if_vlan.c revision 147256
11573Srgrimes/*- 214272Spst * Copyright 1998 Massachusetts Institute of Technology 31573Srgrimes * 41573Srgrimes * Permission to use, copy, modify, and distribute this software and 51573Srgrimes * its documentation for any purpose and without fee is hereby 61573Srgrimes * granted, provided that both the above copyright notice and this 71573Srgrimes * permission notice appear in all copies, that both the above 81573Srgrimes * copyright notice and this permission notice appear in all 91573Srgrimes * supporting documentation, and that the name of M.I.T. not be used 101573Srgrimes * in advertising or publicity pertaining to distribution of the 111573Srgrimes * software without specific, written prior permission. M.I.T. makes 121573Srgrimes * no representations about the suitability of this software for any 131573Srgrimes * purpose. It is provided "as is" without express or implied 141573Srgrimes * warranty. 151573Srgrimes * 161573Srgrimes * THIS SOFTWARE IS PROVIDED BY M.I.T. ``AS IS''. M.I.T. DISCLAIMS 171573Srgrimes * ALL EXPRESS OR IMPLIED WARRANTIES WITH REGARD TO THIS SOFTWARE, 181573Srgrimes * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 191573Srgrimes * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT 201573Srgrimes * SHALL M.I.T. BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 211573Srgrimes * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 221573Srgrimes * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF 231573Srgrimes * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND 241573Srgrimes * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 251573Srgrimes * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT 261573Srgrimes * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 271573Srgrimes * SUCH DAMAGE. 281573Srgrimes * 291573Srgrimes * $FreeBSD: head/sys/net/if_vlan.c 147256 2005-06-10 16:49:24Z brooks $ 301573Srgrimes */ 311573Srgrimes 321573Srgrimes/* 331573Srgrimes * if_vlan.c - pseudo-device driver for IEEE 802.1Q virtual LANs. 3414272Spst * Might be extended some day to also handle IEEE 802.1p priority 351573Srgrimes * tagging. This is sort of sneaky in the implementation, since 3692986Sobrien * we need to pretend to be enough of an Ethernet implementation 3792986Sobrien * to make arp work. The way we do this is by telling everyone 381573Srgrimes * that we are an Ethernet, and then catch the packets that 3971579Sdeischen * ether_output() left on our output queue when it calls 401573Srgrimes * if_start(), rewrite them for use by the real outgoing interface, 411573Srgrimes * and ask it to send them. 421573Srgrimes */ 431573Srgrimes 441573Srgrimes#include "opt_inet.h" 451573Srgrimes 461573Srgrimes#include <sys/param.h> 471573Srgrimes#include <sys/kernel.h> 481573Srgrimes#include <sys/malloc.h> 491573Srgrimes#include <sys/mbuf.h> 5071579Sdeischen#include <sys/module.h> 511573Srgrimes#include <sys/queue.h> 521573Srgrimes#include <sys/socket.h> 531573Srgrimes#include <sys/sockio.h> 541573Srgrimes#include <sys/sysctl.h> 551573Srgrimes#include <sys/systm.h> 56189291Sdelphij 57189291Sdelphij#include <net/bpf.h> 581573Srgrimes#include <net/ethernet.h> 591573Srgrimes#include <net/if.h> 601573Srgrimes#include <net/if_clone.h> 611573Srgrimes#include <net/if_arp.h> 621573Srgrimes#include <net/if_dl.h> 631573Srgrimes#include <net/if_types.h> 641573Srgrimes#include <net/if_vlan_var.h> 651573Srgrimes 661573Srgrimes#ifdef INET 6756698Sjasone#include <netinet/in.h> 681573Srgrimes#include <netinet/if_ether.h> 691573Srgrimes#endif 701573Srgrimes 711573Srgrimes#define VLANNAME "vlan" 721573Srgrimes 731573Srgrimesstruct vlan_mc_entry { 741573Srgrimes struct ether_addr mc_addr; 751573Srgrimes