if_ethersubr.c revision 126486
1/* 2 * Copyright (c) 1982, 1989, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 3. All advertising materials mentioning features or use of this software 14 * must display the following acknowledgement: 15 * This product includes software developed by the University of 16 * California, Berkeley and its contributors. 17 * 4. Neither the name of the University nor the names of its contributors 18 * may be used to endorse or promote products derived from this software 19 * without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 * 33 * @(#)if_ethersubr.c 8.1 (Berkeley) 6/10/93 34 * $FreeBSD: head/sys/net/if_ethersubr.c 126486 2004-03-02 14:37:23Z mlaier $ 35 */ 36 37#include "opt_atalk.h" 38#include "opt_inet.h" 39#include "opt_inet6.h" 40#include "opt_ipx.h" 41#include "opt_bdg.h" 42#include "opt_mac.h" 43#include "opt_netgraph.h" 44 45#include <sys/param.h> 46#include <sys/systm.h> 47#include <sys/kernel.h> 48#include <sys/mac.h> 49#include <sys/malloc.h> 50#include <sys/mbuf.h> 51#include <sys/random.h> 52#include <sys/socket.h> 53#include <sys/sockio.h> 54#include <sys/sysctl.h> 55 56#include <net/if.h> 57#include <net/netisr.h> 58#include <net/route.h> 59#include <net/if_llc.h> 60#include <net/if_dl.h> 61#include <net/if_types.h> 62#include <net/bpf.h> 63#include <net/ethernet.h> 64#include <net/bridge.h> 65#include <net/if_vlan_var.h> 66 67#if defined(INET) || defined(INET6) 68#include <netinet/in.h> 69#include <netinet/in_var.h> 70#include <netinet/if_ether.h> 71#include <netinet/ip_fw.h> 72#include <netinet/ip_dummynet.h> 73#endif 74#ifdef INET6 75#include <netinet6/nd6.h> 76#endif 77 78#ifdef IPX 79#include <netipx/ipx.h> 80#include <netipx/ipx_if.h> 81int (*ef_inputp)(struct ifnet*, struct ether_header *eh, struct mbuf *m); 82int (*ef_outputp)(struct ifnet *ifp, struct mbuf **mp, 83 struct sockaddr *dst, short *tp, int *hlen); 84#endif 85 86#ifdef NETATALK 87#include <netatalk/at.h> 88#include <netatalk/at_var.h> 89#include <netatalk/at_extern.h> 90 91#define llc_snap_org_code llc_un.type_snap.org_code 92#define llc_snap_ether_type llc_un.type_snap.ether_type 93 94extern u_char at_org_code[3]; 95extern u_char aarp_org_code[3]; 96#endif /* NETATALK */ 97 98/* netgraph node hooks for ng_ether(4) */ 99void (*ng_ether_input_p)(struct ifnet *ifp, struct mbuf **mp); 100void (*ng_ether_input_orphan_p)(struct ifnet *ifp, struct mbuf *m); 101int (*ng_ether_output_p)(struct ifnet *ifp, struct mbuf **mp); 102void (*ng_ether_attach_p)(struct ifnet *ifp); 103void (*ng_ether_detach_p)(struct ifnet *ifp); 104 105void (*vlan_input_p)(struct ifnet *, struct mbuf *); 106 107/* bridge support */ 108int do_bridge; 109bridge_in_t *bridge_in_ptr; 110bdg_forward_t *bdg_forward_ptr; 111bdgtakeifaces_t *bdgtakeifaces_ptr; 112struct bdg_softc *ifp2sc; 113 114static u_char etherbroadcastaddr[ETHER_ADDR_LEN] = 115 { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff }; 116 117static int ether_resolvemulti(struct ifnet *, struct sockaddr **, 118 struct sockaddr *); 119 120#define senderr(e) do { error = (e); goto bad;} while (0) 121#define IFP2AC(IFP) ((struct arpcom *)IFP) 122 123int 124ether_ipfw_chk(struct mbuf **m0, struct ifnet *dst, 125 struct ip_fw **rule, int shared); 126static int ether_ipfw; 127 128/* 129 * Ethernet output routine. 