xref: /dragonfly/sys/netgraph7/ng_vlan.c (revision 2038fb68) 
1 /*-
2  * Copyright (c) 2003 IPNET Internet Communication Company
3  * All rights reserved.
4  *
5  * Redistribution and use in source and binary forms, with or without
6  * modification, are permitted provided that the following conditions
7  * are met:
8  * 1. Redistributions of source code must retain the above copyright
9  *    notice, this list of conditions and the following disclaimer.
10  * 2. Redistributions in binary form must reproduce the above copyright
11  *    notice, this list of conditions and the following disclaimer in the
12  *    documentation and/or other materials provided with the distribution.
13  *
14  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
15  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
16  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
17  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
18  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
19  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
20  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
21  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
22  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
23  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
24  * SUCH DAMAGE.
25  *
26  * Author: Ruslan Ermilov <ru@FreeBSD.org>
27  *
28  * $FreeBSD: src/sys/netgraph/ng_vlan.c,v 1.5 2007/06/11 15:29:02 imp Exp $
29  * $DragonFly: src/sys/netgraph7/ng_vlan.c,v 1.2 2008/06/26 23:05:35 dillon Exp $
30  */
31 
32 #include <sys/param.h>
33 #include <sys/errno.h>
34 #include <sys/kernel.h>
35 #include <sys/malloc.h>
36 #include <sys/mbuf.h>
37 #include <sys/queue.h>
38 #include <sys/socket.h>
39 #include <sys/systm.h>
40 
41 #include <net/ethernet.h>
42 #include <net/if.h>
43 #include <net/if_vlan_var.h>
44 
45 #include "ng_message.h"
46 #include "ng_parse.h"
47 #include "ng_vlan.h"
48 #include "netgraph.h"
49 
50 static ng_constructor_t	ng_vlan_constructor;
51 static ng_rcvmsg_t	ng_vlan_rcvmsg;
52 static ng_shutdown_t	ng_vlan_shutdown;
53 static ng_newhook_t	ng_vlan_newhook;
54 static ng_rcvdata_t	ng_vlan_rcvdata;
55 static ng_disconnect_t	ng_vlan_disconnect;
56 
57 /* Parse type for struct ng_vlan_filter. */
58 static const struct ng_parse_struct_field ng_vlan_filter_fields[] =
59 	NG_VLAN_FILTER_FIELDS;
60 static const struct ng_parse_type ng_vlan_filter_type = {
61 	&ng_parse_struct_type,
62 	&ng_vlan_filter_fields
63 };
64 
65 static int
66 ng_vlan_getTableLength(const struct ng_parse_type *type,
67     const u_char *start, const u_char *buf)
68 {
69 	const struct ng_vlan_table *const table =
70 	    (const struct ng_vlan_table *)(buf - sizeof(u_int32_t));
71 
72 	return table->n;
73 }
74 
75 /* Parse type for struct ng_vlan_table. */
76 static const struct ng_parse_array_info ng_vlan_table_array_info = {
77 	&ng_vlan_filter_type,
78 	ng_vlan_getTableLength
79 };
80 static const struct ng_parse_type ng_vlan_table_array_type = {
81 	&ng_parse_array_type,
82 	&ng_vlan_table_array_info
83 };
84 static const struct ng_parse_struct_field ng_vlan_table_fields[] =
85 	NG_VLAN_TABLE_FIELDS;
86 static const struct ng_parse_type ng_vlan_table_type = {
87 	&ng_parse_struct_type,
88 	&ng_vlan_table_fields
89 };
90 
91 /* List of commands and how to convert arguments to/from ASCII. */
92 static const struct ng_cmdlist ng_vlan_cmdlist[] = {
93 	{
94 	  NGM_VLAN_COOKIE,
95 	  NGM_VLAN_ADD_FILTER,
96 	  "addfilter",
97 	  &ng_vlan_filter_type,
98 	  NULL
99 	},
100 	{
101 	  NGM_VLAN_COOKIE,
102 	  NGM_VLAN_DEL_FILTER,
103 	  "delfilter",
