2 * Copyright (c) 1990, 1991, 1993
3 * The Regents of the University of California. All rights reserved.
5 * This code is derived from the Stanford/CMU enet packet filter,
6 * (net/enet.c) distributed as part of 4.3BSD, and code contributed
7 * to Berkeley by Steven McCanne and Van Jacobson both of Lawrence
10 * Redistribution and use in source and binary forms, with or without
11 * modification, are permitted provided that the following conditions
13 * 1. Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer.
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in the
17 * documentation and/or other materials provided with the distribution.
18 * 3. All advertising materials mentioning features or use of this software
19 * must display the following acknowledgement:
20 * This product includes software developed by the University of
21 * California, Berkeley and its contributors.
22 * 4. Neither the name of the University nor the names of its contributors
23 * may be used to endorse or promote products derived from this software
24 * without specific prior written permission.
26 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
27 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
28 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
29 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
30 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
31 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
34 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
35 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
38 * @(#)bpf.c 8.4 (Berkeley) 1/9/95
44 #include "opt_netgraph.h"
46 #include <sys/param.h>
47 #include <sys/systm.h>
49 #include <sys/malloc.h>
53 #include <sys/signalvar.h>
54 #include <sys/filio.h>
55 #include <sys/sockio.h>
56 #include <sys/ttycom.h>
57 #include <sys/filedesc.h>
61 #include <sys/socket.h>
62 #include <sys/vnode.h>
66 #include <net/bpfdesc.h>
68 #include <netinet/in.h>
69 #include <netinet/if_ether.h>
70 #include <sys/kernel.h>
71 #include <sys/sysctl.h>
73 static MALLOC_DEFINE(M_BPF, "BPF", "BPF data");
75 #if defined(DEV_BPF) || defined(NETGRAPH_BPF)
77 #define PRINET 26 /* interruptible */
80 * The default read buffer size is patchable.
82 static int bpf_bufsize = 4096;
83 SYSCTL_INT(_debug, OID_AUTO, bpf_bufsize, CTLFLAG_RW,
85 static int bpf_maxbufsize = BPF_MAXBUFSIZE;
86 SYSCTL_INT(_debug, OID_AUTO, bpf_maxbufsize, CTLFLAG_RW,
87 &bpf_maxbufsize, 0, "");
90 * bpf_iflist is the list of interfaces; each corresponds to an ifnet
92 static struct bpf_if *bpf_iflist;
93 static struct mtx bpf_mtx; /* bpf global lock */
95 static int bpf_allocbufs __P((struct bpf_d *));
96 static void bpf_attachd __P((struct bpf_d *d, struct bpf_if *bp));
97 static void bpf_detachd __P((struct bpf_d *d));
98 static void bpf_freed __P((struct bpf_d *));
99 static void bpf_mcopy __P((const void *, void *, size_t));
100 static int bpf_movein __P((struct uio *, int,
101 struct mbuf **, struct sockaddr *, int *));
102 static int bpf_setif __P((struct bpf_d *, struct ifreq *));
104 bpf_wakeup __P((struct bpf_d *));
105 static void catchpacket __P((struct bpf_d *, u_char *, u_int,
106 u_int, void (*)(const void *, void *, size_t)));
107 static void reset_d __P((struct bpf_d *));
108 static int bpf_setf __P((struct bpf_d *, struct bpf_program *));
110 static d_open_t bpfopen;
111 static d_close_t bpfclose;
112 static d_read_t bpfread;
113 static d_write_t bpfwrite;
114 static d_ioctl_t bpfioctl;
115 static d_poll_t bpfpoll;
117 #define CDEV_MAJOR 23
118 static struct cdevsw bpf_cdevsw = {
120 /* close */ bpfclose,
122 /* write */ bpfwrite,
123 /* ioctl */ bpfioctl,
126 /* strategy */ nostrategy,
128 /* maj */ CDEV_MAJOR,
136 bpf_movein(uio, linktype, mp, sockp, datlen)
137 register struct uio *uio;
138 int linktype, *datlen;
139 register struct mbuf **mp;
140 register struct sockaddr *sockp;
148 * Build a sockaddr based on the data link layer type.
