2 * Copyright 2001 Wasabi Systems, Inc.
5 * Written by Jason R. Thorpe for Wasabi Systems, Inc.
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 * 3. All advertising materials mentioning features or use of this software
16 * must display the following acknowledgement:
17 * This product includes software developed for the NetBSD Project by
18 * Wasabi Systems, Inc.
19 * 4. The name of Wasabi Systems, Inc. may not be used to endorse
20 * or promote products derived from this software without specific prior
23 * THIS SOFTWARE IS PROVIDED BY WASABI SYSTEMS, INC. ``AS IS'' AND
24 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
25 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
26 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL WASABI SYSTEMS, INC
27 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
28 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
29 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
30 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
31 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
32 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
33 * POSSIBILITY OF SUCH DAMAGE.
37 * Copyright (c) 1999, 2000 Jason L. Wright (jason@thought.net)
38 * All rights reserved.
40 * Redistribution and use in source and binary forms, with or without
41 * modification, are permitted provided that the following conditions
43 * 1. Redistributions of source code must retain the above copyright
44 * notice, this list of conditions and the following disclaimer.
45 * 2. Redistributions in binary form must reproduce the above copyright
46 * notice, this list of conditions and the following disclaimer in the
47 * documentation and/or other materials provided with the distribution.
48 * 3. All advertising materials mentioning features or use of this software
49 * must display the following acknowledgement:
50 * This product includes software developed by Jason L. Wright
51 * 4. The name of the author may not be used to endorse or promote products
52 * derived from this software without specific prior written permission.
54 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
55 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
56 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
57 * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
58 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
59 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
60 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
61 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
62 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
63 * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
64 * POSSIBILITY OF SUCH DAMAGE.
66 * $OpenBSD: if_bridge.c,v 1.60 2001/06/15 03:38:33 itojun Exp $
67 * $NetBSD: if_bridge.c,v 1.31 2005/06/01 19:45:34 jdc Exp $
68 * $FreeBSD: src/sys/net/if_bridge.c,v 1.26 2005/10/13 23:05:55 thompsa Exp $
69 * $DragonFly: src/sys/net/bridge/if_bridge.c,v 1.33 2008/06/16 14:48:01 sephe Exp $
73 * Network interface bridge support.
77 * - Currently only supports Ethernet-like interfaces (Ethernet,
78 * 802.11, VLANs on Ethernet, etc.) Figure out a nice way
79 * to bridge other types of interfaces (FDDI-FDDI, and maybe
80 * consider heterogenous bridges).
83 #include <sys/cdefs.h>
86 #include "opt_inet6.h"
88 #include <sys/param.h>
90 #include <sys/malloc.h>
91 #include <sys/protosw.h>
92 #include <sys/systm.h>
94 #include <sys/socket.h> /* for net/if.h */
95 #include <sys/sockio.h>
96 #include <sys/ctype.h> /* string functions */
97 #include <sys/kernel.h>
98 #include <sys/random.h>
99 #include <sys/sysctl.h>
100 #include <sys/module.h>
101 #include <sys/proc.h>
102 #include <sys/lock.h>
103 #include <sys/thread.h>
104 #include <sys/thread2.h>
105 #include <sys/mpipe.h>
109 #include <net/if_dl.h>
110 #include <net/if_types.h>
111 #include <net/if_var.h>
112 #include <net/pfil.h>
113 #include <net/ifq_var.h>
114 #include <net/if_clone.h>
116 #include <netinet/in.h> /* for struct arpcom */
117 #include <netinet/in_systm.h>
118 #include <netinet/in_var.h>
119 #include <netinet/ip.h>
120 #include <netinet/ip_var.h>
122 #include <netinet/ip6.h>
123 #include <netinet6/ip6_var.h>
125 #include <netinet/if_ether.h> /* for struct arpcom */
126 #include <net/bridge/if_bridgevar.h>
127 #include <net/if_llc.h>
128 #include <net/netmsg2.h>
130 #include <net/route.h>
131 #include <sys/in_cksum.h>
134 * Size of the route hash table. Must be a power of two.
136 #ifndef BRIDGE_RTHASH_SIZE
137 #define BRIDGE_RTHASH_SIZE 1024
140 #define BRIDGE_RTHASH_MASK (BRIDGE_RTHASH_SIZE - 1)
143 * Maximum number of addresses to cache.
145 #ifndef BRIDGE_RTABLE_MAX
146 #define BRIDGE_RTABLE_MAX 100
150 * Spanning tree defaults.
152 #define BSTP_DEFAULT_MAX_AGE (20 * 256)
153 #define BSTP_DEFAULT_HELLO_TIME (2 * 256)
154 #define BSTP_DEFAULT_FORWARD_DELAY (15 * 256)
155 #define BSTP_DEFAULT_HOLD_TIME (1 * 256)
156 #define BSTP_DEFAULT_BRIDGE_PRIORITY 0x8000
157 #define BSTP_DEFAULT_PORT_PRIORITY 0x80
158 #define BSTP_DEFAULT_PATH_COST 55
161 * Timeout (in seconds) for entries learned dynamically.
163 #ifndef BRIDGE_RTABLE_TIMEOUT
164 #define BRIDGE_RTABLE_TIMEOUT (20 * 60) /* same as ARP */
168 * Number of seconds between walks of the route list.
170 #ifndef BRIDGE_RTABLE_PRUNE_PERIOD
171 #define BRIDGE_RTABLE_PRUNE_PERIOD (5 * 60)
175 * List of capabilities to mask on the member interface.
177 #define BRIDGE_IFCAPS_MASK IFCAP_TXCSUM
179 eventhandler_tag bridge_detach_cookie = NULL;
181 extern struct mbuf *(*bridge_input_p)(struct ifnet *, struct mbuf *);
182 extern int (*bridge_output_p)(struct ifnet *, struct mbuf *);
183 extern void (*bridge_dn_p)(struct mbuf *, struct ifnet *);
185 typedef int (*bridge_ctl_t)(struct bridge_softc *, void *);
187 static int bridge_rtable_prune_period = BRIDGE_RTABLE_PRUNE_PERIOD;
189 static int bridge_clone_create(struct if_clone *, int);
190 static void bridge_clone_destroy(struct ifnet *);
192 static int bridge_ioctl(struct ifnet *, u_long, caddr_t, struct ucred *);
193 static void bridge_mutecaps(struct bridge_iflist *, int);
194 static void bridge_ifdetach(void *arg __unused, struct ifnet *);
195 static void bridge_init(void *);
196 static void bridge_stop(struct ifnet *);
197 static void bridge_start(struct ifnet *);
198 static struct mbuf *bridge_input(struct ifnet *, struct mbuf *);
199 static int bridge_output(struct ifnet *, struct mbuf *);
201 static void bridge_forward(struct bridge_softc *, struct mbuf *m);
203 static void bridge_timer(void *);
205 static void bridge_broadcast(struct bridge_softc *, struct ifnet *,
207 static void bridge_span(struct bridge_softc *, struct mbuf *);
209 static int bridge_rtupdate(struct bridge_softc *, const uint8_t *,
210 struct ifnet *, int, uint8_t);
211 static struct ifnet *bridge_rtlookup(struct bridge_softc *, const uint8_t *);
212 static void bridge_rttrim(struct bridge_softc *);
213 static void bridge_rtage(struct bridge_softc *);
214 static void bridge_rtflush(struct bridge_softc *, int);
215 static int bridge_rtdaddr(struct bridge_softc *, const uint8_t *);
217 static int bridge_rtable_init(struct bridge_softc *);
218 static void bridge_rtable_fini(struct bridge_softc *);
220 static int bridge_rtnode_addr_cmp(const uint8_t *, const uint8_t *);
221 static struct bridge_rtnode *bridge_rtnode_lookup(struct bridge_softc *,
223 static int bridge_rtnode_insert(struct bridge_softc *,
224 struct bridge_rtnode *);
225 static void bridge_rtnode_destroy(struct bridge_softc *,
226 struct bridge_rtnode *);
228 static struct bridge_iflist *bridge_lookup_member(struct bridge_softc *,
230 static struct bridge_iflist *bridge_lookup_member_if(struct bridge_softc *,
232 static void bridge_delete_member(struct bridge_softc *,
233 struct bridge_iflist *, int);
234 static void bridge_delete_span(struct bridge_softc *,
235 struct bridge_iflist *);
237 static int bridge_control(struct bridge_softc *, bridge_ctl_t, void *);
238 static int bridge_ioctl_add(struct bridge_softc *, void *);
239 static int bridge_ioctl_del(struct bridge_softc *, void *);
240 static int bridge_ioctl_gifflags(struct bridge_softc *, void *);
241 static int bridge_ioctl_sifflags(struct bridge_softc *, void *);
