1 /*- 2 * Copyright 1998 Massachusetts Institute of Technology 3 * Copyright 2012 ADARA Networks, Inc. 4 * 5 * Portions of this software were developed by Robert N. M. Watson under 6 * contract to ADARA Networks, Inc. 7 * 8 * Permission to use, copy, modify, and distribute this software and 9 * its documentation for any purpose and without fee is hereby 10 * granted, provided that both the above copyright notice and this 11 * permission notice appear in all copies, that both the above 12 * copyright notice and this permission notice appear in all 13 * supporting documentation, and that the name of M.I.T. not be used 14 * in advertising or publicity pertaining to distribution of the 15 * software without specific, written prior permission. M.I.T. makes 16 * no representations about the suitability of this software for any 17 * purpose. It is provided "as is" without express or implied 18 * warranty. 19 * 20 * THIS SOFTWARE IS PROVIDED BY M.I.T. ``AS IS''. M.I.T. DISCLAIMS 21 * ALL EXPRESS OR IMPLIED WARRANTIES WITH REGARD TO THIS SOFTWARE, 22 * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 23 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT 24 * SHALL M.I.T. BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 25 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 26 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF 27 * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND 28 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 29 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT 30 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 */ 33 34 /* 35 * if_vlan.c - pseudo-device driver for IEEE 802.1Q virtual LANs. 36 * This is sort of sneaky in the implementation, since 37 * we need to pretend to be enough of an Ethernet implementation 38 * to make arp work. The way we do this is by telling everyone 39 * that we are an Ethernet, and then catch the packets that 40 * ether_output() sends to us via if_transmit(), rewrite them for 41 * use by the real outgoing interface, and ask it to send them. 42 */ 43 44 #include <sys/cdefs.h> 45 __FBSDID("$FreeBSD$"); 46 47 #include "opt_inet.h" 48 #include "opt_vlan.h" 49 #include "opt_ratelimit.h" 50 51 #include <sys/param.h> 52 #include <sys/eventhandler.h> 53 #include <sys/kernel.h> 54 #include <sys/lock.h> 55 #include <sys/malloc.h> 56 #include <sys/mbuf.h> 57 #include <sys/module.h> 58 #include <sys/rmlock.h> 59 #include <sys/priv.h> 60 #include <sys/queue.h> 61 #include <sys/socket.h> 62 #include <sys/sockio.h> 63 #include <sys/sysctl.h> 64 #include <sys/systm.h> 65 #include <sys/sx.h> 66 67 #include <net/bpf.h> 68 #include <net/ethernet.h> 69 #include <net/if.h> 70 #include <net/if_var.h> 71 #include <net/if_clone.h> 72 #include <net/if_dl.h> 73 #include <net/if_types.h> 74 #include <net/if_vlan_var.h> 75 #include <net/vnet.h> 76 77 #ifdef INET 78 #include <netinet/in.h> 79 #include <netinet/if_ether.h> 80 #endif 81 82 #define VLAN_DEF_HWIDTH 4 83 #define VLAN_IFFLAGS (IFF_BROADCAST | IFF_MULTICAST) 84 85 #define UP_AND_RUNNING(ifp) \ 86 ((ifp)->if_flags & IFF_UP && (ifp)->if_drv_flags & IFF_DRV_RUNNING) 87 88 LIST_HEAD(ifvlanhead, ifvlan); 89 90 struct ifvlantrunk { 91 struct ifnet *parent; /* parent interface of this trunk */ 92 struct rmlock lock; 93 #ifdef VLAN_ARRAY 94 #define VLAN_ARRAY_SIZE (EVL_VLID_MASK + 1) 95 struct ifvlan *vlans[VLAN_ARRAY_SIZE]; /* static table */ 96 #else 97 struct ifvlanhead *hash; /* dynamic hash-list table */ 98 uint16_t hmask; 99 uint16_t hwidth; 100 #endif 101 int refcnt; 102 }; 103 104 struct vlan_mc_entry { 105 struct sockaddr_dl mc_addr; 106 SLIST_ENTRY(vlan_mc_entry) mc_entries; 107 }; 108 109 struct ifvlan { 110 struct ifvlantrunk *ifv_trunk; 111 struct ifnet *ifv_ifp; 112 #define TRUNK(ifv) ((ifv)->ifv_trunk) 113 #define PARENT(ifv) ((ifv)->ifv_trunk->parent) 114 void *ifv_cookie; 115 int ifv_pflags; /* special flags we have set on parent */ 116 struct ifv_linkmib { 117 int ifvm_encaplen; /* encapsulation length */ 118 int ifvm_mtufudge; /* MTU fudged by this much */ 119 int ifvm_mintu; /* min transmission unit */ 120 uint16_t ifvm_proto; /* encapsulation ethertype */ 121 uint16_t ifvm_tag; /* tag to apply on packets leaving if */ 122 uint16_t ifvm_vid; /* VLAN ID */ 123 uint8_t ifvm_pcp; /* Priority Code Point (PCP). */ 124 } ifv_mib; 125 SLIST_HEAD(, vlan_mc_entry) vlan_mc_listhead; 126 #ifndef VLAN_ARRAY 127 LIST_ENTRY(ifvlan) ifv_list; 128 #endif 129 }; 130 #define ifv_proto ifv_mib.ifvm_proto 131 #define ifv_tag ifv_mib.ifvm_tag 132 #define ifv_vid ifv_mib.ifvm_vid 133 #define ifv_pcp ifv_mib.ifvm_pcp 134 #define ifv_encaplen ifv_mib.ifvm_encaplen 135 #define ifv_mtufudge ifv_mib.ifvm_mtufudge 136 #define ifv_mintu ifv_mib.ifvm_mintu 137 138 /* Special flags we should propagate to parent. */ 139 static struct { 140 int flag; 141 int (*func)(struct ifnet *, int); 142 } vlan_pflags[] = { 143 {IFF_PROMISC, ifpromisc}, 144 {IFF_ALLMULTI, if_allmulti}, 145 {0, NULL} 146 }; 147 148 SYSCTL_DECL(_net_link); 149 static SYSCTL_NODE(_net_link, IFT_L2VLAN, vlan, CTLFLAG_RW, 0, 150 "IEEE 802.1Q VLAN"); 151 static SYSCTL_NODE(_net_link_vlan, PF_LINK, link, CTLFLAG_RW, 0, 152 "for consistency"); 153 154 static VNET_DEFINE(int, soft_pad); 155 #define V_soft_pad VNET(soft_pad) 156 SYSCTL_INT(_net_link_vlan, OID_AUTO, soft_pad, CTLFLAG_RW | CTLFLAG_VNET, 157 &VNET_NAME(soft_pad), 0, "pad short frames before tagging"); 158 159 /* 160 * For now, make preserving PCP via an mbuf tag optional, as it increases 161 * per-packet memory allocations and frees. In the future, it would be 162 * preferable to reuse ether_vtag for this, or similar. 163 */ 164 static int vlan_mtag_pcp = 0; 165 SYSCTL_INT(_net_link_vlan, OID_AUTO, mtag_pcp, CTLFLAG_RW, &vlan_mtag_pcp, 0, 166 "Retain VLAN PCP information as packets are passed up the stack"); 167 168 static const char vlanname[] = "vlan"; 169 static MALLOC_DEFINE(M_VLAN, vlanname, "802.1Q Virtual LAN Interface"); 170 171 static eventhandler_tag ifdetach_tag; 172 static eventhandler_tag iflladdr_tag; 173 174 /* 175 * We have a global mutex, that is used to serialize configuration 176 * changes and isn't used in normal packet delivery. 177 * 178 * We also have a per-trunk rmlock(9), that is locked shared on packet 179 * processing and exclusive when configuration is changed. 180 * 181 * The VLAN_ARRAY substitutes the dynamic hash with a static array 182 * with 4096 entries. In theory this can give a boost in processing, 183 * however on practice it does not. Probably this is because array 184 * is too big to fit into CPU cache. 