2 * Copyright 1998 Massachusetts Institute of Technology
3 * Copyright 2012 ADARA Networks, Inc.
4 * Copyright 2017 Dell EMC Isilon
6 * Portions of this software were developed by Robert N. M. Watson under
7 * contract to ADARA Networks, Inc.
9 * Permission to use, copy, modify, and distribute this software and
10 * its documentation for any purpose and without fee is hereby
11 * granted, provided that both the above copyright notice and this
12 * permission notice appear in all copies, that both the above
13 * copyright notice and this permission notice appear in all
14 * supporting documentation, and that the name of M.I.T. not be used
15 * in advertising or publicity pertaining to distribution of the
16 * software without specific, written prior permission. M.I.T. makes
17 * no representations about the suitability of this software for any
18 * purpose. It is provided "as is" without express or implied
21 * THIS SOFTWARE IS PROVIDED BY M.I.T. ``AS IS''. M.I.T. DISCLAIMS
22 * ALL EXPRESS OR IMPLIED WARRANTIES WITH REGARD TO THIS SOFTWARE,
23 * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
24 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT
25 * SHALL M.I.T. BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
26 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
27 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
28 * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
29 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
30 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
31 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
36 * if_vlan.c - pseudo-device driver for IEEE 802.1Q virtual LANs.
37 * This is sort of sneaky in the implementation, since
38 * we need to pretend to be enough of an Ethernet implementation
39 * to make arp work. The way we do this is by telling everyone
40 * that we are an Ethernet, and then catch the packets that
41 * ether_output() sends to us via if_transmit(), rewrite them for
42 * use by the real outgoing interface, and ask it to send them.
45 #include <sys/cdefs.h>
46 __FBSDID("$FreeBSD$");
49 #include "opt_inet6.h"
50 #include "opt_kern_tls.h"
52 #include "opt_ratelimit.h"
54 #include <sys/param.h>
55 #include <sys/eventhandler.h>
56 #include <sys/kernel.h>
58 #include <sys/malloc.h>
60 #include <sys/module.h>
61 #include <sys/rmlock.h>
63 #include <sys/queue.h>
64 #include <sys/socket.h>
65 #include <sys/sockio.h>
66 #include <sys/sysctl.h>
67 #include <sys/systm.h>
69 #include <sys/taskqueue.h>
72 #include <net/ethernet.h>
74 #include <net/if_var.h>
75 #include <net/if_clone.h>
76 #include <net/if_dl.h>
77 #include <net/if_types.h>
78 #include <net/if_vlan_var.h>
79 #include <net/route.h>
83 #include <netinet/in.h>
84 #include <netinet/if_ether.h>
89 * XXX: declare here to avoid to include many inet6 related files..
90 * should be more generalized?
92 extern void nd6_setmtu(struct ifnet *);
95 #define VLAN_DEF_HWIDTH 4
96 #define VLAN_IFFLAGS (IFF_BROADCAST | IFF_MULTICAST)
98 #define UP_AND_RUNNING(ifp) \
99 ((ifp)->if_flags & IFF_UP && (ifp)->if_drv_flags & IFF_DRV_RUNNING)
101 CK_SLIST_HEAD(ifvlanhead, ifvlan);
104 struct ifnet *parent; /* parent interface of this trunk */
107 #define VLAN_ARRAY_SIZE (EVL_VLID_MASK + 1)
108 struct ifvlan *vlans[VLAN_ARRAY_SIZE]; /* static table */
110 struct ifvlanhead *hash; /* dynamic hash-list table */
117 #if defined(KERN_TLS) || defined(RATELIMIT)
118 struct vlan_snd_tag {
119 struct m_snd_tag com;
120 struct m_snd_tag *tag;
123 static inline struct vlan_snd_tag *
124 mst_to_vst(struct m_snd_tag *mst)
127 return (__containerof(mst, struct vlan_snd_tag, com));
132 * This macro provides a facility to iterate over every vlan on a trunk with
133 * the assumption that none will be added/removed during iteration.
136 #define VLAN_FOREACH(_ifv, _trunk) \
138 for (_i = 0; _i < VLAN_ARRAY_SIZE; _i++) \
139 if (((_ifv) = (_trunk)->vlans[_i]) != NULL)
140 #else /* VLAN_ARRAY */
141 #define VLAN_FOREACH(_ifv, _trunk) \
142 struct ifvlan *_next; \
144 for (_i = 0; _i < (1 << (_trunk)->hwidth); _i++) \
145 CK_SLIST_FOREACH_SAFE((_ifv), &(_trunk)->hash[_i], ifv_list, _next)
146 #endif /* VLAN_ARRAY */
149 * This macro provides a facility to iterate over every vlan on a trunk while
150 * also modifying the number of vlans on the trunk. The iteration continues
151 * until some condition is met or there are no more vlans on the trunk.
154 /* The VLAN_ARRAY case is simple -- just a for loop using the condition. */
155 #define VLAN_FOREACH_UNTIL_SAFE(_ifv, _trunk, _cond) \
157 for (_i = 0; !(_cond) && _i < VLAN_ARRAY_SIZE; _i++) \
158 if (((_ifv) = (_trunk)->vlans[_i]))
159 #else /* VLAN_ARRAY */
161 * The hash table case is more complicated. We allow for the hash table to be
162 * modified (i.e. vlans removed) while we are iterating over it. To allow for
163 * this we must restart the iteration every time we "touch" something during
164 * the iteration, since removal will resize the hash table and invalidate our
165 * current position. If acting on the touched element causes the trunk to be
166 * emptied, then iteration also stops.
168 #define VLAN_FOREACH_UNTIL_SAFE(_ifv, _trunk, _cond) \
170 bool _touch = false; \
172 !(_cond) && _i < (1 << (_trunk)->hwidth); \
173 _i = (_touch && ((_trunk) != NULL) ? 0 : _i + 1), _touch = false) \
174 if (((_ifv) = CK_SLIST_FIRST(&(_trunk)->hash[_i])) != NULL && \
176 #endif /* VLAN_ARRAY */
178 struct vlan_mc_entry {
179 struct sockaddr_dl mc_addr;
180 CK_SLIST_ENTRY(vlan_mc_entry) mc_entries;
181 struct epoch_context mc_epoch_ctx;
185 struct ifvlantrunk *ifv_trunk;
186 struct ifnet *ifv_ifp;
187 #define TRUNK(ifv) ((ifv)->ifv_trunk)
188 #define PARENT(ifv) (TRUNK(ifv)->parent)
190 int ifv_pflags; /* special flags we have set on parent */
192 int ifv_encaplen; /* encapsulation length */
193 int ifv_mtufudge; /* MTU fudged by this much */
194 int ifv_mintu; /* min transmission unit */
195 struct ether_8021q_tag ifv_qtag;
196 #define ifv_proto ifv_qtag.proto
197 #define ifv_vid ifv_qtag.vid
198 #define ifv_pcp ifv_qtag.pcp
199 struct task lladdr_task;
200 CK_SLIST_HEAD(, vlan_mc_entry) vlan_mc_listhead;
202 CK_SLIST_ENTRY(ifvlan) ifv_list;
206 /* Special flags we should propagate to parent. */
209 int (*func)(struct ifnet *, int);
211 {IFF_PROMISC, ifpromisc},
212 {IFF_ALLMULTI, if_allmulti},
216 VNET_DECLARE(int, vlan_mtag_pcp);
217 #define V_vlan_mtag_pcp VNET(vlan_mtag_pcp)
219 static const char vlanname[] = "vlan";
220 static MALLOC_DEFINE(M_VLAN, vlanname, "802.1Q Virtual LAN Interface");
222 static eventhandler_tag ifdetach_tag;
223 static eventhandler_tag iflladdr_tag;
224 static eventhandler_tag ifevent_tag;
227 * if_vlan uses two module-level synchronizations primitives to allow concurrent
228 * modification of vlan interfaces and (mostly) allow for vlans to be destroyed
229 * while they are being used for tx/rx. To accomplish this in a way that has
230 * acceptable performance and cooperation with other parts of the network stack
231 * there is a non-sleepable epoch(9) and an sx(9).
233 * The performance-sensitive paths that warrant using the epoch(9) are
234 * vlan_transmit and vlan_input. Both have to check for the vlan interface's
235 * existence using if_vlantrunk, and being in the network tx/rx paths the use
236 * of an epoch(9) gives a measureable improvement in performance.