242 static int bridge_ioctl_scache(struct bridge_softc *, void *);
243 static int bridge_ioctl_gcache(struct bridge_softc *, void *);
244 static int bridge_ioctl_gifs(struct bridge_softc *, void *);
245 static int bridge_ioctl_rts(struct bridge_softc *, void *);
246 static int bridge_ioctl_saddr(struct bridge_softc *, void *);
247 static int bridge_ioctl_sto(struct bridge_softc *, void *);
248 static int bridge_ioctl_gto(struct bridge_softc *, void *);
249 static int bridge_ioctl_daddr(struct bridge_softc *, void *);
250 static int bridge_ioctl_flush(struct bridge_softc *, void *);
251 static int bridge_ioctl_gpri(struct bridge_softc *, void *);
252 static int bridge_ioctl_spri(struct bridge_softc *, void *);
253 static int bridge_ioctl_ght(struct bridge_softc *, void *);
254 static int bridge_ioctl_sht(struct bridge_softc *, void *);
255 static int bridge_ioctl_gfd(struct bridge_softc *, void *);
256 static int bridge_ioctl_sfd(struct bridge_softc *, void *);
257 static int bridge_ioctl_gma(struct bridge_softc *, void *);
258 static int bridge_ioctl_sma(struct bridge_softc *, void *);
259 static int bridge_ioctl_sifprio(struct bridge_softc *, void *);
260 static int bridge_ioctl_sifcost(struct bridge_softc *, void *);
261 static int bridge_ioctl_addspan(struct bridge_softc *, void *);
262 static int bridge_ioctl_delspan(struct bridge_softc *, void *);
263 static int bridge_pfil(struct mbuf **, struct ifnet *, struct ifnet *,
265 static int bridge_ip_checkbasic(struct mbuf **mp);
267 static int bridge_ip6_checkbasic(struct mbuf **mp);
269 static int bridge_fragment(struct ifnet *, struct mbuf *,
270 struct ether_header *, int, struct llc *);
271 static void bridge_enqueue_internal(struct ifnet *, struct mbuf *m,
273 static void bridge_enqueue_handler(struct netmsg *);
274 static void bridge_pfil_enqueue_handler(struct netmsg *);
275 static void bridge_pfil_enqueue(struct ifnet *, struct mbuf *, int);
276 static void bridge_handoff_notags(struct ifnet *, struct mbuf *);
277 static void bridge_handoff(struct ifnet *, struct mbuf *);
279 SYSCTL_DECL(_net_link);
280 SYSCTL_NODE(_net_link, IFT_BRIDGE, bridge, CTLFLAG_RW, 0, "Bridge");
282 static int pfil_onlyip = 1; /* only pass IP[46] packets when pfil is enabled */
283 static int pfil_bridge = 1; /* run pfil hooks on the bridge interface */
284 static int pfil_member = 1; /* run pfil hooks on the member interface */
285 SYSCTL_INT(_net_link_bridge, OID_AUTO, pfil_onlyip, CTLFLAG_RW,
286 &pfil_onlyip, 0, "Only pass IP packets when pfil is enabled");
287 SYSCTL_INT(_net_link_bridge, OID_AUTO, pfil_bridge, CTLFLAG_RW,
288 &pfil_bridge, 0, "Packet filter on the bridge interface");
289 SYSCTL_INT(_net_link_bridge, OID_AUTO, pfil_member, CTLFLAG_RW,
290 &pfil_member, 0, "Packet filter on the member interface");
292 struct bridge_control {
293 bridge_ctl_t bc_func;
298 #define BC_F_COPYIN 0x01 /* copy arguments in */
299 #define BC_F_COPYOUT 0x02 /* copy arguments out */
300 #define BC_F_SUSER 0x04 /* do super-user check */
302 const struct bridge_control bridge_control_table[] = {
303 { bridge_ioctl_add, sizeof(struct ifbreq),
304 BC_F_COPYIN|BC_F_SUSER },
305 { bridge_ioctl_del, sizeof(struct ifbreq),
306 BC_F_COPYIN|BC_F_SUSER },
308 { bridge_ioctl_gifflags, sizeof(struct ifbreq),
309 BC_F_COPYIN|BC_F_COPYOUT },
310 { bridge_ioctl_sifflags, sizeof(struct ifbreq),
311 BC_F_COPYIN|BC_F_SUSER },
313 { bridge_ioctl_scache, sizeof(struct ifbrparam),
314 BC_F_COPYIN|BC_F_SUSER },
315 { bridge_ioctl_gcache, sizeof(struct ifbrparam),
318 { bridge_ioctl_gifs, sizeof(struct ifbifconf),
319 BC_F_COPYIN|BC_F_COPYOUT },
320 { bridge_ioctl_rts, sizeof(struct ifbaconf),
321 BC_F_COPYIN|BC_F_COPYOUT },
323 { bridge_ioctl_saddr, sizeof(struct ifbareq),
324 BC_F_COPYIN|BC_F_SUSER },
326 { bridge_ioctl_sto, sizeof(struct ifbrparam),
327 BC_F_COPYIN|BC_F_SUSER },
328 { bridge_ioctl_gto, sizeof(struct ifbrparam),
331 { bridge_ioctl_daddr, sizeof(struct ifbareq),
332 BC_F_COPYIN|BC_F_SUSER },
334 { bridge_ioctl_flush, sizeof(struct ifbreq),
335 BC_F_COPYIN|BC_F_SUSER },
337 { bridge_ioctl_gpri, sizeof(struct ifbrparam),
339 { bridge_ioctl_spri, sizeof(struct ifbrparam),
340 BC_F_COPYIN|BC_F_SUSER },
342 { bridge_ioctl_ght, sizeof(struct ifbrparam),
344 { bridge_ioctl_sht, sizeof(struct ifbrparam),
345 BC_F_COPYIN|BC_F_SUSER },
347 { bridge_ioctl_gfd, sizeof(struct ifbrparam),
349 { bridge_ioctl_sfd, sizeof(struct ifbrparam),
350 BC_F_COPYIN|BC_F_SUSER },
352 { bridge_ioctl_gma, sizeof(struct ifbrparam),
354 { bridge_ioctl_sma, sizeof(struct ifbrparam),
355 BC_F_COPYIN|BC_F_SUSER },
357 { bridge_ioctl_sifprio, sizeof(struct ifbreq),
358 BC_F_COPYIN|BC_F_SUSER },
360 { bridge_ioctl_sifcost, sizeof(struct ifbreq),
361 BC_F_COPYIN|BC_F_SUSER },
363 { bridge_ioctl_addspan, sizeof(struct ifbreq),
364 BC_F_COPYIN|BC_F_SUSER },
365 { bridge_ioctl_delspan, sizeof(struct ifbreq),
366 BC_F_COPYIN|BC_F_SUSER },
368 const int bridge_control_table_size =
369 sizeof(bridge_control_table) / sizeof(bridge_control_table[0]);
371 LIST_HEAD(, bridge_softc) bridge_list;
373 struct if_clone bridge_cloner = IF_CLONE_INITIALIZER("bridge",
375 bridge_clone_destroy, 0, IF_MAXUNIT);
378 bridge_modevent(module_t mod, int type, void *data)
382 LIST_INIT(&bridge_list);
383 if_clone_attach(&bridge_cloner);
384 bridge_input_p = bridge_input;
385 bridge_output_p = bridge_output;
386 bridge_detach_cookie = EVENTHANDLER_REGISTER(
387 ifnet_detach_event, bridge_ifdetach, NULL,
388 EVENTHANDLER_PRI_ANY);
390 bstp_linkstate_p = bstp_linkstate;
394 if (!LIST_EMPTY(&bridge_list))
396 EVENTHANDLER_DEREGISTER(ifnet_detach_event,
397 bridge_detach_cookie);
398 if_clone_detach(&bridge_cloner);
399 bridge_input_p = NULL;
400 bridge_output_p = NULL;
402 bstp_linkstate_p = NULL;
411 static moduledata_t bridge_mod = {
417 DECLARE_MODULE(if_bridge, bridge_mod, SI_SUB_PSEUDO, SI_ORDER_ANY);
421 * bridge_clone_create:
423 * Create a new bridge instance.
426 bridge_clone_create(struct if_clone *ifc, int unit)
428 struct bridge_softc *sc;
432 sc = kmalloc(sizeof(*sc), M_DEVBUF, M_WAITOK|M_ZERO);
433 ifp = sc->sc_ifp = &sc->sc_if;
435 sc->sc_brtmax = BRIDGE_RTABLE_MAX;
436 sc->sc_brttimeout = BRIDGE_RTABLE_TIMEOUT;
437 sc->sc_bridge_max_age = BSTP_DEFAULT_MAX_AGE;
438 sc->sc_bridge_hello_time = BSTP_DEFAULT_HELLO_TIME;
439 sc->sc_bridge_forward_delay = BSTP_DEFAULT_FORWARD_DELAY;
440 sc->sc_bridge_priority = BSTP_DEFAULT_BRIDGE_PRIORITY;
441 sc->sc_hold_time = BSTP_DEFAULT_HOLD_TIME;
443 /* Initialize our routing table. */
444 bridge_rtable_init(sc);
446 callout_init(&sc->sc_brcallout);
447 callout_init(&sc->sc_bstpcallout);
449 LIST_INIT(&sc->sc_iflist);
450 LIST_INIT(&sc->sc_spanlist);
453 if_initname(ifp, ifc->ifc_name, unit);
454 ifp->if_mtu = ETHERMTU;
455 ifp->if_flags = IFF_BROADCAST | IFF_MULTICAST;
456 ifp->if_ioctl = bridge_ioctl;
457 ifp->if_start = bridge_start;
458 ifp->if_init = bridge_init;
459 ifp->if_type = IFT_BRIDGE;
460 ifq_set_maxlen(&ifp->if_snd, ifqmaxlen);
461 ifp->if_snd.ifq_maxlen = ifqmaxlen;
462 ifq_set_ready(&ifp->if_snd);
463 ifp->if_hdrlen = ETHER_HDR_LEN;
466 * Generate a random ethernet address and use the private AC:DE:48
470 int rnd = karc4random();
471 bcopy(&rnd, &eaddr[0], 4); /* ETHER_ADDR_LEN == 6 */
473 bcopy(&rnd, &eaddr[2], 4); /* ETHER_ADDR_LEN == 6 */
475 eaddr[0] &= ~1; /* clear multicast bit */
476 eaddr[0] |= 2; /* set the LAA bit */
478 ether_ifattach(ifp, eaddr, NULL);
479 /* Now undo some of the damage... */
480 ifp->if_baudrate = 0;
481 ifp->if_type = IFT_BRIDGE;
484 LIST_INSERT_HEAD(&bridge_list, sc, sc_list);
491 * bridge_clone_destroy:
493 * Destroy a bridge instance.
496 bridge_clone_destroy(struct ifnet *ifp)
498 struct bridge_softc *sc = ifp->if_softc;
499 struct bridge_iflist *bif;
501 lwkt_serialize_enter(ifp->if_serializer);
504 ifp->if_flags &= ~IFF_UP;
506 while ((bif = LIST_FIRST(&sc->sc_iflist)) != NULL)
507 bridge_delete_member(sc, bif, 0);
509 while ((bif = LIST_FIRST(&sc->sc_spanlist)) != NULL) {
510 bridge_delete_span(sc, bif);
513 callout_stop(&sc->sc_brcallout);
514 callout_stop(&sc->sc_bstpcallout);
516 lwkt_serialize_exit(ifp->if_serializer);
519 LIST_REMOVE(sc, sc_list);
524 /* Tear down the routing table. */
525 bridge_rtable_fini(sc);
533 * Handle a control request from the operator.
