White space changes
[dragonfly.git] / sys / net / bridge / if_bridge.c
CommitLineData
ac93838f
SS
1/*
2 * Copyright 2001 Wasabi Systems, Inc.
3 * All rights reserved.
4 *
5 * Written by Jason R. Thorpe for Wasabi Systems, Inc.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 * 3. All advertising materials mentioning features or use of this software
16 * must display the following acknowledgement:
17 * This product includes software developed for the NetBSD Project by
18 * Wasabi Systems, Inc.
19 * 4. The name of Wasabi Systems, Inc. may not be used to endorse
20 * or promote products derived from this software without specific prior
21 * written permission.
22 *
23 * THIS SOFTWARE IS PROVIDED BY WASABI SYSTEMS, INC. ``AS IS'' AND
24 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
25 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
26 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL WASABI SYSTEMS, INC
27 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
28 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
29 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
30 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
31 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
32 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
33 * POSSIBILITY OF SUCH DAMAGE.
34 */
35
36/*
37 * Copyright (c) 1999, 2000 Jason L. Wright (jason@thought.net)
38 * All rights reserved.
39 *
40 * Redistribution and use in source and binary forms, with or without
41 * modification, are permitted provided that the following conditions
42 * are met:
43 * 1. Redistributions of source code must retain the above copyright
44 * notice, this list of conditions and the following disclaimer.
45 * 2. Redistributions in binary form must reproduce the above copyright
46 * notice, this list of conditions and the following disclaimer in the
47 * documentation and/or other materials provided with the distribution.
48 * 3. All advertising materials mentioning features or use of this software
49 * must display the following acknowledgement:
50 * This product includes software developed by Jason L. Wright
51 * 4. The name of the author may not be used to endorse or promote products
52 * derived from this software without specific prior written permission.
53 *
54 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
55 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
56 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
57 * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
58 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
59 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
60 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
61 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
62 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
63 * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
64 * POSSIBILITY OF SUCH DAMAGE.
65 *
66 * $OpenBSD: if_bridge.c,v 1.60 2001/06/15 03:38:33 itojun Exp $
67 * $NetBSD: if_bridge.c,v 1.31 2005/06/01 19:45:34 jdc Exp $
68 * $FreeBSD: src/sys/net/if_bridge.c,v 1.26 2005/10/13 23:05:55 thompsa Exp $
d76dd5c7 69 * $DragonFly: src/sys/net/bridge/if_bridge.c,v 1.54 2008/11/21 12:43:42 sephe Exp $
ac93838f
SS
70 */
71
72/*
73 * Network interface bridge support.
74 *
75 * TODO:
76 *
77 * - Currently only supports Ethernet-like interfaces (Ethernet,
78 * 802.11, VLANs on Ethernet, etc.) Figure out a nice way
79 * to bridge other types of interfaces (FDDI-FDDI, and maybe
80 * consider heterogenous bridges).
4394693c
SZ
81 *
82 *
83 * Bridge's route information is duplicated to each CPUs:
84 *
85 * CPU0 CPU1 CPU2 CPU3
86 * +-----------+ +-----------+ +-----------+ +-----------+
87 * | rtnode | | rtnode | | rtnode | | rtnode |
88 * | | | | | | | |
89 * | dst eaddr | | dst eaddr | | dst eaddr | | dst eaddr |
90 * +-----------+ +-----------+ +-----------+ +-----------+
91 * | | | |
92 * | | | |
93 * | | +----------+ | |
94 * | | | rtinfo | | |
95 * | +---->| |<---+ |
96 * | | flags | |
97 * +-------------->| timeout |<-------------+
98 * | dst_ifp |
99 * +----------+
100 *
101 * We choose to put timeout and dst_ifp into shared part, so updating
102 * them will be cheaper than using message forwarding. Also there is
103 * not need to use spinlock to protect the updating: timeout and dst_ifp
104 * is not related and specific field's updating order has no importance.
105 * The cache pollution by the share part should not be heavy: in a stable
106 * setup, dst_ifp probably will be not changed in rtnode's life time,
107 * while timeout is refreshed once per second; most of the time, timeout
108 * and dst_ifp are read-only accessed.
109 *
110 *
111 * Bridge route information installation on bridge_input path:
112 *
113 * CPU0 CPU1 CPU2 CPU3
114 *
115 * tcp_thread2
116 * |
117 * alloc nmsg
118 * snd nmsg |
119 * w/o rtinfo |
120 * ifnet0<-----------------------+
121 * | :
122 * lookup dst :
123 * rtnode exists?(Y)free nmsg :
124 * |(N) :
125 * |
126 * alloc rtinfo
127 * alloc rtnode
128 * install rtnode
129 * |
130 * +---------->ifnet1
131 * : fwd nmsg |
132 * : w/ rtinfo |
133 * : |
134 * : |
135 * alloc rtnode
136 * (w/ nmsg's rtinfo)
137 * install rtnode
138 * |
139 * +---------->ifnet2
140 * : fwd nmsg |
141 * : w/ rtinfo |
142 * : |
143 * : same as ifnet1
144 * |
145 * +---------->ifnet3
146 * : fwd nmsg |
147 * : w/ rtinfo |
148 * : |
149 * : same as ifnet1
150 * free nmsg
151 * :
152 * :
153 *
154 * The netmsgs forwarded between protocol threads and ifnet threads are
155 * allocated with (M_WAITOK|M_NULLOK), so it will not fail under most
156 * cases (route information is too precious to be not installed :).
157 * Since multiple threads may try to install route information for the
158 * same dst eaddr, we look up route information in ifnet0. However, this
159 * looking up only need to be performed on ifnet0, which is the start
160 * point of the route information installation process.
161 *
162 *
163 * Bridge route information deleting/flushing:
164 *
165 * CPU0 CPU1 CPU2 CPU3
166 *
167 * netisr0
168 * |
169 * find suitable rtnodes,
170 * mark their rtinfo dead
171 * |
172 * | domsg <------------------------------------------+
173 * | | replymsg
174 * | |
175 * V fwdmsg fwdmsg fwdmsg |
176 * ifnet0 --------> ifnet1 --------> ifnet2 --------> ifnet3
177 * delete rtnodes delete rtnodes delete rtnodes delete rtnodes
178 * w/ dead rtinfo w/ dead rtinfo w/ dead rtinfo w/ dead rtinfo
179 * free dead rtinfos
180 *
181 * All deleting/flushing operations are serialized by netisr0, so each
182 * operation only reaps the route information marked dead by itself.
183 *
184 *
185 * Bridge route information adding/deleting/flushing:
186 * Since all operation is serialized by the fixed message flow between
187 * ifnet threads, it is not possible to create corrupted per-cpu route
188 * information.
ac93838f
SS
189 */
190
ac93838f
SS
191#include "opt_inet.h"
192#include "opt_inet6.h"
193
194#include <sys/param.h>
195#include <sys/mbuf.h>
196#include <sys/malloc.h>
197#include <sys/protosw.h>
198#include <sys/systm.h>
199#include <sys/time.h>
200#include <sys/socket.h> /* for net/if.h */
201#include <sys/sockio.h>
202#include <sys/ctype.h> /* string functions */
203#include <sys/kernel.h>
204#include <sys/random.h>
205#include <sys/sysctl.h>
206#include <sys/module.h>
207#include <sys/proc.h>
208#include <sys/lock.h>
209#include <sys/thread.h>
210#include <sys/thread2.h>
211#include <sys/mpipe.h>
212
213#include <net/bpf.h>
214#include <net/if.h>
215#include <net/if_dl.h>
216#include <net/if_types.h>
217#include <net/if_var.h>
218#include <net/pfil.h>
219#include <net/ifq_var.h>
65a24520 220#include <net/if_clone.h>
ac93838f
SS
221
222#include <netinet/in.h> /* for struct arpcom */
223#include <netinet/in_systm.h>
224#include <netinet/in_var.h>
225#include <netinet/ip.h>
226#include <netinet/ip_var.h>
227#ifdef INET6
228#include <netinet/ip6.h>
229#include <netinet6/ip6_var.h>
230#endif
231#include <netinet/if_ether.h> /* for struct arpcom */
232#include <net/bridge/if_bridgevar.h>
233#include <net/if_llc.h>
ecd27a4c 234#include <net/netmsg2.h>
ac93838f
SS
235
236#include <net/route.h>
237#include <sys/in_cksum.h>
238
239/*
240 * Size of the route hash table. Must be a power of two.
241 */
242#ifndef BRIDGE_RTHASH_SIZE
243#define BRIDGE_RTHASH_SIZE 1024
244#endif
245
246#define BRIDGE_RTHASH_MASK (BRIDGE_RTHASH_SIZE - 1)
247
248/*
249 * Maximum number of addresses to cache.
250 */
251#ifndef BRIDGE_RTABLE_MAX
252#define BRIDGE_RTABLE_MAX 100
253#endif
254
255/*
256 * Spanning tree defaults.
257 */
258#define BSTP_DEFAULT_MAX_AGE (20 * 256)
259#define BSTP_DEFAULT_HELLO_TIME (2 * 256)
260#define BSTP_DEFAULT_FORWARD_DELAY (15 * 256)
261#define BSTP_DEFAULT_HOLD_TIME (1 * 256)
262#define BSTP_DEFAULT_BRIDGE_PRIORITY 0x8000
263#define BSTP_DEFAULT_PORT_PRIORITY 0x80
264#define BSTP_DEFAULT_PATH_COST 55
265
266/*
267 * Timeout (in seconds) for entries learned dynamically.
268 */
269#ifndef BRIDGE_RTABLE_TIMEOUT
270#define BRIDGE_RTABLE_TIMEOUT (20 * 60) /* same as ARP */
271#endif
272
273/*
274 * Number of seconds between walks of the route list.
275 */
276#ifndef BRIDGE_RTABLE_PRUNE_PERIOD
277#define BRIDGE_RTABLE_PRUNE_PERIOD (5 * 60)
278#endif
279
d217f5e5
SU
280/*
281 * List of capabilities to mask on the member interface.
282 */
283#define BRIDGE_IFCAPS_MASK IFCAP_TXCSUM
284
4394693c
SZ
285typedef int (*bridge_ctl_t)(struct bridge_softc *, void *);
286
287struct netmsg_brctl {
288 struct netmsg bc_nmsg;
289 bridge_ctl_t bc_func;
290 struct bridge_softc *bc_sc;
291 void *bc_arg;
292};
293
294struct netmsg_brsaddr {
295 struct netmsg br_nmsg;
296 struct bridge_softc *br_softc;
297 struct ifnet *br_dst_if;
298 struct bridge_rtinfo *br_rtinfo;
299 int br_setflags;
300 uint8_t br_dst[ETHER_ADDR_LEN];
301 uint8_t br_flags;
302};
303
8f7b13ef
SZ
304struct netmsg_braddbif {
305 struct netmsg br_nmsg;
306 struct bridge_softc *br_softc;
307 struct bridge_ifinfo *br_bif_info;
308 struct ifnet *br_bif_ifp;
309};
310
311struct netmsg_brdelbif {
312 struct netmsg br_nmsg;
313 struct bridge_softc *br_softc;
314 struct bridge_ifinfo *br_bif_info;
315 struct bridge_iflist_head *br_bif_list;
316};
317
318struct netmsg_brsflags {
319 struct netmsg br_nmsg;
320 struct bridge_softc *br_softc;
321 struct bridge_ifinfo *br_bif_info;
322 uint32_t br_bif_flags;
323};
324
d217f5e5
SU
325eventhandler_tag bridge_detach_cookie = NULL;
326
ac93838f 327extern struct mbuf *(*bridge_input_p)(struct ifnet *, struct mbuf *);
eb366364 328extern int (*bridge_output_p)(struct ifnet *, struct mbuf *);
ac93838f 329extern void (*bridge_dn_p)(struct mbuf *, struct ifnet *);
ac93838f 330
d217f5e5 331static int bridge_rtable_prune_period = BRIDGE_RTABLE_PRUNE_PERIOD;
ac93838f 332
d217f5e5
SU
333static int bridge_clone_create(struct if_clone *, int);
334static void bridge_clone_destroy(struct ifnet *);
ac93838f 335
d217f5e5 336static int bridge_ioctl(struct ifnet *, u_long, caddr_t, struct ucred *);
8f7b13ef
SZ
337static void bridge_mutecaps(struct bridge_ifinfo *, struct ifnet *, int);
338static void bridge_ifdetach(void *, struct ifnet *);
ac93838f 339static void bridge_init(void *);
867cc45a 340static void bridge_stop(struct ifnet *);
d217f5e5
SU
341static void bridge_start(struct ifnet *);
342static struct mbuf *bridge_input(struct ifnet *, struct mbuf *);
eb366364 343static int bridge_output(struct ifnet *, struct mbuf *);
d217f5e5
SU
344
345static void bridge_forward(struct bridge_softc *, struct mbuf *m);
346
e9d22060 347static void bridge_timer_handler(struct netmsg *);
d217f5e5
SU
348static void bridge_timer(void *);
349
350static void bridge_broadcast(struct bridge_softc *, struct ifnet *,
351 struct mbuf *, int);
352static void bridge_span(struct bridge_softc *, struct mbuf *);
353
354static int bridge_rtupdate(struct bridge_softc *, const uint8_t *,
4394693c 355 struct ifnet *, uint8_t);
d217f5e5 356static struct ifnet *bridge_rtlookup(struct bridge_softc *, const uint8_t *);
4394693c 357static void bridge_rtreap(struct bridge_softc *);
d217f5e5 358static void bridge_rttrim(struct bridge_softc *);
4394693c 359static int bridge_rtage_finddead(struct bridge_softc *);
d217f5e5
SU
360static void bridge_rtage(struct bridge_softc *);
361static void bridge_rtflush(struct bridge_softc *, int);
362static int bridge_rtdaddr(struct bridge_softc *, const uint8_t *);
4394693c
SZ
363static int bridge_rtsaddr(struct bridge_softc *, const uint8_t *,
364 struct ifnet *, uint8_t);
365static void bridge_rtmsg_sync(struct bridge_softc *sc);
366static void bridge_rtreap_handler(struct netmsg *);
367static void bridge_rtinstall_handler(struct netmsg *);
368static int bridge_rtinstall_oncpu(struct bridge_softc *, const uint8_t *,
369 struct ifnet *, int, uint8_t, struct bridge_rtinfo **);
370
371static void bridge_rtable_init(struct bridge_softc *);
d217f5e5
SU
372static void bridge_rtable_fini(struct bridge_softc *);
373
374static int bridge_rtnode_addr_cmp(const uint8_t *, const uint8_t *);
375static struct bridge_rtnode *bridge_rtnode_lookup(struct bridge_softc *,
376 const uint8_t *);
4394693c 377static void bridge_rtnode_insert(struct bridge_softc *,
d217f5e5
SU
378 struct bridge_rtnode *);
379static void bridge_rtnode_destroy(struct bridge_softc *,
380 struct bridge_rtnode *);
381
382static struct bridge_iflist *bridge_lookup_member(struct bridge_softc *,
383 const char *name);
384static struct bridge_iflist *bridge_lookup_member_if(struct bridge_softc *,
385 struct ifnet *ifp);
8f7b13ef
SZ
386static struct bridge_iflist *bridge_lookup_member_ifinfo(struct bridge_softc *,
387 struct bridge_ifinfo *);
d217f5e5
SU
388static void bridge_delete_member(struct bridge_softc *,
389 struct bridge_iflist *, int);
390static void bridge_delete_span(struct bridge_softc *,
391 struct bridge_iflist *);
392
0b326f64
SZ
393static int bridge_control(struct bridge_softc *, u_long,
394 bridge_ctl_t, void *);
d71129d9
SZ
395static int bridge_ioctl_init(struct bridge_softc *, void *);
396static int bridge_ioctl_stop(struct bridge_softc *, void *);
d217f5e5
SU
397static int bridge_ioctl_add(struct bridge_softc *, void *);
398static int bridge_ioctl_del(struct bridge_softc *, void *);
399static int bridge_ioctl_gifflags(struct bridge_softc *, void *);
400static int bridge_ioctl_sifflags(struct bridge_softc *, void *);
401static int bridge_ioctl_scache(struct bridge_softc *, void *);
