From owner-freebsd-questions  Thu Mar  7 14:47:38 2002
Delivered-To: freebsd-questions@freebsd.org
Received: from gw.wa3dbj.vix.com (dbj-pa.pp.vix.com [204.152.184.150])
	by hub.freebsd.org (Postfix) with ESMTP id 415A837B404
	for <FreeBSD-questions@freebsd.org>; Thu,  7 Mar 2002 14:47:20 -0800 (PST)
Received: from gw.wa3dbj.vix.com (boggs@[127.0.0.1])
	by gw.wa3dbj.vix.com (8.9.3/8.9.3) with ESMTP id OAA15409;
	Thu, 7 Mar 2002 14:47:13 -0800 (PST)
Message-Id: <200203072247.OAA15409@gw.wa3dbj.vix.com>
X-Mailer: exmh version 2.1.0 09/18/1999
To: FreeBSD-questions@freebsd.org
Cc: boggs@gw.wa3dbj.vix.com
Subject: Berkeley Packet Filter question
Date: Thu, 07 Mar 2002 14:47:13 -0800
From: David Boggs <boggs@boggs.palo-alto.ca.us>
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

I'm writing a network device driver.  I'm using FreeBSD 4.4-RELEASE.
I can't get BPF to work; it dereferences a nil pointer.

Attached below is some BPF code.  As I read it, bpfattach() is passed
an ifp (struct ifnet *).  It mallocs a 'bpf_if' (1) and installs the ifp
in it (2).  Then it uses this pointer to ZERO a pointer in the ifp named
if_bpf (3) (presumably a back-pointer).  Later, bpf_mtap() is called,
and it picks up the back-pointer to the if_bpf (4) (which has been ZEROed)
and dereferences it (5), causing a type 12 trap.

Grepping through other device drivers, I note that most of them don't
call bpfattach(), but two or three do.  Those that do, are NOT passing
a struct ifnet * as the first argument.  What's going on here?

My driver is for a synchronous serial line.  The proper place for snooping
packets is in sppp, rather than in each individual driver.  Why doesn't
sppp call bpf?  Why should I ever have to deal with this?

	/David Boggs

void
bpfattach(ifp, dlt, hdrlen)
	struct ifnet *ifp;
	u_int dlt, hdrlen;
{
	struct bpf_if *bp;
(1)	bp = (struct bpf_if *)malloc(sizeof(*bp), M_BPF, M_DONTWAIT);

(2)	bp->bif_ifp = ifp;
.....

(3)	bp->bif_ifp->if_bpf = 0;  /* this seems wrong */

.....
}

void
bpf_mtap(ifp, m)
	struct ifnet *ifp;
	struct mbuf *m;
{
(4)	struct bpf_if *bp = ifp->if_bpf;

.....

(5)	for (d = bp->bif_dlist; d != 0; d = d->bd_next) {
.....
}



 


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message