536 bridge_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data, struct ucred *cr)
538 struct bridge_softc *sc = ifp->if_softc;
540 struct ifbreq ifbreq;
541 struct ifbifconf ifbifconf;
542 struct ifbareq ifbareq;
543 struct ifbaconf ifbaconf;
544 struct ifbrparam ifbrparam;
546 struct ifdrv *ifd = (struct ifdrv *) data;
547 const struct bridge_control *bc;
550 ASSERT_SERIALIZED(ifp->if_serializer);
559 if (ifd->ifd_cmd >= bridge_control_table_size) {
563 bc = &bridge_control_table[ifd->ifd_cmd];
565 if (cmd == SIOCGDRVSPEC &&
566 (bc->bc_flags & BC_F_COPYOUT) == 0) {
569 } else if (cmd == SIOCSDRVSPEC &&
570 (bc->bc_flags & BC_F_COPYOUT) != 0) {
575 if (bc->bc_flags & BC_F_SUSER) {
576 error = suser_cred(cr, NULL_CRED_OKAY);
581 if (ifd->ifd_len != bc->bc_argsize ||
582 ifd->ifd_len > sizeof(args)) {
587 memset(&args, 0, sizeof(args));
588 if (bc->bc_flags & BC_F_COPYIN) {
589 error = copyin(ifd->ifd_data, &args, ifd->ifd_len);
594 error = bridge_control(sc, bc->bc_func, &args);
598 if (bc->bc_flags & BC_F_COPYOUT)
599 error = copyout(&args, ifd->ifd_data, ifd->ifd_len);
603 if (!(ifp->if_flags & IFF_UP) &&
604 (ifp->if_flags & IFF_RUNNING)) {
606 * If interface is marked down and it is running,
610 } else if ((ifp->if_flags & IFF_UP) &&
611 !(ifp->if_flags & IFF_RUNNING)) {
613 * If interface is marked up and it is stopped, then
621 /* Do not allow the MTU to be changed on the bridge */
626 error = ether_ioctl(ifp, cmd, data);
635 * Clear or restore unwanted capabilities on the member interface
638 bridge_mutecaps(struct bridge_iflist *bif, int mute)
640 struct ifnet *ifp = bif->bif_ifp;
644 if (ifp->if_ioctl == NULL)
647 bzero(&ifr, sizeof(ifr));
648 ifr.ifr_reqcap = ifp->if_capenable;
651 /* mask off and save capabilities */
652 bif->bif_mutecap = ifr.ifr_reqcap & BRIDGE_IFCAPS_MASK;
653 if (bif->bif_mutecap != 0)
654 ifr.ifr_reqcap &= ~BRIDGE_IFCAPS_MASK;
656 /* restore muted capabilities */
657 ifr.ifr_reqcap |= bif->bif_mutecap;
659 if (bif->bif_mutecap != 0) {
660 lwkt_serialize_enter(ifp->if_serializer);
661 error = (*ifp->if_ioctl)(ifp, SIOCSIFCAP, (caddr_t)&ifr, NULL);
662 lwkt_serialize_exit(ifp->if_serializer);
667 * bridge_lookup_member:
669 * Lookup a bridge member interface.
671 static struct bridge_iflist *
672 bridge_lookup_member(struct bridge_softc *sc, const char *name)
674 struct bridge_iflist *bif;
677 LIST_FOREACH(bif, &sc->sc_iflist, bif_next) {
679 if (strcmp(ifp->if_xname, name) == 0)
687 * bridge_lookup_member_if:
689 * Lookup a bridge member interface by ifnet*.
691 static struct bridge_iflist *
692 bridge_lookup_member_if(struct bridge_softc *sc, struct ifnet *member_ifp)
694 struct bridge_iflist *bif;
696 LIST_FOREACH(bif, &sc->sc_iflist, bif_next) {
697 if (bif->bif_ifp == member_ifp)
705 * bridge_delete_member:
707 * Delete the specified member interface.
710 bridge_delete_member(struct bridge_softc *sc, struct bridge_iflist *bif,
713 struct ifnet *ifs = bif->bif_ifp;
716 switch (ifs->if_type) {
720 * Take the interface out of promiscuous mode.
722 (void) ifpromisc(ifs, 0);
723 bridge_mutecaps(bif, 0);
731 panic("bridge_delete_member: impossible");
737 ifs->if_bridge = NULL;
738 LIST_REMOVE(bif, bif_next);
740 bridge_rtdelete(sc, ifs, IFBF_FLUSHALL);
742 kfree(bif, M_DEVBUF);
744 if (sc->sc_ifp->if_flags & IFF_RUNNING)
745 bstp_initialization(sc);
749 * bridge_delete_span:
751 * Delete the specified span interface.
754 bridge_delete_span(struct bridge_softc *sc, struct bridge_iflist *bif)
756 KASSERT(bif->bif_ifp->if_bridge == NULL,
757 ("%s: not a span interface", __func__));
759 LIST_REMOVE(bif, bif_next);
760 kfree(bif, M_DEVBUF);
764 bridge_ioctl_add(struct bridge_softc *sc, void *arg)
766 struct ifbreq *req = arg;
767 struct bridge_iflist *bif = NULL;
771 ifs = ifunit(req->ifbr_ifsname);
775 /* If it's in the span list, it can't be a member. */
776 LIST_FOREACH(bif, &sc->sc_spanlist, bif_next)
777 if (ifs == bif->bif_ifp)
780 /* Allow the first Ethernet member to define the MTU */
781 if (ifs->if_type != IFT_GIF) {
782 if (LIST_EMPTY(&sc->sc_iflist))
783 sc->sc_ifp->if_mtu = ifs->if_mtu;
784 else if (sc->sc_ifp->if_mtu != ifs->if_mtu) {
785 if_printf(sc->sc_ifp, "invalid MTU for %s\n",
791 if (ifs->if_bridge == sc)
794 if (ifs->if_bridge != NULL)
797 bif = kmalloc(sizeof(*bif), M_DEVBUF, M_WAITOK|M_ZERO);
799 bif->bif_flags = IFBIF_LEARNING | IFBIF_DISCOVER;
800 bif->bif_priority = BSTP_DEFAULT_PORT_PRIORITY;
801 bif->bif_path_cost = BSTP_DEFAULT_PATH_COST;
803 switch (ifs->if_type) {
807 * Place the interface into promiscuous mode.
809 error = ifpromisc(ifs, 1);
813 bridge_mutecaps(bif, 1);
816 case IFT_GIF: /* :^) */
826 LIST_INSERT_HEAD(&sc->sc_iflist, bif, bif_next);
828 if (sc->sc_ifp->if_flags & IFF_RUNNING)
829 bstp_initialization(sc);
836 kfree(bif, M_DEVBUF);
842 bridge_ioctl_del(struct bridge_softc *sc, void *arg)
844 struct ifbreq *req = arg;
845 struct bridge_iflist *bif;
847 bif = bridge_lookup_member(sc, req->ifbr_ifsname);
851 bridge_delete_member(sc, bif, 0);
857 bridge_ioctl_gifflags(struct bridge_softc *sc, void *arg)
859 struct ifbreq *req = arg;
860 struct bridge_iflist *bif;
862 bif = bridge_lookup_member(sc, req->ifbr_ifsname);
866 req->ifbr_ifsflags = bif->bif_flags;
867 req->ifbr_state = bif->bif_state;
868 req->ifbr_priority = bif->bif_priority;
869 req->ifbr_path_cost = bif->bif_path_cost;
870 req->ifbr_portno = bif->bif_ifp->if_index & 0xff;
876 bridge_ioctl_sifflags(struct bridge_softc *sc, void *arg)
878 struct ifbreq *req = arg;
879 struct bridge_iflist *bif;
881 bif = bridge_lookup_member(sc, req->ifbr_ifsname);
885 if (req->ifbr_ifsflags & IFBIF_SPAN)
886 /* SPAN is readonly */
889 if (req->ifbr_ifsflags & IFBIF_STP) {
890 switch (bif->bif_ifp->if_type) {
892 /* These can do spanning tree. */
896 /* Nothing else can. */
901 bif->bif_flags = req->ifbr_ifsflags;
903 if (sc->sc_ifp->if_flags & IFF_RUNNING)
904 bstp_initialization(sc);
910 bridge_ioctl_scache(struct bridge_softc *sc, void *arg)
912 struct ifbrparam *param = arg;
914 sc->sc_brtmax = param->ifbrp_csize;
921 bridge_ioctl_gcache(struct bridge_softc *sc, void *arg)
923 struct ifbrparam *param = arg;
925 param->ifbrp_csize = sc->sc_brtmax;
931 bridge_ioctl_gifs(struct bridge_softc *sc, void *arg)
933 struct ifbifconf *bifc = arg;
934 struct bridge_iflist *bif;
936 int count, len, error = 0;
939 LIST_FOREACH(bif, &sc->sc_iflist, bif_next)
941 LIST_FOREACH(bif, &sc->sc_spanlist, bif_next)
944 if (bifc->ifbic_len == 0) {
945 bifc->ifbic_len = sizeof(breq) * count;
950 len = bifc->ifbic_len;
951 memset(&breq, 0, sizeof breq);
952 LIST_FOREACH(bif, &sc->sc_iflist, bif_next) {
953 if (len < sizeof(breq))
956 strlcpy(breq.ifbr_ifsname, bif->bif_ifp->if_xname,
957 sizeof(breq.ifbr_ifsname));
958 breq.ifbr_ifsflags = bif->bif_flags;
959 breq.ifbr_state = bif->bif_state;
960 breq.ifbr_priority = bif->bif_priority;
961 breq.ifbr_path_cost = bif->bif_path_cost;
962 breq.ifbr_portno = bif->bif_ifp->if_index & 0xff;
963 error = copyout(&breq, bifc->ifbic_req + count, sizeof(breq));
969 LIST_FOREACH(bif, &sc->sc_spanlist, bif_next) {
970 if (len < sizeof(breq))
973 strlcpy(breq.ifbr_ifsname, bif->bif_ifp->if_xname,
974 sizeof(breq.ifbr_ifsname));
