2 * Copyright 2001 Wasabi Systems, Inc.
5 * Written by Jason R. Thorpe for Wasabi Systems, Inc.
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 * 3. All advertising materials mentioning features or use of this software
16 * must display the following acknowledgement:
17 * This product includes software developed for the NetBSD Project by
18 * Wasabi Systems, Inc.
19 * 4. The name of Wasabi Systems, Inc. may not be used to endorse
20 * or promote products derived from this software without specific prior
23 * THIS SOFTWARE IS PROVIDED BY WASABI SYSTEMS, INC. ``AS IS'' AND
24 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
25 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
26 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL WASABI SYSTEMS, INC
27 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
28 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
29 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
30 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
31 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
32 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
33 * POSSIBILITY OF SUCH DAMAGE.
37 * Copyright (c) 1999, 2000 Jason L. Wright (jason@thought.net)
38 * All rights reserved.
40 * Redistribution and use in source and binary forms, with or without
41 * modification, are permitted provided that the following conditions
43 * 1. Redistributions of source code must retain the above copyright
44 * notice, this list of conditions and the following disclaimer.
45 * 2. Redistributions in binary form must reproduce the above copyright
46 * notice, this list of conditions and the following disclaimer in the
47 * documentation and/or other materials provided with the distribution.
48 * 3. All advertising materials mentioning features or use of this software
49 * must display the following acknowledgement:
50 * This product includes software developed by Jason L. Wright
51 * 4. The name of the author may not be used to endorse or promote products
52 * derived from this software without specific prior written permission.
54 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
55 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
56 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
57 * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
58 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
59 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
60 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
61 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
62 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
63 * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
64 * POSSIBILITY OF SUCH DAMAGE.
66 * $OpenBSD: if_bridge.c,v 1.60 2001/06/15 03:38:33 itojun Exp $
67 * $NetBSD: if_bridge.c,v 1.31 2005/06/01 19:45:34 jdc Exp $
68 * $FreeBSD: src/sys/net/if_bridge.c,v 1.26 2005/10/13 23:05:55 thompsa Exp $
69 * $DragonFly: src/sys/net/bridge/if_bridge.c,v 1.41 2008/06/19 15:51:57 sephe Exp $
73 * Network interface bridge support.
77 * - Currently only supports Ethernet-like interfaces (Ethernet,
78 * 802.11, VLANs on Ethernet, etc.) Figure out a nice way
79 * to bridge other types of interfaces (FDDI-FDDI, and maybe
80 * consider heterogenous bridges).
83 #include <sys/cdefs.h>
86 #include "opt_inet6.h"
88 #include <sys/param.h>
90 #include <sys/malloc.h>
91 #include <sys/protosw.h>
92 #include <sys/systm.h>
94 #include <sys/socket.h> /* for net/if.h */
95 #include <sys/sockio.h>
96 #include <sys/ctype.h> /* string functions */
97 #include <sys/kernel.h>
98 #include <sys/random.h>
99 #include <sys/sysctl.h>
100 #include <sys/module.h>
101 #include <sys/proc.h>
102 #include <sys/lock.h>
103 #include <sys/thread.h>
104 #include <sys/thread2.h>
105 #include <sys/mpipe.h>
109 #include <net/if_dl.h>
110 #include <net/if_types.h>
111 #include <net/if_var.h>
112 #include <net/pfil.h>
113 #include <net/ifq_var.h>
114 #include <net/if_clone.h>
116 #include <netinet/in.h> /* for struct arpcom */
117 #include <netinet/in_systm.h>
118 #include <netinet/in_var.h>
119 #include <netinet/ip.h>
120 #include <netinet/ip_var.h>
122 #include <netinet/ip6.h>
123 #include <netinet6/ip6_var.h>
125 #include <netinet/if_ether.h> /* for struct arpcom */
126 #include <net/bridge/if_bridgevar.h>
127 #include <net/if_llc.h>
128 #include <net/netmsg2.h>
130 #include <net/route.h>
131 #include <sys/in_cksum.h>
134 * Size of the route hash table. Must be a power of two.
136 #ifndef BRIDGE_RTHASH_SIZE
137 #define BRIDGE_RTHASH_SIZE 1024
140 #define BRIDGE_RTHASH_MASK (BRIDGE_RTHASH_SIZE - 1)
143 * Maximum number of addresses to cache.
145 #ifndef BRIDGE_RTABLE_MAX
146 #define BRIDGE_RTABLE_MAX 100
150 * Spanning tree defaults.
152 #define BSTP_DEFAULT_MAX_AGE (20 * 256)
153 #define BSTP_DEFAULT_HELLO_TIME (2 * 256)
154 #define BSTP_DEFAULT_FORWARD_DELAY (15 * 256)
155 #define BSTP_DEFAULT_HOLD_TIME (1 * 256)
156 #define BSTP_DEFAULT_BRIDGE_PRIORITY 0x8000
157 #define BSTP_DEFAULT_PORT_PRIORITY 0x80
158 #define BSTP_DEFAULT_PATH_COST 55
161 * Timeout (in seconds) for entries learned dynamically.
163 #ifndef BRIDGE_RTABLE_TIMEOUT
164 #define BRIDGE_RTABLE_TIMEOUT (20 * 60) /* same as ARP */
168 * Number of seconds between walks of the route list.
170 #ifndef BRIDGE_RTABLE_PRUNE_PERIOD
171 #define BRIDGE_RTABLE_PRUNE_PERIOD (5 * 60)
175 * List of capabilities to mask on the member interface.
177 #define BRIDGE_IFCAPS_MASK IFCAP_TXCSUM
179 eventhandler_tag bridge_detach_cookie = NULL;
181 extern struct mbuf *(*bridge_input_p)(struct ifnet *, struct mbuf *);
182 extern int (*bridge_output_p)(struct ifnet *, struct mbuf *);
183 extern void (*bridge_dn_p)(struct mbuf *, struct ifnet *);
185 typedef int (*bridge_ctl_t)(struct bridge_softc *, void *);
187 static int bridge_rtable_prune_period = BRIDGE_RTABLE_PRUNE_PERIOD;
189 static int bridge_clone_create(struct if_clone *, int);
190 static void bridge_clone_destroy(struct ifnet *);
192 static int bridge_ioctl(struct ifnet *, u_long, caddr_t, struct ucred *);
193 static void bridge_mutecaps(struct bridge_iflist *, int);
194 static void bridge_ifdetach(void *arg __unused, struct ifnet *);
195 static void bridge_init(void *);
196 static void bridge_stop(struct ifnet *);
197 static void bridge_start(struct ifnet *);
198 static struct mbuf *bridge_input(struct ifnet *, struct mbuf *);
199 static int bridge_output(struct ifnet *, struct mbuf *);
201 static void bridge_forward(struct bridge_softc *, struct mbuf *m);
203 static void bridge_timer(void *);
205 static void bridge_broadcast(struct bridge_softc *, struct ifnet *,
207 static void bridge_span(struct bridge_softc *, struct mbuf *);
209 static int bridge_rtupdate(struct bridge_softc *, const uint8_t *,
210 struct ifnet *, int, uint8_t);
211 static struct ifnet *bridge_rtlookup(struct bridge_softc *, const uint8_t *);
212 static void bridge_rttrim(struct bridge_softc *);
213 static void bridge_rtage(struct bridge_softc *);
214 static void bridge_rtflush(struct bridge_softc *, int);
215 static int bridge_rtdaddr(struct bridge_softc *, const uint8_t *);
217 static int bridge_rtable_init(struct bridge_softc *);
218 static void bridge_rtable_fini(struct bridge_softc *);
220 static int bridge_rtnode_addr_cmp(const uint8_t *, const uint8_t *);
221 static struct bridge_rtnode *bridge_rtnode_lookup(struct bridge_softc *,
223 static int bridge_rtnode_insert(struct bridge_softc *,
224 struct bridge_rtnode *);
225 static void bridge_rtnode_destroy(struct bridge_softc *,
226 struct bridge_rtnode *);
228 static struct bridge_iflist *bridge_lookup_member(struct bridge_softc *,
230 static struct bridge_iflist *bridge_lookup_member_if(struct bridge_softc *,
232 static void bridge_delete_member(struct bridge_softc *,
233 struct bridge_iflist *, int);
234 static void bridge_delete_span(struct bridge_softc *,
235 struct bridge_iflist *);
237 static int bridge_control(struct bridge_softc *, u_long,
238 bridge_ctl_t, void *);
239 static int bridge_ioctl_add(struct bridge_softc *, void *);
240 static int bridge_ioctl_del(struct bridge_softc *, void *);
241 static int bridge_ioctl_gifflags(struct bridge_softc *, void *);
242 static int bridge_ioctl_sifflags(struct bridge_softc *, void *);