SLIST_ENTRY(vlan_mc_entry) mc_entries; 761573Srgrimes}; 771573Srgrimes 781573Srgrimesstruct ifvlan { 791573Srgrimes struct ifnet *ifv_ifp; 801573Srgrimes struct ifnet *ifv_p; /* parent inteface of this vlan */ 811573Srgrimes struct ifv_linkmib { 821573Srgrimes int ifvm_parent; 831573Srgrimes int ifvm_encaplen; /* encapsulation length */ 841573Srgrimes int ifvm_mtufudge; /* MTU fudged by this much */ 851573Srgrimes int ifvm_mintu; /* min transmission unit */ 861573Srgrimes u_int16_t ifvm_proto; /* encapsulation ethertype */ 871573Srgrimes u_int16_t ifvm_tag; /* tag to apply on packets leaving if */ 881573Srgrimes } ifv_mib; 891573Srgrimes SLIST_HEAD(__vlan_mchead, vlan_mc_entry) vlan_mc_listhead; 901573Srgrimes LIST_ENTRY(ifvlan) ifv_list; 911573Srgrimes int ifv_flags; 921573Srgrimes}; 931573Srgrimes#define ifv_tag ifv_mib.ifvm_tag 941573Srgrimes#define ifv_encaplen ifv_mib.ifvm_encaplen 951573Srgrimes#define ifv_mtufudge ifv_mib.ifvm_mtufudge 961573Srgrimes#define ifv_mintu ifv_mib.ifvm_mintu 971573Srgrimes 981573Srgrimes#define IFVF_PROMISC 0x01 /* promiscuous mode enabled */ 9914272Spst 1001573SrgrimesSYSCTL_DECL(_net_link); 1011573SrgrimesSYSCTL_NODE(_net_link, IFT_L2VLAN, vlan, CTLFLAG_RW, 0, "IEEE 802.1Q VLAN"); 1021573SrgrimesSYSCTL_NODE(_net_link_vlan, PF_LINK, link, CTLFLAG_RW, 0, "for consistency"); 1031573Srgrimes 1041573Srgrimesstatic MALLOC_DEFINE(M_VLAN, VLANNAME, "802.1Q Virtual LAN Interface"); 1051573Srgrimesstatic LIST_HEAD(, ifvlan) ifv_list; 1061573Srgrimes 1071573Srgrimes/* 10814272Spst * Locking: one lock is used to guard both the ifv_list and modification 1091573Srgrimes * to vlan data structures. We are rather conservative here; probably 11014272Spst * more than necessary. 1111573Srgrimes */ 1121573Srgrimesstatic struct mtx ifv_mtx; 1131573Srgrimes#define VLAN_LOCK_INIT() mtx_init(&ifv_mtx, VLANNAME, NULL, MTX_DEF) 1141573Srgrimes#define VLAN_LOCK_DESTROY() mtx_destroy(&ifv_mtx) 1151573Srgrimes#define VLAN_LOCK_ASSERT() mtx_assert(&ifv_mtx, MA_OWNED) 1161573Srgrimes#define VLAN_LOCK() mtx_lock(&ifv_mtx) 1171573Srgrimes#define VLAN_UNLOCK() mtx_unlock(&ifv_mtx) 1181573Srgrimes 1191573Srgrimesstatic void vlan_start(struct ifnet *ifp); 1201573Srgrimesstatic void vlan_ifinit(void *foo); 1211573Srgrimesstatic void vlan_input(struct ifnet *ifp, struct mbuf *m); 1221573Srgrimesstatic int vlan_ioctl(struct ifnet *ifp, u_long cmd, caddr_t addr); 1231573Srgrimesstatic int vlan_setmulti(struct ifnet *ifp); 12414272Spststatic int vlan_unconfig(struct ifnet *ifp); 1251573Srgrimesstatic int vlan_config(struct ifvlan *ifv, struct ifnet *p); 1261573Srgrimesstatic void vlan_link_state(struct ifnet *ifp, int link); 1271573Srgrimesstatic int vlan_set_promisc(struct ifnet *ifp); 1281573Srgrimes 1291573Srgrimesstatic struct ifnet *vlan_clone_match_ethertag(struct if_clone *, 1301573Srgrimes const char *, int *); 13114272Spststatic int vlan_clone_match(struct if_clone *, const char *); 1321573Srgrimesstatic int vlan_clone_create(struct if_clone *, char *, size_t); 13314272Spststatic int vlan_clone_destroy(struct if_clone *, struct ifnet *); 1341573Srgrimes 1351573Srgrimesstatic struct if_clone vlan_cloner = IFC_CLONE_INITIALIZER(VLANNAME, NULL, 1361573Srgrimes IF_MAXUNIT, NULL, vlan_clone_match, vlan_clone_create, vlan_clone_destroy); 13714272Spst 1381573Srgrimes/* 1391573Srgrimes * Program our multicast filter. What we're actually doing is 1401573Srgrimes * programming the multicast filter of the parent. This has the 1411573Srgrimes * side effect of causing the parent interface to receive multicast 1421573Srgrimes * traffic that it doesn't really want, which ends up being discarded 1431573Srgrimes * later by the upper protocol layers. Unfortunately, there's no way 1441573Srgrimes * to avoid this: there really is only one physical interface. 