no bpfilter devices configured. Driver modules should be built with BPF enabled for maximum convenience (but can be built without it for maximum performance).
1999-04-28 01:18:13 +00:00
}
add a stub for bpfattach2 so bpf is not required with the 802.11 module or related drivers Spotted by: Dan Lukes <dan@obluda.cz>
2003-10-04 01:32:28 +00:00
void
Since we are doing some bpf(4) clean up, change a couple of function prototypes to be consistent. Also, ANSI'fy function definitions. There is no functional change here.
2006-06-15 15:39:12 +00:00
bpfattach2(struct ifnet *ifp, u_int dlt, u_int hdrlen, struct bpf_if **driverp)
add a stub for bpfattach2 so bpf is not required with the 802.11 module or related drivers Spotted by: Dan Lukes <dan@obluda.cz>
2003-10-04 01:32:28 +00:00
{
If bpf(4) has not been compiled into the kernel, initialize the bpf interface pointer to a zeroed, statically allocated bpf_if structure. This way the LIST_EMPTY() macro will always return true. This allows us to remove the additional unconditional memory reference for each packet in the fast path. Discussed with: sam
2006-06-14 02:23:28 +00:00
*driverp = &bp_null;
add a stub for bpfattach2 so bpf is not required with the 802.11 module or related drivers Spotted by: Dan Lukes <dan@obluda.cz>
2003-10-04 01:32:28 +00:00
}
Add a bpfdetach() stub routine to bpf.c. Without this, you'll get an unresolved symbol error if you try to load a network driver into a kernel which doesn't have bpf enabled. Forgotten by: rwatson Found by: peter
2000-04-27 15:11:41 +00:00
void
Since we are doing some bpf(4) clean up, change a couple of function prototypes to be consistent. Also, ANSI'fy function definitions. There is no functional change here.
2006-06-15 15:39:12 +00:00
bpfdetach(struct ifnet *ifp)
Add a bpfdetach() stub routine to bpf.c. Without this, you'll get an unresolved symbol error if you try to load a network driver into a kernel which doesn't have bpf enabled. Forgotten by: rwatson Found by: peter
2000-04-27 15:11:41 +00:00
{
}
Allow loadable interface drivers with BPF support to be loaded into a kernel that doesn't have it. This is achieved by having minimal do-nothing stubs enabled when there are no bpfilter devices configured. Driver modules should be built with BPF enabled for maximum convenience (but can be built without it for maximum performance).
1999-04-28 01:18:13 +00:00
u_int
Since we are doing some bpf(4) clean up, change a couple of function prototypes to be consistent. Also, ANSI'fy function definitions. There is no functional change here.
2006-06-15 15:39:12 +00:00
bpf_filter(const struct bpf_insn *pc, u_char *p, u_int wirelen, u_int buflen)
Allow loadable interface drivers with BPF support to be loaded into a kernel that doesn't have it. This is achieved by having minimal do-nothing stubs enabled when there are no bpfilter devices configured. Driver modules should be built with BPF enabled for maximum convenience (but can be built without it for maximum performance).
1999-04-28 01:18:13 +00:00
{
return -1; /* "no filter" behaviour */
}
Supply a stub bpf_validate() (always returning false - the script is not valid) if BPF is missing. The netgraph_bpf node forced bpf to be present, reflect that in the options. Stop doing a 'count bpf' - we provide stubs. Since a handful of drivers still refer to "bpf.h", provide a more accurate indication that the API is present always. (eg: netinet6)
2001-01-29 13:26:14 +00:00
int
Since we are doing some bpf(4) clean up, change a couple of function prototypes to be consistent. Also, ANSI'fy function definitions. There is no functional change here.
2006-06-15 15:39:12 +00:00
bpf_validate(const struct bpf_insn *f, int len)
Supply a stub bpf_validate() (always returning false - the script is not valid) if BPF is missing. The netgraph_bpf node forced bpf to be present, reflect that in the options. Stop doing a 'count bpf' - we provide stubs. Since a handful of drivers still refer to "bpf.h", provide a more accurate indication that the API is present always. (eg: netinet6)
2001-01-29 13:26:14 +00:00
{
return 0; /* false */
}
#endif /* !DEV_BPF && !NETGRAPH_BPF */
Reference in New Issue Copy Permalink