]> git.saurik.com Git - apple/xnu.git/blob - bsd/net/if_bridge.c
projects / apple / xnu.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
xnu-7195.101.1.tar.gz
[apple/xnu.git] / bsd / net / if_bridge.c
1 /*
2 * Copyright (c) 2004-2020 Apple Inc. All rights reserved.
3 *
4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. The rights granted to you under the License
10 * may not be used to create, or enable the creation or redistribution of,
11 * unlawful or unlicensed copies of an Apple operating system, or to
12 * circumvent, violate, or enable the circumvention or violation of, any
13 * terms of an Apple operating system software license agreement.
14 *
15 * Please obtain a copy of the License at
16 * http://www.opensource.apple.com/apsl/ and read it before using this file.
17 *
18 * The Original Code and all software distributed under the License are
19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23 * Please see the License for the specific language governing rights and
24 * limitations under the License.
25 *
26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
27 */
28
29 /* $NetBSD: if_bridge.c,v 1.31 2005/06/01 19:45:34 jdc Exp $ */
30 /*
31 * Copyright 2001 Wasabi Systems, Inc.
32 * All rights reserved.
33 *
34 * Written by Jason R. Thorpe for Wasabi Systems, Inc.
35 *
36 * Redistribution and use in source and binary forms, with or without
37 * modification, are permitted provided that the following conditions
38 * are met:
39 * 1. Redistributions of source code must retain the above copyright
40 * notice, this list of conditions and the following disclaimer.
41 * 2. Redistributions in binary form must reproduce the above copyright
42 * notice, this list of conditions and the following disclaimer in the
43 * documentation and/or other materials provided with the distribution.
44 * 3. All advertising materials mentioning features or use of this software
45 * must display the following acknowledgement:
46 * This product includes software developed for the NetBSD Project by
47 * Wasabi Systems, Inc.
48 * 4. The name of Wasabi Systems, Inc. may not be used to endorse
49 * or promote products derived from this software without specific prior
50 * written permission.
51 *
52 * THIS SOFTWARE IS PROVIDED BY WASABI SYSTEMS, INC. ``AS IS'' AND
53 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
54 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
55 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL WASABI SYSTEMS, INC
56 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
57 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
58 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
59 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
60 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
61 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
62 * POSSIBILITY OF SUCH DAMAGE.
63 */
64
65 /*
66 * Copyright (c) 1999, 2000 Jason L. Wright (jason@thought.net)
67 * All rights reserved.
68 *
69 * Redistribution and use in source and binary forms, with or without
70 * modification, are permitted provided that the following conditions
71 * are met:
72 * 1. Redistributions of source code must retain the above copyright
73 * notice, this list of conditions and the following disclaimer.
74 * 2. Redistributions in binary form must reproduce the above copyright
75 * notice, this list of conditions and the following disclaimer in the
76 * documentation and/or other materials provided with the distribution.
77 *
78 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
79 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
80 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
81 * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
82 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
83 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
84 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
85 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
86 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
87 * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
88 * POSSIBILITY OF SUCH DAMAGE.
89 *
90 * OpenBSD: if_bridge.c,v 1.60 2001/06/15 03:38:33 itojun Exp
91 */
92
93 /*
94 * Network interface bridge support.
95 *
96 * TODO:
97 *
98 * - Currently only supports Ethernet-like interfaces (Ethernet,
99 * 802.11, VLANs on Ethernet, etc.) Figure out a nice way
100 * to bridge other types of interfaces (FDDI-FDDI, and maybe
101 * consider heterogenous bridges).
102 *
103 * - GIF isn't handled due to the lack of IPPROTO_ETHERIP support.
104 */
105
106 #include <sys/cdefs.h>
107
108 #define BRIDGE_DEBUG 1
109
110 #include <sys/param.h>
111 #include <sys/mbuf.h>
112 #include <sys/malloc.h>
113 #include <sys/protosw.h>
114 #include <sys/systm.h>
115 #include <sys/time.h>
116 #include <sys/socket.h> /* for net/if.h */
117 #include <sys/sockio.h>
118 #include <sys/kernel.h>
119 #include <sys/random.h>
120 #include <sys/syslog.h>
121 #include <sys/sysctl.h>
122 #include <sys/proc.h>
123 #include <sys/lock.h>
124 #include <sys/mcache.h>
125
126 #include <sys/kauth.h>
127
128 #include <kern/thread_call.h>
129
130 #include <libkern/libkern.h>
131
132 #include <kern/zalloc.h>
133
134 #if NBPFILTER > 0
135 #include <net/bpf.h>
136 #endif
137 #include <net/if.h>
138 #include <net/if_dl.h>
139 #include <net/if_types.h>
140 #include <net/if_var.h>
141 #include <net/if_media.h>
142 #include <net/net_api_stats.h>
143 #include <net/pfvar.h>
144
145 #include <netinet/in.h> /* for struct arpcom */
146 #include <netinet/tcp.h> /* for struct tcphdr */
147 #include <netinet/in_systm.h>
148 #include <netinet/in_var.h>
149 #define _IP_VHL
150 #include <netinet/ip.h>
151 #include <netinet/ip_var.h>
152 #include <netinet/ip6.h>
153 #include <netinet6/ip6_var.h>
154 #ifdef DEV_CARP
155 #include <netinet/ip_carp.h>
156 #endif
157 #include <netinet/if_ether.h> /* for struct arpcom */
158 #include <net/bridgestp.h>
159 #include <net/if_bridgevar.h>
160 #include <net/if_llc.h>
161 #if NVLAN > 0
162 #include <net/if_vlan_var.h>
163 #endif /* NVLAN > 0 */
164
165 #include <net/if_ether.h>
166 #include <net/dlil.h>
167 #include <net/kpi_interfacefilter.h>
168
169 #include <net/route.h>
170 #include <dev/random/randomdev.h>
171
172 #include <netinet/bootp.h>
173 #include <netinet/dhcp.h>
174
175
176 #if BRIDGE_DEBUG
177 #define BR_DBGF_LIFECYCLE 0x0001
178 #define BR_DBGF_INPUT 0x0002
179 #define BR_DBGF_OUTPUT 0x0004
180 #define BR_DBGF_RT_TABLE 0x0008
181 #define BR_DBGF_DELAYED_CALL 0x0010
182 #define BR_DBGF_IOCTL 0x0020
183 #define BR_DBGF_MBUF 0x0040
184 #define BR_DBGF_MCAST 0x0080
185 #define BR_DBGF_HOSTFILTER 0x0100
186 #define BR_DBGF_CHECKSUM 0x0200
187 #define BR_DBGF_MAC_NAT 0x0400
188 #define BR_DBGF_SEGMENTATION 0x0800
189 #endif /* BRIDGE_DEBUG */
190
191 #define _BRIDGE_LOCK(_sc) lck_mtx_lock(&(_sc)->sc_mtx)
192 #define _BRIDGE_UNLOCK(_sc) lck_mtx_unlock(&(_sc)->sc_mtx)
193 #define BRIDGE_LOCK_ASSERT_HELD(_sc) \
194 LCK_MTX_ASSERT(&(_sc)->sc_mtx, LCK_MTX_ASSERT_OWNED)
195 #define BRIDGE_LOCK_ASSERT_NOTHELD(_sc) \
196 LCK_MTX_ASSERT(&(_sc)->sc_mtx, LCK_MTX_ASSERT_NOTOWNED)
197
198 #if BRIDGE_DEBUG
199
200 #define BR_LCKDBG_MAX 4
201
202 #define BRIDGE_LOCK(_sc) bridge_lock(_sc)
203 #define BRIDGE_UNLOCK(_sc) bridge_unlock(_sc)
204 #define BRIDGE_LOCK2REF(_sc, _err) _err = bridge_lock2ref(_sc)
205 #define BRIDGE_UNREF(_sc) bridge_unref(_sc)
206 #define BRIDGE_XLOCK(_sc) bridge_xlock(_sc)
207 #define BRIDGE_XDROP(_sc) bridge_xdrop(_sc)
208 #define IF_BRIDGE_DEBUG(f) bridge_debug_flag_is_set(f)
209
210 #else /* !BRIDGE_DEBUG */
211
212 #define BRIDGE_LOCK(_sc) _BRIDGE_LOCK(_sc)
213 #define BRIDGE_UNLOCK(_sc) _BRIDGE_UNLOCK(_sc)
214 #define BRIDGE_LOCK2REF(_sc, _err) do { \
215 BRIDGE_LOCK_ASSERT_HELD(_sc); \
216 if ((_sc)->sc_iflist_xcnt > 0) \
217 (_err) = EBUSY; \
218 else \
219 (_sc)->sc_iflist_ref++; \
220 _BRIDGE_UNLOCK(_sc); \
221 } while (0)
222 #define BRIDGE_UNREF(_sc) do { \
223 _BRIDGE_LOCK(_sc); \
224 (_sc)->sc_iflist_ref--; \
225 if (((_sc)->sc_iflist_xcnt > 0) && ((_sc)->sc_iflist_ref == 0)) { \
226 _BRIDGE_UNLOCK(_sc); \
227 wakeup(&(_sc)->sc_cv); \
228 } else \
229 _BRIDGE_UNLOCK(_sc); \
230 } while (0)
231 #define BRIDGE_XLOCK(_sc) do { \
232 BRIDGE_LOCK_ASSERT_HELD(_sc); \
233 (_sc)->sc_iflist_xcnt++; \
234 while ((_sc)->sc_iflist_ref > 0) \
235 msleep(&(_sc)->sc_cv, &(_sc)->sc_mtx, PZERO, \
236 "BRIDGE_XLOCK", NULL); \
237 } while (0)
238 #define BRIDGE_XDROP(_sc) do { \
239 BRIDGE_LOCK_ASSERT_HELD(_sc); \
240 (_sc)->sc_iflist_xcnt--; \
241 } while (0)
242
243 #define IF_BRIDGE_DEBUG(f) FALSE
244
245 #endif /* BRIDGE_DEBUG */
246
247 #if NBPFILTER > 0
248 #define BRIDGE_BPF_MTAP_INPUT(sc, m) \
249 if (sc->sc_bpf_input != NULL) \
250 bridge_bpf_input(sc->sc_ifp, m, __func__, __LINE__)
251 #else /* NBPFILTER */
252 #define BRIDGE_BPF_MTAP_INPUT(ifp, m)
253 #endif /* NBPFILTER */
254
255 /*
256 * Initial size of the route hash table. Must be a power of two.
257 */
258 #ifndef BRIDGE_RTHASH_SIZE
259 #define BRIDGE_RTHASH_SIZE 16
260 #endif
261
262 /*
263 * Maximum size of the routing hash table
264 */
265 #define BRIDGE_RTHASH_SIZE_MAX 2048
266
267 #define BRIDGE_RTHASH_MASK(sc) ((sc)->sc_rthash_size - 1)
268
269 /*
270 * Maximum number of addresses to cache.
271 */
272 #ifndef BRIDGE_RTABLE_MAX
273 #define BRIDGE_RTABLE_MAX 100
274 #endif
275
276
277 /*
278 * Timeout (in seconds) for entries learned dynamically.
279 */
280 #ifndef BRIDGE_RTABLE_TIMEOUT
281 #define BRIDGE_RTABLE_TIMEOUT (20 * 60) /* same as ARP */
282 #endif
283
284 /*
285 * Number of seconds between walks of the route list.
286 */
287 #ifndef BRIDGE_RTABLE_PRUNE_PERIOD
288 #define BRIDGE_RTABLE_PRUNE_PERIOD (5 * 60)
289 #endif
290
291 /*
292 * Number of MAC NAT entries
293 * - sized based on 16 clients (including MAC NAT interface)
294 * each with 4 addresses
295 */
296 #ifndef BRIDGE_MAC_NAT_ENTRY_MAX
297 #define BRIDGE_MAC_NAT_ENTRY_MAX 64
298 #endif /* BRIDGE_MAC_NAT_ENTRY_MAX */
299
300 /*
301 * List of capabilities to possibly mask on the member interface.
302 */
303 #define BRIDGE_IFCAPS_MASK (IFCAP_TSO | IFCAP_TXCSUM)
304 /*
305 * List of capabilities to disable on the member interface.
306 */
307 #define BRIDGE_IFCAPS_STRIP IFCAP_LRO
308
309 /*
310 * Bridge interface list entry.
311 */
312 struct bridge_iflist {
313 TAILQ_ENTRY(bridge_iflist) bif_next;
314 struct ifnet *bif_ifp; /* member if */
315 struct bstp_port bif_stp; /* STP state */
316 uint32_t bif_ifflags; /* member if flags */
317 int bif_savedcaps; /* saved capabilities */
318 uint32_t bif_addrmax; /* max # of addresses */
319 uint32_t bif_addrcnt; /* cur. # of addresses */
320 uint32_t bif_addrexceeded; /* # of address violations */
321
322 interface_filter_t bif_iff_ref;
323 struct bridge_softc *bif_sc;
324 uint32_t bif_flags;
325
326 /* host filter */
327 struct in_addr bif_hf_ipsrc;
328 uint8_t bif_hf_hwsrc[ETHER_ADDR_LEN];
329 };
330
331 #define BIFF_PROMISC 0x01 /* promiscuous mode set */
332 #define BIFF_PROTO_ATTACHED 0x02 /* protocol attached */
333 #define BIFF_FILTER_ATTACHED 0x04 /* interface filter attached */
334 #define BIFF_MEDIA_ACTIVE 0x08 /* interface media active */
335 #define BIFF_HOST_FILTER 0x10 /* host filter enabled */
336 #define BIFF_HF_HWSRC 0x20 /* host filter source MAC is set */
337 #define BIFF_HF_IPSRC 0x40 /* host filter source IP is set */
338 #define BIFF_INPUT_BROADCAST 0x80 /* send broadcast packets in */
339
340 /*
341 * mac_nat_entry
342 * - translates between an IP address and MAC address on a specific
343 * bridge interface member
344 */
345 struct mac_nat_entry {
346 LIST_ENTRY(mac_nat_entry) mne_list; /* list linkage */
347 struct bridge_iflist *mne_bif; /* originating interface */
348 unsigned long mne_expire; /* expiration time */
349 union {
350 struct in_addr mneu_ip; /* originating IPv4 address */
351 struct in6_addr mneu_ip6; /* originating IPv6 address */
352 } mne_u;
353 uint8_t mne_mac[ETHER_ADDR_LEN];
354 uint8_t mne_flags;
355 uint8_t mne_reserved;
356 };
357 #define mne_ip mne_u.mneu_ip
358 #define mne_ip6 mne_u.mneu_ip6
359
360 #define MNE_FLAGS_IPV6 0x01 /* IPv6 address */
361
362 LIST_HEAD(mac_nat_entry_list, mac_nat_entry);
363
364 /*
365 * mac_nat_record
366 * - used by bridge_mac_nat_output() to convey the translation that needs
367 * to take place in bridge_mac_nat_translate
368 * - holds enough information so that the translation can be done later without
369 * holding the bridge lock
370 */
371 struct mac_nat_record {
372 uint16_t mnr_ether_type;
373 union {
374 uint16_t mnru_arp_offset;
375 struct {
376 uint16_t mnruip_dhcp_flags;
377 uint16_t mnruip_udp_csum;
378 uint8_t mnruip_header_len;
379 } mnru_ip;
380 struct {
381 uint16_t mnruip6_icmp6_len;
382 uint16_t mnruip6_lladdr_offset;
383 uint8_t mnruip6_icmp6_type;
384 uint8_t mnruip6_header_len;
385 } mnru_ip6;
386 } mnr_u;
387 };
388
389 #define mnr_arp_offset mnr_u.mnru_arp_offset
390
391 #define mnr_ip_header_len mnr_u.mnru_ip.mnruip_header_len
392 #define mnr_ip_dhcp_flags mnr_u.mnru_ip.mnruip_dhcp_flags
393 #define mnr_ip_udp_csum mnr_u.mnru_ip.mnruip_udp_csum
394
395 #define mnr_ip6_icmp6_len mnr_u.mnru_ip6.mnruip6_icmp6_len
396 #define mnr_ip6_icmp6_type mnr_u.mnru_ip6.mnruip6_icmp6_type
397 #define mnr_ip6_header_len mnr_u.mnru_ip6.mnruip6_header_len
398 #define mnr_ip6_lladdr_offset mnr_u.mnru_ip6.mnruip6_lladdr_offset
399
400 /*
401 * Bridge route node.
402 */
403 struct bridge_rtnode {
404 LIST_ENTRY(bridge_rtnode) brt_hash; /* hash table linkage */
405 LIST_ENTRY(bridge_rtnode) brt_list; /* list linkage */
406 struct bridge_iflist *brt_dst; /* destination if */
407 unsigned long brt_expire; /* expiration time */
408 uint8_t brt_flags; /* address flags */
409 uint8_t brt_addr[ETHER_ADDR_LEN];
410 uint16_t brt_vlan; /* vlan id */
411
412 };
413 #define brt_ifp brt_dst->bif_ifp
414
415 /*
416 * Bridge delayed function call context
417 */
418 typedef void (*bridge_delayed_func_t)(struct bridge_softc *);
419
420 struct bridge_delayed_call {
421 struct bridge_softc *bdc_sc;
422 bridge_delayed_func_t bdc_func; /* Function to call */
423 struct timespec bdc_ts; /* Time to call */
424 u_int32_t bdc_flags;
425 thread_call_t bdc_thread_call;
426 };
427
428 #define BDCF_OUTSTANDING 0x01 /* Delayed call has been scheduled */
429 #define BDCF_CANCELLING 0x02 /* May be waiting for call completion */
430
431 /*
432 * Software state for each bridge.
433 */
434 LIST_HEAD(_bridge_rtnode_list, bridge_rtnode);
435
436 struct bridge_softc {
437 struct ifnet *sc_ifp; /* make this an interface */
438 u_int32_t sc_flags;
439 LIST_ENTRY(bridge_softc) sc_list;
440 decl_lck_mtx_data(, sc_mtx);
441 struct _bridge_rtnode_list *sc_rthash; /* our forwarding table */
442 struct _bridge_rtnode_list sc_rtlist; /* list version of above */
443 uint32_t sc_rthash_key; /* key for hash */
444 uint32_t sc_rthash_size; /* size of the hash table */
445 struct bridge_delayed_call sc_aging_timer;
446 struct bridge_delayed_call sc_resize_call;
447 TAILQ_HEAD(, bridge_iflist) sc_spanlist; /* span ports list */
448 struct bstp_state sc_stp; /* STP state */
449 bpf_packet_func sc_bpf_input;
450 bpf_packet_func sc_bpf_output;
451 void *sc_cv;
452 uint32_t sc_brtmax; /* max # of addresses */
453 uint32_t sc_brtcnt; /* cur. # of addresses */
454 uint32_t sc_brttimeout; /* rt timeout in seconds */
455 uint32_t sc_iflist_ref; /* refcount for sc_iflist */
456 uint32_t sc_iflist_xcnt; /* refcount for sc_iflist */
457 TAILQ_HEAD(, bridge_iflist) sc_iflist; /* member interface list */
458 uint32_t sc_brtexceeded; /* # of cache drops */
459 uint32_t sc_filter_flags; /* ipf and flags */
460 struct ifnet *sc_ifaddr; /* member mac copied from */
461 u_char sc_defaddr[6]; /* Default MAC address */
462 char sc_if_xname[IFNAMSIZ];
463
464 struct bridge_iflist *sc_mac_nat_bif; /* single MAC NAT interface */
465 struct mac_nat_entry_list sc_mne_list; /* MAC NAT IPv4 */
466 struct mac_nat_entry_list sc_mne_list_v6;/* MAC NAT IPv6 */
467 uint32_t sc_mne_max; /* max # of entries */
468 uint32_t sc_mne_count; /* cur. # of entries */
469 uint32_t sc_mne_allocation_failures;
470 #if BRIDGE_DEBUG
471 /*
472 * Locking and unlocking calling history
473 */
474 void *lock_lr[BR_LCKDBG_MAX];
475 int next_lock_lr;
476 void *unlock_lr[BR_LCKDBG_MAX];
477 int next_unlock_lr;
478 #endif /* BRIDGE_DEBUG */
479 };
480
481 #define SCF_DETACHING 0x01
482 #define SCF_RESIZING 0x02
483 #define SCF_MEDIA_ACTIVE 0x04
484
485 typedef enum {
486 kChecksumOperationNone = 0,
487 kChecksumOperationClear = 1,
488 kChecksumOperationFinalize = 2,
489 kChecksumOperationCompute = 3,
490 } ChecksumOperation;
491
492 struct bridge_hostfilter_stats bridge_hostfilter_stats;
493
494 decl_lck_mtx_data(static, bridge_list_mtx);
495
496 static int bridge_rtable_prune_period = BRIDGE_RTABLE_PRUNE_PERIOD;
497
498 static ZONE_DECLARE(bridge_rtnode_pool, "bridge_rtnode",
499 sizeof(struct bridge_rtnode), ZC_NONE);
500 static ZONE_DECLARE(bridge_mne_pool, "bridge_mac_nat_entry",
501 sizeof(struct mac_nat_entry), ZC_NONE);
502
503 static int bridge_clone_create(struct if_clone *, uint32_t, void *);
504 static int bridge_clone_destroy(struct ifnet *);
505
506 static errno_t bridge_ioctl(struct ifnet *, u_long, void *);
507 #if HAS_IF_CAP
508 static void bridge_mutecaps(struct bridge_softc *);
509 static void bridge_set_ifcap(struct bridge_softc *, struct bridge_iflist *,
510 int);
511 #endif
512 static errno_t bridge_set_tso(struct bridge_softc *);
513 static void bridge_ifdetach(struct ifnet *);
514 static void bridge_proto_attach_changed(struct ifnet *);
515 static int bridge_init(struct ifnet *);
516 #if HAS_BRIDGE_DUMMYNET
517 static void bridge_dummynet(struct mbuf *, struct ifnet *);
518 #endif
519 static void bridge_ifstop(struct ifnet *, int);
520 static int bridge_output(struct ifnet *, struct mbuf *);
521 static void bridge_finalize_cksum(struct ifnet *, struct mbuf *);
522 static void bridge_start(struct ifnet *);
523 static errno_t bridge_input(struct ifnet *, mbuf_t *);
524 static errno_t bridge_iff_input(void *, ifnet_t, protocol_family_t,
525 mbuf_t *, char **);
526 static errno_t bridge_iff_output(void *, ifnet_t, protocol_family_t,
527 mbuf_t *);
528 static errno_t bridge_member_output(struct bridge_softc *sc, ifnet_t ifp,
529 mbuf_t *m);
530
531 static int bridge_enqueue(ifnet_t, struct ifnet *,
532 struct ifnet *, struct mbuf *, ChecksumOperation);
533 static void bridge_rtdelete(struct bridge_softc *, struct ifnet *ifp, int);
534
535 static void bridge_forward(struct bridge_softc *, struct bridge_iflist *,
536 struct mbuf *);
537
538 static void bridge_aging_timer(struct bridge_softc *sc);
539
540 static void bridge_broadcast(struct bridge_softc *, struct ifnet *,
541 struct mbuf *, int);
542 static void bridge_span(struct bridge_softc *, struct mbuf *);
543
544 static int bridge_rtupdate(struct bridge_softc *, const uint8_t *,
545 uint16_t, struct bridge_iflist *, int, uint8_t);
546 static struct ifnet *bridge_rtlookup(struct bridge_softc *, const uint8_t *,
547 uint16_t);
548 static void bridge_rttrim(struct bridge_softc *);
549 static void bridge_rtage(struct bridge_softc *);
550 static void bridge_rtflush(struct bridge_softc *, int);
551 static int bridge_rtdaddr(struct bridge_softc *, const uint8_t *,
552 uint16_t);
553
554 static int bridge_rtable_init(struct bridge_softc *);
555 static void bridge_rtable_fini(struct bridge_softc *);
556
557 static void bridge_rthash_resize(struct bridge_softc *);
558
559 static int bridge_rtnode_addr_cmp(const uint8_t *, const uint8_t *);
560 static struct bridge_rtnode *bridge_rtnode_lookup(struct bridge_softc *,
561 const uint8_t *, uint16_t);
562 static int bridge_rtnode_hash(struct bridge_softc *,
563 struct bridge_rtnode *);
564 static int bridge_rtnode_insert(struct bridge_softc *,
565 struct bridge_rtnode *);
566 static void bridge_rtnode_destroy(struct bridge_softc *,
567 struct bridge_rtnode *);
568 #if BRIDGESTP
569 static void bridge_rtable_expire(struct ifnet *, int);
570 static void bridge_state_change(struct ifnet *, int);
571 #endif /* BRIDGESTP */
572
573 static struct bridge_iflist *bridge_lookup_member(struct bridge_softc *,
574 const char *name);
575 static struct bridge_iflist *bridge_lookup_member_if(struct bridge_softc *,
576 struct ifnet *ifp);
577 static void bridge_delete_member(struct bridge_softc *,
578 struct bridge_iflist *, int);
579 static void bridge_delete_span(struct bridge_softc *,
580 struct bridge_iflist *);
581
582 static int bridge_ioctl_add(struct bridge_softc *, void *);
583 static int bridge_ioctl_del(struct bridge_softc *, void *);
584 static int bridge_ioctl_gifflags(struct bridge_softc *, void *);
585 static int bridge_ioctl_sifflags(struct bridge_softc *, void *);
586 static int bridge_ioctl_scache(struct bridge_softc *, void *);
587 static int bridge_ioctl_gcache(struct bridge_softc *, void *);
588 static int bridge_ioctl_gifs32(struct bridge_softc *, void *);
589 static int bridge_ioctl_gifs64(struct bridge_softc *, void *);
590 static int bridge_ioctl_rts32(struct bridge_softc *, void *);
591 static int bridge_ioctl_rts64(struct bridge_softc *, void *);
592 static int bridge_ioctl_saddr32(struct bridge_softc *, void *);
593 static int bridge_ioctl_saddr64(struct bridge_softc *, void *);
594 static int bridge_ioctl_sto(struct bridge_softc *, void *);
595 static int bridge_ioctl_gto(struct bridge_softc *, void *);
596 static int bridge_ioctl_daddr32(struct bridge_softc *, void *);
597 static int bridge_ioctl_daddr64(struct bridge_softc *, void *);
598 static int bridge_ioctl_flush(struct bridge_softc *, void *);
599 static int bridge_ioctl_gpri(struct bridge_softc *, void *);
600 static int bridge_ioctl_spri(struct bridge_softc *, void *);
601 static int bridge_ioctl_ght(struct bridge_softc *, void *);
602 static int bridge_ioctl_sht(struct bridge_softc *, void *);
603 static int bridge_ioctl_gfd(struct bridge_softc *, void *);
604 static int bridge_ioctl_sfd(struct bridge_softc *, void *);
605 static int bridge_ioctl_gma(struct bridge_softc *, void *);
606 static int bridge_ioctl_sma(struct bridge_softc *, void *);
607 static int bridge_ioctl_sifprio(struct bridge_softc *, void *);
608 static int bridge_ioctl_sifcost(struct bridge_softc *, void *);
609 static int bridge_ioctl_sifmaxaddr(struct bridge_softc *, void *);
610 static int bridge_ioctl_addspan(struct bridge_softc *, void *);
611 static int bridge_ioctl_delspan(struct bridge_softc *, void *);
612 static int bridge_ioctl_gbparam32(struct bridge_softc *, void *);
613 static int bridge_ioctl_gbparam64(struct bridge_softc *, void *);
614 static int bridge_ioctl_grte(struct bridge_softc *, void *);
615 static int bridge_ioctl_gifsstp32(struct bridge_softc *, void *);
616 static int bridge_ioctl_gifsstp64(struct bridge_softc *, void *);
617 static int bridge_ioctl_sproto(struct bridge_softc *, void *);
618 static int bridge_ioctl_stxhc(struct bridge_softc *, void *);
619 static int bridge_ioctl_purge(struct bridge_softc *sc, void *);
620 static int bridge_ioctl_gfilt(struct bridge_softc *, void *);
621 static int bridge_ioctl_sfilt(struct bridge_softc *, void *);
622 static int bridge_ioctl_ghostfilter(struct bridge_softc *, void *);
623 static int bridge_ioctl_shostfilter(struct bridge_softc *, void *);
624 static int bridge_ioctl_gmnelist32(struct bridge_softc *, void *);
625 static int bridge_ioctl_gmnelist64(struct bridge_softc *, void *);
626
627 static int bridge_pf(struct mbuf **, struct ifnet *, uint32_t sc_filter_flags, int input);
628 static int bridge_ip_checkbasic(struct mbuf **);
629 static int bridge_ip6_checkbasic(struct mbuf **);
630
631 static errno_t bridge_set_bpf_tap(ifnet_t, bpf_tap_mode, bpf_packet_func);
632 static errno_t bridge_bpf_input(ifnet_t, struct mbuf *, const char *, int);
633 static errno_t bridge_bpf_output(ifnet_t, struct mbuf *);
634
635 static void bridge_detach(ifnet_t);
636 static void bridge_link_event(struct ifnet *, u_int32_t);
637 static void bridge_iflinkevent(struct ifnet *);
638 static u_int32_t bridge_updatelinkstatus(struct bridge_softc *);
639 static int interface_media_active(struct ifnet *);
640 static void bridge_schedule_delayed_call(struct bridge_delayed_call *);
641 static void bridge_cancel_delayed_call(struct bridge_delayed_call *);
642 static void bridge_cleanup_delayed_call(struct bridge_delayed_call *);
643 static int bridge_host_filter(struct bridge_iflist *, mbuf_t *);
644
645 static errno_t bridge_mac_nat_enable(struct bridge_softc *,
646 struct bridge_iflist *);
647 static void bridge_mac_nat_disable(struct bridge_softc *sc);
648 static void bridge_mac_nat_age_entries(struct bridge_softc *sc, unsigned long);
649 static void bridge_mac_nat_populate_entries(struct bridge_softc *sc);
650 static void bridge_mac_nat_flush_entries(struct bridge_softc *sc,
651 struct bridge_iflist *);
652 static ifnet_t bridge_mac_nat_input(struct bridge_softc *, mbuf_t *,
653 boolean_t *);
654 static boolean_t bridge_mac_nat_output(struct bridge_softc *,
655 struct bridge_iflist *, mbuf_t *, struct mac_nat_record *);
656 static void bridge_mac_nat_translate(mbuf_t *, struct mac_nat_record *,
657 const caddr_t);
658 static boolean_t is_broadcast_ip_packet(mbuf_t *);
659
660 #define m_copypacket(m, how) m_copym(m, 0, M_COPYALL, how)
661
662 static int
663 gso_ipv4_tcp(struct ifnet *ifp, struct mbuf **mp, u_int mac_hlen,
664 boolean_t is_tx);
665
666 static int
667 gso_ipv6_tcp(struct ifnet *ifp, struct mbuf **mp, u_int mac_hlen,
668 boolean_t is_tx);
669
670 /* The default bridge vlan is 1 (IEEE 802.1Q-2003 Table 9-2) */
671 #define VLANTAGOF(_m) 0
672
673 u_int8_t bstp_etheraddr[ETHER_ADDR_LEN] =
674 { 0x01, 0x80, 0xc2, 0x00, 0x00, 0x00 };
675
676 static u_int8_t ethernulladdr[ETHER_ADDR_LEN] =
677 { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 };
678
679 #if BRIDGESTP
680 static struct bstp_cb_ops bridge_ops = {
681 .bcb_state = bridge_state_change,
682 .bcb_rtage = bridge_rtable_expire
683 };
684 #endif /* BRIDGESTP */
685
686 SYSCTL_DECL(_net_link);
687 SYSCTL_NODE(_net_link, IFT_BRIDGE, bridge, CTLFLAG_RW | CTLFLAG_LOCKED, 0,
688 "Bridge");
689
690 static int bridge_inherit_mac = 0; /* share MAC with first bridge member */
691 SYSCTL_INT(_net_link_bridge, OID_AUTO, inherit_mac,
692 CTLFLAG_RW | CTLFLAG_LOCKED,
693 &bridge_inherit_mac, 0,
694 "Inherit MAC address from the first bridge member");
695
696 SYSCTL_INT(_net_link_bridge, OID_AUTO, rtable_prune_period,
697 CTLFLAG_RW | CTLFLAG_LOCKED,
698 &bridge_rtable_prune_period, 0,
699 "Interval between pruning of routing table");
700
701 static unsigned int bridge_rtable_hash_size_max = BRIDGE_RTHASH_SIZE_MAX;
702 SYSCTL_UINT(_net_link_bridge, OID_AUTO, rtable_hash_size_max,
703 CTLFLAG_RW | CTLFLAG_LOCKED,
704 &bridge_rtable_hash_size_max, 0,
705 "Maximum size of the routing hash table");
706
707 #if BRIDGE_DEBUG_DELAYED_CALLBACK
708 static int bridge_delayed_callback_delay = 0;
709 SYSCTL_INT(_net_link_bridge, OID_AUTO, delayed_callback_delay,
710 CTLFLAG_RW | CTLFLAG_LOCKED,
711 &bridge_delayed_callback_delay, 0,
712 "Delay before calling delayed function");
713 #endif
714
715 SYSCTL_STRUCT(_net_link_bridge, OID_AUTO,
716 hostfilterstats, CTLFLAG_RD | CTLFLAG_LOCKED,
717 &bridge_hostfilter_stats, bridge_hostfilter_stats, "");
718
719
720 #if BRIDGESTP
721 static int log_stp = 0; /* log STP state changes */
722 SYSCTL_INT(_net_link_bridge, OID_AUTO, log_stp, CTLFLAG_RW,
723 &log_stp, 0, "Log STP state changes");
724 #endif /* BRIDGESTP */
725
726 struct bridge_control {
727 int (*bc_func)(struct bridge_softc *, void *);
728 unsigned int bc_argsize;
729 unsigned int bc_flags;
730 };
731
732 #define BC_F_COPYIN 0x01 /* copy arguments in */
733 #define BC_F_COPYOUT 0x02 /* copy arguments out */
734 #define BC_F_SUSER 0x04 /* do super-user check */
735
736 static const struct bridge_control bridge_control_table32[] = {
737 { .bc_func = bridge_ioctl_add, .bc_argsize = sizeof(struct ifbreq), /* 0 */
738 .bc_flags = BC_F_COPYIN | BC_F_SUSER },
739 { .bc_func = bridge_ioctl_del, .bc_argsize = sizeof(struct ifbreq),
740 .bc_flags = BC_F_COPYIN | BC_F_SUSER },
741
742 { .bc_func = bridge_ioctl_gifflags, .bc_argsize = sizeof(struct ifbreq),
743 .bc_flags = BC_F_COPYIN | BC_F_COPYOUT },
744 { .bc_func = bridge_ioctl_sifflags, .bc_argsize = sizeof(struct ifbreq),
745 .bc_flags = BC_F_COPYIN | BC_F_SUSER },
746
747 { .bc_func = bridge_ioctl_scache, .bc_argsize = sizeof(struct ifbrparam),
748 .bc_flags = BC_F_COPYIN | BC_F_SUSER },
749 { .bc_func = bridge_ioctl_gcache, .bc_argsize = sizeof(struct ifbrparam),
750 .bc_flags = BC_F_COPYOUT },
751
752 { .bc_func = bridge_ioctl_gifs32, .bc_argsize = sizeof(struct ifbifconf32),
753 .bc_flags = BC_F_COPYIN | BC_F_COPYOUT },
754 { .bc_func = bridge_ioctl_rts32, .bc_argsize = sizeof(struct ifbaconf32),
755 .bc_flags = BC_F_COPYIN | BC_F_COPYOUT },
756
757 { .bc_func = bridge_ioctl_saddr32, .bc_argsize = sizeof(struct ifbareq32),
758 .bc_flags = BC_F_COPYIN | BC_F_SUSER },
759
760 { .bc_func = bridge_ioctl_sto, .bc_argsize = sizeof(struct ifbrparam),
761 .bc_flags = BC_F_COPYIN | BC_F_SUSER },
762 { .bc_func = bridge_ioctl_gto, .bc_argsize = sizeof(struct ifbrparam), /* 10 */
763 .bc_flags = BC_F_COPYOUT },
764
765 { .bc_func = bridge_ioctl_daddr32, .bc_argsize = sizeof(struct ifbareq32),
766 .bc_flags = BC_F_COPYIN | BC_F_SUSER },
767
768 { .bc_func = bridge_ioctl_flush, .bc_argsize = sizeof(struct ifbreq),
769 .bc_flags = BC_F_COPYIN | BC_F_SUSER },
770
771 { .bc_func = bridge_ioctl_gpri, .bc_argsize = sizeof(struct ifbrparam),
772 .bc_flags = BC_F_COPYOUT },
773 { .bc_func = bridge_ioctl_spri, .bc_argsize = sizeof(struct ifbrparam),
774 .bc_flags = BC_F_COPYIN | BC_F_SUSER },
775
776 { .bc_func = bridge_ioctl_ght, .bc_argsize = sizeof(struct ifbrparam),
777 .bc_flags = BC_F_COPYOUT },
778 { .bc_func = bridge_ioctl_sht, .bc_argsize = sizeof(struct ifbrparam),
779 .bc_flags = BC_F_COPYIN | BC_F_SUSER },
780
781 { .bc_func = bridge_ioctl_gfd, .bc_argsize = sizeof(struct ifbrparam),
782 .bc_flags = BC_F_COPYOUT },
783 { .bc_func = bridge_ioctl_sfd, .bc_argsize = sizeof(struct ifbrparam),
784 .bc_flags = BC_F_COPYIN | BC_F_SUSER },
785
786 { .bc_func = bridge_ioctl_gma, .bc_argsize = sizeof(struct ifbrparam),
787 .bc_flags = BC_F_COPYOUT },
788 { .bc_func = bridge_ioctl_sma, .bc_argsize = sizeof(struct ifbrparam), /* 20 */
789 .bc_flags = BC_F_COPYIN | BC_F_SUSER },
790
791 { .bc_func = bridge_ioctl_sifprio, .bc_argsize = sizeof(struct ifbreq),
792 .bc_flags = BC_F_COPYIN | BC_F_SUSER },
793
794 { .bc_func = bridge_ioctl_sifcost, .bc_argsize = sizeof(struct ifbreq),
795 .bc_flags = BC_F_COPYIN | BC_F_SUSER },
796
797 { .bc_func = bridge_ioctl_gfilt, .bc_argsize = sizeof(struct ifbrparam),
798 .bc_flags = BC_F_COPYOUT },
799 { .bc_func = bridge_ioctl_sfilt, .bc_argsize = sizeof(struct ifbrparam),
800 .bc_flags = BC_F_COPYIN | BC_F_SUSER },
801
802 { .bc_func = bridge_ioctl_purge, .bc_argsize = sizeof(struct ifbreq),
803 .bc_flags = BC_F_COPYIN | BC_F_SUSER },
804
805 { .bc_func = bridge_ioctl_addspan, .bc_argsize = sizeof(struct ifbreq),
806 .bc_flags = BC_F_COPYIN | BC_F_SUSER },
807 { .bc_func = bridge_ioctl_delspan, .bc_argsize = sizeof(struct ifbreq),
808 .bc_flags = BC_F_COPYIN | BC_F_SUSER },
809
810 { .bc_func = bridge_ioctl_gbparam32, .bc_argsize = sizeof(struct ifbropreq32),
811 .bc_flags = BC_F_COPYOUT },
812
813 { .bc_func = bridge_ioctl_grte, .bc_argsize = sizeof(struct ifbrparam),
814 .bc_flags = BC_F_COPYOUT },
815
816 { .bc_func = bridge_ioctl_gifsstp32, .bc_argsize = sizeof(struct ifbpstpconf32), /* 30 */
817 .bc_flags = BC_F_COPYIN | BC_F_COPYOUT },
818
819 { .bc_func = bridge_ioctl_sproto, .bc_argsize = sizeof(struct ifbrparam),
820 .bc_flags = BC_F_COPYIN | BC_F_SUSER },
821
822 { .bc_func = bridge_ioctl_stxhc, .bc_argsize = sizeof(struct ifbrparam),
823 .bc_flags = BC_F_COPYIN | BC_F_SUSER },
824
825 { .bc_func = bridge_ioctl_sifmaxaddr, .bc_argsize = sizeof(struct ifbreq),
826 .bc_flags = BC_F_COPYIN | BC_F_SUSER },
827
828 { .bc_func = bridge_ioctl_ghostfilter, .bc_argsize = sizeof(struct ifbrhostfilter),