149 * We do this at this level because the ethernet header
150 * is copied directly into the data field of the sockaddr.
151 * In the case of SLIP, there is no header and the packet
152 * is forwarded as is.
153 * Also, we are careful to leave room at the front of the mbuf
154 * for the link level header.
159 sockp->sa_family = AF_INET;
164 sockp->sa_family = AF_UNSPEC;
165 /* XXX Would MAXLINKHDR be better? */
166 hlen = sizeof(struct ether_header);
170 sockp->sa_family = AF_IMPLINK;
176 sockp->sa_family = AF_UNSPEC;
180 case DLT_ATM_RFC1483:
182 * en atm driver requires 4-byte atm pseudo header.
183 * though it isn't standard, vpi:vci needs to be
186 sockp->sa_family = AF_UNSPEC;
187 hlen = 12; /* XXX 4(ATM_PH) + 3(LLC) + 5(SNAP) */
191 sockp->sa_family = AF_UNSPEC;
192 hlen = 4; /* This should match PPP_HDRLEN */
199 len = uio->uio_resid;
200 *datlen = len - hlen;
201 if ((unsigned)len > MCLBYTES)
204 MGETHDR(m, M_TRYWAIT, MT_DATA);
208 MCLGET(m, M_TRYWAIT);
209 if ((m->m_flags & M_EXT) == 0) {
214 m->m_pkthdr.len = m->m_len = len;
215 m->m_pkthdr.rcvif = NULL;
218 * Make room for link header.
221 m->m_pkthdr.len -= hlen;
224 m->m_data += hlen; /* XXX */
228 error = uiomove((caddr_t)sockp->sa_data, hlen, uio);
232 error = uiomove(mtod(m, caddr_t), len - hlen, uio);
241 * Attach file to the bpf interface, i.e. make d listen on bp.
249 * Point d at bp, and add d to the interface's list of listeners.
250 * Finally, point the driver's bpf cookie at the interface so
251 * it will divert packets to bpf.
255 d->bd_next = bp->bif_dlist;
258 bp->bif_ifp->if_bpf = bp;
263 * Detach a file from its interface.
275 * Check if this descriptor had requested promiscuous mode.
276 * If so, turn it off.
280 error = ifpromisc(bp->bif_ifp, 0);
281 if (error != 0 && error != ENXIO) {
283 * ENXIO can happen if a pccard is unplugged
284 * Something is really wrong if we were able to put
285 * the driver into promiscuous mode, but can't
288 printf("%s%d: ifpromisc failed %d\n",
289 bp->bif_ifp->if_name, bp->bif_ifp->if_unit, error);
292 /* Remove d from the interface's descriptor list. */
298 panic("bpf_detachd: descriptor not in list");
301 if (bp->bif_dlist == 0)
303 * Let the driver know that there are no more listeners.
305 d->bd_bif->bif_ifp->if_bpf = 0;
311 * Open ethernet device. Returns ENXIO for illegal minor device number,
312 * EBUSY if file is open by another process.
316 bpfopen(dev, flags, fmt, td)
327 * Each minor can be opened by only one process. If the requested
328 * minor is in use, return EBUSY.
331 mtx_unlock(&bpf_mtx);
334 dev->si_drv1 = (struct bpf_d *)~0; /* mark device in use */
335 mtx_unlock(&bpf_mtx);
337 if ((dev->si_flags & SI_NAMED) == 0)
338 make_dev(&bpf_cdevsw, minor(dev), UID_ROOT, GID_WHEEL, 0600,
339 "bpf%d", dev2unit(dev));
340 MALLOC(d, struct bpf_d *, sizeof(*d), M_BPF, M_WAITOK | M_ZERO);
342 d->bd_bufsize = bpf_bufsize;
345 mtx_init(&d->bd_mtx, devtoname(dev), MTX_DEF);
351 * Close the descriptor by detaching it from its interface,
352 * deallocating its buffers, and marking it free.