14571579Sdeischen * 1461573Srgrimes * XXX: There is a possible race here if more than one thread is 1471573Srgrimes * modifying the multicast state of the vlan interface at the same time. 1481573Srgrimes */ 1491573Srgrimesstatic int 1501573Srgrimesvlan_setmulti(struct ifnet *ifp) 1511573Srgrimes{ 1521573Srgrimes struct ifnet *ifp_p; 1531573Srgrimes struct ifmultiaddr *ifma, *rifma = NULL; 1541573Srgrimes struct ifvlan *sc; 1551573Srgrimes struct vlan_mc_entry *mc = NULL; 1561573Srgrimes struct sockaddr_dl sdl; 15714272Spst int error; 1581573Srgrimes 15914272Spst /*VLAN_LOCK_ASSERT();*/ 16014272Spst 16114272Spst /* Find the parent. */ 16214272Spst sc = ifp->if_softc; 16314272Spst ifp_p = sc->ifv_p; 16414272Spst 16514272Spst /* 16614272Spst * If we don't have a parent, just remember the membership for 1671573Srgrimes * when we do. 1681573Srgrimes */ 1691573Srgrimes if (ifp_p == NULL) 17021786Salex return (0); 1711573Srgrimes 1721573Srgrimes bzero((char *)&sdl, sizeof(sdl)); 1731573Srgrimes sdl.sdl_len = sizeof(sdl); 17414272Spst sdl.sdl_family = AF_LINK; 1751573Srgrimes sdl.sdl_index = ifp_p->if_index; 17614272Spst sdl.sdl_type = IFT_ETHER; 17714272Spst sdl.sdl_alen = ETHER_ADDR_LEN; 17814272Spst 17914272Spst /* First, remove any existing filter entries. */ 1801573Srgrimes while (SLIST_FIRST(&sc->vlan_mc_listhead) != NULL) { 1811573Srgrimes mc = SLIST_FIRST(&sc->vlan_mc_listhead); 1821573Srgrimes bcopy((char *)&mc->mc_addr, LLADDR(&sdl), ETHER_ADDR_LEN); 1831573Srgrimes error = if_delmulti(ifp_p, (struct sockaddr *)&sdl); 1841573Srgrimes if (error) 1851573Srgrimes return (error); 1861573Srgrimes SLIST_REMOVE_HEAD(&sc->vlan_mc_listhead, mc_entries); 1871573Srgrimes free(mc, M_VLAN); 1881573Srgrimes } 1891573Srgrimes 1901573Srgrimes /* Now program new ones. */ 1911573Srgrimes TAILQ_FOREACH(ifma, &ifp->if_multiaddrs, ifma_link) { 1921573Srgrimes if (ifma->ifma_addr->sa_family != AF_LINK) 1931573Srgrimes continue; 1941573Srgrimes mc = malloc(sizeof(struct vlan_mc_entry), M_VLAN, M_NOWAIT); 1951573Srgrimes if (mc == NULL) 1961573Srgrimes return (ENOMEM); 19714272Spst bcopy(LLADDR((struct sockaddr_dl *)ifma->ifma_addr), 19814272Spst (char *)&mc->mc_addr, ETHER_ADDR_LEN); 1991573Srgrimes SLIST_INSERT_HEAD(&sc->vlan_mc_listhead, mc, mc_entries); 2001573Srgrimes bcopy(LLADDR((struct sockaddr_dl *)ifma->ifma_addr), 2011573Srgrimes LLADDR(&sdl), ETHER_ADDR_LEN); 2021573Srgrimes error = if_addmulti(ifp_p, (struct sockaddr *)&sdl, &rifma); 2031573Srgrimes if (error) 20414272Spst return (error); 2051573Srgrimes } 206189327Sdelphij 2071573Srgrimes return (0); 2081573Srgrimes} 2091573Srgrimes 2101573Srgrimes/* 2111573Srgrimes * VLAN support can be loaded as a module. The only place in the 2121573Srgrimes * system that's intimately aware of this is ether_input. We hook 2131573Srgrimes * into this code through vlan_input_p which is defined there and 21456698Sjasone * set here. Noone else in the system should be aware of this so 2151573Srgrimes * we use an explicit reference here. 2161573Srgrimes * 2171573Srgrimes * NB: Noone should ever need to check if vlan_input_p is null or 2181573Srgrimes * not. This is because interfaces have a count of the number 2191573Srgrimes * of active vlans (if_nvlans) and this should never be bumped 220189291Sdelphij * except by vlan_config--which is in this module so therefore 2211573Srgrimes * the module must be loaded and vlan_input_p must be non-NULL. 2221573Srgrimes */ 2231573Srgrimesextern void (*vlan_input_p)(struct ifnet *, struct mbuf *); 2241573Srgrimes 2251573Srgrimes/* For if_link_state_change() eyes only... */ 2261573Srgrimesextern void (*vlan_link_state_p)(struct ifnet *, int); 2271573Srgrimes 2281573Srgrimesstatic int 2291573Srgrimesvlan_modevent(module_t mod, int type, void *data) 2301573Srgrimes{ 2311573Srgrimes 2321573Srgrimes switch (type) { 23314272Spst case MOD_LOAD: 2341573Srgrimes LIST_INIT(&ifv_list); 2351573Srgrimes VLAN_LOCK_INIT(); 2361573Srgrimes vlan_input_p = vlan_input; 2371573Srgrimes vlan_link_state_p = vlan_link_state; 2381573Srgrimes if_clone_attach(&vlan_cloner); 239 break; 240 case MOD_UNLOAD: 241 if_clone_detach(&vlan_cloner); 242 vlan_input_p = NULL; 243 vlan_link_state_p = NULL; 244 while (!LIST_EMPTY(&ifv_list)) 245 vlan_clone_destroy(&vlan_cloner, 246 LIST_FIRST(&ifv_list)->ifv_ifp); 247 VLAN_LOCK_DESTROY(); 248 break; 249 default: 250 return (EOPNOTSUPP); 251 } 252 return (0); 253} 254 255static moduledata_t vlan_mod = { 256 "if_vlan", 257 vlan_modevent, 258 0 259}; 260 261DECLARE_MODULE(if_vlan, vlan_mod, SI_SUB_PSEUDO, SI_ORDER_ANY); 262MODULE_DEPEND(if_vlan, miibus, 1, 1, 1); 263 264static struct ifnet * 265vlan_clone_match_ethertag(struct if_clone *ifc, const char *name, int *tag) 266{ 267 const char *cp; 268 struct ifnet *ifp; 269 int t = 0; 270 271 /* Check for <etherif>.<vlan> style interface names. */ 272 IFNET_RLOCK(); 273 TAILQ_FOREACH(ifp, &ifnet, if_link) { 274 if (ifp->if_type != IFT_ETHER) 275 continue; 276 if (strncmp(ifp->if_xname, name, strlen(ifp->if_xname)) != 0) 277 continue; 278 cp = name + strlen(ifp->if_xname); 279 if (*cp != '.') 280 continue; 281 for(; *cp != '\0'; cp++) { 282 if (*cp < '0' || *cp > '9') 283 continue; 284 t = (t * 10) + (*cp - '0'); 285 } 286 if (tag != NULL) 287 *tag = t; 288 break; 289 } 290 IFNET_RUNLOCK(); 291 292 return (ifp); 293} 294 295static int 296vlan_clone_match(struct if_clone *ifc, const char *name) 297{ 298 const char *cp; 299 300 if (vlan_clone_match_ethertag(ifc, name, NULL) != NULL) 301 return (1); 302 303 if (strncmp(VLANNAME, name, strlen(VLANNAME)) != 0) 304 return (0); 305 for (cp = name + 4; *cp != '\0'; cp++) { 306 if (*cp < '0' || *cp > '9') 307 return (0); 308 } 309 310 return (1); 311} 312 313static int 314vlan_clone_create(struct if_clone *ifc, char *name, size_t len) 315{ 316 char *dp; 317 int wildcard; 318 int unit; 319 int error; 320 int tag; 321 int ethertag; 322 struct ifvlan *ifv; 323 struct ifnet *ifp; 324 struct ifnet *p; 325 u_char eaddr[6] = {0,0,0,0,0,0}; 326 327 if ((p = vlan_clone_match_ethertag(ifc, name, &tag)) != NULL) { 328 ethertag = 1; 329 unit = -1; 330 wildcard = 0; 331 332 /* 333 * Don't let the caller set up a VLAN tag with 334 * anything except VLID bits. 335 */ 336 if (tag & ~EVL_VLID_MASK) 337 return (EINVAL); 338 } else { 339 ethertag = 0; 340 341 error = ifc_name2unit(name, &unit); 342 if (error != 0) 343 return (error); 344 345 wildcard = (unit < 0); 346 } 347 348 error = ifc_alloc_unit(ifc, &unit); 349 if (error != 0) 350 return (error); 351 352 /* In the wildcard case, we need to update the name. */ 353 if (wildcard) { 354 for (dp = name; *dp != '\0'; dp++); 355 if (snprintf(dp, len - (dp-name), "%d", unit) > 356 len - (dp-name) - 1) { 357 panic("%s: interface name too long", __func__); 358 } 359 } 360 361 ifv = malloc(sizeof(struct ifvlan), M_VLAN, M_WAITOK | M_ZERO); 362 ifp = ifv->ifv_ifp = if_alloc(IFT_ETHER); 363 if (ifp == NULL) { 364 ifc_free_unit(ifc, unit); 365 free(ifv, M_VLAN); 366 return (ENOSPC); 367 } 368 SLIST_INIT(&ifv->vlan_mc_listhead); 369 370 ifp->if_softc = ifv; 371 /* 372 * Set the name manually rather than using if_initname because 373 * we don't conform to the default naming convention for interfaces. 