xref: /titanic_50/usr/src/uts/common/io/vnic/vnic_dev.c (revision eaf32bf722e82dc74e90279e12e48f66891ef46a)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 /*
22  * Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved.
23  * Copyright (c) 2014, Joyent, Inc.  All rights reserved.
24  */
25 
26 #include <sys/types.h>
27 #include <sys/cred.h>
28 #include <sys/sysmacros.h>
29 #include <sys/conf.h>
30 #include <sys/cmn_err.h>
31 #include <sys/list.h>
32 #include <sys/ksynch.h>
33 #include <sys/kmem.h>
34 #include <sys/stream.h>
35 #include <sys/modctl.h>
36 #include <sys/ddi.h>
37 #include <sys/sunddi.h>
38 #include <sys/atomic.h>
39 #include <sys/stat.h>
40 #include <sys/modhash.h>
41 #include <sys/strsubr.h>
42 #include <sys/strsun.h>
43 #include <sys/dlpi.h>
44 #include <sys/mac.h>
45 #include <sys/mac_provider.h>
46 #include <sys/mac_client.h>
47 #include <sys/mac_client_priv.h>
48 #include <sys/mac_ether.h>
49 #include <sys/dls.h>
50 #include <sys/pattr.h>
51 #include <sys/time.h>
52 #include <sys/vlan.h>
53 #include <sys/vnic.h>
54 #include <sys/vnic_impl.h>
55 #include <sys/mac_flow_impl.h>
56 #include <inet/ip_impl.h>
57 
58 /*
59  * Note that for best performance, the VNIC is a passthrough design.
60  * For each VNIC corresponds a MAC client of the underlying MAC (lower MAC).
61  * This MAC client is opened by the VNIC driver at VNIC creation,
62  * and closed when the VNIC is deleted.
63  * When a MAC client of the VNIC itself opens a VNIC, the MAC layer
64  * (upper MAC) detects that the MAC being opened is a VNIC. Instead
65  * of allocating a new MAC client, it asks the VNIC driver to return
66  * the lower MAC client handle associated with the VNIC, and that handle
67  * is returned to the upper MAC client directly. This allows access
68  * by upper MAC clients of the VNIC to have direct access to the lower
69  * MAC client for the control path and data path.
70  *
71  * Due to this passthrough, some of the entry points exported by the
72  * VNIC driver are never directly invoked. These entry points include
73  * vnic_m_start, vnic_m_stop, vnic_m_promisc, vnic_m_multicst, etc.
74  *
75  * VNICs support multiple upper mac clients to enable support for
76  * multiple MAC addresses on the VNIC. When the VNIC is created the
77  * initial mac client is the primary upper mac. Any additional mac
78  * clients are secondary macs.
79  */
80 
81 static int vnic_m_start(void *);
82 static void vnic_m_stop(void *);
83 static int vnic_m_promisc(void *, boolean_t);
84 static int vnic_m_multicst(void *, boolean_t, const uint8_t *);
85 static int vnic_m_unicst(void *, const uint8_t *);
86 static int vnic_m_stat(void *, uint_t, uint64_t *);
87 static void vnic_m_ioctl(void *, queue_t *, mblk_t *);
88 static int vnic_m_setprop(void *, const char *, mac_prop_id_t, uint_t,
89     const void *);
90 static int vnic_m_getprop(void *, const char *, mac_prop_id_t, uint_t, void *);
91 static void vnic_m_propinfo(void *, const char *, mac_prop_id_t,
92     mac_prop_info_handle_t);
93 static mblk_t *vnic_m_tx(void *, mblk_t *);
94 static boolean_t vnic_m_capab_get(void *, mac_capab_t, void *);
95 static void vnic_notify_cb(void *, mac_notify_type_t);
96 static void vnic_cleanup_secondary_macs(vnic_t *, int);
97 
98 static kmem_cache_t	*vnic_cache;
99 static krwlock_t	vnic_lock;
100 static uint_t		vnic_count;
101 
102 #define	ANCHOR_VNIC_MIN_MTU	576
103 #define	ANCHOR_VNIC_MAX_MTU	9000
104 
105 /* hash of VNICs (vnic_t's), keyed by VNIC id */
106 static mod_hash_t	*vnic_hash;
107 #define	VNIC_HASHSZ	64
108 #define	VNIC_HASH_KEY(vnic_id)	((mod_hash_key_t)(uintptr_t)vnic_id)
109 
110 #define	VNIC_M_CALLBACK_FLAGS	\
111 	(MC_IOCTL | MC_GETCAPAB | MC_SETPROP | MC_GETPROP | MC_PROPINFO)
112 
113 static mac_callbacks_t vnic_m_callbacks = {
114 	VNIC_M_CALLBACK_FLAGS,
115 	vnic_m_stat,
116 	vnic_m_start,
117 	vnic_m_stop,
118 	vnic_m_promisc,
119 	vnic_m_multicst,
120 	vnic_m_unicst,
121 	vnic_m_tx,
122 	NULL,
123 	vnic_m_ioctl,
124 	vnic_m_capab_get,
125 	NULL,
126 	NULL,
127 	vnic_m_setprop,
128 	vnic_m_getprop,
129 	vnic_m_propinfo
130 };
131 
132 void
133 vnic_dev_init(void)
134 {
135 	vnic_cache = kmem_cache_create("vnic_cache",
136 	    sizeof (vnic_t), 0, NULL, NULL, NULL, NULL, NULL, 0);
137 
138 	vnic_hash = mod_hash_create_idhash("vnic_hash",
139 	    VNIC_HASHSZ, mod_hash_null_valdtor);
140 
141 	rw_init(&vnic_lock, NULL, RW_DEFAULT, NULL);
142 
143 	vnic_count = 0;
144 }
145 
146 void
147 vnic_dev_fini(void)
148 {
149 	ASSERT(vnic_count == 0);
150 
151 	rw_destroy(&vnic_lock);
152 	mod_hash_destroy_idhash(vnic_hash);
153 	kmem_cache_destroy(vnic_cache);