243 static int bridge_ioctl_scache(struct bridge_softc *, void *);
244 static int bridge_ioctl_gcache(struct bridge_softc *, void *);
245 static int bridge_ioctl_gifs(struct bridge_softc *, void *);
246 static int bridge_ioctl_rts(struct bridge_softc *, void *);
247 static int bridge_ioctl_saddr(struct bridge_softc *, void *);
248 static int bridge_ioctl_sto(struct bridge_softc *, void *);
249 static int bridge_ioctl_gto(struct bridge_softc *, void *);
250 static int bridge_ioctl_daddr(struct bridge_softc *, void *);
251 static int bridge_ioctl_flush(struct bridge_softc *, void *);
252 static int bridge_ioctl_gpri(struct bridge_softc *, void *);
253 static int bridge_ioctl_spri(struct bridge_softc *, void *);
254 static int bridge_ioctl_ght(struct bridge_softc *, void *);
255 static int bridge_ioctl_sht(struct bridge_softc *, void *);
256 static int bridge_ioctl_gfd(struct bridge_softc *, void *);
257 static int bridge_ioctl_sfd(struct bridge_softc *, void *);
258 static int bridge_ioctl_gma(struct bridge_softc *, void *);
259 static int bridge_ioctl_sma(struct bridge_softc *, void *);
260 static int bridge_ioctl_sifprio(struct bridge_softc *, void *);
261 static int bridge_ioctl_sifcost(struct bridge_softc *, void *);
262 static int bridge_ioctl_addspan(struct bridge_softc *, void *);
263 static int bridge_ioctl_delspan(struct bridge_softc *, void *);
264 static int bridge_pfil(struct mbuf **, struct ifnet *, struct ifnet *,
266 static int bridge_ip_checkbasic(struct mbuf **mp);
268 static int bridge_ip6_checkbasic(struct mbuf **mp);
270 static int bridge_fragment(struct ifnet *, struct mbuf *,
271 struct ether_header *, int, struct llc *);
272 static void bridge_enqueue_internal(struct ifnet *, struct mbuf *m,
274 static void bridge_enqueue_handler(struct netmsg *);
275 static void bridge_pfil_enqueue_handler(struct netmsg *);
276 static void bridge_pfil_enqueue(struct ifnet *, struct mbuf *, int);
277 static void bridge_handoff_notags(struct ifnet *, struct mbuf *);
278 static void bridge_handoff(struct ifnet *, struct mbuf *);
280 SYSCTL_DECL(_net_link);
281 SYSCTL_NODE(_net_link, IFT_BRIDGE, bridge, CTLFLAG_RW, 0, "Bridge");
283 static int pfil_onlyip = 1; /* only pass IP[46] packets when pfil is enabled */
284 static int pfil_bridge = 1; /* run pfil hooks on the bridge interface */
285 static int pfil_member = 1; /* run pfil hooks on the member interface */
286 SYSCTL_INT(_net_link_bridge, OID_AUTO, pfil_onlyip, CTLFLAG_RW,
287 &pfil_onlyip, 0, "Only pass IP packets when pfil is enabled");
288 SYSCTL_INT(_net_link_bridge, OID_AUTO, pfil_bridge, CTLFLAG_RW,
289 &pfil_bridge, 0, "Packet filter on the bridge interface");
290 SYSCTL_INT(_net_link_bridge, OID_AUTO, pfil_member, CTLFLAG_RW,
291 &pfil_member, 0, "Packet filter on the member interface");
293 struct bridge_control {
294 bridge_ctl_t bc_func;
299 #define BC_F_COPYIN 0x01 /* copy arguments in */
300 #define BC_F_COPYOUT 0x02 /* copy arguments out */
301 #define BC_F_SUSER 0x04 /* do super-user check */
303 const struct bridge_control bridge_control_table[] = {
304 { bridge_ioctl_add, sizeof(struct ifbreq),
305 BC_F_COPYIN|BC_F_SUSER },
306 { bridge_ioctl_del, sizeof(struct ifbreq),
307 BC_F_COPYIN|BC_F_SUSER },
309 { bridge_ioctl_gifflags, sizeof(struct ifbreq),
310 BC_F_COPYIN|BC_F_COPYOUT },
311 { bridge_ioctl_sifflags, sizeof(struct ifbreq),
312 BC_F_COPYIN|BC_F_SUSER },
314 { bridge_ioctl_scache, sizeof(struct ifbrparam),
315 BC_F_COPYIN|BC_F_SUSER },
316 { bridge_ioctl_gcache, sizeof(struct ifbrparam),
319 { bridge_ioctl_gifs, sizeof(struct ifbifconf),
320 BC_F_COPYIN|BC_F_COPYOUT },
321 { bridge_ioctl_rts, sizeof(struct ifbaconf),
322 BC_F_COPYIN|BC_F_COPYOUT },
324 { bridge_ioctl_saddr, sizeof(struct ifbareq),
325 BC_F_COPYIN|BC_F_SUSER },
327 { bridge_ioctl_sto, sizeof(struct ifbrparam),
328 BC_F_COPYIN|BC_F_SUSER },
329 { bridge_ioctl_gto, sizeof(struct ifbrparam),
332 { bridge_ioctl_daddr, sizeof(struct ifbareq),
333 BC_F_COPYIN|BC_F_SUSER },
335 { bridge_ioctl_flush, sizeof(struct ifbreq),
336 BC_F_COPYIN|BC_F_SUSER },
338 { bridge_ioctl_gpri, sizeof(struct ifbrparam),
340 { bridge_ioctl_spri, sizeof(struct ifbrparam),
341 BC_F_COPYIN|BC_F_SUSER },
343 { bridge_ioctl_ght, sizeof(struct ifbrparam),
345 { bridge_ioctl_sht, sizeof(struct ifbrparam),
346 BC_F_COPYIN|BC_F_SUSER },
348 { bridge_ioctl_gfd, sizeof(struct ifbrparam),
350 { bridge_ioctl_sfd, sizeof(struct ifbrparam),
351 BC_F_COPYIN|BC_F_SUSER },
353 { bridge_ioctl_gma, sizeof(struct ifbrparam),
355 { bridge_ioctl_sma, sizeof(struct ifbrparam),
356 BC_F_COPYIN|BC_F_SUSER },
358 { bridge_ioctl_sifprio, sizeof(struct ifbreq),
359 BC_F_COPYIN|BC_F_SUSER },
361 { bridge_ioctl_sifcost, sizeof(struct ifbreq),
362 BC_F_COPYIN|BC_F_SUSER },
364 { bridge_ioctl_addspan, sizeof(struct ifbreq),
365 BC_F_COPYIN|BC_F_SUSER },
366 { bridge_ioctl_delspan, sizeof(struct ifbreq),
367 BC_F_COPYIN|BC_F_SUSER },
369 const int bridge_control_table_size =
370 sizeof(bridge_control_table) / sizeof(bridge_control_table[0]);
372 LIST_HEAD(, bridge_softc) bridge_list;
374 struct if_clone bridge_cloner = IF_CLONE_INITIALIZER("bridge",
376 bridge_clone_destroy, 0, IF_MAXUNIT);
379 bridge_modevent(module_t mod, int type, void *data)
383 LIST_INIT(&bridge_list);
384 if_clone_attach(&bridge_cloner);
385 bridge_input_p = bridge_input;
386 bridge_output_p = bridge_output;
387 bridge_detach_cookie = EVENTHANDLER_REGISTER(
388 ifnet_detach_event, bridge_ifdetach, NULL,
389 EVENTHANDLER_PRI_ANY);
391 bstp_linkstate_p = bstp_linkstate;
395 if (!LIST_EMPTY(&bridge_list))
397 EVENTHANDLER_DEREGISTER(ifnet_detach_event,
398 bridge_detach_cookie);
399 if_clone_detach(&bridge_cloner);
400 bridge_input_p = NULL;
401 bridge_output_p = NULL;
403 bstp_linkstate_p = NULL;
412 static moduledata_t bridge_mod = {
418 DECLARE_MODULE(if_bridge, bridge_mod, SI_SUB_PSEUDO, SI_ORDER_ANY);
422 * bridge_clone_create:
424 * Create a new bridge instance.
427 bridge_clone_create(struct if_clone *ifc, int unit)
429 struct bridge_softc *sc;
433 sc = kmalloc(sizeof(*sc), M_DEVBUF, M_WAITOK|M_ZERO);
434 ifp = sc->sc_ifp = &sc->sc_if;
436 sc->sc_brtmax = BRIDGE_RTABLE_MAX;
437 sc->sc_brttimeout = BRIDGE_RTABLE_TIMEOUT;
438 sc->sc_bridge_max_age = BSTP_DEFAULT_MAX_AGE;
439 sc->sc_bridge_hello_time = BSTP_DEFAULT_HELLO_TIME;
440 sc->sc_bridge_forward_delay = BSTP_DEFAULT_FORWARD_DELAY;
441 sc->sc_bridge_priority = BSTP_DEFAULT_BRIDGE_PRIORITY;
442 sc->sc_hold_time = BSTP_DEFAULT_HOLD_TIME;
444 /* Initialize our routing table. */
445 bridge_rtable_init(sc);
447 callout_init(&sc->sc_brcallout);
448 callout_init(&sc->sc_bstpcallout);
450 LIST_INIT(&sc->sc_iflist);
451 LIST_INIT(&sc->sc_spanlist);
454 if_initname(ifp, ifc->ifc_name, unit);
455 ifp->if_mtu = ETHERMTU;
456 ifp->if_flags = IFF_BROADCAST | IFF_MULTICAST;
457 ifp->if_ioctl = bridge_ioctl;
458 ifp->if_start = bridge_start;
459 ifp->if_init = bridge_init;
460 ifp->if_type = IFT_BRIDGE;
461 ifq_set_maxlen(&ifp->if_snd, ifqmaxlen);
462 ifp->if_snd.ifq_maxlen = ifqmaxlen;
463 ifq_set_ready(&ifp->if_snd);
464 ifp->if_hdrlen = ETHER_HDR_LEN;
467 * Generate a random ethernet address and use the private AC:DE:48
471 int rnd = karc4random();
472 bcopy(&rnd, &eaddr[0], 4); /* ETHER_ADDR_LEN == 6 */
474 bcopy(&rnd, &eaddr[2], 4); /* ETHER_ADDR_LEN == 6 */
476 eaddr[0] &= ~1; /* clear multicast bit */
477 eaddr[0] |= 2; /* set the LAA bit */
479 ether_ifattach(ifp, eaddr, NULL);
480 /* Now undo some of the damage... */
481 ifp->if_baudrate = 0;
482 ifp->if_type = IFT_BRIDGE;
484 crit_enter(); /* XXX MP */
485 LIST_INSERT_HEAD(&bridge_list, sc, sc_list);
492 bridge_delete_dispatch(struct netmsg *nmsg)
494 struct lwkt_msg *lmsg = &nmsg->nm_lmsg;
495 struct bridge_softc *sc = lmsg->u.ms_resultp;
496 struct ifnet *bifp = sc->sc_ifp;
497 struct bridge_iflist *bif;
499 lwkt_serialize_enter(bifp->if_serializer);
501 while ((bif = LIST_FIRST(&sc->sc_iflist)) != NULL)
502 bridge_delete_member(sc, bif, 0);
504 while ((bif = LIST_FIRST(&sc->sc_spanlist)) != NULL)
505 bridge_delete_span(sc, bif);
507 lwkt_serialize_exit(bifp->if_serializer);
509 lwkt_replymsg(lmsg, 0);
513 * bridge_clone_destroy:
515 * Destroy a bridge instance.
