2 * SPDX-License-Identifier: BSD-2-Clause-FreeBSD
4 * Copyright (c) 2003 IPNET Internet Communication Company
5 * Copyright (c) 2011 - 2012 Rozhuk Ivan <rozhuk.im@gmail.com>
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
17 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29 * Author: Ruslan Ermilov <ru@FreeBSD.org>
34 #include <sys/param.h>
35 #include <sys/errno.h>
36 #include <sys/kernel.h>
37 #include <sys/malloc.h>
39 #include <sys/queue.h>
40 #include <sys/socket.h>
41 #include <sys/systm.h>
43 #include <net/ethernet.h>
45 #include <net/if_vlan_var.h>
47 #include <netgraph/ng_message.h>
48 #include <netgraph/ng_parse.h>
49 #include <netgraph/ng_vlan.h>
50 #include <netgraph/netgraph.h>
52 struct ng_vlan_private {
53 hook_p downstream_hook;
55 uint32_t decap_enable;
56 uint32_t encap_enable;
58 hook_p vlan_hook[(EVL_VLID_MASK + 1)];
60 typedef struct ng_vlan_private *priv_p;
62 #define ETHER_VLAN_HDR_LEN (ETHER_HDR_LEN + ETHER_VLAN_ENCAP_LEN)
63 #define VLAN_TAG_MASK 0xFFFF
64 #define HOOK_VLAN_TAG_SET_MASK ((uintptr_t)((~0) & ~(VLAN_TAG_MASK)))
65 #define IS_HOOK_VLAN_SET(hdata) \
66 ((((uintptr_t)hdata) & HOOK_VLAN_TAG_SET_MASK) == HOOK_VLAN_TAG_SET_MASK)
68 static ng_constructor_t ng_vlan_constructor;
69 static ng_rcvmsg_t ng_vlan_rcvmsg;
70 static ng_shutdown_t ng_vlan_shutdown;
71 static ng_newhook_t ng_vlan_newhook;
72 static ng_rcvdata_t ng_vlan_rcvdata;
73 static ng_disconnect_t ng_vlan_disconnect;
75 /* Parse type for struct ng_vlan_filter. */
76 static const struct ng_parse_struct_field ng_vlan_filter_fields[] =
77 NG_VLAN_FILTER_FIELDS;
78 static const struct ng_parse_type ng_vlan_filter_type = {
79 &ng_parse_struct_type,
80 &ng_vlan_filter_fields
84 ng_vlan_getTableLength(const struct ng_parse_type *type,
85 const u_char *start, const u_char *buf)
87 const struct ng_vlan_table *const table =
88 (const struct ng_vlan_table *)(buf - sizeof(u_int32_t));
93 /* Parse type for struct ng_vlan_table. */
94 static const struct ng_parse_array_info ng_vlan_table_array_info = {
96 ng_vlan_getTableLength
98 static const struct ng_parse_type ng_vlan_table_array_type = {
100 &ng_vlan_table_array_info
102 static const struct ng_parse_struct_field ng_vlan_table_fields[] =
103 NG_VLAN_TABLE_FIELDS;
104 static const struct ng_parse_type ng_vlan_table_type = {
105 &ng_parse_struct_type,
106 &ng_vlan_table_fields
109 /* List of commands and how to convert arguments to/from ASCII. */
110 static const struct ng_cmdlist ng_vlan_cmdlist[] = {
115 &ng_vlan_filter_type,
122 &ng_parse_hookbuf_type,
134 NGM_VLAN_DEL_VID_FLT,
136 &ng_parse_uint16_type,
144 &ng_parse_hint32_type
150 &ng_parse_hint32_type,
158 &ng_parse_hint32_type
164 &ng_parse_hint32_type,
169 NGM_VLAN_GET_ENCAP_PROTO,
172 &ng_parse_hint16_type
176 NGM_VLAN_SET_ENCAP_PROTO,
178 &ng_parse_hint16_type,
184 static struct ng_type ng_vlan_typestruct = {
185 .version = NG_ABI_VERSION,
186 .name = NG_VLAN_NODE_TYPE,
187 .constructor = ng_vlan_constructor,
188 .rcvmsg = ng_vlan_rcvmsg,
189 .shutdown = ng_vlan_shutdown,
190 .newhook = ng_vlan_newhook,
191 .rcvdata = ng_vlan_rcvdata,
192 .disconnect = ng_vlan_disconnect,
193 .cmdlist = ng_vlan_cmdlist,
195 NETGRAPH_INIT(vlan, &ng_vlan_typestruct);
203 m_chk(struct mbuf **mp, int len)
206 if ((*mp)->m_pkthdr.len < len) {
211 if ((*mp)->m_len < len && ((*mp) = m_pullup((*mp), len)) == NULL)
219 * Netgraph node functions.
