1 /* $NetBSD: if_tun.c,v 1.14 1994/06/29 06:36:25 cgd Exp $ */
4 * Copyright (c) 1988, Julian Onions <jpo@cs.nott.ac.uk>
5 * Nottingham University 1987.
7 * This source may be freely distributed, however I would be interested
8 * in any changes that are made.
10 * This driver takes packets off the IP i/f and hands them up to a
11 * user process to have its wicked way with. This driver has it's
12 * roots in a similar driver written by Phil Cockcroft (formerly) at
13 * UCL. This driver is based much more on read/write/poll mode of
19 #include "opt_atalk.h"
21 #include "opt_inet6.h"
25 #include <sys/param.h>
27 #include <sys/systm.h>
30 #include <sys/module.h>
31 #include <sys/socket.h>
32 #include <sys/fcntl.h>
33 #include <sys/filio.h>
34 #include <sys/sockio.h>
35 #include <sys/ttycom.h>
37 #include <sys/selinfo.h>
38 #include <sys/signalvar.h>
39 #include <sys/filedesc.h>
40 #include <sys/kernel.h>
41 #include <sys/sysctl.h>
44 #include <sys/malloc.h>
45 #include <sys/random.h>
48 #include <net/if_types.h>
49 #include <net/netisr.h>
50 #include <net/route.h>
52 #include <netinet/in.h>
55 #include <net/if_tun.h>
57 #include <sys/queue.h>
60 * tun_list is protected by global tunmtx. Other mutable fields are
61 * protected by tun->tun_mtx, or by their owning subsystem. tun_dev is
62 * static for the duration of a tunnel interface.
65 TAILQ_ENTRY(tun_softc) tun_list;
67 u_short tun_flags; /* misc flags */
68 #define TUN_OPEN 0x0001
69 #define TUN_INITED 0x0002
70 #define TUN_RCOLL 0x0004
71 #define TUN_IASET 0x0008
72 #define TUN_DSTADDR 0x0010
73 #define TUN_LMODE 0x0020
74 #define TUN_RWAIT 0x0040
75 #define TUN_ASYNC 0x0080
76 #define TUN_IFHEAD 0x0100
78 #define TUN_READY (TUN_OPEN | TUN_INITED)
81 * XXXRW: tun_pid is used to exclusively lock /dev/tun. Is this
82 * actually needed? Can we just return EBUSY if already open?
83 * Problem is that this involved inherent races when a tun device
84 * is handed off from one process to another, as opposed to just
85 * being slightly stale informationally.
87 pid_t tun_pid; /* owning pid */
88 struct ifnet tun_if; /* the interface */
89 struct sigio *tun_sigio; /* information for async I/O */
90 struct selinfo tun_rsel; /* read select */
91 struct mtx tun_mtx; /* protect mutable softc fields */
94 #define TUNDEBUG if (tundebug) if_printf
98 * All mutable global variables in if_tun are locked using tunmtx, with
99 * the exception of tundebug, which is used unlocked, and tunclones,
100 * which is static after setup.
102 static struct mtx tunmtx;
103 static MALLOC_DEFINE(M_TUN, TUNNAME, "Tunnel Interface");
104 static int tundebug = 0;
105 static struct clonedevs *tunclones;
106 static TAILQ_HEAD(,tun_softc) tunhead = TAILQ_HEAD_INITIALIZER(tunhead);
107 SYSCTL_INT(_debug, OID_AUTO, if_tun_debug, CTLFLAG_RW, &tundebug, 0, "");
109 static void tunclone(void *arg, char *name, int namelen, struct cdev **dev);
110 static void tuncreate(struct cdev *dev);
111 static int tunifioctl(struct ifnet *, u_long, caddr_t);
112 static int tuninit(struct ifnet *);
113 static int tunmodevent(module_t, int, void *);
114 static int tunoutput(struct ifnet *, struct mbuf *, struct sockaddr *,
116 static void tunstart(struct ifnet *);
118 static d_open_t tunopen;