185 */ 186 static struct sx ifv_lock; 187 #define VLAN_LOCK_INIT() sx_init(&ifv_lock, "vlan_global") 188 #define VLAN_LOCK_DESTROY() sx_destroy(&ifv_lock) 189 #define VLAN_LOCK_ASSERT() sx_assert(&ifv_lock, SA_LOCKED) 190 #define VLAN_LOCK() sx_xlock(&ifv_lock) 191 #define VLAN_UNLOCK() sx_xunlock(&ifv_lock) 192 #define TRUNK_LOCK_INIT(trunk) rm_init(&(trunk)->lock, vlanname) 193 #define TRUNK_LOCK_DESTROY(trunk) rm_destroy(&(trunk)->lock) 194 #define TRUNK_LOCK(trunk) rm_wlock(&(trunk)->lock) 195 #define TRUNK_UNLOCK(trunk) rm_wunlock(&(trunk)->lock) 196 #define TRUNK_LOCK_ASSERT(trunk) rm_assert(&(trunk)->lock, RA_WLOCKED) 197 #define TRUNK_RLOCK(trunk) rm_rlock(&(trunk)->lock, &tracker) 198 #define TRUNK_RUNLOCK(trunk) rm_runlock(&(trunk)->lock, &tracker) 199 #define TRUNK_LOCK_RASSERT(trunk) rm_assert(&(trunk)->lock, RA_RLOCKED) 200 #define TRUNK_LOCK_READER struct rm_priotracker tracker 201 202 #ifndef VLAN_ARRAY 203 static void vlan_inithash(struct ifvlantrunk *trunk); 204 static void vlan_freehash(struct ifvlantrunk *trunk); 205 static int vlan_inshash(struct ifvlantrunk *trunk, struct ifvlan *ifv); 206 static int vlan_remhash(struct ifvlantrunk *trunk, struct ifvlan *ifv); 207 static void vlan_growhash(struct ifvlantrunk *trunk, int howmuch); 208 static __inline struct ifvlan * vlan_gethash(struct ifvlantrunk *trunk, 209 uint16_t vid); 210 #endif 211 static void trunk_destroy(struct ifvlantrunk *trunk); 212 213 static void vlan_init(void *foo); 214 static void vlan_input(struct ifnet *ifp, struct mbuf *m); 215 static int vlan_ioctl(struct ifnet *ifp, u_long cmd, caddr_t addr); 216 #ifdef RATELIMIT 217 static int vlan_snd_tag_alloc(struct ifnet *, 218 union if_snd_tag_alloc_params *, struct m_snd_tag **); 219 #endif 220 static void vlan_qflush(struct ifnet *ifp); 221 static int vlan_setflag(struct ifnet *ifp, int flag, int status, 222 int (*func)(struct ifnet *, int)); 223 static int vlan_setflags(struct ifnet *ifp, int status); 224 static int vlan_setmulti(struct ifnet *ifp); 225 static int vlan_transmit(struct ifnet *ifp, struct mbuf *m); 226 static void vlan_unconfig(struct ifnet *ifp); 227 static void vlan_unconfig_locked(struct ifnet *ifp, int departing); 228 static int vlan_config(struct ifvlan *ifv, struct ifnet *p, uint16_t tag); 229 static void vlan_link_state(struct ifnet *ifp); 230 static void vlan_capabilities(struct ifvlan *ifv); 231 static void vlan_trunk_capabilities(struct ifnet *ifp); 232 233 static struct ifnet *vlan_clone_match_ethervid(const char *, int *); 234 static int vlan_clone_match(struct if_clone *, const char *); 235 static int vlan_clone_create(struct if_clone *, char *, size_t, caddr_t); 236 static int vlan_clone_destroy(struct if_clone *, struct ifnet *); 237 238 static void vlan_ifdetach(void *arg, struct ifnet *ifp); 239 static void vlan_iflladdr(void *arg, struct ifnet *ifp); 240 241 static struct if_clone *vlan_cloner; 242 243 #ifdef VIMAGE 244 static VNET_DEFINE(struct if_clone *, vlan_cloner); 245 #define V_vlan_cloner VNET(vlan_cloner) 246 #endif 247 248 #ifndef VLAN_ARRAY 249 #define HASH(n, m) ((((n) >> 8) ^ ((n) >> 4) ^ (n)) & (m)) 250 251 static void 252 vlan_inithash(struct ifvlantrunk *trunk) 253 { 254 int i, n; 255 256 /* 257 * The trunk must not be locked here since we call malloc(M_WAITOK). 258 * It is OK in case this function is called before the trunk struct 259 * gets hooked up and becomes visible from other threads. 260 */ 261 262 KASSERT(trunk->hwidth == 0 && trunk->hash == NULL, 263 ("%s: hash already initialized", __func__)); 264 265 trunk->hwidth = VLAN_DEF_HWIDTH; 266 n = 1 << trunk->hwidth; 267 trunk->hmask = n - 1; 268 trunk->hash = malloc(sizeof(struct ifvlanhead) * n, M_VLAN, M_WAITOK); 269 for (i = 0; i < n; i++) 270 LIST_INIT(&trunk->hash[i]); 271 } 272 273 static void 274 vlan_freehash(struct ifvlantrunk *trunk) 275 { 276 #ifdef INVARIANTS 277 int i; 278 279 KASSERT(trunk->hwidth > 0, ("%s: hwidth not positive", __func__)); 280 for (i = 0; i < (1 << trunk->hwidth); i++) 281 KASSERT(LIST_EMPTY(&trunk->hash[i]), 282 ("%s: hash table not empty", __func__)); 283 #endif 284 free(trunk->hash, M_VLAN); 285 trunk->hash = NULL; 286 trunk->hwidth = trunk->hmask = 0; 287 } 288 289 static int 290 vlan_inshash(struct ifvlantrunk *trunk, struct ifvlan *ifv) 291 { 292 int i, b; 293 struct ifvlan *ifv2; 294 295 TRUNK_LOCK_ASSERT(trunk); 296 KASSERT(trunk->hwidth > 0, ("%s: hwidth not positive", __func__)); 297 298 b = 1 << trunk->hwidth; 299 i = HASH(ifv->ifv_vid, trunk->hmask); 300 LIST_FOREACH(ifv2, &trunk->hash[i], ifv_list) 301 if (ifv->ifv_vid == ifv2->ifv_vid) 302 return (EEXIST); 303 304 /* 305 * Grow the hash when the number of vlans exceeds half of the number of 306 * hash buckets squared. This will make the average linked-list length 307 * buckets/2. 308 */ 309 if (trunk->refcnt > (b * b) / 2) { 310 vlan_growhash(trunk, 1); 311 i = HASH(ifv->ifv_vid, trunk->hmask); 312 } 313 LIST_INSERT_HEAD(&trunk->hash[i], ifv, ifv_list); 314 trunk->refcnt++; 315 316 return (0); 317 } 318 319 static int 320 vlan_remhash(struct ifvlantrunk *trunk, struct ifvlan *ifv) 321 { 322 int i, b; 323 struct ifvlan *ifv2; 324 325 TRUNK_LOCK_ASSERT(trunk); 326 KASSERT(trunk->hwidth > 0, ("%s: hwidth not positive", __func__)); 327 328 b = 1 << trunk->hwidth; 329 i = HASH(ifv->ifv_vid, trunk->hmask); 330 LIST_FOREACH(ifv2, &trunk->hash[i], ifv_list) 331 if (ifv2 == ifv) { 332 trunk->refcnt--; 333 LIST_REMOVE(ifv2, ifv_list); 334 if (trunk->refcnt < (b * b) / 2) 335 vlan_growhash(trunk, -1); 336 return (0); 337 } 338 339 panic("%s: vlan not found\n", __func__); 340 return (ENOENT); /*NOTREACHED*/ 341 } 342 343 /* 344 * Grow the hash larger or smaller if memory permits. 