154 }
155 
156 uint_t
157 vnic_dev_count(void)
158 {
159 	return (vnic_count);
160 }
161 
162 static vnic_ioc_diag_t
163 vnic_mac2vnic_diag(mac_diag_t diag)
164 {
165 	switch (diag) {
166 	case MAC_DIAG_MACADDR_NIC:
167 		return (VNIC_IOC_DIAG_MACADDR_NIC);
168 	case MAC_DIAG_MACADDR_INUSE:
169 		return (VNIC_IOC_DIAG_MACADDR_INUSE);
170 	case MAC_DIAG_MACADDR_INVALID:
171 		return (VNIC_IOC_DIAG_MACADDR_INVALID);
172 	case MAC_DIAG_MACADDRLEN_INVALID:
173 		return (VNIC_IOC_DIAG_MACADDRLEN_INVALID);
174 	case MAC_DIAG_MACFACTORYSLOTINVALID:
175 		return (VNIC_IOC_DIAG_MACFACTORYSLOTINVALID);
176 	case MAC_DIAG_MACFACTORYSLOTUSED:
177 		return (VNIC_IOC_DIAG_MACFACTORYSLOTUSED);
178 	case MAC_DIAG_MACFACTORYSLOTALLUSED:
179 		return (VNIC_IOC_DIAG_MACFACTORYSLOTALLUSED);
180 	case MAC_DIAG_MACFACTORYNOTSUP:
181 		return (VNIC_IOC_DIAG_MACFACTORYNOTSUP);
182 	case MAC_DIAG_MACPREFIX_INVALID:
183 		return (VNIC_IOC_DIAG_MACPREFIX_INVALID);
184 	case MAC_DIAG_MACPREFIXLEN_INVALID:
185 		return (VNIC_IOC_DIAG_MACPREFIXLEN_INVALID);
186 	case MAC_DIAG_MACNO_HWRINGS:
187 		return (VNIC_IOC_DIAG_NO_HWRINGS);
188 	default:
189 		return (VNIC_IOC_DIAG_NONE);
190 	}
191 }
192 
193 static int
194 vnic_unicast_add(vnic_t *vnic, vnic_mac_addr_type_t vnic_addr_type,
195     int *addr_slot, uint_t prefix_len, int *addr_len_ptr_arg,
196     uint8_t *mac_addr_arg, uint16_t flags, vnic_ioc_diag_t *diag,
197     uint16_t vid, boolean_t req_hwgrp_flag)
198 {
199 	mac_diag_t mac_diag;
200 	uint16_t mac_flags = 0;
201 	int err;
202 	uint_t addr_len;
203 
204 	if (flags & VNIC_IOC_CREATE_NODUPCHECK)
205 		mac_flags |= MAC_UNICAST_NODUPCHECK;
206 
207 	switch (vnic_addr_type) {
208 	case VNIC_MAC_ADDR_TYPE_FIXED:
209 	case VNIC_MAC_ADDR_TYPE_VRID:
210 		/*
211 		 * The MAC address value to assign to the VNIC
212 		 * is already provided in mac_addr_arg. addr_len_ptr_arg
213 		 * already contains the MAC address length.
214 		 */
215 		break;
216 
217 	case VNIC_MAC_ADDR_TYPE_RANDOM:
218 		/*
219 		 * Random MAC address. There are two sub-cases:
220 		 *
221 		 * 1 - If mac_len == 0, a new MAC address is generated.
222 		 *	The length of the MAC address to generated depends
223 		 *	on the type of MAC used. The prefix to use for the MAC
224 		 *	address is stored in the most significant bytes
225 		 *	of the mac_addr argument, and its length is specified
226 		 *	by the mac_prefix_len argument. This prefix can
227 		 *	correspond to a IEEE OUI in the case of Ethernet,
228 		 *	for example.
229 		 *
230 		 * 2 - If mac_len > 0, the address was already picked
231 		 *	randomly, and is now passed back during VNIC
232 		 *	re-creation. The mac_addr argument contains the MAC
233 		 *	address that was generated. We distinguish this
234 		 *	case from the fixed MAC address case, since we
235 		 *	want the user consumers to know, when they query
236 		 *	the list of VNICs, that a VNIC was assigned a
237 		 *	random MAC address vs assigned a fixed address
238 		 *	specified by the user.
239 		 */
240 
241 		/*
242 		 * If it's a pre-generated address, we're done. mac_addr_arg
243 		 * and addr_len_ptr_arg already contain the MAC address
244 		 * value and length.
245 		 */
246 		if (*addr_len_ptr_arg > 0)
247 			break;
248 
249 		/* generate a new random MAC address */
250 		if ((err = mac_addr_random(vnic->vn_mch,
251 		    prefix_len, mac_addr_arg, &mac_diag)) != 0) {
252 			*diag = vnic_mac2vnic_diag(mac_diag);
253 			return (err);
254 		}
255 		*addr_len_ptr_arg = mac_addr_len(vnic->vn_lower_mh);
256 		break;
257 
258 	case VNIC_MAC_ADDR_TYPE_FACTORY:
259 		err = mac_addr_factory_reserve(vnic->vn_mch, addr_slot);
260 		if (err != 0) {
261 			if (err == EINVAL)
262 				*diag = VNIC_IOC_DIAG_MACFACTORYSLOTINVALID;
263 			if (err == EBUSY)
264 				*diag = VNIC_IOC_DIAG_MACFACTORYSLOTUSED;
265 			if (err == ENOSPC)
266 				*diag = VNIC_IOC_DIAG_MACFACTORYSLOTALLUSED;
267 			return (err);
268 		}
269 
270 		mac_addr_factory_value(vnic->vn_lower_mh, *addr_slot,
271 		    mac_addr_arg, &addr_len, NULL, NULL);
272 		*addr_len_ptr_arg = addr_len;
273 		break;
274 
275 	case VNIC_MAC_ADDR_TYPE_AUTO:
276 		/* first try to allocate a factory MAC address */
277 		err = mac_addr_factory_reserve(vnic->vn_mch, addr_slot);
278 		if (err == 0) {
279 			mac_addr_factory_value(vnic->vn_lower_mh, *addr_slot,
280 			    mac_addr_arg, &addr_len, NULL, NULL);
281 			vnic_addr_type = VNIC_MAC_ADDR_TYPE_FACTORY;
282 			*addr_len_ptr_arg = addr_len;
283 			break;
284 		}
285 
286 		/*
287 		 * Allocating a factory MAC address failed, generate a
288 		 * random MAC address instead.
