1 /* 2 * Copyright 2001 Wasabi Systems, Inc. 3 * All rights reserved. 4 * 5 * Written by Jason R. Thorpe for Wasabi Systems, Inc. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 3. All advertising materials mentioning features or use of this software 16 * must display the following acknowledgement: 17 * This product includes software developed for the NetBSD Project by 18 * Wasabi Systems, Inc. 19 * 4. The name of Wasabi Systems, Inc. may not be used to endorse 20 * or promote products derived from this software without specific prior 21 * written permission. 22 * 23 * THIS SOFTWARE IS PROVIDED BY WASABI SYSTEMS, INC. ``AS IS'' AND 24 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 25 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 26 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL WASABI SYSTEMS, INC 27 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 28 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 29 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 30 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 31 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 32 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 33 * POSSIBILITY OF SUCH DAMAGE. 34 */ 35 36 /* 37 * Copyright (c) 1999, 2000 Jason L. Wright (jason@thought.net) 38 * All rights reserved. 39 * 40 * Redistribution and use in source and binary forms, with or without 41 * modification, are permitted provided that the following conditions 42 * are met: 43 * 1. Redistributions of source code must retain the above copyright 44 * notice, this list of conditions and the following disclaimer. 45 * 2. Redistributions in binary form must reproduce the above copyright 46 * notice, this list of conditions and the following disclaimer in the 47 * documentation and/or other materials provided with the distribution. 48 * 3. All advertising materials mentioning features or use of this software 49 * must display the following acknowledgement: 50 * This product includes software developed by Jason L. Wright 51 * 4. The name of the author may not be used to endorse or promote products 52 * derived from this software without specific prior written permission. 53 * 54 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 55 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED 56 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 57 * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, 58 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES 59 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 60 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 61 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 62 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN 63 * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 64 * POSSIBILITY OF SUCH DAMAGE. 65 * 66 * $OpenBSD: if_bridge.c,v 1.60 2001/06/15 03:38:33 itojun Exp $ 67 * $NetBSD: if_bridge.c,v 1.31 2005/06/01 19:45:34 jdc Exp $ 68 * $FreeBSD: src/sys/net/if_bridge.c,v 1.26 2005/10/13 23:05:55 thompsa Exp $ 69 * $DragonFly: src/sys/net/bridge/if_bridge.c,v 1.60 2008/11/26 12:49:43 sephe Exp $ 70 */ 71 72 /* 73 * Network interface bridge support. 74 * 75 * TODO: 76 * 77 * - Currently only supports Ethernet-like interfaces (Ethernet, 78 * 802.11, VLANs on Ethernet, etc.) Figure out a nice way 79 * to bridge other types of interfaces (FDDI-FDDI, and maybe 80 * consider heterogenous bridges). 81 * 82 * 83 * Bridge's route information is duplicated to each CPUs: 84 * 85 * CPU0 CPU1 CPU2 CPU3 86 * +-----------+ +-----------+ +-----------+ +-----------+ 87 * | rtnode | | rtnode | | rtnode | | rtnode | 88 * | | | | | | | | 89 * | dst eaddr | | dst eaddr | | dst eaddr | | dst eaddr | 90 * +-----------+ +-----------+ +-----------+ +-----------+ 91 * | | | | 92 * | | | | 93 * | | +----------+ | | 94 * | | | rtinfo | | | 95 * | +---->| |<---+ | 96 * | | flags | | 97 * +-------------->| timeout |<-------------+ 98 * | dst_ifp | 99 * +----------+ 100 * 101 * We choose to put timeout and dst_ifp into shared part, so updating 102 * them will be cheaper than using message forwarding. Also there is 103 * not need to use spinlock to protect the updating: timeout and dst_ifp 104 * is not related and specific field's updating order has no importance. 105 * The cache pollution by the share part should not be heavy: in a stable 106 * setup, dst_ifp probably will be not changed in rtnode's life time, 107 * while timeout is refreshed once per second; most of the time, timeout 108 * and dst_ifp are read-only accessed. 109 * 110 * 111 * Bridge route information installation on bridge_input path: 112 * 113 * CPU0 CPU1 CPU2 CPU3 114 * 115 * tcp_thread2 116 * | 117 * alloc nmsg 118 * snd nmsg | 119 * w/o rtinfo | 120 * ifnet0<-----------------------+ 121 * | : 122 * lookup dst : 123 * rtnode exists?(Y)free nmsg : 124 * |(N) : 125 * | 126 * alloc rtinfo 127 * alloc rtnode 128 * install rtnode 129 * | 130 * +---------->ifnet1 131 * : fwd nmsg | 132 * : w/ rtinfo | 133 * : | 134 * : | 135 * alloc rtnode 136 * (w/ nmsg's rtinfo) 137 * install rtnode 138 * | 139 * +---------->ifnet2 140 * : fwd nmsg | 141 * : w/ rtinfo | 142 * : | 143 * : same as ifnet1 144 * | 145 * +---------->ifnet3 146 * : fwd nmsg | 147 * : w/ rtinfo | 148 * : | 149 * : same as ifnet1 150 * free nmsg 151 * : 152 * : 153 * 154 * The netmsgs forwarded between protocol threads and ifnet threads are 155 * allocated with (M_WAITOK|M_NULLOK), so it will not fail under most 156 * cases (route information is too precious to be not installed :). 157 * Since multiple threads may try to install route information for the 158 * same dst eaddr, we look up route information in ifnet0. However, this 159 * looking up only need to be performed on ifnet0, which is the start 160 * point of the route information installation process. 161 * 162 * 163 * Bridge route information deleting/flushing: 164 * 165 * CPU0 CPU1 CPU2 CPU3 166 * 167 * netisr0 168 * | 169 * find suitable rtnodes, 170 * mark their rtinfo dead 171 * | 172 * | domsg <------------------------------------------+ 173 * | | replymsg 174 * | | 175 * V fwdmsg fwdmsg fwdmsg | 176 * ifnet0 --------> ifnet1 --------> ifnet2 --------> ifnet3 177 * delete rtnodes delete rtnodes delete rtnodes delete rtnodes 178 * w/ dead rtinfo w/ dead rtinfo w/ dead rtinfo w/ dead rtinfo 179 * free dead rtinfos 180 * 181 * All deleting/flushing operations are serialized by netisr0, so each 182 * operation only reaps the route information marked dead by itself. 183 * 184 * 185 * Bridge route information adding/deleting/flushing: 186 * Since all operation is serialized by the fixed message flow between 187 * ifnet threads, it is not possible to create corrupted per-cpu route 188 * information. 189 * 190 * 191 * 192 * Percpu member interface list iteration with blocking operation: 193 * Since one bridge could only delete one member interface at a time and 194 * the deleted member interface is not freed after netmsg_service_sync(), 195 * following way is used to make sure that even if the certain member 196 * interface is ripped from the percpu list during the blocking operation, 197 * the iteration still could keep going: 198 * 199 * LIST_FOREACH_MUTABLE(bif, sc->sc_iflists[mycpuid], bif_next, nbif) { 200 * blocking operation; 201 * blocking operation; 202 * ... 203 * ... 204 * if (nbif != NULL && !nbif->bif_onlist) { 205 * KKASSERT(bif->bif_onlist); 206 * nbif = LIST_NEXT(bif, bif_next); 207 * } 208 * } 209 * 210 * As mentioned above only one member interface could be unlinked from the 211 * percpu member interface list, so either bif or nbif may be not on the list, 212 * but _not_ both. To keep the list iteration, we don't care about bif, but 213 * only nbif. Since removed member interface will only be freed after we 214 * finish our work, it is safe to access any field in an unlinked bif (here 215 * bif_onlist). If nbif is no longer on the list, then bif must be on the 216 * list, so we change nbif to the next element of bif and keep going. 217 */ 218 219 #include "opt_inet.h" 220 #include "opt_inet6.h" 221 222 #include <sys/param.h> 223 #include <sys/mbuf.h> 224 #include <sys/malloc.h> 225 #include <sys/protosw.h> 226 #include <sys/systm.h> 227 #include <sys/time.h> 228 #include <sys/socket.h> /* for net/if.h */ 229 #include <sys/sockio.h> 230 #include <sys/ctype.h> /* string functions */ 231 #include <sys/kernel.h> 232 #include <sys/random.h> 233 #include <sys/sysctl.h> 234 #include <sys/module.h> 235 #include <sys/proc.h> 236 #include <sys/priv.h> 237 #include <sys/lock.h> 238 #include <sys/thread.h> 239 #include <sys/thread2.h> 240 #include <sys/mpipe.h> 241 242 #include <net/bpf.h> 243 #include <net/if.h> 244 #include <net/if_dl.h> 245 #include <net/if_types.h> 246 #include <net/if_var.h> 247 #include <net/pfil.h> 248 #include <net/ifq_var.h> 249 #include <net/if_clone.h> 250 251 #include <netinet/in.h> /* for struct arpcom */ 252 #include <netinet/in_systm.h> 253 #include <netinet/in_var.h> 254 #include <netinet/ip.h> 255 #include <netinet/ip_var.h> 256 #ifdef INET6 257 #include <netinet/ip6.h> 258 #include <netinet6/ip6_var.h> 259 #endif 260 #include <netinet/if_ether.h> /* for struct arpcom */ 261 #include <net/bridge/if_bridgevar.h> 262 #include <net/if_llc.h> 263 #include <net/netmsg2.h> 264 265 #include <net/route.h> 266 #include <sys/in_cksum.h> 267 268 /* 269 * Size of the route hash table. Must be a power of two. 270 */ 271 #ifndef BRIDGE_RTHASH_SIZE 272 #define BRIDGE_RTHASH_SIZE 1024 273 #endif 274 275 #define BRIDGE_RTHASH_MASK (BRIDGE_RTHASH_SIZE - 1) 276 277 /* 278 * Maximum number of addresses to cache. 279 */ 280 #ifndef BRIDGE_RTABLE_MAX 281 #define BRIDGE_RTABLE_MAX 100 282 #endif 283 284 /* 285 * Spanning tree defaults. 286 */ 287 #define BSTP_DEFAULT_MAX_AGE (20 * 256) 288 #define BSTP_DEFAULT_HELLO_TIME (2 * 256) 289 #define BSTP_DEFAULT_FORWARD_DELAY (15 * 256) 290 #define BSTP_DEFAULT_HOLD_TIME (1 * 256) 291 #define BSTP_DEFAULT_BRIDGE_PRIORITY 0x8000 292 #define BSTP_DEFAULT_PORT_PRIORITY 0x80 293 #define BSTP_DEFAULT_PATH_COST 55 294 295 /* 296 * Timeout (in seconds) for entries learned dynamically. 297 */ 298 #ifndef BRIDGE_RTABLE_TIMEOUT 299 #define BRIDGE_RTABLE_TIMEOUT (20 * 60) /* same as ARP */ 300 #endif 301 302 /* 303 * Number of seconds between walks of the route list. 304 */ 305 #ifndef BRIDGE_RTABLE_PRUNE_PERIOD 306 #define BRIDGE_RTABLE_PRUNE_PERIOD (5 * 60) 307 #endif 308 309 /* 310 * List of capabilities to mask on the member interface. 311 */ 312 #define BRIDGE_IFCAPS_MASK IFCAP_TXCSUM 313 314 typedef int (*bridge_ctl_t)(struct bridge_softc *, void *); 315 316 struct netmsg_brctl { 317 struct netmsg bc_nmsg; 318 bridge_ctl_t bc_func; 319 struct bridge_softc *bc_sc; 320 void *bc_arg; 321 }; 322 323 struct netmsg_brsaddr { 324 struct netmsg br_nmsg; 325 struct bridge_softc *br_softc; 326 struct ifnet *br_dst_if; 327 struct bridge_rtinfo *br_rtinfo; 328 int br_setflags; 329 uint8_t br_dst[ETHER_ADDR_LEN]; 330 uint8_t br_flags; 331 }; 332 333 struct netmsg_braddbif { 334 struct netmsg br_nmsg; 335 struct bridge_softc *br_softc; 336 struct bridge_ifinfo *br_bif_info; 337 struct ifnet *br_bif_ifp; 338 }; 339 340 struct netmsg_brdelbif { 341 struct netmsg br_nmsg; 342 struct bridge_softc *br_softc; 343 struct bridge_ifinfo *br_bif_info; 344 struct bridge_iflist_head *br_bif_list; 345 }; 346 347 struct netmsg_brsflags { 348 struct netmsg br_nmsg; 349 struct bridge_softc *br_softc; 350 struct bridge_ifinfo *br_bif_info; 351 uint32_t br_bif_flags; 352 }; 353 354 eventhandler_tag bridge_detach_cookie = NULL; 355 356 extern struct mbuf *(*bridge_input_p)(struct ifnet *, struct mbuf *); 357 extern int (*bridge_output_p)(struct ifnet *, struct mbuf *); 358 extern void (*bridge_dn_p)(struct mbuf *, struct ifnet *); 359 360 static int bridge_rtable_prune_period = BRIDGE_RTABLE_PRUNE_PERIOD; 361 362 static int bridge_clone_create(struct if_clone *, int); 363 static void bridge_clone_destroy(struct ifnet *); 364 365 static int bridge_ioctl(struct ifnet *, u_long, caddr_t, struct ucred *); 366 static void bridge_mutecaps(struct bridge_ifinfo *, struct ifnet *, int); 367 static void bridge_ifdetach(void *, struct ifnet *); 368 static void bridge_init(void *); 369 static void bridge_stop(struct ifnet *); 370 static void bridge_start(struct ifnet *); 371 static struct mbuf *bridge_input(struct ifnet *, struct mbuf *); 372 static int bridge_output(struct ifnet *, struct mbuf *); 373 374 static void bridge_forward(struct bridge_softc *, struct mbuf *m); 375 376 static void bridge_timer_handler(struct netmsg *); 377 static void bridge_timer(void *); 378 379 static void bridge_start_bcast(struct bridge_softc *, struct mbuf *); 380 static void bridge_broadcast(struct bridge_softc *, struct ifnet *, 381 struct mbuf *); 382 static void