975 breq.ifbr_ifsflags = bif->bif_flags;
976 breq.ifbr_state = bif->bif_state;
977 breq.ifbr_priority = bif->bif_priority;
978 breq.ifbr_path_cost = bif->bif_path_cost;
979 breq.ifbr_portno = bif->bif_ifp->if_index & 0xff;
980 error = copyout(&breq, bifc->ifbic_req + count, sizeof(breq));
987 bifc->ifbic_len = sizeof(breq) * count;
992 bridge_ioctl_rts(struct bridge_softc *sc, void *arg)
994 struct ifbaconf *bac = arg;
995 struct bridge_rtnode *brt;
996 struct ifbareq bareq;
997 int count = 0, error = 0, len;
999 if (bac->ifbac_len == 0)
1002 len = bac->ifbac_len;
1003 memset(&bareq, 0, sizeof(bareq));
1004 LIST_FOREACH(brt, &sc->sc_rtlist, brt_list) {
1005 if (len < sizeof(bareq))
1007 strlcpy(bareq.ifba_ifsname, brt->brt_ifp->if_xname,
1008 sizeof(bareq.ifba_ifsname));
1009 memcpy(bareq.ifba_dst, brt->brt_addr, sizeof(brt->brt_addr));
1010 if ((brt->brt_flags & IFBAF_TYPEMASK) == IFBAF_DYNAMIC &&
1011 time_second < brt->brt_expire)
1012 bareq.ifba_expire = brt->brt_expire - time_second;
1014 bareq.ifba_expire = 0;
1015 bareq.ifba_flags = brt->brt_flags;
1017 error = copyout(&bareq, bac->ifbac_req + count, sizeof(bareq));
1021 len -= sizeof(bareq);
1024 bac->ifbac_len = sizeof(bareq) * count;
1029 bridge_ioctl_saddr(struct bridge_softc *sc, void *arg)
1031 struct ifbareq *req = arg;
1032 struct bridge_iflist *bif;
1035 bif = bridge_lookup_member(sc, req->ifba_ifsname);
1039 error = bridge_rtupdate(sc, req->ifba_dst, bif->bif_ifp, 1,
1046 bridge_ioctl_sto(struct bridge_softc *sc, void *arg)
1048 struct ifbrparam *param = arg;
1050 sc->sc_brttimeout = param->ifbrp_ctime;
1056 bridge_ioctl_gto(struct bridge_softc *sc, void *arg)
1058 struct ifbrparam *param = arg;
1060 param->ifbrp_ctime = sc->sc_brttimeout;
1066 bridge_ioctl_daddr(struct bridge_softc *sc, void *arg)
1068 struct ifbareq *req = arg;
1070 return (bridge_rtdaddr(sc, req->ifba_dst));
1074 bridge_ioctl_flush(struct bridge_softc *sc, void *arg)
1076 struct ifbreq *req = arg;
1078 bridge_rtflush(sc, req->ifbr_ifsflags);
1084 bridge_ioctl_gpri(struct bridge_softc *sc, void *arg)
1086 struct ifbrparam *param = arg;
1088 param->ifbrp_prio = sc->sc_bridge_priority;
1094 bridge_ioctl_spri(struct bridge_softc *sc, void *arg)
1096 struct ifbrparam *param = arg;
1098 sc->sc_bridge_priority = param->ifbrp_prio;
1100 if (sc->sc_ifp->if_flags & IFF_RUNNING)
1101 bstp_initialization(sc);
1107 bridge_ioctl_ght(struct bridge_softc *sc, void *arg)
1109 struct ifbrparam *param = arg;
1111 param->ifbrp_hellotime = sc->sc_bridge_hello_time >> 8;
1117 bridge_ioctl_sht(struct bridge_softc *sc, void *arg)
1119 struct ifbrparam *param = arg;
1121 if (param->ifbrp_hellotime == 0)
1123 sc->sc_bridge_hello_time = param->ifbrp_hellotime << 8;
1125 if (sc->sc_ifp->if_flags & IFF_RUNNING)
1126 bstp_initialization(sc);
1132 bridge_ioctl_gfd(struct bridge_softc *sc, void *arg)
1134 struct ifbrparam *param = arg;
1136 param->ifbrp_fwddelay = sc->sc_bridge_forward_delay >> 8;
1142 bridge_ioctl_sfd(struct bridge_softc *sc, void *arg)
1144 struct ifbrparam *param = arg;
1146 if (param->ifbrp_fwddelay == 0)
1148 sc->sc_bridge_forward_delay = param->ifbrp_fwddelay << 8;
1150 if (sc->sc_ifp->if_flags & IFF_RUNNING)
1151 bstp_initialization(sc);
1157 bridge_ioctl_gma(struct bridge_softc *sc, void *arg)
1159 struct ifbrparam *param = arg;
1161 param->ifbrp_maxage = sc->sc_bridge_max_age >> 8;
1167 bridge_ioctl_sma(struct bridge_softc *sc, void *arg)
1169 struct ifbrparam *param = arg;
1171 if (param->ifbrp_maxage == 0)
1173 sc->sc_bridge_max_age = param->ifbrp_maxage << 8;
1175 if (sc->sc_ifp->if_flags & IFF_RUNNING)
1176 bstp_initialization(sc);
1182 bridge_ioctl_sifprio(struct bridge_softc *sc, void *arg)
1184 struct ifbreq *req = arg;
1185 struct bridge_iflist *bif;
1187 bif = bridge_lookup_member(sc, req->ifbr_ifsname);
1191 bif->bif_priority = req->ifbr_priority;
1193 if (sc->sc_ifp->if_flags & IFF_RUNNING)
1194 bstp_initialization(sc);
1200 bridge_ioctl_sifcost(struct bridge_softc *sc, void *arg)
1202 struct ifbreq *req = arg;
1203 struct bridge_iflist *bif;
1205 bif = bridge_lookup_member(sc, req->ifbr_ifsname);
1209 bif->bif_path_cost = req->ifbr_path_cost;
1211 if (sc->sc_ifp->if_flags & IFF_RUNNING)
1212 bstp_initialization(sc);
1218 bridge_ioctl_addspan(struct bridge_softc *sc, void *arg)
1220 struct ifbreq *req = arg;
1221 struct bridge_iflist *bif = NULL;
1224 ifs = ifunit(req->ifbr_ifsname);
1228 LIST_FOREACH(bif, &sc->sc_spanlist, bif_next)
1229 if (ifs == bif->bif_ifp)
1232 if (ifs->if_bridge != NULL)
1235 switch (ifs->if_type) {
1244 bif = kmalloc(sizeof(*bif), M_DEVBUF, M_WAITOK|M_ZERO);
1247 bif->bif_flags = IFBIF_SPAN;
1249 LIST_INSERT_HEAD(&sc->sc_spanlist, bif, bif_next);
1255 bridge_ioctl_delspan(struct bridge_softc *sc, void *arg)
1257 struct ifbreq *req = arg;
1258 struct bridge_iflist *bif;
1261 ifs = ifunit(req->ifbr_ifsname);
1265 LIST_FOREACH(bif, &sc->sc_spanlist, bif_next)
1266 if (ifs == bif->bif_ifp)
1272 bridge_delete_span(sc, bif);
1280 * Detach an interface from a bridge. Called when a member
1281 * interface is detaching.
1284 bridge_ifdetach(void *arg __unused, struct ifnet *ifp)
1286 struct bridge_softc *sc = ifp->if_bridge;
1287 struct bridge_iflist *bif;
1289 /* Check if the interface is a bridge member */
1291 lwkt_serialize_enter(ifp->if_serializer);
1293 bif = bridge_lookup_member_if(sc, ifp);
1295 bridge_delete_member(sc, bif, 1);
1297 lwkt_serialize_exit(ifp->if_serializer);
1301 /* Check if the interface is a span port */
1302 LIST_FOREACH(sc, &bridge_list, sc_list) {
1303 LIST_FOREACH(bif, &sc->sc_spanlist, bif_next)
1304 if (ifp == bif->bif_ifp) {
1305 bridge_delete_span(sc, bif);
1314 * Initialize a bridge interface.
1317 bridge_init(void *xsc)
1319 struct bridge_softc *sc = (struct bridge_softc *)xsc;
1320 struct ifnet *ifp = sc->sc_ifp;
1322 ASSERT_SERIALIZED(ifp->if_serializer);
1324 if (ifp->if_flags & IFF_RUNNING)
1327 callout_reset(&sc->sc_brcallout, bridge_rtable_prune_period * hz,
1330 ifp->if_flags |= IFF_RUNNING;
1331 bstp_initialization(sc);
1338 * Stop the bridge interface.
1341 bridge_stop(struct ifnet *ifp)
1343 struct bridge_softc *sc = ifp->if_softc;
1345 ASSERT_SERIALIZED(ifp->if_serializer);
1347 if ((ifp->if_flags & IFF_RUNNING) == 0)
1350 callout_stop(&sc->sc_brcallout);
1353 bridge_rtflush(sc, IFBF_FLUSHDYN);
1355 ifp->if_flags &= ~IFF_RUNNING;
1359 bridge_enqueue_internal(struct ifnet *dst_ifp, struct mbuf *m,
1360 netisr_fn_t handler)
1362 struct netmsg_packet *nmp;
1364 int cpu = mycpu->gd_cpuid;
1366 while (m->m_type == MT_TAG) {
1367 /* XXX see ether_output_frame for full rules check */
1371 nmp = &m->m_hdr.mh_netmsg;
1372 netmsg_init(&nmp->nm_netmsg, &netisr_apanic_rport, 0, handler);
1374 nmp->nm_netmsg.nm_lmsg.u.ms_resultp = dst_ifp;
1376 port = cpu_portfn(cpu);
1377 lwkt_sendmsg(port, &nmp->nm_netmsg.nm_lmsg);
1381 bridge_pfil_enqueue(struct ifnet *dst_ifp, struct mbuf *m,
1384 netisr_fn_t handler;
1386 if (runfilt && (inet_pfil_hook.ph_hashooks > 0
1388 || inet6_pfil_hook.ph_hashooks > 0
1391 handler = bridge_pfil_enqueue_handler;
1393 handler = bridge_enqueue_handler;
1395 bridge_enqueue_internal(dst_ifp, m, handler);
1401 * Enqueue a packet on a bridge member interface.