356 bpfclose(dev, flags, fmt, td)
362 struct bpf_d *d = dev->si_drv1;
364 funsetown(d->bd_sigio);
368 mtx_unlock(&bpf_mtx);
378 * Rotate the packet buffers in descriptor d. Move the store buffer
379 * into the hold slot, and the free buffer into the store slot.
380 * Zero the length of the new store buffer.
382 #define ROTATE_BUFFERS(d) \
383 (d)->bd_hbuf = (d)->bd_sbuf; \
384 (d)->bd_hlen = (d)->bd_slen; \
385 (d)->bd_sbuf = (d)->bd_fbuf; \
389 * bpfread - read next chunk of packets from buffers
392 bpfread(dev, uio, ioflag)
394 register struct uio *uio;
397 struct bpf_d *d = dev->si_drv1;
401 * Restrict application to use a buffer the same size as
404 if (uio->uio_resid != d->bd_bufsize)
409 * If the hold buffer is empty, then do a timed sleep, which
410 * ends when the timeout expires or when enough packets
411 * have arrived to fill the store buffer.
413 while (d->bd_hbuf == 0) {
414 if (d->bd_immediate && d->bd_slen != 0) {
416 * A packet(s) either arrived since the previous
417 * read or arrived while we were asleep.
418 * Rotate the buffers and return what's here.
425 * No data is available, check to see if the bpf device
426 * is still pointed at a real interface. If not, return
427 * ENXIO so that the userland process knows to rebind
428 * it before using it again.
430 if (d->bd_bif == NULL) {
435 if (ioflag & IO_NDELAY) {
437 return (EWOULDBLOCK);
439 error = msleep((caddr_t)d, &d->bd_mtx, PRINET|PCATCH,
441 if (error == EINTR || error == ERESTART) {
445 if (error == EWOULDBLOCK) {
447 * On a timeout, return what's in the buffer,
448 * which may be nothing. If there is something
449 * in the store buffer, we can rotate the buffers.
453 * We filled up the buffer in between
454 * getting the timeout and arriving
455 * here, so we don't need to rotate.
459 if (d->bd_slen == 0) {
468 * At this point, we know we have something in the hold slot.
473 * Move data from hold buffer into user space.
474 * We know the entire buffer is transferred since
475 * we checked above that the read buffer is bpf_bufsize bytes.
477 error = uiomove(d->bd_hbuf, d->bd_hlen, uio);
480 d->bd_fbuf = d->bd_hbuf;
490 * If there are processes sleeping on this descriptor, wake them up.
494 register struct bpf_d *d;
497 if (d->bd_async && d->bd_sig && d->bd_sigio)
498 pgsigio(d->bd_sigio, d->bd_sig, 0);
500 selwakeup(&d->bd_sel);
502 d->bd_sel.si_pid = 0;
506 bpfwrite(dev, uio, ioflag)
511 struct bpf_d *d = dev->si_drv1;
515 static struct sockaddr dst;
521 ifp = d->bd_bif->bif_ifp;
523 if (uio->uio_resid == 0)
526 error = bpf_movein(uio, (int)d->bd_bif->bif_dlt, &m, &dst, &datlen);
530 if (datlen > ifp->if_mtu)
534 dst.sa_family = pseudo_AF_HDRCMPLT;
537 error = (*ifp->if_output)(ifp, m, &dst, (struct rtentry *)0);
540 * The driver frees the mbuf.
546 * Reset a descriptor by flushing its packet buffer and clearing the
547 * receive and drop counts.
554 mtx_assert(&d->bd_mtx, MA_OWNED);
556 /* Free the hold buffer. */
557 d->bd_fbuf = d->bd_hbuf;
567 * FIONREAD Check for read packet available.
568 * SIOCGIFADDR Get interface address - convenient hook to driver.
569 * BIOCGBLEN Get buffer len [for read()].
570 * BIOCSETF Set ethernet read filter.