130 * Encapsulate a packet of type family for the local net. 131 * Use trailer local net encapsulation if enough data in first 132 * packet leaves a multiple of 512 bytes of data in remainder. 133 * Assumes that ifp is actually pointer to arpcom structure. 134 */ 135int 136ether_output(struct ifnet *ifp, struct mbuf *m, 137 struct sockaddr *dst, struct rtentry *rt0) 138{ 139 short type; 140 int error = 0, hdrcmplt = 0; 141 u_char esrc[ETHER_ADDR_LEN], edst[ETHER_ADDR_LEN]; 142 struct rtentry *rt; 143 struct ether_header *eh; 144 int loop_copy = 0; 145 int hlen; /* link layer header length */ 146 struct arpcom *ac = IFP2AC(ifp); 147 148#ifdef MAC 149 error = mac_check_ifnet_transmit(ifp, m); 150 if (error) 151 senderr(error); 152#endif 153 154 if (ifp->if_flags & IFF_MONITOR) 155 senderr(ENETDOWN); 156 if ((ifp->if_flags & (IFF_UP|IFF_RUNNING)) != (IFF_UP|IFF_RUNNING)) 157 senderr(ENETDOWN); 158 159 error = rt_check(&rt, &rt0, dst); 160 if (error) 161 goto bad; 162 163 hlen = ETHER_HDR_LEN; 164 switch (dst->sa_family) { 165#ifdef INET 166 case AF_INET: 167 if (!arpresolve(ifp, rt, m, dst, edst, rt0)) 168 return (0); /* if not yet resolved */ 169 type = htons(ETHERTYPE_IP); 170 break; 171#endif 172#ifdef INET6 173 case AF_INET6: 174 if (!nd6_storelladdr(&ac->ac_if, rt, m, dst, (u_char *)edst)) { 175 /* Something bad happened */ 176 return(0); 177 } 178 type = htons(ETHERTYPE_IPV6); 179 break; 180#endif 181#ifdef IPX 182 case AF_IPX: 183 if (ef_outputp) { 184 error = ef_outputp(ifp, &m, dst, &type, &hlen); 185 if (error) 186 goto bad; 187 } else 188 type = htons(ETHERTYPE_IPX); 189 bcopy((caddr_t)&(((struct sockaddr_ipx *)dst)->sipx_addr.x_host), 190 (caddr_t)edst, sizeof (edst)); 191 break; 192#endif 193#ifdef NETATALK 194 case AF_APPLETALK: 195 { 196 struct at_ifaddr *aa; 197 198 if ((aa = at_ifawithnet((struct sockaddr_at *)dst)) == NULL) { 199 goto bad; 200 } 201 if (!aarpresolve(ac, m, (struct sockaddr_at *)dst, edst)) 202 return (0); 203 /* 204 * In the phase 2 case, need to prepend an mbuf for the llc header. 205 * Since we must preserve the value of m, which is passed to us by 206 * value, we m_copy() the first mbuf, and use it for our llc header. 207 */ 208 if ( aa->aa_flags & AFA_PHASE2 ) { 209 struct llc llc; 210 211 M_PREPEND(m, LLC_SNAPFRAMELEN, M_TRYWAIT); 212 if (m == NULL) 213 senderr(ENOBUFS); 214 llc.llc_dsap = llc.llc_ssap = LLC_SNAP_LSAP; 215 llc.llc_control = LLC_UI; 216 bcopy(at_org_code, llc.llc_snap_org_code, sizeof(at_org_code)); 217 llc.llc_snap_ether_type = htons( ETHERTYPE_AT ); 218 bcopy(&llc, mtod(m, caddr_t), LLC_SNAPFRAMELEN); 219 type = htons(m->m_pkthdr.len); 220 hlen = LLC_SNAPFRAMELEN + ETHER_HDR_LEN; 221 } else { 222 type = htons(ETHERTYPE_AT); 223 } 224 break; 225 } 226#endif /* NETATALK */ 227 228 case pseudo_AF_HDRCMPLT: 229 hdrcmplt = 1; 230 eh = (struct ether_header *)dst->sa_data; 231 (void)memcpy(esrc, eh->ether_shost, sizeof (esrc)); 232 /* FALLTHROUGH */ 233 234 case AF_UNSPEC: 235 loop_copy = -1; /* if this is for us, don't do it */ 236 eh = (struct ether_header *)dst->sa_data; 237 (void)memcpy(edst, eh->ether_dhost, sizeof (edst)); 238 type = eh->ether_type; 239 break; 240 241 default: 242 if_printf(ifp, "can't handle af%d\n", dst->sa_family); 243 senderr(EAFNOSUPPORT); 244 } 245 246 /* 247 * Add local net header. If no space in first mbuf, 248 * allocate another. 