104 	  &ng_parse_hookbuf_type,
105 	  NULL
106 	},
107 	{
108 	  NGM_VLAN_COOKIE,
109 	  NGM_VLAN_GET_TABLE,
110 	  "gettable",
111 	  NULL,
112 	  &ng_vlan_table_type
113 	},
114 	{ 0 }
115 };
116 
117 static struct ng_type ng_vlan_typestruct = {
118 	.version =	NG_ABI_VERSION,
119 	.name =		NG_VLAN_NODE_TYPE,
120 	.constructor =	ng_vlan_constructor,
121 	.rcvmsg =	ng_vlan_rcvmsg,
122 	.shutdown =	ng_vlan_shutdown,
123 	.newhook =	ng_vlan_newhook,
124 	.rcvdata =	ng_vlan_rcvdata,
125 	.disconnect =	ng_vlan_disconnect,
126 	.cmdlist =	ng_vlan_cmdlist,
127 };
128 NETGRAPH_INIT(vlan, &ng_vlan_typestruct);
129 
130 struct filter {
131 	LIST_ENTRY(filter) next;
132 	u_int16_t	vlan;
133 	hook_p		hook;
134 };
135 
136 #define	HASHSIZE	16
137 #define	HASH(id)	((((id) >> 8) ^ ((id) >> 4) ^ (id)) & 0x0f)
138 LIST_HEAD(filterhead, filter);
139 
140 typedef struct {
141 	hook_p		downstream_hook;
142 	hook_p		nomatch_hook;
143 	struct filterhead hashtable[HASHSIZE];
144 	u_int32_t	nent;
145 } *priv_p;
146 
147 static struct filter *
148 ng_vlan_findentry(priv_p priv, u_int16_t vlan)
149 {
150 	struct filterhead *chain = &priv->hashtable[HASH(vlan)];
151 	struct filter *f;
152 
153 	LIST_FOREACH(f, chain, next)
154 		if (f->vlan == vlan)
155 			return (f);
156 	return (NULL);
157 }
158 
159 static int
160 ng_vlan_constructor(node_p node)
161 {
162 	priv_p priv;
163 	int i;
164 
165 	MALLOC(priv, priv_p, sizeof(*priv), M_NETGRAPH, M_WAITOK | M_NULLOK | M_ZERO);
166 	if (priv == NULL)
167 		return (ENOMEM);
168 	for (i = 0; i < HASHSIZE; i++)
169 		LIST_INIT(&priv->hashtable[i]);
170 	NG_NODE_SET_PRIVATE(node, priv);
171 	return (0);
172 }
173 
174 static int
175 ng_vlan_newhook(node_p node, hook_p hook, const char *name)
176 {
177 	const priv_p priv = NG_NODE_PRIVATE(node);
178 
179 	if (strcmp(name, NG_VLAN_HOOK_DOWNSTREAM) == 0)
180 		priv->downstream_hook = hook;
181 	else if (strcmp(name, NG_VLAN_HOOK_NOMATCH) == 0)
182 		priv->nomatch_hook = hook;
183 	else {
184 		/*
185 		 * Any other hook name is valid and can
186 		 * later be associated with a filter rule.
187 		 */
188 	}
189 	NG_HOOK_SET_PRIVATE(hook, NULL);
190 	return (0);
191 }
192 
193 static int
194 ng_vlan_rcvmsg(node_p node, item_p item, hook_p lasthook)
195 {
196 	const priv_p priv = NG_NODE_PRIVATE(node);
197 	int error = 0;
198 	struct ng_mesg *msg, *resp = NULL;
199 	struct ng_vlan_filter *vf;
200 	struct filter *f;
201 	hook_p hook;
202 	struct ng_vlan_table *t;
203 	int i;
204 
205 	NGI_GET_MSG(item, msg);
206 	/* Deal with message according to cookie and command. */
207 	switch (msg->header.typecookie) {
208 	case NGM_VLAN_COOKIE:
209 		switch (msg->header.cmd) {
210 		case NGM_VLAN_ADD_FILTER:
211 			/* Check that message is long enough. */
212 			if (msg->header.arglen != sizeof(*vf)) {
213 				error = EINVAL;
214 				break;
215 			}
216 			vf = (struct ng_vlan_filter *)msg->data;
217 			/* Sanity check the VLAN ID value. */
218 			if (vf->vlan & ~EVL_VLID_MASK) {
219 				error = EINVAL;
220 				break;
221 			}
222 			/* Check that a referenced hook exists. */
223 			hook = ng_findhook(node, vf->hook);
224 			if (hook == NULL) {
225 				error = ENOENT;
226 				break;
227 			}
228 			/* And is not one of the special hooks. */
229 			if (hook == priv->downstream_hook ||
230 			    hook == priv->nomatch_hook) {
231 				error = EINVAL;
232 				break;
233 			}
234 			/* And is not already in service. */
235 			if (NG_HOOK_PRIVATE(hook) != NULL) {
236 				error = EEXIST;
237 				break;
238 			}
239 			/* Check we don't already trap this VLAN. */
240 			if (ng_vlan_findentry(priv, vf->vlan)) {