829 .bc_flags = BC_F_COPYIN | BC_F_COPYOUT },
830 { .bc_func = bridge_ioctl_shostfilter, .bc_argsize = sizeof(struct ifbrhostfilter),
831 .bc_flags = BC_F_COPYIN | BC_F_SUSER },
832
833 { .bc_func = bridge_ioctl_gmnelist32, .bc_argsize = sizeof(struct ifbrmnelist32),
834 .bc_flags = BC_F_COPYIN | BC_F_COPYOUT },
835 };
836
837 static const struct bridge_control bridge_control_table64[] = {
838 { .bc_func = bridge_ioctl_add, .bc_argsize = sizeof(struct ifbreq), /* 0 */
839 .bc_flags = BC_F_COPYIN | BC_F_SUSER },
840 { .bc_func = bridge_ioctl_del, .bc_argsize = sizeof(struct ifbreq),
841 .bc_flags = BC_F_COPYIN | BC_F_SUSER },
842
843 { .bc_func = bridge_ioctl_gifflags, .bc_argsize = sizeof(struct ifbreq),
844 .bc_flags = BC_F_COPYIN | BC_F_COPYOUT },
845 { .bc_func = bridge_ioctl_sifflags, .bc_argsize = sizeof(struct ifbreq),
846 .bc_flags = BC_F_COPYIN | BC_F_SUSER },
847
848 { .bc_func = bridge_ioctl_scache, .bc_argsize = sizeof(struct ifbrparam),
849 .bc_flags = BC_F_COPYIN | BC_F_SUSER },
850 { .bc_func = bridge_ioctl_gcache, .bc_argsize = sizeof(struct ifbrparam),
851 .bc_flags = BC_F_COPYOUT },
852
853 { .bc_func = bridge_ioctl_gifs64, .bc_argsize = sizeof(struct ifbifconf64),
854 .bc_flags = BC_F_COPYIN | BC_F_COPYOUT },
855 { .bc_func = bridge_ioctl_rts64, .bc_argsize = sizeof(struct ifbaconf64),
856 .bc_flags = BC_F_COPYIN | BC_F_COPYOUT },
857
858 { .bc_func = bridge_ioctl_saddr64, .bc_argsize = sizeof(struct ifbareq64),
859 .bc_flags = BC_F_COPYIN | BC_F_SUSER },
860
861 { .bc_func = bridge_ioctl_sto, .bc_argsize = sizeof(struct ifbrparam),
862 .bc_flags = BC_F_COPYIN | BC_F_SUSER },
863 { .bc_func = bridge_ioctl_gto, .bc_argsize = sizeof(struct ifbrparam), /* 10 */
864 .bc_flags = BC_F_COPYOUT },
865
866 { .bc_func = bridge_ioctl_daddr64, .bc_argsize = sizeof(struct ifbareq64),
867 .bc_flags = BC_F_COPYIN | BC_F_SUSER },
868
869 { .bc_func = bridge_ioctl_flush, .bc_argsize = sizeof(struct ifbreq),
870 .bc_flags = BC_F_COPYIN | BC_F_SUSER },
871
872 { .bc_func = bridge_ioctl_gpri, .bc_argsize = sizeof(struct ifbrparam),
873 .bc_flags = BC_F_COPYOUT },
874 { .bc_func = bridge_ioctl_spri, .bc_argsize = sizeof(struct ifbrparam),
875 .bc_flags = BC_F_COPYIN | BC_F_SUSER },
876
877 { .bc_func = bridge_ioctl_ght, .bc_argsize = sizeof(struct ifbrparam),
878 .bc_flags = BC_F_COPYOUT },
879 { .bc_func = bridge_ioctl_sht, .bc_argsize = sizeof(struct ifbrparam),
880 .bc_flags = BC_F_COPYIN | BC_F_SUSER },
881
882 { .bc_func = bridge_ioctl_gfd, .bc_argsize = sizeof(struct ifbrparam),
883 .bc_flags = BC_F_COPYOUT },
884 { .bc_func = bridge_ioctl_sfd, .bc_argsize = sizeof(struct ifbrparam),
885 .bc_flags = BC_F_COPYIN | BC_F_SUSER },
886
887 { .bc_func = bridge_ioctl_gma, .bc_argsize = sizeof(struct ifbrparam),
888 .bc_flags = BC_F_COPYOUT },
889 { .bc_func = bridge_ioctl_sma, .bc_argsize = sizeof(struct ifbrparam), /* 20 */
890 .bc_flags = BC_F_COPYIN | BC_F_SUSER },
891
892 { .bc_func = bridge_ioctl_sifprio, .bc_argsize = sizeof(struct ifbreq),
893 .bc_flags = BC_F_COPYIN | BC_F_SUSER },
894
895 { .bc_func = bridge_ioctl_sifcost, .bc_argsize = sizeof(struct ifbreq),
896 .bc_flags = BC_F_COPYIN | BC_F_SUSER },
897
898 { .bc_func = bridge_ioctl_gfilt, .bc_argsize = sizeof(struct ifbrparam),
899 .bc_flags = BC_F_COPYOUT },
900 { .bc_func = bridge_ioctl_sfilt, .bc_argsize = sizeof(struct ifbrparam),
901 .bc_flags = BC_F_COPYIN | BC_F_SUSER },
902
903 { .bc_func = bridge_ioctl_purge, .bc_argsize = sizeof(struct ifbreq),
904 .bc_flags = BC_F_COPYIN | BC_F_SUSER },
905
906 { .bc_func = bridge_ioctl_addspan, .bc_argsize = sizeof(struct ifbreq),
907 .bc_flags = BC_F_COPYIN | BC_F_SUSER },
908 { .bc_func = bridge_ioctl_delspan, .bc_argsize = sizeof(struct ifbreq),
909 .bc_flags = BC_F_COPYIN | BC_F_SUSER },
910
911 { .bc_func = bridge_ioctl_gbparam64, .bc_argsize = sizeof(struct ifbropreq64),
912 .bc_flags = BC_F_COPYOUT },
913
914 { .bc_func = bridge_ioctl_grte, .bc_argsize = sizeof(struct ifbrparam),
915 .bc_flags = BC_F_COPYOUT },
916
917 { .bc_func = bridge_ioctl_gifsstp64, .bc_argsize = sizeof(struct ifbpstpconf64), /* 30 */
918 .bc_flags = BC_F_COPYIN | BC_F_COPYOUT },
919
920 { .bc_func = bridge_ioctl_sproto, .bc_argsize = sizeof(struct ifbrparam),
921 .bc_flags = BC_F_COPYIN | BC_F_SUSER },
922
923 { .bc_func = bridge_ioctl_stxhc, .bc_argsize = sizeof(struct ifbrparam),
924 .bc_flags = BC_F_COPYIN | BC_F_SUSER },
925
926 { .bc_func = bridge_ioctl_sifmaxaddr, .bc_argsize = sizeof(struct ifbreq),
927 .bc_flags = BC_F_COPYIN | BC_F_SUSER },
928
929 { .bc_func = bridge_ioctl_ghostfilter, .bc_argsize = sizeof(struct ifbrhostfilter),
930 .bc_flags = BC_F_COPYIN | BC_F_COPYOUT },
931 { .bc_func = bridge_ioctl_shostfilter, .bc_argsize = sizeof(struct ifbrhostfilter),
932 .bc_flags = BC_F_COPYIN | BC_F_SUSER },
933
934 { .bc_func = bridge_ioctl_gmnelist64, .bc_argsize = sizeof(struct ifbrmnelist64),
935 .bc_flags = BC_F_COPYIN | BC_F_COPYOUT },
936 };
937
938 static const unsigned int bridge_control_table_size =
939 sizeof(bridge_control_table32) / sizeof(bridge_control_table32[0]);
940
941 static LIST_HEAD(, bridge_softc) bridge_list =
942 LIST_HEAD_INITIALIZER(bridge_list);
943
944 static lck_grp_t *bridge_lock_grp = NULL;
945 static lck_attr_t *bridge_lock_attr = NULL;
946
947 #define BRIDGENAME "bridge"
948 #define BRIDGES_MAX IF_MAXUNIT
949 #define BRIDGE_ZONE_MAX_ELEM MIN(IFNETS_MAX, BRIDGES_MAX)
950
951 static struct if_clone bridge_cloner =
952 IF_CLONE_INITIALIZER(BRIDGENAME, bridge_clone_create, bridge_clone_destroy,
953 0, BRIDGES_MAX, BRIDGE_ZONE_MAX_ELEM, sizeof(struct bridge_softc));
954
955 static int if_bridge_txstart = 0;
956 SYSCTL_INT(_net_link_bridge, OID_AUTO, txstart, CTLFLAG_RW | CTLFLAG_LOCKED,
957 &if_bridge_txstart, 0, "Bridge interface uses TXSTART model");
958
959 #if BRIDGE_DEBUG
960 static int if_bridge_debug = 0;
961 SYSCTL_INT(_net_link_bridge, OID_AUTO, debug, CTLFLAG_RW | CTLFLAG_LOCKED,
962 &if_bridge_debug, 0, "Bridge debug");
963
964 static int if_bridge_segmentation = 1;
965 SYSCTL_INT(_net_link_bridge, OID_AUTO, segmentation,
966 CTLFLAG_RW | CTLFLAG_LOCKED,
967 &if_bridge_segmentation, 0, "Bridge interface enable segmentation");
968
969 static void printf_ether_header(struct ether_header *);
970 static void printf_mbuf_data(mbuf_t, size_t, size_t);
971 static void printf_mbuf_pkthdr(mbuf_t, const char *, const char *);
972 static void printf_mbuf(mbuf_t, const char *, const char *);
973 static void link_print(struct bridge_softc * sc);
974
975 static void bridge_lock(struct bridge_softc *);
976 static void bridge_unlock(struct bridge_softc *);
977 static int bridge_lock2ref(struct bridge_softc *);
978 static void bridge_unref(struct bridge_softc *);
979 static void bridge_xlock(struct bridge_softc *);
980 static void bridge_xdrop(struct bridge_softc *);
981
982 static void
983 bridge_lock(struct bridge_softc *sc)
984 {
985 void *lr_saved = __builtin_return_address(0);
986
987 BRIDGE_LOCK_ASSERT_NOTHELD(sc);
988
989 _BRIDGE_LOCK(sc);
990
991 sc->lock_lr[sc->next_lock_lr] = lr_saved;
992 sc->next_lock_lr = (sc->next_lock_lr + 1) % SO_LCKDBG_MAX;
993 }
994
995 static void
996 bridge_unlock(struct bridge_softc *sc)
997 {
998 void *lr_saved = __builtin_return_address(0);
999
1000 BRIDGE_LOCK_ASSERT_HELD(sc);
1001
1002 sc->unlock_lr[sc->next_unlock_lr] = lr_saved;
1003 sc->next_unlock_lr = (sc->next_unlock_lr + 1) % SO_LCKDBG_MAX;
1004
1005 _BRIDGE_UNLOCK(sc);
1006 }
1007
1008 static int
1009 bridge_lock2ref(struct bridge_softc *sc)
1010 {
1011 int error = 0;
1012 void *lr_saved = __builtin_return_address(0);
1013
1014 BRIDGE_LOCK_ASSERT_HELD(sc);
1015
1016 if (sc->sc_iflist_xcnt > 0) {
1017 error = EBUSY;
1018 } else {
1019 sc->sc_iflist_ref++;
1020 }
1021
1022 sc->unlock_lr[sc->next_unlock_lr] = lr_saved;
1023 sc->next_unlock_lr = (sc->next_unlock_lr + 1) % SO_LCKDBG_MAX;
1024
1025 _BRIDGE_UNLOCK(sc);
1026
1027 return error;
1028 }
1029
1030 static void
1031 bridge_unref(struct bridge_softc *sc)
1032 {
1033 void *lr_saved = __builtin_return_address(0);
1034
1035 BRIDGE_LOCK_ASSERT_NOTHELD(sc);
1036
1037 _BRIDGE_LOCK(sc);
1038 sc->lock_lr[sc->next_lock_lr] = lr_saved;
1039 sc->next_lock_lr = (sc->next_lock_lr + 1) % SO_LCKDBG_MAX;
1040
1041 sc->sc_iflist_ref--;
1042
1043 sc->unlock_lr[sc->next_unlock_lr] = lr_saved;
1044 sc->next_unlock_lr = (sc->next_unlock_lr + 1) % SO_LCKDBG_MAX;
1045 if ((sc->sc_iflist_xcnt > 0) && (sc->sc_iflist_ref == 0)) {
1046 _BRIDGE_UNLOCK(sc);
1047 wakeup(&sc->sc_cv);
1048 } else {
1049 _BRIDGE_UNLOCK(sc);
1050 }
1051 }
1052
1053 static void
1054 bridge_xlock(struct bridge_softc *sc)
1055 {
1056 void *lr_saved = __builtin_return_address(0);
1057
1058 BRIDGE_LOCK_ASSERT_HELD(sc);
1059
1060 sc->sc_iflist_xcnt++;
1061 while (sc->sc_iflist_ref > 0) {
1062 sc->unlock_lr[sc->next_unlock_lr] = lr_saved;
1063 sc->next_unlock_lr = (sc->next_unlock_lr + 1) % SO_LCKDBG_MAX;
1064
1065 msleep(&sc->sc_cv, &sc->sc_mtx, PZERO, "BRIDGE_XLOCK", NULL);
1066
1067 sc->lock_lr[sc->next_lock_lr] = lr_saved;
1068 sc->next_lock_lr = (sc->next_lock_lr + 1) % SO_LCKDBG_MAX;
1069 }
1070 }
1071
1072 static void
1073 bridge_xdrop(struct bridge_softc *sc)
1074 {
1075 BRIDGE_LOCK_ASSERT_HELD(sc);
1076
1077 sc->sc_iflist_xcnt--;
1078 }
1079
1080 void
1081 printf_mbuf_pkthdr(mbuf_t m, const char *prefix, const char *suffix)
1082 {
1083 if (m) {
1084 printf("%spktlen: %u rcvif: 0x%llx header: 0x%llx "
1085 "nextpkt: 0x%llx%s",
1086 prefix ? prefix : "", (unsigned int)mbuf_pkthdr_len(m),
1087 (uint64_t)VM_KERNEL_ADDRPERM(mbuf_pkthdr_rcvif(m)),
1088 (uint64_t)VM_KERNEL_ADDRPERM(mbuf_pkthdr_header(m)),
1089 (uint64_t)VM_KERNEL_ADDRPERM(mbuf_nextpkt(m)),
1090 suffix ? suffix : "");
1091 } else {
1092 printf("%s<NULL>%s\n", prefix, suffix);
1093 }
1094 }
1095
1096 void
1097 printf_mbuf(mbuf_t m, const char *prefix, const char *suffix)
1098 {
1099 if (m) {
1100 printf("%s0x%llx type: %u flags: 0x%x len: %u data: 0x%llx "
1101 "maxlen: %u datastart: 0x%llx next: 0x%llx%s",
1102 prefix ? prefix : "", (uint64_t)VM_KERNEL_ADDRPERM(m),
1103 mbuf_type(m), mbuf_flags(m), (unsigned int)mbuf_len(m),
1104 (uint64_t)VM_KERNEL_ADDRPERM(mbuf_data(m)),
1105 (unsigned int)mbuf_maxlen(m),
1106 (uint64_t)VM_KERNEL_ADDRPERM(mbuf_datastart(m)),
1107 (uint64_t)VM_KERNEL_ADDRPERM(mbuf_next(m)),
1108 !suffix || (mbuf_flags(m) & MBUF_PKTHDR) ? "" : suffix);
1109 if ((mbuf_flags(m) & MBUF_PKTHDR)) {
1110 printf_mbuf_pkthdr(m, " ", suffix);
1111 }
1112 } else {
1113 printf("%s<NULL>%s\n", prefix, suffix);
1114 }
1115 }
1116
1117 void
1118 printf_mbuf_data(mbuf_t m, size_t offset, size_t len)
1119 {
1120 mbuf_t n;
1121 size_t i, j;
1122 size_t pktlen, mlen, maxlen;
1123 unsigned char *ptr;
1124
1125 pktlen = mbuf_pkthdr_len(m);
1126
1127 if (offset > pktlen) {
1128 return;
1129 }
1130
1131 maxlen = (pktlen - offset > len) ? len : pktlen - offset;
1132 n = m;
1133 mlen = mbuf_len(n);
1134 ptr = mbuf_data(n);
1135 for (i = 0, j = 0; i < maxlen; i++, j++) {
1136 if (j >= mlen) {
1137 n = mbuf_next(n);
1138 if (n == 0) {
1139 break;
1140 }
1141 ptr = mbuf_data(n);
1142 mlen = mbuf_len(n);
1143 j = 0;
1144 }
1145 if (i >= offset) {
1146 printf("%02x%s", ptr[j], i % 2 ? " " : "");
1147 }
1148 }
1149 }
1150
1151 static void
1152 printf_ether_header(struct ether_header *eh)
1153 {
1154 printf("%02x:%02x:%02x:%02x:%02x:%02x > "
1155 "%02x:%02x:%02x:%02x:%02x:%02x 0x%04x ",
1156 eh->ether_shost[0], eh->ether_shost[1], eh->ether_shost[2],
1157 eh->ether_shost[3], eh->ether_shost[4], eh->ether_shost[5],
1158 eh->ether_dhost[0], eh->ether_dhost[1], eh->ether_dhost[2],
1159 eh->ether_dhost[3], eh->ether_dhost[4], eh->ether_dhost[5],
1160 ntohs(eh->ether_type));
1161 }
1162
1163 static void
1164 link_print(struct bridge_softc * sc)
1165 {
1166 int i;
1167 uint32_t sdl_buffer[offsetof(struct sockaddr_dl, sdl_data) +
1168 IFNAMSIZ + ETHER_ADDR_LEN];
1169 struct sockaddr_dl *sdl = (struct sockaddr_dl *)sdl_buffer;
1170
1171 memset(sdl, 0, sizeof(sdl_buffer));
1172 sdl->sdl_family = AF_LINK;
1173 sdl->sdl_nlen = strlen(sc->sc_if_xname);
1174 sdl->sdl_alen = ETHER_ADDR_LEN;
1175 sdl->sdl_len = offsetof(struct sockaddr_dl, sdl_data);
1176 memcpy(sdl->sdl_data, sc->sc_if_xname, sdl->sdl_nlen);
1177 memcpy(LLADDR(sdl), sc->sc_defaddr, ETHER_ADDR_LEN);
1178
1179 #if 1
1180 printf("sdl len %d index %d family %d type 0x%x nlen %d alen %d"
1181 " slen %d addr ", sdl->sdl_len, sdl->sdl_index,
1182 sdl->sdl_family, sdl->sdl_type, sdl->sdl_nlen,
1183 sdl->sdl_alen, sdl->sdl_slen);
1184 #endif
1185 for (i = 0; i < sdl->sdl_alen; i++) {
1186 printf("%s%x", i ? ":" : "", (CONST_LLADDR(sdl))[i]);
1187 }
1188 printf("\n");
1189 }
1190
1191 static boolean_t
1192 bridge_debug_flag_is_set(uint32_t flag)
1193 {
1194 return (if_bridge_debug & flag) != 0;
1195 }
1196
1197 #endif /* BRIDGE_DEBUG */
1198
1199 /*
1200 * bridgeattach:
1201 *
1202 * Pseudo-device attach routine.
1203 */
1204 __private_extern__ int
1205 bridgeattach(int n)
1206 {
1207 #pragma unused(n)
1208 int error;
1209 lck_grp_attr_t *lck_grp_attr = NULL;
1210
1211 lck_grp_attr = lck_grp_attr_alloc_init();
1212
1213 bridge_lock_grp = lck_grp_alloc_init("if_bridge", lck_grp_attr);
1214
1215 bridge_lock_attr = lck_attr_alloc_init();
1216
1217 #if BRIDGE_DEBUG
1218 lck_attr_setdebug(bridge_lock_attr);
1219 #endif
1220
1221 lck_mtx_init(&bridge_list_mtx, bridge_lock_grp, bridge_lock_attr);
1222
1223 /* can free the attributes once we've allocated the group lock */
1224 lck_grp_attr_free(lck_grp_attr);
1225
1226 LIST_INIT(&bridge_list);
1227
1228 #if BRIDGESTP
1229 bstp_sys_init();
1230 #endif /* BRIDGESTP */
1231
1232 error = if_clone_attach(&bridge_cloner);
1233 if (error != 0) {
1234 printf("%s: ifnet_clone_attach failed %d\n", __func__, error);
1235 }
1236
1237 return error;
1238 }
1239
1240
1241 static errno_t
1242 bridge_ifnet_set_attrs(struct ifnet * ifp)
1243 {
1244 errno_t error;
1245
1246 error = ifnet_set_mtu(ifp, ETHERMTU);
1247 if (error != 0) {
1248 printf("%s: ifnet_set_mtu failed %d\n", __func__, error);
1249 goto done;
1250 }
1251 error = ifnet_set_addrlen(ifp, ETHER_ADDR_LEN);
1252 if (error != 0) {
1253 printf("%s: ifnet_set_addrlen failed %d\n", __func__, error);
1254 goto done;
1255 }
1256 error = ifnet_set_hdrlen(ifp, ETHER_HDR_LEN);
1257 if (error != 0) {
1258 printf("%s: ifnet_set_hdrlen failed %d\n", __func__, error);
1259 goto done;
1260 }
1261 error = ifnet_set_flags(ifp,
1262 IFF_BROADCAST | IFF_SIMPLEX | IFF_NOTRAILERS | IFF_MULTICAST,
1263 0xffff);
1264
1265 if (error != 0) {
1266 printf("%s: ifnet_set_flags failed %d\n", __func__, error);
1267 goto done;
1268 }
1269 done:
1270 return error;
1271 }
1272
1273 /*
1274 * bridge_clone_create:
1275 *
1276 * Create a new bridge instance.
1277 */
1278 static int
1279 bridge_clone_create(struct if_clone *ifc, uint32_t unit, void *params)
1280 {
1281 #pragma unused(params)
1282 struct ifnet *ifp = NULL;
1283 struct bridge_softc *sc = NULL;
1284 struct bridge_softc *sc2 = NULL;
1285 struct ifnet_init_eparams init_params;
1286 errno_t error = 0;
1287 uint8_t eth_hostid[ETHER_ADDR_LEN];
1288 int fb, retry, has_hostid;
1289
1290 sc = if_clone_softc_allocate(&bridge_cloner);
1291 if (sc == NULL) {
1292 error = ENOMEM;
1293 goto done;
1294 }
1295
1296 lck_mtx_init(&sc->sc_mtx, bridge_lock_grp, bridge_lock_attr);
1297 sc->sc_brtmax = BRIDGE_RTABLE_MAX;
1298 sc->sc_mne_max = BRIDGE_MAC_NAT_ENTRY_MAX;
1299 sc->sc_brttimeout = BRIDGE_RTABLE_TIMEOUT;
1300 sc->sc_filter_flags = 0;
1301
1302 TAILQ_INIT(&sc->sc_iflist);
1303
1304 /* use the interface name as the unique id for ifp recycle */
1305 snprintf(sc->sc_if_xname, sizeof(sc->sc_if_xname), "%s%d",
1306 ifc->ifc_name, unit);
1307 bzero(&init_params, sizeof(init_params));
1308 init_params.ver = IFNET_INIT_CURRENT_VERSION;
1309 init_params.len = sizeof(init_params);
1310 /* Initialize our routing table. */
1311 error = bridge_rtable_init(sc);
1312 if (error != 0) {
1313 printf("%s: bridge_rtable_init failed %d\n",
1314 __func__, error);
1315 goto done;
1316 }
1317 TAILQ_INIT(&sc->sc_spanlist);
1318 if (if_bridge_txstart) {
1319 init_params.start = bridge_start;
1320 } else {
1321 init_params.flags = IFNET_INIT_LEGACY;
1322 init_params.output = bridge_output;
1323 }
1324 init_params.set_bpf_tap = bridge_set_bpf_tap;
1325 init_params.uniqueid = sc->sc_if_xname;
1326 init_params.uniqueid_len = strlen(sc->sc_if_xname);
1327 init_params.sndq_maxlen = IFQ_MAXLEN;
1328 init_params.name = ifc->ifc_name;
1329 init_params.unit = unit;
1330 init_params.family = IFNET_FAMILY_ETHERNET;
1331 init_params.type = IFT_BRIDGE;
1332 init_params.demux = ether_demux;
1333 init_params.add_proto = ether_add_proto;
1334 init_params.del_proto = ether_del_proto;
1335 init_params.check_multi = ether_check_multi;
1336 init_params.framer_extended = ether_frameout_extended;
1337 init_params.softc = sc;
1338 init_params.ioctl = bridge_ioctl;
1339 init_params.detach = bridge_detach;
1340 init_params.broadcast_addr = etherbroadcastaddr;
1341 init_params.broadcast_len = ETHER_ADDR_LEN;
1342
1343 error = ifnet_allocate_extended(&init_params, &ifp);
1344 if (error != 0) {
1345 printf("%s: ifnet_allocate failed %d\n",
1346 __func__, error);
1347 goto done;
1348 }
1349 LIST_INIT(&sc->sc_mne_list);
1350 LIST_INIT(&sc->sc_mne_list_v6);
1351 sc->sc_ifp = ifp;
1352 error = bridge_ifnet_set_attrs(ifp);
1353 if (error != 0) {
1354 printf("%s: bridge_ifnet_set_attrs failed %d\n",
1355 __func__, error);
1356 goto done;
1357 }
1358 /*
1359 * Generate an ethernet address with a locally administered address.
1360 *
1361 * Since we are using random ethernet addresses for the bridge, it is
1362 * possible that we might have address collisions, so make sure that
1363 * this hardware address isn't already in use on another bridge.
1364 * The first try uses the "hostid" and falls back to read_frandom();
1365 * for "hostid", we use the MAC address of the first-encountered
1366 * Ethernet-type interface that is currently configured.
1367 */
1368 fb = 0;
1369 has_hostid = (uuid_get_ethernet(&eth_hostid[0]) == 0);
1370 for (retry = 1; retry != 0;) {
1371 if (fb || has_hostid == 0) {
1372 read_frandom(&sc->sc_defaddr, ETHER_ADDR_LEN);
1373 sc->sc_defaddr[0] &= ~1; /* clear multicast bit */
1374 sc->sc_defaddr[0] |= 2; /* set the LAA bit */
1375 } else {
1376 bcopy(&eth_hostid[0], &sc->sc_defaddr,
1377 ETHER_ADDR_LEN);
1378 sc->sc_defaddr[0] &= ~1; /* clear multicast bit */
1379 sc->sc_defaddr[0] |= 2; /* set the LAA bit */
1380 sc->sc_defaddr[3] = /* stir it up a bit */
1381 ((sc->sc_defaddr[3] & 0x0f) << 4) |
1382 ((sc->sc_defaddr[3] & 0xf0) >> 4);
1383 /*
1384 * Mix in the LSB as it's actually pretty significant,
1385 * see rdar://14076061
1386 */
1387 sc->sc_defaddr[4] =
1388 (((sc->sc_defaddr[4] & 0x0f) << 4) |
1389 ((sc->sc_defaddr[4] & 0xf0) >> 4)) ^
1390 sc->sc_defaddr[5];
1391 sc->sc_defaddr[5] = ifp->if_unit & 0xff;
1392 }
1393
1394 fb = 1;
1395 retry = 0;
1396 lck_mtx_lock(&bridge_list_mtx);
1397 LIST_FOREACH(sc2, &bridge_list, sc_list) {
1398 if (memcmp(sc->sc_defaddr,
1399 IF_LLADDR(sc2->sc_ifp), ETHER_ADDR_LEN) == 0) {
1400 retry = 1;
1401 }
1402 }
1403 lck_mtx_unlock(&bridge_list_mtx);
1404 }
1405
1406 sc->sc_flags &= ~SCF_MEDIA_ACTIVE;
1407
1408 #if BRIDGE_DEBUG
1409 if (IF_BRIDGE_DEBUG(BR_DBGF_LIFECYCLE)) {
1410 link_print(sc);
1411 }
1412 #endif
1413 error = ifnet_attach(ifp, NULL);
1414 if (error != 0) {
1415 printf("%s: ifnet_attach failed %d\n", __func__, error);
1416 goto done;
1417 }
1418
1419 error = ifnet_set_lladdr_and_type(ifp, sc->sc_defaddr, ETHER_ADDR_LEN,
1420 IFT_ETHER);
1421 if (error != 0) {
1422 printf("%s: ifnet_set_lladdr_and_type failed %d\n", __func__,
1423 error);
1424 goto done;
1425 }
1426
1427 ifnet_set_offload(ifp,
1428 IFNET_CSUM_IP | IFNET_CSUM_TCP | IFNET_CSUM_UDP |
1429 IFNET_CSUM_TCPIPV6 | IFNET_CSUM_UDPIPV6 | IFNET_MULTIPAGES);
1430 error = bridge_set_tso(sc);
1431 if (error != 0) {
1432 printf("%s: bridge_set_tso failed %d\n",
1433 __func__, error);
1434 goto done;
1435 }
1436 #if BRIDGESTP
1437 bstp_attach(&sc->sc_stp, &bridge_ops);
1438 #endif /* BRIDGESTP */
1439
1440 lck_mtx_lock(&bridge_list_mtx);
1441 LIST_INSERT_HEAD(&bridge_list, sc, sc_list);
1442 lck_mtx_unlock(&bridge_list_mtx);
1443
1444 /* attach as ethernet */
1445 error = bpf_attach(ifp, DLT_EN10MB, sizeof(struct ether_header),
1446 NULL, NULL);
1447
1448 done:
1449 if (error != 0) {
1450 printf("%s failed error %d\n", __func__, error);
1451 /* TBD: Clean up: sc, sc_rthash etc */
1452 }
1453
1454 return error;
1455 }
1456
1457 /*
1458 * bridge_clone_destroy:
1459 *
1460 * Destroy a bridge instance.
1461 */
1462 static int
1463 bridge_clone_destroy(struct ifnet *ifp)
1464 {
1465 struct bridge_softc *sc = ifp->if_softc;
1466 struct bridge_iflist *bif;
1467 errno_t error;
1468
1469 BRIDGE_LOCK(sc);
1470 if ((sc->sc_flags & SCF_DETACHING)) {
1471 BRIDGE_UNLOCK(sc);
1472 return 0;
1473 }
1474 sc->sc_flags |= SCF_DETACHING;
1475
1476 bridge_ifstop(ifp, 1);
1477
1478 bridge_cancel_delayed_call(&sc->sc_resize_call);
1479
1480 bridge_cleanup_delayed_call(&sc->sc_resize_call);
1481 bridge_cleanup_delayed_call(&sc->sc_aging_timer);
1482
1483 error = ifnet_set_flags(ifp, 0, IFF_UP);
1484 if (error != 0) {
1485 printf("%s: ifnet_set_flags failed %d\n", __func__, error);
1486 }
1487
1488 while ((bif = TAILQ_FIRST(&sc->sc_iflist)) != NULL) {
1489 bridge_delete_member(sc, bif, 0);
1490 }
1491
1492 while ((bif = TAILQ_FIRST(&sc->sc_spanlist)) != NULL) {
1493 bridge_delete_span(sc, bif);
1494 }
1495 BRIDGE_UNLOCK(sc);
1496
1497 error = ifnet_detach(ifp);
1498 if (error != 0) {
1499 panic("%s: ifnet_detach(%p) failed %d\n",
1500 __func__, ifp, error);
1501 }
1502 return 0;
1503 }
1504
1505 #define DRVSPEC do { \
1506 if (ifd->ifd_cmd >= bridge_control_table_size) { \
1507 error = EINVAL; \
1508 break; \
1509 } \
1510 bc = &bridge_control_table[ifd->ifd_cmd]; \
1511 \
1512 if (cmd == SIOCGDRVSPEC && \
1513 (bc->bc_flags & BC_F_COPYOUT) == 0) { \
1514 error = EINVAL; \
1515 break; \
1516 } else if (cmd == SIOCSDRVSPEC && \
1517 (bc->bc_flags & BC_F_COPYOUT) != 0) { \
1518 error = EINVAL; \
1519 break; \
1520 } \
1521 \
1522 if (bc->bc_flags & BC_F_SUSER) { \
1523 error = kauth_authorize_generic(kauth_cred_get(), \
1524 KAUTH_GENERIC_ISSUSER); \
1525 if (error) \
1526 break; \
1527 } \
1528 \
1529 if (ifd->ifd_len != bc->bc_argsize || \
1530 ifd->ifd_len > sizeof (args)) { \
1531 error = EINVAL; \
1532 break; \
1533 } \
1534 \
1535 bzero(&args, sizeof (args)); \
1536 if (bc->bc_flags & BC_F_COPYIN) { \
1537 error = copyin(ifd->ifd_data, &args, ifd->ifd_len); \
1538 if (error) \
1539 break; \
1540 } \
1541 \
1542 BRIDGE_LOCK(sc); \
1543 error = (*bc->bc_func)(sc, &args); \
1544 BRIDGE_UNLOCK(sc); \
1545 if (error) \
1546 break; \
1547 \
1548 if (bc->bc_flags & BC_F_COPYOUT) \
1549 error = copyout(&args, ifd->ifd_data, ifd->ifd_len); \
1550 } while (0)
1551
1552 /*
1553 * bridge_ioctl:
1554 *
1555 * Handle a control request from the operator.
1556 */
1557 static errno_t
1558 bridge_ioctl(struct ifnet *ifp, u_long cmd, void *data)
1559 {
1560 struct bridge_softc *sc = ifp->if_softc;
1561 struct ifreq *ifr = (struct ifreq *)data;
1562 struct bridge_iflist *bif;
1563 int error = 0;
1564
1565 BRIDGE_LOCK_ASSERT_NOTHELD(sc);
1566
1567 #if BRIDGE_DEBUG
1568 if (IF_BRIDGE_DEBUG(BR_DBGF_IOCTL)) {
1569 printf("%s: ifp %s cmd 0x%08lx (%c%c [%lu] %c %lu)\n",
1570 __func__, ifp->if_xname, cmd, (cmd & IOC_IN) ? 'I' : ' ',
1571 (cmd & IOC_OUT) ? 'O' : ' ', IOCPARM_LEN(cmd),
1572 (char)IOCGROUP(cmd), cmd & 0xff);
1573 }
1574 #endif /* BRIDGE_DEBUG */
1575
1576 switch (cmd) {
1577 case SIOCSIFADDR:
1578 case SIOCAIFADDR:
1579 ifnet_set_flags(ifp, IFF_UP, IFF_UP);
1580 break;
1581
1582 case SIOCGIFMEDIA32:
1583 case SIOCGIFMEDIA64: {
1584 struct ifmediareq *ifmr = (struct ifmediareq *)data;
1585 user_addr_t user_addr;
1586
1587 user_addr = (cmd == SIOCGIFMEDIA64) ?
1588 ((struct ifmediareq64 *)ifmr)->ifmu_ulist :
1589 CAST_USER_ADDR_T(((struct ifmediareq32 *)ifmr)->ifmu_ulist);
1590
1591 ifmr->ifm_status = IFM_AVALID;
1592 ifmr->ifm_mask = 0;
1593 ifmr->ifm_count = 1;
1594
1595 BRIDGE_LOCK(sc);
1596 if (!(sc->sc_flags & SCF_DETACHING) &&
1597 (sc->sc_flags & SCF_MEDIA_ACTIVE)) {
1598 ifmr->ifm_status |= IFM_ACTIVE;
1599 ifmr->ifm_active = ifmr->ifm_current =
1600 IFM_ETHER | IFM_AUTO;
1601 } else {
1602 ifmr->ifm_active = ifmr->ifm_current = IFM_NONE;
1603 }
1604 BRIDGE_UNLOCK(sc);
1605
1606 if (user_addr != USER_ADDR_NULL) {
1607 error = copyout(&ifmr->ifm_current, user_addr,
1608 sizeof(int));
1609 }
1610 break;
1611 }
1612
1613 case SIOCADDMULTI:
1614 case SIOCDELMULTI:
1615 break;
1616
1617 case SIOCSDRVSPEC32:
1618 case SIOCGDRVSPEC32: {
1619 union {
1620 struct ifbreq ifbreq;
1621 struct ifbifconf32 ifbifconf;
1622 struct ifbareq32 ifbareq;
1623 struct ifbaconf32 ifbaconf;
1624 struct ifbrparam ifbrparam;
1625 struct ifbropreq32 ifbropreq;
1626 } args;
1627 struct ifdrv32 *ifd = (struct ifdrv32 *)data;
1628 const struct bridge_control *bridge_control_table =
1629 bridge_control_table32, *bc;
1630
1631 DRVSPEC;
1632
1633 break;
1634 }
1635 case SIOCSDRVSPEC64:
1636 case SIOCGDRVSPEC64: {
1637 union {
1638 struct ifbreq ifbreq;
1639 struct ifbifconf64 ifbifconf;
1640 struct ifbareq64 ifbareq;
1641 struct ifbaconf64 ifbaconf;
1642 struct ifbrparam ifbrparam;
1643 struct ifbropreq64 ifbropreq;
1644 } args;
1645 struct ifdrv64 *ifd = (struct ifdrv64 *)data;
1646 const struct bridge_control *bridge_control_table =
1647 bridge_control_table64, *bc;
1648
1649 DRVSPEC;
1650
1651 break;
1652 }
1653
1654 case SIOCSIFFLAGS:
1655 if (!(ifp->if_flags & IFF_UP) &&
1656 (ifp->if_flags & IFF_RUNNING)) {
1657 /*
1658 * If interface is marked down and it is running,
1659 * then stop and disable it.
1660 */
1661 BRIDGE_LOCK(sc);
1662 bridge_ifstop(ifp, 1);
1663 BRIDGE_UNLOCK(sc);
1664 } else if ((ifp->if_flags & IFF_UP) &&
1665 !(ifp->if_flags & IFF_RUNNING)) {
1666 /*
1667 * If interface is marked up and it is stopped, then
1668 * start it.
1669 */
1670 BRIDGE_LOCK(sc);
1671 error = bridge_init(ifp);
1672 BRIDGE_UNLOCK(sc);
1673 }
1674 break;
1675
1676 case SIOCSIFLLADDR:
1677 error = ifnet_set_lladdr(ifp, ifr->ifr_addr.sa_data,
1678 ifr->ifr_addr.sa_len);
1679 if (error != 0) {
1680 printf("%s: SIOCSIFLLADDR error %d\n", ifp->if_xname,
1681 error);
1682 }
1683 break;
1684
1685 case SIOCSIFMTU:
1686 if (ifr->ifr_mtu < 576) {
1687 error = EINVAL;
1688 break;
1689 }
1690 BRIDGE_LOCK(sc);
1691 if (TAILQ_EMPTY(&sc->sc_iflist)) {
1692 sc->sc_ifp->if_mtu = ifr->ifr_mtu;
1693 BRIDGE_UNLOCK(sc);
1694 break;
1695 }
1696 TAILQ_FOREACH(bif, &sc->sc_iflist, bif_next) {
1697 if (bif->bif_ifp->if_mtu != (unsigned)ifr->ifr_mtu) {
1698 printf("%s: invalid MTU: %u(%s) != %d\n",
1699 sc->sc_ifp->if_xname,
1700 bif->bif_ifp->if_mtu,
1701 bif->bif_ifp->if_xname, ifr->ifr_mtu);
1702 error = EINVAL;
1703 break;
1704 }
1705 }
1706 if (!error) {
1707 sc->sc_ifp->if_mtu = ifr->ifr_mtu;
1708 }
1709 BRIDGE_UNLOCK(sc);
1710 break;
1711
1712 default:
1713 error = ether_ioctl(ifp, cmd, data);
1714 #if BRIDGE_DEBUG
1715 if (error != 0 && error != EOPNOTSUPP) {
1716 printf("%s: ifp %s cmd 0x%08lx "
1717 "(%c%c [%lu] %c %lu) failed error: %d\n",
1718 __func__, ifp->if_xname, cmd,
1719 (cmd & IOC_IN) ? 'I' : ' ',
1720 (cmd & IOC_OUT) ? 'O' : ' ',
1721 IOCPARM_LEN(cmd), (char)IOCGROUP(cmd),
1722 cmd & 0xff, error);
1723 }
1724 #endif /* BRIDGE_DEBUG */
1725 break;
1726 }
1727 BRIDGE_LOCK_ASSERT_NOTHELD(sc);
1728
1729 return error;
1730 }
1731
1732 #if HAS_IF_CAP
1733 /*
1734 * bridge_mutecaps:
1735 *
1736 * Clear or restore unwanted capabilities on the member interface
1737 */
1738 static void
1739 bridge_mutecaps(struct bridge_softc *sc)
1740 {
1741 struct bridge_iflist *bif;
1742 int enabled, mask;
1743
1744 /* Initial bitmask of capabilities to test */
1745 mask = BRIDGE_IFCAPS_MASK;
1746
1747 TAILQ_FOREACH(bif, &sc->sc_iflist, bif_next) {
1748 /* Every member must support it or its disabled */
1749 mask &= bif->bif_savedcaps;
1750 }
1751
1752 TAILQ_FOREACH(bif, &sc->sc_iflist, bif_next) {
1753 enabled = bif->bif_ifp->if_capenable;
1754 enabled &= ~BRIDGE_IFCAPS_STRIP;
1755 /* strip off mask bits and enable them again if allowed */
1756 enabled &= ~BRIDGE_IFCAPS_MASK;
1757 enabled |= mask;
1758
1759 bridge_set_ifcap(sc, bif, enabled);
1760 }
1761 }
1762
1763 static void
1764 bridge_set_ifcap(struct bridge_softc *sc, struct bridge_iflist *bif, int set)
1765 {
1766 struct ifnet *ifp = bif->bif_ifp;
1767 struct ifreq ifr;
1768 int error;
1769
1770 bzero(&ifr, sizeof(ifr));
1771 ifr.ifr_reqcap = set;
1772
1773 if (ifp->if_capenable != set) {
1774 IFF_LOCKGIANT(ifp);
1775 error = (*ifp->if_ioctl)(ifp, SIOCSIFCAP, (caddr_t)&ifr);
1776 IFF_UNLOCKGIANT(ifp);
1777 if (error) {
1778 printf("%s: %s error setting interface capabilities "
1779 "on %s\n", __func__, sc->sc_ifp->if_xname,
1780 ifp->if_xname);
1781 }
1782 }
1783 }
1784 #endif /* HAS_IF_CAP */
1785
1786 static errno_t
1787 bridge_set_tso(struct bridge_softc *sc)
1788 {
1789 struct bridge_iflist *bif;
1790 u_int32_t tso_v4_mtu;
1791 u_int32_t tso_v6_mtu;
1792 ifnet_offload_t offload;
1793 errno_t error = 0;
1794
1795 /* By default, support TSO */
1796 offload = sc->sc_ifp->if_hwassist | IFNET_TSO_IPV4 | IFNET_TSO_IPV6;
1797 tso_v4_mtu = IP_MAXPACKET;
1798 tso_v6_mtu = IP_MAXPACKET;
1799
1800 /* Use the lowest common denominator of the members */
1801 TAILQ_FOREACH(bif, &sc->sc_iflist, bif_next) {
1802 ifnet_t ifp = bif->bif_ifp;
1803
1804 if (ifp == NULL) {
1805 continue;
1806 }
1807
1808 if (offload & IFNET_TSO_IPV4) {
1809 if (ifp->if_hwassist & IFNET_TSO_IPV4) {
1810 if (tso_v4_mtu > ifp->if_tso_v4_mtu) {
1811 tso_v4_mtu = ifp->if_tso_v4_mtu;
1812 }
1813 } else {
1814 offload &= ~IFNET_TSO_IPV4;
1815 tso_v4_mtu = 0;
1816 }
1817 }
1818 if (offload & IFNET_TSO_IPV6) {
1819 if (ifp->if_hwassist & IFNET_TSO_IPV6) {
1820 if (tso_v6_mtu > ifp->if_tso_v6_mtu) {
1821 tso_v6_mtu = ifp->if_tso_v6_mtu;
1822 }
1823 } else {
1824 offload &= ~IFNET_TSO_IPV6;
1825 tso_v6_mtu = 0;
1826 }
1827 }
1828 }
1829
1830 if (offload != sc->sc_ifp->if_hwassist) {
1831 error = ifnet_set_offload(sc->sc_ifp, offload);
1832 if (error != 0) {
1833 #if BRIDGE_DEBUG
1834 if (IF_BRIDGE_DEBUG(BR_DBGF_LIFECYCLE)) {
1835 printf("%s: ifnet_set_offload(%s, 0x%x) "
1836 "failed %d\n", __func__,
1837 sc->sc_ifp->if_xname, offload, error);
1838 }
1839 #endif /* BRIDGE_DEBUG */
1840 goto done;
1841 }
1842 /*
1843 * For ifnet_set_tso_mtu() sake, the TSO MTU must be at least
1844 * as large as the interface MTU
1845 */
1846 if (sc->sc_ifp->if_hwassist & IFNET_TSO_IPV4) {
1847 if (tso_v4_mtu < sc->sc_ifp->if_mtu) {
1848 tso_v4_mtu = sc->sc_ifp->if_mtu;
1849 }
1850 error = ifnet_set_tso_mtu(sc->sc_ifp, AF_INET,
1851 tso_v4_mtu);
1852 if (error != 0) {
1853 #if BRIDGE_DEBUG
1854 if (IF_BRIDGE_DEBUG(BR_DBGF_LIFECYCLE)) {
1855 printf("%s: ifnet_set_tso_mtu(%s, "
1856 "AF_INET, %u) failed %d\n",
1857 __func__, sc->sc_ifp->if_xname,
1858 tso_v4_mtu, error);
1859 }
1860 #endif /* BRIDGE_DEBUG */
1861 goto done;
1862 }
1863 }
1864 if (sc->sc_ifp->if_hwassist & IFNET_TSO_IPV6) {
1865 if (tso_v6_mtu < sc->sc_ifp->if_mtu) {
1866 tso_v6_mtu = sc->sc_ifp->if_mtu;
1867 }
1868 error = ifnet_set_tso_mtu(sc->sc_ifp, AF_INET6,
1869 tso_v6_mtu);
1870 if (error != 0) {
1871 #if BRIDGE_DEBUG
1872 if (IF_BRIDGE_DEBUG(BR_DBGF_LIFECYCLE)) {
1873 printf("%s: ifnet_set_tso_mtu(%s, "
1874 "AF_INET6, %u) failed %d\n",
1875 __func__, sc->sc_ifp->if_xname,
1876 tso_v6_mtu, error);
1877 }
1878 #endif /* BRIDGE_DEBUG */
1879 goto done;
1880 }
1881 }
1882 }
1883 done:
1884 return error;
1885 }
1886
1887 /*
1888 * bridge_lookup_member:
1889 *
1890 * Lookup a bridge member interface.
1891 */
1892 static struct bridge_iflist *
1893 bridge_lookup_member(struct bridge_softc *sc, const char *name)
1894 {
1895 struct bridge_iflist *bif;
1896 struct ifnet *ifp;
1897
1898 BRIDGE_LOCK_ASSERT_HELD(sc);
1899
1900 TAILQ_FOREACH(bif, &sc->sc_iflist, bif_next) {
1901 ifp = bif->bif_ifp;
1902 if (strcmp(ifp->if_xname, name) == 0) {
1903 return bif;
1904 }
1905 }
1906
1907 return NULL;
1908 }
1909
1910 /*
1911 * bridge_lookup_member_if:
1912 *
1913 * Lookup a bridge member interface by ifnet*.
