if_faith.c revision 120727
1/* $KAME: if_faith.c,v 1.23 2001/12/17 13:55:29 sumikawa Exp $ */ 2 3/* 4 * Copyright (c) 1982, 1986, 1993 5 * The Regents of the University of California. All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 3. All advertising materials mentioning features or use of this software 16 * must display the following acknowledgement: 17 * This product includes software developed by the University of 18 * California, Berkeley and its contributors. 19 * 4. Neither the name of the University nor the names of its contributors 20 * may be used to endorse or promote products derived from this software 21 * without specific prior written permission. 22 * 23 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 24 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 25 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 26 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 27 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 28 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 29 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 30 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 31 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 32 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 33 * SUCH DAMAGE. 34 * 35 * $FreeBSD: head/sys/net/if_faith.c 120727 2003-10-04 03:44:50Z sam $ 36 */ 37/* 38 * derived from 39 * @(#)if_loop.c 8.1 (Berkeley) 6/10/93 40 * Id: if_loop.c,v 1.22 1996/06/19 16:24:10 wollman Exp 41 */ 42 43/* 44 * Loopback interface driver for protocol testing and timing. 45 */ 46#include "opt_inet.h" 47#include "opt_inet6.h" 48 49#include <sys/param.h> 50#include <sys/systm.h> 51#include <sys/kernel.h> 52#include <sys/mbuf.h> 53#include <sys/socket.h> 54#include <sys/errno.h> 55#include <sys/sockio.h> 56#include <sys/time.h> 57#include <sys/queue.h> 58#include <sys/types.h> 59#include <sys/malloc.h> 60 61#include <net/if.h> 62#include <net/if_types.h> 63#include <net/netisr.h> 64#include <net/route.h> 65#include <net/bpf.h> 66 67#ifdef INET 68#include <netinet/in.h> 69#include <netinet/in_systm.h> 70#include <netinet/in_var.h> 71#include <netinet/ip.h> 72#endif 73 74#ifdef INET6 75#ifndef INET 76#include <netinet/in.h> 77#endif 78#include <netinet6/in6_var.h> 79#include <netinet/ip6.h> 80#include <netinet6/ip6_var.h> 81#endif 82 83#include <net/net_osdep.h> 84 85#define FAITHNAME "faith" 86 87struct faith_softc { 88 struct ifnet sc_if; /* must be first */ 89 LIST_ENTRY(faith_softc) sc_list; 90}; 91 92static int faithioctl(struct ifnet *, u_long, caddr_t); 93int faithoutput(struct ifnet *, struct mbuf *, struct sockaddr *, 94 struct rtentry *); 95static void faithrtrequest(int, struct rtentry *, struct rt_addrinfo *); 96#ifdef INET6 97static int faithprefix(struct in6_addr *); 98#endif 99 100static int faithmodevent(module_t, int, void *); 101 102static MALLOC_DEFINE(M_FAITH, FAITHNAME, "Firewall Assisted Tunnel Interface"); 103static