2 * Copyright 2001 Wasabi Systems, Inc.
5 * Written by Jason R. Thorpe for Wasabi Systems, Inc.
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 * 3. All advertising materials mentioning features or use of this software
16 * must display the following acknowledgement:
17 * This product includes software developed for the NetBSD Project by
18 * Wasabi Systems, Inc.
19 * 4. The name of Wasabi Systems, Inc. may not be used to endorse
20 * or promote products derived from this software without specific prior
23 * THIS SOFTWARE IS PROVIDED BY WASABI SYSTEMS, INC. ``AS IS'' AND
24 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
25 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
26 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL WASABI SYSTEMS, INC
27 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
28 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
29 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
30 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
31 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
32 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
33 * POSSIBILITY OF SUCH DAMAGE.
37 * Copyright (c) 1999, 2000 Jason L. Wright (jason@thought.net)
38 * All rights reserved.
40 * Redistribution and use in source and binary forms, with or without
41 * modification, are permitted provided that the following conditions
43 * 1. Redistributions of source code must retain the above copyright
44 * notice, this list of conditions and the following disclaimer.
45 * 2. Redistributions in binary form must reproduce the above copyright
46 * notice, this list of conditions and the following disclaimer in the
47 * documentation and/or other materials provided with the distribution.
48 * 3. All advertising materials mentioning features or use of this software
49 * must display the following acknowledgement:
50 * This product includes software developed by Jason L. Wright
51 * 4. The name of the author may not be used to endorse or promote products
52 * derived from this software without specific prior written permission.
54 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
55 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
56 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
57 * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
58 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
59 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
60 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
61 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
62 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
63 * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
64 * POSSIBILITY OF SUCH DAMAGE.
66 * $OpenBSD: if_bridge.c,v 1.60 2001/06/15 03:38:33 itojun Exp $
67 * $NetBSD: if_bridge.c,v 1.31 2005/06/01 19:45:34 jdc Exp $
68 * $FreeBSD: src/sys/net/if_bridge.c,v 1.26 2005/10/13 23:05:55 thompsa Exp $
72 * Network interface bridge support.
76 * - Currently only supports Ethernet-like interfaces (Ethernet,
77 * 802.11, VLANs on Ethernet, etc.) Figure out a nice way
78 * to bridge other types of interfaces (FDDI-FDDI, and maybe
79 * consider heterogenous bridges).
82 * Bridge's route information is duplicated to each CPUs:
85 * +-----------+ +-----------+ +-----------+ +-----------+
86 * | rtnode | | rtnode | | rtnode | | rtnode |
88 * | dst eaddr | | dst eaddr | | dst eaddr | | dst eaddr |
89 * +-----------+ +-----------+ +-----------+ +-----------+
92 * | | +----------+ | |
96 * +-------------->| timeout |<-------------+
100 * We choose to put timeout and dst_ifp into shared part, so updating
101 * them will be cheaper than using message forwarding. Also there is
102 * not need to use spinlock to protect the updating: timeout and dst_ifp
103 * is not related and specific field's updating order has no importance.
104 * The cache pollution by the share part should not be heavy: in a stable
105 * setup, dst_ifp probably will be not changed in rtnode's life time,
106 * while timeout is refreshed once per second; most of the time, timeout
107 * and dst_ifp are read-only accessed.
110 * Bridge route information installation on bridge_input path:
112 * CPU0 CPU1 CPU2 CPU3
119 * ifnet0<-----------------------+
122 * rtnode exists?(Y)free nmsg :
153 * The netmsgs forwarded between protocol threads and ifnet threads are
154 * allocated with (M_WAITOK|M_NULLOK), so it will not fail under most
155 * cases (route information is too precious to be not installed :).
156 * Since multiple threads may try to install route information for the
157 * same dst eaddr, we look up route information in ifnet0. However, this
158 * looking up only need to be performed on ifnet0, which is the start
159 * point of the route information installation process.
162 * Bridge route information deleting/flushing:
164 * CPU0 CPU1 CPU2 CPU3
168 * find suitable rtnodes,
169 * mark their rtinfo dead
171 * | domsg <------------------------------------------+
174 * V fwdmsg fwdmsg fwdmsg |
175 * ifnet0 --------> ifnet1 --------> ifnet2 --------> ifnet3
176 * delete rtnodes delete rtnodes delete rtnodes delete rtnodes
177 * w/ dead rtinfo w/ dead rtinfo w/ dead rtinfo w/ dead rtinfo
180 * All deleting/flushing operations are serialized by netisr0, so each
181 * operation only reaps the route information marked dead by itself.
184 * Bridge route information adding/deleting/flushing:
185 * Since all operation is serialized by the fixed message flow between
186 * ifnet threads, it is not possible to create corrupted per-cpu route
191 * Percpu member interface list iteration with blocking operation:
192 * Since one bridge could only delete one member interface at a time and
193 * the deleted member interface is not freed after netmsg_service_sync(),
194 * following way is used to make sure that even if the certain member
195 * interface is ripped from the percpu list during the blocking operation,
196 * the iteration still could keep going:
198 * TAILQ_FOREACH_MUTABLE(bif, sc->sc_iflists[mycpuid], bif_next, nbif) {
199 * blocking operation;
200 * blocking operation;
203 * if (nbif != NULL && !nbif->bif_onlist) {
204 * KKASSERT(bif->bif_onlist);
205 * nbif = TAILQ_NEXT(bif, bif_next);
209 * As mentioned above only one member interface could be unlinked from the
210 * percpu member interface list, so either bif or nbif may be not on the list,
211 * but _not_ both. To keep the list iteration, we don't care about bif, but
212 * only nbif. Since removed member interface will only be freed after we
213 * finish our work, it is safe to access any field in an unlinked bif (here
214 * bif_onlist). If nbif is no longer on the list, then bif must be on the
215 * list, so we change nbif to the next element of bif and keep going.
218 #include "opt_inet.h"
219 #include "opt_inet6.h"
221 #include <sys/param.h>
222 #include <sys/mbuf.h>
223 #include <sys/malloc.h>
224 #include <sys/protosw.h>
225 #include <sys/systm.h>
226 #include <sys/time.h>
227 #include <sys/socket.h> /* for net/if.h */
228 #include <sys/sockio.h>
229 #include <sys/ctype.h> /* string functions */
230 #include <sys/kernel.h>
231 #include <sys/random.h>
232 #include <sys/sysctl.h>
233 #include <sys/module.h>
234 #include <sys/proc.h>
235 #include <sys/priv.h>
236 #include <sys/lock.h>
237 #include <sys/thread.h>
238 #include <sys/thread2.h>
239 #include <sys/mpipe.h>
243 #include <net/if_dl.h>
244 #include <net/if_types.h>
245 #include <net/if_var.h>
246 #include <net/pfil.h>
247 #include <net/ifq_var.h>
248 #include <net/if_clone.h>
250 #include <netinet/in.h> /* for struct arpcom */
251 #include <netinet/in_systm.h>
252 #include <netinet/in_var.h>
253 #include <netinet/ip.h>
254 #include <netinet/ip_var.h>
256 #include <netinet/ip6.h>
257 #include <netinet6/ip6_var.h>
259 #include <netinet/if_ether.h> /* for struct arpcom */
260 #include <net/bridge/if_bridgevar.h>
261 #include <net/if_llc.h>
262 #include <net/netmsg2.h>
264 #include <net/route.h>
265 #include <sys/in_cksum.h>
268 * Size of the route hash table. Must be a power of two.
270 #ifndef BRIDGE_RTHASH_SIZE
271 #define BRIDGE_RTHASH_SIZE 1024
274 #define BRIDGE_RTHASH_MASK (BRIDGE_RTHASH_SIZE - 1)
277 * Maximum number of addresses to cache.
279 #ifndef BRIDGE_RTABLE_MAX
280 #define BRIDGE_RTABLE_MAX 100
284 * Spanning tree defaults.
286 #define BSTP_DEFAULT_MAX_AGE (20 * 256)
287 #define BSTP_DEFAULT_HELLO_TIME (2 * 256)
288 #define BSTP_DEFAULT_FORWARD_DELAY (15 * 256)
289 #define BSTP_DEFAULT_HOLD_TIME (1 * 256)
290 #define BSTP_DEFAULT_BRIDGE_PRIORITY 0x8000
291 #define BSTP_DEFAULT_PORT_PRIORITY 0x80
292 #define BSTP_DEFAULT_PATH_COST 55
295 * Timeout (in seconds) for entries learned dynamically.
297 #ifndef BRIDGE_RTABLE_TIMEOUT
298 #define BRIDGE_RTABLE_TIMEOUT (20 * 60) /* same as ARP */
302 * Number of seconds between walks of the route list.
304 #ifndef BRIDGE_RTABLE_PRUNE_PERIOD
305 #define BRIDGE_RTABLE_PRUNE_PERIOD (5 * 60)
309 * List of capabilities to mask on the member interface.
311 #define BRIDGE_IFCAPS_MASK IFCAP_TXCSUM
313 typedef int (*bridge_ctl_t)(struct bridge_softc *, void *);
315 struct netmsg_brctl {
316 struct netmsg_base base;
317 bridge_ctl_t bc_func;
318 struct bridge_softc *bc_sc;
322 struct netmsg_brsaddr {
323 struct netmsg_base base;
324 struct bridge_softc *br_softc;
325 struct ifnet *br_dst_if;
326 struct bridge_rtinfo *br_rtinfo;
328 uint8_t br_dst[ETHER_ADDR_LEN];
332 struct netmsg_braddbif {
333 struct netmsg_base base;
334 struct bridge_softc *br_softc;
335 struct bridge_ifinfo *br_bif_info;
336 struct ifnet *br_bif_ifp;
339 struct netmsg_brdelbif {
340 struct netmsg_base base;
341 struct bridge_softc *br_softc;
342 struct bridge_ifinfo *br_bif_info;
343 struct bridge_iflist_head *br_bif_list;
346 struct netmsg_brsflags {
347 struct netmsg_base base;
348 struct bridge_softc *br_softc;
349 struct bridge_ifinfo *br_bif_info;
350 uint32_t br_bif_flags;
353 eventhandler_tag bridge_detach_cookie = NULL;
355 extern struct mbuf *(*bridge_input_p)(struct ifnet *, struct mbuf *);
356 extern int (*bridge_output_p)(struct ifnet *, struct mbuf *);
357 extern void (*bridge_dn_p)(struct mbuf *, struct ifnet *);
358 extern struct ifnet *(*bridge_interface_p)(void *if_bridge);
360 static int bridge_rtable_prune_period = BRIDGE_RTABLE_PRUNE_PERIOD;
362 static int bridge_clone_create(struct if_clone *, int, caddr_t);
363 static int bridge_clone_destroy(struct ifnet *);
365 static int bridge_ioctl(struct ifnet *, u_long, caddr_t, struct ucred *);
366 static void bridge_mutecaps(struct bridge_ifinfo *, struct ifnet *, int);
367 static void bridge_ifdetach(void *, struct ifnet *);
368 static void bridge_init(void *);
369 static int bridge_from_us(struct bridge_softc *, struct ether_header *);
370 static void bridge_stop(struct ifnet *);
371 static void bridge_start(struct ifnet *);
372 static struct mbuf *bridge_input(struct ifnet *, struct mbuf *);
373 static int bridge_output(struct ifnet *, struct mbuf *);
374 static struct ifnet *bridge_interface(void *if_bridge);
376 static void bridge_forward(struct bridge_softc *, struct mbuf *m);
378 static void bridge_timer_handler(netmsg_t);
379 static void bridge_timer(void *);
381 static void bridge_start_bcast(struct bridge_softc *, struct mbuf *);
382 static void bridge_broadcast(struct bridge_softc *, struct ifnet *,
384 static void bridge_span(struct bridge_softc *, struct mbuf *);
386 static int bridge_rtupdate(struct bridge_softc *, const uint8_t *,
387 struct ifnet *, uint8_t);
388 static struct ifnet *bridge_rtlookup(struct bridge_softc *, const uint8_t *);
389 static void bridge_rtreap(struct bridge_softc *);
390 static void bridge_rtreap_async(struct bridge_softc *);
