2 * Copyright 1998 Massachusetts Institute of Technology
4 * Permission to use, copy, modify, and distribute this software and
5 * its documentation for any purpose and without fee is hereby
6 * granted, provided that both the above copyright notice and this
7 * permission notice appear in all copies, that both the above
8 * copyright notice and this permission notice appear in all
9 * supporting documentation, and that the name of M.I.T. not be used
10 * in advertising or publicity pertaining to distribution of the
11 * software without specific, written prior permission. M.I.T. makes
12 * no representations about the suitability of this software for any
13 * purpose. It is provided "as is" without express or implied
16 * THIS SOFTWARE IS PROVIDED BY M.I.T. ``AS IS''. M.I.T. DISCLAIMS
17 * ALL EXPRESS OR IMPLIED WARRANTIES WITH REGARD TO THIS SOFTWARE,
18 * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
19 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT
20 * SHALL M.I.T. BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
21 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
22 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
23 * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
24 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
25 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
26 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31 * if_vlan.c - pseudo-device driver for IEEE 802.1Q virtual LANs.
32 * Might be extended some day to also handle IEEE 802.1p priority
33 * tagging. This is sort of sneaky in the implementation, since
34 * we need to pretend to be enough of an Ethernet implementation
35 * to make arp work. The way we do this is by telling everyone
36 * that we are an Ethernet, and then catch the packets that
37 * ether_output() sends to us via if_transmit(), rewrite them for
38 * use by the real outgoing interface, and ask it to send them.
41 #include <sys/cdefs.h>
42 __FBSDID("$FreeBSD$");
47 #include <sys/param.h>
48 #include <sys/kernel.h>
50 #include <sys/malloc.h>
52 #include <sys/module.h>
53 #include <sys/rwlock.h>
54 #include <sys/queue.h>
55 #include <sys/socket.h>
56 #include <sys/sockio.h>
57 #include <sys/sysctl.h>
58 #include <sys/systm.h>
62 #include <net/ethernet.h>
64 #include <net/if_clone.h>
65 #include <net/if_dl.h>
66 #include <net/if_types.h>
67 #include <net/if_vlan_var.h>
71 #include <netinet/in.h>
72 #include <netinet/if_ether.h>
75 #define VLAN_DEF_HWIDTH 4
76 #define VLAN_IFFLAGS (IFF_BROADCAST | IFF_MULTICAST)
78 #define UP_AND_RUNNING(ifp) \
79 ((ifp)->if_flags & IFF_UP && (ifp)->if_drv_flags & IFF_DRV_RUNNING)
81 LIST_HEAD(ifvlanhead, ifvlan);
84 struct ifnet *parent; /* parent interface of this trunk */
87 #define VLAN_ARRAY_SIZE (EVL_VLID_MASK + 1)
88 struct ifvlan *vlans[VLAN_ARRAY_SIZE]; /* static table */
90 struct ifvlanhead *hash; /* dynamic hash-list table */
97 struct vlan_mc_entry {
98 struct sockaddr_dl mc_addr;
99 SLIST_ENTRY(vlan_mc_entry) mc_entries;
103 struct ifvlantrunk *ifv_trunk;
104 struct ifnet *ifv_ifp;
106 #define TRUNK(ifv) ((ifv)->ifv_trunk)
107 #define PARENT(ifv) ((ifv)->ifv_trunk->parent)
108 int ifv_pflags; /* special flags we have set on parent */
110 int ifvm_encaplen; /* encapsulation length */
111 int ifvm_mtufudge; /* MTU fudged by this much */
112 int ifvm_mintu; /* min transmission unit */
113 uint16_t ifvm_proto; /* encapsulation ethertype */
114 uint16_t ifvm_tag; /* tag to apply on packets leaving if */
116 SLIST_HEAD(, vlan_mc_entry) vlan_mc_listhead;
118 LIST_ENTRY(ifvlan) ifv_list;
121 #define ifv_proto ifv_mib.ifvm_proto
122 #define ifv_vid ifv_mib.ifvm_tag
123 #define ifv_encaplen ifv_mib.ifvm_encaplen
124 #define ifv_mtufudge ifv_mib.ifvm_mtufudge
125 #define ifv_mintu ifv_mib.ifvm_mintu
127 /* Special flags we should propagate to parent. */
130 int (*func)(struct ifnet *, int);
132 {IFF_PROMISC, ifpromisc},
133 {IFF_ALLMULTI, if_allmulti},
137 SYSCTL_DECL(_net_link);
138 static SYSCTL_NODE(_net_link, IFT_L2VLAN, vlan, CTLFLAG_RW, 0,
140 static SYSCTL_NODE(_net_link_vlan, PF_LINK, link, CTLFLAG_RW, 0,
143 static int soft_pad = 0;
144 SYSCTL_INT(_net_link_vlan, OID_AUTO, soft_pad, CTLFLAG_RW, &soft_pad, 0,
145 "pad short frames before tagging");
147 static const char vlanname[] = "vlan";
148 static MALLOC_DEFINE(M_VLAN, vlanname, "802.1Q Virtual LAN Interface");
150 static eventhandler_tag ifdetach_tag;
151 static eventhandler_tag iflladdr_tag;
154 * We have a global mutex, that is used to serialize configuration
155 * changes and isn't used in normal packet delivery.
157 * We also have a per-trunk rwlock, that is locked shared on packet
158 * processing and exclusive when configuration is changed.
160 * The VLAN_ARRAY substitutes the dynamic hash with a static array
161 * with 4096 entries. In theory this can give a boost in processing,
162 * however on practice it does not. Probably this is because array
163 * is too big to fit into CPU cache.