402static int bridge_ioctl_gcache(struct bridge_softc *, void *);
403static int bridge_ioctl_gifs(struct bridge_softc *, void *);
404static int bridge_ioctl_rts(struct bridge_softc *, void *);
405static int bridge_ioctl_saddr(struct bridge_softc *, void *);
406static int bridge_ioctl_sto(struct bridge_softc *, void *);
407static int bridge_ioctl_gto(struct bridge_softc *, void *);
408static int bridge_ioctl_daddr(struct bridge_softc *, void *);
409static int bridge_ioctl_flush(struct bridge_softc *, void *);
410static int bridge_ioctl_gpri(struct bridge_softc *, void *);
411static int bridge_ioctl_spri(struct bridge_softc *, void *);
412static int bridge_ioctl_ght(struct bridge_softc *, void *);
413static int bridge_ioctl_sht(struct bridge_softc *, void *);
414static int bridge_ioctl_gfd(struct bridge_softc *, void *);
415static int bridge_ioctl_sfd(struct bridge_softc *, void *);
416static int bridge_ioctl_gma(struct bridge_softc *, void *);
417static int bridge_ioctl_sma(struct bridge_softc *, void *);
418static int bridge_ioctl_sifprio(struct bridge_softc *, void *);
419static int bridge_ioctl_sifcost(struct bridge_softc *, void *);
420static int bridge_ioctl_addspan(struct bridge_softc *, void *);
421static int bridge_ioctl_delspan(struct bridge_softc *, void *);
422static int bridge_pfil(struct mbuf **, struct ifnet *, struct ifnet *,
423 int);
424static int bridge_ip_checkbasic(struct mbuf **mp);
425#ifdef INET6
426static int bridge_ip6_checkbasic(struct mbuf **mp);
427#endif /* INET6 */
428static int bridge_fragment(struct ifnet *, struct mbuf *,
429 struct ether_header *, int, struct llc *);
ecd27a4c
SZ
430static void bridge_enqueue_internal(struct ifnet *, struct mbuf *m,
431 netisr_fn_t);
432static void bridge_enqueue_handler(struct netmsg *);
433static void bridge_pfil_enqueue_handler(struct netmsg *);
434static void bridge_pfil_enqueue(struct ifnet *, struct mbuf *, int);
ecd27a4c 435static void bridge_handoff(struct ifnet *, struct mbuf *);
ac93838f 436
8f7b13ef
SZ
437static void bridge_del_bif_handler(struct netmsg *);
438static void bridge_add_bif_handler(struct netmsg *);
439static void bridge_set_bifflags_handler(struct netmsg *);
440static void bridge_del_bif(struct bridge_softc *, struct bridge_ifinfo *,
441 struct bridge_iflist_head *);
442static void bridge_add_bif(struct bridge_softc *, struct bridge_ifinfo *,
443 struct ifnet *);
444static void bridge_set_bifflags(struct bridge_softc *,
445 struct bridge_ifinfo *, uint32_t);
446
ac93838f
SS
447SYSCTL_DECL(_net_link);
448SYSCTL_NODE(_net_link, IFT_BRIDGE, bridge, CTLFLAG_RW, 0, "Bridge");
449
d217f5e5 450static int pfil_onlyip = 1; /* only pass IP[46] packets when pfil is enabled */
ac93838f
SS
451static int pfil_bridge = 1; /* run pfil hooks on the bridge interface */
452static int pfil_member = 1; /* run pfil hooks on the member interface */
d217f5e5
SU
453SYSCTL_INT(_net_link_bridge, OID_AUTO, pfil_onlyip, CTLFLAG_RW,
454 &pfil_onlyip, 0, "Only pass IP packets when pfil is enabled");
ac93838f
SS
455SYSCTL_INT(_net_link_bridge, OID_AUTO, pfil_bridge, CTLFLAG_RW,
456 &pfil_bridge, 0, "Packet filter on the bridge interface");
457SYSCTL_INT(_net_link_bridge, OID_AUTO, pfil_member, CTLFLAG_RW,
458 &pfil_member, 0, "Packet filter on the member interface");
459
2d4d3c93
SZ
460struct bridge_control_arg {
461 union {
462 struct ifbreq ifbreq;
463 struct ifbifconf ifbifconf;
464 struct ifbareq ifbareq;
465 struct ifbaconf ifbaconf;
466 struct ifbrparam ifbrparam;
467 } bca_u;
468 int bca_len;
469 void *bca_uptr;
470 void *bca_kptr;
471};
472
ac93838f 473struct bridge_control {
23cf9e67
SZ
474 bridge_ctl_t bc_func;
475 int bc_argsize;
476 int bc_flags;
ac93838f
SS
477};
478
479#define BC_F_COPYIN 0x01 /* copy arguments in */
480#define BC_F_COPYOUT 0x02 /* copy arguments out */
481#define BC_F_SUSER 0x04 /* do super-user check */
482
483const struct bridge_control bridge_control_table[] = {
484 { bridge_ioctl_add, sizeof(struct ifbreq),
485 BC_F_COPYIN|BC_F_SUSER },
486 { bridge_ioctl_del, sizeof(struct ifbreq),
487 BC_F_COPYIN|BC_F_SUSER },
488
489 { bridge_ioctl_gifflags, sizeof(struct ifbreq),
490 BC_F_COPYIN|BC_F_COPYOUT },
491 { bridge_ioctl_sifflags, sizeof(struct ifbreq),
492 BC_F_COPYIN|BC_F_SUSER },
493
494 { bridge_ioctl_scache, sizeof(struct ifbrparam),
495 BC_F_COPYIN|BC_F_SUSER },
496 { bridge_ioctl_gcache, sizeof(struct ifbrparam),
497 BC_F_COPYOUT },
498
499 { bridge_ioctl_gifs, sizeof(struct ifbifconf),
500 BC_F_COPYIN|BC_F_COPYOUT },
501 { bridge_ioctl_rts, sizeof(struct ifbaconf),
502 BC_F_COPYIN|BC_F_COPYOUT },
503
504 { bridge_ioctl_saddr, sizeof(struct ifbareq),
505 BC_F_COPYIN|BC_F_SUSER },
506
507 { bridge_ioctl_sto, sizeof(struct ifbrparam),
508 BC_F_COPYIN|BC_F_SUSER },
509 { bridge_ioctl_gto, sizeof(struct ifbrparam),
510 BC_F_COPYOUT },
511
512 { bridge_ioctl_daddr, sizeof(struct ifbareq),
513 BC_F_COPYIN|BC_F_SUSER },
514
515 { bridge_ioctl_flush, sizeof(struct ifbreq),
516 BC_F_COPYIN|BC_F_SUSER },
517
518 { bridge_ioctl_gpri, sizeof(struct ifbrparam),
519 BC_F_COPYOUT },
520 { bridge_ioctl_spri, sizeof(struct ifbrparam),
521 BC_F_COPYIN|BC_F_SUSER },
522
523 { bridge_ioctl_ght, sizeof(struct ifbrparam),
524 BC_F_COPYOUT },
525 { bridge_ioctl_sht, sizeof(struct ifbrparam),
526 BC_F_COPYIN|BC_F_SUSER },
527
528 { bridge_ioctl_gfd, sizeof(struct ifbrparam),
529 BC_F_COPYOUT },
530 { bridge_ioctl_sfd, sizeof(struct ifbrparam),
531 BC_F_COPYIN|BC_F_SUSER },
532
533 { bridge_ioctl_gma, sizeof(struct ifbrparam),
534 BC_F_COPYOUT },
535 { bridge_ioctl_sma, sizeof(struct ifbrparam),
536 BC_F_COPYIN|BC_F_SUSER },
537
538 { bridge_ioctl_sifprio, sizeof(struct ifbreq),
539 BC_F_COPYIN|BC_F_SUSER },
540
541 { bridge_ioctl_sifcost, sizeof(struct ifbreq),
542 BC_F_COPYIN|BC_F_SUSER },
d217f5e5
SU
543
544 { bridge_ioctl_addspan, sizeof(struct ifbreq),
545 BC_F_COPYIN|BC_F_SUSER },
546 { bridge_ioctl_delspan, sizeof(struct ifbreq),
547 BC_F_COPYIN|BC_F_SUSER },
ac93838f 548};
2d4d3c93 549static const int bridge_control_table_size =
ac93838f
SS
550 sizeof(bridge_control_table) / sizeof(bridge_control_table[0]);
551
ac93838f
SS
552LIST_HEAD(, bridge_softc) bridge_list;
553
554struct if_clone bridge_cloner = IF_CLONE_INITIALIZER("bridge",
d217f5e5 555 bridge_clone_create,
ac93838f
SS
556 bridge_clone_destroy, 0, IF_MAXUNIT);
557
558static int
559bridge_modevent(module_t mod, int type, void *data)
560{
ac93838f
SS
561 switch (type) {
562 case MOD_LOAD:
563 LIST_INIT(&bridge_list);
564 if_clone_attach(&bridge_cloner);
565 bridge_input_p = bridge_input;
e1d2145d 566 bridge_output_p = bridge_output;
d217f5e5
SU
567 bridge_detach_cookie = EVENTHANDLER_REGISTER(
568 ifnet_detach_event, bridge_ifdetach, NULL,
569 EVENTHANDLER_PRI_ANY);
ac93838f 570#if notyet
ac93838f
SS
571 bstp_linkstate_p = bstp_linkstate;
572#endif
573 break;
574 case MOD_UNLOAD:
575 if (!LIST_EMPTY(&bridge_list))
d217f5e5
SU
576 return (EBUSY);
577 EVENTHANDLER_DEREGISTER(ifnet_detach_event,
578 bridge_detach_cookie);
ac93838f
SS
579 if_clone_detach(&bridge_cloner);
580 bridge_input_p = NULL;
581 bridge_output_p = NULL;
582#if notyet
ac93838f
SS
583 bstp_linkstate_p = NULL;
584#endif
585 break;
586 default:
d217f5e5 587 return (EOPNOTSUPP);
ac93838f 588 }
d217f5e5 589 return (0);
ac93838f
SS
590}
591
592static moduledata_t bridge_mod = {
d217f5e5
SU
593 "if_bridge",
594 bridge_modevent,
ac93838f
SS
595 0
596};
597
598DECLARE_MODULE(if_bridge, bridge_mod, SI_SUB_PSEUDO, SI_ORDER_ANY);
599
600
601/*
602 * bridge_clone_create:
603 *
604 * Create a new bridge instance.
605 */
d217f5e5 606static int
ac93838f
SS
607bridge_clone_create(struct if_clone *ifc, int unit)
608{
609 struct bridge_softc *sc;
610 struct ifnet *ifp;
611 u_char eaddr[6];
d76dd5c7 612 int cpu, rnd;
ac93838f 613
8f7b13ef 614 sc = kmalloc(sizeof(*sc), M_DEVBUF, M_WAITOK | M_ZERO);
ac93838f
SS
615 ifp = sc->sc_ifp = &sc->sc_if;
616
617 sc->sc_brtmax = BRIDGE_RTABLE_MAX;
618 sc->sc_brttimeout = BRIDGE_RTABLE_TIMEOUT;
619 sc->sc_bridge_max_age = BSTP_DEFAULT_MAX_AGE;
620 sc->sc_bridge_hello_time = BSTP_DEFAULT_HELLO_TIME;
621 sc->sc_bridge_forward_delay = BSTP_DEFAULT_FORWARD_DELAY;
622 sc->sc_bridge_priority = BSTP_DEFAULT_BRIDGE_PRIORITY;
623 sc->sc_hold_time = BSTP_DEFAULT_HOLD_TIME;
624
625 /* Initialize our routing table. */
626 bridge_rtable_init(sc);
627
628 callout_init(&sc->sc_brcallout);
e9d22060
SZ
629 netmsg_init(&sc->sc_brtimemsg, &netisr_adone_rport,
630 MSGF_DROPABLE | MSGF_PRIORITY, bridge_timer_handler);
631 sc->sc_brtimemsg.nm_lmsg.u.ms_resultp = sc;
632
ac93838f 633 callout_init(&sc->sc_bstpcallout);
e9d22060
SZ
634 netmsg_init(&sc->sc_bstptimemsg, &netisr_adone_rport,
635 MSGF_DROPABLE | MSGF_PRIORITY, bstp_tick_handler);
636 sc->sc_bstptimemsg.nm_lmsg.u.ms_resultp = sc;
ac93838f 637
8f7b13ef
SZ
638 /* Initialize per-cpu member iface lists */
639 sc->sc_iflists = kmalloc(sizeof(*sc->sc_iflists) * ncpus,
640 M_DEVBUF, M_WAITOK);
641 for (cpu = 0; cpu < ncpus; ++cpu)
642 LIST_INIT(&sc->sc_iflists[cpu]);
643
d217f5e5 644 LIST_INIT(&sc->sc_spanlist);
ac93838f
SS
645
646 ifp->if_softc = sc;
647 if_initname(ifp, ifc->ifc_name, unit);
648 ifp->if_mtu = ETHERMTU;
d217f5e5 649 ifp->if_flags = IFF_BROADCAST | IFF_MULTICAST;
ac93838f
SS
650 ifp->if_ioctl = bridge_ioctl;
651 ifp->if_start = bridge_start;
652 ifp->if_init = bridge_init;
653 ifp->if_type = IFT_BRIDGE;
654 ifq_set_maxlen(&ifp->if_snd, ifqmaxlen);
655 ifp->if_snd.ifq_maxlen = ifqmaxlen;
656 ifq_set_ready(&ifp->if_snd);
657 ifp->if_hdrlen = ETHER_HDR_LEN;
658
659 /*
660 * Generate a random ethernet address and use the private AC:DE:48
661 * OUI code.
662 */
d76dd5c7
SZ
663 rnd = karc4random();
664 bcopy(&rnd, &eaddr[0], 4); /* ETHER_ADDR_LEN == 6 */
665 rnd = karc4random();
666 bcopy(&rnd, &eaddr[2], 4); /* ETHER_ADDR_LEN == 6 */
667
668 eaddr[0] &= ~1; /* clear multicast bit */
669 eaddr[0] |= 2; /* set the LAA bit */
ac93838f
SS
670
671 ether_ifattach(ifp, eaddr, NULL);
672 /* Now undo some of the damage... */
673 ifp->if_baudrate = 0;
674 ifp->if_type = IFT_BRIDGE;
675
ac308789 676 crit_enter(); /* XXX MP */
ac93838f
SS
677 LIST_INSERT_HEAD(&bridge_list, sc, sc_list);
678 crit_exit();
679
680 return (0);
681}
682
34db64a6
SZ
683static void
684bridge_delete_dispatch(struct netmsg *nmsg)
685{
686 struct lwkt_msg *lmsg = &nmsg->nm_lmsg;
687 struct bridge_softc *sc = lmsg->u.ms_resultp;
688 struct ifnet *bifp = sc->sc_ifp;
689 struct bridge_iflist *bif;
690
691 lwkt_serialize_enter(bifp->if_serializer);
692
8f7b13ef 693 while ((bif = LIST_FIRST(&sc->sc_iflists[mycpuid])) != NULL)
34db64a6
SZ
694 bridge_delete_member(sc, bif, 0);
695
696 while ((bif = LIST_FIRST(&sc->sc_spanlist)) != NULL)
697 bridge_delete_span(sc, bif);
698
699 lwkt_serialize_exit(bifp->if_serializer);
700
701 lwkt_replymsg(lmsg, 0);
702}
703
ac93838f
SS
704/*
705 * bridge_clone_destroy:
706 *
707 * Destroy a bridge instance.
708 */
d217f5e5 709static void
ac93838f
SS
710bridge_clone_destroy(struct ifnet *ifp)
711{
712 struct bridge_softc *sc = ifp->if_softc;
34db64a6
SZ
713 struct lwkt_msg *lmsg;
714 struct netmsg nmsg;
ac93838f
SS
715
716 lwkt_serialize_enter(ifp->if_serializer);
717
867cc45a 718 bridge_stop(ifp);
ac93838f
SS
719 ifp->if_flags &= ~IFF_UP;
720
ac93838f
SS
721 lwkt_serialize_exit(ifp->if_serializer);
722
34db64a6
SZ
723 netmsg_init(&nmsg, &curthread->td_msgport, 0, bridge_delete_dispatch);
724 lmsg = &nmsg.nm_lmsg;
725 lmsg->u.ms_resultp = sc;
d71129d9 726 lwkt_domsg(BRIDGE_CFGPORT, lmsg, 0);
34db64a6
SZ
727
728 crit_enter(); /* XXX MP */
ac93838f
SS
729 LIST_REMOVE(sc, sc_list);
730 crit_exit();
731
732 ether_ifdetach(ifp);
733
ac93838f
SS
734 /* Tear down the routing table. */
735 bridge_rtable_fini(sc);
736
8f7b13ef
SZ
737 /* Free per-cpu member iface lists */
738 kfree(sc->sc_iflists, M_DEVBUF);
739
efda3bd0 740 kfree(sc, M_DEVBUF);
ac93838f
SS
741}
742
743/*
744 * bridge_ioctl:
745 *
746 * Handle a control request from the operator.
747 */
d217f5e5 748static int
ac93838f
SS
749bridge_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data, struct ucred *cr)
750{
751 struct bridge_softc *sc = ifp->if_softc;
2d4d3c93 752 struct bridge_control_arg args;
ac93838f
SS
753 struct ifdrv *ifd = (struct ifdrv *) data;
754 const struct bridge_control *bc;
755 int error = 0;
756
867cc45a 757 ASSERT_SERIALIZED(ifp->if_serializer);
ac93838f 758
867cc45a 759 switch (cmd) {
ac93838f
SS
760 case SIOCADDMULTI:
761 case SIOCDELMULTI:
762 break;
763
764 case SIOCGDRVSPEC:
765 case SIOCSDRVSPEC:
766 if (ifd->ifd_cmd >= bridge_control_table_size) {
767 error = EINVAL;
768 break;
769 }
770 bc = &bridge_control_table[ifd->ifd_cmd];
771
772 if (cmd == SIOCGDRVSPEC &&
773 (bc->bc_flags & BC_F_COPYOUT) == 0) {
774 error = EINVAL;
775 break;
867cc45a 776 } else if (cmd == SIOCSDRVSPEC &&
2d4d3c93 777 (bc->bc_flags & BC_F_COPYOUT)) {
ac93838f
SS
778 error = EINVAL;
779 break;
780 }
781
782 if (bc->bc_flags & BC_F_SUSER) {
867cc45a 783 error = suser_cred(cr, NULL_CRED_OKAY);
ac93838f
SS
784 if (error)
785 break;
786 }
787
788 if (ifd->ifd_len != bc->bc_argsize ||
2d4d3c93 789 ifd->ifd_len > sizeof(args.bca_u)) {
ac93838f
SS
790 error = EINVAL;
791 break;
792 }
793
60d8d1d3 794 memset(&args, 0, sizeof(args));
ac93838f 795 if (bc->bc_flags & BC_F_COPYIN) {
2d4d3c93
SZ
796 error = copyin(ifd->ifd_data, &args.bca_u,
797 ifd->ifd_len);
ac93838f
SS
798 if (error)
799 break;
800 }
801
0b326f64 802 error = bridge_control(sc, cmd, bc->bc_func, &args);
2d4d3c93
SZ
803 if (error) {
804 KKASSERT(args.bca_len == 0 && args.bca_kptr == NULL);
ac93838f 805 break;
2d4d3c93 806 }
ac93838f 807
2d4d3c93 808 if (bc->bc_flags & BC_F_COPYOUT) {
ac93838f 809 error = copyout(&args, ifd->ifd_data, ifd->ifd_len);
2d4d3c93
SZ
810 if (args.bca_len != 0) {
811 KKASSERT(args.bca_kptr != NULL);
812 if (!error) {
813 error = copyout(args.bca_kptr,
814 args.bca_uptr, args.bca_len);
815 }
816 kfree(args.bca_kptr, M_TEMP);
817 } else {
818 KKASSERT(args.bca_kptr == NULL);
819 }
820 } else {
821 KKASSERT(args.bca_len == 0 && args.bca_kptr == NULL);
822 }
ac93838f
SS
823 break;
824
825 case SIOCSIFFLAGS:
826 if (!(ifp->if_flags & IFF_UP) &&
827 (ifp->if_flags & IFF_RUNNING)) {
828 /*
829 * If interface is marked down and it is running,
867cc45a 830 * then stop it.
ac93838f 831 */
867cc45a 832 bridge_stop(ifp);
ac93838f
SS
833 } else if ((ifp->if_flags & IFF_UP) &&
834 !(ifp->if_flags & IFF_RUNNING)) {
835 /*
836 * If interface is marked up and it is stopped, then
837 * start it.