571 * BIOCFLUSH Flush read packet buffer.
572 * BIOCPROMISC Put interface into promiscuous mode.
573 * BIOCGDLT Get link layer type.
574 * BIOCGETIF Get interface name.
575 * BIOCSETIF Set interface.
576 * BIOCSRTIMEOUT Set read timeout.
577 * BIOCGRTIMEOUT Get read timeout.
578 * BIOCGSTATS Get packet stats.
579 * BIOCIMMEDIATE Set immediate mode.
580 * BIOCVERSION Get filter language version.
581 * BIOCGHDRCMPLT Get "header already complete" flag
582 * BIOCSHDRCMPLT Set "header already complete" flag
583 * BIOCGSEESENT Get "see packets sent" flag
584 * BIOCSSEESENT Set "see packets sent" flag
588 bpfioctl(dev, cmd, addr, flags, td)
595 struct bpf_d *d = dev->si_drv1;
605 * Check for read packet available.
628 ifp = d->bd_bif->bif_ifp;
629 error = (*ifp->if_ioctl)(ifp, cmd, addr);
635 * Get buffer len [for read()].
638 *(u_int *)addr = d->bd_bufsize;
648 register u_int size = *(u_int *)addr;
650 if (size > bpf_maxbufsize)
651 *(u_int *)addr = size = bpf_maxbufsize;
652 else if (size < BPF_MINBUFSIZE)
653 *(u_int *)addr = size = BPF_MINBUFSIZE;
654 d->bd_bufsize = size;
659 * Set link layer read filter.
662 error = bpf_setf(d, (struct bpf_program *)addr);
666 * Flush read packet buffer.
675 * Put interface into promiscuous mode.
678 if (d->bd_bif == 0) {
680 * No interface attached yet.
685 if (d->bd_promisc == 0) {
687 error = ifpromisc(d->bd_bif->bif_ifp, 1);
695 * Get device parameters.
701 *(u_int *)addr = d->bd_bif->bif_dlt;
705 * Get interface name.
711 struct ifnet *const ifp = d->bd_bif->bif_ifp;
712 struct ifreq *const ifr = (struct ifreq *)addr;
714 snprintf(ifr->ifr_name, sizeof(ifr->ifr_name),
715 "%s%d", ifp->if_name, ifp->if_unit);
723 error = bpf_setif(d, (struct ifreq *)addr);
731 struct timeval *tv = (struct timeval *)addr;
734 * Subtract 1 tick from tvtohz() since this isn't
737 if ((error = itimerfix(tv)) == 0)
738 d->bd_rtout = tvtohz(tv) - 1;
747 struct timeval *tv = (struct timeval *)addr;
749 tv->tv_sec = d->bd_rtout / hz;
750 tv->tv_usec = (d->bd_rtout % hz) * tick;
759 struct bpf_stat *bs = (struct bpf_stat *)addr;
761 bs->bs_recv = d->bd_rcount;
762 bs->bs_drop = d->bd_dcount;
767 * Set immediate mode.
770 d->bd_immediate = *(u_int *)addr;
775 struct bpf_version *bv = (struct bpf_version *)addr;
777 bv->bv_major = BPF_MAJOR_VERSION;
778 bv->bv_minor = BPF_MINOR_VERSION;
783 * Get "header already complete" flag
786 *(u_int *)addr = d->bd_hdrcmplt;
790 * Set "header already complete" flag
793 d->bd_hdrcmplt = *(u_int *)addr ? 1 : 0;
797 * Get "see sent packets" flag
800 *(u_int *)addr = d->bd_seesent;
804 * Set "see sent packets" flag
807 d->bd_seesent = *(u_int *)addr;
810 case FIONBIO: /* Non-blocking I/O */
813 case FIOASYNC: /* Send signal on receive packets */
814 d->bd_async = *(int *)addr;
818 error = fsetown(*(int *)addr, &d->bd_sigio);
822 *(int *)addr = fgetown(d->bd_sigio);
825 /* This is deprecated, FIOSETOWN should be used instead. */
827 error = fsetown(-(*(int *)addr), &d->bd_sigio);
830 /* This is deprecated, FIOGETOWN should be used instead. */
832 *(int *)addr = -fgetown(d->bd_sigio);
835 case BIOCSRSIG: /* Set receive signal */
839 sig = *(u_int *)addr;
848 *(u_int *)addr = d->bd_sig;
855 * Set d's packet filter program to fp. If this file already has a filter,
856 * free it and replace it. Returns EINVAL for bogus requests.