bridge_span(struct bridge_softc *, struct mbuf *); 383 384 static int bridge_rtupdate(struct bridge_softc *, const uint8_t *, 385 struct ifnet *, uint8_t); 386 static struct ifnet *bridge_rtlookup(struct bridge_softc *, const uint8_t *); 387 static void bridge_rtreap(struct bridge_softc *); 388 static void bridge_rtreap_async(struct bridge_softc *); 389 static void bridge_rttrim(struct bridge_softc *); 390 static int bridge_rtage_finddead(struct bridge_softc *); 391 static void bridge_rtage(struct bridge_softc *); 392 static void bridge_rtflush(struct bridge_softc *, int); 393 static int bridge_rtdaddr(struct bridge_softc *, const uint8_t *); 394 static int bridge_rtsaddr(struct bridge_softc *, const uint8_t *, 395 struct ifnet *, uint8_t); 396 static void bridge_rtmsg_sync(struct bridge_softc *sc); 397 static void bridge_rtreap_handler(struct netmsg *); 398 static void bridge_rtinstall_handler(struct netmsg *); 399 static int bridge_rtinstall_oncpu(struct bridge_softc *, const uint8_t *, 400 struct ifnet *, int, uint8_t, struct bridge_rtinfo **); 401 402 static void bridge_rtable_init(struct bridge_softc *); 403 static void bridge_rtable_fini(struct bridge_softc *); 404 405 static int bridge_rtnode_addr_cmp(const uint8_t *, const uint8_t *); 406 static struct bridge_rtnode *bridge_rtnode_lookup(struct bridge_softc *, 407 const uint8_t *); 408 static void bridge_rtnode_insert(struct bridge_softc *, 409 struct bridge_rtnode *); 410 static void bridge_rtnode_destroy(struct bridge_softc *, 411 struct bridge_rtnode *); 412 413 static struct bridge_iflist *bridge_lookup_member(struct bridge_softc *, 414 const char *name); 415 static struct bridge_iflist *bridge_lookup_member_if(struct bridge_softc *, 416 struct ifnet *ifp); 417 static struct bridge_iflist *bridge_lookup_member_ifinfo(struct bridge_softc *, 418 struct bridge_ifinfo *); 419 static void bridge_delete_member(struct bridge_softc *, 420 struct bridge_iflist *, int); 421 static void bridge_delete_span(struct bridge_softc *, 422 struct bridge_iflist *); 423 424 static int bridge_control(struct bridge_softc *, u_long, 425 bridge_ctl_t, void *); 426 static int bridge_ioctl_init(struct bridge_softc *, void *); 427 static int bridge_ioctl_stop(struct bridge_softc *, void *); 428 static int bridge_ioctl_add(struct bridge_softc *, void *); 429 static int bridge_ioctl_del(struct bridge_softc *, void *); 430 static int bridge_ioctl_gifflags(struct bridge_softc *, void *); 431 static int bridge_ioctl_sifflags(struct bridge_softc *, void *); 432 static int bridge_ioctl_scache(struct bridge_softc *, void *); 433 static int bridge_ioctl_gcache(struct bridge_softc *, void *); 434 static int bridge_ioctl_gifs(struct bridge_softc *, void *); 435 static int bridge_ioctl_rts(struct bridge_softc *, void *); 436 static int bridge_ioctl_saddr(struct bridge_softc *, void *); 437 static int bridge_ioctl_sto(struct bridge_softc *, void *); 438 static int bridge_ioctl_gto(struct bridge_softc *, void *); 439 static int bridge_ioctl_daddr(struct bridge_softc *, void *); 440 static int bridge_ioctl_flush(struct bridge_softc *, void *); 441 static int bridge_ioctl_gpri(struct bridge_softc *, void *); 442 static int bridge_ioctl_spri(struct bridge_softc *, void *); 443 static int bridge_ioctl_ght(struct bridge_softc *, void *); 444 static int bridge_ioctl_sht(struct bridge_softc *, void *); 445 static int bridge_ioctl_gfd(struct bridge_softc *, void *); 446 static int bridge_ioctl_sfd(struct bridge_softc *, void *); 447 static int bridge_ioctl_gma(struct bridge_softc *, void *); 448 static int bridge_ioctl_sma(struct bridge_softc *, void *); 449 static int bridge_ioctl_sifprio(struct bridge_softc *, void *); 450 static int bridge_ioctl_sifcost(struct bridge_softc *, void *); 451 static int bridge_ioctl_addspan(struct bridge_softc *, void *); 452 static int bridge_ioctl_delspan(struct bridge_softc *, void *); 453 static int bridge_pfil(struct mbuf **, struct ifnet *, struct ifnet *, 454 int); 455 static int bridge_ip_checkbasic(struct mbuf **mp); 456 #ifdef INET6 457 static int bridge_ip6_checkbasic(struct mbuf **mp); 458 #endif /* INET6 */ 459 static int bridge_fragment(struct ifnet *, struct mbuf *, 460 struct ether_header *, int, struct llc *); 461 static void bridge_enqueue_handler(struct netmsg *); 462 static void bridge_handoff(struct ifnet *, struct mbuf *); 463 464 static void bridge_del_bif_handler(struct netmsg *); 465 static void bridge_add_bif_handler(struct netmsg *); 466 static void bridge_set_bifflags_handler(struct netmsg *); 467 static void bridge_del_bif(struct bridge_softc *, struct bridge_ifinfo *, 468 struct bridge_iflist_head *); 469 static void bridge_add_bif(struct bridge_softc *, struct bridge_ifinfo *, 470 struct ifnet *); 471 static void bridge_set_bifflags(struct bridge_softc *, 472 struct bridge_ifinfo *, uint32_t); 473 474 SYSCTL_DECL(_net_link); 475 SYSCTL_NODE(_net_link, IFT_BRIDGE, bridge, CTLFLAG_RW, 0, "Bridge"); 476 477 static int pfil_onlyip = 1; /* only pass IP[46] packets when pfil is enabled */ 478 static int pfil_bridge = 1; /* run pfil hooks on the bridge interface */ 479 static int pfil_member = 1; /* run pfil hooks on the member interface */ 480 SYSCTL_INT(_net_link_bridge, OID_AUTO, pfil_onlyip, CTLFLAG_RW, 481 &pfil_onlyip, 0, "Only pass IP packets when pfil is enabled"); 482 SYSCTL_INT(_net_link_bridge, OID_AUTO, pfil_bridge, CTLFLAG_RW, 483 &pfil_bridge, 0, "Packet filter on the bridge interface"); 484 SYSCTL_INT(_net_link_bridge, OID_AUTO, pfil_member, CTLFLAG_RW, 485 &pfil_member, 0, "Packet filter on the member interface"); 486 487 struct bridge_control_arg { 488 union { 489 struct ifbreq ifbreq; 490 struct ifbifconf ifbifconf; 491 struct ifbareq ifbareq; 492 struct ifbaconf ifbaconf; 493 struct ifbrparam ifbrparam; 494 } bca_u; 495 int bca_len; 496 void *bca_uptr; 497 void *bca_kptr; 498 }; 499 500 struct bridge_control { 501 bridge_ctl_t bc_func; 502 int bc_argsize; 503 int bc_flags; 504 }; 505 506 #define BC_F_COPYIN 0x01 /* copy arguments in */ 507 #define BC_F_COPYOUT 0x02 /* copy arguments out */ 508 #define BC_F_SUSER 0x04 /* do super-user check */ 509 510 const struct bridge_control bridge_control_table[] = { 511 { bridge_ioctl_add, sizeof(struct ifbreq), 512 BC_F_COPYIN|BC_F_SUSER }, 513 { bridge_ioctl_del, sizeof(struct ifbreq), 514 BC_F_COPYIN|BC_F_SUSER }, 515 516 { bridge_ioctl_gifflags, sizeof(struct ifbreq), 517 BC_F_COPYIN|BC_F_COPYOUT }, 518 { bridge_ioctl_sifflags, sizeof(struct ifbreq), 519 BC_F_COPYIN|BC_F_SUSER }, 520 521 { bridge_ioctl_scache, sizeof(struct ifbrparam), 522 BC_F_COPYIN|BC_F_SUSER }, 523 { bridge_ioctl_gcache, sizeof(struct ifbrparam), 524 BC_F_COPYOUT }, 525 526 { bridge_ioctl_gifs, sizeof(struct ifbifconf), 527 BC_F_COPYIN|BC_F_COPYOUT }, 528 { bridge_ioctl_rts, sizeof(struct ifbaconf), 529 BC_F_COPYIN|BC_F_COPYOUT }, 530 531 { bridge_ioctl_saddr, sizeof(struct ifbareq), 532 BC_F_COPYIN|BC_F_SUSER }, 533 534 { bridge_ioctl_sto, sizeof(struct ifbrparam), 535 BC_F_COPYIN|BC_F_SUSER }, 536 { bridge_ioctl_gto, sizeof(struct ifbrparam), 537 BC_F_COPYOUT }, 538 539 { bridge_ioctl_daddr, sizeof(struct ifbareq), 540 BC_F_COPYIN|BC_F_SUSER }, 541 542 { bridge_ioctl_flush, sizeof(struct ifbreq), 543 BC_F_COPYIN|BC_F_SUSER }, 544 545 { bridge_ioctl_gpri, sizeof(struct ifbrparam), 546 BC_F_COPYOUT }, 547 { bridge_ioctl_spri, sizeof(struct ifbrparam), 548 BC_F_COPYIN|BC_F_SUSER }, 549 550 { bridge_ioctl_ght, sizeof(struct ifbrparam), 551 BC_F_COPYOUT }, 552 { bridge_ioctl_sht, sizeof(struct ifbrparam), 553 BC_F_COPYIN|BC_F_SUSER }, 554 555 { bridge_ioctl_gfd, sizeof(struct ifbrparam), 556 BC_F_COPYOUT }, 557 { bridge_ioctl_sfd, sizeof(struct ifbrparam), 558 BC_F_COPYIN|BC_F_SUSER }, 559 560 { bridge_ioctl_gma, sizeof(struct ifbrparam), 561 BC_F_COPYOUT }, 562 { bridge_ioctl_sma, sizeof(struct ifbrparam), 563 BC_F_COPYIN|BC_F_SUSER }, 564 565 { bridge_ioctl_sifprio, sizeof(struct ifbreq), 566 BC_F_COPYIN|BC_F_SUSER }, 567 568 { bridge_ioctl_sifcost, sizeof(struct ifbreq), 569 BC_F_COPYIN|BC_F_SUSER }, 570 571 { bridge_ioctl_addspan, sizeof(struct ifbreq), 572 BC_F_COPYIN|BC_F_SUSER }, 573 { bridge_ioctl_delspan, sizeof(struct ifbreq), 574 BC_F_COPYIN|BC_F_SUSER }, 575 }; 576 static const int bridge_control_table_size = 577 sizeof(bridge_control_table) / sizeof(bridge_control_table[0]); 578 579 LIST_HEAD(, bridge_softc) bridge_list; 580 581 struct if_clone bridge_cloner = IF_CLONE_INITIALIZER("bridge", 582 bridge_clone_create, 583 bridge_clone_destroy, 0, IF_MAXUNIT); 584 585 static int 586 bridge_modevent(module_t mod, int type, void *data) 587 { 588 switch (type) { 589 case MOD_LOAD: 590 LIST_INIT(&bridge_list); 591 if_clone_attach(&bridge_cloner); 592 bridge_input_p = bridge_input; 593 bridge_output_p = bridge_output; 594 bridge_detach_cookie = EVENTHANDLER_REGISTER( 595 ifnet_detach_event, bridge_ifdetach, NULL, 596 EVENTHANDLER_PRI_ANY); 597 #if notyet 598 bstp_linkstate_p = bstp_linkstate; 599 #endif 600 break; 601 case MOD_UNLOAD: 602 if (!LIST_EMPTY(&bridge_list)) 603 return (EBUSY); 604 EVENTHANDLER_DEREGISTER(ifnet_detach_event, 605 bridge_detach_cookie); 606 if_clone_detach(&bridge_cloner); 607 bridge_input_p = NULL; 608 bridge_output_p = NULL; 609 #if notyet 610 bstp_linkstate_p = NULL; 611 #endif 612 break; 613 default: 614 return (EOPNOTSUPP); 615 } 616 return (0); 617 } 618 619 static moduledata_t bridge_mod = { 620 "if_bridge", 621 bridge_modevent, 622 0 623 }; 624 625 DECLARE_MODULE(if_bridge, bridge_mod, SI_SUB_PSEUDO, SI_ORDER_ANY); 626 627 628 /* 629 * bridge_clone_create: 630 * 631 * Create a new bridge instance. 632 */ 633 static int 634 bridge_clone_create(struct if_clone *ifc, int unit) 635 { 636 struct bridge_softc *sc; 637 struct ifnet *ifp; 638 u_char eaddr[6]; 639 int cpu, rnd; 640 641 sc = kmalloc(sizeof(*sc), M_DEVBUF, M_WAITOK | M_ZERO); 642 ifp = sc->sc_ifp = &sc->sc_if; 643 644 sc->sc_brtmax = BRIDGE_RTABLE_MAX; 645 sc->sc_brttimeout = BRIDGE_RTABLE_TIMEOUT; 646 sc->sc_bridge_max_age = BSTP_DEFAULT_MAX_AGE; 647 sc->sc_bridge_hello_time = BSTP_DEFAULT_HELLO_TIME; 648 sc->sc_bridge_forward_delay = BSTP_DEFAULT_FORWARD_DELAY; 649 sc->sc_bridge_priority = BSTP_DEFAULT_BRIDGE_PRIORITY; 650 sc->sc_hold_time = BSTP_DEFAULT_HOLD_TIME; 651 652 /* Initialize our routing table. */ 653 bridge_rtable_init(sc); 654 655 callout_init(&sc->sc_brcallout); 656 netmsg_init(&sc->sc_brtimemsg, &netisr_adone_rport, 657 MSGF_DROPABLE, bridge_timer_handler); 658 sc->sc_brtimemsg.nm_lmsg.u.ms_resultp = sc; 659 660 callout_init(&sc->sc_bstpcallout); 661 netmsg_init(&sc->sc_bstptimemsg, &netisr_adone_rport, 662 MSGF_DROPABLE, bstp_tick_handler); 663 sc->sc_bstptimemsg.nm_lmsg.u.ms_resultp = sc; 664 665 /* Initialize per-cpu member iface lists */ 666 sc->sc_iflists = kmalloc(sizeof(*sc->sc_iflists) * ncpus, 667 M_DEVBUF, M_WAITOK); 668 for (cpu = 0; cpu < ncpus; ++cpu) 669 LIST_INIT(&sc->sc_iflists[cpu]); 670 671 LIST_INIT(&sc->sc_spanlist); 672 673 ifp->if_softc = sc; 674 if_initname(ifp, ifc->ifc_name, unit); 675 ifp->if_mtu = ETHERMTU; 676 ifp->if_flags = IFF_BROADCAST | IFF_MULTICAST; 677 ifp->if_ioctl = bridge_ioctl; 678 ifp->if_start = bridge_start; 679 ifp->if_init = bridge_init; 680 ifp->if_type = IFT_BRIDGE; 681 ifq_set_maxlen(&ifp->if_snd, ifqmaxlen); 682 ifp->if_snd.ifq_maxlen = ifqmaxlen; 683 ifq_set_ready(&ifp->if_snd); 684 ifp->if_hdrlen = ETHER_HDR_LEN; 685 686 /* 687 * Generate a random ethernet address and use the private AC:DE:48 688 * OUI code. 689 */ 690 rnd = karc4random(); 691 bcopy(&rnd, &eaddr[0], 4); /* ETHER_ADDR_LEN == 6 */ 692 rnd = karc4random(); 693 bcopy(&rnd, &eaddr[2], 4); /* ETHER_ADDR_LEN == 6 */ 694 695 eaddr[0] &= ~1; /* clear multicast bit */ 696 eaddr[0] |= 2; /* set the LAA bit */ 697 698 ether_ifattach(ifp, eaddr, NULL); 699 /* Now undo some of the damage... */ 700 ifp->if_baudrate = 0; 701 ifp->if_type = IFT_BRIDGE; 702 703 crit_enter(); /* XXX MP */ 704 LIST_INSERT_HEAD(&bridge_list, sc, sc_list); 705 crit_exit(); 706 707 return (0); 708 } 709 710 static void 711 bridge_delete_dispatch(struct netmsg *nmsg) 712 { 713 struct lwkt_msg *lmsg = &nmsg->nm_lmsg; 714 struct bridge_softc *sc = lmsg->u.ms_resultp; 715 struct ifnet *bifp = sc->sc_ifp; 716 struct bridge_iflist *bif; 717 718 lwkt_serialize_enter(bifp->if_serializer); 719 720 while ((bif = LIST_FIRST(&sc->sc_iflists[mycpuid])) != NULL) 721 bridge_delete_member(sc, bif, 0); 722 723 while ((bif = LIST_FIRST(&sc->sc_spanlist)) != NULL) 724 bridge_delete_span(sc, bif); 725 726 lwkt_serialize_exit(bifp->if_serializer); 727 728 lwkt_replymsg(lmsg, 0); 729 } 730 731 /* 732 * bridge_clone_destroy: 733 * 734 * Destroy a bridge instance. 