165 static struct sx ifv_lock;
166 #define VLAN_LOCK_INIT() sx_init(&ifv_lock, "vlan_global")
167 #define VLAN_LOCK_DESTROY() sx_destroy(&ifv_lock)
168 #define VLAN_LOCK_ASSERT() sx_assert(&ifv_lock, SA_LOCKED)
169 #define VLAN_LOCK() sx_xlock(&ifv_lock)
170 #define VLAN_UNLOCK() sx_xunlock(&ifv_lock)
171 #define TRUNK_LOCK_INIT(trunk) rw_init(&(trunk)->rw, vlanname)
172 #define TRUNK_LOCK_DESTROY(trunk) rw_destroy(&(trunk)->rw)
173 #define TRUNK_LOCK(trunk) rw_wlock(&(trunk)->rw)
174 #define TRUNK_UNLOCK(trunk) rw_wunlock(&(trunk)->rw)
175 #define TRUNK_LOCK_ASSERT(trunk) rw_assert(&(trunk)->rw, RA_WLOCKED)
176 #define TRUNK_RLOCK(trunk) rw_rlock(&(trunk)->rw)
177 #define TRUNK_RUNLOCK(trunk) rw_runlock(&(trunk)->rw)
178 #define TRUNK_LOCK_RASSERT(trunk) rw_assert(&(trunk)->rw, RA_RLOCKED)
181 static void vlan_inithash(struct ifvlantrunk *trunk);
182 static void vlan_freehash(struct ifvlantrunk *trunk);
183 static int vlan_inshash(struct ifvlantrunk *trunk, struct ifvlan *ifv);
184 static int vlan_remhash(struct ifvlantrunk *trunk, struct ifvlan *ifv);
185 static void vlan_growhash(struct ifvlantrunk *trunk, int howmuch);
186 static __inline struct ifvlan * vlan_gethash(struct ifvlantrunk *trunk,
189 static void trunk_destroy(struct ifvlantrunk *trunk);
191 static void vlan_init(void *foo);
192 static void vlan_input(struct ifnet *ifp, struct mbuf *m);
193 static int vlan_ioctl(struct ifnet *ifp, u_long cmd, caddr_t addr);
194 static void vlan_qflush(struct ifnet *ifp);
195 static int vlan_setflag(struct ifnet *ifp, int flag, int status,
196 int (*func)(struct ifnet *, int));
197 static int vlan_setflags(struct ifnet *ifp, int status);
198 static int vlan_setmulti(struct ifnet *ifp);
199 static int vlan_transmit(struct ifnet *ifp, struct mbuf *m);
200 static void vlan_unconfig(struct ifnet *ifp);
201 static void vlan_unconfig_locked(struct ifnet *ifp, int departing);
202 static int vlan_config(struct ifvlan *ifv, struct ifnet *p, uint16_t tag);
203 static void vlan_link_state(struct ifnet *ifp);
204 static void vlan_capabilities(struct ifvlan *ifv);
205 static void vlan_trunk_capabilities(struct ifnet *ifp);
207 static struct ifnet *vlan_clone_match_ethervid(struct if_clone *,
208 const char *, int *);
209 static int vlan_clone_match(struct if_clone *, const char *);
210 static int vlan_clone_create(struct if_clone *, char *, size_t, caddr_t);
211 static int vlan_clone_destroy(struct if_clone *, struct ifnet *);
213 static void vlan_ifdetach(void *arg, struct ifnet *ifp);
214 static void vlan_iflladdr(void *arg, struct ifnet *ifp);
216 static struct if_clone *vlan_cloner;
219 static VNET_DEFINE(struct if_clone *, vlan_cloner);
220 #define V_vlan_cloner VNET(vlan_cloner)
224 #define HASH(n, m) ((((n) >> 8) ^ ((n) >> 4) ^ (n)) & (m))
227 vlan_inithash(struct ifvlantrunk *trunk)
232 * The trunk must not be locked here since we call malloc(M_WAITOK).
233 * It is OK in case this function is called before the trunk struct
234 * gets hooked up and becomes visible from other threads.
237 KASSERT(trunk->hwidth == 0 && trunk->hash == NULL,
238 ("%s: hash already initialized", __func__));
240 trunk->hwidth = VLAN_DEF_HWIDTH;
241 n = 1 << trunk->hwidth;
242 trunk->hmask = n - 1;
243 trunk->hash = malloc(sizeof(struct ifvlanhead) * n, M_VLAN, M_WAITOK);
244 for (i = 0; i < n; i++)
245 LIST_INIT(&trunk->hash[i]);
249 vlan_freehash(struct ifvlantrunk *trunk)
254 KASSERT(trunk->hwidth > 0, ("%s: hwidth not positive", __func__));
255 for (i = 0; i < (1 << trunk->hwidth); i++)
256 KASSERT(LIST_EMPTY(&trunk->hash[i]),
257 ("%s: hash table not empty", __func__));
259 free(trunk->hash, M_VLAN);
261 trunk->hwidth = trunk->hmask = 0;
265 vlan_inshash(struct ifvlantrunk *trunk, struct ifvlan *ifv)
270 TRUNK_LOCK_ASSERT(trunk);
271 KASSERT(trunk->hwidth > 0, ("%s: hwidth not positive", __func__));
273 b = 1 << trunk->hwidth;
274 i = HASH(ifv->ifv_vid, trunk->hmask);
275 LIST_FOREACH(ifv2, &trunk->hash[i], ifv_list)
276 if (ifv->ifv_vid == ifv2->ifv_vid)
280 * Grow the hash when the number of vlans exceeds half of the number of
281 * hash buckets squared. This will make the average linked-list length
284 if (trunk->refcnt > (b * b) / 2) {
285 vlan_growhash(trunk, 1);
286 i = HASH(ifv->ifv_vid, trunk->hmask);
288 LIST_INSERT_HEAD(&trunk->hash[i], ifv, ifv_list);
295 vlan_remhash(struct ifvlantrunk *trunk, struct ifvlan *ifv)
300 TRUNK_LOCK_ASSERT(trunk);
301 KASSERT(trunk->hwidth > 0, ("%s: hwidth not positive", __func__));
303 b = 1 << trunk->hwidth;
304 i = HASH(ifv->ifv_vid, trunk->hmask);
305 LIST_FOREACH(ifv2, &trunk->hash[i], ifv_list)
308 LIST_REMOVE(ifv2, ifv_list);
309 if (trunk->refcnt < (b * b) / 2)
310 vlan_growhash(trunk, -1);
314 panic("%s: vlan not found\n", __func__);
315 return (ENOENT); /*NOTREACHED*/
319 * Grow the hash larger or smaller if memory permits.
