2 * Copyright 1998 Massachusetts Institute of Technology
3 * Copyright 2012 ADARA Networks, Inc.
4 * Copyright 2017 Dell EMC Isilon
6 * Portions of this software were developed by Robert N. M. Watson under
7 * contract to ADARA Networks, Inc.
9 * Permission to use, copy, modify, and distribute this software and
10 * its documentation for any purpose and without fee is hereby
11 * granted, provided that both the above copyright notice and this
12 * permission notice appear in all copies, that both the above
13 * copyright notice and this permission notice appear in all
14 * supporting documentation, and that the name of M.I.T. not be used
15 * in advertising or publicity pertaining to distribution of the
16 * software without specific, written prior permission. M.I.T. makes
17 * no representations about the suitability of this software for any
18 * purpose. It is provided "as is" without express or implied
21 * THIS SOFTWARE IS PROVIDED BY M.I.T. ``AS IS''. M.I.T. DISCLAIMS
22 * ALL EXPRESS OR IMPLIED WARRANTIES WITH REGARD TO THIS SOFTWARE,
23 * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
24 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT
25 * SHALL M.I.T. BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
26 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
27 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
28 * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
29 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
30 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
31 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
36 * if_vlan.c - pseudo-device driver for IEEE 802.1Q virtual LANs.
37 * This is sort of sneaky in the implementation, since
38 * we need to pretend to be enough of an Ethernet implementation
39 * to make arp work. The way we do this is by telling everyone
40 * that we are an Ethernet, and then catch the packets that
41 * ether_output() sends to us via if_transmit(), rewrite them for
42 * use by the real outgoing interface, and ask it to send them.
45 #include <sys/cdefs.h>
46 __FBSDID("$FreeBSD$");
49 #include "opt_inet6.h"
50 #include "opt_kern_tls.h"
52 #include "opt_ratelimit.h"
54 #include <sys/param.h>
55 #include <sys/eventhandler.h>
56 #include <sys/kernel.h>
58 #include <sys/malloc.h>
60 #include <sys/module.h>
61 #include <sys/rmlock.h>
63 #include <sys/queue.h>
64 #include <sys/socket.h>
65 #include <sys/sockio.h>
66 #include <sys/sysctl.h>
67 #include <sys/systm.h>
69 #include <sys/taskqueue.h>
72 #include <net/ethernet.h>
74 #include <net/if_var.h>
75 #include <net/if_clone.h>
76 #include <net/if_dl.h>
77 #include <net/if_types.h>
78 #include <net/if_vlan_var.h>
79 #include <net/route.h>
83 #include <netinet/in.h>
84 #include <netinet/if_ether.h>
89 * XXX: declare here to avoid to include many inet6 related files..
90 * should be more generalized?
92 extern void nd6_setmtu(struct ifnet *);
95 #define VLAN_DEF_HWIDTH 4
96 #define VLAN_IFFLAGS (IFF_BROADCAST | IFF_MULTICAST)
98 #define UP_AND_RUNNING(ifp) \
99 ((ifp)->if_flags & IFF_UP && (ifp)->if_drv_flags & IFF_DRV_RUNNING)
101 CK_SLIST_HEAD(ifvlanhead, ifvlan);
104 struct ifnet *parent; /* parent interface of this trunk */
107 #define VLAN_ARRAY_SIZE (EVL_VLID_MASK + 1)
108 struct ifvlan *vlans[VLAN_ARRAY_SIZE]; /* static table */
110 struct ifvlanhead *hash; /* dynamic hash-list table */
117 #if defined(KERN_TLS) || defined(RATELIMIT)
118 struct vlan_snd_tag {
119 struct m_snd_tag com;
120 struct m_snd_tag *tag;
123 static inline struct vlan_snd_tag *
124 mst_to_vst(struct m_snd_tag *mst)
127 return (__containerof(mst, struct vlan_snd_tag, com));
132 * This macro provides a facility to iterate over every vlan on a trunk with
133 * the assumption that none will be added/removed during iteration.
136 #define VLAN_FOREACH(_ifv, _trunk) \
138 for (_i = 0; _i < VLAN_ARRAY_SIZE; _i++) \
139 if (((_ifv) = (_trunk)->vlans[_i]) != NULL)
140 #else /* VLAN_ARRAY */
141 #define VLAN_FOREACH(_ifv, _trunk) \
142 struct ifvlan *_next; \
144 for (_i = 0; _i < (1 << (_trunk)->hwidth); _i++) \
145 CK_SLIST_FOREACH_SAFE((_ifv), &(_trunk)->hash[_i], ifv_list, _next)
146 #endif /* VLAN_ARRAY */
149 * This macro provides a facility to iterate over every vlan on a trunk while
150 * also modifying the number of vlans on the trunk. The iteration continues
151 * until some condition is met or there are no more vlans on the trunk.
154 /* The VLAN_ARRAY case is simple -- just a for loop using the condition. */
155 #define VLAN_FOREACH_UNTIL_SAFE(_ifv, _trunk, _cond) \
157 for (_i = 0; !(_cond) && _i < VLAN_ARRAY_SIZE; _i++) \
158 if (((_ifv) = (_trunk)->vlans[_i]))
159 #else /* VLAN_ARRAY */
161 * The hash table case is more complicated. We allow for the hash table to be
162 * modified (i.e. vlans removed) while we are iterating over it. To allow for
163 * this we must restart the iteration every time we "touch" something during
164 * the iteration, since removal will resize the hash table and invalidate our
165 * current position. If acting on the touched element causes the trunk to be
166 * emptied, then iteration also stops.
168 #define VLAN_FOREACH_UNTIL_SAFE(_ifv, _trunk, _cond) \
170 bool _touch = false; \
172 !(_cond) && _i < (1 << (_trunk)->hwidth); \
173 _i = (_touch && ((_trunk) != NULL) ? 0 : _i + 1), _touch = false) \
174 if (((_ifv) = CK_SLIST_FIRST(&(_trunk)->hash[_i])) != NULL && \
176 #endif /* VLAN_ARRAY */
178 struct vlan_mc_entry {
179 struct sockaddr_dl mc_addr;
180 CK_SLIST_ENTRY(vlan_mc_entry) mc_entries;
181 struct epoch_context mc_epoch_ctx;
185 struct ifvlantrunk *ifv_trunk;
186 struct ifnet *ifv_ifp;
187 #define TRUNK(ifv) ((ifv)->ifv_trunk)
188 #define PARENT(ifv) (TRUNK(ifv)->parent)
190 int ifv_pflags; /* special flags we have set on parent */
192 int ifv_encaplen; /* encapsulation length */
193 int ifv_mtufudge; /* MTU fudged by this much */
194 int ifv_mintu; /* min transmission unit */
195 struct ether_8021q_tag ifv_qtag;
196 #define ifv_proto ifv_qtag.proto
197 #define ifv_vid ifv_qtag.vid
198 #define ifv_pcp ifv_qtag.pcp
199 struct task lladdr_task;
200 CK_SLIST_HEAD(, vlan_mc_entry) vlan_mc_listhead;
202 CK_SLIST_ENTRY(ifvlan) ifv_list;
206 /* Special flags we should propagate to parent. */
209 int (*func)(struct ifnet *, int);
211 {IFF_PROMISC, ifpromisc},
212 {IFF_ALLMULTI, if_allmulti},
216 extern int vlan_mtag_pcp;
218 static const char vlanname[] = "vlan";
219 static MALLOC_DEFINE(M_VLAN, vlanname, "802.1Q Virtual LAN Interface");
221 static eventhandler_tag ifdetach_tag;
222 static eventhandler_tag iflladdr_tag;
225 * if_vlan uses two module-level synchronizations primitives to allow concurrent
226 * modification of vlan interfaces and (mostly) allow for vlans to be destroyed
227 * while they are being used for tx/rx. To accomplish this in a way that has
228 * acceptable performance and cooperation with other parts of the network stack
229 * there is a non-sleepable epoch(9) and an sx(9).
