if_vlan.c revision 44763
1/* 2 * Copyright 1998 Massachusetts Institute of Technology 3 * 4 * Permission to use, copy, modify, and distribute this software and 5 * its documentation for any purpose and without fee is hereby 6 * granted, provided that both the above copyright notice and this 7 * permission notice appear in all copies, that both the above 8 * copyright notice and this permission notice appear in all 9 * supporting documentation, and that the name of M.I.T. not be used 10 * in advertising or publicity pertaining to distribution of the 11 * software without specific, written prior permission. M.I.T. makes 12 * no representations about the suitability of this software for any 13 * purpose. It is provided "as is" without express or implied 14 * warranty. 15 * 16 * THIS SOFTWARE IS PROVIDED BY M.I.T. ``AS IS''. M.I.T. DISCLAIMS 17 * ALL EXPRESS OR IMPLIED WARRANTIES WITH REGARD TO THIS SOFTWARE, 18 * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 19 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT 20 * SHALL M.I.T. BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 21 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 22 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF 23 * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND 24 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 25 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT 26 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 * 29 * $Id: if_vlan.c,v 1.9 1999/03/15 00:33:02 wpaul Exp $ 30 */ 31 32/* 33 * if_vlan.c - pseudo-device driver for IEEE 802.1Q virtual LANs. 34 * Might be extended some day to also handle IEEE 802.1p priority 35 * tagging. This is sort of sneaky in the implementation, since 36 * we need to pretend to be enough of an Ethernet implementation 37 * to make arp work. The way we do this is by telling everyone 38 * that we are an Ethernet, and then catch the packets that 39 * ether_output() left on our output queue queue when it calls 40 * if_start(), rewrite them for use by the real outgoing interface, 41 * and ask it to send them. 42 * 43 * XXX It's incorrect to assume that we must always kludge up 44 * headers on the physical device's behalf: some devices support 45 * VLAN tag insersion and extraction in firmware. For these cases, 46 * one can change the behavior of the vlan interface by setting 47 * the LINK0 flag on it (that is setting the vlan interface's LINK0 48 * flag, _not_ the parent's LINK0 flag; we try to leave the parent 49 * alone). If the interface as the LINK0 flag set, then it will 50 * not modify the ethernet header on output because the parent 51 * can do that for itself. On input, the parent can call vlan_input_tag() 52 * directly in order to supply us with an incoming mbuf and the vlan 53 * tag value that goes with it. 54 */ 55 56#include "vlan.h" 57#if NVLAN > 0 58#include "opt_inet.h" 59#include "bpfilter.h" 60 61#include <sys/param.h> 62#include <sys/kernel.h> 63#include <sys/malloc.h> 64#include <sys/mbuf.h> 65#include <sys/queue.h> 66#include <sys/socket.h> 67#include <sys/sockio.h> 68#include <sys/sysctl.h> 69#include <sys/systm.h> 70 71#if NBPFILTER > 0 72#include <net/bpf.h> 73#endif 74#include <net/ethernet.h> 75#include <net/if.h> 76#include <net/if_arp.h> 77#include <net/if_dl.h> 78#include <net/if_types.h> 79#include <net/if_vlan_var.h> 80 81#ifdef INET 82#include <netinet/in.h> 83#include <netinet/if_ether.h> 84#endif 85 86SYSCTL_NODE(_net_link, IFT_8021_VLAN, vlan, CTLFLAG_RW, 0, "IEEE 802.1Q VLAN"); 87SYSCTL_NODE(_net_link_vlan, PF_LINK, link, CTLFLAG_RW, 0, "for consistency"); 88 89u_int vlan_proto = ETHERTYPE_VLAN; 90SYSCTL_INT(_net_link_vlan_link, VLANCTL_PROTO, proto, CTLFLAG_RW, &vlan_proto, 91 0, "Ethernet protocol used for VLAN encapsulation"); 92 93static struct ifvlan ifv_softc[NVLAN]; 94 95static void vlan_start(struct ifnet *ifp); 96static void vlan_ifinit(void *foo); 97static int vlan_ioctl(struct ifnet *ifp, u_long cmd, caddr_t addr); 98static int vlan_setmulti(struct ifnet *ifp); 99static int vlan_unconfig(struct ifnet *ifp); 100static int vlan_config(struct ifvlan *ifv, struct ifnet *p); 101 102/* 103 * Program our multicast filter. What we're actually doing is 104 * programming the multicast filter of the parent. This has the 105 * side effect of causing the parent interface to receive multicast 106 * traffic that it doesn't really want, which ends up being discarded 107 * later by the upper protocol layers. Unfortunately, there's no way 108 * to avoid this: there really is only one physical interface. 109 */ 110static int vlan_setmulti(struct ifnet *ifp) 111{ 112 struct ifnet *ifp_p; 113 struct ifmultiaddr *ifma, *rifma = NULL; 114 struct ifvlan *sc; 115 struct vlan_mc_entry *mc = NULL; 116 struct sockaddr_dl sdl; 117 int error; 118 119 /* Find the parent. */ 120 sc = ifp->if_softc; 121 ifp_p = sc->ifv_p; 122 123 sdl.sdl_len = ETHER_ADDR_LEN; 124 sdl.sdl_family = AF_LINK; 125 126 /* First, remove any existing filter entries. */ 127 while(sc->vlan_mc_listhead.slh_first != NULL) { 128 mc = sc->vlan_mc_listhead.slh_first; 129 bcopy((char *)&mc->mc_addr, LLADDR(&sdl), ETHER_ADDR_LEN); 130 error = if_delmulti(ifp_p, (struct sockaddr *)&sdl); 131 if (error) 132 return(error); 133 SLIST_REMOVE_HEAD(&sc->vlan_mc_listhead, mc_entries); 134 free(mc, M_DEVBUF); 135 } 136 137 /* Now program new ones. */ 138 for (ifma = ifp->if_multiaddrs.lh_first; 139 ifma != NULL;ifma = ifma->ifma_link.le_next) { 140 if (ifma->ifma_addr->sa_family != AF_LINK) 141 continue; 142 mc = malloc(sizeof(struct vlan_mc_entry), M_DEVBUF, M_NOWAIT); 143 bcopy(LLADDR((struct sockaddr_dl *)ifma->ifma_addr), 144 (char *)&mc->mc_addr, ETHER_ADDR_LEN); 145 SLIST_INSERT_HEAD(&sc->vlan_mc_listhead, mc, mc_entries); 146 error = if_addmulti(ifp_p, (struct sockaddr *)&sdl, &rifma); 147 if (error) 148 return(error); 149 } 150 151 return(0); 152} 153 154static void 155vlaninit(void *dummy) 156{ 157 int i; 158 159 for (i = 0; i < NVLAN; i++) { 160 struct ifnet *ifp = &ifv_softc[i].ifv_if; 161 162 ifp->if_softc = &ifv_softc[i]; 163 ifp->if_name = "vlan"; 164 ifp->if_unit = i; 165 /* NB: flags are not set here */ 166 ifp->if_linkmib = &ifv_softc[i].ifv_mib; 167 ifp->if_linkmiblen = sizeof ifv_softc[i].ifv_mib; 168 /* NB: mtu is not set here */ 169 170 ifp->if_init = vlan_ifinit; 171 ifp->if_start = vlan_start; 172 ifp->if_ioctl = vlan_ioctl; 173 ifp->if_output = ether_output; 174 ifp->if_snd.ifq_maxlen = ifqmaxlen; 175 if_attach(ifp); 176 ether_ifattach(ifp); 177#if NBPFILTER > 0 178 bpfattach(ifp, DLT_EN10MB, sizeof(struct ether_header)); 179#endif 180 /* Now undo some of the damage... */ 181 ifp->if_data.ifi_type = IFT_8021_VLAN; 182 ifp->if_data.ifi_hdrlen = EVL_ENCAPLEN; 183 ifp->if_resolvemulti = 0; 184 } 185} 186PSEUDO_SET(vlaninit, if_vlan); 187 188static void 189vlan_ifinit(void *foo) 190{ 191 return; 192} 193 194static void 195vlan_start(struct ifnet *ifp) 196{ 197 struct ifvlan *ifv; 198 struct ifnet *p; 199 struct ether_vlan_header *evl; 200 struct mbuf *m; 201 202 ifv = ifp->if_softc; 203 p = ifv->ifv_p; 204 205 ifp->if_flags |= IFF_OACTIVE; 206 for (;;) { 207 IF_DEQUEUE(&ifp->if_snd, m); 208 if (m == 0) 209 break; 210#if NBPFILTER > 0 211 if (ifp->if_bpf) 212 bpf_mtap(ifp, m); 213#endif /* NBPFILTER > 0 */ 214 215 /* 216 * If the LINK0 flag is set, it means the underlying interface 217 * can do VLAN tag insertion itself and doesn't require us to 218 * create a special header for it. In this case, we just pass 219 * the packet along. However, we need some way to tell the 220 * interface where the packet came from so that it knows how 221 * to find the VLAN tag to use, so we set the rcvif in the 222 * mbuf header to our ifnet. 223 * 224 * Note: we also set the M_PROTO1 flag in the mbuf to let 225 * the parent driver know that the rcvif pointer is really 226 * valid. We need to do this because sometimes mbufs will 227 * be allocated by other parts of the system that contain 228 * garbage in the rcvif pointer. Using the M_PROTO1 flag 229 * lets the driver perform a proper sanity check and avoid 230 * following potentially bogus rcvif pointers off into 231 * never-never land. 232 */ 233 if (ifp->if_flags & IFF_LINK0) { 234 m->m_pkthdr.rcvif = ifp; 235 m->m_flags |= M_PROTO1; 236 } else { 237 M_PREPEND(m, EVL_ENCAPLEN, M_DONTWAIT); 238 if (m == 0) 239 continue; 240 /* M_PREPEND takes care of m_len, m_pkthdr.len for us */ 241 242 /* 243 * Transform the Ethernet header into an Ethernet header 244 * with 802.1Q encapsulation. 245 */ 246 bcopy(mtod(m, char *) + EVL_ENCAPLEN, mtod(m, char *), 247 sizeof(struct ether_header)); 248 evl = mtod(m, struct ether_vlan_header *); 249 evl->evl_proto = evl->evl_encap_proto; 250 evl->evl_encap_proto = htons(vlan_proto); 251 evl->evl_tag = htons(ifv->ifv_tag); 252#ifdef DEBUG 253 printf("vlan_start: %*D\n", sizeof *evl, 254 (char *)evl, ":"); 255#endif 256 } 257 258 /* 259 * Send it, precisely as ether_output() would have. 260 * We are already running at splimp. 261 */ 262 if (IF_QFULL(&p->if_snd)) { 263 IF_DROP(&p->if_snd); 264 /* XXX stats */ 265 ifp->if_oerrors++; 266 m_freem(m); 267 continue; 268 } 269 IF_ENQUEUE(&p->if_snd, m); 270 if ((p->if_flags & IFF_OACTIVE) == 0) { 271 p->if_start(p); 272 ifp->if_opackets++; 273 } 274 } 275 ifp->if_flags &= ~IFF_OACTIVE; 276 277 return; 278} 279 280void 281vlan_input_tag(struct ether_header *eh, struct mbuf *m, u_int16_t t) 282{ 283 int i; 284 struct ifvlan *ifv; 285 286 for (i = 0; i < NVLAN; i++) { 287 ifv = &ifv_softc[i]; 288 if (ifv->ifv_tag == t) 289 break; 290 } 291 292 if (i >= NVLAN || (ifv->ifv_if.if_flags & IFF_UP) == 0) { 293 m_freem(m); 294 ifv->ifv_p->if_data.ifi_noproto++; 295 return; 296 } 297 298 /* 299 * Having found a valid vlan interface corresponding to 300 * the given source interface and vlan tag, run the 301 * the real packet through ethert_input(). 