345 */ 346 static void 347 vlan_growhash(struct ifvlantrunk *trunk, int howmuch) 348 { 349 struct ifvlan *ifv; 350 struct ifvlanhead *hash2; 351 int hwidth2, i, j, n, n2; 352 353 TRUNK_LOCK_ASSERT(trunk); 354 KASSERT(trunk->hwidth > 0, ("%s: hwidth not positive", __func__)); 355 356 if (howmuch == 0) { 357 /* Harmless yet obvious coding error */ 358 printf("%s: howmuch is 0\n", __func__); 359 return; 360 } 361 362 hwidth2 = trunk->hwidth + howmuch; 363 n = 1 << trunk->hwidth; 364 n2 = 1 << hwidth2; 365 /* Do not shrink the table below the default */ 366 if (hwidth2 < VLAN_DEF_HWIDTH) 367 return; 368 369 /* M_NOWAIT because we're called with trunk mutex held */ 370 hash2 = malloc(sizeof(struct ifvlanhead) * n2, M_VLAN, M_NOWAIT); 371 if (hash2 == NULL) { 372 printf("%s: out of memory -- hash size not changed\n", 373 __func__); 374 return; /* We can live with the old hash table */ 375 } 376 for (j = 0; j < n2; j++) 377 LIST_INIT(&hash2[j]); 378 for (i = 0; i < n; i++) 379 while ((ifv = LIST_FIRST(&trunk->hash[i])) != NULL) { 380 LIST_REMOVE(ifv, ifv_list); 381 j = HASH(ifv->ifv_vid, n2 - 1); 382 LIST_INSERT_HEAD(&hash2[j], ifv, ifv_list); 383 } 384 free(trunk->hash, M_VLAN); 385 trunk->hash = hash2; 386 trunk->hwidth = hwidth2; 387 trunk->hmask = n2 - 1; 388 389 if (bootverbose) 390 if_printf(trunk->parent, 391 "VLAN hash table resized from %d to %d buckets\n", n, n2); 392 } 393 394 static __inline struct ifvlan * 395 vlan_gethash(struct ifvlantrunk *trunk, uint16_t vid) 396 { 397 struct ifvlan *ifv; 398 399 TRUNK_LOCK_RASSERT(trunk); 400 401 LIST_FOREACH(ifv, &trunk->hash[HASH(vid, trunk->hmask)], ifv_list) 402 if (ifv->ifv_vid == vid) 403 return (ifv); 404 return (NULL); 405 } 406 407 #if 0 408 /* Debugging code to view the hashtables. */ 409 static void 410 vlan_dumphash(struct ifvlantrunk *trunk) 411 { 412 int i; 413 struct ifvlan *ifv; 414 415 for (i = 0; i < (1 << trunk->hwidth); i++) { 416 printf("%d: ", i); 417 LIST_FOREACH(ifv, &trunk->hash[i], ifv_list) 418 printf("%s ", ifv->ifv_ifp->if_xname); 419 printf("\n"); 420 } 421 } 422 #endif /* 0 */ 423 #else 424 425 static __inline struct ifvlan * 426 vlan_gethash(struct ifvlantrunk *trunk, uint16_t vid) 427 { 428 429 return trunk->vlans[vid]; 430 } 431 432 static __inline int 433 vlan_inshash(struct ifvlantrunk *trunk, struct ifvlan *ifv) 434 { 435 436 if (trunk->vlans[ifv->ifv_vid] != NULL) 437 return EEXIST; 438 trunk->vlans[ifv->ifv_vid] = ifv; 439 trunk->refcnt++; 440 441 return (0); 442 } 443 444 static __inline int 445 vlan_remhash(struct ifvlantrunk *trunk, struct ifvlan *ifv) 446 { 447 448 trunk->vlans[ifv->ifv_vid] = NULL; 449 trunk->refcnt--; 450 451 return (0); 452 } 453 454 static __inline void 455 vlan_freehash(struct ifvlantrunk *trunk) 456 { 457 } 458 459 static __inline void 460 vlan_inithash(struct ifvlantrunk *trunk) 461 { 462 } 463 464 #endif /* !VLAN_ARRAY */ 465 466 static void 467 trunk_destroy(struct ifvlantrunk *trunk) 468 { 469 VLAN_LOCK_ASSERT(); 470 471 TRUNK_LOCK(trunk); 472 vlan_freehash(trunk); 473 trunk->parent->if_vlantrunk = NULL; 474 TRUNK_UNLOCK(trunk); 475 TRUNK_LOCK_DESTROY(trunk); 476 free(trunk, M_VLAN); 477 } 478 479 /* 480 * Program our multicast filter. What we're actually doing is 481 * programming the multicast filter of the parent. This has the 482 * side effect of causing the parent interface to receive multicast 483 * traffic that it doesn't really want, which ends up being discarded 484 * later by the upper protocol layers. Unfortunately, there's no way 485 * to avoid this: there really is only one physical interface. 486 */ 487 static int 488 vlan_setmulti(struct ifnet *ifp) 489 { 490 struct ifnet *ifp_p; 491 struct ifmultiaddr *ifma; 492 struct ifvlan *sc; 493 struct vlan_mc_entry *mc; 494 int error; 495 496 /* Find the parent. */ 497 sc = ifp->if_softc; 498 TRUNK_LOCK_ASSERT(TRUNK(sc)); 499 ifp_p = PARENT(sc); 500 501 CURVNET_SET_QUIET(ifp_p->if_vnet); 502 503 /* First, remove any existing filter entries. */ 504 while ((mc = SLIST_FIRST(&sc->vlan_mc_listhead)) != NULL) { 505 SLIST_REMOVE_HEAD(&sc->vlan_mc_listhead, mc_entries); 506 (void)if_delmulti(ifp_p, (struct sockaddr *)&mc->mc_addr); 507 free(mc, M_VLAN); 508 } 509 510 /* Now program new ones. */ 511 IF_ADDR_WLOCK(ifp); 512 TAILQ_FOREACH(ifma, &ifp->if_multiaddrs, ifma_link) { 513 if (ifma->ifma_addr->sa_family != AF_LINK) 514 continue; 515 mc = malloc(sizeof(struct vlan_mc_entry), M_VLAN, M_NOWAIT); 516 if (mc == NULL) { 517 IF_ADDR_WUNLOCK(ifp); 518 return (ENOMEM); 519 } 520 bcopy(ifma->ifma_addr, &mc->mc_addr, ifma->ifma_addr->sa_len); 521 mc->mc_addr.sdl_index = ifp_p->if_index; 522 SLIST_INSERT_HEAD(&sc->vlan_mc_listhead, mc, mc_entries); 523 } 524 IF_ADDR_WUNLOCK(ifp); 525 SLIST_FOREACH (mc, &sc->vlan_mc_listhead, mc_entries) { 526 error = if_addmulti(ifp_p, (struct sockaddr *)&mc->mc_addr, 527 NULL); 528 if (error) 529 return (error); 530 } 531 532 CURVNET_RESTORE(); 533 return (0); 534 } 535 536 /* 537 * A handler for parent interface link layer address changes. 538 * If the parent interface link layer address is changed we 539 * should also change it on all children vlans. 540 */ 541 static void 542 vlan_iflladdr(void *arg __unused, struct ifnet *ifp) 543 { 544 struct ifvlan *ifv; 545 #ifndef VLAN_ARRAY 546 struct ifvlan *next; 547 #endif 548 int i; 549 550 /* 551 * Check if it's a trunk interface first of all 552 * to avoid needless locking. 553 */ 554 if (ifp->if_vlantrunk == NULL) 555 return; 556 557 VLAN_LOCK(); 558 /* 559 * OK, it's a trunk. Loop over and change all vlan's lladdrs on it. 560 */ 561 #ifdef VLAN_ARRAY 562 for (i = 0; i < VLAN_ARRAY_SIZE; i++) 563 if ((ifv = ifp->if_vlantrunk->vlans[i])) { 564 #else /* VLAN_ARRAY */ 565 for (i = 0; i < (1 << ifp->if_vlantrunk->hwidth); i++) 566 LIST_FOREACH_SAFE(ifv, &ifp->if_vlantrunk->hash[i], ifv_list, next) { 567 #endif /* VLAN_ARRAY */ 568 VLAN_UNLOCK(); 569 if_setlladdr(ifv->ifv_ifp, IF_LLADDR(ifp), 570 ifp->if_addrlen); 571 VLAN_LOCK(); 572 } 573 VLAN_UNLOCK(); 574 575 } 576 577 /* 578 * A handler for network interface departure events. 579 * Track departure of trunks here so that we don't access invalid 580 * pointers or whatever if a trunk is ripped from under us, e.g., 581 * by ejecting its hot-plug card. However, if an ifnet is simply 582 * being renamed, then there's no need to tear down the state. 583 */ 584 static void 585 vlan_ifdetach(void *arg __unused, struct ifnet *ifp) 586 { 587 struct ifvlan *ifv; 588 int i; 589 590 /* 591 * Check if it's a trunk interface first of all 592 * to avoid needless locking. 593 */ 594 if (ifp->if_vlantrunk == NULL) 595 return; 596 597 /* If the ifnet is just being renamed, don't do anything. */ 598 if (ifp->if_flags & IFF_RENAMING) 599 return; 600 601 VLAN_LOCK(); 602 /* 603 * OK, it's a trunk. Loop over and detach all vlan's on it. 604 * Check trunk pointer after each vlan_unconfig() as it will 605 * free it and set to NULL after the last vlan was detached. 606 */ 607 #ifdef VLAN_ARRAY 608 for (i = 0; i < VLAN_ARRAY_SIZE; i++) 609 if ((ifv = ifp->if_vlantrunk->vlans[i])) { 610 vlan_unconfig_locked(ifv->ifv_ifp, 1); 611 if (ifp->if_vlantrunk == NULL) 612 break; 613 } 614 #else /* VLAN_ARRAY */ 615 restart: 616 for (i = 0; i < (1 << ifp->if_vlantrunk->hwidth); i++) 617 if ((ifv = LIST_FIRST(&ifp->if_vlantrunk->hash[i]))) { 618 vlan_unconfig_locked(ifv->ifv_ifp, 1); 619 if (ifp->if_vlantrunk) 620 goto restart; /* trunk->hwidth can change */ 621 else 622 break; 623 } 624 #endif /* VLAN_ARRAY */ 625 /* Trunk should have been destroyed in vlan_unconfig(). */ 626 KASSERT(ifp->if_vlantrunk == NULL, ("%s: purge failed", __func__)); 627 VLAN_UNLOCK(); 628 } 629 630 /* 631 * Return the trunk device for a virtual interface. 