2 * Copyright (c) 2003 IPNET Internet Communication Company
3 * Copyright (c) 2011 - 2012 Rozhuk Ivan <rozhuk.im@gmail.com>
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in the
13 * documentation and/or other materials provided with the distribution.
15 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
16 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
17 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
18 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
19 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
20 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
21 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
22 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
23 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
24 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
27 * Author: Ruslan Ermilov <ru@FreeBSD.org>
32 #include <sys/param.h>
33 #include <sys/errno.h>
34 #include <sys/kernel.h>
35 #include <sys/malloc.h>
37 #include <sys/queue.h>
38 #include <sys/socket.h>
39 #include <sys/systm.h>
41 #include <net/ethernet.h>
43 #include <net/if_vlan_var.h>
45 #include <netgraph/ng_message.h>
46 #include <netgraph/ng_parse.h>
47 #include <netgraph/ng_vlan.h>
48 #include <netgraph/netgraph.h>
50 struct ng_vlan_private {
51 hook_p downstream_hook;
53 uint32_t decap_enable;
54 uint32_t encap_enable;
56 hook_p vlan_hook[(EVL_VLID_MASK + 1)];
58 typedef struct ng_vlan_private *priv_p;
60 #define ETHER_VLAN_HDR_LEN (ETHER_HDR_LEN + ETHER_VLAN_ENCAP_LEN)
61 #define VLAN_TAG_MASK 0xFFFF
62 #define HOOK_VLAN_TAG_SET_MASK ((uintptr_t)((~0) & ~(VLAN_TAG_MASK)))
63 #define IS_HOOK_VLAN_SET(hdata) \
64 ((((uintptr_t)hdata) & HOOK_VLAN_TAG_SET_MASK) == HOOK_VLAN_TAG_SET_MASK)
66 static ng_constructor_t ng_vlan_constructor;
67 static ng_rcvmsg_t ng_vlan_rcvmsg;
68 static ng_shutdown_t ng_vlan_shutdown;
69 static ng_newhook_t ng_vlan_newhook;
70 static ng_rcvdata_t ng_vlan_rcvdata;
71 static ng_disconnect_t ng_vlan_disconnect;
73 /* Parse type for struct ng_vlan_filter. */
74 static const struct ng_parse_struct_field ng_vlan_filter_fields[] =
75 NG_VLAN_FILTER_FIELDS;
76 static const struct ng_parse_type ng_vlan_filter_type = {
77 &ng_parse_struct_type,
78 &ng_vlan_filter_fields
82 ng_vlan_getTableLength(const struct ng_parse_type *type,
83 const u_char *start, const u_char *buf)
85 const struct ng_vlan_table *const table =
86 (const struct ng_vlan_table *)(buf - sizeof(u_int32_t));
91 /* Parse type for struct ng_vlan_table. */
92 static const struct ng_parse_array_info ng_vlan_table_array_info = {
94 ng_vlan_getTableLength
96 static const struct ng_parse_type ng_vlan_table_array_type = {
98 &ng_vlan_table_array_info
100 static const struct ng_parse_struct_field ng_vlan_table_fields[] =
101 NG_VLAN_TABLE_FIELDS;
102 static const struct ng_parse_type ng_vlan_table_type = {
103 &ng_parse_struct_type,
104 &ng_vlan_table_fields
107 /* List of commands and how to convert arguments to/from ASCII. */
108 static const struct ng_cmdlist ng_vlan_cmdlist[] = {
113 &ng_vlan_filter_type,
120 &ng_parse_hookbuf_type,
132 NGM_VLAN_DEL_VID_FLT,
134 &ng_parse_uint16_type,
142 &ng_parse_hint32_type
148 &ng_parse_hint32_type,
156 &ng_parse_hint32_type
162 &ng_parse_hint32_type,
167 NGM_VLAN_GET_ENCAP_PROTO,
170 &ng_parse_hint16_type
174 NGM_VLAN_SET_ENCAP_PROTO,
176 &ng_parse_hint16_type,
182 static struct ng_type ng_vlan_typestruct = {
183 .version = NG_ABI_VERSION,
184 .name = NG_VLAN_NODE_TYPE,
185 .constructor = ng_vlan_constructor,
186 .rcvmsg = ng_vlan_rcvmsg,
187 .shutdown = ng_vlan_shutdown,
188 .newhook = ng_vlan_newhook,
189 .rcvdata = ng_vlan_rcvdata,
190 .disconnect = ng_vlan_disconnect,
191 .cmdlist = ng_vlan_cmdlist,
193 NETGRAPH_INIT(vlan, &ng_vlan_typestruct);
201 m_chk(struct mbuf **mp, int len)
204 if ((*mp)->m_pkthdr.len < len) {
209 if ((*mp)->m_len < len && ((*mp) = m_pullup((*mp), len)) == NULL)
217 * Netgraph node functions.