322 vlan_growhash(struct ifvlantrunk *trunk, int howmuch)
325 struct ifvlanhead *hash2;
326 int hwidth2, i, j, n, n2;
328 TRUNK_LOCK_ASSERT(trunk);
329 KASSERT(trunk->hwidth > 0, ("%s: hwidth not positive", __func__));
332 /* Harmless yet obvious coding error */
333 printf("%s: howmuch is 0\n", __func__);
337 hwidth2 = trunk->hwidth + howmuch;
338 n = 1 << trunk->hwidth;
340 /* Do not shrink the table below the default */
341 if (hwidth2 < VLAN_DEF_HWIDTH)
344 /* M_NOWAIT because we're called with trunk mutex held */
345 hash2 = malloc(sizeof(struct ifvlanhead) * n2, M_VLAN, M_NOWAIT);
347 printf("%s: out of memory -- hash size not changed\n",
349 return; /* We can live with the old hash table */
351 for (j = 0; j < n2; j++)
352 LIST_INIT(&hash2[j]);
353 for (i = 0; i < n; i++)
354 while ((ifv = LIST_FIRST(&trunk->hash[i])) != NULL) {
355 LIST_REMOVE(ifv, ifv_list);
356 j = HASH(ifv->ifv_vid, n2 - 1);
357 LIST_INSERT_HEAD(&hash2[j], ifv, ifv_list);
359 free(trunk->hash, M_VLAN);
361 trunk->hwidth = hwidth2;
362 trunk->hmask = n2 - 1;
365 if_printf(trunk->parent,
366 "VLAN hash table resized from %d to %d buckets\n", n, n2);
369 static __inline struct ifvlan *
370 vlan_gethash(struct ifvlantrunk *trunk, uint16_t vid)
374 TRUNK_LOCK_RASSERT(trunk);
376 LIST_FOREACH(ifv, &trunk->hash[HASH(vid, trunk->hmask)], ifv_list)
377 if (ifv->ifv_vid == vid)
383 /* Debugging code to view the hashtables. */
385 vlan_dumphash(struct ifvlantrunk *trunk)
390 for (i = 0; i < (1 << trunk->hwidth); i++) {
392 LIST_FOREACH(ifv, &trunk->hash[i], ifv_list)
393 printf("%s ", ifv->ifv_ifp->if_xname);
400 static __inline struct ifvlan *
401 vlan_gethash(struct ifvlantrunk *trunk, uint16_t vid)
404 return trunk->vlans[vid];
408 vlan_inshash(struct ifvlantrunk *trunk, struct ifvlan *ifv)
411 if (trunk->vlans[ifv->ifv_vid] != NULL)
413 trunk->vlans[ifv->ifv_vid] = ifv;
420 vlan_remhash(struct ifvlantrunk *trunk, struct ifvlan *ifv)
423 trunk->vlans[ifv->ifv_vid] = NULL;
430 vlan_freehash(struct ifvlantrunk *trunk)
435 vlan_inithash(struct ifvlantrunk *trunk)
439 #endif /* !VLAN_ARRAY */
442 trunk_destroy(struct ifvlantrunk *trunk)
447 vlan_freehash(trunk);
448 trunk->parent->if_vlantrunk = NULL;
450 TRUNK_LOCK_DESTROY(trunk);
455 * Program our multicast filter. What we're actually doing is
456 * programming the multicast filter of the parent. This has the
457 * side effect of causing the parent interface to receive multicast
458 * traffic that it doesn't really want, which ends up being discarded
459 * later by the upper protocol layers. Unfortunately, there's no way
460 * to avoid this: there really is only one physical interface.
463 vlan_setmulti(struct ifnet *ifp)
466 struct ifmultiaddr *ifma;
468 struct vlan_mc_entry *mc;
471 /* Find the parent. */
473 TRUNK_LOCK_ASSERT(TRUNK(sc));
476 CURVNET_SET_QUIET(ifp_p->if_vnet);
478 /* First, remove any existing filter entries. */
479 while ((mc = SLIST_FIRST(&sc->vlan_mc_listhead)) != NULL) {
480 SLIST_REMOVE_HEAD(&sc->vlan_mc_listhead, mc_entries);
481 (void)if_delmulti(ifp_p, (struct sockaddr *)&mc->mc_addr);
485 /* Now program new ones. */
487 TAILQ_FOREACH(ifma, &ifp->if_multiaddrs, ifma_link) {
488 if (ifma->ifma_addr->sa_family != AF_LINK)
490 mc = malloc(sizeof(struct vlan_mc_entry), M_VLAN, M_NOWAIT);
492 IF_ADDR_WUNLOCK(ifp);
495 bcopy(ifma->ifma_addr, &mc->mc_addr, ifma->ifma_addr->sa_len);
496 mc->mc_addr.sdl_index = ifp_p->if_index;
497 SLIST_INSERT_HEAD(&sc->vlan_mc_listhead, mc, mc_entries);
499 IF_ADDR_WUNLOCK(ifp);
500 SLIST_FOREACH (mc, &sc->vlan_mc_listhead, mc_entries) {
501 error = if_addmulti(ifp_p, (struct sockaddr *)&mc->mc_addr,
512 * A handler for parent interface link layer address changes.
513 * If the parent interface link layer address is changed we
514 * should also change it on all children vlans.
517 vlan_iflladdr(void *arg __unused, struct ifnet *ifp)
526 * Check if it's a trunk interface first of all
527 * to avoid needless locking.
529 if (ifp->if_vlantrunk == NULL)
534 * OK, it's a trunk. Loop over and change all vlan's lladdrs on it.
537 for (i = 0; i < VLAN_ARRAY_SIZE; i++)
538 if ((ifv = ifp->if_vlantrunk->vlans[i])) {
539 #else /* VLAN_ARRAY */
540 for (i = 0; i < (1 << ifp->if_vlantrunk->hwidth); i++)
541 LIST_FOREACH_SAFE(ifv, &ifp->if_vlantrunk->hash[i], ifv_list, next) {
542 #endif /* VLAN_ARRAY */
544 if_setlladdr(ifv->ifv_ifp, IF_LLADDR(ifp),
553 * A handler for network interface departure events.
554 * Track departure of trunks here so that we don't access invalid
555 * pointers or whatever if a trunk is ripped from under us, e.g.,
556 * by ejecting its hot-plug card. However, if an ifnet is simply
557 * being renamed, then there's no need to tear down the state.
