1 /* 2 * Copyright 1998 Massachusetts Institute of Technology 3 * 4 * Permission to use, copy, modify, and distribute this software and 5 * its documentation for any purpose and without fee is hereby 6 * granted, provided that both the above copyright notice and this 7 * permission notice appear in all copies, that both the above 8 * copyright notice and this permission notice appear in all 9 * supporting documentation, and that the name of M.I.T. not be used 10 * in advertising or publicity pertaining to distribution of the 11 * software without specific, written prior permission. M.I.T. makes 12 * no representations about the suitability of this software for any 13 * purpose. It is provided "as is" without express or implied 14 * warranty. 15 * 16 * THIS SOFTWARE IS PROVIDED BY M.I.T. ``AS IS''. M.I.T. DISCLAIMS 17 * ALL EXPRESS OR IMPLIED WARRANTIES WITH REGARD TO THIS SOFTWARE, 18 * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 19 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT 20 * SHALL M.I.T. BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 21 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 22 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF 23 * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND 24 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 25 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT 26 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 * 29 * $FreeBSD$ 30 */ 31 32 /* 33 * if_vlan.c - pseudo-device driver for IEEE 802.1Q virtual LANs. 34 * Might be extended some day to also handle IEEE 802.1p priority 35 * tagging. This is sort of sneaky in the implementation, since 36 * we need to pretend to be enough of an Ethernet implementation 37 * to make arp work. The way we do this is by telling everyone 38 * that we are an Ethernet, and then catch the packets that 39 * ether_output() left on our output queue when it calls 40 * if_start(), rewrite them for use by the real outgoing interface, 41 * and ask it to send them. 42 * 43 * 44 * XXX It's incorrect to assume that we must always kludge up 45 * headers on the physical device's behalf: some devices support 46 * VLAN tag insertion and extraction in firmware. For these cases, 47 * one can change the behavior of the vlan interface by setting 48 * the LINK0 flag on it (that is setting the vlan interface's LINK0 49 * flag, _not_ the parent's LINK0 flag; we try to leave the parent 50 * alone). If the interface has the LINK0 flag set, then it will 51 * not modify the ethernet header on output, because the parent 52 * can do that for itself. On input, the parent can call vlan_input_tag() 53 * directly in order to supply us with an incoming mbuf and the vlan 54 * tag value that goes with it. 55 */ 56 57 #include "vlan.h" 58 #include "opt_inet.h" 59 60 #include <sys/param.h> 61 #include <sys/kernel.h> 62 #include <sys/malloc.h> 63 #include <sys/mbuf.h> 64 #include <sys/module.h> 65 #include <sys/queue.h> 66 #include <sys/socket.h> 67 #include <sys/sockio.h> 68 #include <sys/sysctl.h> 69 #include <sys/systm.h> 70 71 #include <net/bpf.h> 72 #include <net/ethernet.h> 73 #include <net/if.h> 74 #include <net/if_arp.h> 75 #include <net/if_dl.h> 76 #include <net/if_types.h> 77 #include <net/if_vlan_var.h> 78 79 #ifdef INET 80 #include <netinet/in.h> 81 #include <netinet/if_ether.h> 82 #endif 83 84 SYSCTL_DECL(_net_link); 85 