518 bridge_clone_destroy(struct ifnet *ifp)
520 struct bridge_softc *sc = ifp->if_softc;
521 struct lwkt_msg *lmsg;
524 lwkt_serialize_enter(ifp->if_serializer);
527 ifp->if_flags &= ~IFF_UP;
529 callout_stop(&sc->sc_brcallout);
530 callout_stop(&sc->sc_bstpcallout);
532 lwkt_serialize_exit(ifp->if_serializer);
534 netmsg_init(&nmsg, &curthread->td_msgport, 0, bridge_delete_dispatch);
535 lmsg = &nmsg.nm_lmsg;
536 lmsg->u.ms_resultp = sc;
537 lwkt_domsg(cpu_portfn(0), lmsg, 0);
539 crit_enter(); /* XXX MP */
540 LIST_REMOVE(sc, sc_list);
545 /* Tear down the routing table. */
546 bridge_rtable_fini(sc);
554 * Handle a control request from the operator.
557 bridge_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data, struct ucred *cr)
559 struct bridge_softc *sc = ifp->if_softc;
561 struct ifbreq ifbreq;
562 struct ifbifconf ifbifconf;
563 struct ifbareq ifbareq;
564 struct ifbaconf ifbaconf;
565 struct ifbrparam ifbrparam;
567 struct ifdrv *ifd = (struct ifdrv *) data;
568 const struct bridge_control *bc;
571 ASSERT_SERIALIZED(ifp->if_serializer);
580 if (ifd->ifd_cmd >= bridge_control_table_size) {
584 bc = &bridge_control_table[ifd->ifd_cmd];
586 if (cmd == SIOCGDRVSPEC &&
587 (bc->bc_flags & BC_F_COPYOUT) == 0) {
590 } else if (cmd == SIOCSDRVSPEC &&
591 (bc->bc_flags & BC_F_COPYOUT) != 0) {
596 if (bc->bc_flags & BC_F_SUSER) {
597 error = suser_cred(cr, NULL_CRED_OKAY);
602 if (ifd->ifd_len != bc->bc_argsize ||
603 ifd->ifd_len > sizeof(args)) {
608 memset(&args, 0, sizeof(args));
609 if (bc->bc_flags & BC_F_COPYIN) {
610 error = copyin(ifd->ifd_data, &args, ifd->ifd_len);
615 error = bridge_control(sc, cmd, bc->bc_func, &args);
619 if (bc->bc_flags & BC_F_COPYOUT)
620 error = copyout(&args, ifd->ifd_data, ifd->ifd_len);
624 if (!(ifp->if_flags & IFF_UP) &&
625 (ifp->if_flags & IFF_RUNNING)) {
627 * If interface is marked down and it is running,
631 } else if ((ifp->if_flags & IFF_UP) &&
632 !(ifp->if_flags & IFF_RUNNING)) {
634 * If interface is marked up and it is stopped, then
642 /* Do not allow the MTU to be changed on the bridge */
647 error = ether_ioctl(ifp, cmd, data);
656 * Clear or restore unwanted capabilities on the member interface
659 bridge_mutecaps(struct bridge_iflist *bif, int mute)
661 struct ifnet *ifp = bif->bif_ifp;
665 if (ifp->if_ioctl == NULL)
668 bzero(&ifr, sizeof(ifr));
669 ifr.ifr_reqcap = ifp->if_capenable;
672 /* mask off and save capabilities */
673 bif->bif_mutecap = ifr.ifr_reqcap & BRIDGE_IFCAPS_MASK;
674 if (bif->bif_mutecap != 0)
675 ifr.ifr_reqcap &= ~BRIDGE_IFCAPS_MASK;
677 /* restore muted capabilities */
678 ifr.ifr_reqcap |= bif->bif_mutecap;
681 if (bif->bif_mutecap != 0) {
682 lwkt_serialize_enter(ifp->if_serializer);
683 error = ifp->if_ioctl(ifp, SIOCSIFCAP, (caddr_t)&ifr, NULL);
684 lwkt_serialize_exit(ifp->if_serializer);
689 * bridge_lookup_member:
691 * Lookup a bridge member interface.
693 static struct bridge_iflist *
694 bridge_lookup_member(struct bridge_softc *sc, const char *name)
696 struct bridge_iflist *bif;
699 LIST_FOREACH(bif, &sc->sc_iflist, bif_next) {
701 if (strcmp(ifp->if_xname, name) == 0)
709 * bridge_lookup_member_if:
711 * Lookup a bridge member interface by ifnet*.
713 static struct bridge_iflist *
714 bridge_lookup_member_if(struct bridge_softc *sc, struct ifnet *member_ifp)
716 struct bridge_iflist *bif;
718 LIST_FOREACH(bif, &sc->sc_iflist, bif_next) {
719 if (bif->bif_ifp == member_ifp)
727 * bridge_delete_member:
729 * Delete the specified member interface.
732 bridge_delete_member(struct bridge_softc *sc, struct bridge_iflist *bif,
735 struct ifnet *ifs = bif->bif_ifp;
736 struct ifnet *bifp = sc->sc_ifp;
738 ASSERT_SERIALIZED(bifp->if_serializer);
740 ifs->if_bridge = NULL;
742 netmsg_service_sync();
746 switch (ifs->if_type) {
750 * Release bridge interface's serializer to
751 * avoid possible dead lock.
753 lwkt_serialize_exit(bifp->if_serializer);
756 * Take the interface out of promiscuous mode.
759 bridge_mutecaps(bif, 0);
761 lwkt_serialize_enter(bifp->if_serializer);
768 panic("bridge_delete_member: impossible");
773 LIST_REMOVE(bif, bif_next);
775 bridge_rtdelete(sc, ifs, IFBF_FLUSHALL);
777 kfree(bif, M_DEVBUF);
779 if (sc->sc_ifp->if_flags & IFF_RUNNING)
780 bstp_initialization(sc);
784 * bridge_delete_span:
786 * Delete the specified span interface.
789 bridge_delete_span(struct bridge_softc *sc, struct bridge_iflist *bif)
791 KASSERT(bif->bif_ifp->if_bridge == NULL,
792 ("%s: not a span interface", __func__));
794 LIST_REMOVE(bif, bif_next);
795 kfree(bif, M_DEVBUF);
799 bridge_ioctl_add(struct bridge_softc *sc, void *arg)
801 struct ifbreq *req = arg;
802 struct bridge_iflist *bif = NULL;
803 struct ifnet *ifs, *bifp;
807 ASSERT_SERIALIZED(bifp->if_serializer);
809 ifs = ifunit(req->ifbr_ifsname);
813 /* If it's in the span list, it can't be a member. */
814 LIST_FOREACH(bif, &sc->sc_spanlist, bif_next)
815 if (ifs == bif->bif_ifp)
818 /* Allow the first Ethernet member to define the MTU */
819 if (ifs->if_type != IFT_GIF) {
820 if (LIST_EMPTY(&sc->sc_iflist)) {
821 bifp->if_mtu = ifs->if_mtu;
822 } else if (bifp->if_mtu != ifs->if_mtu) {
823 if_printf(bifp, "invalid MTU for %s\n", ifs->if_xname);
828 if (ifs->if_bridge == sc)
831 if (ifs->if_bridge != NULL)
834 bif = kmalloc(sizeof(*bif), M_DEVBUF, M_WAITOK|M_ZERO);
836 bif->bif_flags = IFBIF_LEARNING | IFBIF_DISCOVER;
837 bif->bif_priority = BSTP_DEFAULT_PORT_PRIORITY;
838 bif->bif_path_cost = BSTP_DEFAULT_PATH_COST;
840 switch (ifs->if_type) {
844 * Release bridge interface's serializer to
845 * avoid possible dead lock.
847 lwkt_serialize_exit(bifp->if_serializer);
850 * Place the interface into promiscuous mode.
852 error = ifpromisc(ifs, 1);
854 lwkt_serialize_enter(bifp->if_serializer);
858 bridge_mutecaps(bif, 1);
860 lwkt_serialize_enter(bifp->if_serializer);
863 case IFT_GIF: /* :^) */
871 LIST_INSERT_HEAD(&sc->sc_iflist, bif, bif_next);
873 if (bifp->if_flags & IFF_RUNNING)
874 bstp_initialization(sc);
879 * Everything has been setup, so let the member interface
880 * deliver packets to this bridge on its input/output path.