249 */ 250 M_PREPEND(m, ETHER_HDR_LEN, M_DONTWAIT); 251 if (m == NULL) 252 senderr(ENOBUFS); 253 eh = mtod(m, struct ether_header *); 254 (void)memcpy(&eh->ether_type, &type, 255 sizeof(eh->ether_type)); 256 (void)memcpy(eh->ether_dhost, edst, sizeof (edst)); 257 if (hdrcmplt) 258 (void)memcpy(eh->ether_shost, esrc, 259 sizeof(eh->ether_shost)); 260 else 261 (void)memcpy(eh->ether_shost, ac->ac_enaddr, 262 sizeof(eh->ether_shost)); 263 264 /* 265 * If a simplex interface, and the packet is being sent to our 266 * Ethernet address or a broadcast address, loopback a copy. 267 * XXX To make a simplex device behave exactly like a duplex 268 * device, we should copy in the case of sending to our own 269 * ethernet address (thus letting the original actually appear 270 * on the wire). However, we don't do that here for security 271 * reasons and compatibility with the original behavior. 272 */ 273 if ((ifp->if_flags & IFF_SIMPLEX) && (loop_copy != -1)) { 274 int csum_flags = 0; 275 276 if (m->m_pkthdr.csum_flags & CSUM_IP) 277 csum_flags |= (CSUM_IP_CHECKED|CSUM_IP_VALID); 278 if (m->m_pkthdr.csum_flags & CSUM_DELAY_DATA) 279 csum_flags |= (CSUM_DATA_VALID|CSUM_PSEUDO_HDR); 280 281 if ((m->m_flags & M_BCAST) || (loop_copy > 0)) { 282 struct mbuf *n; 283 284 if ((n = m_copy(m, 0, (int)M_COPYALL)) != NULL) { 285 n->m_pkthdr.csum_flags |= csum_flags; 286 if (csum_flags & CSUM_DATA_VALID) 287 n->m_pkthdr.csum_data = 0xffff; 288 (void)if_simloop(ifp, n, dst->sa_family, hlen); 289 } else 290 ifp->if_iqdrops++; 291 } else if (bcmp(eh->ether_dhost, eh->ether_shost, 292 ETHER_ADDR_LEN) == 0) { 293 m->m_pkthdr.csum_flags |= csum_flags; 294 if (csum_flags & CSUM_DATA_VALID) 295 m->m_pkthdr.csum_data = 0xffff; 296 (void) if_simloop(ifp, m, dst->sa_family, hlen); 297 return (0); /* XXX */ 298 } 299 } 300 301 /* Handle ng_ether(4) processing, if any */ 302 if (ng_ether_output_p != NULL) { 303 if ((error = (*ng_ether_output_p)(ifp, &m)) != 0) { 304bad: if (m != NULL) 305 m_freem(m); 306 return (error); 307 } 308 if (m == NULL) 309 return (0); 310 } 311 312 /* Continue with link-layer output */ 313 return ether_output_frame(ifp, m); 314} 315 316/* 317 * Ethernet link layer output routine to send a raw frame to the device. 318 * 319 * This assumes that the 14 byte Ethernet header is present and contiguous 320 * in the first mbuf (if BRIDGE'ing). 321 */ 322int 323ether_output_frame(struct ifnet *ifp, struct mbuf *m) 324{ 325 struct ip_fw *rule = ip_dn_claim_rule(m); 326 327 if (rule == NULL && BDG_ACTIVE(ifp)) { 328 /* 329 * Beware, the bridge code notices the null rcvif and 330 * uses that identify that it's being called from 331 * ether_output as opposd to ether_input. Yech. 332 */ 333 m->m_pkthdr.rcvif = NULL; 334 m = bdg_forward_ptr(m, ifp); 335 if (m != NULL) 336 m_freem(m); 337 return (0); 338 } 339 if (IPFW_LOADED && ether_ipfw != 0) { 340 if (ether_ipfw_chk(&m, ifp, &rule, 0) == 0) { 341 if (m) { 342 m_freem(m); 343 return EACCES; /* pkt dropped */ 344 } else 345 return 0; /* consumed e.g. in a pipe */ 346 } 347 } 348 349 /* 350 * Queue message on interface, update output statistics if 351 * successful, and start output if interface not yet active. 352 */ 353 return (IF_HANDOFF(&ifp->if_snd, m, ifp) ? 0 : ENOBUFS); 354} 355 356/* 357 * ipfw processing for ethernet packets (in and out). 