231 * The performance-sensitive paths that warrant using the epoch(9) are
232 * vlan_transmit and vlan_input. Both have to check for the vlan interface's
233 * existence using if_vlantrunk, and being in the network tx/rx paths the use
234 * of an epoch(9) gives a measureable improvement in performance.
236 * The reason for having an sx(9) is mostly because there are still areas that
237 * must be sleepable and also have safe concurrent access to a vlan interface.
238 * Since the sx(9) exists, it is used by default in most paths unless sleeping
239 * is not permitted, or if it is not clear whether sleeping is permitted.
242 #define _VLAN_SX_ID ifv_sx
244 static struct sx _VLAN_SX_ID;
246 #define VLAN_LOCKING_INIT() \
247 sx_init_flags(&_VLAN_SX_ID, "vlan_sx", SX_RECURSE)
249 #define VLAN_LOCKING_DESTROY() \
250 sx_destroy(&_VLAN_SX_ID)
252 #define VLAN_SLOCK() sx_slock(&_VLAN_SX_ID)
253 #define VLAN_SUNLOCK() sx_sunlock(&_VLAN_SX_ID)
254 #define VLAN_XLOCK() sx_xlock(&_VLAN_SX_ID)
255 #define VLAN_XUNLOCK() sx_xunlock(&_VLAN_SX_ID)
256 #define VLAN_SLOCK_ASSERT() sx_assert(&_VLAN_SX_ID, SA_SLOCKED)
257 #define VLAN_XLOCK_ASSERT() sx_assert(&_VLAN_SX_ID, SA_XLOCKED)
258 #define VLAN_SXLOCK_ASSERT() sx_assert(&_VLAN_SX_ID, SA_LOCKED)
261 * We also have a per-trunk mutex that should be acquired when changing
264 #define TRUNK_LOCK_INIT(trunk) mtx_init(&(trunk)->lock, vlanname, NULL, MTX_DEF)
265 #define TRUNK_LOCK_DESTROY(trunk) mtx_destroy(&(trunk)->lock)
266 #define TRUNK_WLOCK(trunk) mtx_lock(&(trunk)->lock)
267 #define TRUNK_WUNLOCK(trunk) mtx_unlock(&(trunk)->lock)
268 #define TRUNK_WLOCK_ASSERT(trunk) mtx_assert(&(trunk)->lock, MA_OWNED);
271 * The VLAN_ARRAY substitutes the dynamic hash with a static array
272 * with 4096 entries. In theory this can give a boost in processing,
273 * however in practice it does not. Probably this is because the array
274 * is too big to fit into CPU cache.
277 static void vlan_inithash(struct ifvlantrunk *trunk);
278 static void vlan_freehash(struct ifvlantrunk *trunk);
279 static int vlan_inshash(struct ifvlantrunk *trunk, struct ifvlan *ifv);
280 static int vlan_remhash(struct ifvlantrunk *trunk, struct ifvlan *ifv);
281 static void vlan_growhash(struct ifvlantrunk *trunk, int howmuch);
282 static __inline struct ifvlan * vlan_gethash(struct ifvlantrunk *trunk,
285 static void trunk_destroy(struct ifvlantrunk *trunk);
287 static void vlan_init(void *foo);
288 static void vlan_input(struct ifnet *ifp, struct mbuf *m);
289 static int vlan_ioctl(struct ifnet *ifp, u_long cmd, caddr_t addr);
290 #if defined(KERN_TLS) || defined(RATELIMIT)
291 static int vlan_snd_tag_alloc(struct ifnet *,
292 union if_snd_tag_alloc_params *, struct m_snd_tag **);
293 static int vlan_snd_tag_modify(struct m_snd_tag *,
294 union if_snd_tag_modify_params *);
295 static int vlan_snd_tag_query(struct m_snd_tag *,
296 union if_snd_tag_query_params *);
297 static void vlan_snd_tag_free(struct m_snd_tag *);
298 static struct m_snd_tag *vlan_next_snd_tag(struct m_snd_tag *);
299 static void vlan_ratelimit_query(struct ifnet *,
300 struct if_ratelimit_query_results *);
302 static void vlan_qflush(struct ifnet *ifp);
303 static int vlan_setflag(struct ifnet *ifp, int flag, int status,
304 int (*func)(struct ifnet *, int));
305 static int vlan_setflags(struct ifnet *ifp, int status);
306 static int vlan_setmulti(struct ifnet *ifp);
307 static int vlan_transmit(struct ifnet *ifp, struct mbuf *m);
309 static void vlan_altq_start(struct ifnet *ifp);
310 static int vlan_altq_transmit(struct ifnet *ifp, struct mbuf *m);
312 static int vlan_output(struct ifnet *ifp, struct mbuf *m,
313 const struct sockaddr *dst, struct route *ro);
314 static void vlan_unconfig(struct ifnet *ifp);
315 static void vlan_unconfig_locked(struct ifnet *ifp, int departing);
316 static int vlan_config(struct ifvlan *ifv, struct ifnet *p, uint16_t tag,
318 static void vlan_link_state(struct ifnet *ifp);
319 static void vlan_capabilities(struct ifvlan *ifv);
320 static void vlan_trunk_capabilities(struct ifnet *ifp);
322 static struct ifnet *vlan_clone_match_ethervid(const char *, int *);
323 static int vlan_clone_match(struct if_clone *, const char *);
324 static int vlan_clone_create(struct if_clone *, char *, size_t, caddr_t);
325 static int vlan_clone_destroy(struct if_clone *, struct ifnet *);
327 static void vlan_ifdetach(void *arg, struct ifnet *ifp);
328 static void vlan_iflladdr(void *arg, struct ifnet *ifp);
330 static void vlan_lladdr_fn(void *arg, int pending);
332 static struct if_clone *vlan_cloner;
335 VNET_DEFINE_STATIC(struct if_clone *, vlan_cloner);
336 #define V_vlan_cloner VNET(vlan_cloner)
340 vlan_mc_free(struct epoch_context *ctx)
342 struct vlan_mc_entry *mc = __containerof(ctx, struct vlan_mc_entry, mc_epoch_ctx);
347 #define HASH(n, m) ((((n) >> 8) ^ ((n) >> 4) ^ (n)) & (m))
350 vlan_inithash(struct ifvlantrunk *trunk)
355 * The trunk must not be locked here since we call malloc(M_WAITOK).
356 * It is OK in case this function is called before the trunk struct
357 * gets hooked up and becomes visible from other threads.
360 KASSERT(trunk->hwidth == 0 && trunk->hash == NULL,
361 ("%s: hash already initialized", __func__));
363 trunk->hwidth = VLAN_DEF_HWIDTH;
364 n = 1 << trunk->hwidth;
365 trunk->hmask = n - 1;
366 trunk->hash = malloc(sizeof(struct ifvlanhead) * n, M_VLAN, M_WAITOK);
367 for (i = 0; i < n; i++)
368 CK_SLIST_INIT(&trunk->hash[i]);
372 vlan_freehash(struct ifvlantrunk *trunk)
377 KASSERT(trunk->hwidth > 0, ("%s: hwidth not positive", __func__));
378 for (i = 0; i < (1 << trunk->hwidth); i++)
379 KASSERT(CK_SLIST_EMPTY(&trunk->hash[i]),
380 ("%s: hash table not empty", __func__));
382 free(trunk->hash, M_VLAN);
384 trunk->hwidth = trunk->hmask = 0;
388 vlan_inshash(struct ifvlantrunk *trunk, struct ifvlan *ifv)
394 KASSERT(trunk->hwidth > 0, ("%s: hwidth not positive", __func__));
396 b = 1 << trunk->hwidth;
397 i = HASH(ifv->ifv_vid, trunk->hmask);
398 CK_SLIST_FOREACH(ifv2, &trunk->hash[i], ifv_list)
399 if (ifv->ifv_vid == ifv2->ifv_vid)
403 * Grow the hash when the number of vlans exceeds half of the number of
404 * hash buckets squared. This will make the average linked-list length
407 if (trunk->refcnt > (b * b) / 2) {
408 vlan_growhash(trunk, 1);
409 i = HASH(ifv->ifv_vid, trunk->hmask);
411 CK_SLIST_INSERT_HEAD(&trunk->hash[i], ifv, ifv_list);
418 vlan_remhash(struct ifvlantrunk *trunk, struct ifvlan *ifv)
424 KASSERT(trunk->hwidth > 0, ("%s: hwidth not positive", __func__));
426 b = 1 << trunk->hwidth;
427 i = HASH(ifv->ifv_vid, trunk->hmask);
428 CK_SLIST_FOREACH(ifv2, &trunk->hash[i], ifv_list)
431 CK_SLIST_REMOVE(&trunk->hash[i], ifv2, ifvlan, ifv_list);
432 if (trunk->refcnt < (b * b) / 2)
433 vlan_growhash(trunk, -1);
437 panic("%s: vlan not found\n", __func__);
438 return (ENOENT); /*NOTREACHED*/
442 * Grow the hash larger or smaller if memory permits.