735 */ 736 static void 737 bridge_clone_destroy(struct ifnet *ifp) 738 { 739 struct bridge_softc *sc = ifp->if_softc; 740 struct lwkt_msg *lmsg; 741 struct netmsg nmsg; 742 743 lwkt_serialize_enter(ifp->if_serializer); 744 745 bridge_stop(ifp); 746 ifp->if_flags &= ~IFF_UP; 747 748 lwkt_serialize_exit(ifp->if_serializer); 749 750 netmsg_init(&nmsg, &curthread->td_msgport, 0, bridge_delete_dispatch); 751 lmsg = &nmsg.nm_lmsg; 752 lmsg->u.ms_resultp = sc; 753 lwkt_domsg(BRIDGE_CFGPORT, lmsg, 0); 754 755 crit_enter(); /* XXX MP */ 756 LIST_REMOVE(sc, sc_list); 757 crit_exit(); 758 759 ether_ifdetach(ifp); 760 761 /* Tear down the routing table. */ 762 bridge_rtable_fini(sc); 763 764 /* Free per-cpu member iface lists */ 765 kfree(sc->sc_iflists, M_DEVBUF); 766 767 kfree(sc, M_DEVBUF); 768 } 769 770 /* 771 * bridge_ioctl: 772 * 773 * Handle a control request from the operator. 774 */ 775 static int 776 bridge_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data, struct ucred *cr) 777 { 778 struct bridge_softc *sc = ifp->if_softc; 779 struct bridge_control_arg args; 780 struct ifdrv *ifd = (struct ifdrv *) data; 781 const struct bridge_control *bc; 782 int error = 0; 783 784 ASSERT_SERIALIZED(ifp->if_serializer); 785 786 switch (cmd) { 787 case SIOCADDMULTI: 788 case SIOCDELMULTI: 789 break; 790 791 case SIOCGDRVSPEC: 792 case SIOCSDRVSPEC: 793 if (ifd->ifd_cmd >= bridge_control_table_size) { 794 error = EINVAL; 795 break; 796 } 797 bc = &bridge_control_table[ifd->ifd_cmd]; 798 799 if (cmd == SIOCGDRVSPEC && 800 (bc->bc_flags & BC_F_COPYOUT) == 0) { 801 error = EINVAL; 802 break; 803 } else if (cmd == SIOCSDRVSPEC && 804 (bc->bc_flags & BC_F_COPYOUT)) { 805 error = EINVAL; 806 break; 807 } 808 809 if (bc->bc_flags & BC_F_SUSER) { 810 error = priv_check_cred(cr, PRIV_ROOT, NULL_CRED_OKAY); 811 if (error) 812 break; 813 } 814 815 if (ifd->ifd_len != bc->bc_argsize || 816 ifd->ifd_len > sizeof(args.bca_u)) { 817 error = EINVAL; 818 break; 819 } 820 821 memset(&args, 0, sizeof(args)); 822 if (bc->bc_flags & BC_F_COPYIN) { 823 error = copyin(ifd->ifd_data, &args.bca_u, 824 ifd->ifd_len); 825 if (error) 826 break; 827 } 828 829 error = bridge_control(sc, cmd, bc->bc_func, &args); 830 if (error) { 831 KKASSERT(args.bca_len == 0 && args.bca_kptr == NULL); 832 break; 833 } 834 835 if (bc->bc_flags & BC_F_COPYOUT) { 836 error = copyout(&args, ifd->ifd_data, ifd->ifd_len); 837 if (args.bca_len != 0) { 838 KKASSERT(args.bca_kptr != NULL); 839 if (!error) { 840 error = copyout(args.bca_kptr, 841 args.bca_uptr, args.bca_len); 842 } 843 kfree(args.bca_kptr, M_TEMP); 844 } else { 845 KKASSERT(args.bca_kptr == NULL); 846 } 847 } else { 848 KKASSERT(args.bca_len == 0 && args.bca_kptr == NULL); 849 } 850 break; 851 852 case SIOCSIFFLAGS: 853 if (!(ifp->if_flags & IFF_UP) && 854 (ifp->if_flags & IFF_RUNNING)) { 855 /* 856 * If interface is marked down and it is running, 857 * then stop it. 858 */ 859 bridge_stop(ifp); 860 } else if ((ifp->if_flags & IFF_UP) && 861 !(ifp->if_flags & IFF_RUNNING)) { 862 /* 863 * If interface is marked up and it is stopped, then 864 * start it. 865 */ 866 ifp->if_init(sc); 867 } 868 break; 869 870 case SIOCSIFMTU: 871 /* Do not allow the MTU to be changed on the bridge */ 872 error = EINVAL; 873 break; 874 875 default: 876 error = ether_ioctl(ifp, cmd, data); 877 break; 878 } 879 return (error); 880 } 881 882 /* 883 * bridge_mutecaps: 884 * 885 * Clear or restore unwanted capabilities on the member interface 886 */ 887 static void 888 bridge_mutecaps(struct bridge_ifinfo *bif_info, struct ifnet *ifp, int mute) 889 { 890 struct ifreq ifr; 891 int error; 892 893 if (ifp->if_ioctl == NULL) 894 return; 895 896 bzero(&ifr, sizeof(ifr)); 897 ifr.ifr_reqcap = ifp->if_capenable; 898 899 if (mute) { 900 /* mask off and save capabilities */ 901 bif_info->bifi_mutecap = ifr.ifr_reqcap & BRIDGE_IFCAPS_MASK; 902 if (bif_info->bifi_mutecap != 0) 903 ifr.ifr_reqcap &= ~BRIDGE_IFCAPS_MASK; 904 } else { 905 /* restore muted capabilities */ 906 ifr.ifr_reqcap |= bif_info->bifi_mutecap; 907 } 908 909 if (bif_info->bifi_mutecap != 0) { 910 lwkt_serialize_enter(ifp->if_serializer); 911 error = ifp->if_ioctl(ifp, SIOCSIFCAP, (caddr_t)&ifr, NULL); 912 lwkt_serialize_exit(ifp->if_serializer); 913 } 914 } 915 916 /* 917 * bridge_lookup_member: 918 * 919 * Lookup a bridge member interface. 920 */ 921 static struct bridge_iflist * 922 bridge_lookup_member(struct bridge_softc *sc, const char *name) 923 { 924 struct bridge_iflist *bif; 925 926 LIST_FOREACH(bif, &sc->sc_iflists[mycpuid], bif_next) { 927 if (strcmp(bif->bif_ifp->if_xname, name) == 0) 928 return (bif); 929 } 930 return (NULL); 931 } 932 933 /* 934 * bridge_lookup_member_if: 935 * 936 * Lookup a bridge member interface by ifnet*. 937 */ 938 static struct bridge_iflist * 939 bridge_lookup_member_if(struct bridge_softc *sc, struct ifnet *member_ifp) 940 { 941 struct bridge_iflist *bif; 942 943 LIST_FOREACH(bif, &sc->sc_iflists[mycpuid], bif_next) { 944 if (bif->bif_ifp == member_ifp) 945 return (bif); 946 } 947 return (NULL); 948 } 949 950 /* 951 * bridge_lookup_member_ifinfo: 952 * 953 * Lookup a bridge member interface by bridge_ifinfo. 954 */ 955 static struct bridge_iflist * 956 bridge_lookup_member_ifinfo(struct bridge_softc *sc, 957 struct bridge_ifinfo *bif_info) 958 { 959 struct bridge_iflist *bif; 960 961 LIST_FOREACH(bif, &sc->sc_iflists[mycpuid], bif_next) { 962 if (bif->bif_info == bif_info) 963 return (bif); 964 } 965 return (NULL); 966 } 967 968 /* 969 * bridge_delete_member: 970 * 971 * Delete the specified member interface. 972 */ 973 static void 974 bridge_delete_member(struct bridge_softc *sc, struct bridge_iflist *bif, 975 int gone) 976 { 977 struct ifnet *ifs = bif->bif_ifp; 978 struct ifnet *bifp = sc->sc_ifp; 979 struct bridge_ifinfo *bif_info = bif->bif_info; 980 struct bridge_iflist_head saved_bifs; 981 982 ASSERT_SERIALIZED(bifp->if_serializer); 983 KKASSERT(bif_info != NULL); 984 985 ifs->if_bridge = NULL; 986 987 /* 988 * Release bridge interface's serializer: 989 * - To avoid possible dead lock. 990 * - Various sync operation will block the current thread. 991 */ 992 lwkt_serialize_exit(bifp->if_serializer); 993 994 if (!gone) { 995 switch (ifs->if_type) { 996 case IFT_ETHER: 997 case IFT_L2VLAN: 998 /* 999 * Take the interface out of promiscuous mode. 1000 */ 1001 ifpromisc(ifs, 0); 1002 bridge_mutecaps(bif_info, ifs, 0); 1003 break; 1004 1005 case IFT_GIF: 1006 break; 1007 1008 default: 1009 panic("bridge_delete_member: impossible"); 1010 break; 1011 } 1012 } 1013 1014 /* 1015 * Remove bifs from percpu linked list. 1016 * 1017 * Removed bifs are not freed immediately, instead, 1018 * they are saved in saved_bifs. They will be freed 1019 * after we make sure that no one is accessing them, 1020 * i.e. after following netmsg_service_sync() 1021 */ 1022 LIST_INIT(&saved_bifs); 1023 bridge_del_bif(sc, bif_info, &saved_bifs); 1024 1025 /* 1026 * Make sure that all protocol threads: 1027 * o see 'ifs' if_bridge is changed 1028 * o know that bif is removed from the percpu linked list 1029 */ 1030 netmsg_service_sync(); 1031 1032 /* 1033 * Free the removed bifs 1034 */ 1035 KKASSERT(!LIST_EMPTY(&saved_bifs)); 1036 while ((bif = LIST_FIRST(&saved_bifs)) != NULL) { 1037 LIST_REMOVE(bif, bif_next); 1038 kfree(bif, M_DEVBUF); 1039 } 1040 1041 /* See the comment in bridge_ioctl_stop() */ 1042 bridge_rtmsg_sync(sc); 1043 bridge_rtdelete(sc, ifs, IFBF_FLUSHALL | IFBF_FLUSHSYNC); 1044 1045 lwkt_serialize_enter(bifp->if_serializer); 1046 1047 if (bifp->if_flags & IFF_RUNNING) 1048 bstp_initialization(sc); 1049 1050 /* 1051 * Free the bif_info after bstp_initialization(), so that 1052 * bridge_softc.sc_root_port will not reference a dangling 1053 * pointer. 1054 */ 1055 kfree(bif_info, M_DEVBUF); 1056 } 1057 1058 /* 1059 * bridge_delete_span: 1060 * 1061 * Delete the specified span interface. 1062 */ 1063 static void 1064 bridge_delete_span(struct bridge_softc *sc, struct bridge_iflist *bif) 1065 { 1066 KASSERT(bif->bif_ifp->if_bridge == NULL, 1067 ("%s: not a span interface", __func__)); 1068 1069 LIST_REMOVE(bif, bif_next); 1070 kfree(bif, M_DEVBUF); 1071 } 1072 1073 static int 1074 bridge_ioctl_init(struct bridge_softc *sc, void *arg __unused) 1075 { 1076 struct ifnet *ifp = sc->sc_ifp; 1077 1078 if (ifp->if_flags & IFF_RUNNING) 1079 return 0; 1080 1081 callout_reset(&sc->sc_brcallout, bridge_rtable_prune_period * hz, 1082 bridge_timer, sc); 1083 1084 ifp->if_flags |= IFF_RUNNING; 1085 bstp_initialization(sc); 1086 return 0; 1087 } 1088 1089 static int 1090 bridge_ioctl_stop(struct bridge_softc *sc, void *arg __unused) 1091 { 1092 struct ifnet *ifp = sc->sc_ifp; 1093 struct lwkt_msg *lmsg; 1094 1095 if ((ifp->if_flags & IFF_RUNNING) == 0) 1096 return 0; 1097 1098 callout_stop(&sc->sc_brcallout); 1099 1100 crit_enter(); 1101 lmsg = &sc->sc_brtimemsg.nm_lmsg; 1102 if ((lmsg->ms_flags & MSGF_DONE) == 0) { 1103 /* Pending to be processed; drop it */ 1104 lwkt_dropmsg(lmsg); 1105 } 1106 crit_exit(); 1107 1108 bstp_stop(sc); 1109 1110 ifp->if_flags &= ~IFF_RUNNING; 1111 1112 lwkt_serialize_exit(ifp->if_serializer); 1113 1114 /* Let everyone know that we are stopped */ 1115 netmsg_service_sync(); 1116 1117 /* 1118 * Sync ifnetX msgports in the order we forward rtnode 1119 * installation message. This is used to make sure that 1120 * all rtnode installation messages sent by bridge_rtupdate() 1121 * during above netmsg_service_sync() are flushed. 1122 */ 1123 bridge_rtmsg_sync(sc); 1124 bridge_rtflush(sc, IFBF_FLUSHDYN | IFBF_FLUSHSYNC); 1125 1126 lwkt_serialize_enter(ifp->if_serializer); 1127 return 0; 1128 } 1129 1130 static int 1131 bridge_ioctl_add(struct bridge_softc *sc, void *arg) 1132 { 1133 struct ifbreq *req = arg; 1134 struct bridge_iflist *bif; 1135 struct bridge_ifinfo *bif_info; 1136 struct ifnet *ifs, *bifp; 1137 int error = 0; 1138 1139 bifp = sc->sc_ifp; 1140 ASSERT_SERIALIZED(bifp->if_serializer); 1141 1142 ifs = ifunit(req->ifbr_ifsname); 1143 if (ifs == NULL) 1144 return (ENOENT); 1145 1146 /* If it's in the span list, it can't be a member. */ 1147 LIST_FOREACH(bif, &sc->sc_spanlist, bif_next) 1148 if (ifs == bif->bif_ifp) 1149 return (EBUSY); 1150 1151 /* Allow the first Ethernet member to define the MTU */ 1152 if (ifs->if_type != IFT_GIF) { 1153 if (LIST_EMPTY(&sc->sc_iflists[mycpuid])) { 1154 bifp->if_mtu = ifs->if_mtu; 1155 } else if (bifp->if_mtu != ifs->if_mtu) { 1156 if_printf(bifp, "invalid MTU for %s\n", ifs->if_xname); 1157 return (EINVAL); 1158 } 1159 } 1160 1161 if (ifs->if_bridge == sc) 1162 return (EEXIST); 1163 1164 if (ifs->if_bridge != NULL) 1165 return (EBUSY); 1166 1167 bif_info = kmalloc(sizeof(*bif_info), M_DEVBUF, M_WAITOK | M_ZERO); 1168 bif_info->bifi_priority = BSTP_DEFAULT_PORT_PRIORITY; 1169 bif_info->bifi_path_cost = BSTP_DEFAULT_PATH_COST; 1170 bif_info->bifi_ifp = ifs; 1171 1172 /* 1173 * Release bridge interface's serializer: 1174 * - To avoid possible dead lock. 1175 * - Various sync operation will block the current thread. 1176 */ 1177 lwkt_serialize_exit(bifp->if_serializer); 1178 1179 switch (ifs->if_type) { 1180 case IFT_ETHER: 1181 case IFT_L2VLAN: 1182 /* 1183 * Place the interface into promiscuous mode. 1184 */ 1185 error = ifpromisc(ifs, 1); 1186 if (error) { 1187 lwkt_serialize_enter(bifp->if_serializer); 1188 goto out; 1189 } 1190 bridge_mutecaps(bif_info, ifs, 1); 1191 break; 1192 1193 case IFT_GIF: /* :^) */ 1194 break; 1195 1196 default: 1197 error = EINVAL; 1198 lwkt_serialize_enter(bifp->if_serializer); 1199 goto out; 1200 } 1201 1202 /* 1203 * Add bifs to percpu linked lists 1204 */ 1205 bridge_add_bif(sc, bif_info, ifs); 1206 1207 lwkt_serialize_enter(bifp->if_serializer); 1208 1209 if (bifp->if_flags & IFF_RUNNING) 1210 bstp_initialization(sc); 1211 else 1212 bstp_stop(sc); 1213 1214 /* 1215 * Everything has been setup, so let the member interface 1216 * deliver packets to this bridge on its input/output path. 1217 */ 1218 ifs->if_bridge = sc; 1219 out: 1220 if (error) { 1221 if (bif_info != NULL) 1222 kfree(bif_info, M_DEVBUF); 1223 } 1224 return (error); 1225 } 1226 1227 static int 1228 bridge_ioctl_del(struct bridge_softc *sc, void *arg) 1229 { 1230 struct ifbreq *req = arg; 1231 struct bridge_iflist *bif; 1232 1233 bif = bridge_lookup_member(sc, req->ifbr_ifsname); 1234 if (bif == NULL) 1235 return (ENOENT); 1236 1237 bridge_delete_member(sc, bif, 0); 1238 1239 return (0); 1240 } 1241 1242 static int 1243 bridge_ioctl_gifflags(struct bridge_softc *sc, void *arg) 1244 { 1245 struct ifbreq *req = arg; 1246 struct bridge_iflist *bif; 1247 1248 bif = bridge_lookup_member(sc, req->ifbr_ifsname); 1249 if (bif == NULL) 1250 return (ENOENT); 1251 1252 req->ifbr_ifsflags = bif->bif_flags; 1253 req->ifbr_state = bif->bif_state; 1254 req->ifbr_priority = bif->bif_priority; 1255 req->ifbr_path_cost = bif->bif_path_cost; 1256 req->ifbr_portno = bif->bif_ifp->if_index & 0xff; 1257 1258 return (0); 1259 } 1260 