374 */ 375 strlcpy(ifp->if_xname, name, IFNAMSIZ); 376 ifp->if_dname = ifc->ifc_name; 377 ifp->if_dunit = unit; 378 /* NB: flags are not set here */ 379 ifp->if_linkmib = &ifv->ifv_mib; 380 ifp->if_linkmiblen = sizeof(ifv->ifv_mib); 381 /* NB: mtu is not set here */ 382 383 ifp->if_init = vlan_ifinit; 384 ifp->if_start = vlan_start; 385 ifp->if_ioctl = vlan_ioctl; 386 ifp->if_snd.ifq_maxlen = ifqmaxlen; 387 ether_ifattach(ifp, eaddr); 388 /* Now undo some of the damage... */ 389 ifp->if_baudrate = 0; 390 ifp->if_type = IFT_L2VLAN; 391 ifp->if_hdrlen = ETHER_VLAN_ENCAP_LEN; 392 393 VLAN_LOCK(); 394 LIST_INSERT_HEAD(&ifv_list, ifv, ifv_list); 395 VLAN_UNLOCK(); 396 397 if (ethertag) { 398 VLAN_LOCK(); 399 error = vlan_config(ifv, p); 400 if (error != 0) { 401 /* 402 * Since we've partialy failed, we need to back 403 * out all the way, otherwise userland could get 404 * confused. Thus, we destroy the interface. 405 */ 406 LIST_REMOVE(ifv, ifv_list); 407 vlan_unconfig(ifp); 408 VLAN_UNLOCK(); 409 ether_ifdetach(ifp); 410 if_free_type(ifp, IFT_ETHER); 411 free(ifv, M_VLAN); 412 413 return (error); 414 } 415 ifv->ifv_tag = tag; 416 ifp->if_flags |= IFF_RUNNING; 417 VLAN_UNLOCK(); 418 419 /* Update promiscuous mode, if necessary. */ 420 vlan_set_promisc(ifp); 421 } 422 423 return (0); 424} 425 426static int 427vlan_clone_destroy(struct if_clone *ifc, struct ifnet *ifp) 428{ 429 int unit; 430 struct ifvlan *ifv = ifp->if_softc; 431 432 unit = ifp->if_dunit; 433 434 VLAN_LOCK(); 435 LIST_REMOVE(ifv, ifv_list); 436 vlan_unconfig(ifp); 437 VLAN_UNLOCK(); 438 439 ether_ifdetach(ifp); 440 if_free(ifp); 441 442 free(ifv, M_VLAN); 443 444 ifc_free_unit(ifc, unit); 445 446 return (0); 447} 448 449/* 450 * The ifp->if_init entry point for vlan(4) is a no-op. 451 */ 452static void 453vlan_ifinit(void *foo) 454{ 455 456} 457 458static void 459vlan_start(struct ifnet *ifp) 460{ 461 struct ifvlan *ifv; 462 struct ifnet *p; 463 struct ether_vlan_header *evl; 464 struct mbuf *m; 465 int error; 466 467 ifv = ifp->if_softc; 468 p = ifv->ifv_p; 469 470 ifp->if_flags |= IFF_OACTIVE; 471 for (;;) { 472 IF_DEQUEUE(&ifp->if_snd, m); 473 if (m == 0) 474 break; 475 BPF_MTAP(ifp, m); 476 477 /* 478 * Do not run parent's if_start() if the parent is not up, 479 * or parent's driver will cause a system crash. 480 */ 481 if ((p->if_flags & (IFF_UP | IFF_RUNNING)) != 482 (IFF_UP | IFF_RUNNING)) { 483 m_freem(m); 484 ifp->if_collisions++; 485 continue; 486 } 487 488 /* 489 * If underlying interface can do VLAN tag insertion itself, 490 * just pass the packet along. However, we need some way to 491 * tell the interface where the packet came from so that it 492 * knows how to find the VLAN tag to use, so we attach a 493 * packet tag that holds it. 494 */ 495 if (p->if_capenable & IFCAP_VLAN_HWTAGGING) { 496 struct m_tag *mtag = m_tag_alloc(MTAG_VLAN, 497 MTAG_VLAN_TAG, 498 sizeof(u_int), 499 M_NOWAIT); 500 if (mtag == NULL) { 501 ifp->if_oerrors++; 502 m_freem(m); 503 continue; 504 } 505 *(u_int*)(mtag + 1) = ifv->ifv_tag; 506 m_tag_prepend(m, mtag); 507 } else { 508 M_PREPEND(m, ifv->ifv_encaplen, M_DONTWAIT); 509 if (m == NULL) { 510 if_printf(ifp, 511 "unable to prepend VLAN header\n"); 512 ifp->if_oerrors++; 513 continue; 514 } 515 /* M_PREPEND takes care of m_len, m_pkthdr.len for us */ 516 517 if (m->m_len < sizeof(*evl)) { 518 m = m_pullup(m, sizeof(*evl)); 519 if (m == NULL) { 520 if_printf(ifp, 521 "cannot pullup VLAN header\n"); 522 ifp->if_oerrors++; 523 continue; 524 } 525 } 526 527 /* 528 * Transform the Ethernet header into an Ethernet header 529 * with 802.1Q encapsulation. 530 */ 531 bcopy(mtod(m, char *) + ifv->ifv_encaplen, 532 mtod(m, char *), ETHER_HDR_LEN); 533 evl = mtod(m, struct ether_vlan_header *); 534 evl->evl_proto = evl->evl_encap_proto; 535 evl->evl_encap_proto = htons(ETHERTYPE_VLAN); 536 evl->evl_tag = htons(ifv->ifv_tag); 537#ifdef DEBUG 538 printf("vlan_start: %*D\n", (int)sizeof(*evl), 539 (unsigned char *)evl, ":"); 540#endif 541 } 542 543 /* 544 * Send it, precisely as ether_output() would have. 545 * We are already running at splimp. 