1 /* 2 * Copyright (c) 1982, 1989, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 3. All advertising materials mentioning features or use of this software 14 * must display the following acknowledgement: 15 * This product includes software developed by the University of 16 * California, Berkeley and its contributors. 17 * 4. Neither the name of the University nor the names of its contributors 18 * may be used to endorse or promote products derived from this software 19 * without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 * 33 * @(#)if_ethersubr.c 8.1 (Berkeley) 6/10/93 34 * $FreeBSD: src/sys/net/if_ethersubr.c,v 1.70.2.33 2003/04/28 15:45:53 archie Exp $ 35 * $DragonFly: src/sys/net/if_ethersubr.c,v 1.58 2008/05/02 07:40:32 sephe Exp $ 36 */ 37 38 #include "opt_atalk.h" 39 #include "opt_inet.h" 40 #include "opt_inet6.h" 41 #include "opt_ipx.h" 42 #include "opt_netgraph.h" 43 #include "opt_carp.h" 44 #include "opt_ethernet.h" 45 46 #include <sys/param.h> 47 #include <sys/systm.h> 48 #include <sys/globaldata.h> 49 #include <sys/kernel.h> 50 #include <sys/malloc.h> 51 #include <sys/mbuf.h> 52 #include <sys/msgport.h> 53 #include <sys/socket.h> 54 #include <sys/sockio.h> 55 #include <sys/sysctl.h> 56 #include <sys/thread.h> 57 #include <sys/thread2.h> 58 59 #include <net/if.h> 60 #include <net/netisr.h> 61 #include <net/route.h> 62 #include <net/if_llc.h> 63 #include <net/if_dl.h> 64 #include <net/if_types.h> 65 #include <net/ifq_var.h> 66 #include <net/bpf.h> 67 #include <net/ethernet.h> 68 69 #if defined(INET) || defined(INET6) 70 #include <netinet/in.h> 71 #include <netinet/in_var.h> 72 #include <netinet/if_ether.h> 73 #include <net/ipfw/ip_fw.h> 74 #include <net/dummynet/ip_dummynet.h> 75 #endif 76 #ifdef INET6 77 #include <netinet6/nd6.h> 78 #endif 79 80 #ifdef CARP 81 #include <netinet/ip_carp.h> 82 #endif 83 84 #ifdef IPX 85 #include <netproto/ipx/ipx.h> 86 #include <netproto/ipx/ipx_if.h> 87 int (*ef_inputp)(struct ifnet*, const struct ether_header *eh, struct mbuf *m); 88 int (*ef_outputp)(struct ifnet *ifp, struct mbuf **mp, struct sockaddr *dst, 89 short *tp, int *hlen); 90 #endif 91 92 #ifdef NS 93 #include <netns/ns.h> 94 #include <netns/ns_if.h> 95 ushort ns_nettype; 96 int ether_outputdebug = 0; 97 int ether_inputdebug = 0; 98 #endif 99 100 #ifdef NETATALK 101 #include <netproto/atalk/at.h> 102 #include <netproto/atalk/at_var.h> 103 #include <netproto/atalk/at_extern.h> 104 105 #define llc_snap_org_code llc_un.type_snap.org_code 106 #define llc_snap_ether_type llc_un.type_snap.ether_type 107 108 extern u_char at_org_code[3]; 109 extern u_char aarp_org_code[3]; 110 #endif /* NETATALK */ 111 112 /* netgraph node hooks for ng_ether(4) */ 113 void (*ng_ether_input_p)(struct ifnet *ifp, struct mbuf **mp); 114 void (*ng_ether_input_orphan_p)(struct ifnet *ifp, 115 struct mbuf *m, const struct ether_header *eh); 116 int (*ng_ether_output_p)(struct ifnet *ifp, struct mbuf **mp); 117 void (*ng_ether_attach_p)(struct ifnet *ifp); 118 void (*ng_ether_detach_p)(struct ifnet *ifp); 119 120 int (*vlan_input_p)(const struct ether_header *eh, struct mbuf *m); 121 int (*vlan_input_tag_p)(struct mbuf *m, uint16_t t); 122 123 static int ether_output(struct ifnet *, struct mbuf *, struct sockaddr *, 124 struct