302 */ 303 m->m_pkthdr.rcvif = &ifv->ifv_if; 304 305#if NBPFILTER > 0 306 if (ifv->ifv_if.if_bpf) { 307 /* 308 * Do the usual BPF fakery. Note that we don't support 309 * promiscuous mode here, since it would require the 310 * drivers to know about VLANs and we're not ready for 311 * that yet. 312 */ 313 struct mbuf m0; 314 m0.m_next = m; 315 m0.m_len = sizeof(struct ether_header); 316 m0.m_data = (char *)eh; 317 bpf_mtap(&ifv->ifv_if, &m0); 318 } 319#endif 320 ifv->ifv_if.if_ipackets++; 321 ether_input(&ifv->ifv_if, eh, m); 322 return; 323} 324 325int 326vlan_input(struct ether_header *eh, struct mbuf *m) 327{ 328 int i; 329 struct ifvlan *ifv; 330 331 for (i = 0; i < NVLAN; i++) { 332 ifv = &ifv_softc[i]; 333 if (m->m_pkthdr.rcvif == ifv->ifv_p 334 && (EVL_VLANOFTAG(ntohs(*mtod(m, u_int16_t *))) 335 == ifv->ifv_tag)) 336 break; 337 } 338 339 if (i >= NVLAN || (ifv->ifv_if.if_flags & IFF_UP) == 0) { 340 m_freem(m); 341 return -1; /* so ether_input can take note */ 342 } 343 344 /* 345 * Having found a valid vlan interface corresponding to 346 * the given source interface and vlan tag, remove the 347 * encapsulation, and run the real packet through 348 * ether_input() a second time (it had better be 349 * reentrant!). 350 */ 351 m->m_pkthdr.rcvif = &ifv->ifv_if; 352 eh->ether_type = mtod(m, u_int16_t *)[1]; 353 m->m_data += EVL_ENCAPLEN; 354 m->m_len -= EVL_ENCAPLEN; 355 m->m_pkthdr.len -= EVL_ENCAPLEN; 356 357#if NBPFILTER > 0 358 if (ifv->ifv_if.if_bpf) { 359 /* 360 * Do the usual BPF fakery. Note that we don't support 361 * promiscuous mode here, since it would require the 362 * drivers to know about VLANs and we're not ready for 363 * that yet. 364 */ 365 struct mbuf m0; 366 m0.m_next = m; 367 m0.m_len = sizeof(struct ether_header); 368 m0.m_data = (char *)eh; 369 bpf_mtap(&ifv->ifv_if, &m0); 370 } 371#endif 372 ifv->ifv_if.if_ipackets++; 373 ether_input(&ifv->ifv_if, eh, m); 374 return 0; 375} 376 377static int 378vlan_config(struct ifvlan *ifv, struct ifnet *p) 379{ 380 struct ifaddr *ifa1, *ifa2; 381 struct sockaddr_dl *sdl1, *sdl2; 382 383 if (p->if_data.ifi_type != IFT_ETHER) 384 return EPROTONOSUPPORT; 385 if (ifv->ifv_p) 386 return EBUSY; 387 ifv->ifv_p = p; 388 if (p->if_data.ifi_hdrlen == sizeof(struct ether_vlan_header)) 389 ifv->ifv_if.if_mtu = p->if_mtu; 390 else 391 ifv->ifv_if.if_mtu = p->if_data.ifi_mtu - EVL_ENCAPLEN; 392 393 /* 394 * Preserve the state of the LINK0 flag for ourselves. 395 */ 396 ifv->ifv_if.if_flags = (p->if_flags & ~(IFF_LINK0)); 397 398 /* 399 * Set up our ``Ethernet address'' to reflect the underlying 400 * physical interface's. 401 */ 402 ifa1 = ifnet_addrs[ifv->ifv_if.if_index - 1]; 403 ifa2 = ifnet_addrs[p->if_index - 1]; 404 sdl1 = (struct sockaddr_dl *)ifa1->ifa_addr; 405 sdl2 = (struct sockaddr_dl *)ifa2->ifa_addr; 406 sdl1->sdl_type = IFT_ETHER; 407 sdl1->sdl_alen = ETHER_ADDR_LEN; 408 bcopy(LLADDR(sdl2), LLADDR(sdl1), ETHER_ADDR_LEN); 409 bcopy(LLADDR(sdl2), ifv->ifv_ac.ac_enaddr, ETHER_ADDR_LEN); 410 return 0; 411} 412 413static int 414vlan_unconfig(struct ifnet *ifp) 415{ 416 struct ifaddr *ifa; 417 struct sockaddr_dl *sdl; 418 struct vlan_mc_entry *mc; 419 struct ifvlan *ifv; 420 struct ifnet *p; 421 int error; 422 423 ifv = ifp->if_softc; 424 p = ifv->ifv_p; 425 426 /* 427 * Since the interface is being unconfigured, we