223 ng_vlan_constructor(node_p node)
227 priv = malloc(sizeof(*priv), M_NETGRAPH, M_WAITOK | M_ZERO);
228 priv->decap_enable = 0;
229 priv->encap_enable = VLAN_ENCAP_FROM_FILTER;
230 priv->encap_proto = htons(ETHERTYPE_VLAN);
231 NG_NODE_SET_PRIVATE(node, priv);
236 ng_vlan_newhook(node_p node, hook_p hook, const char *name)
238 const priv_p priv = NG_NODE_PRIVATE(node);
240 if (strcmp(name, NG_VLAN_HOOK_DOWNSTREAM) == 0)
241 priv->downstream_hook = hook;
242 else if (strcmp(name, NG_VLAN_HOOK_NOMATCH) == 0)
243 priv->nomatch_hook = hook;
246 * Any other hook name is valid and can
247 * later be associated with a filter rule.
250 NG_HOOK_SET_PRIVATE(hook, NULL);
255 ng_vlan_rcvmsg(node_p node, item_p item, hook_p lasthook)
257 const priv_p priv = NG_NODE_PRIVATE(node);
258 struct ng_mesg *msg, *resp = NULL;
259 struct ng_vlan_filter *vf;
261 struct ng_vlan_table *t;
267 NGI_GET_MSG(item, msg);
268 /* Deal with message according to cookie and command. */
269 switch (msg->header.typecookie) {
270 case NGM_VLAN_COOKIE:
271 switch (msg->header.cmd) {
272 case NGM_VLAN_ADD_FILTER:
273 /* Check that message is long enough. */
274 if (msg->header.arglen != sizeof(*vf)) {
278 vf = (struct ng_vlan_filter *)msg->data;
279 /* Sanity check the VLAN ID value. */
280 #ifdef NG_VLAN_USE_OLD_VLAN_NAME
281 if (vf->vid == 0 && vf->vid != vf->vlan) {
283 } else if (vf->vid != 0 && vf->vlan != 0 &&
284 vf->vid != vf->vlan) {
289 if (vf->vid & ~EVL_VLID_MASK ||
295 /* Check that a referenced hook exists. */
296 hook = ng_findhook(node, vf->hook_name);
301 /* And is not one of the special hooks. */
302 if (hook == priv->downstream_hook ||
303 hook == priv->nomatch_hook) {
307 /* And is not already in service. */
308 if (IS_HOOK_VLAN_SET(NG_HOOK_PRIVATE(hook))) {
312 /* Check we don't already trap this VLAN. */
313 if (priv->vlan_hook[vf->vid] != NULL) {
317 /* Link vlan and hook together. */
318 NG_HOOK_SET_PRIVATE(hook,
319 (void *)(HOOK_VLAN_TAG_SET_MASK |
320 EVL_MAKETAG(vf->vid, vf->pcp, vf->cfi)));
321 priv->vlan_hook[vf->vid] = hook;
323 case NGM_VLAN_DEL_FILTER:
324 /* Check that message is long enough. */
325 if (msg->header.arglen != NG_HOOKSIZ) {
329 /* Check that hook exists and is active. */
330 hook = ng_findhook(node, (char *)msg->data);
335 hook_data = (uintptr_t)NG_HOOK_PRIVATE(hook);
336 if (IS_HOOK_VLAN_SET(hook_data) == 0) {
341 KASSERT(priv->vlan_hook[EVL_VLANOFTAG(hook_data)] == hook,
342 ("%s: NGM_VLAN_DEL_FILTER: Invalid VID for Hook = %s\n",
343 __func__, (char *)msg->data));
345 /* Purge a rule that refers to this hook. */