rtentry *); 125 static void ether_restore_header(struct mbuf **, const struct ether_header *, 126 const struct ether_header *); 127 static void ether_demux_chain(struct ifnet *, struct mbuf *, 128 struct mbuf_chain *); 129 130 /* 131 * if_bridge support 132 */ 133 struct mbuf *(*bridge_input_p)(struct ifnet *, struct mbuf *); 134 int (*bridge_output_p)(struct ifnet *, struct mbuf *, 135 struct sockaddr *, struct rtentry *); 136 void (*bridge_dn_p)(struct mbuf *, struct ifnet *); 137 138 static int ether_resolvemulti(struct ifnet *, struct sockaddr **, 139 struct sockaddr *); 140 141 const uint8_t etherbroadcastaddr[ETHER_ADDR_LEN] = { 142 0xff, 0xff, 0xff, 0xff, 0xff, 0xff 143 }; 144 145 #define gotoerr(e) do { error = (e); goto bad; } while (0) 146 #define IFP2AC(ifp) ((struct arpcom *)(ifp)) 147 148 static boolean_t ether_ipfw_chk(struct mbuf **m0, struct ifnet *dst, 149 struct ip_fw **rule, 150 const struct ether_header *eh); 151 152 static int ether_ipfw; 153 static u_int ether_restore_hdr; 154 static u_int ether_prepend_hdr; 155 156 SYSCTL_DECL(_net_link); 157 SYSCTL_NODE(_net_link, IFT_ETHER, ether, CTLFLAG_RW, 0, "Ethernet"); 158 SYSCTL_INT(_net_link_ether, OID_AUTO, ipfw, CTLFLAG_RW, 159 ðer_ipfw, 0, "Pass ether pkts through firewall"); 160 SYSCTL_UINT(_net_link_ether, OID_AUTO, restore_hdr, CTLFLAG_RW, 161 ðer_restore_hdr, 0, "# of ether header restoration"); 162 SYSCTL_UINT(_net_link_ether, OID_AUTO, prepend_hdr, CTLFLAG_RW, 163 ðer_prepend_hdr, 0, 164 "# of ether header restoration which prepends mbuf"); 165 166 /* 167 * Ethernet output routine. 168 * Encapsulate a packet of type family for the local net. 169 * Use trailer local net encapsulation if enough data in first 170 * packet leaves a multiple of 512 bytes of data in remainder. 171 * Assumes that ifp is actually pointer to arpcom structure. 172 */ 173 static int 174 ether_output(struct ifnet *ifp, struct mbuf *m, struct sockaddr *dst, 175 struct rtentry *rt) 176 { 177 struct ether_header *eh, *deh; 178 u_char *edst; 179 int loop_copy = 0; 180 int hlen = ETHER_HDR_LEN; /* link layer header length */ 181 struct arpcom *ac = IFP2AC(ifp); 182 int error; 183 184 ASSERT_SERIALIZED(ifp->if_serializer); 185 186 if (ifp->if_flags & IFF_MONITOR) 187 gotoerr(ENETDOWN); 188 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) != (IFF_UP | IFF_RUNNING)) 189 gotoerr(ENETDOWN); 190 191 M_PREPEND(m, sizeof(struct ether_header), MB_DONTWAIT); 192 if (m == NULL) 193 return (ENOBUFS); 194 eh = mtod(m, struct ether_header *); 195 edst = eh->ether_dhost; 196 197 /* 198 * Fill in the destination ethernet address and frame type. 199 */ 200 switch (dst->sa_family) { 201 #ifdef INET 202 case AF_INET: 203 if (!arpresolve(ifp, rt, m, dst, edst)) 204 return (0); /* if not yet resolved */ 205 eh->ether_type = htons(ETHERTYPE_IP); 206 break; 207 #endif 208 #ifdef INET6 209 case AF_INET6: 210 if (!nd6_storelladdr(&ac->ac_if, rt, m, dst, edst)) 211 return (0); /* Something bad happenned. */ 212 eh->ether_type = htons(ETHERTYPE_IPV6); 213 break; 214 #endif 215 #ifdef IPX 216 case AF_IPX: 217 if (ef_outputp != NULL) { 218 error = ef_outputp(ifp, &m, dst, &eh->ether_type, 219 &hlen); 220 if (error) 221 goto bad; 222 } else { 223 eh->ether_type = htons(ETHERTYPE_IPX); 224 bcopy(&(((struct