445 vlan_growhash(struct ifvlantrunk *trunk, int howmuch)
448 struct ifvlanhead *hash2;
449 int hwidth2, i, j, n, n2;
452 KASSERT(trunk->hwidth > 0, ("%s: hwidth not positive", __func__));
455 /* Harmless yet obvious coding error */
456 printf("%s: howmuch is 0\n", __func__);
460 hwidth2 = trunk->hwidth + howmuch;
461 n = 1 << trunk->hwidth;
463 /* Do not shrink the table below the default */
464 if (hwidth2 < VLAN_DEF_HWIDTH)
467 hash2 = malloc(sizeof(struct ifvlanhead) * n2, M_VLAN, M_WAITOK);
469 printf("%s: out of memory -- hash size not changed\n",
471 return; /* We can live with the old hash table */
473 for (j = 0; j < n2; j++)
474 CK_SLIST_INIT(&hash2[j]);
475 for (i = 0; i < n; i++)
476 while ((ifv = CK_SLIST_FIRST(&trunk->hash[i])) != NULL) {
477 CK_SLIST_REMOVE(&trunk->hash[i], ifv, ifvlan, ifv_list);
478 j = HASH(ifv->ifv_vid, n2 - 1);
479 CK_SLIST_INSERT_HEAD(&hash2[j], ifv, ifv_list);
482 free(trunk->hash, M_VLAN);
484 trunk->hwidth = hwidth2;
485 trunk->hmask = n2 - 1;
488 if_printf(trunk->parent,
489 "VLAN hash table resized from %d to %d buckets\n", n, n2);
492 static __inline struct ifvlan *
493 vlan_gethash(struct ifvlantrunk *trunk, uint16_t vid)
499 CK_SLIST_FOREACH(ifv, &trunk->hash[HASH(vid, trunk->hmask)], ifv_list)
500 if (ifv->ifv_vid == vid)
506 /* Debugging code to view the hashtables. */
508 vlan_dumphash(struct ifvlantrunk *trunk)
513 for (i = 0; i < (1 << trunk->hwidth); i++) {
515 CK_SLIST_FOREACH(ifv, &trunk->hash[i], ifv_list)
516 printf("%s ", ifv->ifv_ifp->if_xname);
523 static __inline struct ifvlan *
524 vlan_gethash(struct ifvlantrunk *trunk, uint16_t vid)
527 return trunk->vlans[vid];
531 vlan_inshash(struct ifvlantrunk *trunk, struct ifvlan *ifv)
534 if (trunk->vlans[ifv->ifv_vid] != NULL)
536 trunk->vlans[ifv->ifv_vid] = ifv;
543 vlan_remhash(struct ifvlantrunk *trunk, struct ifvlan *ifv)
546 trunk->vlans[ifv->ifv_vid] = NULL;
553 vlan_freehash(struct ifvlantrunk *trunk)
558 vlan_inithash(struct ifvlantrunk *trunk)
562 #endif /* !VLAN_ARRAY */
565 trunk_destroy(struct ifvlantrunk *trunk)
569 vlan_freehash(trunk);
570 trunk->parent->if_vlantrunk = NULL;
571 TRUNK_LOCK_DESTROY(trunk);
572 if_rele(trunk->parent);
577 * Program our multicast filter. What we're actually doing is
578 * programming the multicast filter of the parent. This has the
579 * side effect of causing the parent interface to receive multicast
580 * traffic that it doesn't really want, which ends up being discarded
581 * later by the upper protocol layers. Unfortunately, there's no way
582 * to avoid this: there really is only one physical interface.
585 vlan_setmulti(struct ifnet *ifp)
588 struct ifmultiaddr *ifma;
590 struct vlan_mc_entry *mc;
595 /* Find the parent. */
599 CURVNET_SET_QUIET(ifp_p->if_vnet);
601 /* First, remove any existing filter entries. */
602 while ((mc = CK_SLIST_FIRST(&sc->vlan_mc_listhead)) != NULL) {
603 CK_SLIST_REMOVE_HEAD(&sc->vlan_mc_listhead, mc_entries);
604 (void)if_delmulti(ifp_p, (struct sockaddr *)&mc->mc_addr);
605 NET_EPOCH_CALL(vlan_mc_free, &mc->mc_epoch_ctx);
608 /* Now program new ones. */
610 CK_STAILQ_FOREACH(ifma, &ifp->if_multiaddrs, ifma_link) {
611 if (ifma->ifma_addr->sa_family != AF_LINK)
613 mc = malloc(sizeof(struct vlan_mc_entry), M_VLAN, M_NOWAIT);
615 IF_ADDR_WUNLOCK(ifp);
619 bcopy(ifma->ifma_addr, &mc->mc_addr, ifma->ifma_addr->sa_len);
620 mc->mc_addr.sdl_index = ifp_p->if_index;
621 CK_SLIST_INSERT_HEAD(&sc->vlan_mc_listhead, mc, mc_entries);
623 IF_ADDR_WUNLOCK(ifp);
624 CK_SLIST_FOREACH (mc, &sc->vlan_mc_listhead, mc_entries) {
625 error = if_addmulti(ifp_p, (struct sockaddr *)&mc->mc_addr,
638 * A handler for parent interface link layer address changes.
639 * If the parent interface link layer address is changed we
640 * should also change it on all children vlans.
643 vlan_iflladdr(void *arg __unused, struct ifnet *ifp)
645 struct epoch_tracker et;
647 struct ifnet *ifv_ifp;
648 struct ifvlantrunk *trunk;
649 struct sockaddr_dl *sdl;
651 /* Need the epoch since this is run on taskqueue_swi. */
653 trunk = ifp->if_vlantrunk;
660 * OK, it's a trunk. Loop over and change all vlan's lladdrs on it.
661 * We need an exclusive lock here to prevent concurrent SIOCSIFLLADDR
662 * ioctl calls on the parent garbling the lladdr of the child vlan.
665 VLAN_FOREACH(ifv, trunk) {
667 * Copy new new lladdr into the ifv_ifp, enqueue a task
668 * to actually call if_setlladdr. if_setlladdr needs to
669 * be deferred to a taskqueue because it will call into
670 * the if_vlan ioctl path and try to acquire the global
673 ifv_ifp = ifv->ifv_ifp;
674 bcopy(IF_LLADDR(ifp), IF_LLADDR(ifv_ifp),
676 sdl = (struct sockaddr_dl *)ifv_ifp->if_addr->ifa_addr;
677 sdl->sdl_alen = ifp->if_addrlen;
678 taskqueue_enqueue(taskqueue_thread, &ifv->lladdr_task);
680 TRUNK_WUNLOCK(trunk);
685 * A handler for network interface departure events.
686 * Track departure of trunks here so that we don't access invalid
687 * pointers or whatever if a trunk is ripped from under us, e.g.,
688 * by ejecting its hot-plug card. However, if an ifnet is simply
689 * being renamed, then there's no need to tear down the state.
