if_faith.c revision 120727 
1/*	$KAME: if_faith.c,v 1.23 2001/12/17 13:55:29 sumikawa Exp $	*/
2
3/*
4 * Copyright (c) 1982, 1986, 1993
5 *	The Regents of the University of California.  All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 *    notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 *    notice, this list of conditions and the following disclaimer in the
14 *    documentation and/or other materials provided with the distribution.
15 * 3. All advertising materials mentioning features or use of this software
16 *    must display the following acknowledgement:
17 *	This product includes software developed by the University of
18 *	California, Berkeley and its contributors.
19 * 4. Neither the name of the University nor the names of its contributors
20 *    may be used to endorse or promote products derived from this software
21 *    without specific prior written permission.
22 *
23 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
24 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
25 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
26 * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
27 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
28 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
29 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
30 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
31 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
32 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
33 * SUCH DAMAGE.
34 *
35 * $FreeBSD: head/sys/net/if_faith.c 120727 2003-10-04 03:44:50Z sam $
36 */
37/*
38 * derived from
39 *	@(#)if_loop.c	8.1 (Berkeley) 6/10/93
40 * Id: if_loop.c,v 1.22 1996/06/19 16:24:10 wollman Exp
41 */
42
43/*
44 * Loopback interface driver for protocol testing and timing.
45 */
46#include "opt_inet.h"
47#include "opt_inet6.h"
48
49#include <sys/param.h>
50#include <sys/systm.h>
51#include <sys/kernel.h>
52#include <sys/mbuf.h>
53#include <sys/socket.h>
54#include <sys/errno.h>
55#include <sys/sockio.h>
56#include <sys/time.h>
57#include <sys/queue.h>
58#include <sys/types.h>
59#include <sys/malloc.h>
60
61#include <net/if.h>
62#include <net/if_types.h>
63#include <net/netisr.h>
64#include <net/route.h>
65#include <net/bpf.h>
66
67#ifdef	INET
68#include <netinet/in.h>
69#include <netinet/in_systm.h>
70#include <netinet/in_var.h>
71#include <netinet/ip.h>
72#endif
73
74#ifdef INET6
75#ifndef INET
76#include <netinet/in.h>
77#endif
78#include <netinet6/in6_var.h>
79#include <netinet/ip6.h>
80#include <netinet6/ip6_var.h>
81#endif
82
83#include <net/net_osdep.h>
84
85#define FAITHNAME	"faith"
86
87struct faith_softc {
88	struct ifnet sc_if;	/* must be first */
89	LIST_ENTRY(faith_softc) sc_list;
90};
91
92static int faithioctl(struct ifnet *, u_long, caddr_t);
93int faithoutput(struct ifnet *, struct mbuf *, struct sockaddr *,
94	struct rtentry *);
95static void faithrtrequest(int, struct rtentry *, struct rt_addrinfo *);
96#ifdef INET6
97static int faithprefix(struct in6_addr *);
98#endif
99