sockaddr_ipx *)dst)->sipx_addr.x_host), 225 edst, ETHER_ADDR_LEN); 226 } 227 break; 228 #endif 229 #ifdef NETATALK 230 case AF_APPLETALK: { 231 struct at_ifaddr *aa; 232 233 if ((aa = at_ifawithnet((struct sockaddr_at *)dst)) == NULL) { 234 error = 0; /* XXX */ 235 goto bad; 236 } 237 /* 238 * In the phase 2 case, need to prepend an mbuf for 239 * the llc header. Since we must preserve the value 240 * of m, which is passed to us by value, we m_copy() 241 * the first mbuf, and use it for our llc header. 242 */ 243 if (aa->aa_flags & AFA_PHASE2) { 244 struct llc llc; 245 246 M_PREPEND(m, sizeof(struct llc), MB_DONTWAIT); 247 eh = mtod(m, struct ether_header *); 248 edst = eh->ether_dhost; 249 llc.llc_dsap = llc.llc_ssap = LLC_SNAP_LSAP; 250 llc.llc_control = LLC_UI; 251 bcopy(at_org_code, llc.llc_snap_org_code, 252 sizeof at_org_code); 253 llc.llc_snap_ether_type = htons(ETHERTYPE_AT); 254 bcopy(&llc, 255 mtod(m, caddr_t) + sizeof(struct ether_header), 256 sizeof(struct llc)); 257 eh->ether_type = htons(m->m_pkthdr.len); 258 hlen = sizeof(struct llc) + ETHER_HDR_LEN; 259 } else { 260 eh->ether_type = htons(ETHERTYPE_AT); 261 } 262 if (!aarpresolve(ac, m, (struct sockaddr_at *)dst, edst)) 263 return (0); 264 break; 265 } 266 #endif 267 #ifdef NS 268 case AF_NS: 269 switch(ns_nettype) { 270 default: 271 case 0x8137: /* Novell Ethernet_II Ethernet TYPE II */ 272 eh->ether_type = 0x8137; 273 break; 274 case 0x0: /* Novell 802.3 */ 275 eh->ether_type = htons(m->m_pkthdr.len); 276 break; 277 case 0xe0e0: /* Novell 802.2 and Token-Ring */ 278 M_PREPEND(m, 3, MB_DONTWAIT); 279 eh = mtod(m, struct ether_header *); 280 edst = eh->ether_dhost; 281 eh->ether_type = htons(m->m_pkthdr.len); 282 cp = mtod(m, u_char *) + sizeof(struct ether_header); 283 *cp++ = 0xE0; 284 *cp++ = 0xE0; 285 *cp++ = 0x03; 286 break; 287 } 288 bcopy(&(((struct sockaddr_ns *)dst)->sns_addr.x_host), edst, 289 ETHER_ADDR_LEN); 290 /* 291 * XXX if ns_thishost is the same as the node's ethernet 292 * address then just the default code will catch this anyhow. 293 * So I'm not sure if this next clause should be here at all? 294 * [JRE] 295 */ 296 if (bcmp(edst, &ns_thishost, ETHER_ADDR_LEN) == 0) { 297 m->m_pkthdr.rcvif = ifp; 298 netisr_dispatch(NETISR_NS, m); 299 return (error); 300 } 301 if (bcmp(edst, &ns_broadhost, ETHER_ADDR_LEN) == 0) 302 m->m_flags |= M_BCAST; 303 break; 304 #endif 305 case pseudo_AF_HDRCMPLT: 306 case AF_UNSPEC: 307 loop_copy = -1; /* if this is for us, don't do it */ 308 deh = (struct ether_header *)dst->sa_data; 309 memcpy(edst, deh->ether_dhost, ETHER_ADDR_LEN); 310 eh->ether_type = deh->ether_type; 311 break; 312 313 default: 314 if_printf(ifp, "can't handle af%d\n", dst->sa_family); 315 gotoerr(EAFNOSUPPORT); 316 } 317 318 if (dst->sa_family == pseudo_AF_HDRCMPLT) /* unlikely */ 319 memcpy(eh->ether_shost, 320 ((struct ether_header *)dst->sa_data)->ether_shost, 321 ETHER_ADDR_LEN); 322 else 323 memcpy(eh->ether_shost, ac->ac_enaddr, ETHER_ADDR_LEN); 324 325 /* 326 * Bridges require special output handling. 