1261 static int 1262 bridge_ioctl_sifflags(struct bridge_softc *sc, void *arg) 1263 { 1264 struct ifbreq *req = arg; 1265 struct bridge_iflist *bif; 1266 struct ifnet *bifp = sc->sc_ifp; 1267 1268 bif = bridge_lookup_member(sc, req->ifbr_ifsname); 1269 if (bif == NULL) 1270 return (ENOENT); 1271 1272 if (req->ifbr_ifsflags & IFBIF_SPAN) { 1273 /* SPAN is readonly */ 1274 return (EINVAL); 1275 } 1276 1277 if (req->ifbr_ifsflags & IFBIF_STP) { 1278 switch (bif->bif_ifp->if_type) { 1279 case IFT_ETHER: 1280 /* These can do spanning tree. */ 1281 break; 1282 1283 default: 1284 /* Nothing else can. */ 1285 return (EINVAL); 1286 } 1287 } 1288 1289 lwkt_serialize_exit(bifp->if_serializer); 1290 bridge_set_bifflags(sc, bif->bif_info, req->ifbr_ifsflags); 1291 lwkt_serialize_enter(bifp->if_serializer); 1292 1293 if (bifp->if_flags & IFF_RUNNING) 1294 bstp_initialization(sc); 1295 1296 return (0); 1297 } 1298 1299 static int 1300 bridge_ioctl_scache(struct bridge_softc *sc, void *arg) 1301 { 1302 struct ifbrparam *param = arg; 1303 struct ifnet *ifp = sc->sc_ifp; 1304 1305 sc->sc_brtmax = param->ifbrp_csize; 1306 1307 lwkt_serialize_exit(ifp->if_serializer); 1308 bridge_rttrim(sc); 1309 lwkt_serialize_enter(ifp->if_serializer); 1310 1311 return (0); 1312 } 1313 1314 static int 1315 bridge_ioctl_gcache(struct bridge_softc *sc, void *arg) 1316 { 1317 struct ifbrparam *param = arg; 1318 1319 param->ifbrp_csize = sc->sc_brtmax; 1320 1321 return (0); 1322 } 1323 1324 static int 1325 bridge_ioctl_gifs(struct bridge_softc *sc, void *arg) 1326 { 1327 struct bridge_control_arg *bc_arg = arg; 1328 struct ifbifconf *bifc = arg; 1329 struct bridge_iflist *bif; 1330 struct ifbreq *breq; 1331 int count, len; 1332 1333 count = 0; 1334 LIST_FOREACH(bif, &sc->sc_iflists[mycpuid], bif_next) 1335 count++; 1336 LIST_FOREACH(bif, &sc->sc_spanlist, bif_next) 1337 count++; 1338 1339 if (bifc->ifbic_len == 0) { 1340 bifc->ifbic_len = sizeof(*breq) * count; 1341 return 0; 1342 } else if (count == 0 || bifc->ifbic_len < sizeof(*breq)) { 1343 bifc->ifbic_len = 0; 1344 return 0; 1345 } 1346 1347 len = min(bifc->ifbic_len, sizeof(*breq) * count); 1348 KKASSERT(len >= sizeof(*breq)); 1349 1350 breq = kmalloc(len, M_TEMP, M_WAITOK | M_NULLOK | M_ZERO); 1351 if (breq == NULL) { 1352 bifc->ifbic_len = 0; 1353 return ENOMEM; 1354 } 1355 bc_arg->bca_kptr = breq; 1356 1357 count = 0; 1358 LIST_FOREACH(bif, &sc->sc_iflists[mycpuid], bif_next) { 1359 if (len < sizeof(*breq)) 1360 break; 1361 1362 strlcpy(breq->ifbr_ifsname, bif->bif_ifp->if_xname, 1363 sizeof(breq->ifbr_ifsname)); 1364 breq->ifbr_ifsflags = bif->bif_flags; 1365 breq->ifbr_state = bif->bif_state; 1366 breq->ifbr_priority = bif->bif_priority; 1367 breq->ifbr_path_cost = bif->bif_path_cost; 1368 breq->ifbr_portno = bif->bif_ifp->if_index & 0xff; 1369 breq++; 1370 count++; 1371 len -= sizeof(*breq); 1372 } 1373 LIST_FOREACH(bif, &sc->sc_spanlist, bif_next) { 1374 if (len < sizeof(*breq)) 1375 break; 1376 1377 strlcpy(breq->ifbr_ifsname, bif->bif_ifp->if_xname, 1378 sizeof(breq->ifbr_ifsname)); 1379 breq->ifbr_ifsflags = bif->bif_flags; 1380 breq->ifbr_portno = bif->bif_ifp->if_index & 0xff; 1381 breq++; 1382 count++; 1383 len -= sizeof(*breq); 1384 } 1385 1386 bifc->ifbic_len = sizeof(*breq) * count; 1387 KKASSERT(bifc->ifbic_len > 0); 1388 1389 bc_arg->bca_len = bifc->ifbic_len; 1390 bc_arg->bca_uptr = bifc->ifbic_req; 1391 return 0; 1392 } 1393 1394 static int 1395 bridge_ioctl_rts(struct bridge_softc *sc, void *arg) 1396 { 1397 struct bridge_control_arg *bc_arg = arg; 1398 struct ifbaconf *bac = arg; 1399 struct bridge_rtnode *brt; 1400 struct ifbareq *bareq; 1401 int count, len; 1402 1403 count = 0; 1404 LIST_FOREACH(brt, &sc->sc_rtlists[mycpuid], brt_list) 1405 count++; 1406 1407 if (bac->ifbac_len == 0) { 1408 bac->ifbac_len = sizeof(*bareq) * count; 1409 return 0; 1410 } else if (count == 0 || bac->ifbac_len < sizeof(*bareq)) { 1411 bac->ifbac_len = 0; 1412 return 0; 1413 } 1414 1415 len = min(bac->ifbac_len, sizeof(*bareq) * count); 1416 KKASSERT(len >= sizeof(*bareq)); 1417 1418 bareq = kmalloc(len, M_TEMP, M_WAITOK | M_NULLOK | M_ZERO); 1419 if (bareq == NULL) { 1420 bac->ifbac_len = 0; 1421 return ENOMEM; 1422 } 1423 bc_arg->bca_kptr = bareq; 1424 1425 count = 0; 1426 LIST_FOREACH(brt, &sc->sc_rtlists[mycpuid], brt_list) { 1427 struct bridge_rtinfo *bri = brt->brt_info; 1428 unsigned long expire; 1429 1430 if (len < sizeof(*bareq)) 1431 break; 1432 1433 strlcpy(bareq->ifba_ifsname, bri->bri_ifp->if_xname, 1434 sizeof(bareq->ifba_ifsname)); 1435 memcpy(bareq->ifba_dst, brt->brt_addr, sizeof(brt->brt_addr)); 1436 expire = bri->bri_expire; 1437 if ((bri->bri_flags & IFBAF_TYPEMASK) == IFBAF_DYNAMIC && 1438 time_second < expire) 1439 bareq->ifba_expire = expire - time_second; 1440 else 1441 bareq->ifba_expire = 0; 1442 bareq->ifba_flags = bri->bri_flags; 1443 bareq++; 1444 count++; 1445 len -= sizeof(*bareq); 1446 } 1447 1448 bac->ifbac_len = sizeof(*bareq) * count; 1449 KKASSERT(bac->ifbac_len > 0); 1450 1451 bc_arg->bca_len = bac->ifbac_len; 1452 bc_arg->bca_uptr = bac->ifbac_req; 1453 return 0; 1454 } 1455 1456 static int 1457 bridge_ioctl_saddr(struct bridge_softc *sc, void *arg) 1458 { 1459 struct ifbareq *req = arg; 1460 struct bridge_iflist *bif; 1461 struct ifnet *ifp = sc->sc_ifp; 1462 int error; 1463 1464 ASSERT_SERIALIZED(ifp->if_serializer); 1465 1466 bif = bridge_lookup_member(sc, req->ifba_ifsname); 1467 if (bif == NULL) 1468 return (ENOENT); 1469 1470 lwkt_serialize_exit(ifp->if_serializer); 1471 error = bridge_rtsaddr(sc, req->ifba_dst, bif->bif_ifp, 1472 req->ifba_flags); 1473 lwkt_serialize_enter(ifp->if_serializer); 1474 return (error); 1475 } 1476 1477 static int 1478 bridge_ioctl_sto(struct bridge_softc *sc, void *arg) 1479 { 1480 struct ifbrparam *param = arg; 1481 1482 sc->sc_brttimeout = param->ifbrp_ctime; 1483 1484 return (0); 1485 } 1486 1487 static int 1488 bridge_ioctl_gto(struct bridge_softc *sc, void *arg) 1489 { 1490 struct ifbrparam *param = arg; 1491 1492 param->ifbrp_ctime = sc->sc_brttimeout; 1493 1494 return (0); 1495 } 1496 1497 static int 1498 bridge_ioctl_daddr(struct bridge_softc *sc, void *arg) 1499 { 1500 struct ifbareq *req = arg; 1501 struct ifnet *ifp = sc->sc_ifp; 1502 int error; 1503 1504 lwkt_serialize_exit(ifp->if_serializer); 1505 error = bridge_rtdaddr(sc, req->ifba_dst); 1506 lwkt_serialize_enter(ifp->if_serializer); 1507 return error; 1508 } 1509 1510 static int 1511 bridge_ioctl_flush(struct bridge_softc *sc, void *arg) 1512 { 1513 struct ifbreq *req = arg; 1514 struct ifnet *ifp = sc->sc_ifp; 1515 1516 lwkt_serialize_exit(ifp->if_serializer); 1517 bridge_rtflush(sc, req->ifbr_ifsflags | IFBF_FLUSHSYNC); 1518 lwkt_serialize_enter(ifp->if_serializer); 1519 1520 return (0); 1521 } 1522 1523 static int 1524 bridge_ioctl_gpri(struct bridge_softc *sc, void *arg) 1525 { 1526 struct ifbrparam *param = arg; 1527 1528 param->ifbrp_prio = sc->sc_bridge_priority; 1529 1530 return (0); 1531 } 1532 1533 static int 1534 bridge_ioctl_spri(struct bridge_softc *sc, void *arg) 1535 { 1536 struct ifbrparam *param = arg; 1537 1538 sc->sc_bridge_priority = param->ifbrp_prio; 1539 1540 if (sc->sc_ifp->if_flags & IFF_RUNNING) 1541 bstp_initialization(sc); 1542 1543 return (0); 1544 } 1545 1546 static int 1547 bridge_ioctl_ght(struct bridge_softc *sc, void *arg) 1548 { 1549 struct ifbrparam *param = arg; 1550 1551 param->ifbrp_hellotime = sc->sc_bridge_hello_time >> 8; 1552 1553 return (0); 1554 } 1555 1556 static int 1557 bridge_ioctl_sht(struct bridge_softc *sc, void *arg) 1558 { 1559 struct ifbrparam *param = arg; 1560 1561 if (param->ifbrp_hellotime == 0) 1562 return (EINVAL); 1563 sc->sc_bridge_hello_time = param->ifbrp_hellotime << 8; 1564 1565 if (sc->sc_ifp->if_flags & IFF_RUNNING) 1566 bstp_initialization(sc); 1567 1568 return (0); 1569 } 1570 1571 static int 1572 bridge_ioctl_gfd(struct bridge_softc *sc, void *arg) 1573 { 1574 struct ifbrparam *param = arg; 1575 1576 param->ifbrp_fwddelay = sc->sc_bridge_forward_delay >> 8; 1577 1578 return (0); 1579 } 1580 1581 static int 1582 bridge_ioctl_sfd(struct bridge_softc *sc, void *arg) 1583 { 1584 struct ifbrparam *param = arg; 1585 1586 if (param->ifbrp_fwddelay == 0) 1587 return (EINVAL); 1588 sc->sc_bridge_forward_delay = param->ifbrp_fwddelay << 8; 1589 1590 if (sc->sc_ifp->if_flags & IFF_RUNNING) 1591 bstp_initialization(sc); 1592 1593 return (0); 1594 } 1595 1596 static int 1597 bridge_ioctl_gma(struct bridge_softc *sc, void *arg) 1598 { 1599 struct ifbrparam *param = arg; 1600 1601 param->ifbrp_maxage = sc->sc_bridge_max_age >> 8; 1602 1603 return (0); 1604 } 1605 1606 static int 1607 bridge_ioctl_sma(struct bridge_softc *sc, void *arg) 1608 { 1609 struct ifbrparam *param = arg; 1610 1611 if (param->ifbrp_maxage == 0) 1612 return (EINVAL); 1613 sc->sc_bridge_max_age = param->ifbrp_maxage << 8; 1614 1615 if (sc->sc_ifp->if_flags & IFF_RUNNING) 1616 bstp_initialization(sc); 1617 1618 return (0); 1619 } 1620 1621 static int 1622 bridge_ioctl_sifprio(struct bridge_softc *sc, void *arg) 1623 { 1624 struct ifbreq *req = arg; 1625 struct bridge_iflist *bif; 1626 1627 bif = bridge_lookup_member(sc, req->ifbr_ifsname); 1628 if (bif == NULL) 1629 return (ENOENT); 1630 1631 bif->bif_priority = req->ifbr_priority; 1632 1633 if (sc->sc_ifp->if_flags & IFF_RUNNING) 1634 bstp_initialization(sc); 1635 1636 return (0); 1637 } 1638 1639 static int 1640 bridge_ioctl_sifcost(struct bridge_softc *sc, void *arg) 1641 { 1642 struct ifbreq *req = arg; 1643 struct bridge_iflist *bif; 1644 1645 bif = bridge_lookup_member(sc, req->ifbr_ifsname); 1646 if (bif == NULL) 1647 return (ENOENT); 1648 1649 bif->bif_path_cost = req->ifbr_path_cost; 1650 1651 if (sc->sc_ifp->if_flags & IFF_RUNNING) 1652 bstp_initialization(sc); 1653 1654 return (0); 1655 } 1656 1657 static int 1658 bridge_ioctl_addspan(struct bridge_softc *sc, void *arg) 1659 { 1660 struct ifbreq *req = arg; 1661 struct bridge_iflist *bif; 1662 struct ifnet *ifs; 1663 1664 ifs = ifunit(req->ifbr_ifsname); 1665 if (ifs == NULL) 1666 return (ENOENT); 1667 1668 LIST_FOREACH(bif, &sc->sc_spanlist, bif_next) 1669 if (ifs == bif->bif_ifp) 1670 return (EBUSY); 1671 1672 if (ifs->if_bridge != NULL) 1673 return (EBUSY); 1674 1675 switch (ifs->if_type) { 1676 case IFT_ETHER: 1677 case IFT_GIF: 1678 case IFT_L2VLAN: 1679 break; 1680 1681 default: 1682 return (EINVAL); 1683 } 1684 1685 bif = kmalloc(sizeof(*bif), M_DEVBUF, M_WAITOK | M_ZERO); 1686 bif->bif_ifp = ifs; 1687 bif->bif_flags = IFBIF_SPAN; 1688 /* NOTE: span bif does not need bridge_ifinfo */ 1689 1690 LIST_INSERT_HEAD(&sc->sc_spanlist, bif, bif_next); 1691 1692 sc->sc_span = 1; 1693 1694 return (0); 1695 } 1696 1697 static int 1698 bridge_ioctl_delspan(struct bridge_softc *sc, void *arg) 1699 { 1700 struct ifbreq *req = arg; 1701 struct bridge_iflist *bif; 1702 struct ifnet *ifs; 1703 1704 ifs = ifunit(req->ifbr_ifsname); 1705 if (ifs == NULL) 1706 return (ENOENT); 1707 1708 LIST_FOREACH(bif, &sc->sc_spanlist, bif_next) 1709 if (ifs == bif->bif_ifp) 1710 break; 1711 1712 if (bif == NULL) 1713 return (ENOENT); 1714 1715 bridge_delete_span(sc, bif); 1716 1717 if (LIST_EMPTY(&sc->sc_spanlist)) 1718 sc->sc_span = 0; 1719 1720 return (0); 1721 } 1722 1723 static void 1724 bridge_ifdetach_dispatch(struct netmsg *nmsg) 1725 { 1726 struct lwkt_msg *lmsg = &nmsg->nm_lmsg; 1727 struct ifnet *ifp, *bifp; 1728 struct bridge_softc *sc; 1729 struct bridge_iflist *bif; 1730 1731 ifp = lmsg->u.ms_resultp; 1732 sc = ifp->if_bridge; 1733 1734 /* Check if the interface is a bridge member */ 1735 if (sc != NULL) { 1736 bifp = sc->sc_ifp; 1737 1738 lwkt_serialize_enter(bifp->if_serializer); 1739 1740 bif = bridge_lookup_member_if(sc, ifp); 1741 if (bif != NULL) { 1742 bridge_delete_member(sc, bif, 1); 1743 } else { 1744 /* XXX Why bif will be NULL? */ 1745 } 1746 1747 lwkt_serialize_exit(bifp->if_serializer); 1748 goto reply; 1749 } 1750 1751 crit_enter(); /* XXX MP */ 1752 1753 /* Check if the interface is a span port */ 1754 LIST_FOREACH(sc, &bridge_list, sc_list) { 1755 bifp = sc->sc_ifp; 1756 1757 lwkt_serialize_enter(bifp->if_serializer); 1758 1759 LIST_FOREACH(bif, &sc->sc_spanlist, bif_next) 1760 if (ifp == bif->bif_ifp) { 1761 bridge_delete_span(sc, bif); 1762 break; 1763 } 1764 1765 lwkt_serialize_exit(bifp->if_serializer); 1766 } 1767 1768 crit_exit(); 1769 1770 reply: 1771 lwkt_replymsg(lmsg, 0); 1772 } 1773 1774 /* 1775 * bridge_ifdetach: 1776 * 1777 * Detach an interface from a bridge. Called when a member 1778 * interface is detaching. 1779 */ 1780 static void 1781 bridge_ifdetach(void *arg __unused, struct ifnet *ifp) 1782 { 1783 struct lwkt_msg *lmsg; 1784 struct netmsg nmsg; 1785 1786 netmsg_init(&nmsg, &curthread->td_msgport, 0, bridge_ifdetach_dispatch); 1787 lmsg = &nmsg.nm_lmsg; 1788 lmsg->u.ms_resultp = ifp; 1789 1790 lwkt_domsg(BRIDGE_CFGPORT, lmsg, 0); 1791 } 1792 1793 /* 1794 * bridge_init: 1795 * 1796 * Initialize a bridge interface. 