289 		 */
290 		if ((err = mac_addr_random(vnic->vn_mch,
291 		    prefix_len, mac_addr_arg, &mac_diag)) != 0) {
292 			*diag = vnic_mac2vnic_diag(mac_diag);
293 			return (err);
294 		}
295 		*addr_len_ptr_arg = mac_addr_len(vnic->vn_lower_mh);
296 		vnic_addr_type = VNIC_MAC_ADDR_TYPE_RANDOM;
297 		break;
298 	case VNIC_MAC_ADDR_TYPE_PRIMARY:
299 		/*
300 		 * We get the address here since we copy it in the
301 		 * vnic's vn_addr.
302 		 * We can't ask for hardware resources since we
303 		 * don't currently support hardware classification
304 		 * for these MAC clients.
305 		 */
306 		if (req_hwgrp_flag) {
307 			*diag = VNIC_IOC_DIAG_NO_HWRINGS;
308 			return (ENOTSUP);
309 		}
310 		mac_unicast_primary_get(vnic->vn_lower_mh, mac_addr_arg);
311 		*addr_len_ptr_arg = mac_addr_len(vnic->vn_lower_mh);
312 		mac_flags |= MAC_UNICAST_VNIC_PRIMARY;
313 		break;
314 	}
315 
316 	vnic->vn_addr_type = vnic_addr_type;
317 
318 	err = mac_unicast_add(vnic->vn_mch, mac_addr_arg, mac_flags,
319 	    &vnic->vn_muh, vid, &mac_diag);
320 	if (err != 0) {
321 		if (vnic_addr_type == VNIC_MAC_ADDR_TYPE_FACTORY) {
322 			/* release factory MAC address */
323 			mac_addr_factory_release(vnic->vn_mch, *addr_slot);
324 		}
325 		*diag = vnic_mac2vnic_diag(mac_diag);
326 	}
327 
328 	return (err);
329 }
330 
331 /*
332  * Create a new VNIC upon request from administrator.
333  * Returns 0 on success, an errno on failure.
334  */
335 /* ARGSUSED */
336 int
337 vnic_dev_create(datalink_id_t vnic_id, datalink_id_t linkid,
338     vnic_mac_addr_type_t *vnic_addr_type, int *mac_len, uchar_t *mac_addr,
339     int *mac_slot, uint_t mac_prefix_len, uint16_t vid, vrid_t vrid,
340     int af, mac_resource_props_t *mrp, uint32_t flags, vnic_ioc_diag_t *diag,
341     cred_t *credp)
342 {
343 	vnic_t *vnic;
344 	mac_register_t *mac;
345 	int err;
346 	boolean_t is_anchor = ((flags & VNIC_IOC_CREATE_ANCHOR) != 0);
347 	char vnic_name[MAXNAMELEN];
348 	const mac_info_t *minfop;
349 	uint32_t req_hwgrp_flag = B_FALSE;
350 
351 	*diag = VNIC_IOC_DIAG_NONE;
352 
353 	rw_enter(&vnic_lock, RW_WRITER);
354 
355 	/* does a VNIC with the same id already exist? */
356 	err = mod_hash_find(vnic_hash, VNIC_HASH_KEY(vnic_id),
357 	    (mod_hash_val_t *)&vnic);
358 	if (err == 0) {
359 		rw_exit(&vnic_lock);
360 		return (EEXIST);
361 	}
362 
363 	vnic = kmem_cache_alloc(vnic_cache, KM_NOSLEEP);
364 	if (vnic == NULL) {
365 		rw_exit(&vnic_lock);
366 		return (ENOMEM);
367 	}
368 
369 	bzero(vnic, sizeof (*vnic));
370 
371 	vnic->vn_id = vnic_id;
372 	vnic->vn_link_id = linkid;
373 	vnic->vn_vrid = vrid;
374 	vnic->vn_af = af;
375 
376 	if (!is_anchor) {
377 		if (linkid == DATALINK_INVALID_LINKID) {
378 			err = EINVAL;
379 			goto bail;
380 		}
381 
382 		/*
383 		 * Open the lower MAC and assign its initial bandwidth and
384 		 * MAC address. We do this here during VNIC creation and
385 		 * do not wait until the upper MAC client open so that we
386 		 * can validate the VNIC creation parameters (bandwidth,
387 		 * MAC address, etc) and reserve a factory MAC address if
388 		 * one was requested.
389 		 */
390 		err = mac_open_by_linkid(linkid, &vnic->vn_lower_mh);
391 		if (err != 0)
392 			goto bail;
393 
394 		/*
395 		 * VNIC(vlan) over VNICs(vlans) is not supported.