119 static d_close_t tunclose;
120 static d_read_t tunread;
121 static d_write_t tunwrite;
122 static d_ioctl_t tunioctl;
123 static d_poll_t tunpoll;
125 static struct cdevsw tun_cdevsw = {
126 .d_version = D_VERSION,
127 .d_flags = D_PSEUDO | D_NEEDGIANT,
138 tunclone(void *arg, char *name, int namelen, struct cdev **dev)
145 if (strcmp(name, TUNNAME) == 0) {
147 } else if (dev_stdclone(name, NULL, TUNNAME, &u) != 1)
148 return; /* Don't recognise the name */
149 if (u != -1 && u > IF_MAXUNIT)
150 return; /* Unit number too high */
152 /* find any existing device, or allocate new unit number */
153 i = clone_create(&tunclones, &tun_cdevsw, &u, dev, 0);
155 /* No preexisting struct cdev *, create one */
156 *dev = make_dev(&tun_cdevsw, unit2minor(u),
157 UID_UUCP, GID_DIALER, 0600, "tun%d", u);
160 (*dev)->si_flags |= SI_CHEAPCLONE;
166 tun_destroy(struct tun_softc *tp)
171 KASSERT((tp->tun_flags & TUN_OPEN) == 0,
172 ("tununits is out of sync - unit %d", tp->tun_if.if_dunit));
175 bpfdetach(&tp->tun_if);
176 if_detach(&tp->tun_if);
178 mtx_destroy(&tp->tun_mtx);
183 tunmodevent(module_t mod, int type, void *data)
185 static eventhandler_tag tag;
186 struct tun_softc *tp;
190 mtx_init(&tunmtx, "tunmtx", NULL, MTX_DEF);
191 clone_setup(&tunclones);
192 tag = EVENTHANDLER_REGISTER(dev_clone, tunclone, 0, 1000);
197 EVENTHANDLER_DEREGISTER(dev_clone, tag);
200 while ((tp = TAILQ_FIRST(&tunhead)) != NULL) {
201 TAILQ_REMOVE(&tunhead, tp, tun_list);
207 clone_cleanup(&tunclones);
208 mtx_destroy(&tunmtx);
216 static moduledata_t tun_mod = {
222 DECLARE_MODULE(if_tun, tun_mod, SI_SUB_PSEUDO, SI_ORDER_ANY);
225 tunstart(struct ifnet *ifp)
227 struct tun_softc *tp = ifp->if_softc;
230 if (ALTQ_IS_ENABLED(&ifp->if_snd)) {
231 IFQ_LOCK(&ifp->if_snd);
232 IFQ_POLL_NOLOCK(&ifp->if_snd, m);
234 IFQ_UNLOCK(&ifp->if_snd);
237 IFQ_UNLOCK(&ifp->if_snd);
240 mtx_lock(&tp->tun_mtx);
241 if (tp->tun_flags & TUN_RWAIT) {
242 tp->tun_flags &= ~TUN_RWAIT;
245 if (tp->tun_flags & TUN_ASYNC && tp->tun_sigio) {
246 mtx_unlock(&tp->tun_mtx);
247 pgsigio(&tp->tun_sigio, SIGIO, 0);
249 mtx_unlock(&tp->tun_mtx);
250 selwakeuppri(&tp->tun_rsel, PZERO + 1);
254 tuncreate(struct cdev *dev)
256 struct tun_softc *sc;
259 dev->si_flags &= ~SI_CHEAPCLONE;
261 MALLOC(sc, struct tun_softc *, sizeof(*sc), M_TUN, M_WAITOK | M_ZERO);
262 mtx_init(&sc->tun_mtx, "tun_mtx", NULL, MTX_DEF);
263 sc->tun_flags = TUN_INITED;
266 TAILQ_INSERT_TAIL(&tunhead, sc, tun_list);
270 if_initname(ifp, TUNNAME, dev2unit(dev));
271 ifp->if_mtu = TUNMTU;
272 ifp->if_ioctl = tunifioctl;
273 ifp->if_output = tunoutput;
274 ifp->if_start = tunstart;
275 ifp->if_flags = IFF_POINTOPOINT | IFF_MULTICAST;
276 ifp->if_type = IFT_PPP;
278 IFQ_SET_MAXLEN(&ifp->if_snd, ifqmaxlen);
279 ifp->if_snd.ifq_drv_maxlen = 0;
280 IFQ_SET_READY(&ifp->if_snd);
283 bpfattach(ifp, DLT_NULL, sizeof(u_int));
288 tunopen(struct cdev *dev, int flag, int mode, struct thread *td)
291 struct tun_softc *tp;
294 * XXXRW: Non-atomic test and set of dev->si_drv1 requires
304 * XXXRW: This use of tun_pid is subject to error due to the
305 * fact that a reference to the tunnel can live beyond the
306 * death of the process that created it. Can we replace this
307 * with a simple busy flag?