838 */
867cc45a 839 ifp->if_init(sc);
ac93838f
SS
840 }
841 break;
842
843 case SIOCSIFMTU:
844 /* Do not allow the MTU to be changed on the bridge */
845 error = EINVAL;
846 break;
847
848 default:
ac93838f
SS
849 error = ether_ioctl(ifp, cmd, data);
850 break;
851 }
ac93838f
SS
852 return (error);
853}
854
d217f5e5
SU
855/*
856 * bridge_mutecaps:
857 *
858 * Clear or restore unwanted capabilities on the member interface
859 */
860static void
8f7b13ef 861bridge_mutecaps(struct bridge_ifinfo *bif_info, struct ifnet *ifp, int mute)
d217f5e5 862{
d217f5e5
SU
863 struct ifreq ifr;
864 int error;
865
866 if (ifp->if_ioctl == NULL)
867 return;
868
869 bzero(&ifr, sizeof(ifr));
870 ifr.ifr_reqcap = ifp->if_capenable;
871
872 if (mute) {
873 /* mask off and save capabilities */
8f7b13ef
SZ
874 bif_info->bifi_mutecap = ifr.ifr_reqcap & BRIDGE_IFCAPS_MASK;
875 if (bif_info->bifi_mutecap != 0)
d217f5e5 876 ifr.ifr_reqcap &= ~BRIDGE_IFCAPS_MASK;
68b979e7 877 } else {
d217f5e5 878 /* restore muted capabilities */
8f7b13ef 879 ifr.ifr_reqcap |= bif_info->bifi_mutecap;
68b979e7 880 }
d217f5e5 881
8f7b13ef 882 if (bif_info->bifi_mutecap != 0) {
d217f5e5 883 lwkt_serialize_enter(ifp->if_serializer);
68b979e7 884 error = ifp->if_ioctl(ifp, SIOCSIFCAP, (caddr_t)&ifr, NULL);
d217f5e5
SU
885 lwkt_serialize_exit(ifp->if_serializer);
886 }
887}
888
ac93838f
SS
889/*
890 * bridge_lookup_member:
891 *
892 * Lookup a bridge member interface.
893 */
d217f5e5 894static struct bridge_iflist *
ac93838f
SS
895bridge_lookup_member(struct bridge_softc *sc, const char *name)
896{
897 struct bridge_iflist *bif;
ac93838f 898
8f7b13ef
SZ
899 LIST_FOREACH(bif, &sc->sc_iflists[mycpuid], bif_next) {
900 if (strcmp(bif->bif_ifp->if_xname, name) == 0)
ac93838f
SS
901 return (bif);
902 }
ac93838f
SS
903 return (NULL);
904}
905
906/*
907 * bridge_lookup_member_if:
908 *
909 * Lookup a bridge member interface by ifnet*.
910 */
d217f5e5 911static struct bridge_iflist *
ac93838f
SS
912bridge_lookup_member_if(struct bridge_softc *sc, struct ifnet *member_ifp)
913{
914 struct bridge_iflist *bif;
915
8f7b13ef 916 LIST_FOREACH(bif, &sc->sc_iflists[mycpuid], bif_next) {
ac93838f
SS
917 if (bif->bif_ifp == member_ifp)
918 return (bif);
919 }
8f7b13ef
SZ
920 return (NULL);
921}
ac93838f 922
8f7b13ef
SZ
923/*
924 * bridge_lookup_member_ifinfo:
925 *
926 * Lookup a bridge member interface by bridge_ifinfo.
927 */
928static struct bridge_iflist *
929bridge_lookup_member_ifinfo(struct bridge_softc *sc,
930 struct bridge_ifinfo *bif_info)
931{
932 struct bridge_iflist *bif;
933
934 LIST_FOREACH(bif, &sc->sc_iflists[mycpuid], bif_next) {
935 if (bif->bif_info == bif_info)
936 return (bif);
937 }
ac93838f
SS
938 return (NULL);
939}
940
941/*
942 * bridge_delete_member:
943 *
944 * Delete the specified member interface.
945 */
d217f5e5
SU
946static void
947bridge_delete_member(struct bridge_softc *sc, struct bridge_iflist *bif,
948 int gone)
ac93838f
SS
949{
950 struct ifnet *ifs = bif->bif_ifp;
bdfc79d0 951 struct ifnet *bifp = sc->sc_ifp;
8f7b13ef
SZ
952 struct bridge_ifinfo *bif_info = bif->bif_info;
953 struct bridge_iflist_head saved_bifs;
bdfc79d0
SZ
954
955 ASSERT_SERIALIZED(bifp->if_serializer);
8f7b13ef 956 KKASSERT(bif_info != NULL);
bdfc79d0
SZ
957
958 ifs->if_bridge = NULL;
297c8124
SZ
959
960 /*
961 * Release bridge interface's serializer:
962 * - To avoid possible dead lock.
8f7b13ef 963 * - Various sync operation will block the current thread.
297c8124
SZ
964 */
965 lwkt_serialize_exit(bifp->if_serializer);
966
d217f5e5
SU
967 if (!gone) {
968 switch (ifs->if_type) {
969 case IFT_ETHER:
970 case IFT_L2VLAN:
971 /*
972 * Take the interface out of promiscuous mode.
973 */
bdfc79d0 974 ifpromisc(ifs, 0);
8f7b13ef 975 bridge_mutecaps(bif_info, ifs, 0);
d217f5e5 976 break;
ac93838f 977
d217f5e5
SU
978 case IFT_GIF:
979 break;
ac93838f 980
d217f5e5 981 default:
d217f5e5 982 panic("bridge_delete_member: impossible");
d217f5e5
SU
983 break;
984 }
ac93838f
SS
985 }
986
8f7b13ef
SZ
987 /*
988 * Remove bifs from percpu linked list.
989 *
990 * Removed bifs are not freed immediately, instead,
991 * they are saved in saved_bifs. They will be freed
992 * after we make sure that no one is accessing them,
993 * i.e. after following netmsg_service_sync()
994 */
995 LIST_INIT(&saved_bifs);
996 bridge_del_bif(sc, bif_info, &saved_bifs);
997
998 /*
999 * Make sure that all protocol threads:
1000 * o see 'ifs' if_bridge is changed
1001 * o know that bif is removed from the percpu linked list
1002 */
1003 netmsg_service_sync();
1004
1005 /*
1006 * Free the removed bifs
1007 */
1008 KKASSERT(!LIST_EMPTY(&saved_bifs));
1009 while ((bif = LIST_FIRST(&saved_bifs)) != NULL) {
1010 LIST_REMOVE(bif, bif_next);
1011 kfree(bif, M_DEVBUF);
1012 }
1013
4394693c
SZ
1014 /* See the comment in bridge_ioctl_stop() */
1015 bridge_rtmsg_sync(sc);
4394693c
SZ
1016 bridge_rtdelete(sc, ifs, IFBF_FLUSHALL);
1017
297c8124
SZ
1018 lwkt_serialize_enter(bifp->if_serializer);
1019
8f7b13ef 1020 if (bifp->if_flags & IFF_RUNNING)
ac93838f 1021 bstp_initialization(sc);
8f7b13ef
SZ
1022
1023 /*
1024 * Free the bif_info after bstp_initialization(), so that
1025 * bridge_softc.sc_root_port will not reference a dangling
1026 * pointer.
1027 */
1028 kfree(bif_info, M_DEVBUF);
ac93838f
SS
1029}
1030
d217f5e5
SU
1031/*
1032 * bridge_delete_span:
1033 *
1034 * Delete the specified span interface.
1035 */
1036static void
1037bridge_delete_span(struct bridge_softc *sc, struct bridge_iflist *bif)
1038{
1039 KASSERT(bif->bif_ifp->if_bridge == NULL,
1040 ("%s: not a span interface", __func__));
1041
1042 LIST_REMOVE(bif, bif_next);
efda3bd0 1043 kfree(bif, M_DEVBUF);
d217f5e5
SU
1044}
1045
d71129d9
SZ
1046static int
1047bridge_ioctl_init(struct bridge_softc *sc, void *arg __unused)
1048{
1049 struct ifnet *ifp = sc->sc_ifp;
1050
1051 if (ifp->if_flags & IFF_RUNNING)
1052 return 0;
1053
1054 callout_reset(&sc->sc_brcallout, bridge_rtable_prune_period * hz,
1055 bridge_timer, sc);
1056
1057 ifp->if_flags |= IFF_RUNNING;
1058 bstp_initialization(sc);
1059 return 0;
1060}
1061
1062static int
1063bridge_ioctl_stop(struct bridge_softc *sc, void *arg __unused)
1064{
1065 struct ifnet *ifp = sc->sc_ifp;
e9d22060 1066 struct lwkt_msg *lmsg;
d71129d9
SZ
1067
1068 if ((ifp->if_flags & IFF_RUNNING) == 0)
1069 return 0;
1070
1071 callout_stop(&sc->sc_brcallout);
e9d22060
SZ
1072
1073 crit_enter();
1074 lmsg = &sc->sc_brtimemsg.nm_lmsg;
1075 if ((lmsg->ms_flags & MSGF_DONE) == 0) {
1076 /* Pending to be processed; drop it */
1077 lwkt_dropmsg(lmsg);
1078 }
1079 crit_exit();
1080
d71129d9
SZ
1081 bstp_stop(sc);
1082
1083 ifp->if_flags &= ~IFF_RUNNING;
1084
4394693c
SZ
1085 lwkt_serialize_exit(ifp->if_serializer);
1086
1087 /* Let everyone know that we are stopped */
1088 netmsg_service_sync();
1089
1090 /*
1091 * Sync ifnetX msgports in the order we forward rtnode
1092 * installation message. This is used to make sure that
1093 * all rtnode installation messages sent by bridge_rtupdate()
1094 * during above netmsg_service_sync() are flushed.
1095 */
1096 bridge_rtmsg_sync(sc);
d71129d9 1097 bridge_rtflush(sc, IFBF_FLUSHDYN);
4394693c
SZ
1098
1099 lwkt_serialize_enter(ifp->if_serializer);
d71129d9
SZ
1100 return 0;
1101}
1102
d217f5e5 1103static int
ac93838f
SS
1104bridge_ioctl_add(struct bridge_softc *sc, void *arg)
1105{
1106 struct ifbreq *req = arg;
8f7b13ef
SZ
1107 struct bridge_iflist *bif;
1108 struct bridge_ifinfo *bif_info;
68b979e7 1109 struct ifnet *ifs, *bifp;
ac93838f
SS
1110 int error = 0;
1111
68b979e7
SZ
1112 bifp = sc->sc_ifp;
1113 ASSERT_SERIALIZED(bifp->if_serializer);
1114
ac93838f
SS
1115 ifs = ifunit(req->ifbr_ifsname);
1116 if (ifs == NULL)
1117 return (ENOENT);
1118
d217f5e5
SU
1119 /* If it's in the span list, it can't be a member. */
1120 LIST_FOREACH(bif, &sc->sc_spanlist, bif_next)
1121 if (ifs == bif->bif_ifp)
1122 return (EBUSY);
1123
1124 /* Allow the first Ethernet member to define the MTU */
1125 if (ifs->if_type != IFT_GIF) {
8f7b13ef 1126 if (LIST_EMPTY(&sc->sc_iflists[mycpuid])) {
68b979e7
SZ
1127 bifp->if_mtu = ifs->if_mtu;
1128 } else if (bifp->if_mtu != ifs->if_mtu) {
1129 if_printf(bifp, "invalid MTU for %s\n", ifs->if_xname);
d217f5e5
SU
1130 return (EINVAL);
1131 }
ac93838f
SS
1132 }
1133
1134 if (ifs->if_bridge == sc)
1135 return (EEXIST);
1136
1137 if (ifs->if_bridge != NULL)
1138 return (EBUSY);
1139
8f7b13ef
SZ
1140 bif_info = kmalloc(sizeof(*bif_info), M_DEVBUF, M_WAITOK | M_ZERO);
1141 bif_info->bifi_priority = BSTP_DEFAULT_PORT_PRIORITY;
1142 bif_info->bifi_path_cost = BSTP_DEFAULT_PATH_COST;
1143 bif_info->bifi_ifp = ifs;
1144
1145 /*
1146 * Release bridge interface's serializer:
1147 * - To avoid possible dead lock.
1148 * - Various sync operation will block the current thread.
1149 */
1150 lwkt_serialize_exit(bifp->if_serializer);
d217f5e5 1151
ac93838f
SS
1152 switch (ifs->if_type) {
1153 case IFT_ETHER:
1154 case IFT_L2VLAN:
1155 /*
1156 * Place the interface into promiscuous mode.
1157 */
1158 error = ifpromisc(ifs, 1);
68b979e7
SZ
1159 if (error) {
1160 lwkt_serialize_enter(bifp->if_serializer);
ac93838f 1161 goto out;
68b979e7 1162 }
8f7b13ef 1163 bridge_mutecaps(bif_info, ifs, 1);
ac93838f
SS
1164 break;
1165
1166 case IFT_GIF: /* :^) */
1167 break;
1168
1169 default:
1170 error = EINVAL;
8f7b13ef 1171 lwkt_serialize_enter(bifp->if_serializer);
ac93838f
SS
1172 goto out;
1173 }
1174
8f7b13ef
SZ
1175 /*
1176 * Add bifs to percpu linked lists
1177 */
1178 bridge_add_bif(sc, bif_info, ifs);
1179
1180 lwkt_serialize_enter(bifp->if_serializer);
ac93838f 1181
68b979e7 1182 if (bifp->if_flags & IFF_RUNNING)
ac93838f
SS
1183 bstp_initialization(sc);
1184 else
1185 bstp_stop(sc);
1186
68b979e7
SZ
1187 /*
1188 * Everything has been setup, so let the member interface
1189 * deliver packets to this bridge on its input/output path.