861 struct bpf_program *fp;
863 struct bpf_insn *fcode, *old;
867 if (fp->bf_insns == 0) {
875 free((caddr_t)old, M_BPF);
879 if (flen > BPF_MAXINSNS)
882 size = flen * sizeof(*fp->bf_insns);
883 fcode = (struct bpf_insn *)malloc(size, M_BPF, M_WAITOK);
884 if (copyin((caddr_t)fp->bf_insns, (caddr_t)fcode, size) == 0 &&
885 bpf_validate(fcode, (int)flen)) {
887 d->bd_filter = fcode;
891 free((caddr_t)old, M_BPF);
895 free((caddr_t)fcode, M_BPF);
900 * Detach a file from its current interface (if attached at all) and attach
901 * to the interface indicated by the name stored in ifr.
902 * Return an errno or 0.
911 struct ifnet *theywant;
913 theywant = ifunit(ifr->ifr_name);
918 * Look through attached interfaces for the named one.
921 for (bp = bpf_iflist; bp != 0; bp = bp->bif_next) {
922 struct ifnet *ifp = bp->bif_ifp;
924 if (ifp == 0 || ifp != theywant)
927 mtx_unlock(&bpf_mtx);
929 * We found the requested interface.
930 * If it's not up, return an error.
931 * Allocate the packet buffers if we need to.
932 * If we're already attached to requested interface,
933 * just flush the buffer.
935 if ((ifp->if_flags & IFF_UP) == 0)
938 if (d->bd_sbuf == 0) {
939 error = bpf_allocbufs(d);
943 if (bp != d->bd_bif) {
946 * Detach if attached to something else.
957 mtx_unlock(&bpf_mtx);
963 * Support for select() and poll() system calls
965 * Return true iff the specific operation will not block indefinitely.
966 * Otherwise, return false but make a note that a selwakeup() must be done.
969 bpfpoll(dev, events, td)
978 if (d->bd_bif == NULL)
981 revents = events & (POLLOUT | POLLWRNORM);
983 if (events & (POLLIN | POLLRDNORM)) {
985 * An imitation of the FIONREAD ioctl code.
986 * XXX not quite. An exact imitation:
987 * if (d->b_slen != 0 ||
988 * (d->bd_hbuf != NULL && d->bd_hlen != 0)
990 if (d->bd_hlen != 0 || (d->bd_immediate && d->bd_slen != 0))
991 revents |= events & (POLLIN | POLLRDNORM);
993 selrecord(td, &d->bd_sel);
1000 * Incoming linkage from device drivers. Process the packet pkt, of length
1001 * pktlen, which is stored in a contiguous buffer. The packet is parsed
1002 * by each process' filter, and if accepted, stashed into the corresponding
1006 bpf_tap(ifp, pkt, pktlen)
1008 register u_char *pkt;
1009 register u_int pktlen;
1012 register struct bpf_d *d;
1013 register u_int slen;
1017 for (d = bp->bif_dlist; d != 0; d = d->bd_next) {
1020 slen = bpf_filter(d->bd_filter, pkt, pktlen, pktlen);
1022 catchpacket(d, pkt, pktlen, slen, bcopy);
1029 * Copy data from an mbuf chain into a buffer. This code is derived
1030 * from m_copydata in sys/uipc_mbuf.c.