632 */ 633 static struct ifnet * 634 vlan_trunkdev(struct ifnet *ifp) 635 { 636 struct ifvlan *ifv; 637 638 if (ifp->if_type != IFT_L2VLAN) 639 return (NULL); 640 ifv = ifp->if_softc; 641 ifp = NULL; 642 VLAN_LOCK(); 643 if (ifv->ifv_trunk) 644 ifp = PARENT(ifv); 645 VLAN_UNLOCK(); 646 return (ifp); 647 } 648 649 /* 650 * Return the 12-bit VLAN VID for this interface, for use by external 651 * components such as Infiniband. 652 * 653 * XXXRW: Note that the function name here is historical; it should be named 654 * vlan_vid(). 655 */ 656 static int 657 vlan_tag(struct ifnet *ifp, uint16_t *vidp) 658 { 659 struct ifvlan *ifv; 660 661 if (ifp->if_type != IFT_L2VLAN) 662 return (EINVAL); 663 ifv = ifp->if_softc; 664 *vidp = ifv->ifv_vid; 665 return (0); 666 } 667 668 /* 669 * Return a driver specific cookie for this interface. Synchronization 670 * with setcookie must be provided by the driver. 671 */ 672 static void * 673 vlan_cookie(struct ifnet *ifp) 674 { 675 struct ifvlan *ifv; 676 677 if (ifp->if_type != IFT_L2VLAN) 678 return (NULL); 679 ifv = ifp->if_softc; 680 return (ifv->ifv_cookie); 681 } 682 683 /* 684 * Store a cookie in our softc that drivers can use to store driver 685 * private per-instance data in. 686 */ 687 static int 688 vlan_setcookie(struct ifnet *ifp, void *cookie) 689 { 690 struct ifvlan *ifv; 691 692 if (ifp->if_type != IFT_L2VLAN) 693 return (EINVAL); 694 ifv = ifp->if_softc; 695 ifv->ifv_cookie = cookie; 696 return (0); 697 } 698 699 /* 700 * Return the vlan device present at the specific VID. 701 */ 702 static struct ifnet * 703 vlan_devat(struct ifnet *ifp, uint16_t vid) 704 { 705 struct ifvlantrunk *trunk; 706 struct ifvlan *ifv; 707 TRUNK_LOCK_READER; 708 709 trunk = ifp->if_vlantrunk; 710 if (trunk == NULL) 711 return (NULL); 712 ifp = NULL; 713 TRUNK_RLOCK(trunk); 714 ifv = vlan_gethash(trunk, vid); 715 if (ifv) 716 ifp = ifv->ifv_ifp; 717 TRUNK_RUNLOCK(trunk); 718 return (ifp); 719 } 720 721 /* 722 * Recalculate the cached VLAN tag exposed via the MIB. 723 */ 724 static void 725 vlan_tag_recalculate(struct ifvlan *ifv) 726 { 727 728 ifv->ifv_tag = EVL_MAKETAG(ifv->ifv_vid, ifv->ifv_pcp, 0); 729 } 730 731 /* 732 * VLAN support can be loaded as a module. The only place in the 733 * system that's intimately aware of this is ether_input. We hook 734 * into this code through vlan_input_p which is defined there and 735 * set here. No one else in the system should be aware of this so 736 * we use an explicit reference here. 737 */ 738 extern void (*vlan_input_p)(struct ifnet *, struct mbuf *); 739 740 /* For if_link_state_change() eyes only... */ 741 extern void (*vlan_link_state_p)(struct ifnet *); 742 743 static int 744 vlan_modevent(module_t mod, int type, void *data) 745 { 746 747 switch (type) { 748 case MOD_LOAD: 749 ifdetach_tag = EVENTHANDLER_REGISTER(ifnet_departure_event, 750 vlan_ifdetach, NULL, EVENTHANDLER_PRI_ANY); 751 if (ifdetach_tag == NULL) 752 return (ENOMEM); 753 iflladdr_tag = EVENTHANDLER_REGISTER(iflladdr_event, 754 vlan_iflladdr, NULL, EVENTHANDLER_PRI_ANY); 755 if (iflladdr_tag == NULL) 756 return (ENOMEM); 757 VLAN_LOCK_INIT(); 758 vlan_input_p = vlan_input; 759 vlan_link_state_p = vlan_link_state; 760 vlan_trunk_cap_p = vlan_trunk_capabilities; 761 vlan_trunkdev_p = vlan_trunkdev; 762 vlan_cookie_p = vlan_cookie; 763 vlan_setcookie_p = vlan_setcookie; 764 vlan_tag_p = vlan_tag; 765 vlan_devat_p = vlan_devat; 766 #ifndef VIMAGE 767 vlan_cloner = if_clone_advanced(vlanname, 0, vlan_clone_match, 768 vlan_clone_create, vlan_clone_destroy); 769 #endif 770 if (bootverbose) 771 printf("vlan: initialized, using " 772 #ifdef VLAN_ARRAY 773 "full-size arrays" 774 #else 775 "hash tables with chaining" 776 #endif 777 778 "\n"); 779 break; 780 case MOD_UNLOAD: 781 #ifndef VIMAGE 782 if_clone_detach(vlan_cloner); 783 #endif 784 EVENTHANDLER_DEREGISTER(ifnet_departure_event, ifdetach_tag); 785 EVENTHANDLER_DEREGISTER(iflladdr_event, iflladdr_tag); 786 vlan_input_p = NULL; 787 vlan_link_state_p = NULL; 788 vlan_trunk_cap_p = NULL; 789 vlan_trunkdev_p = NULL; 790 vlan_tag_p = NULL; 791 vlan_cookie_p = NULL; 792 vlan_setcookie_p = NULL; 793 vlan_devat_p = NULL; 794 VLAN_LOCK_DESTROY(); 795 if (bootverbose) 796 printf("vlan: unloaded\n"); 797 break; 798 default: 799 return (EOPNOTSUPP); 800 } 801 return (0); 802 } 803 804 static moduledata_t vlan_mod = { 805 "if_vlan", 806 vlan_modevent, 807 0 808 }; 809 810 DECLARE_MODULE(if_vlan, vlan_mod, SI_SUB_PSEUDO, SI_ORDER_ANY); 811 MODULE_VERSION(if_vlan, 3); 812 813 #ifdef VIMAGE 814 static void 815 vnet_vlan_init(const void *unused __unused) 816 { 817 818 vlan_cloner = if_clone_advanced(vlanname, 0, vlan_clone_match, 819 vlan_clone_create, vlan_clone_destroy); 820 V_vlan_cloner = vlan_cloner; 821 } 822 VNET_SYSINIT(vnet_vlan_init, SI_SUB_PROTO_IFATTACHDOMAIN, SI_ORDER_ANY, 823 vnet_vlan_init, NULL); 824 825 static void 826 vnet_vlan_uninit(const void *unused __unused) 827 { 828 829 if_clone_detach(V_vlan_cloner); 830 } 831 VNET_SYSUNINIT(vnet_vlan_uninit, SI_SUB_INIT_IF, SI_ORDER_FIRST, 832 vnet_vlan_uninit, NULL); 833 #endif 834 835 /* 836 * Check for <etherif>.<vlan> style interface names. 837 */ 838 static struct ifnet * 839 vlan_clone_match_ethervid(const char *name, int *vidp) 840 { 841 char ifname[IFNAMSIZ]; 842 char *cp; 843 struct ifnet *ifp; 844 int vid; 845 846 strlcpy(ifname, name, IFNAMSIZ); 847 if ((cp = strchr(ifname, '.')) == NULL) 848 return (NULL); 849 *cp = '\0'; 850 if ((ifp = ifunit(ifname)) == NULL) 851 return (NULL); 852 /* Parse VID. */ 853 if (*++cp == '\0') 854 return (NULL); 855 vid = 0; 856 for(; *cp >= '0' && *cp <= '9'; cp++) 857 vid = (vid * 10) + (*cp - '0'); 858 if (*cp != '\0') 859 return (NULL); 860 if (vidp != NULL) 861 *vidp = vid; 862 863 return (ifp); 864 } 865 866 static int 867 vlan_clone_match(struct if_clone *ifc, const char *name) 868 { 869 const char *cp; 870 871 if (vlan_clone_match_ethervid(name, NULL) != NULL) 872 return (1); 873 874 if (strncmp(vlanname, name, strlen(vlanname)) != 0) 875 return (0); 876 for (cp = name + 4; *cp != '\0'; cp++) { 877 if (*cp < '0' || *cp > '9') 878 return (0); 879 } 880 881 return (1); 882 } 883 884 static int 885 vlan_clone_create(struct if_clone *ifc, char *name, size_t len, caddr_t params) 886 { 887 char *dp; 888 int wildcard; 889 int unit; 890 int error; 891 int vid; 892 int ethertag; 893 struct ifvlan *ifv; 894 struct ifnet *ifp; 895 struct ifnet *p; 896 struct ifaddr *ifa; 897 struct sockaddr_dl *sdl; 898 struct vlanreq vlr; 899 static const u_char eaddr[ETHER_ADDR_LEN]; /* 00:00:00:00:00:00 */ 900 901 /* 902 * There are 3 (ugh) ways to specify the cloned device: 903 * o pass a parameter block with the clone request. 