546 */ 547 IFQ_HANDOFF(p, m, error); 548 if (!error) 549 ifp->if_opackets++; 550 else 551 ifp->if_oerrors++; 552 } 553 ifp->if_flags &= ~IFF_OACTIVE; 554} 555 556static void 557vlan_input(struct ifnet *ifp, struct mbuf *m) 558{ 559 struct ether_vlan_header *evl; 560 struct ifvlan *ifv; 561 struct m_tag *mtag; 562 u_int tag; 563 564 mtag = m_tag_locate(m, MTAG_VLAN, MTAG_VLAN_TAG, NULL); 565 if (mtag != NULL) { 566 /* 567 * Packet is tagged, m contains a normal 568 * Ethernet frame; the tag is stored out-of-band. 569 */ 570 tag = EVL_VLANOFTAG(VLAN_TAG_VALUE(mtag)); 571 m_tag_delete(m, mtag); 572 m->m_flags &= ~M_VLANTAG; 573 } else { 574 switch (ifp->if_type) { 575 case IFT_ETHER: 576 if (m->m_len < sizeof(*evl) && 577 (m = m_pullup(m, sizeof(*evl))) == NULL) { 578 if_printf(ifp, "cannot pullup VLAN header\n"); 579 return; 580 } 581 evl = mtod(m, struct ether_vlan_header *); 582 KASSERT(ntohs(evl->evl_encap_proto) == ETHERTYPE_VLAN, 583 ("vlan_input: bad encapsulated protocols (%u)", 584 ntohs(evl->evl_encap_proto))); 585 586 tag = EVL_VLANOFTAG(ntohs(evl->evl_tag)); 587 588 /* 589 * Restore the original ethertype. We'll remove 590 * the encapsulation after we've found the vlan 591 * interface corresponding to the tag. 592 */ 593 evl->evl_encap_proto = evl->evl_proto; 594 break; 595 default: 596 tag = (u_int) -1; 597#ifdef DIAGNOSTIC 598 panic("vlan_input: unsupported if type %u", 599 ifp->if_type); 600#endif 601 break; 602 } 603 } 604 605 VLAN_LOCK(); 606 LIST_FOREACH(ifv, &ifv_list, ifv_list) 607 if (ifp == ifv->ifv_p && tag == ifv->ifv_tag) 608 break; 609 610 if (ifv == NULL || (ifv->ifv_ifp->if_flags & IFF_UP) == 0) { 611 VLAN_UNLOCK(); 612 m_freem(m); 613 ifp->if_noproto++; 614#ifdef DEBUG 615 printf("vlan_input: tag %d, no interface\n", tag); 616#endif 617 return; 618 } 619 VLAN_UNLOCK(); /* XXX extend below? */ 620#ifdef DEBUG 621 printf("vlan_input: tag %d, parent %s\n", tag, ifv->ifv_p->if_xname); 622#endif 623 624 if (mtag == NULL) { 625 /* 626 * Packet had an in-line encapsulation header; 627 * remove it. The original header has already 628 * been fixed up above. 629 */ 630 bcopy(mtod(m, caddr_t), 631 mtod(m, caddr_t) + ETHER_VLAN_ENCAP_LEN, 632 ETHER_HDR_LEN); 633 m_adj(m, ETHER_VLAN_ENCAP_LEN); 634 } 635 636 m->m_pkthdr.rcvif = ifv->ifv_ifp; 637 ifv->ifv_ifp->if_ipackets++; 638 639 /* Pass it back through the parent's input routine. */ 640 (*ifp->if_input)(ifv->ifv_ifp, m); 641} 642 643static int 644vlan_config(struct ifvlan *ifv, struct ifnet *p) 645{ 646 struct ifaddr *ifa1, *ifa2; 647 struct sockaddr_dl *sdl1, *sdl2; 648 649 VLAN_LOCK_ASSERT(); 650 651 if (p->if_data.ifi_type != IFT_ETHER) 652 return (EPROTONOSUPPORT); 653 if (ifv->ifv_p) 654 return (EBUSY); 655 656 ifv->ifv_encaplen = ETHER_VLAN_ENCAP_LEN; 657 ifv->ifv_mintu = ETHERMIN; 658 ifv->ifv_flags = 0; 659 660 /* 661 * The active VLAN counter on the parent is used 662 * at various places to see if there is a vlan(4) 663 * attached to this physical interface. 664 */ 665 p->if_nvlans++; 666 667 /* 668 * If the parent supports the VLAN_MTU capability, 669 * i.e. can Tx/Rx larger than ETHER_MAX_LEN frames, 670 * use it. 671 */ 672 if (p->if_capenable & IFCAP_VLAN_MTU) { 673 /* 674 * No need to fudge the MTU since the parent can 675 * handle extended frames. 676 */ 677 ifv->ifv_mtufudge = 0; 678 } else { 679 /* 680 * Fudge the MTU by the encapsulation size. This 681 * makes us incompatible with strictly compliant 682 * 802.1Q implementations, but allows us to use 683 * the feature with other NetBSD implementations, 684 * which might still be useful. 