100static int faithmodevent(module_t, int, void *);
101
102static MALLOC_DEFINE(M_FAITH, FAITHNAME, "Firewall Assisted Tunnel Interface");
103static LIST_HEAD(, faith_softc) faith_softc_list;
104
105int	faith_clone_create(struct if_clone *, int);
106void	faith_clone_destroy(struct ifnet *);
107
108struct if_clone faith_cloner = IF_CLONE_INITIALIZER(FAITHNAME,
109    faith_clone_create, faith_clone_destroy, 0, IF_MAXUNIT);
110
111#define	FAITHMTU	1500
112
113static int
114faithmodevent(mod, type, data)
115	module_t mod;
116	int type;
117	void *data;
118{
119
120	switch (type) {
121	case MOD_LOAD:
122		LIST_INIT(&faith_softc_list);
123		if_clone_attach(&faith_cloner);
124
125#ifdef INET6
126		faithprefix_p = faithprefix;
127#endif
128
129		break;
130	case MOD_UNLOAD:
131#ifdef INET6
132		faithprefix_p = NULL;
133#endif
134
135		if_clone_detach(&faith_cloner);
136
137		while (!LIST_EMPTY(&faith_softc_list))
138			faith_clone_destroy(
139			    &LIST_FIRST(&faith_softc_list)->sc_if);
140
141		break;
142	}
143	return 0;
144}
145
146static moduledata_t faith_mod = {
147	"if_faith",
148	faithmodevent,
149	0
150};
151
152DECLARE_MODULE(if_faith, faith_mod, SI_SUB_PSEUDO, SI_ORDER_ANY);
153MODULE_VERSION(if_faith, 1);
154
155int
156faith_clone_create(ifc, unit)
157	struct if_clone *ifc;
158	int unit;
159{
160	struct faith_softc *sc;
161
162	sc = malloc(sizeof(struct faith_softc), M_FAITH, M_WAITOK);
163	bzero(sc, sizeof(struct faith_softc));
164
165	sc->sc_if.if_softc = sc;
166	sc->sc_if.if_name = FAITHNAME;
167	sc->sc_if.if_unit = unit;
168
169	sc->sc_if.if_mtu = FAITHMTU;
170	/* Change to BROADCAST experimentaly to announce its prefix. */
171	sc->sc_if.if_flags = /* IFF_LOOPBACK */ IFF_BROADCAST | IFF_MULTICAST;
172	sc->sc_if.if_ioctl = faithioctl;
173	sc->sc_if.if_output = faithoutput;
174	sc->sc_if.if_type = IFT_FAITH;
175	sc->sc_if.if_hdrlen = 0;
176	sc->sc_if.if_addrlen = 0;
177	sc->sc_if.if_snd.ifq_maxlen = ifqmaxlen;
178	if_attach(&sc->sc_if);
179	bpfattach(&sc->sc_if, DLT_NULL, sizeof(u_int));
180	LIST_INSERT_HEAD(&faith_softc_list, sc, sc_list);
181	return (0);
182}
183
184void
185faith_clone_destroy(ifp)
186	struct ifnet *ifp;
187{
188	struct faith_softc *sc = (void *) ifp;
189
190	LIST_REMOVE(sc, sc_list);
191	bpfdetach(ifp);
192	if_detach(ifp);
193
194	free(sc, M_FAITH);
195}
196
197int
198faithoutput(ifp, m, dst, rt)
199	struct ifnet *ifp;
200	struct mbuf *m;
201	struct sockaddr *dst;
202	struct rtentry *rt;
203{
204	int isr;
205
206	M_ASSERTPKTHDR(m);
207
208	/* BPF write needs to be handled specially */
209	if (dst->sa_family == AF_UNSPEC) {
210		dst->sa_family = *(mtod(m, int *));
211		m->m_len -= sizeof(int);
212		m->m_pkthdr.len -= sizeof(int);
213		m->m_data += sizeof(int);
214	}
215
216	if (ifp->if_bpf) {
217		/*
218		 * We need to prepend the address family as
219		 * a four byte field.  Cons up a faith header
220		 * to pacify bpf.  This is safe because bpf
221		 * will only read from the mbuf (i.e., it won't
222		 * try to free it or keep a pointer a to it).