904 * o specify parameters in the text of the clone device name 905 * o specify no parameters and get an unattached device that 906 * must be configured separately. 907 * The first technique is preferred; the latter two are 908 * supported for backwards compatibility. 909 * 910 * XXXRW: Note historic use of the word "tag" here. New ioctls may be 911 * called for. 912 */ 913 if (params) { 914 error = copyin(params, &vlr, sizeof(vlr)); 915 if (error) 916 return error; 917 p = ifunit(vlr.vlr_parent); 918 if (p == NULL) 919 return (ENXIO); 920 error = ifc_name2unit(name, &unit); 921 if (error != 0) 922 return (error); 923 924 ethertag = 1; 925 vid = vlr.vlr_tag; 926 wildcard = (unit < 0); 927 } else if ((p = vlan_clone_match_ethervid(name, &vid)) != NULL) { 928 ethertag = 1; 929 unit = -1; 930 wildcard = 0; 931 } else { 932 ethertag = 0; 933 934 error = ifc_name2unit(name, &unit); 935 if (error != 0) 936 return (error); 937 938 wildcard = (unit < 0); 939 } 940 941 error = ifc_alloc_unit(ifc, &unit); 942 if (error != 0) 943 return (error); 944 945 /* In the wildcard case, we need to update the name. */ 946 if (wildcard) { 947 for (dp = name; *dp != '\0'; dp++); 948 if (snprintf(dp, len - (dp-name), "%d", unit) > 949 len - (dp-name) - 1) { 950 panic("%s: interface name too long", __func__); 951 } 952 } 953 954 ifv = malloc(sizeof(struct ifvlan), M_VLAN, M_WAITOK | M_ZERO); 955 ifp = ifv->ifv_ifp = if_alloc(IFT_ETHER); 956 if (ifp == NULL) { 957 ifc_free_unit(ifc, unit); 958 free(ifv, M_VLAN); 959 return (ENOSPC); 960 } 961 SLIST_INIT(&ifv->vlan_mc_listhead); 962 ifp->if_softc = ifv; 963 /* 964 * Set the name manually rather than using if_initname because 965 * we don't conform to the default naming convention for interfaces. 966 */ 967 strlcpy(ifp->if_xname, name, IFNAMSIZ); 968 ifp->if_dname = vlanname; 969 ifp->if_dunit = unit; 970 /* NB: flags are not set here */ 971 ifp->if_linkmib = &ifv->ifv_mib; 972 ifp->if_linkmiblen = sizeof(ifv->ifv_mib); 973 /* NB: mtu is not set here */ 974 975 ifp->if_init = vlan_init; 976 ifp->if_transmit = vlan_transmit; 977 ifp->if_qflush = vlan_qflush; 978 ifp->if_ioctl = vlan_ioctl; 979 #ifdef RATELIMIT 980 ifp->if_snd_tag_alloc = vlan_snd_tag_alloc; 981 #endif 982 ifp->if_flags = VLAN_IFFLAGS; 983 ether_ifattach(ifp, eaddr); 984 /* Now undo some of the damage... */ 985 ifp->if_baudrate = 0; 986 ifp->if_type = IFT_L2VLAN; 987 ifp->if_hdrlen = ETHER_VLAN_ENCAP_LEN; 988 ifa = ifp->if_addr; 989 sdl = (struct sockaddr_dl *)ifa->ifa_addr; 990 sdl->sdl_type = IFT_L2VLAN; 991 992 if (ethertag) { 993 error = vlan_config(ifv, p, vid); 994 if (error != 0) { 995 /* 996 * Since we've partially failed, we need to back 997 * out all the way, otherwise userland could get 998 * confused. Thus, we destroy the interface. 999 */ 1000 ether_ifdetach(ifp); 1001 vlan_unconfig(ifp); 1002 if_free(ifp); 1003 ifc_free_unit(ifc, unit); 1004 free(ifv, M_VLAN); 1005 1006 return (error); 1007 } 1008 1009 /* Update flags on the parent, if necessary. */ 1010 vlan_setflags(ifp, 1); 1011 } 1012 1013 return (0); 1014 } 1015 1016 static int 1017 vlan_clone_destroy(struct if_clone *ifc, struct ifnet *ifp) 1018 { 1019 struct ifvlan *ifv = ifp->if_softc; 1020 int unit = ifp->if_dunit; 1021 1022 ether_ifdetach(ifp); /* first, remove it from system-wide lists */ 1023 vlan_unconfig(ifp); /* now it can be unconfigured and freed */ 1024 if_free(ifp); 1025 free(ifv, M_VLAN); 1026 ifc_free_unit(ifc, unit); 1027 1028 return (0); 1029 } 1030 1031 /* 1032 * The ifp->if_init entry point for vlan(4) is a no-op. 1033 */ 1034 static void 1035 vlan_init(void *foo __unused) 1036 { 1037 } 1038 1039 /* 1040 * The if_transmit method for vlan(4) interface. 1041 */ 1042 static int 1043 vlan_transmit(struct ifnet *ifp, struct mbuf *m) 1044 { 1045 struct ifvlan *ifv; 1046 struct ifnet *p; 1047 struct m_tag *mtag; 1048 uint16_t tag; 1049 int error, len, mcast; 1050 1051 ifv = ifp->if_softc; 1052 p = PARENT(ifv); 1053 len = m->m_pkthdr.len; 1054 mcast = (m->m_flags & (M_MCAST | M_BCAST)) ? 1 : 0; 1055 1056 BPF_MTAP(ifp, m); 1057 1058 /* 1059 * Do not run parent's if_transmit() if the parent is not up, 1060 * or parent's driver will cause a system crash. 1061 */ 1062 if (!UP_AND_RUNNING(p)) { 1063 m_freem(m); 1064 if_inc_counter(ifp, IFCOUNTER_OERRORS, 1); 1065 return (ENETDOWN); 1066 } 1067 1068 /* 1069 * Pad the frame to the minimum size allowed if told to. 1070 * This option is in accord with IEEE Std 802.1Q, 2003 Ed., 1071 * paragraph C.4.4.3.b. It can help to work around buggy 1072 * bridges that violate paragraph C.4.4.3.a from the same 1073 * document, i.e., fail to pad short frames after untagging. 1074 * E.g., a tagged frame 66 bytes long (incl. FCS) is OK, but 1075 * untagging it will produce a 62-byte frame, which is a runt 1076 * and requires padding. There are VLAN-enabled network 1077 * devices that just discard such runts instead or mishandle 1078 * them somehow. 1079 */ 1080 if (V_soft_pad && p->if_type == IFT_ETHER) { 1081 static char pad[8]; /* just zeros */ 1082 int n; 1083 1084 for (n = ETHERMIN + ETHER_HDR_LEN - m->m_pkthdr.len; 1085 n > 0; n -= sizeof(pad)) 1086 if (!m_append(m, min(n, sizeof(pad)), pad)) 1087 break; 1088 1089 if (n > 0) { 1090 if_printf(ifp, "cannot pad short frame\n"); 1091 if_inc_counter(ifp, IFCOUNTER_OERRORS, 1); 1092 m_freem(m); 1093 return (0); 1094 } 1095 } 1096 1097 /* 1098 * If underlying interface can do VLAN tag insertion itself, 1099 * just pass the packet along. However, we need some way to 1100 * tell the interface where the packet came from so that it 1101 * knows how to find the VLAN tag to use, so we attach a 1102 * packet tag that holds it. 1103 */ 1104 if (vlan_mtag_pcp && (mtag = m_tag_locate(m, MTAG_8021Q, 1105 MTAG_8021Q_PCP_OUT, NULL)) != NULL) 1106 tag = EVL_MAKETAG(ifv->ifv_vid, *(uint8_t *)(mtag + 1), 0); 1107 else 1108 tag = ifv->ifv_tag; 1109 if (p->if_capenable & IFCAP_VLAN_HWTAGGING) { 1110 m->m_pkthdr.ether_vtag = tag; 1111 m->m_flags |= M_VLANTAG; 1112 } else { 1113 m = ether_vlanencap(m, tag); 1114 if (m == NULL) { 1115 if_printf(ifp, "unable to prepend VLAN header\n"); 1116 if_inc_counter(ifp, IFCOUNTER_OERRORS, 1); 1117 return (0); 1118 } 1119 } 1120 1121 /* 1122 * Send it, precisely