346 priv->vlan_hook[EVL_VLANOFTAG(hook_data)] = NULL;
347 NG_HOOK_SET_PRIVATE(hook, NULL);
349 case NGM_VLAN_DEL_VID_FLT:
350 /* Check that message is long enough. */
351 if (msg->header.arglen != sizeof(uint16_t)) {
355 vid = (*((uint16_t *)msg->data));
356 /* Sanity check the VLAN ID value. */
357 if (vid & ~EVL_VLID_MASK) {
361 /* Check that hook exists and is active. */
362 hook = priv->vlan_hook[vid];
367 hook_data = (uintptr_t)NG_HOOK_PRIVATE(hook);
368 if (IS_HOOK_VLAN_SET(hook_data) == 0) {
373 KASSERT(EVL_VLANOFTAG(hook_data) == vid,
374 ("%s: NGM_VLAN_DEL_VID_FLT:"
375 " Invalid VID Hook = %us, must be: %us\n",
376 __func__, (uint16_t )EVL_VLANOFTAG(hook_data),
379 /* Purge a rule that refers to this hook. */
380 priv->vlan_hook[vid] = NULL;
381 NG_HOOK_SET_PRIVATE(hook, NULL);
383 case NGM_VLAN_GET_TABLE:
384 /* Calculate vlans. */
386 for (i = 0; i < (EVL_VLID_MASK + 1); i ++) {
387 if (priv->vlan_hook[i] != NULL &&
388 NG_HOOK_IS_VALID(priv->vlan_hook[i]))
392 /* Allocate memory for response. */
393 NG_MKRESPONSE(resp, msg, sizeof(*t) +
394 vlan_count * sizeof(*t->filter), M_NOWAIT);
400 /* Pack data to response. */
401 t = (struct ng_vlan_table *)resp->data;
404 for (i = 0; i < (EVL_VLID_MASK + 1); i ++) {
405 hook = priv->vlan_hook[i];
406 if (hook == NULL || NG_HOOK_NOT_VALID(hook))
408 hook_data = (uintptr_t)NG_HOOK_PRIVATE(hook);
409 if (IS_HOOK_VLAN_SET(hook_data) == 0)
412 KASSERT(EVL_VLANOFTAG(hook_data) == i,
413 ("%s: NGM_VLAN_GET_TABLE:"
414 " hook %s VID = %us, must be: %i\n",
415 __func__, NG_HOOK_NAME(hook),
416 (uint16_t)EVL_VLANOFTAG(hook_data), i));
418 #ifdef NG_VLAN_USE_OLD_VLAN_NAME
422 vf->pcp = EVL_PRIOFTAG(hook_data);
423 vf->cfi = EVL_CFIOFTAG(hook_data);
424 strncpy(vf->hook_name,
425 NG_HOOK_NAME(hook), NG_HOOKSIZ);
430 case NGM_VLAN_GET_DECAP:
431 NG_MKRESPONSE(resp, msg, sizeof(uint32_t), M_NOWAIT);
436 (*((uint32_t *)resp->data)) = priv->decap_enable;
438 case NGM_VLAN_SET_DECAP:
439 if (msg->header.arglen != sizeof(uint32_t)) {
443 priv->decap_enable = (*((uint32_t *)msg->data));
445 case NGM_VLAN_GET_ENCAP:
446 NG_MKRESPONSE(resp, msg, sizeof(uint32_t), M_NOWAIT);
451 (*((uint32_t *)resp->data)) = priv->encap_enable;
453 case NGM_VLAN_SET_ENCAP:
454 if (msg->header.arglen != sizeof(uint32_t)) {
458 priv->encap_enable = (*((uint32_t *)msg->data));
460 case NGM_VLAN_GET_ENCAP_PROTO:
461 NG_MKRESPONSE(resp, msg, sizeof(uint16_t), M_NOWAIT);
466 (*((uint16_t *)resp->data)) = ntohs(priv->encap_proto);
468 case NGM_VLAN_SET_ENCAP_PROTO:
469 if (msg->header.arglen != sizeof(uint16_t)) {