238 * The reason for having an sx(9) is mostly because there are still areas that
239 * must be sleepable and also have safe concurrent access to a vlan interface.
240 * Since the sx(9) exists, it is used by default in most paths unless sleeping
241 * is not permitted, or if it is not clear whether sleeping is permitted.
244 #define _VLAN_SX_ID ifv_sx
246 static struct sx _VLAN_SX_ID;
248 #define VLAN_LOCKING_INIT() \
249 sx_init_flags(&_VLAN_SX_ID, "vlan_sx", SX_RECURSE)
251 #define VLAN_LOCKING_DESTROY() \
252 sx_destroy(&_VLAN_SX_ID)
254 #define VLAN_SLOCK() sx_slock(&_VLAN_SX_ID)
255 #define VLAN_SUNLOCK() sx_sunlock(&_VLAN_SX_ID)
256 #define VLAN_XLOCK() sx_xlock(&_VLAN_SX_ID)
257 #define VLAN_XUNLOCK() sx_xunlock(&_VLAN_SX_ID)
258 #define VLAN_SLOCK_ASSERT() sx_assert(&_VLAN_SX_ID, SA_SLOCKED)
259 #define VLAN_XLOCK_ASSERT() sx_assert(&_VLAN_SX_ID, SA_XLOCKED)
260 #define VLAN_SXLOCK_ASSERT() sx_assert(&_VLAN_SX_ID, SA_LOCKED)
263 * We also have a per-trunk mutex that should be acquired when changing
266 #define TRUNK_LOCK_INIT(trunk) mtx_init(&(trunk)->lock, vlanname, NULL, MTX_DEF)
267 #define TRUNK_LOCK_DESTROY(trunk) mtx_destroy(&(trunk)->lock)
268 #define TRUNK_WLOCK(trunk) mtx_lock(&(trunk)->lock)
269 #define TRUNK_WUNLOCK(trunk) mtx_unlock(&(trunk)->lock)
270 #define TRUNK_WLOCK_ASSERT(trunk) mtx_assert(&(trunk)->lock, MA_OWNED);
273 * The VLAN_ARRAY substitutes the dynamic hash with a static array
274 * with 4096 entries. In theory this can give a boost in processing,
275 * however in practice it does not. Probably this is because the array
276 * is too big to fit into CPU cache.
279 static void vlan_inithash(struct ifvlantrunk *trunk);
280 static void vlan_freehash(struct ifvlantrunk *trunk);
281 static int vlan_inshash(struct ifvlantrunk *trunk, struct ifvlan *ifv);
282 static int vlan_remhash(struct ifvlantrunk *trunk, struct ifvlan *ifv);
283 static void vlan_growhash(struct ifvlantrunk *trunk, int howmuch);
284 static __inline struct ifvlan * vlan_gethash(struct ifvlantrunk *trunk,
287 static void trunk_destroy(struct ifvlantrunk *trunk);
289 static void vlan_init(void *foo);
290 static void vlan_input(struct ifnet *ifp, struct mbuf *m);
291 static int vlan_ioctl(struct ifnet *ifp, u_long cmd, caddr_t addr);
292 #if defined(KERN_TLS) || defined(RATELIMIT)
293 static int vlan_snd_tag_alloc(struct ifnet *,
294 union if_snd_tag_alloc_params *, struct m_snd_tag **);
295 static int vlan_snd_tag_modify(struct m_snd_tag *,
296 union if_snd_tag_modify_params *);
297 static int vlan_snd_tag_query(struct m_snd_tag *,
298 union if_snd_tag_query_params *);
299 static void vlan_snd_tag_free(struct m_snd_tag *);
300 static struct m_snd_tag *vlan_next_snd_tag(struct m_snd_tag *);
301 static void vlan_ratelimit_query(struct ifnet *,
302 struct if_ratelimit_query_results *);
304 static void vlan_qflush(struct ifnet *ifp);
305 static int vlan_setflag(struct ifnet *ifp, int flag, int status,
306 int (*func)(struct ifnet *, int));
307 static int vlan_setflags(struct ifnet *ifp, int status);
308 static int vlan_setmulti(struct ifnet *ifp);
309 static int vlan_transmit(struct ifnet *ifp, struct mbuf *m);
311 static void vlan_altq_start(struct ifnet *ifp);
312 static int vlan_altq_transmit(struct ifnet *ifp, struct mbuf *m);
314 static int vlan_output(struct ifnet *ifp, struct mbuf *m,
315 const struct sockaddr *dst, struct route *ro);
316 static void vlan_unconfig(struct ifnet *ifp);
317 static void vlan_unconfig_locked(struct ifnet *ifp, int departing);
318 static int vlan_config(struct ifvlan *ifv, struct ifnet *p, uint16_t tag,
320 static void vlan_link_state(struct ifnet *ifp);
321 static void vlan_capabilities(struct ifvlan *ifv);
322 static void vlan_trunk_capabilities(struct ifnet *ifp);
324 static struct ifnet *vlan_clone_match_ethervid(const char *, int *);
325 static int vlan_clone_match(struct if_clone *, const char *);
326 static int vlan_clone_create(struct if_clone *, char *, size_t, caddr_t);
327 static int vlan_clone_destroy(struct if_clone *, struct ifnet *);
329 static void vlan_ifdetach(void *arg, struct ifnet *ifp);
330 static void vlan_iflladdr(void *arg, struct ifnet *ifp);
331 static void vlan_ifevent(void *arg, struct ifnet *ifp, int event);
333 static void vlan_lladdr_fn(void *arg, int pending);
335 static struct if_clone *vlan_cloner;
338 VNET_DEFINE_STATIC(struct if_clone *, vlan_cloner);
339 #define V_vlan_cloner VNET(vlan_cloner)
343 static const struct if_snd_tag_sw vlan_snd_tag_ul_sw = {
344 .snd_tag_modify = vlan_snd_tag_modify,
345 .snd_tag_query = vlan_snd_tag_query,
346 .snd_tag_free = vlan_snd_tag_free,
347 .next_snd_tag = vlan_next_snd_tag,
348 .type = IF_SND_TAG_TYPE_UNLIMITED
351 static const struct if_snd_tag_sw vlan_snd_tag_rl_sw = {
352 .snd_tag_modify = vlan_snd_tag_modify,
353 .snd_tag_query = vlan_snd_tag_query,
354 .snd_tag_free = vlan_snd_tag_free,
355 .next_snd_tag = vlan_next_snd_tag,
356 .type = IF_SND_TAG_TYPE_RATE_LIMIT
361 static const struct if_snd_tag_sw vlan_snd_tag_tls_sw = {
362 .snd_tag_modify = vlan_snd_tag_modify,
363 .snd_tag_query = vlan_snd_tag_query,
364 .snd_tag_free = vlan_snd_tag_free,
365 .next_snd_tag = vlan_next_snd_tag,
366 .type = IF_SND_TAG_TYPE_TLS
370 static const struct if_snd_tag_sw vlan_snd_tag_tls_rl_sw = {
371 .snd_tag_modify = vlan_snd_tag_modify,
372 .snd_tag_query = vlan_snd_tag_query,
373 .snd_tag_free = vlan_snd_tag_free,
374 .next_snd_tag = vlan_next_snd_tag,
375 .type = IF_SND_TAG_TYPE_TLS_RATE_LIMIT
381 vlan_mc_free(struct epoch_context *ctx)
383 struct vlan_mc_entry *mc = __containerof(ctx, struct vlan_mc_entry, mc_epoch_ctx);
388 #define HASH(n, m) ((((n) >> 8) ^ ((n) >> 4) ^ (n)) & (m))
391 vlan_inithash(struct ifvlantrunk *trunk)
396 * The trunk must not be locked here since we call malloc(M_WAITOK).
397 * It is OK in case this function is called before the trunk struct
398 * gets hooked up and becomes visible from other threads.