as ether_output() would have. 1123 */ 1124 error = (p->if_transmit)(p, m); 1125 if (error == 0) { 1126 if_inc_counter(ifp, IFCOUNTER_OPACKETS, 1); 1127 if_inc_counter(ifp, IFCOUNTER_OBYTES, len); 1128 if_inc_counter(ifp, IFCOUNTER_OMCASTS, mcast); 1129 } else 1130 if_inc_counter(ifp, IFCOUNTER_OERRORS, 1); 1131 return (error); 1132 } 1133 1134 /* 1135 * The ifp->if_qflush entry point for vlan(4) is a no-op. 1136 */ 1137 static void 1138 vlan_qflush(struct ifnet *ifp __unused) 1139 { 1140 } 1141 1142 static void 1143 vlan_input(struct ifnet *ifp, struct mbuf *m) 1144 { 1145 struct ifvlantrunk *trunk = ifp->if_vlantrunk; 1146 struct ifvlan *ifv; 1147 TRUNK_LOCK_READER; 1148 struct m_tag *mtag; 1149 uint16_t vid, tag; 1150 1151 KASSERT(trunk != NULL, ("%s: no trunk", __func__)); 1152 1153 if (m->m_flags & M_VLANTAG) { 1154 /* 1155 * Packet is tagged, but m contains a normal 1156 * Ethernet frame; the tag is stored out-of-band. 1157 */ 1158 tag = m->m_pkthdr.ether_vtag; 1159 m->m_flags &= ~M_VLANTAG; 1160 } else { 1161 struct ether_vlan_header *evl; 1162 1163 /* 1164 * Packet is tagged in-band as specified by 802.1q. 1165 */ 1166 switch (ifp->if_type) { 1167 case IFT_ETHER: 1168 if (m->m_len < sizeof(*evl) && 1169 (m = m_pullup(m, sizeof(*evl))) == NULL) { 1170 if_printf(ifp, "cannot pullup VLAN header\n"); 1171 return; 1172 } 1173 evl = mtod(m, struct ether_vlan_header *); 1174 tag = ntohs(evl->evl_tag); 1175 1176 /* 1177 * Remove the 802.1q header by copying the Ethernet 1178 * addresses over it and adjusting the beginning of 1179 * the data in the mbuf. The encapsulated Ethernet 1180 * type field is already in place. 1181 */ 1182 bcopy((char *)evl, (char *)evl + ETHER_VLAN_ENCAP_LEN, 1183 ETHER_HDR_LEN - ETHER_TYPE_LEN); 1184 m_adj(m, ETHER_VLAN_ENCAP_LEN); 1185 break; 1186 1187 default: 1188 #ifdef INVARIANTS 1189 panic("%s: %s has unsupported if_type %u", 1190 __func__, ifp->if_xname, ifp->if_type); 1191 #endif 1192 m_freem(m); 1193 if_inc_counter(ifp, IFCOUNTER_NOPROTO, 1); 1194 return; 1195 } 1196 } 1197 1198 vid = EVL_VLANOFTAG(tag); 1199 1200 TRUNK_RLOCK(trunk); 1201 ifv = vlan_gethash(trunk, vid); 1202 if (ifv == NULL || !UP_AND_RUNNING(ifv->ifv_ifp)) { 1203 TRUNK_RUNLOCK(trunk); 1204 m_freem(m); 1205 if_inc_counter(ifp, IFCOUNTER_NOPROTO, 1); 1206 return; 1207 } 1208 TRUNK_RUNLOCK(trunk); 1209 1210 if (vlan_mtag_pcp) { 1211 /* 1212 * While uncommon, it is possible that we will find a 802.1q 1213 * packet encapsulated inside another packet that also had an 1214 * 802.1q header. For example, ethernet tunneled over IPSEC 1215 * arriving over ethernet. In that case, we replace the 1216 * existing 802.1q PCP m_tag value. 1217 */ 1218 mtag = m_tag_locate(m, MTAG_8021Q, MTAG_8021Q_PCP_IN, NULL); 1219 if (mtag == NULL) { 1220 mtag = m_tag_alloc(MTAG_8021Q, MTAG_8021Q_PCP_IN, 1221 sizeof(uint8_t), M_NOWAIT); 1222 if (mtag == NULL) { 1223 m_freem(m); 1224 if_inc_counter(ifp, IFCOUNTER_IERRORS, 1); 1225 return; 1226 } 1227 m_tag_prepend(m, mtag); 1228 } 1229 *(uint8_t *)(mtag + 1) = EVL_PRIOFTAG(tag); 1230 } 1231 1232 m->m_pkthdr.rcvif = ifv->ifv_ifp; 1233 if_inc_counter(ifv->ifv_ifp, IFCOUNTER_IPACKETS, 1); 1234 1235 /* Pass it back through the parent's input routine. */ 1236 (*ifp->if_input)(ifv->ifv_ifp, m); 1237 } 1238 1239 static int 1240 vlan_config(struct ifvlan *ifv, struct ifnet *p, uint16_t vid) 1241 { 1242 struct ifvlantrunk *trunk; 1243 struct ifnet *ifp; 1244 int error = 0; 1245 1246 /* 1247 * We can handle non-ethernet hardware types as long as 1248 * they handle the tagging and headers themselves. 1249 */ 1250 if (p->if_type != IFT_ETHER && 1251 (p->if_capenable & IFCAP_VLAN_HWTAGGING) == 0) 1252 return (EPROTONOSUPPORT); 1253 if ((p->if_flags & VLAN_IFFLAGS) != VLAN_IFFLAGS) 1254 return (EPROTONOSUPPORT); 1255 /* 1256 * Don't let the caller set up a VLAN VID with 1257 * anything except VLID bits. 1258 * VID numbers 0x0 and 0xFFF are reserved. 1259 */ 1260 if (vid == 0 || vid == 0xFFF || (vid & ~EVL_VLID_MASK)) 1261 return (EINVAL); 1262 if (ifv->ifv_trunk) 1263 return (EBUSY); 1264 1265 if (p->if_vlantrunk == NULL) { 1266 trunk = malloc(sizeof(struct ifvlantrunk), 1267 M_VLAN, M_WAITOK | M_ZERO); 1268 vlan_inithash(trunk); 1269 VLAN_LOCK(); 1270 if (p->if_vlantrunk != NULL) { 1271 /* A race that is very unlikely to be hit. */ 1272 vlan_freehash(trunk); 1273 free(trunk, M_VLAN); 1274 goto exists; 1275 } 1276 TRUNK_LOCK_INIT(trunk); 1277 TRUNK_LOCK(trunk); 1278 p->if_vlantrunk = trunk; 1279 trunk->parent = p; 1280 } else { 1281 VLAN_LOCK(); 1282 exists: 1283 trunk = p->if_vlantrunk; 1284 TRUNK_LOCK(trunk); 1285 } 1286 1287 ifv->ifv_vid = vid; /* must set this before vlan_inshash() */ 1288 ifv->ifv_pcp = 0; /* Default: best effort delivery. */ 1289 vlan_tag_recalculate(ifv); 1290 error = vlan_inshash(trunk, ifv); 1291 if (error) 1292 goto done; 1293 ifv->ifv_proto = ETHERTYPE_VLAN; 1294 ifv->ifv_encaplen = ETHER_VLAN_ENCAP_LEN; 1295 ifv->ifv_mintu = ETHERMIN; 1296 ifv->ifv_pflags = 0; 1297 1298 /* 1299 * If the parent supports the VLAN_MTU capability, 1300 * i.e. can Tx/Rx larger than ETHER_MAX_LEN frames, 1301 * use it. 1302 */ 1303 if (p->if_capenable & IFCAP_VLAN_MTU) { 1304 /* 1305 * No need to fudge the MTU since the parent can 1306 * handle extended frames. 1307 */ 1308 ifv->ifv_mtufudge = 0; 1309 } else { 1310 /* 1311 * Fudge the MTU by the encapsulation size. This 1312 * makes us incompatible with strictly compliant 1313 * 802.1Q implementations, but allows us to use 1314 * the feature with other NetBSD implementations, 1315 * which might still be useful. 1316 */ 1317 ifv->ifv_mtufudge = ifv->ifv_encaplen; 1318 } 1319 1320 ifv->ifv_trunk = trunk; 1321 ifp = ifv->ifv_ifp; 1322 /* 1323 * Initialize fields from our parent. This duplicates some 1324 * work with ether_ifattach() but allows for non-ethernet 1325 * interfaces to also work. 1326 */ 1327 ifp->if_mtu = p->if_mtu - ifv->ifv_mtufudge; 1328 ifp->if_baudrate = p->if_baudrate; 1329 ifp->if_output = p->if_output; 1330 ifp->if_input = p->if_input; 1331 ifp->if_resolvemulti = p->if_resolvemulti; 1332 ifp->if_addrlen = p->if_addrlen; 1333 ifp->if_broadcastaddr = p->if_broadcastaddr; 1334 1335 /* 1336 * Copy only a selected subset of flags from the parent. 1337 * Other flags are none of our business. 