886 kfree(bif, M_DEVBUF);
892 bridge_ioctl_del(struct bridge_softc *sc, void *arg)
894 struct ifbreq *req = arg;
895 struct bridge_iflist *bif;
897 bif = bridge_lookup_member(sc, req->ifbr_ifsname);
901 bridge_delete_member(sc, bif, 0);
907 bridge_ioctl_gifflags(struct bridge_softc *sc, void *arg)
909 struct ifbreq *req = arg;
910 struct bridge_iflist *bif;
912 bif = bridge_lookup_member(sc, req->ifbr_ifsname);
916 req->ifbr_ifsflags = bif->bif_flags;
917 req->ifbr_state = bif->bif_state;
918 req->ifbr_priority = bif->bif_priority;
919 req->ifbr_path_cost = bif->bif_path_cost;
920 req->ifbr_portno = bif->bif_ifp->if_index & 0xff;
926 bridge_ioctl_sifflags(struct bridge_softc *sc, void *arg)
928 struct ifbreq *req = arg;
929 struct bridge_iflist *bif;
931 bif = bridge_lookup_member(sc, req->ifbr_ifsname);
935 if (req->ifbr_ifsflags & IFBIF_SPAN)
936 /* SPAN is readonly */
939 if (req->ifbr_ifsflags & IFBIF_STP) {
940 switch (bif->bif_ifp->if_type) {
942 /* These can do spanning tree. */
946 /* Nothing else can. */
951 bif->bif_flags = req->ifbr_ifsflags;
953 if (sc->sc_ifp->if_flags & IFF_RUNNING)
954 bstp_initialization(sc);
960 bridge_ioctl_scache(struct bridge_softc *sc, void *arg)
962 struct ifbrparam *param = arg;
964 sc->sc_brtmax = param->ifbrp_csize;
971 bridge_ioctl_gcache(struct bridge_softc *sc, void *arg)
973 struct ifbrparam *param = arg;
975 param->ifbrp_csize = sc->sc_brtmax;
981 bridge_ioctl_gifs(struct bridge_softc *sc, void *arg)
983 struct ifbifconf *bifc = arg;
984 struct bridge_iflist *bif;
986 int count, len, error = 0;
989 LIST_FOREACH(bif, &sc->sc_iflist, bif_next)
991 LIST_FOREACH(bif, &sc->sc_spanlist, bif_next)
994 if (bifc->ifbic_len == 0) {
995 bifc->ifbic_len = sizeof(breq) * count;
1000 len = bifc->ifbic_len;
1001 memset(&breq, 0, sizeof breq);
1002 LIST_FOREACH(bif, &sc->sc_iflist, bif_next) {
1003 if (len < sizeof(breq))
1006 strlcpy(breq.ifbr_ifsname, bif->bif_ifp->if_xname,
1007 sizeof(breq.ifbr_ifsname));
1008 breq.ifbr_ifsflags = bif->bif_flags;
1009 breq.ifbr_state = bif->bif_state;
1010 breq.ifbr_priority = bif->bif_priority;
1011 breq.ifbr_path_cost = bif->bif_path_cost;
1012 breq.ifbr_portno = bif->bif_ifp->if_index & 0xff;
1013 error = copyout(&breq, bifc->ifbic_req + count, sizeof(breq));
1017 len -= sizeof(breq);
1019 LIST_FOREACH(bif, &sc->sc_spanlist, bif_next) {
1020 if (len < sizeof(breq))
1023 strlcpy(breq.ifbr_ifsname, bif->bif_ifp->if_xname,
1024 sizeof(breq.ifbr_ifsname));
1025 breq.ifbr_ifsflags = bif->bif_flags;
1026 breq.ifbr_state = bif->bif_state;
1027 breq.ifbr_priority = bif->bif_priority;
1028 breq.ifbr_path_cost = bif->bif_path_cost;
1029 breq.ifbr_portno = bif->bif_ifp->if_index & 0xff;
1030 error = copyout(&breq, bifc->ifbic_req + count, sizeof(breq));
1034 len -= sizeof(breq);
1037 bifc->ifbic_len = sizeof(breq) * count;
1042 bridge_ioctl_rts(struct bridge_softc *sc, void *arg)
1044 struct ifbaconf *bac = arg;
1045 struct bridge_rtnode *brt;
1046 struct ifbareq bareq;
1047 int count = 0, error = 0, len;
1049 if (bac->ifbac_len == 0)
1052 len = bac->ifbac_len;
1053 memset(&bareq, 0, sizeof(bareq));
1054 LIST_FOREACH(brt, &sc->sc_rtlist, brt_list) {
1055 if (len < sizeof(bareq))
1057 strlcpy(bareq.ifba_ifsname, brt->brt_ifp->if_xname,
1058 sizeof(bareq.ifba_ifsname));
1059 memcpy(bareq.ifba_dst, brt->brt_addr, sizeof(brt->brt_addr));
1060 if ((brt->brt_flags & IFBAF_TYPEMASK) == IFBAF_DYNAMIC &&
1061 time_second < brt->brt_expire)
1062 bareq.ifba_expire = brt->brt_expire - time_second;
1064 bareq.ifba_expire = 0;
1065 bareq.ifba_flags = brt->brt_flags;
1067 error = copyout(&bareq, bac->ifbac_req + count, sizeof(bareq));
1071 len -= sizeof(bareq);
1074 bac->ifbac_len = sizeof(bareq) * count;
1079 bridge_ioctl_saddr(struct bridge_softc *sc, void *arg)
1081 struct ifbareq *req = arg;
1082 struct bridge_iflist *bif;
1085 bif = bridge_lookup_member(sc, req->ifba_ifsname);
1089 error = bridge_rtupdate(sc, req->ifba_dst, bif->bif_ifp, 1,
1096 bridge_ioctl_sto(struct bridge_softc *sc, void *arg)
1098 struct ifbrparam *param = arg;
1100 sc->sc_brttimeout = param->ifbrp_ctime;
1106 bridge_ioctl_gto(struct bridge_softc *sc, void *arg)
1108 struct ifbrparam *param = arg;
1110 param->ifbrp_ctime = sc->sc_brttimeout;
1116 bridge_ioctl_daddr(struct bridge_softc *sc, void *arg)
1118 struct ifbareq *req = arg;
1120 return (bridge_rtdaddr(sc, req->ifba_dst));
1124 bridge_ioctl_flush(struct bridge_softc *sc, void *arg)
1126 struct ifbreq *req = arg;
1128 bridge_rtflush(sc, req->ifbr_ifsflags);
1134 bridge_ioctl_gpri(struct bridge_softc *sc, void *arg)
1136 struct ifbrparam *param = arg;
1138 param->ifbrp_prio = sc->sc_bridge_priority;
1144 bridge_ioctl_spri(struct bridge_softc *sc, void *arg)
1146 struct ifbrparam *param = arg;
1148 sc->sc_bridge_priority = param->ifbrp_prio;
1150 if (sc->sc_ifp->if_flags & IFF_RUNNING)
1151 bstp_initialization(sc);
1157 bridge_ioctl_ght(struct bridge_softc *sc, void *arg)
1159 struct ifbrparam *param = arg;
1161 param->ifbrp_hellotime = sc->sc_bridge_hello_time >> 8;
1167 bridge_ioctl_sht(struct bridge_softc *sc, void *arg)
1169 struct ifbrparam *param = arg;
1171 if (param->ifbrp_hellotime == 0)
1173 sc->sc_bridge_hello_time = param->ifbrp_hellotime << 8;
1175 if (sc->sc_ifp->if_flags & IFF_RUNNING)
1176 bstp_initialization(sc);
1182 bridge_ioctl_gfd(struct bridge_softc *sc, void *arg)
1184 struct ifbrparam *param = arg;
1186 param->ifbrp_fwddelay = sc->sc_bridge_forward_delay >> 8;
1192 bridge_ioctl_sfd(struct bridge_softc *sc, void *arg)
1194 struct ifbrparam *param = arg;
1196 if (param->ifbrp_fwddelay == 0)
1198 sc->sc_bridge_forward_delay = param->ifbrp_fwddelay << 8;
1200 if (sc->sc_ifp->if_flags & IFF_RUNNING)
1201 bstp_initialization(sc);
1207 bridge_ioctl_gma(struct bridge_softc *sc, void *arg)
1209 struct ifbrparam *param = arg;
1211 param->ifbrp_maxage = sc->sc_bridge_max_age >> 8;
1217 bridge_ioctl_sma(struct bridge_softc *sc, void *arg)
1219 struct ifbrparam *param = arg;
1221 if (param->ifbrp_maxage == 0)
1223 sc->sc_bridge_max_age = param->ifbrp_maxage << 8;
1225 if (sc->sc_ifp->if_flags & IFF_RUNNING)
1226 bstp_initialization(sc);
1232 bridge_ioctl_sifprio(struct bridge_softc *sc, void *arg)
1234 struct ifbreq *req = arg;
1235 struct bridge_iflist *bif;
1237 bif = bridge_lookup_member(sc, req->ifbr_ifsname);
1241 bif->bif_priority = req->ifbr_priority;
1243 if (sc->sc_ifp->if_flags & IFF_RUNNING)
1244 bstp_initialization(sc);
1250 bridge_ioctl_sifcost(struct bridge_softc *sc, void *arg)
1252 struct ifbreq *req = arg;
1253 struct bridge_iflist *bif;
1255 bif = bridge_lookup_member(sc, req->ifbr_ifsname);
1259 bif->bif_path_cost = req->ifbr_path_cost;
1261 if (sc->sc_ifp->if_flags & IFF_RUNNING)
1262 bstp_initialization(sc);
1268 bridge_ioctl_addspan(struct bridge_softc *sc, void *arg)
1270 struct ifbreq *req = arg;
1271 struct bridge_iflist *bif = NULL;
1274 ifs = ifunit(req->ifbr_ifsname);
1278 LIST_FOREACH(bif, &sc->sc_spanlist, bif_next)
1279 if (ifs == bif->bif_ifp)
1282 if (ifs->if_bridge != NULL)
1285 switch (ifs->if_type) {
1294 bif = kmalloc(sizeof(*bif), M_DEVBUF, M_WAITOK|M_ZERO);
1297 bif->bif_flags = IFBIF_SPAN;
1299 LIST_INSERT_HEAD(&sc->sc_spanlist, bif, bif_next);
1305 bridge_ioctl_delspan(struct bridge_softc *sc, void *arg)
1307 struct ifbreq *req = arg;
1308 struct bridge_iflist *bif;
1311 ifs = ifunit(req->ifbr_ifsname);
1315 LIST_FOREACH(bif, &sc->sc_spanlist, bif_next)
1316 if (ifs == bif->bif_ifp)
1322 bridge_delete_span(sc, bif);
1328 bridge_ifdetach_dispatch(struct netmsg *nmsg)
1330 struct lwkt_msg *lmsg = &nmsg->nm_lmsg;
1331 struct ifnet *ifp, *bifp;
1332 struct bridge_softc *sc;
1333 struct bridge_iflist *bif;
1335 ifp = lmsg->u.ms_resultp;
1336 sc = ifp->if_bridge;
1338 /* Check if the interface is a bridge member */
1342 lwkt_serialize_enter(bifp->if_serializer);
1344 bif = bridge_lookup_member_if(sc, ifp);
1346 bridge_delete_member(sc, bif, 1);
1348 /* XXX Why bif will be NULL? */
1351 lwkt_serialize_exit(bifp->if_serializer);
1355 crit_enter(); /* XXX MP */
1357 /* Check if the interface is a span port */
1358 LIST_FOREACH(sc, &bridge_list, sc_list) {
1361 lwkt_serialize_enter(bifp->if_serializer);
1363 LIST_FOREACH(bif, &sc->sc_spanlist, bif_next)
1364 if (ifp == bif->bif_ifp) {
1365 bridge_delete_span(sc, bif);
1369 lwkt_serialize_exit(bifp->if_serializer);
1375 lwkt_replymsg(lmsg, 0);
1381 * Detach an interface from a bridge. Called when a member
1382 * interface is detaching.
1385 bridge_ifdetach(void *arg __unused, struct ifnet *ifp)
1387 struct lwkt_msg *lmsg;
1390 netmsg_init(&nmsg, &curthread->td_msgport, 0, bridge_ifdetach_dispatch);
1391 lmsg = &nmsg.nm_lmsg;
1392 lmsg->u.ms_resultp = ifp;
1394 lwkt_domsg(cpu_portfn(0), lmsg, 0);
1400 * Initialize a bridge interface.
1403 bridge_init(void *xsc)
1405 struct bridge_softc *sc = (struct bridge_softc *)xsc;
1406 struct ifnet *ifp = sc->sc_ifp;
1408 ASSERT_SERIALIZED(ifp->if_serializer);
1410 if (ifp->if_flags & IFF_RUNNING)
1413 callout_reset(&sc->sc_brcallout, bridge_rtable_prune_period * hz,
1416 ifp->if_flags |= IFF_RUNNING;
1417 bstp_initialization(sc);
1424 * Stop the bridge interface.