401 KASSERT(trunk->hwidth == 0 && trunk->hash == NULL,
402 ("%s: hash already initialized", __func__));
404 trunk->hwidth = VLAN_DEF_HWIDTH;
405 n = 1 << trunk->hwidth;
406 trunk->hmask = n - 1;
407 trunk->hash = malloc(sizeof(struct ifvlanhead) * n, M_VLAN, M_WAITOK);
408 for (i = 0; i < n; i++)
409 CK_SLIST_INIT(&trunk->hash[i]);
413 vlan_freehash(struct ifvlantrunk *trunk)
418 KASSERT(trunk->hwidth > 0, ("%s: hwidth not positive", __func__));
419 for (i = 0; i < (1 << trunk->hwidth); i++)
420 KASSERT(CK_SLIST_EMPTY(&trunk->hash[i]),
421 ("%s: hash table not empty", __func__));
423 free(trunk->hash, M_VLAN);
425 trunk->hwidth = trunk->hmask = 0;
429 vlan_inshash(struct ifvlantrunk *trunk, struct ifvlan *ifv)
435 KASSERT(trunk->hwidth > 0, ("%s: hwidth not positive", __func__));
437 b = 1 << trunk->hwidth;
438 i = HASH(ifv->ifv_vid, trunk->hmask);
439 CK_SLIST_FOREACH(ifv2, &trunk->hash[i], ifv_list)
440 if (ifv->ifv_vid == ifv2->ifv_vid)
444 * Grow the hash when the number of vlans exceeds half of the number of
445 * hash buckets squared. This will make the average linked-list length
448 if (trunk->refcnt > (b * b) / 2) {
449 vlan_growhash(trunk, 1);
450 i = HASH(ifv->ifv_vid, trunk->hmask);
452 CK_SLIST_INSERT_HEAD(&trunk->hash[i], ifv, ifv_list);
459 vlan_remhash(struct ifvlantrunk *trunk, struct ifvlan *ifv)
465 KASSERT(trunk->hwidth > 0, ("%s: hwidth not positive", __func__));
467 b = 1 << trunk->hwidth;
468 i = HASH(ifv->ifv_vid, trunk->hmask);
469 CK_SLIST_FOREACH(ifv2, &trunk->hash[i], ifv_list)
472 CK_SLIST_REMOVE(&trunk->hash[i], ifv2, ifvlan, ifv_list);
473 if (trunk->refcnt < (b * b) / 2)
474 vlan_growhash(trunk, -1);
478 panic("%s: vlan not found\n", __func__);
479 return (ENOENT); /*NOTREACHED*/
483 * Grow the hash larger or smaller if memory permits.
486 vlan_growhash(struct ifvlantrunk *trunk, int howmuch)
489 struct ifvlanhead *hash2;
490 int hwidth2, i, j, n, n2;
493 KASSERT(trunk->hwidth > 0, ("%s: hwidth not positive", __func__));
496 /* Harmless yet obvious coding error */
497 printf("%s: howmuch is 0\n", __func__);
501 hwidth2 = trunk->hwidth + howmuch;
502 n = 1 << trunk->hwidth;
504 /* Do not shrink the table below the default */
505 if (hwidth2 < VLAN_DEF_HWIDTH)
508 hash2 = malloc(sizeof(struct ifvlanhead) * n2, M_VLAN, M_WAITOK);
510 printf("%s: out of memory -- hash size not changed\n",
512 return; /* We can live with the old hash table */
514 for (j = 0; j < n2; j++)
515 CK_SLIST_INIT(&hash2[j]);
516 for (i = 0; i < n; i++)
517 while ((ifv = CK_SLIST_FIRST(&trunk->hash[i])) != NULL) {
518 CK_SLIST_REMOVE(&trunk->hash[i], ifv, ifvlan, ifv_list);
519 j = HASH(ifv->ifv_vid, n2 - 1);
520 CK_SLIST_INSERT_HEAD(&hash2[j], ifv, ifv_list);
523 free(trunk->hash, M_VLAN);
525 trunk->hwidth = hwidth2;
526 trunk->hmask = n2 - 1;
529 if_printf(trunk->parent,
530 "VLAN hash table resized from %d to %d buckets\n", n, n2);
533 static __inline struct ifvlan *
534 vlan_gethash(struct ifvlantrunk *trunk, uint16_t vid)
540 CK_SLIST_FOREACH(ifv, &trunk->hash[HASH(vid, trunk->hmask)], ifv_list)
541 if (ifv->ifv_vid == vid)
547 /* Debugging code to view the hashtables. */
549 vlan_dumphash(struct ifvlantrunk *trunk)
554 for (i = 0; i < (1 << trunk->hwidth); i++) {
556 CK_SLIST_FOREACH(ifv, &trunk->hash[i], ifv_list)
557 printf("%s ", ifv->ifv_ifp->if_xname);
564 static __inline struct ifvlan *
565 vlan_gethash(struct ifvlantrunk *trunk, uint16_t vid)
568 return trunk->vlans[vid];
572 vlan_inshash(struct ifvlantrunk *trunk, struct ifvlan *ifv)
575 if (trunk->vlans[ifv->ifv_vid] != NULL)
577 trunk->vlans[ifv->ifv_vid] = ifv;
584 vlan_remhash(struct ifvlantrunk *trunk, struct ifvlan *ifv)
587 trunk->vlans[ifv->ifv_vid] = NULL;
594 vlan_freehash(struct ifvlantrunk *trunk)
599 vlan_inithash(struct ifvlantrunk *trunk)
603 #endif /* !VLAN_ARRAY */
606 trunk_destroy(struct ifvlantrunk *trunk)
610 vlan_freehash(trunk);
611 trunk->parent->if_vlantrunk = NULL;
612 TRUNK_LOCK_DESTROY(trunk);
613 if_rele(trunk->parent);
618 * Program our multicast filter. What we're actually doing is
619 * programming the multicast filter of the parent. This has the
620 * side effect of causing the parent interface to receive multicast
621 * traffic that it doesn't really want, which ends up being discarded
622 * later by the upper protocol layers. Unfortunately, there's no way
623 * to avoid this: there really is only one physical interface.
626 vlan_setmulti(struct ifnet *ifp)
629 struct ifmultiaddr *ifma;
631 struct vlan_mc_entry *mc;
636 /* Find the parent. */
640 CURVNET_SET_QUIET(ifp_p->if_vnet);
642 /* First, remove any existing filter entries. */
643 while ((mc = CK_SLIST_FIRST(&sc->vlan_mc_listhead)) != NULL) {
644 CK_SLIST_REMOVE_HEAD(&sc->vlan_mc_listhead, mc_entries);
645 (void)if_delmulti(ifp_p, (struct sockaddr *)&mc->mc_addr);
646 NET_EPOCH_CALL(vlan_mc_free, &mc->mc_epoch_ctx);
649 /* Now program new ones. */
651 CK_STAILQ_FOREACH(ifma, &ifp->if_multiaddrs, ifma_link) {
652 if (ifma->ifma_addr->sa_family != AF_LINK)
654 mc = malloc(sizeof(struct vlan_mc_entry), M_VLAN, M_NOWAIT);
656 IF_ADDR_WUNLOCK(ifp);
660 bcopy(ifma->ifma_addr, &mc->mc_addr, ifma->ifma_addr->sa_len);
661 mc->mc_addr.sdl_index = ifp_p->if_index;
662 CK_SLIST_INSERT_HEAD(&sc->vlan_mc_listhead, mc, mc_entries);
664 IF_ADDR_WUNLOCK(ifp);
665 CK_SLIST_FOREACH (mc, &sc->vlan_mc_listhead, mc_entries) {
666 error = if_addmulti(ifp_p, (struct sockaddr *)&mc->mc_addr,
679 * A handler for interface ifnet events.
682 vlan_ifevent(void *arg __unused, struct ifnet *ifp, int event)
684 struct epoch_tracker et;
686 struct ifvlantrunk *trunk;
688 if (event != IFNET_EVENT_UPDATE_BAUDRATE)
692 trunk = ifp->if_vlantrunk;
699 VLAN_FOREACH(ifv, trunk) {
700 ifv->ifv_ifp->if_baudrate = ifp->if_baudrate;
702 TRUNK_WUNLOCK(trunk);
707 * A handler for parent interface link layer address changes.
708 * If the parent interface link layer address is changed we
709 * should also change it on all children vlans.
712 vlan_iflladdr(void *arg __unused, struct ifnet *ifp)
714 struct epoch_tracker et;
716 struct ifnet *ifv_ifp;
717 struct ifvlantrunk *trunk;
718 struct sockaddr_dl *sdl;
720 /* Need the epoch since this is run on taskqueue_swi. */
722 trunk = ifp->if_vlantrunk;
729 * OK, it's a trunk. Loop over and change all vlan's lladdrs on it.
730 * We need an exclusive lock here to prevent concurrent SIOCSIFLLADDR
731 * ioctl calls on the parent garbling the lladdr of the child vlan.