221 ng_vlan_constructor(node_p node)
225 priv = malloc(sizeof(*priv), M_NETGRAPH, M_WAITOK | M_ZERO);
226 priv->decap_enable = 0;
227 priv->encap_enable = VLAN_ENCAP_FROM_FILTER;
228 priv->encap_proto = htons(ETHERTYPE_VLAN);
229 NG_NODE_SET_PRIVATE(node, priv);
234 ng_vlan_newhook(node_p node, hook_p hook, const char *name)
236 const priv_p priv = NG_NODE_PRIVATE(node);
238 if (strcmp(name, NG_VLAN_HOOK_DOWNSTREAM) == 0)
239 priv->downstream_hook = hook;
240 else if (strcmp(name, NG_VLAN_HOOK_NOMATCH) == 0)
241 priv->nomatch_hook = hook;
244 * Any other hook name is valid and can
245 * later be associated with a filter rule.
248 NG_HOOK_SET_PRIVATE(hook, NULL);
253 ng_vlan_rcvmsg(node_p node, item_p item, hook_p lasthook)
255 const priv_p priv = NG_NODE_PRIVATE(node);
256 struct ng_mesg *msg, *resp = NULL;
257 struct ng_vlan_filter *vf;
259 struct ng_vlan_table *t;
265 NGI_GET_MSG(item, msg);
266 /* Deal with message according to cookie and command. */
267 switch (msg->header.typecookie) {
268 case NGM_VLAN_COOKIE:
269 switch (msg->header.cmd) {
270 case NGM_VLAN_ADD_FILTER:
271 /* Check that message is long enough. */
272 if (msg->header.arglen != sizeof(*vf)) {
276 vf = (struct ng_vlan_filter *)msg->data;
277 /* Sanity check the VLAN ID value. */
278 #ifdef NG_VLAN_USE_OLD_VLAN_NAME
279 if (vf->vid == 0 && vf->vid != vf->vlan) {
281 } else if (vf->vid != 0 && vf->vlan != 0 &&
282 vf->vid != vf->vlan) {
287 if (vf->vid & ~EVL_VLID_MASK ||
293 /* Check that a referenced hook exists. */
294 hook = ng_findhook(node, vf->hook_name);
299 /* And is not one of the special hooks. */
300 if (hook == priv->downstream_hook ||
301 hook == priv->nomatch_hook) {
305 /* And is not already in service. */
306 if (IS_HOOK_VLAN_SET(NG_HOOK_PRIVATE(hook))) {
310 /* Check we don't already trap this VLAN. */
311 if (priv->vlan_hook[vf->vid] != NULL) {
315 /* Link vlan and hook together. */
316 NG_HOOK_SET_PRIVATE(hook,
317 (void *)(HOOK_VLAN_TAG_SET_MASK |
318 EVL_MAKETAG(vf->vid, vf->pcp, vf->cfi)));
319 priv->vlan_hook[vf->vid] = hook;
321 case NGM_VLAN_DEL_FILTER:
322 /* Check that message is long enough. */
323 if (msg->header.arglen != NG_HOOKSIZ) {
327 /* Check that hook exists and is active. */
328 hook = ng_findhook(node, (char *)msg->data);
333 hook_data = (uintptr_t)NG_HOOK_PRIVATE(hook);
334 if (IS_HOOK_VLAN_SET(hook_data) == 0) {
339 KASSERT(priv->vlan_hook[EVL_VLANOFTAG(hook_data)] == hook,