560 vlan_ifdetach(void *arg __unused, struct ifnet *ifp)
566 * Check if it's a trunk interface first of all
567 * to avoid needless locking.
569 if (ifp->if_vlantrunk == NULL)
572 /* If the ifnet is just being renamed, don't do anything. */
573 if (ifp->if_flags & IFF_RENAMING)
578 * OK, it's a trunk. Loop over and detach all vlan's on it.
579 * Check trunk pointer after each vlan_unconfig() as it will
580 * free it and set to NULL after the last vlan was detached.
583 for (i = 0; i < VLAN_ARRAY_SIZE; i++)
584 if ((ifv = ifp->if_vlantrunk->vlans[i])) {
585 vlan_unconfig_locked(ifv->ifv_ifp, 1);
586 if (ifp->if_vlantrunk == NULL)
589 #else /* VLAN_ARRAY */
591 for (i = 0; i < (1 << ifp->if_vlantrunk->hwidth); i++)
592 if ((ifv = LIST_FIRST(&ifp->if_vlantrunk->hash[i]))) {
593 vlan_unconfig_locked(ifv->ifv_ifp, 1);
594 if (ifp->if_vlantrunk)
595 goto restart; /* trunk->hwidth can change */
599 #endif /* VLAN_ARRAY */
600 /* Trunk should have been destroyed in vlan_unconfig(). */
601 KASSERT(ifp->if_vlantrunk == NULL, ("%s: purge failed", __func__));
606 * Return the trunk device for a virtual interface.
608 static struct ifnet *
609 vlan_trunkdev(struct ifnet *ifp)
613 if (ifp->if_type != IFT_L2VLAN)
625 * Return the 12-bit VLAN VID for this interface, for use by external
626 * components such as Infiniband.
628 * XXXRW: Note that the function name here is historical; it should be named
632 vlan_tag(struct ifnet *ifp, uint16_t *vidp)
636 if (ifp->if_type != IFT_L2VLAN)
639 *vidp = ifv->ifv_vid;
644 * Return a driver specific cookie for this interface. Synchronization
645 * with setcookie must be provided by the driver.
648 vlan_cookie(struct ifnet *ifp)
652 if (ifp->if_type != IFT_L2VLAN)
655 return (ifv->ifv_cookie);
659 * Store a cookie in our softc that drivers can use to store driver
660 * private per-instance data in.
663 vlan_setcookie(struct ifnet *ifp, void *cookie)
667 if (ifp->if_type != IFT_L2VLAN)
670 ifv->ifv_cookie = cookie;
675 * Return the vlan device present at the specific VID.
677 static struct ifnet *
678 vlan_devat(struct ifnet *ifp, uint16_t vid)
680 struct ifvlantrunk *trunk;
683 trunk = ifp->if_vlantrunk;
688 ifv = vlan_gethash(trunk, vid);
691 TRUNK_RUNLOCK(trunk);
696 * VLAN support can be loaded as a module. The only place in the
697 * system that's intimately aware of this is ether_input. We hook
698 * into this code through vlan_input_p which is defined there and
699 * set here. Noone else in the system should be aware of this so
700 * we use an explicit reference here.
702 extern void (*vlan_input_p)(struct ifnet *, struct mbuf *);
704 /* For if_link_state_change() eyes only... */
705 extern void (*vlan_link_state_p)(struct ifnet *);
708 vlan_modevent(module_t mod, int type, void *data)
713 ifdetach_tag = EVENTHANDLER_REGISTER(ifnet_departure_event,
714 vlan_ifdetach, NULL, EVENTHANDLER_PRI_ANY);
715 if (ifdetach_tag == NULL)
717 iflladdr_tag = EVENTHANDLER_REGISTER(iflladdr_event,
718 vlan_iflladdr, NULL, EVENTHANDLER_PRI_ANY);
719 if (iflladdr_tag == NULL)
722 vlan_input_p = vlan_input;
723 vlan_link_state_p = vlan_link_state;
724 vlan_trunk_cap_p = vlan_trunk_capabilities;
725 vlan_trunkdev_p = vlan_trunkdev;
726 vlan_cookie_p = vlan_cookie;
727 vlan_setcookie_p = vlan_setcookie;
728 vlan_tag_p = vlan_tag;
729 vlan_devat_p = vlan_devat;
731 vlan_cloner = if_clone_advanced(vlanname, 0, vlan_clone_match,
732 vlan_clone_create, vlan_clone_destroy);
735 printf("vlan: initialized, using "
739 "hash tables with chaining"
746 if_clone_detach(vlan_cloner);
748 EVENTHANDLER_DEREGISTER(ifnet_departure_event, ifdetach_tag);
749 EVENTHANDLER_DEREGISTER(iflladdr_event, iflladdr_tag);
751 vlan_link_state_p = NULL;
752 vlan_trunk_cap_p = NULL;
753 vlan_trunkdev_p = NULL;
755 vlan_cookie_p = NULL;
756 vlan_setcookie_p = NULL;
760 printf("vlan: unloaded\n");
768 static moduledata_t vlan_mod = {
774 DECLARE_MODULE(if_vlan, vlan_mod, SI_SUB_PSEUDO, SI_ORDER_ANY);
775 MODULE_VERSION(if_vlan, 3);
779 vnet_vlan_init(const void *unused __unused)
782 vlan_cloner = if_clone_advanced(vlanname, 0, vlan_clone_match,
783 vlan_clone_create, vlan_clone_destroy);
784 V_vlan_cloner = vlan_cloner;
786 VNET_SYSINIT(vnet_vlan_init, SI_SUB_PROTO_IFATTACHDOMAIN, SI_ORDER_ANY,
787 vnet_vlan_init, NULL);
790 vnet_vlan_uninit(const void *unused __unused)
793 if_clone_detach(V_vlan_cloner);
795 VNET_SYSUNINIT(vnet_vlan_uninit, SI_SUB_PROTO_IFATTACHDOMAIN, SI_ORDER_FIRST,
796 vnet_vlan_uninit, NULL);
799 static struct ifnet *
800 vlan_clone_match_ethervid(struct if_clone *ifc, const char *name, int *vidp)
806 /* Check for <etherif>.<vlan> style interface names. */
807 IFNET_RLOCK_NOSLEEP();
808 TAILQ_FOREACH(ifp, &V_ifnet, if_link) {
810 * We can handle non-ethernet hardware types as long as
811 * they handle the tagging and headers themselves.