309 mtx_lock(&tp->tun_mtx);
310 if (tp->tun_pid != 0 && tp->tun_pid != td->td_proc->p_pid) {
311 mtx_unlock(&tp->tun_mtx);
314 tp->tun_pid = td->td_proc->p_pid;
316 tp->tun_flags |= TUN_OPEN;
317 mtx_unlock(&tp->tun_mtx);
319 TUNDEBUG(ifp, "open\n");
325 * tunclose - close the device - mark i/f down & delete
329 tunclose(struct cdev *dev, int foo, int bar, struct thread *td)
331 struct tun_softc *tp;
338 mtx_lock(&tp->tun_mtx);
339 tp->tun_flags &= ~TUN_OPEN;
343 * junk all pending output
346 IFQ_PURGE(&ifp->if_snd);
348 mtx_unlock(&tp->tun_mtx);
350 if (ifp->if_flags & IFF_UP) {
356 if (ifp->if_flags & IFF_RUNNING) {
360 /* find internet addresses and delete routes */
361 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link)
362 if (ifa->ifa_addr->sa_family == AF_INET)
364 rtinit(ifa, (int)RTM_DELETE,
365 tp->tun_flags & TUN_DSTADDR ? RTF_HOST : 0);
366 ifp->if_flags &= ~IFF_RUNNING;
370 funsetown(&tp->tun_sigio);
371 selwakeuppri(&tp->tun_rsel, PZERO + 1);
372 TUNDEBUG (ifp, "closed\n");
377 tuninit(struct ifnet *ifp)
379 struct tun_softc *tp = ifp->if_softc;
383 TUNDEBUG(ifp, "tuninit\n");
385 ifp->if_flags |= IFF_UP | IFF_RUNNING;
386 getmicrotime(&ifp->if_lastchange);
388 for (ifa = TAILQ_FIRST(&ifp->if_addrhead); ifa;
389 ifa = TAILQ_NEXT(ifa, ifa_link)) {
390 if (ifa->ifa_addr == NULL)
392 /* XXX: Should maybe return straight off? */
395 if (ifa->ifa_addr->sa_family == AF_INET) {
396 struct sockaddr_in *si;
398 si = (struct sockaddr_in *)ifa->ifa_addr;
399 mtx_lock(&tp->tun_mtx);
400 if (si->sin_addr.s_addr)
401 tp->tun_flags |= TUN_IASET;
403 si = (struct sockaddr_in *)ifa->ifa_dstaddr;
404 if (si && si->sin_addr.s_addr)
405 tp->tun_flags |= TUN_DSTADDR;
406 mtx_unlock(&tp->tun_mtx);
415 * Process an ioctl request.
418 tunifioctl(struct ifnet *ifp, u_long cmd, caddr_t data)
420 struct ifreq *ifr = (struct ifreq *)data;
421 struct tun_softc *tp = ifp->if_softc;
428 ifs = (struct ifstat *)data;
429 mtx_lock(&tp->tun_mtx);
431 sprintf(ifs->ascii + strlen(ifs->ascii),
432 "\tOpened by PID %d\n", tp->tun_pid);
433 mtx_unlock(&tp->tun_mtx);
436 error = tuninit(ifp);
437 TUNDEBUG(ifp, "address set, error=%d\n", error);
440 error = tuninit(ifp);
441 TUNDEBUG(ifp, "destination address set, error=%d\n", error);
444 ifp->if_mtu = ifr->ifr_mtu;
445 TUNDEBUG(ifp, "mtu set\n");
459 * tunoutput - queue packets from higher level ready to put out.