396 		 */
397 		if (mac_is_vnic(vnic->vn_lower_mh)) {
398 			err = EINVAL;
399 			goto bail;
400 		}
401 
402 		/* only ethernet support for now */
403 		minfop = mac_info(vnic->vn_lower_mh);
404 		if (minfop->mi_nativemedia != DL_ETHER) {
405 			err = ENOTSUP;
406 			goto bail;
407 		}
408 
409 		(void) dls_mgmt_get_linkinfo(vnic_id, vnic_name, NULL, NULL,
410 		    NULL);
411 		err = mac_client_open(vnic->vn_lower_mh, &vnic->vn_mch,
412 		    vnic_name, MAC_OPEN_FLAGS_IS_VNIC);
413 		if (err != 0)
414 			goto bail;
415 
416 		/* assign a MAC address to the VNIC */
417 
418 		err = vnic_unicast_add(vnic, *vnic_addr_type, mac_slot,
419 		    mac_prefix_len, mac_len, mac_addr, flags, diag, vid,
420 		    req_hwgrp_flag);
421 		if (err != 0) {
422 			vnic->vn_muh = NULL;
423 			if (diag != NULL && req_hwgrp_flag)
424 				*diag = VNIC_IOC_DIAG_NO_HWRINGS;
425 			goto bail;
426 		}
427 
428 		/* register to receive notification from underlying MAC */
429 		vnic->vn_mnh = mac_notify_add(vnic->vn_lower_mh, vnic_notify_cb,
430 		    vnic);
431 
432 		*vnic_addr_type = vnic->vn_addr_type;
433 		vnic->vn_addr_len = *mac_len;
434 		vnic->vn_vid = vid;
435 
436 		bcopy(mac_addr, vnic->vn_addr, vnic->vn_addr_len);
437 
438 		if (vnic->vn_addr_type == VNIC_MAC_ADDR_TYPE_FACTORY)
439 			vnic->vn_slot_id = *mac_slot;
440 
441 		/*
442 		 * Set the initial VNIC capabilities. If the VNIC is created
443 		 * over MACs which does not support nactive vlan, disable
444 		 * VNIC's hardware checksum capability if its VID is not 0,
445 		 * since the underlying MAC would get the hardware checksum
446 		 * offset wrong in case of VLAN packets.
447 		 */
448 		if (vid == 0 || !mac_capab_get(vnic->vn_lower_mh,
449 		    MAC_CAPAB_NO_NATIVEVLAN, NULL)) {
450 			if (!mac_capab_get(vnic->vn_lower_mh, MAC_CAPAB_HCKSUM,
451 			    &vnic->vn_hcksum_txflags))
452 				vnic->vn_hcksum_txflags = 0;
453 		} else {
454 			vnic->vn_hcksum_txflags = 0;
455 		}
456 	}
457 
458 	/* register with the MAC module */
459 	if ((mac = mac_alloc(MAC_VERSION)) == NULL)
460 		goto bail;
461 
462 	mac->m_type_ident = MAC_PLUGIN_IDENT_ETHER;
463 	mac->m_driver = vnic;
464 	mac->m_dip = vnic_get_dip();
465 	mac->m_instance = (uint_t)-1;
466 	mac->m_src_addr = vnic->vn_addr;
467 	mac->m_callbacks = &vnic_m_callbacks;
468 
469 	if (!is_anchor) {
470 		/*
471 		 * If this is a VNIC based VLAN, then we check for the
472 		 * margin unless it has been created with the force
473 		 * flag. If we are configuring a VLAN over an etherstub,
474 		 * we don't check the margin even if force is not set.
475 		 */
476 		if (vid == 0 || (flags & VNIC_IOC_CREATE_FORCE) != 0) {
477 			if (vid != VLAN_ID_NONE)
478 				vnic->vn_force = B_TRUE;
479 			/*
480 			 * As the current margin size of the underlying mac is
481 			 * used to determine the margin size of the VNIC
482 			 * itself, request the underlying mac not to change
483 			 * to a smaller margin size.
484 			 */
485 			err = mac_margin_add(vnic->vn_lower_mh,
486 			    &vnic->vn_margin, B_TRUE);
487 			ASSERT(err == 0);
488 		} else {
489 			vnic->vn_margin = VLAN_TAGSZ;
490 			err = mac_margin_add(vnic->vn_lower_mh,
491 			    &vnic->vn_margin, B_FALSE);
492 			if (err != 0) {
493 				mac_free(mac);
494 				if (diag != NULL)
495 					*diag = VNIC_IOC_DIAG_MACMARGIN_INVALID;
496 				goto bail;
497 			}
498 		}
499 
500 		mac_sdu_get(vnic->vn_lower_mh, &mac->m_min_sdu,
501 		    &mac->m_max_sdu);
502 	} else {
503 		vnic->vn_margin = VLAN_TAGSZ;
504 		mac->m_min_sdu = 1;
505 		mac->m_max_sdu = ANCHOR_VNIC_MAX_MTU;
506 	}
507 
508 	mac->m_margin = vnic->vn_margin;
509 
510 	err = mac_register(mac, &vnic->vn_mh);
511 	mac_free(mac);
512 	if (err != 0) {
513 		VERIFY(is_anchor || mac_margin_remove(vnic->vn_lower_mh,
514 		    vnic->vn_margin) == 0);
515 		goto bail;
516 	}
517 
518 	/* Set the VNIC's MAC in the client */
519 	if (!is_anchor) {
520 		mac_set_upper_mac(vnic->vn_mch, vnic->vn_mh, mrp);
521 
522 		if (mrp != NULL) {
523 			if ((mrp->mrp_mask & MRP_RX_RINGS) != 0 ||
524 			    (mrp->mrp_mask & MRP_TX_RINGS) != 0) {
525 				req_hwgrp_flag = B_TRUE;
526 			}
527 			err = mac_client_set_resources(vnic->vn_mch, mrp);
528 			if (err != 0) {
529 				(void) mac_unregister(vnic->vn_mh);
530 				goto bail;
531 			}
532 		}
533 	}
534 
535 	err = dls_devnet_create(vnic->vn_mh, vnic->vn_id, crgetzoneid(credp));
536 	if (err != 0) {
537 		VERIFY(is_anchor || mac_margin_remove(vnic->vn_lower_mh,
538 		    vnic->vn_margin) == 0);
539 		(void) mac_unregister(vnic->vn_mh);
540 		goto bail;
541 	}
542 
543 	/* add new VNIC to hash table */
544 	err = mod_hash_insert(vnic_hash, VNIC_HASH_KEY(vnic_id),
545 	    (mod_hash_val_t)vnic);
546 	ASSERT(err == 0);
547 	vnic_count++;
548 
549 	vnic->vn_enabled = B_TRUE;
550 	rw_exit(&vnic_lock);
551 
552 	return (0);
553 
554 bail:
555 	rw_exit(&vnic_lock);
556 	if (!is_anchor) {
557 		if (vnic->vn_mnh != NULL)
558 			(void) mac_notify_remove(vnic->vn_mnh, B_TRUE);
559 		if (vnic->vn_muh != NULL)
560 			(void) mac_unicast_remove(vnic->vn_mch, vnic->vn_muh);
561 		if (vnic->vn_mch != NULL)
562 			mac_client_close(vnic->vn_mch, MAC_CLOSE_FLAGS_IS_VNIC);
563 		if (vnic->vn_lower_mh != NULL)
564 			mac_close(vnic->vn_lower_mh);
565 	}
566 
567 	kmem_cache_free(vnic_cache, vnic);
568 	return (err);
569 }
570 
571 /*
572  * Modify the properties of an existing VNIC.