340 ("%s: NGM_VLAN_DEL_FILTER: Invalid VID for Hook = %s\n",
341 __func__, (char *)msg->data));
343 /* Purge a rule that refers to this hook. */
344 priv->vlan_hook[EVL_VLANOFTAG(hook_data)] = NULL;
345 NG_HOOK_SET_PRIVATE(hook, NULL);
347 case NGM_VLAN_DEL_VID_FLT:
348 /* Check that message is long enough. */
349 if (msg->header.arglen != sizeof(uint16_t)) {
353 vid = (*((uint16_t *)msg->data));
354 /* Sanity check the VLAN ID value. */
355 if (vid & ~EVL_VLID_MASK) {
359 /* Check that hook exists and is active. */
360 hook = priv->vlan_hook[vid];
365 hook_data = (uintptr_t)NG_HOOK_PRIVATE(hook);
366 if (IS_HOOK_VLAN_SET(hook_data) == 0) {
371 KASSERT(EVL_VLANOFTAG(hook_data) == vid,
372 ("%s: NGM_VLAN_DEL_VID_FLT:"
373 " Invalid VID Hook = %us, must be: %us\n",
374 __func__, (uint16_t )EVL_VLANOFTAG(hook_data),
377 /* Purge a rule that refers to this hook. */
378 priv->vlan_hook[vid] = NULL;
379 NG_HOOK_SET_PRIVATE(hook, NULL);
381 case NGM_VLAN_GET_TABLE:
382 /* Calculate vlans. */
384 for (i = 0; i < (EVL_VLID_MASK + 1); i ++) {
385 if (priv->vlan_hook[i] != NULL &&
386 NG_HOOK_IS_VALID(priv->vlan_hook[i]))
390 /* Allocate memory for responce. */
391 NG_MKRESPONSE(resp, msg, sizeof(*t) +
392 vlan_count * sizeof(*t->filter), M_NOWAIT);
398 /* Pack data to responce. */
399 t = (struct ng_vlan_table *)resp->data;
402 for (i = 0; i < (EVL_VLID_MASK + 1); i ++) {
403 hook = priv->vlan_hook[i];
404 if (hook == NULL || NG_HOOK_NOT_VALID(hook))
406 hook_data = (uintptr_t)NG_HOOK_PRIVATE(hook);
407 if (IS_HOOK_VLAN_SET(hook_data) == 0)
410 KASSERT(EVL_VLANOFTAG(hook_data) == i,
411 ("%s: NGM_VLAN_GET_TABLE:"
412 " hook %s VID = %us, must be: %i\n",
413 __func__, NG_HOOK_NAME(hook),
414 (uint16_t)EVL_VLANOFTAG(hook_data), i));
416 #ifdef NG_VLAN_USE_OLD_VLAN_NAME
420 vf->pcp = EVL_PRIOFTAG(hook_data);
421 vf->cfi = EVL_CFIOFTAG(hook_data);
422 strncpy(vf->hook_name,
423 NG_HOOK_NAME(hook), NG_HOOKSIZ);
428 case NGM_VLAN_GET_DECAP:
429 NG_MKRESPONSE(resp, msg, sizeof(uint32_t), M_NOWAIT);
434 (*((uint32_t *)resp->data)) = priv->decap_enable;
436 case NGM_VLAN_SET_DECAP:
437 if (msg->header.arglen != sizeof(uint32_t)) {
441 priv->decap_enable = (*((uint32_t *)msg->data));
443 case NGM_VLAN_GET_ENCAP:
444 NG_MKRESPONSE(resp, msg, sizeof(uint32_t), M_NOWAIT);
449 (*((uint32_t *)resp->data)) = priv->encap_enable;
451 case NGM_VLAN_SET_ENCAP:
452 if (msg->header.arglen != sizeof(uint32_t)) {