1405 bridge_enqueue(struct ifnet *dst_ifp, struct mbuf *m)
1407 bridge_enqueue_internal(dst_ifp, m, bridge_enqueue_handler);
1413 * Send output from a bridge member interface. This
1414 * performs the bridging function for locally originated
1417 * The mbuf has the Ethernet header already attached. We must
1418 * enqueue or free the mbuf before returning.
1421 bridge_output(struct ifnet *ifp, struct mbuf *m)
1423 struct bridge_softc *sc = ifp->if_bridge;
1424 struct ether_header *eh;
1425 struct ifnet *dst_if;
1427 ASSERT_NOT_SERIALIZED(ifp->if_serializer);
1430 * Make sure that we are still a member of a bridge interface.
1437 if (m->m_len < ETHER_HDR_LEN) {
1438 m = m_pullup(m, ETHER_HDR_LEN);
1443 /* Serialize our bridge interface. */
1444 lwkt_serialize_enter(sc->sc_ifp->if_serializer);
1446 eh = mtod(m, struct ether_header *);
1449 * If bridge is down, but the original output interface is up,
1450 * go ahead and send out that interface. Otherwise, the packet
1453 if ((sc->sc_ifp->if_flags & IFF_RUNNING) == 0) {
1459 * If the packet is a multicast, or we don't know a better way to
1460 * get there, send to all interfaces.
1462 if (ETHER_IS_MULTICAST(eh->ether_dhost))
1465 dst_if = bridge_rtlookup(sc, eh->ether_dhost);
1466 if (dst_if == NULL) {
1467 struct bridge_iflist *bif;
1473 LIST_FOREACH(bif, &sc->sc_iflist, bif_next) {
1474 dst_if = bif->bif_ifp;
1475 if ((dst_if->if_flags & IFF_RUNNING) == 0)
1479 * If this is not the original output interface,
1480 * and the interface is participating in spanning
1481 * tree, make sure the port is in a state that
1482 * allows forwarding.
1484 if (dst_if != ifp &&
1485 (bif->bif_flags & IFBIF_STP) != 0) {
1486 switch (bif->bif_state) {
1487 case BSTP_IFSTATE_BLOCKING:
1488 case BSTP_IFSTATE_LISTENING:
1489 case BSTP_IFSTATE_DISABLED:
1494 if (LIST_NEXT(bif, bif_next) == NULL) {
1498 mc = m_copypacket(m, MB_DONTWAIT);
1500 sc->sc_ifp->if_oerrors++;
1504 bridge_enqueue(dst_if, mc);
1508 lwkt_serialize_exit(sc->sc_ifp->if_serializer);
1514 * XXX Spanning tree consideration here?
1518 lwkt_serialize_exit(sc->sc_ifp->if_serializer);
1519 if ((dst_if->if_flags & IFF_RUNNING) == 0)
1522 bridge_enqueue(dst_if, m);
1529 * Start output on a bridge.
1533 bridge_start(struct ifnet *ifp)
1535 struct bridge_softc *sc = ifp->if_softc;
1537 ASSERT_SERIALIZED(ifp->if_serializer);
1539 ifp->if_flags |= IFF_OACTIVE;
1541 struct ifnet *dst_if = NULL;
1542 struct ether_header *eh;
1545 m = ifq_dequeue(&ifp->if_snd, NULL);
1549 if (m->m_len < sizeof(*eh)) {
1550 m = m_pullup(m, sizeof(*eh));
1556 eh = mtod(m, struct ether_header *);
1561 if ((m->m_flags & (M_BCAST|M_MCAST)) == 0)
1562 dst_if = bridge_rtlookup(sc, eh->ether_dhost);
1565 bridge_broadcast(sc, ifp, m, 0);
1567 bridge_enqueue(dst_if, m);
1569 ifp->if_flags &= ~IFF_OACTIVE;
1575 * The forwarding function of the bridge.
1578 bridge_forward(struct bridge_softc *sc, struct mbuf *m)
1580 struct bridge_iflist *bif;
1581 struct ifnet *src_if, *dst_if, *ifp;
1582 struct ether_header *eh;
1584 src_if = m->m_pkthdr.rcvif;
1587 ASSERT_SERIALIZED(ifp->if_serializer);
1590 ifp->if_ibytes += m->m_pkthdr.len;
1593 * Look up the bridge_iflist.
1595 bif = bridge_lookup_member_if(sc, src_if);
1597 /* Interface is not a bridge member (anymore?) */
1602 if (bif->bif_flags & IFBIF_STP) {
1603 switch (bif->bif_state) {
1604 case BSTP_IFSTATE_BLOCKING:
1605 case BSTP_IFSTATE_LISTENING:
1606 case BSTP_IFSTATE_DISABLED:
1612 eh = mtod(m, struct ether_header *);
1615 * If the interface is learning, and the source
1616 * address is valid and not multicast, record
1619 if ((bif->bif_flags & IFBIF_LEARNING) != 0 &&
1620 ETHER_IS_MULTICAST(eh->ether_shost) == 0 &&
1621 (eh->ether_shost[0] == 0 &&
1622 eh->ether_shost[1] == 0 &&
1623 eh->ether_shost[2] == 0 &&
1624 eh->ether_shost[3] == 0 &&
1625 eh->ether_shost[4] == 0 &&
1626 eh->ether_shost[5] == 0) == 0) {
1627 bridge_rtupdate(sc, eh->ether_shost, src_if, 0, IFBAF_DYNAMIC);
1630 if ((bif->bif_flags & IFBIF_STP) != 0 &&
1631 bif->bif_state == BSTP_IFSTATE_LEARNING) {
1637 * At this point, the port either doesn't participate
1638 * in spanning tree or it is in the forwarding state.
1642 * If the packet is unicast, destined for someone on
1643 * "this" side of the bridge, drop it.
1645 if ((m->m_flags & (M_BCAST|M_MCAST)) == 0) {
1646 dst_if = bridge_rtlookup(sc, eh->ether_dhost);
1647 if (src_if == dst_if) {
1652 /* ...forward it to all interfaces. */
1653 sc->sc_ifp->if_imcasts++;
1657 if (dst_if == NULL) {
1658 bridge_broadcast(sc, src_if, m, 1);
1663 * At this point, we're dealing with a unicast frame
1664 * going to a different interface.
1666 if ((dst_if->if_flags & IFF_RUNNING) == 0) {
1670 bif = bridge_lookup_member_if(sc, dst_if);
1672 /* Not a member of the bridge (anymore?) */
1677 if (bif->bif_flags & IFBIF_STP) {
1678 switch (bif->bif_state) {
1679 case BSTP_IFSTATE_DISABLED:
1680 case BSTP_IFSTATE_BLOCKING:
1686 lwkt_serialize_exit(ifp->if_serializer);
1688 /* run the packet filter */
1689 if (inet_pfil_hook.ph_hashooks > 0
1691 || inet6_pfil_hook.ph_hashooks > 0
1694 if (bridge_pfil(&m, ifp, src_if, PFIL_IN) != 0)
1699 if (bridge_pfil(&m, ifp, dst_if, PFIL_OUT) != 0)
1704 bridge_handoff(dst_if, m);
1707 * ifp's serializer was held on entry and is expected to be held
1711 lwkt_serialize_enter(ifp->if_serializer);
1717 * Receive input from a member interface. Queue the packet for
1718 * bridging if it is not for us.
1720 static struct mbuf *
1721 bridge_input(struct ifnet *ifp, struct mbuf *m)
1723 struct bridge_softc *sc = ifp->if_bridge;
1724 struct bridge_iflist *bif;
1725 struct ifnet *bifp, *new_ifp;
1726 struct ether_header *eh;
1727 struct mbuf *mc, *mc2;
1730 * Make sure that we are still a member of a bridge interface.
1738 lwkt_serialize_enter(bifp->if_serializer);
1740 if ((bifp->if_flags & IFF_RUNNING) == 0)
1744 * Implement support for bridge monitoring. If this flag has been
1745 * set on this interface, discard the packet once we push it through
1746 * the bpf(4) machinery, but before we do, increment the byte and
1747 * packet counters associated with this interface.
1749 if ((bifp->if_flags & IFF_MONITOR) != 0) {
1750 m->m_pkthdr.rcvif = bifp;
1752 bifp->if_ipackets++;
1753 bifp->if_ibytes += m->m_pkthdr.len;
1759 eh = mtod(m, struct ether_header *);
1761 m->m_flags &= ~M_PROTO1; /* XXX Hack - loop prevention */
1763 if (memcmp(eh->ether_dhost, IF_LLADDR(bifp), ETHER_ADDR_LEN) == 0) {
1765 * If the packet is for us, set the packets source as the
1766 * bridge, and return the packet back to ifnet.if_input for
1769 KASSERT(bifp->if_bridge == NULL,
1770 ("loop created in bridge_input"));
1776 * Tap all packets arriving on the bridge, no matter if
1777 * they are local destinations or not. In is in.