573  */
574 /* ARGSUSED */
575 int
576 vnic_dev_modify(datalink_id_t vnic_id, uint_t modify_mask,
577     vnic_mac_addr_type_t mac_addr_type, uint_t mac_len, uchar_t *mac_addr,
578     uint_t mac_slot, mac_resource_props_t *mrp)
579 {
580 	vnic_t *vnic = NULL;
581 
582 	rw_enter(&vnic_lock, RW_WRITER);
583 
584 	if (mod_hash_find(vnic_hash, VNIC_HASH_KEY(vnic_id),
585 	    (mod_hash_val_t *)&vnic) != 0) {
586 		rw_exit(&vnic_lock);
587 		return (ENOENT);
588 	}
589 
590 	rw_exit(&vnic_lock);
591 
592 	return (0);
593 }
594 
595 /* ARGSUSED */
596 int
597 vnic_dev_delete(datalink_id_t vnic_id, uint32_t flags, cred_t *credp)
598 {
599 	vnic_t *vnic = NULL;
600 	mod_hash_val_t val;
601 	datalink_id_t tmpid;
602 	int rc;
603 
604 	rw_enter(&vnic_lock, RW_WRITER);
605 
606 	if (mod_hash_find(vnic_hash, VNIC_HASH_KEY(vnic_id),
607 	    (mod_hash_val_t *)&vnic) != 0) {
608 		rw_exit(&vnic_lock);
609 		return (ENOENT);
610 	}
611 
612 	if ((rc = dls_devnet_destroy(vnic->vn_mh, &tmpid, B_TRUE)) != 0) {
613 		rw_exit(&vnic_lock);
614 		return (rc);
615 	}
616 
617 	ASSERT(vnic_id == tmpid);
618 
619 	/*
620 	 * We cannot unregister the MAC yet. Unregistering would
621 	 * free up mac_impl_t which should not happen at this time.
622 	 * So disable mac_impl_t by calling mac_disable(). This will prevent
623 	 * any new claims on mac_impl_t.
624 	 */
625 	if ((rc = mac_disable(vnic->vn_mh)) != 0) {
626 		(void) dls_devnet_create(vnic->vn_mh, vnic_id,
627 		    crgetzoneid(credp));
628 		rw_exit(&vnic_lock);
629 		return (rc);
630 	}
631 
632 	vnic_cleanup_secondary_macs(vnic, vnic->vn_nhandles);
633 
634 	vnic->vn_enabled = B_FALSE;
635 	(void) mod_hash_remove(vnic_hash, VNIC_HASH_KEY(vnic_id), &val);
636 	ASSERT(vnic == (vnic_t *)val);
637 	vnic_count--;
638 	rw_exit(&vnic_lock);
639 
640 	/*
641 	 * XXX-nicolas shouldn't have a void cast here, if it's
642 	 * expected that the function will never fail, then we should
643 	 * have an ASSERT().
644 	 */
645 	(void) mac_unregister(vnic->vn_mh);
646 
647 	if (vnic->vn_lower_mh != NULL) {
648 		/*
649 		 * Check if MAC address for the vnic was obtained from the
650 		 * factory MAC addresses. If yes, release it.
651 		 */
652 		if (vnic->vn_addr_type == VNIC_MAC_ADDR_TYPE_FACTORY) {
653 			(void) mac_addr_factory_release(vnic->vn_mch,
654 			    vnic->vn_slot_id);
655 		}
656 		(void) mac_margin_remove(vnic->vn_lower_mh, vnic->vn_margin);
657 		(void) mac_notify_remove(vnic->vn_mnh, B_TRUE);
658 		(void) mac_unicast_remove(vnic->vn_mch, vnic->vn_muh);
659 		mac_client_close(vnic->vn_mch, MAC_CLOSE_FLAGS_IS_VNIC);
660 		mac_close(vnic->vn_lower_mh);
661 	}
662 
663 	kmem_cache_free(vnic_cache, vnic);
664 	return (0);
665 }
666 
667 /* ARGSUSED */
668 mblk_t *
669 vnic_m_tx(void *arg, mblk_t *mp_chain)
670 {
671 	/*
672 	 * This function could be invoked for an anchor VNIC when sending
673 	 * broadcast and multicast packets, and unicast packets which did
674 	 * not match any local known destination.