223		 */
224		struct mbuf m0;
225		u_int32_t af = dst->sa_family;
226
227		m0.m_next = m;
228		m0.m_len = 4;
229		m0.m_data = (char *)&af;
230
231		BPF_MTAP(ifp, &m0);
232	}
233
234	if (rt && rt->rt_flags & (RTF_REJECT|RTF_BLACKHOLE)) {
235		m_freem(m);
236		return (rt->rt_flags & RTF_BLACKHOLE ? 0 :
237		        rt->rt_flags & RTF_HOST ? EHOSTUNREACH : ENETUNREACH);
238	}
239	ifp->if_opackets++;
240	ifp->if_obytes += m->m_pkthdr.len;
241	switch (dst->sa_family) {
242#ifdef INET
243	case AF_INET:
244		isr = NETISR_IP;
245		break;
246#endif
247#ifdef INET6
248	case AF_INET6:
249		isr = NETISR_IPV6;
250		break;
251#endif
252	default:
253		m_freem(m);
254		return EAFNOSUPPORT;
255	}
256
257	/* XXX do we need more sanity checks? */
258
259	m->m_pkthdr.rcvif = ifp;
260	ifp->if_ipackets++;
261	ifp->if_ibytes += m->m_pkthdr.len;
262	netisr_dispatch(isr, m);
263	return (0);
264}
265
266/* ARGSUSED */
267static void
268faithrtrequest(cmd, rt, info)
269	int cmd;
270	struct rtentry *rt;
271	struct rt_addrinfo *info;
272{
273	RT_LOCK_ASSERT(rt);
274
275	if (rt) {
276		rt->rt_rmx.rmx_mtu = rt->rt_ifp->if_mtu; /* for ISO */
277		/*
278		 * For optimal performance, the send and receive buffers
279		 * should be at least twice the MTU plus a little more for
280		 * overhead.
281		 */
282		rt->rt_rmx.rmx_recvpipe =
283			rt->rt_rmx.rmx_sendpipe = 3 * FAITHMTU;
284	}
285}
286
287/*
288 * Process an ioctl request.
289 */
290/* ARGSUSED */
291static int
292faithioctl(ifp, cmd, data)
293	struct ifnet *ifp;
294	u_long cmd;
295	caddr_t data;
296{
297	struct ifaddr *ifa;
298	struct ifreq *ifr = (struct ifreq *)data;
299	int error = 0;
300
301	switch (cmd) {
302
303	case SIOCSIFADDR:
304		ifp->if_flags |= IFF_UP | IFF_RUNNING;
305		ifa = (struct ifaddr *)data;
306		ifa->ifa_rtrequest = faithrtrequest;
307		/*
308		 * Everything else is done at a higher level.
309		 */
310		break;
311
312	case SIOCADDMULTI:
313	case SIOCDELMULTI:
314		if (ifr == 0) {
315			error = EAFNOSUPPORT;		/* XXX */
316			break;
317		}
318		switch (ifr->ifr_addr.sa_family) {
319#ifdef INET
320		case AF_INET:
321			break;
322#endif
323#ifdef INET6
324		case AF_INET6:
325			break;
326#endif
327
328		default:
329			error = EAFNOSUPPORT;
330			break;
331		}
332		break;
333
334#ifdef SIOCSIFMTU
335	case SIOCSIFMTU:
336		ifp->if_mtu = ifr->ifr_mtu;
337		break;
338#endif
339
340	case SIOCSIFFLAGS:
341		break;
342
343	default:
344		error = EINVAL;
345	}
346	return (error);
347}
348
349#ifdef INET6
350/*
351 * XXX could be slow
352 * XXX could be layer violation to call sys/net from sys/netinet6
353 */
354static int
355faithprefix(in6)
356	struct in6_addr *in6;
357{
358	struct rtentry *rt;
359	struct sockaddr_in6 sin6;
360	int ret;
361
362	if (ip6_keepfaith == 0)
363		return 0;
364
365	bzero(&sin6, sizeof(sin6));
366	sin6.sin6_family = AF_INET6;
367	sin6.sin6_len = sizeof(struct sockaddr_in6);
368	sin6.sin6_addr = *in6;
369	rt = rtalloc1((struct sockaddr *)&sin6, 0, 0UL);
370	if (rt && rt->rt_ifp && rt->rt_ifp->if_type == IFT_FAITH &&
371	    (rt->rt_ifp->if_flags & IFF_UP) != 0)
372		ret = 1;
373	else
374		ret = 0;
375	if (rt)
376		RTFREE_LOCKED(rt);
377	return ret;
378}
379#endif
380