685 */ 686 ifv->ifv_mtufudge = ifv->ifv_encaplen; 687 } 688 689 ifv->ifv_p = p; 690 ifv->ifv_ifp->if_mtu = p->if_mtu - ifv->ifv_mtufudge; 691 /* 692 * Copy only a selected subset of flags from the parent. 693 * Other flags are none of our business. 694 */ 695 ifv->ifv_ifp->if_flags = (p->if_flags & 696 (IFF_BROADCAST | IFF_MULTICAST | IFF_SIMPLEX | IFF_POINTOPOINT)); 697 ifv->ifv_ifp->if_link_state = p->if_link_state; 698 699#if 0 700 /* 701 * Not ready yet. We need notification from the parent 702 * when hw checksumming flags in its if_capenable change. 703 * Flags set in if_capabilities only are useless. 704 */ 705 /* 706 * If the parent interface can do hardware-assisted 707 * VLAN encapsulation, then propagate its hardware- 708 * assisted checksumming flags. 709 */ 710 if (p->if_capabilities & IFCAP_VLAN_HWTAGGING) 711 ifv->ifv_ifpif_capabilities |= p->if_capabilities & IFCAP_HWCSUM; 712#endif 713 714 /* 715 * Set up our ``Ethernet address'' to reflect the underlying 716 * physical interface's. 717 */ 718 ifa1 = ifaddr_byindex(ifv->ifv_ifp->if_index); 719 ifa2 = ifaddr_byindex(p->if_index); 720 sdl1 = (struct sockaddr_dl *)ifa1->ifa_addr; 721 sdl2 = (struct sockaddr_dl *)ifa2->ifa_addr; 722 sdl1->sdl_type = IFT_ETHER; 723 sdl1->sdl_alen = ETHER_ADDR_LEN; 724 bcopy(LLADDR(sdl2), LLADDR(sdl1), ETHER_ADDR_LEN); 725 bcopy(LLADDR(sdl2), IFP2ENADDR(ifv->ifv_ifp), ETHER_ADDR_LEN); 726 727 /* 728 * Configure multicast addresses that may already be 729 * joined on the vlan device. 730 */ 731 (void)vlan_setmulti(ifv->ifv_ifp); /* XXX: VLAN lock held */ 732 733 return (0); 734} 735 736static int 737vlan_unconfig(struct ifnet *ifp) 738{ 739 struct ifaddr *ifa; 740 struct sockaddr_dl *sdl; 741 struct vlan_mc_entry *mc; 742 struct ifvlan *ifv; 743 struct ifnet *p; 744 int error; 745 746 VLAN_LOCK_ASSERT(); 747 748 ifv = ifp->if_softc; 749 p = ifv->ifv_p; 750 751 if (p) { 752 struct sockaddr_dl sdl; 753 754 /* 755 * Since the interface is being unconfigured, we need to 756 * empty the list of multicast groups that we may have joined 757 * while we were alive from the parent's list. 758 */ 759 bzero((char *)&sdl, sizeof(sdl)); 760 sdl.sdl_len = sizeof(sdl); 761 sdl.sdl_family = AF_LINK; 762 sdl.sdl_index = p->if_index; 763 sdl.sdl_type = IFT_ETHER; 764 sdl.sdl_alen = ETHER_ADDR_LEN; 765 766 while(SLIST_FIRST(&ifv->vlan_mc_listhead) != NULL) { 767 mc = SLIST_FIRST(&ifv->vlan_mc_listhead); 768 bcopy((char *)&mc->mc_addr, LLADDR(&sdl), 769 ETHER_ADDR_LEN); 770 error = if_delmulti(p, (struct sockaddr *)&sdl); 771 if (error) 772 return (error); 773 SLIST_REMOVE_HEAD(&ifv->vlan_mc_listhead, mc_entries); 774 free(mc, M_VLAN); 775 } 776 777 p->if_nvlans--; 778 } 779 780 /* Disconnect from parent. */ 781 ifv->ifv_p = NULL; 782 ifv->ifv_ifp->if_mtu = ETHERMTU; /* XXX why not 0? */ 783 ifv->ifv_flags = 0; 784 ifv->ifv_ifp->if_link_state = LINK_STATE_UNKNOWN; 785 786 /* Clear our MAC address. */ 787 ifa = ifaddr_byindex(ifv->ifv_ifp->if_index); 788 sdl = (struct sockaddr_dl *)ifa->ifa_addr; 789 sdl->sdl_type = IFT_ETHER; 790 sdl->sdl_alen = ETHER_ADDR_LEN; 791 bzero(LLADDR(sdl), ETHER_ADDR_LEN); 792 bzero(IFP2ENADDR(ifv->ifv_ifp), ETHER_ADDR_LEN); 793 794 return (0); 795} 796 797static int 798vlan_set_promisc(struct ifnet *ifp) 799{ 800 struct ifvlan *ifv = ifp->if_softc; 801 int error = 0; 802 803 if ((ifp->if_flags & IFF_PROMISC) != 0) { 804 if ((ifv->ifv_flags & IFVF_PROMISC) == 0) { 805 error = ifpromisc(ifv->ifv_p, 1); 806 if (error == 0) 807 ifv->ifv_flags |= IFVF_PROMISC; 808 } 809 } else { 810 if ((ifv->ifv_flags & IFVF_PROMISC) != 0) { 811 error = ifpromisc(ifv->ifv_p, 0); 812 if (error == 0) 813 ifv->ifv_flags &= ~IFVF_PROMISC; 