SYSCTL_NODE(_net_link, IFT_L2VLAN, vlan, CTLFLAG_RW, 0, "IEEE 802.1Q VLAN"); 86 SYSCTL_NODE(_net_link_vlan, PF_LINK, link, CTLFLAG_RW, 0, "for consistency"); 87 88 u_int vlan_proto = ETHERTYPE_VLAN; 89 SYSCTL_INT(_net_link_vlan_link, VLANCTL_PROTO, proto, CTLFLAG_RW, &vlan_proto, 90 0, "Ethernet protocol used for VLAN encapsulation"); 91 92 static struct ifvlan ifv_softc[NVLAN]; 93 94 static void vlan_start(struct ifnet *ifp); 95 static void vlan_ifinit(void *foo); 96 static int vlan_ioctl(struct ifnet *ifp, u_long cmd, caddr_t addr); 97 static int vlan_setmulti(struct ifnet *ifp); 98 static int vlan_unconfig(struct ifnet *ifp); 99 static int vlan_config(struct ifvlan *ifv, struct ifnet *p); 100 101 /* 102 * Program our multicast filter. What we're actually doing is 103 * programming the multicast filter of the parent. This has the 104 * side effect of causing the parent interface to receive multicast 105 * traffic that it doesn't really want, which ends up being discarded 106 * later by the upper protocol layers. Unfortunately, there's no way 107 * to avoid this: there really is only one physical interface. 108 */ 109 static int 110 vlan_setmulti(struct ifnet *ifp) 111 { 112 struct ifnet *ifp_p; 113 struct ifmultiaddr *ifma, *rifma = NULL; 114 struct ifvlan *sc; 115 struct vlan_mc_entry *mc = NULL; 116 struct sockaddr_dl sdl; 117 int error; 118 119 /* Find the parent. */ 120 sc = ifp->if_softc; 121 ifp_p = sc->ifv_p; 122 123 /* 124 * If we don't have a parent, just remember the membership for 125 * when we do. 126 */ 127 if (ifp_p == NULL) 128 return(0); 129 130 bzero((char *)&sdl, sizeof sdl); 131 sdl.sdl_len = sizeof sdl; 132 sdl.sdl_family = AF_LINK; 133 sdl.sdl_index = ifp_p->if_index; 134 sdl.sdl_type = IFT_ETHER; 135 sdl.sdl_alen = ETHER_ADDR_LEN; 136 137 /* First, remove any existing filter entries. */ 138 while(SLIST_FIRST(&sc->vlan_mc_listhead) != NULL) { 139 mc = SLIST_FIRST(&sc->vlan_mc_listhead); 140 bcopy((char *)&mc->mc_addr, LLADDR(&sdl), ETHER_ADDR_LEN); 141 error = if_delmulti(ifp_p, (struct sockaddr *)&sdl); 142 if (error) 143 return(error); 144 SLIST_REMOVE_HEAD(&sc->vlan_mc_listhead, mc_entries); 145 free(mc, M_DEVBUF); 146 } 147 148 /* Now program new ones. */ 149 TAILQ_FOREACH(ifma, &ifp->if_multiaddrs, ifma_link) { 150 if (ifma->ifma_addr->sa_family != AF_LINK) 151 continue; 152 mc = malloc(sizeof(struct vlan_mc_entry), M_DEVBUF, M_WAITOK); 153 bcopy(LLADDR((struct sockaddr_dl *)ifma->ifma_addr), 154 (char *)&mc->mc_addr, ETHER_ADDR_LEN); 155 SLIST_INSERT_HEAD(&sc->vlan_mc_listhead, mc, mc_entries); 156 bcopy(LLADDR((struct sockaddr_dl *)ifma->ifma_addr), 157 LLADDR(&sdl), ETHER_ADDR_LEN); 158 error = if_addmulti(ifp_p, (struct sockaddr *)&sdl, &rifma); 159 if (error) 160 return(error); 161 } 162 163 return(0); 164 } 165 166 static void 167 vlaninit(void) 168 { 169 int i; 170 171 for (i = 0; i < NVLAN; i++) { 172 struct ifnet *ifp = &ifv_softc[i].ifv_if; 173 174 ifp->if_softc = &ifv_softc[i]; 175 ifp->if_name = "vlan"; 176 ifp->if_unit = i; 177 /* NB: flags are not set here */ 178 ifp->if_linkmib = &ifv_softc[i].ifv_mib; 179 ifp->if_linkmiblen = sizeof ifv_softc[i].ifv_mib; 180 /* NB: mtu is not set here */ 181 182 ifp->if_init = vlan_ifinit; 183 ifp->if_start = vlan_start; 184 ifp->if_ioctl = vlan_ioctl; 185 ifp->if_output = ether_output; 186 ifp->if_snd.ifq_maxlen = ifqmaxlen; 187 ether_ifattach(ifp, ETHER_BPF_SUPPORTED); 188 /* Now undo some