241 				error = EEXIST;
242 				break;
243 			}
244 			/* Create filter. */
245 			MALLOC(f, struct filter *, sizeof(*f),
246 			    M_NETGRAPH, M_WAITOK | M_NULLOK | M_ZERO);
247 			if (f == NULL) {
248 				error = ENOMEM;
249 				break;
250 			}
251 			/* Link filter and hook together. */
252 			f->hook = hook;
253 			f->vlan = vf->vlan;
254 			NG_HOOK_SET_PRIVATE(hook, f);
255 			/* Register filter in a hash table. */
256 			LIST_INSERT_HEAD(
257 			    &priv->hashtable[HASH(f->vlan)], f, next);
258 			priv->nent++;
259 			break;
260 		case NGM_VLAN_DEL_FILTER:
261 			/* Check that message is long enough. */
262 			if (msg->header.arglen != NG_HOOKSIZ) {
263 				error = EINVAL;
264 				break;
265 			}
266 			/* Check that hook exists and is active. */
267 			hook = ng_findhook(node, (char *)msg->data);
268 			if (hook == NULL ||
269 			    (f = NG_HOOK_PRIVATE(hook)) == NULL) {
270 				error = ENOENT;
271 				break;
272 			}
273 			/* Purge a rule that refers to this hook. */
274 			NG_HOOK_SET_PRIVATE(hook, NULL);
275 			LIST_REMOVE(f, next);
276 			priv->nent--;
277 			FREE(f, M_NETGRAPH);
278 			break;
279 		case NGM_VLAN_GET_TABLE:
280 			NG_MKRESPONSE(resp, msg, sizeof(*t) +
281 			    priv->nent * sizeof(*t->filter), M_WAITOK | M_NULLOK);
282 			if (resp == NULL) {
283 				error = ENOMEM;
284 				break;
285 			}
286 			t = (struct ng_vlan_table *)resp->data;
287 			t->n = priv->nent;
288 			vf = &t->filter[0];
289 			for (i = 0; i < HASHSIZE; i++) {
290 				LIST_FOREACH(f, &priv->hashtable[i], next) {
291 					vf->vlan = f->vlan;
292 					strncpy(vf->hook, NG_HOOK_NAME(f->hook),
293 					    NG_HOOKSIZ);
294 					vf++;
295 				}
296 			}
297 			break;
298 		default:		/* Unknown command. */
299 			error = EINVAL;
300 			break;
301 		}
302 		break;
303 	case NGM_FLOW_COOKIE:
304 	    {
305 		struct ng_mesg *copy;
306 		struct filterhead *chain;
307 		struct filter *f;
308 
309 		/*
310 		 * Flow control messages should come only
311 		 * from downstream.
312 		 */
313 
314 		if (lasthook == NULL)
315 			break;
316 		if (lasthook != priv->downstream_hook)
317 			break;
318 
319 		/* Broadcast the event to all uplinks. */
320 		for (i = 0, chain = priv->hashtable; i < HASHSIZE;
321 		    i++, chain++)
322 		LIST_FOREACH(f, chain, next) {
323 			NG_COPYMESSAGE(copy, msg, M_WAITOK | M_NULLOK);
324 			if (copy == NULL)
325 				continue;
326 			NG_SEND_MSG_HOOK(error, node, copy, f->hook, 0);
327 		}
328 
329 		break;
330 	    }
331 	default:			/* Unknown type cookie. */
332 		error = EINVAL;
333 		break;
334 	}
335 	NG_RESPOND_MSG(error, node, item, resp);
336 	NG_FREE_MSG(msg);
337 	return (error);
338 }
339 
340 static int
341 ng_vlan_rcvdata(hook_p hook, item_p item)
342 {
343 	const priv_p priv = NG_NODE_PRIVATE(NG_HOOK_NODE(hook));
344 	struct ether_header *eh;
345 	struct ether_vlan_header *evl = NULL;
346 	int error;
347 	u_int16_t vlan;
348 	struct mbuf *m;
349 	struct filter *f;
350 
351 	/* Make sure we have an entire header. */
352 	NGI_GET_M(item, m);
353 	if (m->m_len < sizeof(*eh) &&
354 	    (m = m_pullup(m, sizeof(*eh))) == NULL) {
355 		NG_FREE_ITEM(item);
356 		return (EINVAL);
357 	}
358 	eh = mtod(m, struct ether_header *);
359 	if (hook == priv->downstream_hook) {
360 		/*
361 		 * If from downstream, select between a match hook
362 		 * or the nomatch hook.
363 		 */
364 		if (m->m_flags & M_VLANTAG ||
365 		    eh->ether_type == htons(ETHERTYPE_VLAN)) {
366 			if (m->m_flags & M_VLANTAG) {
367 				/*
368 				 * Packet is tagged, m contains a normal
369 				 * Ethernet frame; tag is stored out-of-band.