391 static void bridge_rttrim(struct bridge_softc *);
392 static int bridge_rtage_finddead(struct bridge_softc *);
393 static void bridge_rtage(struct bridge_softc *);
394 static void bridge_rtflush(struct bridge_softc *, int);
395 static int bridge_rtdaddr(struct bridge_softc *, const uint8_t *);
396 static int bridge_rtsaddr(struct bridge_softc *, const uint8_t *,
397 struct ifnet *, uint8_t);
398 static void bridge_rtmsg_sync(struct bridge_softc *sc);
399 static void bridge_rtreap_handler(netmsg_t);
400 static void bridge_rtinstall_handler(netmsg_t);
401 static int bridge_rtinstall_oncpu(struct bridge_softc *, const uint8_t *,
402 struct ifnet *, int, uint8_t, struct bridge_rtinfo **);
404 static void bridge_rtable_init(struct bridge_softc *);
405 static void bridge_rtable_fini(struct bridge_softc *);
407 static int bridge_rtnode_addr_cmp(const uint8_t *, const uint8_t *);
408 static struct bridge_rtnode *bridge_rtnode_lookup(struct bridge_softc *,
410 static void bridge_rtnode_insert(struct bridge_softc *,
411 struct bridge_rtnode *);
412 static void bridge_rtnode_destroy(struct bridge_softc *,
413 struct bridge_rtnode *);
415 static struct bridge_iflist *bridge_lookup_member(struct bridge_softc *,
417 static struct bridge_iflist *bridge_lookup_member_if(struct bridge_softc *,
419 static struct bridge_iflist *bridge_lookup_member_ifinfo(struct bridge_softc *,
420 struct bridge_ifinfo *);
421 static void bridge_delete_member(struct bridge_softc *,
422 struct bridge_iflist *, int);
423 static void bridge_delete_span(struct bridge_softc *,
424 struct bridge_iflist *);
426 static int bridge_control(struct bridge_softc *, u_long,
427 bridge_ctl_t, void *);
428 static int bridge_ioctl_init(struct bridge_softc *, void *);
429 static int bridge_ioctl_stop(struct bridge_softc *, void *);
430 static int bridge_ioctl_add(struct bridge_softc *, void *);
431 static int bridge_ioctl_del(struct bridge_softc *, void *);
432 static void bridge_ioctl_fillflags(struct bridge_softc *sc,
433 struct bridge_iflist *bif, struct ifbreq *req);
434 static int bridge_ioctl_gifflags(struct bridge_softc *, void *);
435 static int bridge_ioctl_sifflags(struct bridge_softc *, void *);
436 static int bridge_ioctl_scache(struct bridge_softc *, void *);
437 static int bridge_ioctl_gcache(struct bridge_softc *, void *);
438 static int bridge_ioctl_gifs(struct bridge_softc *, void *);
439 static int bridge_ioctl_rts(struct bridge_softc *, void *);
440 static int bridge_ioctl_saddr(struct bridge_softc *, void *);
441 static int bridge_ioctl_sto(struct bridge_softc *, void *);
442 static int bridge_ioctl_gto(struct bridge_softc *, void *);
443 static int bridge_ioctl_daddr(struct bridge_softc *, void *);
444 static int bridge_ioctl_flush(struct bridge_softc *, void *);
445 static int bridge_ioctl_gpri(struct bridge_softc *, void *);
446 static int bridge_ioctl_spri(struct bridge_softc *, void *);
447 static int bridge_ioctl_ght(struct bridge_softc *, void *);
448 static int bridge_ioctl_sht(struct bridge_softc *, void *);
449 static int bridge_ioctl_gfd(struct bridge_softc *, void *);
450 static int bridge_ioctl_sfd(struct bridge_softc *, void *);
451 static int bridge_ioctl_gma(struct bridge_softc *, void *);
452 static int bridge_ioctl_sma(struct bridge_softc *, void *);
453 static int bridge_ioctl_sifprio(struct bridge_softc *, void *);
454 static int bridge_ioctl_sifcost(struct bridge_softc *, void *);
455 static int bridge_ioctl_addspan(struct bridge_softc *, void *);
456 static int bridge_ioctl_delspan(struct bridge_softc *, void *);
457 static int bridge_pfil(struct mbuf **, struct ifnet *, struct ifnet *,
459 static int bridge_ip_checkbasic(struct mbuf **mp);
461 static int bridge_ip6_checkbasic(struct mbuf **mp);
463 static int bridge_fragment(struct ifnet *, struct mbuf *,
464 struct ether_header *, int, struct llc *);
465 static void bridge_enqueue_handler(netmsg_t);
466 static void bridge_handoff(struct bridge_softc *, struct ifnet *,
469 static void bridge_del_bif_handler(netmsg_t);
470 static void bridge_add_bif_handler(netmsg_t);
471 static void bridge_del_bif(struct bridge_softc *, struct bridge_ifinfo *,
472 struct bridge_iflist_head *);
473 static void bridge_add_bif(struct bridge_softc *, struct bridge_ifinfo *,
476 SYSCTL_DECL(_net_link);
477 SYSCTL_NODE(_net_link, IFT_BRIDGE, bridge, CTLFLAG_RW, 0, "Bridge");
479 static int pfil_onlyip = 1; /* only pass IP[46] packets when pfil is enabled */
480 static int pfil_bridge = 1; /* run pfil hooks on the bridge interface */
481 static int pfil_member = 1; /* run pfil hooks on the member interface */
482 static int bridge_debug;
483 SYSCTL_INT(_net_link_bridge, OID_AUTO, pfil_onlyip, CTLFLAG_RW,
484 &pfil_onlyip, 0, "Only pass IP packets when pfil is enabled");
485 SYSCTL_INT(_net_link_bridge, OID_AUTO, pfil_bridge, CTLFLAG_RW,
486 &pfil_bridge, 0, "Packet filter on the bridge interface");
487 SYSCTL_INT(_net_link_bridge, OID_AUTO, pfil_member, CTLFLAG_RW,
488 &pfil_member, 0, "Packet filter on the member interface");
489 SYSCTL_INT(_net_link_bridge, OID_AUTO, debug, CTLFLAG_RW,
490 &bridge_debug, 0, "Bridge debug mode");
492 struct bridge_control_arg {
494 struct ifbreq ifbreq;
495 struct ifbifconf ifbifconf;
496 struct ifbareq ifbareq;
497 struct ifbaconf ifbaconf;
498 struct ifbrparam ifbrparam;
505 struct bridge_control {
506 bridge_ctl_t bc_func;
511 #define BC_F_COPYIN 0x01 /* copy arguments in */
512 #define BC_F_COPYOUT 0x02 /* copy arguments out */
513 #define BC_F_SUSER 0x04 /* do super-user check */
515 const struct bridge_control bridge_control_table[] = {
516 { bridge_ioctl_add, sizeof(struct ifbreq),
517 BC_F_COPYIN|BC_F_SUSER },
518 { bridge_ioctl_del, sizeof(struct ifbreq),
519 BC_F_COPYIN|BC_F_SUSER },
521 { bridge_ioctl_gifflags, sizeof(struct ifbreq),
522 BC_F_COPYIN|BC_F_COPYOUT },
523 { bridge_ioctl_sifflags, sizeof(struct ifbreq),
524 BC_F_COPYIN|BC_F_SUSER },
526 { bridge_ioctl_scache, sizeof(struct ifbrparam),
527 BC_F_COPYIN|BC_F_SUSER },
528 { bridge_ioctl_gcache, sizeof(struct ifbrparam),
531 { bridge_ioctl_gifs, sizeof(struct ifbifconf),
532 BC_F_COPYIN|BC_F_COPYOUT },
533 { bridge_ioctl_rts, sizeof(struct ifbaconf),
534 BC_F_COPYIN|BC_F_COPYOUT },
536 { bridge_ioctl_saddr, sizeof(struct ifbareq),
537 BC_F_COPYIN|BC_F_SUSER },
539 { bridge_ioctl_sto, sizeof(struct ifbrparam),
540 BC_F_COPYIN|BC_F_SUSER },
541 { bridge_ioctl_gto, sizeof(struct ifbrparam),
544 { bridge_ioctl_daddr, sizeof(struct ifbareq),
545 BC_F_COPYIN|BC_F_SUSER },
547 { bridge_ioctl_flush, sizeof(struct ifbreq),
548 BC_F_COPYIN|BC_F_SUSER },
550 { bridge_ioctl_gpri, sizeof(struct ifbrparam),
552 { bridge_ioctl_spri, sizeof(struct ifbrparam),
553 BC_F_COPYIN|BC_F_SUSER },
555 { bridge_ioctl_ght, sizeof(struct ifbrparam),
557 { bridge_ioctl_sht, sizeof(struct ifbrparam),
558 BC_F_COPYIN|BC_F_SUSER },
560 { bridge_ioctl_gfd, sizeof(struct ifbrparam),
562 { bridge_ioctl_sfd, sizeof(struct ifbrparam),
563 BC_F_COPYIN|BC_F_SUSER },
565 { bridge_ioctl_gma, sizeof(struct ifbrparam),
567 { bridge_ioctl_sma, sizeof(struct ifbrparam),
568 BC_F_COPYIN|BC_F_SUSER },
570 { bridge_ioctl_sifprio, sizeof(struct ifbreq),
571 BC_F_COPYIN|BC_F_SUSER },
573 { bridge_ioctl_sifcost, sizeof(struct ifbreq),
574 BC_F_COPYIN|BC_F_SUSER },
576 { bridge_ioctl_addspan, sizeof(struct ifbreq),
577 BC_F_COPYIN|BC_F_SUSER },
578 { bridge_ioctl_delspan, sizeof(struct ifbreq),
579 BC_F_COPYIN|BC_F_SUSER },
581 static const int bridge_control_table_size = NELEM(bridge_control_table);
583 LIST_HEAD(, bridge_softc) bridge_list;
585 struct if_clone bridge_cloner = IF_CLONE_INITIALIZER("bridge",
587 bridge_clone_destroy, 0, IF_MAXUNIT);
590 bridge_modevent(module_t mod, int type, void *data)
594 LIST_INIT(&bridge_list);
595 if_clone_attach(&bridge_cloner);
596 bridge_input_p = bridge_input;
597 bridge_output_p = bridge_output;
598 bridge_interface_p = bridge_interface;
599 bridge_detach_cookie = EVENTHANDLER_REGISTER(
600 ifnet_detach_event, bridge_ifdetach, NULL,
601 EVENTHANDLER_PRI_ANY);
603 bstp_linkstate_p = bstp_linkstate;
607 if (!LIST_EMPTY(&bridge_list))
609 EVENTHANDLER_DEREGISTER(ifnet_detach_event,
610 bridge_detach_cookie);
611 if_clone_detach(&bridge_cloner);
612 bridge_input_p = NULL;
613 bridge_output_p = NULL;
614 bridge_interface_p = NULL;
616 bstp_linkstate_p = NULL;
625 static moduledata_t bridge_mod = {
631 DECLARE_MODULE(if_bridge, bridge_mod, SI_SUB_PSEUDO, SI_ORDER_ANY);
635 * bridge_clone_create:
637 * Create a new bridge instance.
640 bridge_clone_create(struct if_clone *ifc, int unit, caddr_t param __unused)
642 struct bridge_softc *sc;
647 sc = kmalloc(sizeof(*sc), M_DEVBUF, M_WAITOK | M_ZERO);
648 ifp = sc->sc_ifp = &sc->sc_if;
650 sc->sc_brtmax = BRIDGE_RTABLE_MAX;
651 sc->sc_brttimeout = BRIDGE_RTABLE_TIMEOUT;
652 sc->sc_bridge_max_age = BSTP_DEFAULT_MAX_AGE;
653 sc->sc_bridge_hello_time = BSTP_DEFAULT_HELLO_TIME;
654 sc->sc_bridge_forward_delay = BSTP_DEFAULT_FORWARD_DELAY;
655 sc->sc_bridge_priority = BSTP_DEFAULT_BRIDGE_PRIORITY;
656 sc->sc_hold_time = BSTP_DEFAULT_HOLD_TIME;
658 /* Initialize our routing table. */
659 bridge_rtable_init(sc);
661 callout_init(&sc->sc_brcallout);
662 netmsg_init(&sc->sc_brtimemsg, NULL, &netisr_adone_rport,
663 MSGF_DROPABLE, bridge_timer_handler);
664 sc->sc_brtimemsg.lmsg.u.ms_resultp = sc;
666 callout_init(&sc->sc_bstpcallout);
667 netmsg_init(&sc->sc_bstptimemsg, NULL, &netisr_adone_rport,
668 MSGF_DROPABLE, bstp_tick_handler);
669 sc->sc_bstptimemsg.lmsg.u.ms_resultp = sc;
671 /* Initialize per-cpu member iface lists */
672 sc->sc_iflists = kmalloc(sizeof(*sc->sc_iflists) * ncpus,
674 for (cpu = 0; cpu < ncpus; ++cpu)
675 TAILQ_INIT(&sc->sc_iflists[cpu]);
677 TAILQ_INIT(&sc->sc_spanlist);
680 if_initname(ifp, ifc->ifc_name, unit);
681 ifp->if_mtu = ETHERMTU;
682 ifp->if_flags = IFF_BROADCAST | IFF_MULTICAST;
683 ifp->if_ioctl = bridge_ioctl;
684 ifp->if_start = bridge_start;
685 ifp->if_init = bridge_init;
686 ifp->if_type = IFT_ETHER;
687 ifq_set_maxlen(&ifp->if_snd, ifqmaxlen);
688 ifq_set_ready(&ifp->if_snd);
689 ifp->if_hdrlen = ETHER_HDR_LEN;
692 * Generate a random ethernet address and use the private AC:DE:48
696 bcopy(&rnd, &eaddr[0], 4); /* ETHER_ADDR_LEN == 6 */
698 bcopy(&rnd, &eaddr[2], 4); /* ETHER_ADDR_LEN == 6 */
700 eaddr[0] &= ~1; /* clear multicast bit */
701 eaddr[0] |= 2; /* set the LAA bit */
703 ether_ifattach(ifp, eaddr, NULL);
704 /* Now undo some of the damage... */
705 ifp->if_baudrate = 0;
706 /*ifp->if_type = IFT_BRIDGE;*/
708 crit_enter(); /* XXX MP */
709 LIST_INSERT_HEAD(&bridge_list, sc, sc_list);
716 bridge_delete_dispatch(netmsg_t msg)
718 struct bridge_softc *sc = msg->lmsg.u.ms_resultp;
719 struct ifnet *bifp = sc->sc_ifp;
720 struct bridge_iflist *bif;
722 ifnet_serialize_all(bifp);
724 while ((bif = TAILQ_FIRST(&sc->sc_iflists[mycpuid])) != NULL)
725 bridge_delete_member(sc, bif, 0);
727 while ((bif = TAILQ_FIRST(&sc->sc_spanlist)) != NULL)
728 bridge_delete_span(sc, bif);
730 ifnet_deserialize_all(bifp);
732 lwkt_replymsg(&msg->lmsg, 0);
736 * bridge_clone_destroy:
738 * Destroy a bridge instance.
741 bridge_clone_destroy(struct ifnet *ifp)
743 struct bridge_softc *sc = ifp->if_softc;
744 struct netmsg_base msg;
746 ifnet_serialize_all(ifp);
749 ifp->if_flags &= ~IFF_UP;
751 ifnet_deserialize_all(ifp);
753 netmsg_init(&msg, NULL, &curthread->td_msgport,
754 0, bridge_delete_dispatch);
755 msg.lmsg.u.ms_resultp = sc;
756 lwkt_domsg(BRIDGE_CFGPORT, &msg.lmsg, 0);
758 crit_enter(); /* XXX MP */
759 LIST_REMOVE(sc, sc_list);
764 /* Tear down the routing table. */
765 bridge_rtable_fini(sc);
767 /* Free per-cpu member iface lists */
768 kfree(sc->sc_iflists, M_DEVBUF);
778 * Handle a control request from the operator.