734 VLAN_FOREACH(ifv, trunk) {
736 * Copy new new lladdr into the ifv_ifp, enqueue a task
737 * to actually call if_setlladdr. if_setlladdr needs to
738 * be deferred to a taskqueue because it will call into
739 * the if_vlan ioctl path and try to acquire the global
742 ifv_ifp = ifv->ifv_ifp;
743 bcopy(IF_LLADDR(ifp), IF_LLADDR(ifv_ifp),
745 sdl = (struct sockaddr_dl *)ifv_ifp->if_addr->ifa_addr;
746 sdl->sdl_alen = ifp->if_addrlen;
747 taskqueue_enqueue(taskqueue_thread, &ifv->lladdr_task);
749 TRUNK_WUNLOCK(trunk);
754 * A handler for network interface departure events.
755 * Track departure of trunks here so that we don't access invalid
756 * pointers or whatever if a trunk is ripped from under us, e.g.,
757 * by ejecting its hot-plug card. However, if an ifnet is simply
758 * being renamed, then there's no need to tear down the state.
761 vlan_ifdetach(void *arg __unused, struct ifnet *ifp)
764 struct ifvlantrunk *trunk;
766 /* If the ifnet is just being renamed, don't do anything. */
767 if (ifp->if_flags & IFF_RENAMING)
770 trunk = ifp->if_vlantrunk;
777 * OK, it's a trunk. Loop over and detach all vlan's on it.
778 * Check trunk pointer after each vlan_unconfig() as it will
779 * free it and set to NULL after the last vlan was detached.
781 VLAN_FOREACH_UNTIL_SAFE(ifv, ifp->if_vlantrunk,
782 ifp->if_vlantrunk == NULL)
783 vlan_unconfig_locked(ifv->ifv_ifp, 1);
785 /* Trunk should have been destroyed in vlan_unconfig(). */
786 KASSERT(ifp->if_vlantrunk == NULL, ("%s: purge failed", __func__));
791 * Return the trunk device for a virtual interface.
793 static struct ifnet *
794 vlan_trunkdev(struct ifnet *ifp)
800 if (ifp->if_type != IFT_L2VLAN)
811 * Return the 12-bit VLAN VID for this interface, for use by external
812 * components such as Infiniband.
814 * XXXRW: Note that the function name here is historical; it should be named
818 vlan_tag(struct ifnet *ifp, uint16_t *vidp)
822 if (ifp->if_type != IFT_L2VLAN)
825 *vidp = ifv->ifv_vid;
830 vlan_pcp(struct ifnet *ifp, uint16_t *pcpp)
834 if (ifp->if_type != IFT_L2VLAN)
837 *pcpp = ifv->ifv_pcp;
842 * Return a driver specific cookie for this interface. Synchronization
843 * with setcookie must be provided by the driver.
846 vlan_cookie(struct ifnet *ifp)
850 if (ifp->if_type != IFT_L2VLAN)
853 return (ifv->ifv_cookie);
857 * Store a cookie in our softc that drivers can use to store driver
858 * private per-instance data in.
861 vlan_setcookie(struct ifnet *ifp, void *cookie)
865 if (ifp->if_type != IFT_L2VLAN)
868 ifv->ifv_cookie = cookie;
873 * Return the vlan device present at the specific VID.
875 static struct ifnet *
876 vlan_devat(struct ifnet *ifp, uint16_t vid)
878 struct ifvlantrunk *trunk;
883 trunk = ifp->if_vlantrunk;
887 ifv = vlan_gethash(trunk, vid);
894 * VLAN support can be loaded as a module. The only place in the
895 * system that's intimately aware of this is ether_input. We hook
896 * into this code through vlan_input_p which is defined there and
897 * set here. No one else in the system should be aware of this so
898 * we use an explicit reference here.
900 extern void (*vlan_input_p)(struct ifnet *, struct mbuf *);
902 /* For if_link_state_change() eyes only... */
903 extern void (*vlan_link_state_p)(struct ifnet *);
906 vlan_modevent(module_t mod, int type, void *data)
911 ifdetach_tag = EVENTHANDLER_REGISTER(ifnet_departure_event,
912 vlan_ifdetach, NULL, EVENTHANDLER_PRI_ANY);
913 if (ifdetach_tag == NULL)
915 iflladdr_tag = EVENTHANDLER_REGISTER(iflladdr_event,
916 vlan_iflladdr, NULL, EVENTHANDLER_PRI_ANY);
917 if (iflladdr_tag == NULL)
919 ifevent_tag = EVENTHANDLER_REGISTER(ifnet_event,
920 vlan_ifevent, NULL, EVENTHANDLER_PRI_ANY);
921 if (ifevent_tag == NULL)
924 vlan_input_p = vlan_input;
925 vlan_link_state_p = vlan_link_state;
926 vlan_trunk_cap_p = vlan_trunk_capabilities;
927 vlan_trunkdev_p = vlan_trunkdev;
928 vlan_cookie_p = vlan_cookie;
929 vlan_setcookie_p = vlan_setcookie;
930 vlan_tag_p = vlan_tag;
931 vlan_pcp_p = vlan_pcp;
932 vlan_devat_p = vlan_devat;
934 vlan_cloner = if_clone_advanced(vlanname, 0, vlan_clone_match,
935 vlan_clone_create, vlan_clone_destroy);
938 printf("vlan: initialized, using "
942 "hash tables with chaining"
949 if_clone_detach(vlan_cloner);
951 EVENTHANDLER_DEREGISTER(ifnet_departure_event, ifdetach_tag);
952 EVENTHANDLER_DEREGISTER(iflladdr_event, iflladdr_tag);
953 EVENTHANDLER_DEREGISTER(ifnet_event, ifevent_tag);
955 vlan_link_state_p = NULL;
956 vlan_trunk_cap_p = NULL;
957 vlan_trunkdev_p = NULL;
959 vlan_cookie_p = NULL;
960 vlan_setcookie_p = NULL;
962 VLAN_LOCKING_DESTROY();
964 printf("vlan: unloaded\n");
972 static moduledata_t vlan_mod = {
978 DECLARE_MODULE(if_vlan, vlan_mod, SI_SUB_PSEUDO, SI_ORDER_ANY);
979 MODULE_VERSION(if_vlan, 3);
983 vnet_vlan_init(const void *unused __unused)
986 vlan_cloner = if_clone_advanced(vlanname, 0, vlan_clone_match,
987 vlan_clone_create, vlan_clone_destroy);
988 V_vlan_cloner = vlan_cloner;
990 VNET_SYSINIT(vnet_vlan_init, SI_SUB_PROTO_IFATTACHDOMAIN, SI_ORDER_ANY,
991 vnet_vlan_init, NULL);
994 vnet_vlan_uninit(const void *unused __unused)
997 if_clone_detach(V_vlan_cloner);
999 VNET_SYSUNINIT(vnet_vlan_uninit, SI_SUB_INIT_IF, SI_ORDER_ANY,
1000 vnet_vlan_uninit, NULL);
1004 * Check for <etherif>.<vlan>[.<vlan> ...] style interface names.
1006 static struct ifnet *
1007 vlan_clone_match_ethervid(const char *name, int *vidp)
1009 char ifname[IFNAMSIZ];
1014 strlcpy(ifname, name, IFNAMSIZ);
1015 if ((cp = strrchr(ifname, '.')) == NULL)
1018 if ((ifp = ifunit_ref(ifname)) == NULL)
1021 if (*++cp == '\0') {
1026 for(; *cp >= '0' && *cp <= '9'; cp++)
1027 vid = (vid * 10) + (*cp - '0');
1039 vlan_clone_match(struct if_clone *ifc, const char *name)
1044 ifp = vlan_clone_match_ethervid(name, NULL);
1050 if (strncmp(vlanname, name, strlen(vlanname)) != 0)
1052 for (cp = name + 4; *cp != '\0'; cp++) {
1053 if (*cp < '0' || *cp > '9')
1061 vlan_clone_create(struct if_clone *ifc, char *name, size_t len, caddr_t params)
1064 bool wildcard = false;
1065 bool subinterface = false;
1069 uint16_t proto = ETHERTYPE_VLAN;
1072 struct ifnet *p = NULL;
1074 struct sockaddr_dl *sdl;
1076 static const u_char eaddr[ETHER_ADDR_LEN]; /* 00:00:00:00:00:00 */
1080 * There are three ways to specify the cloned device:
1081 * o pass a parameter block with the clone request.