1190 */
1191 ifs->if_bridge = sc;
d217f5e5 1192out:
ac93838f 1193 if (error) {
8f7b13ef
SZ
1194 if (bif_info != NULL)
1195 kfree(bif_info, M_DEVBUF);
ac93838f
SS
1196 }
1197 return (error);
1198}
1199
d217f5e5 1200static int
ac93838f
SS
1201bridge_ioctl_del(struct bridge_softc *sc, void *arg)
1202{
1203 struct ifbreq *req = arg;
1204 struct bridge_iflist *bif;
1205
1206 bif = bridge_lookup_member(sc, req->ifbr_ifsname);
1207 if (bif == NULL)
1208 return (ENOENT);
1209
d217f5e5 1210 bridge_delete_member(sc, bif, 0);
ac93838f
SS
1211
1212 return (0);
1213}
1214
d217f5e5 1215static int
ac93838f
SS
1216bridge_ioctl_gifflags(struct bridge_softc *sc, void *arg)
1217{
1218 struct ifbreq *req = arg;
1219 struct bridge_iflist *bif;
1220
1221 bif = bridge_lookup_member(sc, req->ifbr_ifsname);
1222 if (bif == NULL)
1223 return (ENOENT);
1224
1225 req->ifbr_ifsflags = bif->bif_flags;
1226 req->ifbr_state = bif->bif_state;
1227 req->ifbr_priority = bif->bif_priority;
1228 req->ifbr_path_cost = bif->bif_path_cost;
1229 req->ifbr_portno = bif->bif_ifp->if_index & 0xff;
1230
1231 return (0);
1232}
1233
d217f5e5 1234static int
ac93838f
SS
1235bridge_ioctl_sifflags(struct bridge_softc *sc, void *arg)
1236{
1237 struct ifbreq *req = arg;
1238 struct bridge_iflist *bif;
8f7b13ef 1239 struct ifnet *bifp = sc->sc_ifp;
ac93838f
SS
1240
1241 bif = bridge_lookup_member(sc, req->ifbr_ifsname);
1242 if (bif == NULL)
1243 return (ENOENT);
1244
8f7b13ef 1245 if (req->ifbr_ifsflags & IFBIF_SPAN) {
d217f5e5
SU
1246 /* SPAN is readonly */
1247 return (EINVAL);
8f7b13ef 1248 }
d217f5e5 1249
ac93838f
SS
1250 if (req->ifbr_ifsflags & IFBIF_STP) {
1251 switch (bif->bif_ifp->if_type) {
1252 case IFT_ETHER:
1253 /* These can do spanning tree. */
1254 break;
1255
1256 default:
1257 /* Nothing else can. */
1258 return (EINVAL);
1259 }
1260 }
1261
8f7b13ef
SZ
1262 lwkt_serialize_exit(bifp->if_serializer);
1263 bridge_set_bifflags(sc, bif->bif_info, req->ifbr_ifsflags);
1264 lwkt_serialize_enter(bifp->if_serializer);
ac93838f 1265
8f7b13ef 1266 if (bifp->if_flags & IFF_RUNNING)
ac93838f
SS
1267 bstp_initialization(sc);
1268
1269 return (0);
1270}
1271
d217f5e5 1272static int
ac93838f
SS
1273bridge_ioctl_scache(struct bridge_softc *sc, void *arg)
1274{
1275 struct ifbrparam *param = arg;
4394693c 1276 struct ifnet *ifp = sc->sc_ifp;
ac93838f
SS
1277
1278 sc->sc_brtmax = param->ifbrp_csize;
4394693c
SZ
1279
1280 lwkt_serialize_exit(ifp->if_serializer);
ac93838f 1281 bridge_rttrim(sc);
4394693c 1282 lwkt_serialize_enter(ifp->if_serializer);
ac93838f
SS
1283
1284 return (0);
1285}
1286
d217f5e5 1287static int
ac93838f
SS
1288bridge_ioctl_gcache(struct bridge_softc *sc, void *arg)
1289{
1290 struct ifbrparam *param = arg;
1291
1292 param->ifbrp_csize = sc->sc_brtmax;
1293
1294 return (0);
1295}
1296
d217f5e5 1297static int
ac93838f
SS
1298bridge_ioctl_gifs(struct bridge_softc *sc, void *arg)
1299{
2d4d3c93 1300 struct bridge_control_arg *bc_arg = arg;
ac93838f
SS
1301 struct ifbifconf *bifc = arg;
1302 struct bridge_iflist *bif;
2d4d3c93
SZ
1303 struct ifbreq *breq;
1304 int count, len;
ac93838f
SS
1305
1306 count = 0;
8f7b13ef 1307 LIST_FOREACH(bif, &sc->sc_iflists[mycpuid], bif_next)
ac93838f 1308 count++;
d217f5e5
SU
1309 LIST_FOREACH(bif, &sc->sc_spanlist, bif_next)
1310 count++;
ac93838f
SS
1311
1312 if (bifc->ifbic_len == 0) {
2d4d3c93
SZ
1313 bifc->ifbic_len = sizeof(*breq) * count;
1314 return 0;
1315 } else if (count == 0 || bifc->ifbic_len < sizeof(*breq)) {
1316 bifc->ifbic_len = 0;
1317 return 0;
1318 }
1319
1320 len = min(bifc->ifbic_len, sizeof(*breq) * count);
1321 KKASSERT(len >= sizeof(*breq));
1322
6e45ad82 1323 breq = kmalloc(len, M_TEMP, M_INTWAIT | M_NULLOK | M_ZERO);
2d4d3c93
SZ
1324 if (breq == NULL) {
1325 bifc->ifbic_len = 0;
1326 return ENOMEM;
ac93838f 1327 }
2d4d3c93 1328 bc_arg->bca_kptr = breq;
ac93838f
SS
1329
1330 count = 0;
8f7b13ef 1331 LIST_FOREACH(bif, &sc->sc_iflists[mycpuid], bif_next) {
2d4d3c93 1332 if (len < sizeof(*breq))
ac93838f
SS
1333 break;
1334
2d4d3c93
SZ
1335 strlcpy(breq->ifbr_ifsname, bif->bif_ifp->if_xname,
1336 sizeof(breq->ifbr_ifsname));
1337 breq->ifbr_ifsflags = bif->bif_flags;
1338 breq->ifbr_state = bif->bif_state;
1339 breq->ifbr_priority = bif->bif_priority;
1340 breq->ifbr_path_cost = bif->bif_path_cost;
1341 breq->ifbr_portno = bif->bif_ifp->if_index & 0xff;
1342 breq++;
ac93838f 1343 count++;
2d4d3c93 1344 len -= sizeof(*breq);
ac93838f 1345 }
d217f5e5 1346 LIST_FOREACH(bif, &sc->sc_spanlist, bif_next) {
2d4d3c93 1347 if (len < sizeof(*breq))
d217f5e5
SU
1348 break;
1349
2d4d3c93
SZ
1350 strlcpy(breq->ifbr_ifsname, bif->bif_ifp->if_xname,
1351 sizeof(breq->ifbr_ifsname));
1352 breq->ifbr_ifsflags = bif->bif_flags;
2d4d3c93
SZ
1353 breq->ifbr_portno = bif->bif_ifp->if_index & 0xff;
1354 breq++;
d217f5e5 1355 count++;
2d4d3c93 1356 len -= sizeof(*breq);
d217f5e5 1357 }
ac93838f 1358
2d4d3c93
SZ
1359 bifc->ifbic_len = sizeof(*breq) * count;
1360 KKASSERT(bifc->ifbic_len > 0);
1361
1362 bc_arg->bca_len = bifc->ifbic_len;
1363 bc_arg->bca_uptr = bifc->ifbic_req;
1364 return 0;
ac93838f
SS
1365}
1366
d217f5e5 1367static int
ac93838f
SS
1368bridge_ioctl_rts(struct bridge_softc *sc, void *arg)
1369{
2d4d3c93 1370 struct bridge_control_arg *bc_arg = arg;
ac93838f
SS
1371 struct ifbaconf *bac = arg;
1372 struct bridge_rtnode *brt;
2d4d3c93
SZ
1373 struct ifbareq *bareq;
1374 int count, len;
ac93838f 1375
2d4d3c93 1376 count = 0;
4394693c 1377 LIST_FOREACH(brt, &sc->sc_rtlists[mycpuid], brt_list)
2d4d3c93 1378 count++;
ac93838f 1379
2d4d3c93
SZ
1380 if (bac->ifbac_len == 0) {
1381 bac->ifbac_len = sizeof(*bareq) * count;
1382 return 0;
1383 } else if (count == 0 || bac->ifbac_len < sizeof(*bareq)) {
1384 bac->ifbac_len = 0;
1385 return 0;
1386 }
1387
1388 len = min(bac->ifbac_len, sizeof(*bareq) * count);
1389 KKASSERT(len >= sizeof(*bareq));
1390
6e45ad82 1391 bareq = kmalloc(len, M_TEMP, M_INTWAIT | M_NULLOK | M_ZERO);
2d4d3c93
SZ
1392 if (bareq == NULL) {
1393 bac->ifbac_len = 0;
1394 return ENOMEM;
1395 }
1396 bc_arg->bca_kptr = bareq;
1397
1398 count = 0;
4394693c
SZ
1399 LIST_FOREACH(brt, &sc->sc_rtlists[mycpuid], brt_list) {
1400 struct bridge_rtinfo *bri = brt->brt_info;
1401 unsigned long expire;
1402
2d4d3c93
SZ
1403 if (len < sizeof(*bareq))
1404 break;
1405
4394693c 1406 strlcpy(bareq->ifba_ifsname, bri->bri_ifp->if_xname,
2d4d3c93
SZ
1407 sizeof(bareq->ifba_ifsname));
1408 memcpy(bareq->ifba_dst, brt->brt_addr, sizeof(brt->brt_addr));
4394693c
SZ
1409 expire = bri->bri_expire;
1410 if ((bri->bri_flags & IFBAF_TYPEMASK) == IFBAF_DYNAMIC &&
1411 time_second < expire)
1412 bareq->ifba_expire = expire - time_second;
ac93838f 1413 else
2d4d3c93 1414 bareq->ifba_expire = 0;
4394693c 1415 bareq->ifba_flags = bri->bri_flags;
2d4d3c93 1416 bareq++;
ac93838f 1417 count++;
2d4d3c93 1418 len -= sizeof(*bareq);
ac93838f 1419 }
2d4d3c93
SZ
1420
1421 bac->ifbac_len = sizeof(*bareq) * count;
1422 KKASSERT(bac->ifbac_len > 0);
1423
1424 bc_arg->bca_len = bac->ifbac_len;
1425 bc_arg->bca_uptr = bac->ifbac_req;
1426 return 0;
ac93838f
SS
1427}
1428
d217f5e5 1429static int
ac93838f
SS
1430bridge_ioctl_saddr(struct bridge_softc *sc, void *arg)
1431{
1432 struct ifbareq *req = arg;
1433 struct bridge_iflist *bif;
4394693c 1434 struct ifnet *ifp = sc->sc_ifp;
ac93838f
SS
1435 int error;
1436
4394693c
SZ
1437 ASSERT_SERIALIZED(ifp->if_serializer);
1438
ac93838f
SS
1439 bif = bridge_lookup_member(sc, req->ifba_ifsname);
1440 if (bif == NULL)
1441 return (ENOENT);
1442
4394693c
SZ
1443 lwkt_serialize_exit(ifp->if_serializer);
1444 error = bridge_rtsaddr(sc, req->ifba_dst, bif->bif_ifp,
1445 req->ifba_flags);
1446 lwkt_serialize_enter(ifp->if_serializer);
ac93838f
SS
1447 return (error);
1448}
1449
d217f5e5 1450static int
ac93838f
SS
1451bridge_ioctl_sto(struct bridge_softc *sc, void *arg)
1452{
1453 struct ifbrparam *param = arg;
1454
1455 sc->sc_brttimeout = param->ifbrp_ctime;
1456
1457 return (0);
1458}
1459
d217f5e5 1460static int
ac93838f
SS
1461bridge_ioctl_gto(struct bridge_softc *sc, void *arg)
1462{
1463 struct ifbrparam *param = arg;
1464
1465 param->ifbrp_ctime = sc->sc_brttimeout;
1466
1467 return (0);
1468}
1469
d217f5e5 1470static int
ac93838f
SS
1471bridge_ioctl_daddr(struct bridge_softc *sc, void *arg)
1472{
1473 struct ifbareq *req = arg;
4394693c
SZ
1474 struct ifnet *ifp = sc->sc_ifp;
1475 int error;
ac93838f 1476
4394693c
SZ
1477 lwkt_serialize_exit(ifp->if_serializer);
1478 error = bridge_rtdaddr(sc, req->ifba_dst);
1479 lwkt_serialize_enter(ifp->if_serializer);
1480 return error;
ac93838f
SS
1481}
1482
d217f5e5 1483static int
ac93838f
SS
1484bridge_ioctl_flush(struct bridge_softc *sc, void *arg)
1485{
1486 struct ifbreq *req = arg;
4394693c 1487 struct ifnet *ifp = sc->sc_ifp;
ac93838f 1488
4394693c 1489 lwkt_serialize_exit(ifp->if_serializer);
ac93838f 1490 bridge_rtflush(sc, req->ifbr_ifsflags);
4394693c 1491 lwkt_serialize_enter(ifp->if_serializer);
ac93838f
SS
1492
1493 return (0);
1494}
1495
d217f5e5 1496static int
ac93838f
SS
1497bridge_ioctl_gpri(struct bridge_softc *sc, void *arg)
1498{
1499 struct ifbrparam *param = arg;
1500
1501 param->ifbrp_prio = sc->sc_bridge_priority;
1502
1503 return (0);
1504}
1505
d217f5e5 1506static int
ac93838f
SS
1507bridge_ioctl_spri(struct bridge_softc *sc, void *arg)
1508{
1509 struct ifbrparam *param = arg;
1510
1511 sc->sc_bridge_priority = param->ifbrp_prio;
1512
1513 if (sc->sc_ifp->if_flags & IFF_RUNNING)
1514 bstp_initialization(sc);
1515
1516 return (0);
1517}
1518
d217f5e5 1519static int
ac93838f
SS
1520bridge_ioctl_ght(struct bridge_softc *sc, void *arg)
1521{
1522 struct ifbrparam *param = arg;
1523
1524 param->ifbrp_hellotime = sc->sc_bridge_hello_time >> 8;
1525
1526 return (0);
1527}
1528
d217f5e5 1529static int
ac93838f
SS
1530bridge_ioctl_sht(struct bridge_softc *sc, void *arg)
1531{
1532 struct ifbrparam *param = arg;
1533
1534 if (param->ifbrp_hellotime == 0)
1535 return (EINVAL);
1536 sc->sc_bridge_hello_time = param->ifbrp_hellotime << 8;
1537
1538 if (sc->sc_ifp->if_flags & IFF_RUNNING)
1539 bstp_initialization(sc);
1540
1541 return (0);
1542}
1543
d217f5e5 1544static int
ac93838f
SS
1545bridge_ioctl_gfd(struct bridge_softc *sc, void *arg)
1546{
1547 struct ifbrparam *param = arg;
1548
1549 param->ifbrp_fwddelay = sc->sc_bridge_forward_delay >> 8;
1550
1551 return (0);
1552}
1553
d217f5e5 1554static int
ac93838f
SS
1555bridge_ioctl_sfd(struct bridge_softc *sc, void *arg)
1556{
1557 struct ifbrparam *param = arg;
1558
1559 if (param->ifbrp_fwddelay == 0)
1560 return (EINVAL);
1561 sc->sc_bridge_forward_delay = param->ifbrp_fwddelay << 8;
1562
1563 if (sc->sc_ifp->if_flags & IFF_RUNNING)
1564 bstp_initialization(sc);
1565
1566 return (0);
1567}
1568
d217f5e5 1569static int
ac93838f
SS
1570bridge_ioctl_gma(struct bridge_softc *sc, void *arg)
1571{
1572 struct ifbrparam *param = arg;
1573
1574 param->ifbrp_maxage = sc->sc_bridge_max_age >> 8;
1575
1576 return (0);
1577}
1578
d217f5e5 1579static int
ac93838f
SS
1580bridge_ioctl_sma(struct bridge_softc *sc, void *arg)
1581{
1582 struct ifbrparam *param = arg;
1583
1584 if (param->ifbrp_maxage == 0)
1585 return (EINVAL);
1586 sc->sc_bridge_max_age = param->ifbrp_maxage << 8;
1587
1588 if (sc->sc_ifp->if_flags & IFF_RUNNING)
1589 bstp_initialization(sc);
1590
1591 return (0);
1592}
1593
d217f5e5 1594static int
ac93838f
SS
1595bridge_ioctl_sifprio(struct bridge_softc *sc, void *arg)
1596{
1597 struct ifbreq *req = arg;
1598 struct bridge_iflist *bif;
1599
1600 bif = bridge_lookup_member(sc, req->ifbr_ifsname);
1601 if (bif == NULL)
1602 return (ENOENT);
1603
1604 bif->bif_priority = req->ifbr_priority;
1605
1606 if (sc->sc_ifp->if_flags & IFF_RUNNING)
1607 bstp_initialization(sc);
1608
1609 return (0);
1610}
1611
d217f5e5 1612static int
ac93838f
SS
1613bridge_ioctl_sifcost(struct bridge_softc *sc, void *arg)
1614{
1615 struct ifbreq *req = arg;
1616 struct bridge_iflist *bif;
1617
1618 bif = bridge_lookup_member(sc, req->ifbr_ifsname);
1619 if (bif == NULL)
1620 return (ENOENT);
1621
1622 bif->bif_path_cost = req->ifbr_path_cost;
1623
1624 if (sc->sc_ifp->if_flags & IFF_RUNNING)
1625 bstp_initialization(sc);
1626
1627 return (0);
1628}
1629
d217f5e5
SU
1630static int
1631bridge_ioctl_addspan(struct bridge_softc *sc, void *arg)
1632{
1633 struct ifbreq *req = arg;
8f7b13ef 1634 struct bridge_iflist *bif;
d217f5e5
SU
1635 struct ifnet *ifs;
1636
1637 ifs = ifunit(req->ifbr_ifsname);
1638 if (ifs == NULL)
1639 return (ENOENT);
1640
1641 LIST_FOREACH(bif, &sc->sc_spanlist, bif_next)
1642 if (ifs == bif->bif_ifp)
1643 return (EBUSY);
1644
1645 if (ifs->if_bridge != NULL)
1646 return (EBUSY);
1647
1648 switch (ifs->if_type) {
d76dd5c7
SZ
1649 case IFT_ETHER:
1650 case IFT_GIF:
1651 case IFT_L2VLAN:
1652 break;
1653
1654 default:
1655 return (EINVAL);
d217f5e5
SU
1656 }
1657
8f7b13ef 1658 bif = kmalloc(sizeof(*bif), M_DEVBUF, M_WAITOK | M_ZERO);
d217f5e5
SU
1659 bif->bif_ifp = ifs;
1660 bif->bif_flags = IFBIF_SPAN;
8f7b13ef 1661 /* NOTE: span bif does not need bridge_ifinfo */
d217f5e5
SU
1662
1663 LIST_INSERT_HEAD(&sc->sc_spanlist, bif, bif_next);
1664
1665 return (0);
1666}
1667
1668static int
1669bridge_ioctl_delspan(struct bridge_softc *sc, void *arg)
1670{
1671 struct ifbreq *req = arg;
1672 struct bridge_iflist *bif;
1673 struct ifnet *ifs;
1674
1675 ifs = ifunit(req->ifbr_ifsname);
1676 if (ifs == NULL)
1677 return (ENOENT);
1678
1679 LIST_FOREACH(bif, &sc->sc_spanlist, bif_next)
1680 if (ifs == bif->bif_ifp)
1681 break;
1682
1683 if (bif == NULL)
1684 return (ENOENT);
1685
1686 bridge_delete_span(sc, bif);
1687
1688 return (0);
1689}
1690
d217f5e5 1691static void
ac308789 1692bridge_ifdetach_dispatch(struct netmsg *nmsg)
ac93838f 1693{
ac308789
SZ
1694 struct lwkt_msg *lmsg = &nmsg->nm_lmsg;
1695 struct ifnet *ifp, *bifp;
1696 struct bridge_softc *sc;
d217f5e5 1697 struct bridge_iflist *bif;
ac308789
SZ
1698
1699 ifp = lmsg->u.ms_resultp;
1700 sc = ifp->if_bridge;
ac93838f 1701
d217f5e5
SU
1702 /* Check if the interface is a bridge member */
1703 if (sc != NULL) {
bdfc79d0
SZ
1704 bifp = sc->sc_ifp;
1705
1706 lwkt_serialize_enter(bifp->if_serializer);
ac93838f 1707
d217f5e5 1708 bif = bridge_lookup_member_if(sc, ifp);
ac308789 1709 if (bif != NULL) {
d217f5e5 1710 bridge_delete_member(sc, bif, 1);
ac308789
SZ
1711 } else {
1712 /* XXX Why bif will be NULL? */
1713 }
d217f5e5 1714
bdfc79d0 1715 lwkt_serialize_exit(bifp->if_serializer);
ac308789 1716 goto reply;
d217f5e5
SU
1717 }
1718
ac308789
SZ
1719 crit_enter(); /* XXX MP */
1720
d217f5e5
SU
1721 /* Check if the interface is a span port */
1722 LIST_FOREACH(sc, &bridge_list, sc_list) {
bdfc79d0
SZ
1723 bifp = sc->sc_ifp;
1724
1725 lwkt_serialize_enter(bifp->if_serializer);
1726
d217f5e5
SU
1727 LIST_FOREACH(bif, &sc->sc_spanlist, bif_next)
1728 if (ifp == bif->bif_ifp) {
1729 bridge_delete_span(sc, bif);
1730 break;
1731 }
bdfc79d0
SZ
1732
1733 lwkt_serialize_exit(bifp->if_serializer);
d217f5e5 1734 }
ac308789
SZ
1735
1736 crit_exit();
1737
1738reply:
1739 lwkt_replymsg(lmsg, 0);
1740}
1741
1742/*
1743 * bridge_ifdetach:
1744 *
1745 * Detach an interface from a bridge. Called when a member
1746 * interface is detaching.