of the damage... */ 189 ifp->if_data.ifi_type = IFT_L2VLAN; 190 ifp->if_data.ifi_hdrlen = EVL_ENCAPLEN; 191 } 192 } 193 194 static int 195 vlan_modevent(module_t mod, int type, void *data) 196 { 197 switch (type) { 198 case MOD_LOAD: 199 vlaninit(); 200 break; 201 case MOD_UNLOAD: 202 printf("if_vlan module unload - not possible for this module type\n"); 203 return EINVAL; 204 } 205 return 0; 206 } 207 208 static moduledata_t vlan_mod = { 209 "if_vlan", 210 vlan_modevent, 211 0 212 }; 213 214 DECLARE_MODULE(if_vlan, vlan_mod, SI_SUB_PSEUDO, SI_ORDER_ANY); 215 216 static void 217 vlan_ifinit(void *foo) 218 { 219 return; 220 } 221 222 static void 223 vlan_start(struct ifnet *ifp) 224 { 225 struct ifvlan *ifv; 226 struct ifnet *p; 227 struct ether_vlan_header *evl; 228 struct mbuf *m; 229 230 ifv = ifp->if_softc; 231 p = ifv->ifv_p; 232 233 ifp->if_flags |= IFF_OACTIVE; 234 for (;;) { 235 IF_DEQUEUE(&ifp->if_snd, m); 236 if (m == 0) 237 break; 238 if (ifp->if_bpf) 239 bpf_mtap(ifp, m); 240 241 /* 242 * Do not run parent's if_start() if the parent is not up, 243 * or parent's driver will cause a system crash. 244 */ 245 if ((p->if_flags & (IFF_UP | IFF_RUNNING)) != 246 (IFF_UP | IFF_RUNNING)) { 247 m_freem(m); 248 ifp->if_data.ifi_collisions++; 249 continue; 250 } 251 252 /* 253 * If the LINK0 flag is set, it means the underlying interface 254 * can do VLAN tag insertion itself and doesn't require us to 255 * create a special header for it. In this case, we just pass 256 * the packet along. However, we need some way to tell the 257 * interface where the packet came from so that it knows how 258 * to find the VLAN tag to use, so we set the rcvif in the 259 * mbuf header to our ifnet. 260 * 261 * Note: we also set the M_PROTO1 flag in the mbuf to let 262 * the parent driver know that the rcvif pointer is really 263 * valid. We need to do this because sometimes mbufs will 264 * be allocated by other parts of the system that contain 265 * garbage in the rcvif pointer. Using the M_PROTO1 flag 266 * lets the driver perform a proper sanity check and avoid 267 * following potentially bogus rcvif pointers off into 268 * never-never land. 269 */ 270 if (ifp->if_flags & IFF_LINK0) { 271 m->m_pkthdr.rcvif = ifp; 272 m->m_flags |= M_PROTO1; 273 } else { 274 M_PREPEND(m, EVL_ENCAPLEN, M_DONTWAIT); 275 if (m == NULL) { 276 printf("vlan%d: M_PREPEND failed", ifp->if_unit); 277 ifp->if_ierrors++; 278 continue; 279 } 280 /* M_PREPEND takes care of m_len, m_pkthdr.len for us */ 281 282 m = m_pullup(m, ETHER_HDR_LEN + EVL_ENCAPLEN); 283 if (m == NULL) { 284 printf("vlan%d: m_pullup failed", ifp->if_unit); 285 ifp->if_ierrors++; 286 continue; 287 } 288 289 /* 290 * Transform the Ethernet header into an Ethernet header 291 * with 802.1Q encapsulation. 292 */ 293 bcopy(mtod(m, char *) + EVL_ENCAPLEN, mtod(m, char *), 294 sizeof(struct ether_header)); 295 evl = mtod(m, struct ether_vlan_header *); 296 evl->evl_proto = evl->evl_encap_proto; 297 evl->evl_encap_proto = htons(vlan_proto); 298 evl->evl_tag = htons(ifv->ifv_tag); 299 #ifdef DEBUG 300 printf("vlan_start: %*D\n", sizeof *evl, 301 (unsigned char *)evl, ":"); 302 #endif 303 } 304 305 /* 306 * Send it, precisely as ether_output() would have. 307 * We are already running at splimp. 