1082 * o specify parameters in the text of the clone device name
1083 * o specify no parameters and get an unattached device that
1084 * must be configured separately.
1085 * The first technique is preferred; the latter two are supported
1086 * for backwards compatibility.
1088 * XXXRW: Note historic use of the word "tag" here. New ioctls may be
1093 error = copyin(params, &vlr, sizeof(vlr));
1097 proto = vlr.vlr_proto;
1099 #ifdef COMPAT_FREEBSD12
1101 proto = ETHERTYPE_VLAN;
1103 p = ifunit_ref(vlr.vlr_parent);
1108 if ((error = ifc_name2unit(name, &unit)) == 0) {
1111 * vlanX interface. Set wildcard to true if the unit number
1114 wildcard = (unit < 0);
1116 struct ifnet *p_tmp = vlan_clone_match_ethervid(name, &vid);
1117 if (p_tmp != NULL) {
1119 subinterface = true;
1120 unit = IF_DUNIT_NONE;
1138 if (!subinterface) {
1139 /* vlanX interface, mark X as busy or allocate new unit # */
1140 error = ifc_alloc_unit(ifc, &unit);
1148 /* In the wildcard case, we need to update the name. */
1150 for (dp = name; *dp != '\0'; dp++);
1151 if (snprintf(dp, len - (dp-name), "%d", unit) >
1152 len - (dp-name) - 1) {
1153 panic("%s: interface name too long", __func__);
1157 ifv = malloc(sizeof(struct ifvlan), M_VLAN, M_WAITOK | M_ZERO);
1158 ifp = ifv->ifv_ifp = if_alloc(IFT_ETHER);
1161 ifc_free_unit(ifc, unit);
1167 CK_SLIST_INIT(&ifv->vlan_mc_listhead);
1168 ifp->if_softc = ifv;
1170 * Set the name manually rather than using if_initname because
1171 * we don't conform to the default naming convention for interfaces.
1173 strlcpy(ifp->if_xname, name, IFNAMSIZ);
1174 ifp->if_dname = vlanname;
1175 ifp->if_dunit = unit;
1177 ifp->if_init = vlan_init;
1179 ifp->if_start = vlan_altq_start;
1180 ifp->if_transmit = vlan_altq_transmit;
1181 IFQ_SET_MAXLEN(&ifp->if_snd, ifqmaxlen);
1182 ifp->if_snd.ifq_drv_maxlen = 0;
1183 IFQ_SET_READY(&ifp->if_snd);
1185 ifp->if_transmit = vlan_transmit;
1187 ifp->if_qflush = vlan_qflush;
1188 ifp->if_ioctl = vlan_ioctl;
1189 #if defined(KERN_TLS) || defined(RATELIMIT)
1190 ifp->if_snd_tag_alloc = vlan_snd_tag_alloc;
1191 ifp->if_ratelimit_query = vlan_ratelimit_query;
1193 ifp->if_flags = VLAN_IFFLAGS;
1194 ether_ifattach(ifp, eaddr);
1195 /* Now undo some of the damage... */
1196 ifp->if_baudrate = 0;
1197 ifp->if_type = IFT_L2VLAN;
1198 ifp->if_hdrlen = ETHER_VLAN_ENCAP_LEN;
1200 sdl = (struct sockaddr_dl *)ifa->ifa_addr;
1201 sdl->sdl_type = IFT_L2VLAN;
1204 error = vlan_config(ifv, p, vid, proto);
1208 * Since we've partially failed, we need to back
1209 * out all the way, otherwise userland could get
1210 * confused. Thus, we destroy the interface.
1212 ether_ifdetach(ifp);
1216 ifc_free_unit(ifc, unit);
1227 vlan_clone_destroy(struct if_clone *ifc, struct ifnet *ifp)
1229 struct ifvlan *ifv = ifp->if_softc;
1230 int unit = ifp->if_dunit;
1232 if (ifp->if_vlantrunk)
1236 IFQ_PURGE(&ifp->if_snd);
1238 ether_ifdetach(ifp); /* first, remove it from system-wide lists */
1239 vlan_unconfig(ifp); /* now it can be unconfigured and freed */
1241 * We should have the only reference to the ifv now, so we can now
1242 * drain any remaining lladdr task before freeing the ifnet and the
1245 taskqueue_drain(taskqueue_thread, &ifv->lladdr_task);
1249 if (unit != IF_DUNIT_NONE)
1250 ifc_free_unit(ifc, unit);
1256 * The ifp->if_init entry point for vlan(4) is a no-op.
1259 vlan_init(void *foo __unused)
1264 * The if_transmit method for vlan(4) interface.
1267 vlan_transmit(struct ifnet *ifp, struct mbuf *m)
1271 int error, len, mcast;
1275 ifv = ifp->if_softc;
1276 if (TRUNK(ifv) == NULL) {
1277 if_inc_counter(ifp, IFCOUNTER_OERRORS, 1);
1282 len = m->m_pkthdr.len;
1283 mcast = (m->m_flags & (M_MCAST | M_BCAST)) ? 1 : 0;
1287 #if defined(KERN_TLS) || defined(RATELIMIT)
1288 if (m->m_pkthdr.csum_flags & CSUM_SND_TAG) {
1289 struct vlan_snd_tag *vst;
1290 struct m_snd_tag *mst;
1292 MPASS(m->m_pkthdr.snd_tag->ifp == ifp);
1293 mst = m->m_pkthdr.snd_tag;
1294 vst = mst_to_vst(mst);
1295 if (vst->tag->ifp != p) {
1296 if_inc_counter(ifp, IFCOUNTER_OERRORS, 1);
1301 m->m_pkthdr.snd_tag = m_snd_tag_ref(vst->tag);
1302 m_snd_tag_rele(mst);
1307 * Do not run parent's if_transmit() if the parent is not up,
1308 * or parent's driver will cause a system crash.
1310 if (!UP_AND_RUNNING(p)) {
1311 if_inc_counter(ifp, IFCOUNTER_OERRORS, 1);
1316 if (!ether_8021q_frame(&m, ifp, p, &ifv->ifv_qtag)) {
1317 if_inc_counter(ifp, IFCOUNTER_OERRORS, 1);
1322 * Send it, precisely as ether_output() would have.
1324 error = (p->if_transmit)(p, m);
1326 if_inc_counter(ifp, IFCOUNTER_OPACKETS, 1);
1327 if_inc_counter(ifp, IFCOUNTER_OBYTES, len);
1328 if_inc_counter(ifp, IFCOUNTER_OMCASTS, mcast);
1330 if_inc_counter(ifp, IFCOUNTER_OERRORS, 1);
1335 vlan_output(struct ifnet *ifp, struct mbuf *m, const struct sockaddr *dst,
1344 * Find the first non-VLAN parent interface.
1346 ifv = ifp->if_softc;
1348 if (TRUNK(ifv) == NULL) {
1354 } while (p->if_type == IFT_L2VLAN);
1356 return p->if_output(ifp, m, dst, ro);
1361 vlan_altq_start(if_t ifp)
1363 struct ifaltq *ifq = &ifp->if_snd;
1367 IFQ_DEQUEUE_NOLOCK(ifq, m);
1369 vlan_transmit(ifp, m);
1370 IFQ_DEQUEUE_NOLOCK(ifq, m);
1376 vlan_altq_transmit(if_t ifp, struct mbuf *m)
1380 if (ALTQ_IS_ENABLED(&ifp->if_snd)) {
1381 IFQ_ENQUEUE(&ifp->if_snd, m, err);
1383 vlan_altq_start(ifp);
1385 err = vlan_transmit(ifp, m);
1392 * The ifp->if_qflush entry point for vlan(4) is a no-op.
1395 vlan_qflush(struct ifnet *ifp __unused)
1400 vlan_input(struct ifnet *ifp, struct mbuf *m)
1402 struct ifvlantrunk *trunk;
1409 trunk = ifp->if_vlantrunk;
1410 if (trunk == NULL) {
1415 if (m->m_flags & M_VLANTAG) {
1417 * Packet is tagged, but m contains a normal
1418 * Ethernet frame; the tag is stored out-of-band.
1420 tag = m->m_pkthdr.ether_vtag;
1421 m->m_flags &= ~M_VLANTAG;
1423 struct ether_vlan_header *evl;
1426 * Packet is tagged in-band as specified by 802.1q.