1033 bpf_mcopy(src_arg, dst_arg, len)
1034 const void *src_arg;
1036 register size_t len;
1038 register const struct mbuf *m;
1039 register u_int count;
1047 count = min(m->m_len, len);
1048 bcopy(mtod(m, void *), dst, count);
1056 * Incoming linkage from device drivers, when packet is in an mbuf chain.
1063 struct bpf_if *bp = ifp->if_bpf;
1069 for (m0 = m; m0 != 0; m0 = m0->m_next)
1070 pktlen += m0->m_len;
1073 for (d = bp->bif_dlist; d != 0; d = d->bd_next) {
1074 if (!d->bd_seesent && (m->m_pkthdr.rcvif == NULL))
1078 slen = bpf_filter(d->bd_filter, (u_char *)m, pktlen, 0);
1080 catchpacket(d, (u_char *)m, pktlen, slen, bpf_mcopy);
1087 * Move the packet data from interface memory (pkt) into the
1088 * store buffer. Return 1 if it's time to wakeup a listener (buffer full),
1089 * otherwise 0. "copy" is the routine called to do the actual data
1090 * transfer. bcopy is passed in to copy contiguous chunks, while
1091 * bpf_mcopy is passed in to copy mbuf chains. In the latter case,
1092 * pkt is really an mbuf.
1095 catchpacket(d, pkt, pktlen, snaplen, cpfn)
1096 register struct bpf_d *d;
1097 register u_char *pkt;
1098 register u_int pktlen, snaplen;
1099 register void (*cpfn) __P((const void *, void *, size_t));
1101 register struct bpf_hdr *hp;
1102 register int totlen, curlen;
1103 register int hdrlen = d->bd_bif->bif_hdrlen;
1105 * Figure out how many bytes to move. If the packet is
1106 * greater or equal to the snapshot length, transfer that
1107 * much. Otherwise, transfer the whole packet (unless
1108 * we hit the buffer size limit).
1110 totlen = hdrlen + min(snaplen, pktlen);
1111 if (totlen > d->bd_bufsize)
1112 totlen = d->bd_bufsize;
1115 * Round up the end of the previous packet to the next longword.
1117 curlen = BPF_WORDALIGN(d->bd_slen);
1118 if (curlen + totlen > d->bd_bufsize) {
1120 * This packet will overflow the storage buffer.
1121 * Rotate the buffers if we can, then wakeup any
1124 if (d->bd_fbuf == 0) {
1126 * We haven't completed the previous read yet,
1127 * so drop the packet.
1136 else if (d->bd_immediate)
1138 * Immediate mode is set. A packet arrived so any
1139 * reads should be woken up.
1144 * Append the bpf header.
1146 hp = (struct bpf_hdr *)(d->bd_sbuf + curlen);
1147 microtime(&hp->bh_tstamp);
1148 hp->bh_datalen = pktlen;
1149 hp->bh_hdrlen = hdrlen;
1151 * Copy the packet data into the store buffer and update its length.
1153 (*cpfn)(pkt, (u_char *)hp + hdrlen, (hp->bh_caplen = totlen - hdrlen));
1154 d->bd_slen = curlen + totlen;
1158 * Initialize all nonzero fields of a descriptor.
1162 register struct bpf_d *d;
1164 d->bd_fbuf = (caddr_t)malloc(d->bd_bufsize, M_BPF, M_WAITOK);
1165 if (d->bd_fbuf == 0)
1168 d->bd_sbuf = (caddr_t)malloc(d->bd_bufsize, M_BPF, M_WAITOK);
1169 if (d->bd_sbuf == 0) {
1170 free(d->bd_fbuf, M_BPF);
1179 * Free buffers currently in use by a descriptor.
1184 register struct bpf_d *d;
1187 * We don't need to lock out interrupts since this descriptor has
1188 * been detached from its interface and it yet hasn't been marked
1191 if (d->bd_sbuf != 0) {
1192 free(d->bd_sbuf, M_BPF);
1193 if (d->bd_hbuf != 0)
1194 free(d->bd_hbuf, M_BPF);
1195 if (d->bd_fbuf != 0)
1196 free(d->bd_fbuf, M_BPF);
1199 free((caddr_t)d->bd_filter, M_BPF);
1200 mtx_destroy(&d->bd_mtx);
1204 * Attach an interface to bpf. ifp is a pointer to the structure
1205 * defining the interface to be attached, dlt is the link layer type,
1206 * and hdrlen is the fixed size of the link header (variable length
1207 * headers are not yet supporrted).