1427 bridge_stop(struct ifnet *ifp)
1429 struct bridge_softc *sc = ifp->if_softc;
1431 ASSERT_SERIALIZED(ifp->if_serializer);
1433 if ((ifp->if_flags & IFF_RUNNING) == 0)
1436 callout_stop(&sc->sc_brcallout);
1439 bridge_rtflush(sc, IFBF_FLUSHDYN);
1441 ifp->if_flags &= ~IFF_RUNNING;
1445 bridge_enqueue_internal(struct ifnet *dst_ifp, struct mbuf *m,
1446 netisr_fn_t handler)
1448 struct netmsg_packet *nmp;
1450 int cpu = mycpu->gd_cpuid;
1452 while (m->m_type == MT_TAG) {
1453 /* XXX see ether_output_frame for full rules check */
1457 nmp = &m->m_hdr.mh_netmsg;
1458 netmsg_init(&nmp->nm_netmsg, &netisr_apanic_rport, 0, handler);
1460 nmp->nm_netmsg.nm_lmsg.u.ms_resultp = dst_ifp;
1462 port = cpu_portfn(cpu);
1463 lwkt_sendmsg(port, &nmp->nm_netmsg.nm_lmsg);
1467 bridge_pfil_enqueue(struct ifnet *dst_ifp, struct mbuf *m,
1470 netisr_fn_t handler;
1472 if (runfilt && (inet_pfil_hook.ph_hashooks > 0
1474 || inet6_pfil_hook.ph_hashooks > 0
1477 handler = bridge_pfil_enqueue_handler;
1479 handler = bridge_enqueue_handler;
1481 bridge_enqueue_internal(dst_ifp, m, handler);
1487 * Enqueue a packet on a bridge member interface.
1491 bridge_enqueue(struct ifnet *dst_ifp, struct mbuf *m)
1493 bridge_enqueue_internal(dst_ifp, m, bridge_enqueue_handler);
1499 * Send output from a bridge member interface. This
1500 * performs the bridging function for locally originated
1503 * The mbuf has the Ethernet header already attached. We must
1504 * enqueue or free the mbuf before returning.
1507 bridge_output(struct ifnet *ifp, struct mbuf *m)
1509 struct bridge_softc *sc = ifp->if_bridge;
1510 struct ether_header *eh;
1511 struct ifnet *dst_if;
1513 ASSERT_NOT_SERIALIZED(ifp->if_serializer);
1516 * Make sure that we are still a member of a bridge interface.
1523 if (m->m_len < ETHER_HDR_LEN) {
1524 m = m_pullup(m, ETHER_HDR_LEN);
1529 /* Serialize our bridge interface. */
1530 lwkt_serialize_enter(sc->sc_ifp->if_serializer);
1532 eh = mtod(m, struct ether_header *);
1535 * If bridge is down, but the original output interface is up,
1536 * go ahead and send out that interface. Otherwise, the packet
1539 if ((sc->sc_ifp->if_flags & IFF_RUNNING) == 0) {
1545 * If the packet is a multicast, or we don't know a better way to
1546 * get there, send to all interfaces.
1548 if (ETHER_IS_MULTICAST(eh->ether_dhost))
1551 dst_if = bridge_rtlookup(sc, eh->ether_dhost);
1552 if (dst_if == NULL) {
1553 struct bridge_iflist *bif;
1559 LIST_FOREACH(bif, &sc->sc_iflist, bif_next) {
1560 dst_if = bif->bif_ifp;
1561 if ((dst_if->if_flags & IFF_RUNNING) == 0)
1565 * If this is not the original output interface,
1566 * and the interface is participating in spanning
1567 * tree, make sure the port is in a state that
1568 * allows forwarding.
1570 if (dst_if != ifp &&
1571 (bif->bif_flags & IFBIF_STP) != 0) {
1572 switch (bif->bif_state) {
1573 case BSTP_IFSTATE_BLOCKING:
1574 case BSTP_IFSTATE_LISTENING:
1575 case BSTP_IFSTATE_DISABLED:
1580 if (LIST_NEXT(bif, bif_next) == NULL) {
1584 mc = m_copypacket(m, MB_DONTWAIT);
1586 sc->sc_ifp->if_oerrors++;
1590 bridge_enqueue(dst_if, mc);
1594 lwkt_serialize_exit(sc->sc_ifp->if_serializer);
1600 * XXX Spanning tree consideration here?
1604 lwkt_serialize_exit(sc->sc_ifp->if_serializer);
1605 if ((dst_if->if_flags & IFF_RUNNING) == 0)
1608 bridge_enqueue(dst_if, m);
1615 * Start output on a bridge.
1619 bridge_start(struct ifnet *ifp)
1621 struct bridge_softc *sc = ifp->if_softc;
1623 ASSERT_SERIALIZED(ifp->if_serializer);
1625 ifp->if_flags |= IFF_OACTIVE;
1627 struct ifnet *dst_if = NULL;
1628 struct ether_header *eh;
1631 m = ifq_dequeue(&ifp->if_snd, NULL);
1635 if (m->m_len < sizeof(*eh)) {
1636 m = m_pullup(m, sizeof(*eh));
1642 eh = mtod(m, struct ether_header *);
1647 if ((m->m_flags & (M_BCAST|M_MCAST)) == 0)
1648 dst_if = bridge_rtlookup(sc, eh->ether_dhost);
1651 bridge_broadcast(sc, ifp, m, 0);
1653 bridge_enqueue(dst_if, m);
1655 ifp->if_flags &= ~IFF_OACTIVE;
1661 * The forwarding function of the bridge.
1664 bridge_forward(struct bridge_softc *sc, struct mbuf *m)
1666 struct bridge_iflist *bif;
1667 struct ifnet *src_if, *dst_if, *ifp;
1668 struct ether_header *eh;
1670 src_if = m->m_pkthdr.rcvif;
1673 ASSERT_SERIALIZED(ifp->if_serializer);
1676 ifp->if_ibytes += m->m_pkthdr.len;
1679 * Look up the bridge_iflist.
1681 bif = bridge_lookup_member_if(sc, src_if);
1683 /* Interface is not a bridge member (anymore?) */
1688 if (bif->bif_flags & IFBIF_STP) {
1689 switch (bif->bif_state) {
1690 case BSTP_IFSTATE_BLOCKING:
1691 case BSTP_IFSTATE_LISTENING:
1692 case BSTP_IFSTATE_DISABLED:
1698 eh = mtod(m, struct ether_header *);
1701 * If the interface is learning, and the source
1702 * address is valid and not multicast, record
1705 if ((bif->bif_flags & IFBIF_LEARNING) != 0 &&
1706 ETHER_IS_MULTICAST(eh->ether_shost) == 0 &&
1707 (eh->ether_shost[0] == 0 &&
1708 eh->ether_shost[1] == 0 &&
1709 eh->ether_shost[2] == 0 &&
1710 eh->ether_shost[3] == 0 &&
1711 eh->ether_shost[4] == 0 &&
1712 eh->ether_shost[5] == 0) == 0) {
1713 bridge_rtupdate(sc, eh->ether_shost, src_if, 0, IFBAF_DYNAMIC);
1716 if ((bif->bif_flags & IFBIF_STP) != 0 &&
1717 bif->bif_state == BSTP_IFSTATE_LEARNING) {
1723 * At this point, the port either doesn't participate
1724 * in spanning tree or it is in the forwarding state.
1728 * If the packet is unicast, destined for someone on
1729 * "this" side of the bridge, drop it.
1731 if ((m->m_flags & (M_BCAST|M_MCAST)) == 0) {
1732 dst_if = bridge_rtlookup(sc, eh->ether_dhost);
1733 if (src_if == dst_if) {
1738 /* ...forward it to all interfaces. */
1739 sc->sc_ifp->if_imcasts++;
1743 if (dst_if == NULL) {
1744 bridge_broadcast(sc, src_if, m, 1);
1749 * At this point, we're dealing with a unicast frame
1750 * going to a different interface.
1752 if ((dst_if->if_flags & IFF_RUNNING) == 0) {
1756 bif = bridge_lookup_member_if(sc, dst_if);
1758 /* Not a member of the bridge (anymore?) */
1763 if (bif->bif_flags & IFBIF_STP) {
1764 switch (bif->bif_state) {
1765 case BSTP_IFSTATE_DISABLED:
1766 case BSTP_IFSTATE_BLOCKING:
1772 lwkt_serialize_exit(ifp->if_serializer);
1774 /* run the packet filter */
1775 if (inet_pfil_hook.ph_hashooks > 0
1777 || inet6_pfil_hook.ph_hashooks > 0
1780 if (bridge_pfil(&m, ifp, src_if, PFIL_IN) != 0)
1785 if (bridge_pfil(&m, ifp, dst_if, PFIL_OUT) != 0)
1790 bridge_handoff(dst_if, m);
1793 * ifp's serializer was held on entry and is expected to be held
1797 lwkt_serialize_enter(ifp->if_serializer);
1803 * Receive input from a member interface. Queue the packet for
1804 * bridging if it is not for us.
1806 static struct mbuf *
1807 bridge_input(struct ifnet *ifp, struct mbuf *m)
1809 struct bridge_softc *sc = ifp->if_bridge;
1810 struct bridge_iflist *bif;
1811 struct ifnet *bifp, *new_ifp;
1812 struct ether_header *eh;
1813 struct mbuf *mc, *mc2;
1816 * Make sure that we are still a member of a bridge interface.
1824 lwkt_serialize_enter(bifp->if_serializer);
1826 if ((bifp->if_flags & IFF_RUNNING) == 0)
1830 * Implement support for bridge monitoring. If this flag has been
1831 * set on this interface, discard the packet once we push it through
1832 * the bpf(4) machinery, but before we do, increment the byte and
1833 * packet counters associated with this interface.