675 	 */
676 	freemsgchain(mp_chain);
677 	return (NULL);
678 }
679 
680 /*ARGSUSED*/
681 static void
682 vnic_m_ioctl(void *arg, queue_t *q, mblk_t *mp)
683 {
684 	miocnak(q, mp, 0, ENOTSUP);
685 }
686 
687 /*
688  * This entry point cannot be passed-through, since it is invoked
689  * for the per-VNIC kstats which must be exported independently
690  * of the existence of VNIC MAC clients.
691  */
692 static int
693 vnic_m_stat(void *arg, uint_t stat, uint64_t *val)
694 {
695 	vnic_t *vnic = arg;
696 	int rval = 0;
697 
698 	if (vnic->vn_lower_mh == NULL) {
699 		/*
700 		 * It's an anchor VNIC, which does not have any
701 		 * statistics in itself.
702 		 */
703 		return (ENOTSUP);
704 	}
705 
706 	/*
707 	 * ENOTSUP must be reported for unsupported stats, the VNIC
708 	 * driver reports a subset of the stats that would
709 	 * be returned by a real piece of hardware.
710 	 */
711 
712 	switch (stat) {
713 	case MAC_STAT_LINK_STATE:
714 	case MAC_STAT_LINK_UP:
715 	case MAC_STAT_PROMISC:
716 	case MAC_STAT_IFSPEED:
717 	case MAC_STAT_MULTIRCV:
718 	case MAC_STAT_MULTIXMT:
719 	case MAC_STAT_BRDCSTRCV:
720 	case MAC_STAT_BRDCSTXMT:
721 	case MAC_STAT_OPACKETS:
722 	case MAC_STAT_OBYTES:
723 	case MAC_STAT_IERRORS:
724 	case MAC_STAT_OERRORS:
725 	case MAC_STAT_RBYTES:
726 	case MAC_STAT_IPACKETS:
727 		*val = mac_client_stat_get(vnic->vn_mch, stat);
728 		break;
729 	default:
730 		rval = ENOTSUP;
731 	}
732 
733 	return (rval);
734 }
735 
736 /*
737  * Invoked by the upper MAC to retrieve the lower MAC client handle
738  * corresponding to a VNIC. A pointer to this function is obtained
739  * by the upper MAC via capability query.
740  *
741  * XXX-nicolas Note: this currently causes all VNIC MAC clients to
742  * receive the same MAC client handle for the same VNIC. This is ok
743  * as long as we have only one VNIC MAC client which sends and
744  * receives data, but we don't currently enforce this at the MAC layer.
745  */
746 static void *
747 vnic_mac_client_handle(void *vnic_arg)
748 {
749 	vnic_t *vnic = vnic_arg;
750 
751 	return (vnic->vn_mch);
752 }
753 
754 /*
755  * Invoked when updating the primary MAC so that the secondary MACs are
756  * kept in sync.
757  */
758 static void
759 vnic_mac_secondary_update(void *vnic_arg)
760 {
761 	vnic_t *vn = vnic_arg;
762 	int i;
763 
764 	for (i = 1; i <= vn->vn_nhandles; i++) {
765 		mac_secondary_dup(vn->vn_mc_handles[0], vn->vn_mc_handles[i]);
766 	}
767 }
768 
769 /*
770  * Return information about the specified capability.
771  */
772 /* ARGSUSED */
773 static boolean_t
774 vnic_m_capab_get(void *arg, mac_capab_t cap, void *cap_data)
775 {
776 	vnic_t *vnic = arg;
777 
778 	switch (cap) {
779 	case MAC_CAPAB_HCKSUM: {
780 		uint32_t *hcksum_txflags = cap_data;
781 
782 		*hcksum_txflags = vnic->vn_hcksum_txflags &
783 		    (HCKSUM_INET_FULL_V4 | HCKSUM_IPHDRCKSUM |
784 		    HCKSUM_INET_PARTIAL);
785 		break;
786 	}
787 	case MAC_CAPAB_VNIC: {
788 		mac_capab_vnic_t *vnic_capab = cap_data;
789 
790 		if (vnic->vn_lower_mh == NULL) {
791 			/*
792 			 * It's an anchor VNIC, we don't have an underlying
793 			 * NIC and MAC client handle.