1210 bpfattach(ifp, dlt, hdrlen)
1215 bp = (struct bpf_if *)malloc(sizeof(*bp), M_BPF, M_NOWAIT | M_ZERO);
1221 mtx_init(&bp->bif_mtx, "bpf interface lock", MTX_DEF);
1224 bp->bif_next = bpf_iflist;
1226 mtx_unlock(&bpf_mtx);
1228 bp->bif_ifp->if_bpf = 0;
1231 * Compute the length of the bpf header. This is not necessarily
1232 * equal to SIZEOF_BPF_HDR because we want to insert spacing such
1233 * that the network layer header begins on a longword boundary (for
1234 * performance reasons and to alleviate alignment restrictions).
1236 bp->bif_hdrlen = BPF_WORDALIGN(hdrlen + SIZEOF_BPF_HDR) - hdrlen;
1239 printf("bpf: %s%d attached\n", ifp->if_name, ifp->if_unit);
1243 * Detach bpf from an interface. This involves detaching each descriptor
1244 * associated with the interface, and leaving bd_bif NULL. Notify each
1245 * descriptor as it's detached so that any sleepers wake up and get
1252 struct bpf_if *bp, *bp_prev;
1257 /* Locate BPF interface information */
1259 for (bp = bpf_iflist; bp != NULL; bp = bp->bif_next) {
1260 if (ifp == bp->bif_ifp)
1265 /* Interface wasn't attached */
1266 if (bp->bif_ifp == NULL) {
1267 mtx_unlock(&bpf_mtx);
1268 printf("bpfdetach: %s%d was not attached\n", ifp->if_name,
1274 bp_prev->bif_next = bp->bif_next;
1276 bpf_iflist = bp->bif_next;
1279 while ((d = bp->bif_dlist) != NULL) {
1286 mtx_destroy(&bp->bif_mtx);
1289 mtx_unlock(&bpf_mtx);
1292 static void bpf_drvinit __P((void *unused));
1294 static void bpf_clone __P((void *arg, char *name, int namelen, dev_t *dev));
1297 bpf_clone(arg, name, namelen, dev)
1307 if (dev_stdclone(name, NULL, "bpf", &u) != 1)
1309 *dev = make_dev(&bpf_cdevsw, unit2minor(u), UID_ROOT, GID_WHEEL, 0600,
1311 (*dev)->si_flags |= SI_CHEAPCLONE;
1320 mtx_init(&bpf_mtx, "bpf global lock", MTX_DEF);
1321 EVENTHANDLER_REGISTER(dev_clone, bpf_clone, 0, 1000);
1322 cdevsw_add(&bpf_cdevsw);
1325 SYSINIT(bpfdev,SI_SUB_DRIVERS,SI_ORDER_MIDDLE+CDEV_MAJOR,bpf_drvinit,NULL)
1327 #else /* !DEV_BPF && !NETGRAPH_BPF */
1329 * NOP stubs to allow bpf-using drivers to load and function.
1331 * A 'better' implementation would allow the core bpf functionality
1332 * to be loaded at runtime.
1336 bpf_tap(ifp, pkt, pktlen)
1338 register u_char *pkt;
1339 register u_int pktlen;
1351 bpfattach(ifp, dlt, hdrlen)
1364 bpf_filter(pc, p, wirelen, buflen)
1365 register const struct bpf_insn *pc;
1368 register u_int buflen;
1370 return -1; /* "no filter" behaviour */
1374 bpf_validate(f, len)
1375 const struct bpf_insn *f;
1378 return 0; /* false */
1381 #endif /* !DEV_BPF && !NETGRAPH_BPF */