781 bridge_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data, struct ucred *cr)
783 struct bridge_softc *sc = ifp->if_softc;
784 struct bridge_control_arg args;
785 struct ifdrv *ifd = (struct ifdrv *) data;
786 const struct bridge_control *bc;
789 ASSERT_IFNET_SERIALIZED_ALL(ifp);
798 if (ifd->ifd_cmd >= bridge_control_table_size) {
802 bc = &bridge_control_table[ifd->ifd_cmd];
804 if (cmd == SIOCGDRVSPEC &&
805 (bc->bc_flags & BC_F_COPYOUT) == 0) {
808 } else if (cmd == SIOCSDRVSPEC &&
809 (bc->bc_flags & BC_F_COPYOUT)) {
814 if (bc->bc_flags & BC_F_SUSER) {
815 error = priv_check_cred(cr, PRIV_ROOT, NULL_CRED_OKAY);
820 if (ifd->ifd_len != bc->bc_argsize ||
821 ifd->ifd_len > sizeof(args.bca_u)) {
826 memset(&args, 0, sizeof(args));
827 if (bc->bc_flags & BC_F_COPYIN) {
828 error = copyin(ifd->ifd_data, &args.bca_u,
834 error = bridge_control(sc, cmd, bc->bc_func, &args);
836 KKASSERT(args.bca_len == 0 && args.bca_kptr == NULL);
840 if (bc->bc_flags & BC_F_COPYOUT) {
841 error = copyout(&args, ifd->ifd_data, ifd->ifd_len);
842 if (args.bca_len != 0) {
843 KKASSERT(args.bca_kptr != NULL);
845 error = copyout(args.bca_kptr,
846 args.bca_uptr, args.bca_len);
848 kfree(args.bca_kptr, M_TEMP);
850 KKASSERT(args.bca_kptr == NULL);
853 KKASSERT(args.bca_len == 0 && args.bca_kptr == NULL);
858 if (!(ifp->if_flags & IFF_UP) &&
859 (ifp->if_flags & IFF_RUNNING)) {
861 * If interface is marked down and it is running,
865 } else if ((ifp->if_flags & IFF_UP) &&
866 !(ifp->if_flags & IFF_RUNNING)) {
868 * If interface is marked up and it is stopped, then
876 /* Do not allow the MTU to be changed on the bridge */
881 error = ether_ioctl(ifp, cmd, data);
890 * Clear or restore unwanted capabilities on the member interface
893 bridge_mutecaps(struct bridge_ifinfo *bif_info, struct ifnet *ifp, int mute)
898 if (ifp->if_ioctl == NULL)
901 bzero(&ifr, sizeof(ifr));
902 ifr.ifr_reqcap = ifp->if_capenable;
905 /* mask off and save capabilities */
906 bif_info->bifi_mutecap = ifr.ifr_reqcap & BRIDGE_IFCAPS_MASK;
907 if (bif_info->bifi_mutecap != 0)
908 ifr.ifr_reqcap &= ~BRIDGE_IFCAPS_MASK;
910 /* restore muted capabilities */
911 ifr.ifr_reqcap |= bif_info->bifi_mutecap;
914 if (bif_info->bifi_mutecap != 0) {
915 ifnet_serialize_all(ifp);
916 error = ifp->if_ioctl(ifp, SIOCSIFCAP, (caddr_t)&ifr, NULL);
917 ifnet_deserialize_all(ifp);
922 * bridge_lookup_member:
924 * Lookup a bridge member interface.
926 static struct bridge_iflist *
927 bridge_lookup_member(struct bridge_softc *sc, const char *name)
929 struct bridge_iflist *bif;
931 TAILQ_FOREACH(bif, &sc->sc_iflists[mycpuid], bif_next) {
932 if (strcmp(bif->bif_ifp->if_xname, name) == 0)
939 * bridge_lookup_member_if:
941 * Lookup a bridge member interface by ifnet*.
943 static struct bridge_iflist *
944 bridge_lookup_member_if(struct bridge_softc *sc, struct ifnet *member_ifp)
946 struct bridge_iflist *bif;
948 TAILQ_FOREACH(bif, &sc->sc_iflists[mycpuid], bif_next) {
949 if (bif->bif_ifp == member_ifp)
956 * bridge_lookup_member_ifinfo:
958 * Lookup a bridge member interface by bridge_ifinfo.
960 static struct bridge_iflist *
961 bridge_lookup_member_ifinfo(struct bridge_softc *sc,
962 struct bridge_ifinfo *bif_info)
964 struct bridge_iflist *bif;
966 TAILQ_FOREACH(bif, &sc->sc_iflists[mycpuid], bif_next) {
967 if (bif->bif_info == bif_info)
974 * bridge_delete_member:
976 * Delete the specified member interface.
979 bridge_delete_member(struct bridge_softc *sc, struct bridge_iflist *bif,
982 struct ifnet *ifs = bif->bif_ifp;
983 struct ifnet *bifp = sc->sc_ifp;
984 struct bridge_ifinfo *bif_info = bif->bif_info;
985 struct bridge_iflist_head saved_bifs;
987 ASSERT_IFNET_SERIALIZED_ALL(bifp);
988 KKASSERT(bif_info != NULL);
990 ifs->if_bridge = NULL;
993 * Release bridge interface's serializer:
994 * - To avoid possible dead lock.
995 * - Various sync operation will block the current thread.
997 ifnet_deserialize_all(bifp);
1000 switch (ifs->if_type) {
1004 * Take the interface out of promiscuous mode.
1007 bridge_mutecaps(bif_info, ifs, 0);
1014 panic("bridge_delete_member: impossible");
1020 * Remove bifs from percpu linked list.
1022 * Removed bifs are not freed immediately, instead,
1023 * they are saved in saved_bifs. They will be freed
1024 * after we make sure that no one is accessing them,
1025 * i.e. after following netmsg_service_sync()
1027 TAILQ_INIT(&saved_bifs);
1028 bridge_del_bif(sc, bif_info, &saved_bifs);
1031 * Make sure that all protocol threads:
1032 * o see 'ifs' if_bridge is changed
1033 * o know that bif is removed from the percpu linked list
1035 netmsg_service_sync();
1038 * Free the removed bifs
1040 KKASSERT(!TAILQ_EMPTY(&saved_bifs));
1041 while ((bif = TAILQ_FIRST(&saved_bifs)) != NULL) {
1042 TAILQ_REMOVE(&saved_bifs, bif, bif_next);
1043 kfree(bif, M_DEVBUF);
1046 /* See the comment in bridge_ioctl_stop() */
1047 bridge_rtmsg_sync(sc);
1048 bridge_rtdelete(sc, ifs, IFBF_FLUSHALL | IFBF_FLUSHSYNC);
1050 ifnet_serialize_all(bifp);
1052 if (bifp->if_flags & IFF_RUNNING)
1053 bstp_initialization(sc);
1056 * Free the bif_info after bstp_initialization(), so that
1057 * bridge_softc.sc_root_port will not reference a dangling
1060 kfree(bif_info, M_DEVBUF);
1064 * bridge_delete_span:
1066 * Delete the specified span interface.
1069 bridge_delete_span(struct bridge_softc *sc, struct bridge_iflist *bif)
1071 KASSERT(bif->bif_ifp->if_bridge == NULL,
1072 ("%s: not a span interface", __func__));
1074 TAILQ_REMOVE(&sc->sc_iflists[mycpuid], bif, bif_next);
1075 kfree(bif, M_DEVBUF);
1079 bridge_ioctl_init(struct bridge_softc *sc, void *arg __unused)
1081 struct ifnet *ifp = sc->sc_ifp;
1083 if (ifp->if_flags & IFF_RUNNING)
1086 callout_reset(&sc->sc_brcallout, bridge_rtable_prune_period * hz,
1089 ifp->if_flags |= IFF_RUNNING;
1090 bstp_initialization(sc);
1095 bridge_ioctl_stop(struct bridge_softc *sc, void *arg __unused)
1097 struct ifnet *ifp = sc->sc_ifp;
1098 struct lwkt_msg *lmsg;
1100 if ((ifp->if_flags & IFF_RUNNING) == 0)
1103 callout_stop(&sc->sc_brcallout);
1106 lmsg = &sc->sc_brtimemsg.lmsg;
1107 if ((lmsg->ms_flags & MSGF_DONE) == 0) {
1108 /* Pending to be processed; drop it */
1115 ifp->if_flags &= ~IFF_RUNNING;
1117 ifnet_deserialize_all(ifp);
1119 /* Let everyone know that we are stopped */
1120 netmsg_service_sync();
1123 * Sync ifnetX msgports in the order we forward rtnode
1124 * installation message. This is used to make sure that
1125 * all rtnode installation messages sent by bridge_rtupdate()
1126 * during above netmsg_service_sync() are flushed.
1128 bridge_rtmsg_sync(sc);
1129 bridge_rtflush(sc, IFBF_FLUSHDYN | IFBF_FLUSHSYNC);
1131 ifnet_serialize_all(ifp);
1136 bridge_ioctl_add(struct bridge_softc *sc, void *arg)
1138 struct ifbreq *req = arg;
1139 struct bridge_iflist *bif;
1140 struct bridge_ifinfo *bif_info;
1141 struct ifnet *ifs, *bifp;
1145 ASSERT_IFNET_SERIALIZED_ALL(bifp);
1147 ifs = ifunit(req->ifbr_ifsname);
1151 /* If it's in the span list, it can't be a member. */
1152 TAILQ_FOREACH(bif, &sc->sc_spanlist, bif_next)
1153 if (ifs == bif->bif_ifp)
1156 /* Allow the first Ethernet member to define the MTU */
1157 if (ifs->if_type != IFT_GIF) {
1158 if (TAILQ_EMPTY(&sc->sc_iflists[mycpuid])) {
1159 bifp->if_mtu = ifs->if_mtu;
1160 } else if (bifp->if_mtu != ifs->if_mtu) {
1161 if_printf(bifp, "invalid MTU for %s\n", ifs->if_xname);
1166 if (ifs->if_bridge == sc)
1169 if (ifs->if_bridge != NULL)
1172 bif_info = kmalloc(sizeof(*bif_info), M_DEVBUF, M_WAITOK | M_ZERO);
1173 bif_info->bifi_priority = BSTP_DEFAULT_PORT_PRIORITY;
1174 bif_info->bifi_path_cost = BSTP_DEFAULT_PATH_COST;
1175 bif_info->bifi_ifp = ifs;
1178 * Release bridge interface's serializer:
1179 * - To avoid possible dead lock.
1180 * - Various sync operation will block the current thread.
1182 ifnet_deserialize_all(bifp);
1184 switch (ifs->if_type) {
1188 * Place the interface into promiscuous mode.
1190 error = ifpromisc(ifs, 1);
1192 ifnet_serialize_all(bifp);
1195 bridge_mutecaps(bif_info, ifs, 1);
1198 case IFT_GIF: /* :^) */
1203 ifnet_serialize_all(bifp);
1208 * Add bifs to percpu linked lists
1210 bridge_add_bif(sc, bif_info, ifs);
1212 ifnet_serialize_all(bifp);
1214 if (bifp->if_flags & IFF_RUNNING)
1215 bstp_initialization(sc);
1220 * Everything has been setup, so let the member interface
1221 * deliver packets to this bridge on its input/output path.
1223 ifs->if_bridge = sc;
1226 if (bif_info != NULL)
1227 kfree(bif_info, M_DEVBUF);
1233 bridge_ioctl_del(struct bridge_softc *sc, void *arg)
1235 struct ifbreq *req = arg;
1236 struct bridge_iflist *bif;
1238 bif = bridge_lookup_member(sc, req->ifbr_ifsname);
1242 bridge_delete_member(sc, bif, 0);
1248 bridge_ioctl_gifflags(struct bridge_softc *sc, void *arg)
1250 struct ifbreq *req = arg;
1251 struct bridge_iflist *bif;
1253 bif = bridge_lookup_member(sc, req->ifbr_ifsname);
1256 bridge_ioctl_fillflags(sc, bif, req);
1261 bridge_ioctl_fillflags(struct bridge_softc *sc, struct bridge_iflist *bif,
1264 req->ifbr_ifsflags = bif->bif_flags;
1265 req->ifbr_state = bif->bif_state;
1266 req->ifbr_priority = bif->bif_priority;
1267 req->ifbr_path_cost = bif->bif_path_cost;
1268 req->ifbr_portno = bif->bif_ifp->if_index & 0xff;
1269 if (bif->bif_flags & IFBIF_STP) {
1270 req->ifbr_peer_root = bif->bif_peer_root;
1271 req->ifbr_peer_bridge = bif->bif_peer_bridge;
1272 req->ifbr_peer_cost = bif->bif_peer_cost;
1273 req->ifbr_peer_port = bif->bif_peer_port;
1274 if (bstp_supersedes_port_info(sc, bif)) {
1275 req->ifbr_designated_root = bif->bif_peer_root;
1276 req->ifbr_designated_bridge = bif->bif_peer_bridge;
1277 req->ifbr_designated_cost = bif->bif_peer_cost;
1278 req->ifbr_designated_port = bif->bif_peer_port;
1280 req->ifbr_designated_root = sc->sc_bridge_id;
1281 req->ifbr_designated_bridge = sc->sc_bridge_id;
1282 req->ifbr_designated_cost = bif->bif_path_cost +
1284 req->ifbr_designated_port = bif->bif_port_id;
1287 req->ifbr_peer_root = 0;
1288 req->ifbr_peer_bridge = 0;
1289 req->ifbr_peer_cost = 0;
1290 req->ifbr_peer_port = 0;
1291 req->ifbr_designated_root = 0;
1292 req->ifbr_designated_bridge = 0;
1293 req->ifbr_designated_cost = 0;
1294 req->ifbr_designated_port = 0;
1299 bridge_ioctl_sifflags(struct bridge_softc *sc, void *arg)
1301 struct ifbreq *req = arg;
1302 struct bridge_iflist *bif;
1303 struct ifnet *bifp = sc->sc_ifp;
1305 bif = bridge_lookup_member(sc, req->ifbr_ifsname);
1309 if (req->ifbr_ifsflags & IFBIF_SPAN) {
1310 /* SPAN is readonly */
1314 if (req->ifbr_ifsflags & IFBIF_STP) {
1315 switch (bif->bif_ifp->if_type) {
1317 /* These can do spanning tree. */
1321 /* Nothing else can. */
1326 bif->bif_flags = (bif->bif_flags & IFBIF_KEEPMASK) |
1327 (req->ifbr_ifsflags & ~IFBIF_KEEPMASK);
1328 if (bifp->if_flags & IFF_RUNNING)
1329 bstp_initialization(sc);
1335 bridge_ioctl_scache(struct bridge_softc *sc, void *arg)
1337 struct ifbrparam *param = arg;
1338 struct ifnet *ifp = sc->sc_ifp;
1340 sc->sc_brtmax = param->ifbrp_csize;
1342 ifnet_deserialize_all(ifp);
1344 ifnet_serialize_all(ifp);
1350 bridge_ioctl_gcache(struct bridge_softc *sc, void *arg)