692 vlan_ifdetach(void *arg __unused, struct ifnet *ifp)
695 struct ifvlantrunk *trunk;
697 /* If the ifnet is just being renamed, don't do anything. */
698 if (ifp->if_flags & IFF_RENAMING)
701 trunk = ifp->if_vlantrunk;
708 * OK, it's a trunk. Loop over and detach all vlan's on it.
709 * Check trunk pointer after each vlan_unconfig() as it will
710 * free it and set to NULL after the last vlan was detached.
712 VLAN_FOREACH_UNTIL_SAFE(ifv, ifp->if_vlantrunk,
713 ifp->if_vlantrunk == NULL)
714 vlan_unconfig_locked(ifv->ifv_ifp, 1);
716 /* Trunk should have been destroyed in vlan_unconfig(). */
717 KASSERT(ifp->if_vlantrunk == NULL, ("%s: purge failed", __func__));
722 * Return the trunk device for a virtual interface.
724 static struct ifnet *
725 vlan_trunkdev(struct ifnet *ifp)
731 if (ifp->if_type != IFT_L2VLAN)
742 * Return the 12-bit VLAN VID for this interface, for use by external
743 * components such as Infiniband.
745 * XXXRW: Note that the function name here is historical; it should be named
749 vlan_tag(struct ifnet *ifp, uint16_t *vidp)
753 if (ifp->if_type != IFT_L2VLAN)
756 *vidp = ifv->ifv_vid;
761 vlan_pcp(struct ifnet *ifp, uint16_t *pcpp)
765 if (ifp->if_type != IFT_L2VLAN)
768 *pcpp = ifv->ifv_pcp;
773 * Return a driver specific cookie for this interface. Synchronization
774 * with setcookie must be provided by the driver.
777 vlan_cookie(struct ifnet *ifp)
781 if (ifp->if_type != IFT_L2VLAN)
784 return (ifv->ifv_cookie);
788 * Store a cookie in our softc that drivers can use to store driver
789 * private per-instance data in.
792 vlan_setcookie(struct ifnet *ifp, void *cookie)
796 if (ifp->if_type != IFT_L2VLAN)
799 ifv->ifv_cookie = cookie;
804 * Return the vlan device present at the specific VID.
806 static struct ifnet *
807 vlan_devat(struct ifnet *ifp, uint16_t vid)
809 struct ifvlantrunk *trunk;
814 trunk = ifp->if_vlantrunk;
818 ifv = vlan_gethash(trunk, vid);
825 * VLAN support can be loaded as a module. The only place in the
826 * system that's intimately aware of this is ether_input. We hook
827 * into this code through vlan_input_p which is defined there and
828 * set here. No one else in the system should be aware of this so
829 * we use an explicit reference here.
831 extern void (*vlan_input_p)(struct ifnet *, struct mbuf *);
833 /* For if_link_state_change() eyes only... */
834 extern void (*vlan_link_state_p)(struct ifnet *);
837 vlan_modevent(module_t mod, int type, void *data)
842 ifdetach_tag = EVENTHANDLER_REGISTER(ifnet_departure_event,
843 vlan_ifdetach, NULL, EVENTHANDLER_PRI_ANY);
844 if (ifdetach_tag == NULL)
846 iflladdr_tag = EVENTHANDLER_REGISTER(iflladdr_event,
847 vlan_iflladdr, NULL, EVENTHANDLER_PRI_ANY);
848 if (iflladdr_tag == NULL)
851 vlan_input_p = vlan_input;
852 vlan_link_state_p = vlan_link_state;
853 vlan_trunk_cap_p = vlan_trunk_capabilities;
854 vlan_trunkdev_p = vlan_trunkdev;
855 vlan_cookie_p = vlan_cookie;
856 vlan_setcookie_p = vlan_setcookie;
857 vlan_tag_p = vlan_tag;
858 vlan_pcp_p = vlan_pcp;
859 vlan_devat_p = vlan_devat;
861 vlan_cloner = if_clone_advanced(vlanname, 0, vlan_clone_match,
862 vlan_clone_create, vlan_clone_destroy);
865 printf("vlan: initialized, using "
869 "hash tables with chaining"
876 if_clone_detach(vlan_cloner);
878 EVENTHANDLER_DEREGISTER(ifnet_departure_event, ifdetach_tag);
879 EVENTHANDLER_DEREGISTER(iflladdr_event, iflladdr_tag);
881 vlan_link_state_p = NULL;
882 vlan_trunk_cap_p = NULL;
883 vlan_trunkdev_p = NULL;
885 vlan_cookie_p = NULL;
886 vlan_setcookie_p = NULL;
888 VLAN_LOCKING_DESTROY();
890 printf("vlan: unloaded\n");
898 static moduledata_t vlan_mod = {
904 DECLARE_MODULE(if_vlan, vlan_mod, SI_SUB_PSEUDO, SI_ORDER_ANY);
905 MODULE_VERSION(if_vlan, 3);
909 vnet_vlan_init(const void *unused __unused)
912 vlan_cloner = if_clone_advanced(vlanname, 0, vlan_clone_match,
913 vlan_clone_create, vlan_clone_destroy);
914 V_vlan_cloner = vlan_cloner;
916 VNET_SYSINIT(vnet_vlan_init, SI_SUB_PROTO_IFATTACHDOMAIN, SI_ORDER_ANY,
917 vnet_vlan_init, NULL);
920 vnet_vlan_uninit(const void *unused __unused)
923 if_clone_detach(V_vlan_cloner);
925 VNET_SYSUNINIT(vnet_vlan_uninit, SI_SUB_INIT_IF, SI_ORDER_ANY,
926 vnet_vlan_uninit, NULL);
930 * Check for <etherif>.<vlan>[.<vlan> ...] style interface names.
932 static struct ifnet *
933 vlan_clone_match_ethervid(const char *name, int *vidp)
935 char ifname[IFNAMSIZ];
940 strlcpy(ifname, name, IFNAMSIZ);
941 if ((cp = strrchr(ifname, '.')) == NULL)
944 if ((ifp = ifunit_ref(ifname)) == NULL)
952 for(; *cp >= '0' && *cp <= '9'; cp++)
953 vid = (vid * 10) + (*cp - '0');
965 vlan_clone_match(struct if_clone *ifc, const char *name)
970 ifp = vlan_clone_match_ethervid(name, NULL);
976 if (strncmp(vlanname, name, strlen(vlanname)) != 0)
978 for (cp = name + 4; *cp != '\0'; cp++) {
979 if (*cp < '0' || *cp > '9')
987 vlan_clone_create(struct if_clone *ifc, char *name, size_t len, caddr_t params)
990 bool wildcard = false;
991 bool subinterface = false;
995 uint16_t proto = ETHERTYPE_VLAN;
998 struct ifnet *p = NULL;
1000 struct sockaddr_dl *sdl;
1002 static const u_char eaddr[ETHER_ADDR_LEN]; /* 00:00:00:00:00:00 */
1006 * There are three ways to specify the cloned device:
1007 * o pass a parameter block with the clone request.
1008 * o specify parameters in the text of the clone device name
1009 * o specify no parameters and get an unattached device that
1010 * must be configured separately.
1011 * The first technique is preferred; the latter two are supported
1012 * for backwards compatibility.
1014 * XXXRW: Note historic use of the word "tag" here. New ioctls may be
1019 error = copyin(params, &vlr, sizeof(vlr));
1023 proto = vlr.vlr_proto;
1025 #ifdef COMPAT_FREEBSD12
1027 proto = ETHERTYPE_VLAN;
1029 p = ifunit_ref(vlr.vlr_parent);
1034 if ((error = ifc_name2unit(name, &unit)) == 0) {
1037 * vlanX interface. Set wildcard to true if the unit number
1040 wildcard = (unit < 0);
1042 struct ifnet *p_tmp = vlan_clone_match_ethervid(name, &vid);
1043 if (p_tmp != NULL) {
1045 subinterface = true;
1046 unit = IF_DUNIT_NONE;
1064 if (!subinterface) {
1065 /* vlanX interface, mark X as busy or allocate new unit # */
1066 error = ifc_alloc_unit(ifc, &unit);
1074 /* In the wildcard case, we need to update the name. */
1076 for (dp = name; *dp != '\0'; dp++);
1077 if (snprintf(dp, len - (dp-name), "%d", unit) >
1078 len - (dp-name) - 1) {
1079 panic("%s: interface name too long", __func__);
1083 ifv = malloc(sizeof(struct ifvlan), M_VLAN, M_WAITOK | M_ZERO);
1084 ifp = ifv->ifv_ifp = if_alloc(IFT_ETHER);
1087 ifc_free_unit(ifc, unit);
1093 CK_SLIST_INIT(&ifv->vlan_mc_listhead);
1094 ifp->if_softc = ifv;
1096 * Set the name manually rather than using if_initname because
1097 * we don't conform to the default naming convention for interfaces.