308 */ 309 if (IF_HANDOFF(&p->if_snd, m, p)) 310 ifp->if_opackets++; 311 else 312 ifp->if_oerrors++; 313 } 314 ifp->if_flags &= ~IFF_OACTIVE; 315 316 return; 317 } 318 319 int 320 vlan_input_tag(struct ether_header *eh, struct mbuf *m, u_int16_t t) 321 { 322 int i; 323 struct ifvlan *ifv; 324 325 for (i = 0; i < NVLAN; i++) { 326 ifv = &ifv_softc[i]; 327 if (ifv->ifv_tag == t) 328 break; 329 } 330 331 if (i >= NVLAN || (ifv->ifv_if.if_flags & IFF_UP) == 0) { 332 m_free(m); 333 return -1; /* So the parent can take note */ 334 } 335 336 /* 337 * Having found a valid vlan interface corresponding to 338 * the given source interface and vlan tag, run the 339 * the real packet through ethert_input(). 340 */ 341 m->m_pkthdr.rcvif = &ifv->ifv_if; 342 343 ifv->ifv_if.if_ipackets++; 344 ether_input(&ifv->ifv_if, eh, m); 345 return 0; 346 } 347 348 int 349 vlan_input(struct ether_header *eh, struct mbuf *m) 350 { 351 int i; 352 struct ifvlan *ifv; 353 354 for (i = 0; i < NVLAN; i++) { 355 ifv = &ifv_softc[i]; 356 if (m->m_pkthdr.rcvif == ifv->ifv_p 357 && (EVL_VLANOFTAG(ntohs(*mtod(m, u_int16_t *))) 358 == ifv->ifv_tag)) 359 break; 360 } 361 362 if (i >= NVLAN || (ifv->ifv_if.if_flags & IFF_UP) == 0) { 363 m_freem(m); 364 return -1; /* so ether_input can take note */ 365 } 366 367 /* 368 * Having found a valid vlan interface corresponding to 369 * the given source interface and vlan tag, remove the 370 * encapsulation, and run the real packet through 371 * ether_input() a second time (it had better be 372 * reentrant!). 373 */ 374 m->m_pkthdr.rcvif = &ifv->ifv_if; 375 eh->ether_type = mtod(m, u_int16_t *)[1]; 376 m->m_data += EVL_ENCAPLEN; 377 m->m_len -= EVL_ENCAPLEN; 378 m->m_pkthdr.len -= EVL_ENCAPLEN; 379 380 ifv->ifv_if.if_ipackets++; 381 ether_input(&ifv->ifv_if, eh, m); 382 return 0; 383 } 384 385 static int 386 vlan_config(struct ifvlan *ifv, struct ifnet *p) 387 { 388 struct ifaddr *ifa1, *ifa2; 389 struct sockaddr_dl *sdl1, *sdl2; 390 391 if (p->if_data.ifi_type != IFT_ETHER) 392 return EPROTONOSUPPORT; 393 if (ifv->ifv_p) 394 return EBUSY; 395 ifv->ifv_p = p; 396 if (p->if_data.ifi_hdrlen == sizeof(struct ether_vlan_header)) 397 ifv->ifv_if.if_mtu = p->if_mtu; 398 else 399 ifv->ifv_if.if_mtu = p->if_data.ifi_mtu - EVL_ENCAPLEN; 400 401 /* 402 * Copy only a selected subset of flags from the parent. 403 * Other flags are none of our business. 404 */ 405 ifv->ifv_if.if_flags = (p->if_flags & 406 (IFF_BROADCAST | IFF_MULTICAST | IFF_SIMPLEX | IFF_POINTOPOINT)); 407 408 /* 409 * Set up our ``Ethernet address'' to reflect the underlying 410 * physical interface's. 411 */ 412 ifa1 = ifnet_addrs[ifv->ifv_if.if_index - 1]; 413 ifa2 = ifnet_addrs[p->if_index - 1]; 414 sdl1 = (struct sockaddr_dl *)ifa1->ifa_addr; 415 sdl2 = (struct sockaddr_dl *)ifa2->ifa_addr; 416 sdl1->sdl_type = IFT_ETHER; 417 sdl1->sdl_alen = ETHER_ADDR_LEN; 418 bcopy(LLADDR(sdl2), LLADDR(sdl1), ETHER_ADDR_LEN); 419 bcopy(LLADDR(sdl2), ifv->ifv_ac.ac_enaddr, ETHER_ADDR_LEN); 420 421 /* 422 * Configure multicast addresses that may already be 423 * joined on the vlan device. 