/*
* Copyright (c) 2000, 2001 The NetBSD Foundation, Inc.
* All rights reserved.
*
* This code is derived from software contributed to The NetBSD Foundation
* by Andrew Doran, and by Jason R. Thorpe of Zembu Labs, Inc.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
* TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
* BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*/
/*
* Copyright 1998 Massachusetts Institute of Technology
*
* Permission to use, copy, modify, and distribute this software and
* its documentation for any purpose and without fee is hereby
* granted, provided that both the above copyright notice and this
* permission notice appear in all copies, that both the above
* copyright notice and this permission notice appear in all
* supporting documentation, and that the name of M.I.T. not be used
* in advertising or publicity pertaining to distribution of the
* software without specific, written prior permission. M.I.T. makes
* no representations about the suitability of this software for any
* purpose. It is provided "as is" without express or implied
* warranty.
*
* THIS SOFTWARE IS PROVIDED BY M.I.T. ``AS IS''. M.I.T. DISCLAIMS
* ALL EXPRESS OR IMPLIED WARRANTIES WITH REGARD TO THIS SOFTWARE,
* INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT
* SHALL M.I.T. BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
* USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
* OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* from FreeBSD: if_vlan.c,v 1.16 2000/03/26 15:21:40 charnier Exp
* via OpenBSD: if_vlan.c,v 1.4 2000/05/15 19:15:00 chris Exp
*/
/*
* if_vlan.c - pseudo-device driver for IEEE 802.1Q virtual LANs. Might be
* extended some day to also handle IEEE 802.1P priority tagging. This is
* sort of sneaky in the implementation, since we need to pretend to be
* enough of an Ethernet implementation to make ARP work. The way we do
* this is by telling everyone that we are an Ethernet interface, and then
* catch the packets that ether_output() left on our output queue when it
* calls if_start(), rewrite them for use by the real outgoing interface,
* and ask it to send them.
*
* TODO:
*
* - Need some way to notify vlan interfaces when the parent
* interface changes MTU.
*/
struct vlan_mc_entry {
LIST_ENTRY(vlan_mc_entry) mc_entries;
/*
* A key to identify this entry. The mc_addr below can't be
* used since multiple sockaddr may mapped into the same
* ether_multi (e.g., AF_UNSPEC).
*/
struct ether_multi *mc_enm;
struct sockaddr_storage mc_addr;
};
struct ifvlan_linkmib {
struct ifvlan *ifvm_ifvlan;
const struct vlan_multisw *ifvm_msw;
int ifvm_mtufudge; /* MTU fudged by this much */
int ifvm_mintu; /* min transmission unit */
uint16_t ifvm_proto; /* encapsulation ethertype */
uint16_t ifvm_tag; /* tag to apply on packets */
struct ifnet *ifvm_p; /* parent interface of this vlan */
struct psref_target ifvm_psref;
};
struct ifvlan {
struct ethercom ifv_ec;
uint8_t ifv_lladdr[ETHER_ADDR_LEN];
struct ifvlan_linkmib *ifv_mib; /*
* reader must use vlan_getref_linkmib()
* instead of direct dereference
*/
kmutex_t ifv_lock; /* writer lock for ifv_mib */
pserialize_t ifv_psz;
void *ifv_linkstate_hook;
void *ifv_ifdetach_hook;
/*
* We start out with a "802.1Q VLAN" type and zero-length
* addresses. When we attach to a parent interface, we
* inherit its type, address length, address, and data link
* type.
*/
if_initname(ifp, ifc->ifc_name, unit);
ifp->if_softc = ifv;
ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST;
#ifdef NET_MPSAFE
ifp->if_extflags = IFEF_MPSAFE;
#endif
ifp->if_start = vlan_start;
ifp->if_transmit = vlan_transmit;
ifp->if_ioctl = vlan_ioctl;
IFQ_SET_READY(&ifp->if_snd);
if_initialize(ifp);
/*
* Set the link state to down.
* When the parent interface attaches we will use that link state.
* When the parent interface link state changes, so will ours.
* When the parent interface detaches, set the link state to down.
*/
ifp->if_link_state = LINK_STATE_DOWN;
ec = (struct ethercom *)p;
if (ec->ec_capenable & ETHERCAP_VLAN_MTU) {
nmib->ifvm_mtufudge = 0;
} else {
/*
* Fudge the MTU by the encapsulation size. This
* makes us incompatible with strictly compliant
* 802.1Q implementations, but allows us to use
* the feature with other NetBSD
* implementations, which might still be useful.
*/
nmib->ifvm_mtufudge = ETHER_VLAN_ENCAP_LEN;
}
/*
* If the parent interface can do hardware-assisted
* VLAN encapsulation, then propagate its hardware-
* assisted checksumming flags and tcp segmentation
* offload.