1914 */
1915 static struct bridge_iflist *
1916 bridge_lookup_member_if(struct bridge_softc *sc, struct ifnet *member_ifp)
1917 {
1918 struct bridge_iflist *bif;
1919
1920 BRIDGE_LOCK_ASSERT_HELD(sc);
1921
1922 TAILQ_FOREACH(bif, &sc->sc_iflist, bif_next) {
1923 if (bif->bif_ifp == member_ifp) {
1924 return bif;
1925 }
1926 }
1927
1928 return NULL;
1929 }
1930
1931 static errno_t
1932 bridge_iff_input(void *cookie, ifnet_t ifp, protocol_family_t protocol,
1933 mbuf_t *data, char **frame_ptr)
1934 {
1935 #pragma unused(protocol)
1936 errno_t error = 0;
1937 struct bridge_iflist *bif = (struct bridge_iflist *)cookie;
1938 struct bridge_softc *sc = bif->bif_sc;
1939 int included = 0;
1940 size_t frmlen = 0;
1941 mbuf_t m = *data;
1942
1943 if ((m->m_flags & M_PROTO1)) {
1944 goto out;
1945 }
1946
1947 if (*frame_ptr >= (char *)mbuf_datastart(m) &&
1948 *frame_ptr <= (char *)mbuf_data(m)) {
1949 included = 1;
1950 frmlen = (char *)mbuf_data(m) - *frame_ptr;
1951 }
1952 #if BRIDGE_DEBUG
1953 if (IF_BRIDGE_DEBUG(BR_DBGF_INPUT)) {
1954 printf("%s: %s from %s m 0x%llx data 0x%llx frame 0x%llx %s "
1955 "frmlen %lu\n", __func__, sc->sc_ifp->if_xname,
1956 ifp->if_xname, (uint64_t)VM_KERNEL_ADDRPERM(m),
1957 (uint64_t)VM_KERNEL_ADDRPERM(mbuf_data(m)),
1958 (uint64_t)VM_KERNEL_ADDRPERM(*frame_ptr),
1959 included ? "inside" : "outside", frmlen);
1960
1961 if (IF_BRIDGE_DEBUG(BR_DBGF_MBUF)) {
1962 printf_mbuf(m, "bridge_iff_input[", "\n");
1963 printf_ether_header((struct ether_header *)
1964 (void *)*frame_ptr);
1965 printf_mbuf_data(m, 0, 20);
1966 printf("\n");
1967 }
1968 }
1969 #endif /* BRIDGE_DEBUG */
1970 if (included == 0) {
1971 if (IF_BRIDGE_DEBUG(BR_DBGF_INPUT)) {
1972 printf("%s: frame_ptr outside mbuf\n", __func__);
1973 }
1974 goto out;
1975 }
1976
1977 /* Move data pointer to start of frame to the link layer header */
1978 (void) mbuf_setdata(m, (char *)mbuf_data(m) - frmlen,
1979 mbuf_len(m) + frmlen);
1980 (void) mbuf_pkthdr_adjustlen(m, frmlen);
1981
1982 /* make sure we can access the ethernet header */
1983 if (mbuf_pkthdr_len(m) < sizeof(struct ether_header)) {
1984 if (IF_BRIDGE_DEBUG(BR_DBGF_INPUT)) {
1985 printf("%s: short frame %lu < %lu\n", __func__,
1986 mbuf_pkthdr_len(m), sizeof(struct ether_header));
1987 }
1988 goto out;
1989 }
1990 if (mbuf_len(m) < sizeof(struct ether_header)) {
1991 error = mbuf_pullup(data, sizeof(struct ether_header));
1992 if (error != 0) {
1993 if (IF_BRIDGE_DEBUG(BR_DBGF_INPUT)) {
1994 printf("%s: mbuf_pullup(%lu) failed %d\n",
1995 __func__, sizeof(struct ether_header),
1996 error);
1997 }
1998 error = EJUSTRETURN;
1999 goto out;
2000 }
2001 if (m != *data) {
2002 m = *data;
2003 *frame_ptr = mbuf_data(m);
2004 }
2005 }
2006
2007 error = bridge_input(ifp, data);
2008
2009 /* Adjust packet back to original */
2010 if (error == 0) {
2011 /* bridge_input might have modified *data */
2012 if (*data != m) {
2013 m = *data;
2014 *frame_ptr = mbuf_data(m);
2015 }
2016 (void) mbuf_setdata(m, (char *)mbuf_data(m) + frmlen,
2017 mbuf_len(m) - frmlen);
2018 (void) mbuf_pkthdr_adjustlen(m, -frmlen);
2019 }
2020 #if BRIDGE_DEBUG
2021 if (IF_BRIDGE_DEBUG(BR_DBGF_INPUT) &&
2022 IF_BRIDGE_DEBUG(BR_DBGF_MBUF)) {
2023 printf("\n");
2024 printf_mbuf(m, "bridge_iff_input]", "\n");
2025 }
2026 #endif /* BRIDGE_DEBUG */
2027
2028 out:
2029 BRIDGE_LOCK_ASSERT_NOTHELD(sc);
2030
2031 return error;
2032 }
2033
2034 static errno_t
2035 bridge_iff_output(void *cookie, ifnet_t ifp, protocol_family_t protocol,
2036 mbuf_t *data)
2037 {
2038 #pragma unused(protocol)
2039 errno_t error = 0;
2040 struct bridge_iflist *bif = (struct bridge_iflist *)cookie;
2041 struct bridge_softc *sc = bif->bif_sc;
2042 mbuf_t m = *data;
2043
2044 if ((m->m_flags & M_PROTO1)) {
2045 goto out;
2046 }
2047
2048 #if BRIDGE_DEBUG
2049 if (IF_BRIDGE_DEBUG(BR_DBGF_OUTPUT)) {
2050 printf("%s: %s from %s m 0x%llx data 0x%llx\n", __func__,
2051 sc->sc_ifp->if_xname, ifp->if_xname,
2052 (uint64_t)VM_KERNEL_ADDRPERM(m),
2053 (uint64_t)VM_KERNEL_ADDRPERM(mbuf_data(m)));
2054 }
2055 #endif /* BRIDGE_DEBUG */
2056
2057 error = bridge_member_output(sc, ifp, data);
2058 if (error != 0 && error != EJUSTRETURN) {
2059 printf("%s: bridge_member_output failed error %d\n", __func__,
2060 error);
2061 }
2062 out:
2063 BRIDGE_LOCK_ASSERT_NOTHELD(sc);
2064
2065 return error;
2066 }
2067
2068 static void
2069 bridge_iff_event(void *cookie, ifnet_t ifp, protocol_family_t protocol,
2070 const struct kev_msg *event_msg)
2071 {
2072 #pragma unused(protocol)
2073 struct bridge_iflist *bif = (struct bridge_iflist *)cookie;
2074 struct bridge_softc *sc = bif->bif_sc;
2075
2076 if (event_msg->vendor_code == KEV_VENDOR_APPLE &&
2077 event_msg->kev_class == KEV_NETWORK_CLASS &&
2078 event_msg->kev_subclass == KEV_DL_SUBCLASS) {
2079 #if BRIDGE_DEBUG
2080 if (IF_BRIDGE_DEBUG(BR_DBGF_LIFECYCLE)) {
2081 printf("%s: %s event_code %u - %s\n", __func__,
2082 ifp->if_xname, event_msg->event_code,
2083 dlil_kev_dl_code_str(event_msg->event_code));
2084 }
2085 #endif /* BRIDGE_DEBUG */
2086
2087 switch (event_msg->event_code) {
2088 case KEV_DL_IF_DETACHING:
2089 case KEV_DL_IF_DETACHED: {
2090 bridge_ifdetach(ifp);
2091 break;
2092 }
2093 case KEV_DL_LINK_OFF:
2094 case KEV_DL_LINK_ON: {
2095 bridge_iflinkevent(ifp);
2096 #if BRIDGESTP
2097 bstp_linkstate(ifp, event_msg->event_code);
2098 #endif /* BRIDGESTP */
2099 break;
2100 }
2101 case KEV_DL_SIFFLAGS: {
2102 if ((bif->bif_flags & BIFF_PROMISC) == 0 &&
2103 (ifp->if_flags & IFF_UP)) {
2104 errno_t error;
2105
2106 error = ifnet_set_promiscuous(ifp, 1);
2107 if (error != 0) {
2108 printf("%s: "
2109 "ifnet_set_promiscuous (%s)"
2110 " failed %d\n",
2111 __func__, ifp->if_xname,
2112 error);
2113 } else {
2114 bif->bif_flags |= BIFF_PROMISC;
2115 }
2116 }
2117 break;
2118 }
2119 case KEV_DL_IFCAP_CHANGED: {
2120 BRIDGE_LOCK(sc);
2121 bridge_set_tso(sc);
2122 BRIDGE_UNLOCK(sc);
2123 break;
2124 }
2125 case KEV_DL_PROTO_DETACHED:
2126 case KEV_DL_PROTO_ATTACHED: {
2127 bridge_proto_attach_changed(ifp);
2128 break;
2129 }
2130 default:
2131 break;
2132 }
2133 }
2134 }
2135
2136 /*
2137 * bridge_iff_detached:
2138 *
2139 * Detach an interface from a bridge. Called when a member
2140 * interface is detaching.
2141 */
2142 static void
2143 bridge_iff_detached(void *cookie, ifnet_t ifp)
2144 {
2145 struct bridge_iflist *bif = (struct bridge_iflist *)cookie;
2146
2147 #if BRIDGE_DEBUG
2148 if (IF_BRIDGE_DEBUG(BR_DBGF_LIFECYCLE)) {
2149 printf("%s: %s\n", __func__, ifp->if_xname);
2150 }
2151 #endif /* BRIDGE_DEBUG */
2152
2153 bridge_ifdetach(ifp);
2154
2155 _FREE(bif, M_DEVBUF);
2156 }
2157
2158 static errno_t
2159 bridge_proto_input(ifnet_t ifp, protocol_family_t protocol, mbuf_t packet,
2160 char *header)
2161 {
2162 #pragma unused(protocol, packet, header)
2163 #if BRIDGE_DEBUG
2164 printf("%s: unexpected packet from %s\n", __func__,
2165 ifp->if_xname);
2166 #endif /* BRIDGE_DEBUG */
2167 return 0;
2168 }
2169
2170 static int
2171 bridge_attach_protocol(struct ifnet *ifp)
2172 {
2173 int error;
2174 struct ifnet_attach_proto_param reg;
2175
2176 #if BRIDGE_DEBUG
2177 if (IF_BRIDGE_DEBUG(BR_DBGF_LIFECYCLE)) {
2178 printf("%s: %s\n", __func__, ifp->if_xname);
2179 }
2180 #endif /* BRIDGE_DEBUG */
2181
2182 bzero(&reg, sizeof(reg));
2183 reg.input = bridge_proto_input;
2184
2185 error = ifnet_attach_protocol(ifp, PF_BRIDGE, &reg);
2186 if (error) {
2187 printf("%s: ifnet_attach_protocol(%s) failed, %d\n",
2188 __func__, ifp->if_xname, error);
2189 }
2190
2191 return error;
2192 }
2193
2194 static int
2195 bridge_detach_protocol(struct ifnet *ifp)
2196 {
2197 int error;
2198
2199 #if BRIDGE_DEBUG
2200 if (IF_BRIDGE_DEBUG(BR_DBGF_LIFECYCLE)) {
2201 printf("%s: %s\n", __func__, ifp->if_xname);
2202 }
2203 #endif /* BRIDGE_DEBUG */
2204 error = ifnet_detach_protocol(ifp, PF_BRIDGE);
2205 if (error) {
2206 printf("%s: ifnet_detach_protocol(%s) failed, %d\n",
2207 __func__, ifp->if_xname, error);
2208 }
2209
2210 return error;
2211 }
2212
2213 /*
2214 * bridge_delete_member:
2215 *
2216 * Delete the specified member interface.
2217 */
2218 static void
2219 bridge_delete_member(struct bridge_softc *sc, struct bridge_iflist *bif,
2220 int gone)
2221 {
2222 struct ifnet *ifs = bif->bif_ifp, *bifp = sc->sc_ifp;
2223 int lladdr_changed = 0, error, filt_attached;
2224 uint8_t eaddr[ETHER_ADDR_LEN];
2225 u_int32_t event_code = 0;
2226
2227 BRIDGE_LOCK_ASSERT_HELD(sc);
2228 VERIFY(ifs != NULL);
2229
2230 /*
2231 * Remove the member from the list first so it cannot be found anymore
2232 * when we release the bridge lock below
2233 */
2234 BRIDGE_XLOCK(sc);
2235 TAILQ_REMOVE(&sc->sc_iflist, bif, bif_next);
2236 BRIDGE_XDROP(sc);
2237
2238 if (sc->sc_mac_nat_bif != NULL) {
2239 if (bif == sc->sc_mac_nat_bif) {
2240 bridge_mac_nat_disable(sc);
2241 } else {
2242 bridge_mac_nat_flush_entries(sc, bif);
2243 }
2244 }
2245
2246 if (!gone) {
2247 switch (ifs->if_type) {
2248 case IFT_ETHER:
2249 case IFT_L2VLAN:
2250 /*
2251 * Take the interface out of promiscuous mode.
2252 */
2253 if (bif->bif_flags & BIFF_PROMISC) {
2254 /*
2255 * Unlock to prevent deadlock with bridge_iff_event() in
2256 * case the driver generates an interface event
2257 */
2258 BRIDGE_UNLOCK(sc);
2259 (void) ifnet_set_promiscuous(ifs, 0);
2260 BRIDGE_LOCK(sc);
2261 }
2262 break;
2263
2264 case IFT_GIF:
2265 /* currently not supported */
2266 /* FALLTHRU */
2267 default:
2268 VERIFY(0);
2269 /* NOTREACHED */
2270 }
2271
2272 #if HAS_IF_CAP
2273 /* reneable any interface capabilities */
2274 bridge_set_ifcap(sc, bif, bif->bif_savedcaps);
2275 #endif
2276 }
2277
2278 if (bif->bif_flags & BIFF_PROTO_ATTACHED) {
2279 /* Respect lock ordering with DLIL lock */
2280 BRIDGE_UNLOCK(sc);
2281 (void) bridge_detach_protocol(ifs);
2282 BRIDGE_LOCK(sc);
2283 }
2284 #if BRIDGESTP
2285 if ((bif->bif_ifflags & IFBIF_STP) != 0) {
2286 bstp_disable(&bif->bif_stp);
2287 }
2288 #endif /* BRIDGESTP */
2289
2290 /*
2291 * If removing the interface that gave the bridge its mac address, set
2292 * the mac address of the bridge to the address of the next member, or
2293 * to its default address if no members are left.
2294 */
2295 if (bridge_inherit_mac && sc->sc_ifaddr == ifs) {
2296 ifnet_release(sc->sc_ifaddr);
2297 if (TAILQ_EMPTY(&sc->sc_iflist)) {
2298 bcopy(sc->sc_defaddr, eaddr, ETHER_ADDR_LEN);
2299 sc->sc_ifaddr = NULL;
2300 } else {
2301 struct ifnet *fif =
2302 TAILQ_FIRST(&sc->sc_iflist)->bif_ifp;
2303 bcopy(IF_LLADDR(fif), eaddr, ETHER_ADDR_LEN);
2304 sc->sc_ifaddr = fif;
2305 ifnet_reference(fif); /* for sc_ifaddr */
2306 }
2307 lladdr_changed = 1;
2308 }
2309
2310 #if HAS_IF_CAP
2311 bridge_mutecaps(sc); /* recalculate now this interface is removed */
2312 #endif /* HAS_IF_CAP */
2313
2314 error = bridge_set_tso(sc);
2315 if (error != 0) {
2316 printf("%s: bridge_set_tso failed %d\n", __func__, error);
2317 }
2318
2319 bridge_rtdelete(sc, ifs, IFBF_FLUSHALL);
2320
2321 KASSERT(bif->bif_addrcnt == 0,
2322 ("%s: %d bridge routes referenced", __func__, bif->bif_addrcnt));
2323
2324 filt_attached = bif->bif_flags & BIFF_FILTER_ATTACHED;
2325
2326 /*
2327 * Update link status of the bridge based on its remaining members
2328 */
2329 event_code = bridge_updatelinkstatus(sc);
2330
2331 BRIDGE_UNLOCK(sc);
2332
2333
2334 if (lladdr_changed &&
2335 (error = ifnet_set_lladdr(bifp, eaddr, ETHER_ADDR_LEN)) != 0) {
2336 printf("%s: ifnet_set_lladdr failed %d\n", __func__, error);
2337 }
2338
2339 if (event_code != 0) {
2340 bridge_link_event(bifp, event_code);
2341 }
2342
2343 #if BRIDGESTP
2344 bstp_destroy(&bif->bif_stp); /* prepare to free */
2345 #endif /* BRIDGESTP */
2346
2347 if (filt_attached) {
2348 iflt_detach(bif->bif_iff_ref);
2349 } else {
2350 _FREE(bif, M_DEVBUF);
2351 }
2352
2353 ifs->if_bridge = NULL;
2354 ifnet_release(ifs);
2355
2356 BRIDGE_LOCK(sc);
2357 }
2358
2359 /*
2360 * bridge_delete_span:
2361 *
2362 * Delete the specified span interface.
2363 */
2364 static void
2365 bridge_delete_span(struct bridge_softc *sc, struct bridge_iflist *bif)
2366 {
2367 BRIDGE_LOCK_ASSERT_HELD(sc);
2368
2369 KASSERT(bif->bif_ifp->if_bridge == NULL,
2370 ("%s: not a span interface", __func__));
2371
2372 ifnet_release(bif->bif_ifp);
2373
2374 TAILQ_REMOVE(&sc->sc_spanlist, bif, bif_next);
2375 _FREE(bif, M_DEVBUF);
2376 }
2377
2378 static int
2379 bridge_ioctl_add(struct bridge_softc *sc, void *arg)
2380 {
2381 struct ifbreq *req = arg;
2382 struct bridge_iflist *bif = NULL;
2383 struct ifnet *ifs, *bifp = sc->sc_ifp;
2384 int error = 0, lladdr_changed = 0;
2385 uint8_t eaddr[ETHER_ADDR_LEN];
2386 struct iff_filter iff;
2387 u_int32_t event_code = 0;
2388 boolean_t mac_nat = FALSE;
2389
2390 ifs = ifunit(req->ifbr_ifsname);
2391 if (ifs == NULL) {
2392 return ENOENT;
2393 }
2394 if (ifs->if_ioctl == NULL) { /* must be supported */
2395 return EINVAL;
2396 }
2397
2398 if (IFNET_IS_INTCOPROC(ifs)) {
2399 return EINVAL;
2400 }
2401
2402 /* If it's in the span list, it can't be a member. */
2403 TAILQ_FOREACH(bif, &sc->sc_spanlist, bif_next) {
2404 if (ifs == bif->bif_ifp) {
2405 return EBUSY;
2406 }
2407 }
2408
2409 if (ifs->if_bridge == sc) {
2410 return EEXIST;
2411 }
2412
2413 if (ifs->if_bridge != NULL) {
2414 return EBUSY;
2415 }
2416
2417 switch (ifs->if_type) {
2418 case IFT_ETHER:
2419 if (strcmp(ifs->if_name, "en") == 0 &&
2420 ifs->if_subfamily == IFNET_SUBFAMILY_WIFI &&
2421 (ifs->if_eflags & IFEF_IPV4_ROUTER) == 0) {
2422 /* XXX is there a better way to identify Wi-Fi STA? */
2423 mac_nat = TRUE;
2424 }
2425 break;
2426 case IFT_L2VLAN:
2427 break;
2428 case IFT_GIF:
2429 /* currently not supported */
2430 /* FALLTHRU */
2431 default:
2432 return EINVAL;
2433 }
2434
2435 /* fail to add the interface if the MTU doesn't match */
2436 if (!TAILQ_EMPTY(&sc->sc_iflist) && sc->sc_ifp->if_mtu != ifs->if_mtu) {
2437 printf("%s: %s: invalid MTU for %s", __func__,
2438 sc->sc_ifp->if_xname,
2439 ifs->if_xname);
2440 return EINVAL;
2441 }
2442
2443 /* there's already an interface that's doing MAC NAT */
2444 if (mac_nat && sc->sc_mac_nat_bif != NULL) {
2445 return EBUSY;
2446 }
2447 bif = _MALLOC(sizeof(*bif), M_DEVBUF, M_WAITOK | M_ZERO);
2448 if (bif == NULL) {
2449 return ENOMEM;
2450 }
2451 bif->bif_ifp = ifs;
2452 ifnet_reference(ifs);
2453 bif->bif_ifflags |= IFBIF_LEARNING | IFBIF_DISCOVER;
2454 #if HAS_IF_CAP
2455 bif->bif_savedcaps = ifs->if_capenable;
2456 #endif /* HAS_IF_CAP */
2457 bif->bif_sc = sc;
2458 if (mac_nat) {
2459 (void)bridge_mac_nat_enable(sc, bif);
2460 }
2461
2462 /* Allow the first Ethernet member to define the MTU */
2463 if (TAILQ_EMPTY(&sc->sc_iflist)) {
2464 sc->sc_ifp->if_mtu = ifs->if_mtu;
2465 }
2466
2467 /*
2468 * Assign the interface's MAC address to the bridge if it's the first
2469 * member and the MAC address of the bridge has not been changed from
2470 * the default (randomly) generated one.
2471 */
2472 if (bridge_inherit_mac && TAILQ_EMPTY(&sc->sc_iflist) &&
2473 !memcmp(IF_LLADDR(sc->sc_ifp), sc->sc_defaddr, ETHER_ADDR_LEN)) {
2474 bcopy(IF_LLADDR(ifs), eaddr, ETHER_ADDR_LEN);
2475 sc->sc_ifaddr = ifs;
2476 ifnet_reference(ifs); /* for sc_ifaddr */
2477 lladdr_changed = 1;
2478 }
2479
2480 ifs->if_bridge = sc;
2481 #if BRIDGESTP
2482 bstp_create(&sc->sc_stp, &bif->bif_stp, bif->bif_ifp);
2483 #endif /* BRIDGESTP */
2484
2485 /*
2486 * XXX: XLOCK HERE!?!
2487 */
2488 TAILQ_INSERT_TAIL(&sc->sc_iflist, bif, bif_next);
2489
2490 #if HAS_IF_CAP
2491 /* Set interface capabilities to the intersection set of all members */
2492 bridge_mutecaps(sc);
2493 #endif /* HAS_IF_CAP */
2494
2495 bridge_set_tso(sc);
2496
2497
2498 /*
2499 * Place the interface into promiscuous mode.
2500 */
2501 switch (ifs->if_type) {
2502 case IFT_ETHER:
2503 case IFT_L2VLAN:
2504 error = ifnet_set_promiscuous(ifs, 1);
2505 if (error) {
2506 /* Ignore error when device is not up */
2507 if (error != ENETDOWN) {
2508 goto out;
2509 }
2510 error = 0;
2511 } else {
2512 bif->bif_flags |= BIFF_PROMISC;
2513 }
2514 break;
2515
2516 default:
2517 break;
2518 }
2519
2520 /*
2521 * The new member may change the link status of the bridge interface
2522 */
2523 if (interface_media_active(ifs)) {
2524 bif->bif_flags |= BIFF_MEDIA_ACTIVE;
2525 } else {
2526 bif->bif_flags &= ~BIFF_MEDIA_ACTIVE;
2527 }
2528
2529 event_code = bridge_updatelinkstatus(sc);
2530
2531 /*
2532 * Respect lock ordering with DLIL lock for the following operations
2533 */
2534 BRIDGE_UNLOCK(sc);
2535
2536
2537 /*
2538 * install an interface filter
2539 */
2540 memset(&iff, 0, sizeof(struct iff_filter));
2541 iff.iff_cookie = bif;
2542 iff.iff_name = "com.apple.kernel.bsd.net.if_bridge";
2543 iff.iff_input = bridge_iff_input;
2544 iff.iff_output = bridge_iff_output;
2545 iff.iff_event = bridge_iff_event;
2546 iff.iff_detached = bridge_iff_detached;
2547 error = dlil_attach_filter(ifs, &iff, &bif->bif_iff_ref,
2548 DLIL_IFF_TSO | DLIL_IFF_INTERNAL);
2549 if (error != 0) {
2550 printf("%s: iflt_attach failed %d\n", __func__, error);
2551 BRIDGE_LOCK(sc);
2552 goto out;
2553 }
2554 BRIDGE_LOCK(sc);
2555 bif->bif_flags |= BIFF_FILTER_ATTACHED;
2556 BRIDGE_UNLOCK(sc);
2557
2558 /*
2559 * install a dummy "bridge" protocol
2560 */
2561 if ((error = bridge_attach_protocol(ifs)) != 0) {
2562 if (error != 0) {
2563 printf("%s: bridge_attach_protocol failed %d\n",
2564 __func__, error);
2565 BRIDGE_LOCK(sc);
2566 goto out;
2567 }
2568 }
2569 BRIDGE_LOCK(sc);
2570 bif->bif_flags |= BIFF_PROTO_ATTACHED;
2571 BRIDGE_UNLOCK(sc);
2572
2573 if (lladdr_changed &&
2574 (error = ifnet_set_lladdr(bifp, eaddr, ETHER_ADDR_LEN)) != 0) {
2575 printf("%s: ifnet_set_lladdr failed %d\n", __func__, error);
2576 }
2577
2578 if (event_code != 0) {
2579 bridge_link_event(bifp, event_code);
2580 }
2581
2582 BRIDGE_LOCK(sc);
2583
2584 out:
2585 if (error && bif != NULL) {
2586 bridge_delete_member(sc, bif, 1);
2587 }
2588
2589 return error;
2590 }
2591
2592 static int
2593 bridge_ioctl_del(struct bridge_softc *sc, void *arg)
2594 {
2595 struct ifbreq *req = arg;
2596 struct bridge_iflist *bif;
2597
2598 bif = bridge_lookup_member(sc, req->ifbr_ifsname);
2599 if (bif == NULL) {
2600 return ENOENT;
2601 }
2602
2603 bridge_delete_member(sc, bif, 0);
2604
2605 return 0;
2606 }
2607
2608 static int
2609 bridge_ioctl_purge(struct bridge_softc *sc, void *arg)
2610 {
2611 #pragma unused(sc, arg)
2612 return 0;
2613 }
2614
2615 static int
2616 bridge_ioctl_gifflags(struct bridge_softc *sc, void *arg)
2617 {
2618 struct ifbreq *req = arg;
2619 struct bridge_iflist *bif;
2620
2621 bif = bridge_lookup_member(sc, req->ifbr_ifsname);
2622 if (bif == NULL) {
2623 return ENOENT;
2624 }
2625
2626 struct bstp_port *bp;
2627
2628 bp = &bif->bif_stp;
2629 req->ifbr_state = bp->bp_state;
2630 req->ifbr_priority = bp->bp_priority;
2631 req->ifbr_path_cost = bp->bp_path_cost;
2632 req->ifbr_proto = bp->bp_protover;
2633 req->ifbr_role = bp->bp_role;
2634 req->ifbr_stpflags = bp->bp_flags;
2635 req->ifbr_ifsflags = bif->bif_ifflags;
2636
2637 /* Copy STP state options as flags */
2638 if (bp->bp_operedge) {
2639 req->ifbr_ifsflags |= IFBIF_BSTP_EDGE;
2640 }
2641 if (bp->bp_flags & BSTP_PORT_AUTOEDGE) {
2642 req->ifbr_ifsflags |= IFBIF_BSTP_AUTOEDGE;
2643 }
2644 if (bp->bp_ptp_link) {
2645 req->ifbr_ifsflags |= IFBIF_BSTP_PTP;
2646 }
2647 if (bp->bp_flags & BSTP_PORT_AUTOPTP) {
2648 req->ifbr_ifsflags |= IFBIF_BSTP_AUTOPTP;
2649 }
2650 if (bp->bp_flags & BSTP_PORT_ADMEDGE) {
2651 req->ifbr_ifsflags |= IFBIF_BSTP_ADMEDGE;
2652 }
2653 if (bp->bp_flags & BSTP_PORT_ADMCOST) {
2654 req->ifbr_ifsflags |= IFBIF_BSTP_ADMCOST;
2655 }
2656
2657 req->ifbr_portno = bif->bif_ifp->if_index & 0xfff;
2658 req->ifbr_addrcnt = bif->bif_addrcnt;
2659 req->ifbr_addrmax = bif->bif_addrmax;
2660 req->ifbr_addrexceeded = bif->bif_addrexceeded;
2661
2662 return 0;
2663 }
2664
2665 static int
2666 bridge_ioctl_sifflags(struct bridge_softc *sc, void *arg)
2667 {
2668 struct ifbreq *req = arg;
2669 struct bridge_iflist *bif;
2670 #if BRIDGESTP
2671 struct bstp_port *bp;
2672 int error;
2673 #endif /* BRIDGESTP */
2674
2675 bif = bridge_lookup_member(sc, req->ifbr_ifsname);
2676 if (bif == NULL) {
2677 return ENOENT;
2678 }
2679
2680 if (req->ifbr_ifsflags & IFBIF_SPAN) {
2681 /* SPAN is readonly */
2682 return EINVAL;
2683 }
2684 if ((req->ifbr_ifsflags & IFBIF_MAC_NAT) != 0) {
2685 errno_t error;
2686 error = bridge_mac_nat_enable(sc, bif);
2687 if (error != 0) {
2688 return error;
2689 }
2690 } else if (sc->sc_mac_nat_bif != NULL) {
2691 bridge_mac_nat_disable(sc);
2692 }
2693
2694
2695 #if BRIDGESTP
2696 if (req->ifbr_ifsflags & IFBIF_STP) {
2697 if ((bif->bif_ifflags & IFBIF_STP) == 0) {
2698 error = bstp_enable(&bif->bif_stp);
2699 if (error) {
2700 return error;
2701 }
2702 }
2703 } else {
2704 if ((bif->bif_ifflags & IFBIF_STP) != 0) {
2705 bstp_disable(&bif->bif_stp);
2706 }
2707 }
2708
2709 /* Pass on STP flags */
2710 bp = &bif->bif_stp;
2711 bstp_set_edge(bp, req->ifbr_ifsflags & IFBIF_BSTP_EDGE ? 1 : 0);
2712 bstp_set_autoedge(bp, req->ifbr_ifsflags & IFBIF_BSTP_AUTOEDGE ? 1 : 0);
2713 bstp_set_ptp(bp, req->ifbr_ifsflags & IFBIF_BSTP_PTP ? 1 : 0);
2714 bstp_set_autoptp(bp, req->ifbr_ifsflags & IFBIF_BSTP_AUTOPTP ? 1 : 0);
2715 #else /* !BRIDGESTP */
2716 if (req->ifbr_ifsflags & IFBIF_STP) {
2717 return EOPNOTSUPP;
2718 }
2719 #endif /* !BRIDGESTP */
2720
2721 /* Save the bits relating to the bridge */
2722 bif->bif_ifflags = req->ifbr_ifsflags & IFBIFMASK;
2723
2724
2725 return 0;
2726 }
2727
2728 static int
2729 bridge_ioctl_scache(struct bridge_softc *sc, void *arg)
2730 {
2731 struct ifbrparam *param = arg;
2732
2733 sc->sc_brtmax = param->ifbrp_csize;
2734 bridge_rttrim(sc);
2735 return 0;
2736 }
2737
2738 static int
2739 bridge_ioctl_gcache(struct bridge_softc *sc, void *arg)
2740 {
2741 struct ifbrparam *param = arg;
2742
2743 param->ifbrp_csize = sc->sc_brtmax;
2744
2745 return 0;
2746 }
2747
2748 #define BRIDGE_IOCTL_GIFS do { \
2749 struct bridge_iflist *bif; \
2750 struct ifbreq breq; \
2751 char *buf, *outbuf; \
2752 unsigned int count, buflen, len; \
2753 \
2754 count = 0; \
2755 TAILQ_FOREACH(bif, &sc->sc_iflist, bif_next) \
2756 count++; \
2757 TAILQ_FOREACH(bif, &sc->sc_spanlist, bif_next) \
2758 count++; \
2759 \
2760 buflen = sizeof (breq) * count; \
2761 if (bifc->ifbic_len == 0) { \
2762 bifc->ifbic_len = buflen; \
2763 return (0); \
2764 } \
2765 BRIDGE_UNLOCK(sc); \
2766 outbuf = _MALLOC(buflen, M_TEMP, M_WAITOK | M_ZERO); \
2767 BRIDGE_LOCK(sc); \
2768 \
2769 count = 0; \
2770 buf = outbuf; \
2771 len = min(bifc->ifbic_len, buflen); \
2772 bzero(&breq, sizeof (breq)); \
2773 TAILQ_FOREACH(bif, &sc->sc_iflist, bif_next) { \
2774 if (len < sizeof (breq)) \
2775 break; \
2776 \
2777 snprintf(breq.ifbr_ifsname, sizeof (breq.ifbr_ifsname), \
2778 "%s", bif->bif_ifp->if_xname); \
2779 /* Fill in the ifbreq structure */ \
2780 error = bridge_ioctl_gifflags(sc, &breq); \
2781 if (error) \
2782 break; \
2783 memcpy(buf, &breq, sizeof (breq)); \
2784 count++; \
2785 buf += sizeof (breq); \
2786 len -= sizeof (breq); \
2787 } \
2788 TAILQ_FOREACH(bif, &sc->sc_spanlist, bif_next) { \
2789 if (len < sizeof (breq)) \
2790 break; \
2791 \
2792 snprintf(breq.ifbr_ifsname, \
2793 sizeof (breq.ifbr_ifsname), \
2794 "%s", bif->bif_ifp->if_xname); \
2795 breq.ifbr_ifsflags = bif->bif_ifflags; \
2796 breq.ifbr_portno \
2797 = bif->bif_ifp->if_index & 0xfff; \
2798 memcpy(buf, &breq, sizeof (breq)); \
2799 count++; \
2800 buf += sizeof (breq); \
2801 len -= sizeof (breq); \
2802 } \
2803 \
2804 BRIDGE_UNLOCK(sc); \
2805 bifc->ifbic_len = sizeof (breq) * count; \
2806 error = copyout(outbuf, bifc->ifbic_req, bifc->ifbic_len); \
2807 BRIDGE_LOCK(sc); \
2808 _FREE(outbuf, M_TEMP); \
2809 } while (0)
2810
2811 static int
2812 bridge_ioctl_gifs64(struct bridge_softc *sc, void *arg)
2813 {
2814 struct ifbifconf64 *bifc = arg;
2815 int error = 0;
2816
2817 BRIDGE_IOCTL_GIFS;
2818
2819 return error;
2820 }
2821
2822 static int
2823 bridge_ioctl_gifs32(struct bridge_softc *sc, void *arg)
2824 {
2825 struct ifbifconf32 *bifc = arg;
2826 int error = 0;
2827
2828 BRIDGE_IOCTL_GIFS;
2829
2830 return error;
2831 }
2832
2833 #define BRIDGE_IOCTL_RTS do { \
2834 struct bridge_rtnode *brt; \
2835 char *buf; \
2836 char *outbuf = NULL; \
2837 unsigned int count, buflen, len; \
2838 unsigned long now; \
2839 \
2840 if (bac->ifbac_len == 0) \
2841 return (0); \
2842 \
2843 bzero(&bareq, sizeof (bareq)); \
2844 count = 0; \
2845 LIST_FOREACH(brt, &sc->sc_rtlist, brt_list) \
2846 count++; \
2847 buflen = sizeof (bareq) * count; \
2848 \
2849 BRIDGE_UNLOCK(sc); \
2850 outbuf = _MALLOC(buflen, M_TEMP, M_WAITOK | M_ZERO); \
2851 BRIDGE_LOCK(sc); \
2852 \
2853 count = 0; \
2854 buf = outbuf; \
2855 len = min(bac->ifbac_len, buflen); \
2856 LIST_FOREACH(brt, &sc->sc_rtlist, brt_list) { \
2857 if (len < sizeof (bareq)) \
2858 goto out; \
2859 snprintf(bareq.ifba_ifsname, sizeof (bareq.ifba_ifsname), \
2860 "%s", brt->brt_ifp->if_xname); \
2861 memcpy(bareq.ifba_dst, brt->brt_addr, sizeof (brt->brt_addr)); \
2862 bareq.ifba_vlan = brt->brt_vlan; \
2863 if ((brt->brt_flags & IFBAF_TYPEMASK) == IFBAF_DYNAMIC) { \
2864 now = (unsigned long) net_uptime(); \
2865 if (now < brt->brt_expire) \
2866 bareq.ifba_expire = \
2867 brt->brt_expire - now; \
2868 } else \
2869 bareq.ifba_expire = 0; \
2870 bareq.ifba_flags = brt->brt_flags; \
2871 \
2872 memcpy(buf, &bareq, sizeof (bareq)); \
2873 count++; \
2874 buf += sizeof (bareq); \
2875 len -= sizeof (bareq); \
2876 } \
2877 out: \
2878 bac->ifbac_len = sizeof (bareq) * count; \
2879 if (outbuf != NULL) { \
2880 BRIDGE_UNLOCK(sc); \
2881 error = copyout(outbuf, bac->ifbac_req, bac->ifbac_len); \
2882 _FREE(outbuf, M_TEMP); \
2883 BRIDGE_LOCK(sc); \
2884 } \
2885 return (error); \
2886 } while (0)
2887
2888 static int
2889 bridge_ioctl_rts64(struct bridge_softc *sc, void *arg)
2890 {
2891 struct ifbaconf64 *bac = arg;
2892 struct ifbareq64 bareq;
2893 int error = 0;
2894
2895 BRIDGE_IOCTL_RTS;
2896 return error;
2897 }
2898
2899 static int
2900 bridge_ioctl_rts32(struct bridge_softc *sc, void *arg)
2901 {
2902 struct ifbaconf32 *bac = arg;
2903 struct ifbareq32 bareq;
2904 int error = 0;
2905
2906 BRIDGE_IOCTL_RTS;
2907 return error;
2908 }
2909
2910 static int
2911 bridge_ioctl_saddr32(struct bridge_softc *sc, void *arg)
2912 {
2913 struct ifbareq32 *req = arg;
2914 struct bridge_iflist *bif;
2915 int error;
2916
2917 bif = bridge_lookup_member(sc, req->ifba_ifsname);
2918 if (bif == NULL) {
2919 return ENOENT;
2920 }
2921
2922 error = bridge_rtupdate(sc, req->ifba_dst, req->ifba_vlan, bif, 1,
2923 req->ifba_flags);
2924
2925 return error;
2926 }
2927
2928 static int
2929 bridge_ioctl_saddr64(struct bridge_softc *sc, void *arg)
2930 {
2931 struct ifbareq64 *req = arg;
2932 struct bridge_iflist *bif;
2933 int error;
2934
2935 bif = bridge_lookup_member(sc, req->ifba_ifsname);
2936 if (bif == NULL) {
2937 return ENOENT;
2938 }
2939
2940 error = bridge_rtupdate(sc, req->ifba_dst, req->ifba_vlan, bif, 1,
2941 req->ifba_flags);
2942
2943 return error;
2944 }
2945
2946 static int
2947 bridge_ioctl_sto(struct bridge_softc *sc, void *arg)
2948 {
2949 struct ifbrparam *param = arg;
2950
2951 sc->sc_brttimeout = param->ifbrp_ctime;
2952 return 0;
2953 }
2954
2955 static int
2956 bridge_ioctl_gto(struct bridge_softc *sc, void *arg)
2957 {
2958 struct ifbrparam *param = arg;
2959
2960 param->ifbrp_ctime = sc->sc_brttimeout;
2961 return 0;
2962 }
2963
2964 static int
2965 bridge_ioctl_daddr32(struct bridge_softc *sc, void *arg)
2966 {
2967 struct ifbareq32 *req = arg;
2968
2969 return bridge_rtdaddr(sc, req->ifba_dst, req->ifba_vlan);
2970 }
2971
2972 static int
2973 bridge_ioctl_daddr64(struct bridge_softc *sc, void *arg)
2974 {
2975 struct ifbareq64 *req = arg;
2976
2977 return bridge_rtdaddr(sc, req->ifba_dst, req->ifba_vlan);
2978 }
2979
2980 static int
2981 bridge_ioctl_flush(struct bridge_softc *sc, void *arg)
2982 {
2983 struct ifbreq *req = arg;
2984
2985 bridge_rtflush(sc, req->ifbr_ifsflags);
2986 return 0;
2987 }
2988
2989 static int
2990 bridge_ioctl_gpri(struct bridge_softc *sc, void *arg)
2991 {
2992 struct ifbrparam *param = arg;
2993 struct bstp_state *bs = &sc->sc_stp;
2994
2995 param->ifbrp_prio = bs->bs_bridge_priority;
2996 return 0;
2997 }
2998
2999 static int
3000 bridge_ioctl_spri(struct bridge_softc *sc, void *arg)
3001 {
3002 #if BRIDGESTP
3003 struct ifbrparam *param = arg;
3004
3005 return bstp_set_priority(&sc->sc_stp, param->ifbrp_prio);
3006 #else /* !BRIDGESTP */
3007 #pragma unused(sc, arg)
3008 return EOPNOTSUPP;
3009 #endif /* !BRIDGESTP */
3010 }
3011
3012 static int
3013 bridge_ioctl_ght(struct bridge_softc *sc, void *arg)
3014 {
3015 struct ifbrparam *param = arg;
3016 struct bstp_state *bs = &sc->sc_stp;
3017
3018 param->ifbrp_hellotime = bs->bs_bridge_htime >> 8;
3019 return 0;
3020 }
3021
3022 static int
3023 bridge_ioctl_sht(struct bridge_softc *sc, void *arg)
3024 {
3025 #if BRIDGESTP
3026 struct ifbrparam *param = arg;
3027
3028 return bstp_set_htime(&sc->sc_stp, param->ifbrp_hellotime);
3029 #else /* !BRIDGESTP */
3030 #pragma unused(sc, arg)
3031 return EOPNOTSUPP;
3032 #endif /* !BRIDGESTP */
3033 }
3034
3035 static int
3036 bridge_ioctl_gfd(struct bridge_softc *sc, void *arg)
3037 {
3038 struct ifbrparam *param;
3039 struct bstp_state *bs;
3040
3041 param = arg;
3042 bs = &sc->sc_stp;
3043 param->ifbrp_fwddelay = bs->bs_bridge_fdelay >> 8;
3044 return 0;
3045 }
3046
3047 static int
3048 bridge_ioctl_sfd(struct bridge_softc *sc, void *arg)
3049 {
3050 #if BRIDGESTP
3051 struct ifbrparam *param = arg;
3052
3053 return bstp_set_fdelay(&sc->sc_stp, param->ifbrp_fwddelay);
3054 #else /* !BRIDGESTP */
3055 #pragma unused(sc, arg)
3056 return EOPNOTSUPP;
3057 #endif /* !BRIDGESTP */
3058 }
3059
3060 static int
3061 bridge_ioctl_gma(struct bridge_softc *sc, void *arg)
3062 {
3063 struct ifbrparam *param;
3064 struct bstp_state *bs;
3065
3066 param = arg;
3067 bs = &sc->sc_stp;
3068 param->ifbrp_maxage = bs->bs_bridge_max_age >> 8;
3069 return 0;
3070 }
3071
3072 static int
3073 bridge_ioctl_sma(struct bridge_softc *sc, void *arg)
3074 {
3075 #if BRIDGESTP
3076 struct ifbrparam *param = arg;
3077
3078 return bstp_set_maxage(&sc->sc_stp, param->ifbrp_maxage);
3079 #else /* !BRIDGESTP */
3080 #pragma unused(sc, arg)
3081 return EOPNOTSUPP;
3082 #endif /* !BRIDGESTP */
3083 }
3084
3085 static int
3086 bridge_ioctl_sifprio(struct bridge_softc *sc, void *arg)
3087 {
3088 #if BRIDGESTP
3089 struct ifbreq *req = arg;
3090 struct bridge_iflist *bif;
3091
3092 bif = bridge_lookup_member(sc, req->ifbr_ifsname);
3093 if (bif == NULL) {
3094 return ENOENT;
3095 }
3096