1781 bif = bridge_lookup_member_if(sc, ifp);
1787 if (m->m_flags & (M_BCAST | M_MCAST)) {
1788 /* Tap off 802.1D packets; they do not get forwarded. */
1789 if (memcmp(eh->ether_dhost, bstp_etheraddr,
1790 ETHER_ADDR_LEN) == 0) {
1791 m = bstp_input(sc, bif, m);
1793 ("attempt to deliver 802.1D packet\n"));
1797 if (bif->bif_flags & IFBIF_STP) {
1798 switch (bif->bif_state) {
1799 case BSTP_IFSTATE_BLOCKING:
1800 case BSTP_IFSTATE_LISTENING:
1801 case BSTP_IFSTATE_DISABLED:
1807 * Make a deep copy of the packet and enqueue the copy
1808 * for bridge processing; return the original packet for
1811 mc = m_dup(m, MB_DONTWAIT);
1815 bridge_forward(sc, mc);
1818 * Reinject the mbuf as arriving on the bridge so we have a
1819 * chance at claiming multicast packets. We can not loop back
1820 * here from ether_input as a bridge is never a member of a
1823 KASSERT(bifp->if_bridge == NULL,
1824 ("loop created in bridge_input"));
1825 mc2 = m_dup(m, MB_DONTWAIT);
1828 /* Keep the layer3 header aligned */
1829 int i = min(mc2->m_pkthdr.len, max_protohdr);
1830 mc2 = m_copyup(mc2, i, ETHER_ALIGN);
1834 mc2->m_pkthdr.rcvif = bifp;
1835 bifp->if_ipackets++;
1836 bifp->if_input(bifp, mc2);
1839 /* Return the original packet for local processing. */
1843 if (bif->bif_flags & IFBIF_STP) {
1844 switch (bif->bif_state) {
1845 case BSTP_IFSTATE_BLOCKING:
1846 case BSTP_IFSTATE_LISTENING:
1847 case BSTP_IFSTATE_DISABLED:
1853 * Unicast. Make sure it's not for us.
1855 LIST_FOREACH(bif, &sc->sc_iflist, bif_next) {
1856 if (bif->bif_ifp->if_type != IFT_ETHER)
1859 /* It is destined for us. */
1860 if (memcmp(IF_LLADDR(bif->bif_ifp), eh->ether_dhost,
1861 ETHER_ADDR_LEN) == 0) {
1862 if (bif->bif_flags & IFBIF_LEARNING) {
1864 eh->ether_shost, ifp, 0, IFBAF_DYNAMIC);
1867 if (bif->bif_ifp != ifp) {
1868 /* XXX loop prevention */
1869 m->m_flags |= M_PROTO1;
1870 new_ifp = bif->bif_ifp;
1875 /* We just received a packet that we sent out. */
1876 if (memcmp(IF_LLADDR(bif->bif_ifp), eh->ether_shost,
1877 ETHER_ADDR_LEN) == 0) {
1884 /* Perform the bridge forwarding function. */
1885 bridge_forward(sc, m);
1888 lwkt_serialize_exit(bifp->if_serializer);
1890 if (new_ifp != NULL) {
1891 lwkt_serialize_enter(new_ifp->if_serializer);
1893 m->m_pkthdr.rcvif = new_ifp;
1894 new_ifp->if_ipackets++;
1895 new_ifp->if_input(new_ifp, m);
1898 lwkt_serialize_exit(new_ifp->if_serializer);
1906 * Send a frame to all interfaces that are members of
1907 * the bridge, except for the one on which the packet
1911 bridge_broadcast(struct bridge_softc *sc, struct ifnet *src_if,
1912 struct mbuf *m, int runfilt)
1914 struct bridge_iflist *bif;
1916 struct ifnet *dst_if, *bifp;
1921 ASSERT_SERIALIZED(bifp->if_serializer);
1923 /* run the packet filter */
1924 if (runfilt && (inet_pfil_hook.ph_hashooks > 0
1926 || inet6_pfil_hook.ph_hashooks > 0
1929 lwkt_serialize_exit(bifp->if_serializer);
1931 /* Filter on the bridge interface before broadcasting */
1933 if (bridge_pfil(&m, bifp, src_if, PFIL_IN) != 0)
1938 if (bridge_pfil(&m, bifp, NULL, PFIL_OUT) != 0)
1941 lwkt_serialize_enter(bifp->if_serializer);
1946 LIST_FOREACH(bif, &sc->sc_iflist, bif_next) {
1947 dst_if = bif->bif_ifp;
1948 if (dst_if == src_if)
1951 if (bif->bif_flags & IFBIF_STP) {
1952 switch (bif->bif_state) {
1953 case BSTP_IFSTATE_BLOCKING:
1954 case BSTP_IFSTATE_DISABLED:
1959 if ((bif->bif_flags & IFBIF_DISCOVER) == 0 &&
1960 (m->m_flags & (M_BCAST|M_MCAST)) == 0)
1963 if ((dst_if->if_flags & IFF_RUNNING) == 0)
1966 if (LIST_NEXT(bif, bif_next) == NULL) {
1970 mc = m_copypacket(m, MB_DONTWAIT);
1972 sc->sc_ifp->if_oerrors++;
1976 bridge_pfil_enqueue(dst_if, mc, runfilt);
1985 * Duplicate a packet out one or more interfaces that are in span mode,
1986 * the original mbuf is unmodified.
1989 bridge_span(struct bridge_softc *sc, struct mbuf *m)
1991 struct bridge_iflist *bif;
1992 struct ifnet *dst_if;
1995 if (LIST_EMPTY(&sc->sc_spanlist))
1998 LIST_FOREACH(bif, &sc->sc_spanlist, bif_next) {
1999 dst_if = bif->bif_ifp;
2001 if ((dst_if->if_flags & IFF_RUNNING) == 0)
2004 mc = m_copypacket(m, MB_DONTWAIT);
2006 sc->sc_ifp->if_oerrors++;
2010 bridge_enqueue(dst_if, mc);
2017 * Add a bridge routing entry.
2018 * Can be called from interrupt context.
2021 bridge_rtupdate(struct bridge_softc *sc, const uint8_t *dst,
2022 struct ifnet *dst_if, int setflags, uint8_t flags)
2024 struct bridge_rtnode *brt;
2028 * A route for this destination might already exist. If so,
2029 * update it, otherwise create a new one.
2031 if ((brt = bridge_rtnode_lookup(sc, dst)) == NULL) {
2032 if (sc->sc_brtcnt >= sc->sc_brtmax)
2036 * Allocate a new bridge forwarding node, and
2037 * initialize the expiration time and Ethernet
2040 brt = kmalloc(sizeof(struct bridge_rtnode), M_DEVBUF,
2041 M_INTNOWAIT|M_ZERO);
2045 brt->brt_flags = IFBAF_DYNAMIC;
2046 memcpy(brt->brt_addr, dst, ETHER_ADDR_LEN);
2048 if ((error = bridge_rtnode_insert(sc, brt)) != 0) {
2049 kfree(brt, M_DEVBUF);
2054 if ((brt->brt_flags & IFBAF_TYPEMASK) == IFBAF_DYNAMIC)
2055 brt->brt_ifp = dst_if;
2056 if ((flags & IFBAF_TYPEMASK) == IFBAF_DYNAMIC)
2057 brt->brt_expire = time_second + sc->sc_brttimeout;
2059 brt->brt_flags = flags;
2067 * Lookup the destination interface for an address.
2069 static struct ifnet *
2070 bridge_rtlookup(struct bridge_softc *sc, const uint8_t *addr)
2072 struct bridge_rtnode *brt;
2074 if ((brt = bridge_rtnode_lookup(sc, addr)) == NULL)
2077 return (brt->brt_ifp);
2083 * Trim the routine table so that we have a number
2084 * of routing entries less than or equal to the
2088 bridge_rttrim(struct bridge_softc *sc)
2090 struct bridge_rtnode *brt, *nbrt;
2092 /* Make sure we actually need to do this. */
2093 if (sc->sc_brtcnt <= sc->sc_brtmax)
2096 /* Force an aging cycle; this might trim enough addresses. */
2098 if (sc->sc_brtcnt <= sc->sc_brtmax)
2101 for (brt = LIST_FIRST(&sc->sc_rtlist); brt != NULL; brt = nbrt) {
2102 nbrt = LIST_NEXT(brt, brt_list);
2103 if ((brt->brt_flags & IFBAF_TYPEMASK) == IFBAF_DYNAMIC) {
2104 bridge_rtnode_destroy(sc, brt);
2105 if (sc->sc_brtcnt <= sc->sc_brtmax)
2114 * Aging timer for the bridge.
2117 bridge_timer(void *arg)
2119 struct bridge_softc *sc = arg;
2121 lwkt_serialize_enter(sc->sc_ifp->if_serializer);
2125 if (sc->sc_ifp->if_flags & IFF_RUNNING)
2126 callout_reset(&sc->sc_brcallout,
2127 bridge_rtable_prune_period * hz, bridge_timer, sc);
2129 lwkt_serialize_exit(sc->sc_ifp->if_serializer);
2135 * Perform an aging cycle.
2138 bridge_rtage(struct bridge_softc *sc)
2140 struct bridge_rtnode *brt, *nbrt;
2142 for (brt = LIST_FIRST(&sc->sc_rtlist); brt != NULL; brt = nbrt) {
2143 nbrt = LIST_NEXT(brt, brt_list);
2144 if ((brt->brt_flags & IFBAF_TYPEMASK) == IFBAF_DYNAMIC) {
2145 if (time_second >= brt->brt_expire)
2146 bridge_rtnode_destroy(sc, brt);
2154 * Remove all dynamic addresses from the bridge.
2157 bridge_rtflush(struct bridge_softc *sc, int full)
2159 struct bridge_rtnode *brt, *nbrt;
2161 for (brt = LIST_FIRST(&sc->sc_rtlist); brt != NULL; brt = nbrt) {
2162 nbrt = LIST_NEXT(brt, brt_list);
2163 if (full || (brt->brt_flags & IFBAF_TYPEMASK) == IFBAF_DYNAMIC)
2164 bridge_rtnode_destroy(sc, brt);
2171 * Remove an address from the table.
2174 bridge_rtdaddr(struct bridge_softc *sc, const uint8_t *addr)
2176 struct bridge_rtnode *brt;
2178 if ((brt = bridge_rtnode_lookup(sc, addr)) == NULL)
2181 bridge_rtnode_destroy(sc, brt);
2188 * Delete routes to a speicifc member interface.