1428 switch (ifp->if_type) {
1430 if (m->m_len < sizeof(*evl) &&
1431 (m = m_pullup(m, sizeof(*evl))) == NULL) {
1432 if_printf(ifp, "cannot pullup VLAN header\n");
1435 evl = mtod(m, struct ether_vlan_header *);
1436 tag = ntohs(evl->evl_tag);
1439 * Remove the 802.1q header by copying the Ethernet
1440 * addresses over it and adjusting the beginning of
1441 * the data in the mbuf. The encapsulated Ethernet
1442 * type field is already in place.
1444 bcopy((char *)evl, (char *)evl + ETHER_VLAN_ENCAP_LEN,
1445 ETHER_HDR_LEN - ETHER_TYPE_LEN);
1446 m_adj(m, ETHER_VLAN_ENCAP_LEN);
1451 panic("%s: %s has unsupported if_type %u",
1452 __func__, ifp->if_xname, ifp->if_type);
1454 if_inc_counter(ifp, IFCOUNTER_NOPROTO, 1);
1460 vid = EVL_VLANOFTAG(tag);
1462 ifv = vlan_gethash(trunk, vid);
1463 if (ifv == NULL || !UP_AND_RUNNING(ifv->ifv_ifp)) {
1464 if_inc_counter(ifp, IFCOUNTER_NOPROTO, 1);
1469 if (V_vlan_mtag_pcp) {
1471 * While uncommon, it is possible that we will find a 802.1q
1472 * packet encapsulated inside another packet that also had an
1473 * 802.1q header. For example, ethernet tunneled over IPSEC
1474 * arriving over ethernet. In that case, we replace the
1475 * existing 802.1q PCP m_tag value.
1477 mtag = m_tag_locate(m, MTAG_8021Q, MTAG_8021Q_PCP_IN, NULL);
1479 mtag = m_tag_alloc(MTAG_8021Q, MTAG_8021Q_PCP_IN,
1480 sizeof(uint8_t), M_NOWAIT);
1482 if_inc_counter(ifp, IFCOUNTER_IERRORS, 1);
1486 m_tag_prepend(m, mtag);
1488 *(uint8_t *)(mtag + 1) = EVL_PRIOFTAG(tag);
1491 m->m_pkthdr.rcvif = ifv->ifv_ifp;
1492 if_inc_counter(ifv->ifv_ifp, IFCOUNTER_IPACKETS, 1);
1494 /* Pass it back through the parent's input routine. */
1495 (*ifv->ifv_ifp->if_input)(ifv->ifv_ifp, m);
1499 vlan_lladdr_fn(void *arg, int pending __unused)
1504 ifv = (struct ifvlan *)arg;
1507 CURVNET_SET(ifp->if_vnet);
1509 /* The ifv_ifp already has the lladdr copied in. */
1510 if_setlladdr(ifp, IF_LLADDR(ifp), ifp->if_addrlen);
1516 vlan_config(struct ifvlan *ifv, struct ifnet *p, uint16_t vid,
1519 struct epoch_tracker et;
1520 struct ifvlantrunk *trunk;
1525 * We can handle non-ethernet hardware types as long as
1526 * they handle the tagging and headers themselves.
1528 if (p->if_type != IFT_ETHER &&
1529 p->if_type != IFT_L2VLAN &&
1530 (p->if_capenable & IFCAP_VLAN_HWTAGGING) == 0)
1531 return (EPROTONOSUPPORT);
1532 if ((p->if_flags & VLAN_IFFLAGS) != VLAN_IFFLAGS)
1533 return (EPROTONOSUPPORT);
1535 * Don't let the caller set up a VLAN VID with
1536 * anything except VLID bits.
1537 * VID numbers 0x0 and 0xFFF are reserved.
1539 if (vid == 0 || vid == 0xFFF || (vid & ~EVL_VLID_MASK))
1545 if (p->if_vlantrunk == NULL) {
1546 trunk = malloc(sizeof(struct ifvlantrunk),
1547 M_VLAN, M_WAITOK | M_ZERO);
1548 vlan_inithash(trunk);
1549 TRUNK_LOCK_INIT(trunk);
1551 p->if_vlantrunk = trunk;
1553 if_ref(trunk->parent);
1554 TRUNK_WUNLOCK(trunk);
1556 trunk = p->if_vlantrunk;
1559 ifv->ifv_vid = vid; /* must set this before vlan_inshash() */
1560 ifv->ifv_pcp = 0; /* Default: best effort delivery. */
1561 error = vlan_inshash(trunk, ifv);
1564 ifv->ifv_proto = proto;
1565 ifv->ifv_encaplen = ETHER_VLAN_ENCAP_LEN;
1566 ifv->ifv_mintu = ETHERMIN;
1567 ifv->ifv_pflags = 0;
1568 ifv->ifv_capenable = -1;
1571 * If the parent supports the VLAN_MTU capability,
1572 * i.e. can Tx/Rx larger than ETHER_MAX_LEN frames,
1575 if (p->if_capenable & IFCAP_VLAN_MTU) {
1577 * No need to fudge the MTU since the parent can
1578 * handle extended frames.
1580 ifv->ifv_mtufudge = 0;
1583 * Fudge the MTU by the encapsulation size. This
1584 * makes us incompatible with strictly compliant
1585 * 802.1Q implementations, but allows us to use
1586 * the feature with other NetBSD implementations,
1587 * which might still be useful.
1589 ifv->ifv_mtufudge = ifv->ifv_encaplen;
1592 ifv->ifv_trunk = trunk;
1595 * Initialize fields from our parent. This duplicates some
1596 * work with ether_ifattach() but allows for non-ethernet
1597 * interfaces to also work.
1599 ifp->if_mtu = p->if_mtu - ifv->ifv_mtufudge;
1600 ifp->if_baudrate = p->if_baudrate;
1601 ifp->if_input = p->if_input;
1602 ifp->if_resolvemulti = p->if_resolvemulti;
1603 ifp->if_addrlen = p->if_addrlen;
1604 ifp->if_broadcastaddr = p->if_broadcastaddr;
1605 ifp->if_pcp = ifv->ifv_pcp;
1608 * We wrap the parent's if_output using vlan_output to ensure that it
1609 * can't become stale.
1611 ifp->if_output = vlan_output;
1614 * Copy only a selected subset of flags from the parent.
1615 * Other flags are none of our business.
1617 #define VLAN_COPY_FLAGS (IFF_SIMPLEX)
1618 ifp->if_flags &= ~VLAN_COPY_FLAGS;
1619 ifp->if_flags |= p->if_flags & VLAN_COPY_FLAGS;
1620 #undef VLAN_COPY_FLAGS
1622 ifp->if_link_state = p->if_link_state;
1624 NET_EPOCH_ENTER(et);
1625 vlan_capabilities(ifv);
1629 * Set up our interface address to reflect the underlying
1630 * physical interface's.
1632 TASK_INIT(&ifv->lladdr_task, 0, vlan_lladdr_fn, ifv);
1633 ((struct sockaddr_dl *)ifp->if_addr->ifa_addr)->sdl_alen =
1637 * Do not schedule link address update if it was the same
1638 * as previous parent's. This helps avoid updating for each
1639 * associated llentry.
1641 if (memcmp(IF_LLADDR(p), IF_LLADDR(ifp), p->if_addrlen) != 0) {
1642 bcopy(IF_LLADDR(p), IF_LLADDR(ifp), p->if_addrlen);
1643 taskqueue_enqueue(taskqueue_thread, &ifv->lladdr_task);
1646 /* We are ready for operation now. */
1647 ifp->if_drv_flags |= IFF_DRV_RUNNING;
1649 /* Update flags on the parent, if necessary. */
1650 vlan_setflags(ifp, 1);
1653 * Configure multicast addresses that may already be
1654 * joined on the vlan device.
1656 (void)vlan_setmulti(ifp);
1660 EVENTHANDLER_INVOKE(vlan_config, p, ifv->ifv_vid);
1667 vlan_unconfig(struct ifnet *ifp)
1671 vlan_unconfig_locked(ifp, 0);
1676 vlan_unconfig_locked(struct ifnet *ifp, int departing)
1678 struct ifvlantrunk *trunk;
1679 struct vlan_mc_entry *mc;
1681 struct ifnet *parent;
1684 VLAN_XLOCK_ASSERT();
1686 ifv = ifp->if_softc;
1687 trunk = ifv->ifv_trunk;
1690 if (trunk != NULL) {
1691 parent = trunk->parent;
1694 * Since the interface is being unconfigured, we need to
1695 * empty the list of multicast groups that we may have joined
1696 * while we were alive from the parent's list.