813 if (ifp->if_type != IFT_ETHER &&
814 (ifp->if_capenable & IFCAP_VLAN_HWTAGGING) == 0)
816 if (strncmp(ifp->if_xname, name, strlen(ifp->if_xname)) != 0)
818 cp = name + strlen(ifp->if_xname);
824 for(; *cp >= '0' && *cp <= '9'; cp++)
825 vid = (vid * 10) + (*cp - '0');
832 IFNET_RUNLOCK_NOSLEEP();
838 vlan_clone_match(struct if_clone *ifc, const char *name)
842 if (vlan_clone_match_ethervid(ifc, name, NULL) != NULL)
845 if (strncmp(vlanname, name, strlen(vlanname)) != 0)
847 for (cp = name + 4; *cp != '\0'; cp++) {
848 if (*cp < '0' || *cp > '9')
856 vlan_clone_create(struct if_clone *ifc, char *name, size_t len, caddr_t params)
868 struct sockaddr_dl *sdl;
870 static const u_char eaddr[ETHER_ADDR_LEN]; /* 00:00:00:00:00:00 */
873 * There are 3 (ugh) ways to specify the cloned device:
874 * o pass a parameter block with the clone request.
875 * o specify parameters in the text of the clone device name
876 * o specify no parameters and get an unattached device that
877 * must be configured separately.
878 * The first technique is preferred; the latter two are
879 * supported for backwards compatibilty.
881 * XXXRW: Note historic use of the word "tag" here. New ioctls may be
885 error = copyin(params, &vlr, sizeof(vlr));
888 p = ifunit(vlr.vlr_parent);
892 * Don't let the caller set up a VLAN VID with
893 * anything except VLID bits.
895 if (vlr.vlr_tag & ~EVL_VLID_MASK)
897 error = ifc_name2unit(name, &unit);
903 wildcard = (unit < 0);
904 } else if ((p = vlan_clone_match_ethervid(ifc, name, &vid)) != NULL) {
910 * Don't let the caller set up a VLAN VID with
911 * anything except VLID bits.
913 if (vid & ~EVL_VLID_MASK)
918 error = ifc_name2unit(name, &unit);
922 wildcard = (unit < 0);
925 error = ifc_alloc_unit(ifc, &unit);
929 /* In the wildcard case, we need to update the name. */
931 for (dp = name; *dp != '\0'; dp++);
932 if (snprintf(dp, len - (dp-name), "%d", unit) >
933 len - (dp-name) - 1) {
934 panic("%s: interface name too long", __func__);
938 ifv = malloc(sizeof(struct ifvlan), M_VLAN, M_WAITOK | M_ZERO);
939 ifp = ifv->ifv_ifp = if_alloc(IFT_ETHER);
941 ifc_free_unit(ifc, unit);
945 SLIST_INIT(&ifv->vlan_mc_listhead);
949 * Set the name manually rather than using if_initname because
950 * we don't conform to the default naming convention for interfaces.
952 strlcpy(ifp->if_xname, name, IFNAMSIZ);
953 ifp->if_dname = vlanname;
954 ifp->if_dunit = unit;
955 /* NB: flags are not set here */
956 ifp->if_linkmib = &ifv->ifv_mib;
957 ifp->if_linkmiblen = sizeof(ifv->ifv_mib);
958 /* NB: mtu is not set here */
960 ifp->if_init = vlan_init;
961 ifp->if_transmit = vlan_transmit;
962 ifp->if_qflush = vlan_qflush;
963 ifp->if_ioctl = vlan_ioctl;
964 ifp->if_flags = VLAN_IFFLAGS;
965 ether_ifattach(ifp, eaddr);
966 /* Now undo some of the damage... */
967 ifp->if_baudrate = 0;
968 ifp->if_type = IFT_L2VLAN;
969 ifp->if_hdrlen = ETHER_VLAN_ENCAP_LEN;
971 sdl = (struct sockaddr_dl *)ifa->ifa_addr;
972 sdl->sdl_type = IFT_L2VLAN;
975 error = vlan_config(ifv, p, vid);
978 * Since we've partially failed, we need to back
979 * out all the way, otherwise userland could get
980 * confused. Thus, we destroy the interface.
985 ifc_free_unit(ifc, unit);
991 /* Update flags on the parent, if necessary. */
992 vlan_setflags(ifp, 1);
999 vlan_clone_destroy(struct if_clone *ifc, struct ifnet *ifp)
1001 struct ifvlan *ifv = ifp->if_softc;
1002 int unit = ifp->if_dunit;
1004 ether_ifdetach(ifp); /* first, remove it from system-wide lists */
1005 vlan_unconfig(ifp); /* now it can be unconfigured and freed */
1008 ifc_free_unit(ifc, unit);
1014 * The ifp->if_init entry point for vlan(4) is a no-op.
1017 vlan_init(void *foo __unused)
1022 * The if_transmit method for vlan(4) interface.
1025 vlan_transmit(struct ifnet *ifp, struct mbuf *m)
1029 int error, len, mcast;
1031 ifv = ifp->if_softc;
1033 len = m->m_pkthdr.len;
1034 mcast = (m->m_flags & (M_MCAST | M_BCAST)) ? 1 : 0;
1039 * Do not run parent's if_transmit() if the parent is not up,
1040 * or parent's driver will cause a system crash.
1042 if (!UP_AND_RUNNING(p)) {
1049 * Pad the frame to the minimum size allowed if told to.
1050 * This option is in accord with IEEE Std 802.1Q, 2003 Ed.,
1051 * paragraph C.4.4.3.b. It can help to work around buggy
1052 * bridges that violate paragraph C.4.4.3.a from the same
1053 * document, i.e., fail to pad short frames after untagging.