2191 bridge_rtdelete(struct bridge_softc *sc, struct ifnet *ifp, int full)
2193 struct bridge_rtnode *brt, *nbrt;
2195 for (brt = LIST_FIRST(&sc->sc_rtlist); brt != NULL; brt = nbrt) {
2196 nbrt = LIST_NEXT(brt, brt_list);
2197 if (brt->brt_ifp == ifp && (full ||
2198 (brt->brt_flags & IFBAF_TYPEMASK) == IFBAF_DYNAMIC))
2199 bridge_rtnode_destroy(sc, brt);
2204 * bridge_rtable_init:
2206 * Initialize the route table for this bridge.
2209 bridge_rtable_init(struct bridge_softc *sc)
2213 sc->sc_rthash = kmalloc(sizeof(*sc->sc_rthash) * BRIDGE_RTHASH_SIZE,
2214 M_DEVBUF, M_WAITOK);
2216 for (i = 0; i < BRIDGE_RTHASH_SIZE; i++)
2217 LIST_INIT(&sc->sc_rthash[i]);
2219 sc->sc_rthash_key = karc4random();
2221 LIST_INIT(&sc->sc_rtlist);
2227 * bridge_rtable_fini:
2229 * Deconstruct the route table for this bridge.
2232 bridge_rtable_fini(struct bridge_softc *sc)
2235 kfree(sc->sc_rthash, M_DEVBUF);
2239 * The following hash function is adapted from "Hash Functions" by Bob Jenkins
2240 * ("Algorithm Alley", Dr. Dobbs Journal, September 1997).
2242 #define mix(a, b, c) \
2244 a -= b; a -= c; a ^= (c >> 13); \
2245 b -= c; b -= a; b ^= (a << 8); \
2246 c -= a; c -= b; c ^= (b >> 13); \
2247 a -= b; a -= c; a ^= (c >> 12); \
2248 b -= c; b -= a; b ^= (a << 16); \
2249 c -= a; c -= b; c ^= (b >> 5); \
2250 a -= b; a -= c; a ^= (c >> 3); \
2251 b -= c; b -= a; b ^= (a << 10); \
2252 c -= a; c -= b; c ^= (b >> 15); \
2253 } while (/*CONSTCOND*/0)
2255 static __inline uint32_t
2256 bridge_rthash(struct bridge_softc *sc, const uint8_t *addr)
2258 uint32_t a = 0x9e3779b9, b = 0x9e3779b9, c = sc->sc_rthash_key;
2269 return (c & BRIDGE_RTHASH_MASK);
2275 bridge_rtnode_addr_cmp(const uint8_t *a, const uint8_t *b)
2279 for (i = 0, d = 0; i < ETHER_ADDR_LEN && d == 0; i++) {
2280 d = ((int)a[i]) - ((int)b[i]);
2287 * bridge_rtnode_lookup:
2289 * Look up a bridge route node for the specified destination.
2291 static struct bridge_rtnode *
2292 bridge_rtnode_lookup(struct bridge_softc *sc, const uint8_t *addr)
2294 struct bridge_rtnode *brt;
2298 hash = bridge_rthash(sc, addr);
2299 LIST_FOREACH(brt, &sc->sc_rthash[hash], brt_hash) {
2300 dir = bridge_rtnode_addr_cmp(addr, brt->brt_addr);
2311 * bridge_rtnode_insert:
2313 * Insert the specified bridge node into the route table. We
2314 * assume the entry is not already in the table.
2317 bridge_rtnode_insert(struct bridge_softc *sc, struct bridge_rtnode *brt)
2319 struct bridge_rtnode *lbrt;
2323 hash = bridge_rthash(sc, brt->brt_addr);
2325 lbrt = LIST_FIRST(&sc->sc_rthash[hash]);
2327 LIST_INSERT_HEAD(&sc->sc_rthash[hash], brt, brt_hash);
2332 dir = bridge_rtnode_addr_cmp(brt->brt_addr, lbrt->brt_addr);
2336 LIST_INSERT_BEFORE(lbrt, brt, brt_hash);
2339 if (LIST_NEXT(lbrt, brt_hash) == NULL) {
2340 LIST_INSERT_AFTER(lbrt, brt, brt_hash);
2343 lbrt = LIST_NEXT(lbrt, brt_hash);
2344 } while (lbrt != NULL);
2347 panic("bridge_rtnode_insert: impossible");
2351 LIST_INSERT_HEAD(&sc->sc_rtlist, brt, brt_list);
2358 * bridge_rtnode_destroy:
2360 * Destroy a bridge rtnode.
2363 bridge_rtnode_destroy(struct bridge_softc *sc, struct bridge_rtnode *brt)
2366 LIST_REMOVE(brt, brt_hash);
2368 LIST_REMOVE(brt, brt_list);
2370 kfree(brt, M_DEVBUF);
2374 * Send bridge packets through pfil if they are one of the types pfil can deal
2375 * with, or if they are ARP or REVARP. (pfil will pass ARP and REVARP without
2376 * question.) If *bifp or *ifp are NULL then packet filtering is skipped for
2380 bridge_pfil(struct mbuf **mp, struct ifnet *bifp, struct ifnet *ifp, int dir)
2382 int snap, error, i, hlen;
2383 struct ether_header *eh1, eh2;
2386 u_int16_t ether_type;
2389 error = -1; /* Default error if not error == 0 */
2391 if (pfil_bridge == 0 && pfil_member == 0)
2392 return (0); /* filtering is disabled */
2394 i = min((*mp)->m_pkthdr.len, max_protohdr);
2395 if ((*mp)->m_len < i) {
2396 *mp = m_pullup(*mp, i);
2398 kprintf("%s: m_pullup failed\n", __func__);
2403 eh1 = mtod(*mp, struct ether_header *);
2404 ether_type = ntohs(eh1->ether_type);
2407 * Check for SNAP/LLC.
2409 if (ether_type < ETHERMTU) {
2410 struct llc *llc2 = (struct llc *)(eh1 + 1);
2412 if ((*mp)->m_len >= ETHER_HDR_LEN + 8 &&
2413 llc2->llc_dsap == LLC_SNAP_LSAP &&
2414 llc2->llc_ssap == LLC_SNAP_LSAP &&
2415 llc2->llc_control == LLC_UI) {
2416 ether_type = htons(llc2->llc_un.type_snap.ether_type);
2422 * If we're trying to filter bridge traffic, don't look at anything
2423 * other than IP and ARP traffic. If the filter doesn't understand
2424 * IPv6, don't allow IPv6 through the bridge either. This is lame
2425 * since if we really wanted, say, an AppleTalk filter, we are hosed,
2426 * but of course we don't have an AppleTalk filter to begin with.
2427 * (Note that since pfil doesn't understand ARP it will pass *ALL*
2430 switch (ether_type) {
2432 case ETHERTYPE_REVARP:
2433 return (0); /* Automatically pass */
2436 case ETHERTYPE_IPV6:
2441 * Check to see if the user wants to pass non-ip
2442 * packets, these will not be checked by pfil(9) and
2443 * passed unconditionally so the default is to drop.
2449 /* Strip off the Ethernet header and keep a copy. */
2450 m_copydata(*mp, 0, ETHER_HDR_LEN, (caddr_t) &eh2);
2451 m_adj(*mp, ETHER_HDR_LEN);
2453 /* Strip off snap header, if present */
2455 m_copydata(*mp, 0, sizeof(struct llc), (caddr_t) &llc1);
2456 m_adj(*mp, sizeof(struct llc));
2460 * Check the IP header for alignment and errors
2462 if (dir == PFIL_IN) {
2463 switch (ether_type) {
2465 error = bridge_ip_checkbasic(mp);
2468 case ETHERTYPE_IPV6:
2469 error = bridge_ip6_checkbasic(mp);
2482 * Run the packet through pfil
2488 * before calling the firewall, swap fields the same as
2489 * IP does. here we assume the header is contiguous
2491 ip = mtod(*mp, struct ip *);
2493 ip->ip_len = ntohs(ip->ip_len);
2494 ip->ip_off = ntohs(ip->ip_off);
2497 * Run pfil on the member interface and the bridge, both can
2498 * be skipped by clearing pfil_member or pfil_bridge.
2501 * in_if -> bridge_if -> out_if
2503 if (pfil_bridge && dir == PFIL_OUT && bifp != NULL)
2504 error = pfil_run_hooks(&inet_pfil_hook, mp, bifp,
2507 if (*mp == NULL || error != 0) /* filter may consume */
2510 if (pfil_member && ifp != NULL)
2511 error = pfil_run_hooks(&inet_pfil_hook, mp, ifp,
2514 if (*mp == NULL || error != 0) /* filter may consume */
2517 if (pfil_bridge && dir == PFIL_IN && bifp != NULL)
2518 error = pfil_run_hooks(&inet_pfil_hook, mp, bifp,
2521 if (*mp == NULL || error != 0) /* filter may consume */
2524 /* check if we need to fragment the packet */
2525 if (pfil_member && ifp != NULL && dir == PFIL_OUT) {
2526 i = (*mp)->m_pkthdr.len;
2527 if (i > ifp->if_mtu) {
2528 error = bridge_fragment(ifp, *mp, &eh2, snap,
2534 /* Recalculate the ip checksum and restore byte ordering */
2535 ip = mtod(*mp, struct ip *);
2536 hlen = ip->ip_hl << 2;
2537 if (hlen < sizeof(struct ip))
2539 if (hlen > (*mp)->m_len) {
2540 if ((*mp = m_pullup(*mp, hlen)) == 0)
2542 ip = mtod(*mp, struct ip *);
2546 ip->ip_len = htons(ip->ip_len);
2547 ip->ip_off = htons(ip->ip_off);
2549 if (hlen == sizeof(struct ip))
2550 ip->ip_sum = in_cksum_hdr(ip);
2552 ip->ip_sum = in_cksum(*mp, hlen);
2556 case ETHERTYPE_IPV6 :
2557 if (pfil_bridge && dir == PFIL_OUT && bifp != NULL)
2558 error = pfil_run_hooks(&inet6_pfil_hook, mp, bifp,
2561 if (*mp == NULL || error != 0) /* filter may consume */
2564 if (pfil_member && ifp != NULL)
2565 error = pfil_run_hooks(&inet6_pfil_hook, mp, ifp,
2568 if (*mp == NULL || error != 0) /* filter may consume */
2571 if (pfil_bridge && dir == PFIL_IN && bifp != NULL)
2572 error = pfil_run_hooks(&inet6_pfil_hook, mp, bifp,
2589 * Finally, put everything back the way it was and return
2592 M_PREPEND(*mp, sizeof(struct llc), MB_DONTWAIT);
2595 bcopy(&llc1, mtod(*mp, caddr_t), sizeof(struct llc));
2598 M_PREPEND(*mp, ETHER_HDR_LEN, MB_DONTWAIT);
2601 bcopy(&eh2, mtod(*mp, caddr_t), ETHER_HDR_LEN);
2612 * Perform basic checks on header size since
2613 * pfil assumes ip_input has already processed
2614 * it for it. Cut-and-pasted from ip_input.c.