1835 if ((bifp->if_flags & IFF_MONITOR) != 0) {
1836 m->m_pkthdr.rcvif = bifp;
1838 bifp->if_ipackets++;
1839 bifp->if_ibytes += m->m_pkthdr.len;
1845 eh = mtod(m, struct ether_header *);
1847 m->m_flags &= ~M_PROTO1; /* XXX Hack - loop prevention */
1849 if (memcmp(eh->ether_dhost, IF_LLADDR(bifp), ETHER_ADDR_LEN) == 0) {
1851 * If the packet is for us, set the packets source as the
1852 * bridge, and return the packet back to ifnet.if_input for
1855 KASSERT(bifp->if_bridge == NULL,
1856 ("loop created in bridge_input"));
1862 * Tap all packets arriving on the bridge, no matter if
1863 * they are local destinations or not. In is in.
1867 bif = bridge_lookup_member_if(sc, ifp);
1873 if (m->m_flags & (M_BCAST | M_MCAST)) {
1874 /* Tap off 802.1D packets; they do not get forwarded. */
1875 if (memcmp(eh->ether_dhost, bstp_etheraddr,
1876 ETHER_ADDR_LEN) == 0) {
1877 m = bstp_input(sc, bif, m);
1879 ("attempt to deliver 802.1D packet\n"));
1883 if (bif->bif_flags & IFBIF_STP) {
1884 switch (bif->bif_state) {
1885 case BSTP_IFSTATE_BLOCKING:
1886 case BSTP_IFSTATE_LISTENING:
1887 case BSTP_IFSTATE_DISABLED:
1893 * Make a deep copy of the packet and enqueue the copy
1894 * for bridge processing; return the original packet for
1897 mc = m_dup(m, MB_DONTWAIT);
1901 bridge_forward(sc, mc);
1904 * Reinject the mbuf as arriving on the bridge so we have a
1905 * chance at claiming multicast packets. We can not loop back
1906 * here from ether_input as a bridge is never a member of a
1909 KASSERT(bifp->if_bridge == NULL,
1910 ("loop created in bridge_input"));
1911 mc2 = m_dup(m, MB_DONTWAIT);
1914 /* Keep the layer3 header aligned */
1915 int i = min(mc2->m_pkthdr.len, max_protohdr);
1916 mc2 = m_copyup(mc2, i, ETHER_ALIGN);
1920 mc2->m_pkthdr.rcvif = bifp;
1921 bifp->if_ipackets++;
1922 bifp->if_input(bifp, mc2);
1925 /* Return the original packet for local processing. */
1929 if (bif->bif_flags & IFBIF_STP) {
1930 switch (bif->bif_state) {
1931 case BSTP_IFSTATE_BLOCKING:
1932 case BSTP_IFSTATE_LISTENING:
1933 case BSTP_IFSTATE_DISABLED:
1939 * Unicast. Make sure it's not for us.
1941 LIST_FOREACH(bif, &sc->sc_iflist, bif_next) {
1942 if (bif->bif_ifp->if_type != IFT_ETHER)
1945 /* It is destined for us. */
1946 if (memcmp(IF_LLADDR(bif->bif_ifp), eh->ether_dhost,
1947 ETHER_ADDR_LEN) == 0) {
1948 if (bif->bif_flags & IFBIF_LEARNING) {
1950 eh->ether_shost, ifp, 0, IFBAF_DYNAMIC);
1953 if (bif->bif_ifp != ifp) {
1954 /* XXX loop prevention */
1955 m->m_flags |= M_PROTO1;
1956 new_ifp = bif->bif_ifp;
1961 /* We just received a packet that we sent out. */
1962 if (memcmp(IF_LLADDR(bif->bif_ifp), eh->ether_shost,
1963 ETHER_ADDR_LEN) == 0) {
1970 /* Perform the bridge forwarding function. */
1971 bridge_forward(sc, m);
1974 lwkt_serialize_exit(bifp->if_serializer);
1976 if (new_ifp != NULL) {
1977 lwkt_serialize_enter(new_ifp->if_serializer);
1979 m->m_pkthdr.rcvif = new_ifp;
1980 new_ifp->if_ipackets++;
1981 new_ifp->if_input(new_ifp, m);
1984 lwkt_serialize_exit(new_ifp->if_serializer);
1992 * Send a frame to all interfaces that are members of
1993 * the bridge, except for the one on which the packet
1997 bridge_broadcast(struct bridge_softc *sc, struct ifnet *src_if,
1998 struct mbuf *m, int runfilt)
2000 struct bridge_iflist *bif;
2002 struct ifnet *dst_if, *bifp;
2007 ASSERT_SERIALIZED(bifp->if_serializer);
2009 /* run the packet filter */
2010 if (runfilt && (inet_pfil_hook.ph_hashooks > 0
2012 || inet6_pfil_hook.ph_hashooks > 0
2015 lwkt_serialize_exit(bifp->if_serializer);
2017 /* Filter on the bridge interface before broadcasting */
2019 if (bridge_pfil(&m, bifp, src_if, PFIL_IN) != 0)
2024 if (bridge_pfil(&m, bifp, NULL, PFIL_OUT) != 0)
2027 lwkt_serialize_enter(bifp->if_serializer);
2032 LIST_FOREACH(bif, &sc->sc_iflist, bif_next) {
2033 dst_if = bif->bif_ifp;
2034 if (dst_if == src_if)
2037 if (bif->bif_flags & IFBIF_STP) {
2038 switch (bif->bif_state) {
2039 case BSTP_IFSTATE_BLOCKING:
2040 case BSTP_IFSTATE_DISABLED:
2045 if ((bif->bif_flags & IFBIF_DISCOVER) == 0 &&
2046 (m->m_flags & (M_BCAST|M_MCAST)) == 0)
2049 if ((dst_if->if_flags & IFF_RUNNING) == 0)
2052 if (LIST_NEXT(bif, bif_next) == NULL) {
2056 mc = m_copypacket(m, MB_DONTWAIT);
2058 sc->sc_ifp->if_oerrors++;
2062 bridge_pfil_enqueue(dst_if, mc, runfilt);
2071 * Duplicate a packet out one or more interfaces that are in span mode,
2072 * the original mbuf is unmodified.
2075 bridge_span(struct bridge_softc *sc, struct mbuf *m)
2077 struct bridge_iflist *bif;
2078 struct ifnet *dst_if;
2081 if (LIST_EMPTY(&sc->sc_spanlist))
2084 LIST_FOREACH(bif, &sc->sc_spanlist, bif_next) {
2085 dst_if = bif->bif_ifp;
2087 if ((dst_if->if_flags & IFF_RUNNING) == 0)
2090 mc = m_copypacket(m, MB_DONTWAIT);
2092 sc->sc_ifp->if_oerrors++;
2096 bridge_enqueue(dst_if, mc);
2103 * Add a bridge routing entry.
2104 * Can be called from interrupt context.
2107 bridge_rtupdate(struct bridge_softc *sc, const uint8_t *dst,
2108 struct ifnet *dst_if, int setflags, uint8_t flags)
2110 struct bridge_rtnode *brt;
2114 * A route for this destination might already exist. If so,
2115 * update it, otherwise create a new one.
2117 if ((brt = bridge_rtnode_lookup(sc, dst)) == NULL) {
2118 if (sc->sc_brtcnt >= sc->sc_brtmax)
2122 * Allocate a new bridge forwarding node, and
2123 * initialize the expiration time and Ethernet
2126 brt = kmalloc(sizeof(struct bridge_rtnode), M_DEVBUF,
2127 M_INTNOWAIT|M_ZERO);
2131 brt->brt_flags = IFBAF_DYNAMIC;
2132 memcpy(brt->brt_addr, dst, ETHER_ADDR_LEN);
2134 if ((error = bridge_rtnode_insert(sc, brt)) != 0) {
2135 kfree(brt, M_DEVBUF);
2140 if ((brt->brt_flags & IFBAF_TYPEMASK) == IFBAF_DYNAMIC)
2141 brt->brt_ifp = dst_if;
2142 if ((flags & IFBAF_TYPEMASK) == IFBAF_DYNAMIC)
2143 brt->brt_expire = time_second + sc->sc_brttimeout;
2145 brt->brt_flags = flags;
2153 * Lookup the destination interface for an address.
2155 static struct ifnet *
2156 bridge_rtlookup(struct bridge_softc *sc, const uint8_t *addr)
2158 struct bridge_rtnode *brt;
2160 if ((brt = bridge_rtnode_lookup(sc, addr)) == NULL)
2163 return (brt->brt_ifp);
2169 * Trim the routine table so that we have a number
2170 * of routing entries less than or equal to the
2174 bridge_rttrim(struct bridge_softc *sc)
2176 struct bridge_rtnode *brt, *nbrt;
2178 /* Make sure we actually need to do this. */
2179 if (sc->sc_brtcnt <= sc->sc_brtmax)
2182 /* Force an aging cycle; this might trim enough addresses. */
2184 if (sc->sc_brtcnt <= sc->sc_brtmax)
2187 for (brt = LIST_FIRST(&sc->sc_rtlist); brt != NULL; brt = nbrt) {
2188 nbrt = LIST_NEXT(brt, brt_list);
2189 if ((brt->brt_flags & IFBAF_TYPEMASK) == IFBAF_DYNAMIC) {
2190 bridge_rtnode_destroy(sc, brt);
2191 if (sc->sc_brtcnt <= sc->sc_brtmax)
2200 * Aging timer for the bridge.
2203 bridge_timer(void *arg)
2205 struct bridge_softc *sc = arg;
2207 lwkt_serialize_enter(sc->sc_ifp->if_serializer);
2211 if (sc->sc_ifp->if_flags & IFF_RUNNING)
2212 callout_reset(&sc->sc_brcallout,
2213 bridge_rtable_prune_period * hz, bridge_timer, sc);
2215 lwkt_serialize_exit(sc->sc_ifp->if_serializer);
2221 * Perform an aging cycle.
2224 bridge_rtage(struct bridge_softc *sc)
2226 struct bridge_rtnode *brt, *nbrt;
2228 for (brt = LIST_FIRST(&sc->sc_rtlist); brt != NULL; brt = nbrt) {
2229 nbrt = LIST_NEXT(brt, brt_list);
2230 if ((brt->brt_flags & IFBAF_TYPEMASK) == IFBAF_DYNAMIC) {
2231 if (time_second >= brt->brt_expire)
2232 bridge_rtnode_destroy(sc, brt);
2240 * Remove all dynamic addresses from the bridge.
2243 bridge_rtflush(struct bridge_softc *sc, int full)
2245 struct bridge_rtnode *brt, *nbrt;
2247 for (brt = LIST_FIRST(&sc->sc_rtlist); brt != NULL; brt = nbrt) {
2248 nbrt = LIST_NEXT(brt, brt_list);
2249 if (full || (brt->brt_flags & IFBAF_TYPEMASK) == IFBAF_DYNAMIC)
2250 bridge_rtnode_destroy(sc, brt);
2257 * Remove an address from the table.