465 struct sockaddr *dst,
468 struct tun_softc *tp = ifp->if_softc;
469 u_short cached_tun_flags;
472 TUNDEBUG (ifp, "tunoutput\n");
475 error = mac_check_ifnet_transmit(ifp, m0);
482 /* Could be unlocked read? */
483 mtx_lock(&tp->tun_mtx);
484 cached_tun_flags = tp->tun_flags;
485 mtx_unlock(&tp->tun_mtx);
486 if ((cached_tun_flags & TUN_READY) != TUN_READY) {
487 TUNDEBUG (ifp, "not ready 0%o\n", tp->tun_flags);
492 if ((ifp->if_flags & IFF_UP) != IFF_UP) {
497 /* BPF write needs to be handled specially */
498 if (dst->sa_family == AF_UNSPEC) {
499 dst->sa_family = *(mtod(m0, int *));
500 m0->m_len -= sizeof(int);
501 m0->m_pkthdr.len -= sizeof(int);
502 m0->m_data += sizeof(int);
506 uint32_t af = dst->sa_family;
507 bpf_mtap2(ifp->if_bpf, &af, sizeof(af), m0);
510 /* prepend sockaddr? this may abort if the mbuf allocation fails */
511 if (cached_tun_flags & TUN_LMODE) {
512 /* allocate space for sockaddr */
513 M_PREPEND(m0, dst->sa_len, M_DONTWAIT);
515 /* if allocation failed drop packet */
521 bcopy(dst, m0->m_data, dst->sa_len);
525 if (cached_tun_flags & TUN_IFHEAD) {
526 /* Prepend the address family */
527 M_PREPEND(m0, 4, M_DONTWAIT);
529 /* if allocation failed drop packet */
535 *(u_int32_t *)m0->m_data = htonl(dst->sa_family);
538 if (dst->sa_family != AF_INET)
542 return (EAFNOSUPPORT);
546 IFQ_HANDOFF(ifp, m0, error);
548 ifp->if_collisions++;
556 * the cdevsw interface is now pretty minimal.
559 tunioctl(struct cdev *dev, u_long cmd, caddr_t data, int flag, struct thread *td)
563 struct tun_softc *tp = dev->si_drv1;
564 struct tuninfo *tunp;
568 tunp = (struct tuninfo *)data;
569 if (tunp->mtu < IF_MINMTU)
571 if (tp->tun_if.if_mtu != tunp->mtu
572 && (error = suser(td)) != 0)
574 tp->tun_if.if_mtu = tunp->mtu;
575 tp->tun_if.if_type = tunp->type;
576 tp->tun_if.if_baudrate = tunp->baudrate;
579 tunp = (struct tuninfo *)data;
580 tunp->mtu = tp->tun_if.if_mtu;
581 tunp->type = tp->tun_if.if_type;
582 tunp->baudrate = tp->tun_if.if_baudrate;
585 tundebug = *(int *)data;
588 *(int *)data = tundebug;
591 mtx_lock(&tp->tun_mtx);
593 tp->tun_flags |= TUN_LMODE;
594 tp->tun_flags &= ~TUN_IFHEAD;
596 tp->tun_flags &= ~TUN_LMODE;
597 mtx_unlock(&tp->tun_mtx);
600 mtx_lock(&tp->tun_mtx);
602 tp->tun_flags |= TUN_IFHEAD;
603 tp->tun_flags &= ~TUN_LMODE;
605 tp->tun_flags &= ~TUN_IFHEAD;
606 mtx_unlock(&tp->tun_mtx);
609 /* Could be unlocked read? */
610 mtx_lock(&tp->tun_mtx);
611 *(int *)data = (tp->tun_flags & TUN_IFHEAD) ? 1 : 0;
612 mtx_unlock(&tp->tun_mtx);
615 /* deny this if UP */
616 if (tp->tun_if.if_flags & IFF_UP)
619 switch (*(int *)data & ~IFF_MULTICAST) {
620 case IFF_POINTOPOINT:
622 tp->tun_if.if_flags &=
623 ~(IFF_BROADCAST|IFF_POINTOPOINT|IFF_MULTICAST);
624 tp->tun_if.if_flags |= *(int *)data;
631 mtx_lock(&tp->tun_mtx);
632 tp->tun_pid = curthread->td_proc->p_pid;
633 mtx_unlock(&tp->tun_mtx);
638 mtx_lock(&tp->tun_mtx);
640 tp->tun_flags |= TUN_ASYNC;
642 tp->tun_flags &= ~TUN_ASYNC;
643 mtx_unlock(&tp->tun_mtx);
647 if (!IFQ_IS_EMPTY(&tp->tun_if.if_snd)) {
649 IFQ_LOCK(&tp->tun_if.if_snd);
650 IFQ_POLL_NOLOCK(&tp->tun_if.if_snd, mb);
651 for( *(int *)data = 0; mb != 0; mb = mb->m_next)
652 *(int *)data += mb->m_len;
653 IFQ_UNLOCK(&tp->tun_if.if_snd);
659 return (fsetown(*(int *)data, &tp->tun_sigio));
662 *(int *)data = fgetown(&tp->tun_sigio);
665 /* This is deprecated, FIOSETOWN should be used instead. */
667 return (fsetown(-(*(int *)data), &tp->tun_sigio));
669 /* This is deprecated, FIOGETOWN should be used instead. */
671 *(int *)data = -fgetown(&tp->tun_sigio);
681 * The cdevsw read interface - reads a packet at a time, or at
682 * least as much of a packet as can be read.
