/* * Copyright 1998 Massachusetts Institute of Technology * * Permission to use, copy, modify, and distribute this software and * its documentation for any purpose and without fee is hereby * granted, provided that both the above copyright notice and this * permission notice appear in all copies, that both the above * copyright notice and this permission notice appear in all * supporting documentation, and that the name of M.I.T. not be used * in advertising or publicity pertaining to distribution of the * software without specific, written prior permission. M.I.T. makes * no representations about the suitability of this software for any * purpose. It is provided "as is" without express or implied * warranty. * * THIS SOFTWARE IS PROVIDED BY M.I.T. ``AS IS''. M.I.T. DISCLAIMS * ALL EXPRESS OR IMPLIED WARRANTIES WITH REGARD TO THIS SOFTWARE, * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT * SHALL M.I.T. BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * * $FreeBSD: src/sys/net/if_vlan.c,v 1.15.2.13 2003/02/14 22:25:58 fenner Exp $ * $DragonFly: src/sys/net/vlan/if_vlan.c,v 1.18 2005/11/28 17:13:46 dillon Exp $ */ /* * if_vlan.c - pseudo-device driver for IEEE 802.1Q virtual LANs. * Might be extended some day to also handle IEEE 802.1p priority * tagging. This is sort of sneaky in the implementation, since * we need to pretend to be enough of an Ethernet implementation * to make arp work. The way we do this is by telling everyone * that we are an Ethernet, and then catch the packets that * ether_output() left on our output queue queue when it calls * if_start(), rewrite them for use by the real outgoing interface, * and ask it to send them. * * * XXX It's incorrect to assume that we must always kludge up * headers on the physical device's behalf: some devices support * VLAN tag insertion and extraction in firmware. For these cases, * one can change the behavior of the vlan interface by setting * the LINK0 flag on it (that is setting the vlan interface's LINK0 * flag, _not_ the parent's LINK0 flag; we try to leave the parent * alone). If the interface has the LINK0 flag set, then it will * not modify the ethernet header on output, because the parent * can do that for itself. On input, the parent can call vlan_input_tag() * directly in order to supply us with an incoming mbuf and the vlan * tag value that goes with it. */ #ifndef NVLAN #include "use_vlan.h" #endif #include "opt_inet.h" #include #include #include #include #include #include #include #include #include #include #include #include /* XXX: Shouldn't really be required! */ #include #include #include #include #include #include #include #include "if_vlan_var.h" #ifdef INET #include #include #endif #define VLANNAME "vlan" SYSCTL_DECL(_net_link); SYSCTL_NODE(_net_link, IFT_L2VLAN, vlan, CTLFLAG_RW, 0, "IEEE 802.1Q VLAN"); SYSCTL_NODE(_net_link_vlan, PF_LINK, link, CTLFLAG_RW, 0, "for consistency"); static MALLOC_DEFINE(M_VLAN, "vlan", "802.1Q Virtual LAN Interface"); static LIST_HEAD(, ifvlan) ifv_list; static int vlan_clone_create(struct if_clone *, int); static void vlan_clone_destroy(struct ifnet *); static void vlan_start(struct ifnet *ifp); static void vlan_ifinit(void *foo); static int vlan_input(struct ether_header *eh, struct mbuf *m); static int vlan_input_tag(struct mbuf *m, uint16_t t); static int vlan_ioctl(struct ifnet *ifp, u_long cmd, caddr_t addr, struct ucred *cr); static int vlan_setmulti(struct ifnet *ifp); static int vlan_unconfig(struct ifnet *ifp); static int vlan_config(struct ifvlan *ifv, struct ifnet *p); struct if_clone vlan_cloner = IF_CLONE_INITIALIZER("vlan", vlan_clone_create, vlan_clone_destroy, NVLAN, IF_MAXUNIT); /* * Program our multicast filter. What we're actually doing is * programming the multicast filter of the parent. This has the * side effect of causing the parent interface to receive multicast * traffic that it doesn't really want, which ends up being discarded * later by the upper protocol layers. Unfortunately, there's no way * to avoid this: there really is only one physical interface. */ static int vlan_setmulti(struct ifnet *ifp) { struct ifnet *ifp_p; struct ifmultiaddr *ifma, *rifma = NULL; struct ifvlan *sc; struct vlan_mc_entry *mc = NULL; struct sockaddr_dl sdl; int error; /* Find the parent. */ sc = ifp->if_softc; ifp_p = sc->ifv_p; /* * If we don't have a parent, just remember the membership for * when we do. */ if (ifp_p == NULL) return(0); bzero((char *)&sdl, sizeof sdl); sdl.sdl_len = sizeof sdl; sdl.sdl_family = AF_LINK; sdl.sdl_index = ifp_p->if_index; sdl.sdl_type = IFT_ETHER; sdl.sdl_alen = ETHER_ADDR_LEN; /* First, remove any existing filter entries. */ while(SLIST_FIRST(&sc->vlan_mc_listhead) != NULL) { mc = SLIST_FIRST(&sc->vlan_mc_listhead); bcopy((char *)&mc->mc_addr, LLADDR(&sdl), ETHER_ADDR_LEN); error = if_delmulti(ifp_p, (struct sockaddr *)&sdl); if (error) return(error); SLIST_REMOVE_HEAD(&sc->vlan_mc_listhead, mc_entries); free(mc, M_VLAN); } /* Now program new ones. */ LIST_FOREACH(ifma, &ifp->if_multiaddrs, ifma_link) { if (ifma->ifma_addr->sa_family != AF_LINK) continue; mc = malloc(sizeof(struct vlan_mc_entry), M_VLAN, M_WAITOK); bcopy(LLADDR((struct sockaddr_dl *)ifma->ifma_addr), (char *)&mc->mc_addr, ETHER_ADDR_LEN); SLIST_INSERT_HEAD(&sc->vlan_mc_listhead, mc, mc_entries); bcopy(LLADDR((struct sockaddr_dl *)ifma->ifma_addr), LLADDR(&sdl), ETHER_ADDR_LEN); error = if_addmulti(ifp_p, (struct sockaddr *)&sdl, &rifma); if (error) return(error); } return(0); } static int vlan_modevent(module_t mod, int type, void *data) { switch (type) { case MOD_LOAD: LIST_INIT(&ifv_list); vlan_input_p = vlan_input; vlan_input_tag_p = vlan_input_tag; if_clone_attach(&vlan_cloner); break; case MOD_UNLOAD: if_clone_detach(&vlan_cloner); vlan_input_p = NULL; vlan_input_tag_p = NULL; while (!LIST_EMPTY(&ifv_list)) vlan_clone_destroy(&LIST_FIRST(&ifv_list)->ifv_if); break; } return 0; } static moduledata_t vlan_mod = { "if_vlan", vlan_modevent, 0 }; DECLARE_MODULE(if_vlan, vlan_mod, SI_SUB_PSEUDO, SI_ORDER_ANY); static int vlan_clone_create(struct if_clone *ifc, int unit) { struct ifvlan *ifv; struct ifnet *ifp; ifv = malloc(sizeof(struct ifvlan), M_VLAN, M_WAITOK | M_ZERO); ifp = &ifv->ifv_if; SLIST_INIT(&ifv->vlan_mc_listhead); crit_enter(); LIST_INSERT_HEAD(&ifv_list, ifv, ifv_list); crit_exit(); ifp->if_softc = ifv; if_initname(ifp, "vlan", unit); /* NB: flags are not set here */ ifp->if_linkmib = &ifv->ifv_mib; ifp->if_linkmiblen = sizeof ifv->ifv_mib; /* NB: mtu is not set here */ ifp->if_init = vlan_ifinit; ifp->if_start = vlan_start; ifp->if_ioctl = vlan_ioctl; ifq_set_maxlen(&ifp->if_snd, ifqmaxlen); ifq_set_ready(&ifp->if_snd); ether_ifattach(ifp, ifv->ifv_ac.ac_enaddr, NULL); /* Now undo some of the damage... */ ifp->if_data.ifi_type = IFT_L2VLAN; ifp->if_data.ifi_hdrlen = EVL_ENCAPLEN; return (0); } static void vlan_clone_destroy(struct