794 			 */
795 			return (B_FALSE);
796 		}
797 
798 		if (vnic_capab != NULL) {
799 			vnic_capab->mcv_arg = vnic;
800 			vnic_capab->mcv_mac_client_handle =
801 			    vnic_mac_client_handle;
802 			vnic_capab->mcv_mac_secondary_update =
803 			    vnic_mac_secondary_update;
804 		}
805 		break;
806 	}
807 	case MAC_CAPAB_ANCHOR_VNIC: {
808 		/* since it's an anchor VNIC we don't have lower mac handle */
809 		if (vnic->vn_lower_mh == NULL) {
810 			ASSERT(vnic->vn_link_id == 0);
811 			return (B_TRUE);
812 		}
813 		return (B_FALSE);
814 	}
815 	case MAC_CAPAB_NO_NATIVEVLAN:
816 		return (B_FALSE);
817 	case MAC_CAPAB_NO_ZCOPY:
818 		return (B_TRUE);
819 	case MAC_CAPAB_VRRP: {
820 		mac_capab_vrrp_t *vrrp_capab = cap_data;
821 
822 		if (vnic->vn_vrid != 0) {
823 			if (vrrp_capab != NULL)
824 				vrrp_capab->mcv_af = vnic->vn_af;
825 			return (B_TRUE);
826 		}
827 		return (B_FALSE);
828 	}
829 	default:
830 		return (B_FALSE);
831 	}
832 	return (B_TRUE);
833 }
834 
835 /* ARGSUSED */
836 static int
837 vnic_m_start(void *arg)
838 {
839 	return (0);
840 }
841 
842 /* ARGSUSED */
843 static void
844 vnic_m_stop(void *arg)
845 {
846 }
847 
848 /* ARGSUSED */
849 static int
850 vnic_m_promisc(void *arg, boolean_t on)
851 {
852 	return (0);
853 }
854 
855 /* ARGSUSED */
856 static int
857 vnic_m_multicst(void *arg, boolean_t add, const uint8_t *addrp)
858 {
859 	return (0);
860 }
861 
862 static int
863 vnic_m_unicst(void *arg, const uint8_t *macaddr)
864 {
865 	vnic_t *vnic = arg;
866 
867 	return (mac_vnic_unicast_set(vnic->vn_mch, macaddr));
868 }
869 
870 static void
871 vnic_cleanup_secondary_macs(vnic_t *vn, int cnt)
872 {
873 	int i;
874 
875 	/* Remove existing secondaries (primary is at 0) */
876 	for (i = 1; i <= cnt; i++) {
877 		mac_rx_clear(vn->vn_mc_handles[i]);
878 
879 		/* unicast handle might not have been set yet */
880 		if (vn->vn_mu_handles[i] != NULL)
881 			(void) mac_unicast_remove(vn->vn_mc_handles[i],
882 			    vn->vn_mu_handles[i]);
883 
884 		mac_secondary_cleanup(vn->vn_mc_handles[i]);
885 
886 		mac_client_close(vn->vn_mc_handles[i], MAC_CLOSE_FLAGS_IS_VNIC);
887 
888 		vn->vn_mu_handles[i] = NULL;
889 		vn->vn_mc_handles[i] = NULL;
890 	}
891 
892 	vn->vn_nhandles = 0;
893 }
894 
895 /*
896  * Setup secondary MAC addresses on the vnic. Due to limitations in the mac
897  * code, each mac address must be associated with a mac_client (and the
898  * flow that goes along with the client) so we need to create those clients
899  * here.
900  */
901 static int
902 vnic_set_secondary_macs(vnic_t *vn, mac_secondary_addr_t *msa)
903 {
904 	int i, err;
905 	char primary_name[MAXNAMELEN];
906 
907 	/* First, remove pre-existing secondaries */
908 	ASSERT(vn->vn_nhandles < MPT_MAXMACADDR);
909 	vnic_cleanup_secondary_macs(vn, vn->vn_nhandles);
910 
911 	if (msa->ms_addrcnt == (uint32_t)-1)
912 		msa->ms_addrcnt = 0;
913 
914 	vn->vn_nhandles = msa->ms_addrcnt;
915 
916 	(void) dls_mgmt_get_linkinfo(vn->vn_id, primary_name, NULL, NULL, NULL);
917 
918 	/*
919 	 * Now add the new secondary MACs
920 	 * Recall that the primary MAC address is the first element.
921 	 * The secondary clients are named after the primary with their
922 	 * index to distinguish them.
923 	 */
924 	for (i = 1; i <= vn->vn_nhandles; i++) {
925 		uint8_t *addr;
926 		mac_diag_t mac_diag;
927 		char secondary_name[MAXNAMELEN];
928 
929 		(void) snprintf(secondary_name, sizeof (secondary_name),
930 		    "%s%02d", primary_name, i);
931 
932 		err = mac_client_open(vn->vn_lower_mh, &vn->vn_mc_handles[i],
933 		    secondary_name, MAC_OPEN_FLAGS_IS_VNIC);
934 		if (err != 0) {
935 			/* Remove any that we successfully added */
936 			vnic_cleanup_secondary_macs(vn, --i);
937 			return (err);
938 		}
939 
940 		/*
941 		 * Assign a MAC address to the VNIC
942 		 *
943 		 * Normally this would be done with vnic_unicast_add but since
944 		 * we know these are fixed adddresses, and since we need to
945 		 * save this in the proper array slot, we bypass that function
946 		 * and go direct.
947 		 */
948 		addr = msa->ms_addrs[i - 1];
949 		err = mac_unicast_add(vn->vn_mc_handles[i], addr, 0,
950 		    &vn->vn_mu_handles[i], vn->vn_vid, &mac_diag);
951 		if (err != 0) {
952 			/* Remove any that we successfully added */
953 			vnic_cleanup_secondary_macs(vn, i);
954 			return (err);
955 		}
956 
957 		/*
958 		 * Setup the secondary the same way as the primary (i.e.
959 		 * receiver function/argument (e.g. i_dls_link_rx, mac_pkt_drop,
960 		 * etc.), the promisc list, and the resource controls).