2260 bridge_rtdaddr(struct bridge_softc *sc, const uint8_t *addr)
2262 struct bridge_rtnode *brt;
2264 if ((brt = bridge_rtnode_lookup(sc, addr)) == NULL)
2267 bridge_rtnode_destroy(sc, brt);
2274 * Delete routes to a speicifc member interface.
2277 bridge_rtdelete(struct bridge_softc *sc, struct ifnet *ifp, int full)
2279 struct bridge_rtnode *brt, *nbrt;
2281 for (brt = LIST_FIRST(&sc->sc_rtlist); brt != NULL; brt = nbrt) {
2282 nbrt = LIST_NEXT(brt, brt_list);
2283 if (brt->brt_ifp == ifp && (full ||
2284 (brt->brt_flags & IFBAF_TYPEMASK) == IFBAF_DYNAMIC))
2285 bridge_rtnode_destroy(sc, brt);
2290 * bridge_rtable_init:
2292 * Initialize the route table for this bridge.
2295 bridge_rtable_init(struct bridge_softc *sc)
2299 sc->sc_rthash = kmalloc(sizeof(*sc->sc_rthash) * BRIDGE_RTHASH_SIZE,
2300 M_DEVBUF, M_WAITOK);
2302 for (i = 0; i < BRIDGE_RTHASH_SIZE; i++)
2303 LIST_INIT(&sc->sc_rthash[i]);
2305 sc->sc_rthash_key = karc4random();
2307 LIST_INIT(&sc->sc_rtlist);
2313 * bridge_rtable_fini:
2315 * Deconstruct the route table for this bridge.
2318 bridge_rtable_fini(struct bridge_softc *sc)
2321 kfree(sc->sc_rthash, M_DEVBUF);
2325 * The following hash function is adapted from "Hash Functions" by Bob Jenkins
2326 * ("Algorithm Alley", Dr. Dobbs Journal, September 1997).
2328 #define mix(a, b, c) \
2330 a -= b; a -= c; a ^= (c >> 13); \
2331 b -= c; b -= a; b ^= (a << 8); \
2332 c -= a; c -= b; c ^= (b >> 13); \
2333 a -= b; a -= c; a ^= (c >> 12); \
2334 b -= c; b -= a; b ^= (a << 16); \
2335 c -= a; c -= b; c ^= (b >> 5); \
2336 a -= b; a -= c; a ^= (c >> 3); \
2337 b -= c; b -= a; b ^= (a << 10); \
2338 c -= a; c -= b; c ^= (b >> 15); \
2339 } while (/*CONSTCOND*/0)
2341 static __inline uint32_t
2342 bridge_rthash(struct bridge_softc *sc, const uint8_t *addr)
2344 uint32_t a = 0x9e3779b9, b = 0x9e3779b9, c = sc->sc_rthash_key;
2355 return (c & BRIDGE_RTHASH_MASK);
2361 bridge_rtnode_addr_cmp(const uint8_t *a, const uint8_t *b)
2365 for (i = 0, d = 0; i < ETHER_ADDR_LEN && d == 0; i++) {
2366 d = ((int)a[i]) - ((int)b[i]);
2373 * bridge_rtnode_lookup:
2375 * Look up a bridge route node for the specified destination.
2377 static struct bridge_rtnode *
2378 bridge_rtnode_lookup(struct bridge_softc *sc, const uint8_t *addr)
2380 struct bridge_rtnode *brt;
2384 hash = bridge_rthash(sc, addr);
2385 LIST_FOREACH(brt, &sc->sc_rthash[hash], brt_hash) {
2386 dir = bridge_rtnode_addr_cmp(addr, brt->brt_addr);
2397 * bridge_rtnode_insert:
2399 * Insert the specified bridge node into the route table. We
2400 * assume the entry is not already in the table.
2403 bridge_rtnode_insert(struct bridge_softc *sc, struct bridge_rtnode *brt)
2405 struct bridge_rtnode *lbrt;
2409 hash = bridge_rthash(sc, brt->brt_addr);
2411 lbrt = LIST_FIRST(&sc->sc_rthash[hash]);
2413 LIST_INSERT_HEAD(&sc->sc_rthash[hash], brt, brt_hash);
2418 dir = bridge_rtnode_addr_cmp(brt->brt_addr, lbrt->brt_addr);
2422 LIST_INSERT_BEFORE(lbrt, brt, brt_hash);
2425 if (LIST_NEXT(lbrt, brt_hash) == NULL) {
2426 LIST_INSERT_AFTER(lbrt, brt, brt_hash);
2429 lbrt = LIST_NEXT(lbrt, brt_hash);
2430 } while (lbrt != NULL);
2433 panic("bridge_rtnode_insert: impossible");
2437 LIST_INSERT_HEAD(&sc->sc_rtlist, brt, brt_list);
2444 * bridge_rtnode_destroy:
2446 * Destroy a bridge rtnode.
2449 bridge_rtnode_destroy(struct bridge_softc *sc, struct bridge_rtnode *brt)
2452 LIST_REMOVE(brt, brt_hash);
2454 LIST_REMOVE(brt, brt_list);
2456 kfree(brt, M_DEVBUF);
2460 * Send bridge packets through pfil if they are one of the types pfil can deal
2461 * with, or if they are ARP or REVARP. (pfil will pass ARP and REVARP without
2462 * question.) If *bifp or *ifp are NULL then packet filtering is skipped for
2466 bridge_pfil(struct mbuf **mp, struct ifnet *bifp, struct ifnet *ifp, int dir)
2468 int snap, error, i, hlen;
2469 struct ether_header *eh1, eh2;
2472 u_int16_t ether_type;
2475 error = -1; /* Default error if not error == 0 */
2477 if (pfil_bridge == 0 && pfil_member == 0)
2478 return (0); /* filtering is disabled */
2480 i = min((*mp)->m_pkthdr.len, max_protohdr);
2481 if ((*mp)->m_len < i) {
2482 *mp = m_pullup(*mp, i);
2484 kprintf("%s: m_pullup failed\n", __func__);
2489 eh1 = mtod(*mp, struct ether_header *);
2490 ether_type = ntohs(eh1->ether_type);
2493 * Check for SNAP/LLC.
2495 if (ether_type < ETHERMTU) {
2496 struct llc *llc2 = (struct llc *)(eh1 + 1);
2498 if ((*mp)->m_len >= ETHER_HDR_LEN + 8 &&
2499 llc2->llc_dsap == LLC_SNAP_LSAP &&
2500 llc2->llc_ssap == LLC_SNAP_LSAP &&
2501 llc2->llc_control == LLC_UI) {
2502 ether_type = htons(llc2->llc_un.type_snap.ether_type);
2508 * If we're trying to filter bridge traffic, don't look at anything
2509 * other than IP and ARP traffic. If the filter doesn't understand
2510 * IPv6, don't allow IPv6 through the bridge either. This is lame
2511 * since if we really wanted, say, an AppleTalk filter, we are hosed,
2512 * but of course we don't have an AppleTalk filter to begin with.
2513 * (Note that since pfil doesn't understand ARP it will pass *ALL*
2516 switch (ether_type) {
2518 case ETHERTYPE_REVARP:
2519 return (0); /* Automatically pass */
2522 case ETHERTYPE_IPV6:
2527 * Check to see if the user wants to pass non-ip
2528 * packets, these will not be checked by pfil(9) and
2529 * passed unconditionally so the default is to drop.
2535 /* Strip off the Ethernet header and keep a copy. */
2536 m_copydata(*mp, 0, ETHER_HDR_LEN, (caddr_t) &eh2);
2537 m_adj(*mp, ETHER_HDR_LEN);
2539 /* Strip off snap header, if present */
2541 m_copydata(*mp, 0, sizeof(struct llc), (caddr_t) &llc1);
2542 m_adj(*mp, sizeof(struct llc));
2546 * Check the IP header for alignment and errors
2548 if (dir == PFIL_IN) {
2549 switch (ether_type) {
2551 error = bridge_ip_checkbasic(mp);
2554 case ETHERTYPE_IPV6:
2555 error = bridge_ip6_checkbasic(mp);
2568 * Run the packet through pfil
2574 * before calling the firewall, swap fields the same as
2575 * IP does. here we assume the header is contiguous
2577 ip = mtod(*mp, struct ip *);
2579 ip->ip_len = ntohs(ip->ip_len);
2580 ip->ip_off = ntohs(ip->ip_off);
2583 * Run pfil on the member interface and the bridge, both can
2584 * be skipped by clearing pfil_member or pfil_bridge.
2587 * in_if -> bridge_if -> out_if
2589 if (pfil_bridge && dir == PFIL_OUT && bifp != NULL)
2590 error = pfil_run_hooks(&inet_pfil_hook, mp, bifp,
2593 if (*mp == NULL || error != 0) /* filter may consume */
2596 if (pfil_member && ifp != NULL)
2597 error = pfil_run_hooks(&inet_pfil_hook, mp, ifp,
2600 if (*mp == NULL || error != 0) /* filter may consume */
2603 if (pfil_bridge && dir == PFIL_IN && bifp != NULL)
2604 error = pfil_run_hooks(&inet_pfil_hook, mp, bifp,
2607 if (*mp == NULL || error != 0) /* filter may consume */
2610 /* check if we need to fragment the packet */
2611 if (pfil_member && ifp != NULL && dir == PFIL_OUT) {
2612 i = (*mp)->m_pkthdr.len;
2613 if (i > ifp->if_mtu) {
2614 error = bridge_fragment(ifp, *mp, &eh2, snap,
2620 /* Recalculate the ip checksum and restore byte ordering */
2621 ip = mtod(*mp, struct ip *);
2622 hlen = ip->ip_hl << 2;
2623 if (hlen < sizeof(struct ip))
2625 if (hlen > (*mp)->m_len) {
2626 if ((*mp = m_pullup(*mp, hlen)) == 0)
2628 ip = mtod(*mp, struct ip *);
2632 ip->ip_len = htons(ip->ip_len);
2633 ip->ip_off = htons(ip->ip_off);
2635 if (hlen == sizeof(struct ip))
2636 ip->ip_sum = in_cksum_hdr(ip);
2638 ip->ip_sum = in_cksum(*mp, hlen);
2642 case ETHERTYPE_IPV6 :
2643 if (pfil_bridge && dir == PFIL_OUT && bifp != NULL)
2644 error = pfil_run_hooks(&inet6_pfil_hook, mp, bifp,
2647 if (*mp == NULL || error != 0) /* filter may consume */
2650 if (pfil_member && ifp != NULL)
2651 error = pfil_run_hooks(&inet6_pfil_hook, mp, ifp,
2654 if (*mp == NULL || error != 0) /* filter may consume */
2657 if (pfil_bridge && dir == PFIL_IN && bifp != NULL)
2658 error = pfil_run_hooks(&inet6_pfil_hook, mp, bifp,
2675 * Finally, put everything back the way it was and return
2678 M_PREPEND(*mp, sizeof(struct llc), MB_DONTWAIT);
2681 bcopy(&llc1, mtod(*mp, caddr_t), sizeof(struct llc));
2684 M_PREPEND(*mp, ETHER_HDR_LEN, MB_DONTWAIT);
2687 bcopy(&eh2, mtod(*mp, caddr_t), ETHER_HDR_LEN);
2698 * Perform basic checks on header size since
2699 * pfil assumes ip_input has already processed
2700 * it for it. Cut-and-pasted from ip_input.c.