1747 */
1748static void
1749bridge_ifdetach(void *arg __unused, struct ifnet *ifp)
1750{
1751 struct lwkt_msg *lmsg;
1752 struct netmsg nmsg;
1753
1754 netmsg_init(&nmsg, &curthread->td_msgport, 0, bridge_ifdetach_dispatch);
1755 lmsg = &nmsg.nm_lmsg;
1756 lmsg->u.ms_resultp = ifp;
1757
d71129d9 1758 lwkt_domsg(BRIDGE_CFGPORT, lmsg, 0);
ac93838f
SS
1759}
1760
1761/*
1762 * bridge_init:
1763 *
1764 * Initialize a bridge interface.
1765 */
1766static void
1767bridge_init(void *xsc)
1768{
d71129d9 1769 bridge_control(xsc, SIOCSIFFLAGS, bridge_ioctl_init, NULL);
ac93838f
SS
1770}
1771
1772/*
1773 * bridge_stop:
1774 *
1775 * Stop the bridge interface.
1776 */
d217f5e5 1777static void
867cc45a 1778bridge_stop(struct ifnet *ifp)
ac93838f 1779{
d71129d9 1780 bridge_control(ifp->if_softc, SIOCSIFFLAGS, bridge_ioctl_stop, NULL);
ac93838f
SS
1781}
1782
ecd27a4c
SZ
1783static void
1784bridge_enqueue_internal(struct ifnet *dst_ifp, struct mbuf *m,
1785 netisr_fn_t handler)
ac93838f 1786{
ecd27a4c
SZ
1787 struct netmsg_packet *nmp;
1788 lwkt_port_t port;
1789 int cpu = mycpu->gd_cpuid;
ac93838f 1790
ecd27a4c
SZ
1791 nmp = &m->m_hdr.mh_netmsg;
1792 netmsg_init(&nmp->nm_netmsg, &netisr_apanic_rport, 0, handler);
1793 nmp->nm_packet = m;
1794 nmp->nm_netmsg.nm_lmsg.u.ms_resultp = dst_ifp;
ac93838f 1795
ecd27a4c
SZ
1796 port = cpu_portfn(cpu);
1797 lwkt_sendmsg(port, &nmp->nm_netmsg.nm_lmsg);
1798}
d217f5e5 1799
ecd27a4c
SZ
1800static void
1801bridge_pfil_enqueue(struct ifnet *dst_ifp, struct mbuf *m,
1802 int runfilt)
1803{
1804 netisr_fn_t handler;
ac93838f 1805
ecd27a4c
SZ
1806 if (runfilt && (inet_pfil_hook.ph_hashooks > 0
1807#ifdef INET6
1808 || inet6_pfil_hook.ph_hashooks > 0
1809#endif
1810 )) {
1811 handler = bridge_pfil_enqueue_handler;
1812 } else {
1813 handler = bridge_enqueue_handler;
d217f5e5 1814 }
ecd27a4c
SZ
1815 bridge_enqueue_internal(dst_ifp, m, handler);
1816}
ac93838f 1817
ecd27a4c
SZ
1818/*
1819 * bridge_enqueue:
1820 *
1821 * Enqueue a packet on a bridge member interface.
1822 *
1823 */
1824void
1825bridge_enqueue(struct ifnet *dst_ifp, struct mbuf *m)
1826{
1827 bridge_enqueue_internal(dst_ifp, m, bridge_enqueue_handler);
ac93838f
SS
1828}
1829
1830/*
e1d2145d 1831 * bridge_output:
ac93838f
SS
1832 *
1833 * Send output from a bridge member interface. This
1834 * performs the bridging function for locally originated
1835 * packets.
1836 *
1837 * The mbuf has the Ethernet header already attached. We must
1838 * enqueue or free the mbuf before returning.
1839 */
a18eb4b7 1840static int
eb366364 1841bridge_output(struct ifnet *ifp, struct mbuf *m)
ac93838f 1842{
89ea766d 1843 struct bridge_softc *sc = ifp->if_bridge;
ac93838f
SS
1844 struct ether_header *eh;
1845 struct ifnet *dst_if;
ac93838f 1846
ad8c8b44 1847 ASSERT_NOT_SERIALIZED(ifp->if_serializer);
ac93838f 1848
89ea766d
SZ
1849 /*
1850 * Make sure that we are still a member of a bridge interface.
1851 */
1852 if (sc == NULL) {
1853 m_freem(m);
1854 return (0);
1855 }
1856
ac93838f
SS
1857 if (m->m_len < ETHER_HDR_LEN) {
1858 m = m_pullup(m, ETHER_HDR_LEN);
1859 if (m == NULL)
1860 return (0);
1861 }
1862
ad8c8b44 1863 /* Serialize our bridge interface. */
ac93838f
SS
1864 lwkt_serialize_enter(sc->sc_ifp->if_serializer);
1865
1866 eh = mtod(m, struct ether_header *);
1867
1868 /*
1869 * If bridge is down, but the original output interface is up,
1870 * go ahead and send out that interface. Otherwise, the packet
1871 * is dropped below.
1872 */
1873 if ((sc->sc_ifp->if_flags & IFF_RUNNING) == 0) {
1874 dst_if = ifp;
1875 goto sendunicast;
1876 }
1877
1878 /*
1879 * If the packet is a multicast, or we don't know a better way to
1880 * get there, send to all interfaces.
1881 */
1882 if (ETHER_IS_MULTICAST(eh->ether_dhost))
1883 dst_if = NULL;
1884 else
1885 dst_if = bridge_rtlookup(sc, eh->ether_dhost);
1886 if (dst_if == NULL) {
1887 struct bridge_iflist *bif;
1888 struct mbuf *mc;
1889 int used = 0;
1890
d217f5e5
SU
1891 bridge_span(sc, m);
1892
8f7b13ef
SZ
1893 /*
1894 * Following loop is MPSAFE; nothing is blocking
1895 * in the loop body.
1896 */
1897 LIST_FOREACH(bif, &sc->sc_iflists[mycpuid], bif_next) {
ac93838f
SS
1898 dst_if = bif->bif_ifp;
1899 if ((dst_if->if_flags & IFF_RUNNING) == 0)
1900 continue;
1901
1902 /*
1903 * If this is not the original output interface,
1904 * and the interface is participating in spanning
1905 * tree, make sure the port is in a state that
1906 * allows forwarding.
1907 */
1908 if (dst_if != ifp &&
1909 (bif->bif_flags & IFBIF_STP) != 0) {
1910 switch (bif->bif_state) {
1911 case BSTP_IFSTATE_BLOCKING:
1912 case BSTP_IFSTATE_LISTENING:
1913 case BSTP_IFSTATE_DISABLED:
1914 continue;
1915 }
1916 }
1917
1918 if (LIST_NEXT(bif, bif_next) == NULL) {
1919 used = 1;
1920 mc = m;
1921 } else {
1922 mc = m_copypacket(m, MB_DONTWAIT);
1923 if (mc == NULL) {
1924 sc->sc_ifp->if_oerrors++;
1925 continue;
1926 }
1927 }
708a3bfa 1928 bridge_enqueue(dst_if, mc);
ac93838f
SS
1929 }
1930 if (used == 0)
1931 m_freem(m);
1932 lwkt_serialize_exit(sc->sc_ifp->if_serializer);
ad8c8b44 1933 return (0);
ac93838f
SS
1934 }
1935
d217f5e5 1936sendunicast:
ac93838f
SS
1937 /*
1938 * XXX Spanning tree consideration here?
1939 */
1940
d217f5e5 1941 bridge_span(sc, m);
ac93838f 1942 lwkt_serialize_exit(sc->sc_ifp->if_serializer);
ad8c8b44 1943 if ((dst_if->if_flags & IFF_RUNNING) == 0)
ac93838f 1944 m_freem(m);
ad8c8b44 1945 else
708a3bfa 1946 bridge_enqueue(dst_if, m);
ac93838f
SS
1947 return (0);
1948}
1949
1950/*
1951 * bridge_start:
1952 *
1953 * Start output on a bridge.
1954 *
1955 */
d217f5e5 1956static void
ac93838f
SS
1957bridge_start(struct ifnet *ifp)
1958{
867cc45a 1959 struct bridge_softc *sc = ifp->if_softc;
ac93838f 1960
867cc45a 1961 ASSERT_SERIALIZED(ifp->if_serializer);
ac93838f
SS
1962
1963 ifp->if_flags |= IFF_OACTIVE;
1964 for (;;) {
867cc45a
SZ
1965 struct ifnet *dst_if = NULL;
1966 struct ether_header *eh;
1967 struct mbuf *m;
1968
ac93838f 1969 m = ifq_dequeue(&ifp->if_snd, NULL);
867cc45a 1970 if (m == NULL)
ac93838f 1971 break;
ac93838f 1972
867cc45a
SZ
1973 if (m->m_len < sizeof(*eh)) {
1974 m = m_pullup(m, sizeof(*eh));
1975 if (m == NULL) {
1976 ifp->if_oerrors++;
1977 continue;
1978 }
1979 }
ac93838f 1980 eh = mtod(m, struct ether_header *);
ac93838f 1981
867cc45a
SZ
1982 BPF_MTAP(ifp, m);
1983 ifp->if_opackets++;
1984
1985 if ((m->m_flags & (M_BCAST|M_MCAST)) == 0)
ac93838f 1986 dst_if = bridge_rtlookup(sc, eh->ether_dhost);
ac93838f
SS
1987
1988 if (dst_if == NULL)
1989 bridge_broadcast(sc, ifp, m, 0);
1990 else
708a3bfa 1991 bridge_enqueue(dst_if, m);
ac93838f
SS
1992 }
1993 ifp->if_flags &= ~IFF_OACTIVE;
ac93838f
SS
1994}
1995
1996/*
1997 * bridge_forward:
1998 *
1999 * The forwarding function of the bridge.
2000 */
d217f5e5 2001static void
ac93838f
SS
2002bridge_forward(struct bridge_softc *sc, struct mbuf *m)
2003{
2004 struct bridge_iflist *bif;
2005 struct ifnet *src_if, *dst_if, *ifp;
2006 struct ether_header *eh;
2007
2008 src_if = m->m_pkthdr.rcvif;
2009 ifp = sc->sc_ifp;
2010
2011 ASSERT_SERIALIZED(ifp->if_serializer);
2012
ecd27a4c
SZ
2013 ifp->if_ipackets++;
2014 ifp->if_ibytes += m->m_pkthdr.len;
ac93838f
SS
2015
2016 /*
2017 * Look up the bridge_iflist.
2018 */
2019 bif = bridge_lookup_member_if(sc, src_if);
2020 if (bif == NULL) {
2021 /* Interface is not a bridge member (anymore?) */
2022 m_freem(m);
2023 return;
2024 }
2025
2026 if (bif->bif_flags & IFBIF_STP) {
2027 switch (bif->bif_state) {
2028 case BSTP_IFSTATE_BLOCKING:
2029 case BSTP_IFSTATE_LISTENING:
2030 case BSTP_IFSTATE_DISABLED:
2031 m_freem(m);
2032 return;
2033 }
2034 }
2035
2036 eh = mtod(m, struct ether_header *);
2037
2038 /*
2039 * If the interface is learning, and the source
2040 * address is valid and not multicast, record
2041 * the address.
2042 */
2043 if ((bif->bif_flags & IFBIF_LEARNING) != 0 &&
2044 ETHER_IS_MULTICAST(eh->ether_shost) == 0 &&
2045 (eh->ether_shost[0] == 0 &&
2046 eh->ether_shost[1] == 0 &&
2047 eh->ether_shost[2] == 0 &&
2048 eh->ether_shost[3] == 0 &&
2049 eh->ether_shost[4] == 0 &&
4394693c
SZ
2050 eh->ether_shost[5] == 0) == 0)
2051 bridge_rtupdate(sc, eh->ether_shost, src_if, IFBAF_DYNAMIC);
ac93838f
SS
2052
2053 if ((bif->bif_flags & IFBIF_STP) != 0 &&
2054 bif->bif_state == BSTP_IFSTATE_LEARNING) {
2055 m_freem(m);
ecd27a4c 2056 return;
ac93838f
SS
2057 }
2058
2059 /*
2060 * At this point, the port either doesn't participate
2061 * in spanning tree or it is in the forwarding state.
2062 */
2063
2064 /*
2065 * If the packet is unicast, destined for someone on
2066 * "this" side of the bridge, drop it.
2067 */
2068 if ((m->m_flags & (M_BCAST|M_MCAST)) == 0) {
2069 dst_if = bridge_rtlookup(sc, eh->ether_dhost);
2070 if (src_if == dst_if) {
2071 m_freem(m);
ecd27a4c 2072 return;
ac93838f
SS
2073 }
2074 } else {
2075 /* ...forward it to all interfaces. */
2076 sc->sc_ifp->if_imcasts++;
2077 dst_if = NULL;
2078 }
2079
ac93838f 2080 if (dst_if == NULL) {
ac93838f 2081 bridge_broadcast(sc, src_if, m, 1);
ecd27a4c 2082 return;
ac93838f
SS
2083 }
2084
2085 /*
2086 * At this point, we're dealing with a unicast frame
2087 * going to a different interface.
2088 */
2089 if ((dst_if->if_flags & IFF_RUNNING) == 0) {
2090 m_freem(m);
ecd27a4c 2091 return;
ac93838f
SS
2092 }
2093 bif = bridge_lookup_member_if(sc, dst_if);
2094 if (bif == NULL) {
2095 /* Not a member of the bridge (anymore?) */
2096 m_freem(m);
ecd27a4c 2097 return;
ac93838f
SS
2098 }
2099
2100 if (bif->bif_flags & IFBIF_STP) {
2101 switch (bif->bif_state) {
2102 case BSTP_IFSTATE_DISABLED:
2103 case BSTP_IFSTATE_BLOCKING:
2104 m_freem(m);
ecd27a4c 2105 return;
ac93838f
SS
2106 }
2107 }
2108
ecd27a4c
SZ
2109 lwkt_serialize_exit(ifp->if_serializer);
2110
2111 /* run the packet filter */
ac93838f
SS
2112 if (inet_pfil_hook.ph_hashooks > 0
2113#ifdef INET6
2114 || inet6_pfil_hook.ph_hashooks > 0
2115#endif
2116 ) {
ecd27a4c
SZ
2117 if (bridge_pfil(&m, ifp, src_if, PFIL_IN) != 0)
2118 goto done;
2119 if (m == NULL)
2120 goto done;
2121
2122 if (bridge_pfil(&m, ifp, dst_if, PFIL_OUT) != 0)
ecdefdda 2123 goto done;
ac93838f 2124 if (m == NULL)
ecdefdda 2125 goto done;
ac93838f 2126 }
ecd27a4c 2127 bridge_handoff(dst_if, m);
ecdefdda
MD
2128
2129 /*
2130 * ifp's serializer was held on entry and is expected to be held
2131 * on return.
2132 */
2133done:
ac93838f
SS
2134 lwkt_serialize_enter(ifp->if_serializer);
2135}
2136
2137/*
2138 * bridge_input:
2139 *
2140 * Receive input from a member interface. Queue the packet for
2141 * bridging if it is not for us.
2142 */
a18eb4b7 2143static struct mbuf *
ac93838f
SS
2144bridge_input(struct ifnet *ifp, struct mbuf *m)
2145{
2146 struct bridge_softc *sc = ifp->if_bridge;
2147 struct bridge_iflist *bif;
3ce67233 2148 struct ifnet *bifp, *new_ifp;
ac93838f
SS
2149 struct ether_header *eh;
2150 struct mbuf *mc, *mc2;
2151
89ea766d
SZ
2152 /*
2153 * Make sure that we are still a member of a bridge interface.