3097 return bstp_set_port_priority(&bif->bif_stp, req->ifbr_priority);
3098 #else /* !BRIDGESTP */
3099 #pragma unused(sc, arg)
3100 return EOPNOTSUPP;
3101 #endif /* !BRIDGESTP */
3102 }
3103
3104 static int
3105 bridge_ioctl_sifcost(struct bridge_softc *sc, void *arg)
3106 {
3107 #if BRIDGESTP
3108 struct ifbreq *req = arg;
3109 struct bridge_iflist *bif;
3110
3111 bif = bridge_lookup_member(sc, req->ifbr_ifsname);
3112 if (bif == NULL) {
3113 return ENOENT;
3114 }
3115
3116 return bstp_set_path_cost(&bif->bif_stp, req->ifbr_path_cost);
3117 #else /* !BRIDGESTP */
3118 #pragma unused(sc, arg)
3119 return EOPNOTSUPP;
3120 #endif /* !BRIDGESTP */
3121 }
3122
3123 static int
3124 bridge_ioctl_gfilt(struct bridge_softc *sc, void *arg)
3125 {
3126 struct ifbrparam *param = arg;
3127
3128 param->ifbrp_filter = sc->sc_filter_flags;
3129
3130 return 0;
3131 }
3132
3133 static int
3134 bridge_ioctl_sfilt(struct bridge_softc *sc, void *arg)
3135 {
3136 struct ifbrparam *param = arg;
3137
3138 if (param->ifbrp_filter & ~IFBF_FILT_MASK) {
3139 return EINVAL;
3140 }
3141
3142 if (param->ifbrp_filter & IFBF_FILT_USEIPF) {
3143 return EINVAL;
3144 }
3145
3146 sc->sc_filter_flags = param->ifbrp_filter;
3147
3148 return 0;
3149 }
3150
3151 static int
3152 bridge_ioctl_sifmaxaddr(struct bridge_softc *sc, void *arg)
3153 {
3154 struct ifbreq *req = arg;
3155 struct bridge_iflist *bif;
3156
3157 bif = bridge_lookup_member(sc, req->ifbr_ifsname);
3158 if (bif == NULL) {
3159 return ENOENT;
3160 }
3161
3162 bif->bif_addrmax = req->ifbr_addrmax;
3163 return 0;
3164 }
3165
3166 static int
3167 bridge_ioctl_addspan(struct bridge_softc *sc, void *arg)
3168 {
3169 struct ifbreq *req = arg;
3170 struct bridge_iflist *bif = NULL;
3171 struct ifnet *ifs;
3172
3173 ifs = ifunit(req->ifbr_ifsname);
3174 if (ifs == NULL) {
3175 return ENOENT;
3176 }
3177
3178 if (IFNET_IS_INTCOPROC(ifs)) {
3179 return EINVAL;
3180 }
3181
3182 TAILQ_FOREACH(bif, &sc->sc_spanlist, bif_next)
3183 if (ifs == bif->bif_ifp) {
3184 return EBUSY;
3185 }
3186
3187 if (ifs->if_bridge != NULL) {
3188 return EBUSY;
3189 }
3190
3191 switch (ifs->if_type) {
3192 case IFT_ETHER:
3193 case IFT_L2VLAN:
3194 break;
3195 case IFT_GIF:
3196 /* currently not supported */
3197 /* FALLTHRU */
3198 default:
3199 return EINVAL;
3200 }
3201
3202 bif = _MALLOC(sizeof(*bif), M_DEVBUF, M_WAITOK | M_ZERO);
3203 if (bif == NULL) {
3204 return ENOMEM;
3205 }
3206
3207 bif->bif_ifp = ifs;
3208 bif->bif_ifflags = IFBIF_SPAN;
3209
3210 ifnet_reference(bif->bif_ifp);
3211
3212 TAILQ_INSERT_HEAD(&sc->sc_spanlist, bif, bif_next);
3213
3214 return 0;
3215 }
3216
3217 static int
3218 bridge_ioctl_delspan(struct bridge_softc *sc, void *arg)
3219 {
3220 struct ifbreq *req = arg;
3221 struct bridge_iflist *bif;
3222 struct ifnet *ifs;
3223
3224 ifs = ifunit(req->ifbr_ifsname);
3225 if (ifs == NULL) {
3226 return ENOENT;
3227 }
3228
3229 TAILQ_FOREACH(bif, &sc->sc_spanlist, bif_next)
3230 if (ifs == bif->bif_ifp) {
3231 break;
3232 }
3233
3234 if (bif == NULL) {
3235 return ENOENT;
3236 }
3237
3238 bridge_delete_span(sc, bif);
3239
3240 return 0;
3241 }
3242
3243 #define BRIDGE_IOCTL_GBPARAM do { \
3244 struct bstp_state *bs = &sc->sc_stp; \
3245 struct bstp_port *root_port; \
3246 \
3247 req->ifbop_maxage = bs->bs_bridge_max_age >> 8; \
3248 req->ifbop_hellotime = bs->bs_bridge_htime >> 8; \
3249 req->ifbop_fwddelay = bs->bs_bridge_fdelay >> 8; \
3250 \
3251 root_port = bs->bs_root_port; \
3252 if (root_port == NULL) \
3253 req->ifbop_root_port = 0; \
3254 else \
3255 req->ifbop_root_port = root_port->bp_ifp->if_index; \
3256 \
3257 req->ifbop_holdcount = bs->bs_txholdcount; \
3258 req->ifbop_priority = bs->bs_bridge_priority; \
3259 req->ifbop_protocol = bs->bs_protover; \
3260 req->ifbop_root_path_cost = bs->bs_root_pv.pv_cost; \
3261 req->ifbop_bridgeid = bs->bs_bridge_pv.pv_dbridge_id; \
3262 req->ifbop_designated_root = bs->bs_root_pv.pv_root_id; \
3263 req->ifbop_designated_bridge = bs->bs_root_pv.pv_dbridge_id; \
3264 req->ifbop_last_tc_time.tv_sec = bs->bs_last_tc_time.tv_sec; \
3265 req->ifbop_last_tc_time.tv_usec = bs->bs_last_tc_time.tv_usec; \
3266 } while (0)
3267
3268 static int
3269 bridge_ioctl_gbparam32(struct bridge_softc *sc, void *arg)
3270 {
3271 struct ifbropreq32 *req = arg;
3272
3273 BRIDGE_IOCTL_GBPARAM;
3274 return 0;
3275 }
3276
3277 static int
3278 bridge_ioctl_gbparam64(struct bridge_softc *sc, void *arg)
3279 {
3280 struct ifbropreq64 *req = arg;
3281
3282 BRIDGE_IOCTL_GBPARAM;
3283 return 0;
3284 }
3285
3286 static int
3287 bridge_ioctl_grte(struct bridge_softc *sc, void *arg)
3288 {
3289 struct ifbrparam *param = arg;
3290
3291 param->ifbrp_cexceeded = sc->sc_brtexceeded;
3292 return 0;
3293 }
3294
3295 #define BRIDGE_IOCTL_GIFSSTP do { \
3296 struct bridge_iflist *bif; \
3297 struct bstp_port *bp; \
3298 struct ifbpstpreq bpreq; \
3299 char *buf, *outbuf; \
3300 unsigned int count, buflen, len; \
3301 \
3302 count = 0; \
3303 TAILQ_FOREACH(bif, &sc->sc_iflist, bif_next) { \
3304 if ((bif->bif_ifflags & IFBIF_STP) != 0) \
3305 count++; \
3306 } \
3307 \
3308 buflen = sizeof (bpreq) * count; \
3309 if (bifstp->ifbpstp_len == 0) { \
3310 bifstp->ifbpstp_len = buflen; \
3311 return (0); \
3312 } \
3313 \
3314 BRIDGE_UNLOCK(sc); \
3315 outbuf = _MALLOC(buflen, M_TEMP, M_WAITOK | M_ZERO); \
3316 BRIDGE_LOCK(sc); \
3317 \
3318 count = 0; \
3319 buf = outbuf; \
3320 len = min(bifstp->ifbpstp_len, buflen); \
3321 bzero(&bpreq, sizeof (bpreq)); \
3322 TAILQ_FOREACH(bif, &sc->sc_iflist, bif_next) { \
3323 if (len < sizeof (bpreq)) \
3324 break; \
3325 \
3326 if ((bif->bif_ifflags & IFBIF_STP) == 0) \
3327 continue; \
3328 \
3329 bp = &bif->bif_stp; \
3330 bpreq.ifbp_portno = bif->bif_ifp->if_index & 0xfff; \
3331 bpreq.ifbp_fwd_trans = bp->bp_forward_transitions; \
3332 bpreq.ifbp_design_cost = bp->bp_desg_pv.pv_cost; \
3333 bpreq.ifbp_design_port = bp->bp_desg_pv.pv_port_id; \
3334 bpreq.ifbp_design_bridge = bp->bp_desg_pv.pv_dbridge_id; \
3335 bpreq.ifbp_design_root = bp->bp_desg_pv.pv_root_id; \
3336 \
3337 memcpy(buf, &bpreq, sizeof (bpreq)); \
3338 count++; \
3339 buf += sizeof (bpreq); \
3340 len -= sizeof (bpreq); \
3341 } \
3342 \
3343 BRIDGE_UNLOCK(sc); \
3344 bifstp->ifbpstp_len = sizeof (bpreq) * count; \
3345 error = copyout(outbuf, bifstp->ifbpstp_req, bifstp->ifbpstp_len); \
3346 BRIDGE_LOCK(sc); \
3347 _FREE(outbuf, M_TEMP); \
3348 return (error); \
3349 } while (0)
3350
3351 static int
3352 bridge_ioctl_gifsstp32(struct bridge_softc *sc, void *arg)
3353 {
3354 struct ifbpstpconf32 *bifstp = arg;
3355 int error = 0;
3356
3357 BRIDGE_IOCTL_GIFSSTP;
3358 return error;
3359 }
3360
3361 static int
3362 bridge_ioctl_gifsstp64(struct bridge_softc *sc, void *arg)
3363 {
3364 struct ifbpstpconf64 *bifstp = arg;
3365 int error = 0;
3366
3367 BRIDGE_IOCTL_GIFSSTP;
3368 return error;
3369 }
3370
3371 static int
3372 bridge_ioctl_sproto(struct bridge_softc *sc, void *arg)
3373 {
3374 #if BRIDGESTP
3375 struct ifbrparam *param = arg;
3376
3377 return bstp_set_protocol(&sc->sc_stp, param->ifbrp_proto);
3378 #else /* !BRIDGESTP */
3379 #pragma unused(sc, arg)
3380 return EOPNOTSUPP;
3381 #endif /* !BRIDGESTP */
3382 }
3383
3384 static int
3385 bridge_ioctl_stxhc(struct bridge_softc *sc, void *arg)
3386 {
3387 #if BRIDGESTP
3388 struct ifbrparam *param = arg;
3389
3390 return bstp_set_holdcount(&sc->sc_stp, param->ifbrp_txhc);
3391 #else /* !BRIDGESTP */
3392 #pragma unused(sc, arg)
3393 return EOPNOTSUPP;
3394 #endif /* !BRIDGESTP */
3395 }
3396
3397
3398 static int
3399 bridge_ioctl_ghostfilter(struct bridge_softc *sc, void *arg)
3400 {
3401 struct ifbrhostfilter *req = arg;
3402 struct bridge_iflist *bif;
3403
3404 bif = bridge_lookup_member(sc, req->ifbrhf_ifsname);
3405 if (bif == NULL) {
3406 return ENOENT;
3407 }
3408
3409 bzero(req, sizeof(struct ifbrhostfilter));
3410 if (bif->bif_flags & BIFF_HOST_FILTER) {
3411 req->ifbrhf_flags |= IFBRHF_ENABLED;
3412 bcopy(bif->bif_hf_hwsrc, req->ifbrhf_hwsrca,
3413 ETHER_ADDR_LEN);
3414 req->ifbrhf_ipsrc = bif->bif_hf_ipsrc.s_addr;
3415 }
3416 return 0;
3417 }
3418
3419 static int
3420 bridge_ioctl_shostfilter(struct bridge_softc *sc, void *arg)
3421 {
3422 struct ifbrhostfilter *req = arg;
3423 struct bridge_iflist *bif;
3424
3425 bif = bridge_lookup_member(sc, req->ifbrhf_ifsname);
3426 if (bif == NULL) {
3427 return ENOENT;
3428 }
3429
3430 INC_ATOMIC_INT64_LIM(net_api_stats.nas_vmnet_total);
3431
3432 if (req->ifbrhf_flags & IFBRHF_ENABLED) {
3433 bif->bif_flags |= BIFF_HOST_FILTER;
3434
3435 if (req->ifbrhf_flags & IFBRHF_HWSRC) {
3436 bcopy(req->ifbrhf_hwsrca, bif->bif_hf_hwsrc,
3437 ETHER_ADDR_LEN);
3438 if (bcmp(req->ifbrhf_hwsrca, ethernulladdr,
3439 ETHER_ADDR_LEN) != 0) {
3440 bif->bif_flags |= BIFF_HF_HWSRC;
3441 } else {
3442 bif->bif_flags &= ~BIFF_HF_HWSRC;
3443 }
3444 }
3445 if (req->ifbrhf_flags & IFBRHF_IPSRC) {
3446 bif->bif_hf_ipsrc.s_addr = req->ifbrhf_ipsrc;
3447 if (bif->bif_hf_ipsrc.s_addr != INADDR_ANY) {
3448 bif->bif_flags |= BIFF_HF_IPSRC;
3449 } else {
3450 bif->bif_flags &= ~BIFF_HF_IPSRC;
3451 }
3452 }
3453 } else {
3454 bif->bif_flags &= ~(BIFF_HOST_FILTER | BIFF_HF_HWSRC |
3455 BIFF_HF_IPSRC);
3456 bzero(bif->bif_hf_hwsrc, ETHER_ADDR_LEN);
3457 bif->bif_hf_ipsrc.s_addr = INADDR_ANY;
3458 }
3459
3460 return 0;
3461 }
3462
3463 static char *
3464 bridge_mac_nat_entry_out(struct mac_nat_entry_list * list,
3465 unsigned int * count_p, char *buf, unsigned int *len_p)
3466 {
3467 unsigned int count = *count_p;
3468 struct ifbrmne ifbmne;
3469 unsigned int len = *len_p;
3470 struct mac_nat_entry *mne;
3471 unsigned long now;
3472
3473 bzero(&ifbmne, sizeof(ifbmne));
3474 LIST_FOREACH(mne, list, mne_list) {
3475 if (len < sizeof(ifbmne)) {
3476 break;
3477 }
3478 snprintf(ifbmne.ifbmne_ifname, sizeof(ifbmne.ifbmne_ifname),
3479 "%s", mne->mne_bif->bif_ifp->if_xname);
3480 memcpy(ifbmne.ifbmne_mac, mne->mne_mac,
3481 sizeof(ifbmne.ifbmne_mac));
3482 now = (unsigned long) net_uptime();
3483 if (now < mne->mne_expire) {
3484 ifbmne.ifbmne_expire = mne->mne_expire - now;
3485 } else {
3486 ifbmne.ifbmne_expire = 0;
3487 }
3488 if ((mne->mne_flags & MNE_FLAGS_IPV6) != 0) {
3489 ifbmne.ifbmne_af = AF_INET6;
3490 ifbmne.ifbmne_ip6_addr = mne->mne_ip6;
3491 } else {
3492 ifbmne.ifbmne_af = AF_INET;
3493 ifbmne.ifbmne_ip_addr = mne->mne_ip;
3494 }
3495 memcpy(buf, &ifbmne, sizeof(ifbmne));
3496 count++;
3497 buf += sizeof(ifbmne);
3498 len -= sizeof(ifbmne);
3499 }
3500 *count_p = count;
3501 *len_p = len;
3502 return buf;
3503 }
3504
3505 /*
3506 * bridge_ioctl_gmnelist()
3507 * Perform the get mac_nat_entry list ioctl.
3508 *
3509 * Note:
3510 * The struct ifbrmnelist32 and struct ifbrmnelist64 have the same
3511 * field size/layout except for the last field ifbml_buf, the user-supplied
3512 * buffer pointer. That is passed in separately via the 'user_addr'
3513 * parameter from the respective 32-bit or 64-bit ioctl routine.
3514 */
3515 static int
3516 bridge_ioctl_gmnelist(struct bridge_softc *sc, struct ifbrmnelist32 *mnl,
3517 user_addr_t user_addr)
3518 {
3519 unsigned int count;
3520 char *buf;
3521 int error = 0;
3522 char *outbuf = NULL;
3523 struct mac_nat_entry *mne;
3524 unsigned int buflen;
3525 unsigned int len;
3526
3527 mnl->ifbml_elsize = sizeof(struct ifbrmne);
3528 count = 0;
3529 LIST_FOREACH(mne, &sc->sc_mne_list, mne_list)
3530 count++;
3531 LIST_FOREACH(mne, &sc->sc_mne_list_v6, mne_list)
3532 count++;
3533 buflen = sizeof(struct ifbrmne) * count;
3534 if (buflen == 0 || mnl->ifbml_len == 0) {
3535 mnl->ifbml_len = buflen;
3536 return error;
3537 }
3538 BRIDGE_UNLOCK(sc);
3539 outbuf = _MALLOC(buflen, M_TEMP, M_WAITOK | M_ZERO);
3540 BRIDGE_LOCK(sc);
3541 count = 0;
3542 buf = outbuf;
3543 len = min(mnl->ifbml_len, buflen);
3544 buf = bridge_mac_nat_entry_out(&sc->sc_mne_list, &count, buf, &len);
3545 buf = bridge_mac_nat_entry_out(&sc->sc_mne_list_v6, &count, buf, &len);
3546 mnl->ifbml_len = count * sizeof(struct ifbrmne);
3547 BRIDGE_UNLOCK(sc);
3548 error = copyout(outbuf, user_addr, mnl->ifbml_len);
3549 _FREE(outbuf, M_TEMP);
3550 BRIDGE_LOCK(sc);
3551 return error;
3552 }
3553
3554 static int
3555 bridge_ioctl_gmnelist64(struct bridge_softc *sc, void *arg)
3556 {
3557 struct ifbrmnelist64 *mnl = arg;
3558
3559 return bridge_ioctl_gmnelist(sc, arg, mnl->ifbml_buf);
3560 }
3561
3562 static int
3563 bridge_ioctl_gmnelist32(struct bridge_softc *sc, void *arg)
3564 {
3565 struct ifbrmnelist32 *mnl = arg;
3566
3567 return bridge_ioctl_gmnelist(sc, arg,
3568 CAST_USER_ADDR_T(mnl->ifbml_buf));
3569 }
3570
3571 /*
3572 * bridge_ifdetach:
3573 *
3574 * Detach an interface from a bridge. Called when a member
3575 * interface is detaching.
3576 */
3577 static void
3578 bridge_ifdetach(struct ifnet *ifp)
3579 {
3580 struct bridge_iflist *bif;
3581 struct bridge_softc *sc = ifp->if_bridge;
3582
3583 #if BRIDGE_DEBUG
3584 if (IF_BRIDGE_DEBUG(BR_DBGF_LIFECYCLE)) {
3585 printf("%s: %s\n", __func__, ifp->if_xname);
3586 }
3587 #endif /* BRIDGE_DEBUG */
3588
3589 /* Check if the interface is a bridge member */
3590 if (sc != NULL) {
3591 BRIDGE_LOCK(sc);
3592 bif = bridge_lookup_member_if(sc, ifp);
3593 if (bif != NULL) {
3594 bridge_delete_member(sc, bif, 1);
3595 }
3596 BRIDGE_UNLOCK(sc);
3597 return;
3598 }
3599 /* Check if the interface is a span port */
3600 lck_mtx_lock(&bridge_list_mtx);
3601 LIST_FOREACH(sc, &bridge_list, sc_list) {
3602 BRIDGE_LOCK(sc);
3603 TAILQ_FOREACH(bif, &sc->sc_spanlist, bif_next)
3604 if (ifp == bif->bif_ifp) {
3605 bridge_delete_span(sc, bif);
3606 break;
3607 }
3608 BRIDGE_UNLOCK(sc);
3609 }
3610 lck_mtx_unlock(&bridge_list_mtx);
3611 }
3612
3613 /*
3614 * bridge_proto_attach_changed
3615 *
3616 * Called when protocol attachment on the interface changes.
3617 */
3618 static void
3619 bridge_proto_attach_changed(struct ifnet *ifp)
3620 {
3621 boolean_t changed = FALSE;
3622 struct bridge_iflist *bif;
3623 boolean_t input_broadcast;
3624 struct bridge_softc *sc = ifp->if_bridge;
3625
3626 #if BRIDGE_DEBUG
3627 if (IF_BRIDGE_DEBUG(BR_DBGF_LIFECYCLE)) {
3628 printf("%s: %s\n", __func__, ifp->if_xname);
3629 }
3630 #endif /* BRIDGE_DEBUG */
3631 if (sc == NULL) {
3632 return;
3633 }
3634 /*
3635 * Selectively enable input broadcast only when necessary.
3636 * The bridge interface itself attaches a fake protocol
3637 * so checking for at least two protocols means that the
3638 * interface is being used for something besides bridging.
3639 */
3640 input_broadcast = if_get_protolist(ifp, NULL, 0) >= 2;
3641 BRIDGE_LOCK(sc);
3642 bif = bridge_lookup_member_if(sc, ifp);
3643 if (bif != NULL) {
3644 if (input_broadcast) {
3645 if ((bif->bif_flags & BIFF_INPUT_BROADCAST) == 0) {
3646 bif->bif_flags |= BIFF_INPUT_BROADCAST;
3647 changed = TRUE;
3648 }
3649 } else if ((bif->bif_flags & BIFF_INPUT_BROADCAST) != 0) {
3650 changed = TRUE;
3651 bif->bif_flags &= ~BIFF_INPUT_BROADCAST;
3652 }
3653 }
3654 BRIDGE_UNLOCK(sc);
3655 #if BRIDGE_DEBUG
3656 if (IF_BRIDGE_DEBUG(BR_DBGF_LIFECYCLE)) {
3657 printf("%s: input broadcast %s", ifp->if_xname,
3658 input_broadcast ? "ENABLED" : "DISABLED");
3659 }
3660 #endif /* BRIDGE_DEBUG */
3661 return;
3662 }
3663
3664 /*
3665 * interface_media_active:
3666 *
3667 * Tells if an interface media is active.
3668 */
3669 static int
3670 interface_media_active(struct ifnet *ifp)
3671 {
3672 struct ifmediareq ifmr;
3673 int status = 0;
3674
3675 bzero(&ifmr, sizeof(ifmr));
3676 if (ifnet_ioctl(ifp, 0, SIOCGIFMEDIA, &ifmr) == 0) {
3677 if ((ifmr.ifm_status & IFM_AVALID) && ifmr.ifm_count > 0) {
3678 status = ifmr.ifm_status & IFM_ACTIVE ? 1 : 0;
3679 }
3680 }
3681
3682 return status;
3683 }
3684
3685 /*
3686 * bridge_updatelinkstatus:
3687 *
3688 * Update the media active status of the bridge based on the
3689 * media active status of its member.
3690 * If changed, return the corresponding onf/off link event.
3691 */
3692 static u_int32_t
3693 bridge_updatelinkstatus(struct bridge_softc *sc)
3694 {
3695 struct bridge_iflist *bif;
3696 int active_member = 0;
3697 u_int32_t event_code = 0;
3698
3699 BRIDGE_LOCK_ASSERT_HELD(sc);
3700
3701 /*
3702 * Find out if we have an active interface
3703 */
3704 TAILQ_FOREACH(bif, &sc->sc_iflist, bif_next) {
3705 if (bif->bif_flags & BIFF_MEDIA_ACTIVE) {
3706 active_member = 1;
3707 break;
3708 }
3709 }
3710
3711 if (active_member && !(sc->sc_flags & SCF_MEDIA_ACTIVE)) {
3712 sc->sc_flags |= SCF_MEDIA_ACTIVE;
3713 event_code = KEV_DL_LINK_ON;
3714 } else if (!active_member && (sc->sc_flags & SCF_MEDIA_ACTIVE)) {
3715 sc->sc_flags &= ~SCF_MEDIA_ACTIVE;
3716 event_code = KEV_DL_LINK_OFF;
3717 }
3718
3719 return event_code;
3720 }
3721
3722 /*
3723 * bridge_iflinkevent:
3724 */
3725 static void
3726 bridge_iflinkevent(struct ifnet *ifp)
3727 {
3728 struct bridge_softc *sc = ifp->if_bridge;
3729 struct bridge_iflist *bif;
3730 u_int32_t event_code = 0;
3731 int media_active;
3732
3733 #if BRIDGE_DEBUG
3734 if (IF_BRIDGE_DEBUG(BR_DBGF_LIFECYCLE)) {
3735 printf("%s: %s\n", __func__, ifp->if_xname);
3736 }
3737 #endif /* BRIDGE_DEBUG */
3738
3739 /* Check if the interface is a bridge member */
3740 if (sc == NULL) {
3741 return;
3742 }
3743
3744 media_active = interface_media_active(ifp);
3745 BRIDGE_LOCK(sc);
3746 bif = bridge_lookup_member_if(sc, ifp);
3747 if (bif != NULL) {
3748 if (media_active) {
3749 bif->bif_flags |= BIFF_MEDIA_ACTIVE;
3750 } else {
3751 bif->bif_flags &= ~BIFF_MEDIA_ACTIVE;
3752 }
3753 if (sc->sc_mac_nat_bif != NULL) {
3754 bridge_mac_nat_flush_entries(sc, bif);
3755 }
3756
3757 event_code = bridge_updatelinkstatus(sc);
3758 }
3759 BRIDGE_UNLOCK(sc);
3760
3761 if (event_code != 0) {
3762 bridge_link_event(sc->sc_ifp, event_code);
3763 }
3764 }
3765
3766 /*
3767 * bridge_delayed_callback:
3768 *
3769 * Makes a delayed call
3770 */
3771 static void
3772 bridge_delayed_callback(void *param)
3773 {
3774 struct bridge_delayed_call *call = (struct bridge_delayed_call *)param;
3775 struct bridge_softc *sc = call->bdc_sc;
3776
3777 #if BRIDGE_DEBUG_DELAYED_CALLBACK
3778 if (bridge_delayed_callback_delay > 0) {
3779 struct timespec ts;
3780
3781 ts.tv_sec = bridge_delayed_callback_delay;
3782 ts.tv_nsec = 0;
3783
3784 printf("%s: sleeping for %d seconds\n",
3785 __func__, bridge_delayed_callback_delay);
3786
3787 msleep(&bridge_delayed_callback_delay, NULL, PZERO,
3788 __func__, &ts);
3789
3790 printf("%s: awoken\n", __func__);
3791 }
3792 #endif /* BRIDGE_DEBUG_DELAYED_CALLBACK */
3793
3794 BRIDGE_LOCK(sc);
3795
3796 #if BRIDGE_DEBUG_DELAYED_CALLBACK
3797 if (IF_BRIDGE_DEBUG(BR_DBGF_DELAYED_CALL)) {
3798 printf("%s: %s call 0x%llx flags 0x%x\n", __func__,
3799 sc->sc_if_xname, (uint64_t)VM_KERNEL_ADDRPERM(call),
3800 call->bdc_flags);
3801 }
3802 #endif /* BRIDGE_DEBUG_DELAYED_CALLBACK */
3803
3804 if (call->bdc_flags & BDCF_CANCELLING) {
3805 wakeup(call);
3806 } else {
3807 if ((sc->sc_flags & SCF_DETACHING) == 0) {
3808 (*call->bdc_func)(sc);
3809 }
3810 }
3811 call->bdc_flags &= ~BDCF_OUTSTANDING;
3812 BRIDGE_UNLOCK(sc);
3813 }
3814
3815 /*
3816 * bridge_schedule_delayed_call:
3817 *
3818 * Schedule a function to be called on a separate thread
3819 * The actual call may be scheduled to run at a given time or ASAP.
3820 */
3821 static void
3822 bridge_schedule_delayed_call(struct bridge_delayed_call *call)
3823 {
3824 uint64_t deadline = 0;
3825 struct bridge_softc *sc = call->bdc_sc;
3826
3827 BRIDGE_LOCK_ASSERT_HELD(sc);
3828
3829 if ((sc->sc_flags & SCF_DETACHING) ||
3830 (call->bdc_flags & (BDCF_OUTSTANDING | BDCF_CANCELLING))) {
3831 return;
3832 }
3833
3834 if (call->bdc_ts.tv_sec || call->bdc_ts.tv_nsec) {
3835 nanoseconds_to_absolutetime(
3836 (uint64_t)call->bdc_ts.tv_sec * NSEC_PER_SEC +
3837 call->bdc_ts.tv_nsec, &deadline);
3838 clock_absolutetime_interval_to_deadline(deadline, &deadline);
3839 }
3840
3841 call->bdc_flags = BDCF_OUTSTANDING;
3842
3843 #if BRIDGE_DEBUG_DELAYED_CALLBACK
3844 if (IF_BRIDGE_DEBUG(BR_DBGF_DELAYED_CALL)) {
3845 printf("%s: %s call 0x%llx flags 0x%x\n", __func__,
3846 sc->sc_if_xname, (uint64_t)VM_KERNEL_ADDRPERM(call),
3847 call->bdc_flags);
3848 }
3849 #endif /* BRIDGE_DEBUG_DELAYED_CALLBACK */
3850
3851 if (call->bdc_ts.tv_sec || call->bdc_ts.tv_nsec) {
3852 thread_call_func_delayed(
3853 (thread_call_func_t)bridge_delayed_callback,
3854 call, deadline);
3855 } else {
3856 if (call->bdc_thread_call == NULL) {
3857 call->bdc_thread_call = thread_call_allocate(
3858 (thread_call_func_t)bridge_delayed_callback,
3859 call);
3860 }
3861 thread_call_enter(call->bdc_thread_call);
3862 }
3863 }
3864
3865 /*
3866 * bridge_cancel_delayed_call:
3867 *
3868 * Cancel a queued or running delayed call.
3869 * If call is running, does not return until the call is done to
3870 * prevent race condition with the brigde interface getting destroyed
3871 */
3872 static void
3873 bridge_cancel_delayed_call(struct bridge_delayed_call *call)
3874 {
3875 boolean_t result;
3876 struct bridge_softc *sc = call->bdc_sc;
3877
3878 /*
3879 * The call was never scheduled
3880 */
3881 if (sc == NULL) {
3882 return;
3883 }
3884
3885 BRIDGE_LOCK_ASSERT_HELD(sc);
3886
3887 call->bdc_flags |= BDCF_CANCELLING;
3888
3889 while (call->bdc_flags & BDCF_OUTSTANDING) {
3890 #if BRIDGE_DEBUG
3891 if (IF_BRIDGE_DEBUG(BR_DBGF_DELAYED_CALL)) {
3892 printf("%s: %s call 0x%llx flags 0x%x\n", __func__,
3893 sc->sc_if_xname, (uint64_t)VM_KERNEL_ADDRPERM(call),
3894 call->bdc_flags);
3895 }
3896 #endif /* BRIDGE_DEBUG */
3897 result = thread_call_func_cancel(
3898 (thread_call_func_t)bridge_delayed_callback, call, FALSE);
3899
3900 if (result) {
3901 /*
3902 * We managed to dequeue the delayed call
3903 */
3904 call->bdc_flags &= ~BDCF_OUTSTANDING;
3905 } else {
3906 /*
3907 * Wait for delayed call do be done running
3908 */
3909 msleep(call, &sc->sc_mtx, PZERO, __func__, NULL);
3910 }
3911 }
3912 call->bdc_flags &= ~BDCF_CANCELLING;
3913 }
3914
3915 /*
3916 * bridge_cleanup_delayed_call:
3917 *
3918 * Dispose resource allocated for a delayed call
3919 * Assume the delayed call is not queued or running .
3920 */
3921 static void
3922 bridge_cleanup_delayed_call(struct bridge_delayed_call *call)
3923 {
3924 boolean_t result;
3925 struct bridge_softc *sc = call->bdc_sc;
3926
3927 /*
3928 * The call was never scheduled
3929 */
3930 if (sc == NULL) {
3931 return;
3932 }
3933
3934 BRIDGE_LOCK_ASSERT_HELD(sc);
3935
3936 VERIFY((call->bdc_flags & BDCF_OUTSTANDING) == 0);
3937 VERIFY((call->bdc_flags & BDCF_CANCELLING) == 0);
3938
3939 if (call->bdc_thread_call != NULL) {
3940 result = thread_call_free(call->bdc_thread_call);
3941 if (result == FALSE) {
3942 panic("%s thread_call_free() failed for call %p",
3943 __func__, call);
3944 }
3945 call->bdc_thread_call = NULL;
3946 }
3947 }
3948
3949 /*
3950 * bridge_init:
3951 *
3952 * Initialize a bridge interface.
3953 */
3954 static int
3955 bridge_init(struct ifnet *ifp)
3956 {
3957 struct bridge_softc *sc = (struct bridge_softc *)ifp->if_softc;
3958 errno_t error;
3959
3960 BRIDGE_LOCK_ASSERT_HELD(sc);
3961
3962 if ((ifnet_flags(ifp) & IFF_RUNNING)) {
3963 return 0;
3964 }
3965
3966 error = ifnet_set_flags(ifp, IFF_RUNNING, IFF_RUNNING);
3967
3968 /*
3969 * Calling bridge_aging_timer() is OK as there are no entries to
3970 * age so we're just going to arm the timer
3971 */
3972 bridge_aging_timer(sc);
3973 #if BRIDGESTP
3974 if (error == 0) {
3975 bstp_init(&sc->sc_stp); /* Initialize Spanning Tree */
3976 }
3977 #endif /* BRIDGESTP */
3978 return error;
3979 }
3980
3981 /*
3982 * bridge_ifstop:
3983 *
3984 * Stop the bridge interface.
3985 */
3986 static void
3987 bridge_ifstop(struct ifnet *ifp, int disable)
3988 {
3989 #pragma unused(disable)
3990 struct bridge_softc *sc = ifp->if_softc;
3991
3992 BRIDGE_LOCK_ASSERT_HELD(sc);
3993
3994 if ((ifnet_flags(ifp) & IFF_RUNNING) == 0) {
3995 return;
3996 }
3997
3998 bridge_cancel_delayed_call(&sc->sc_aging_timer);
3999
4000 #if BRIDGESTP
4001 bstp_stop(&sc->sc_stp);
4002 #endif /* BRIDGESTP */
4003
4004 bridge_rtflush(sc, IFBF_FLUSHDYN);
4005 (void) ifnet_set_flags(ifp, 0, IFF_RUNNING);
4006 }
4007
4008 /*
4009 * bridge_compute_cksum:
4010 *
4011 * If the packet has checksum flags, compare the hardware checksum
4012 * capabilities of the source and destination interfaces. If they
4013 * are the same, there's nothing to do. If they are different,
4014 * finalize the checksum so that it can be sent on the destination
4015 * interface.
4016 */
4017 static void
4018 bridge_compute_cksum(struct ifnet *src_if, struct ifnet *dst_if, struct mbuf *m)
4019 {
4020 uint32_t csum_flags;
4021 uint16_t dst_hw_csum;
4022 uint32_t did_sw;
4023 struct ether_header *eh;
4024 uint16_t src_hw_csum;
4025
4026 csum_flags = m->m_pkthdr.csum_flags & IF_HWASSIST_CSUM_MASK;
4027 if (csum_flags == 0) {
4028 /* no checksum offload */
4029 return;
4030 }
4031
4032 /*
4033 * if destination/source differ in checksum offload
4034 * capabilities, finalize/compute the checksum
4035 */
4036 dst_hw_csum = IF_HWASSIST_CSUM_FLAGS(dst_if->if_hwassist);
4037 src_hw_csum = IF_HWASSIST_CSUM_FLAGS(src_if->if_hwassist);
4038 if (dst_hw_csum == src_hw_csum) {
4039 return;
4040 }
4041 eh = mtod(m, struct ether_header *);
4042 switch (ntohs(eh->ether_type)) {
4043 case ETHERTYPE_IP:
4044 did_sw = in_finalize_cksum(m, sizeof(*eh), csum_flags);
4045 break;
4046 case ETHERTYPE_IPV6:
4047 did_sw = in6_finalize_cksum(m, sizeof(*eh), -1, -1, csum_flags);
4048 break;
4049 }
4050 #if BRIDGE_DEBUG
4051 if (IF_BRIDGE_DEBUG(BR_DBGF_CHECKSUM)) {
4052 printf("%s: [%s -> %s] before 0x%x did 0x%x after 0x%x\n",
4053 __func__,
4054 src_if->if_xname, dst_if->if_xname, csum_flags, did_sw,
4055 m->m_pkthdr.csum_flags);
4056 }
4057 #endif /* BRIDGE_DEBUG */
4058 }
4059
4060 static int
4061 bridge_transmit(struct ifnet * ifp, struct mbuf *m)
4062 {
4063 struct flowadv adv = { .code = FADV_SUCCESS };
4064 errno_t error;
4065
4066 error = dlil_output(ifp, 0, m, NULL, NULL, 1, &adv);
4067 if (error == 0) {
4068 if (adv.code == FADV_FLOW_CONTROLLED) {
4069 error = EQFULL;
4070 } else if (adv.code == FADV_SUSPENDED) {
4071 error = EQSUSPENDED;
4072 }
4073 }
4074 return error;
4075 }
4076
4077 static int
4078 bridge_send(struct ifnet *src_ifp,
4079 struct ifnet *dst_ifp, struct mbuf *m, ChecksumOperation cksum_op)
4080 {
4081 switch (cksum_op) {
4082 case kChecksumOperationClear:
4083 m->m_pkthdr.csum_flags = 0;
4084 break;
4085 case kChecksumOperationFinalize:
4086 /* the checksum might not be correct, finalize now */
4087 bridge_finalize_cksum(dst_ifp, m);
4088 break;
4089 case kChecksumOperationCompute:
4090 bridge_compute_cksum(src_ifp, dst_ifp, m);
4091 break;
4092 default:
4093 break;
4094 }
4095 #if HAS_IF_CAP
4096 /*
4097 * If underlying interface can not do VLAN tag insertion itself
4098 * then attach a packet tag that holds it.
4099 */
4100 if ((m->m_flags & M_VLANTAG) &&
4101 (dst_ifp->if_capenable & IFCAP_VLAN_HWTAGGING) == 0) {
4102 m = ether_vlanencap(m, m->m_pkthdr.ether_vtag);
4103 if (m == NULL) {
4104 printf("%s: %s: unable to prepend VLAN "
4105 "header\n", __func__, dst_ifp->if_xname);
4106 (void) ifnet_stat_increment_out(dst_ifp,
4107 0, 0, 1);
4108 return 0;
4109 }
4110 m->m_flags &= ~M_VLANTAG;
4111 }
4112 #endif /* HAS_IF_CAP */
4113 return bridge_transmit(dst_ifp, m);
4114 }
4115
4116 static int
4117 bridge_send_tso(struct ifnet *dst_ifp, struct mbuf *m)
4118 {
4119 struct ether_header *eh;
4120 uint16_t ether_type;
4121 errno_t error;
4122 boolean_t is_ipv4;
4123 u_int mac_hlen;
4124
4125 eh = mtod(m, struct ether_header *);
4126 ether_type = ntohs(eh->ether_type);
4127 switch (ether_type) {
4128 case ETHERTYPE_IP:
4129 is_ipv4 = TRUE;
4130 break;
4131 case ETHERTYPE_IPV6:
4132 is_ipv4 = FALSE;
4133 break;
4134 default:
4135 printf("%s: large non IPv4/IPv6 packet\n", __func__);
4136 m_freem(m);
4137 error = EINVAL;
4138 goto done;
4139 }
4140 mac_hlen = sizeof(*eh);
4141
4142 #if HAS_IF_CAP
4143 /*
4144 * If underlying interface can not do VLAN tag insertion itself
4145 * then attach a packet tag that holds it.
4146 */
4147 if ((m->m_flags & M_VLANTAG) &&
4148 (dst_ifp->if_capenable & IFCAP_VLAN_HWTAGGING) == 0) {
4149 m = ether_vlanencap(m, m->m_pkthdr.ether_vtag);
4150 if (m == NULL) {
4151 printf("%s: %s: unable to prepend VLAN "
4152 "header\n", __func__, dst_ifp->if_xname);
4153 (void) ifnet_stat_increment_out(dst_ifp,
4154 0, 0, 1);
4155 error = ENOBUFS;
4156 goto done;
4157 }
4158 m->m_flags &= ~M_VLANTAG;
4159 mac_hlen += ETHER_VLAN_ENCAP_LEN;
4160 }
4161 #endif /* HAS_IF_CAP */
4162 if (is_ipv4) {
4163 error = gso_ipv4_tcp(dst_ifp, &m, mac_hlen, TRUE);
4164 } else {
4165 error = gso_ipv6_tcp(dst_ifp, &m, mac_hlen, TRUE);
4166 }
4167
4168 done:
4169 return error;
4170 }
4171
4172 /*
4173 * bridge_enqueue:
4174 *
4175 * Enqueue a packet on a bridge member interface.
4176 *
4177 */
4178 static int
4179 bridge_enqueue(ifnet_t bridge_ifp, struct ifnet *src_ifp,
4180 struct ifnet *dst_ifp, struct mbuf *m, ChecksumOperation cksum_op)
4181 {
4182 errno_t error = 0;
4183 int len;
4184
4185 VERIFY(dst_ifp != NULL);
4186
4187 /*
4188 * We may be sending a fragment so traverse the mbuf
4189 *
4190 * NOTE: bridge_fragment() is called only when PFIL_HOOKS is enabled.
4191 */
4192 for (struct mbuf *next_m = NULL; m != NULL; m = next_m) {
4193 errno_t _error;
4194
4195 len = m->m_pkthdr.len;
4196 m->m_flags |= M_PROTO1; /* set to avoid loops */
4197 next_m = m->m_nextpkt;
4198 m->m_nextpkt = NULL;
4199 /*
4200 * need to segment the packet if it is a large frame
4201 * and the destination interface does not support TSO
4202 */
4203 if (if_bridge_segmentation != 0 &&
4204 len > (bridge_ifp->if_mtu + ETHER_HDR_LEN) &&
4205 (dst_ifp->if_capabilities & IFCAP_TSO) != IFCAP_TSO) {
4206 _error = bridge_send_tso(dst_ifp, m);
4207 } else {
4208 _error = bridge_send(src_ifp, dst_ifp, m, cksum_op);
4209 }
4210 /* Preserve first error value */
4211 if (error == 0 && _error != 0) {
4212 error = _error;
4213 }
4214 if (_error == 0) {
4215 (void) ifnet_stat_increment_out(bridge_ifp, 1, len, 0);
4216 } else {
4217 (void) ifnet_stat_increment_out(bridge_ifp, 0, 0, 1);
4218 }
4219 }
4220
4221 return error;
4222 }
4223
4224 #if HAS_BRIDGE_DUMMYNET
4225 /*
4226 * bridge_dummynet:
4227 *
4228 * Receive a queued packet from dummynet and pass it on to the output
4229 * interface.
4230 *
4231 * The mbuf has the Ethernet header already attached.
4232 */
4233 static void
4234 bridge_dummynet(struct mbuf *m, struct ifnet *ifp)
4235 {
4236 struct bridge_softc *sc;
4237
4238 sc = ifp->if_bridge;
4239
4240 /*
4241 * The packet didn't originate from a member interface. This should only
4242 * ever happen if a member interface is removed while packets are
4243 * queued for it.