1797 */ 1798 static void 1799 bridge_init(void *xsc) 1800 { 1801 bridge_control(xsc, SIOCSIFFLAGS, bridge_ioctl_init, NULL); 1802 } 1803 1804 /* 1805 * bridge_stop: 1806 * 1807 * Stop the bridge interface. 1808 */ 1809 static void 1810 bridge_stop(struct ifnet *ifp) 1811 { 1812 bridge_control(ifp->if_softc, SIOCSIFFLAGS, bridge_ioctl_stop, NULL); 1813 } 1814 1815 /* 1816 * bridge_enqueue: 1817 * 1818 * Enqueue a packet on a bridge member interface. 1819 * 1820 */ 1821 void 1822 bridge_enqueue(struct ifnet *dst_ifp, struct mbuf *m) 1823 { 1824 struct netmsg_packet *nmp; 1825 1826 nmp = &m->m_hdr.mh_netmsg; 1827 netmsg_init(&nmp->nm_netmsg, &netisr_apanic_rport, 0, 1828 bridge_enqueue_handler); 1829 nmp->nm_packet = m; 1830 nmp->nm_netmsg.nm_lmsg.u.ms_resultp = dst_ifp; 1831 1832 lwkt_sendmsg(curnetport, &nmp->nm_netmsg.nm_lmsg); 1833 } 1834 1835 /* 1836 * bridge_output: 1837 * 1838 * Send output from a bridge member interface. This 1839 * performs the bridging function for locally originated 1840 * packets. 1841 * 1842 * The mbuf has the Ethernet header already attached. We must 1843 * enqueue or free the mbuf before returning. 1844 */ 1845 static int 1846 bridge_output(struct ifnet *ifp, struct mbuf *m) 1847 { 1848 struct bridge_softc *sc = ifp->if_bridge; 1849 struct ether_header *eh; 1850 struct ifnet *dst_if, *bifp; 1851 1852 ASSERT_NOT_SERIALIZED(ifp->if_serializer); 1853 1854 /* 1855 * Make sure that we are still a member of a bridge interface. 1856 */ 1857 if (sc == NULL) { 1858 m_freem(m); 1859 return (0); 1860 } 1861 bifp = sc->sc_ifp; 1862 1863 if (m->m_len < ETHER_HDR_LEN) { 1864 m = m_pullup(m, ETHER_HDR_LEN); 1865 if (m == NULL) 1866 return (0); 1867 } 1868 eh = mtod(m, struct ether_header *); 1869 1870 /* 1871 * If bridge is down, but the original output interface is up, 1872 * go ahead and send out that interface. Otherwise, the packet 1873 * is dropped below. 1874 */ 1875 if ((bifp->if_flags & IFF_RUNNING) == 0) { 1876 dst_if = ifp; 1877 goto sendunicast; 1878 } 1879 1880 /* 1881 * If the packet is a multicast, or we don't know a better way to 1882 * get there, send to all interfaces. 1883 */ 1884 if (ETHER_IS_MULTICAST(eh->ether_dhost)) 1885 dst_if = NULL; 1886 else 1887 dst_if = bridge_rtlookup(sc, eh->ether_dhost); 1888 if (dst_if == NULL) { 1889 struct bridge_iflist *bif, *nbif; 1890 struct mbuf *mc; 1891 int used = 0; 1892 1893 if (sc->sc_span) 1894 bridge_span(sc, m); 1895 1896 LIST_FOREACH_MUTABLE(bif, &sc->sc_iflists[mycpuid], 1897 bif_next, nbif) { 1898 dst_if = bif->bif_ifp; 1899 if ((dst_if->if_flags & IFF_RUNNING) == 0) 1900 continue; 1901 1902 /* 1903 * If this is not the original output interface, 1904 * and the interface is participating in spanning 1905 * tree, make sure the port is in a state that 1906 * allows forwarding. 1907 */ 1908 if (dst_if != ifp && 1909 (bif->bif_flags & IFBIF_STP) != 0) { 1910 switch (bif->bif_state) { 1911 case BSTP_IFSTATE_BLOCKING: 1912 case BSTP_IFSTATE_LISTENING: 1913 case BSTP_IFSTATE_DISABLED: 1914 continue; 1915 } 1916 } 1917 1918 if (LIST_NEXT(bif, bif_next) == NULL) { 1919 used = 1; 1920 mc = m; 1921 } else { 1922 mc = m_copypacket(m, MB_DONTWAIT); 1923 if (mc == NULL) { 1924 bifp->if_oerrors++; 1925 continue; 1926 } 1927 } 1928 bridge_handoff(dst_if, mc); 1929 1930 if (nbif != NULL && !nbif->bif_onlist) { 1931 KKASSERT(bif->bif_onlist); 1932 nbif = LIST_NEXT(bif, bif_next); 1933 } 1934 } 1935 if (used == 0) 1936 m_freem(m); 1937 return (0); 1938 } 1939 1940 sendunicast: 1941 /* 1942 * XXX Spanning tree consideration here? 1943 */ 1944 if (sc->sc_span) 1945 bridge_span(sc, m); 1946 if ((dst_if->if_flags & IFF_RUNNING) == 0) 1947 m_freem(m); 1948 else 1949 bridge_handoff(dst_if, m); 1950 return (0); 1951 } 1952 1953 /* 1954 * bridge_start: 1955 * 1956 * Start output on a bridge. 1957 * 1958 */ 1959 static void 1960 bridge_start(struct ifnet *ifp) 1961 { 1962 struct bridge_softc *sc = ifp->if_softc; 1963 1964 ASSERT_SERIALIZED(ifp->if_serializer); 1965 1966 ifp->if_flags |= IFF_OACTIVE; 1967 for (;;) { 1968 struct ifnet *dst_if = NULL; 1969 struct ether_header *eh; 1970 struct mbuf *m; 1971 1972 m = ifq_dequeue(&ifp->if_snd, NULL); 1973 if (m == NULL) 1974 break; 1975 1976 if (m->m_len < sizeof(*eh)) { 1977 m = m_pullup(m, sizeof(*eh)); 1978 if (m == NULL) { 1979 ifp->if_oerrors++; 1980 continue; 1981 } 1982 } 1983 eh = mtod(m, struct ether_header *); 1984 1985 BPF_MTAP(ifp, m); 1986 ifp->if_opackets++; 1987 1988 if ((m->m_flags & (M_BCAST|M_MCAST)) == 0) 1989 dst_if = bridge_rtlookup(sc, eh->ether_dhost); 1990 1991 if (dst_if == NULL) 1992 bridge_start_bcast(sc, m); 1993 else 1994 bridge_enqueue(dst_if, m); 1995 } 1996 ifp->if_flags &= ~IFF_OACTIVE; 1997 } 1998 1999 /* 2000 * bridge_forward: 2001 * 2002 * The forwarding function of the bridge. 2003 */ 2004 static void 2005 bridge_forward(struct bridge_softc *sc, struct mbuf *m) 2006 { 2007 struct bridge_iflist *bif; 2008 struct ifnet *src_if, *dst_if, *ifp; 2009 struct ether_header *eh; 2010 2011 src_if = m->m_pkthdr.rcvif; 2012 ifp = sc->sc_ifp; 2013 2014 ASSERT_NOT_SERIALIZED(ifp->if_serializer); 2015 2016 ifp->if_ipackets++; 2017 ifp->if_ibytes += m->m_pkthdr.len; 2018 2019 /* 2020 * Look up the bridge_iflist. 2021 */ 2022 bif = bridge_lookup_member_if(sc, src_if); 2023 if (bif == NULL) { 2024 /* Interface is not a bridge member (anymore?) */ 2025 m_freem(m); 2026 return; 2027 } 2028 2029 if (bif->bif_flags & IFBIF_STP) { 2030 switch (bif->bif_state) { 2031 case BSTP_IFSTATE_BLOCKING: 2032 case BSTP_IFSTATE_LISTENING: 2033 case BSTP_IFSTATE_DISABLED: 2034 m_freem(m); 2035 return; 2036 } 2037 } 2038 2039 eh = mtod(m, struct ether_header *); 2040 2041 /* 2042 * If the interface is learning, and the source 2043 * address is valid and not multicast, record 2044 * the address. 2045 */ 2046 if ((bif->bif_flags & IFBIF_LEARNING) != 0 && 2047 ETHER_IS_MULTICAST(eh->ether_shost) == 0 && 2048 (eh->ether_shost[0] == 0 && 2049 eh->ether_shost[1] == 0 && 2050 eh->ether_shost[2] == 0 && 2051 eh->ether_shost[3] == 0 && 2052 eh->ether_shost[4] == 0 && 2053 eh->ether_shost[5] == 0) == 0) 2054 bridge_rtupdate(sc, eh->ether_shost, src_if, IFBAF_DYNAMIC); 2055 2056 if ((bif->bif_flags & IFBIF_STP) != 0 && 2057 bif->bif_state == BSTP_IFSTATE_LEARNING) { 2058 m_freem(m); 2059 return; 2060 } 2061 2062 /* 2063 * At this point, the port either doesn't participate 2064 * in spanning tree or it is in the forwarding state. 2065 */ 2066 2067 /* 2068 * If the packet is unicast, destined for someone on 2069 * "this" side of the bridge, drop it. 2070 */ 2071 if ((m->m_flags & (M_BCAST|M_MCAST)) == 0) { 2072 dst_if = bridge_rtlookup(sc, eh->ether_dhost); 2073 if (src_if == dst_if) { 2074 m_freem(m); 2075 return; 2076 } 2077 } else { 2078 /* ...forward it to all interfaces. */ 2079 ifp->if_imcasts++; 2080 dst_if = NULL; 2081 } 2082 2083 if (dst_if == NULL) { 2084 bridge_broadcast(sc, src_if, m); 2085 return; 2086 } 2087 2088 /* 2089 * At this point, we're dealing with a unicast frame 2090 * going to a different interface. 2091 */ 2092 if ((dst_if->if_flags & IFF_RUNNING) == 0) { 2093 m_freem(m); 2094 return; 2095 } 2096 bif = bridge_lookup_member_if(sc, dst_if); 2097 if (bif == NULL) { 2098 /* Not a member of the bridge (anymore?) */ 2099 m_freem(m); 2100 return; 2101 } 2102 2103 if (bif->bif_flags & IFBIF_STP) { 2104 switch (bif->bif_state) { 2105 case BSTP_IFSTATE_DISABLED: 2106 case BSTP_IFSTATE_BLOCKING: 2107 m_freem(m); 2108 return; 2109 } 2110 } 2111 2112 if (inet_pfil_hook.ph_hashooks > 0 2113 #ifdef INET6 2114 || inet6_pfil_hook.ph_hashooks > 0 2115 #endif 2116 ) { 2117 if (bridge_pfil(&m, ifp, src_if, PFIL_IN) != 0) 2118 return; 2119 if (m == NULL) 2120 return; 2121 2122 if (bridge_pfil(&m, ifp, dst_if, PFIL_OUT) != 0) 2123 return; 2124 if (m == NULL) 2125 return; 2126 } 2127 bridge_handoff(dst_if, m); 2128 } 2129 2130 /* 2131 * bridge_input: 2132 * 2133 * Receive input from a member interface. Queue the packet for 2134 * bridging if it is not for us. 2135 */ 2136 static struct mbuf * 2137 bridge_input(struct ifnet *ifp, struct mbuf *m) 2138 { 2139 struct bridge_softc *sc = ifp->if_bridge; 2140 struct bridge_iflist *bif; 2141 struct ifnet *bifp, *new_ifp; 2142 struct ether_header *eh; 2143 struct mbuf *mc, *mc2; 2144 2145 ASSERT_NOT_SERIALIZED(ifp->if_serializer); 2146 2147 /* 2148 * Make sure that we are still a member of a bridge interface. 2149 */ 2150 if (sc == NULL) 2151 return m; 2152 2153 new_ifp = NULL; 2154 bifp = sc->sc_ifp; 2155 2156 if ((bifp->if_flags & IFF_RUNNING) == 0) 2157 goto out; 2158 2159 /* 2160 * Implement support for bridge monitoring. If this flag has been 2161 * set on this interface, discard the packet once we push it through 2162 * the bpf(4) machinery, but before we do, increment various counters 2163 * associated with this bridge. 2164 */ 2165 if (bifp->if_flags & IFF_MONITOR) { 2166 /* Change input interface to this bridge */ 2167 m->m_pkthdr.rcvif = bifp; 2168 2169 BPF_MTAP(bifp, m); 2170 2171 /* Update bridge's ifnet statistics */ 2172 bifp->if_ipackets++; 2173 bifp->if_ibytes += m->m_pkthdr.len; 2174 if (m->m_flags & (M_MCAST | M_BCAST)) 2175 bifp->if_imcasts++; 2176 2177 m_freem(m); 2178 m = NULL; 2179 goto out; 2180 } 2181 2182 eh = mtod(m, struct ether_header *); 2183 2184 if (memcmp(eh->ether_dhost, IF_LLADDR(bifp), ETHER_ADDR_LEN) == 0) { 2185 /* 2186 * If the packet is for us, set the packets source as the 2187 * bridge, and return the packet back to ifnet.if_input for 2188 * local processing. 2189 */ 2190 KASSERT(bifp->if_bridge == NULL, 2191 ("loop created in bridge_input")); 2192 new_ifp = bifp; 2193 goto out; 2194 } 2195 2196 /* 2197 * Tap all packets arriving on the bridge, no matter if 2198 * they are local destinations or not. In is in. 2199 */ 2200 BPF_MTAP(bifp, m); 2201 2202 bif = bridge_lookup_member_if(sc, ifp); 2203 if (bif == NULL) 2204 goto out; 2205 2206 if (sc->sc_span) 2207 bridge_span(sc, m); 2208 2209 if (m->m_flags & (M_BCAST | M_MCAST)) { 2210 /* Tap off 802.1D packets; they do not get forwarded. */ 2211 if (memcmp(eh->ether_dhost, bstp_etheraddr, 2212 ETHER_ADDR_LEN) == 0) { 2213 lwkt_serialize_enter(bifp->if_serializer); 2214 bstp_input(sc, bif, m); 2215 lwkt_serialize_exit(bifp->if_serializer); 2216 2217 /* m is freed by bstp_input */ 2218 m = NULL; 2219 goto out; 2220 } 2221 2222 if (bif->bif_flags & IFBIF_STP) { 2223 switch (bif->bif_state) { 2224 case BSTP_IFSTATE_BLOCKING: 2225 case BSTP_IFSTATE_LISTENING: 2226 case BSTP_IFSTATE_DISABLED: 2227 goto out; 2228 } 2229 } 2230 2231 /* 2232 * Make a deep copy of the packet and enqueue the copy 2233 * for bridge processing; return the original packet for 2234 * local processing. 2235 */ 2236 mc = m_dup(m, MB_DONTWAIT); 2237 if (mc == NULL) 2238 goto out; 2239 2240 bridge_forward(sc, mc); 2241 2242 /* 2243 * Reinject the mbuf as arriving on the bridge so we have a 2244 * chance at claiming multicast packets. We can not loop back 2245 * here from ether_input as a bridge is never a member of a 2246 * bridge. 2247 */ 2248 KASSERT(bifp->if_bridge == NULL, 2249 ("loop created in bridge_input")); 2250 mc2 = m_dup(m, MB_DONTWAIT); 2251 #ifdef notyet 2252 if (mc2 != NULL) { 2253 /* Keep the layer3 header aligned */ 2254 int i = min(mc2->m_pkthdr.len, max_protohdr); 2255 mc2 = m_copyup(mc2, i, ETHER_ALIGN); 2256 } 2257 #endif 2258 if (mc2 != NULL) { 2259 /* 2260 * Don't tap to bpf(4) again; we have 2261 * already done the tapping. 2262 */ 2263 ether_reinput_oncpu(bifp, mc2, 0); 2264 } 2265 2266 /* Return the original packet for local processing. */ 2267 goto out; 2268 } 2269 2270 if (bif->bif_flags & IFBIF_STP) { 2271 switch (bif->bif_state) { 2272 case BSTP_IFSTATE_BLOCKING: 2273 case BSTP_IFSTATE_LISTENING: 2274 case BSTP_IFSTATE_DISABLED: 2275 goto out; 2276 } 2277 } 2278 2279 /* 2280 * Unicast. Make sure it's not for us. 2281 * 2282 * This loop is MPSAFE; the only blocking operation (bridge_rtupdate) 2283 * is followed by breaking out of the loop. 2284 */ 2285 LIST_FOREACH(bif, &sc->sc_iflists[mycpuid], bif_next) { 2286 if (bif->bif_ifp->if_type != IFT_ETHER) 2287 continue; 2288 2289 /* It is destined for us. */ 2290 if (memcmp(IF_LLADDR(bif->bif_ifp), eh->ether_dhost, 2291 ETHER_ADDR_LEN) == 0) { 2292 if (bif->bif_ifp != ifp) { 2293 /* XXX loop prevention */ 2294 m->m_flags |= M_ETHER_BRIDGED; 2295 new_ifp = bif->bif_ifp; 2296 } 2297 if (bif->bif_flags & IFBIF_LEARNING) { 2298 bridge_rtupdate(sc, eh->ether_shost, 2299 ifp, IFBAF_DYNAMIC); 2300 } 2301 goto out; 2302 } 2303 2304 /* We just received a packet that we sent out. */ 2305 if (memcmp(IF_LLADDR(bif->bif_ifp), eh->ether_shost, 2306 ETHER_ADDR_LEN) == 0) { 2307 m_freem(m); 2308 m = NULL; 2309 goto out; 2310 } 2311 } 2312 2313 /* Perform the bridge forwarding function. */ 2314 bridge_forward(sc, m); 2315 m = NULL; 2316 out: 2317 if (new_ifp != NULL) { 2318 ether_reinput_oncpu(new_ifp, m, 1); 2319 m = NULL; 2320 } 2321 return (m); 2322 } 2323 2324 /* 2325 * bridge_start_bcast: 2326 * 2327 * Broadcast the packet sent from bridge to all member 2328 * interfaces. 