LIST_HEAD(, faith_softc) faith_softc_list; 104 105int faith_clone_create(struct if_clone *, int); 106void faith_clone_destroy(struct ifnet *); 107 108struct if_clone faith_cloner = IF_CLONE_INITIALIZER(FAITHNAME, 109 faith_clone_create, faith_clone_destroy, 0, IF_MAXUNIT); 110 111#define FAITHMTU 1500 112 113static int 114faithmodevent(mod, type, data) 115 module_t mod; 116 int type; 117 void *data; 118{ 119 120 switch (type) { 121 case MOD_LOAD: 122 LIST_INIT(&faith_softc_list); 123 if_clone_attach(&faith_cloner); 124 125#ifdef INET6 126 faithprefix_p = faithprefix; 127#endif 128 129 break; 130 case MOD_UNLOAD: 131#ifdef INET6 132 faithprefix_p = NULL; 133#endif 134 135 if_clone_detach(&faith_cloner); 136 137 while (!LIST_EMPTY(&faith_softc_list)) 138 faith_clone_destroy( 139 &LIST_FIRST(&faith_softc_list)->sc_if); 140 141 break; 142 } 143 return 0; 144} 145 146static moduledata_t faith_mod = { 147 "if_faith", 148 faithmodevent, 149 0 150}; 151 152DECLARE_MODULE(if_faith, faith_mod, SI_SUB_PSEUDO, SI_ORDER_ANY); 153MODULE_VERSION(if_faith, 1); 154 155int 156faith_clone_create(ifc, unit) 157 struct if_clone *ifc; 158 int unit; 159{ 160 struct faith_softc *sc; 161 162 sc = malloc(sizeof(struct faith_softc), M_FAITH, M_WAITOK); 163 bzero(sc, sizeof(struct faith_softc)); 164 165 sc->sc_if.if_softc = sc; 166 sc->sc_if.if_name = FAITHNAME; 167 sc->sc_if.if_unit = unit; 168 169 sc->sc_if.if_mtu = FAITHMTU; 170 /* Change to BROADCAST experimentaly to announce its prefix. */ 171 sc->sc_if.if_flags = /* IFF_LOOPBACK */ IFF_BROADCAST | IFF_MULTICAST; 172 sc->sc_if.if_ioctl = faithioctl; 173 sc->sc_if.if_output = faithoutput; 174 sc->sc_if.if_type = IFT_FAITH; 175 sc->sc_if.if_hdrlen = 0; 176 sc->sc_if.if_addrlen = 0; 177 sc->sc_if.if_snd.ifq_maxlen = ifqmaxlen; 178 if_attach(&sc->sc_if); 179 bpfattach(&sc->sc_if, DLT_NULL, sizeof(u_int)); 180 LIST_INSERT_HEAD(&faith_softc_list, sc, sc_list); 181 return (0); 182} 183 184void 185faith_clone_destroy(ifp) 186 struct ifnet *ifp; 187{ 188 struct faith_softc *sc = (void *) ifp; 189 190 LIST_REMOVE(sc, sc_list); 191 bpfdetach(ifp); 192 if_detach(ifp); 193 194 free(sc, M_FAITH); 195} 196 197int 198faithoutput(ifp, m, dst, rt) 199 struct ifnet *ifp; 200 struct mbuf *m; 201 struct sockaddr *dst; 202 struct rtentry *rt; 203{ 204 int isr; 205 206 M_ASSERTPKTHDR(m); 207 208 /* BPF write needs to be handled specially */ 209 if (dst->sa_family == AF_UNSPEC) { 210 dst->sa_family = *(mtod(m, int *)); 211 m->m_len -= sizeof(int); 212 m->m_pkthdr.len -= sizeof(int); 213 m->m_data += sizeof(int); 214 } 215 216 if (ifp->if_bpf) { 217 /* 218 * We need to prepend the address family as 219 * a four byte field. Cons up a faith header 220 * to pacify bpf. This is safe because bpf 221 * will only read from the mbuf (i.e., it won't 222 * try to free it or keep a pointer a to it). 