2154 */
2155 if (sc == NULL)
2156 return m;
2157
3ce67233 2158 new_ifp = NULL;
ac93838f 2159 bifp = sc->sc_ifp;
3ce67233 2160
ac93838f
SS
2161 lwkt_serialize_enter(bifp->if_serializer);
2162
ac91a939 2163 if ((bifp->if_flags & IFF_RUNNING) == 0)
ac93838f
SS
2164 goto out;
2165
3a593c54 2166 /*
0f6ada01 2167 * Implement support for bridge monitoring. If this flag has been
3a593c54 2168 * set on this interface, discard the packet once we push it through
0f6ada01
SZ
2169 * the bpf(4) machinery, but before we do, increment various counters
2170 * associated with this bridge.
3a593c54 2171 */
0f6ada01
SZ
2172 if (bifp->if_flags & IFF_MONITOR) {
2173 /* Change input interface to this bridge */
2174 m->m_pkthdr.rcvif = bifp;
2175
3a593c54 2176 BPF_MTAP(bifp, m);
0f6ada01
SZ
2177
2178 /* Update bridge's ifnet statistics */
3a593c54
MD
2179 bifp->if_ipackets++;
2180 bifp->if_ibytes += m->m_pkthdr.len;
0f6ada01
SZ
2181 if (m->m_flags & (M_MCAST | M_BCAST))
2182 bifp->if_imcasts++;
2183
3a593c54 2184 m_freem(m);
ac91a939 2185 m = NULL;
3a593c54
MD
2186 goto out;
2187 }
2188
ac93838f
SS
2189 eh = mtod(m, struct ether_header *);
2190
2191 m->m_flags &= ~M_PROTO1; /* XXX Hack - loop prevention */
2192
3ce67233 2193 if (memcmp(eh->ether_dhost, IF_LLADDR(bifp), ETHER_ADDR_LEN) == 0) {
ac93838f
SS
2194 /*
2195 * If the packet is for us, set the packets source as the
3ce67233 2196 * bridge, and return the packet back to ifnet.if_input for
ac93838f
SS
2197 * local processing.
2198 */
3ce67233
SZ
2199 KASSERT(bifp->if_bridge == NULL,
2200 ("loop created in bridge_input"));
2201 new_ifp = bifp;
2202 goto out;
2203 }
ac93838f 2204
3ce67233
SZ
2205 /*
2206 * Tap all packets arriving on the bridge, no matter if
2207 * they are local destinations or not. In is in.
2208 */
2209 BPF_MTAP(bifp, m);
ac93838f 2210
3ce67233
SZ
2211 bif = bridge_lookup_member_if(sc, ifp);
2212 if (bif == NULL)
ac93838f 2213 goto out;
ac93838f 2214
d217f5e5
SU
2215 bridge_span(sc, m);
2216
f581b688 2217 if (m->m_flags & (M_BCAST | M_MCAST)) {
ac93838f
SS
2218 /* Tap off 802.1D packets; they do not get forwarded. */
2219 if (memcmp(eh->ether_dhost, bstp_etheraddr,
2220 ETHER_ADDR_LEN) == 0) {
89ea766d 2221 m = bstp_input(sc, bif, m);
f2c22bba
SZ
2222 KASSERT(m == NULL,
2223 ("attempt to deliver 802.1D packet\n"));
2224 goto out;
ac93838f
SS
2225 }
2226
2227 if (bif->bif_flags & IFBIF_STP) {
2228 switch (bif->bif_state) {
2229 case BSTP_IFSTATE_BLOCKING:
2230 case BSTP_IFSTATE_LISTENING:
2231 case BSTP_IFSTATE_DISABLED:
2232 goto out;
2233 }
2234 }
2235
ac93838f
SS
2236 /*
2237 * Make a deep copy of the packet and enqueue the copy
2238 * for bridge processing; return the original packet for
2239 * local processing.
2240 */
2241 mc = m_dup(m, MB_DONTWAIT);
2242 if (mc == NULL)
2243 goto out;
2244
2245 bridge_forward(sc, mc);
2246
2247 /*
2248 * Reinject the mbuf as arriving on the bridge so we have a
2249 * chance at claiming multicast packets. We can not loop back
2250 * here from ether_input as a bridge is never a member of a
2251 * bridge.
2252 */
2253 KASSERT(bifp->if_bridge == NULL,
3ce67233 2254 ("loop created in bridge_input"));
d217f5e5
SU
2255 mc2 = m_dup(m, MB_DONTWAIT);
2256#ifdef notyet
2257 if (mc2 != NULL) {
2258 /* Keep the layer3 header aligned */
2259 int i = min(mc2->m_pkthdr.len, max_protohdr);
2260 mc2 = m_copyup(mc2, i, ETHER_ALIGN);
2261 }
2262#endif
ac93838f
SS
2263 if (mc2 != NULL) {
2264 mc2->m_pkthdr.rcvif = bifp;
3ce67233
SZ
2265 bifp->if_ipackets++;
2266 bifp->if_input(bifp, mc2);
ac93838f
SS
2267 }
2268
2269 /* Return the original packet for local processing. */
2270 goto out;
2271 }
2272
2273 if (bif->bif_flags & IFBIF_STP) {
2274 switch (bif->bif_state) {
2275 case BSTP_IFSTATE_BLOCKING:
2276 case BSTP_IFSTATE_LISTENING:
2277 case BSTP_IFSTATE_DISABLED:
2278 goto out;
2279 }
2280 }
2281
2282 /*
2283 * Unicast. Make sure it's not for us.
8f7b13ef
SZ
2284 *
2285 * This loop is MPSAFE; the only blocking operation (bridge_rtupdate)
2286 * is followed by breaking out of the loop.
ac93838f 2287 */
8f7b13ef 2288 LIST_FOREACH(bif, &sc->sc_iflists[mycpuid], bif_next) {
ac93838f
SS
2289 if (bif->bif_ifp->if_type != IFT_ETHER)
2290 continue;
3ce67233 2291
ac93838f
SS
2292 /* It is destined for us. */
2293 if (memcmp(IF_LLADDR(bif->bif_ifp), eh->ether_dhost,
2294 ETHER_ADDR_LEN) == 0) {
ecd27a4c
SZ
2295 if (bif->bif_ifp != ifp) {
2296 /* XXX loop prevention */
2297 m->m_flags |= M_PROTO1;
2298 new_ifp = bif->bif_ifp;
2299 }
8f7b13ef
SZ
2300 if (bif->bif_flags & IFBIF_LEARNING) {
2301 bridge_rtupdate(sc, eh->ether_shost,
2302 ifp, IFBAF_DYNAMIC);
2303 }
ac93838f
SS
2304 goto out;
2305 }
2306
2307 /* We just received a packet that we sent out. */
2308 if (memcmp(IF_LLADDR(bif->bif_ifp), eh->ether_shost,
2309 ETHER_ADDR_LEN) == 0) {
2310 m_freem(m);
2311 m = NULL;
2312 goto out;
2313 }
2314 }
2315
2316 /* Perform the bridge forwarding function. */
2317 bridge_forward(sc, m);
2318 m = NULL;
ac93838f
SS
2319out:
2320 lwkt_serialize_exit(bifp->if_serializer);
3ce67233
SZ
2321
2322 if (new_ifp != NULL) {
2323 lwkt_serialize_enter(new_ifp->if_serializer);
2324
2325 m->m_pkthdr.rcvif = new_ifp;
2326 new_ifp->if_ipackets++;
2327 new_ifp->if_input(new_ifp, m);
2328 m = NULL;
2329
2330 lwkt_serialize_exit(new_ifp->if_serializer);
2331 }
d217f5e5 2332 return (m);
ac93838f
SS
2333}
2334
2335/*
2336 * bridge_broadcast:
2337 *
2338 * Send a frame to all interfaces that are members of
2339 * the bridge, except for the one on which the packet
2340 * arrived.
2341 */
d217f5e5 2342static void
ac93838f
SS
2343bridge_broadcast(struct bridge_softc *sc, struct ifnet *src_if,
2344 struct mbuf *m, int runfilt)
2345{
2346 struct bridge_iflist *bif;
2347 struct mbuf *mc;
ecd27a4c 2348 struct ifnet *dst_if, *bifp;
ac93838f
SS
2349 int used = 0;
2350
ecd27a4c
SZ
2351 bifp = sc->sc_ifp;
2352
2353 ASSERT_SERIALIZED(bifp->if_serializer);
2354
2355 /* run the packet filter */
ac93838f
SS
2356 if (runfilt && (inet_pfil_hook.ph_hashooks > 0
2357#ifdef INET6
d217f5e5 2358 || inet6_pfil_hook.ph_hashooks > 0
ac93838f
SS
2359#endif
2360 )) {
ecd27a4c
SZ
2361 lwkt_serialize_exit(bifp->if_serializer);
2362
2363 /* Filter on the bridge interface before broadcasting */
2364
2365 if (bridge_pfil(&m, bifp, src_if, PFIL_IN) != 0)
2366 goto filt;
2367 if (m == NULL)
2368 goto filt;
2369
2370 if (bridge_pfil(&m, bifp, NULL, PFIL_OUT) != 0)
2371 m = NULL;
2372filt:
2373 lwkt_serialize_enter(bifp->if_serializer);
ac93838f
SS
2374 if (m == NULL)
2375 return;
2376 }
2377
8f7b13ef
SZ
2378 /*
2379 * Following loop is MPSAFE; nothing is blocking
2380 * in the loop body.
2381 */
2382 LIST_FOREACH(bif, &sc->sc_iflists[mycpuid], bif_next) {
ac93838f
SS
2383 dst_if = bif->bif_ifp;
2384 if (dst_if == src_if)
2385 continue;
2386
2387 if (bif->bif_flags & IFBIF_STP) {
2388 switch (bif->bif_state) {
2389 case BSTP_IFSTATE_BLOCKING:
2390 case BSTP_IFSTATE_DISABLED:
2391 continue;
2392 }
2393 }
2394
2395 if ((bif->bif_flags & IFBIF_DISCOVER) == 0 &&
2396 (m->m_flags & (M_BCAST|M_MCAST)) == 0)
2397 continue;
2398
2399 if ((dst_if->if_flags & IFF_RUNNING) == 0)
2400 continue;
2401
2402 if (LIST_NEXT(bif, bif_next) == NULL) {
2403 mc = m;
2404 used = 1;
2405 } else {
2406 mc = m_copypacket(m, MB_DONTWAIT);
2407 if (mc == NULL) {
2408 sc->sc_ifp->if_oerrors++;
2409 continue;
2410 }
2411 }
ecd27a4c 2412 bridge_pfil_enqueue(dst_if, mc, runfilt);
ac93838f
SS
2413 }
2414 if (used == 0)
2415 m_freem(m);
2416}
2417
d217f5e5
SU
2418/*
2419 * bridge_span:
2420 *
2421 * Duplicate a packet out one or more interfaces that are in span mode,
2422 * the original mbuf is unmodified.
2423 */
2424static void
2425bridge_span(struct bridge_softc *sc, struct mbuf *m)
2426{
2427 struct bridge_iflist *bif;
2428 struct ifnet *dst_if;
2429 struct mbuf *mc;
2430
2431 if (LIST_EMPTY(&sc->sc_spanlist))
2432 return;
2433
2434 LIST_FOREACH(bif, &sc->sc_spanlist, bif_next) {
2435 dst_if = bif->bif_ifp;
2436
2437 if ((dst_if->if_flags & IFF_RUNNING) == 0)
2438 continue;
2439
2440 mc = m_copypacket(m, MB_DONTWAIT);
2441 if (mc == NULL) {
2442 sc->sc_ifp->if_oerrors++;
2443 continue;
2444 }
2445
708a3bfa 2446 bridge_enqueue(dst_if, mc);
d217f5e5
SU
2447 }
2448}
2449
4394693c
SZ
2450static void
2451bridge_rtmsg_sync_handler(struct netmsg *nmsg)
2452{
2453 ifnet_forwardmsg(&nmsg->nm_lmsg, mycpuid + 1);
2454}
2455
2456static void
2457bridge_rtmsg_sync(struct bridge_softc *sc)
2458{
2459 struct netmsg nmsg;
2460
2461 ASSERT_NOT_SERIALIZED(sc->sc_ifp->if_serializer);
2462
2463 netmsg_init(&nmsg, &curthread->td_msgport, 0,
2464 bridge_rtmsg_sync_handler);
2465 ifnet_domsg(&nmsg.nm_lmsg, 0);
2466}
2467
2468static __inline void
2469bridge_rtinfo_update(struct bridge_rtinfo *bri, struct ifnet *dst_if,
2470 int setflags, uint8_t flags, uint32_t timeo)
2471{
2472 if ((bri->bri_flags & IFBAF_TYPEMASK) == IFBAF_DYNAMIC &&
2473 bri->bri_ifp != dst_if)
2474 bri->bri_ifp = dst_if;
2475 if ((flags & IFBAF_TYPEMASK) == IFBAF_DYNAMIC &&
2476 bri->bri_expire != time_second + timeo)
2477 bri->bri_expire = time_second + timeo;
2478 if (setflags)
2479 bri->bri_flags = flags;
2480}
2481
2482static int
2483bridge_rtinstall_oncpu(struct bridge_softc *sc, const uint8_t *dst,
2484 struct ifnet *dst_if, int setflags, uint8_t flags,
2485 struct bridge_rtinfo **bri0)
2486{
2487 struct bridge_rtnode *brt;
2488 struct bridge_rtinfo *bri;
2489
2490 if (mycpuid == 0) {
2491 brt = bridge_rtnode_lookup(sc, dst);
2492 if (brt != NULL) {
2493 /*
2494 * rtnode for 'dst' already exists. We inform the
2495 * caller about this by leaving bri0 as NULL. The
2496 * caller will terminate the intallation upon getting
2497 * NULL bri0. However, we still need to update the
2498 * rtinfo.
2499 */
2500 KKASSERT(*bri0 == NULL);
2501
2502 /* Update rtinfo */
2503 bridge_rtinfo_update(brt->brt_info, dst_if, setflags,
2504 flags, sc->sc_brttimeout);
2505 return 0;
2506 }
2507
2508 /*
2509 * We only need to check brtcnt on CPU0, since if limit
2510 * is to be exceeded, ENOSPC is returned. Caller knows
2511 * this and will terminate the installation.
2512 */
2513 if (sc->sc_brtcnt >= sc->sc_brtmax)
2514 return ENOSPC;
2515
2516 KKASSERT(*bri0 == NULL);
2517 bri = kmalloc(sizeof(struct bridge_rtinfo), M_DEVBUF,
2518 M_WAITOK | M_ZERO);
2519 *bri0 = bri;
2520
2521 /* Setup rtinfo */
2522 bri->bri_flags = IFBAF_DYNAMIC;
2523 bridge_rtinfo_update(bri, dst_if, setflags, flags,
2524 sc->sc_brttimeout);
2525 } else {
2526 bri = *bri0;
2527 KKASSERT(bri != NULL);
2528 }
2529
2530 brt = kmalloc(sizeof(struct bridge_rtnode), M_DEVBUF,
2531 M_WAITOK | M_ZERO);
2532 memcpy(brt->brt_addr, dst, ETHER_ADDR_LEN);
2533 brt->brt_info = bri;
2534
2535 bridge_rtnode_insert(sc, brt);
2536 return 0;
2537}
2538
2539static void
2540bridge_rtinstall_handler(struct netmsg *nmsg)
2541{
2542 struct netmsg_brsaddr *brmsg = (struct netmsg_brsaddr *)nmsg;
2543 int error;
2544
2545 error = bridge_rtinstall_oncpu(brmsg->br_softc,
2546 brmsg->br_dst, brmsg->br_dst_if,
2547 brmsg->br_setflags, brmsg->br_flags,
2548 &brmsg->br_rtinfo);
2549 if (error) {
2550 KKASSERT(mycpuid == 0 && brmsg->br_rtinfo == NULL);
2551 lwkt_replymsg(&nmsg->nm_lmsg, error);
2552 return;
2553 } else if (brmsg->br_rtinfo == NULL) {
2554 /* rtnode already exists for 'dst' */
2555 KKASSERT(mycpuid == 0);
2556 lwkt_replymsg(&nmsg->nm_lmsg, 0);
2557 return;
2558 }
2559 ifnet_forwardmsg(&nmsg->nm_lmsg, mycpuid + 1);
2560}
2561
ac93838f
SS
2562/*
2563 * bridge_rtupdate:
2564 *
4394693c 2565 * Add/Update a bridge routing entry.
ac93838f 2566 */
d217f5e5 2567static int
ac93838f 2568bridge_rtupdate(struct bridge_softc *sc, const uint8_t *dst,
4394693c 2569 struct ifnet *dst_if, uint8_t flags)
ac93838f
SS
2570{
2571 struct bridge_rtnode *brt;
ac93838f
SS
2572
2573 /*
2574 * A route for this destination might already exist. If so,
2575 * update it, otherwise create a new one.