2329 * This is a simplified version of bridge_broadcast(), however, 2330 * this function expects caller to hold bridge's serializer. 2331 */ 2332 static void 2333 bridge_start_bcast(struct bridge_softc *sc, struct mbuf *m) 2334 { 2335 struct bridge_iflist *bif; 2336 struct mbuf *mc; 2337 struct ifnet *dst_if, *bifp; 2338 int used = 0; 2339 2340 bifp = sc->sc_ifp; 2341 ASSERT_SERIALIZED(bifp->if_serializer); 2342 2343 /* 2344 * Following loop is MPSAFE; nothing is blocking 2345 * in the loop body. 2346 */ 2347 LIST_FOREACH(bif, &sc->sc_iflists[mycpuid], bif_next) { 2348 dst_if = bif->bif_ifp; 2349 2350 if (bif->bif_flags & IFBIF_STP) { 2351 switch (bif->bif_state) { 2352 case BSTP_IFSTATE_BLOCKING: 2353 case BSTP_IFSTATE_DISABLED: 2354 continue; 2355 } 2356 } 2357 2358 if ((bif->bif_flags & IFBIF_DISCOVER) == 0 && 2359 (m->m_flags & (M_BCAST|M_MCAST)) == 0) 2360 continue; 2361 2362 if ((dst_if->if_flags & IFF_RUNNING) == 0) 2363 continue; 2364 2365 if (LIST_NEXT(bif, bif_next) == NULL) { 2366 mc = m; 2367 used = 1; 2368 } else { 2369 mc = m_copypacket(m, MB_DONTWAIT); 2370 if (mc == NULL) { 2371 bifp->if_oerrors++; 2372 continue; 2373 } 2374 } 2375 bridge_enqueue(dst_if, mc); 2376 } 2377 if (used == 0) 2378 m_freem(m); 2379 } 2380 2381 /* 2382 * bridge_broadcast: 2383 * 2384 * Send a frame to all interfaces that are members of 2385 * the bridge, except for the one on which the packet 2386 * arrived. 2387 */ 2388 static void 2389 bridge_broadcast(struct bridge_softc *sc, struct ifnet *src_if, 2390 struct mbuf *m) 2391 { 2392 struct bridge_iflist *bif, *nbif; 2393 struct mbuf *mc; 2394 struct ifnet *dst_if, *bifp; 2395 int used = 0; 2396 2397 bifp = sc->sc_ifp; 2398 ASSERT_NOT_SERIALIZED(bifp->if_serializer); 2399 2400 if (inet_pfil_hook.ph_hashooks > 0 2401 #ifdef INET6 2402 || inet6_pfil_hook.ph_hashooks > 0 2403 #endif 2404 ) { 2405 if (bridge_pfil(&m, bifp, src_if, PFIL_IN) != 0) 2406 return; 2407 if (m == NULL) 2408 return; 2409 2410 /* Filter on the bridge interface before broadcasting */ 2411 if (bridge_pfil(&m, bifp, NULL, PFIL_OUT) != 0) 2412 return; 2413 if (m == NULL) 2414 return; 2415 } 2416 2417 LIST_FOREACH_MUTABLE(bif, &sc->sc_iflists[mycpuid], bif_next, nbif) { 2418 dst_if = bif->bif_ifp; 2419 if (dst_if == src_if) 2420 continue; 2421 2422 if (bif->bif_flags & IFBIF_STP) { 2423 switch (bif->bif_state) { 2424 case BSTP_IFSTATE_BLOCKING: 2425 case BSTP_IFSTATE_DISABLED: 2426 continue; 2427 } 2428 } 2429 2430 if ((bif->bif_flags & IFBIF_DISCOVER) == 0 && 2431 (m->m_flags & (M_BCAST|M_MCAST)) == 0) 2432 continue; 2433 2434 if ((dst_if->if_flags & IFF_RUNNING) == 0) 2435 continue; 2436 2437 if (LIST_NEXT(bif, bif_next) == NULL) { 2438 mc = m; 2439 used = 1; 2440 } else { 2441 mc = m_copypacket(m, MB_DONTWAIT); 2442 if (mc == NULL) { 2443 sc->sc_ifp->if_oerrors++; 2444 continue; 2445 } 2446 } 2447 2448 /* 2449 * Filter on the output interface. Pass a NULL bridge 2450 * interface pointer so we do not redundantly filter on 2451 * the bridge for each interface we broadcast on. 2452 */ 2453 if (inet_pfil_hook.ph_hashooks > 0 2454 #ifdef INET6 2455 || inet6_pfil_hook.ph_hashooks > 0 2456 #endif 2457 ) { 2458 if (bridge_pfil(&mc, NULL, dst_if, PFIL_OUT) != 0) 2459 continue; 2460 if (mc == NULL) 2461 continue; 2462 } 2463 bridge_handoff(dst_if, mc); 2464 2465 if (nbif != NULL && !nbif->bif_onlist) { 2466 KKASSERT(bif->bif_onlist); 2467 nbif = LIST_NEXT(bif, bif_next); 2468 } 2469 } 2470 if (used == 0) 2471 m_freem(m); 2472 } 2473 2474 /* 2475 * bridge_span: 2476 * 2477 * Duplicate a packet out one or more interfaces that are in span mode, 2478 * the original mbuf is unmodified. 2479 */ 2480 static void 2481 bridge_span(struct bridge_softc *sc, struct mbuf *m) 2482 { 2483 struct bridge_iflist *bif; 2484 struct ifnet *dst_if, *bifp; 2485 struct mbuf *mc; 2486 2487 bifp = sc->sc_ifp; 2488 lwkt_serialize_enter(bifp->if_serializer); 2489 2490 LIST_FOREACH(bif, &sc->sc_spanlist, bif_next) { 2491 dst_if = bif->bif_ifp; 2492 2493 if ((dst_if->if_flags & IFF_RUNNING) == 0) 2494 continue; 2495 2496 mc = m_copypacket(m, MB_DONTWAIT); 2497 if (mc == NULL) { 2498 sc->sc_ifp->if_oerrors++; 2499 continue; 2500 } 2501 bridge_enqueue(dst_if, mc); 2502 } 2503 2504 lwkt_serialize_exit(bifp->if_serializer); 2505 } 2506 2507 static void 2508 bridge_rtmsg_sync_handler(struct netmsg *nmsg) 2509 { 2510 ifnet_forwardmsg(&nmsg->nm_lmsg, mycpuid + 1); 2511 } 2512 2513 static void 2514 bridge_rtmsg_sync(struct bridge_softc *sc) 2515 { 2516 struct netmsg nmsg; 2517 2518 ASSERT_NOT_SERIALIZED(sc->sc_ifp->if_serializer); 2519 2520 netmsg_init(&nmsg, &curthread->td_msgport, 0, 2521 bridge_rtmsg_sync_handler); 2522 ifnet_domsg(&nmsg.nm_lmsg, 0); 2523 } 2524 2525 static __inline void 2526 bridge_rtinfo_update(struct bridge_rtinfo *bri, struct ifnet *dst_if, 2527 int setflags, uint8_t flags, uint32_t timeo) 2528 { 2529 if ((bri->bri_flags & IFBAF_TYPEMASK) == IFBAF_DYNAMIC && 2530 bri->bri_ifp != dst_if) 2531 bri->bri_ifp = dst_if; 2532 if ((flags & IFBAF_TYPEMASK) == IFBAF_DYNAMIC && 2533 bri->bri_expire != time_second + timeo) 2534 bri->bri_expire = time_second + timeo; 2535 if (setflags) 2536 bri->bri_flags = flags; 2537 } 2538 2539 static int 2540 bridge_rtinstall_oncpu(struct bridge_softc *sc, const uint8_t *dst, 2541 struct ifnet *dst_if, int setflags, uint8_t flags, 2542 struct bridge_rtinfo **bri0) 2543 { 2544 struct bridge_rtnode *brt; 2545 struct bridge_rtinfo *bri; 2546 2547 if (mycpuid == 0) { 2548 brt = bridge_rtnode_lookup(sc, dst); 2549 if (brt != NULL) { 2550 /* 2551 * rtnode for 'dst' already exists. We inform the 2552 * caller about this by leaving bri0 as NULL. The 2553 * caller will terminate the intallation upon getting 2554 * NULL bri0. However, we still need to update the 2555 * rtinfo. 2556 */ 2557 KKASSERT(*bri0 == NULL); 2558 2559 /* Update rtinfo */ 2560 bridge_rtinfo_update(brt->brt_info, dst_if, setflags, 2561 flags, sc->sc_brttimeout); 2562 return 0; 2563 } 2564 2565 /* 2566 * We only need to check brtcnt on CPU0, since if limit 2567 * is to be exceeded, ENOSPC is returned. Caller knows 2568 * this and will terminate the installation. 2569 */ 2570 if (sc->sc_brtcnt >= sc->sc_brtmax) 2571 return ENOSPC; 2572 2573 KKASSERT(*bri0 == NULL); 2574 bri = kmalloc(sizeof(struct bridge_rtinfo), M_DEVBUF, 2575 M_WAITOK | M_ZERO); 2576 *bri0 = bri; 2577 2578 /* Setup rtinfo */ 2579 bri->bri_flags = IFBAF_DYNAMIC; 2580 bridge_rtinfo_update(bri, dst_if, setflags, flags, 2581 sc->sc_brttimeout); 2582 } else { 2583 bri = *bri0; 2584 KKASSERT(bri != NULL); 2585 } 2586 2587 brt = kmalloc(sizeof(struct bridge_rtnode), M_DEVBUF, 2588 M_WAITOK | M_ZERO); 2589 memcpy(brt->brt_addr, dst, ETHER_ADDR_LEN); 2590 brt->brt_info = bri; 2591 2592 bridge_rtnode_insert(sc, brt); 2593 return 0; 2594 } 2595 2596 static void 2597 bridge_rtinstall_handler(struct netmsg *nmsg) 2598 { 2599 struct netmsg_brsaddr *brmsg = (struct netmsg_brsaddr *)nmsg; 2600 int error; 2601 2602 error = bridge_rtinstall_oncpu(brmsg->br_softc, 2603 brmsg->br_dst, brmsg->br_dst_if, 2604 brmsg->br_setflags, brmsg->br_flags, 2605 &brmsg->br_rtinfo); 2606 if (error) { 2607 KKASSERT(mycpuid == 0 && brmsg->br_rtinfo == NULL); 2608 lwkt_replymsg(&nmsg->nm_lmsg, error); 2609 return; 2610 } else if (brmsg->br_rtinfo == NULL) { 2611 /* rtnode already exists for 'dst' */ 2612 KKASSERT(mycpuid == 0); 2613 lwkt_replymsg(&nmsg->nm_lmsg, 0); 2614 return; 2615 } 2616 ifnet_forwardmsg(&nmsg->nm_lmsg, mycpuid + 1); 2617 } 2618 2619 /* 2620 * bridge_rtupdate: 2621 * 2622 * Add/Update a bridge routing entry. 2623 */ 2624 static int 2625 bridge_rtupdate(struct bridge_softc *sc, const uint8_t *dst, 2626 struct ifnet *dst_if, uint8_t flags) 2627 { 2628 struct bridge_rtnode *brt; 2629 2630 /* 2631 * A route for this destination might already exist. If so, 2632 * update it, otherwise create a new one. 2633 */ 2634 if ((brt = bridge_rtnode_lookup(sc, dst)) == NULL) { 2635 struct netmsg_brsaddr *brmsg; 2636 2637 if (sc->sc_brtcnt >= sc->sc_brtmax) 2638 return ENOSPC; 2639 2640 brmsg = kmalloc(sizeof(*brmsg), M_LWKTMSG, M_WAITOK | M_NULLOK); 2641 if (brmsg == NULL) 2642 return ENOMEM; 2643 2644 netmsg_init(&brmsg->br_nmsg, &netisr_afree_rport, 0, 2645 bridge_rtinstall_handler); 2646 memcpy(brmsg->br_dst, dst, ETHER_ADDR_LEN); 2647 brmsg->br_dst_if = dst_if; 2648 brmsg->br_flags = flags; 2649 brmsg->br_setflags = 0; 2650 brmsg->br_softc = sc; 2651 brmsg->br_rtinfo = NULL; 2652 2653 ifnet_sendmsg(&brmsg->br_nmsg.nm_lmsg, 0); 2654 return 0; 2655 } 2656 bridge_rtinfo_update(brt->brt_info, dst_if, 0, flags, 2657 sc->sc_brttimeout); 2658 return 0; 2659 } 2660 2661 static int 2662 bridge_rtsaddr(struct bridge_softc *sc, const uint8_t *dst, 2663 struct ifnet *dst_if, uint8_t flags) 2664 { 2665 struct netmsg_brsaddr brmsg; 2666 2667 ASSERT_NOT_SERIALIZED(sc->sc_ifp->if_serializer); 2668 2669 netmsg_init(&brmsg.br_nmsg, &curthread->td_msgport, 0, 2670 bridge_rtinstall_handler); 2671 memcpy(brmsg.br_dst, dst, ETHER_ADDR_LEN); 2672 brmsg.br_dst_if = dst_if; 2673 brmsg.br_flags = flags; 2674 brmsg.br_setflags = 1; 2675 brmsg.br_softc = sc; 2676 brmsg.br_rtinfo = NULL; 2677 2678 return ifnet_domsg(&brmsg.br_nmsg.nm_lmsg, 0); 2679 } 2680 2681 /* 2682 * bridge_rtlookup: 2683 * 2684 * Lookup the destination interface for an address. 2685 */ 2686 static struct ifnet * 2687 bridge_rtlookup(struct bridge_softc *sc, const uint8_t *addr) 2688 { 2689 struct bridge_rtnode *brt; 2690 2691 if ((brt = bridge_rtnode_lookup(sc, addr)) == NULL) 2692 return NULL; 2693 return brt->brt_info->bri_ifp; 2694 } 2695 2696 static void 2697 bridge_rtreap_handler(struct netmsg *nmsg) 2698 { 2699 struct bridge_softc *sc = nmsg->nm_lmsg.u.ms_resultp; 2700 struct bridge_rtnode *brt, *nbrt; 2701 2702 LIST_FOREACH_MUTABLE(brt, &sc->sc_rtlists[mycpuid], brt_list, nbrt) { 2703 if (brt->brt_info->bri_dead) 2704 bridge_rtnode_destroy(sc, brt); 2705 } 2706 ifnet_forwardmsg(&nmsg->nm_lmsg, mycpuid + 1); 2707 } 2708 2709 static void 2710 bridge_rtreap(struct bridge_softc *sc) 2711 { 2712 struct netmsg nmsg; 2713 2714 ASSERT_NOT_SERIALIZED(sc->sc_ifp->if_serializer); 2715 2716 netmsg_init(&nmsg, &curthread->td_msgport, 0, bridge_rtreap_handler); 2717 nmsg.nm_lmsg.u.ms_resultp = sc; 2718 2719 ifnet_domsg(&nmsg.nm_lmsg, 0); 2720 } 2721 2722 static void 2723 bridge_rtreap_async(struct bridge_softc *sc) 2724 { 2725 struct netmsg *nmsg; 2726 2727 nmsg = kmalloc(sizeof(*nmsg), M_LWKTMSG, M_WAITOK); 2728 2729 netmsg_init(nmsg, &netisr_afree_rport, 0, bridge_rtreap_handler); 2730 nmsg->nm_lmsg.u.ms_resultp = sc; 2731 2732 ifnet_sendmsg(&nmsg->nm_lmsg, 0); 2733 } 2734 2735 /* 2736 * bridge_rttrim: 2737 * 2738 * Trim the routine table so that we have a number 2739 * of routing entries less than or equal to the 2740 * maximum number. 2741 */ 2742 static void 2743 bridge_rttrim(struct bridge_softc *sc) 2744 { 2745 struct bridge_rtnode *brt; 2746 int dead; 2747 2748 ASSERT_NOT_SERIALIZED(sc->sc_ifp->if_serializer); 2749 2750 /* Make sure we actually need to do this. */ 2751 if (sc->sc_brtcnt <= sc->sc_brtmax) 2752 return; 2753 2754 /* 2755 * Find out how many rtnodes are dead 2756 */ 2757 dead = bridge_rtage_finddead(sc); 2758 KKASSERT(dead <= sc->sc_brtcnt); 2759 2760 if (sc->sc_brtcnt - dead <= sc->sc_brtmax) { 2761 /* Enough dead rtnodes are found */ 2762 bridge_rtreap(sc); 2763 return; 2764 } 2765 2766 /* 2767 * Kill some dynamic rtnodes to meet the brtmax 2768 */ 2769 LIST_FOREACH(brt, &sc->sc_rtlists[mycpuid], brt_list) { 2770 struct bridge_rtinfo *bri = brt->brt_info; 2771 2772 if (bri->bri_dead) { 2773 /* 2774 * We have counted this rtnode in 2775 * bridge_rtage_finddead() 2776 */ 2777 continue; 2778 } 2779 2780 if ((bri->bri_flags & IFBAF_TYPEMASK) == IFBAF_DYNAMIC) { 2781 bri->bri_dead = 1; 2782 ++dead; 2783 KKASSERT(dead <= sc->sc_brtcnt); 2784 2785 if (sc->sc_brtcnt - dead <= sc->sc_brtmax) { 2786 /* Enough rtnodes are collected */ 2787 break; 2788 } 2789 } 2790 } 2791 if (dead) 2792 bridge_rtreap(sc); 2793 } 2794 2795 /* 2796 * bridge_timer: 2797 * 2798 * Aging timer for the bridge. 