358 * The second parameter is NULL from ether_demux, and ifp from 359 * ether_output_frame. This section of code could be used from 360 * bridge.c as well as long as we use some extra info 361 * to distinguish that case from ether_output_frame(); 362 */ 363int 364ether_ipfw_chk(struct mbuf **m0, struct ifnet *dst, 365 struct ip_fw **rule, int shared) 366{ 367 struct ether_header *eh; 368 struct ether_header save_eh; 369 struct mbuf *m; 370 int i; 371 struct ip_fw_args args; 372 373 if (*rule != NULL && fw_one_pass) 374 return 1; /* dummynet packet, already partially processed */ 375 376 /* 377 * I need some amt of data to be contiguous, and in case others need 378 * the packet (shared==1) also better be in the first mbuf. 379 */ 380 m = *m0; 381 i = min( m->m_pkthdr.len, max_protohdr); 382 if ( shared || m->m_len < i) { 383 m = m_pullup(m, i); 384 if (m == NULL) { 385 *m0 = m; 386 return 0; 387 } 388 } 389 eh = mtod(m, struct ether_header *); 390 save_eh = *eh; /* save copy for restore below */ 391 m_adj(m, ETHER_HDR_LEN); /* strip ethernet header */ 392 393 args.m = m; /* the packet we are looking at */ 394 args.oif = dst; /* destination, if any */ 395 args.rule = *rule; /* matching rule to restart */ 396 args.next_hop = NULL; /* we do not support forward yet */ 397 args.eh = &save_eh; /* MAC header for bridged/MAC packets */ 398 i = ip_fw_chk_ptr(&args); 399 m = args.m; 400 if (m != NULL) { 401 /* 402 * Restore Ethernet header, as needed, in case the 403 * mbuf chain was replaced by ipfw. 404 */ 405 M_PREPEND(m, ETHER_HDR_LEN, M_DONTWAIT); 406 if (m == NULL) { 407 *m0 = m; 408 return 0; 409 } 410 if (eh != mtod(m, struct ether_header *)) 411 bcopy(&save_eh, mtod(m, struct ether_header *), 412 ETHER_HDR_LEN); 413 } 414 *m0 = m; 415 *rule = args.rule; 416 417 if ( (i & IP_FW_PORT_DENY_FLAG) || m == NULL) /* drop */ 418 return 0; 419 420 if (i == 0) /* a PASS rule. */ 421 return 1; 422 423 if (DUMMYNET_LOADED && (i & IP_FW_PORT_DYNT_FLAG)) { 424 /* 425 * Pass the pkt to dummynet, which consumes it. 426 * If shared, make a copy and keep the original. 427 */ 428 if (shared) { 429 m = m_copypacket(m, M_DONTWAIT); 430 if (m == NULL) 431 return 0; 432 } else { 433 /* 434 * Pass the original to dummynet and 435 * nothing back to the caller 436 */ 437 *m0 = NULL ; 438 } 439 ip_dn_io_ptr(m, (i & 0xffff), 440 dst ? DN_TO_ETH_OUT: DN_TO_ETH_DEMUX, &args); 441 return 0; 442 } 443 /* 444 * XXX at some point add support for divert/forward actions. 445 * If none of the above matches, we have to drop the pkt. 446 */ 447 return 0; 448} 449 450/* 451 * Process a received Ethernet packet; the packet is in the 452 * mbuf chain m with the ethernet header at the front. 453 */ 454static void 455ether_input(struct ifnet *ifp, struct mbuf *m) 456{ 457 struct ether_header *eh; 458 u_short etype; 459 460 /* 461 * Do consistency checks to verify assumptions 462 * made by code past this point. 463 */ 464 if ((m->m_flags & M_PKTHDR) == 0) { 465 if_printf(ifp, "discard frame w/o packet header\n"); 466 ifp->if_ierrors++; 467 m_freem(m); 468 return; 469 } 470 if (m->m_len < ETHER_HDR_LEN) { 471 /* XXX maybe should pullup? */ 472 if_printf(ifp, "discard frame w/o leading ethernet " 473 "header (len %u pkt len %u)\n", 474 m->m_len, m->m_pkthdr.len); 475 ifp->if_ierrors++; 476 m_freem(m); 477 return; 478 } 479 eh = mtod(m, struct ether_header *); 480 etype = ntohs(eh->ether_type); 481 if (m->m_pkthdr.len > 482 