1099 strlcpy(ifp->if_xname, name, IFNAMSIZ);
1100 ifp->if_dname = vlanname;
1101 ifp->if_dunit = unit;
1103 ifp->if_init = vlan_init;
1105 ifp->if_start = vlan_altq_start;
1106 ifp->if_transmit = vlan_altq_transmit;
1107 IFQ_SET_MAXLEN(&ifp->if_snd, ifqmaxlen);
1108 ifp->if_snd.ifq_drv_maxlen = 0;
1109 IFQ_SET_READY(&ifp->if_snd);
1111 ifp->if_transmit = vlan_transmit;
1113 ifp->if_qflush = vlan_qflush;
1114 ifp->if_ioctl = vlan_ioctl;
1115 #if defined(KERN_TLS) || defined(RATELIMIT)
1116 ifp->if_snd_tag_alloc = vlan_snd_tag_alloc;
1117 ifp->if_snd_tag_modify = vlan_snd_tag_modify;
1118 ifp->if_snd_tag_query = vlan_snd_tag_query;
1119 ifp->if_snd_tag_free = vlan_snd_tag_free;
1120 ifp->if_next_snd_tag = vlan_next_snd_tag;
1121 ifp->if_ratelimit_query = vlan_ratelimit_query;
1123 ifp->if_flags = VLAN_IFFLAGS;
1124 ether_ifattach(ifp, eaddr);
1125 /* Now undo some of the damage... */
1126 ifp->if_baudrate = 0;
1127 ifp->if_type = IFT_L2VLAN;
1128 ifp->if_hdrlen = ETHER_VLAN_ENCAP_LEN;
1130 sdl = (struct sockaddr_dl *)ifa->ifa_addr;
1131 sdl->sdl_type = IFT_L2VLAN;
1134 error = vlan_config(ifv, p, vid, proto);
1138 * Since we've partially failed, we need to back
1139 * out all the way, otherwise userland could get
1140 * confused. Thus, we destroy the interface.
1142 ether_ifdetach(ifp);
1146 ifc_free_unit(ifc, unit);
1157 vlan_clone_destroy(struct if_clone *ifc, struct ifnet *ifp)
1159 struct ifvlan *ifv = ifp->if_softc;
1160 int unit = ifp->if_dunit;
1162 if (ifp->if_vlantrunk)
1166 IFQ_PURGE(&ifp->if_snd);
1168 ether_ifdetach(ifp); /* first, remove it from system-wide lists */
1169 vlan_unconfig(ifp); /* now it can be unconfigured and freed */
1171 * We should have the only reference to the ifv now, so we can now
1172 * drain any remaining lladdr task before freeing the ifnet and the
1175 taskqueue_drain(taskqueue_thread, &ifv->lladdr_task);
1179 if (unit != IF_DUNIT_NONE)
1180 ifc_free_unit(ifc, unit);
1186 * The ifp->if_init entry point for vlan(4) is a no-op.
1189 vlan_init(void *foo __unused)
1194 * The if_transmit method for vlan(4) interface.
1197 vlan_transmit(struct ifnet *ifp, struct mbuf *m)
1201 int error, len, mcast;
1205 ifv = ifp->if_softc;
1206 if (TRUNK(ifv) == NULL) {
1207 if_inc_counter(ifp, IFCOUNTER_OERRORS, 1);
1212 len = m->m_pkthdr.len;
1213 mcast = (m->m_flags & (M_MCAST | M_BCAST)) ? 1 : 0;
1217 #if defined(KERN_TLS) || defined(RATELIMIT)
1218 if (m->m_pkthdr.csum_flags & CSUM_SND_TAG) {
1219 struct vlan_snd_tag *vst;
1220 struct m_snd_tag *mst;
1222 MPASS(m->m_pkthdr.snd_tag->ifp == ifp);
1223 mst = m->m_pkthdr.snd_tag;
1224 vst = mst_to_vst(mst);
1225 if (vst->tag->ifp != p) {
1226 if_inc_counter(ifp, IFCOUNTER_OERRORS, 1);
1231 m->m_pkthdr.snd_tag = m_snd_tag_ref(vst->tag);
1232 m_snd_tag_rele(mst);
1237 * Do not run parent's if_transmit() if the parent is not up,
1238 * or parent's driver will cause a system crash.
1240 if (!UP_AND_RUNNING(p)) {
1241 if_inc_counter(ifp, IFCOUNTER_OERRORS, 1);
1246 if (!ether_8021q_frame(&m, ifp, p, &ifv->ifv_qtag)) {
1247 if_inc_counter(ifp, IFCOUNTER_OERRORS, 1);
1252 * Send it, precisely as ether_output() would have.
1254 error = (p->if_transmit)(p, m);
1256 if_inc_counter(ifp, IFCOUNTER_OPACKETS, 1);
1257 if_inc_counter(ifp, IFCOUNTER_OBYTES, len);
1258 if_inc_counter(ifp, IFCOUNTER_OMCASTS, mcast);
1260 if_inc_counter(ifp, IFCOUNTER_OERRORS, 1);
1265 vlan_output(struct ifnet *ifp, struct mbuf *m, const struct sockaddr *dst,
1274 * Find the first non-VLAN parent interface.
1276 ifv = ifp->if_softc;
1278 if (TRUNK(ifv) == NULL) {
1284 } while (p->if_type == IFT_L2VLAN);
1286 return p->if_output(ifp, m, dst, ro);
1291 vlan_altq_start(if_t ifp)
1293 struct ifaltq *ifq = &ifp->if_snd;
1297 IFQ_DEQUEUE_NOLOCK(ifq, m);
1299 vlan_transmit(ifp, m);
1300 IFQ_DEQUEUE_NOLOCK(ifq, m);
1306 vlan_altq_transmit(if_t ifp, struct mbuf *m)
1310 if (ALTQ_IS_ENABLED(&ifp->if_snd)) {
1311 IFQ_ENQUEUE(&ifp->if_snd, m, err);
1313 vlan_altq_start(ifp);
1315 err = vlan_transmit(ifp, m);
1322 * The ifp->if_qflush entry point for vlan(4) is a no-op.
1325 vlan_qflush(struct ifnet *ifp __unused)
1330 vlan_input(struct ifnet *ifp, struct mbuf *m)
1332 struct ifvlantrunk *trunk;
1339 trunk = ifp->if_vlantrunk;
1340 if (trunk == NULL) {
1345 if (m->m_flags & M_VLANTAG) {
1347 * Packet is tagged, but m contains a normal
1348 * Ethernet frame; the tag is stored out-of-band.
1350 tag = m->m_pkthdr.ether_vtag;
1351 m->m_flags &= ~M_VLANTAG;
1353 struct ether_vlan_header *evl;
1356 * Packet is tagged in-band as specified by 802.1q.
1358 switch (ifp->if_type) {
1360 if (m->m_len < sizeof(*evl) &&
1361 (m = m_pullup(m, sizeof(*evl))) == NULL) {
1362 if_printf(ifp, "cannot pullup VLAN header\n");
1365 evl = mtod(m, struct ether_vlan_header *);
1366 tag = ntohs(evl->evl_tag);
1369 * Remove the 802.1q header by copying the Ethernet
1370 * addresses over it and adjusting the beginning of
1371 * the data in the mbuf. The encapsulated Ethernet
1372 * type field is already in place.