327 */ 328 if (ifp->if_bridge) { 329 KASSERT(bridge_output_p != NULL, 330 ("%s: if_bridge not loaded!", __func__)); 331 return ((*bridge_output_p)(ifp, m, NULL, NULL)); 332 } 333 334 /* 335 * If a simplex interface, and the packet is being sent to our 336 * Ethernet address or a broadcast address, loopback a copy. 337 * XXX To make a simplex device behave exactly like a duplex 338 * device, we should copy in the case of sending to our own 339 * ethernet address (thus letting the original actually appear 340 * on the wire). However, we don't do that here for security 341 * reasons and compatibility with the original behavior. 342 */ 343 if ((ifp->if_flags & IFF_SIMPLEX) && (loop_copy != -1)) { 344 int csum_flags = 0; 345 346 if (m->m_pkthdr.csum_flags & CSUM_IP) 347 csum_flags |= (CSUM_IP_CHECKED | CSUM_IP_VALID); 348 if (m->m_pkthdr.csum_flags & CSUM_DELAY_DATA) 349 csum_flags |= (CSUM_DATA_VALID | CSUM_PSEUDO_HDR); 350 if ((m->m_flags & M_BCAST) || (loop_copy > 0)) { 351 struct mbuf *n; 352 353 if ((n = m_copypacket(m, MB_DONTWAIT)) != NULL) { 354 n->m_pkthdr.csum_flags |= csum_flags; 355 if (csum_flags & CSUM_DATA_VALID) 356 n->m_pkthdr.csum_data = 0xffff; 357 if_simloop(ifp, n, dst->sa_family, hlen); 358 } else 359 ifp->if_iqdrops++; 360 } else if (bcmp(eh->ether_dhost, eh->ether_shost, 361 ETHER_ADDR_LEN) == 0) { 362 m->m_pkthdr.csum_flags |= csum_flags; 363 if (csum_flags & CSUM_DATA_VALID) 364 m->m_pkthdr.csum_data = 0xffff; 365 if_simloop(ifp, m, dst->sa_family, hlen); 366 return (0); /* XXX */ 367 } 368 } 369 370 #ifdef CARP 371 if (ifp->if_carp && (error = carp_output(ifp, m, dst, NULL))) 372 goto bad; 373 #endif 374 375 376 /* Handle ng_ether(4) processing, if any */ 377 if (ng_ether_output_p != NULL) { 378 if ((error = (*ng_ether_output_p)(ifp, &m)) != 0) 379 goto bad; 380 if (m == NULL) 381 return (0); 382 } 383 384 /* Continue with link-layer output */ 385 return ether_output_frame(ifp, m); 386 387 bad: 388 m_freem(m); 389 return (error); 390 } 391 392 /* 393 * Ethernet link layer output routine to send a raw frame to the device. 394 * 395 * This assumes that the 14 byte Ethernet header is present and contiguous 396 * in the first mbuf. 397 */ 398 int 399 ether_output_frame(struct ifnet *ifp, struct mbuf *m) 400 { 401 struct ip_fw *rule = NULL; 402 int error = 0; 403 struct altq_pktattr pktattr; 404 struct m_tag *mtag; 405 406 ASSERT_SERIALIZED(ifp->if_serializer); 407 408 /* Extract info from dummynet tag */ 409 mtag = m_tag_find(m, PACKET_TAG_DUMMYNET, NULL); 410 if (mtag != NULL) { 411 rule = ((struct dn_pkt *)m_tag_data(mtag))->dn_priv; 412 413 m_tag_delete(m, mtag); 414 mtag = NULL; 415 } 416 417 if (ifq_is_enabled(&ifp->if_snd)) 418 altq_etherclassify(&ifp->if_snd, m, &pktattr); 419 crit_enter(); 420 if (IPFW_LOADED && ether_ipfw != 0) { 421 struct ether_header save_eh, *eh; 422 423 eh = mtod(m, struct ether_header *); 424 save_eh = *eh; 425 m_adj(m, ETHER_HDR_LEN); 426 if (!ether_ipfw_chk(&m, ifp, &rule, eh)) { 427 crit_exit(); 428 if (m != NULL) { 429 m_freem(m); 430 return ENOBUFS; /* pkt dropped */ 431 } else 432 return 0; /* consumed e.g. in a pipe */ 433 } 434 435 /* packet was ok, restore the ethernet header */ 436 ether_restore_header(&m, eh, &save_eh); 437 if (m == NULL) { 438 crit_exit(); 439 return ENOBUFS; 440 } 441 } 442 crit_exit(); 443 444 /* 445 * Queue message on interface, update output statistics if 446 * successful, and start output if interface not yet active. 