ETHER_MAX_FRAME(ifp, etype, m->m_flags & M_HASFCS)) { 483 if_printf(ifp, "discard oversize frame " 484 "(ether type %x flags %x len %u > max %lu)\n", 485 etype, m->m_flags, m->m_pkthdr.len, 486 ETHER_MAX_FRAME(ifp, etype, 487 m->m_flags & M_HASFCS)); 488 ifp->if_ierrors++; 489 m_freem(m); 490 return; 491 } 492 if (m->m_pkthdr.rcvif == NULL) { 493 if_printf(ifp, "discard frame w/o interface pointer\n"); 494 ifp->if_ierrors++; 495 m_freem(m); 496 return; 497 } 498#ifdef DIAGNOSTIC 499 if (m->m_pkthdr.rcvif != ifp) { 500 if_printf(ifp, "Warning, frame marked as received on %s\n", 501 m->m_pkthdr.rcvif->if_xname); 502 } 503#endif 504 505#ifdef MAC 506 /* 507 * Tag the mbuf with an appropriate MAC label before any other 508 * consumers can get to it. 509 */ 510 mac_create_mbuf_from_ifnet(ifp, m); 511#endif 512 513 /* 514 * Give bpf a chance at the packet. 515 */ 516 BPF_MTAP(ifp, m); 517 518 if (ifp->if_flags & IFF_MONITOR) { 519 /* 520 * Interface marked for monitoring; discard packet. 521 */ 522 m_freem(m); 523 return; 524 } 525 526 /* If the CRC is still on the packet, trim it off. */ 527 if (m->m_flags & M_HASFCS) { 528 m_adj(m, -ETHER_CRC_LEN); 529 m->m_flags &= ~M_HASFCS; 530 } 531 532 ifp->if_ibytes += m->m_pkthdr.len; 533 534 /* Handle ng_ether(4) processing, if any */ 535 if (ng_ether_input_p != NULL) { 536 (*ng_ether_input_p)(ifp, &m); 537 if (m == NULL) 538 return; 539 } 540 541 /* Check for bridging mode */ 542 if (BDG_ACTIVE(ifp) ) { 543 struct ifnet *bif; 544 545 /* 546 * Check with bridging code to see how the packet 547 * should be handled. Possibilities are: 548 * 549 * BDG_BCAST broadcast 550 * BDG_MCAST multicast 551 * BDG_LOCAL for local address, don't forward 552 * BDG_DROP discard 553 * ifp forward only to specified interface(s) 554 * 555 * Non-local destinations are handled by passing the 556 * packet back to the bridge code. 557 */ 558 bif = bridge_in_ptr(ifp, eh); 559 if (bif == BDG_DROP) { /* discard packet */ 560 m_freem(m); 561 return; 562 } 563 if (bif != BDG_LOCAL) { /* non-local, forward */ 564 m = bdg_forward_ptr(m, bif); 565 /* 566 * The bridge may consume the packet if it's not 567 * supposed to be passed up or if a problem occurred 568 * while doing its job. This is reflected by it 569 * returning a NULL mbuf pointer. 570 */ 571 if (m == NULL) { 572 if (bif == BDG_BCAST || bif == BDG_MCAST) 573 if_printf(ifp, 574 "bridge dropped %s packet\n", 575 bif == BDG_BCAST ? "broadcast" : 576 "multicast"); 577 return; 578 } 579 /* 580 * But in some cases the bridge may return the 581 * packet for us to free; sigh. 582 */ 583 if (bif != BDG_BCAST && bif != BDG_MCAST) { 584 m_freem(m); 585 return; 586 } 587 } 588 } 589 590 ether_demux(ifp, m); 591 /* First chunk of an mbuf contains good entropy */ 592 if (harvest.ethernet) 593 random_harvest(m, 16, 3, 0, RANDOM_NET); 594} 595 596/* 597 * Upper layer processing for a received Ethernet packet. 598 */ 599void 600ether_demux(struct ifnet *ifp, struct mbuf *m) 601{ 602 struct ether_header *eh; 603 int isr; 604 u_short ether_type; 605#if defined(NETATALK) 606 struct llc *l; 607#endif 608 struct ip_fw *rule = ip_dn_claim_rule(m); 609 610 KASSERT(ifp != NULL, ("ether_demux: NULL interface pointer")); 611 612 eh = mtod(m, struct ether_header *); 613 614 if (rule) /* packet was already bridged */ 615 goto post_stats; 616 617 if (!