ifnet *ifp) { struct ifvlan *ifv = ifp->if_softc; crit_enter(); LIST_REMOVE(ifv, ifv_list); vlan_unconfig(ifp); ether_ifdetach(ifp); crit_exit(); free(ifv, M_VLAN); } static void vlan_ifinit(void *foo) { return; } static void vlan_start(struct ifnet *ifp) { struct ifvlan *ifv; struct ifnet *p; struct ether_vlan_header *evl; struct mbuf *m; int error; struct altq_pktattr pktattr; ifv = ifp->if_softc; p = ifv->ifv_p; ifp->if_flags |= IFF_OACTIVE; for (;;) { m = ifq_dequeue(&ifp->if_snd, NULL); if (m == NULL) break; BPF_MTAP(ifp, m); /* * Do not run parent's if_start() if the parent is not up, * or parent's driver will cause a system crash. */ if ((p->if_flags & (IFF_UP | IFF_RUNNING)) != (IFF_UP | IFF_RUNNING)) { m_freem(m); ifp->if_data.ifi_collisions++; continue; } /* * If ALTQ is enabled on the parent interface, do * classification; the queueing discipline might * not require classification, but might require * the address family/header pointer in the pktattr. */ if (ifq_is_enabled(&p->if_snd)) altq_etherclassify(&p->if_snd, m, &pktattr); /* * If the LINK0 flag is set, it means the underlying interface * can do VLAN tag insertion itself and doesn't require us to * create a special header for it. In this case, we just pass * the packet along. However, we need some way to tell the * interface where the packet came from so that it knows how * to find the VLAN tag to use, so we set the rcvif in the * mbuf header to our ifnet. * * Note: we also set the M_PROTO1 flag in the mbuf to let * the parent driver know that the rcvif pointer is really * valid. We need to do this because sometimes mbufs will * be allocated by other parts of the system that contain * garbage in the rcvif pointer. Using the M_PROTO1 flag * lets the driver perform a proper sanity check and avoid * following potentially bogus rcvif pointers off into * never-never land. */ if (ifp->if_flags & IFF_LINK0) { m->m_pkthdr.rcvif = ifp; m->m_flags |= M_PROTO1; } else { M_PREPEND(m, EVL_ENCAPLEN, MB_DONTWAIT); if (m == NULL) { printf("%s: M_PREPEND failed", ifp->if_xname); ifp->if_ierrors++; continue; } /* M_PREPEND takes care of m_len, m_pkthdr.len for us */ m = m_pullup(m, ETHER_HDR_LEN + EVL_ENCAPLEN); if (m == NULL) { printf("%s: m_pullup failed", ifp->if_xname); ifp->if_ierrors++; continue; } /* * Transform the Ethernet header into an Ethernet header * with 802.1Q encapsulation. */ bcopy(mtod(m, char *) + EVL_ENCAPLEN, mtod(m, char *), sizeof(struct ether_header)); evl = mtod(m, struct ether_vlan_header *); evl->evl_proto = evl->evl_encap_proto; evl->evl_encap_proto = htons(ETHERTYPE_VLAN); evl->evl_tag = htons(ifv->ifv_tag); #ifdef DEBUG printf("vlan_start: %*D\n", sizeof *evl, (unsigned char *)evl, ":"); #endif } /* * Send it, precisely as ether_output() would have. * We are already running at splimp. */ lwkt_serialize_exit(ifp->if_serializer); lwkt_serialize_enter(p->if_serializer); error = ifq_handoff(p, m, &pktattr); lwkt_serialize_exit(p->if_serializer); lwkt_serialize_enter(ifp->if_serializer); if (error) ifp->if_oerrors++; else ifp->if_opackets++; } ifp->if_flags &= ~IFF_OACTIVE; return; } static int vlan_input_tag( struct mbuf *m, uint16_t t) { struct bpf_if *bif; struct ifvlan *ifv; struct ether_header *eh = mtod(m, struct ether_header *); struct ifnet *rcvif; m_adj(m, ETHER_HDR_LEN); rcvif = m->m_pkthdr.rcvif; ASSERT_SERIALIZED(rcvif->if_serializer); /* * Fake up a header and send the packet to the