447 */ 448 error = ifq_handoff(ifp, m, &pktattr); 449 return (error); 450 } 451 452 /* 453 * ipfw processing for ethernet packets (in and out). 454 * The second parameter is NULL from ether_demux(), and ifp from 455 * ether_output_frame(). 456 */ 457 static boolean_t 458 ether_ipfw_chk(struct mbuf **m0, struct ifnet *dst, struct ip_fw **rule, 459 const struct ether_header *eh) 460 { 461 struct ether_header save_eh = *eh; /* might be a ptr in m */ 462 struct ip_fw_args args; 463 struct m_tag *mtag; 464 int i; 465 466 if (*rule != NULL && fw_one_pass) 467 return TRUE; /* dummynet packet, already partially processed */ 468 469 /* 470 * I need some amount of data to be contiguous. 471 */ 472 i = min((*m0)->m_pkthdr.len, max_protohdr); 473 if ((*m0)->m_len < i) { 474 *m0 = m_pullup(*m0, i); 475 if (*m0 == NULL) 476 return FALSE; 477 } 478 479 args.m = *m0; /* the packet we are looking at */ 480 args.oif = dst; /* destination, if any */ 481 if ((mtag = m_tag_find(*m0, PACKET_TAG_IPFW_DIVERT, NULL)) != NULL) 482 m_tag_delete(*m0, mtag); 483 args.rule = *rule; /* matching rule to restart */ 484 args.next_hop = NULL; /* we do not support forward yet */ 485 args.eh = &save_eh; /* MAC header for bridged/MAC packets */ 486 i = ip_fw_chk_ptr(&args); 487 *m0 = args.m; 488 *rule = args.rule; 489 490 if ((i & IP_FW_PORT_DENY_FLAG) || *m0 == NULL) /* drop */ 491 return FALSE; 492 493 if (i == 0) /* a PASS rule. */ 494 return TRUE; 495 496 if (i & IP_FW_PORT_DYNT_FLAG) { 497 /* 498 * Pass the pkt to dummynet, which consumes it. 499 */ 500 struct mbuf *m; 501 502 m = *m0; /* pass the original to dummynet */ 503 *m0 = NULL; /* and nothing back to the caller */ 504 505 ether_restore_header(&m, eh, &save_eh); 506 if (m == NULL) 507 return FALSE; 508 509 ip_fw_dn_io_ptr(m, (i & 0xffff), 510 dst ? DN_TO_ETH_OUT: DN_TO_ETH_DEMUX, &args); 511 return FALSE; 512 } 513 /* 514 * XXX at some point add support for divert/forward actions. 515 * If none of the above matches, we have to drop the pkt. 516 */ 517 return FALSE; 518 } 519 520 /* 521 * Process a received Ethernet packet. 522 * 523 * The ethernet header is assumed to be in the mbuf so the caller 524 * MUST MAKE SURE that there are at least sizeof(struct ether_header) 525 * bytes in the first mbuf. 526 * 527 * This allows us to concentrate in one place a bunch of code which 528 * is replicated in all device drivers. Also, many functions called 529 * from ether_input() try to put the eh back into the mbuf, so we 530 * can later propagate the 'contiguous packet' interface to them. 531 * 532 * NOTA BENE: for all drivers "eh" is a pointer into the first mbuf or 533 * cluster, right before m_data. So be very careful when working on m, 534 * as you could destroy *eh !! 535 * 536 * First we perform any link layer operations, then continue to the 537 * upper layers with ether_demux(). 538 */ 539 void 540 ether_input_chain(struct ifnet *ifp, struct mbuf *m, struct mbuf_chain *chain) 541 { 542 struct ether_header *eh; 543 544 ASSERT_SERIALIZED(ifp->if_serializer); 545 M_ASSERTPKTHDR(m); 546 547 /* Discard packet if interface is not up */ 548 if (!