1352 struct ifbrparam *param = arg;
1354 param->ifbrp_csize = sc->sc_brtmax;
1360 bridge_ioctl_gifs(struct bridge_softc *sc, void *arg)
1362 struct bridge_control_arg *bc_arg = arg;
1363 struct ifbifconf *bifc = arg;
1364 struct bridge_iflist *bif;
1365 struct ifbreq *breq;
1369 TAILQ_FOREACH(bif, &sc->sc_iflists[mycpuid], bif_next)
1371 TAILQ_FOREACH(bif, &sc->sc_spanlist, bif_next)
1374 if (bifc->ifbic_len == 0) {
1375 bifc->ifbic_len = sizeof(*breq) * count;
1377 } else if (count == 0 || bifc->ifbic_len < sizeof(*breq)) {
1378 bifc->ifbic_len = 0;
1382 len = min(bifc->ifbic_len, sizeof(*breq) * count);
1383 KKASSERT(len >= sizeof(*breq));
1385 breq = kmalloc(len, M_TEMP, M_WAITOK | M_NULLOK | M_ZERO);
1387 bifc->ifbic_len = 0;
1390 bc_arg->bca_kptr = breq;
1393 TAILQ_FOREACH(bif, &sc->sc_iflists[mycpuid], bif_next) {
1394 if (len < sizeof(*breq))
1397 strlcpy(breq->ifbr_ifsname, bif->bif_ifp->if_xname,
1398 sizeof(breq->ifbr_ifsname));
1399 bridge_ioctl_fillflags(sc, bif, breq);
1402 len -= sizeof(*breq);
1404 TAILQ_FOREACH(bif, &sc->sc_spanlist, bif_next) {
1405 if (len < sizeof(*breq))
1408 strlcpy(breq->ifbr_ifsname, bif->bif_ifp->if_xname,
1409 sizeof(breq->ifbr_ifsname));
1410 breq->ifbr_ifsflags = bif->bif_flags;
1411 breq->ifbr_portno = bif->bif_ifp->if_index & 0xff;
1414 len -= sizeof(*breq);
1417 bifc->ifbic_len = sizeof(*breq) * count;
1418 KKASSERT(bifc->ifbic_len > 0);
1420 bc_arg->bca_len = bifc->ifbic_len;
1421 bc_arg->bca_uptr = bifc->ifbic_req;
1426 bridge_ioctl_rts(struct bridge_softc *sc, void *arg)
1428 struct bridge_control_arg *bc_arg = arg;
1429 struct ifbaconf *bac = arg;
1430 struct bridge_rtnode *brt;
1431 struct ifbareq *bareq;
1435 LIST_FOREACH(brt, &sc->sc_rtlists[mycpuid], brt_list)
1438 if (bac->ifbac_len == 0) {
1439 bac->ifbac_len = sizeof(*bareq) * count;
1441 } else if (count == 0 || bac->ifbac_len < sizeof(*bareq)) {
1446 len = min(bac->ifbac_len, sizeof(*bareq) * count);
1447 KKASSERT(len >= sizeof(*bareq));
1449 bareq = kmalloc(len, M_TEMP, M_WAITOK | M_NULLOK | M_ZERO);
1450 if (bareq == NULL) {
1454 bc_arg->bca_kptr = bareq;
1457 LIST_FOREACH(brt, &sc->sc_rtlists[mycpuid], brt_list) {
1458 struct bridge_rtinfo *bri = brt->brt_info;
1459 unsigned long expire;
1461 if (len < sizeof(*bareq))
1464 strlcpy(bareq->ifba_ifsname, bri->bri_ifp->if_xname,
1465 sizeof(bareq->ifba_ifsname));
1466 memcpy(bareq->ifba_dst, brt->brt_addr, sizeof(brt->brt_addr));
1467 expire = bri->bri_expire;
1468 if ((bri->bri_flags & IFBAF_TYPEMASK) == IFBAF_DYNAMIC &&
1469 time_second < expire)
1470 bareq->ifba_expire = expire - time_second;
1472 bareq->ifba_expire = 0;
1473 bareq->ifba_flags = bri->bri_flags;
1476 len -= sizeof(*bareq);
1479 bac->ifbac_len = sizeof(*bareq) * count;
1480 KKASSERT(bac->ifbac_len > 0);
1482 bc_arg->bca_len = bac->ifbac_len;
1483 bc_arg->bca_uptr = bac->ifbac_req;
1488 bridge_ioctl_saddr(struct bridge_softc *sc, void *arg)
1490 struct ifbareq *req = arg;
1491 struct bridge_iflist *bif;
1492 struct ifnet *ifp = sc->sc_ifp;
1495 ASSERT_IFNET_SERIALIZED_ALL(ifp);
1497 bif = bridge_lookup_member(sc, req->ifba_ifsname);
1501 ifnet_deserialize_all(ifp);
1502 error = bridge_rtsaddr(sc, req->ifba_dst, bif->bif_ifp,
1504 ifnet_serialize_all(ifp);
1509 bridge_ioctl_sto(struct bridge_softc *sc, void *arg)
1511 struct ifbrparam *param = arg;
1513 sc->sc_brttimeout = param->ifbrp_ctime;
1519 bridge_ioctl_gto(struct bridge_softc *sc, void *arg)
1521 struct ifbrparam *param = arg;
1523 param->ifbrp_ctime = sc->sc_brttimeout;
1529 bridge_ioctl_daddr(struct bridge_softc *sc, void *arg)
1531 struct ifbareq *req = arg;
1532 struct ifnet *ifp = sc->sc_ifp;
1535 ifnet_deserialize_all(ifp);
1536 error = bridge_rtdaddr(sc, req->ifba_dst);
1537 ifnet_serialize_all(ifp);
1542 bridge_ioctl_flush(struct bridge_softc *sc, void *arg)
1544 struct ifbreq *req = arg;
1545 struct ifnet *ifp = sc->sc_ifp;
1547 ifnet_deserialize_all(ifp);
1548 bridge_rtflush(sc, req->ifbr_ifsflags | IFBF_FLUSHSYNC);
1549 ifnet_serialize_all(ifp);
1555 bridge_ioctl_gpri(struct bridge_softc *sc, void *arg)
1557 struct ifbrparam *param = arg;
1559 param->ifbrp_prio = sc->sc_bridge_priority;
1565 bridge_ioctl_spri(struct bridge_softc *sc, void *arg)
1567 struct ifbrparam *param = arg;
1569 sc->sc_bridge_priority = param->ifbrp_prio;
1571 if (sc->sc_ifp->if_flags & IFF_RUNNING)
1572 bstp_initialization(sc);
1578 bridge_ioctl_ght(struct bridge_softc *sc, void *arg)
1580 struct ifbrparam *param = arg;
1582 param->ifbrp_hellotime = sc->sc_bridge_hello_time >> 8;
1588 bridge_ioctl_sht(struct bridge_softc *sc, void *arg)
1590 struct ifbrparam *param = arg;
1592 if (param->ifbrp_hellotime == 0)
1594 sc->sc_bridge_hello_time = param->ifbrp_hellotime << 8;
1596 if (sc->sc_ifp->if_flags & IFF_RUNNING)
1597 bstp_initialization(sc);
1603 bridge_ioctl_gfd(struct bridge_softc *sc, void *arg)
1605 struct ifbrparam *param = arg;
1607 param->ifbrp_fwddelay = sc->sc_bridge_forward_delay >> 8;
1613 bridge_ioctl_sfd(struct bridge_softc *sc, void *arg)
1615 struct ifbrparam *param = arg;
1617 if (param->ifbrp_fwddelay == 0)
1619 sc->sc_bridge_forward_delay = param->ifbrp_fwddelay << 8;
1621 if (sc->sc_ifp->if_flags & IFF_RUNNING)
1622 bstp_initialization(sc);
1628 bridge_ioctl_gma(struct bridge_softc *sc, void *arg)
1630 struct ifbrparam *param = arg;
1632 param->ifbrp_maxage = sc->sc_bridge_max_age >> 8;
1638 bridge_ioctl_sma(struct bridge_softc *sc, void *arg)
1640 struct ifbrparam *param = arg;
1642 if (param->ifbrp_maxage == 0)
1644 sc->sc_bridge_max_age = param->ifbrp_maxage << 8;
1646 if (sc->sc_ifp->if_flags & IFF_RUNNING)
1647 bstp_initialization(sc);
1653 bridge_ioctl_sifprio(struct bridge_softc *sc, void *arg)
1655 struct ifbreq *req = arg;
1656 struct bridge_iflist *bif;
1658 bif = bridge_lookup_member(sc, req->ifbr_ifsname);
1662 bif->bif_priority = req->ifbr_priority;
1664 if (sc->sc_ifp->if_flags & IFF_RUNNING)
1665 bstp_initialization(sc);
1671 bridge_ioctl_sifcost(struct bridge_softc *sc, void *arg)
1673 struct ifbreq *req = arg;
1674 struct bridge_iflist *bif;
1676 bif = bridge_lookup_member(sc, req->ifbr_ifsname);
1680 bif->bif_path_cost = req->ifbr_path_cost;
1682 if (sc->sc_ifp->if_flags & IFF_RUNNING)
1683 bstp_initialization(sc);
1689 bridge_ioctl_addspan(struct bridge_softc *sc, void *arg)
1691 struct ifbreq *req = arg;
1692 struct bridge_iflist *bif;
1694 struct bridge_ifinfo *bif_info;
1696 ifs = ifunit(req->ifbr_ifsname);
1700 TAILQ_FOREACH(bif, &sc->sc_spanlist, bif_next)
1701 if (ifs == bif->bif_ifp)
1704 if (ifs->if_bridge != NULL)
1707 switch (ifs->if_type) {
1718 * bif_info is needed for bif_flags
1720 bif_info = kmalloc(sizeof(*bif_info), M_DEVBUF, M_WAITOK | M_ZERO);
1721 bif_info->bifi_ifp = ifs;
1723 bif = kmalloc(sizeof(*bif), M_DEVBUF, M_WAITOK | M_ZERO);
1725 bif->bif_info = bif_info;
1726 bif->bif_flags = IFBIF_SPAN;
1727 /* NOTE: span bif does not need bridge_ifinfo */
1729 TAILQ_INSERT_HEAD(&sc->sc_spanlist, bif, bif_next);
1737 bridge_ioctl_delspan(struct bridge_softc *sc, void *arg)
1739 struct ifbreq *req = arg;
1740 struct bridge_iflist *bif;
1743 ifs = ifunit(req->ifbr_ifsname);
1747 TAILQ_FOREACH(bif, &sc->sc_spanlist, bif_next)
1748 if (ifs == bif->bif_ifp)
1754 bridge_delete_span(sc, bif);
1756 if (TAILQ_EMPTY(&sc->sc_spanlist))
1763 bridge_ifdetach_dispatch(netmsg_t msg)
1765 struct ifnet *ifp, *bifp;
1766 struct bridge_softc *sc;
1767 struct bridge_iflist *bif;
1769 ifp = msg->lmsg.u.ms_resultp;
1770 sc = ifp->if_bridge;
1772 /* Check if the interface is a bridge member */
1776 ifnet_serialize_all(bifp);
1778 bif = bridge_lookup_member_if(sc, ifp);
1780 bridge_delete_member(sc, bif, 1);
1782 /* XXX Why bif will be NULL? */
1785 ifnet_deserialize_all(bifp);
1789 crit_enter(); /* XXX MP */
1791 /* Check if the interface is a span port */
1792 LIST_FOREACH(sc, &bridge_list, sc_list) {
1795 ifnet_serialize_all(bifp);
1797 TAILQ_FOREACH(bif, &sc->sc_spanlist, bif_next)
1798 if (ifp == bif->bif_ifp) {
1799 bridge_delete_span(sc, bif);
1803 ifnet_deserialize_all(bifp);
1809 lwkt_replymsg(&msg->lmsg, 0);
1815 * Detach an interface from a bridge. Called when a member
1816 * interface is detaching.
1819 bridge_ifdetach(void *arg __unused, struct ifnet *ifp)
1821 struct netmsg_base msg;
1823 netmsg_init(&msg, NULL, &curthread->td_msgport,
1824 0, bridge_ifdetach_dispatch);
1825 msg.lmsg.u.ms_resultp = ifp;
1827 lwkt_domsg(BRIDGE_CFGPORT, &msg.lmsg, 0);
1833 * Initialize a bridge interface.
1836 bridge_init(void *xsc)
1838 bridge_control(xsc, SIOCSIFFLAGS, bridge_ioctl_init, NULL);
1844 * Stop the bridge interface.
1847 bridge_stop(struct ifnet *ifp)
1849 bridge_control(ifp->if_softc, SIOCSIFFLAGS, bridge_ioctl_stop, NULL);
1853 * Returns TRUE if the packet is being sent 'from us'... from our bridge
1854 * interface or from any member of our bridge interface. This is used
1855 * later on to force the MAC to be the MAC of our bridge interface.
1858 bridge_from_us(struct bridge_softc *sc, struct ether_header *eh)
1860 struct bridge_iflist *bif;
1862 if (memcmp(eh->ether_shost, IF_LLADDR(sc->sc_ifp), ETHER_ADDR_LEN) == 0)
1865 TAILQ_FOREACH(bif, &sc->sc_iflists[mycpuid], bif_next) {
1866 if (memcmp(eh->ether_shost, IF_LLADDR(bif->bif_ifp),
1867 ETHER_ADDR_LEN) == 0) {
1877 * Enqueue a packet on a bridge member interface.
1881 bridge_enqueue(struct ifnet *dst_ifp, struct mbuf *m)
1883 struct netmsg_packet *nmp;
1885 nmp = &m->m_hdr.mh_netmsg;
1886 netmsg_init(&nmp->base, NULL, &netisr_apanic_rport,
1887 0, bridge_enqueue_handler);
1889 nmp->base.lmsg.u.ms_resultp = dst_ifp;
1891 lwkt_sendmsg(ifnet_portfn(mycpu->gd_cpuid), &nmp->base.lmsg);
1897 * Send output from a bridge member interface. This
1898 * performs the bridging function for locally originated
1901 * The mbuf has the Ethernet header already attached. We must
1902 * enqueue or free the mbuf before returning.
1905 bridge_output(struct ifnet *ifp, struct mbuf *m)
1907 struct bridge_softc *sc = ifp->if_bridge;
1908 struct bridge_iflist *bif, *nbif;
1909 struct ether_header *eh;
1910 struct ifnet *dst_if, *bifp;
1914 ASSERT_IFNET_NOT_SERIALIZED_ALL(ifp);
1917 * Make sure that we are still a member of a bridge interface.
1928 if (m->m_len < ETHER_HDR_LEN) {
1929 m = m_pullup(m, ETHER_HDR_LEN);
1935 eh = mtod(m, struct ether_header *);
1936 from_us = bridge_from_us(sc, eh);
1939 * If bridge is down, but the original output interface is up,
1940 * go ahead and send out that interface. Otherwise, the packet
1943 if ((bifp->if_flags & IFF_RUNNING) == 0) {
1949 * If the packet is a multicast, or we don't know a better way to
1950 * get there, send to all interfaces.
1952 if (ETHER_IS_MULTICAST(eh->ether_dhost))
1955 dst_if = bridge_rtlookup(sc, eh->ether_dhost);
1957 if (dst_if == NULL) {
1964 TAILQ_FOREACH_MUTABLE(bif, &sc->sc_iflists[mycpuid],
1966 dst_if = bif->bif_ifp;
1967 if ((dst_if->if_flags & IFF_RUNNING) == 0)
1971 * If this is not the original output interface,
1972 * and the interface is participating in spanning
1973 * tree, make sure the port is in a state that
1974 * allows forwarding.