(BDG_ACTIVE(ifp))) { 618 /* 619 * Discard packet if upper layers shouldn't see it because it 620 * was unicast to a different Ethernet address. If the driver 621 * is working properly, then this situation can only happen 622 * when the interface is in promiscuous mode. 623 */ 624 if ((ifp->if_flags & IFF_PROMISC) != 0 625 && (eh->ether_dhost[0] & 1) == 0 626 && bcmp(eh->ether_dhost, 627 IFP2AC(ifp)->ac_enaddr, ETHER_ADDR_LEN) != 0 628 && (ifp->if_flags & IFF_PPROMISC) == 0) { 629 m_freem(m); 630 return; 631 } 632 } 633 634 /* Discard packet if interface is not up */ 635 if ((ifp->if_flags & IFF_UP) == 0) { 636 m_freem(m); 637 return; 638 } 639 if (ETHER_IS_MULTICAST(eh->ether_dhost)) { 640 if (bcmp(etherbroadcastaddr, eh->ether_dhost, 641 sizeof(etherbroadcastaddr)) == 0) 642 m->m_flags |= M_BCAST; 643 else 644 m->m_flags |= M_MCAST; 645 } 646 if (m->m_flags & (M_BCAST|M_MCAST)) 647 ifp->if_imcasts++; 648 649post_stats: 650 if (IPFW_LOADED && ether_ipfw != 0) { 651 if (ether_ipfw_chk(&m, NULL, &rule, 0) == 0) { 652 if (m) 653 m_freem(m); 654 return; 655 } 656 } 657 658 /* 659 * If VLANs are configured on the interface, check to 660 * see if the device performed the decapsulation and 661 * provided us with the tag. 662 */ 663 if (ifp->if_nvlans && 664 m_tag_locate(m, MTAG_VLAN, MTAG_VLAN_TAG, NULL) != NULL) { 665 /* 666 * vlan_input() will either recursively call ether_input() 667 * or drop the packet. 668 */ 669 KASSERT(vlan_input_p != NULL,("ether_input: VLAN not loaded!")); 670 (*vlan_input_p)(ifp, m); 671 return; 672 } 673 674 ether_type = ntohs(eh->ether_type); 675 676 /* 677 * Handle protocols that expect to have the Ethernet header 678 * (and possibly FCS) intact. 679 */ 680 switch (ether_type) { 681 case ETHERTYPE_VLAN: 682 if (ifp->if_nvlans != 0) { 683 KASSERT(vlan_input_p,("ether_input: VLAN not loaded!")); 684 (*vlan_input_p)(ifp, m); 685 } else { 686 ifp->if_noproto++; 687 m_freem(m); 688 } 689 return; 690 } 691 692 /* Strip off Ethernet header. */ 693 m_adj(m, ETHER_HDR_LEN); 694 695 /* If the CRC is still on the packet, trim it off. */ 696 if (m->m_flags & M_HASFCS) { 697 m_adj(m, -ETHER_CRC_LEN); 698 m->m_flags &= ~M_HASFCS; 699 } 700 701 switch (ether_type) { 702#ifdef INET 703 case ETHERTYPE_IP: 704 if (ip_fastforward(m)) 705 return; 706 isr = NETISR_IP; 707 break; 708 709 case ETHERTYPE_ARP: 710 if (ifp->if_flags & IFF_NOARP) { 711 /* Discard packet if ARP is disabled on interface */ 712 m_freem(m); 713 return; 714 } 715 isr = NETISR_ARP; 716 break; 717#endif 718#ifdef IPX 719 case ETHERTYPE_IPX: 720 if (ef_inputp && ef_inputp(ifp, eh, m) == 0) 721 return; 722 isr = NETISR_IPX; 723 break; 724#endif 725#ifdef INET6 726 case ETHERTYPE_IPV6: 727 isr = NETISR_IPV6; 728 break; 729#endif 730#ifdef NETATALK 731 case ETHERTYPE_AT: 732 isr = NETISR_ATALK1; 733 break; 734 case ETHERTYPE_AARP: 735 isr = NETISR_AARP; 736 break; 737#endif /* NETATALK */ 738 default: 739#ifdef IPX 740 if (ef_inputp && ef_inputp(ifp, eh, m) == 0) 741 return; 742#endif /* IPX */ 743#if defined(NETATALK) 744 if (ether_type > ETHERMTU) 745 goto discard; 746 l = mtod(m, struct llc *); 747 if (l->llc_dsap == LLC_SNAP_LSAP && 748 l->llc_ssap == LLC_SNAP_LSAP && 749 l->llc_control == LLC_UI) { 750 if (Bcmp(&(l->llc_snap_org_code)[0], at_org_code, 751 sizeof(at_org_code)) == 0 && 752 ntohs(l->llc_snap_ether_type) == ETHERTYPE_AT) { 753 m_adj(m, LLC_SNAPFRAMELEN); 