1054 * E.g., a tagged frame 66 bytes long (incl. FCS) is OK, but
1055 * untagging it will produce a 62-byte frame, which is a runt
1056 * and requires padding. There are VLAN-enabled network
1057 * devices that just discard such runts instead or mishandle
1060 if (soft_pad && p->if_type == IFT_ETHER) {
1061 static char pad[8]; /* just zeros */
1064 for (n = ETHERMIN + ETHER_HDR_LEN - m->m_pkthdr.len;
1065 n > 0; n -= sizeof(pad))
1066 if (!m_append(m, min(n, sizeof(pad)), pad))
1070 if_printf(ifp, "cannot pad short frame\n");
1078 * If underlying interface can do VLAN tag insertion itself,
1079 * just pass the packet along. However, we need some way to
1080 * tell the interface where the packet came from so that it
1081 * knows how to find the VLAN tag to use, so we attach a
1082 * packet tag that holds it.
1084 if (p->if_capenable & IFCAP_VLAN_HWTAGGING) {
1085 m->m_pkthdr.ether_vtag = ifv->ifv_vid;
1086 m->m_flags |= M_VLANTAG;
1088 m = ether_vlanencap(m, ifv->ifv_vid);
1090 if_printf(ifp, "unable to prepend VLAN header\n");
1097 * Send it, precisely as ether_output() would have.
1099 error = (p->if_transmit)(p, m);
1102 ifp->if_omcasts += mcast;
1103 ifp->if_obytes += len;
1110 * The ifp->if_qflush entry point for vlan(4) is a no-op.
1113 vlan_qflush(struct ifnet *ifp __unused)
1118 vlan_input(struct ifnet *ifp, struct mbuf *m)
1120 struct ifvlantrunk *trunk = ifp->if_vlantrunk;
1124 KASSERT(trunk != NULL, ("%s: no trunk", __func__));
1126 if (m->m_flags & M_VLANTAG) {
1128 * Packet is tagged, but m contains a normal
1129 * Ethernet frame; the tag is stored out-of-band.
1131 vid = EVL_VLANOFTAG(m->m_pkthdr.ether_vtag);
1132 m->m_flags &= ~M_VLANTAG;
1134 struct ether_vlan_header *evl;
1137 * Packet is tagged in-band as specified by 802.1q.
1139 switch (ifp->if_type) {
1141 if (m->m_len < sizeof(*evl) &&
1142 (m = m_pullup(m, sizeof(*evl))) == NULL) {
1143 if_printf(ifp, "cannot pullup VLAN header\n");
1146 evl = mtod(m, struct ether_vlan_header *);
1147 vid = EVL_VLANOFTAG(ntohs(evl->evl_tag));
1150 * Remove the 802.1q header by copying the Ethernet
1151 * addresses over it and adjusting the beginning of
1152 * the data in the mbuf. The encapsulated Ethernet
1153 * type field is already in place.
1155 bcopy((char *)evl, (char *)evl + ETHER_VLAN_ENCAP_LEN,
1156 ETHER_HDR_LEN - ETHER_TYPE_LEN);
1157 m_adj(m, ETHER_VLAN_ENCAP_LEN);
1162 panic("%s: %s has unsupported if_type %u",
1163 __func__, ifp->if_xname, ifp->if_type);
1172 ifv = vlan_gethash(trunk, vid);
1173 if (ifv == NULL || !UP_AND_RUNNING(ifv->ifv_ifp)) {
1174 TRUNK_RUNLOCK(trunk);
1179 TRUNK_RUNLOCK(trunk);
1181 m->m_pkthdr.rcvif = ifv->ifv_ifp;
1182 ifv->ifv_ifp->if_ipackets++;
1184 /* Pass it back through the parent's input routine. */
1185 (*ifp->if_input)(ifv->ifv_ifp, m);
1189 vlan_config(struct ifvlan *ifv, struct ifnet *p, uint16_t vid)
1191 struct ifvlantrunk *trunk;
1195 /* VID numbers 0x0 and 0xFFF are reserved */
1196 if (vid == 0 || vid == 0xFFF)
1198 if (p->if_type != IFT_ETHER &&
1199 (p->if_capenable & IFCAP_VLAN_HWTAGGING) == 0)
1200 return (EPROTONOSUPPORT);
1201 if ((p->if_flags & VLAN_IFFLAGS) != VLAN_IFFLAGS)
1202 return (EPROTONOSUPPORT);
1206 if (p->if_vlantrunk == NULL) {
1207 trunk = malloc(sizeof(struct ifvlantrunk),
1208 M_VLAN, M_WAITOK | M_ZERO);
1209 vlan_inithash(trunk);
1211 if (p->if_vlantrunk != NULL) {
1212 /* A race that that is very unlikely to be hit. */
1213 vlan_freehash(trunk);
1214 free(trunk, M_VLAN);
1217 TRUNK_LOCK_INIT(trunk);
1219 p->if_vlantrunk = trunk;
1224 trunk = p->if_vlantrunk;
1228 ifv->ifv_vid = vid; /* must set this before vlan_inshash() */
1229 error = vlan_inshash(trunk, ifv);
1232 ifv->ifv_proto = ETHERTYPE_VLAN;
1233 ifv->ifv_encaplen = ETHER_VLAN_ENCAP_LEN;
1234 ifv->ifv_mintu = ETHERMIN;
1235 ifv->ifv_pflags = 0;
1238 * If the parent supports the VLAN_MTU capability,
1239 * i.e. can Tx/Rx larger than ETHER_MAX_LEN frames,
1242 if (p->if_capenable & IFCAP_VLAN_MTU) {
1244 * No need to fudge the MTU since the parent can
1245 * handle extended frames.
1247 ifv->ifv_mtufudge = 0;
1250 * Fudge the MTU by the encapsulation size. This
1251 * makes us incompatible with strictly compliant
1252 * 802.1Q implementations, but allows us to use
1253 * the feature with other NetBSD implementations,
1254 * which might still be useful.
1256 ifv->ifv_mtufudge = ifv->ifv_encaplen;
1259 ifv->ifv_trunk = trunk;
1262 * Initialize fields from our parent. This duplicates some
1263 * work with ether_ifattach() but allows for non-ethernet
1264 * interfaces to also work.
1266 ifp->if_mtu = p->if_mtu - ifv->ifv_mtufudge;
1267 ifp->if_baudrate = p->if_baudrate;
1268 ifp->if_output = p->if_output;
1269 ifp->if_input = p->if_input;
1270 ifp->if_resolvemulti = p->if_resolvemulti;
1271 ifp->if_addrlen = p->if_addrlen;
1272 ifp->if_broadcastaddr = p->if_broadcastaddr;
1275 * Copy only a selected subset of flags from the parent.