1976 if (dst_if != ifp &&
1977 (bif->bif_flags & IFBIF_STP) != 0) {
1978 switch (bif->bif_state) {
1979 case BSTP_IFSTATE_L1BLOCKING:
1980 case BSTP_IFSTATE_BLOCKING:
1981 case BSTP_IFSTATE_LISTENING:
1982 case BSTP_IFSTATE_DISABLED:
1987 if (TAILQ_NEXT(bif, bif_next) == NULL) {
1991 mc = m_copypacket(m, MB_DONTWAIT);
1999 * If the packet is 'from' us override ether_shost.
2001 bridge_handoff(sc, dst_if, mc, from_us);
2003 if (nbif != NULL && !nbif->bif_onlist) {
2004 KKASSERT(bif->bif_onlist);
2005 nbif = TAILQ_NEXT(bif, bif_next);
2015 * If STP is enabled on the target we are an equal opportunity
2016 * employer and do not necessarily output to dst_if. Instead
2017 * scan available links with the same MAC as the current dst_if
2018 * and choose the best one.
2020 * We also need to do this because arp entries tag onto a particular
2021 * interface and if it happens to be dead then the packets will
2022 * go into a bit bucket.
2024 * If LINK2 is set the matching links are bonded and we-round robin.
2025 * (the MAC address must be the same for the participating links).
2026 * In this case links in a STP BLOCKING state are allowed for unicast
2029 bif = bridge_lookup_member_if(sc, dst_if);
2030 if (bif->bif_flags & IFBIF_STP) {
2032 TAILQ_FOREACH_MUTABLE(bif, &sc->sc_iflists[mycpuid],
2034 if (memcmp(IF_LLADDR(bif->bif_ifp),
2036 ETHER_ADDR_LEN) != 0) {
2040 switch(bif->bif_state) {
2041 case BSTP_IFSTATE_BLOCKING:
2042 if (sc->sc_ifp->if_flags & IFF_LINK2)
2045 case BSTP_IFSTATE_L1BLOCKING:
2046 case BSTP_IFSTATE_LISTENING:
2047 case BSTP_IFSTATE_DISABLED:
2052 if ((bif->bif_ifp->if_flags & IFF_RUNNING) == 0)
2056 * XXX we need to use the toepliz hash or
2057 * something like that instead of
2060 if (sc->sc_ifp->if_flags & IFF_LINK2) {
2061 dst_if = bif->bif_ifp;
2062 TAILQ_REMOVE(&sc->sc_iflists[mycpuid],
2065 &sc->sc_iflists[mycpuid],
2069 if (bif->bif_priority > priority) {
2070 priority = bif->bif_priority;
2071 dst_if = bif->bif_ifp;
2078 if ((dst_if->if_flags & IFF_RUNNING) == 0)
2081 bridge_handoff(sc, dst_if, m, from_us);
2086 * Returns the bridge interface associated with an ifc.
2087 * Pass ifp->if_bridge (must not be NULL). Used by the ARP
2088 * code to supply the bridge for the is-at info, making
2089 * the bridge responsible for matching local addresses.
2091 * Without this the ARP code will supply bridge member interfaces
2092 * for the is-at which makes it difficult the bridge to fail-over
2093 * interfaces (amoung other things).
2095 static struct ifnet *
2096 bridge_interface(void *if_bridge)
2098 struct bridge_softc *sc = if_bridge;
2099 return (sc->sc_ifp);
2105 * Start output on a bridge.
2108 bridge_start(struct ifnet *ifp)
2110 struct bridge_softc *sc = ifp->if_softc;
2112 ASSERT_IFNET_SERIALIZED_TX(ifp);
2114 ifp->if_flags |= IFF_OACTIVE;
2116 struct ifnet *dst_if = NULL;
2117 struct ether_header *eh;
2120 m = ifq_dequeue(&ifp->if_snd, NULL);
2124 if (m->m_len < sizeof(*eh)) {
2125 m = m_pullup(m, sizeof(*eh));
2131 eh = mtod(m, struct ether_header *);
2136 if ((m->m_flags & (M_BCAST|M_MCAST)) == 0)
2137 dst_if = bridge_rtlookup(sc, eh->ether_dhost);
2140 bridge_start_bcast(sc, m);
2142 bridge_enqueue(dst_if, m);
2144 ifp->if_flags &= ~IFF_OACTIVE;
2150 * Forward packets received on a bridge interface via the input
2153 * The forwarding function of the bridge.
2156 bridge_forward(struct bridge_softc *sc, struct mbuf *m)
2158 struct bridge_iflist *bif, *nbif;
2159 struct ifnet *src_if, *dst_if, *ifp;
2160 struct ether_header *eh;
2163 src_if = m->m_pkthdr.rcvif;
2166 ASSERT_IFNET_NOT_SERIALIZED_ALL(ifp);
2169 ifp->if_ibytes += m->m_pkthdr.len;
2172 * Look up the bridge_iflist.
2174 bif = bridge_lookup_member_if(sc, src_if);
2176 /* Interface is not a bridge member (anymore?) */
2181 if (bif->bif_flags & IFBIF_STP) {
2182 switch (bif->bif_state) {
2183 case BSTP_IFSTATE_BLOCKING:
2184 if ((sc->sc_ifp->if_flags & IFF_LINK2) &&
2185 (m->m_flags & (M_BCAST|M_MCAST)) == 0) {
2189 case BSTP_IFSTATE_L1BLOCKING:
2190 case BSTP_IFSTATE_LISTENING:
2191 case BSTP_IFSTATE_DISABLED:
2199 eh = mtod(m, struct ether_header *);
2202 * If the interface is learning, and the source
2203 * address is valid and not multicast, record
2206 if ((bif->bif_flags & IFBIF_LEARNING) != 0 &&
2207 bif->bif_state != BSTP_IFSTATE_BLOCKING &&
2208 ETHER_IS_MULTICAST(eh->ether_shost) == 0 &&
2209 (eh->ether_shost[0] == 0 &&
2210 eh->ether_shost[1] == 0 &&
2211 eh->ether_shost[2] == 0 &&
2212 eh->ether_shost[3] == 0 &&
2213 eh->ether_shost[4] == 0 &&
2214 eh->ether_shost[5] == 0) == 0) {
2215 bridge_rtupdate(sc, eh->ether_shost, src_if, IFBAF_DYNAMIC);
2218 if ((bif->bif_flags & IFBIF_STP) != 0 &&
2219 bif->bif_state == BSTP_IFSTATE_LEARNING) {
2225 * At this point, the port either doesn't participate
2226 * in spanning tree or it is in the forwarding state.
2230 * If the packet is unicast, destined for someone on
2231 * "this" side of the bridge, drop it.
2233 if ((m->m_flags & (M_BCAST|M_MCAST)) == 0) {
2234 dst_if = bridge_rtlookup(sc, eh->ether_dhost);
2235 if (src_if == dst_if) {
2240 /* ...forward it to all interfaces. */
2245 if (dst_if == NULL) {
2246 bridge_broadcast(sc, src_if, m);
2251 * Unicast, kinda replicates the output side of bridge_output().
2253 bif = bridge_lookup_member_if(sc, dst_if);
2255 /* Not a member of the bridge (anymore?) */
2260 if (bif->bif_flags & IFBIF_STP) {
2262 TAILQ_FOREACH_MUTABLE(bif, &sc->sc_iflists[mycpuid],
2264 if (memcmp(IF_LLADDR(bif->bif_ifp),
2266 ETHER_ADDR_LEN) != 0) {
2270 switch(bif->bif_state) {
2271 case BSTP_IFSTATE_BLOCKING:
2272 if (sc->sc_ifp->if_flags & IFF_LINK2)
2275 case BSTP_IFSTATE_L1BLOCKING:
2276 case BSTP_IFSTATE_LISTENING:
2277 case BSTP_IFSTATE_DISABLED:
2283 if ((bif->bif_ifp->if_flags & IFF_RUNNING) == 0)
2287 * XXX we need to use the toepliz hash or
2288 * something like that instead of
2291 if (sc->sc_ifp->if_flags & IFF_LINK2) {
2292 dst_if = bif->bif_ifp;
2293 TAILQ_REMOVE(&sc->sc_iflists[mycpuid],
2296 &sc->sc_iflists[mycpuid],
2300 if (bif->bif_priority > priority) {
2301 priority = bif->bif_priority;
2302 dst_if = bif->bif_ifp;
2308 * At this point, we're dealing with a unicast frame
2309 * going to a different interface.
2311 if ((dst_if->if_flags & IFF_RUNNING) == 0) {
2316 if (inet_pfil_hook.ph_hashooks > 0
2318 || inet6_pfil_hook.ph_hashooks > 0
2321 if (bridge_pfil(&m, ifp, src_if, PFIL_IN) != 0)
2326 if (bridge_pfil(&m, ifp, dst_if, PFIL_OUT) != 0)
2331 bridge_handoff(sc, dst_if, m, 0);
2337 * Receive input from a member interface. Queue the packet for
2338 * bridging if it is not for us.
2340 static struct mbuf *
2341 bridge_input(struct ifnet *ifp, struct mbuf *m)
2343 struct bridge_softc *sc = ifp->if_bridge;
2344 struct bridge_iflist *bif;
2345 struct ifnet *bifp, *new_ifp;
2346 struct ether_header *eh;
2347 struct mbuf *mc, *mc2;
2349 ASSERT_IFNET_NOT_SERIALIZED_ALL(ifp);
2352 * Make sure that we are still a member of a bridge interface.
2360 if ((bifp->if_flags & IFF_RUNNING) == 0)
2364 * Implement support for bridge monitoring. If this flag has been
2365 * set on this interface, discard the packet once we push it through
2366 * the bpf(4) machinery, but before we do, increment various counters
2367 * associated with this bridge.
2369 if (bifp->if_flags & IFF_MONITOR) {
2370 /* Change input interface to this bridge */
2371 m->m_pkthdr.rcvif = bifp;
2375 /* Update bridge's ifnet statistics */
2376 bifp->if_ipackets++;
2377 bifp->if_ibytes += m->m_pkthdr.len;
2378 if (m->m_flags & (M_MCAST | M_BCAST))
2387 * Handle the ether_header
2389 * In all cases if the packet is destined for us via our MAC
2390 * we must clear BRIDGE_MBUF_TAGGED to ensure that we don't
2391 * repeat the source MAC out the same interface.
2393 * This first test against our bridge MAC is the fast-path.
2395 * NOTE! The bridge interface can serve as an endpoint for
2396 * communication but normally there are no IPs associated
2397 * with it so you cannot route through it. Instead what
2398 * you do is point your default route *THROUGH* the bridge
2399 * to the actual default router for one of the bridged spaces.
2401 * Another possibility is to put all your IP specifications
2402 * on the bridge instead of on the individual interfaces. If
2403 * you do this it should be possible to use the bridge as an
2404 * end point and route (rather than switch) through it using
2405 * the default route or ipfw forwarding rules.
2411 if (m->m_len < ETHER_HDR_LEN) {
2412 m = m_pullup(m, ETHER_HDR_LEN);
2416 eh = mtod(m, struct ether_header *);
2417 m->m_pkthdr.fw_flags |= BRIDGE_MBUF_TAGGED;
2418 bcopy(eh, &m->m_pkthdr.br.ether, sizeof(*eh));
2420 if ((bridge_debug & 1) &&
2421 (ntohs(eh->ether_type) == ETHERTYPE_ARP ||
2422 ntohs(eh->ether_type) == ETHERTYPE_REVARP)) {
2423 kprintf("%02x:%02x:%02x:%02x:%02x:%02x "
2424 "%02x:%02x:%02x:%02x:%02x:%02x type %04x "
2425 "lla %02x:%02x:%02x:%02x:%02x:%02x\n",
2439 ((u_char *)IF_LLADDR(bifp))[0],
2440 ((u_char *)IF_LLADDR(bifp))[1],
2441 ((u_char *)IF_LLADDR(bifp))[2],
2442 ((u_char *)IF_LLADDR(bifp))[3],
2443 ((u_char *)IF_LLADDR(bifp))[4],
2444 ((u_char *)IF_LLADDR(bifp))[5]
2448 if (memcmp(eh->ether_dhost, IF_LLADDR(bifp), ETHER_ADDR_LEN) == 0) {
2450 * If the packet is for us, set the packets source as the
2451 * bridge, and return the packet back to ifnet.if_input for
2454 m->m_pkthdr.fw_flags &= ~BRIDGE_MBUF_TAGGED;
2455 KASSERT(bifp->if_bridge == NULL,
2456 ("loop created in bridge_input"));
2457 if (pfil_member != 0) {
2458 if (inet_pfil_hook.ph_hashooks > 0
2460 || inet6_pfil_hook.ph_hashooks > 0
2463 if (bridge_pfil(&m, NULL, ifp, PFIL_IN) != 0)
2474 * Tap all packets arriving on the bridge, no matter if
2475 * they are local destinations or not. In is in.
2479 bif = bridge_lookup_member_if(sc, ifp);
2486 if (m->m_flags & (M_BCAST | M_MCAST)) {
2488 * Tap off 802.1D packets; they do not get forwarded.
2490 if (memcmp(eh->ether_dhost, bstp_etheraddr,
2491 ETHER_ADDR_LEN) == 0) {
2492 ifnet_serialize_all(bifp);
2493 bstp_input(sc, bif, m);
2494 ifnet_deserialize_all(bifp);
2496 /* m is freed by bstp_input */
2502 * Other than 802.11d packets, ignore packets if the
2503 * interface is not in a good state.
2505 if (bif->bif_flags & IFBIF_STP) {
2506 switch (bif->bif_state) {
2507 case BSTP_IFSTATE_L1BLOCKING:
2508 case BSTP_IFSTATE_BLOCKING:
2509 case BSTP_IFSTATE_LISTENING:
2510 case BSTP_IFSTATE_DISABLED:
2516 * Make a deep copy of the packet and enqueue the copy
2517 * for bridge processing; return the original packet for
2520 mc = m_dup(m, MB_DONTWAIT);
2524 bridge_forward(sc, mc);
2527 * Reinject the mbuf as arriving on the bridge so we have a
2528 * chance at claiming multicast packets. We can not loop back
2529 * here from ether_input as a bridge is never a member of a
2532 KASSERT(bifp->if_bridge == NULL,
2533 ("loop created in bridge_input"));
2534 mc2 = m_dup(m, MB_DONTWAIT);
2537 /* Keep the layer3 header aligned */
2538 int i = min(mc2->m_pkthdr.len, max_protohdr);
2539 mc2 = m_copyup(mc2, i, ETHER_ALIGN);
2544 * Don't tap to bpf(4) again; we have already done
2547 * Leave m_pkthdr.rcvif alone, so ARP replies are
2548 * processed as coming in on the correct interface.