4244 */
4245 if (sc == NULL) {
4246 m_freem(m);
4247 return;
4248 }
4249
4250 if (PFIL_HOOKED(&inet_pfil_hook) || PFIL_HOOKED_INET6) {
4251 if (bridge_pfil(&m, sc->sc_ifp, ifp, PFIL_OUT) != 0) {
4252 return;
4253 }
4254 if (m == NULL) {
4255 return;
4256 }
4257 }
4258 (void) bridge_enqueue(sc->sc_ifp, NULL, ifp, m, kChecksumOperationNone);
4259 }
4260
4261 #endif /* HAS_BRIDGE_DUMMYNET */
4262
4263 /*
4264 * bridge_member_output:
4265 *
4266 * Send output from a bridge member interface. This
4267 * performs the bridging function for locally originated
4268 * packets.
4269 *
4270 * The mbuf has the Ethernet header already attached.
4271 */
4272 static errno_t
4273 bridge_member_output(struct bridge_softc *sc, ifnet_t ifp, mbuf_t *data)
4274 {
4275 ifnet_t bridge_ifp;
4276 struct ether_header *eh;
4277 struct ifnet *dst_if;
4278 uint16_t vlan;
4279 struct bridge_iflist *mac_nat_bif;
4280 ifnet_t mac_nat_ifp;
4281 mbuf_t m = *data;
4282
4283 #if BRIDGE_DEBUG
4284 if (IF_BRIDGE_DEBUG(BR_DBGF_OUTPUT)) {
4285 printf("%s: ifp %s\n", __func__, ifp->if_xname);
4286 }
4287 #endif /* BRIDGE_DEBUG */
4288
4289 if (m->m_len < ETHER_HDR_LEN) {
4290 m = m_pullup(m, ETHER_HDR_LEN);
4291 if (m == NULL) {
4292 *data = NULL;
4293 return EJUSTRETURN;
4294 }
4295 }
4296
4297 eh = mtod(m, struct ether_header *);
4298 vlan = VLANTAGOF(m);
4299
4300 BRIDGE_LOCK(sc);
4301 mac_nat_bif = sc->sc_mac_nat_bif;
4302 mac_nat_ifp = (mac_nat_bif != NULL) ? mac_nat_bif->bif_ifp : NULL;
4303 if (mac_nat_ifp == ifp) {
4304 /* record the IP address used by the MAC NAT interface */
4305 (void)bridge_mac_nat_output(sc, mac_nat_bif, data, NULL);
4306 m = *data;
4307 if (m == NULL) {
4308 /* packet was deallocated */
4309 BRIDGE_UNLOCK(sc);
4310 return EJUSTRETURN;
4311 }
4312 }
4313 bridge_ifp = sc->sc_ifp;
4314
4315 /*
4316 * APPLE MODIFICATION
4317 * If the packet is an 802.1X ethertype, then only send on the
4318 * original output interface.
4319 */
4320 if (eh->ether_type == htons(ETHERTYPE_PAE)) {
4321 dst_if = ifp;
4322 goto sendunicast;
4323 }
4324
4325 /*
4326 * If bridge is down, but the original output interface is up,
4327 * go ahead and send out that interface. Otherwise, the packet
4328 * is dropped below.
4329 */
4330 if ((bridge_ifp->if_flags & IFF_RUNNING) == 0) {
4331 dst_if = ifp;
4332 goto sendunicast;
4333 }
4334
4335 /*
4336 * If the packet is a multicast, or we don't know a better way to
4337 * get there, send to all interfaces.
4338 */
4339 if (ETHER_IS_MULTICAST(eh->ether_dhost)) {
4340 dst_if = NULL;
4341 } else {
4342 dst_if = bridge_rtlookup(sc, eh->ether_dhost, vlan);
4343 }
4344 if (dst_if == NULL) {
4345 struct bridge_iflist *bif;
4346 struct mbuf *mc;
4347 int used = 0;
4348 errno_t error;
4349
4350
4351 bridge_span(sc, m);
4352
4353 BRIDGE_LOCK2REF(sc, error);
4354 if (error != 0) {
4355 m_freem(m);
4356 return EJUSTRETURN;
4357 }
4358
4359 TAILQ_FOREACH(bif, &sc->sc_iflist, bif_next) {
4360 /* skip interface with inactive link status */
4361 if ((bif->bif_flags & BIFF_MEDIA_ACTIVE) == 0) {
4362 continue;
4363 }
4364 dst_if = bif->bif_ifp;
4365
4366 #if 0
4367 if (dst_if->if_type == IFT_GIF) {
4368 continue;
4369 }
4370 #endif
4371 if ((dst_if->if_flags & IFF_RUNNING) == 0) {
4372 continue;
4373 }
4374 if (dst_if != ifp) {
4375 /*
4376 * If this is not the original output interface,
4377 * and the interface is participating in spanning
4378 * tree, make sure the port is in a state that
4379 * allows forwarding.
4380 */
4381 if ((bif->bif_ifflags & IFBIF_STP) &&
4382 bif->bif_stp.bp_state == BSTP_IFSTATE_DISCARDING) {
4383 continue;
4384 }
4385 /*
4386 * If this is not the original output interface,
4387 * and the destination is the MAC NAT interface,
4388 * drop the packet. The packet can't be sent
4389 * if the source MAC is incorrect.
4390 */
4391 if (dst_if == mac_nat_ifp) {
4392 continue;
4393 }
4394 }
4395 if (TAILQ_NEXT(bif, bif_next) == NULL) {
4396 used = 1;
4397 mc = m;
4398 } else {
4399 mc = m_dup(m, M_DONTWAIT);
4400 if (mc == NULL) {
4401 (void) ifnet_stat_increment_out(
4402 bridge_ifp, 0, 0, 1);
4403 continue;
4404 }
4405 }
4406 (void) bridge_enqueue(bridge_ifp, ifp, dst_if,
4407 mc, kChecksumOperationCompute);
4408 }
4409 if (used == 0) {
4410 m_freem(m);
4411 }
4412 BRIDGE_UNREF(sc);
4413 return EJUSTRETURN;
4414 }
4415
4416 sendunicast:
4417 /*
4418 * XXX Spanning tree consideration here?
4419 */
4420
4421 bridge_span(sc, m);
4422 if ((dst_if->if_flags & IFF_RUNNING) == 0) {
4423 m_freem(m);
4424 BRIDGE_UNLOCK(sc);
4425 return EJUSTRETURN;
4426 }
4427
4428 BRIDGE_UNLOCK(sc);
4429 if (dst_if == ifp) {
4430 /* just let the packet continue on its way */
4431 return 0;
4432 }
4433 if (dst_if != mac_nat_ifp) {
4434 (void) bridge_enqueue(bridge_ifp, ifp, dst_if, m,
4435 kChecksumOperationCompute);
4436 } else {
4437 /*
4438 * This is not the original output interface
4439 * and the destination is the MAC NAT interface.
4440 * Drop the packet because the packet can't be sent
4441 * if the source MAC is incorrect.
4442 */
4443 m_freem(m);
4444 }
4445 return EJUSTRETURN;
4446 }
4447
4448 /*
4449 * Output callback.
4450 *
4451 * This routine is called externally from above only when if_bridge_txstart
4452 * is disabled; otherwise it is called internally by bridge_start().
4453 */
4454 static int
4455 bridge_output(struct ifnet *ifp, struct mbuf *m)
4456 {
4457 struct bridge_softc *sc = ifnet_softc(ifp);
4458 struct ether_header *eh;
4459 struct ifnet *dst_if = NULL;
4460 int error = 0;
4461
4462 eh = mtod(m, struct ether_header *);
4463
4464 BRIDGE_LOCK(sc);
4465
4466 if (!(m->m_flags & (M_BCAST | M_MCAST))) {
4467 dst_if = bridge_rtlookup(sc, eh->ether_dhost, 0);
4468 }
4469
4470 (void) ifnet_stat_increment_out(ifp, 1, m->m_pkthdr.len, 0);
4471
4472 #if NBPFILTER > 0
4473 if (sc->sc_bpf_output) {
4474 bridge_bpf_output(ifp, m);
4475 }
4476 #endif
4477
4478 if (dst_if == NULL) {
4479 /* callee will unlock */
4480 bridge_broadcast(sc, NULL, m, 0);
4481 } else {
4482 ifnet_t bridge_ifp;
4483
4484 bridge_ifp = sc->sc_ifp;
4485 BRIDGE_UNLOCK(sc);
4486 error = bridge_enqueue(bridge_ifp, NULL, dst_if, m,
4487 kChecksumOperationFinalize);
4488 }
4489
4490 return error;
4491 }
4492
4493 static void
4494 bridge_finalize_cksum(struct ifnet *ifp, struct mbuf *m)
4495 {
4496 struct ether_header *eh = mtod(m, struct ether_header *);
4497 uint32_t sw_csum, hwcap;
4498
4499
4500 if (ifp != NULL) {
4501 hwcap = (ifp->if_hwassist | CSUM_DATA_VALID);
4502 } else {
4503 hwcap = 0;
4504 }
4505
4506 /* do in software what the hardware cannot */
4507 sw_csum = m->m_pkthdr.csum_flags & ~IF_HWASSIST_CSUM_FLAGS(hwcap);
4508 sw_csum &= IF_HWASSIST_CSUM_MASK;
4509
4510 switch (ntohs(eh->ether_type)) {
4511 case ETHERTYPE_IP:
4512 if ((hwcap & CSUM_PARTIAL) && !(sw_csum & CSUM_DELAY_DATA) &&
4513 (m->m_pkthdr.csum_flags & CSUM_DELAY_DATA)) {
4514 if (m->m_pkthdr.csum_flags & CSUM_TCP) {
4515 uint16_t start =
4516 sizeof(*eh) + sizeof(struct ip);
4517 uint16_t ulpoff =
4518 m->m_pkthdr.csum_data & 0xffff;
4519 m->m_pkthdr.csum_flags |=
4520 (CSUM_DATA_VALID | CSUM_PARTIAL);
4521 m->m_pkthdr.csum_tx_stuff = (ulpoff + start);
4522 m->m_pkthdr.csum_tx_start = start;
4523 } else {
4524 sw_csum |= (CSUM_DELAY_DATA &
4525 m->m_pkthdr.csum_flags);
4526 }
4527 }
4528 (void) in_finalize_cksum(m, sizeof(*eh), sw_csum);
4529 break;
4530
4531 case ETHERTYPE_IPV6:
4532 if ((hwcap & CSUM_PARTIAL) &&
4533 !(sw_csum & CSUM_DELAY_IPV6_DATA) &&
4534 (m->m_pkthdr.csum_flags & CSUM_DELAY_IPV6_DATA)) {
4535 if (m->m_pkthdr.csum_flags & CSUM_TCPIPV6) {
4536 uint16_t start =
4537 sizeof(*eh) + sizeof(struct ip6_hdr);
4538 uint16_t ulpoff =
4539 m->m_pkthdr.csum_data & 0xffff;
4540 m->m_pkthdr.csum_flags |=
4541 (CSUM_DATA_VALID | CSUM_PARTIAL);
4542 m->m_pkthdr.csum_tx_stuff = (ulpoff + start);
4543 m->m_pkthdr.csum_tx_start = start;
4544 } else {
4545 sw_csum |= (CSUM_DELAY_IPV6_DATA &
4546 m->m_pkthdr.csum_flags);
4547 }
4548 }
4549 (void) in6_finalize_cksum(m, sizeof(*eh), -1, -1, sw_csum);
4550 break;
4551 }
4552 }
4553
4554 /*
4555 * bridge_start:
4556 *
4557 * Start output on a bridge.
4558 *
4559 * This routine is invoked by the start worker thread; because we never call
4560 * it directly, there is no need do deploy any serialization mechanism other
4561 * than what's already used by the worker thread, i.e. this is already single
4562 * threaded.
4563 *
4564 * This routine is called only when if_bridge_txstart is enabled.
4565 */
4566 static void
4567 bridge_start(struct ifnet *ifp)
4568 {
4569 struct mbuf *m;
4570
4571 for (;;) {
4572 if (ifnet_dequeue(ifp, &m) != 0) {
4573 break;
4574 }
4575
4576 (void) bridge_output(ifp, m);
4577 }
4578 }
4579
4580 /*
4581 * bridge_forward:
4582 *
4583 * The forwarding function of the bridge.
4584 *
4585 * NOTE: Releases the lock on return.
4586 */
4587 static void
4588 bridge_forward(struct bridge_softc *sc, struct bridge_iflist *sbif,
4589 struct mbuf *m)
4590 {
4591 struct bridge_iflist *dbif;
4592 ifnet_t bridge_ifp;
4593 struct ifnet *src_if, *dst_if;
4594 struct ether_header *eh;
4595 uint16_t vlan;
4596 uint8_t *dst;
4597 int error;
4598 struct mac_nat_record mnr;
4599 boolean_t translate_mac = FALSE;
4600 uint32_t sc_filter_flags = 0;
4601
4602 BRIDGE_LOCK_ASSERT_HELD(sc);
4603
4604 bridge_ifp = sc->sc_ifp;
4605 #if BRIDGE_DEBUG
4606 if (IF_BRIDGE_DEBUG(BR_DBGF_OUTPUT)) {
4607 printf("%s: %s m 0x%llx\n", __func__, bridge_ifp->if_xname,
4608 (uint64_t)VM_KERNEL_ADDRPERM(m));
4609 }
4610 #endif /* BRIDGE_DEBUG */
4611
4612 src_if = m->m_pkthdr.rcvif;
4613
4614 (void) ifnet_stat_increment_in(bridge_ifp, 1, m->m_pkthdr.len, 0);
4615 vlan = VLANTAGOF(m);
4616
4617
4618 if ((sbif->bif_ifflags & IFBIF_STP) &&
4619 sbif->bif_stp.bp_state == BSTP_IFSTATE_DISCARDING) {
4620 goto drop;
4621 }
4622
4623 eh = mtod(m, struct ether_header *);
4624 dst = eh->ether_dhost;
4625
4626 /* If the interface is learning, record the address. */
4627 if (sbif->bif_ifflags & IFBIF_LEARNING) {
4628 error = bridge_rtupdate(sc, eh->ether_shost, vlan,
4629 sbif, 0, IFBAF_DYNAMIC);
4630 /*
4631 * If the interface has addresses limits then deny any source
4632 * that is not in the cache.
4633 */
4634 if (error && sbif->bif_addrmax) {
4635 goto drop;
4636 }
4637 }
4638
4639 if ((sbif->bif_ifflags & IFBIF_STP) != 0 &&
4640 sbif->bif_stp.bp_state == BSTP_IFSTATE_LEARNING) {
4641 goto drop;
4642 }
4643
4644 /*
4645 * At this point, the port either doesn't participate
4646 * in spanning tree or it is in the forwarding state.
4647 */
4648
4649 /*
4650 * If the packet is unicast, destined for someone on
4651 * "this" side of the bridge, drop it.
4652 */
4653 if ((m->m_flags & (M_BCAST | M_MCAST)) == 0) {
4654 /* unicast */
4655 dst_if = bridge_rtlookup(sc, dst, vlan);
4656 if (src_if == dst_if) {
4657 goto drop;
4658 }
4659 } else {
4660 /* broadcast/multicast */
4661
4662 /*
4663 * Check if its a reserved multicast address, any address
4664 * listed in 802.1D section 7.12.6 may not be forwarded by the
4665 * bridge.
4666 * This is currently 01-80-C2-00-00-00 to 01-80-C2-00-00-0F
4667 */
4668 if (dst[0] == 0x01 && dst[1] == 0x80 &&
4669 dst[2] == 0xc2 && dst[3] == 0x00 &&
4670 dst[4] == 0x00 && dst[5] <= 0x0f) {
4671 goto drop;
4672 }
4673
4674
4675 /* ...forward it to all interfaces. */
4676 atomic_add_64(&bridge_ifp->if_imcasts, 1);
4677 dst_if = NULL;
4678 }
4679
4680 /*
4681 * If we have a destination interface which is a member of our bridge,
4682 * OR this is a unicast packet, push it through the bpf(4) machinery.
4683 * For broadcast or multicast packets, don't bother because it will
4684 * be reinjected into ether_input. We do this before we pass the packets
4685 * through the pfil(9) framework, as it is possible that pfil(9) will
4686 * drop the packet, or possibly modify it, making it difficult to debug
4687 * firewall issues on the bridge.
4688 */
4689 #if NBPFILTER > 0
4690 if (eh->ether_type == htons(ETHERTYPE_RSN_PREAUTH) ||
4691 dst_if != NULL || (m->m_flags & (M_BCAST | M_MCAST)) == 0) {
4692 m->m_pkthdr.rcvif = bridge_ifp;
4693 BRIDGE_BPF_MTAP_INPUT(sc, m);
4694 }
4695 #endif /* NBPFILTER */
4696
4697 if (dst_if == NULL) {
4698 /* bridge_broadcast will unlock */
4699 bridge_broadcast(sc, src_if, m, 1);
4700 return;
4701 }
4702
4703 /*
4704 * Unicast.
4705 */
4706 /*
4707 * At this point, we're dealing with a unicast frame
4708 * going to a different interface.
4709 */
4710 if ((dst_if->if_flags & IFF_RUNNING) == 0) {
4711 goto drop;
4712 }
4713
4714 dbif = bridge_lookup_member_if(sc, dst_if);
4715 if (dbif == NULL) {
4716 /* Not a member of the bridge (anymore?) */
4717 goto drop;
4718 }
4719
4720 /* Private segments can not talk to each other */
4721 if (sbif->bif_ifflags & dbif->bif_ifflags & IFBIF_PRIVATE) {
4722 goto drop;
4723 }
4724
4725 if ((dbif->bif_ifflags & IFBIF_STP) &&
4726 dbif->bif_stp.bp_state == BSTP_IFSTATE_DISCARDING) {
4727 goto drop;
4728 }
4729
4730 #if HAS_DHCPRA_MASK
4731 /* APPLE MODIFICATION <rdar:6985737> */
4732 if ((dst_if->if_extflags & IFEXTF_DHCPRA_MASK) != 0) {
4733 m = ip_xdhcpra_output(dst_if, m);
4734 if (!m) {
4735 ++bridge_ifp.if_xdhcpra;
4736 BRIDGE_UNLOCK(sc);
4737 return;
4738 }
4739 }
4740 #endif /* HAS_DHCPRA_MASK */
4741
4742 if (dbif == sc->sc_mac_nat_bif) {
4743 /* determine how to translate the packet */
4744 translate_mac
4745 = bridge_mac_nat_output(sc, sbif, &m, &mnr);
4746 if (m == NULL) {
4747 /* packet was deallocated */
4748 BRIDGE_UNLOCK(sc);
4749 return;
4750 }
4751 }
4752
4753 sc_filter_flags = sc->sc_filter_flags;
4754 BRIDGE_UNLOCK(sc);
4755 if (PF_IS_ENABLED && (sc_filter_flags & IFBF_FILT_MEMBER)) {
4756 if (bridge_pf(&m, dst_if, sc_filter_flags, FALSE) != 0) {
4757 return;
4758 }
4759 if (m == NULL) {
4760 return;
4761 }
4762 }
4763
4764 /* if we need to, translate the MAC address */
4765 if (translate_mac) {
4766 bridge_mac_nat_translate(&m, &mnr, IF_LLADDR(dst_if));
4767 }
4768 /*
4769 * This is an inbound packet where the checksum
4770 * (if applicable) is already present/valid. Since
4771 * we are just doing layer 2 forwarding (not IP
4772 * forwarding), there's no need to validate the checksum.
4773 * Clear the checksum offload flags and send it along.
4774 */
4775 if (m != NULL) {
4776 (void) bridge_enqueue(bridge_ifp, NULL, dst_if, m,
4777 kChecksumOperationClear);
4778 }
4779 return;
4780
4781 drop:
4782 BRIDGE_UNLOCK(sc);
4783 m_freem(m);
4784 }
4785
4786 #if BRIDGE_DEBUG
4787
4788 static char *
4789 ether_ntop(char *buf, size_t len, const u_char *ap)
4790 {
4791 snprintf(buf, len, "%02x:%02x:%02x:%02x:%02x:%02x",
4792 ap[0], ap[1], ap[2], ap[3], ap[4], ap[5]);
4793
4794 return buf;
4795 }
4796
4797 #endif /* BRIDGE_DEBUG */
4798
4799 static void
4800 inject_input_packet(ifnet_t ifp, mbuf_t m)
4801 {
4802 mbuf_pkthdr_setrcvif(m, ifp);
4803 mbuf_pkthdr_setheader(m, mbuf_data(m));
4804 mbuf_setdata(m, (char *)mbuf_data(m) + ETHER_HDR_LEN,
4805 mbuf_len(m) - ETHER_HDR_LEN);
4806 mbuf_pkthdr_adjustlen(m, -ETHER_HDR_LEN);
4807 m->m_flags |= M_PROTO1; /* set to avoid loops */
4808 dlil_input_packet_list(ifp, m);
4809 return;
4810 }
4811
4812 static boolean_t
4813 in_addr_is_ours(struct in_addr ip)
4814 {
4815 struct in_ifaddr *ia;
4816 boolean_t ours = FALSE;
4817
4818 lck_rw_lock_shared(in_ifaddr_rwlock);
4819 TAILQ_FOREACH(ia, INADDR_HASH(ip.s_addr), ia_hash) {
4820 if (IA_SIN(ia)->sin_addr.s_addr == ip.s_addr) {
4821 ours = TRUE;
4822 break;
4823 }
4824 }
4825 lck_rw_done(in_ifaddr_rwlock);
4826 return ours;
4827 }
4828
4829 static boolean_t
4830 in6_addr_is_ours(const struct in6_addr * ip6_p)
4831 {
4832 struct in6_ifaddr *ia6;
4833 boolean_t ours = FALSE;
4834
4835 lck_rw_lock_shared(&in6_ifaddr_rwlock);
4836 TAILQ_FOREACH(ia6, IN6ADDR_HASH(ip6_p), ia6_hash) {
4837 if (IN6_ARE_ADDR_EQUAL(&ia6->ia_addr.sin6_addr, ip6_p)) {
4838 ours = TRUE;
4839 break;
4840 }
4841 }
4842 lck_rw_done(&in6_ifaddr_rwlock);
4843 return ours;
4844 }
4845
4846 static void
4847 bridge_interface_input(ifnet_t bridge_ifp, mbuf_t m,
4848 bpf_packet_func bpf_input_func)
4849 {
4850 size_t byte_count;
4851 struct ether_header *eh;
4852 uint16_t ether_type;
4853 errno_t error;
4854 boolean_t is_ipv4;
4855 int len;
4856 u_int mac_hlen;
4857 int pkt_count;
4858
4859 /* segment large packets before sending them up */
4860 if (if_bridge_segmentation == 0) {
4861 goto done;
4862 }
4863 len = m->m_pkthdr.len;
4864 if (len <= (bridge_ifp->if_mtu + ETHER_HDR_LEN)) {
4865 goto done;
4866 }
4867 eh = mtod(m, struct ether_header *);
4868 ether_type = ntohs(eh->ether_type);
4869 switch (ether_type) {
4870 case ETHERTYPE_IP:
4871 is_ipv4 = TRUE;
4872 break;
4873 case ETHERTYPE_IPV6:
4874 is_ipv4 = FALSE;
4875 break;
4876 default:
4877 printf("%s: large non IPv4/IPv6 packet\n", __func__);
4878 m_freem(m);
4879 return;
4880 }
4881
4882 /*
4883 * We have a large IPv4/IPv6 TCP packet. Segment it if required.
4884 *
4885 * If gso_ipv[46]_tcp() returns success (0), the packet(s) are
4886 * ready to be passed up. If the destination is a local IP address,
4887 * the packet will be passed up as a large, single packet.
4888 *
4889 * If gso_ipv[46]_tcp() returns an error, the packet has already
4890 * been freed.
4891 */
4892 mac_hlen = sizeof(*eh);
4893 if (is_ipv4) {
4894 error = gso_ipv4_tcp(bridge_ifp, &m, mac_hlen, FALSE);
4895 } else {
4896 error = gso_ipv6_tcp(bridge_ifp, &m, mac_hlen, FALSE);
4897 }
4898 if (error != 0) {
4899 return;
4900 }
4901
4902 done:
4903 pkt_count = 0;
4904 byte_count = 0;
4905 for (mbuf_t scan = m; scan != NULL; scan = scan->m_nextpkt) {
4906 /* Mark the packet as arriving on the bridge interface */
4907 mbuf_pkthdr_setrcvif(scan, bridge_ifp);
4908 mbuf_pkthdr_setheader(scan, mbuf_data(scan));
4909 if (bpf_input_func != NULL) {
4910 (*bpf_input_func)(bridge_ifp, scan);
4911 }
4912 mbuf_setdata(scan, (char *)mbuf_data(scan) + ETHER_HDR_LEN,
4913 mbuf_len(scan) - ETHER_HDR_LEN);
4914 mbuf_pkthdr_adjustlen(scan, -ETHER_HDR_LEN);
4915 byte_count += mbuf_pkthdr_len(scan);
4916 pkt_count++;
4917 }
4918 (void)ifnet_stat_increment_in(bridge_ifp, pkt_count, byte_count, 0);
4919 #if BRIDGE_DEBUG
4920 if (IF_BRIDGE_DEBUG(BR_DBGF_INPUT)) {
4921 printf("%s: %s %d packet(s) %ld bytes\n", __func__,
4922 bridge_ifp->if_xname, pkt_count, byte_count);
4923 }
4924 #endif /* BRIDGE_DEBUG */
4925
4926 dlil_input_packet_list(bridge_ifp, m);
4927 return;
4928 }
4929
4930 /*
4931 * bridge_input:
4932 *
4933 * Filter input from a member interface. Queue the packet for
4934 * bridging if it is not for us.
4935 */
4936 errno_t
4937 bridge_input(struct ifnet *ifp, mbuf_t *data)
4938 {
4939 struct bridge_softc *sc = ifp->if_bridge;
4940 struct bridge_iflist *bif, *bif2;
4941 ifnet_t bridge_ifp;
4942 struct ether_header *eh;
4943 struct mbuf *mc, *mc2;
4944 uint16_t vlan;
4945 errno_t error;
4946 boolean_t is_broadcast;
4947 boolean_t is_ip_broadcast = FALSE;
4948 boolean_t is_ifp_mac = FALSE;
4949 mbuf_t m = *data;
4950 uint32_t sc_filter_flags = 0;
4951
4952 bridge_ifp = sc->sc_ifp;
4953 #if BRIDGE_DEBUG
4954 if (IF_BRIDGE_DEBUG(BR_DBGF_INPUT)) {
4955 printf("%s: %s from %s m 0x%llx data 0x%llx\n", __func__,
4956 bridge_ifp->if_xname, ifp->if_xname,
4957 (uint64_t)VM_KERNEL_ADDRPERM(m),
4958 (uint64_t)VM_KERNEL_ADDRPERM(mbuf_data(m)));
4959 }
4960 #endif /* BRIDGE_DEBUG */
4961
4962 if ((sc->sc_ifp->if_flags & IFF_RUNNING) == 0) {
4963 #if BRIDGE_DEBUG
4964 if (IF_BRIDGE_DEBUG(BR_DBGF_INPUT)) {
4965 printf("%s: %s not running passing along\n",
4966 __func__, bridge_ifp->if_xname);
4967 }
4968 #endif /* BRIDGE_DEBUG */
4969 return 0;
4970 }
4971
4972 vlan = VLANTAGOF(m);
4973
4974 #ifdef IFF_MONITOR
4975 /*
4976 * Implement support for bridge monitoring. If this flag has been
4977 * set on this interface, discard the packet once we push it through
4978 * the bpf(4) machinery, but before we do, increment the byte and
4979 * packet counters associated with this interface.
4980 */
4981 if ((bridge_ifp->if_flags & IFF_MONITOR) != 0) {
4982 m->m_pkthdr.rcvif = bridge_ifp;
4983 BRIDGE_BPF_MTAP_INPUT(sc, m);
4984 (void) ifnet_stat_increment_in(bridge_ifp, 1, m->m_pkthdr.len, 0);
4985 m_freem(m);
4986 return EJUSTRETURN;
4987 }
4988 #endif /* IFF_MONITOR */
4989
4990 /*
4991 * Need to clear the promiscous flags otherwise it will be
4992 * dropped by DLIL after processing filters
4993 */
4994 if ((mbuf_flags(m) & MBUF_PROMISC)) {
4995 mbuf_setflags_mask(m, 0, MBUF_PROMISC);
4996 }
4997
4998 sc_filter_flags = sc->sc_filter_flags;
4999 if (PF_IS_ENABLED && (sc_filter_flags & IFBF_FILT_MEMBER)) {
5000 error = bridge_pf(&m, ifp, sc_filter_flags, TRUE);
5001 if (error != 0) {
5002 return EJUSTRETURN;
5003 }
5004 if (m == NULL) {
5005 return EJUSTRETURN;
5006 }
5007 /*
5008 * bridge_pf could have modified the pointer on success in order
5009 * to do its processing. Updated data such that we don't use a
5010 * stale pointer.
5011 */
5012 *data = m;
5013 }
5014
5015 BRIDGE_LOCK(sc);
5016 bif = bridge_lookup_member_if(sc, ifp);
5017 if (bif == NULL) {
5018 BRIDGE_UNLOCK(sc);
5019 #if BRIDGE_DEBUG
5020 if (IF_BRIDGE_DEBUG(BR_DBGF_INPUT)) {
5021 printf("%s: %s bridge_lookup_member_if failed\n",
5022 __func__, bridge_ifp->if_xname);
5023 }
5024 #endif /* BRIDGE_DEBUG */
5025 return 0;
5026 }
5027
5028 if (bif->bif_flags & BIFF_HOST_FILTER) {
5029 error = bridge_host_filter(bif, data);
5030 if (error != 0) {
5031 if (IF_BRIDGE_DEBUG(BR_DBGF_INPUT)) {
5032 printf("%s: %s bridge_host_filter failed\n",
5033 __func__, bif->bif_ifp->if_xname);
5034 }
5035 BRIDGE_UNLOCK(sc);
5036 return EJUSTRETURN;
5037 }
5038 m = *data;
5039 }
5040
5041 is_broadcast = (m->m_flags & (M_BCAST | M_MCAST)) != 0;
5042 eh = mtod(m, struct ether_header *);
5043 if (!is_broadcast &&
5044 memcmp(eh->ether_dhost, IF_LLADDR(ifp), ETHER_ADDR_LEN) == 0) {
5045 if (sc->sc_mac_nat_bif == bif) {
5046 /* doing MAC-NAT, check if destination is broadcast */
5047 is_ip_broadcast = is_broadcast_ip_packet(data);
5048 if (*data == NULL) {
5049 BRIDGE_UNLOCK(sc);
5050 return EJUSTRETURN;
5051 }
5052 m = *data;
5053 }
5054 if (!is_ip_broadcast) {
5055 is_ifp_mac = TRUE;
5056 }
5057 }
5058
5059 bridge_span(sc, m);
5060
5061 if (is_broadcast || is_ip_broadcast) {
5062 #if BRIDGE_DEBUG
5063 if (is_broadcast && IF_BRIDGE_DEBUG(BR_DBGF_MCAST)) {
5064 if ((m->m_flags & M_MCAST)) {
5065 printf("%s: multicast: "
5066 "%02x:%02x:%02x:%02x:%02x:%02x\n",
5067 __func__,
5068 eh->ether_dhost[0], eh->ether_dhost[1],
5069 eh->ether_dhost[2], eh->ether_dhost[3],
5070 eh->ether_dhost[4], eh->ether_dhost[5]);
5071 }
5072 }
5073 #endif /* BRIDGE_DEBUG */
5074
5075 /* Tap off 802.1D packets; they do not get forwarded. */
5076 if (is_broadcast && memcmp(eh->ether_dhost, bstp_etheraddr,
5077 ETHER_ADDR_LEN) == 0) {
5078 #if BRIDGESTP
5079 m = bstp_input(&bif->bif_stp, ifp, m);
5080 #else /* !BRIDGESTP */
5081 m_freem(m);
5082 m = NULL;
5083 #endif /* !BRIDGESTP */
5084 if (m == NULL) {
5085 BRIDGE_UNLOCK(sc);
5086 return EJUSTRETURN;
5087 }
5088 }
5089
5090 if ((bif->bif_ifflags & IFBIF_STP) &&
5091 bif->bif_stp.bp_state == BSTP_IFSTATE_DISCARDING) {
5092 BRIDGE_UNLOCK(sc);
5093 return 0;
5094 }
5095
5096 /*
5097 * Make a deep copy of the packet and enqueue the copy
5098 * for bridge processing; return the original packet for
5099 * local processing.
5100 */
5101 mc = m_dup(m, M_DONTWAIT);
5102 if (mc == NULL) {
5103 BRIDGE_UNLOCK(sc);
5104 return 0;
5105 }
5106
5107 /*
5108 * Perform the bridge forwarding function with the copy.
5109 *
5110 * Note that bridge_forward calls BRIDGE_UNLOCK
5111 */
5112 if (is_ip_broadcast) {
5113 /* make the copy look like it is actually broadcast */
5114 mc->m_flags |= M_BCAST;
5115 eh = mtod(mc, struct ether_header *);
5116 bcopy(etherbroadcastaddr, eh->ether_dhost,
5117 ETHER_ADDR_LEN);
5118 }
5119 bridge_forward(sc, bif, mc);
5120
5121 /*
5122 * Reinject the mbuf as arriving on the bridge so we have a
5123 * chance at claiming multicast packets. We can not loop back
5124 * here from ether_input as a bridge is never a member of a
5125 * bridge.
5126 */
5127 VERIFY(bridge_ifp->if_bridge == NULL);
5128 mc2 = m_dup(m, M_DONTWAIT);
5129 if (mc2 != NULL) {
5130 /* Keep the layer3 header aligned */
5131 int i = min(mc2->m_pkthdr.len, max_protohdr);
5132 mc2 = m_copyup(mc2, i, ETHER_ALIGN);
5133 }
5134 if (mc2 != NULL) {
5135 /* mark packet as arriving on the bridge */
5136 mc2->m_pkthdr.rcvif = bridge_ifp;
5137 mc2->m_pkthdr.pkt_hdr = mbuf_data(mc2);
5138
5139 BRIDGE_BPF_MTAP_INPUT(sc, m);
5140
5141 (void) mbuf_setdata(mc2,
5142 (char *)mbuf_data(mc2) + ETHER_HDR_LEN,
5143 mbuf_len(mc2) - ETHER_HDR_LEN);
5144 (void) mbuf_pkthdr_adjustlen(mc2, -ETHER_HDR_LEN);
5145
5146 (void) ifnet_stat_increment_in(bridge_ifp, 1,
5147 mbuf_pkthdr_len(mc2), 0);
5148
5149 #if BRIDGE_DEBUG
5150 if (IF_BRIDGE_DEBUG(BR_DBGF_MCAST)) {
5151 printf("%s: %s mcast for us\n", __func__,
5152 bridge_ifp->if_xname);
5153 }
5154 #endif /* BRIDGE_DEBUG */
5155
5156 dlil_input_packet_list(bridge_ifp, mc2);
5157 }
5158
5159 /* Return the original packet for local processing. */
5160 return 0;
5161 }
5162
5163 if ((bif->bif_ifflags & IFBIF_STP) &&
5164 bif->bif_stp.bp_state == BSTP_IFSTATE_DISCARDING) {
5165 BRIDGE_UNLOCK(sc);
5166 return 0;
5167 }
5168
5169 #ifdef DEV_CARP
5170 #define CARP_CHECK_WE_ARE_DST(iface) \
5171 ((iface)->if_carp &&\
5172 carp_forus((iface)->if_carp, eh->ether_dhost))
5173 #define CARP_CHECK_WE_ARE_SRC(iface) \
5174 ((iface)->if_carp &&\
5175 carp_forus((iface)->if_carp, eh->ether_shost))
5176 #else
5177 #define CARP_CHECK_WE_ARE_DST(iface) 0
5178 #define CARP_CHECK_WE_ARE_SRC(iface) 0
5179 #endif
5180
5181 #define PFIL_HOOKED_INET6 PFIL_HOOKED(&inet6_pfil_hook)
5182
5183 #define PFIL_PHYS(sc, ifp, m)
5184
5185 #define GRAB_OUR_PACKETS(iface) \
5186 if ((iface)->if_type == IFT_GIF) \
5187 continue; \
5188 /* It is destined for us. */ \
5189 if (memcmp(IF_LLADDR((iface)), eh->ether_dhost, \
5190 ETHER_ADDR_LEN) == 0 || CARP_CHECK_WE_ARE_DST((iface))) { \
5191 if ((iface)->if_type == IFT_BRIDGE) { \
5192 BRIDGE_BPF_MTAP_INPUT(sc, m); \
5193 /* Filter on the physical interface. */ \
5194 PFIL_PHYS(sc, iface, m); \
5195 } else { \
5196 bpf_tap_in(iface, DLT_EN10MB, m, NULL, 0); \
5197 } \
5198 if (bif->bif_ifflags & IFBIF_LEARNING) { \
5199 error = bridge_rtupdate(sc, eh->ether_shost, \
5200 vlan, bif, 0, IFBAF_DYNAMIC); \
5201 if (error && bif->bif_addrmax) { \
5202 BRIDGE_UNLOCK(sc); \
5203 m_freem(m); \
5204 return (EJUSTRETURN); \
5205 } \
5206 } \
5207 BRIDGE_UNLOCK(sc); \
5208 inject_input_packet(iface, m); \
5209 return (EJUSTRETURN); \
5210 } \
5211 \
5212 /* We just received a packet that we sent out. */ \
5213 if (memcmp(IF_LLADDR((iface)), eh->ether_shost, \
5214 ETHER_ADDR_LEN) == 0 || CARP_CHECK_WE_ARE_SRC((iface))) { \
5215 BRIDGE_UNLOCK(sc); \
5216 m_freem(m); \
5217 return (EJUSTRETURN); \
5218 }
5219
5220 /*
5221 * Unicast.
5222 */
5223
5224 /* handle MAC-NAT if enabled */
5225 if (is_ifp_mac && sc->sc_mac_nat_bif == bif) {
5226 ifnet_t dst_if;
5227 boolean_t is_input = FALSE;
5228
5229 dst_if = bridge_mac_nat_input(sc, data, &is_input);
5230 m = *data;
5231 if (dst_if == ifp) {
5232 /* our input packet */
5233 } else if (dst_if != NULL || m == NULL) {
5234 BRIDGE_UNLOCK(sc);
5235 if (dst_if != NULL) {
5236 ASSERT(m != NULL);
5237 if (is_input) {
5238 inject_input_packet(dst_if, m);
5239 } else {
5240 (void)bridge_enqueue(bridge_ifp, NULL,
5241 dst_if, m,
5242 kChecksumOperationClear);
5243 }
5244 }
5245 return EJUSTRETURN;
5246 }
5247 }
5248
5249 /*
5250 * If the packet is for the bridge, pass it up for local processing.
5251 */
5252 if (memcmp(eh->ether_dhost, IF_LLADDR(bridge_ifp),
5253 ETHER_ADDR_LEN) == 0 || CARP_CHECK_WE_ARE_DST(bridge_ifp)) {
5254 bpf_packet_func bpf_input_func = sc->sc_bpf_input;
5255
5256 /*
5257 * If the interface is learning, and the source
5258 * address is valid and not multicast, record
5259 * the address.
5260 */
5261 if (bif->bif_ifflags & IFBIF_LEARNING) {
5262 (void) bridge_rtupdate(sc, eh->ether_shost,
5263 vlan, bif, 0, IFBAF_DYNAMIC);
5264 }
5265 BRIDGE_UNLOCK(sc);
5266
5267 bridge_interface_input(bridge_ifp, m, bpf_input_func);
5268 return EJUSTRETURN;
5269 }
5270
5271 /*
5272 * if the destination of the packet is for the MAC address of
5273 * the member interface itself, then we don't need to forward
5274 * it -- just pass it back. Note that it'll likely just be
5275 * dropped by the stack, but if something else is bound to
5276 * the interface directly (for example, the wireless stats
5277 * protocol -- although that actually uses BPF right now),
5278 * then it will consume the packet
5279 *
5280 * ALSO, note that we do this check AFTER checking for the
5281 * bridge's own MAC address, because the bridge may be
5282 * using the SAME MAC address as one of its interfaces
5283 */
5284 if (is_ifp_mac) {
5285
5286 #ifdef VERY_VERY_VERY_DIAGNOSTIC
5287 printf("%s: not forwarding packet bound for member "
5288 "interface\n", __func__);
5289 #endif
5290
5291 BRIDGE_UNLOCK(sc);
5292 return 0;
5293 }
5294
5295 /* Now check the remaining bridge members. */
5296 TAILQ_FOREACH(bif2, &sc->sc_iflist, bif_next) {
5297 if (bif2->bif_ifp != ifp) {
5298 GRAB_OUR_PACKETS(bif2->bif_ifp);
5299 }
5300 }
5301
5302 #undef CARP_CHECK_WE_ARE_DST
5303 #undef CARP_CHECK_WE_ARE_SRC
5304 #undef GRAB_OUR_PACKETS
5305
5306 /*
5307 * Perform the bridge forwarding function.
5308 *
5309 * Note that bridge_forward calls BRIDGE_UNLOCK
5310 */
5311 bridge_forward(sc, bif, m);
5312
5313 return EJUSTRETURN;
5314 }
5315
5316 /*
5317 * bridge_broadcast:
5318 *
5319 * Send a frame to all interfaces that are members of
5320 * the bridge, except for the one on which the packet
5321 * arrived.
5322 *
5323 * NOTE: Releases the lock on return.
5324 */
5325 static void
5326 bridge_broadcast(struct bridge_softc *sc, struct ifnet *src_if,
5327 struct mbuf *m, int runfilt)
5328 {
5329 ifnet_t bridge_ifp;
5330 struct bridge_iflist *dbif, *sbif;
5331 struct mbuf *mc;
5332 struct mbuf *mc_in;
5333 struct ifnet *dst_if;
5334 int error = 0, used = 0;
5335 boolean_t bridge_if_out;
5336 ChecksumOperation cksum_op;
5337 struct mac_nat_record mnr;
5338 struct bridge_iflist *mac_nat_bif = sc->sc_mac_nat_bif;
5339 boolean_t translate_mac = FALSE;
5340 uint32_t sc_filter_flags = 0;
5341
5342 bridge_ifp = sc->sc_ifp;
5343 if (src_if != NULL) {
5344 bridge_if_out = FALSE;
5345 cksum_op = kChecksumOperationClear;
5346 sbif = bridge_lookup_member_if(sc, src_if);
5347 if (sbif != NULL && mac_nat_bif != NULL && sbif != mac_nat_bif) {
5348 /* get the translation record while holding the lock */
5349 translate_mac
5350 = bridge_mac_nat_output(sc, sbif, &m, &mnr);
5351 if (m == NULL) {
5352 /* packet was deallocated */
5353 BRIDGE_UNLOCK(sc);
5354 return;
5355 }
5356 }
5357 } else {
5358 /*
5359 * src_if is NULL when the bridge interface calls
5360 * bridge_broadcast().