456 priv->encap_enable = (*((uint32_t *)msg->data));
458 case NGM_VLAN_GET_ENCAP_PROTO:
459 NG_MKRESPONSE(resp, msg, sizeof(uint16_t), M_NOWAIT);
464 (*((uint16_t *)resp->data)) = ntohs(priv->encap_proto);
466 case NGM_VLAN_SET_ENCAP_PROTO:
467 if (msg->header.arglen != sizeof(uint16_t)) {
471 priv->encap_proto = htons((*((uint16_t *)msg->data)));
473 default: /* Unknown command. */
478 case NGM_FLOW_COOKIE:
480 struct ng_mesg *copy;
483 * Flow control messages should come only
487 if (lasthook == NULL)
489 if (lasthook != priv->downstream_hook)
491 /* Broadcast the event to all uplinks. */
492 for (i = 0; i < (EVL_VLID_MASK + 1); i ++) {
493 if (priv->vlan_hook[i] == NULL)
496 NG_COPYMESSAGE(copy, msg, M_NOWAIT);
499 NG_SEND_MSG_HOOK(error, node, copy,
500 priv->vlan_hook[i], 0);
504 default: /* Unknown type cookie. */
508 NG_RESPOND_MSG(error, node, item, resp);
514 ng_vlan_rcvdata(hook_p hook, item_p item)
516 const priv_p priv = NG_NODE_PRIVATE(NG_HOOK_NODE(hook));
517 struct ether_header *eh;
518 struct ether_vlan_header *evl;
521 uint16_t vid, eth_vtag;
528 /* Make sure we have an entire header. */
529 error = m_chk(&m, ETHER_HDR_LEN);
533 eh = mtod(m, struct ether_header *);
534 if (hook == priv->downstream_hook) {
536 * If from downstream, select between a match hook
537 * or the nomatch hook.
540 dst_hook = priv->nomatch_hook;
542 /* Skip packets without tag. */
543 if ((m->m_flags & M_VLANTAG) == 0 &&
544 eh->ether_type != priv->encap_proto) {
545 if (dst_hook == NULL)
550 /* Process packets with tag. */
551 if (m->m_flags & M_VLANTAG) {
553 * Packet is tagged, m contains a normal
554 * Ethernet frame; tag is stored out-of-band.
557 vid = EVL_VLANOFTAG(m->m_pkthdr.ether_vtag);
558 } else { /* eh->ether_type == priv->encap_proto */
559 error = m_chk(&m, ETHER_VLAN_HDR_LEN);
562 evl = mtod(m, struct ether_vlan_header *);
563 vid = EVL_VLANOFTAG(ntohs(evl->evl_tag));
566 if (priv->vlan_hook[vid] != NULL) {
568 * VLAN filter: allways remove vlan tags and
569 * decapsulate packet.
571 dst_hook = priv->vlan_hook[vid];
572 if (evl == NULL) { /* m->m_flags & M_VLANTAG */
573 m->m_pkthdr.ether_vtag = 0;
574 m->m_flags &= ~M_VLANTAG;
577 } else { /* nomatch_hook */
578 if (dst_hook == NULL)
580 if (evl == NULL || priv->decap_enable == 0)
582 /* Save tag out-of-band. */
583 m->m_pkthdr.ether_vtag = ntohs(evl->evl_tag);
584 m->m_flags |= M_VLANTAG;
589 * TPID = ether type encap
590 * Move DstMAC and SrcMAC to ETHER_TYPE.