(ifp->if_flags & IFF_UP)) { 549 m_freem(m); 550 return; 551 } 552 553 if (m->m_len < sizeof(struct ether_header)) { 554 /* XXX error in the caller. */ 555 m_freem(m); 556 return; 557 } 558 eh = mtod(m, struct ether_header *); 559 560 m->m_pkthdr.rcvif = ifp; 561 562 if (ETHER_IS_MULTICAST(eh->ether_dhost)) { 563 if (bcmp(ifp->if_broadcastaddr, eh->ether_dhost, 564 ifp->if_addrlen) == 0) 565 m->m_flags |= M_BCAST; 566 else 567 m->m_flags |= M_MCAST; 568 ifp->if_imcasts++; 569 } 570 571 BPF_MTAP(ifp, m); 572 573 ifp->if_ibytes += m->m_pkthdr.len; 574 575 if (ifp->if_flags & IFF_MONITOR) { 576 /* 577 * Interface marked for monitoring; discard packet. 578 */ 579 m_freem(m); 580 return; 581 } 582 583 /* 584 * Tap the packet off here for a bridge. bridge_input() 585 * will return NULL if it has consumed the packet, otherwise 586 * it gets processed as normal. Note that bridge_input() 587 * will always return the original packet if we need to 588 * process it locally. 589 */ 590 if (ifp->if_bridge) { 591 KASSERT(bridge_input_p != NULL, 592 ("%s: if_bridge not loaded!", __func__)); 593 594 if(m->m_flags & M_PROTO1) { 595 m->m_flags &= ~M_PROTO1; 596 } else { 597 /* clear M_PROMISC, in case the packets comes from a vlan */ 598 /* m->m_flags &= ~M_PROMISC; */ 599 lwkt_serialize_exit(ifp->if_serializer); 600 m = (*bridge_input_p)(ifp, m); 601 lwkt_serialize_enter(ifp->if_serializer); 602 if (m == NULL) 603 return; 604 605 KASSERT(ifp == m->m_pkthdr.rcvif, 606 ("bridge_input_p changed rcvif\n")); 607 608 /* 'm' may be changed by bridge_input_p() */ 609 eh = mtod(m, struct ether_header *); 610 } 611 } 612 613 /* Handle ng_ether(4) processing, if any */ 614 if (ng_ether_input_p != NULL) { 615 ng_ether_input_p(ifp, &m); 616 if (m == NULL) 617 return; 618 619 /* 'm' may be changed by ng_ether_input_p() */ 620 eh = mtod(m, struct ether_header *); 621 } 622 623 /* Continue with upper layer processing */ 624 ether_demux_chain(ifp, m, chain); 625 } 626 627 void 628 ether_input(struct ifnet *ifp, struct mbuf *m) 629 { 630 ether_input_chain(ifp, m, NULL); 631 } 632 633 /* 634 * Upper layer processing for a received Ethernet packet. 635 */ 636 static void 637 ether_demux_chain(struct ifnet *ifp, struct mbuf *m, struct mbuf_chain *chain) 638 { 639 struct ether_header save_eh, *eh; 640 int isr; 641 u_short ether_type; 642 struct ip_fw *rule = NULL; 643 struct m_tag *mtag; 644 #ifdef NETATALK 645 struct llc *l; 646 #endif 647 648 M_ASSERTPKTHDR(m); 649 KASSERT(m->m_len >= ETHER_HDR_LEN, 650 ("ether header is no contiguous!\n")); 651 652 eh = mtod(m, struct ether_header *); 653 save_eh = *eh; 654 655 /* XXX old crufty stuff, needs to be removed */ 656 m_adj(m, sizeof(struct ether_header)); 657 658 /* Extract info from dummynet tag */ 659 mtag = m_tag_find(m, PACKET_TAG_DUMMYNET, NULL); 660 if (mtag != NULL) { 661 rule = ((struct dn_pkt *)m_tag_data(mtag))->dn_priv; 662 KKASSERT(ifp == NULL); 663 ifp = m->m_pkthdr.rcvif; 664 665 m_tag_delete(m, mtag); 666 mtag = NULL; 667 } 668 if (rule) /* packet is passing the second time */ 669 goto post_stats; 670 671 #ifdef CARP 672 /* 673 * XXX: Okay, we need to call carp_forus() and - if it is for 674 * us jump over code that does the normal check 675 * "ac_enaddr == ether_dhost". The check sequence is a bit 676 * different from OpenBSD, so we jump over as few code as 677 * possible, to catch _all_ sanity checks. This needs 678 * evaluation, to see if the carp ether_dhost values break any 679 * of these checks! 