physical interface's * bpf tap if active. */ if ((bif = rcvif->if_bpf) != NULL) { struct ether_vlan_header evh; bcopy(eh, &evh, 2*ETHER_ADDR_LEN); evh.evl_encap_proto = htons(ETHERTYPE_VLAN); evh.evl_tag = htons(t); evh.evl_proto = eh->ether_type; bpf_ptap(bif, m, &evh, ETHER_HDR_LEN + EVL_ENCAPLEN); } for (ifv = LIST_FIRST(&ifv_list); ifv != NULL; ifv = LIST_NEXT(ifv, ifv_list)) { if (rcvif == ifv->ifv_p && ifv->ifv_tag == t) break; } if (ifv == NULL || (ifv->ifv_if.if_flags & IFF_UP) == 0) { m_freem(m); return -1; /* So the parent can take note */ } /* * Having found a valid vlan interface corresponding to * the given source interface and vlan tag, run the * the real packet through ether_input(). */ m->m_pkthdr.rcvif = &ifv->ifv_if; ifv->ifv_if.if_ipackets++; lwkt_serialize_exit(rcvif->if_serializer); lwkt_serialize_enter(ifv->ifv_if.if_serializer); ether_input(&ifv->ifv_if, eh, m); lwkt_serialize_exit(ifv->ifv_if.if_serializer); lwkt_serialize_enter(rcvif->if_serializer); return 0; } static int vlan_input(struct ether_header *eh, struct mbuf *m) { struct ifvlan *ifv; struct ifnet *rcvif; rcvif = m->m_pkthdr.rcvif; ASSERT_SERIALIZED(rcvif->if_serializer); for (ifv = LIST_FIRST(&ifv_list); ifv != NULL; ifv = LIST_NEXT(ifv, ifv_list)) { if (rcvif == ifv->ifv_p && (EVL_VLANOFTAG(ntohs(*mtod(m, u_int16_t *))) == ifv->ifv_tag)) break; } if (ifv == NULL || (ifv->ifv_if.if_flags & IFF_UP) == 0) { rcvif->if_noproto++; m_freem(m); return -1; /* so ether_input can take note */ } /* * Having found a valid vlan interface corresponding to * the given source interface and vlan tag, remove the * encapsulation, and run the real packet through * ether_input() a second time (it had better be * reentrant!). */ m->m_pkthdr.rcvif = &ifv->ifv_if; eh->ether_type = mtod(m, u_int16_t *)[1]; m->m_data += EVL_ENCAPLEN; m->m_len -= EVL_ENCAPLEN; m->m_pkthdr.len -= EVL_ENCAPLEN; ifv->ifv_if.if_ipackets++; lwkt_serialize_exit(rcvif->if_serializer); lwkt_serialize_enter(ifv->ifv_if.if_serializer); ether_input(&ifv->ifv_if, eh, m); lwkt_serialize_exit(ifv->ifv_if.if_serializer); lwkt_serialize_enter(rcvif->if_serializer); return 0; } static int vlan_config(struct ifvlan *ifv, struct ifnet *p) { struct sockaddr_dl *sdl1, *sdl2; if (p->if_data.ifi_type != IFT_ETHER) return EPROTONOSUPPORT; if (ifv->ifv_p) return EBUSY; ifv->ifv_p = p; if (p->if_data.ifi_hdrlen == sizeof(struct ether_vlan_header)) ifv->ifv_if.if_mtu = p->if_mtu; else ifv->ifv_if.if_mtu = p->if_data.ifi_mtu - EVL_ENCAPLEN; /* * Copy only a selected subset of flags from the parent. * Other flags are none of our business. */ ifv->ifv_if.if_flags = (p->if_flags & (IFF_BROADCAST | IFF_MULTICAST | IFF_SIMPLEX | IFF_POINTOPOINT)); /* * Set up our ``Ethernet address'' to reflect the underlying * physical interface's. */ sdl1 = IF_LLSOCKADDR(&ifv->ifv_if); sdl2 = IF_LLSOCKADDR(p); sdl1->sdl_type = IFT_ETHER; sdl1->sdl_alen = ETHER_ADDR_LEN; bcopy(LLADDR(sdl2), LLADDR(sdl1), ETHER_ADDR_LEN); bcopy(LLADDR(sdl2), ifv->ifv_ac.ac_enaddr, ETHER_ADDR_LEN); /* * Configure multicast addresses that may already be * joined on the vlan device. */ (void)vlan_setmulti(&ifv->ifv_if); return 0; } static int vlan_unconfig(struct ifnet *ifp) { struct sockaddr_dl *sdl; struct vlan_mc_entry *mc; struct ifvlan *ifv; struct ifnet *p; int error; ifv = ifp->if_softc; p = ifv->ifv_p; if (p) { struct sockaddr_dl sdl; /* * Since the interface is being unconfigured, we need to * empty