1338 */ 1339 #define VLAN_COPY_FLAGS (IFF_SIMPLEX) 1340 ifp->if_flags &= ~VLAN_COPY_FLAGS; 1341 ifp->if_flags |= p->if_flags & VLAN_COPY_FLAGS; 1342 #undef VLAN_COPY_FLAGS 1343 1344 ifp->if_link_state = p->if_link_state; 1345 1346 vlan_capabilities(ifv); 1347 1348 /* 1349 * Set up our interface address to reflect the underlying 1350 * physical interface's. 1351 */ 1352 bcopy(IF_LLADDR(p), IF_LLADDR(ifp), p->if_addrlen); 1353 ((struct sockaddr_dl *)ifp->if_addr->ifa_addr)->sdl_alen = 1354 p->if_addrlen; 1355 1356 /* 1357 * Configure multicast addresses that may already be 1358 * joined on the vlan device. 1359 */ 1360 (void)vlan_setmulti(ifp); /* XXX: VLAN lock held */ 1361 1362 /* We are ready for operation now. */ 1363 ifp->if_drv_flags |= IFF_DRV_RUNNING; 1364 done: 1365 TRUNK_UNLOCK(trunk); 1366 if (error == 0) 1367 EVENTHANDLER_INVOKE(vlan_config, p, ifv->ifv_vid); 1368 VLAN_UNLOCK(); 1369 1370 return (error); 1371 } 1372 1373 static void 1374 vlan_unconfig(struct ifnet *ifp) 1375 { 1376 1377 VLAN_LOCK(); 1378 vlan_unconfig_locked(ifp, 0); 1379 VLAN_UNLOCK(); 1380 } 1381 1382 static void 1383 vlan_unconfig_locked(struct ifnet *ifp, int departing) 1384 { 1385 struct ifvlantrunk *trunk; 1386 struct vlan_mc_entry *mc; 1387 struct ifvlan *ifv; 1388 struct ifnet *parent; 1389 int error; 1390 1391 VLAN_LOCK_ASSERT(); 1392 1393 ifv = ifp->if_softc; 1394 trunk = ifv->ifv_trunk; 1395 parent = NULL; 1396 1397 if (trunk != NULL) { 1398 1399 TRUNK_LOCK(trunk); 1400 parent = trunk->parent; 1401 1402 /* 1403 * Since the interface is being unconfigured, we need to 1404 * empty the list of multicast groups that we may have joined 1405 * while we were alive from the parent's list. 1406 */ 1407 while ((mc = SLIST_FIRST(&ifv->vlan_mc_listhead)) != NULL) { 1408 /* 1409 * If the parent interface is being detached, 1410 * all its multicast addresses have already 1411 * been removed. Warn about errors if 1412 * if_delmulti() does fail, but don't abort as 1413 * all callers expect vlan destruction to 1414 * succeed. 1415 */ 1416 if (!departing) { 1417 error = if_delmulti(parent, 1418 (struct sockaddr *)&mc->mc_addr); 1419 if (error) 1420 if_printf(ifp, 1421 "Failed to delete multicast address from parent: %d\n", 1422 error); 1423 } 1424 SLIST_REMOVE_HEAD(&ifv->vlan_mc_listhead, mc_entries); 1425 free(mc, M_VLAN); 1426 } 1427 1428 vlan_setflags(ifp, 0); /* clear special flags on parent */ 1429 vlan_remhash(trunk, ifv); 1430 ifv->ifv_trunk = NULL; 1431 1432 /* 1433 * Check if we were the last. 1434 */ 1435 if (trunk->refcnt == 0) { 1436 parent->if_vlantrunk = NULL; 1437 /* 1438 * XXXGL: If some ithread has already entered 1439 * vlan_input() and is now blocked on the trunk 1440 * lock, then it should preempt us right after 1441 * unlock and finish its work. Then we will acquire 1442 * lock again in trunk_destroy(). 1443 */ 1444 TRUNK_UNLOCK(trunk); 1445 trunk_destroy(trunk); 1446 } else 1447 TRUNK_UNLOCK(trunk); 1448 } 1449 1450 /* Disconnect from parent. */ 1451 if (ifv->ifv_pflags) 1452 if_printf(ifp, "%s: ifv_pflags unclean\n", __func__); 1453 ifp->if_mtu = ETHERMTU; 1454 ifp->if_link_state = LINK_STATE_UNKNOWN; 1455 ifp->if_drv_flags &= ~IFF_DRV_RUNNING; 1456 1457 /* 1458 * Only dispatch an event if vlan was 1459 * attached, otherwise there is nothing 1460 * to cleanup anyway. 1461 */ 1462 if (parent != NULL) 1463 EVENTHANDLER_INVOKE(vlan_unconfig, parent, ifv->ifv_vid); 1464 } 1465 1466 /* Handle a reference counted flag that should be set on the parent as well */ 1467 static int 1468 vlan_setflag(struct ifnet *ifp, int flag, int status, 1469 int (*func)(struct ifnet *, int)) 1470 { 1471 struct ifvlan *ifv; 1472 int error; 1473 1474 /* XXX VLAN_LOCK_ASSERT(); */ 1475 1476 ifv = ifp->if_softc; 1477 status = status ? (ifp->if_flags & flag) : 0; 1478 /* Now "status" contains the flag value or 0 */ 1479 1480 /* 1481 * See if recorded parent's status is different from what 1482 * we want it to be. If it is, flip it. We record parent's 1483 * status in ifv_pflags so that we won't clear parent's flag 1484 * we haven't set. In fact, we don't clear or set parent's 1485 * flags directly, but get or release references to them. 1486 * That's why we can be sure that recorded flags still are 1487 * in accord with actual parent's flags. 1488 */ 1489 if (status != (ifv->ifv_pflags & flag)) { 1490 error = (*func)(PARENT(ifv), status); 1491 if (error) 1492 return (error); 1493 ifv->ifv_pflags &= ~flag; 1494 ifv->ifv_pflags |= status; 1495 } 1496 return (0); 1497 } 1498 1499 /* 1500 * Handle IFF_* flags that require certain changes on the parent: 1501 * if "status" is true, update parent's flags respective to our if_flags; 1502 * if "status" is false, forcedly clear the flags set on parent. 1503 */ 1504 static int 1505 vlan_setflags(struct ifnet *ifp, int status) 1506 { 1507 int error, i; 1508 1509 for (i = 0; vlan_pflags[i].flag; i++) { 1510 error = vlan_setflag(ifp, vlan_pflags[i].flag, 1511 status, vlan_pflags[i].func); 1512 if (error) 1513 return (error); 1514 } 1515 return (0); 1516 } 1517 1518 /* Inform all vlans that their parent has changed link state */ 1519 static void 1520 vlan_link_state(struct ifnet *ifp) 1521 { 1522 struct ifvlantrunk *trunk = ifp->if_vlantrunk; 1523 struct ifvlan *ifv; 1524 int i; 1525 1526 TRUNK_LOCK(trunk); 1527 #ifdef VLAN_ARRAY 1528 for (i = 0; i < VLAN_ARRAY_SIZE; i++) 1529 if (trunk->vlans[i] != NULL) { 1530 ifv = trunk->vlans[i]; 1531 #else 1532 for (i = 0; i < (1 << trunk->hwidth); i++) 1533 LIST_FOREACH(ifv, &trunk->hash[i], ifv_list) { 1534 #endif 1535 ifv->ifv_ifp->if_baudrate = trunk->parent->if_baudrate; 1536 if_link_state_change(ifv->ifv_ifp, 1537 trunk->parent->if_link_state); 1538 } 1539 TRUNK_UNLOCK(trunk); 1540 } 1541 1542 static void 1543 vlan_capabilities(struct ifvlan *ifv) 1544 { 1545 struct ifnet *p = PARENT(ifv); 1546 struct ifnet *ifp = ifv->ifv_ifp; 1547 struct ifnet_hw_tsomax hw_tsomax; 1548 1549 TRUNK_LOCK_ASSERT(TRUNK(ifv)); 1550 1551 /* 1552 * If the parent interface can do checksum offloading 1553 * on VLANs, then propagate its hardware-assisted 1554 * checksumming flags. Also assert that checksum 1555 * offloading requires hardware VLAN tagging. 1556 */ 1557 if (p->if_capabilities & IFCAP_VLAN_HWCSUM) 1558 ifp->if_capabilities = p->if_capabilities & IFCAP_HWCSUM; 1559 1560 if (p->if_capenable & IFCAP_VLAN_HWCSUM && 1561 p->if_capenable & IFCAP_VLAN_HWTAGGING) { 1562 ifp->if_capenable = p->if_capenable & IFCAP_HWCSUM; 1563 ifp->if_hwassist = p->if_hwassist & (CSUM_IP | CSUM_TCP | 1564 CSUM_UDP | CSUM_SCTP); 1565 } else { 1566 ifp->if_capenable = 0; 1567 ifp->if_hwassist = 0; 1568 } 1569 /* 1570 * If the parent interface can do TSO on VLANs then 1571 * propagate the hardware-assisted flag. TSO on VLANs 1572 * does not necessarily require hardware VLAN tagging. 