2576 */
2577 if ((brt = bridge_rtnode_lookup(sc, dst)) == NULL) {
4394693c 2578 struct netmsg_brsaddr *brmsg;
ac93838f 2579
4394693c
SZ
2580 if (sc->sc_brtcnt >= sc->sc_brtmax)
2581 return ENOSPC;
2582
2583 brmsg = kmalloc(sizeof(*brmsg), M_LWKTMSG, M_WAITOK | M_NULLOK);
2584 if (brmsg == NULL)
2585 return ENOMEM;
2586
2587 netmsg_init(&brmsg->br_nmsg, &netisr_afree_rport, 0,
2588 bridge_rtinstall_handler);
2589 memcpy(brmsg->br_dst, dst, ETHER_ADDR_LEN);
2590 brmsg->br_dst_if = dst_if;
2591 brmsg->br_flags = flags;
2592 brmsg->br_setflags = 0;
2593 brmsg->br_softc = sc;
2594 brmsg->br_rtinfo = NULL;
2595
2596 ifnet_sendmsg(&brmsg->br_nmsg.nm_lmsg, 0);
2597 return 0;
2598 }
2599 bridge_rtinfo_update(brt->brt_info, dst_if, 0, flags,
2600 sc->sc_brttimeout);
2601 return 0;
2602}
ac93838f 2603
4394693c
SZ
2604static int
2605bridge_rtsaddr(struct bridge_softc *sc, const uint8_t *dst,
2606 struct ifnet *dst_if, uint8_t flags)
2607{
2608 struct netmsg_brsaddr brmsg;
ac93838f 2609
4394693c 2610 ASSERT_NOT_SERIALIZED(sc->sc_ifp->if_serializer);
ac93838f 2611
4394693c
SZ
2612 netmsg_init(&brmsg.br_nmsg, &curthread->td_msgport, MSGF_PRIORITY,
2613 bridge_rtinstall_handler);
2614 memcpy(brmsg.br_dst, dst, ETHER_ADDR_LEN);
2615 brmsg.br_dst_if = dst_if;
2616 brmsg.br_flags = flags;
2617 brmsg.br_setflags = 1;
2618 brmsg.br_softc = sc;
2619 brmsg.br_rtinfo = NULL;
ac93838f 2620
4394693c 2621 return ifnet_domsg(&brmsg.br_nmsg.nm_lmsg, 0);
ac93838f
SS
2622}
2623
2624/*
2625 * bridge_rtlookup:
2626 *
2627 * Lookup the destination interface for an address.
2628 */
d217f5e5 2629static struct ifnet *
ac93838f
SS
2630bridge_rtlookup(struct bridge_softc *sc, const uint8_t *addr)
2631{
2632 struct bridge_rtnode *brt;
2633
2634 if ((brt = bridge_rtnode_lookup(sc, addr)) == NULL)
4394693c
SZ
2635 return NULL;
2636 return brt->brt_info->bri_ifp;
2637}
ac93838f 2638
4394693c
SZ
2639static void
2640bridge_rtreap_handler(struct netmsg *nmsg)
2641{
2642 struct bridge_softc *sc = nmsg->nm_lmsg.u.ms_resultp;
2643 struct bridge_rtnode *brt, *nbrt;
2644
2645 LIST_FOREACH_MUTABLE(brt, &sc->sc_rtlists[mycpuid], brt_list, nbrt) {
2646 if (brt->brt_info->bri_dead)
2647 bridge_rtnode_destroy(sc, brt);
2648 }
2649 ifnet_forwardmsg(&nmsg->nm_lmsg, mycpuid + 1);
2650}
2651
2652static void
2653bridge_rtreap(struct bridge_softc *sc)
2654{
2655 struct netmsg nmsg;
2656
2657 ASSERT_NOT_SERIALIZED(sc->sc_ifp->if_serializer);
2658
2659 netmsg_init(&nmsg, &curthread->td_msgport, 0, bridge_rtreap_handler);
2660 nmsg.nm_lmsg.u.ms_resultp = sc;
2661
2662 ifnet_domsg(&nmsg.nm_lmsg, 0);
ac93838f
SS
2663}
2664
2665/*
2666 * bridge_rttrim:
2667 *
2668 * Trim the routine table so that we have a number
2669 * of routing entries less than or equal to the
2670 * maximum number.
2671 */
d217f5e5 2672static void
ac93838f
SS
2673bridge_rttrim(struct bridge_softc *sc)
2674{
4394693c
SZ
2675 struct bridge_rtnode *brt;
2676 int dead;
2677
2678 ASSERT_NOT_SERIALIZED(sc->sc_ifp->if_serializer);
ac93838f
SS
2679
2680 /* Make sure we actually need to do this. */
2681 if (sc->sc_brtcnt <= sc->sc_brtmax)
2682 return;
2683
4394693c
SZ
2684 /*
2685 * Find out how many rtnodes are dead
2686 */
2687 dead = bridge_rtage_finddead(sc);
2688 KKASSERT(dead <= sc->sc_brtcnt);
2689
2690 if (sc->sc_brtcnt - dead <= sc->sc_brtmax) {
2691 /* Enough dead rtnodes are found */
2692 bridge_rtreap(sc);
ac93838f 2693 return;
4394693c 2694 }
ac93838f 2695
4394693c
SZ
2696 /*
2697 * Kill some dynamic rtnodes to meet the brtmax
2698 */
2699 LIST_FOREACH(brt, &sc->sc_rtlists[mycpuid], brt_list) {
2700 struct bridge_rtinfo *bri = brt->brt_info;
2701
2702 if (bri->bri_dead) {
2703 /*
2704 * We have counted this rtnode in
2705 * bridge_rtage_finddead()
2706 */
2707 continue;
2708 }
2709
2710 if ((bri->bri_flags & IFBAF_TYPEMASK) == IFBAF_DYNAMIC) {
2711 bri->bri_dead = 1;
2712 ++dead;
2713 KKASSERT(dead <= sc->sc_brtcnt);
2714
2715 if (sc->sc_brtcnt - dead <= sc->sc_brtmax) {
2716 /* Enough rtnodes are collected */
2717 break;
2718 }
ac93838f
SS
2719 }
2720 }
4394693c
SZ
2721 if (dead)
2722 bridge_rtreap(sc);
ac93838f
SS
2723}
2724
2725/*
2726 * bridge_timer:
2727 *
2728 * Aging timer for the bridge.
2729 */
d217f5e5 2730static void
ac93838f
SS
2731bridge_timer(void *arg)
2732{
2733 struct bridge_softc *sc = arg;
e9d22060
SZ
2734 struct lwkt_msg *lmsg;
2735
2736 KKASSERT(mycpuid == BRIDGE_CFGCPU);
2737
2738 crit_enter();
2739
2740 if (callout_pending(&sc->sc_brcallout) ||
2741 !callout_active(&sc->sc_brcallout)) {
2742 crit_exit();
2743 return;
2744 }
2745 callout_deactivate(&sc->sc_brcallout);
2746
2747 lmsg = &sc->sc_brtimemsg.nm_lmsg;
2748 KKASSERT(lmsg->ms_flags & MSGF_DONE);
2749 lwkt_sendmsg(BRIDGE_CFGPORT, lmsg);
2750
2751 crit_exit();
2752}
2753
2754static void
2755bridge_timer_handler(struct netmsg *nmsg)
2756{
2757 struct bridge_softc *sc = nmsg->nm_lmsg.u.ms_resultp;
2758
2759 KKASSERT(&curthread->td_msgport == BRIDGE_CFGPORT);
2760
2761 crit_enter();
2762 /* Reply ASAP */
2763 lwkt_replymsg(&nmsg->nm_lmsg, 0);
2764 crit_exit();
ac93838f 2765
ac93838f 2766 bridge_rtage(sc);
e9d22060 2767 if (sc->sc_ifp->if_flags & IFF_RUNNING) {
ac93838f
SS
2768 callout_reset(&sc->sc_brcallout,
2769 bridge_rtable_prune_period * hz, bridge_timer, sc);
e9d22060 2770 }
4394693c 2771}
ac93838f 2772
4394693c
SZ
2773static int
2774bridge_rtage_finddead(struct bridge_softc *sc)
2775{
2776 struct bridge_rtnode *brt;
2777 int dead = 0;
2778
2779 LIST_FOREACH(brt, &sc->sc_rtlists[mycpuid], brt_list) {
2780 struct bridge_rtinfo *bri = brt->brt_info;
2781
2782 if ((bri->bri_flags & IFBAF_TYPEMASK) == IFBAF_DYNAMIC &&
2783 time_second >= bri->bri_expire) {
2784 bri->bri_dead = 1;
2785 ++dead;
2786 KKASSERT(dead <= sc->sc_brtcnt);
2787 }
2788 }
2789 return dead;
ac93838f
SS
2790}
2791
2792/*
2793 * bridge_rtage:
2794 *
2795 * Perform an aging cycle.
2796 */
d217f5e5 2797static void
ac93838f
SS
2798bridge_rtage(struct bridge_softc *sc)
2799{
4394693c 2800 ASSERT_NOT_SERIALIZED(sc->sc_ifp->if_serializer);
ac93838f 2801
4394693c
SZ
2802 if (bridge_rtage_finddead(sc))
2803 bridge_rtreap(sc);
ac93838f
SS
2804}
2805
2806/*
2807 * bridge_rtflush:
2808 *
2809 * Remove all dynamic addresses from the bridge.
2810 */
d217f5e5 2811static void
ac93838f
SS
2812bridge_rtflush(struct bridge_softc *sc, int full)
2813{
4394693c
SZ
2814 struct bridge_rtnode *brt;
2815 int reap;
ac93838f 2816
4394693c
SZ
2817 ASSERT_NOT_SERIALIZED(sc->sc_ifp->if_serializer);
2818
2819 reap = 0;
2820 LIST_FOREACH(brt, &sc->sc_rtlists[mycpuid], brt_list) {
2821 struct bridge_rtinfo *bri = brt->brt_info;
2822
2823 if (full ||
2824 (bri->bri_flags & IFBAF_TYPEMASK) == IFBAF_DYNAMIC) {
2825 bri->bri_dead = 1;
2826 reap = 1;
2827 }
ac93838f 2828 }
4394693c
SZ
2829 if (reap)
2830 bridge_rtreap(sc);
ac93838f
SS
2831}
2832
2833/*
2834 * bridge_rtdaddr:
2835 *
2836 * Remove an address from the table.
2837 */
d217f5e5 2838static int
ac93838f
SS
2839bridge_rtdaddr(struct bridge_softc *sc, const uint8_t *addr)
2840{
2841 struct bridge_rtnode *brt;
2842
4394693c
SZ
2843 ASSERT_NOT_SERIALIZED(sc->sc_ifp->if_serializer);
2844
ac93838f
SS
2845 if ((brt = bridge_rtnode_lookup(sc, addr)) == NULL)
2846 return (ENOENT);
2847
4394693c
SZ
2848 /* TODO: add a cheaper delete operation */
2849 brt->brt_info->bri_dead = 1;
2850 bridge_rtreap(sc);
ac93838f
SS
2851 return (0);
2852}
2853
2854/*
2855 * bridge_rtdelete:
2856 *
2857 * Delete routes to a speicifc member interface.
2858 */
2859void
2860bridge_rtdelete(struct bridge_softc *sc, struct ifnet *ifp, int full)
2861{
4394693c
SZ
2862 struct bridge_rtnode *brt;
2863 int reap;
ac93838f 2864
4394693c
SZ
2865 ASSERT_NOT_SERIALIZED(sc->sc_ifp->if_serializer);
2866
2867 reap = 0;
2868 LIST_FOREACH(brt, &sc->sc_rtlists[mycpuid], brt_list) {
2869 struct bridge_rtinfo *bri = brt->brt_info;
2870
2871 if (bri->bri_ifp == ifp &&
2872 (full ||
2873 (bri->bri_flags & IFBAF_TYPEMASK) == IFBAF_DYNAMIC)) {
2874 bri->bri_dead = 1;
2875 reap = 1;
2876 }
ac93838f 2877 }
4394693c
SZ
2878 if (reap)
2879 bridge_rtreap(sc);
ac93838f
SS
2880}
2881
2882/*
2883 * bridge_rtable_init:
2884 *
2885 * Initialize the route table for this bridge.
2886 */
4394693c 2887static void
ac93838f
SS
2888bridge_rtable_init(struct bridge_softc *sc)
2889{
4394693c 2890 int cpu;
ac93838f 2891
4394693c
SZ
2892 /*
2893 * Initialize per-cpu hash tables
2894 */
2895 sc->sc_rthashs = kmalloc(sizeof(*sc->sc_rthashs) * ncpus,
2896 M_DEVBUF, M_WAITOK);
2897 for (cpu = 0; cpu < ncpus; ++cpu) {
2898 int i;
ac93838f 2899
4394693c
SZ
2900 sc->sc_rthashs[cpu] =
2901 kmalloc(sizeof(struct bridge_rtnode_head) * BRIDGE_RTHASH_SIZE,
2902 M_DEVBUF, M_WAITOK);
ac93838f 2903
4394693c
SZ
2904 for (i = 0; i < BRIDGE_RTHASH_SIZE; i++)
2905 LIST_INIT(&sc->sc_rthashs[cpu][i]);
2906 }
0ced1954 2907 sc->sc_rthash_key = karc4random();
ac93838f 2908
4394693c
SZ
2909 /*
2910 * Initialize per-cpu lists
2911 */
2912 sc->sc_rtlists = kmalloc(sizeof(struct bridge_rtnode_head) * ncpus,
2913 M_DEVBUF, M_WAITOK);
2914 for (cpu = 0; cpu < ncpus; ++cpu)
2915 LIST_INIT(&sc->sc_rtlists[cpu]);
ac93838f
SS
2916}
2917
2918/*
2919 * bridge_rtable_fini:
2920 *
2921 * Deconstruct the route table for this bridge.
2922 */
d217f5e5 2923static void
ac93838f
SS
2924bridge_rtable_fini(struct bridge_softc *sc)
2925{
4394693c 2926 int cpu;
ac93838f 2927
4394693c
SZ
2928 /*
2929 * Free per-cpu hash tables
2930 */
2931 for (cpu = 0; cpu < ncpus; ++cpu)
2932 kfree(sc->sc_rthashs[cpu], M_DEVBUF);
2933 kfree(sc->sc_rthashs, M_DEVBUF);
2934
2935 /*
2936 * Free per-cpu lists
2937 */
2938 kfree(sc->sc_rtlists, M_DEVBUF);
ac93838f
SS
2939}
2940
2941/*
2942 * The following hash function is adapted from "Hash Functions" by Bob Jenkins
2943 * ("Algorithm Alley", Dr. Dobbs Journal, September 1997).
2944 */
2945#define mix(a, b, c) \
2946do { \
2947 a -= b; a -= c; a ^= (c >> 13); \
2948 b -= c; b -= a; b ^= (a << 8); \
2949 c -= a; c -= b; c ^= (b >> 13); \
2950 a -= b; a -= c; a ^= (c >> 12); \
2951 b -= c; b -= a; b ^= (a << 16); \
2952 c -= a; c -= b; c ^= (b >> 5); \
2953 a -= b; a -= c; a ^= (c >> 3); \
2954 b -= c; b -= a; b ^= (a << 10); \
2955 c -= a; c -= b; c ^= (b >> 15); \
2956} while (/*CONSTCOND*/0)
2957
2958static __inline uint32_t
2959bridge_rthash(struct bridge_softc *sc, const uint8_t *addr)
2960{
2961 uint32_t a = 0x9e3779b9, b = 0x9e3779b9, c = sc->sc_rthash_key;
2962
2963 b += addr[5] << 8;
2964 b += addr[4];
2965 a += addr[3] << 24;
2966 a += addr[2] << 16;
2967 a += addr[1] << 8;
2968 a += addr[0];
2969
2970 mix(a, b, c);
2971
2972 return (c & BRIDGE_RTHASH_MASK);
2973}
2974
2975#undef mix
2976
d217f5e5
SU
2977static int
2978bridge_rtnode_addr_cmp(const uint8_t *a, const uint8_t *b)
2979{
2980 int i, d;
2981
2982 for (i = 0, d = 0; i < ETHER_ADDR_LEN && d == 0; i++) {
2983 d = ((int)a[i]) - ((int)b[i]);
2984 }
2985
2986 return (d);
2987}
2988
ac93838f
SS
2989/*
2990 * bridge_rtnode_lookup:
2991 *
2992 * Look up a bridge route node for the specified destination.
2993 */
d217f5e5 2994static struct bridge_rtnode *
ac93838f
SS
2995bridge_rtnode_lookup(struct bridge_softc *sc, const uint8_t *addr)
2996{
2997 struct bridge_rtnode *brt;
2998 uint32_t hash;
2999 int dir;
3000
3001 hash = bridge_rthash(sc, addr);
4394693c 3002 LIST_FOREACH(brt, &sc->sc_rthashs[mycpuid][hash], brt_hash) {
d217f5e5 3003 dir = bridge_rtnode_addr_cmp(addr, brt->brt_addr);
ac93838f
SS
3004 if (dir == 0)
3005 return (brt);
3006 if (dir > 0)
3007 return (NULL);
3008 }
3009
3010 return (NULL);
3011}
3012
3013/*
3014 * bridge_rtnode_insert:
3015 *
4394693c
SZ
3016 * Insert the specified bridge node into the route table.
3017 * Caller has to make sure that rtnode does not exist.
ac93838f 3018 */
4394693c 3019static void
ac93838f
SS
3020bridge_rtnode_insert(struct bridge_softc *sc, struct bridge_rtnode *brt)
3021{
3022 struct bridge_rtnode *lbrt;
3023 uint32_t hash;
3024 int dir;
3025
3026 hash = bridge_rthash(sc, brt->brt_addr);
3027
4394693c 3028 lbrt = LIST_FIRST(&sc->sc_rthashs[mycpuid][hash]);
ac93838f 3029 if (lbrt == NULL) {
4394693c 3030 LIST_INSERT_HEAD(&sc->sc_rthashs[mycpuid][hash], brt, brt_hash);
ac93838f
SS
3031 goto out;
3032 }
3033
3034 do {
d217f5e5 3035 dir = bridge_rtnode_addr_cmp(brt->brt_addr, lbrt->brt_addr);
4394693c
SZ
3036 KASSERT(dir != 0, ("rtnode already exist\n"));
3037
ac93838f
SS
3038 if (dir > 0) {
3039 LIST_INSERT_BEFORE(lbrt, brt, brt_hash);
3040 goto out;
3041 }
3042 if (LIST_NEXT(lbrt, brt_hash) == NULL) {
3043 LIST_INSERT_AFTER(lbrt, brt, brt_hash);
3044 goto out;
3045 }
3046 lbrt = LIST_NEXT(lbrt, brt_hash);
3047 } while (lbrt != NULL);
3048
4394693c 3049 panic("no suitable position found for rtnode\n");
d217f5e5 3050out:
4394693c
SZ
3051 LIST_INSERT_HEAD(&sc->sc_rtlists[mycpuid], brt, brt_list);
3052 if (mycpuid == 0) {
3053 /*
3054 * Update the brtcnt.
