Date: Thu, 07 Mar 2002 14:47:13 -0800 From: David Boggs <boggs@boggs.palo-alto.ca.us> To: FreeBSD-questions@freebsd.org Cc: boggs@gw.wa3dbj.vix.com Subject: Berkeley Packet Filter question Message-ID: <200203072247.OAA15409@gw.wa3dbj.vix.com>
next in thread | raw e-mail | index | archive | help
I'm writing a network device driver. I'm using FreeBSD 4.4-RELEASE.
I can't get BPF to work; it dereferences a nil pointer.
Attached below is some BPF code. As I read it, bpfattach() is passed
an ifp (struct ifnet *). It mallocs a 'bpf_if' (1) and installs the ifp
in it (2). Then it uses this pointer to ZERO a pointer in the ifp named
if_bpf (3) (presumably a back-pointer). Later, bpf_mtap() is called,
and it picks up the back-pointer to the if_bpf (4) (which has been ZEROed)
and dereferences it (5), causing a type 12 trap.
Grepping through other device drivers, I note that most of them don't
call bpfattach(), but two or three do. Those that do, are NOT passing
a struct ifnet * as the first argument. What's going on here?
My driver is for a synchronous serial line. The proper place for snooping
packets is in sppp, rather than in each individual driver. Why doesn't
sppp call bpf? Why should I ever have to deal with this?
/David Boggs
void
bpfattach(ifp, dlt, hdrlen)
struct ifnet *ifp;
u_int dlt, hdrlen;
{
struct bpf_if *bp;
(1) bp = (struct bpf_if *)malloc(sizeof(*bp), M_BPF, M_DONTWAIT);
(2) bp->bif_ifp = ifp;
.....
(3) bp->bif_ifp->if_bpf = 0; /* this seems wrong */
.....
}
void
bpf_mtap(ifp, m)
struct ifnet *ifp;
struct mbuf *m;
{
(4) struct bpf_if *bp = ifp->if_bpf;
.....
(5) for (d = bp->bif_dlist; d != 0; d = d->bd_next) {
.....
}
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200203072247.OAA15409>