961 		 */
962 		mac_secondary_dup(vn->vn_mc_handles[0], vn->vn_mc_handles[i]);
963 	}
964 
965 	return (0);
966 }
967 
968 static int
969 vnic_get_secondary_macs(vnic_t *vn, uint_t pr_valsize, void *pr_val)
970 {
971 	int i;
972 	mac_secondary_addr_t msa;
973 
974 	if (pr_valsize < sizeof (msa))
975 		return (EINVAL);
976 
977 	/* Get existing addresses (primary is at 0) */
978 	ASSERT(vn->vn_nhandles < MPT_MAXMACADDR);
979 	for (i = 1; i <= vn->vn_nhandles; i++) {
980 		ASSERT(vn->vn_mc_handles[i] != NULL);
981 		mac_unicast_secondary_get(vn->vn_mc_handles[i],
982 		    msa.ms_addrs[i - 1]);
983 	}
984 	msa.ms_addrcnt = vn->vn_nhandles;
985 
986 	bcopy(&msa, pr_val, sizeof (msa));
987 	return (0);
988 }
989 
990 /*
991  * Callback functions for set/get of properties
992  */
993 /*ARGSUSED*/
994 static int
995 vnic_m_setprop(void *m_driver, const char *pr_name, mac_prop_id_t pr_num,
996     uint_t pr_valsize, const void *pr_val)
997 {
998 	int 		err = 0;
999 	vnic_t		*vn = m_driver;
1000 
1001 	switch (pr_num) {
1002 	case MAC_PROP_MTU: {
1003 		uint32_t	mtu;
1004 
1005 		/* allow setting MTU only on an etherstub */
1006 		if (vn->vn_link_id != DATALINK_INVALID_LINKID)
1007 			return (err);
1008 
1009 		if (pr_valsize < sizeof (mtu)) {
1010 			err = EINVAL;
1011 			break;
1012 		}
1013 		bcopy(pr_val, &mtu, sizeof (mtu));
1014 		if (mtu < ANCHOR_VNIC_MIN_MTU || mtu > ANCHOR_VNIC_MAX_MTU) {
1015 			err = EINVAL;
1016 			break;
1017 		}
1018 		err = mac_maxsdu_update(vn->vn_mh, mtu);
1019 		break;
1020 	}
1021 	case MAC_PROP_SECONDARY_ADDRS: {
1022 		mac_secondary_addr_t msa;
1023 
1024 		bcopy(pr_val, &msa, sizeof (msa));
1025 		err = vnic_set_secondary_macs(vn, &msa);
1026 		break;
1027 	}
1028 	default:
1029 		err = ENOTSUP;
1030 		break;
1031 	}
1032 	return (err);
1033 }
1034 
1035 /* ARGSUSED */
1036 static int
1037 vnic_m_getprop(void *arg, const char *pr_name, mac_prop_id_t pr_num,
1038     uint_t pr_valsize, void *pr_val)
1039 {
1040 	vnic_t		*vn = arg;
1041 	int 		ret = 0;
1042 
1043 	switch (pr_num) {
1044 	case MAC_PROP_SECONDARY_ADDRS:
1045 		ret = vnic_get_secondary_macs(vn, pr_valsize, pr_val);
1046 		break;
1047 	default:
1048 		ret = EINVAL;
1049 		break;
1050 	}
1051 
1052 	return (ret);
1053 }
1054 
1055 /* ARGSUSED */
1056 static void vnic_m_propinfo(void *m_driver, const char *pr_name,
1057     mac_prop_id_t pr_num, mac_prop_info_handle_t prh)
1058 {
1059 	vnic_t		*vn = m_driver;
1060 
1061 	/* MTU setting allowed only on an etherstub */
1062 	if (vn->vn_link_id != DATALINK_INVALID_LINKID)
1063 		return;
1064 
1065 	switch (pr_num) {
1066 	case MAC_PROP_MTU:
1067 		mac_prop_info_set_range_uint32(prh,
1068 		    ANCHOR_VNIC_MIN_MTU, ANCHOR_VNIC_MAX_MTU);
1069 		break;
1070 	}
1071 }
1072 
1073 
1074 int
1075 vnic_info(vnic_info_t *info, cred_t *credp)
1076 {
1077 	vnic_t		*vnic;
1078 	int		err;
1079 
1080 	/* Make sure that the VNIC link is visible from the caller's zone. */
1081 	if (!dls_devnet_islinkvisible(info->vn_vnic_id, crgetzoneid(credp)))
1082 		return (ENOENT);
1083 
1084 	rw_enter(&vnic_lock, RW_WRITER);
1085 
1086 	err = mod_hash_find(vnic_hash, VNIC_HASH_KEY(info->vn_vnic_id),
1087 	    (mod_hash_val_t *)&vnic);
1088 	if (err != 0) {
1089 		rw_exit(&vnic_lock);
1090 		return (ENOENT);
1091 	}
1092 
1093 	info->vn_link_id = vnic->vn_link_id;
1094 	info->vn_mac_addr_type = vnic->vn_addr_type;
1095 	info->vn_mac_len = vnic->vn_addr_len;
1096 	bcopy(vnic->vn_addr, info->vn_mac_addr, MAXMACADDRLEN);
1097 	info->vn_mac_slot = vnic->vn_slot_id;
1098 	info->vn_mac_prefix_len = 0;
1099 	info->vn_vid = vnic->vn_vid;
1100 	info->vn_force = vnic->vn_force;
1101 	info->vn_vrid = vnic->vn_vrid;
1102 	info->vn_af = vnic->vn_af;
1103 
1104 	bzero(&info->vn_resource_props, sizeof (mac_resource_props_t));
1105 	if (vnic->vn_mch != NULL)
1106 		mac_client_get_resources(vnic->vn_mch,
1107 		    &info->vn_resource_props);
1108 
1109 	rw_exit(&vnic_lock);
1110 	return (0);
1111 }
1112 
1113 static void
1114 vnic_notify_cb(void *arg, mac_notify_type_t type)
1115 {
1116 	vnic_t *vnic = arg;
1117 
1118 	/*
1119 	 * Do not deliver notifications if the vnic is not fully initialized
1120 	 * or is in process of being torn down.
1121 	 */
1122 	if (!vnic->vn_enabled)
1123 		return;
1124 
1125 	switch (type) {
1126 	case MAC_NOTE_UNICST:
1127 		/*
1128 		 * Only the VLAN VNIC needs to be notified with primary MAC
1129 		 * address change.
1130 		 */
1131 		if (vnic->vn_addr_type != VNIC_MAC_ADDR_TYPE_PRIMARY)
1132 			return;
1133 
1134 		/*  the unicast MAC address value */
1135 		mac_unicast_primary_get(vnic->vn_lower_mh, vnic->vn_addr);
1136 
1137 		/* notify its upper layer MAC about MAC address change */
1138 		mac_unicst_update(vnic->vn_mh, (const uint8_t *)vnic->vn_addr);
1139 		break;
1140 
1141 	case MAC_NOTE_LINK:
1142 		mac_link_update(vnic->vn_mh,
1143 		    mac_client_stat_get(vnic->vn_mch, MAC_STAT_LINK_STATE));
1144 		break;
1145 
1146 	default:
1147 		break;
1148 	}
1149 }
1150