1374 bcopy((char *)evl, (char *)evl + ETHER_VLAN_ENCAP_LEN,
1375 ETHER_HDR_LEN - ETHER_TYPE_LEN);
1376 m_adj(m, ETHER_VLAN_ENCAP_LEN);
1381 panic("%s: %s has unsupported if_type %u",
1382 __func__, ifp->if_xname, ifp->if_type);
1384 if_inc_counter(ifp, IFCOUNTER_NOPROTO, 1);
1390 vid = EVL_VLANOFTAG(tag);
1392 ifv = vlan_gethash(trunk, vid);
1393 if (ifv == NULL || !UP_AND_RUNNING(ifv->ifv_ifp)) {
1394 if_inc_counter(ifp, IFCOUNTER_NOPROTO, 1);
1399 if (vlan_mtag_pcp) {
1401 * While uncommon, it is possible that we will find a 802.1q
1402 * packet encapsulated inside another packet that also had an
1403 * 802.1q header. For example, ethernet tunneled over IPSEC
1404 * arriving over ethernet. In that case, we replace the
1405 * existing 802.1q PCP m_tag value.
1407 mtag = m_tag_locate(m, MTAG_8021Q, MTAG_8021Q_PCP_IN, NULL);
1409 mtag = m_tag_alloc(MTAG_8021Q, MTAG_8021Q_PCP_IN,
1410 sizeof(uint8_t), M_NOWAIT);
1412 if_inc_counter(ifp, IFCOUNTER_IERRORS, 1);
1416 m_tag_prepend(m, mtag);
1418 *(uint8_t *)(mtag + 1) = EVL_PRIOFTAG(tag);
1421 m->m_pkthdr.rcvif = ifv->ifv_ifp;
1422 if_inc_counter(ifv->ifv_ifp, IFCOUNTER_IPACKETS, 1);
1424 /* Pass it back through the parent's input routine. */
1425 (*ifv->ifv_ifp->if_input)(ifv->ifv_ifp, m);
1429 vlan_lladdr_fn(void *arg, int pending __unused)
1434 ifv = (struct ifvlan *)arg;
1437 CURVNET_SET(ifp->if_vnet);
1439 /* The ifv_ifp already has the lladdr copied in. */
1440 if_setlladdr(ifp, IF_LLADDR(ifp), ifp->if_addrlen);
1446 vlan_config(struct ifvlan *ifv, struct ifnet *p, uint16_t vid,
1449 struct epoch_tracker et;
1450 struct ifvlantrunk *trunk;
1455 * We can handle non-ethernet hardware types as long as
1456 * they handle the tagging and headers themselves.
1458 if (p->if_type != IFT_ETHER &&
1459 p->if_type != IFT_L2VLAN &&
1460 (p->if_capenable & IFCAP_VLAN_HWTAGGING) == 0)
1461 return (EPROTONOSUPPORT);
1462 if ((p->if_flags & VLAN_IFFLAGS) != VLAN_IFFLAGS)
1463 return (EPROTONOSUPPORT);
1465 * Don't let the caller set up a VLAN VID with
1466 * anything except VLID bits.
1467 * VID numbers 0x0 and 0xFFF are reserved.
1469 if (vid == 0 || vid == 0xFFF || (vid & ~EVL_VLID_MASK))
1475 if (p->if_vlantrunk == NULL) {
1476 trunk = malloc(sizeof(struct ifvlantrunk),
1477 M_VLAN, M_WAITOK | M_ZERO);
1478 vlan_inithash(trunk);
1479 TRUNK_LOCK_INIT(trunk);
1481 p->if_vlantrunk = trunk;
1483 if_ref(trunk->parent);
1484 TRUNK_WUNLOCK(trunk);
1486 trunk = p->if_vlantrunk;
1489 ifv->ifv_vid = vid; /* must set this before vlan_inshash() */
1490 ifv->ifv_pcp = 0; /* Default: best effort delivery. */
1491 error = vlan_inshash(trunk, ifv);
1494 ifv->ifv_proto = proto;
1495 ifv->ifv_encaplen = ETHER_VLAN_ENCAP_LEN;
1496 ifv->ifv_mintu = ETHERMIN;
1497 ifv->ifv_pflags = 0;
1498 ifv->ifv_capenable = -1;
1501 * If the parent supports the VLAN_MTU capability,
1502 * i.e. can Tx/Rx larger than ETHER_MAX_LEN frames,
1505 if (p->if_capenable & IFCAP_VLAN_MTU) {
1507 * No need to fudge the MTU since the parent can
1508 * handle extended frames.
1510 ifv->ifv_mtufudge = 0;
1513 * Fudge the MTU by the encapsulation size. This
1514 * makes us incompatible with strictly compliant
1515 * 802.1Q implementations, but allows us to use
1516 * the feature with other NetBSD implementations,
1517 * which might still be useful.
1519 ifv->ifv_mtufudge = ifv->ifv_encaplen;
1522 ifv->ifv_trunk = trunk;
1525 * Initialize fields from our parent. This duplicates some
1526 * work with ether_ifattach() but allows for non-ethernet
1527 * interfaces to also work.
1529 ifp->if_mtu = p->if_mtu - ifv->ifv_mtufudge;
1530 ifp->if_baudrate = p->if_baudrate;
1531 ifp->if_input = p->if_input;
1532 ifp->if_resolvemulti = p->if_resolvemulti;
1533 ifp->if_addrlen = p->if_addrlen;
1534 ifp->if_broadcastaddr = p->if_broadcastaddr;
1535 ifp->if_pcp = ifv->ifv_pcp;
1538 * We wrap the parent's if_output using vlan_output to ensure that it
1539 * can't become stale.
1541 ifp->if_output = vlan_output;
1544 * Copy only a selected subset of flags from the parent.
1545 * Other flags are none of our business.
1547 #define VLAN_COPY_FLAGS (IFF_SIMPLEX)
1548 ifp->if_flags &= ~VLAN_COPY_FLAGS;
1549 ifp->if_flags |= p->if_flags & VLAN_COPY_FLAGS;
1550 #undef VLAN_COPY_FLAGS
1552 ifp->if_link_state = p->if_link_state;
1554 NET_EPOCH_ENTER(et);
1555 vlan_capabilities(ifv);
1559 * Set up our interface address to reflect the underlying
1560 * physical interface's.
1562 TASK_INIT(&ifv->lladdr_task, 0, vlan_lladdr_fn, ifv);
1563 ((struct sockaddr_dl *)ifp->if_addr->ifa_addr)->sdl_alen =
1567 * Do not schedule link address update if it was the same
1568 * as previous parent's. This helps avoid updating for each
1569 * associated llentry.
1571 if (memcmp(IF_LLADDR(p), IF_LLADDR(ifp), p->if_addrlen) != 0) {
1572 bcopy(IF_LLADDR(p), IF_LLADDR(ifp), p->if_addrlen);
1573 taskqueue_enqueue(taskqueue_thread, &ifv->lladdr_task);
1576 /* We are ready for operation now. */
1577 ifp->if_drv_flags |= IFF_DRV_RUNNING;
1579 /* Update flags on the parent, if necessary. */
1580 vlan_setflags(ifp, 1);
1583 * Configure multicast addresses that may already be
1584 * joined on the vlan device.
1586 (void)vlan_setmulti(ifp);
1590 EVENTHANDLER_INVOKE(vlan_config, p, ifv->ifv_vid);
1597 vlan_unconfig(struct ifnet *ifp)
1601 vlan_unconfig_locked(ifp, 0);
1606 vlan_unconfig_locked(struct ifnet *ifp, int departing)
1608 struct ifvlantrunk *trunk;
1609 struct vlan_mc_entry *mc;
1611 struct ifnet *parent;
1614 VLAN_XLOCK_ASSERT();
1616 ifv = ifp->if_softc;
1617 trunk = ifv->ifv_trunk;
1620 if (trunk != NULL) {
1621 parent = trunk->parent;
1624 * Since the interface is being unconfigured, we need to
1625 * empty the list of multicast groups that we may have joined
1626 * while we were alive from the parent's list.