2799 */ 2800 static void 2801 bridge_timer(void *arg) 2802 { 2803 struct bridge_softc *sc = arg; 2804 struct lwkt_msg *lmsg; 2805 2806 KKASSERT(mycpuid == BRIDGE_CFGCPU); 2807 2808 crit_enter(); 2809 2810 if (callout_pending(&sc->sc_brcallout) || 2811 !callout_active(&sc->sc_brcallout)) { 2812 crit_exit(); 2813 return; 2814 } 2815 callout_deactivate(&sc->sc_brcallout); 2816 2817 lmsg = &sc->sc_brtimemsg.nm_lmsg; 2818 KKASSERT(lmsg->ms_flags & MSGF_DONE); 2819 lwkt_sendmsg(BRIDGE_CFGPORT, lmsg); 2820 2821 crit_exit(); 2822 } 2823 2824 static void 2825 bridge_timer_handler(struct netmsg *nmsg) 2826 { 2827 struct bridge_softc *sc = nmsg->nm_lmsg.u.ms_resultp; 2828 2829 KKASSERT(&curthread->td_msgport == BRIDGE_CFGPORT); 2830 2831 crit_enter(); 2832 /* Reply ASAP */ 2833 lwkt_replymsg(&nmsg->nm_lmsg, 0); 2834 crit_exit(); 2835 2836 bridge_rtage(sc); 2837 if (sc->sc_ifp->if_flags & IFF_RUNNING) { 2838 callout_reset(&sc->sc_brcallout, 2839 bridge_rtable_prune_period * hz, bridge_timer, sc); 2840 } 2841 } 2842 2843 static int 2844 bridge_rtage_finddead(struct bridge_softc *sc) 2845 { 2846 struct bridge_rtnode *brt; 2847 int dead = 0; 2848 2849 LIST_FOREACH(brt, &sc->sc_rtlists[mycpuid], brt_list) { 2850 struct bridge_rtinfo *bri = brt->brt_info; 2851 2852 if ((bri->bri_flags & IFBAF_TYPEMASK) == IFBAF_DYNAMIC && 2853 time_second >= bri->bri_expire) { 2854 bri->bri_dead = 1; 2855 ++dead; 2856 KKASSERT(dead <= sc->sc_brtcnt); 2857 } 2858 } 2859 return dead; 2860 } 2861 2862 /* 2863 * bridge_rtage: 2864 * 2865 * Perform an aging cycle. 2866 */ 2867 static void 2868 bridge_rtage(struct bridge_softc *sc) 2869 { 2870 ASSERT_NOT_SERIALIZED(sc->sc_ifp->if_serializer); 2871 2872 if (bridge_rtage_finddead(sc)) 2873 bridge_rtreap(sc); 2874 } 2875 2876 /* 2877 * bridge_rtflush: 2878 * 2879 * Remove all dynamic addresses from the bridge. 2880 */ 2881 static void 2882 bridge_rtflush(struct bridge_softc *sc, int bf) 2883 { 2884 struct bridge_rtnode *brt; 2885 int reap; 2886 2887 reap = 0; 2888 LIST_FOREACH(brt, &sc->sc_rtlists[mycpuid], brt_list) { 2889 struct bridge_rtinfo *bri = brt->brt_info; 2890 2891 if ((bf & IFBF_FLUSHALL) || 2892 (bri->bri_flags & IFBAF_TYPEMASK) == IFBAF_DYNAMIC) { 2893 bri->bri_dead = 1; 2894 reap = 1; 2895 } 2896 } 2897 if (reap) { 2898 if (bf & IFBF_FLUSHSYNC) 2899 bridge_rtreap(sc); 2900 else 2901 bridge_rtreap_async(sc); 2902 } 2903 } 2904 2905 /* 2906 * bridge_rtdaddr: 2907 * 2908 * Remove an address from the table. 2909 */ 2910 static int 2911 bridge_rtdaddr(struct bridge_softc *sc, const uint8_t *addr) 2912 { 2913 struct bridge_rtnode *brt; 2914 2915 ASSERT_NOT_SERIALIZED(sc->sc_ifp->if_serializer); 2916 2917 if ((brt = bridge_rtnode_lookup(sc, addr)) == NULL) 2918 return (ENOENT); 2919 2920 /* TODO: add a cheaper delete operation */ 2921 brt->brt_info->bri_dead = 1; 2922 bridge_rtreap(sc); 2923 return (0); 2924 } 2925 2926 /* 2927 * bridge_rtdelete: 2928 * 2929 * Delete routes to a speicifc member interface. 2930 */ 2931 void 2932 bridge_rtdelete(struct bridge_softc *sc, struct ifnet *ifp, int bf) 2933 { 2934 struct bridge_rtnode *brt; 2935 int reap; 2936 2937 reap = 0; 2938 LIST_FOREACH(brt, &sc->sc_rtlists[mycpuid], brt_list) { 2939 struct bridge_rtinfo *bri = brt->brt_info; 2940 2941 if (bri->bri_ifp == ifp && 2942 ((bf & IFBF_FLUSHALL) || 2943 (bri->bri_flags & IFBAF_TYPEMASK) == IFBAF_DYNAMIC)) { 2944 bri->bri_dead = 1; 2945 reap = 1; 2946 } 2947 } 2948 if (reap) { 2949 if (bf & IFBF_FLUSHSYNC) 2950 bridge_rtreap(sc); 2951 else 2952 bridge_rtreap_async(sc); 2953 } 2954 } 2955 2956 /* 2957 * bridge_rtable_init: 2958 * 2959 * Initialize the route table for this bridge. 2960 */ 2961 static void 2962 bridge_rtable_init(struct bridge_softc *sc) 2963 { 2964 int cpu; 2965 2966 /* 2967 * Initialize per-cpu hash tables 2968 */ 2969 sc->sc_rthashs = kmalloc(sizeof(*sc->sc_rthashs) * ncpus, 2970 M_DEVBUF, M_WAITOK); 2971 for (cpu = 0; cpu < ncpus; ++cpu) { 2972 int i; 2973 2974 sc->sc_rthashs[cpu] = 2975 kmalloc(sizeof(struct bridge_rtnode_head) * BRIDGE_RTHASH_SIZE, 2976 M_DEVBUF, M_WAITOK); 2977 2978 for (i = 0; i < BRIDGE_RTHASH_SIZE; i++) 2979 LIST_INIT(&sc->sc_rthashs[cpu][i]); 2980 } 2981 sc->sc_rthash_key = karc4random(); 2982 2983 /* 2984 * Initialize per-cpu lists 2985 */ 2986 sc->sc_rtlists = kmalloc(sizeof(struct bridge_rtnode_head) * ncpus, 2987 M_DEVBUF, M_WAITOK); 2988 for (cpu = 0; cpu < ncpus; ++cpu) 2989 LIST_INIT(&sc->sc_rtlists[cpu]); 2990 } 2991 2992 /* 2993 * bridge_rtable_fini: 2994 * 2995 * Deconstruct the route table for this bridge. 2996 */ 2997 static void 2998 bridge_rtable_fini(struct bridge_softc *sc) 2999 { 3000 int cpu; 3001 3002 /* 3003 * Free per-cpu hash tables 3004 */ 3005 for (cpu = 0; cpu < ncpus; ++cpu) 3006 kfree(sc->sc_rthashs[cpu], M_DEVBUF); 3007 kfree(sc->sc_rthashs, M_DEVBUF); 3008 3009 /* 3010 * Free per-cpu lists 3011 */ 3012 kfree(sc->sc_rtlists, M_DEVBUF); 3013 } 3014 3015 /* 3016 * The following hash function is adapted from "Hash Functions" by Bob Jenkins 3017 * ("Algorithm Alley", Dr. Dobbs Journal, September 1997). 3018 */ 3019 #define mix(a, b, c) \ 3020 do { \ 3021 a -= b; a -= c; a ^= (c >> 13); \ 3022 b -= c; b -= a; b ^= (a << 8); \ 3023 c -= a; c -= b; c ^= (b >> 13); \ 3024 a -= b; a -= c; a ^= (c >> 12); \ 3025 b -= c; b -= a; b ^= (a << 16); \ 3026 c -= a; c -= b; c ^= (b >> 5); \ 3027 a -= b; a -= c; a ^= (c >> 3); \ 3028 b -= c; b -= a; b ^= (a << 10); \ 3029 c -= a; c -= b; c ^= (b >> 15); \ 3030 } while (/*CONSTCOND*/0) 3031 3032 static __inline uint32_t 3033 bridge_rthash(struct bridge_softc *sc, const uint8_t *addr) 3034 { 3035 uint32_t a = 0x9e3779b9, b = 0x9e3779b9, c = sc->sc_rthash_key; 3036 3037 b += addr[5] << 8; 3038 b += addr[4]; 3039 a += addr[3] << 24; 3040 a += addr[2] << 16; 3041 a += addr[1] << 8; 3042 a += addr[0]; 3043 3044 mix(a, b, c); 3045 3046 return (c & BRIDGE_RTHASH_MASK); 3047 } 3048 3049 #undef mix 3050 3051 static int 3052 bridge_rtnode_addr_cmp(const uint8_t *a, const uint8_t *b) 3053 { 3054 int i, d; 3055 3056 for (i = 0, d = 0; i < ETHER_ADDR_LEN && d == 0; i++) { 3057 d = ((int)a[i]) - ((int)b[i]); 3058 } 3059 3060 return (d); 3061 } 3062 3063 /* 3064 * bridge_rtnode_lookup: 3065 * 3066 * Look up a bridge route node for the specified destination. 3067 */ 3068 static struct bridge_rtnode * 3069 bridge_rtnode_lookup(struct bridge_softc *sc, const uint8_t *addr) 3070 { 3071 struct bridge_rtnode *brt; 3072 uint32_t hash; 3073 int dir; 3074 3075 hash = bridge_rthash(sc, addr); 3076 LIST_FOREACH(brt, &sc->sc_rthashs[mycpuid][hash], brt_hash) { 3077 dir = bridge_rtnode_addr_cmp(addr, brt->brt_addr); 3078 if (dir == 0) 3079 return (brt); 3080 if (dir > 0) 3081 return (NULL); 3082 } 3083 3084 return (NULL); 3085 } 3086 3087 /* 3088 * bridge_rtnode_insert: 3089 * 3090 * Insert the specified bridge node into the route table. 3091 * Caller has to make sure that rtnode does not exist. 3092 */ 3093 static void 3094 bridge_rtnode_insert(struct bridge_softc *sc, struct bridge_rtnode *brt) 3095 { 3096 struct bridge_rtnode *lbrt; 3097 uint32_t hash; 3098 int dir; 3099 3100 hash = bridge_rthash(sc, brt->brt_addr); 3101 3102 lbrt = LIST_FIRST(&sc->sc_rthashs[mycpuid][hash]); 3103 if (lbrt == NULL) { 3104 LIST_INSERT_HEAD(&sc->sc_rthashs[mycpuid][hash], brt, brt_hash); 3105 goto out; 3106 } 3107 3108 do { 3109 dir = bridge_rtnode_addr_cmp(brt->brt_addr, lbrt->brt_addr); 3110 KASSERT(dir != 0, ("rtnode already exist\n")); 3111 3112 if (dir > 0) { 3113 LIST_INSERT_BEFORE(lbrt, brt, brt_hash); 3114 goto out; 3115 } 3116 if (LIST_NEXT(lbrt, brt_hash) == NULL) { 3117 LIST_INSERT_AFTER(lbrt, brt, brt_hash); 3118 goto out; 3119 } 3120 lbrt = LIST_NEXT(lbrt, brt_hash); 3121 } while (lbrt != NULL); 3122 3123 panic("no suitable position found for rtnode\n"); 3124 out: 3125 LIST_INSERT_HEAD(&sc->sc_rtlists[mycpuid], brt, brt_list); 3126 if (mycpuid == 0) { 3127 /* 3128 * Update the brtcnt. 3129 * We only need to do it once and we do it on CPU0. 3130 */ 3131 sc->sc_brtcnt++; 3132 } 3133 } 3134 3135 /* 3136 * bridge_rtnode_destroy: 3137 * 3138 * Destroy a bridge rtnode. 3139 */ 3140 static void 3141 bridge_rtnode_destroy(struct bridge_softc *sc, struct bridge_rtnode *brt) 3142 { 3143 LIST_REMOVE(brt, brt_hash); 3144 LIST_REMOVE(brt, brt_list); 3145 3146 if (mycpuid + 1 == ncpus) { 3147 /* Free rtinfo associated with rtnode on the last cpu */ 3148 kfree(brt->brt_info, M_DEVBUF); 3149 } 3150 kfree(brt, M_DEVBUF); 3151 3152 if (mycpuid == 0) { 3153 /* Update brtcnt only on CPU0 */ 3154 sc->sc_brtcnt--; 3155 } 3156 } 3157 3158 static __inline int 3159 bridge_post_pfil(struct mbuf *m) 3160 { 3161 if (m->m_pkthdr.fw_flags & IPFORWARD_MBUF_TAGGED) 3162 return EOPNOTSUPP; 3163 3164 /* Not yet */ 3165 if (m->m_pkthdr.fw_flags & DUMMYNET_MBUF_TAGGED) 3166 return EOPNOTSUPP; 3167 3168 return 0; 3169 } 3170 3171 /* 3172 * Send bridge packets through pfil if they are one of the types pfil can deal 3173 * with, or if they are ARP or REVARP. (pfil will pass ARP and REVARP without 3174 * question.) If *bifp or *ifp are NULL then packet filtering is skipped for 3175 * that interface. 3176 */ 3177 static int 3178 bridge_pfil(struct mbuf **mp, struct ifnet *bifp, struct ifnet *ifp, int dir) 3179 { 3180 int snap, error, i, hlen; 3181 struct ether_header *eh1, eh2; 3182 struct ip *ip; 3183 struct llc llc1; 3184 u_int16_t ether_type; 3185 3186 snap = 0; 3187 error = -1; /* Default error if not error == 0 */ 3188 3189 if (pfil_bridge == 0 && pfil_member == 0) 3190 return (0); /* filtering is disabled */ 3191 3192 i = min((*mp)->m_pkthdr.len, max_protohdr); 3193 if ((*mp)->m_len < i) { 3194 *mp = m_pullup(*mp, i); 3195 if (*mp == NULL) { 3196 kprintf("%s: m_pullup failed\n", __func__); 3197 return (-1); 3198 } 3199 } 3200 3201 eh1 = mtod(*mp, struct ether_header *); 3202 ether_type = ntohs(eh1->ether_type); 3203 3204 /* 3205 * Check for SNAP/LLC. 3206 */ 3207 if (ether_type < ETHERMTU) { 3208 struct llc *llc2 = (struct llc *)(eh1 + 1); 3209 3210 if ((*mp)->m_len >= ETHER_HDR_LEN + 8 && 3211 llc2->llc_dsap == LLC_SNAP_LSAP && 3212 llc2->llc_ssap == LLC_SNAP_LSAP && 3213 llc2->llc_control == LLC_UI) { 3214 ether_type = htons(llc2->llc_un.type_snap.ether_type); 3215 snap = 1; 3216 } 3217 } 3218 3219 /* 3220 * If we're trying to filter bridge traffic, don't look at anything 3221 * other than IP and ARP traffic. If the filter doesn't understand 3222 * IPv6, don't allow IPv6 through the bridge either. This is lame 3223 * since if we really wanted, say, an AppleTalk filter, we are hosed, 3224 * but of course we don't have an AppleTalk filter to begin with. 3225 * (Note that since pfil doesn't understand ARP it will pass *ALL* 3226 * ARP traffic.) 3227 */ 3228 switch (ether_type) { 3229 case ETHERTYPE_ARP: 3230 case ETHERTYPE_REVARP: 3231 return (0); /* Automatically pass */ 3232 3233 case ETHERTYPE_IP: 3234 #ifdef INET6 3235 case ETHERTYPE_IPV6: 3236 #endif /* INET6 */ 3237 break; 3238 3239 default: 3240 /* 3241 * Check to see if the user wants to pass non-ip 3242 * packets, these will not be checked by pfil(9) 3243 * and passed unconditionally so the default is to drop. 3244 */ 3245 if (pfil_onlyip) 3246 goto bad; 3247 } 3248 3249 /* Strip off the Ethernet header and keep a copy. */ 3250 m_copydata(*mp, 0, ETHER_HDR_LEN, (caddr_t) &eh2); 3251 m_adj(*mp, ETHER_HDR_LEN); 3252 3253 /* Strip off snap header, if present */ 3254 if (snap) { 3255 m_copydata(*mp, 0, sizeof(struct llc), (caddr_t) &llc1); 3256 m_adj(*mp, sizeof(struct llc)); 3257 } 3258 3259 /* 3260 * Check the IP header for alignment and errors 3261 */ 3262 if (dir == PFIL_IN) { 3263 switch (ether_type) { 3264 case ETHERTYPE_IP: 3265 error = bridge_ip_checkbasic(mp); 3266 break; 3267 #ifdef INET6 3268 case ETHERTYPE_IPV6: 3269 error = bridge_ip6_checkbasic(mp); 3270 break; 3271 #endif /* INET6 */ 3272 default: 3273 error = 0; 3274 } 3275 if (error) 3276 goto bad; 3277 } 3278 3279 error = 0; 3280 3281 /* 3282 * Run the packet through pfil 3283 */ 3284 switch (ether_type) { 3285 case ETHERTYPE_IP: 3286 /* 3287 * before calling the firewall, swap fields the same as 3288 * IP does. here we assume the header is contiguous 3289 */ 3290 ip = mtod(*mp, struct ip *); 3291 3292 ip->ip_len = ntohs(ip->ip_len); 3293 ip->ip_off = ntohs(ip->ip_off); 3294 3295 /* 3296 * Run pfil on the member interface and the bridge, both can 3297 * be skipped by clearing pfil_member or pfil_bridge. 