1573 */ 1574 memset(&hw_tsomax, 0, sizeof(hw_tsomax)); 1575 if_hw_tsomax_common(p, &hw_tsomax); 1576 if_hw_tsomax_update(ifp, &hw_tsomax); 1577 if (p->if_capabilities & IFCAP_VLAN_HWTSO) 1578 ifp->if_capabilities |= p->if_capabilities & IFCAP_TSO; 1579 if (p->if_capenable & IFCAP_VLAN_HWTSO) { 1580 ifp->if_capenable |= p->if_capenable & IFCAP_TSO; 1581 ifp->if_hwassist |= p->if_hwassist & CSUM_TSO; 1582 } else { 1583 ifp->if_capenable &= ~(p->if_capenable & IFCAP_TSO); 1584 ifp->if_hwassist &= ~(p->if_hwassist & CSUM_TSO); 1585 } 1586 1587 /* 1588 * If the parent interface can offload TCP connections over VLANs then 1589 * propagate its TOE capability to the VLAN interface. 1590 * 1591 * All TOE drivers in the tree today can deal with VLANs. If this 1592 * changes then IFCAP_VLAN_TOE should be promoted to a full capability 1593 * with its own bit. 1594 */ 1595 #define IFCAP_VLAN_TOE IFCAP_TOE 1596 if (p->if_capabilities & IFCAP_VLAN_TOE) 1597 ifp->if_capabilities |= p->if_capabilities & IFCAP_TOE; 1598 if (p->if_capenable & IFCAP_VLAN_TOE) { 1599 TOEDEV(ifp) = TOEDEV(p); 1600 ifp->if_capenable |= p->if_capenable & IFCAP_TOE; 1601 } 1602 1603 #ifdef RATELIMIT 1604 /* 1605 * If the parent interface supports ratelimiting, so does the 1606 * VLAN interface. 1607 */ 1608 ifp->if_capabilities |= (p->if_capabilities & IFCAP_TXRTLMT); 1609 ifp->if_capenable |= (p->if_capenable & IFCAP_TXRTLMT); 1610 #endif 1611 } 1612 1613 static void 1614 vlan_trunk_capabilities(struct ifnet *ifp) 1615 { 1616 struct ifvlantrunk *trunk = ifp->if_vlantrunk; 1617 struct ifvlan *ifv; 1618 int i; 1619 1620 TRUNK_LOCK(trunk); 1621 #ifdef VLAN_ARRAY 1622 for (i = 0; i < VLAN_ARRAY_SIZE; i++) 1623 if (trunk->vlans[i] != NULL) { 1624 ifv = trunk->vlans[i]; 1625 #else 1626 for (i = 0; i < (1 << trunk->hwidth); i++) { 1627 LIST_FOREACH(ifv, &trunk->hash[i], ifv_list) 1628 #endif 1629 vlan_capabilities(ifv); 1630 } 1631 TRUNK_UNLOCK(trunk); 1632 } 1633 1634 static int 1635 vlan_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) 1636 { 1637 struct ifnet *p; 1638 struct ifreq *ifr; 1639 struct ifaddr *ifa; 1640 struct ifvlan *ifv; 1641 struct ifvlantrunk *trunk; 1642 struct vlanreq vlr; 1643 int error = 0; 1644 1645 ifr = (struct ifreq *)data; 1646 ifa = (struct ifaddr *) data; 1647 ifv = ifp->if_softc; 1648 1649 switch (cmd) { 1650 case SIOCSIFADDR: 1651 ifp->if_flags |= IFF_UP; 1652 #ifdef INET 1653 if (ifa->ifa_addr->sa_family == AF_INET) 1654 arp_ifinit(ifp, ifa); 1655 #endif 1656 break; 1657 case SIOCGIFADDR: 1658 { 1659 struct sockaddr *sa; 1660 1661 sa = (struct sockaddr *)&ifr->ifr_data; 1662 bcopy(IF_LLADDR(ifp), sa->sa_data, ifp->if_addrlen); 1663 } 1664 break; 1665 case SIOCGIFMEDIA: 1666 VLAN_LOCK(); 1667 if (TRUNK(ifv) != NULL) { 1668 p = PARENT(ifv); 1669 VLAN_UNLOCK(); 1670 error = (*p->if_ioctl)(p, SIOCGIFMEDIA, data); 1671 /* Limit the result to the parent's current config. */ 1672 if (error == 0) { 1673 struct ifmediareq *ifmr; 1674 1675 ifmr = (struct ifmediareq *)data; 1676 if (ifmr->ifm_count >= 1 && ifmr->ifm_ulist) { 1677 ifmr->ifm_count = 1; 1678 error = copyout(&ifmr->ifm_current, 1679 ifmr->ifm_ulist, 1680 sizeof(int)); 1681 } 1682 } 1683 } else { 1684 VLAN_UNLOCK(); 1685 error = EINVAL; 1686 } 1687 break; 1688 1689 case SIOCSIFMEDIA: 1690 error = EINVAL; 1691 break; 1692 1693 case SIOCSIFMTU: 1694 /* 1695 * Set the interface MTU. 1696 */ 1697 VLAN_LOCK(); 1698 if (TRUNK(ifv) != NULL) { 1699 if (ifr->ifr_mtu > 1700 (PARENT(ifv)->if_mtu - ifv->ifv_mtufudge) || 1701 ifr->ifr_mtu < 1702 (ifv->ifv_mintu - ifv->ifv_mtufudge)) 1703 error = EINVAL; 1704 else 1705 ifp->if_mtu = ifr->ifr_mtu; 1706 } else 1707 error = EINVAL; 1708 VLAN_UNLOCK(); 1709 break; 1710 1711 case SIOCSETVLAN: 1712 #ifdef VIMAGE 1713 /* 1714 * XXXRW/XXXBZ: The goal in these checks is to allow a VLAN 1715 * interface to be delegated to a jail without allowing the 1716 * jail to change what underlying interface/VID it is 1717 * associated with. We are not entirely convinced that this 1718 * is the right way to accomplish that policy goal. 1719 */ 1720 if (ifp->if_vnet != ifp->if_home_vnet) { 1721 error = EPERM; 1722 break; 1723 } 1724 #endif 1725 error = copyin(ifr->ifr_data, &vlr, sizeof(vlr)); 1726 if (error) 1727 break; 1728 if (vlr.vlr_parent[0] == '\0') { 1729 vlan_unconfig(ifp); 1730 break; 1731 } 1732 p = ifunit(vlr.vlr_parent); 1733 if (p == NULL) { 1734 error = ENOENT; 1735 break; 1736 } 1737 error = vlan_config(ifv, p, vlr.vlr_tag); 1738 if (error) 1739 break; 1740 1741 /* Update flags on the parent, if necessary. */ 1742 vlan_setflags(ifp, 1); 1743 break; 1744 1745 case SIOCGETVLAN: 1746 #ifdef VIMAGE 1747 if (ifp->if_vnet != ifp->if_home_vnet) { 1748 error = EPERM; 1749 break; 1750 } 1751 #endif 1752 bzero(&vlr, sizeof(vlr)); 1753 VLAN_LOCK(); 1754 if (TRUNK(ifv) != NULL) { 1755 strlcpy(vlr.vlr_parent, PARENT(ifv)->if_xname, 1756 sizeof(vlr.vlr_parent)); 1757 vlr.vlr_tag = ifv->ifv_vid; 1758 } 1759 VLAN_UNLOCK(); 1760 error = copyout(&vlr, ifr->ifr_data, sizeof(vlr)); 1761 break; 1762 1763 case SIOCSIFFLAGS: 1764 /* 1765 * We should propagate selected flags to the parent, 1766 * e.g., promiscuous mode. 1767 */ 1768 if (TRUNK(ifv) != NULL) 1769 error = vlan_setflags(ifp, 1); 1770 break; 1771 1772 case SIOCADDMULTI: 1773 case SIOCDELMULTI: 1774 /* 1775 * If we don't have a parent, just remember the membership for 1776 * when we do. 1777 */ 1778 trunk = TRUNK(ifv); 1779 if (trunk != NULL) { 1780 TRUNK_LOCK(trunk); 1781 error = vlan_setmulti(ifp); 1782 TRUNK_UNLOCK(trunk); 1783 } 1784 break; 1785 1786 case SIOCGVLANPCP: 1787 #ifdef VIMAGE 1788 if (ifp->if_vnet != ifp->if_home_vnet) { 1789 error = EPERM; 1790 break; 1791 } 1792 #endif 1793 ifr->ifr_vlan_pcp = ifv->ifv_pcp; 1794 break; 1795 1796 case SIOCSVLANPCP: 1797 #ifdef VIMAGE 1798 if (ifp->if_vnet != ifp->if_home_vnet) { 1799 error = EPERM; 1800 break; 1801 } 1802 #endif 1803 error = priv_check(curthread, PRIV_NET_SETVLANPCP); 1804 if (error) 1805 break; 1806 if (ifr->ifr_vlan_pcp > 7) { 1807 error = EINVAL; 1808 break; 1809 } 1810 ifv->ifv_pcp = ifr->ifr_vlan_pcp; 1811 vlan_tag_recalculate(ifv); 1812 break; 1813 1814 default: 1815 error = EINVAL; 1816 break; 1817 } 1818 1819 return (error); 1820 } 1821 1822 #ifdef RATELIMIT 1823 static int 1824 vlan_snd_tag_alloc(struct ifnet *ifp, 1825 union if_snd_tag_alloc_params *params, 1826 struct m_snd_tag **ppmt) 1827 { 1828 1829 /* get trunk device */ 1830 ifp = vlan_trunkdev(ifp); 1831 if (ifp == NULL || (ifp->if_capenable & IFCAP_TXRTLMT) == 0) 1832 return (EOPNOTSUPP); 1833 /* forward allocation request */ 1834 return (ifp->if_snd_tag_alloc(ifp, params, ppmt)); 1835 } 1836 #endif 1837