2615 * Given how simple the IPv6 version is,
2616 * does the IPv4 version really need to be
2619 * XXX Should we update ipstat here, or not?
2620 * XXX Right now we update ipstat but not
2624 bridge_ip_checkbasic(struct mbuf **mp)
2626 struct mbuf *m = *mp;
2634 if (IP_HDR_ALIGNED_P(mtod(m, caddr_t)) == 0) {
2635 if ((m = m_copyup(m, sizeof(struct ip),
2636 (max_linkhdr + 3) & ~3)) == NULL) {
2637 /* XXXJRT new stat, please */
2638 ipstat.ips_toosmall++;
2643 #ifndef __predict_false
2644 #define __predict_false(x) x
2646 if (__predict_false(m->m_len < sizeof (struct ip))) {
2647 if ((m = m_pullup(m, sizeof (struct ip))) == NULL) {
2648 ipstat.ips_toosmall++;
2652 ip = mtod(m, struct ip *);
2653 if (ip == NULL) goto bad;
2655 if (ip->ip_v != IPVERSION) {
2656 ipstat.ips_badvers++;
2659 hlen = ip->ip_hl << 2;
2660 if (hlen < sizeof(struct ip)) { /* minimum header length */
2661 ipstat.ips_badhlen++;
2664 if (hlen > m->m_len) {
2665 if ((m = m_pullup(m, hlen)) == 0) {
2666 ipstat.ips_badhlen++;
2669 ip = mtod(m, struct ip *);
2670 if (ip == NULL) goto bad;
2673 if (m->m_pkthdr.csum_flags & CSUM_IP_CHECKED) {
2674 sum = !(m->m_pkthdr.csum_flags & CSUM_IP_VALID);
2676 if (hlen == sizeof(struct ip)) {
2677 sum = in_cksum_hdr(ip);
2679 sum = in_cksum(m, hlen);
2683 ipstat.ips_badsum++;
2687 /* Retrieve the packet length. */
2688 len = ntohs(ip->ip_len);
2691 * Check for additional length bogosity
2694 ipstat.ips_badlen++;
2699 * Check that the amount of data in the buffers
2700 * is as at least much as the IP header would have us expect.
2701 * Drop packet if shorter than we expect.
2703 if (m->m_pkthdr.len < len) {
2704 ipstat.ips_tooshort++;
2708 /* Checks out, proceed */
2719 * Same as above, but for IPv6.
2720 * Cut-and-pasted from ip6_input.c.
2721 * XXX Should we update ip6stat, or not?
2724 bridge_ip6_checkbasic(struct mbuf **mp)
2726 struct mbuf *m = *mp;
2727 struct ip6_hdr *ip6;
2730 * If the IPv6 header is not aligned, slurp it up into a new
2731 * mbuf with space for link headers, in the event we forward
2732 * it. Otherwise, if it is aligned, make sure the entire base
2733 * IPv6 header is in the first mbuf of the chain.
2736 if (IP6_HDR_ALIGNED_P(mtod(m, caddr_t)) == 0) {
2737 struct ifnet *inifp = m->m_pkthdr.rcvif;
2738 if ((m = m_copyup(m, sizeof(struct ip6_hdr),
2739 (max_linkhdr + 3) & ~3)) == NULL) {
2740 /* XXXJRT new stat, please */
2741 ip6stat.ip6s_toosmall++;
2742 in6_ifstat_inc(inifp, ifs6_in_hdrerr);
2747 if (__predict_false(m->m_len < sizeof(struct ip6_hdr))) {
2748 struct ifnet *inifp = m->m_pkthdr.rcvif;
2749 if ((m = m_pullup(m, sizeof(struct ip6_hdr))) == NULL) {
2750 ip6stat.ip6s_toosmall++;
2751 in6_ifstat_inc(inifp, ifs6_in_hdrerr);
2756 ip6 = mtod(m, struct ip6_hdr *);
2758 if ((ip6->ip6_vfc & IPV6_VERSION_MASK) != IPV6_VERSION) {
2759 ip6stat.ip6s_badvers++;
2760 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_hdrerr);
2764 /* Checks out, proceed */
2777 * Return a fragmented mbuf chain.
2780 bridge_fragment(struct ifnet *ifp, struct mbuf *m, struct ether_header *eh,
2781 int snap, struct llc *llc)
2787 if (m->m_len < sizeof(struct ip) &&
2788 (m = m_pullup(m, sizeof(struct ip))) == NULL)
2790 ip = mtod(m, struct ip *);
2792 error = ip_fragment(ip, &m, ifp->if_mtu, ifp->if_hwassist,
2797 /* walk the chain and re-add the Ethernet header */
2798 for (m0 = m; m0; m0 = m0->m_nextpkt) {
2801 M_PREPEND(m0, sizeof(struct llc), MB_DONTWAIT);
2806 bcopy(llc, mtod(m0, caddr_t),
2807 sizeof(struct llc));
2809 M_PREPEND(m0, ETHER_HDR_LEN, MB_DONTWAIT);
2814 bcopy(eh, mtod(m0, caddr_t), ETHER_HDR_LEN);
2820 ipstat.ips_fragmented++;
2831 bridge_enqueue_handler(struct netmsg *nmsg)
2833 struct netmsg_packet *nmp;
2834 struct ifnet *dst_ifp;
2837 nmp = (struct netmsg_packet *)nmsg;
2839 dst_ifp = nmp->nm_netmsg.nm_lmsg.u.ms_resultp;
2841 bridge_handoff_notags(dst_ifp, m);
2845 bridge_pfil_enqueue_handler(struct netmsg *nmsg)
2847 struct netmsg_packet *nmp;
2848 struct ifnet *dst_ifp;
2851 nmp = (struct netmsg_packet *)nmsg;
2853 dst_ifp = nmp->nm_netmsg.nm_lmsg.u.ms_resultp;
2856 * Filter on the output interface. Pass a NULL bridge interface
2857 * pointer so we do not redundantly filter on the bridge for
2858 * each interface we broadcast on.
2860 if (inet_pfil_hook.ph_hashooks > 0
2862 || inet6_pfil_hook.ph_hashooks > 0
2865 if (bridge_pfil(&m, NULL, dst_ifp, PFIL_OUT) != 0)
2870 bridge_handoff_notags(dst_ifp, m);
2874 bridge_handoff(struct ifnet *dst_ifp, struct mbuf *m)
2876 while (m->m_type == MT_TAG) {
2877 /* XXX see ether_output_frame for full rules check */
2880 bridge_handoff_notags(dst_ifp, m);
2884 bridge_handoff_notags(struct ifnet *dst_ifp, struct mbuf *m)
2888 KKASSERT(m->m_type != MT_TAG);
2890 lwkt_serialize_enter(dst_ifp->if_serializer);
2892 /* We may be sending a fragment so traverse the mbuf */
2894 struct altq_pktattr pktattr;
2897 m->m_nextpkt = NULL;
2899 if (ifq_is_enabled(&dst_ifp->if_snd))
2900 altq_etherclassify(&dst_ifp->if_snd, m, &pktattr);
2902 ifq_handoff(dst_ifp, m, &pktattr);
2905 lwkt_serialize_exit(dst_ifp->if_serializer);
2908 struct netmsg_brgctl {
2909 struct netmsg bc_nmsg;
2910 bridge_ctl_t bc_func;
2911 struct bridge_softc *bc_sc;
2916 bridge_control_dispatch(struct netmsg *nmsg)
2918 struct netmsg_brgctl *bc_msg = (struct netmsg_brgctl *)nmsg;
2919 struct ifnet *bifp = bc_msg->bc_sc->sc_ifp;
2922 lwkt_serialize_enter(bifp->if_serializer);
2923 error = bc_msg->bc_func(bc_msg->bc_sc, bc_msg->bc_arg);
2924 lwkt_serialize_exit(bifp->if_serializer);
2926 lwkt_replymsg(&nmsg->nm_lmsg, error);
2930 bridge_control(struct bridge_softc *sc, bridge_ctl_t bc_func, void *bc_arg)
2932 struct ifnet *bifp = sc->sc_ifp;
2933 struct netmsg_brgctl bc_msg;
2934 struct netmsg *nmsg;
2937 ASSERT_SERIALIZED(bifp->if_serializer);
2939 bzero(&bc_msg, sizeof(bc_msg));
2940 nmsg = &bc_msg.bc_nmsg;
2942 netmsg_init(nmsg, &curthread->td_msgport, 0, bridge_control_dispatch);
2943 bc_msg.bc_func = bc_func;
2945 bc_msg.bc_arg = bc_arg;
2947 lwkt_serialize_exit(bifp->if_serializer);
2948 error = lwkt_domsg(cpu_portfn(0), &nmsg->nm_lmsg, 0);
2949 lwkt_serialize_enter(bifp->if_serializer);
projects / dragonfly.git / blob