473 priv->encap_proto = htons((*((uint16_t *)msg->data)));
475 default: /* Unknown command. */
480 case NGM_FLOW_COOKIE:
482 struct ng_mesg *copy;
485 * Flow control messages should come only
489 if (lasthook == NULL)
491 if (lasthook != priv->downstream_hook)
493 /* Broadcast the event to all uplinks. */
494 for (i = 0; i < (EVL_VLID_MASK + 1); i ++) {
495 if (priv->vlan_hook[i] == NULL)
498 NG_COPYMESSAGE(copy, msg, M_NOWAIT);
501 NG_SEND_MSG_HOOK(error, node, copy,
502 priv->vlan_hook[i], 0);
506 default: /* Unknown type cookie. */
510 NG_RESPOND_MSG(error, node, item, resp);
516 ng_vlan_rcvdata(hook_p hook, item_p item)
518 const priv_p priv = NG_NODE_PRIVATE(NG_HOOK_NODE(hook));
519 struct ether_header *eh;
520 struct ether_vlan_header *evl;
523 uint16_t vid, eth_vtag;
530 /* Make sure we have an entire header. */
531 error = m_chk(&m, ETHER_HDR_LEN);
535 eh = mtod(m, struct ether_header *);
536 if (hook == priv->downstream_hook) {
538 * If from downstream, select between a match hook
539 * or the nomatch hook.
542 dst_hook = priv->nomatch_hook;
544 /* Skip packets without tag. */
545 if ((m->m_flags & M_VLANTAG) == 0 &&
546 eh->ether_type != priv->encap_proto) {
547 if (dst_hook == NULL)
552 /* Process packets with tag. */
553 if (m->m_flags & M_VLANTAG) {
555 * Packet is tagged, m contains a normal
556 * Ethernet frame; tag is stored out-of-band.
559 vid = EVL_VLANOFTAG(m->m_pkthdr.ether_vtag);
560 } else { /* eh->ether_type == priv->encap_proto */
561 error = m_chk(&m, ETHER_VLAN_HDR_LEN);
564 evl = mtod(m, struct ether_vlan_header *);
565 vid = EVL_VLANOFTAG(ntohs(evl->evl_tag));
568 if (priv->vlan_hook[vid] != NULL) {
570 * VLAN filter: always remove vlan tags and
571 * decapsulate packet.
573 dst_hook = priv->vlan_hook[vid];
574 if (evl == NULL) { /* m->m_flags & M_VLANTAG */
575 m->m_pkthdr.ether_vtag = 0;
576 m->m_flags &= ~M_VLANTAG;
579 } else { /* nomatch_hook */
580 if (dst_hook == NULL)
582 if (evl == NULL || priv->decap_enable == 0)
584 /* Save tag out-of-band. */
585 m->m_pkthdr.ether_vtag = ntohs(evl->evl_tag);
586 m->m_flags |= M_VLANTAG;
591 * TPID = ether type encap
592 * Move DstMAC and SrcMAC to ETHER_TYPE.
594 * [dmac] [smac] [TPID] [PCP/CFI/VID] [ether_type] [payload]
595 * |-----------| >>>>>>>>>>>>>>>>>>>> |--------------------|
597 * [free space ] [dmac] [smac] [ether_type] [payload]
598 * |-----------| |--------------------|
600 bcopy((char *)evl, ((char *)evl + ETHER_VLAN_ENCAP_LEN),
601 (ETHER_ADDR_LEN * 2));
602 m_adj(m, ETHER_VLAN_ENCAP_LEN);
605 * It is heading towards the downstream.