680 */ 681 if (ifp->if_carp && carp_forus(ifp->if_carp, eh->ether_dhost)) 682 goto post_stats; 683 #endif 684 685 /* 686 * Discard packet if upper layers shouldn't see it because 687 * it was unicast to a different Ethernet address. If the 688 * driver is working properly, then this situation can only 689 * happen when the interface is in promiscuous mode. 690 */ 691 if (((ifp->if_flags & (IFF_PROMISC | IFF_PPROMISC)) == IFF_PROMISC) && 692 (eh->ether_dhost[0] & 1) == 0 && 693 bcmp(eh->ether_dhost, IFP2AC(ifp)->ac_enaddr, ETHER_ADDR_LEN)) { 694 m_freem(m); 695 return; 696 } 697 698 post_stats: 699 if (IPFW_LOADED && ether_ipfw != 0) { 700 if (!ether_ipfw_chk(&m, NULL, &rule, eh)) { 701 m_freem(m); 702 return; 703 } 704 } 705 eh = NULL; /* catch any further usage */ 706 707 ether_type = ntohs(save_eh.ether_type); 708 709 switch (ether_type) { 710 #ifdef INET 711 case ETHERTYPE_IP: 712 if (ipflow_fastforward(m, ifp->if_serializer)) 713 return; 714 isr = NETISR_IP; 715 break; 716 717 case ETHERTYPE_ARP: 718 if (ifp->if_flags & IFF_NOARP) { 719 /* Discard packet if ARP is disabled on interface */ 720 m_freem(m); 721 return; 722 } 723 isr = NETISR_ARP; 724 break; 725 #endif 726 727 #ifdef INET6 728 case ETHERTYPE_IPV6: 729 isr = NETISR_IPV6; 730 break; 731 #endif 732 733 #ifdef IPX 734 case ETHERTYPE_IPX: 735 if (ef_inputp && ef_inputp(ifp, &save_eh, m) == 0) 736 return; 737 isr = NETISR_IPX; 738 break; 739 #endif 740 741 #ifdef NS 742 case 0x8137: /* Novell Ethernet_II Ethernet TYPE II */ 743 isr = NETISR_NS; 744 break; 745 746 #endif 747 748 #ifdef NETATALK 749 case ETHERTYPE_AT: 750 isr = NETISR_ATALK1; 751 break; 752 case ETHERTYPE_AARP: 753 isr = NETISR_AARP; 754 break; 755 #endif 756 757 case ETHERTYPE_VLAN: 758 if (vlan_input_p != NULL) { 759 (*vlan_input_p)(&save_eh, m); 760 } else { 761 m->m_pkthdr.rcvif->if_noproto++; 762 m_freem(m); 763 } 764 return; 765 766 default: 767 #ifdef IPX 768 if (ef_inputp && ef_inputp(ifp, &save_eh, m) == 0) 769 return; 770 #endif 771 #ifdef NS 772 checksum = mtod(m, ushort *); 773 /* Novell 802.3 */ 774 if ((ether_type <= ETHERMTU) && 775 ((*checksum == 0xffff) || (*checksum == 0xE0E0))) { 776 if (*checksum == 0xE0E0) { 777 m->m_pkthdr.len -= 3; 778 m->m_len -= 3; 779 m->m_data += 3; 780 } 781 isr = NETISR_NS; 782 break; 783 } 784 #endif 785 #ifdef NETATALK 786 if (ether_type > ETHERMTU) 787 goto dropanyway; 788 l = mtod(m, struct llc *); 789 if (l->llc_dsap == LLC_SNAP_LSAP && 790 l->llc_ssap == LLC_SNAP_LSAP && 791 l->llc_control == LLC_UI) { 792 if (bcmp(&(l->llc_snap_org_code)[0], at_org_code, 793 sizeof at_org_code) == 0 && 794 ntohs(l->llc_snap_ether_type) == ETHERTYPE_AT) { 795 m_adj(m, sizeof(struct llc)); 796 isr = NETISR_ATALK2; 797 break; 798 } 799 if (bcmp(&(l->llc_snap_org_code)[0], aarp_org_code, 800 sizeof aarp_org_code) == 0 && 801 ntohs(l->llc_snap_ether_type) == ETHERTYPE_AARP) { 802 m_adj(m, sizeof(struct llc)); 803 isr = NETISR_AARP; 804 break; 805 } 806 } 807 dropanyway: 808 #endif 809 if (ng_ether_input_orphan_p != NULL) 810 (*ng_ether_input_orphan_p)(ifp, m, &save_eh); 811 else 812 m_freem(m); 813 return; 814 } 815 816 #ifdef ETHER_INPUT_CHAIN 817 if (chain != NULL) { 818 struct mbuf_chain *c; 819 lwkt_port_t port; 820 int cpuid; 821 822 port = netisr_mport(isr, &m); 