1628 while ((mc = CK_SLIST_FIRST(&ifv->vlan_mc_listhead)) != NULL) {
1630 * If the parent interface is being detached,
1631 * all its multicast addresses have already
1632 * been removed. Warn about errors if
1633 * if_delmulti() does fail, but don't abort as
1634 * all callers expect vlan destruction to
1638 error = if_delmulti(parent,
1639 (struct sockaddr *)&mc->mc_addr);
1642 "Failed to delete multicast address from parent: %d\n",
1645 CK_SLIST_REMOVE_HEAD(&ifv->vlan_mc_listhead, mc_entries);
1646 NET_EPOCH_CALL(vlan_mc_free, &mc->mc_epoch_ctx);
1649 vlan_setflags(ifp, 0); /* clear special flags on parent */
1651 vlan_remhash(trunk, ifv);
1652 ifv->ifv_trunk = NULL;
1655 * Check if we were the last.
1657 if (trunk->refcnt == 0) {
1658 parent->if_vlantrunk = NULL;
1660 trunk_destroy(trunk);
1664 /* Disconnect from parent. */
1665 if (ifv->ifv_pflags)
1666 if_printf(ifp, "%s: ifv_pflags unclean\n", __func__);
1667 ifp->if_mtu = ETHERMTU;
1668 ifp->if_link_state = LINK_STATE_UNKNOWN;
1669 ifp->if_drv_flags &= ~IFF_DRV_RUNNING;
1672 * Only dispatch an event if vlan was
1673 * attached, otherwise there is nothing
1674 * to cleanup anyway.
1677 EVENTHANDLER_INVOKE(vlan_unconfig, parent, ifv->ifv_vid);
1680 /* Handle a reference counted flag that should be set on the parent as well */
1682 vlan_setflag(struct ifnet *ifp, int flag, int status,
1683 int (*func)(struct ifnet *, int))
1688 VLAN_SXLOCK_ASSERT();
1690 ifv = ifp->if_softc;
1691 status = status ? (ifp->if_flags & flag) : 0;
1692 /* Now "status" contains the flag value or 0 */
1695 * See if recorded parent's status is different from what
1696 * we want it to be. If it is, flip it. We record parent's
1697 * status in ifv_pflags so that we won't clear parent's flag
1698 * we haven't set. In fact, we don't clear or set parent's
1699 * flags directly, but get or release references to them.
1700 * That's why we can be sure that recorded flags still are
1701 * in accord with actual parent's flags.
1703 if (status != (ifv->ifv_pflags & flag)) {
1704 error = (*func)(PARENT(ifv), status);
1707 ifv->ifv_pflags &= ~flag;
1708 ifv->ifv_pflags |= status;
1714 * Handle IFF_* flags that require certain changes on the parent:
1715 * if "status" is true, update parent's flags respective to our if_flags;
1716 * if "status" is false, forcedly clear the flags set on parent.
1719 vlan_setflags(struct ifnet *ifp, int status)
1723 for (i = 0; vlan_pflags[i].flag; i++) {
1724 error = vlan_setflag(ifp, vlan_pflags[i].flag,
1725 status, vlan_pflags[i].func);
1732 /* Inform all vlans that their parent has changed link state */
1734 vlan_link_state(struct ifnet *ifp)
1736 struct epoch_tracker et;
1737 struct ifvlantrunk *trunk;
1740 NET_EPOCH_ENTER(et);
1741 trunk = ifp->if_vlantrunk;
1742 if (trunk == NULL) {
1748 VLAN_FOREACH(ifv, trunk) {
1749 ifv->ifv_ifp->if_baudrate = trunk->parent->if_baudrate;
1750 if_link_state_change(ifv->ifv_ifp,
1751 trunk->parent->if_link_state);
1753 TRUNK_WUNLOCK(trunk);
1758 vlan_capabilities(struct ifvlan *ifv)
1762 struct ifnet_hw_tsomax hw_tsomax;
1763 int cap = 0, ena = 0, mena;
1767 VLAN_SXLOCK_ASSERT();
1772 /* Mask parent interface enabled capabilities disabled by user. */
1773 mena = p->if_capenable & ifv->ifv_capenable;
1776 * If the parent interface can do checksum offloading
1777 * on VLANs, then propagate its hardware-assisted
1778 * checksumming flags. Also assert that checksum
1779 * offloading requires hardware VLAN tagging.
1781 if (p->if_capabilities & IFCAP_VLAN_HWCSUM)
1782 cap |= p->if_capabilities & (IFCAP_HWCSUM | IFCAP_HWCSUM_IPV6);
1783 if (p->if_capenable & IFCAP_VLAN_HWCSUM &&
1784 p->if_capenable & IFCAP_VLAN_HWTAGGING) {
1785 ena |= mena & (IFCAP_HWCSUM | IFCAP_HWCSUM_IPV6);
1786 if (ena & IFCAP_TXCSUM)
1787 hwa |= p->if_hwassist & (CSUM_IP | CSUM_TCP |
1788 CSUM_UDP | CSUM_SCTP);
1789 if (ena & IFCAP_TXCSUM_IPV6)
1790 hwa |= p->if_hwassist & (CSUM_TCP_IPV6 |
1791 CSUM_UDP_IPV6 | CSUM_SCTP_IPV6);
1795 * If the parent interface can do TSO on VLANs then
1796 * propagate the hardware-assisted flag. TSO on VLANs
1797 * does not necessarily require hardware VLAN tagging.
1799 memset(&hw_tsomax, 0, sizeof(hw_tsomax));
1800 if_hw_tsomax_common(p, &hw_tsomax);
1801 if_hw_tsomax_update(ifp, &hw_tsomax);
1802 if (p->if_capabilities & IFCAP_VLAN_HWTSO)
1803 cap |= p->if_capabilities & IFCAP_TSO;
1804 if (p->if_capenable & IFCAP_VLAN_HWTSO) {
1805 ena |= mena & IFCAP_TSO;
1806 if (ena & IFCAP_TSO)
1807 hwa |= p->if_hwassist & CSUM_TSO;
1811 * If the parent interface can do LRO and checksum offloading on
1812 * VLANs, then guess it may do LRO on VLANs. False positive here
1813 * cost nothing, while false negative may lead to some confusions.
1815 if (p->if_capabilities & IFCAP_VLAN_HWCSUM)
1816 cap |= p->if_capabilities & IFCAP_LRO;
1817 if (p->if_capenable & IFCAP_VLAN_HWCSUM)
1818 ena |= p->if_capenable & IFCAP_LRO;
1821 * If the parent interface can offload TCP connections over VLANs then
1822 * propagate its TOE capability to the VLAN interface.