2701 * Given how simple the IPv6 version is,
2702 * does the IPv4 version really need to be
2705 * XXX Should we update ipstat here, or not?
2706 * XXX Right now we update ipstat but not
2710 bridge_ip_checkbasic(struct mbuf **mp)
2712 struct mbuf *m = *mp;
2720 if (IP_HDR_ALIGNED_P(mtod(m, caddr_t)) == 0) {
2721 if ((m = m_copyup(m, sizeof(struct ip),
2722 (max_linkhdr + 3) & ~3)) == NULL) {
2723 /* XXXJRT new stat, please */
2724 ipstat.ips_toosmall++;
2729 #ifndef __predict_false
2730 #define __predict_false(x) x
2732 if (__predict_false(m->m_len < sizeof (struct ip))) {
2733 if ((m = m_pullup(m, sizeof (struct ip))) == NULL) {
2734 ipstat.ips_toosmall++;
2738 ip = mtod(m, struct ip *);
2739 if (ip == NULL) goto bad;
2741 if (ip->ip_v != IPVERSION) {
2742 ipstat.ips_badvers++;
2745 hlen = ip->ip_hl << 2;
2746 if (hlen < sizeof(struct ip)) { /* minimum header length */
2747 ipstat.ips_badhlen++;
2750 if (hlen > m->m_len) {
2751 if ((m = m_pullup(m, hlen)) == 0) {
2752 ipstat.ips_badhlen++;
2755 ip = mtod(m, struct ip *);
2756 if (ip == NULL) goto bad;
2759 if (m->m_pkthdr.csum_flags & CSUM_IP_CHECKED) {
2760 sum = !(m->m_pkthdr.csum_flags & CSUM_IP_VALID);
2762 if (hlen == sizeof(struct ip)) {
2763 sum = in_cksum_hdr(ip);
2765 sum = in_cksum(m, hlen);
2769 ipstat.ips_badsum++;
2773 /* Retrieve the packet length. */
2774 len = ntohs(ip->ip_len);
2777 * Check for additional length bogosity
2780 ipstat.ips_badlen++;
2785 * Check that the amount of data in the buffers
2786 * is as at least much as the IP header would have us expect.
2787 * Drop packet if shorter than we expect.
2789 if (m->m_pkthdr.len < len) {
2790 ipstat.ips_tooshort++;
2794 /* Checks out, proceed */
2805 * Same as above, but for IPv6.
2806 * Cut-and-pasted from ip6_input.c.
2807 * XXX Should we update ip6stat, or not?
2810 bridge_ip6_checkbasic(struct mbuf **mp)
2812 struct mbuf *m = *mp;
2813 struct ip6_hdr *ip6;
2816 * If the IPv6 header is not aligned, slurp it up into a new
2817 * mbuf with space for link headers, in the event we forward
2818 * it. Otherwise, if it is aligned, make sure the entire base
2819 * IPv6 header is in the first mbuf of the chain.
2822 if (IP6_HDR_ALIGNED_P(mtod(m, caddr_t)) == 0) {
2823 struct ifnet *inifp = m->m_pkthdr.rcvif;
2824 if ((m = m_copyup(m, sizeof(struct ip6_hdr),
2825 (max_linkhdr + 3) & ~3)) == NULL) {
2826 /* XXXJRT new stat, please */
2827 ip6stat.ip6s_toosmall++;
2828 in6_ifstat_inc(inifp, ifs6_in_hdrerr);
2833 if (__predict_false(m->m_len < sizeof(struct ip6_hdr))) {
2834 struct ifnet *inifp = m->m_pkthdr.rcvif;
2835 if ((m = m_pullup(m, sizeof(struct ip6_hdr))) == NULL) {
2836 ip6stat.ip6s_toosmall++;
2837 in6_ifstat_inc(inifp, ifs6_in_hdrerr);
2842 ip6 = mtod(m, struct ip6_hdr *);
2844 if ((ip6->ip6_vfc & IPV6_VERSION_MASK) != IPV6_VERSION) {
2845 ip6stat.ip6s_badvers++;
2846 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_hdrerr);
2850 /* Checks out, proceed */
2863 * Return a fragmented mbuf chain.
2866 bridge_fragment(struct ifnet *ifp, struct mbuf *m, struct ether_header *eh,
2867 int snap, struct llc *llc)
2873 if (m->m_len < sizeof(struct ip) &&
2874 (m = m_pullup(m, sizeof(struct ip))) == NULL)
2876 ip = mtod(m, struct ip *);
2878 error = ip_fragment(ip, &m, ifp->if_mtu, ifp->if_hwassist,
2883 /* walk the chain and re-add the Ethernet header */
2884 for (m0 = m; m0; m0 = m0->m_nextpkt) {
2887 M_PREPEND(m0, sizeof(struct llc), MB_DONTWAIT);
2892 bcopy(llc, mtod(m0, caddr_t),
2893 sizeof(struct llc));
2895 M_PREPEND(m0, ETHER_HDR_LEN, MB_DONTWAIT);
2900 bcopy(eh, mtod(m0, caddr_t), ETHER_HDR_LEN);
2906 ipstat.ips_fragmented++;
2917 bridge_enqueue_handler(struct netmsg *nmsg)
2919 struct netmsg_packet *nmp;
2920 struct ifnet *dst_ifp;
2923 nmp = (struct netmsg_packet *)nmsg;
2925 dst_ifp = nmp->nm_netmsg.nm_lmsg.u.ms_resultp;
2927 bridge_handoff_notags(dst_ifp, m);
2931 bridge_pfil_enqueue_handler(struct netmsg *nmsg)
2933 struct netmsg_packet *nmp;
2934 struct ifnet *dst_ifp;
2937 nmp = (struct netmsg_packet *)nmsg;
2939 dst_ifp = nmp->nm_netmsg.nm_lmsg.u.ms_resultp;
2942 * Filter on the output interface. Pass a NULL bridge interface
2943 * pointer so we do not redundantly filter on the bridge for
2944 * each interface we broadcast on.
2946 if (inet_pfil_hook.ph_hashooks > 0
2948 || inet6_pfil_hook.ph_hashooks > 0
2951 if (bridge_pfil(&m, NULL, dst_ifp, PFIL_OUT) != 0)
2956 bridge_handoff_notags(dst_ifp, m);
2960 bridge_handoff(struct ifnet *dst_ifp, struct mbuf *m)
2962 while (m->m_type == MT_TAG) {
2963 /* XXX see ether_output_frame for full rules check */
2966 bridge_handoff_notags(dst_ifp, m);
2970 bridge_handoff_notags(struct ifnet *dst_ifp, struct mbuf *m)
2974 KKASSERT(m->m_type != MT_TAG);
2976 lwkt_serialize_enter(dst_ifp->if_serializer);
2978 /* We may be sending a fragment so traverse the mbuf */
2980 struct altq_pktattr pktattr;
2983 m->m_nextpkt = NULL;
2985 if (ifq_is_enabled(&dst_ifp->if_snd))
2986 altq_etherclassify(&dst_ifp->if_snd, m, &pktattr);
2988 ifq_handoff(dst_ifp, m, &pktattr);
2991 lwkt_serialize_exit(dst_ifp->if_serializer);
2994 struct netmsg_brgctl {
2995 struct netmsg bc_nmsg;
2996 bridge_ctl_t bc_func;
2997 struct bridge_softc *bc_sc;
3002 bridge_control_dispatch(struct netmsg *nmsg)
3004 struct netmsg_brgctl *bc_msg = (struct netmsg_brgctl *)nmsg;
3005 struct ifnet *bifp = bc_msg->bc_sc->sc_ifp;
3008 lwkt_serialize_enter(bifp->if_serializer);
3009 error = bc_msg->bc_func(bc_msg->bc_sc, bc_msg->bc_arg);
3010 lwkt_serialize_exit(bifp->if_serializer);
3012 lwkt_replymsg(&nmsg->nm_lmsg, error);
3016 bridge_control(struct bridge_softc *sc, u_long cmd,
3017 bridge_ctl_t bc_func, void *bc_arg)
3019 struct ifnet *bifp = sc->sc_ifp;
3020 struct netmsg_brgctl bc_msg;
3021 struct netmsg *nmsg;
3024 ASSERT_SERIALIZED(bifp->if_serializer);
3026 if (cmd == SIOCGDRVSPEC) {
3028 * Don't dispatch 'get' ioctl to netisr0;
3029 * there are copyouts down deep inside
3030 * specific bridge ioctl functions.
3032 return bc_func(sc, bc_arg);
3035 bzero(&bc_msg, sizeof(bc_msg));
3036 nmsg = &bc_msg.bc_nmsg;
3038 netmsg_init(nmsg, &curthread->td_msgport, 0, bridge_control_dispatch);
3039 bc_msg.bc_func = bc_func;
3041 bc_msg.bc_arg = bc_arg;
3043 lwkt_serialize_exit(bifp->if_serializer);
3044 error = lwkt_domsg(cpu_portfn(0), &nmsg->nm_lmsg, 0);
3045 lwkt_serialize_enter(bifp->if_serializer);
lentferj's projects / dragonfly.git / blob