2550 * Clear the bridge flag for local processing in
2551 * case the packet gets routed.
2553 mc2->m_pkthdr.fw_flags &= ~BRIDGE_MBUF_TAGGED;
2554 ether_reinput_oncpu(bifp, mc2, 0);
2557 /* Return the original packet for local processing. */
2562 * Input of a unicast packet. We have to allow unicast packets
2563 * input from links in the BLOCKING state.
2565 * NOTE: We explicitly ignore normal packets received on a link
2566 * in the BLOCKING state. The point of being in that state
2567 * is to avoid getting duplicate packets.
2569 * HOWEVER, if LINK2 is set the normal spanning tree code
2570 * will mark an interface BLOCKING to avoid multi-cast/broadcast
2571 * loops. Unicast packets CAN still loop if we allow the
2572 * case (hence we only do it in LINK2), but it isn't quite as
2573 * bad as a broadcast packet looping.
2575 if (bif->bif_flags & IFBIF_STP) {
2576 switch (bif->bif_state) {
2578 case BSTP_IFSTATE_BLOCKING:
2579 if (sc->sc_ifp->if_flags & IFF_LINK2)
2583 case BSTP_IFSTATE_L1BLOCKING:
2584 case BSTP_IFSTATE_LISTENING:
2585 case BSTP_IFSTATE_DISABLED:
2593 * Unicast. Make sure it's not for us.
2595 * This loop is MPSAFE; the only blocking operation (bridge_rtupdate)
2596 * is followed by breaking out of the loop.
2598 TAILQ_FOREACH(bif, &sc->sc_iflists[mycpuid], bif_next) {
2599 if (bif->bif_ifp->if_type != IFT_ETHER)
2603 * It is destined for an interface linked to the bridge.
2604 * We want the bridge itself to take care of link level
2605 * forwarding to member interfaces so reinput on the bridge.
2606 * i.e. if you ping an IP on a target interface associated
2607 * with the bridge, the arp is-at response should indicate
2610 if (memcmp(IF_LLADDR(bif->bif_ifp), eh->ether_dhost,
2611 ETHER_ADDR_LEN) == 0) {
2612 if (bif->bif_ifp != ifp) {
2613 /* XXX loop prevention */
2614 m->m_flags |= M_ETHER_BRIDGED;
2616 if (bif->bif_flags & IFBIF_LEARNING) {
2617 bridge_rtupdate(sc, eh->ether_shost,
2618 ifp, IFBAF_DYNAMIC);
2620 new_ifp = bifp; /* not bif->bif_ifp */
2621 m->m_pkthdr.fw_flags &= ~BRIDGE_MBUF_TAGGED;
2626 * Ignore received packets that were sent by us.
2628 if (memcmp(IF_LLADDR(bif->bif_ifp), eh->ether_shost,
2629 ETHER_ADDR_LEN) == 0) {
2636 /* Perform the bridge forwarding function. */
2637 bridge_forward(sc, m);
2641 * ether_reinput_oncpu() will reprocess rcvif as
2642 * coming from new_ifp (since we do not specify
2643 * REINPUT_KEEPRCVIF).
2646 if (new_ifp != NULL) {
2648 * Clear the bridge flag for local processing in
2649 * case the packet gets routed.
2651 ether_reinput_oncpu(new_ifp, m, REINPUT_RUNBPF);
2658 * bridge_start_bcast:
2660 * Broadcast the packet sent from bridge to all member
2662 * This is a simplified version of bridge_broadcast(), however,
2663 * this function expects caller to hold bridge's serializer.
2666 bridge_start_bcast(struct bridge_softc *sc, struct mbuf *m)
2668 struct bridge_iflist *bif;
2670 struct ifnet *dst_if, *bifp;
2674 ASSERT_IFNET_SERIALIZED_ALL(bifp);
2677 * Following loop is MPSAFE; nothing is blocking
2680 TAILQ_FOREACH(bif, &sc->sc_iflists[mycpuid], bif_next) {
2681 dst_if = bif->bif_ifp;
2683 if (bif->bif_flags & IFBIF_STP) {
2684 switch (bif->bif_state) {
2685 case BSTP_IFSTATE_L1BLOCKING:
2686 case BSTP_IFSTATE_BLOCKING:
2687 case BSTP_IFSTATE_DISABLED:
2692 if ((bif->bif_flags & IFBIF_DISCOVER) == 0 &&
2693 (m->m_flags & (M_BCAST|M_MCAST)) == 0)
2696 if ((dst_if->if_flags & IFF_RUNNING) == 0)
2699 if (TAILQ_NEXT(bif, bif_next) == NULL) {
2703 mc = m_copypacket(m, MB_DONTWAIT);
2709 bridge_enqueue(dst_if, mc);
2718 * Send a frame to all interfaces that are members of
2719 * the bridge, except for the one on which the packet
2723 bridge_broadcast(struct bridge_softc *sc, struct ifnet *src_if,
2726 struct bridge_iflist *bif, *nbif;
2727 struct ether_header *eh;
2729 struct ifnet *dst_if, *bifp;
2734 ASSERT_IFNET_NOT_SERIALIZED_ALL(bifp);
2736 eh = mtod(m, struct ether_header *);
2737 from_us = bridge_from_us(sc, eh);
2739 if (inet_pfil_hook.ph_hashooks > 0
2741 || inet6_pfil_hook.ph_hashooks > 0
2744 if (bridge_pfil(&m, bifp, src_if, PFIL_IN) != 0)
2749 /* Filter on the bridge interface before broadcasting */
2750 if (bridge_pfil(&m, bifp, NULL, PFIL_OUT) != 0)
2756 TAILQ_FOREACH_MUTABLE(bif, &sc->sc_iflists[mycpuid], bif_next, nbif) {
2757 dst_if = bif->bif_ifp;
2758 if (dst_if == src_if)
2761 if (bif->bif_flags & IFBIF_STP) {
2762 switch (bif->bif_state) {
2763 case BSTP_IFSTATE_L1BLOCKING:
2764 case BSTP_IFSTATE_BLOCKING:
2765 case BSTP_IFSTATE_DISABLED:
2770 if ((bif->bif_flags & IFBIF_DISCOVER) == 0 &&
2771 (m->m_flags & (M_BCAST|M_MCAST)) == 0)
2774 if ((dst_if->if_flags & IFF_RUNNING) == 0)
2777 if (TAILQ_NEXT(bif, bif_next) == NULL) {
2781 mc = m_copypacket(m, MB_DONTWAIT);
2783 sc->sc_ifp->if_oerrors++;
2789 * Filter on the output interface. Pass a NULL bridge
2790 * interface pointer so we do not redundantly filter on
2791 * the bridge for each interface we broadcast on.
2793 if (inet_pfil_hook.ph_hashooks > 0
2795 || inet6_pfil_hook.ph_hashooks > 0
2798 if (bridge_pfil(&mc, NULL, dst_if, PFIL_OUT) != 0)
2803 bridge_handoff(sc, dst_if, mc, from_us);
2805 if (nbif != NULL && !nbif->bif_onlist) {
2806 KKASSERT(bif->bif_onlist);
2807 nbif = TAILQ_NEXT(bif, bif_next);
2817 * Duplicate a packet out one or more interfaces that are in span mode,
2818 * the original mbuf is unmodified.
2821 bridge_span(struct bridge_softc *sc, struct mbuf *m)
2823 struct bridge_iflist *bif;
2824 struct ifnet *dst_if, *bifp;
2828 ifnet_serialize_all(bifp);
2830 TAILQ_FOREACH(bif, &sc->sc_spanlist, bif_next) {
2831 dst_if = bif->bif_ifp;
2833 if ((dst_if->if_flags & IFF_RUNNING) == 0)
2836 mc = m_copypacket(m, MB_DONTWAIT);
2838 sc->sc_ifp->if_oerrors++;
2841 bridge_enqueue(dst_if, mc);
2844 ifnet_deserialize_all(bifp);
2848 bridge_rtmsg_sync_handler(netmsg_t msg)
2850 ifnet_forwardmsg(&msg->lmsg, mycpuid + 1);
2854 bridge_rtmsg_sync(struct bridge_softc *sc)
2856 struct netmsg_base msg;
2858 ASSERT_IFNET_NOT_SERIALIZED_ALL(sc->sc_ifp);
2860 netmsg_init(&msg, NULL, &curthread->td_msgport,
2861 0, bridge_rtmsg_sync_handler);
2862 ifnet_domsg(&msg.lmsg, 0);
2865 static __inline void
2866 bridge_rtinfo_update(struct bridge_rtinfo *bri, struct ifnet *dst_if,
2867 int setflags, uint8_t flags, uint32_t timeo)
2869 if ((bri->bri_flags & IFBAF_TYPEMASK) == IFBAF_DYNAMIC &&
2870 bri->bri_ifp != dst_if)
2871 bri->bri_ifp = dst_if;
2872 if ((flags & IFBAF_TYPEMASK) == IFBAF_DYNAMIC &&
2873 bri->bri_expire != time_second + timeo)
2874 bri->bri_expire = time_second + timeo;
2876 bri->bri_flags = flags;
2880 bridge_rtinstall_oncpu(struct bridge_softc *sc, const uint8_t *dst,
2881 struct ifnet *dst_if, int setflags, uint8_t flags,
2882 struct bridge_rtinfo **bri0)
2884 struct bridge_rtnode *brt;
2885 struct bridge_rtinfo *bri;
2888 brt = bridge_rtnode_lookup(sc, dst);
2891 * rtnode for 'dst' already exists. We inform the
2892 * caller about this by leaving bri0 as NULL. The
2893 * caller will terminate the intallation upon getting
2894 * NULL bri0. However, we still need to update the
2897 KKASSERT(*bri0 == NULL);
2900 bridge_rtinfo_update(brt->brt_info, dst_if, setflags,
2901 flags, sc->sc_brttimeout);
2906 * We only need to check brtcnt on CPU0, since if limit
2907 * is to be exceeded, ENOSPC is returned. Caller knows
2908 * this and will terminate the installation.
2910 if (sc->sc_brtcnt >= sc->sc_brtmax)
2913 KKASSERT(*bri0 == NULL);
2914 bri = kmalloc(sizeof(struct bridge_rtinfo), M_DEVBUF,
2919 bri->bri_flags = IFBAF_DYNAMIC;
2920 bridge_rtinfo_update(bri, dst_if, setflags, flags,
2924 KKASSERT(bri != NULL);
2927 brt = kmalloc(sizeof(struct bridge_rtnode), M_DEVBUF,
2929 memcpy(brt->brt_addr, dst, ETHER_ADDR_LEN);
2930 brt->brt_info = bri;
2932 bridge_rtnode_insert(sc, brt);
2937 bridge_rtinstall_handler(netmsg_t msg)
2939 struct netmsg_brsaddr *brmsg = (struct netmsg_brsaddr *)msg;
2942 error = bridge_rtinstall_oncpu(brmsg->br_softc,
2943 brmsg->br_dst, brmsg->br_dst_if,
2944 brmsg->br_setflags, brmsg->br_flags,
2947 KKASSERT(mycpuid == 0 && brmsg->br_rtinfo == NULL);
2948 lwkt_replymsg(&brmsg->base.lmsg, error);
2950 } else if (brmsg->br_rtinfo == NULL) {
2951 /* rtnode already exists for 'dst' */
2952 KKASSERT(mycpuid == 0);
2953 lwkt_replymsg(&brmsg->base.lmsg, 0);
2956 ifnet_forwardmsg(&brmsg->base.lmsg, mycpuid + 1);
2962 * Add/Update a bridge routing entry.
2965 bridge_rtupdate(struct bridge_softc *sc, const uint8_t *dst,
2966 struct ifnet *dst_if, uint8_t flags)
2968 struct bridge_rtnode *brt;
2971 * A route for this destination might already exist. If so,
2972 * update it, otherwise create a new one.
2974 if ((brt = bridge_rtnode_lookup(sc, dst)) == NULL) {
2975 struct netmsg_brsaddr *brmsg;
2977 if (sc->sc_brtcnt >= sc->sc_brtmax)
2980 brmsg = kmalloc(sizeof(*brmsg), M_LWKTMSG, M_WAITOK | M_NULLOK);
2984 netmsg_init(&brmsg->base, NULL, &netisr_afree_rport,
2985 0, bridge_rtinstall_handler);
2986 memcpy(brmsg->br_dst, dst, ETHER_ADDR_LEN);
2987 brmsg->br_dst_if = dst_if;
2988 brmsg->br_flags = flags;
2989 brmsg->br_setflags = 0;
2990 brmsg->br_softc = sc;
2991 brmsg->br_rtinfo = NULL;
2993 ifnet_sendmsg(&brmsg->base.lmsg, 0);
2996 bridge_rtinfo_update(brt->brt_info, dst_if, 0, flags,
3002 bridge_rtsaddr(struct bridge_softc *sc, const uint8_t *dst,
3003 struct ifnet *dst_if, uint8_t flags)
3005 struct netmsg_brsaddr brmsg;
3007 ASSERT_IFNET_NOT_SERIALIZED_ALL(sc->sc_ifp);
3009 netmsg_init(&brmsg.base, NULL, &curthread->td_msgport,
3010 0, bridge_rtinstall_handler);
3011 memcpy(brmsg.br_dst, dst, ETHER_ADDR_LEN);
3012 brmsg.br_dst_if = dst_if;
3013 brmsg.br_flags = flags;
3014 brmsg.br_setflags = 1;
3015 brmsg.br_softc = sc;
3016 brmsg.br_rtinfo = NULL;
3018 return ifnet_domsg(&brmsg.base.lmsg, 0);
3024 * Lookup the destination interface for an address.