606 * If from nomatch, pass it unmodified.
607 * Otherwise, do the VLAN encapsulation.
609 dst_hook = priv->downstream_hook;
610 if (dst_hook == NULL)
612 if (hook != priv->nomatch_hook) {/* Filter hook. */
613 hook_data = (uintptr_t)NG_HOOK_PRIVATE(hook);
614 if (IS_HOOK_VLAN_SET(hook_data) == 0) {
616 * Packet from hook not in filter
617 * call addfilter for this hook to fix.
622 eth_vtag = (hook_data & VLAN_TAG_MASK);
623 if ((priv->encap_enable & VLAN_ENCAP_FROM_FILTER) == 0) {
624 /* Just set packet header tag and send. */
625 m->m_flags |= M_VLANTAG;
626 m->m_pkthdr.ether_vtag = eth_vtag;
629 } else { /* nomatch_hook */
630 if ((priv->encap_enable & VLAN_ENCAP_FROM_NOMATCH) == 0 ||
631 (m->m_flags & M_VLANTAG) == 0)
633 /* Encapsulate tagged packet. */
634 eth_vtag = m->m_pkthdr.ether_vtag;
635 m->m_pkthdr.ether_vtag = 0;
636 m->m_flags &= ~M_VLANTAG;
640 * Transform the Ethernet header into an Ethernet header
641 * with 802.1Q encapsulation.
642 * Mod of: ether_vlanencap.
644 * TPID = ether type encap
645 * Move DstMAC and SrcMAC from ETHER_TYPE.
647 * [free space ] [dmac] [smac] [ether_type] [payload]
648 * <<<<<<<<<<<<< |-----------| |--------------------|
650 * [dmac] [smac] [TPID] [PCP/CFI/VID] [ether_type] [payload]
651 * |-----------| |-- inserted tag --| |--------------------|
653 M_PREPEND(m, ETHER_VLAN_ENCAP_LEN, M_NOWAIT);
657 error = m_chk(&m, ETHER_VLAN_HDR_LEN);
661 evl = mtod(m, struct ether_vlan_header *);
662 bcopy(((char *)evl + ETHER_VLAN_ENCAP_LEN),
663 (char *)evl, (ETHER_ADDR_LEN * 2));
664 evl->evl_encap_proto = priv->encap_proto;
665 evl->evl_tag = htons(eth_vtag);
669 NG_FWD_NEW_DATA(error, item, dst_hook, m);
681 ng_vlan_shutdown(node_p node)
683 const priv_p priv = NG_NODE_PRIVATE(node);
685 NG_NODE_SET_PRIVATE(node, NULL);
687 free(priv, M_NETGRAPH);
692 ng_vlan_disconnect(hook_p hook)
694 const priv_p priv = NG_NODE_PRIVATE(NG_HOOK_NODE(hook));
697 if (hook == priv->downstream_hook)
698 priv->downstream_hook = NULL;
699 else if (hook == priv->nomatch_hook)
700 priv->nomatch_hook = NULL;
702 /* Purge a rule that refers to this hook. */
703 hook_data = (uintptr_t)NG_HOOK_PRIVATE(hook);
704 if (IS_HOOK_VLAN_SET(hook_data))
705 priv->vlan_hook[EVL_VLANOFTAG(hook_data)] = NULL;
707 NG_HOOK_SET_PRIVATE(hook, NULL);
708 if ((NG_NODE_NUMHOOKS(NG_HOOK_NODE(hook)) == 0) &&
709 (NG_NODE_IS_VALID(NG_HOOK_NODE(hook))))
710 ng_rmnode_self(NG_HOOK_NODE(hook));
projects / FreeBSD / FreeBSD.git / blob