5361 */
5362 bridge_if_out = TRUE;
5363 cksum_op = kChecksumOperationFinalize;
5364 sbif = NULL;
5365 }
5366
5367 BRIDGE_LOCK2REF(sc, error);
5368 if (error) {
5369 m_freem(m);
5370 return;
5371 }
5372
5373 TAILQ_FOREACH(dbif, &sc->sc_iflist, bif_next) {
5374 dst_if = dbif->bif_ifp;
5375 if (dst_if == src_if) {
5376 /* skip the interface that the packet came in on */
5377 continue;
5378 }
5379
5380 /* Private segments can not talk to each other */
5381 if (sbif != NULL &&
5382 (sbif->bif_ifflags & dbif->bif_ifflags & IFBIF_PRIVATE)) {
5383 continue;
5384 }
5385
5386 if ((dbif->bif_ifflags & IFBIF_STP) &&
5387 dbif->bif_stp.bp_state == BSTP_IFSTATE_DISCARDING) {
5388 continue;
5389 }
5390
5391 if ((dbif->bif_ifflags & IFBIF_DISCOVER) == 0 &&
5392 (m->m_flags & (M_BCAST | M_MCAST)) == 0) {
5393 continue;
5394 }
5395
5396 if ((dst_if->if_flags & IFF_RUNNING) == 0) {
5397 continue;
5398 }
5399
5400 if (!(dbif->bif_flags & BIFF_MEDIA_ACTIVE)) {
5401 continue;
5402 }
5403
5404 if (TAILQ_NEXT(dbif, bif_next) == NULL) {
5405 mc = m;
5406 used = 1;
5407 } else {
5408 mc = m_dup(m, M_DONTWAIT);
5409 if (mc == NULL) {
5410 (void) ifnet_stat_increment_out(bridge_ifp,
5411 0, 0, 1);
5412 continue;
5413 }
5414 }
5415
5416 /*
5417 * If broadcast input is enabled, do so only if this
5418 * is an input packet.
5419 */
5420 if (!bridge_if_out &&
5421 (dbif->bif_flags & BIFF_INPUT_BROADCAST) != 0) {
5422 mc_in = m_dup(mc, M_DONTWAIT);
5423 /* this could fail, but we continue anyways */
5424 } else {
5425 mc_in = NULL;
5426 }
5427
5428 /* out */
5429 if (translate_mac && mac_nat_bif == dbif) {
5430 /* translate the packet without holding the lock */
5431 bridge_mac_nat_translate(&mc, &mnr, IF_LLADDR(dst_if));
5432 }
5433
5434 sc_filter_flags = sc->sc_filter_flags;
5435 if (runfilt &&
5436 PF_IS_ENABLED && (sc_filter_flags & IFBF_FILT_MEMBER)) {
5437 if (used == 0) {
5438 /* Keep the layer3 header aligned */
5439 int i = min(mc->m_pkthdr.len, max_protohdr);
5440 mc = m_copyup(mc, i, ETHER_ALIGN);
5441 if (mc == NULL) {
5442 (void) ifnet_stat_increment_out(
5443 sc->sc_ifp, 0, 0, 1);
5444 if (mc_in != NULL) {
5445 m_freem(mc_in);
5446 mc_in = NULL;
5447 }
5448 continue;
5449 }
5450 }
5451 if (bridge_pf(&mc, dst_if, sc_filter_flags, FALSE) != 0) {
5452 if (mc_in != NULL) {
5453 m_freem(mc_in);
5454 mc_in = NULL;
5455 }
5456 continue;
5457 }
5458 if (mc == NULL) {
5459 if (mc_in != NULL) {
5460 m_freem(mc_in);
5461 mc_in = NULL;
5462 }
5463 continue;
5464 }
5465 }
5466
5467 if (mc != NULL) {
5468 (void) bridge_enqueue(bridge_ifp,
5469 NULL, dst_if, mc, cksum_op);
5470 }
5471
5472 /* in */
5473 if (mc_in == NULL) {
5474 continue;
5475 }
5476 bpf_tap_in(dst_if, DLT_EN10MB, mc_in, NULL, 0);
5477 mbuf_pkthdr_setrcvif(mc_in, dst_if);
5478 mbuf_pkthdr_setheader(mc_in, mbuf_data(mc_in));
5479 mbuf_setdata(mc_in, (char *)mbuf_data(mc_in) + ETHER_HDR_LEN,
5480 mbuf_len(mc_in) - ETHER_HDR_LEN);
5481 mbuf_pkthdr_adjustlen(mc_in, -ETHER_HDR_LEN);
5482 mc_in->m_flags |= M_PROTO1; /* set to avoid loops */
5483 dlil_input_packet_list(dst_if, mc_in);
5484 }
5485 if (used == 0) {
5486 m_freem(m);
5487 }
5488
5489
5490 BRIDGE_UNREF(sc);
5491 }
5492
5493 /*
5494 * bridge_span:
5495 *
5496 * Duplicate a packet out one or more interfaces that are in span mode,
5497 * the original mbuf is unmodified.
5498 */
5499 static void
5500 bridge_span(struct bridge_softc *sc, struct mbuf *m)
5501 {
5502 struct bridge_iflist *bif;
5503 struct ifnet *dst_if;
5504 struct mbuf *mc;
5505
5506 if (TAILQ_EMPTY(&sc->sc_spanlist)) {
5507 return;
5508 }
5509
5510 TAILQ_FOREACH(bif, &sc->sc_spanlist, bif_next) {
5511 dst_if = bif->bif_ifp;
5512
5513 if ((dst_if->if_flags & IFF_RUNNING) == 0) {
5514 continue;
5515 }
5516
5517 mc = m_copypacket(m, M_DONTWAIT);
5518 if (mc == NULL) {
5519 (void) ifnet_stat_increment_out(sc->sc_ifp, 0, 0, 1);
5520 continue;
5521 }
5522
5523 (void) bridge_enqueue(sc->sc_ifp, NULL, dst_if, mc,
5524 kChecksumOperationNone);
5525 }
5526 }
5527
5528
5529 /*
5530 * bridge_rtupdate:
5531 *
5532 * Add a bridge routing entry.
5533 */
5534 static int
5535 bridge_rtupdate(struct bridge_softc *sc, const uint8_t *dst, uint16_t vlan,
5536 struct bridge_iflist *bif, int setflags, uint8_t flags)
5537 {
5538 struct bridge_rtnode *brt;
5539 int error;
5540
5541 BRIDGE_LOCK_ASSERT_HELD(sc);
5542
5543 /* Check the source address is valid and not multicast. */
5544 if (ETHER_IS_MULTICAST(dst) ||
5545 (dst[0] == 0 && dst[1] == 0 && dst[2] == 0 &&
5546 dst[3] == 0 && dst[4] == 0 && dst[5] == 0) != 0) {
5547 return EINVAL;
5548 }
5549
5550
5551 /* 802.1p frames map to vlan 1 */
5552 if (vlan == 0) {
5553 vlan = 1;
5554 }
5555
5556 /*
5557 * A route for this destination might already exist. If so,
5558 * update it, otherwise create a new one.
5559 */
5560 if ((brt = bridge_rtnode_lookup(sc, dst, vlan)) == NULL) {
5561 if (sc->sc_brtcnt >= sc->sc_brtmax) {
5562 sc->sc_brtexceeded++;
5563 return ENOSPC;
5564 }
5565 /* Check per interface address limits (if enabled) */
5566 if (bif->bif_addrmax && bif->bif_addrcnt >= bif->bif_addrmax) {
5567 bif->bif_addrexceeded++;
5568 return ENOSPC;
5569 }
5570
5571 /*
5572 * Allocate a new bridge forwarding node, and
5573 * initialize the expiration time and Ethernet
5574 * address.
5575 */
5576 brt = zalloc_noblock(bridge_rtnode_pool);
5577 if (brt == NULL) {
5578 if (IF_BRIDGE_DEBUG(BR_DBGF_RT_TABLE)) {
5579 printf("%s: zalloc_nolock failed", __func__);
5580 }
5581 return ENOMEM;
5582 }
5583 bzero(brt, sizeof(struct bridge_rtnode));
5584
5585 if (bif->bif_ifflags & IFBIF_STICKY) {
5586 brt->brt_flags = IFBAF_STICKY;
5587 } else {
5588 brt->brt_flags = IFBAF_DYNAMIC;
5589 }
5590
5591 memcpy(brt->brt_addr, dst, ETHER_ADDR_LEN);
5592 brt->brt_vlan = vlan;
5593
5594
5595 if ((error = bridge_rtnode_insert(sc, brt)) != 0) {
5596 zfree(bridge_rtnode_pool, brt);
5597 return error;
5598 }
5599 brt->brt_dst = bif;
5600 bif->bif_addrcnt++;
5601 #if BRIDGE_DEBUG
5602 if (IF_BRIDGE_DEBUG(BR_DBGF_RT_TABLE)) {
5603 printf("%s: added %02x:%02x:%02x:%02x:%02x:%02x "
5604 "on %s count %u hashsize %u\n", __func__,
5605 dst[0], dst[1], dst[2], dst[3], dst[4], dst[5],
5606 sc->sc_ifp->if_xname, sc->sc_brtcnt,
5607 sc->sc_rthash_size);
5608 }
5609 #endif
5610 }
5611
5612 if ((brt->brt_flags & IFBAF_TYPEMASK) == IFBAF_DYNAMIC &&
5613 brt->brt_dst != bif) {
5614 brt->brt_dst->bif_addrcnt--;
5615 brt->brt_dst = bif;
5616 brt->brt_dst->bif_addrcnt++;
5617 }
5618
5619 if ((flags & IFBAF_TYPEMASK) == IFBAF_DYNAMIC) {
5620 unsigned long now;
5621
5622 now = (unsigned long) net_uptime();
5623 brt->brt_expire = now + sc->sc_brttimeout;
5624 }
5625 if (setflags) {
5626 brt->brt_flags = flags;
5627 }
5628
5629
5630 return 0;
5631 }
5632
5633 /*
5634 * bridge_rtlookup:
5635 *
5636 * Lookup the destination interface for an address.
5637 */
5638 static struct ifnet *
5639 bridge_rtlookup(struct bridge_softc *sc, const uint8_t *addr, uint16_t vlan)
5640 {
5641 struct bridge_rtnode *brt;
5642
5643 BRIDGE_LOCK_ASSERT_HELD(sc);
5644
5645 if ((brt = bridge_rtnode_lookup(sc, addr, vlan)) == NULL) {
5646 return NULL;
5647 }
5648
5649 return brt->brt_ifp;
5650 }
5651
5652 /*
5653 * bridge_rttrim:
5654 *
5655 * Trim the routine table so that we have a number
5656 * of routing entries less than or equal to the
5657 * maximum number.
5658 */
5659 static void
5660 bridge_rttrim(struct bridge_softc *sc)
5661 {
5662 struct bridge_rtnode *brt, *nbrt;
5663
5664 BRIDGE_LOCK_ASSERT_HELD(sc);
5665
5666 /* Make sure we actually need to do this. */
5667 if (sc->sc_brtcnt <= sc->sc_brtmax) {
5668 return;
5669 }
5670
5671 /* Force an aging cycle; this might trim enough addresses. */
5672 bridge_rtage(sc);
5673 if (sc->sc_brtcnt <= sc->sc_brtmax) {
5674 return;
5675 }
5676
5677 LIST_FOREACH_SAFE(brt, &sc->sc_rtlist, brt_list, nbrt) {
5678 if ((brt->brt_flags & IFBAF_TYPEMASK) == IFBAF_DYNAMIC) {
5679 bridge_rtnode_destroy(sc, brt);
5680 if (sc->sc_brtcnt <= sc->sc_brtmax) {
5681 return;
5682 }
5683 }
5684 }
5685 }
5686
5687 /*
5688 * bridge_aging_timer:
5689 *
5690 * Aging periodic timer for the bridge routing table.
5691 */
5692 static void
5693 bridge_aging_timer(struct bridge_softc *sc)
5694 {
5695 BRIDGE_LOCK_ASSERT_HELD(sc);
5696
5697 bridge_rtage(sc);
5698 if ((sc->sc_ifp->if_flags & IFF_RUNNING) &&
5699 (sc->sc_flags & SCF_DETACHING) == 0) {
5700 sc->sc_aging_timer.bdc_sc = sc;
5701 sc->sc_aging_timer.bdc_func = bridge_aging_timer;
5702 sc->sc_aging_timer.bdc_ts.tv_sec = bridge_rtable_prune_period;
5703 bridge_schedule_delayed_call(&sc->sc_aging_timer);
5704 }
5705 }
5706
5707 /*
5708 * bridge_rtage:
5709 *
5710 * Perform an aging cycle.
5711 */
5712 static void
5713 bridge_rtage(struct bridge_softc *sc)
5714 {
5715 struct bridge_rtnode *brt, *nbrt;
5716 unsigned long now;
5717
5718 BRIDGE_LOCK_ASSERT_HELD(sc);
5719
5720 now = (unsigned long) net_uptime();
5721
5722 LIST_FOREACH_SAFE(brt, &sc->sc_rtlist, brt_list, nbrt) {
5723 if ((brt->brt_flags & IFBAF_TYPEMASK) == IFBAF_DYNAMIC) {
5724 if (now >= brt->brt_expire) {
5725 bridge_rtnode_destroy(sc, brt);
5726 }
5727 }
5728 }
5729 if (sc->sc_mac_nat_bif != NULL) {
5730 bridge_mac_nat_age_entries(sc, now);
5731 }
5732 }
5733
5734 /*
5735 * bridge_rtflush:
5736 *
5737 * Remove all dynamic addresses from the bridge.
5738 */
5739 static void
5740 bridge_rtflush(struct bridge_softc *sc, int full)
5741 {
5742 struct bridge_rtnode *brt, *nbrt;
5743
5744 BRIDGE_LOCK_ASSERT_HELD(sc);
5745
5746 LIST_FOREACH_SAFE(brt, &sc->sc_rtlist, brt_list, nbrt) {
5747 if (full || (brt->brt_flags & IFBAF_TYPEMASK) == IFBAF_DYNAMIC) {
5748 bridge_rtnode_destroy(sc, brt);
5749 }
5750 }
5751 }
5752
5753 /*
5754 * bridge_rtdaddr:
5755 *
5756 * Remove an address from the table.
5757 */
5758 static int
5759 bridge_rtdaddr(struct bridge_softc *sc, const uint8_t *addr, uint16_t vlan)
5760 {
5761 struct bridge_rtnode *brt;
5762 int found = 0;
5763
5764 BRIDGE_LOCK_ASSERT_HELD(sc);
5765
5766 /*
5767 * If vlan is zero then we want to delete for all vlans so the lookup
5768 * may return more than one.
5769 */
5770 while ((brt = bridge_rtnode_lookup(sc, addr, vlan)) != NULL) {
5771 bridge_rtnode_destroy(sc, brt);
5772 found = 1;
5773 }
5774
5775 return found ? 0 : ENOENT;
5776 }
5777
5778 /*
5779 * bridge_rtdelete:
5780 *
5781 * Delete routes to a specific member interface.
5782 */
5783 static void
5784 bridge_rtdelete(struct bridge_softc *sc, struct ifnet *ifp, int full)
5785 {
5786 struct bridge_rtnode *brt, *nbrt;
5787
5788 BRIDGE_LOCK_ASSERT_HELD(sc);
5789
5790 LIST_FOREACH_SAFE(brt, &sc->sc_rtlist, brt_list, nbrt) {
5791 if (brt->brt_ifp == ifp && (full ||
5792 (brt->brt_flags & IFBAF_TYPEMASK) == IFBAF_DYNAMIC)) {
5793 bridge_rtnode_destroy(sc, brt);
5794 }
5795 }
5796 }
5797
5798 /*
5799 * bridge_rtable_init:
5800 *
5801 * Initialize the route table for this bridge.
5802 */
5803 static int
5804 bridge_rtable_init(struct bridge_softc *sc)
5805 {
5806 u_int32_t i;
5807
5808 sc->sc_rthash = _MALLOC(sizeof(*sc->sc_rthash) * BRIDGE_RTHASH_SIZE,
5809 M_DEVBUF, M_WAITOK | M_ZERO);
5810 if (sc->sc_rthash == NULL) {
5811 printf("%s: no memory\n", __func__);
5812 return ENOMEM;
5813 }
5814 sc->sc_rthash_size = BRIDGE_RTHASH_SIZE;
5815
5816 for (i = 0; i < sc->sc_rthash_size; i++) {
5817 LIST_INIT(&sc->sc_rthash[i]);
5818 }
5819
5820 sc->sc_rthash_key = RandomULong();
5821
5822 LIST_INIT(&sc->sc_rtlist);
5823
5824 return 0;
5825 }
5826
5827 /*
5828 * bridge_rthash_delayed_resize:
5829 *
5830 * Resize the routing table hash on a delayed thread call.
5831 */
5832 static void
5833 bridge_rthash_delayed_resize(struct bridge_softc *sc)
5834 {
5835 u_int32_t new_rthash_size;
5836 struct _bridge_rtnode_list *new_rthash = NULL;
5837 struct _bridge_rtnode_list *old_rthash = NULL;
5838 u_int32_t i;
5839 struct bridge_rtnode *brt;
5840 int error = 0;
5841
5842 BRIDGE_LOCK_ASSERT_HELD(sc);
5843
5844 /*
5845 * Four entries per hash bucket is our ideal load factor
5846 */
5847 if (sc->sc_brtcnt < sc->sc_rthash_size * 4) {
5848 goto out;
5849 }
5850
5851 /*
5852 * Doubling the number of hash buckets may be too simplistic
5853 * especially when facing a spike of new entries
5854 */
5855 new_rthash_size = sc->sc_rthash_size * 2;
5856
5857 sc->sc_flags |= SCF_RESIZING;
5858 BRIDGE_UNLOCK(sc);
5859
5860 new_rthash = _MALLOC(sizeof(*sc->sc_rthash) * new_rthash_size,
5861 M_DEVBUF, M_WAITOK | M_ZERO);
5862
5863 BRIDGE_LOCK(sc);
5864 sc->sc_flags &= ~SCF_RESIZING;
5865
5866 if (new_rthash == NULL) {
5867 error = ENOMEM;
5868 goto out;
5869 }
5870 if ((sc->sc_flags & SCF_DETACHING)) {
5871 error = ENODEV;
5872 goto out;
5873 }
5874 /*
5875 * Fail safe from here on
5876 */
5877 old_rthash = sc->sc_rthash;
5878 sc->sc_rthash = new_rthash;
5879 sc->sc_rthash_size = new_rthash_size;
5880
5881 /*
5882 * Get a new key to force entries to be shuffled around to reduce
5883 * the likelihood they will land in the same buckets
5884 */
5885 sc->sc_rthash_key = RandomULong();
5886
5887 for (i = 0; i < sc->sc_rthash_size; i++) {
5888 LIST_INIT(&sc->sc_rthash[i]);
5889 }
5890
5891 LIST_FOREACH(brt, &sc->sc_rtlist, brt_list) {
5892 LIST_REMOVE(brt, brt_hash);
5893 (void) bridge_rtnode_hash(sc, brt);
5894 }
5895 out:
5896 if (error == 0) {
5897 #if BRIDGE_DEBUG
5898 if (IF_BRIDGE_DEBUG(BR_DBGF_RT_TABLE)) {
5899 printf("%s: %s new size %u\n", __func__,
5900 sc->sc_ifp->if_xname, sc->sc_rthash_size);
5901 }
5902 #endif /* BRIDGE_DEBUG */
5903 if (old_rthash) {
5904 _FREE(old_rthash, M_DEVBUF);
5905 }
5906 } else {
5907 #if BRIDGE_DEBUG
5908 printf("%s: %s failed %d\n", __func__,
5909 sc->sc_ifp->if_xname, error);
5910 #endif /* BRIDGE_DEBUG */
5911 if (new_rthash != NULL) {
5912 _FREE(new_rthash, M_DEVBUF);
5913 }
5914 }
5915 }
5916
5917 /*
5918 * Resize the number of hash buckets based on the load factor
5919 * Currently only grow
5920 * Failing to resize the hash table is not fatal
5921 */
5922 static void
5923 bridge_rthash_resize(struct bridge_softc *sc)
5924 {
5925 BRIDGE_LOCK_ASSERT_HELD(sc);
5926
5927 if ((sc->sc_flags & SCF_DETACHING) || (sc->sc_flags & SCF_RESIZING)) {
5928 return;
5929 }
5930
5931 /*
5932 * Four entries per hash bucket is our ideal load factor
5933 */
5934 if (sc->sc_brtcnt < sc->sc_rthash_size * 4) {
5935 return;
5936 }
5937 /*
5938 * Hard limit on the size of the routing hash table
5939 */
5940 if (sc->sc_rthash_size >= bridge_rtable_hash_size_max) {
5941 return;
5942 }
5943
5944 sc->sc_resize_call.bdc_sc = sc;
5945 sc->sc_resize_call.bdc_func = bridge_rthash_delayed_resize;
5946 bridge_schedule_delayed_call(&sc->sc_resize_call);
5947 }
5948
5949 /*
5950 * bridge_rtable_fini:
5951 *
5952 * Deconstruct the route table for this bridge.
5953 */
5954 static void
5955 bridge_rtable_fini(struct bridge_softc *sc)
5956 {
5957 KASSERT(sc->sc_brtcnt == 0,
5958 ("%s: %d bridge routes referenced", __func__, sc->sc_brtcnt));
5959 if (sc->sc_rthash) {
5960 _FREE(sc->sc_rthash, M_DEVBUF);
5961 sc->sc_rthash = NULL;
5962 }
5963 }
5964
5965 /*
5966 * The following hash function is adapted from "Hash Functions" by Bob Jenkins
5967 * ("Algorithm Alley", Dr. Dobbs Journal, September 1997).
5968 */
5969 #define mix(a, b, c) \
5970 do { \
5971 a -= b; a -= c; a ^= (c >> 13); \
5972 b -= c; b -= a; b ^= (a << 8); \
5973 c -= a; c -= b; c ^= (b >> 13); \
5974 a -= b; a -= c; a ^= (c >> 12); \
5975 b -= c; b -= a; b ^= (a << 16); \
5976 c -= a; c -= b; c ^= (b >> 5); \
5977 a -= b; a -= c; a ^= (c >> 3); \
5978 b -= c; b -= a; b ^= (a << 10); \
5979 c -= a; c -= b; c ^= (b >> 15); \
5980 } while ( /*CONSTCOND*/ 0)
5981
5982 static __inline uint32_t
5983 bridge_rthash(struct bridge_softc *sc, const uint8_t *addr)
5984 {
5985 uint32_t a = 0x9e3779b9, b = 0x9e3779b9, c = sc->sc_rthash_key;
5986
5987 b += addr[5] << 8;
5988 b += addr[4];
5989 a += addr[3] << 24;
5990 a += addr[2] << 16;
5991 a += addr[1] << 8;
5992 a += addr[0];
5993
5994 mix(a, b, c);
5995
5996 return c & BRIDGE_RTHASH_MASK(sc);
5997 }
5998
5999 #undef mix
6000
6001 static int
6002 bridge_rtnode_addr_cmp(const uint8_t *a, const uint8_t *b)
6003 {
6004 int i, d;
6005
6006 for (i = 0, d = 0; i < ETHER_ADDR_LEN && d == 0; i++) {
6007 d = ((int)a[i]) - ((int)b[i]);
6008 }
6009
6010 return d;
6011 }
6012
6013 /*
6014 * bridge_rtnode_lookup:
6015 *
6016 * Look up a bridge route node for the specified destination. Compare the
6017 * vlan id or if zero then just return the first match.
6018 */
6019 static struct bridge_rtnode *
6020 bridge_rtnode_lookup(struct bridge_softc *sc, const uint8_t *addr,
6021 uint16_t vlan)
6022 {
6023 struct bridge_rtnode *brt;
6024 uint32_t hash;
6025 int dir;
6026
6027 BRIDGE_LOCK_ASSERT_HELD(sc);
6028
6029 hash = bridge_rthash(sc, addr);
6030 LIST_FOREACH(brt, &sc->sc_rthash[hash], brt_hash) {
6031 dir = bridge_rtnode_addr_cmp(addr, brt->brt_addr);
6032 if (dir == 0 && (brt->brt_vlan == vlan || vlan == 0)) {
6033 return brt;
6034 }
6035 if (dir > 0) {
6036 return NULL;
6037 }
6038 }
6039
6040 return NULL;
6041 }
6042
6043 /*
6044 * bridge_rtnode_hash:
6045 *
6046 * Insert the specified bridge node into the route hash table.
6047 * This is used when adding a new node or to rehash when resizing
6048 * the hash table
6049 */
6050 static int
6051 bridge_rtnode_hash(struct bridge_softc *sc, struct bridge_rtnode *brt)
6052 {
6053 struct bridge_rtnode *lbrt;
6054 uint32_t hash;
6055 int dir;
6056
6057 BRIDGE_LOCK_ASSERT_HELD(sc);
6058
6059 hash = bridge_rthash(sc, brt->brt_addr);
6060
6061 lbrt = LIST_FIRST(&sc->sc_rthash[hash]);
6062 if (lbrt == NULL) {
6063 LIST_INSERT_HEAD(&sc->sc_rthash[hash], brt, brt_hash);
6064 goto out;
6065 }
6066
6067 do {
6068 dir = bridge_rtnode_addr_cmp(brt->brt_addr, lbrt->brt_addr);
6069 if (dir == 0 && brt->brt_vlan == lbrt->brt_vlan) {
6070 #if BRIDGE_DEBUG
6071 if (IF_BRIDGE_DEBUG(BR_DBGF_RT_TABLE)) {
6072 printf("%s: %s EEXIST "
6073 "%02x:%02x:%02x:%02x:%02x:%02x\n",
6074 __func__, sc->sc_ifp->if_xname,
6075 brt->brt_addr[0], brt->brt_addr[1],
6076 brt->brt_addr[2], brt->brt_addr[3],
6077 brt->brt_addr[4], brt->brt_addr[5]);
6078 }
6079 #endif
6080 return EEXIST;
6081 }
6082 if (dir > 0) {
6083 LIST_INSERT_BEFORE(lbrt, brt, brt_hash);
6084 goto out;
6085 }
6086 if (LIST_NEXT(lbrt, brt_hash) == NULL) {
6087 LIST_INSERT_AFTER(lbrt, brt, brt_hash);
6088 goto out;
6089 }
6090 lbrt = LIST_NEXT(lbrt, brt_hash);
6091 } while (lbrt != NULL);
6092
6093 #if BRIDGE_DEBUG
6094 if (IF_BRIDGE_DEBUG(BR_DBGF_RT_TABLE)) {
6095 printf("%s: %s impossible %02x:%02x:%02x:%02x:%02x:%02x\n",
6096 __func__, sc->sc_ifp->if_xname,
6097 brt->brt_addr[0], brt->brt_addr[1], brt->brt_addr[2],
6098 brt->brt_addr[3], brt->brt_addr[4], brt->brt_addr[5]);
6099 }
6100 #endif
6101
6102 out:
6103 return 0;
6104 }
6105
6106 /*
6107 * bridge_rtnode_insert:
6108 *
6109 * Insert the specified bridge node into the route table. We
6110 * assume the entry is not already in the table.
6111 */
6112 static int
6113 bridge_rtnode_insert(struct bridge_softc *sc, struct bridge_rtnode *brt)
6114 {
6115 int error;
6116
6117 error = bridge_rtnode_hash(sc, brt);
6118 if (error != 0) {
6119 return error;
6120 }
6121
6122 LIST_INSERT_HEAD(&sc->sc_rtlist, brt, brt_list);
6123 sc->sc_brtcnt++;
6124
6125 bridge_rthash_resize(sc);
6126
6127 return 0;
6128 }
6129
6130 /*
6131 * bridge_rtnode_destroy:
6132 *
6133 * Destroy a bridge rtnode.
6134 */
6135 static void
6136 bridge_rtnode_destroy(struct bridge_softc *sc, struct bridge_rtnode *brt)
6137 {
6138 BRIDGE_LOCK_ASSERT_HELD(sc);
6139
6140 LIST_REMOVE(brt, brt_hash);
6141
6142 LIST_REMOVE(brt, brt_list);
6143 sc->sc_brtcnt--;
6144 brt->brt_dst->bif_addrcnt--;
6145 zfree(bridge_rtnode_pool, brt);
6146 }
6147
6148 #if BRIDGESTP
6149 /*
6150 * bridge_rtable_expire:
6151 *
6152 * Set the expiry time for all routes on an interface.
6153 */
6154 static void
6155 bridge_rtable_expire(struct ifnet *ifp, int age)
6156 {
6157 struct bridge_softc *sc = ifp->if_bridge;
6158 struct bridge_rtnode *brt;
6159
6160 BRIDGE_LOCK(sc);
6161
6162 /*
6163 * If the age is zero then flush, otherwise set all the expiry times to
6164 * age for the interface
6165 */
6166 if (age == 0) {
6167 bridge_rtdelete(sc, ifp, IFBF_FLUSHDYN);
6168 } else {
6169 unsigned long now;
6170
6171 now = (unsigned long) net_uptime();
6172
6173 LIST_FOREACH(brt, &sc->sc_rtlist, brt_list) {
6174 /* Cap the expiry time to 'age' */
6175 if (brt->brt_ifp == ifp &&
6176 brt->brt_expire > now + age &&
6177 (brt->brt_flags & IFBAF_TYPEMASK) == IFBAF_DYNAMIC) {
6178 brt->brt_expire = now + age;
6179 }
6180 }
6181 }
6182 BRIDGE_UNLOCK(sc);
6183 }
6184
6185 /*
6186 * bridge_state_change:
6187 *
6188 * Callback from the bridgestp code when a port changes states.
6189 */
6190 static void
6191 bridge_state_change(struct ifnet *ifp, int state)
6192 {
6193 struct bridge_softc *sc = ifp->if_bridge;
6194 static const char *stpstates[] = {
6195 "disabled",
6196 "listening",
6197 "learning",
6198 "forwarding",
6199 "blocking",
6200 "discarding"
6201 };
6202
6203 if (log_stp) {
6204 log(LOG_NOTICE, "%s: state changed to %s on %s\n",
6205 sc->sc_ifp->if_xname,
6206 stpstates[state], ifp->if_xname);
6207 }
6208 }
6209 #endif /* BRIDGESTP */
6210
6211 /*
6212 * bridge_set_bpf_tap:
6213 *
6214 * Sets ups the BPF callbacks.
6215 */
6216 static errno_t
6217 bridge_set_bpf_tap(ifnet_t ifp, bpf_tap_mode mode, bpf_packet_func bpf_callback)
6218 {
6219 struct bridge_softc *sc = (struct bridge_softc *)ifnet_softc(ifp);
6220
6221 /* TBD locking */
6222 if (sc == NULL || (sc->sc_flags & SCF_DETACHING)) {
6223 return ENODEV;
6224 }
6225 switch (mode) {
6226 case BPF_TAP_DISABLE:
6227 sc->sc_bpf_input = sc->sc_bpf_output = NULL;
6228 break;
6229
6230 case BPF_TAP_INPUT:
6231 sc->sc_bpf_input = bpf_callback;
6232 break;
6233
6234 case BPF_TAP_OUTPUT:
6235 sc->sc_bpf_output = bpf_callback;
6236 break;
6237
6238 case BPF_TAP_INPUT_OUTPUT:
6239 sc->sc_bpf_input = sc->sc_bpf_output = bpf_callback;
6240 break;
6241
6242 default:
6243 break;
6244 }
6245
6246 return 0;
6247 }
6248
6249 /*
6250 * bridge_detach:
6251 *
6252 * Callback when interface has been detached.
6253 */
6254 static void
6255 bridge_detach(ifnet_t ifp)
6256 {
6257 struct bridge_softc *sc = (struct bridge_softc *)ifnet_softc(ifp);
6258
6259 #if BRIDGESTP
6260 bstp_detach(&sc->sc_stp);
6261 #endif /* BRIDGESTP */
6262
6263 /* Tear down the routing table. */
6264 bridge_rtable_fini(sc);
6265
6266 lck_mtx_lock(&bridge_list_mtx);
6267 LIST_REMOVE(sc, sc_list);
6268 lck_mtx_unlock(&bridge_list_mtx);
6269
6270 ifnet_release(ifp);
6271
6272 lck_mtx_destroy(&sc->sc_mtx, bridge_lock_grp);
6273 if_clone_softc_deallocate(&bridge_cloner, sc);
6274 }
6275
6276 /*
6277 * bridge_bpf_input:
6278 *
6279 * Invoke the input BPF callback if enabled
6280 */
6281 static errno_t
6282 bridge_bpf_input(ifnet_t ifp, struct mbuf *m, const char * func, int line)
6283 {
6284 struct bridge_softc *sc = (struct bridge_softc *)ifnet_softc(ifp);
6285 bpf_packet_func input_func = sc->sc_bpf_input;
6286
6287 if (input_func != NULL) {
6288 if (mbuf_pkthdr_rcvif(m) != ifp) {
6289 printf("%s.%d: rcvif: 0x%llx != ifp 0x%llx\n", func, line,
6290 (uint64_t)VM_KERNEL_ADDRPERM(mbuf_pkthdr_rcvif(m)),
6291 (uint64_t)VM_KERNEL_ADDRPERM(ifp));
6292 }
6293 (*input_func)(ifp, m);
6294 }
6295 return 0;
6296 }
6297
6298 /*
6299 * bridge_bpf_output:
6300 *
6301 * Invoke the output BPF callback if enabled
6302 */
6303 static errno_t
6304 bridge_bpf_output(ifnet_t ifp, struct mbuf *m)
6305 {
6306 struct bridge_softc *sc = (struct bridge_softc *)ifnet_softc(ifp);
6307 bpf_packet_func output_func = sc->sc_bpf_output;
6308
6309 if (output_func != NULL) {
6310 (*output_func)(ifp, m);
6311 }
6312 return 0;
6313 }
6314
6315 /*
6316 * bridge_link_event:
6317 *
6318 * Report a data link event on an interface
6319 */
6320 static void
6321 bridge_link_event(struct ifnet *ifp, u_int32_t event_code)
6322 {
6323 struct event {
6324 u_int32_t ifnet_family;
6325 u_int32_t unit;
6326 char if_name[IFNAMSIZ];
6327 };
6328 _Alignas(struct kern_event_msg) char message[sizeof(struct kern_event_msg) + sizeof(struct event)] = { 0 };
6329 struct kern_event_msg *header = (struct kern_event_msg*)message;
6330 struct event *data = (struct event *)(header + 1);
6331
6332 #if BRIDGE_DEBUG
6333 if (IF_BRIDGE_DEBUG(BR_DBGF_LIFECYCLE)) {
6334 printf("%s: %s event_code %u - %s\n", __func__, ifp->if_xname,
6335 event_code, dlil_kev_dl_code_str(event_code));
6336 }
6337 #endif /* BRIDGE_DEBUG */
6338
6339 header->total_size = sizeof(message);
6340 header->vendor_code = KEV_VENDOR_APPLE;
6341 header->kev_class = KEV_NETWORK_CLASS;
6342 header->kev_subclass = KEV_DL_SUBCLASS;
6343 header->event_code = event_code;
6344 data->ifnet_family = ifnet_family(ifp);
6345 data->unit = (u_int32_t)ifnet_unit(ifp);
6346 strlcpy(data->if_name, ifnet_name(ifp), IFNAMSIZ);
6347 ifnet_event(ifp, header);
6348 }
6349
6350 #define BRIDGE_HF_DROP(reason, func, line) { \
6351 bridge_hostfilter_stats.reason++; \
6352 if (IF_BRIDGE_DEBUG(BR_DBGF_HOSTFILTER)) { \
6353 printf("%s.%d" #reason, func, line); \
6354 error = EINVAL; \
6355 } \
6356 }
6357
6358 /*
6359 * Make sure this is a DHCP or Bootp request that match the host filter
6360 */
6361 static int
6362 bridge_dhcp_filter(struct bridge_iflist *bif, struct mbuf *m, size_t offset)
6363 {
6364 int error = EINVAL;
6365 struct dhcp dhcp;
6366
6367 /*
6368 * Note: We use the dhcp structure because bootp structure definition
6369 * is larger and some vendors do not pad the request
6370 */
6371 error = mbuf_copydata(m, offset, sizeof(struct dhcp), &dhcp);
6372 if (error != 0) {
6373 BRIDGE_HF_DROP(brhf_dhcp_too_small, __func__, __LINE__);
6374 goto done;
6375 }
6376 if (dhcp.dp_op != BOOTREQUEST) {
6377 BRIDGE_HF_DROP(brhf_dhcp_bad_op, __func__, __LINE__);
6378 goto done;
6379 }
6380 /*
6381 * The hardware address must be an exact match
6382 */
6383 if (dhcp.dp_htype != ARPHRD_ETHER) {
6384 BRIDGE_HF_DROP(brhf_dhcp_bad_htype, __func__, __LINE__);
6385 goto done;
6386 }
6387 if (dhcp.dp_hlen != ETHER_ADDR_LEN) {
6388 BRIDGE_HF_DROP(brhf_dhcp_bad_hlen, __func__, __LINE__);
6389 goto done;
6390 }
6391 if (bcmp(dhcp.dp_chaddr, bif->bif_hf_hwsrc,
6392 ETHER_ADDR_LEN) != 0) {
6393 BRIDGE_HF_DROP(brhf_dhcp_bad_chaddr, __func__, __LINE__);
6394 goto done;
6395 }
6396 /*
6397 * Client address must match the host address or be not specified
6398 */
6399 if (dhcp.dp_ciaddr.s_addr != bif->bif_hf_ipsrc.s_addr &&
6400 dhcp.dp_ciaddr.s_addr != INADDR_ANY) {
6401 BRIDGE_HF_DROP(brhf_dhcp_bad_ciaddr, __func__, __LINE__);
6402 goto done;
6403 }
6404 error = 0;
6405 done:
6406 return error;
6407 }
6408
6409 static int
6410 bridge_host_filter(struct bridge_iflist *bif, mbuf_t *data)
6411 {
6412 int error = EINVAL;
6413 struct ether_header *eh;
6414 static struct in_addr inaddr_any = { .s_addr = INADDR_ANY };
6415 mbuf_t m = *data;
6416
6417 eh = mtod(m, struct ether_header *);
6418
6419 /*
6420 * Restrict the source hardware address
6421 */
6422 if ((bif->bif_flags & BIFF_HF_HWSRC) == 0 ||
6423 bcmp(eh->ether_shost, bif->bif_hf_hwsrc,
6424 ETHER_ADDR_LEN) != 0) {
6425 BRIDGE_HF_DROP(brhf_bad_ether_srchw_addr, __func__, __LINE__);
6426 goto done;
6427 }
6428
6429 /*
6430 * Restrict Ethernet protocols to ARP and IP
6431 */
6432 if (eh->ether_type == htons(ETHERTYPE_ARP)) {
6433 struct ether_arp *ea;
6434 size_t minlen = sizeof(struct ether_header) +
6435 sizeof(struct ether_arp);
6436
6437 /*
6438 * Make the Ethernet and ARP headers contiguous
6439 */
6440 if (mbuf_pkthdr_len(m) < minlen) {
6441 BRIDGE_HF_DROP(brhf_arp_too_small, __func__, __LINE__);
6442 goto done;
6443 }
6444 if (mbuf_len(m) < minlen && mbuf_pullup(data, minlen) != 0) {
6445 BRIDGE_HF_DROP(brhf_arp_pullup_failed,
6446 __func__, __LINE__);
6447 goto done;
6448 }
6449 m = *data;
6450
6451 /*
6452 * Verify this is an ethernet/ip arp
6453 */
6454 eh = mtod(m, struct ether_header *);
6455 ea = (struct ether_arp *)(eh + 1);
6456 if (ea->arp_hrd != htons(ARPHRD_ETHER)) {
6457 BRIDGE_HF_DROP(brhf_arp_bad_hw_type,
6458 __func__, __LINE__);
6459 goto done;
6460 }
6461 if (ea->arp_pro != htons(ETHERTYPE_IP)) {
6462 BRIDGE_HF_DROP(brhf_arp_bad_pro_type,
6463 __func__, __LINE__);
6464 goto done;
6465 }
6466 /*
6467 * Verify the address lengths are correct
6468 */
6469 if (ea->arp_hln != ETHER_ADDR_LEN) {
6470 BRIDGE_HF_DROP(brhf_arp_bad_hw_len, __func__, __LINE__);
6471 goto done;
6472 }
6473 if (ea->arp_pln != sizeof(struct in_addr)) {
6474 BRIDGE_HF_DROP(brhf_arp_bad_pro_len,
6475 __func__, __LINE__);
6476 goto done;
6477 }
6478
6479 /*
6480 * Allow only ARP request or ARP reply
6481 */
6482 if (ea->arp_op != htons(ARPOP_REQUEST) &&
6483 ea->arp_op != htons(ARPOP_REPLY)) {
6484 BRIDGE_HF_DROP(brhf_arp_bad_op, __func__, __LINE__);
6485 goto done;
6486 }
6487 /*
6488 * Verify source hardware address matches
6489 */
6490 if (bcmp(ea->arp_sha, bif->bif_hf_hwsrc,
6491 ETHER_ADDR_LEN) != 0) {
6492 BRIDGE_HF_DROP(brhf_arp_bad_sha, __func__, __LINE__);
6493 goto done;
6494 }
6495 /*
6496 * Verify source protocol address:
6497 * May be null for an ARP probe
6498 */
6499 if (bcmp(ea->arp_spa, &bif->bif_hf_ipsrc.s_addr,
6500 sizeof(struct in_addr)) != 0 &&
6501 bcmp(ea->arp_spa, &inaddr_any,
6502 sizeof(struct in_addr)) != 0) {
6503 BRIDGE_HF_DROP(brhf_arp_bad_spa, __func__, __LINE__);
6504 goto done;
6505 }
6506 bridge_hostfilter_stats.brhf_arp_ok += 1;
6507 error = 0;
6508 } else if (eh->ether_type == htons(ETHERTYPE_IP)) {
6509 size_t minlen = sizeof(struct ether_header) + sizeof(struct ip);
6510 struct ip iphdr;
6511 size_t offset;
6512
6513 /*
6514 * Make the Ethernet and IP headers contiguous
6515 */
6516 if (mbuf_pkthdr_len(m) < minlen) {
6517 BRIDGE_HF_DROP(brhf_ip_too_small, __func__, __LINE__);
6518 goto done;
6519 }
6520 offset = sizeof(struct ether_header);
6521 error = mbuf_copydata(m, offset, sizeof(struct ip), &iphdr);
6522 if (error != 0) {
6523 BRIDGE_HF_DROP(brhf_ip_too_small, __func__, __LINE__);
6524 goto done;
6525 }
6526 /*
6527 * Verify the source IP address
6528 */
6529 if (iphdr.ip_p == IPPROTO_UDP) {
6530 struct udphdr udp;
6531
6532 minlen += sizeof(struct udphdr);
6533 if (mbuf_pkthdr_len(m) < minlen) {
6534 BRIDGE_HF_DROP(brhf_ip_too_small,
6535 __func__, __LINE__);
6536 goto done;
6537 }
6538
6539 /*
6540 * Allow all zero addresses for DHCP requests
6541 */
6542 if (iphdr.ip_src.s_addr != bif->bif_hf_ipsrc.s_addr &&
6543 iphdr.ip_src.s_addr != INADDR_ANY) {
6544 BRIDGE_HF_DROP(brhf_ip_bad_srcaddr,
6545 __func__, __LINE__);
6546 goto done;
6547 }
6548 offset = sizeof(struct ether_header) +
6549 (IP_VHL_HL(iphdr.ip_vhl) << 2);
6550 error = mbuf_copydata(m, offset,
6551 sizeof(struct udphdr), &udp);
6552 if (error != 0) {
6553 BRIDGE_HF_DROP(brhf_ip_too_small,
6554 __func__, __LINE__);
6555 goto done;
6556 }
6557 /*
6558 * Either it's a Bootp/DHCP packet that we like or
6559 * it's a UDP packet from the host IP as source address
6560 */
6561 if (udp.uh_sport == htons(IPPORT_BOOTPC) &&
6562 udp.uh_dport == htons(IPPORT_BOOTPS)) {
6563 minlen += sizeof(struct dhcp);
6564 if (mbuf_pkthdr_len(m) < minlen) {
6565 BRIDGE_HF_DROP(brhf_ip_too_small,
6566 __func__, __LINE__);
6567 goto done;
6568 }
6569 offset += sizeof(struct udphdr);
6570 error = bridge_dhcp_filter(bif, m, offset);
6571 if (error != 0) {
6572 goto done;
6573 }
6574 } else if (iphdr.ip_src.s_addr == INADDR_ANY) {
6575 BRIDGE_HF_DROP(brhf_ip_bad_srcaddr,
6576 __func__, __LINE__);
6577 goto done;
6578 }
6579 } else if (iphdr.ip_src.s_addr != bif->bif_hf_ipsrc.s_addr ||
6580 bif->bif_hf_ipsrc.s_addr == INADDR_ANY) {
6581 BRIDGE_HF_DROP(brhf_ip_bad_srcaddr, __func__, __LINE__);
6582 goto done;
6583 }
6584 /*
6585 * Allow only boring IP protocols
6586 */
6587 if (iphdr.ip_p != IPPROTO_TCP &&
6588 iphdr.ip_p != IPPROTO_UDP &&
6589 iphdr.ip_p != IPPROTO_ICMP &&
6590 iphdr.ip_p != IPPROTO_ESP &&
6591 iphdr.ip_p != IPPROTO_AH &&
6592 iphdr.ip_p != IPPROTO_GRE) {
6593 BRIDGE_HF_DROP(brhf_ip_bad_proto, __func__, __LINE__);
6594 goto done;
6595 }
6596 bridge_hostfilter_stats.brhf_ip_ok += 1;
6597 error = 0;
6598 } else {
6599 BRIDGE_HF_DROP(brhf_bad_ether_type, __func__, __LINE__);
6600 goto done;
6601 }
6602 done:
6603 if (error != 0) {
6604 if (IF_BRIDGE_DEBUG(BR_DBGF_HOSTFILTER)) {
6605 if (m) {
6606 printf_mbuf_data(m, 0,
6607 sizeof(struct ether_header) +
6608 sizeof(struct ip));
6609 }
6610 printf("\n");
6611 }
6612
6613 if (m != NULL) {
6614 m_freem(m);
6615 }
6616 }
6617 return error;
6618 }
6619
6620 /*
6621 * MAC NAT
6622 */
6623
6624 static errno_t
6625 bridge_mac_nat_enable(struct bridge_softc *sc, struct bridge_iflist *bif)
6626 {
6627 errno_t error = 0;
6628
6629 BRIDGE_LOCK_ASSERT_HELD(sc);
6630
6631 if (sc->sc_mac_nat_bif != NULL) {
6632 if (sc->sc_mac_nat_bif != bif) {
6633 error = EBUSY;
6634 }
6635 goto done;
6636 }
6637 sc->sc_mac_nat_bif = bif;
6638 bif->bif_ifflags |= IFBIF_MAC_NAT;
6639 bridge_mac_nat_populate_entries(sc);
6640
6641 done:
6642 return error;
6643 }
6644
6645 static void
6646 bridge_mac_nat_disable(struct bridge_softc *sc)
6647 {
6648 struct bridge_iflist *mac_nat_bif = sc->sc_mac_nat_bif;
6649
6650 assert(mac_nat_bif != NULL);
6651 bridge_mac_nat_flush_entries(sc, mac_nat_bif);
6652 mac_nat_bif->bif_ifflags &= ~IFBIF_MAC_NAT;
6653 sc->sc_mac_nat_bif = NULL;
6654 return;
6655 }
6656
6657 static void
6658 mac_nat_entry_print2(struct mac_nat_entry *mne,
6659 char *ifname, const char *msg1, const char *msg2)
6660 {
6661 int af;
6662 char etopbuf[24];
6663 char ntopbuf[MAX_IPv6_STR_LEN];
6664 const char *space;
6665
6666 af = ((mne->mne_flags & MNE_FLAGS_IPV6) != 0) ? AF_INET6 : AF_INET;
6667 ether_ntop(etopbuf, sizeof(etopbuf), mne->mne_mac);
6668 (void)inet_ntop(af, &mne->mne_u, ntopbuf, sizeof(ntopbuf));
6669 if (msg2 == NULL) {
6670 msg2 = "";
6671 space = "";
6672 } else {
6673 space = " ";
6674 }
6675 printf("%s %s%s%s %p (%s, %s, %s)\n",
6676 ifname, msg1, space, msg2, mne, mne->mne_bif->bif_ifp->if_xname,
6677 ntopbuf, etopbuf);
6678 }
6679
6680 static void
6681 mac_nat_entry_print(struct mac_nat_entry *mne,
6682 char *ifname, const char *msg)
6683 {
6684 mac_nat_entry_print2(mne, ifname, msg, NULL);
6685 }
6686
6687 static struct mac_nat_entry *
6688 bridge_lookup_mac_nat_entry(struct bridge_softc *sc, int af, void * ip)
6689 {
6690 struct mac_nat_entry *mne;
6691 struct mac_nat_entry *ret_mne = NULL;
6692
6693 if (af == AF_INET) {
6694 in_addr_t s_addr = ((struct in_addr *)ip)->s_addr;
6695
6696 LIST_FOREACH(mne, &sc->sc_mne_list, mne_list) {
6697 if (mne->mne_ip.s_addr == s_addr) {
6698 if (IF_BRIDGE_DEBUG(BR_DBGF_MAC_NAT)) {
6699 mac_nat_entry_print(mne, sc->sc_if_xname,
6700 "found");
6701 }
6702 ret_mne = mne;
6703 break;
6704 }
6705 }
6706 } else {
6707 const struct in6_addr *ip6 = (const struct in6_addr *)ip;
6708
6709 LIST_FOREACH(mne, &sc->sc_mne_list_v6, mne_list) {
6710 if (IN6_ARE_ADDR_EQUAL(&mne->mne_ip6, ip6)) {
6711 if (IF_BRIDGE_DEBUG(BR_DBGF_MAC_NAT)) {
6712 mac_nat_entry_print(mne, sc->sc_if_xname,
6713 "found");
6714 }
6715 ret_mne = mne;
6716 break;
6717 }
6718 }
6719 }
6720 return ret_mne;
6721 }
6722
6723 static void
6724 bridge_destroy_mac_nat_entry(struct bridge_softc *sc,
6725 struct mac_nat_entry *mne, const char *reason)
6726 {
6727 LIST_REMOVE(mne, mne_list);
6728 if (IF_BRIDGE_DEBUG(BR_DBGF_MAC_NAT)) {
6729 mac_nat_entry_print(mne, sc->sc_if_xname, reason);
6730 }
6731 zfree(bridge_mne_pool, mne);
6732 sc->sc_mne_count--;
6733 }
6734
6735 static struct mac_nat_entry *
6736 bridge_create_mac_nat_entry(struct bridge_softc *sc,
6737 struct bridge_iflist *bif, int af, const void *ip, uint8_t *eaddr)
6738 {
6739 struct mac_nat_entry_list *list;
6740 struct mac_nat_entry *mne;
6741
6742 if (sc->sc_mne_count >= sc->sc_mne_max) {
6743 sc->sc_mne_allocation_failures++;
6744 return NULL;
6745 }
6746 mne = zalloc_noblock(bridge_mne_pool);
6747 if (mne == NULL) {
6748 sc->sc_mne_allocation_failures++;
6749 return NULL;
6750 }
6751 sc->sc_mne_count++;
6752 bzero(mne, sizeof(*mne));
6753 bcopy(eaddr, mne->mne_mac, sizeof(mne->mne_mac));
6754 mne->mne_bif = bif;
6755 if (af == AF_INET) {
6756 bcopy(ip, &mne->mne_ip, sizeof(mne->mne_ip));
6757 list = &sc->sc_mne_list;
6758 } else {
6759 bcopy(ip, &mne->mne_ip6, sizeof(mne->mne_ip6));
6760 mne->mne_flags |= MNE_FLAGS_IPV6;
6761 list = &sc->sc_mne_list_v6;
6762 }
6763 LIST_INSERT_HEAD(list, mne, mne_list);
6764 mne->mne_expire = (unsigned long)net_uptime() + sc->sc_brttimeout;
6765 if (IF_BRIDGE_DEBUG(BR_DBGF_MAC_NAT)) {
6766 mac_nat_entry_print(mne, sc->sc_if_xname, "created");
6767 }
6768 return mne;
6769 }
6770
6771 static struct mac_nat_entry *
6772 bridge_update_mac_nat_entry(struct bridge_softc *sc,
6773 struct bridge_iflist *bif, int af, void *ip, uint8_t *eaddr)
6774 {
6775 struct mac_nat_entry *mne;
6776
6777 mne = bridge_lookup_mac_nat_entry(sc, af, ip);
6778 if (mne != NULL) {
6779 struct bridge_iflist *mac_nat_bif = sc->sc_mac_nat_bif;
6780
6781 if (mne->mne_bif == mac_nat_bif) {
6782 /* the MAC NAT interface takes precedence */
6783 if (IF_BRIDGE_DEBUG(BR_DBGF_MAC_NAT)) {
6784 if (mne->mne_bif != bif) {
6785 mac_nat_entry_print2(mne,
6786 sc->sc_if_xname, "reject",
6787 bif->bif_ifp->if_xname);
6788 }
6789 }
6790 } else if (mne->mne_bif != bif) {
6791 const char *old_if = mne->mne_bif->bif_ifp->if_xname;
6792
6793 mne->mne_bif = bif;
6794 if (IF_BRIDGE_DEBUG(BR_DBGF_MAC_NAT)) {
6795 mac_nat_entry_print2(mne,
6796 sc->sc_if_xname, "replaced",
6797 old_if);
6798 }
6799 bcopy(eaddr, mne->mne_mac, sizeof(mne->mne_mac));
6800 }
6801 mne->mne_expire = (unsigned long)net_uptime() +
6802 sc->sc_brttimeout;
6803 } else {
6804 mne = bridge_create_mac_nat_entry(sc, bif, af, ip, eaddr);
6805 }
6806 return mne;
6807 }
6808
6809 static void
6810 bridge_mac_nat_flush_entries_common(struct bridge_softc *sc,
6811 struct mac_nat_entry_list *list, struct bridge_iflist *bif)
6812 {
6813 struct mac_nat_entry *mne;
6814 struct mac_nat_entry *tmne;
6815
6816 LIST_FOREACH_SAFE(mne, list, mne_list, tmne) {
6817 if (bif != NULL && mne->mne_bif != bif) {
6818 continue;
6819 }
6820 bridge_destroy_mac_nat_entry(sc, mne, "flushed");
6821 }
6822 }
6823
6824 /*
6825 * bridge_mac_nat_flush_entries:
6826 *
6827 * Flush MAC NAT entries for the specified member. Flush all entries if
6828 * the member is the one that requires MAC NAT, otherwise just flush the
6829 * ones for the specified member.