need to 428 * empty the list of multicast groups that we may have joined 429 * while we were alive and remove them from the parent's list 430 * as well. 431 */ 432 while(ifv->vlan_mc_listhead.slh_first != NULL) { 433 struct sockaddr_dl sdl; 434 435 sdl.sdl_len = ETHER_ADDR_LEN; 436 sdl.sdl_family = AF_LINK; 437 mc = ifv->vlan_mc_listhead.slh_first; 438 bcopy((char *)&mc->mc_addr, LLADDR(&sdl), ETHER_ADDR_LEN); 439 error = if_delmulti(p, (struct sockaddr *)&sdl); 440 error = if_delmulti(ifp, (struct sockaddr *)&sdl); 441 if (error) 442 return(error); 443 SLIST_REMOVE_HEAD(&ifv->vlan_mc_listhead, mc_entries); 444 free(mc, M_DEVBUF); 445 } 446 447 /* Disconnect from parent. */ 448 ifv->ifv_p = NULL; 449 ifv->ifv_if.if_mtu = ETHERMTU; 450 451 /* Clear our MAC address. */ 452 ifa = ifnet_addrs[ifv->ifv_if.if_index - 1]; 453 sdl = (struct sockaddr_dl *)ifa->ifa_addr; 454 sdl->sdl_type = IFT_ETHER; 455 sdl->sdl_alen = ETHER_ADDR_LEN; 456 bzero(LLADDR(sdl), ETHER_ADDR_LEN); 457 bzero(ifv->ifv_ac.ac_enaddr, ETHER_ADDR_LEN); 458 459 return 0; 460} 461 462static int 463vlan_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) 464{ 465 struct ifaddr *ifa; 466 struct ifnet *p; 467 struct ifreq *ifr; 468 struct ifvlan *ifv; 469 struct vlanreq vlr; 470 int error = 0; 471 472 ifr = (struct ifreq *)data; 473 ifa = (struct ifaddr *)data; 474 ifv = ifp->if_softc; 475 476 switch (cmd) { 477 case SIOCSIFADDR: 478 ifp->if_flags |= IFF_UP; 479 480 switch (ifa->ifa_addr->sa_family) { 481#ifdef INET 482 case AF_INET: 483 arp_ifinit(&ifv->ifv_ac, ifa); 484 break; 485#endif 486 default: 487 break; 488 } 489 break; 490 491 case SIOCGIFADDR: 492 { 493 struct sockaddr *sa; 494 495 sa = (struct sockaddr *) &ifr->ifr_data; 496 bcopy(((struct arpcom *)ifp->if_softc)->ac_enaddr, 497 (caddr_t) sa->sa_data, ETHER_ADDR_LEN); 498 } 499 break; 500 501 case SIOCSIFMTU: 502 /* 503 * Set the interface MTU. 504 * This is bogus. The underlying interface might support 505 * jumbo frames. 506 */ 507 if (ifr->ifr_mtu > ETHERMTU) { 508 error = EINVAL; 509 } else { 510 ifp->if_mtu = ifr->ifr_mtu; 511 } 512 break; 513 514 case SIOCSETVLAN: 515 error = copyin(ifr->ifr_data, &vlr, sizeof vlr); 516 if (error) 517 break; 518 if (vlr.vlr_parent[0] == '\0') { 519 vlan_unconfig(ifp); 520 if_down(ifp); 521 ifp->if_flags = 0; 522 break; 523 } 524 p = ifunit(vlr.vlr_parent); 525 if (p == 0) { 526 error = ENOENT; 527 break; 528 } 529 error = vlan_config(ifv, p); 530 if (error) 531 break; 532 ifv->ifv_tag = vlr.vlr_tag; 533 break; 534 535 case SIOCGETVLAN: 536 bzero(&vlr, sizeof vlr); 537 if (ifv->ifv_p) { 538 snprintf(vlr.vlr_parent, sizeof(vlr.vlr_parent), 539 "%s%d", ifv->ifv_p->if_name, ifv->ifv_p->if_unit); 540 vlr.vlr_tag = ifv->ifv_tag; 541 } 542 error = copyout(&vlr, ifr->ifr_data, sizeof vlr); 543 break; 544 545 case SIOCSIFFLAGS: 546 /* 547 * We don't support promiscuous mode 548 * right now because it would require help from the 549 * underlying drivers, which hasn't been implemented. 550 */ 551 if (ifr->ifr_flags & (IFF_PROMISC)) { 552 ifp->if_flags &= ~(IFF_PROMISC); 553 error = EINVAL; 554 } 555 break; 556 case SIOCADDMULTI: 557 case SIOCDELMULTI: 558 error = vlan_setmulti(ifp); 559 break; 560 default: 561 error = EINVAL; 562 } 563 return error; 564} 565 566#endif /* NVLAN > 0 */ 567