370 				 */
371 				vlan = EVL_VLANOFTAG(m->m_pkthdr.ether_vtag);
372 			} else {
373 				if (m->m_len < sizeof(*evl) &&
374 				    (m = m_pullup(m, sizeof(*evl))) == NULL) {
375 					NG_FREE_ITEM(item);
376 					return (EINVAL);
377 				}
378 				evl = mtod(m, struct ether_vlan_header *);
379 				vlan = EVL_VLANOFTAG(ntohs(evl->evl_tag));
380 			}
381 			if ((f = ng_vlan_findentry(priv, vlan)) != NULL) {
382 				if (m->m_flags & M_VLANTAG) {
383 					m->m_pkthdr.ether_vtag = 0;
384 					m->m_flags &= ~M_VLANTAG;
385 				} else {
386 					evl->evl_encap_proto = evl->evl_proto;
387 					bcopy(mtod(m, caddr_t),
388 					    mtod(m, caddr_t) +
389 					    ETHER_VLAN_ENCAP_LEN,
390 					    ETHER_HDR_LEN);
391 					m_adj(m, ETHER_VLAN_ENCAP_LEN);
392 				}
393 			}
394 		} else
395 			f = NULL;
396 		if (f != NULL)
397 			NG_FWD_NEW_DATA(error, item, f->hook, m);
398 		else
399 			NG_FWD_NEW_DATA(error, item, priv->nomatch_hook, m);
400 	} else {
401 		/*
402 		 * It is heading towards the downstream.
403 		 * If from nomatch, pass it unmodified.
404 		 * Otherwise, do the VLAN encapsulation.
405 		 */
406 		if (hook != priv->nomatch_hook) {
407 			if ((f = NG_HOOK_PRIVATE(hook)) == NULL) {
408 				NG_FREE_ITEM(item);
409 				NG_FREE_M(m);
410 				return (EOPNOTSUPP);
411 			}
412 			M_PREPEND(m, ETHER_VLAN_ENCAP_LEN, MB_DONTWAIT);
413 			/* M_PREPEND takes care of m_len and m_pkthdr.len. */
414 			if (m == NULL || (m->m_len < sizeof(*evl) &&
415 			    (m = m_pullup(m, sizeof(*evl))) == NULL)) {
416 				NG_FREE_ITEM(item);
417 				return (ENOMEM);
418 			}
419 			/*
420 			 * Transform the Ethernet header into an Ethernet header
421 			 * with 802.1Q encapsulation.
422 			 */
423 			bcopy(mtod(m, char *) + ETHER_VLAN_ENCAP_LEN,
424 			    mtod(m, char *), ETHER_HDR_LEN);
425 			evl = mtod(m, struct ether_vlan_header *);
426 			evl->evl_proto = evl->evl_encap_proto;
427 			evl->evl_encap_proto = htons(ETHERTYPE_VLAN);
428 			evl->evl_tag = htons(f->vlan);
429 		}
430 		NG_FWD_NEW_DATA(error, item, priv->downstream_hook, m);
431 	}
432 	return (error);
433 }
434 
435 static int
436 ng_vlan_shutdown(node_p node)
437 {
438 	const priv_p priv = NG_NODE_PRIVATE(node);
439 
440 	NG_NODE_SET_PRIVATE(node, NULL);
441 	NG_NODE_UNREF(node);
442 	FREE(priv, M_NETGRAPH);
443 	return (0);
444 }
445 
446 static int
447 ng_vlan_disconnect(hook_p hook)
448 {
449 	const priv_p priv = NG_NODE_PRIVATE(NG_HOOK_NODE(hook));
450 	struct filter *f;
451 
452 	if (hook == priv->downstream_hook)
453 		priv->downstream_hook = NULL;
454 	else if (hook == priv->nomatch_hook)
455 		priv->nomatch_hook = NULL;
456 	else {
457 		/* Purge a rule that refers to this hook. */
458 		if ((f = NG_HOOK_PRIVATE(hook)) != NULL) {
459 			LIST_REMOVE(f, next);
460 			priv->nent--;
461 			FREE(f, M_NETGRAPH);
462 		}
463 	}
464 	NG_HOOK_SET_PRIVATE(hook, NULL);
465 	if ((NG_NODE_NUMHOOKS(NG_HOOK_NODE(hook)) == 0) &&
466 	    (NG_NODE_IS_VALID(NG_HOOK_NODE(hook))))
467 		ng_rmnode_self(NG_HOOK_NODE(hook));
468 	return (0);
469 }
470