the list of multicast groups that we may have joined * while we were alive from the parent's list. */ bzero((char *)&sdl, sizeof sdl); sdl.sdl_len = sizeof sdl; sdl.sdl_family = AF_LINK; sdl.sdl_index = p->if_index; sdl.sdl_type = IFT_ETHER; sdl.sdl_alen = ETHER_ADDR_LEN; while(SLIST_FIRST(&ifv->vlan_mc_listhead) != NULL) { mc = SLIST_FIRST(&ifv->vlan_mc_listhead); bcopy((char *)&mc->mc_addr, LLADDR(&sdl), ETHER_ADDR_LEN); error = if_delmulti(p, (struct sockaddr *)&sdl); if (error) return(error); SLIST_REMOVE_HEAD(&ifv->vlan_mc_listhead, mc_entries); free(mc, M_VLAN); } } /* Disconnect from parent. */ ifv->ifv_p = NULL; ifv->ifv_if.if_mtu = ETHERMTU; /* Clear our MAC address. */ sdl = IF_LLSOCKADDR(&ifv->ifv_if); sdl->sdl_type = IFT_ETHER; sdl->sdl_alen = ETHER_ADDR_LEN; bzero(LLADDR(sdl), ETHER_ADDR_LEN); bzero(ifv->ifv_ac.ac_enaddr, ETHER_ADDR_LEN); return 0; } static int vlan_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data, struct ucred *cr) { struct ifaddr *ifa; struct ifnet *p; struct ifreq *ifr; struct ifvlan *ifv; struct vlanreq vlr; int error = 0; ifr = (struct ifreq *)data; ifa = (struct ifaddr *)data; ifv = ifp->if_softc; ASSERT_SERIALIZED(ifp->if_serializer); crit_enter(); switch (cmd) { case SIOCSIFADDR: ifp->if_flags |= IFF_UP; switch (ifa->ifa_addr->sa_family) { #ifdef INET case AF_INET: arp_ifinit(&ifv->ifv_if, ifa); break; #endif default: break; } break; case SIOCGIFADDR: { struct sockaddr *sa; sa = (struct sockaddr *) &ifr->ifr_data; bcopy(((struct arpcom *)ifp->if_softc)->ac_enaddr, (caddr_t) sa->sa_data, ETHER_ADDR_LEN); } break; case SIOCGIFMEDIA: if (ifv->ifv_p != NULL) { lwkt_serialize_exit(ifp->if_serializer); lwkt_serialize_enter(ifv->ifv_p->if_serializer); error = ifv->ifv_p->if_ioctl(ifv->ifv_p, SIOCGIFMEDIA, data, cr); lwkt_serialize_exit(ifv->ifv_p->if_serializer); lwkt_serialize_enter(ifp->if_serializer); /* Limit the result to the parent's current config. */ if (error == 0) { struct ifmediareq *ifmr; ifmr = (struct ifmediareq *) data; if (ifmr->ifm_count >= 1 && ifmr->ifm_ulist) { ifmr->ifm_count = 1; error = copyout(&ifmr->ifm_current, ifmr->ifm_ulist, sizeof(int)); } } } else error = EINVAL; break; case SIOCSIFMEDIA: error = EINVAL; break; case SIOCSIFMTU: /* * Set the interface MTU. * This is bogus. The underlying interface might support * jumbo frames. */ if (ifr->ifr_mtu > ETHERMTU) { error = EINVAL; } else { ifp->if_mtu = ifr->ifr_mtu; } break; case SIOCSETVLAN: error = copyin(ifr->ifr_data, &vlr, sizeof vlr); if (error) break; if (vlr.vlr_parent[0] == '\0') { vlan_unconfig(ifp); if (ifp->if_flags & IFF_UP) if_down(ifp); ifp->if_flags &= ~IFF_RUNNING; break; } p = ifunit(vlr.vlr_parent); if (p == 0) { error = ENOENT; break; } error = vlan_config(ifv, p); if (error) break; ifv->ifv_tag = vlr.vlr_tag; ifp->if_flags |= IFF_RUNNING; break; case SIOCGETVLAN: bzero(&vlr, sizeof vlr); if (ifv->ifv_p) { strlcpy(vlr.vlr_parent, ifv->ifv_p->if_xname, sizeof(vlr.vlr_parent)); vlr.vlr_tag = ifv->ifv_tag; } error = copyout(&vlr, ifr->ifr_data, sizeof vlr); break; case SIOCSIFFLAGS: /* * We don't support promiscuous mode * right now because it would require help from the * underlying drivers, which hasn't been implemented. */ if (ifr->ifr_flags & (IFF_PROMISC)) { ifp->if_flags &= ~(IFF_PROMISC); error = EINVAL; } break; case SIOCADDMULTI: case SIOCDELMULTI: error = vlan_setmulti(ifp); break; default: error = EINVAL; } crit_exit(); return error; }