1698 while ((mc = CK_SLIST_FIRST(&ifv->vlan_mc_listhead)) != NULL) {
1700 * If the parent interface is being detached,
1701 * all its multicast addresses have already
1702 * been removed. Warn about errors if
1703 * if_delmulti() does fail, but don't abort as
1704 * all callers expect vlan destruction to
1708 error = if_delmulti(parent,
1709 (struct sockaddr *)&mc->mc_addr);
1712 "Failed to delete multicast address from parent: %d\n",
1715 CK_SLIST_REMOVE_HEAD(&ifv->vlan_mc_listhead, mc_entries);
1716 NET_EPOCH_CALL(vlan_mc_free, &mc->mc_epoch_ctx);
1719 vlan_setflags(ifp, 0); /* clear special flags on parent */
1721 vlan_remhash(trunk, ifv);
1722 ifv->ifv_trunk = NULL;
1725 * Check if we were the last.
1727 if (trunk->refcnt == 0) {
1728 parent->if_vlantrunk = NULL;
1730 trunk_destroy(trunk);
1734 /* Disconnect from parent. */
1735 if (ifv->ifv_pflags)
1736 if_printf(ifp, "%s: ifv_pflags unclean\n", __func__);
1737 ifp->if_mtu = ETHERMTU;
1738 ifp->if_link_state = LINK_STATE_UNKNOWN;
1739 ifp->if_drv_flags &= ~IFF_DRV_RUNNING;
1742 * Only dispatch an event if vlan was
1743 * attached, otherwise there is nothing
1744 * to cleanup anyway.
1747 EVENTHANDLER_INVOKE(vlan_unconfig, parent, ifv->ifv_vid);
1750 /* Handle a reference counted flag that should be set on the parent as well */
1752 vlan_setflag(struct ifnet *ifp, int flag, int status,
1753 int (*func)(struct ifnet *, int))
1758 VLAN_SXLOCK_ASSERT();
1760 ifv = ifp->if_softc;
1761 status = status ? (ifp->if_flags & flag) : 0;
1762 /* Now "status" contains the flag value or 0 */
1765 * See if recorded parent's status is different from what
1766 * we want it to be. If it is, flip it. We record parent's
1767 * status in ifv_pflags so that we won't clear parent's flag
1768 * we haven't set. In fact, we don't clear or set parent's
1769 * flags directly, but get or release references to them.
1770 * That's why we can be sure that recorded flags still are
1771 * in accord with actual parent's flags.
1773 if (status != (ifv->ifv_pflags & flag)) {
1774 error = (*func)(PARENT(ifv), status);
1777 ifv->ifv_pflags &= ~flag;
1778 ifv->ifv_pflags |= status;
1784 * Handle IFF_* flags that require certain changes on the parent:
1785 * if "status" is true, update parent's flags respective to our if_flags;
1786 * if "status" is false, forcedly clear the flags set on parent.
1789 vlan_setflags(struct ifnet *ifp, int status)
1793 for (i = 0; vlan_pflags[i].flag; i++) {
1794 error = vlan_setflag(ifp, vlan_pflags[i].flag,
1795 status, vlan_pflags[i].func);
1802 /* Inform all vlans that their parent has changed link state */
1804 vlan_link_state(struct ifnet *ifp)
1806 struct epoch_tracker et;
1807 struct ifvlantrunk *trunk;
1810 NET_EPOCH_ENTER(et);
1811 trunk = ifp->if_vlantrunk;
1812 if (trunk == NULL) {
1818 VLAN_FOREACH(ifv, trunk) {
1819 ifv->ifv_ifp->if_baudrate = trunk->parent->if_baudrate;
1820 if_link_state_change(ifv->ifv_ifp,
1821 trunk->parent->if_link_state);
1823 TRUNK_WUNLOCK(trunk);
1828 vlan_capabilities(struct ifvlan *ifv)
1832 struct ifnet_hw_tsomax hw_tsomax;
1833 int cap = 0, ena = 0, mena;
1837 VLAN_SXLOCK_ASSERT();
1842 /* Mask parent interface enabled capabilities disabled by user. */
1843 mena = p->if_capenable & ifv->ifv_capenable;
1846 * If the parent interface can do checksum offloading
1847 * on VLANs, then propagate its hardware-assisted
1848 * checksumming flags. Also assert that checksum
1849 * offloading requires hardware VLAN tagging.
1851 if (p->if_capabilities & IFCAP_VLAN_HWCSUM)
1852 cap |= p->if_capabilities & (IFCAP_HWCSUM | IFCAP_HWCSUM_IPV6);
1853 if (p->if_capenable & IFCAP_VLAN_HWCSUM &&
1854 p->if_capenable & IFCAP_VLAN_HWTAGGING) {
1855 ena |= mena & (IFCAP_HWCSUM | IFCAP_HWCSUM_IPV6);
1856 if (ena & IFCAP_TXCSUM)
1857 hwa |= p->if_hwassist & (CSUM_IP | CSUM_TCP |
1858 CSUM_UDP | CSUM_SCTP);
1859 if (ena & IFCAP_TXCSUM_IPV6)
1860 hwa |= p->if_hwassist & (CSUM_TCP_IPV6 |
1861 CSUM_UDP_IPV6 | CSUM_SCTP_IPV6);
1865 * If the parent interface can do TSO on VLANs then
1866 * propagate the hardware-assisted flag. TSO on VLANs
1867 * does not necessarily require hardware VLAN tagging.
1869 memset(&hw_tsomax, 0, sizeof(hw_tsomax));
1870 if_hw_tsomax_common(p, &hw_tsomax);
1871 if_hw_tsomax_update(ifp, &hw_tsomax);
1872 if (p->if_capabilities & IFCAP_VLAN_HWTSO)
1873 cap |= p->if_capabilities & IFCAP_TSO;
1874 if (p->if_capenable & IFCAP_VLAN_HWTSO) {
1875 ena |= mena & IFCAP_TSO;
1876 if (ena & IFCAP_TSO)
1877 hwa |= p->if_hwassist & CSUM_TSO;
1881 * If the parent interface can do LRO and checksum offloading on
1882 * VLANs, then guess it may do LRO on VLANs. False positive here
1883 * cost nothing, while false negative may lead to some confusions.
1885 if (p->if_capabilities & IFCAP_VLAN_HWCSUM)
1886 cap |= p->if_capabilities & IFCAP_LRO;
1887 if (p->if_capenable & IFCAP_VLAN_HWCSUM)
1888 ena |= p->if_capenable & IFCAP_LRO;
1891 * If the parent interface can offload TCP connections over VLANs then
1892 * propagate its TOE capability to the VLAN interface.