6830 */
6831 static void
6832 bridge_mac_nat_flush_entries(struct bridge_softc *sc, struct bridge_iflist * bif)
6833 {
6834 struct bridge_iflist *flush_bif;
6835
6836 flush_bif = (bif == sc->sc_mac_nat_bif) ? NULL : bif;
6837 bridge_mac_nat_flush_entries_common(sc, &sc->sc_mne_list, flush_bif);
6838 bridge_mac_nat_flush_entries_common(sc, &sc->sc_mne_list_v6, flush_bif);
6839 }
6840
6841 static void
6842 bridge_mac_nat_populate_entries(struct bridge_softc *sc)
6843 {
6844 errno_t error;
6845 ifnet_t ifp;
6846 ifaddr_t *list;
6847 struct bridge_iflist *mac_nat_bif = sc->sc_mac_nat_bif;
6848
6849 assert(mac_nat_bif != NULL);
6850 ifp = mac_nat_bif->bif_ifp;
6851 error = ifnet_get_address_list(ifp, &list);
6852 if (error != 0) {
6853 printf("%s: ifnet_get_address_list(%s) failed %d\n",
6854 __func__, ifp->if_xname, error);
6855 return;
6856 }
6857 for (ifaddr_t *scan = list; *scan != NULL; scan++) {
6858 sa_family_t af;
6859 void *ip;
6860
6861 union {
6862 struct sockaddr sa;
6863 struct sockaddr_in sin;
6864 struct sockaddr_in6 sin6;
6865 } u;
6866 af = ifaddr_address_family(*scan);
6867 switch (af) {
6868 case AF_INET:
6869 case AF_INET6:
6870 error = ifaddr_address(*scan, &u.sa, sizeof(u));
6871 if (error != 0) {
6872 printf("%s: ifaddr_address failed %d\n",
6873 __func__, error);
6874 break;
6875 }
6876 if (af == AF_INET) {
6877 ip = (void *)&u.sin.sin_addr;
6878 } else {
6879 if (IN6_IS_ADDR_LINKLOCAL(&u.sin6.sin6_addr)) {
6880 /* remove scope ID */
6881 u.sin6.sin6_addr.s6_addr16[1] = 0;
6882 }
6883 ip = (void *)&u.sin6.sin6_addr;
6884 }
6885 bridge_create_mac_nat_entry(sc, mac_nat_bif, af, ip,
6886 (uint8_t *)IF_LLADDR(ifp));
6887 break;
6888 default:
6889 break;
6890 }
6891 }
6892 ifnet_free_address_list(list);
6893 return;
6894 }
6895
6896 static void
6897 bridge_mac_nat_age_entries_common(struct bridge_softc *sc,
6898 struct mac_nat_entry_list *list, unsigned long now)
6899 {
6900 struct mac_nat_entry *mne;
6901 struct mac_nat_entry *tmne;
6902
6903 LIST_FOREACH_SAFE(mne, list, mne_list, tmne) {
6904 if (now >= mne->mne_expire) {
6905 bridge_destroy_mac_nat_entry(sc, mne, "aged out");
6906 }
6907 }
6908 }
6909
6910 static void
6911 bridge_mac_nat_age_entries(struct bridge_softc *sc, unsigned long now)
6912 {
6913 if (sc->sc_mac_nat_bif == NULL) {
6914 return;
6915 }
6916 bridge_mac_nat_age_entries_common(sc, &sc->sc_mne_list, now);
6917 bridge_mac_nat_age_entries_common(sc, &sc->sc_mne_list_v6, now);
6918 }
6919
6920 static const char *
6921 get_in_out_string(boolean_t is_output)
6922 {
6923 return is_output ? "OUT" : "IN";
6924 }
6925
6926 /*
6927 * is_valid_arp_packet:
6928 * Verify that this is a valid ARP packet.
6929 *
6930 * Returns TRUE if the packet is valid, FALSE otherwise.
6931 */
6932 static boolean_t
6933 is_valid_arp_packet(mbuf_t *data, boolean_t is_output,
6934 struct ether_header **eh_p, struct ether_arp **ea_p)
6935 {
6936 struct ether_arp *ea;
6937 struct ether_header *eh;
6938 size_t minlen = sizeof(struct ether_header) + sizeof(struct ether_arp);
6939 boolean_t is_valid = FALSE;
6940 int flags = is_output ? BR_DBGF_OUTPUT : BR_DBGF_INPUT;
6941
6942 if (mbuf_pkthdr_len(*data) < minlen) {
6943 if (IF_BRIDGE_DEBUG(flags)) {
6944 printf("%s: ARP %s short frame %lu < %lu\n",
6945 __func__,
6946 get_in_out_string(is_output),
6947 mbuf_pkthdr_len(*data), minlen);
6948 }
6949 goto done;
6950 }
6951 if (mbuf_len(*data) < minlen && mbuf_pullup(data, minlen) != 0) {
6952 if (IF_BRIDGE_DEBUG(flags)) {
6953 printf("%s: ARP %s size %lu mbuf_pullup fail\n",
6954 __func__,
6955 get_in_out_string(is_output),
6956 minlen);
6957 }
6958 *data = NULL;
6959 goto done;
6960 }
6961
6962 /* validate ARP packet */
6963 eh = mtod(*data, struct ether_header *);
6964 ea = (struct ether_arp *)(eh + 1);
6965 if (ntohs(ea->arp_hrd) != ARPHRD_ETHER) {
6966 if (IF_BRIDGE_DEBUG(flags)) {
6967 printf("%s: ARP %s htype not ethernet\n",
6968 __func__,
6969 get_in_out_string(is_output));
6970 }
6971 goto done;
6972 }
6973 if (ea->arp_hln != ETHER_ADDR_LEN) {
6974 if (IF_BRIDGE_DEBUG(flags)) {
6975 printf("%s: ARP %s hlen not ethernet\n",
6976 __func__,
6977 get_in_out_string(is_output));
6978 }
6979 goto done;
6980 }
6981 if (ntohs(ea->arp_pro) != ETHERTYPE_IP) {
6982 if (IF_BRIDGE_DEBUG(flags)) {
6983 printf("%s: ARP %s ptype not IP\n",
6984 __func__,
6985 get_in_out_string(is_output));
6986 }
6987 goto done;
6988 }
6989 if (ea->arp_pln != sizeof(struct in_addr)) {
6990 if (IF_BRIDGE_DEBUG(flags)) {
6991 printf("%s: ARP %s plen not IP\n",
6992 __func__,
6993 get_in_out_string(is_output));
6994 }
6995 goto done;
6996 }
6997 is_valid = TRUE;
6998 *ea_p = ea;
6999 *eh_p = eh;
7000 done:
7001 return is_valid;
7002 }
7003
7004 static struct mac_nat_entry *
7005 bridge_mac_nat_arp_input(struct bridge_softc *sc, mbuf_t *data)
7006 {
7007 struct ether_arp *ea;
7008 struct ether_header *eh;
7009 struct mac_nat_entry *mne = NULL;
7010 u_short op;
7011 struct in_addr tpa;
7012
7013 if (!is_valid_arp_packet(data, FALSE, &eh, &ea)) {
7014 goto done;
7015 }
7016 op = ntohs(ea->arp_op);
7017 switch (op) {
7018 case ARPOP_REQUEST:
7019 case ARPOP_REPLY:
7020 /* only care about REQUEST and REPLY */
7021 break;
7022 default:
7023 goto done;
7024 }
7025
7026 /* check the target IP address for a NAT entry */
7027 bcopy(ea->arp_tpa, &tpa, sizeof(tpa));
7028 if (tpa.s_addr != 0) {
7029 mne = bridge_lookup_mac_nat_entry(sc, AF_INET, &tpa);
7030 }
7031 if (mne != NULL) {
7032 if (op == ARPOP_REPLY) {
7033 /* translate the MAC address */
7034 if (IF_BRIDGE_DEBUG(BR_DBGF_MAC_NAT)) {
7035 char mac_src[24];
7036 char mac_dst[24];
7037
7038 ether_ntop(mac_src, sizeof(mac_src),
7039 ea->arp_tha);
7040 ether_ntop(mac_dst, sizeof(mac_dst),
7041 mne->mne_mac);
7042 printf("%s %s ARP %s -> %s\n",
7043 sc->sc_if_xname,
7044 mne->mne_bif->bif_ifp->if_xname,
7045 mac_src, mac_dst);
7046 }
7047 bcopy(mne->mne_mac, ea->arp_tha, sizeof(ea->arp_tha));
7048 }
7049 } else {
7050 /* handle conflicting ARP (sender matches mne) */
7051 struct in_addr spa;
7052
7053 bcopy(ea->arp_spa, &spa, sizeof(spa));
7054 if (spa.s_addr != 0 && spa.s_addr != tpa.s_addr) {
7055 /* check the source IP for a NAT entry */
7056 mne = bridge_lookup_mac_nat_entry(sc, AF_INET, &spa);
7057 }
7058 }
7059
7060 done:
7061 return mne;
7062 }
7063
7064 static boolean_t
7065 bridge_mac_nat_arp_output(struct bridge_softc *sc,
7066 struct bridge_iflist *bif, mbuf_t *data, struct mac_nat_record *mnr)
7067 {
7068 struct ether_arp *ea;
7069 struct ether_header *eh;
7070 struct in_addr ip;
7071 struct mac_nat_entry *mne = NULL;
7072 u_short op;
7073 boolean_t translate = FALSE;
7074
7075 if (!is_valid_arp_packet(data, TRUE, &eh, &ea)) {
7076 goto done;
7077 }
7078 op = ntohs(ea->arp_op);
7079 switch (op) {
7080 case ARPOP_REQUEST:
7081 case ARPOP_REPLY:
7082 /* only care about REQUEST and REPLY */
7083 break;
7084 default:
7085 goto done;
7086 }
7087
7088 bcopy(ea->arp_spa, &ip, sizeof(ip));
7089 if (ip.s_addr == 0) {
7090 goto done;
7091 }
7092 /* XXX validate IP address: no multicast/broadcast */
7093 mne = bridge_update_mac_nat_entry(sc, bif, AF_INET, &ip, ea->arp_sha);
7094 if (mnr != NULL && mne != NULL) {
7095 /* record the offset to do the replacement */
7096 translate = TRUE;
7097 mnr->mnr_arp_offset = (char *)ea->arp_sha - (char *)eh;
7098 }
7099
7100 done:
7101 return translate;
7102 }
7103
7104 #define ETHER_IPV4_HEADER_LEN (sizeof(struct ether_header) + \
7105 + sizeof(struct ip))
7106 static struct ether_header *
7107 get_ether_ip_header(mbuf_t *data, boolean_t is_output)
7108 {
7109 struct ether_header *eh = NULL;
7110 int flags = is_output ? BR_DBGF_OUTPUT : BR_DBGF_INPUT;
7111 size_t minlen = ETHER_IPV4_HEADER_LEN;
7112
7113 if (mbuf_pkthdr_len(*data) < minlen) {
7114 if (IF_BRIDGE_DEBUG(flags)) {
7115 printf("%s: IP %s short frame %lu < %lu\n",
7116 __func__,
7117 get_in_out_string(is_output),
7118 mbuf_pkthdr_len(*data), minlen);
7119 }
7120 goto done;
7121 }
7122 if (mbuf_len(*data) < minlen && mbuf_pullup(data, minlen) != 0) {
7123 if (IF_BRIDGE_DEBUG(flags)) {
7124 printf("%s: IP %s size %lu mbuf_pullup fail\n",
7125 __func__,
7126 get_in_out_string(is_output),
7127 minlen);
7128 }
7129 *data = NULL;
7130 goto done;
7131 }
7132 eh = mtod(*data, struct ether_header *);
7133 done:
7134 return eh;
7135 }
7136
7137 static boolean_t
7138 is_broadcast_ip_packet(mbuf_t *data)
7139 {
7140 struct ether_header *eh;
7141 uint16_t ether_type;
7142 boolean_t is_broadcast = FALSE;
7143
7144 eh = mtod(*data, struct ether_header *);
7145 ether_type = ntohs(eh->ether_type);
7146 switch (ether_type) {
7147 case ETHERTYPE_IP:
7148 eh = get_ether_ip_header(data, FALSE);
7149 if (eh != NULL) {
7150 struct in_addr dst;
7151 struct ip *iphdr;
7152
7153 iphdr = (struct ip *)(void *)(eh + 1);
7154 bcopy(&iphdr->ip_dst, &dst, sizeof(dst));
7155 is_broadcast = (dst.s_addr == INADDR_BROADCAST);
7156 }
7157 break;
7158 default:
7159 break;
7160 }
7161 return is_broadcast;
7162 }
7163
7164 static struct mac_nat_entry *
7165 bridge_mac_nat_ip_input(struct bridge_softc *sc, mbuf_t *data)
7166 {
7167 struct in_addr dst;
7168 struct ether_header *eh;
7169 struct ip *iphdr;
7170 struct mac_nat_entry *mne = NULL;
7171
7172 eh = get_ether_ip_header(data, FALSE);
7173 if (eh == NULL) {
7174 goto done;
7175 }
7176 iphdr = (struct ip *)(void *)(eh + 1);
7177 bcopy(&iphdr->ip_dst, &dst, sizeof(dst));
7178 /* XXX validate IP address */
7179 if (dst.s_addr == 0) {
7180 goto done;
7181 }
7182 mne = bridge_lookup_mac_nat_entry(sc, AF_INET, &dst);
7183 done:
7184 return mne;
7185 }
7186
7187 static void
7188 bridge_mac_nat_udp_output(struct bridge_softc *sc,
7189 struct bridge_iflist *bif, mbuf_t m,
7190 uint8_t ip_header_len, struct mac_nat_record *mnr)
7191 {
7192 uint16_t dp_flags;
7193 errno_t error;
7194 size_t offset;
7195 struct udphdr udphdr;
7196
7197 /* copy the UDP header */
7198 offset = sizeof(struct ether_header) + ip_header_len;
7199 error = mbuf_copydata(m, offset, sizeof(struct udphdr), &udphdr);
7200 if (error != 0) {
7201 if (IF_BRIDGE_DEBUG(BR_DBGF_MAC_NAT)) {
7202 printf("%s: mbuf_copydata udphdr failed %d",
7203 __func__, error);
7204 }
7205 return;
7206 }
7207 if (ntohs(udphdr.uh_sport) != IPPORT_BOOTPC ||
7208 ntohs(udphdr.uh_dport) != IPPORT_BOOTPS) {
7209 /* not a BOOTP/DHCP packet */
7210 return;
7211 }
7212 /* check whether the broadcast bit is already set */
7213 offset += sizeof(struct udphdr) + offsetof(struct dhcp, dp_flags);
7214 error = mbuf_copydata(m, offset, sizeof(dp_flags), &dp_flags);
7215 if (error != 0) {
7216 if (IF_BRIDGE_DEBUG(BR_DBGF_MAC_NAT)) {
7217 printf("%s: mbuf_copydata dp_flags failed %d",
7218 __func__, error);
7219 }
7220 return;
7221 }
7222 if ((ntohs(dp_flags) & DHCP_FLAGS_BROADCAST) != 0) {
7223 /* it's already set, nothing to do */
7224 return;
7225 }
7226 /* broadcast bit needs to be set */
7227 mnr->mnr_ip_dhcp_flags = dp_flags | htons(DHCP_FLAGS_BROADCAST);
7228 mnr->mnr_ip_header_len = ip_header_len;
7229 if (udphdr.uh_sum != 0) {
7230 uint16_t delta;
7231
7232 /* adjust checksum to take modified dp_flags into account */
7233 delta = dp_flags - mnr->mnr_ip_dhcp_flags;
7234 mnr->mnr_ip_udp_csum = udphdr.uh_sum + delta;
7235 }
7236 if (IF_BRIDGE_DEBUG(BR_DBGF_MAC_NAT)) {
7237 printf("%s %s DHCP dp_flags 0x%x UDP cksum 0x%x\n",
7238 sc->sc_if_xname,
7239 bif->bif_ifp->if_xname,
7240 ntohs(mnr->mnr_ip_dhcp_flags),
7241 ntohs(mnr->mnr_ip_udp_csum));
7242 }
7243 return;
7244 }
7245
7246 static boolean_t
7247 bridge_mac_nat_ip_output(struct bridge_softc *sc,
7248 struct bridge_iflist *bif, mbuf_t *data, struct mac_nat_record *mnr)
7249 {
7250 #pragma unused(mnr)
7251 struct ether_header *eh;
7252 struct in_addr ip;
7253 struct ip *iphdr;
7254 uint8_t ip_header_len;
7255 struct mac_nat_entry *mne = NULL;
7256 boolean_t translate = FALSE;
7257
7258 eh = get_ether_ip_header(data, TRUE);
7259 if (eh == NULL) {
7260 goto done;
7261 }
7262 iphdr = (struct ip *)(void *)(eh + 1);
7263 ip_header_len = IP_VHL_HL(iphdr->ip_vhl) << 2;
7264 if (ip_header_len < sizeof(ip)) {
7265 /* bogus IP header */
7266 goto done;
7267 }
7268 bcopy(&iphdr->ip_src, &ip, sizeof(ip));
7269 /* XXX validate the source address */
7270 if (ip.s_addr != 0) {
7271 mne = bridge_update_mac_nat_entry(sc, bif, AF_INET, &ip,
7272 eh->ether_shost);
7273 }
7274 if (mnr != NULL) {
7275 if (iphdr->ip_p == IPPROTO_UDP) {
7276 /* handle DHCP must broadcast */
7277 bridge_mac_nat_udp_output(sc, bif, *data,
7278 ip_header_len, mnr);
7279 }
7280 translate = TRUE;
7281 }
7282 done:
7283 return translate;
7284 }
7285
7286 #define ETHER_IPV6_HEADER_LEN (sizeof(struct ether_header) + \
7287 + sizeof(struct ip6_hdr))
7288 static struct ether_header *
7289 get_ether_ipv6_header(mbuf_t *data, boolean_t is_output)
7290 {
7291 struct ether_header *eh = NULL;
7292 int flags = is_output ? BR_DBGF_OUTPUT : BR_DBGF_INPUT;
7293 size_t minlen = ETHER_IPV6_HEADER_LEN;
7294
7295 if (mbuf_pkthdr_len(*data) < minlen) {
7296 if (IF_BRIDGE_DEBUG(flags)) {
7297 printf("%s: IP %s short frame %lu < %lu\n",
7298 __func__,
7299 get_in_out_string(is_output),
7300 mbuf_pkthdr_len(*data), minlen);
7301 }
7302 goto done;
7303 }
7304 if (mbuf_len(*data) < minlen && mbuf_pullup(data, minlen) != 0) {
7305 if (IF_BRIDGE_DEBUG(flags)) {
7306 printf("%s: IP %s size %lu mbuf_pullup fail\n",
7307 __func__,
7308 get_in_out_string(is_output),
7309 minlen);
7310 }
7311 *data = NULL;
7312 goto done;
7313 }
7314 eh = mtod(*data, struct ether_header *);
7315 done:
7316 return eh;
7317 }
7318
7319 #include <netinet/icmp6.h>
7320 #include <netinet6/nd6.h>
7321
7322 #define ETHER_ND_LLADDR_LEN (ETHER_ADDR_LEN + sizeof(struct nd_opt_hdr))
7323
7324 static void
7325 bridge_mac_nat_icmpv6_output(struct bridge_softc *sc, struct bridge_iflist *bif,
7326 mbuf_t *data, struct ether_header *eh,
7327 struct ip6_hdr *ip6h, struct in6_addr *saddrp, struct mac_nat_record *mnr)
7328 {
7329 struct icmp6_hdr *icmp6;
7330 unsigned int icmp6len;
7331 int lladdrlen = 0;
7332 char *lladdr = NULL;
7333 mbuf_t m = *data;
7334 unsigned int off = sizeof(*ip6h);
7335
7336 icmp6len = m->m_pkthdr.len - sizeof(*eh) - off;
7337 if (icmp6len < sizeof(*icmp6)) {
7338 printf("%s: short packet %d < %lu\n", __func__,
7339 icmp6len, sizeof(*icmp6));
7340 return;
7341 }
7342 icmp6 = (struct icmp6_hdr *)((caddr_t)ip6h + off);
7343 switch (icmp6->icmp6_type) {
7344 case ND_NEIGHBOR_SOLICIT: {
7345 struct nd_neighbor_solicit *nd_ns;
7346 union nd_opts ndopts;
7347 boolean_t is_dad_probe;
7348 struct in6_addr taddr;
7349
7350 if (icmp6len < sizeof(*nd_ns)) {
7351 if (IF_BRIDGE_DEBUG(BR_DBGF_MAC_NAT)) {
7352 printf("%s: short nd_ns %d < %lu\n", __func__,
7353 icmp6len, sizeof(*nd_ns));
7354 }
7355 return;
7356 }
7357
7358 nd_ns = (struct nd_neighbor_solicit *)(void *)icmp6;
7359 bcopy(&nd_ns->nd_ns_target, &taddr, sizeof(taddr));
7360 if (IN6_IS_ADDR_MULTICAST(&taddr) ||
7361 IN6_IS_ADDR_UNSPECIFIED(&taddr)) {
7362 if (IF_BRIDGE_DEBUG(BR_DBGF_MAC_NAT)) {
7363 printf("%s: invalid target ignored\n", __func__);
7364 }
7365 return;
7366 }
7367 /* parse options */
7368 nd6_option_init(nd_ns + 1, icmp6len - sizeof(*nd_ns), &ndopts);
7369 if (nd6_options(&ndopts) < 0) {
7370 if (IF_BRIDGE_DEBUG(BR_DBGF_MAC_NAT)) {
7371 printf("%s: invalid ND6 NS option\n", __func__);
7372 }
7373 return;
7374 }
7375 if (ndopts.nd_opts_src_lladdr != NULL) {
7376 lladdr = (char *)(ndopts.nd_opts_src_lladdr + 1);
7377 lladdrlen = ndopts.nd_opts_src_lladdr->nd_opt_len << 3;
7378 }
7379 is_dad_probe = IN6_IS_ADDR_UNSPECIFIED(saddrp);
7380 if (lladdr != NULL) {
7381 if (is_dad_probe) {
7382 printf("%s: bad ND6 DAD packet\n", __func__);
7383 return;
7384 }
7385 if (lladdrlen != ETHER_ND_LLADDR_LEN) {
7386 if (IF_BRIDGE_DEBUG(BR_DBGF_MAC_NAT)) {
7387 printf("%s: source lladdrlen %d != %lu\n",
7388 __func__,
7389 lladdrlen, ETHER_ND_LLADDR_LEN);
7390 }
7391 return;
7392 }
7393 mnr->mnr_ip6_lladdr_offset = (void *)lladdr -
7394 (void *)eh;
7395 mnr->mnr_ip6_icmp6_len = icmp6len;
7396 mnr->mnr_ip6_icmp6_type = icmp6->icmp6_type;
7397 mnr->mnr_ip6_header_len = off;
7398 }
7399 if (is_dad_probe) {
7400 /* node is trying use taddr, create an mne using taddr */
7401 *saddrp = taddr;
7402 }
7403 break;
7404 }
7405 case ND_NEIGHBOR_ADVERT: {
7406 struct nd_neighbor_advert *nd_na;
7407 union nd_opts ndopts;
7408 struct in6_addr taddr;
7409
7410
7411 nd_na = (struct nd_neighbor_advert *)(void *)icmp6;
7412
7413 if (icmp6len < sizeof(*nd_na)) {
7414 if (IF_BRIDGE_DEBUG(BR_DBGF_MAC_NAT)) {
7415 printf("%s: short nd_na %d < %lu\n", __func__,
7416 icmp6len, sizeof(*nd_na));
7417 }
7418 return;
7419 }
7420
7421 bcopy(&nd_na->nd_na_target, &taddr, sizeof(taddr));
7422 if (IN6_IS_ADDR_MULTICAST(&taddr) ||
7423 IN6_IS_ADDR_UNSPECIFIED(&taddr)) {
7424 if (IF_BRIDGE_DEBUG(BR_DBGF_MAC_NAT)) {
7425 printf("%s: invalid target ignored\n", __func__);
7426 }
7427 return;
7428 }
7429 /* parse options */
7430 nd6_option_init(nd_na + 1, icmp6len - sizeof(*nd_na), &ndopts);
7431 if (nd6_options(&ndopts) < 0) {
7432 if (IF_BRIDGE_DEBUG(BR_DBGF_MAC_NAT)) {
7433 printf("%s: invalid ND6 NA option\n", __func__);
7434 }
7435 return;
7436 }
7437 if (ndopts.nd_opts_tgt_lladdr == NULL) {
7438 /* target linklayer, nothing to do */
7439 return;
7440 }
7441 lladdr = (char *)(ndopts.nd_opts_tgt_lladdr + 1);
7442 lladdrlen = ndopts.nd_opts_tgt_lladdr->nd_opt_len << 3;
7443 if (lladdrlen != ETHER_ND_LLADDR_LEN) {
7444 if (IF_BRIDGE_DEBUG(BR_DBGF_MAC_NAT)) {
7445 printf("%s: target lladdrlen %d != %lu\n",
7446 __func__, lladdrlen, ETHER_ND_LLADDR_LEN);
7447 }
7448 return;
7449 }
7450 mnr->mnr_ip6_lladdr_offset = (void *)lladdr - (void *)eh;
7451 mnr->mnr_ip6_icmp6_len = icmp6len;
7452 mnr->mnr_ip6_header_len = off;
7453 mnr->mnr_ip6_icmp6_type = icmp6->icmp6_type;
7454 break;
7455 }
7456 case ND_ROUTER_SOLICIT: {
7457 struct nd_router_solicit *nd_rs;
7458 union nd_opts ndopts;
7459
7460 if (icmp6len < sizeof(*nd_rs)) {
7461 if (IF_BRIDGE_DEBUG(BR_DBGF_MAC_NAT)) {
7462 printf("%s: short nd_rs %d < %lu\n", __func__,
7463 icmp6len, sizeof(*nd_rs));
7464 }
7465 return;
7466 }
7467 nd_rs = (struct nd_router_solicit *)(void *)icmp6;
7468
7469 /* parse options */
7470 nd6_option_init(nd_rs + 1, icmp6len - sizeof(*nd_rs), &ndopts);
7471 if (nd6_options(&ndopts) < 0) {
7472 if (IF_BRIDGE_DEBUG(BR_DBGF_MAC_NAT)) {
7473 printf("%s: invalid ND6 RS option\n", __func__);
7474 }
7475 return;
7476 }
7477 if (ndopts.nd_opts_src_lladdr != NULL) {
7478 lladdr = (char *)(ndopts.nd_opts_src_lladdr + 1);
7479 lladdrlen = ndopts.nd_opts_src_lladdr->nd_opt_len << 3;
7480 }
7481 if (lladdr != NULL) {
7482 if (lladdrlen != ETHER_ND_LLADDR_LEN) {
7483 if (IF_BRIDGE_DEBUG(BR_DBGF_MAC_NAT)) {
7484 printf("%s: source lladdrlen %d != %lu\n",
7485 __func__,
7486 lladdrlen, ETHER_ND_LLADDR_LEN);
7487 }
7488 return;
7489 }
7490 mnr->mnr_ip6_lladdr_offset = (void *)lladdr -
7491 (void *)eh;
7492 mnr->mnr_ip6_icmp6_len = icmp6len;
7493 mnr->mnr_ip6_icmp6_type = icmp6->icmp6_type;
7494 mnr->mnr_ip6_header_len = off;
7495 }
7496 break;
7497 }
7498 default:
7499 break;
7500 }
7501 if (mnr->mnr_ip6_lladdr_offset != 0 &&
7502 IF_BRIDGE_DEBUG(BR_DBGF_MAC_NAT)) {
7503 const char *str;
7504
7505 switch (mnr->mnr_ip6_icmp6_type) {
7506 case ND_ROUTER_SOLICIT:
7507 str = "ROUTER SOLICIT";
7508 break;
7509 case ND_NEIGHBOR_ADVERT:
7510 str = "NEIGHBOR ADVERT";
7511 break;
7512 case ND_NEIGHBOR_SOLICIT:
7513 str = "NEIGHBOR SOLICIT";
7514 break;
7515 default:
7516 str = "";
7517 break;
7518 }
7519 printf("%s %s %s ip6len %d icmp6len %d lladdr offset %d\n",
7520 sc->sc_if_xname, bif->bif_ifp->if_xname, str,
7521 mnr->mnr_ip6_header_len,
7522 mnr->mnr_ip6_icmp6_len, mnr->mnr_ip6_lladdr_offset);
7523 }
7524 }
7525
7526 static struct mac_nat_entry *
7527 bridge_mac_nat_ipv6_input(struct bridge_softc *sc, mbuf_t *data)
7528 {
7529 struct in6_addr dst;
7530 struct ether_header *eh;
7531 struct ip6_hdr *ip6h;
7532 struct mac_nat_entry *mne = NULL;
7533
7534 eh = get_ether_ipv6_header(data, FALSE);
7535 if (eh == NULL) {
7536 goto done;
7537 }
7538 ip6h = (struct ip6_hdr *)(void *)(eh + 1);
7539 bcopy(&ip6h->ip6_dst, &dst, sizeof(dst));
7540 /* XXX validate IPv6 address */
7541 if (IN6_IS_ADDR_UNSPECIFIED(&dst)) {
7542 goto done;
7543 }
7544 mne = bridge_lookup_mac_nat_entry(sc, AF_INET6, &dst);
7545
7546 done:
7547 return mne;
7548 }
7549
7550 static boolean_t
7551 bridge_mac_nat_ipv6_output(struct bridge_softc *sc,
7552 struct bridge_iflist *bif, mbuf_t *data, struct mac_nat_record *mnr)
7553 {
7554 struct ether_header *eh;
7555 struct ip6_hdr *ip6h;
7556 struct in6_addr saddr;
7557 boolean_t translate;
7558
7559 translate = (bif == sc->sc_mac_nat_bif) ? FALSE : TRUE;
7560 eh = get_ether_ipv6_header(data, TRUE);
7561 if (eh == NULL) {
7562 translate = FALSE;
7563 goto done;
7564 }
7565 ip6h = (struct ip6_hdr *)(void *)(eh + 1);
7566 bcopy(&ip6h->ip6_src, &saddr, sizeof(saddr));
7567 if (mnr != NULL && ip6h->ip6_nxt == IPPROTO_ICMPV6) {
7568 bridge_mac_nat_icmpv6_output(sc, bif, data,
7569 eh, ip6h, &saddr, mnr);
7570 }
7571 if (IN6_IS_ADDR_UNSPECIFIED(&saddr)) {
7572 goto done;
7573 }
7574 (void)bridge_update_mac_nat_entry(sc, bif, AF_INET6, &saddr,
7575 eh->ether_shost);
7576
7577 done:
7578 return translate;
7579 }
7580
7581 /*
7582 * bridge_mac_nat_input:
7583 * Process a packet arriving on the MAC NAT interface (sc_mac_nat_bif).
7584 * This interface is the "external" interface with respect to NAT.
7585 * The interface is only capable of receiving a single MAC address
7586 * (e.g. a Wi-Fi STA interface).
7587 *
7588 * When a packet arrives on the external interface, look up the destination
7589 * IP address in the mac_nat_entry table. If there is a match, *is_input
7590 * is set to TRUE if it's for the MAC NAT interface, otherwise *is_input
7591 * is set to FALSE and translate the MAC address if necessary.
7592 *
7593 * Returns:
7594 * The internal interface to direct the packet to, or NULL if the packet
7595 * should not be redirected.
7596 *
7597 * *data may be updated to point at a different mbuf chain, or set to NULL
7598 * if the chain was deallocated during processing.
7599 */
7600 static ifnet_t
7601 bridge_mac_nat_input(struct bridge_softc *sc, mbuf_t *data,
7602 boolean_t *is_input)
7603 {
7604 ifnet_t dst_if = NULL;
7605 struct ether_header *eh;
7606 uint16_t ether_type;
7607 boolean_t is_unicast;
7608 mbuf_t m = *data;
7609 struct mac_nat_entry *mne = NULL;
7610
7611 BRIDGE_LOCK_ASSERT_HELD(sc);
7612 *is_input = FALSE;
7613 assert(sc->sc_mac_nat_bif != NULL);
7614 is_unicast = ((m->m_flags & (M_BCAST | M_MCAST)) == 0);
7615 eh = mtod(m, struct ether_header *);
7616 ether_type = ntohs(eh->ether_type);
7617 switch (ether_type) {
7618 case ETHERTYPE_ARP:
7619 mne = bridge_mac_nat_arp_input(sc, data);
7620 break;
7621 case ETHERTYPE_IP:
7622 if (is_unicast) {
7623 mne = bridge_mac_nat_ip_input(sc, data);
7624 }
7625 break;
7626 case ETHERTYPE_IPV6:
7627 if (is_unicast) {
7628 mne = bridge_mac_nat_ipv6_input(sc, data);
7629 }
7630 break;
7631 default:
7632 break;
7633 }
7634 if (mne != NULL) {
7635 if (is_unicast) {
7636 if (m != *data) {
7637 /* it may have changed */
7638 eh = mtod(*data, struct ether_header *);
7639 }
7640 bcopy(mne->mne_mac, eh->ether_dhost,
7641 sizeof(eh->ether_dhost));
7642 }
7643 dst_if = mne->mne_bif->bif_ifp;
7644 *is_input = (mne->mne_bif == sc->sc_mac_nat_bif);
7645 }
7646 return dst_if;
7647 }
7648
7649 /*
7650 * bridge_mac_nat_output:
7651 * Process a packet destined to the MAC NAT interface (sc_mac_nat_bif)
7652 * from the interface 'bif'.
7653 *
7654 * Create a mac_nat_entry containing the source IP address and MAC address
7655 * from the packet. Populate a mac_nat_record with information detailing
7656 * how to translate the packet. Translation takes place later when
7657 * the bridge lock is no longer held.