*/
if (ec->ec_capabilities & ETHERCAP_VLAN_HWTAGGING) {
ifp->if_capabilities = p->if_capabilities &
(IFCAP_TSOv4 | IFCAP_TSOv6 |
IFCAP_CSUM_IPv4_Tx | IFCAP_CSUM_IPv4_Rx |
IFCAP_CSUM_TCPv4_Tx | IFCAP_CSUM_TCPv4_Rx |
IFCAP_CSUM_UDPv4_Tx | IFCAP_CSUM_UDPv4_Rx |
IFCAP_CSUM_TCPv6_Tx | IFCAP_CSUM_TCPv6_Rx |
IFCAP_CSUM_UDPv6_Tx | IFCAP_CSUM_UDPv6_Rx);
}
/*
* We inherit the parents link state.
*/
ifv->ifv_linkstate_hook = if_linkstate_change_establish(p,
vlan_link_state_changed, ifv);
if_link_state_change(&ifv->ifv_if, p->if_link_state);
done:
mutex_exit(&ifv->ifv_lock);
if (nmib_psref)
psref_target_destroy(nmib_psref, ifvm_psref_class);
if (nmib)
kmem_free(nmib, sizeof(*nmib));
if (omib_cleanup)
kmem_free(omib, sizeof(*omib));
/*
* Since the interface is being unconfigured, we need to empty the
* list of multicast groups that we may have joined while we were
* alive and remove them from the parent's list also.
*/
(*nmib->ifvm_msw->vmsw_purgemulti)(ifv);
/* XXX ether_ifdetach must not be called with IFNET_LOCK */
ifv->ifv_stopping = true;
mutex_exit(&ifv->ifv_lock);
IFNET_UNLOCK(ifp);
ether_ifdetach(ifp);
IFNET_LOCK(ifp);
mutex_enter(&ifv->ifv_lock);
ifv->ifv_stopping = false;
/* if_free_sadl must be called with IFNET_LOCK */
if_free_sadl(ifp, 1);
/*XXX ether_ifdetachhook_disestablish must not called with IFNET_LOCK */
IFNET_UNLOCK(ifp);
ether_ifdetachhook_disestablish(p, ifv->ifv_ifdetach_hook,
&ifv->ifv_lock);
mutex_exit(&ifv->ifv_lock);
IFNET_LOCK(ifp);
#ifdef INET6
KERNEL_LOCK_UNLESS_NET_MPSAFE();
/* To delete v6 link local addresses */
if (in6_present)
in6_ifdetach(ifp);
KERNEL_UNLOCK_UNLESS_NET_MPSAFE();
#endif
if_down_locked(ifp);
ifp->if_capabilities = 0;
mutex_enter(&ifv->ifv_lock);
done:
if (nmib_psref)
psref_target_destroy(nmib_psref, ifvm_psref_class);
/*
* Called when a parent interface is detaching; destroy any VLAN
* configuration for the parent interface.
*/
static void
vlan_ifdetach(void *xifp)
{
struct ifnet *ifp;
ifp = (struct ifnet *)xifp;
/* IFNET_LOCK must be held before ifv_lock. */
IFNET_LOCK(ifp);
vlan_unconfig(ifp);
IFNET_UNLOCK(ifp);
}
static int
vlan_set_promisc(struct ifnet *ifp)
{
struct ifvlan *ifv = ifp->if_softc;
struct ifvlan_linkmib *mib;
struct psref psref;
int error = 0;
int bound;
case SIOCSIFFLAGS:
if ((error = ifioctl_common(ifp, cmd, data)) != 0)
break;
/*
* For promiscuous mode, we enable promiscuous mode on
* the parent if we need promiscuous on the VLAN interface.
*/
bound = curlwp_bind();
mib = vlan_getref_linkmib(ifv, &psref);
if (mib == NULL) {
curlwp_bindx(bound);
error = EBUSY;
break;
}
if (sa->sa_len > sizeof(struct sockaddr_storage))
return EINVAL;
error = ether_addmulti(sa, &ifv->ifv_ec);
if (error != ENETRESET)
return error;
/*
* This is a new multicast address. We have to tell parent
* about it. Also, remember this multicast address so that
* we can delete it on unconfigure.
*/
mc = malloc(sizeof(struct vlan_mc_entry), M_DEVBUF, M_NOWAIT);
if (mc == NULL) {
error = ENOMEM;
goto alloc_failed;
}
/*
* Since ether_addmulti() returned ENETRESET, the following two
* statements shouldn't fail. Here ifv_ec is implicitly protected
* by the ifv_lock lock.
*/
error = ether_multiaddr(sa, addrlo, addrhi);
KASSERT(error == 0);
/*
* Find a key to lookup vlan_mc_entry. We have to do this
* before calling ether_delmulti for obvious reasons.