1276 * Other flags are none of our business.
1278 #define VLAN_COPY_FLAGS (IFF_SIMPLEX)
1279 ifp->if_flags &= ~VLAN_COPY_FLAGS;
1280 ifp->if_flags |= p->if_flags & VLAN_COPY_FLAGS;
1281 #undef VLAN_COPY_FLAGS
1283 ifp->if_link_state = p->if_link_state;
1285 vlan_capabilities(ifv);
1288 * Set up our interface address to reflect the underlying
1289 * physical interface's.
1291 bcopy(IF_LLADDR(p), IF_LLADDR(ifp), p->if_addrlen);
1292 ((struct sockaddr_dl *)ifp->if_addr->ifa_addr)->sdl_alen =
1296 * Configure multicast addresses that may already be
1297 * joined on the vlan device.
1299 (void)vlan_setmulti(ifp); /* XXX: VLAN lock held */
1301 /* We are ready for operation now. */
1302 ifp->if_drv_flags |= IFF_DRV_RUNNING;
1304 TRUNK_UNLOCK(trunk);
1306 EVENTHANDLER_INVOKE(vlan_config, p, ifv->ifv_vid);
1313 vlan_unconfig(struct ifnet *ifp)
1317 vlan_unconfig_locked(ifp, 0);
1322 vlan_unconfig_locked(struct ifnet *ifp, int departing)
1324 struct ifvlantrunk *trunk;
1325 struct vlan_mc_entry *mc;
1327 struct ifnet *parent;
1332 ifv = ifp->if_softc;
1333 trunk = ifv->ifv_trunk;
1336 if (trunk != NULL) {
1339 parent = trunk->parent;
1342 * Since the interface is being unconfigured, we need to
1343 * empty the list of multicast groups that we may have joined
1344 * while we were alive from the parent's list.
1346 while ((mc = SLIST_FIRST(&ifv->vlan_mc_listhead)) != NULL) {
1348 * If the parent interface is being detached,
1349 * all its multicast addresses have already
1350 * been removed. Warn about errors if
1351 * if_delmulti() does fail, but don't abort as
1352 * all callers expect vlan destruction to
1356 error = if_delmulti(parent,
1357 (struct sockaddr *)&mc->mc_addr);
1360 "Failed to delete multicast address from parent: %d\n",
1363 SLIST_REMOVE_HEAD(&ifv->vlan_mc_listhead, mc_entries);
1367 vlan_setflags(ifp, 0); /* clear special flags on parent */
1368 vlan_remhash(trunk, ifv);
1369 ifv->ifv_trunk = NULL;
1372 * Check if we were the last.
1374 if (trunk->refcnt == 0) {
1375 parent->if_vlantrunk = NULL;
1377 * XXXGL: If some ithread has already entered
1378 * vlan_input() and is now blocked on the trunk
1379 * lock, then it should preempt us right after
1380 * unlock and finish its work. Then we will acquire
1381 * lock again in trunk_destroy().
1383 TRUNK_UNLOCK(trunk);
1384 trunk_destroy(trunk);
1386 TRUNK_UNLOCK(trunk);
1389 /* Disconnect from parent. */
1390 if (ifv->ifv_pflags)
1391 if_printf(ifp, "%s: ifv_pflags unclean\n", __func__);
1392 ifp->if_mtu = ETHERMTU;
1393 ifp->if_link_state = LINK_STATE_UNKNOWN;
1394 ifp->if_drv_flags &= ~IFF_DRV_RUNNING;
1397 * Only dispatch an event if vlan was
1398 * attached, otherwise there is nothing
1399 * to cleanup anyway.
1402 EVENTHANDLER_INVOKE(vlan_unconfig, parent, ifv->ifv_vid);
1405 /* Handle a reference counted flag that should be set on the parent as well */
1407 vlan_setflag(struct ifnet *ifp, int flag, int status,
1408 int (*func)(struct ifnet *, int))
1413 /* XXX VLAN_LOCK_ASSERT(); */
1415 ifv = ifp->if_softc;
1416 status = status ? (ifp->if_flags & flag) : 0;
1417 /* Now "status" contains the flag value or 0 */
1420 * See if recorded parent's status is different from what
1421 * we want it to be. If it is, flip it. We record parent's
1422 * status in ifv_pflags so that we won't clear parent's flag
1423 * we haven't set. In fact, we don't clear or set parent's
1424 * flags directly, but get or release references to them.
1425 * That's why we can be sure that recorded flags still are
1426 * in accord with actual parent's flags.
1428 if (status != (ifv->ifv_pflags & flag)) {
1429 error = (*func)(PARENT(ifv), status);
1432 ifv->ifv_pflags &= ~flag;
1433 ifv->ifv_pflags |= status;
1439 * Handle IFF_* flags that require certain changes on the parent:
1440 * if "status" is true, update parent's flags respective to our if_flags;
1441 * if "status" is false, forcedly clear the flags set on parent.
1444 vlan_setflags(struct ifnet *ifp, int status)
1448 for (i = 0; vlan_pflags[i].flag; i++) {
1449 error = vlan_setflag(ifp, vlan_pflags[i].flag,
1450 status, vlan_pflags[i].func);
1457 /* Inform all vlans that their parent has changed link state */
1459 vlan_link_state(struct ifnet *ifp)
1461 struct ifvlantrunk *trunk = ifp->if_vlantrunk;
1467 for (i = 0; i < VLAN_ARRAY_SIZE; i++)
1468 if (trunk->vlans[i] != NULL) {
1469 ifv = trunk->vlans[i];
1471 for (i = 0; i < (1 << trunk->hwidth); i++)
1472 LIST_FOREACH(ifv, &trunk->hash[i], ifv_list) {
1474 ifv->ifv_ifp->if_baudrate = trunk->parent->if_baudrate;
1475 if_link_state_change(ifv->ifv_ifp,
1476 trunk->parent->if_link_state);
1478 TRUNK_UNLOCK(trunk);
1482 vlan_capabilities(struct ifvlan *ifv)
1484 struct ifnet *p = PARENT(ifv);
1485 struct ifnet *ifp = ifv->ifv_ifp;
1487 TRUNK_LOCK_ASSERT(TRUNK(ifv));
1490 * If the parent interface can do checksum offloading
1491 * on VLANs, then propagate its hardware-assisted
1492 * checksumming flags. Also assert that checksum
1493 * offloading requires hardware VLAN tagging.