1824 * All TOE drivers in the tree today can deal with VLANs. If this
1825 * changes then IFCAP_VLAN_TOE should be promoted to a full capability
1828 #define IFCAP_VLAN_TOE IFCAP_TOE
1829 if (p->if_capabilities & IFCAP_VLAN_TOE)
1830 cap |= p->if_capabilities & IFCAP_TOE;
1831 if (p->if_capenable & IFCAP_VLAN_TOE) {
1832 TOEDEV(ifp) = TOEDEV(p);
1833 ena |= mena & IFCAP_TOE;
1837 * If the parent interface supports dynamic link state, so does the
1840 cap |= (p->if_capabilities & IFCAP_LINKSTATE);
1841 ena |= (mena & IFCAP_LINKSTATE);
1845 * If the parent interface supports ratelimiting, so does the
1848 cap |= (p->if_capabilities & IFCAP_TXRTLMT);
1849 ena |= (mena & IFCAP_TXRTLMT);
1853 * If the parent interface supports unmapped mbufs, so does
1854 * the VLAN interface. Note that this should be fine even for
1855 * interfaces that don't support hardware tagging as headers
1856 * are prepended in normal mbufs to unmapped mbufs holding
1859 cap |= (p->if_capabilities & IFCAP_MEXTPG);
1860 ena |= (mena & IFCAP_MEXTPG);
1863 * If the parent interface can offload encryption and segmentation
1864 * of TLS records over TCP, propagate it's capability to the VLAN
1867 * All TLS drivers in the tree today can deal with VLANs. If
1868 * this ever changes, then a new IFCAP_VLAN_TXTLS can be
1871 if (p->if_capabilities & (IFCAP_TXTLS | IFCAP_TXTLS_RTLMT))
1872 cap |= p->if_capabilities & (IFCAP_TXTLS | IFCAP_TXTLS_RTLMT);
1873 if (p->if_capenable & (IFCAP_TXTLS | IFCAP_TXTLS_RTLMT))
1874 ena |= mena & (IFCAP_TXTLS | IFCAP_TXTLS_RTLMT);
1876 ifp->if_capabilities = cap;
1877 ifp->if_capenable = ena;
1878 ifp->if_hwassist = hwa;
1882 vlan_trunk_capabilities(struct ifnet *ifp)
1884 struct epoch_tracker et;
1885 struct ifvlantrunk *trunk;
1889 trunk = ifp->if_vlantrunk;
1890 if (trunk == NULL) {
1894 NET_EPOCH_ENTER(et);
1895 VLAN_FOREACH(ifv, trunk)
1896 vlan_capabilities(ifv);
1902 vlan_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data)
1908 struct ifvlantrunk *trunk;
1910 int error = 0, oldmtu;
1912 ifr = (struct ifreq *)data;
1913 ifa = (struct ifaddr *) data;
1914 ifv = ifp->if_softc;
1918 ifp->if_flags |= IFF_UP;
1920 if (ifa->ifa_addr->sa_family == AF_INET)
1921 arp_ifinit(ifp, ifa);
1925 bcopy(IF_LLADDR(ifp), &ifr->ifr_addr.sa_data[0],
1930 if (TRUNK(ifv) != NULL) {
1933 error = (*p->if_ioctl)(p, SIOCGIFMEDIA, data);
1935 /* Limit the result to the parent's current config. */
1937 struct ifmediareq *ifmr;
1939 ifmr = (struct ifmediareq *)data;
1940 if (ifmr->ifm_count >= 1 && ifmr->ifm_ulist) {
1941 ifmr->ifm_count = 1;
1942 error = copyout(&ifmr->ifm_current,
1959 * Set the interface MTU.
1963 if (trunk != NULL) {
1966 (PARENT(ifv)->if_mtu - ifv->ifv_mtufudge) ||
1968 (ifv->ifv_mintu - ifv->ifv_mtufudge))
1971 ifp->if_mtu = ifr->ifr_mtu;
1972 TRUNK_WUNLOCK(trunk);
1981 * XXXRW/XXXBZ: The goal in these checks is to allow a VLAN
1982 * interface to be delegated to a jail without allowing the
1983 * jail to change what underlying interface/VID it is
1984 * associated with. We are not entirely convinced that this
1985 * is the right way to accomplish that policy goal.
1987 if (ifp->if_vnet != ifp->if_home_vnet) {
1992 error = copyin(ifr_data_get_ptr(ifr), &vlr, sizeof(vlr));
1995 if (vlr.vlr_parent[0] == '\0') {
1999 p = ifunit_ref(vlr.vlr_parent);
2004 #ifdef COMPAT_FREEBSD12
2005 if (vlr.vlr_proto == 0)
2006 vlr.vlr_proto = ETHERTYPE_VLAN;
2008 oldmtu = ifp->if_mtu;
2009 error = vlan_config(ifv, p, vlr.vlr_tag, vlr.vlr_proto);
2013 * VLAN MTU may change during addition of the vlandev.
2014 * If it did, do network layer specific procedure.
2016 if (ifp->if_mtu != oldmtu) {
2026 if (ifp->if_vnet != ifp->if_home_vnet) {
2031 bzero(&vlr, sizeof(vlr));
2033 if (TRUNK(ifv) != NULL) {
2034 strlcpy(vlr.vlr_parent, PARENT(ifv)->if_xname,
2035 sizeof(vlr.vlr_parent));
2036 vlr.vlr_tag = ifv->ifv_vid;
2037 vlr.vlr_proto = ifv->ifv_proto;
2040 error = copyout(&vlr, ifr_data_get_ptr(ifr), sizeof(vlr));
2045 * We should propagate selected flags to the parent,
2046 * e.g., promiscuous mode.
2049 if (TRUNK(ifv) != NULL)
2050 error = vlan_setflags(ifp, 1);
2057 * If we don't have a parent, just remember the membership for
2060 * XXX We need the rmlock here to avoid sleeping while
2061 * holding in6_multi_mtx.
2066 error = vlan_setmulti(ifp);
2072 if (ifp->if_vnet != ifp->if_home_vnet) {
2077 ifr->ifr_vlan_pcp = ifv->ifv_pcp;
2082 if (ifp->if_vnet != ifp->if_home_vnet) {
2087 error = priv_check(curthread, PRIV_NET_SETVLANPCP);
2090 if (ifr->ifr_vlan_pcp > VLAN_PCP_MAX) {
2094 ifv->ifv_pcp = ifr->ifr_vlan_pcp;
2095 ifp->if_pcp = ifv->ifv_pcp;
2096 /* broadcast event about PCP change */
2097 EVENTHANDLER_INVOKE(ifnet_event, ifp, IFNET_EVENT_PCP);
2102 ifv->ifv_capenable = ifr->ifr_reqcap;
2104 if (trunk != NULL) {
2105 struct epoch_tracker et;
2107 NET_EPOCH_ENTER(et);
2108 vlan_capabilities(ifv);
2122 #if defined(KERN_TLS) || defined(RATELIMIT)
2124 vlan_snd_tag_alloc(struct ifnet *ifp,
2125 union if_snd_tag_alloc_params *params,
2126 struct m_snd_tag **ppmt)
2128 struct epoch_tracker et;
2129 struct vlan_snd_tag *vst;
2131 struct ifnet *parent;
2134 NET_EPOCH_ENTER(et);
2135 ifv = ifp->if_softc;
2136 if (ifv->ifv_trunk != NULL)
2137 parent = PARENT(ifv);
2140 if (parent == NULL) {
2142 return (EOPNOTSUPP);
2147 vst = malloc(sizeof(*vst), M_VLAN, M_NOWAIT);
2153 error = m_snd_tag_alloc(parent, params, &vst->tag);
2160 m_snd_tag_init(&vst->com, ifp, vst->tag->type);
2166 static struct m_snd_tag *
2167 vlan_next_snd_tag(struct m_snd_tag *mst)
2169 struct vlan_snd_tag *vst;
2171 vst = mst_to_vst(mst);
2176 vlan_snd_tag_modify(struct m_snd_tag *mst,
2177 union if_snd_tag_modify_params *params)
2179 struct vlan_snd_tag *vst;
2181 vst = mst_to_vst(mst);
2182 return (vst->tag->ifp->if_snd_tag_modify(vst->tag, params));
2186 vlan_snd_tag_query(struct m_snd_tag *mst,
2187 union if_snd_tag_query_params *params)
2189 struct vlan_snd_tag *vst;
2191 vst = mst_to_vst(mst);
2192 return (vst->tag->ifp->if_snd_tag_query(vst->tag, params));
2196 vlan_snd_tag_free(struct m_snd_tag *mst)
2198 struct vlan_snd_tag *vst;
2200 vst = mst_to_vst(mst);
2201 m_snd_tag_rele(vst->tag);
2206 vlan_ratelimit_query(struct ifnet *ifp __unused, struct if_ratelimit_query_results *q)
2209 * For vlan, we have an indirect
2210 * interface. The caller needs to
2211 * get a ratelimit tag on the actual
2212 * interface the flow will go on.
2214 q->rate_table = NULL;
2215 q->flags = RT_IS_INDIRECT;
2217 q->number_of_rates = 0;
projects / FreeBSD / FreeBSD.git / blob