223 */ 224 struct mbuf m0; 225 u_int32_t af = dst->sa_family; 226 227 m0.m_next = m; 228 m0.m_len = 4; 229 m0.m_data = (char *)⁡ 230 231 BPF_MTAP(ifp, &m0); 232 } 233 234 if (rt && rt->rt_flags & (RTF_REJECT|RTF_BLACKHOLE)) { 235 m_freem(m); 236 return (rt->rt_flags & RTF_BLACKHOLE ? 0 : 237 rt->rt_flags & RTF_HOST ? EHOSTUNREACH : ENETUNREACH); 238 } 239 ifp->if_opackets++; 240 ifp->if_obytes += m->m_pkthdr.len; 241 switch (dst->sa_family) { 242#ifdef INET 243 case AF_INET: 244 isr = NETISR_IP; 245 break; 246#endif 247#ifdef INET6 248 case AF_INET6: 249 isr = NETISR_IPV6; 250 break; 251#endif 252 default: 253 m_freem(m); 254 return EAFNOSUPPORT; 255 } 256 257 /* XXX do we need more sanity checks? */ 258 259 m->m_pkthdr.rcvif = ifp; 260 ifp->if_ipackets++; 261 ifp->if_ibytes += m->m_pkthdr.len; 262 netisr_dispatch(isr, m); 263 return (0); 264} 265 266/* ARGSUSED */ 267static void 268faithrtrequest(cmd, rt, info) 269 int cmd; 270 struct rtentry *rt; 271 struct rt_addrinfo *info; 272{ 273 RT_LOCK_ASSERT(rt); 274 275 if (rt) { 276 rt->rt_rmx.rmx_mtu = rt->rt_ifp->if_mtu; /* for ISO */ 277 /* 278 * For optimal performance, the send and receive buffers 279 * should be at least twice the MTU plus a little more for 280 * overhead. 281 */ 282 rt->rt_rmx.rmx_recvpipe = 283 rt->rt_rmx.rmx_sendpipe = 3 * FAITHMTU; 284 } 285} 286 287/* 288 * Process an ioctl request. 289 */ 290/* ARGSUSED */ 291static int 292faithioctl(ifp, cmd, data) 293 struct ifnet *ifp; 294 u_long cmd; 295 caddr_t data; 296{ 297 struct ifaddr *ifa; 298 struct ifreq *ifr = (struct ifreq *)data; 299 int error = 0; 300 301 switch (cmd) { 302 303 case SIOCSIFADDR: 304 ifp->if_flags |= IFF_UP | IFF_RUNNING; 305 ifa = (struct ifaddr *)data; 306 ifa->ifa_rtrequest = faithrtrequest; 307 /* 308 * Everything else is done at a higher level. 309 */ 310 break; 311 312 case SIOCADDMULTI: 313 case SIOCDELMULTI: 314 if (ifr == 0) { 315 error = EAFNOSUPPORT; /* XXX */ 316 break; 317 } 318 switch (ifr->ifr_addr.sa_family) { 319#ifdef INET 320 case AF_INET: 321 break; 322#endif 323#ifdef INET6 324 case AF_INET6: 325 break; 326#endif 327 328 default: 329 error = EAFNOSUPPORT; 330 break; 331 } 332 break; 333 334#ifdef SIOCSIFMTU 335 case SIOCSIFMTU: 336 ifp->if_mtu = ifr->ifr_mtu; 337 break; 338#endif 339 340 case SIOCSIFFLAGS: 341 break; 342 343 default: 344 error = EINVAL; 345 } 346 return (error); 347} 348 349#ifdef INET6 350/* 351 * XXX could be slow 352 * XXX could be layer violation to call sys/net from sys/netinet6 353 */ 354static int 355faithprefix(in6) 356 struct in6_addr *in6; 357{ 358 struct rtentry *rt; 359 struct sockaddr_in6 sin6; 360 int ret; 361 362 if (ip6_keepfaith == 0) 363 return 0; 364 365 bzero(&sin6, sizeof(sin6)); 366 sin6.sin6_family = AF_INET6; 367 sin6.sin6_len = sizeof(struct sockaddr_in6); 368 sin6.sin6_addr = *in6; 369 rt = rtalloc1((struct sockaddr *)&sin6, 0, 0UL); 370 if (rt && rt->rt_ifp && rt->rt_ifp->if_type == IFT_FAITH && 371 (rt->rt_ifp->if_flags & IFF_UP) != 0) 372 ret = 1; 373 else 374 ret = 0; 375 if (rt) 376 RTFREE_LOCKED(rt); 377 return ret; 378} 379#endif 380