592 * [dmac] [smac] [TPID] [PCP/CFI/VID] [ether_type] [payload]
593 * |-----------| >>>>>>>>>>>>>>>>>>>> |--------------------|
595 * [free space ] [dmac] [smac] [ether_type] [payload]
596 * |-----------| |--------------------|
598 bcopy((char *)evl, ((char *)evl + ETHER_VLAN_ENCAP_LEN),
599 (ETHER_ADDR_LEN * 2));
600 m_adj(m, ETHER_VLAN_ENCAP_LEN);
603 * It is heading towards the downstream.
604 * If from nomatch, pass it unmodified.
605 * Otherwise, do the VLAN encapsulation.
607 dst_hook = priv->downstream_hook;
608 if (dst_hook == NULL)
610 if (hook != priv->nomatch_hook) {/* Filter hook. */
611 hook_data = (uintptr_t)NG_HOOK_PRIVATE(hook);
612 if (IS_HOOK_VLAN_SET(hook_data) == 0) {
614 * Packet from hook not in filter
615 * call addfilter for this hook to fix.
620 eth_vtag = (hook_data & VLAN_TAG_MASK);
621 if ((priv->encap_enable & VLAN_ENCAP_FROM_FILTER) == 0) {
622 /* Just set packet header tag and send. */
623 m->m_flags |= M_VLANTAG;
624 m->m_pkthdr.ether_vtag = eth_vtag;
627 } else { /* nomatch_hook */
628 if ((priv->encap_enable & VLAN_ENCAP_FROM_NOMATCH) == 0 ||
629 (m->m_flags & M_VLANTAG) == 0)
631 /* Encapsulate tagged packet. */
632 eth_vtag = m->m_pkthdr.ether_vtag;
633 m->m_pkthdr.ether_vtag = 0;
634 m->m_flags &= ~M_VLANTAG;
638 * Transform the Ethernet header into an Ethernet header
639 * with 802.1Q encapsulation.
640 * Mod of: ether_vlanencap.
642 * TPID = ether type encap
643 * Move DstMAC and SrcMAC from ETHER_TYPE.
645 * [free space ] [dmac] [smac] [ether_type] [payload]
646 * <<<<<<<<<<<<< |-----------| |--------------------|
648 * [dmac] [smac] [TPID] [PCP/CFI/VID] [ether_type] [payload]
649 * |-----------| |-- inserted tag --| |--------------------|
651 M_PREPEND(m, ETHER_VLAN_ENCAP_LEN, M_NOWAIT);
655 error = m_chk(&m, ETHER_VLAN_HDR_LEN);
659 evl = mtod(m, struct ether_vlan_header *);
660 bcopy(((char *)evl + ETHER_VLAN_ENCAP_LEN),
661 (char *)evl, (ETHER_ADDR_LEN * 2));
662 evl->evl_encap_proto = priv->encap_proto;
663 evl->evl_tag = htons(eth_vtag);
667 NG_FWD_NEW_DATA(error, item, dst_hook, m);
679 ng_vlan_shutdown(node_p node)
681 const priv_p priv = NG_NODE_PRIVATE(node);
683 NG_NODE_SET_PRIVATE(node, NULL);
685 free(priv, M_NETGRAPH);
690 ng_vlan_disconnect(hook_p hook)
692 const priv_p priv = NG_NODE_PRIVATE(NG_HOOK_NODE(hook));
695 if (hook == priv->downstream_hook)
696 priv->downstream_hook = NULL;
697 else if (hook == priv->nomatch_hook)
698 priv->nomatch_hook = NULL;
700 /* Purge a rule that refers to this hook. */
701 hook_data = (uintptr_t)NG_HOOK_PRIVATE(hook);
702 if (IS_HOOK_VLAN_SET(hook_data))
703 priv->vlan_hook[EVL_VLANOFTAG(hook_data)] = NULL;
705 NG_HOOK_SET_PRIVATE(hook, NULL);
706 if ((NG_NODE_NUMHOOKS(NG_HOOK_NODE(hook)) == 0) &&
707 (NG_NODE_IS_VALID(NG_HOOK_NODE(hook))))
708 ng_rmnode_self(NG_HOOK_NODE(hook));
projects / FreeBSD / releng / 10.0.git / blob