424 */ 425 (void)vlan_setmulti(&ifv->ifv_if); 426 427 return 0; 428 } 429 430 static int 431 vlan_unconfig(struct ifnet *ifp) 432 { 433 struct ifaddr *ifa; 434 struct sockaddr_dl *sdl; 435 struct vlan_mc_entry *mc; 436 struct ifvlan *ifv; 437 struct ifnet *p; 438 int error; 439 440 ifv = ifp->if_softc; 441 p = ifv->ifv_p; 442 443 if (p) { 444 struct sockaddr_dl sdl; 445 446 /* 447 * Since the interface is being unconfigured, we need to 448 * empty the list of multicast groups that we may have joined 449 * while we were alive from the parent's list. 450 */ 451 bzero((char *)&sdl, sizeof sdl); 452 sdl.sdl_len = sizeof sdl; 453 sdl.sdl_family = AF_LINK; 454 sdl.sdl_index = p->if_index; 455 sdl.sdl_type = IFT_ETHER; 456 sdl.sdl_alen = ETHER_ADDR_LEN; 457 458 while(SLIST_FIRST(&ifv->vlan_mc_listhead) != NULL) { 459 mc = SLIST_FIRST(&ifv->vlan_mc_listhead); 460 bcopy((char *)&mc->mc_addr, LLADDR(&sdl), ETHER_ADDR_LEN); 461 error = if_delmulti(p, (struct sockaddr *)&sdl); 462 if (error) 463 return(error); 464 SLIST_REMOVE_HEAD(&ifv->vlan_mc_listhead, mc_entries); 465 free(mc, M_DEVBUF); 466 } 467 } 468 469 /* Disconnect from parent. */ 470 ifv->ifv_p = NULL; 471 ifv->ifv_if.if_mtu = ETHERMTU; 472 473 /* Clear our MAC address. */ 474 ifa = ifnet_addrs[ifv->ifv_if.if_index - 1]; 475 sdl = (struct sockaddr_dl *)ifa->ifa_addr; 476 sdl->sdl_type = IFT_ETHER; 477 sdl->sdl_alen = ETHER_ADDR_LEN; 478 bzero(LLADDR(sdl), ETHER_ADDR_LEN); 479 bzero(ifv->ifv_ac.ac_enaddr, ETHER_ADDR_LEN); 480 481 return 0; 482 } 483 484 static int 485 vlan_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) 486 { 487 struct ifaddr *ifa; 488 struct ifnet *p; 489 struct ifreq *ifr; 490 struct ifvlan *ifv; 491 struct vlanreq vlr; 492 int error = 0; 493 494 ifr = (struct ifreq *)data; 495 ifa = (struct ifaddr *)data; 496 ifv = ifp->if_softc; 497 498 switch (cmd) { 499 case SIOCSIFADDR: 500 ifp->if_flags |= IFF_UP; 501 502 switch (ifa->ifa_addr->sa_family) { 503 #ifdef INET 504 case AF_INET: 505 arp_ifinit(&ifv->ifv_ac, ifa); 506 break; 507 #endif 508 default: 509 break; 510 } 511 break; 512 513 case SIOCGIFADDR: 514 { 515 struct sockaddr *sa; 516 517 sa = (struct sockaddr *) &ifr->ifr_data; 518 bcopy(((struct arpcom *)ifp->if_softc)->ac_enaddr, 519 (caddr_t) sa->sa_data, ETHER_ADDR_LEN); 520 } 521 break; 522 523 case SIOCSIFMTU: 524 /* 525 * Set the interface MTU. 526 * This is bogus. The underlying interface might support 527 * jumbo frames. 528 */ 529 if (ifr->ifr_mtu > ETHERMTU) { 530 error = EINVAL; 531 } else { 532 ifp->if_mtu = ifr->ifr_mtu; 533 } 534 break; 535 536 case SIOCSETVLAN: 537 error = copyin(ifr->ifr_data, &vlr, sizeof vlr); 538 if (error) 539 break; 540 if (vlr.vlr_parent[0] == '\0') { 541 vlan_unconfig(ifp); 542 if (ifp->if_flags & IFF_UP) { 543 int s = splimp(); 544 if_down(ifp); 545 splx(s); 546 } 547 ifp->if_flags &= ~IFF_RUNNING; 548 break; 549 } 550 p = ifunit(vlr.vlr_parent); 551 if (p == 0) { 552 error = ENOENT; 553 break; 554 } 555 error = vlan_config(ifv, p); 556 if (error) 557 break; 558 ifv->ifv_tag = vlr.vlr_tag; 559 ifp->if_flags |= IFF_RUNNING; 560 break; 561 562 case SIOCGETVLAN: 563 bzero(&vlr, sizeof vlr); 564 if (ifv->ifv_p) { 565 snprintf(vlr.vlr_parent, sizeof(vlr.vlr_parent), 566 "%s%d", ifv->ifv_p->if_name, ifv->ifv_p->if_unit); 567 vlr.vlr_tag = ifv->ifv_tag; 568 } 569 error = copyout(&vlr, ifr->ifr_data, sizeof vlr); 570 break; 571 572 case SIOCSIFFLAGS: 573 /* 574 * We don't support promiscuous mode 575 * right now because it would require help from the 576 * underlying drivers, which hasn't been implemented. 577 */ 578 if (ifr->ifr_flags & (IFF_PROMISC)) { 579 ifp->if_flags &= ~(IFF_PROMISC); 580 error = EINVAL; 581 } 582 break; 583 case SIOCADDMULTI: 584 case SIOCDELMULTI: 585 error = vlan_setmulti(ifp); 586 break; 587 default: 588 error = EINVAL; 589 } 590 return error; 591 } 592