1894 * All TOE drivers in the tree today can deal with VLANs. If this
1895 * changes then IFCAP_VLAN_TOE should be promoted to a full capability
1898 #define IFCAP_VLAN_TOE IFCAP_TOE
1899 if (p->if_capabilities & IFCAP_VLAN_TOE)
1900 cap |= p->if_capabilities & IFCAP_TOE;
1901 if (p->if_capenable & IFCAP_VLAN_TOE) {
1902 TOEDEV(ifp) = TOEDEV(p);
1903 ena |= mena & IFCAP_TOE;
1907 * If the parent interface supports dynamic link state, so does the
1910 cap |= (p->if_capabilities & IFCAP_LINKSTATE);
1911 ena |= (mena & IFCAP_LINKSTATE);
1915 * If the parent interface supports ratelimiting, so does the
1918 cap |= (p->if_capabilities & IFCAP_TXRTLMT);
1919 ena |= (mena & IFCAP_TXRTLMT);
1923 * If the parent interface supports unmapped mbufs, so does
1924 * the VLAN interface. Note that this should be fine even for
1925 * interfaces that don't support hardware tagging as headers
1926 * are prepended in normal mbufs to unmapped mbufs holding
1929 cap |= (p->if_capabilities & IFCAP_MEXTPG);
1930 ena |= (mena & IFCAP_MEXTPG);
1933 * If the parent interface can offload encryption and segmentation
1934 * of TLS records over TCP, propagate it's capability to the VLAN
1937 * All TLS drivers in the tree today can deal with VLANs. If
1938 * this ever changes, then a new IFCAP_VLAN_TXTLS can be
1941 if (p->if_capabilities & (IFCAP_TXTLS | IFCAP_TXTLS_RTLMT))
1942 cap |= p->if_capabilities & (IFCAP_TXTLS | IFCAP_TXTLS_RTLMT);
1943 if (p->if_capenable & (IFCAP_TXTLS | IFCAP_TXTLS_RTLMT))
1944 ena |= mena & (IFCAP_TXTLS | IFCAP_TXTLS_RTLMT);
1946 ifp->if_capabilities = cap;
1947 ifp->if_capenable = ena;
1948 ifp->if_hwassist = hwa;
1952 vlan_trunk_capabilities(struct ifnet *ifp)
1954 struct epoch_tracker et;
1955 struct ifvlantrunk *trunk;
1959 trunk = ifp->if_vlantrunk;
1960 if (trunk == NULL) {
1964 NET_EPOCH_ENTER(et);
1965 VLAN_FOREACH(ifv, trunk)
1966 vlan_capabilities(ifv);
1972 vlan_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data)
1980 struct ifvlantrunk *trunk;
1982 int error = 0, oldmtu;
1984 ifr = (struct ifreq *)data;
1986 ifa = (struct ifaddr *) data;
1988 ifv = ifp->if_softc;
1992 ifp->if_flags |= IFF_UP;
1994 if (ifa->ifa_addr->sa_family == AF_INET)
1995 arp_ifinit(ifp, ifa);
1999 bcopy(IF_LLADDR(ifp), &ifr->ifr_addr.sa_data[0],
2004 if (TRUNK(ifv) != NULL) {
2007 error = (*p->if_ioctl)(p, SIOCGIFMEDIA, data);
2009 /* Limit the result to the parent's current config. */
2011 struct ifmediareq *ifmr;
2013 ifmr = (struct ifmediareq *)data;
2014 if (ifmr->ifm_count >= 1 && ifmr->ifm_ulist) {
2015 ifmr->ifm_count = 1;
2016 error = copyout(&ifmr->ifm_current,
2033 * Set the interface MTU.
2037 if (trunk != NULL) {
2040 (PARENT(ifv)->if_mtu - ifv->ifv_mtufudge) ||
2042 (ifv->ifv_mintu - ifv->ifv_mtufudge))
2045 ifp->if_mtu = ifr->ifr_mtu;
2046 TRUNK_WUNLOCK(trunk);
2055 * XXXRW/XXXBZ: The goal in these checks is to allow a VLAN
2056 * interface to be delegated to a jail without allowing the
2057 * jail to change what underlying interface/VID it is
2058 * associated with. We are not entirely convinced that this
2059 * is the right way to accomplish that policy goal.
2061 if (ifp->if_vnet != ifp->if_home_vnet) {
2066 error = copyin(ifr_data_get_ptr(ifr), &vlr, sizeof(vlr));
2069 if (vlr.vlr_parent[0] == '\0') {
2073 p = ifunit_ref(vlr.vlr_parent);
2078 #ifdef COMPAT_FREEBSD12
2079 if (vlr.vlr_proto == 0)
2080 vlr.vlr_proto = ETHERTYPE_VLAN;
2082 oldmtu = ifp->if_mtu;
2083 error = vlan_config(ifv, p, vlr.vlr_tag, vlr.vlr_proto);
2087 * VLAN MTU may change during addition of the vlandev.
2088 * If it did, do network layer specific procedure.
2090 if (ifp->if_mtu != oldmtu) {
2100 if (ifp->if_vnet != ifp->if_home_vnet) {
2105 bzero(&vlr, sizeof(vlr));
2107 if (TRUNK(ifv) != NULL) {
2108 strlcpy(vlr.vlr_parent, PARENT(ifv)->if_xname,
2109 sizeof(vlr.vlr_parent));
2110 vlr.vlr_tag = ifv->ifv_vid;
2111 vlr.vlr_proto = ifv->ifv_proto;
2114 error = copyout(&vlr, ifr_data_get_ptr(ifr), sizeof(vlr));
2119 * We should propagate selected flags to the parent,
2120 * e.g., promiscuous mode.
2123 if (TRUNK(ifv) != NULL)
2124 error = vlan_setflags(ifp, 1);
2131 * If we don't have a parent, just remember the membership for
2134 * XXX We need the rmlock here to avoid sleeping while
2135 * holding in6_multi_mtx.
2140 error = vlan_setmulti(ifp);
2146 if (ifp->if_vnet != ifp->if_home_vnet) {
2151 ifr->ifr_vlan_pcp = ifv->ifv_pcp;
2156 if (ifp->if_vnet != ifp->if_home_vnet) {
2161 error = priv_check(curthread, PRIV_NET_SETVLANPCP);
2164 if (ifr->ifr_vlan_pcp > VLAN_PCP_MAX) {
2168 ifv->ifv_pcp = ifr->ifr_vlan_pcp;
2169 ifp->if_pcp = ifv->ifv_pcp;
2170 /* broadcast event about PCP change */
2171 EVENTHANDLER_INVOKE(ifnet_event, ifp, IFNET_EVENT_PCP);
2176 ifv->ifv_capenable = ifr->ifr_reqcap;
2178 if (trunk != NULL) {
2179 struct epoch_tracker et;
2181 NET_EPOCH_ENTER(et);
2182 vlan_capabilities(ifv);
2196 #if defined(KERN_TLS) || defined(RATELIMIT)
2198 vlan_snd_tag_alloc(struct ifnet *ifp,
2199 union if_snd_tag_alloc_params *params,
2200 struct m_snd_tag **ppmt)
2202 struct epoch_tracker et;
2203 const struct if_snd_tag_sw *sw;
2204 struct vlan_snd_tag *vst;
2206 struct ifnet *parent;
2209 switch (params->hdr.type) {
2211 case IF_SND_TAG_TYPE_UNLIMITED:
2212 sw = &vlan_snd_tag_ul_sw;
2214 case IF_SND_TAG_TYPE_RATE_LIMIT:
2215 sw = &vlan_snd_tag_rl_sw;
2219 case IF_SND_TAG_TYPE_TLS:
2220 sw = &vlan_snd_tag_tls_sw;
2223 case IF_SND_TAG_TYPE_TLS_RATE_LIMIT:
2224 sw = &vlan_snd_tag_tls_rl_sw;
2229 return (EOPNOTSUPP);
2232 NET_EPOCH_ENTER(et);
2233 ifv = ifp->if_softc;
2234 if (ifv->ifv_trunk != NULL)
2235 parent = PARENT(ifv);
2238 if (parent == NULL) {
2240 return (EOPNOTSUPP);
2245 vst = malloc(sizeof(*vst), M_VLAN, M_NOWAIT);
2251 error = m_snd_tag_alloc(parent, params, &vst->tag);
2258 m_snd_tag_init(&vst->com, ifp, sw);
2264 static struct m_snd_tag *
2265 vlan_next_snd_tag(struct m_snd_tag *mst)
2267 struct vlan_snd_tag *vst;
2269 vst = mst_to_vst(mst);
2274 vlan_snd_tag_modify(struct m_snd_tag *mst,
2275 union if_snd_tag_modify_params *params)
2277 struct vlan_snd_tag *vst;
2279 vst = mst_to_vst(mst);
2280 return (vst->tag->sw->snd_tag_modify(vst->tag, params));
2284 vlan_snd_tag_query(struct m_snd_tag *mst,
2285 union if_snd_tag_query_params *params)
2287 struct vlan_snd_tag *vst;
2289 vst = mst_to_vst(mst);
2290 return (vst->tag->sw->snd_tag_query(vst->tag, params));
2294 vlan_snd_tag_free(struct m_snd_tag *mst)
2296 struct vlan_snd_tag *vst;
2298 vst = mst_to_vst(mst);
2299 m_snd_tag_rele(vst->tag);
2304 vlan_ratelimit_query(struct ifnet *ifp __unused, struct if_ratelimit_query_results *q)
2307 * For vlan, we have an indirect
2308 * interface. The caller needs to
2309 * get a ratelimit tag on the actual
2310 * interface the flow will go on.
2312 q->rate_table = NULL;
2313 q->flags = RT_IS_INDIRECT;
2315 q->number_of_rates = 0;
projects / FreeBSD / FreeBSD.git / blob