3026 static struct ifnet *
3027 bridge_rtlookup(struct bridge_softc *sc, const uint8_t *addr)
3029 struct bridge_rtnode *brt;
3031 if ((brt = bridge_rtnode_lookup(sc, addr)) == NULL)
3033 return brt->brt_info->bri_ifp;
3037 bridge_rtreap_handler(netmsg_t msg)
3039 struct bridge_softc *sc = msg->lmsg.u.ms_resultp;
3040 struct bridge_rtnode *brt, *nbrt;
3042 LIST_FOREACH_MUTABLE(brt, &sc->sc_rtlists[mycpuid], brt_list, nbrt) {
3043 if (brt->brt_info->bri_dead)
3044 bridge_rtnode_destroy(sc, brt);
3046 ifnet_forwardmsg(&msg->lmsg, mycpuid + 1);
3050 bridge_rtreap(struct bridge_softc *sc)
3052 struct netmsg_base msg;
3054 ASSERT_IFNET_NOT_SERIALIZED_ALL(sc->sc_ifp);
3056 netmsg_init(&msg, NULL, &curthread->td_msgport,
3057 0, bridge_rtreap_handler);
3058 msg.lmsg.u.ms_resultp = sc;
3060 ifnet_domsg(&msg.lmsg, 0);
3064 bridge_rtreap_async(struct bridge_softc *sc)
3066 struct netmsg_base *msg;
3068 msg = kmalloc(sizeof(*msg), M_LWKTMSG, M_WAITOK);
3070 netmsg_init(msg, NULL, &netisr_afree_rport,
3071 0, bridge_rtreap_handler);
3072 msg->lmsg.u.ms_resultp = sc;
3074 ifnet_sendmsg(&msg->lmsg, 0);
3080 * Trim the routine table so that we have a number
3081 * of routing entries less than or equal to the
3085 bridge_rttrim(struct bridge_softc *sc)
3087 struct bridge_rtnode *brt;
3090 ASSERT_IFNET_NOT_SERIALIZED_ALL(sc->sc_ifp);
3092 /* Make sure we actually need to do this. */
3093 if (sc->sc_brtcnt <= sc->sc_brtmax)
3097 * Find out how many rtnodes are dead
3099 dead = bridge_rtage_finddead(sc);
3100 KKASSERT(dead <= sc->sc_brtcnt);
3102 if (sc->sc_brtcnt - dead <= sc->sc_brtmax) {
3103 /* Enough dead rtnodes are found */
3109 * Kill some dynamic rtnodes to meet the brtmax
3111 LIST_FOREACH(brt, &sc->sc_rtlists[mycpuid], brt_list) {
3112 struct bridge_rtinfo *bri = brt->brt_info;
3114 if (bri->bri_dead) {
3116 * We have counted this rtnode in
3117 * bridge_rtage_finddead()
3122 if ((bri->bri_flags & IFBAF_TYPEMASK) == IFBAF_DYNAMIC) {
3125 KKASSERT(dead <= sc->sc_brtcnt);
3127 if (sc->sc_brtcnt - dead <= sc->sc_brtmax) {
3128 /* Enough rtnodes are collected */
3140 * Aging timer for the bridge.
3143 bridge_timer(void *arg)
3145 struct bridge_softc *sc = arg;
3146 struct netmsg_base *msg;
3148 KKASSERT(mycpuid == BRIDGE_CFGCPU);
3152 if (callout_pending(&sc->sc_brcallout) ||
3153 !callout_active(&sc->sc_brcallout)) {
3157 callout_deactivate(&sc->sc_brcallout);
3159 msg = &sc->sc_brtimemsg;
3160 KKASSERT(msg->lmsg.ms_flags & MSGF_DONE);
3161 lwkt_sendmsg(BRIDGE_CFGPORT, &msg->lmsg);
3167 bridge_timer_handler(netmsg_t msg)
3169 struct bridge_softc *sc = msg->lmsg.u.ms_resultp;
3171 KKASSERT(&curthread->td_msgport == BRIDGE_CFGPORT);
3175 lwkt_replymsg(&msg->lmsg, 0);
3179 if (sc->sc_ifp->if_flags & IFF_RUNNING) {
3180 callout_reset(&sc->sc_brcallout,
3181 bridge_rtable_prune_period * hz, bridge_timer, sc);
3186 bridge_rtage_finddead(struct bridge_softc *sc)
3188 struct bridge_rtnode *brt;
3191 LIST_FOREACH(brt, &sc->sc_rtlists[mycpuid], brt_list) {
3192 struct bridge_rtinfo *bri = brt->brt_info;
3194 if ((bri->bri_flags & IFBAF_TYPEMASK) == IFBAF_DYNAMIC &&
3195 time_second >= bri->bri_expire) {
3198 KKASSERT(dead <= sc->sc_brtcnt);
3207 * Perform an aging cycle.
3210 bridge_rtage(struct bridge_softc *sc)
3212 ASSERT_IFNET_NOT_SERIALIZED_ALL(sc->sc_ifp);
3214 if (bridge_rtage_finddead(sc))
3221 * Remove all dynamic addresses from the bridge.
3224 bridge_rtflush(struct bridge_softc *sc, int bf)
3226 struct bridge_rtnode *brt;
3230 LIST_FOREACH(brt, &sc->sc_rtlists[mycpuid], brt_list) {
3231 struct bridge_rtinfo *bri = brt->brt_info;
3233 if ((bf & IFBF_FLUSHALL) ||
3234 (bri->bri_flags & IFBAF_TYPEMASK) == IFBAF_DYNAMIC) {
3240 if (bf & IFBF_FLUSHSYNC)
3243 bridge_rtreap_async(sc);
3250 * Remove an address from the table.
3253 bridge_rtdaddr(struct bridge_softc *sc, const uint8_t *addr)
3255 struct bridge_rtnode *brt;
3257 ASSERT_IFNET_NOT_SERIALIZED_ALL(sc->sc_ifp);
3259 if ((brt = bridge_rtnode_lookup(sc, addr)) == NULL)
3262 /* TODO: add a cheaper delete operation */
3263 brt->brt_info->bri_dead = 1;
3271 * Delete routes to a speicifc member interface.
3274 bridge_rtdelete(struct bridge_softc *sc, struct ifnet *ifp, int bf)
3276 struct bridge_rtnode *brt;
3280 LIST_FOREACH(brt, &sc->sc_rtlists[mycpuid], brt_list) {
3281 struct bridge_rtinfo *bri = brt->brt_info;
3283 if (bri->bri_ifp == ifp &&
3284 ((bf & IFBF_FLUSHALL) ||
3285 (bri->bri_flags & IFBAF_TYPEMASK) == IFBAF_DYNAMIC)) {
3291 if (bf & IFBF_FLUSHSYNC)
3294 bridge_rtreap_async(sc);
3299 * bridge_rtable_init:
3301 * Initialize the route table for this bridge.
3304 bridge_rtable_init(struct bridge_softc *sc)
3309 * Initialize per-cpu hash tables
3311 sc->sc_rthashs = kmalloc(sizeof(*sc->sc_rthashs) * ncpus,
3312 M_DEVBUF, M_WAITOK);
3313 for (cpu = 0; cpu < ncpus; ++cpu) {
3316 sc->sc_rthashs[cpu] =
3317 kmalloc(sizeof(struct bridge_rtnode_head) * BRIDGE_RTHASH_SIZE,
3318 M_DEVBUF, M_WAITOK);
3320 for (i = 0; i < BRIDGE_RTHASH_SIZE; i++)
3321 LIST_INIT(&sc->sc_rthashs[cpu][i]);
3323 sc->sc_rthash_key = karc4random();
3326 * Initialize per-cpu lists
3328 sc->sc_rtlists = kmalloc(sizeof(struct bridge_rtnode_head) * ncpus,
3329 M_DEVBUF, M_WAITOK);
3330 for (cpu = 0; cpu < ncpus; ++cpu)
3331 LIST_INIT(&sc->sc_rtlists[cpu]);
3335 * bridge_rtable_fini:
3337 * Deconstruct the route table for this bridge.
3340 bridge_rtable_fini(struct bridge_softc *sc)
3345 * Free per-cpu hash tables
3347 for (cpu = 0; cpu < ncpus; ++cpu)
3348 kfree(sc->sc_rthashs[cpu], M_DEVBUF);
3349 kfree(sc->sc_rthashs, M_DEVBUF);
3352 * Free per-cpu lists
3354 kfree(sc->sc_rtlists, M_DEVBUF);
3358 * The following hash function is adapted from "Hash Functions" by Bob Jenkins
3359 * ("Algorithm Alley", Dr. Dobbs Journal, September 1997).
3361 #define mix(a, b, c) \
3363 a -= b; a -= c; a ^= (c >> 13); \
3364 b -= c; b -= a; b ^= (a << 8); \
3365 c -= a; c -= b; c ^= (b >> 13); \
3366 a -= b; a -= c; a ^= (c >> 12); \
3367 b -= c; b -= a; b ^= (a << 16); \
3368 c -= a; c -= b; c ^= (b >> 5); \
3369 a -= b; a -= c; a ^= (c >> 3); \
3370 b -= c; b -= a; b ^= (a << 10); \
3371 c -= a; c -= b; c ^= (b >> 15); \
3372 } while (/*CONSTCOND*/0)
3374 static __inline uint32_t
3375 bridge_rthash(struct bridge_softc *sc, const uint8_t *addr)
3377 uint32_t a = 0x9e3779b9, b = 0x9e3779b9, c = sc->sc_rthash_key;
3388 return (c & BRIDGE_RTHASH_MASK);
3394 bridge_rtnode_addr_cmp(const uint8_t *a, const uint8_t *b)
3398 for (i = 0, d = 0; i < ETHER_ADDR_LEN && d == 0; i++) {
3399 d = ((int)a[i]) - ((int)b[i]);
3406 * bridge_rtnode_lookup:
3408 * Look up a bridge route node for the specified destination.
3410 static struct bridge_rtnode *
3411 bridge_rtnode_lookup(struct bridge_softc *sc, const uint8_t *addr)
3413 struct bridge_rtnode *brt;
3417 hash = bridge_rthash(sc, addr);
3418 LIST_FOREACH(brt, &sc->sc_rthashs[mycpuid][hash], brt_hash) {
3419 dir = bridge_rtnode_addr_cmp(addr, brt->brt_addr);
3430 * bridge_rtnode_insert:
3432 * Insert the specified bridge node into the route table.
3433 * Caller has to make sure that rtnode does not exist.
3436 bridge_rtnode_insert(struct bridge_softc *sc, struct bridge_rtnode *brt)
3438 struct bridge_rtnode *lbrt;
3442 hash = bridge_rthash(sc, brt->brt_addr);
3444 lbrt = LIST_FIRST(&sc->sc_rthashs[mycpuid][hash]);
3446 LIST_INSERT_HEAD(&sc->sc_rthashs[mycpuid][hash],
3452 dir = bridge_rtnode_addr_cmp(brt->brt_addr, lbrt->brt_addr);
3453 KASSERT(dir != 0, ("rtnode already exist\n"));
3456 LIST_INSERT_BEFORE(lbrt, brt, brt_hash);
3459 if (LIST_NEXT(lbrt, brt_hash) == NULL) {
3460 LIST_INSERT_AFTER(lbrt, brt, brt_hash);
3463 lbrt = LIST_NEXT(lbrt, brt_hash);
3464 } while (lbrt != NULL);
3466 panic("no suitable position found for rtnode\n");
3468 LIST_INSERT_HEAD(&sc->sc_rtlists[mycpuid], brt, brt_list);
3471 * Update the brtcnt.
3472 * We only need to do it once and we do it on CPU0.
3479 * bridge_rtnode_destroy:
3481 * Destroy a bridge rtnode.
3484 bridge_rtnode_destroy(struct bridge_softc *sc, struct bridge_rtnode *brt)
3486 LIST_REMOVE(brt, brt_hash);
3487 LIST_REMOVE(brt, brt_list);
3489 if (mycpuid + 1 == ncpus) {
3490 /* Free rtinfo associated with rtnode on the last cpu */
3491 kfree(brt->brt_info, M_DEVBUF);
3493 kfree(brt, M_DEVBUF);
3496 /* Update brtcnt only on CPU0 */
3502 bridge_post_pfil(struct mbuf *m)
3504 if (m->m_pkthdr.fw_flags & IPFORWARD_MBUF_TAGGED)
3508 if (m->m_pkthdr.fw_flags & DUMMYNET_MBUF_TAGGED)
3515 * Send bridge packets through pfil if they are one of the types pfil can deal
3516 * with, or if they are ARP or REVARP. (pfil will pass ARP and REVARP without
3517 * question.) If *bifp or *ifp are NULL then packet filtering is skipped for
3521 bridge_pfil(struct mbuf **mp, struct ifnet *bifp, struct ifnet *ifp, int dir)
3523 int snap, error, i, hlen;
3524 struct ether_header *eh1, eh2;
3527 u_int16_t ether_type;
3530 error = -1; /* Default error if not error == 0 */
3532 if (pfil_bridge == 0 && pfil_member == 0)
3533 return (0); /* filtering is disabled */
3535 i = min((*mp)->m_pkthdr.len, max_protohdr);
3536 if ((*mp)->m_len < i) {
3537 *mp = m_pullup(*mp, i);
3539 kprintf("%s: m_pullup failed\n", __func__);
3544 eh1 = mtod(*mp, struct ether_header *);
3545 ether_type = ntohs(eh1->ether_type);
3548 * Check for SNAP/LLC.
3550 if (ether_type < ETHERMTU) {
3551 struct llc *llc2 = (struct llc *)(eh1 + 1);
3553 if ((*mp)->m_len >= ETHER_HDR_LEN + 8 &&
3554 llc2->llc_dsap == LLC_SNAP_LSAP &&
3555 llc2->llc_ssap == LLC_SNAP_LSAP &&
3556 llc2->llc_control == LLC_UI) {
3557 ether_type = htons(llc2->llc_un.type_snap.ether_type);
3563 * If we're trying to filter bridge traffic, don't look at anything
3564 * other than IP and ARP traffic. If the filter doesn't understand
3565 * IPv6, don't allow IPv6 through the bridge either. This is lame
3566 * since if we really wanted, say, an AppleTalk filter, we are hosed,
3567 * but of course we don't have an AppleTalk filter to begin with.
3568 * (Note that since pfil doesn't understand ARP it will pass *ALL*
3571 switch (ether_type) {
3573 case ETHERTYPE_REVARP:
3574 return (0); /* Automatically pass */
3578 case ETHERTYPE_IPV6:
3584 * Check to see if the user wants to pass non-ip
3585 * packets, these will not be checked by pfil(9)
3586 * and passed unconditionally so the default is to drop.
3592 /* Strip off the Ethernet header and keep a copy. */
3593 m_copydata(*mp, 0, ETHER_HDR_LEN, (caddr_t) &eh2);
3594 m_adj(*mp, ETHER_HDR_LEN);
3596 /* Strip off snap header, if present */
3598 m_copydata(*mp, 0, sizeof(struct llc), (caddr_t) &llc1);
3599 m_adj(*mp, sizeof(struct llc));
3603 * Check the IP header for alignment and errors
3605 if (dir == PFIL_IN) {
3606 switch (ether_type) {
3608 error = bridge_ip_checkbasic(mp);
3611 case ETHERTYPE_IPV6:
3612 error = bridge_ip6_checkbasic(mp);
3625 * Run the packet through pfil
3627 switch (ether_type) {
3630 * before calling the firewall, swap fields the same as
3631 * IP does. here we assume the header is contiguous
3633 ip = mtod(*mp, struct ip *);
3635 ip->ip_len = ntohs(ip->ip_len);
3636 ip->ip_off = ntohs(ip->ip_off);
3639 * Run pfil on the member interface and the bridge, both can
3640 * be skipped by clearing pfil_member or pfil_bridge.