7658 *
7659 * If 'bif' == sc_mac_nat_bif, the stack over the MAC NAT
7660 * interface is generating an output packet. No translation is required in this
7661 * case, we just record the IP address used to prevent another bif from
7662 * claiming our IP address.
7663 *
7664 * Returns:
7665 * TRUE if the packet should be translated (*mnr updated as well),
7666 * FALSE otherwise.
7667 *
7668 * *data may be updated to point at a different mbuf chain or NULL if
7669 * the chain was deallocated during processing.
7670 */
7671
7672 static boolean_t
7673 bridge_mac_nat_output(struct bridge_softc *sc,
7674 struct bridge_iflist *bif, mbuf_t *data, struct mac_nat_record *mnr)
7675 {
7676 struct ether_header *eh;
7677 uint16_t ether_type;
7678 boolean_t translate = FALSE;
7679
7680 BRIDGE_LOCK_ASSERT_HELD(sc);
7681 assert(sc->sc_mac_nat_bif != NULL);
7682
7683 eh = mtod(*data, struct ether_header *);
7684 ether_type = ntohs(eh->ether_type);
7685 if (mnr != NULL) {
7686 bzero(mnr, sizeof(*mnr));
7687 mnr->mnr_ether_type = ether_type;
7688 }
7689 switch (ether_type) {
7690 case ETHERTYPE_ARP:
7691 translate = bridge_mac_nat_arp_output(sc, bif, data, mnr);
7692 break;
7693 case ETHERTYPE_IP:
7694 translate = bridge_mac_nat_ip_output(sc, bif, data, mnr);
7695 break;
7696 case ETHERTYPE_IPV6:
7697 translate = bridge_mac_nat_ipv6_output(sc, bif, data, mnr);
7698 break;
7699 default:
7700 break;
7701 }
7702 return translate;
7703 }
7704
7705 static void
7706 bridge_mac_nat_arp_translate(mbuf_t *data, struct mac_nat_record *mnr,
7707 const caddr_t eaddr)
7708 {
7709 errno_t error;
7710
7711 if (mnr->mnr_arp_offset == 0) {
7712 return;
7713 }
7714 /* replace the source hardware address */
7715 error = mbuf_copyback(*data, mnr->mnr_arp_offset,
7716 ETHER_ADDR_LEN, eaddr,
7717 MBUF_DONTWAIT);
7718 if (error != 0) {
7719 printf("%s: mbuf_copyback failed\n",
7720 __func__);
7721 m_freem(*data);
7722 *data = NULL;
7723 }
7724 return;
7725 }
7726
7727 static void
7728 bridge_mac_nat_ip_translate(mbuf_t *data, struct mac_nat_record *mnr)
7729 {
7730 errno_t error;
7731 size_t offset;
7732
7733 if (mnr->mnr_ip_header_len == 0) {
7734 return;
7735 }
7736 /* update the UDP checksum */
7737 offset = sizeof(struct ether_header) + mnr->mnr_ip_header_len;
7738 error = mbuf_copyback(*data, offset + offsetof(struct udphdr, uh_sum),
7739 sizeof(mnr->mnr_ip_udp_csum),
7740 &mnr->mnr_ip_udp_csum,
7741 MBUF_DONTWAIT);
7742 if (error != 0) {
7743 printf("%s: mbuf_copyback uh_sum failed\n",
7744 __func__);
7745 m_freem(*data);
7746 *data = NULL;
7747 }
7748 /* update the DHCP must broadcast flag */
7749 offset += sizeof(struct udphdr);
7750 error = mbuf_copyback(*data, offset + offsetof(struct dhcp, dp_flags),
7751 sizeof(mnr->mnr_ip_dhcp_flags),
7752 &mnr->mnr_ip_dhcp_flags,
7753 MBUF_DONTWAIT);
7754 if (error != 0) {
7755 printf("%s: mbuf_copyback dp_flags failed\n",
7756 __func__);
7757 m_freem(*data);
7758 *data = NULL;
7759 }
7760 }
7761
7762 static void
7763 bridge_mac_nat_ipv6_translate(mbuf_t *data, struct mac_nat_record *mnr,
7764 const caddr_t eaddr)
7765 {
7766 uint16_t cksum;
7767 errno_t error;
7768 mbuf_t m = *data;
7769
7770 if (mnr->mnr_ip6_header_len == 0) {
7771 return;
7772 }
7773 switch (mnr->mnr_ip6_icmp6_type) {
7774 case ND_ROUTER_SOLICIT:
7775 case ND_NEIGHBOR_SOLICIT:
7776 case ND_NEIGHBOR_ADVERT:
7777 if (mnr->mnr_ip6_lladdr_offset == 0) {
7778 /* nothing to do */
7779 return;
7780 }
7781 break;
7782 default:
7783 return;
7784 }
7785
7786 /*
7787 * replace the lladdr
7788 */
7789 error = mbuf_copyback(m, mnr->mnr_ip6_lladdr_offset,
7790 ETHER_ADDR_LEN, eaddr,
7791 MBUF_DONTWAIT);
7792 if (error != 0) {
7793 printf("%s: mbuf_copyback lladdr failed\n",
7794 __func__);
7795 m_freem(m);
7796 *data = NULL;
7797 return;
7798 }
7799
7800 /*
7801 * recompute the icmp6 checksum
7802 */
7803
7804 /* skip past the ethernet header */
7805 mbuf_setdata(m, (char *)mbuf_data(m) + ETHER_HDR_LEN,
7806 mbuf_len(m) - ETHER_HDR_LEN);
7807 mbuf_pkthdr_adjustlen(m, -ETHER_HDR_LEN);
7808
7809 #define CKSUM_OFFSET_ICMP6 offsetof(struct icmp6_hdr, icmp6_cksum)
7810 /* set the checksum to zero */
7811 cksum = 0;
7812 error = mbuf_copyback(m, mnr->mnr_ip6_header_len + CKSUM_OFFSET_ICMP6,
7813 sizeof(cksum), &cksum, MBUF_DONTWAIT);
7814 if (error != 0) {
7815 printf("%s: mbuf_copyback cksum=0 failed\n",
7816 __func__);
7817 m_freem(m);
7818 *data = NULL;
7819 return;
7820 }
7821 /* compute and set the new checksum */
7822 cksum = in6_cksum(m, IPPROTO_ICMPV6, mnr->mnr_ip6_header_len,
7823 mnr->mnr_ip6_icmp6_len);
7824 error = mbuf_copyback(m, mnr->mnr_ip6_header_len + CKSUM_OFFSET_ICMP6,
7825 sizeof(cksum), &cksum, MBUF_DONTWAIT);
7826 if (error != 0) {
7827 printf("%s: mbuf_copyback cksum failed\n",
7828 __func__);
7829 m_freem(m);
7830 *data = NULL;
7831 return;
7832 }
7833 /* restore the ethernet header */
7834 mbuf_setdata(m, (char *)mbuf_data(m) - ETHER_HDR_LEN,
7835 mbuf_len(m) + ETHER_HDR_LEN);
7836 mbuf_pkthdr_adjustlen(m, ETHER_HDR_LEN);
7837 return;
7838 }
7839
7840 static void
7841 bridge_mac_nat_translate(mbuf_t *data, struct mac_nat_record *mnr,
7842 const caddr_t eaddr)
7843 {
7844 struct ether_header *eh;
7845
7846 /* replace the source ethernet address with the single MAC */
7847 eh = mtod(*data, struct ether_header *);
7848 bcopy(eaddr, eh->ether_shost, sizeof(eh->ether_shost));
7849 switch (mnr->mnr_ether_type) {
7850 case ETHERTYPE_ARP:
7851 bridge_mac_nat_arp_translate(data, mnr, eaddr);
7852 break;
7853
7854 case ETHERTYPE_IP:
7855 bridge_mac_nat_ip_translate(data, mnr);
7856 break;
7857
7858 case ETHERTYPE_IPV6:
7859 bridge_mac_nat_ipv6_translate(data, mnr, eaddr);
7860 break;
7861
7862 default:
7863 break;
7864 }
7865 return;
7866 }
7867
7868 /*
7869 * bridge packet filtering
7870 */
7871
7872 /*
7873 * Perform basic checks on header size since
7874 * pfil assumes ip_input has already processed
7875 * it for it. Cut-and-pasted from ip_input.c.
7876 * Given how simple the IPv6 version is,
7877 * does the IPv4 version really need to be
7878 * this complicated?
7879 *
7880 * XXX Should we update ipstat here, or not?
7881 * XXX Right now we update ipstat but not
7882 * XXX csum_counter.
7883 */
7884 static int
7885 bridge_ip_checkbasic(struct mbuf **mp)
7886 {
7887 struct mbuf *m = *mp;
7888 struct ip *ip;
7889 int len, hlen;
7890 u_short sum;
7891
7892 if (*mp == NULL) {
7893 return -1;
7894 }
7895
7896 if (IP_HDR_ALIGNED_P(mtod(m, caddr_t)) == 0) {
7897 /* max_linkhdr is already rounded up to nearest 4-byte */
7898 if ((m = m_copyup(m, sizeof(struct ip),
7899 max_linkhdr)) == NULL) {
7900 /* XXXJRT new stat, please */
7901 ipstat.ips_toosmall++;
7902 goto bad;
7903 }
7904 } else if (OS_EXPECT((size_t)m->m_len < sizeof(struct ip), 0)) {
7905 if ((m = m_pullup(m, sizeof(struct ip))) == NULL) {
7906 ipstat.ips_toosmall++;
7907 goto bad;
7908 }
7909 }
7910 ip = mtod(m, struct ip *);
7911 if (ip == NULL) {
7912 goto bad;
7913 }
7914
7915 if (IP_VHL_V(ip->ip_vhl) != IPVERSION) {
7916 ipstat.ips_badvers++;
7917 goto bad;
7918 }
7919 hlen = IP_VHL_HL(ip->ip_vhl) << 2;
7920 if (hlen < (int)sizeof(struct ip)) { /* minimum header length */
7921 ipstat.ips_badhlen++;
7922 goto bad;
7923 }
7924 if (hlen > m->m_len) {
7925 if ((m = m_pullup(m, hlen)) == 0) {
7926 ipstat.ips_badhlen++;
7927 goto bad;
7928 }
7929 ip = mtod(m, struct ip *);
7930 if (ip == NULL) {
7931 goto bad;
7932 }
7933 }
7934
7935 if (m->m_pkthdr.csum_flags & CSUM_IP_CHECKED) {
7936 sum = !(m->m_pkthdr.csum_flags & CSUM_IP_VALID);
7937 } else {
7938 if (hlen == sizeof(struct ip)) {
7939 sum = in_cksum_hdr(ip);
7940 } else {
7941 sum = in_cksum(m, hlen);
7942 }
7943 }
7944 if (sum) {
7945 ipstat.ips_badsum++;
7946 goto bad;
7947 }
7948
7949 /* Retrieve the packet length. */
7950 len = ntohs(ip->ip_len);
7951
7952 /*
7953 * Check for additional length bogosity
7954 */
7955 if (len < hlen) {
7956 ipstat.ips_badlen++;
7957 goto bad;
7958 }
7959
7960 /*
7961 * Check that the amount of data in the buffers
7962 * is as at least much as the IP header would have us expect.
7963 * Drop packet if shorter than we expect.
7964 */
7965 if (m->m_pkthdr.len < len) {
7966 ipstat.ips_tooshort++;
7967 goto bad;
7968 }
7969
7970 /* Checks out, proceed */
7971 *mp = m;
7972 return 0;
7973
7974 bad:
7975 *mp = m;
7976 return -1;
7977 }
7978
7979 /*
7980 * Same as above, but for IPv6.
7981 * Cut-and-pasted from ip6_input.c.
7982 * XXX Should we update ip6stat, or not?
7983 */
7984 static int
7985 bridge_ip6_checkbasic(struct mbuf **mp)
7986 {
7987 struct mbuf *m = *mp;
7988 struct ip6_hdr *ip6;
7989
7990 /*
7991 * If the IPv6 header is not aligned, slurp it up into a new
7992 * mbuf with space for link headers, in the event we forward
7993 * it. Otherwise, if it is aligned, make sure the entire base
7994 * IPv6 header is in the first mbuf of the chain.
7995 */
7996 if (IP6_HDR_ALIGNED_P(mtod(m, caddr_t)) == 0) {
7997 struct ifnet *inifp = m->m_pkthdr.rcvif;
7998 /* max_linkhdr is already rounded up to nearest 4-byte */
7999 if ((m = m_copyup(m, sizeof(struct ip6_hdr),
8000 max_linkhdr)) == NULL) {
8001 /* XXXJRT new stat, please */
8002 ip6stat.ip6s_toosmall++;
8003 in6_ifstat_inc(inifp, ifs6_in_hdrerr);
8004 goto bad;
8005 }
8006 } else if (OS_EXPECT((size_t)m->m_len < sizeof(struct ip6_hdr), 0)) {
8007 struct ifnet *inifp = m->m_pkthdr.rcvif;
8008 if ((m = m_pullup(m, sizeof(struct ip6_hdr))) == NULL) {
8009 ip6stat.ip6s_toosmall++;
8010 in6_ifstat_inc(inifp, ifs6_in_hdrerr);
8011 goto bad;
8012 }
8013 }
8014
8015 ip6 = mtod(m, struct ip6_hdr *);
8016
8017 if ((ip6->ip6_vfc & IPV6_VERSION_MASK) != IPV6_VERSION) {
8018 ip6stat.ip6s_badvers++;
8019 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_hdrerr);
8020 goto bad;
8021 }
8022
8023 /* Checks out, proceed */
8024 *mp = m;
8025 return 0;
8026
8027 bad:
8028 *mp = m;
8029 return -1;
8030 }
8031
8032 /*
8033 * the PF routines expect to be called from ip_input, so we
8034 * need to do and undo here some of the same processing.
8035 *
8036 * XXX : this is heavily inspired on bridge_pfil()
8037 */
8038 static int
8039 bridge_pf(struct mbuf **mp, struct ifnet *ifp, uint32_t sc_filter_flags,
8040 int input)
8041 {
8042 /*
8043 * XXX : mpetit : heavily inspired by bridge_pfil()
8044 */
8045
8046 int snap, error, i, hlen;
8047 struct ether_header *eh1, eh2;
8048 struct ip *ip;
8049 struct llc llc1;
8050 u_int16_t ether_type;
8051
8052 snap = 0;
8053 error = -1; /* Default error if not error == 0 */
8054
8055 if ((sc_filter_flags & IFBF_FILT_MEMBER) == 0) {
8056 return 0; /* filtering is disabled */
8057 }
8058 i = min((*mp)->m_pkthdr.len, max_protohdr);
8059 if ((*mp)->m_len < i) {
8060 *mp = m_pullup(*mp, i);
8061 if (*mp == NULL) {
8062 printf("%s: m_pullup failed\n", __func__);
8063 return -1;
8064 }
8065 }
8066
8067 eh1 = mtod(*mp, struct ether_header *);
8068 ether_type = ntohs(eh1->ether_type);
8069
8070 /*
8071 * Check for SNAP/LLC.
8072 */
8073 if (ether_type < ETHERMTU) {
8074 struct llc *llc2 = (struct llc *)(eh1 + 1);
8075
8076 if ((*mp)->m_len >= ETHER_HDR_LEN + 8 &&
8077 llc2->llc_dsap == LLC_SNAP_LSAP &&
8078 llc2->llc_ssap == LLC_SNAP_LSAP &&
8079 llc2->llc_control == LLC_UI) {
8080 ether_type = htons(llc2->llc_un.type_snap.ether_type);
8081 snap = 1;
8082 }
8083 }
8084
8085 /*
8086 * If we're trying to filter bridge traffic, don't look at anything
8087 * other than IP and ARP traffic. If the filter doesn't understand
8088 * IPv6, don't allow IPv6 through the bridge either. This is lame
8089 * since if we really wanted, say, an AppleTalk filter, we are hosed,
8090 * but of course we don't have an AppleTalk filter to begin with.
8091 * (Note that since pfil doesn't understand ARP it will pass *ALL*
8092 * ARP traffic.)
8093 */
8094 switch (ether_type) {
8095 case ETHERTYPE_ARP:
8096 case ETHERTYPE_REVARP:
8097 return 0; /* Automatically pass */
8098
8099 case ETHERTYPE_IP:
8100 case ETHERTYPE_IPV6:
8101 break;
8102 default:
8103 /*
8104 * Check to see if the user wants to pass non-ip
8105 * packets, these will not be checked by pf and
8106 * passed unconditionally so the default is to drop.
8107 */
8108 if ((sc_filter_flags & IFBF_FILT_ONLYIP)) {
8109 goto bad;
8110 }
8111 break;
8112 }
8113
8114 /* Strip off the Ethernet header and keep a copy. */
8115 m_copydata(*mp, 0, ETHER_HDR_LEN, (caddr_t)&eh2);
8116 m_adj(*mp, ETHER_HDR_LEN);
8117
8118 /* Strip off snap header, if present */
8119 if (snap) {
8120 m_copydata(*mp, 0, sizeof(struct llc), (caddr_t)&llc1);
8121 m_adj(*mp, sizeof(struct llc));
8122 }
8123
8124 /*
8125 * Check the IP header for alignment and errors
8126 */
8127 switch (ether_type) {
8128 case ETHERTYPE_IP:
8129 error = bridge_ip_checkbasic(mp);
8130 break;
8131 case ETHERTYPE_IPV6:
8132 error = bridge_ip6_checkbasic(mp);
8133 break;
8134 default:
8135 error = 0;
8136 break;
8137 }
8138 if (error) {
8139 goto bad;
8140 }
8141
8142 error = 0;
8143
8144 /*
8145 * Run the packet through pf rules
8146 */
8147 switch (ether_type) {
8148 case ETHERTYPE_IP:
8149 /*
8150 * before calling the firewall, swap fields the same as
8151 * IP does. here we assume the header is contiguous
8152 */
8153 ip = mtod(*mp, struct ip *);
8154
8155 ip->ip_len = ntohs(ip->ip_len);
8156 ip->ip_off = ntohs(ip->ip_off);
8157
8158 if (ifp != NULL) {
8159 error = pf_af_hook(ifp, 0, mp, AF_INET, input, NULL);
8160 }
8161
8162 if (*mp == NULL || error != 0) { /* filter may consume */
8163 break;
8164 }
8165
8166 /* Recalculate the ip checksum and restore byte ordering */
8167 ip = mtod(*mp, struct ip *);
8168 hlen = IP_VHL_HL(ip->ip_vhl) << 2;
8169 if (hlen < (int)sizeof(struct ip)) {
8170 goto bad;
8171 }
8172 if (hlen > (*mp)->m_len) {
8173 if ((*mp = m_pullup(*mp, hlen)) == 0) {
8174 goto bad;
8175 }
8176 ip = mtod(*mp, struct ip *);
8177 if (ip == NULL) {
8178 goto bad;
8179 }
8180 }
8181 ip->ip_len = htons(ip->ip_len);
8182 ip->ip_off = htons(ip->ip_off);
8183 ip->ip_sum = 0;
8184 if (hlen == sizeof(struct ip)) {
8185 ip->ip_sum = in_cksum_hdr(ip);
8186 } else {
8187 ip->ip_sum = in_cksum(*mp, hlen);
8188 }
8189 break;
8190
8191 case ETHERTYPE_IPV6:
8192 if (ifp != NULL) {
8193 error = pf_af_hook(ifp, 0, mp, AF_INET6, input, NULL);
8194 }
8195
8196 if (*mp == NULL || error != 0) { /* filter may consume */
8197 break;
8198 }
8199 break;
8200 default:
8201 error = 0;
8202 break;
8203 }
8204
8205 if (*mp == NULL) {
8206 return error;
8207 }
8208 if (error != 0) {
8209 goto bad;
8210 }
8211
8212 error = -1;
8213
8214 /*
8215 * Finally, put everything back the way it was and return
8216 */
8217 if (snap) {
8218 M_PREPEND(*mp, sizeof(struct llc), M_DONTWAIT, 0);
8219 if (*mp == NULL) {
8220 return error;
8221 }
8222 bcopy(&llc1, mtod(*mp, caddr_t), sizeof(struct llc));
8223 }
8224
8225 M_PREPEND(*mp, ETHER_HDR_LEN, M_DONTWAIT, 0);
8226 if (*mp == NULL) {
8227 return error;
8228 }
8229 bcopy(&eh2, mtod(*mp, caddr_t), ETHER_HDR_LEN);
8230
8231 return 0;
8232
8233 bad:
8234 m_freem(*mp);
8235 *mp = NULL;
8236 return error;
8237 }
8238
8239 /*
8240 * Copyright (C) 2014, Stefano Garzarella - Universita` di Pisa.
8241 * All rights reserved.
8242 *
8243 * Redistribution and use in source and binary forms, with or without
8244 * modification, are permitted provided that the following conditions
8245 * are met:
8246 * 1. Redistributions of source code must retain the above copyright
8247 * notice, this list of conditions and the following disclaimer.
8248 * 2. Redistributions in binary form must reproduce the above copyright
8249 * notice, this list of conditions and the following disclaimer in the
8250 * documentation and/or other materials provided with the distribution.
8251 *
8252 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
8253 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
8254 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
8255 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
8256 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
8257 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
8258 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
8259 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
8260 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
8261 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
8262 * SUCH DAMAGE.
8263 */
8264
8265 /*
8266 * XXX-ste: Maybe this function must be moved into kern/uipc_mbuf.c
8267 *
8268 * Create a queue of packets/segments which fit the given mss + hdr_len.
8269 * m0 points to mbuf chain to be segmented.
8270 * This function splits the payload (m0-> m_pkthdr.len - hdr_len)
8271 * into segments of length MSS bytes and then copy the first hdr_len bytes
8272 * from m0 at the top of each segment.
8273 * If hdr2_buf is not NULL (hdr2_len is the buf length), it is copied
8274 * in each segment after the first hdr_len bytes
8275 *
8276 * Return the new queue with the segments on success, NULL on failure.
8277 * (the mbuf queue is freed in this case).
8278 * nsegs contains the number of segments generated.
8279 */
8280
8281 static struct mbuf *
8282 m_seg(struct mbuf *m0, int hdr_len, int mss, int *nsegs,
8283 char * hdr2_buf, int hdr2_len)
8284 {
8285 int off = 0, n, firstlen;
8286 struct mbuf **mnext, *mseg;
8287 int total_len = m0->m_pkthdr.len;
8288
8289 /*
8290 * Segmentation useless
8291 */
8292 if (total_len <= hdr_len + mss) {
8293 return m0;
8294 }
8295
8296 if (hdr2_buf == NULL || hdr2_len <= 0) {
8297 hdr2_buf = NULL;
8298 hdr2_len = 0;
8299 }
8300
8301 off = hdr_len + mss;
8302 firstlen = mss; /* first segment stored in the original mbuf */
8303
8304 mnext = &(m0->m_nextpkt); /* pointer to next packet */
8305
8306 for (n = 1; off < total_len; off += mss, n++) {
8307 struct mbuf *m;
8308 /*
8309 * Copy the header from the original packet
8310 * and create a new mbuf chain
8311 */
8312 if (MHLEN < hdr_len) {
8313 m = m_getcl(M_NOWAIT, MT_DATA, M_PKTHDR);
8314 } else {
8315 m = m_gethdr(M_NOWAIT, MT_DATA);
8316 }
8317
8318 if (m == NULL) {
8319 #ifdef GSO_DEBUG
8320 D("MGETHDR error\n");
8321 #endif
8322 goto err;
8323 }
8324
8325 m_copydata(m0, 0, hdr_len, mtod(m, caddr_t));
8326
8327 m->m_len = hdr_len;
8328 /*
8329 * if the optional header is present, copy it
8330 */
8331 if (hdr2_buf != NULL) {
8332 m_copyback(m, hdr_len, hdr2_len, hdr2_buf);
8333 }
8334
8335 m->m_flags |= (m0->m_flags & M_COPYFLAGS);
8336 if (off + mss >= total_len) { /* last segment */
8337 mss = total_len - off;
8338 }
8339 /*
8340 * Copy the payload from original packet
8341 */
8342 mseg = m_copym(m0, off, mss, M_NOWAIT);
8343 if (mseg == NULL) {
8344 m_freem(m);
8345 #ifdef GSO_DEBUG
8346 D("m_copym error\n");
8347 #endif
8348 goto err;
8349 }
8350 m_cat(m, mseg);
8351
8352 m->m_pkthdr.len = hdr_len + hdr2_len + mss;
8353 m->m_pkthdr.rcvif = m0->m_pkthdr.rcvif;
8354 /*
8355 * Copy the checksum flags and data (in_cksum() need this)
8356 */
8357 m->m_pkthdr.csum_flags = m0->m_pkthdr.csum_flags;
8358 m->m_pkthdr.csum_data = m0->m_pkthdr.csum_data;
8359 m->m_pkthdr.tso_segsz = m0->m_pkthdr.tso_segsz;
8360
8361 *mnext = m;
8362 mnext = &(m->m_nextpkt);
8363 }
8364
8365 /*
8366 * Update first segment.
8367 * If the optional header is present, is necessary
8368 * to insert it into the first segment.
8369 */
8370 if (hdr2_buf == NULL) {
8371 m_adj(m0, hdr_len + firstlen - total_len);
8372 m0->m_pkthdr.len = hdr_len + firstlen;
8373 } else {
8374 mseg = m_copym(m0, hdr_len, firstlen, M_NOWAIT);
8375 if (mseg == NULL) {
8376 #ifdef GSO_DEBUG
8377 D("m_copym error\n");
8378 #endif
8379 goto err;
8380 }
8381 m_adj(m0, hdr_len - total_len);
8382 m_copyback(m0, hdr_len, hdr2_len, hdr2_buf);
8383 m_cat(m0, mseg);
8384 m0->m_pkthdr.len = hdr_len + hdr2_len + firstlen;
8385 }
8386
8387 if (nsegs != NULL) {
8388 *nsegs = n;
8389 }
8390 return m0;
8391 err:
8392 while (m0 != NULL) {
8393 mseg = m0->m_nextpkt;
8394 m0->m_nextpkt = NULL;
8395 m_freem(m0);
8396 m0 = mseg;
8397 }
8398 return NULL;
8399 }
8400
8401 /*
8402 * Wrappers of IPv4 checksum functions
8403 */
8404 static inline void
8405 gso_ipv4_data_cksum(struct mbuf *m, struct ip *ip, int mac_hlen)
8406 {
8407 m->m_data += mac_hlen;
8408 m->m_len -= mac_hlen;
8409 m->m_pkthdr.len -= mac_hlen;
8410 #if __FreeBSD_version < 1000000
8411 ip->ip_len = ntohs(ip->ip_len); /* needed for in_delayed_cksum() */
8412 #endif
8413
8414 in_delayed_cksum(m);
8415
8416 #if __FreeBSD_version < 1000000
8417 ip->ip_len = htons(ip->ip_len);
8418 #endif
8419 m->m_pkthdr.csum_flags &= ~CSUM_DELAY_DATA;
8420 m->m_len += mac_hlen;
8421 m->m_pkthdr.len += mac_hlen;
8422 m->m_data -= mac_hlen;
8423 }
8424
8425 static inline void
8426 gso_ipv4_hdr_cksum(struct mbuf *m, struct ip *ip, int mac_hlen, int ip_hlen)
8427 {
8428 m->m_data += mac_hlen;
8429
8430 ip->ip_sum = in_cksum(m, ip_hlen);
8431
8432 m->m_pkthdr.csum_flags &= ~CSUM_IP;
8433 m->m_data -= mac_hlen;
8434 }
8435
8436 /*
8437 * Structure that contains the state during the TCP segmentation
8438 */
8439 struct gso_ip_tcp_state {
8440 void (*update)
8441 (struct gso_ip_tcp_state*, struct mbuf*);
8442 void (*internal)
8443 (struct gso_ip_tcp_state*, struct mbuf*);
8444 union {
8445 struct ip *ip;
8446 struct ip6_hdr *ip6;
8447 } hdr;
8448 struct tcphdr *tcp;
8449 int mac_hlen;
8450 int ip_hlen;
8451 int tcp_hlen;
8452 int hlen;
8453 int pay_len;
8454 int sw_csum;
8455 uint32_t tcp_seq;
8456 uint16_t ip_id;
8457 boolean_t is_tx;
8458 };
8459
8460 /*
8461 * Update the pointers to TCP and IPv4 headers
8462 */
8463 static inline void
8464 gso_ipv4_tcp_update(struct gso_ip_tcp_state *state, struct mbuf *m)
8465 {
8466 state->hdr.ip = (struct ip *)(void *)(mtod(m, uint8_t *) + state->mac_hlen);
8467 state->tcp = (struct tcphdr *)(void *)((caddr_t)(state->hdr.ip) + state->ip_hlen);
8468 state->pay_len = m->m_pkthdr.len - state->hlen;
8469 }
8470
8471 /*
8472 * Set properly the TCP and IPv4 headers
8473 */
8474 static inline void
8475 gso_ipv4_tcp_internal(struct gso_ip_tcp_state *state, struct mbuf *m)
8476 {
8477 /*
8478 * Update IP header
8479 */
8480 state->hdr.ip->ip_id = htons((state->ip_id)++);
8481 state->hdr.ip->ip_len = htons(m->m_pkthdr.len - state->mac_hlen);
8482 /*
8483 * TCP Checksum
8484 */
8485 state->tcp->th_sum = 0;
8486 state->tcp->th_sum = in_pseudo(state->hdr.ip->ip_src.s_addr,
8487 state->hdr.ip->ip_dst.s_addr,
8488 htons(state->tcp_hlen + IPPROTO_TCP + state->pay_len));
8489 /*
8490 * Checksum HW not supported (TCP)
8491 */
8492 if (state->sw_csum & CSUM_DELAY_DATA) {
8493 gso_ipv4_data_cksum(m, state->hdr.ip, state->mac_hlen);
8494 }
8495
8496 state->tcp_seq += state->pay_len;
8497 /*
8498 * IP Checksum
8499 */
8500 state->hdr.ip->ip_sum = 0;
8501 /*
8502 * Checksum HW not supported (IP)
8503 */
8504 if (state->sw_csum & CSUM_IP) {
8505 gso_ipv4_hdr_cksum(m, state->hdr.ip, state->mac_hlen, state->ip_hlen);
8506 }
8507 }
8508
8509
8510 /*
8511 * Updates the pointers to TCP and IPv6 headers
8512 */
8513 static inline void
8514 gso_ipv6_tcp_update(struct gso_ip_tcp_state *state, struct mbuf *m)
8515 {
8516 state->hdr.ip6 = (struct ip6_hdr *)(mtod(m, uint8_t *) + state->mac_hlen);
8517 state->tcp = (struct tcphdr *)(void *)((caddr_t)(state->hdr.ip6) + state->ip_hlen);
8518 state->pay_len = m->m_pkthdr.len - state->hlen;
8519 }
8520
8521 /*
8522 * Sets properly the TCP and IPv6 headers
8523 */
8524 static inline void
8525 gso_ipv6_tcp_internal(struct gso_ip_tcp_state *state, struct mbuf *m)
8526 {
8527 state->hdr.ip6->ip6_plen = htons(m->m_pkthdr.len -
8528 state->mac_hlen - state->ip_hlen);
8529 /*
8530 * TCP Checksum
8531 */
8532 state->tcp->th_sum = 0;
8533 state->tcp->th_sum = in6_pseudo(&state->hdr.ip6->ip6_src,
8534 &state->hdr.ip6->ip6_dst,
8535 htonl(state->tcp_hlen + state->pay_len + IPPROTO_TCP));
8536 /*
8537 * Checksum HW not supported (TCP)
8538 */
8539 if (state->sw_csum & CSUM_DELAY_IPV6_DATA) {
8540 (void)in6_finalize_cksum(m, state->mac_hlen, -1, -1, state->sw_csum);
8541 m->m_pkthdr.csum_flags &= ~CSUM_DELAY_IPV6_DATA;
8542 }
8543 state->tcp_seq += state->pay_len;
8544 }
8545
8546 /*
8547 * Init the state during the TCP segmentation
8548 */
8549 static inline boolean_t
8550 gso_ip_tcp_init_state(struct gso_ip_tcp_state *state, struct ifnet *ifp, struct mbuf *m, int mac_hlen, int ip_hlen, boolean_t isipv6)
8551 {
8552 #pragma unused(ifp)
8553
8554 if (isipv6) {
8555 state->hdr.ip6 = (struct ip6_hdr *)(mtod(m, uint8_t *) + mac_hlen);
8556 if (state->hdr.ip6->ip6_nxt != IPPROTO_TCP) {
8557 printf("%s: Non-TCP (%d) IPv6 frame", __func__, state->hdr.ip6->ip6_nxt);
8558 return FALSE;
8559 }
8560 state->tcp = (struct tcphdr *)(void *)((caddr_t)(state->hdr.ip6) + ip_hlen);
8561 state->update = gso_ipv6_tcp_update;
8562 state->internal = gso_ipv6_tcp_internal;
8563 state->sw_csum = CSUM_DELAY_IPV6_DATA;
8564 } else {
8565 state->hdr.ip = (struct ip *)(void *)(mtod(m, uint8_t *) + mac_hlen);
8566 if (state->hdr.ip->ip_p != IPPROTO_TCP) {
8567 printf("%s: Non-TCP (%d) IPv4 frame", __func__, state->hdr.ip->ip_p);
8568 return FALSE;
8569 }
8570 state->ip_id = ntohs(state->hdr.ip->ip_id);
8571 state->tcp = (struct tcphdr *)(void *)((caddr_t)(state->hdr.ip) + ip_hlen);
8572 state->update = gso_ipv4_tcp_update;
8573 state->internal = gso_ipv4_tcp_internal;
8574 state->sw_csum = CSUM_DELAY_DATA | CSUM_IP;
8575 }
8576 state->mac_hlen = mac_hlen;
8577 state->ip_hlen = ip_hlen;
8578 state->tcp_hlen = state->tcp->th_off << 2;
8579 state->hlen = mac_hlen + ip_hlen + state->tcp_hlen;
8580 state->tcp_seq = ntohl(state->tcp->th_seq);
8581 //state->sw_csum = m->m_pkthdr.csum_flags & ~ifp->if_hwassist;
8582 return TRUE;
8583 }
8584
8585 /*
8586 * GSO on TCP/IP (v4 or v6)
8587 *
8588 * If is_tx is TRUE, segmented packets are transmitted after they are
8589 * segmented.
8590 *
8591 * If is_tx is FALSE, the segmented packets are returned as a chain in *mp.
8592 */
8593 static int
8594 gso_ip_tcp(struct ifnet *ifp, struct mbuf **mp, struct gso_ip_tcp_state *state,
8595 boolean_t is_tx)
8596 {
8597 struct mbuf *m, *m_tx;
8598 int error = 0;
8599 int mss = 0;
8600 int nsegs = 0;
8601 struct mbuf *m0 = *mp;
8602 #ifdef GSO_STATS
8603 int total_len = m0->m_pkthdr.len;
8604 #endif /* GSO_STATS */
8605
8606 #if 1
8607 mss = ifp->if_mtu - state->ip_hlen - state->tcp_hlen;
8608 #else
8609 if (m0->m_pkthdr.csum_flags & ifp->if_hwassist & CSUM_TSO) {/* TSO with GSO */
8610 mss = ifp->if_hw_tsomax - state->ip_hlen - state->tcp_hlen;
8611 } else {
8612 mss = m0->m_pkthdr.tso_segsz;
8613 }
8614 #endif
8615
8616 *mp = m0 = m_seg(m0, state->hlen, mss, &nsegs, 0, 0);
8617 if (m0 == NULL) {
8618 return ENOBUFS; /* XXX ok? */
8619 }
8620 #if BRIDGE_DEBUG
8621 if (IF_BRIDGE_DEBUG(BR_DBGF_SEGMENTATION)) {
8622 printf("%s: %s %s mss %d nsegs %d\n", __func__,
8623 ifp->if_xname,
8624 is_tx ? "TX" : "RX",
8625 mss, nsegs);
8626 }
8627 #endif /* BRIDGE_DEBUG */
8628
8629
8630 /*
8631 * XXX-ste: can this happen?
8632 */
8633 if (m0->m_nextpkt == NULL) {
8634 #ifdef GSO_DEBUG
8635 D("only 1 segment");
8636 #endif
8637 if (is_tx) {
8638 error = bridge_transmit(ifp, m0);
8639 }
8640 return error;
8641 }
8642 #ifdef GSO_STATS
8643 GSOSTAT_SET_MAX(tcp.gsos_max_mss, mss);
8644 GSOSTAT_SET_MIN(tcp.gsos_min_mss, mss);
8645 GSOSTAT_ADD(tcp.gsos_osegments, nsegs);
8646 #endif /* GSO_STATS */
8647
8648 /* first pkt */
8649 m = m0;
8650
8651 state->update(state, m);
8652
8653 do {
8654 state->tcp->th_flags &= ~(TH_FIN | TH_PUSH);
8655
8656 state->internal(state, m);
8657 m_tx = m;
8658 m = m->m_nextpkt;
8659 if (is_tx) {
8660 m_tx->m_nextpkt = NULL;
8661 if ((error = bridge_transmit(ifp, m_tx)) != 0) {
8662 /*
8663 * XXX: If a segment can not be sent, discard the following
8664 * segments and propagate the error to the upper levels.
8665 * In this way the TCP retransmits all the initial packet.
8666 */
8667 #ifdef GSO_DEBUG
8668 D("if_transmit error\n");
8669 #endif
8670 goto err;
8671 }
8672 }
8673 state->update(state, m);
8674
8675 state->tcp->th_flags &= ~TH_CWR;
8676 state->tcp->th_seq = htonl(state->tcp_seq);
8677 } while (m->m_nextpkt);
8678
8679 /* last pkt */
8680 state->internal(state, m);
8681
8682 if (is_tx) {
8683 error = bridge_transmit(ifp, m);
8684 #ifdef GSO_DEBUG
8685 if (error) {
8686 D("last if_transmit error\n");
8687 D("error - type = %d \n", error);
8688 }
8689 #endif
8690 }
8691 #ifdef GSO_STATS
8692 if (!error) {
8693 GSOSTAT_INC(tcp.gsos_segmented);
8694 GSOSTAT_SET_MAX(tcp.gsos_maxsegmented, total_len);
8695 GSOSTAT_SET_MIN(tcp.gsos_minsegmented, total_len);
8696 GSOSTAT_ADD(tcp.gsos_totalbyteseg, total_len);
8697 }
8698 #endif /* GSO_STATS */
8699 return error;
8700
8701 err:
8702 #ifdef GSO_DEBUG
8703 D("error - type = %d \n", error);
8704 #endif
8705 while (m != NULL) {
8706 m_tx = m->m_nextpkt;
8707 m->m_nextpkt = NULL;
8708 m_freem(m);
8709 m = m_tx;
8710 }
8711 return error;
8712 }
8713
8714 /*
8715 * GSO on TCP/IPv4
8716 */
8717 static int
8718 gso_ipv4_tcp(struct ifnet *ifp, struct mbuf **mp, u_int mac_hlen,
8719 boolean_t is_tx)
8720 {
8721 struct ip *ip;
8722 struct gso_ip_tcp_state state;
8723 int hlen;
8724 int ip_hlen;
8725 struct mbuf *m0 = *mp;
8726
8727 if (!is_tx && ipforwarding == 0) {
8728 /* no need to segment if the packet will not be forwarded */
8729 return 0;
8730 }
8731 hlen = mac_hlen + sizeof(struct ip);
8732 if (m0->m_len < hlen) {
8733 #ifdef GSO_DEBUG
8734 D("m_len < hlen - m_len: %d hlen: %d", m0->m_len, hlen);
8735 #endif
8736 *mp = m0 = m_pullup(m0, hlen);
8737 if (m0 == NULL) {
8738 return ENOBUFS;
8739 }
8740 }
8741 ip = (struct ip *)(void *)(mtod(m0, uint8_t *) + mac_hlen);
8742 ip_hlen = IP_VHL_HL(ip->ip_vhl) << 2;
8743 hlen = mac_hlen + ip_hlen + sizeof(struct tcphdr);
8744 if (m0->m_len < hlen) {
8745 #ifdef GSO_DEBUG
8746 D("m_len < hlen - m_len: %d hlen: %d", m0->m_len, hlen);
8747 #endif
8748 *mp = m0 = m_pullup(m0, hlen);
8749 if (m0 == NULL) {
8750 return ENOBUFS;
8751 }
8752 }
8753 if (!is_tx) {
8754 /* if the destination is a local IP address, don't segment */
8755 struct in_addr dst_ip;
8756
8757 bcopy(&ip->ip_dst, &dst_ip, sizeof(dst_ip));
8758 if (in_addr_is_ours(dst_ip)) {
8759 return 0;
8760 }
8761 }
8762
8763 m0->m_pkthdr.csum_data = offsetof(struct tcphdr, th_sum);
8764 m0->m_pkthdr.csum_flags = CSUM_DELAY_DATA;
8765
8766 if (!gso_ip_tcp_init_state(&state, ifp, m0, mac_hlen, ip_hlen, FALSE)) {
8767 m_freem(m0);
8768 *mp = NULL;
8769 return EINVAL;
8770 }
8771
8772 return gso_ip_tcp(ifp, mp, &state, is_tx);
8773 }
8774
8775 /*
8776 * GSO on TCP/IPv6
8777 */
8778 static int
8779 gso_ipv6_tcp(struct ifnet *ifp, struct mbuf **mp, u_int mac_hlen,
8780 boolean_t is_tx)
8781 {
8782 struct ip6_hdr *ip6;
8783 struct gso_ip_tcp_state state;
8784 int hlen;
8785 int ip_hlen;
8786 struct mbuf *m0 = *mp;
8787
8788 if (!is_tx && ip6_forwarding == 0) {
8789 /* no need to segment if the packet will not be forwarded */
8790 return 0;
8791 }
8792
8793 hlen = mac_hlen + sizeof(struct ip6_hdr);
8794 if (m0->m_len < hlen) {
8795 #ifdef GSO_DEBUG
8796 D("m_len < hlen - m_len: %d hlen: %d", m0->m_len, hlen);
8797 #endif
8798 *mp = m0 = m_pullup(m0, hlen);
8799 if (m0 == NULL) {
8800 return ENOBUFS;
8801 }
8802 }
8803 ip6 = (struct ip6_hdr *)(mtod(m0, uint8_t *) + mac_hlen);
8804 ip_hlen = ip6_lasthdr(m0, mac_hlen, IPPROTO_IPV6, NULL) - mac_hlen;
8805 hlen = mac_hlen + ip_hlen + sizeof(struct tcphdr);
8806 if (m0->m_len < hlen) {
8807 #ifdef GSO_DEBUG
8808 D("m_len < hlen - m_len: %d hlen: %d", m0->m_len, hlen);
8809 #endif
8810 *mp = m0 = m_pullup(m0, hlen);
8811 if (m0 == NULL) {
8812 return ENOBUFS;
8813 }
8814 }
8815 if (!is_tx) {
8816 struct in6_addr dst_ip6;
8817
8818 bcopy(&ip6->ip6_dst, &dst_ip6, sizeof(dst_ip6));
8819 if (IN6_IS_ADDR_LINKLOCAL(&dst_ip6)) {
8820 dst_ip6.s6_addr16[1] = htons(ifp->if_index);
8821 }
8822 if (in6_addr_is_ours(&dst_ip6)) {
8823 /* local IP address, no need to segment */
8824 return 0;
8825 }
8826 }
8827 m0->m_pkthdr.csum_data = offsetof(struct tcphdr, th_sum);
8828 m0->m_pkthdr.csum_flags = CSUM_DELAY_IPV6_DATA;
8829
8830 if (!gso_ip_tcp_init_state(&state, ifp, m0, mac_hlen, ip_hlen, TRUE)) {
8831 m_freem(m0);
8832 *mp = NULL;
8833 return EINVAL;
8834 }
8835
8836 return gso_ip_tcp(ifp, mp, &state, is_tx);
8837 }
mirror of XNU