3055 * We only need to do it once and we do it on CPU0.
3056 */
3057 sc->sc_brtcnt++;
3058 }
ac93838f
SS
3059}
3060
3061/*
3062 * bridge_rtnode_destroy:
3063 *
3064 * Destroy a bridge rtnode.
3065 */
d217f5e5 3066static void
ac93838f
SS
3067bridge_rtnode_destroy(struct bridge_softc *sc, struct bridge_rtnode *brt)
3068{
ac93838f 3069 LIST_REMOVE(brt, brt_hash);
ac93838f 3070 LIST_REMOVE(brt, brt_list);
4394693c
SZ
3071
3072 if (mycpuid + 1 == ncpus) {
3073 /* Free rtinfo associated with rtnode on the last cpu */
3074 kfree(brt->brt_info, M_DEVBUF);
3075 }
efda3bd0 3076 kfree(brt, M_DEVBUF);
4394693c
SZ
3077
3078 if (mycpuid == 0) {
3079 /* Update brtcnt only on CPU0 */
3080 sc->sc_brtcnt--;
3081 }
ac93838f
SS
3082}
3083
2303c7de
SZ
3084static __inline int
3085bridge_post_pfil(struct mbuf *m)
3086{
3087 if (m->m_pkthdr.fw_flags & IPFORWARD_MBUF_TAGGED)
3088 return EOPNOTSUPP;
3089
3090 /* Not yet */
3091 if (m->m_pkthdr.fw_flags & DUMMYNET_MBUF_TAGGED)
3092 return EOPNOTSUPP;
3093
3094 return 0;
3095}
3096
ac93838f
SS
3097/*
3098 * Send bridge packets through pfil if they are one of the types pfil can deal
3099 * with, or if they are ARP or REVARP. (pfil will pass ARP and REVARP without
3100 * question.) If *bifp or *ifp are NULL then packet filtering is skipped for
3101 * that interface.
3102 */
3bf25ce1
SW
3103static int
3104bridge_pfil(struct mbuf **mp, struct ifnet *bifp, struct ifnet *ifp, int dir)
ac93838f 3105{
d217f5e5 3106 int snap, error, i, hlen;
ac93838f
SS
3107 struct ether_header *eh1, eh2;
3108 struct ip *ip;
3109 struct llc llc1;
3110 u_int16_t ether_type;
3111
3112 snap = 0;
3113 error = -1; /* Default error if not error == 0 */
3114
d217f5e5
SU
3115 if (pfil_bridge == 0 && pfil_member == 0)
3116 return (0); /* filtering is disabled */
3117
ac93838f
SS
3118 i = min((*mp)->m_pkthdr.len, max_protohdr);
3119 if ((*mp)->m_len < i) {
d76dd5c7
SZ
3120 *mp = m_pullup(*mp, i);
3121 if (*mp == NULL) {
3122 kprintf("%s: m_pullup failed\n", __func__);
3123 return (-1);
3124 }
ac93838f
SS
3125 }
3126
3127 eh1 = mtod(*mp, struct ether_header *);
3128 ether_type = ntohs(eh1->ether_type);
3129
3130 /*
3131 * Check for SNAP/LLC.
3132 */
3133 if (ether_type < ETHERMTU) {
3134 struct llc *llc2 = (struct llc *)(eh1 + 1);
3135
3136 if ((*mp)->m_len >= ETHER_HDR_LEN + 8 &&
3137 llc2->llc_dsap == LLC_SNAP_LSAP &&
3138 llc2->llc_ssap == LLC_SNAP_LSAP &&
3139 llc2->llc_control == LLC_UI) {
3140 ether_type = htons(llc2->llc_un.type_snap.ether_type);
3141 snap = 1;
3142 }
3143 }
3144
3145 /*
3146 * If we're trying to filter bridge traffic, don't look at anything
3147 * other than IP and ARP traffic. If the filter doesn't understand
3148 * IPv6, don't allow IPv6 through the bridge either. This is lame
3149 * since if we really wanted, say, an AppleTalk filter, we are hosed,
3150 * but of course we don't have an AppleTalk filter to begin with.
3151 * (Note that since pfil doesn't understand ARP it will pass *ALL*
3152 * ARP traffic.)
3153 */
3154 switch (ether_type) {
d76dd5c7
SZ
3155 case ETHERTYPE_ARP:
3156 case ETHERTYPE_REVARP:
3157 return (0); /* Automatically pass */
3158
3159 case ETHERTYPE_IP:
d217f5e5 3160#ifdef INET6
d76dd5c7 3161 case ETHERTYPE_IPV6:
d217f5e5 3162#endif /* INET6 */
d76dd5c7
SZ
3163 break;
3164
3165 default:
3166 /*
3167 * Check to see if the user wants to pass non-ip
3168 * packets, these will not be checked by pfil(9)
3169 * and passed unconditionally so the default is to drop.
3170 */
3171 if (pfil_onlyip)
3172 goto bad;
ac93838f
SS
3173 }
3174
3175 /* Strip off the Ethernet header and keep a copy. */
3176 m_copydata(*mp, 0, ETHER_HDR_LEN, (caddr_t) &eh2);
3177 m_adj(*mp, ETHER_HDR_LEN);
3178
3179 /* Strip off snap header, if present */
3180 if (snap) {
3181 m_copydata(*mp, 0, sizeof(struct llc), (caddr_t) &llc1);
3182 m_adj(*mp, sizeof(struct llc));
3183 }
3184
3185 /*
3186 * Check the IP header for alignment and errors
3187 */
3188 if (dir == PFIL_IN) {
3189 switch (ether_type) {
d76dd5c7
SZ
3190 case ETHERTYPE_IP:
3191 error = bridge_ip_checkbasic(mp);
3192 break;
d217f5e5 3193#ifdef INET6
d76dd5c7
SZ
3194 case ETHERTYPE_IPV6:
3195 error = bridge_ip6_checkbasic(mp);
3196 break;
d217f5e5 3197#endif /* INET6 */
d76dd5c7
SZ
3198 default:
3199 error = 0;
ac93838f
SS
3200 }
3201 if (error)
3202 goto bad;
3203 }
3204
3205 error = 0;
3206
3207 /*
3208 * Run the packet through pfil
3209 */
d76dd5c7
SZ
3210 switch (ether_type) {
3211 case ETHERTYPE_IP:
ac93838f
SS
3212 /*
3213 * before calling the firewall, swap fields the same as
3214 * IP does. here we assume the header is contiguous
3215 */
3216 ip = mtod(*mp, struct ip *);
3217
3218 ip->ip_len = ntohs(ip->ip_len);
3219 ip->ip_off = ntohs(ip->ip_off);
3220
3221 /*
3222 * Run pfil on the member interface and the bridge, both can
3223 * be skipped by clearing pfil_member or pfil_bridge.
3224 *
3225 * Keep the order:
3226 * in_if -> bridge_if -> out_if
3227 */
2303c7de
SZ
3228 if (pfil_bridge && dir == PFIL_OUT && bifp != NULL) {
3229 error = pfil_run_hooks(&inet_pfil_hook, mp, bifp, dir);
3230 if (*mp == NULL || error != 0) /* filter may consume */
3231 break;
3232 error = bridge_post_pfil(*mp);
3233 if (error)
3234 break;
3235 }
ac93838f 3236
2303c7de
SZ
3237 if (pfil_member && ifp != NULL) {
3238 error = pfil_run_hooks(&inet_pfil_hook, mp, ifp, dir);
3239 if (*mp == NULL || error != 0) /* filter may consume */
3240 break;
3241 error = bridge_post_pfil(*mp);
3242 if (error)
3243 break;
3244 }
ac93838f 3245
2303c7de
SZ
3246 if (pfil_bridge && dir == PFIL_IN && bifp != NULL) {
3247 error = pfil_run_hooks(&inet_pfil_hook, mp, bifp, dir);
3248 if (*mp == NULL || error != 0) /* filter may consume */
3249 break;
3250 error = bridge_post_pfil(*mp);
3251 if (error)
3252 break;
3253 }
d217f5e5
SU
3254
3255 /* check if we need to fragment the packet */
3256 if (pfil_member && ifp != NULL && dir == PFIL_OUT) {
3257 i = (*mp)->m_pkthdr.len;
3258 if (i > ifp->if_mtu) {
3259 error = bridge_fragment(ifp, *mp, &eh2, snap,
3260 &llc1);
3261 return (error);
3262 }
3263 }
3264
3265 /* Recalculate the ip checksum and restore byte ordering */
3266 ip = mtod(*mp, struct ip *);
3267 hlen = ip->ip_hl << 2;
3268 if (hlen < sizeof(struct ip))
3269 goto bad;
3270 if (hlen > (*mp)->m_len) {
3271 if ((*mp = m_pullup(*mp, hlen)) == 0)
3272 goto bad;
ac93838f 3273 ip = mtod(*mp, struct ip *);
d217f5e5
SU
3274 if (ip == NULL)
3275 goto bad;
ac93838f 3276 }
d217f5e5
SU
3277 ip->ip_len = htons(ip->ip_len);
3278 ip->ip_off = htons(ip->ip_off);
3279 ip->ip_sum = 0;
3280 if (hlen == sizeof(struct ip))
3281 ip->ip_sum = in_cksum_hdr(ip);
3282 else
3283 ip->ip_sum = in_cksum(*mp, hlen);
ac93838f
SS
3284
3285 break;
d217f5e5 3286#ifdef INET6
d76dd5c7 3287 case ETHERTYPE_IPV6:
ac93838f
SS
3288 if (pfil_bridge && dir == PFIL_OUT && bifp != NULL)
3289 error = pfil_run_hooks(&inet6_pfil_hook, mp, bifp,
3290 dir);
3291
3292 if (*mp == NULL || error != 0) /* filter may consume */
3293 break;
3294
3295 if (pfil_member && ifp != NULL)
3296 error = pfil_run_hooks(&inet6_pfil_hook, mp, ifp,
3297 dir);
3298
3299 if (*mp == NULL || error != 0) /* filter may consume */
3300 break;
3301
3302 if (pfil_bridge && dir == PFIL_IN && bifp != NULL)
3303 error = pfil_run_hooks(&inet6_pfil_hook, mp, bifp,
3304 dir);
3305 break;
d217f5e5 3306#endif
d76dd5c7 3307 default:
ac93838f
SS
3308 error = 0;
3309 break;
3310 }
3311
3312 if (*mp == NULL)
d217f5e5 3313 return (error);
ac93838f
SS
3314 if (error != 0)
3315 goto bad;
3316
3317 error = -1;
3318
3319 /*
3320 * Finally, put everything back the way it was and return
3321 */
3322 if (snap) {
3323 M_PREPEND(*mp, sizeof(struct llc), MB_DONTWAIT);
3324 if (*mp == NULL)
d217f5e5 3325 return (error);
ac93838f
SS
3326 bcopy(&llc1, mtod(*mp, caddr_t), sizeof(struct llc));
3327 }
3328
3329 M_PREPEND(*mp, ETHER_HDR_LEN, MB_DONTWAIT);
3330 if (*mp == NULL)
d217f5e5 3331 return (error);
ac93838f
SS
3332 bcopy(&eh2, mtod(*mp, caddr_t), ETHER_HDR_LEN);
3333
d217f5e5 3334 return (0);
ac93838f 3335
d217f5e5 3336bad:
ac93838f
SS
3337 m_freem(*mp);
3338 *mp = NULL;
d217f5e5 3339 return (error);
ac93838f
SS
3340}
3341
3342/*
3343 * Perform basic checks on header size since
3344 * pfil assumes ip_input has already processed
3345 * it for it. Cut-and-pasted from ip_input.c.
3346 * Given how simple the IPv6 version is,
3347 * does the IPv4 version really need to be
3348 * this complicated?
3349 *
3350 * XXX Should we update ipstat here, or not?
3351 * XXX Right now we update ipstat but not
3352 * XXX csum_counter.
3353 */
3354static int
3355bridge_ip_checkbasic(struct mbuf **mp)
3356{
3357 struct mbuf *m = *mp;
3358 struct ip *ip;
3359 int len, hlen;
3360 u_short sum;
3361
3362 if (*mp == NULL)
d217f5e5 3363 return (-1);
ac93838f
SS
3364#if notyet
3365 if (IP_HDR_ALIGNED_P(mtod(m, caddr_t)) == 0) {
3366 if ((m = m_copyup(m, sizeof(struct ip),
3367 (max_linkhdr + 3) & ~3)) == NULL) {
3368 /* XXXJRT new stat, please */
3369 ipstat.ips_toosmall++;
3370 goto bad;
3371 }
3372 } else
3373#endif
3374#ifndef __predict_false
3375#define __predict_false(x) x
3376#endif
3377 if (__predict_false(m->m_len < sizeof (struct ip))) {
3378 if ((m = m_pullup(m, sizeof (struct ip))) == NULL) {
3379 ipstat.ips_toosmall++;
3380 goto bad;
3381 }
3382 }
3383 ip = mtod(m, struct ip *);
3384 if (ip == NULL) goto bad;
3385
3386 if (ip->ip_v != IPVERSION) {
3387 ipstat.ips_badvers++;
3388 goto bad;
3389 }
3390 hlen = ip->ip_hl << 2;
3391 if (hlen < sizeof(struct ip)) { /* minimum header length */
3392 ipstat.ips_badhlen++;
3393 goto bad;
3394 }
3395 if (hlen > m->m_len) {
3396 if ((m = m_pullup(m, hlen)) == 0) {
3397 ipstat.ips_badhlen++;
3398 goto bad;
3399 }
3400 ip = mtod(m, struct ip *);
3401 if (ip == NULL) goto bad;
3402 }
3403
3404 if (m->m_pkthdr.csum_flags & CSUM_IP_CHECKED) {
3405 sum = !(m->m_pkthdr.csum_flags & CSUM_IP_VALID);
3406 } else {
3407 if (hlen == sizeof(struct ip)) {
3408 sum = in_cksum_hdr(ip);
3409 } else {
3410 sum = in_cksum(m, hlen);
3411 }
3412 }
3413 if (sum) {
3414 ipstat.ips_badsum++;
3415 goto bad;
3416 }
3417
3418 /* Retrieve the packet length. */
3419 len = ntohs(ip->ip_len);
3420
3421 /*
3422 * Check for additional length bogosity
3423 */
3424 if (len < hlen) {
3425 ipstat.ips_badlen++;
3426 goto bad;
3427 }
3428
3429 /*
3430 * Check that the amount of data in the buffers
3431 * is as at least much as the IP header would have us expect.
3432 * Drop packet if shorter than we expect.
3433 */
3434 if (m->m_pkthdr.len < len) {
3435 ipstat.ips_tooshort++;
3436 goto bad;
3437 }
3438
3439 /* Checks out, proceed */
3440 *mp = m;
d217f5e5 3441 return (0);
ac93838f 3442
d217f5e5 3443bad:
ac93838f 3444 *mp = m;
d217f5e5 3445 return (-1);
ac93838f
SS
3446}
3447
d217f5e5 3448#ifdef INET6
ac93838f
SS
3449/*
3450 * Same as above, but for IPv6.
3451 * Cut-and-pasted from ip6_input.c.
3452 * XXX Should we update ip6stat, or not?
3453 */
3454static int
3455bridge_ip6_checkbasic(struct mbuf **mp)
3456{
3457 struct mbuf *m = *mp;
3458 struct ip6_hdr *ip6;
3459
3460 /*
3461 * If the IPv6 header is not aligned, slurp it up into a new
3462 * mbuf with space for link headers, in the event we forward
3463 * it. Otherwise, if it is aligned, make sure the entire base
3464 * IPv6 header is in the first mbuf of the chain.
3465 */
3466#if notyet
3467 if (IP6_HDR_ALIGNED_P(mtod(m, caddr_t)) == 0) {
3468 struct ifnet *inifp = m->m_pkthdr.rcvif;
3469 if ((m = m_copyup(m, sizeof(struct ip6_hdr),
3470 (max_linkhdr + 3) & ~3)) == NULL) {
3471 /* XXXJRT new stat, please */
3472 ip6stat.ip6s_toosmall++;
3473 in6_ifstat_inc(inifp, ifs6_in_hdrerr);
3474 goto bad;
3475 }
3476 } else
3477#endif
d217f5e5 3478 if (__predict_false(m->m_len < sizeof(struct ip6_hdr))) {
ac93838f
SS
3479 struct ifnet *inifp = m->m_pkthdr.rcvif;
3480 if ((m = m_pullup(m, sizeof(struct ip6_hdr))) == NULL) {
3481 ip6stat.ip6s_toosmall++;
3482 in6_ifstat_inc(inifp, ifs6_in_hdrerr);
3483 goto bad;
3484 }
3485 }
3486
3487 ip6 = mtod(m, struct ip6_hdr *);
3488
3489 if ((ip6->ip6_vfc & IPV6_VERSION_MASK) != IPV6_VERSION) {
3490 ip6stat.ip6s_badvers++;
3491 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_hdrerr);
3492 goto bad;
3493 }
3494
3495 /* Checks out, proceed */
3496 *mp = m;
d217f5e5 3497 return (0);
ac93838f 3498
d217f5e5 3499bad:
ac93838f 3500 *mp = m;
d217f5e5
SU
3501 return (-1);
3502}
3503#endif /* INET6 */
3504
3505/*
3506 * bridge_fragment:
3507 *
3508 * Return a fragmented mbuf chain.