3643 * in_if -> bridge_if -> out_if
3645 if (pfil_bridge && dir == PFIL_OUT && bifp != NULL) {
3646 error = pfil_run_hooks(&inet_pfil_hook, mp, bifp, dir);
3647 if (*mp == NULL || error != 0) /* filter may consume */
3649 error = bridge_post_pfil(*mp);
3654 if (pfil_member && ifp != NULL) {
3655 error = pfil_run_hooks(&inet_pfil_hook, mp, ifp, dir);
3656 if (*mp == NULL || error != 0) /* filter may consume */
3658 error = bridge_post_pfil(*mp);
3663 if (pfil_bridge && dir == PFIL_IN && bifp != NULL) {
3664 error = pfil_run_hooks(&inet_pfil_hook, mp, bifp, dir);
3665 if (*mp == NULL || error != 0) /* filter may consume */
3667 error = bridge_post_pfil(*mp);
3672 /* check if we need to fragment the packet */
3673 if (pfil_member && ifp != NULL && dir == PFIL_OUT) {
3674 i = (*mp)->m_pkthdr.len;
3675 if (i > ifp->if_mtu) {
3676 error = bridge_fragment(ifp, *mp, &eh2, snap,
3682 /* Recalculate the ip checksum and restore byte ordering */
3683 ip = mtod(*mp, struct ip *);
3684 hlen = ip->ip_hl << 2;
3685 if (hlen < sizeof(struct ip))
3687 if (hlen > (*mp)->m_len) {
3688 if ((*mp = m_pullup(*mp, hlen)) == 0)
3690 ip = mtod(*mp, struct ip *);
3694 ip->ip_len = htons(ip->ip_len);
3695 ip->ip_off = htons(ip->ip_off);
3697 if (hlen == sizeof(struct ip))
3698 ip->ip_sum = in_cksum_hdr(ip);
3700 ip->ip_sum = in_cksum(*mp, hlen);
3704 case ETHERTYPE_IPV6:
3705 if (pfil_bridge && dir == PFIL_OUT && bifp != NULL)
3706 error = pfil_run_hooks(&inet6_pfil_hook, mp, bifp,
3709 if (*mp == NULL || error != 0) /* filter may consume */
3712 if (pfil_member && ifp != NULL)
3713 error = pfil_run_hooks(&inet6_pfil_hook, mp, ifp,
3716 if (*mp == NULL || error != 0) /* filter may consume */
3719 if (pfil_bridge && dir == PFIL_IN && bifp != NULL)
3720 error = pfil_run_hooks(&inet6_pfil_hook, mp, bifp,
3737 * Finally, put everything back the way it was and return
3740 M_PREPEND(*mp, sizeof(struct llc), MB_DONTWAIT);
3743 bcopy(&llc1, mtod(*mp, caddr_t), sizeof(struct llc));
3746 M_PREPEND(*mp, ETHER_HDR_LEN, MB_DONTWAIT);
3749 bcopy(&eh2, mtod(*mp, caddr_t), ETHER_HDR_LEN);
3760 * Perform basic checks on header size since
3761 * pfil assumes ip_input has already processed
3762 * it for it. Cut-and-pasted from ip_input.c.
3763 * Given how simple the IPv6 version is,
3764 * does the IPv4 version really need to be
3767 * XXX Should we update ipstat here, or not?
3768 * XXX Right now we update ipstat but not
3772 bridge_ip_checkbasic(struct mbuf **mp)
3774 struct mbuf *m = *mp;
3782 if (IP_HDR_ALIGNED_P(mtod(m, caddr_t)) == 0) {
3783 if ((m = m_copyup(m, sizeof(struct ip),
3784 (max_linkhdr + 3) & ~3)) == NULL) {
3785 /* XXXJRT new stat, please */
3786 ipstat.ips_toosmall++;
3791 #ifndef __predict_false
3792 #define __predict_false(x) x
3794 if (__predict_false(m->m_len < sizeof (struct ip))) {
3795 if ((m = m_pullup(m, sizeof (struct ip))) == NULL) {
3796 ipstat.ips_toosmall++;
3800 ip = mtod(m, struct ip *);
3801 if (ip == NULL) goto bad;
3803 if (ip->ip_v != IPVERSION) {
3804 ipstat.ips_badvers++;
3807 hlen = ip->ip_hl << 2;
3808 if (hlen < sizeof(struct ip)) { /* minimum header length */
3809 ipstat.ips_badhlen++;
3812 if (hlen > m->m_len) {
3813 if ((m = m_pullup(m, hlen)) == 0) {
3814 ipstat.ips_badhlen++;
3817 ip = mtod(m, struct ip *);
3818 if (ip == NULL) goto bad;
3821 if (m->m_pkthdr.csum_flags & CSUM_IP_CHECKED) {
3822 sum = !(m->m_pkthdr.csum_flags & CSUM_IP_VALID);
3824 if (hlen == sizeof(struct ip)) {
3825 sum = in_cksum_hdr(ip);
3827 sum = in_cksum(m, hlen);
3831 ipstat.ips_badsum++;
3835 /* Retrieve the packet length. */
3836 len = ntohs(ip->ip_len);
3839 * Check for additional length bogosity
3842 ipstat.ips_badlen++;
3847 * Check that the amount of data in the buffers
3848 * is as at least much as the IP header would have us expect.
3849 * Drop packet if shorter than we expect.
3851 if (m->m_pkthdr.len < len) {
3852 ipstat.ips_tooshort++;
3856 /* Checks out, proceed */
3867 * Same as above, but for IPv6.
3868 * Cut-and-pasted from ip6_input.c.
3869 * XXX Should we update ip6stat, or not?
3872 bridge_ip6_checkbasic(struct mbuf **mp)
3874 struct mbuf *m = *mp;
3875 struct ip6_hdr *ip6;
3878 * If the IPv6 header is not aligned, slurp it up into a new
3879 * mbuf with space for link headers, in the event we forward
3880 * it. Otherwise, if it is aligned, make sure the entire base
3881 * IPv6 header is in the first mbuf of the chain.
3884 if (IP6_HDR_ALIGNED_P(mtod(m, caddr_t)) == 0) {
3885 struct ifnet *inifp = m->m_pkthdr.rcvif;
3886 if ((m = m_copyup(m, sizeof(struct ip6_hdr),
3887 (max_linkhdr + 3) & ~3)) == NULL) {
3888 /* XXXJRT new stat, please */
3889 ip6stat.ip6s_toosmall++;
3890 in6_ifstat_inc(inifp, ifs6_in_hdrerr);
3895 if (__predict_false(m->m_len < sizeof(struct ip6_hdr))) {
3896 struct ifnet *inifp = m->m_pkthdr.rcvif;
3897 if ((m = m_pullup(m, sizeof(struct ip6_hdr))) == NULL) {
3898 ip6stat.ip6s_toosmall++;
3899 in6_ifstat_inc(inifp, ifs6_in_hdrerr);
3904 ip6 = mtod(m, struct ip6_hdr *);
3906 if ((ip6->ip6_vfc & IPV6_VERSION_MASK) != IPV6_VERSION) {
3907 ip6stat.ip6s_badvers++;
3908 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_hdrerr);
3912 /* Checks out, proceed */
3925 * Return a fragmented mbuf chain.
3928 bridge_fragment(struct ifnet *ifp, struct mbuf *m, struct ether_header *eh,
3929 int snap, struct llc *llc)
3935 if (m->m_len < sizeof(struct ip) &&
3936 (m = m_pullup(m, sizeof(struct ip))) == NULL)
3938 ip = mtod(m, struct ip *);
3940 error = ip_fragment(ip, &m, ifp->if_mtu, ifp->if_hwassist,
3945 /* walk the chain and re-add the Ethernet header */
3946 for (m0 = m; m0; m0 = m0->m_nextpkt) {
3949 M_PREPEND(m0, sizeof(struct llc), MB_DONTWAIT);
3954 bcopy(llc, mtod(m0, caddr_t),
3955 sizeof(struct llc));
3957 M_PREPEND(m0, ETHER_HDR_LEN, MB_DONTWAIT);
3962 bcopy(eh, mtod(m0, caddr_t), ETHER_HDR_LEN);
3968 ipstat.ips_fragmented++;
3979 bridge_enqueue_handler(netmsg_t msg)
3981 struct netmsg_packet *nmp;
3982 struct ifnet *dst_ifp;
3987 dst_ifp = nmp->base.lmsg.u.ms_resultp;
3989 bridge_handoff(dst_ifp->if_bridge, dst_ifp, m, 1);
3993 bridge_handoff(struct bridge_softc *sc, struct ifnet *dst_ifp,
3994 struct mbuf *m, int from_us)
4001 /* We may be sending a fragment so traverse the mbuf */
4003 struct altq_pktattr pktattr;
4006 m->m_nextpkt = NULL;
4009 * If being sent from our host override ether_shost
4010 * with the bridge MAC. This is mandatory for ARP
4011 * so things don't get confused. In particular we
4012 * don't want ARPs to get associated with link interfaces
4013 * under the bridge which might or might not stay valid.
4015 * Also override ether_shost when relaying a packet out
4016 * the same interface it came in on, due to multi-homed
4017 * addresses & default routes, otherwise switches will
4018 * get very confused.
4020 * Otherwise if we are in transparent mode.
4022 if (from_us || m->m_pkthdr.rcvif == dst_ifp) {
4024 offsetof(struct ether_header, ether_shost),
4025 ETHER_ADDR_LEN, IF_LLADDR(sc->sc_ifp));
4026 } else if ((bifp->if_flags & IFF_LINK0) &&
4027 (m->m_pkthdr.fw_flags & BRIDGE_MBUF_TAGGED)) {
4029 offsetof(struct ether_header, ether_shost),
4031 m->m_pkthdr.br.ether.ether_shost);
4032 } /* else retain shost */
4034 if (ifq_is_enabled(&dst_ifp->if_snd))
4035 altq_etherclassify(&dst_ifp->if_snd, m, &pktattr);
4037 ifq_dispatch(dst_ifp, m, &pktattr);
4042 bridge_control_dispatch(netmsg_t msg)
4044 struct netmsg_brctl *bc_msg = (struct netmsg_brctl *)msg;
4045 struct ifnet *bifp = bc_msg->bc_sc->sc_ifp;
4048 ifnet_serialize_all(bifp);
4049 error = bc_msg->bc_func(bc_msg->bc_sc, bc_msg->bc_arg);
4050 ifnet_deserialize_all(bifp);
4052 lwkt_replymsg(&bc_msg->base.lmsg, error);
4056 bridge_control(struct bridge_softc *sc, u_long cmd,
4057 bridge_ctl_t bc_func, void *bc_arg)
4059 struct ifnet *bifp = sc->sc_ifp;
4060 struct netmsg_brctl bc_msg;
4063 ASSERT_IFNET_SERIALIZED_ALL(bifp);
4065 bzero(&bc_msg, sizeof(bc_msg));
4067 netmsg_init(&bc_msg.base, NULL, &curthread->td_msgport,
4068 0, bridge_control_dispatch);
4069 bc_msg.bc_func = bc_func;
4071 bc_msg.bc_arg = bc_arg;
4073 ifnet_deserialize_all(bifp);
4074 error = lwkt_domsg(BRIDGE_CFGPORT, &bc_msg.base.lmsg, 0);
4075 ifnet_serialize_all(bifp);
4080 bridge_add_bif_handler(netmsg_t msg)
4082 struct netmsg_braddbif *amsg = (struct netmsg_braddbif *)msg;
4083 struct bridge_softc *sc;
4084 struct bridge_iflist *bif;
4086 sc = amsg->br_softc;
4088 bif = kmalloc(sizeof(*bif), M_DEVBUF, M_WAITOK | M_ZERO);
4089 bif->bif_ifp = amsg->br_bif_ifp;
4090 bif->bif_onlist = 1;
4091 bif->bif_info = amsg->br_bif_info;
4094 * runs through bif_info
4096 bif->bif_flags = IFBIF_LEARNING | IFBIF_DISCOVER;
4098 TAILQ_INSERT_HEAD(&sc->sc_iflists[mycpuid], bif, bif_next);
4100 ifnet_forwardmsg(&amsg->base.lmsg, mycpuid + 1);
4104 bridge_add_bif(struct bridge_softc *sc, struct bridge_ifinfo *bif_info,
4107 struct netmsg_braddbif amsg;
4109 ASSERT_IFNET_NOT_SERIALIZED_ALL(sc->sc_ifp);
4111 netmsg_init(&amsg.base, NULL, &curthread->td_msgport,
4112 0, bridge_add_bif_handler);
4114 amsg.br_bif_info = bif_info;
4115 amsg.br_bif_ifp = ifp;
4117 ifnet_domsg(&amsg.base.lmsg, 0);
4121 bridge_del_bif_handler(netmsg_t msg)
4123 struct netmsg_brdelbif *dmsg = (struct netmsg_brdelbif *)msg;
4124 struct bridge_softc *sc;
4125 struct bridge_iflist *bif;
4127 sc = dmsg->br_softc;
4130 * Locate the bif associated with the br_bif_info
4131 * on the current CPU
4133 bif = bridge_lookup_member_ifinfo(sc, dmsg->br_bif_info);
4134 KKASSERT(bif != NULL && bif->bif_onlist);
4136 /* Remove the bif from the current CPU's iflist */
4137 bif->bif_onlist = 0;
4138 TAILQ_REMOVE(dmsg->br_bif_list, bif, bif_next);
4140 /* Save the removed bif for later freeing */
4141 TAILQ_INSERT_HEAD(dmsg->br_bif_list, bif, bif_next);
4143 ifnet_forwardmsg(&dmsg->base.lmsg, mycpuid + 1);
4147 bridge_del_bif(struct bridge_softc *sc, struct bridge_ifinfo *bif_info,
4148 struct bridge_iflist_head *saved_bifs)
4150 struct netmsg_brdelbif dmsg;
4152 ASSERT_IFNET_NOT_SERIALIZED_ALL(sc->sc_ifp);
4154 netmsg_init(&dmsg.base, NULL, &curthread->td_msgport,
4155 0, bridge_del_bif_handler);
4157 dmsg.br_bif_info = bif_info;
4158 dmsg.br_bif_list = saved_bifs;
4160 ifnet_domsg(&dmsg.base.lmsg, 0);
projects / dragonfly.git / blob