685 tunread(struct cdev *dev, struct uio *uio, int flag)
687 struct tun_softc *tp = dev->si_drv1;
688 struct ifnet *ifp = &tp->tun_if;
692 TUNDEBUG (ifp, "read\n");
693 mtx_lock(&tp->tun_mtx);
694 if ((tp->tun_flags & TUN_READY) != TUN_READY) {
695 mtx_unlock(&tp->tun_mtx);
696 TUNDEBUG (ifp, "not ready 0%o\n", tp->tun_flags);
700 tp->tun_flags &= ~TUN_RWAIT;
701 mtx_unlock(&tp->tun_mtx);
705 IFQ_DEQUEUE(&ifp->if_snd, m);
707 if (flag & O_NONBLOCK) {
709 return (EWOULDBLOCK);
711 mtx_lock(&tp->tun_mtx);
712 tp->tun_flags |= TUN_RWAIT;
713 mtx_unlock(&tp->tun_mtx);
714 if((error = tsleep(tp, PCATCH | (PZERO + 1),
715 "tunread", 0)) != 0) {
723 while (m && uio->uio_resid > 0 && error == 0) {
724 len = min(uio->uio_resid, m->m_len);
726 error = uiomove(mtod(m, void *), len, uio);
731 TUNDEBUG(ifp, "Dropping mbuf\n");
738 * the cdevsw write interface - an atomic write is a packet - or else!
741 tunwrite(struct cdev *dev, struct uio *uio, int flag)
743 struct tun_softc *tp = dev->si_drv1;
744 struct ifnet *ifp = &tp->tun_if;
750 TUNDEBUG(ifp, "tunwrite\n");
752 if ((ifp->if_flags & IFF_UP) != IFF_UP)
753 /* ignore silently */
756 if (uio->uio_resid == 0)
759 if (uio->uio_resid < 0 || uio->uio_resid > TUNMRU) {
760 TUNDEBUG(ifp, "len=%d!\n", uio->uio_resid);
764 if ((m = m_uiotombuf(uio, M_DONTWAIT, 0, 0)) == NULL) {
769 m->m_pkthdr.rcvif = ifp;
771 mac_create_mbuf_from_ifnet(ifp, m);
774 /* Could be unlocked read? */
775 mtx_lock(&tp->tun_mtx);
776 if (tp->tun_flags & TUN_IFHEAD) {
777 mtx_unlock(&tp->tun_mtx);
778 if (m->m_len < sizeof(family) &&
779 (m = m_pullup(m, sizeof(family))) == NULL)
781 family = ntohl(*mtod(m, u_int32_t *));
782 m_adj(m, sizeof(family));
784 mtx_unlock(&tp->tun_mtx);
788 BPF_MTAP2(ifp, &family, sizeof(family), m);
813 return (EAFNOSUPPORT);
815 /* First chunk of an mbuf contains good junk */
816 if (harvest.point_to_point)
817 random_harvest(m, 16, 3, 0, RANDOM_NET);
818 ifp->if_ibytes += m->m_pkthdr.len;
820 netisr_dispatch(isr, m);
825 * tunpoll - the poll interface, this is only useful on reads
826 * really. The write detect always returns true, write never blocks
827 * anyway, it either accepts the packet or drops it.
830 tunpoll(struct cdev *dev, int events, struct thread *td)
833 struct tun_softc *tp = dev->si_drv1;
834 struct ifnet *ifp = &tp->tun_if;
839 TUNDEBUG(ifp, "tunpoll\n");
841 if (events & (POLLIN | POLLRDNORM)) {
842 IFQ_LOCK(&ifp->if_snd);
843 IFQ_POLL_NOLOCK(&ifp->if_snd, m);
845 TUNDEBUG(ifp, "tunpoll q=%d\n", ifp->if_snd.ifq_len);
846 revents |= events & (POLLIN | POLLRDNORM);
848 TUNDEBUG(ifp, "tunpoll waiting\n");
849 selrecord(td, &tp->tun_rsel);
851 IFQ_UNLOCK(&ifp->if_snd);
853 if (events & (POLLOUT | POLLWRNORM))
854 revents |= events & (POLLOUT | POLLWRNORM);