814 } 815 } 816 817 return (error); 818} 819 820/* Inform all vlans that their parent has changed link state */ 821static void 822vlan_link_state(struct ifnet *ifp, int link) 823{ 824 struct ifvlan *ifv; 825 826 VLAN_LOCK(); 827 LIST_FOREACH(ifv, &ifv_list, ifv_list) { 828 if (ifv->ifv_p == ifp) 829 if_link_state_change(ifv->ifv_ifp, 830 ifv->ifv_p->if_link_state); 831 } 832 VLAN_UNLOCK(); 833} 834 835static int 836vlan_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) 837{ 838 struct ifaddr *ifa; 839 struct ifnet *p; 840 struct ifreq *ifr; 841 struct ifvlan *ifv; 842 struct vlanreq vlr; 843 int error = 0; 844 845 ifr = (struct ifreq *)data; 846 ifa = (struct ifaddr *)data; 847 ifv = ifp->if_softc; 848 849 switch (cmd) { 850 case SIOCSIFADDR: 851 ifp->if_flags |= IFF_UP; 852 853 switch (ifa->ifa_addr->sa_family) { 854#ifdef INET 855 case AF_INET: 856 arp_ifinit(ifv->ifv_ifp, ifa); 857 break; 858#endif 859 default: 860 break; 861 } 862 break; 863 864 case SIOCGIFADDR: 865 { 866 struct sockaddr *sa; 867 868 sa = (struct sockaddr *) &ifr->ifr_data; 869 bcopy(IFP2ENADDR(ifp), (caddr_t)sa->sa_data, 870 ETHER_ADDR_LEN); 871 } 872 break; 873 874 case SIOCGIFMEDIA: 875 VLAN_LOCK(); 876 if (ifv->ifv_p != NULL) { 877 error = (*ifv->ifv_p->if_ioctl)(ifv->ifv_p, 878 SIOCGIFMEDIA, data); 879 VLAN_UNLOCK(); 880 /* Limit the result to the parent's current config. */ 881 if (error == 0) { 882 struct ifmediareq *ifmr; 883 884 ifmr = (struct ifmediareq *)data; 885 if (ifmr->ifm_count >= 1 && ifmr->ifm_ulist) { 886 ifmr->ifm_count = 1; 887 error = copyout(&ifmr->ifm_current, 888 ifmr->ifm_ulist, 889 sizeof(int)); 890 } 891 } 892 } else { 893 VLAN_UNLOCK(); 894 error = EINVAL; 895 } 896 break; 897 898 case SIOCSIFMEDIA: 899 error = EINVAL; 900 break; 901 902 case SIOCSIFMTU: 903 /* 904 * Set the interface MTU. 905 */ 906 VLAN_LOCK(); 907 if (ifv->ifv_p != NULL) { 908 if (ifr->ifr_mtu > 909 (ifv->ifv_p->if_mtu - ifv->ifv_mtufudge) || 910 ifr->ifr_mtu < 911 (ifv->ifv_mintu - ifv->ifv_mtufudge)) 912 error = EINVAL; 913 else 914 ifp->if_mtu = ifr->ifr_mtu; 915 } else 916 error = EINVAL; 917 VLAN_UNLOCK(); 918 break; 919 920 case SIOCSETVLAN: 921 error = copyin(ifr->ifr_data, &vlr, sizeof(vlr)); 922 if (error) 923 break; 924 if (vlr.vlr_parent[0] == '\0') { 925 VLAN_LOCK(); 926 vlan_unconfig(ifp); 927 if (ifp->if_flags & IFF_UP) 928 if_down(ifp); 929 ifp->if_flags &= ~IFF_RUNNING; 930 VLAN_UNLOCK(); 931 break; 932 } 933 p = ifunit(vlr.vlr_parent); 934 if (p == 0) { 935 error = ENOENT; 936 break; 937 } 938 /* 939 * Don't let the caller set up a VLAN tag with 940 * anything except VLID bits. 941 */ 942 if (vlr.vlr_tag & ~EVL_VLID_MASK) { 943 error = EINVAL; 944 break; 945 } 946 VLAN_LOCK(); 947 error = vlan_config(ifv, p); 948 if (error) { 949 VLAN_UNLOCK(); 950 break; 951 } 952 ifv->ifv_tag = vlr.vlr_tag; 953 ifp->if_flags |= IFF_RUNNING; 954 VLAN_UNLOCK(); 955 956 /* Update promiscuous mode, if necessary. */ 957 vlan_set_promisc(ifp); 958 break; 959 960 case SIOCGETVLAN: 961 bzero(&vlr, sizeof(vlr)); 962 VLAN_LOCK(); 963 if (ifv->ifv_p) { 964 strlcpy(vlr.vlr_parent, ifv->ifv_p->if_xname, 965 sizeof(vlr.vlr_parent)); 966 vlr.vlr_tag = ifv->ifv_tag; 967 } 968 VLAN_UNLOCK(); 969 error = copyout(&vlr, ifr->ifr_data, sizeof(vlr)); 970 break; 971 972 case SIOCSIFFLAGS: 973 /* 974 * For promiscuous mode, we enable promiscuous mode on 975 * the parent if we need promiscuous on the VLAN interface. 976 */ 977 if (ifv->ifv_p != NULL) 978 error = vlan_set_promisc(ifp); 979 break; 980 981 case SIOCADDMULTI: 982 case SIOCDELMULTI: 983 /*VLAN_LOCK();*/ 984 error = vlan_setmulti(ifp); 985 /*VLAN_UNLOCK();*/ 986 break; 987 default: 988 error = EINVAL; 989 } 990 991 return (error); 992} 993