3298 * 3299 * Keep the order: 3300 * in_if -> bridge_if -> out_if 3301 */ 3302 if (pfil_bridge && dir == PFIL_OUT && bifp != NULL) { 3303 error = pfil_run_hooks(&inet_pfil_hook, mp, bifp, dir); 3304 if (*mp == NULL || error != 0) /* filter may consume */ 3305 break; 3306 error = bridge_post_pfil(*mp); 3307 if (error) 3308 break; 3309 } 3310 3311 if (pfil_member && ifp != NULL) { 3312 error = pfil_run_hooks(&inet_pfil_hook, mp, ifp, dir); 3313 if (*mp == NULL || error != 0) /* filter may consume */ 3314 break; 3315 error = bridge_post_pfil(*mp); 3316 if (error) 3317 break; 3318 } 3319 3320 if (pfil_bridge && dir == PFIL_IN && bifp != NULL) { 3321 error = pfil_run_hooks(&inet_pfil_hook, mp, bifp, dir); 3322 if (*mp == NULL || error != 0) /* filter may consume */ 3323 break; 3324 error = bridge_post_pfil(*mp); 3325 if (error) 3326 break; 3327 } 3328 3329 /* check if we need to fragment the packet */ 3330 if (pfil_member && ifp != NULL && dir == PFIL_OUT) { 3331 i = (*mp)->m_pkthdr.len; 3332 if (i > ifp->if_mtu) { 3333 error = bridge_fragment(ifp, *mp, &eh2, snap, 3334 &llc1); 3335 return (error); 3336 } 3337 } 3338 3339 /* Recalculate the ip checksum and restore byte ordering */ 3340 ip = mtod(*mp, struct ip *); 3341 hlen = ip->ip_hl << 2; 3342 if (hlen < sizeof(struct ip)) 3343 goto bad; 3344 if (hlen > (*mp)->m_len) { 3345 if ((*mp = m_pullup(*mp, hlen)) == 0) 3346 goto bad; 3347 ip = mtod(*mp, struct ip *); 3348 if (ip == NULL) 3349 goto bad; 3350 } 3351 ip->ip_len = htons(ip->ip_len); 3352 ip->ip_off = htons(ip->ip_off); 3353 ip->ip_sum = 0; 3354 if (hlen == sizeof(struct ip)) 3355 ip->ip_sum = in_cksum_hdr(ip); 3356 else 3357 ip->ip_sum = in_cksum(*mp, hlen); 3358 3359 break; 3360 #ifdef INET6 3361 case ETHERTYPE_IPV6: 3362 if (pfil_bridge && dir == PFIL_OUT && bifp != NULL) 3363 error = pfil_run_hooks(&inet6_pfil_hook, mp, bifp, 3364 dir); 3365 3366 if (*mp == NULL || error != 0) /* filter may consume */ 3367 break; 3368 3369 if (pfil_member && ifp != NULL) 3370 error = pfil_run_hooks(&inet6_pfil_hook, mp, ifp, 3371 dir); 3372 3373 if (*mp == NULL || error != 0) /* filter may consume */ 3374 break; 3375 3376 if (pfil_bridge && dir == PFIL_IN && bifp != NULL) 3377 error = pfil_run_hooks(&inet6_pfil_hook, mp, bifp, 3378 dir); 3379 break; 3380 #endif 3381 default: 3382 error = 0; 3383 break; 3384 } 3385 3386 if (*mp == NULL) 3387 return (error); 3388 if (error != 0) 3389 goto bad; 3390 3391 error = -1; 3392 3393 /* 3394 * Finally, put everything back the way it was and return 3395 */ 3396 if (snap) { 3397 M_PREPEND(*mp, sizeof(struct llc), MB_DONTWAIT); 3398 if (*mp == NULL) 3399 return (error); 3400 bcopy(&llc1, mtod(*mp, caddr_t), sizeof(struct llc)); 3401 } 3402 3403 M_PREPEND(*mp, ETHER_HDR_LEN, MB_DONTWAIT); 3404 if (*mp == NULL) 3405 return (error); 3406 bcopy(&eh2, mtod(*mp, caddr_t), ETHER_HDR_LEN); 3407 3408 return (0); 3409 3410 bad: 3411 m_freem(*mp); 3412 *mp = NULL; 3413 return (error); 3414 } 3415 3416 /* 3417 * Perform basic checks on header size since 3418 * pfil assumes ip_input has already processed 3419 * it for it. Cut-and-pasted from ip_input.c. 3420 * Given how simple the IPv6 version is, 3421 * does the IPv4 version really need to be 3422 * this complicated? 3423 * 3424 * XXX Should we update ipstat here, or not? 3425 * XXX Right now we update ipstat but not 3426 * XXX csum_counter. 3427 */ 3428 static int 3429 bridge_ip_checkbasic(struct mbuf **mp) 3430 { 3431 struct mbuf *m = *mp; 3432 struct ip *ip; 3433 int len, hlen; 3434 u_short sum; 3435 3436 if (*mp == NULL) 3437 return (-1); 3438 #if notyet 3439 if (IP_HDR_ALIGNED_P(mtod(m, caddr_t)) == 0) { 3440 if ((m = m_copyup(m, sizeof(struct ip), 3441 (max_linkhdr + 3) & ~3)) == NULL) { 3442 /* XXXJRT new stat, please */ 3443 ipstat.ips_toosmall++; 3444 goto bad; 3445 } 3446 } else 3447 #endif 3448 #ifndef __predict_false 3449 #define __predict_false(x) x 3450 #endif 3451 if (__predict_false(m->m_len < sizeof (struct ip))) { 3452 if ((m = m_pullup(m, sizeof (struct ip))) == NULL) { 3453 ipstat.ips_toosmall++; 3454 goto bad; 3455 } 3456 } 3457 ip = mtod(m, struct ip *); 3458 if (ip == NULL) goto bad; 3459 3460 if (ip->ip_v != IPVERSION) { 3461 ipstat.ips_badvers++; 3462 goto bad; 3463 } 3464 hlen = ip->ip_hl << 2; 3465 if (hlen < sizeof(struct ip)) { /* minimum header length */ 3466 ipstat.ips_badhlen++; 3467 goto bad; 3468 } 3469 if (hlen > m->m_len) { 3470 if ((m = m_pullup(m, hlen)) == 0) { 3471 ipstat.ips_badhlen++; 3472 goto bad; 3473 } 3474 ip = mtod(m, struct ip *); 3475 if (ip == NULL) goto bad; 3476 } 3477 3478 if (m->m_pkthdr.csum_flags & CSUM_IP_CHECKED) { 3479 sum = !(m->m_pkthdr.csum_flags & CSUM_IP_VALID); 3480 } else { 3481 if (hlen == sizeof(struct ip)) { 3482 sum = in_cksum_hdr(ip); 3483 } else { 3484 sum = in_cksum(m, hlen); 3485 } 3486 } 3487 if (sum) { 3488 ipstat.ips_badsum++; 3489 goto bad; 3490 } 3491 3492 /* Retrieve the packet length. */ 3493 len = ntohs(ip->ip_len); 3494 3495 /* 3496 * Check for additional length bogosity 3497 */ 3498 if (len < hlen) { 3499 ipstat.ips_badlen++; 3500 goto bad; 3501 } 3502 3503 /* 3504 * Check that the amount of data in the buffers 3505 * is as at least much as the IP header would have us expect. 3506 * Drop packet if shorter than we expect. 3507 */ 3508 if (m->m_pkthdr.len < len) { 3509 ipstat.ips_tooshort++; 3510 goto bad; 3511 } 3512 3513 /* Checks out, proceed */ 3514 *mp = m; 3515 return (0); 3516 3517 bad: 3518 *mp = m; 3519 return (-1); 3520 } 3521 3522 #ifdef INET6 3523 /* 3524 * Same as above, but for IPv6. 3525 * Cut-and-pasted from ip6_input.c. 3526 * XXX Should we update ip6stat, or not? 3527 */ 3528 static int 3529 bridge_ip6_checkbasic(struct mbuf **mp) 3530 { 3531 struct mbuf *m = *mp; 3532 struct ip6_hdr *ip6; 3533 3534 /* 3535 * If the IPv6 header is not aligned, slurp it up into a new 3536 * mbuf with space for link headers, in the event we forward 3537 * it. Otherwise, if it is aligned, make sure the entire base 3538 * IPv6 header is in the first mbuf of the chain. 3539 */ 3540 #if notyet 3541 if (IP6_HDR_ALIGNED_P(mtod(m, caddr_t)) == 0) { 3542 struct ifnet *inifp = m->m_pkthdr.rcvif; 3543 if ((m = m_copyup(m, sizeof(struct ip6_hdr), 3544 (max_linkhdr + 3) & ~3)) == NULL) { 3545 /* XXXJRT new stat, please */ 3546 ip6stat.ip6s_toosmall++; 3547 in6_ifstat_inc(inifp, ifs6_in_hdrerr); 3548 goto bad; 3549 } 3550 } else 3551 #endif 3552 if (__predict_false(m->m_len < sizeof(struct ip6_hdr))) { 3553 struct ifnet *inifp = m->m_pkthdr.rcvif; 3554 if ((m = m_pullup(m, sizeof(struct ip6_hdr))) == NULL) { 3555 ip6stat.ip6s_toosmall++; 3556 in6_ifstat_inc(inifp, ifs6_in_hdrerr); 3557 goto bad; 3558 } 3559 } 3560 3561 ip6 = mtod(m, struct ip6_hdr *); 3562 3563 if ((ip6->ip6_vfc & IPV6_VERSION_MASK) != IPV6_VERSION) { 3564 ip6stat.ip6s_badvers++; 3565 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_hdrerr); 3566 goto bad; 3567 } 3568 3569 /* Checks out, proceed */ 3570 *mp = m; 3571 return (0); 3572 3573 bad: 3574 *mp = m; 3575 return (-1); 3576 } 3577 #endif /* INET6 */ 3578 3579 /* 3580 * bridge_fragment: 3581 * 3582 * Return a fragmented mbuf chain. 3583 */ 3584 static int 3585 bridge_fragment(struct ifnet *ifp, struct mbuf *m, struct ether_header *eh, 3586 int snap, struct llc *llc) 3587 { 3588 struct mbuf *m0; 3589 struct ip *ip; 3590 int error = -1; 3591 3592 if (m->m_len < sizeof(struct ip) && 3593 (m = m_pullup(m, sizeof(struct ip))) == NULL) 3594 goto out; 3595 ip = mtod(m, struct ip *); 3596 3597 error = ip_fragment(ip, &m, ifp->if_mtu, ifp->if_hwassist, 3598 CSUM_DELAY_IP); 3599 if (error) 3600 goto out; 3601 3602 /* walk the chain and re-add the Ethernet header */ 3603 for (m0 = m; m0; m0 = m0->m_nextpkt) { 3604 if (error == 0) { 3605 if (snap) { 3606 M_PREPEND(m0, sizeof(struct llc), MB_DONTWAIT); 3607 if (m0 == NULL) { 3608 error = ENOBUFS; 3609 continue; 3610 } 3611 bcopy(llc, mtod(m0, caddr_t), 3612 sizeof(struct llc)); 3613 } 3614 M_PREPEND(m0, ETHER_HDR_LEN, MB_DONTWAIT); 3615 if (m0 == NULL) { 3616 error = ENOBUFS; 3617 continue; 3618 } 3619 bcopy(eh, mtod(m0, caddr_t), ETHER_HDR_LEN); 3620 } else 3621 m_freem(m); 3622 } 3623 3624 if (error == 0) 3625 ipstat.ips_fragmented++; 3626 3627 return (error); 3628 3629 out: 3630 if (m != NULL) 3631 m_freem(m); 3632 return (error); 3633 } 3634 3635 static void 3636 bridge_enqueue_handler(struct netmsg *nmsg) 3637 { 3638 struct netmsg_packet *nmp; 3639 struct ifnet *dst_ifp; 3640 struct mbuf *m; 3641 3642 nmp = (struct netmsg_packet *)nmsg; 3643 m = nmp->nm_packet; 3644 dst_ifp = nmp->nm_netmsg.nm_lmsg.u.ms_resultp; 3645 3646 bridge_handoff(dst_ifp, m); 3647 } 3648 3649 static void 3650 bridge_handoff(struct ifnet *dst_ifp, struct mbuf *m) 3651 { 3652 struct mbuf *m0; 3653 3654 /* We may be sending a fragment so traverse the mbuf */ 3655 for (; m; m = m0) { 3656 struct altq_pktattr pktattr; 3657 3658 m0 = m->m_nextpkt; 3659 m->m_nextpkt = NULL; 3660 3661 if (ifq_is_enabled(&dst_ifp->if_snd)) 3662 altq_etherclassify(&dst_ifp->if_snd, m, &pktattr); 3663 3664 ifq_dispatch(dst_ifp, m, &pktattr); 3665 } 3666 } 3667 3668 static void 3669 bridge_control_dispatch(struct netmsg *nmsg) 3670 { 3671 struct netmsg_brctl *bc_msg = (struct netmsg_brctl *)nmsg; 3672 struct ifnet *bifp = bc_msg->bc_sc->sc_ifp; 3673 int error; 3674 3675 lwkt_serialize_enter(bifp->if_serializer); 3676 error = bc_msg->bc_func(bc_msg->bc_sc, bc_msg->bc_arg); 3677 lwkt_serialize_exit(bifp->if_serializer); 3678 3679 lwkt_replymsg(&nmsg->nm_lmsg, error); 3680 } 3681 3682 static int 3683 bridge_control(struct bridge_softc *sc, u_long cmd, 3684 bridge_ctl_t bc_func, void *bc_arg) 3685 { 3686 struct ifnet *bifp = sc->sc_ifp; 3687 struct netmsg_brctl bc_msg; 3688 struct netmsg *nmsg; 3689 int error; 3690 3691 ASSERT_SERIALIZED(bifp->if_serializer); 3692 3693 bzero(&bc_msg, sizeof(bc_msg)); 3694 nmsg = &bc_msg.bc_nmsg; 3695 3696 netmsg_init(nmsg, &curthread->td_msgport, 0, bridge_control_dispatch); 3697 bc_msg.bc_func = bc_func; 3698 bc_msg.bc_sc = sc; 3699 bc_msg.bc_arg = bc_arg; 3700 3701 lwkt_serialize_exit(bifp->if_serializer); 3702 error = lwkt_domsg(BRIDGE_CFGPORT, &nmsg->nm_lmsg, 0); 3703 lwkt_serialize_enter(bifp->if_serializer); 3704 return error; 3705 } 3706 3707 static void 3708 bridge_add_bif_handler(struct netmsg *nmsg) 3709 { 3710 struct netmsg_braddbif *amsg = (struct netmsg_braddbif *)nmsg; 3711 struct bridge_softc *sc; 3712 struct bridge_iflist *bif; 3713 3714 sc = amsg->br_softc; 3715 3716 bif = kmalloc(sizeof(*bif), M_DEVBUF, M_WAITOK | M_ZERO); 3717 bif->bif_ifp = amsg->br_bif_ifp; 3718 bif->bif_flags = IFBIF_LEARNING | IFBIF_DISCOVER; 3719 bif->bif_onlist = 1; 3720 bif->bif_info = amsg->br_bif_info; 3721 3722 LIST_INSERT_HEAD(&sc->sc_iflists[mycpuid], bif, bif_next); 3723 3724 ifnet_forwardmsg(&nmsg->nm_lmsg, mycpuid + 1); 3725 } 3726 3727 static void 3728 bridge_add_bif(struct bridge_softc *sc, struct bridge_ifinfo *bif_info, 3729 struct ifnet *ifp) 3730 { 3731 struct netmsg_braddbif amsg; 3732 3733 ASSERT_NOT_SERIALIZED(sc->sc_ifp->if_serializer); 3734 3735 netmsg_init(&amsg.br_nmsg, &curthread->td_msgport, 0, 3736 bridge_add_bif_handler); 3737 amsg.br_softc = sc; 3738 amsg.br_bif_info = bif_info; 3739 amsg.br_bif_ifp = ifp; 3740 3741 ifnet_domsg(&amsg.br_nmsg.nm_lmsg, 0); 3742 } 3743 3744 static void 3745 bridge_del_bif_handler(struct netmsg *nmsg) 3746 { 3747 struct netmsg_brdelbif *dmsg = (struct netmsg_brdelbif *)nmsg; 3748 struct bridge_softc *sc; 3749 struct bridge_iflist *bif; 3750 3751 sc = dmsg->br_softc; 3752 3753 /* 3754 * Locate the bif associated with the br_bif_info 3755 * on the current CPU 3756 */ 3757 bif = bridge_lookup_member_ifinfo(sc, dmsg->br_bif_info); 3758 KKASSERT(bif != NULL && bif->bif_onlist); 3759 3760 /* Remove the bif from the current CPU's iflist */ 3761 bif->bif_onlist = 0; 3762 LIST_REMOVE(bif, bif_next); 3763 3764 /* Save the removed bif for later freeing */ 3765 LIST_INSERT_HEAD(dmsg->br_bif_list, bif, bif_next); 3766 3767 ifnet_forwardmsg(&nmsg->nm_lmsg, mycpuid + 1); 3768 } 3769 3770 static void 3771 bridge_del_bif(struct bridge_softc *sc, struct bridge_ifinfo *bif_info, 3772 struct bridge_iflist_head *saved_bifs) 3773 { 3774 struct netmsg_brdelbif dmsg; 3775 3776 ASSERT_NOT_SERIALIZED(sc->sc_ifp->if_serializer); 3777 3778 netmsg_init(&dmsg.br_nmsg, &curthread->td_msgport, 0, 3779 bridge_del_bif_handler); 3780 dmsg.br_softc = sc; 3781 dmsg.br_bif_info = bif_info; 3782 dmsg.br_bif_list = saved_bifs; 3783 3784 ifnet_domsg(&dmsg.br_nmsg.nm_lmsg, 0); 3785 } 3786 3787 static void 3788 bridge_set_bifflags_handler(struct netmsg *nmsg) 3789 { 3790 struct netmsg_brsflags *smsg = (struct netmsg_brsflags *)nmsg; 3791 struct bridge_softc *sc; 3792 struct bridge_iflist *bif; 3793 3794 sc = smsg->br_softc; 3795 3796 /* 3797 * Locate the bif associated with the br_bif_info 3798 * on the current CPU 3799 */ 3800 bif = bridge_lookup_member_ifinfo(sc, smsg->br_bif_info); 3801 KKASSERT(bif != NULL && bif->bif_onlist); 3802 3803 bif->bif_flags = smsg->br_bif_flags; 3804 3805 ifnet_forwardmsg(&nmsg->nm_lmsg, mycpuid + 1); 3806 } 3807 3808 static void 3809 bridge_set_bifflags(struct bridge_softc *sc, struct bridge_ifinfo *bif_info, 3810 uint32_t bif_flags) 3811 { 3812 struct netmsg_brsflags smsg; 3813 3814 ASSERT_NOT_SERIALIZED(sc->sc_ifp->if_serializer); 3815 3816 netmsg_init(&smsg.br_nmsg, &curthread->td_msgport, 0, 3817 bridge_set_bifflags_handler); 3818 smsg.br_softc = sc; 3819 smsg.br_bif_info = bif_info; 3820 smsg.br_bif_flags = bif_flags; 3821 3822 ifnet_domsg(&smsg.br_nmsg.nm_lmsg, 0); 3823 } 3824