*/
if ((error = ether_multiaddr(sa, addrlo, addrhi)) != 0)
return error;
LIST_FOREACH(mc, &ifv->ifv_mc_listhead, mc_entries) {
if (mc->mc_enm == enm)
break;
}
/* We woun't delete entries we didn't add */
if (mc == NULL)
return EINVAL;
error = ether_delmulti(sa, &ifv->ifv_ec);
if (error != ENETRESET)
return error;
/* We no longer use this multicast address. Tell parent so. */
mib = ifv->ifv_mib;
error = if_mcast_op(mib->ifvm_p, SIOCDELMULTI, sa);
if (error == 0) {
/* And forget about this address. */
LIST_REMOVE(mc, mc_entries);
free(mc, M_DEVBUF);
} else {
(void)ether_addmulti(sa, &ifv->ifv_ec);
}
return error;
}
/*
* Delete any multicast address we have asked to add from parent
* interface. Called when the vlan is being unconfigured.
*/
static void
vlan_ether_purgemulti(struct ifvlan *ifv)
{
struct vlan_mc_entry *mc;
struct ifvlan_linkmib *mib;
#ifdef ALTQ
/*
* KERNEL_LOCK is required for ALTQ even if NET_MPSAFE is
* defined.
*/
KERNEL_LOCK(1, NULL);
/*
* If ALTQ is enabled on the parent interface, do
* classification; the queueing discipline might
* not require classification, but might require
* the address family/header pointer in the pktattr.
*/
if (ALTQ_IS_ENABLED(&p->if_snd)) {
KASSERT(
p->if_type == IFT_ETHER ||
p->if_type == IFT_L2TP);
altq_etherclassify(&p->if_snd, m);
}
KERNEL_UNLOCK_ONE(NULL);
#endif /* ALTQ */
bpf_mtap(ifp, m, BPF_D_OUT);
/*
* If the parent can insert the tag itself, just mark
* the tag in the mbuf header.
*/
if (ec->ec_capenable & ETHERCAP_VLAN_HWTAGGING) {
vlan_set_tag(m, mib->ifvm_tag);
} else {
/*
* insert the tag ourselves
*/
KASSERT(
p->if_type == IFT_ETHER ||
p->if_type == IFT_L2TP);
(void)ether_inject_vlantag(&m,
ETHERTYPE_VLAN, mib->ifvm_tag);
if (m == NULL) {
printf("%s: unable to inject VLAN tag",
p->if_xname);
continue;
}
}
if ((p->if_flags & IFF_RUNNING) == 0) {
m_freem(m);
continue;
}
error = if_transmit_lock(p, m);
if (error) {
/* mbuf is already freed */
if_statinc(ifp, if_oerrors);
continue;
}
if_statinc(ifp, if_opackets);
}
ifp->if_flags &= ~IFF_OACTIVE;
/* Remove reference to mib before release */
vlan_putref_linkmib(mib, &psref);
curlwp_bindx(bound);
}
if ((error = pfil_run_hooks(ifp->if_pfil, &m, ifp, PFIL_OUT)) != 0)
goto out;
if (m == NULL)
goto out;
/*
* If the parent can insert the tag itself, just mark
* the tag in the mbuf header.
*/
if (ec->ec_capenable & ETHERCAP_VLAN_HWTAGGING) {
vlan_set_tag(m, mib->ifvm_tag);
} else {
/*
* insert the tag ourselves
*/
KASSERT(
p->if_type == IFT_ETHER ||
p->if_type == IFT_L2TP);
error = ether_inject_vlantag(&m,
ETHERTYPE_VLAN, mib->ifvm_tag);
if (error != 0) {
KASSERT(m == NULL);
printf("%s: unable to inject VLAN tag",
p->if_xname);
goto out;
}
}
out:
/* Remove reference to mib before release */
vlan_putref_linkmib(mib, &psref);
curlwp_bindx(bound);
return error;
}
/*
* Given an Ethernet frame, find a valid vlan interface corresponding to the
* given source interface and tag, then run the real packet through the
* parent's input routine.
*/
struct mbuf *
vlan_input(struct ifnet *ifp, struct mbuf *m)
{
struct ifvlan *ifv;
uint16_t vid;
struct ifvlan_linkmib *mib;
struct psref psref;
KASSERT(vlan_has_tag(m));
vid = EVL_VLANOFTAG(vlan_get_tag(m));
KASSERT(vid != 0);
mib = vlan_lookup_tag_psref(ifp, vid, &psref);
if (mib == NULL) {
return m;
}
/*
* Having found a valid vlan interface corresponding to
* the given source interface and vlan tag.
* remove the vlan tag.
*/
m->m_flags &= ~M_VLANTAG;
/*
* Drop promiscuously received packets if we are not in
* promiscuous mode
*/
if ((m->m_flags & (M_BCAST | M_MCAST)) == 0 &&
(ifp->if_flags & IFF_PROMISC) &&
(ifv->ifv_if.if_flags & IFF_PROMISC) == 0) {
struct ether_header *eh;
/*
* If the parent link state changed, the vlan link state should change also.
*/
static void
vlan_link_state_changed(void *xifv)
{
struct ifvlan *ifv = xifv;
struct ifnet *ifp, *p;
struct ifvlan_linkmib *mib;
struct psref psref;
int bound;