754 isr = NETISR_ATALK2; 755 break; 756 } 757 if (Bcmp(&(l->llc_snap_org_code)[0], aarp_org_code, 758 sizeof(aarp_org_code)) == 0 && 759 ntohs(l->llc_snap_ether_type) == ETHERTYPE_AARP) { 760 m_adj(m, LLC_SNAPFRAMELEN); 761 isr = NETISR_AARP; 762 break; 763 } 764 } 765#endif /* NETATALK */ 766 goto discard; 767 } 768 netisr_dispatch(isr, m); 769 return; 770 771discard: 772 /* 773 * Packet is to be discarded. If netgraph is present, 774 * hand the packet to it for last chance processing; 775 * otherwise dispose of it. 776 */ 777 if (ng_ether_input_orphan_p != NULL) { 778 /* 779 * Put back the ethernet header so netgraph has a 780 * consistent view of inbound packets. 781 */ 782 M_PREPEND(m, ETHER_HDR_LEN, M_DONTWAIT); 783 (*ng_ether_input_orphan_p)(ifp, m); 784 return; 785 } 786 m_freem(m); 787} 788 789/* 790 * Convert Ethernet address to printable (loggable) representation. 791 * This routine is for compatibility; it's better to just use 792 * 793 * printf("%6D", <pointer to address>, ":"); 794 * 795 * since there's no static buffer involved. 796 */ 797char * 798ether_sprintf(const u_char *ap) 799{ 800 static char etherbuf[18]; 801 snprintf(etherbuf, sizeof (etherbuf), "%6D", ap, ":"); 802 return (etherbuf); 803} 804 805/* 806 * Perform common duties while attaching to interface list 807 */ 808void 809ether_ifattach(struct ifnet *ifp, const u_int8_t *llc) 810{ 811 struct ifaddr *ifa; 812 struct sockaddr_dl *sdl; 813 814 ifp->if_type = IFT_ETHER; 815 ifp->if_addrlen = ETHER_ADDR_LEN; 816 ifp->if_hdrlen = ETHER_HDR_LEN; 817 if_attach(ifp); 818 ifp->if_mtu = ETHERMTU; 819 ifp->if_output = ether_output; 820 ifp->if_input = ether_input; 821 ifp->if_resolvemulti = ether_resolvemulti; 822 if (ifp->if_baudrate == 0) 823 ifp->if_baudrate = IF_Mbps(10); /* just a default */ 824 ifp->if_broadcastaddr = etherbroadcastaddr; 825 826 ifa = ifaddr_byindex(ifp->if_index); 827 KASSERT(ifa != NULL, ("%s: no lladdr!\n", __func__)); 828 sdl = (struct sockaddr_dl *)ifa->ifa_addr; 829 sdl->sdl_type = IFT_ETHER; 830 sdl->sdl_alen = ifp->if_addrlen; 831 bcopy(llc, LLADDR(sdl), ifp->if_addrlen); 832 /* 833 * XXX: This doesn't belong here; we do it until 834 * XXX: all drivers are cleaned up 835 */ 836 if (llc != IFP2AC(ifp)->ac_enaddr) 837 bcopy(llc, IFP2AC(ifp)->ac_enaddr, ifp->if_addrlen); 838 839 bpfattach(ifp, DLT_EN10MB, ETHER_HDR_LEN); 840 if (ng_ether_attach_p != NULL) 841 (*ng_ether_attach_p)(ifp); 842 if (BDG_LOADED) 843 bdgtakeifaces_ptr(); 844} 845 846/* 847 * Perform common duties while detaching an Ethernet interface 848 */ 849void 850ether_ifdetach(struct ifnet *ifp) 851{ 852 if (ng_ether_detach_p != NULL) 853 (*ng_ether_detach_p)(ifp); 854 bpfdetach(ifp); 855 if_detach(ifp); 856 if (BDG_LOADED) 857 bdgtakeifaces_ptr(); 858} 859 860SYSCTL_DECL(_net_link); 861SYSCTL_NODE(_net_link, IFT_ETHER, ether, CTLFLAG_RW, 0, "Ethernet"); 862SYSCTL_INT(_net_link_ether, OID_AUTO, ipfw, CTLFLAG_RW, 863 ðer_ipfw,0,"Pass ether pkts through firewall"); 864 865int 866ether_ioctl(struct ifnet *ifp, int command, caddr_t data) 867{ 868 struct ifaddr *ifa = (struct ifaddr *) data; 869 struct ifreq *ifr = (struct ifreq *) data; 870 int error = 0; 871 872 switch (command) { 873 case SIOCSIFADDR: 874 ifp->if_flags |= IFF_UP; 875 876 switch (ifa->ifa_addr->sa_family) { 877#ifdef INET 878 case AF_INET: 879 ifp->if_init(ifp->if_softc); /* before