1495 if (p->if_capabilities & IFCAP_VLAN_HWCSUM)
1496 ifp->if_capabilities = p->if_capabilities & IFCAP_HWCSUM;
1498 if (p->if_capenable & IFCAP_VLAN_HWCSUM &&
1499 p->if_capenable & IFCAP_VLAN_HWTAGGING) {
1500 ifp->if_capenable = p->if_capenable & IFCAP_HWCSUM;
1501 ifp->if_hwassist = p->if_hwassist & (CSUM_IP | CSUM_TCP |
1502 CSUM_UDP | CSUM_SCTP | CSUM_FRAGMENT);
1504 ifp->if_capenable = 0;
1505 ifp->if_hwassist = 0;
1508 * If the parent interface can do TSO on VLANs then
1509 * propagate the hardware-assisted flag. TSO on VLANs
1510 * does not necessarily require hardware VLAN tagging.
1512 if (p->if_hw_tsomax > 0)
1513 ifp->if_hw_tsomax = p->if_hw_tsomax;
1514 if (p->if_capabilities & IFCAP_VLAN_HWTSO)
1515 ifp->if_capabilities |= p->if_capabilities & IFCAP_TSO;
1516 if (p->if_capenable & IFCAP_VLAN_HWTSO) {
1517 ifp->if_capenable |= p->if_capenable & IFCAP_TSO;
1518 ifp->if_hwassist |= p->if_hwassist & CSUM_TSO;
1520 ifp->if_capenable &= ~(p->if_capenable & IFCAP_TSO);
1521 ifp->if_hwassist &= ~(p->if_hwassist & CSUM_TSO);
1525 * If the parent interface can offload TCP connections over VLANs then
1526 * propagate its TOE capability to the VLAN interface.
1528 * All TOE drivers in the tree today can deal with VLANs. If this
1529 * changes then IFCAP_VLAN_TOE should be promoted to a full capability
1532 #define IFCAP_VLAN_TOE IFCAP_TOE
1533 if (p->if_capabilities & IFCAP_VLAN_TOE)
1534 ifp->if_capabilities |= p->if_capabilities & IFCAP_TOE;
1535 if (p->if_capenable & IFCAP_VLAN_TOE) {
1536 TOEDEV(ifp) = TOEDEV(p);
1537 ifp->if_capenable |= p->if_capenable & IFCAP_TOE;
1542 vlan_trunk_capabilities(struct ifnet *ifp)
1544 struct ifvlantrunk *trunk = ifp->if_vlantrunk;
1550 for (i = 0; i < VLAN_ARRAY_SIZE; i++)
1551 if (trunk->vlans[i] != NULL) {
1552 ifv = trunk->vlans[i];
1554 for (i = 0; i < (1 << trunk->hwidth); i++) {
1555 LIST_FOREACH(ifv, &trunk->hash[i], ifv_list)
1557 vlan_capabilities(ifv);
1559 TRUNK_UNLOCK(trunk);
1563 vlan_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data)
1569 struct ifvlantrunk *trunk;
1573 ifr = (struct ifreq *)data;
1574 ifa = (struct ifaddr *) data;
1575 ifv = ifp->if_softc;
1579 ifp->if_flags |= IFF_UP;
1581 if (ifa->ifa_addr->sa_family == AF_INET)
1582 arp_ifinit(ifp, ifa);
1587 struct sockaddr *sa;
1589 sa = (struct sockaddr *)&ifr->ifr_data;
1590 bcopy(IF_LLADDR(ifp), sa->sa_data, ifp->if_addrlen);
1595 if (TRUNK(ifv) != NULL) {
1598 error = (*p->if_ioctl)(p, SIOCGIFMEDIA, data);
1599 /* Limit the result to the parent's current config. */
1601 struct ifmediareq *ifmr;
1603 ifmr = (struct ifmediareq *)data;
1604 if (ifmr->ifm_count >= 1 && ifmr->ifm_ulist) {
1605 ifmr->ifm_count = 1;
1606 error = copyout(&ifmr->ifm_current,
1623 * Set the interface MTU.
1626 if (TRUNK(ifv) != NULL) {
1628 (PARENT(ifv)->if_mtu - ifv->ifv_mtufudge) ||
1630 (ifv->ifv_mintu - ifv->ifv_mtufudge))
1633 ifp->if_mtu = ifr->ifr_mtu;
1642 * XXXRW/XXXBZ: The goal in these checks is to allow a VLAN
1643 * interface to be delegated to a jail without allowing the
1644 * jail to change what underlying interface/VID it is
1645 * associated with. We are not entirely convinced that this
1646 * is the right way to accomplish that policy goal.
1648 if (ifp->if_vnet != ifp->if_home_vnet) {
1653 error = copyin(ifr->ifr_data, &vlr, sizeof(vlr));
1656 if (vlr.vlr_parent[0] == '\0') {
1660 p = ifunit(vlr.vlr_parent);
1666 * Don't let the caller set up a VLAN VID with
1667 * anything except VLID bits.
1669 if (vlr.vlr_tag & ~EVL_VLID_MASK) {
1673 error = vlan_config(ifv, p, vlr.vlr_tag);
1677 /* Update flags on the parent, if necessary. */
1678 vlan_setflags(ifp, 1);
1683 if (ifp->if_vnet != ifp->if_home_vnet) {
1688 bzero(&vlr, sizeof(vlr));
1690 if (TRUNK(ifv) != NULL) {
1691 strlcpy(vlr.vlr_parent, PARENT(ifv)->if_xname,
1692 sizeof(vlr.vlr_parent));
1693 vlr.vlr_tag = ifv->ifv_vid;
1696 error = copyout(&vlr, ifr->ifr_data, sizeof(vlr));
1701 * We should propagate selected flags to the parent,
1702 * e.g., promiscuous mode.
1704 if (TRUNK(ifv) != NULL)
1705 error = vlan_setflags(ifp, 1);
1711 * If we don't have a parent, just remember the membership for
1715 if (trunk != NULL) {
1717 error = vlan_setmulti(ifp);
1718 TRUNK_UNLOCK(trunk);