arpwhohas */ 880 arp_ifinit(ifp, ifa); 881 break; 882#endif 883#ifdef IPX 884 /* 885 * XXX - This code is probably wrong 886 */ 887 case AF_IPX: 888 { 889 struct ipx_addr *ina = &(IA_SIPX(ifa)->sipx_addr); 890 struct arpcom *ac = IFP2AC(ifp); 891 892 if (ipx_nullhost(*ina)) 893 ina->x_host = 894 *(union ipx_host *) 895 ac->ac_enaddr; 896 else { 897 bcopy((caddr_t) ina->x_host.c_host, 898 (caddr_t) ac->ac_enaddr, 899 sizeof(ac->ac_enaddr)); 900 } 901 902 /* 903 * Set new address 904 */ 905 ifp->if_init(ifp->if_softc); 906 break; 907 } 908#endif 909 default: 910 ifp->if_init(ifp->if_softc); 911 break; 912 } 913 break; 914 915 case SIOCGIFADDR: 916 { 917 struct sockaddr *sa; 918 919 sa = (struct sockaddr *) & ifr->ifr_data; 920 bcopy(IFP2AC(ifp)->ac_enaddr, 921 (caddr_t) sa->sa_data, ETHER_ADDR_LEN); 922 } 923 break; 924 925 case SIOCSIFMTU: 926 /* 927 * Set the interface MTU. 928 */ 929 if (ifr->ifr_mtu > ETHERMTU) { 930 error = EINVAL; 931 } else { 932 ifp->if_mtu = ifr->ifr_mtu; 933 } 934 break; 935 default: 936 error = EINVAL; /* XXX netbsd has ENOTTY??? */ 937 break; 938 } 939 return (error); 940} 941 942static int 943ether_resolvemulti(struct ifnet *ifp, struct sockaddr **llsa, 944 struct sockaddr *sa) 945{ 946 struct sockaddr_dl *sdl; 947 struct sockaddr_in *sin; 948#ifdef INET6 949 struct sockaddr_in6 *sin6; 950#endif 951 u_char *e_addr; 952 953 switch(sa->sa_family) { 954 case AF_LINK: 955 /* 956 * No mapping needed. Just check that it's a valid MC address. 957 */ 958 sdl = (struct sockaddr_dl *)sa; 959 e_addr = LLADDR(sdl); 960 if ((e_addr[0] & 1) != 1) 961 return EADDRNOTAVAIL; 962 *llsa = 0; 963 return 0; 964 965#ifdef INET 966 case AF_INET: 967 sin = (struct sockaddr_in *)sa; 968 if (!IN_MULTICAST(ntohl(sin->sin_addr.s_addr))) 969 return EADDRNOTAVAIL; 970 MALLOC(sdl, struct sockaddr_dl *, sizeof *sdl, M_IFMADDR, 971 M_WAITOK|M_ZERO); 972 sdl->sdl_len = sizeof *sdl; 973 sdl->sdl_family = AF_LINK; 974 sdl->sdl_index = ifp->if_index; 975 sdl->sdl_type = IFT_ETHER; 976 sdl->sdl_alen = ETHER_ADDR_LEN; 977 e_addr = LLADDR(sdl); 978 ETHER_MAP_IP_MULTICAST(&sin->sin_addr, e_addr); 979 *llsa = (struct sockaddr *)sdl; 980 return 0; 981#endif 982#ifdef INET6 983 case AF_INET6: 984 sin6 = (struct sockaddr_in6 *)sa; 985 if (IN6_IS_ADDR_UNSPECIFIED(&sin6->sin6_addr)) { 986 /* 987 * An IP6 address of 0 means listen to all 988 * of the Ethernet multicast address used for IP6. 989 * (This is used for multicast routers.) 990 */ 991 ifp->if_flags |= IFF_ALLMULTI; 992 *llsa = 0; 993 return 0; 994 } 995 if (!IN6_IS_ADDR_MULTICAST(&sin6->sin6_addr)) 996 return EADDRNOTAVAIL; 997 MALLOC(sdl, struct sockaddr_dl *, sizeof *sdl, M_IFMADDR, 998 M_WAITOK|M_ZERO); 999 sdl->sdl_len = sizeof *sdl; 1000 sdl->sdl_family = AF_LINK; 1001 sdl->sdl_index = ifp->if_index; 1002 sdl->sdl_type = IFT_ETHER; 1003 sdl->sdl_alen = ETHER_ADDR_LEN; 1004 e_addr = LLADDR(sdl); 1005 ETHER_MAP_IPV6_MULTICAST(&sin6->sin6_addr, e_addr); 1006 *llsa = (struct sockaddr *)sdl; 1007 return 0; 1008#endif 1009 1010 default: 1011 /* 1012 * Well, the text isn't quite right, but it's the name 1013 * that counts... 1014 */ 1015 return EAFNOSUPPORT; 1016 } 1017} 1018 1019static moduledata_t ether_mod = { 1020 "ether", 1021 NULL, 1022 0 1023}; 1024 1025DECLARE_MODULE(ether, ether_mod, SI_SUB_PSEUDO, SI_ORDER_ANY); 1026MODULE_VERSION(ether, 1); 1027