823 if (port == NULL) 824 return; 825 826 m->m_pkthdr.header = port; /* XXX */ 827 cpuid = port->mpu_td->td_gd->gd_cpuid; 828 829 c = &chain[cpuid]; 830 if (c->mc_head == NULL) { 831 c->mc_head = c->mc_tail = m; 832 } else { 833 c->mc_tail->m_nextpkt = m; 834 c->mc_tail = m; 835 } 836 m->m_nextpkt = NULL; 837 } else 838 #endif /* ETHER_INPUT_CHAIN */ 839 netisr_dispatch(isr, m); 840 } 841 842 void 843 ether_demux(struct ifnet *ifp, struct mbuf *m) 844 { 845 ether_demux_chain(ifp, m, NULL); 846 } 847 848 /* 849 * Perform common duties while attaching to interface list 850 */ 851 852 void 853 ether_ifattach(struct ifnet *ifp, uint8_t *lla, lwkt_serialize_t serializer) 854 { 855 ether_ifattach_bpf(ifp, lla, DLT_EN10MB, sizeof(struct ether_header), 856 serializer); 857 } 858 859 void 860 ether_ifattach_bpf(struct ifnet *ifp, uint8_t *lla, u_int dlt, u_int hdrlen, 861 lwkt_serialize_t serializer) 862 { 863 struct sockaddr_dl *sdl; 864 865 ifp->if_type = IFT_ETHER; 866 ifp->if_addrlen = ETHER_ADDR_LEN; 867 ifp->if_hdrlen = ETHER_HDR_LEN; 868 if_attach(ifp, serializer); 869 ifp->if_mtu = ETHERMTU; 870 if (ifp->if_baudrate == 0) 871 ifp->if_baudrate = 10000000; 872 ifp->if_output = ether_output; 873 ifp->if_input = ether_input; 874 ifp->if_resolvemulti = ether_resolvemulti; 875 ifp->if_broadcastaddr = etherbroadcastaddr; 876 sdl = IF_LLSOCKADDR(ifp); 877 sdl->sdl_type = IFT_ETHER; 878 sdl->sdl_alen = ifp->if_addrlen; 879 bcopy(lla, LLADDR(sdl), ifp->if_addrlen); 880 /* 881 * XXX Keep the current drivers happy. 882 * XXX Remove once all drivers have been cleaned up 883 */ 884 if (lla != IFP2AC(ifp)->ac_enaddr) 885 bcopy(lla, IFP2AC(ifp)->ac_enaddr, ifp->if_addrlen); 886 bpfattach(ifp, dlt, hdrlen); 887 if (ng_ether_attach_p != NULL) 888 (*ng_ether_attach_p)(ifp); 889 890 if_printf(ifp, "MAC address: %6D\n", lla, ":"); 891 } 892 893 /* 894 * Perform common duties while detaching an Ethernet interface 895 */ 896 void 897 ether_ifdetach(struct ifnet *ifp) 898 { 899 if_down(ifp); 900 901 if (ng_ether_detach_p != NULL) 902 (*ng_ether_detach_p)(ifp); 903 bpfdetach(ifp); 904 if_detach(ifp); 905 } 906 907 int 908 ether_ioctl(struct ifnet *ifp, int command, caddr_t data) 909 { 910 struct ifaddr *ifa = (struct ifaddr *) data; 911 struct ifreq *ifr = (struct ifreq *) data; 912 int error = 0; 913 914 #define IF_INIT(ifp) \ 915 do { \ 916 if (((ifp)->if_flags & IFF_UP) == 0) { \ 917 (ifp)->if_flags |= IFF_UP; \ 918 (ifp)->if_init((ifp)->if_softc); \ 919 } \ 920 } while (0) 921 922 ASSERT_SERIALIZED(ifp->if_serializer); 923 924 switch (command) { 925 case SIOCSIFADDR: 926 switch (ifa->ifa_addr->sa_family) { 927 #ifdef INET 928 case AF_INET: 929 IF_INIT(ifp); /* before arpwhohas */ 930 arp_ifinit(ifp, ifa); 931 break; 932 #endif 933 #ifdef IPX 934 /* 935 * XXX - This code is probably wrong 936 */ 937 case AF_IPX: 938 { 939 struct ipx_addr *ina = &IA_SIPX(ifa)->sipx_addr; 940 struct arpcom *ac = IFP2AC(ifp); 941 942 if (ipx_nullhost(*ina)) 943 ina->x_host = *(union ipx_host *) ac->ac_enaddr; 944 else 945 bcopy(ina->x_host.c_host, ac->ac_enaddr, 946 sizeof ac->ac_enaddr); 947 948 IF_INIT(ifp); /* Set new address. */ 949 break; 950 } 951 #endif 952 #ifdef NS 953 /* 954 * XXX - This code is probably wrong 955 */ 956 case AF_NS: 957 { 958 struct ns_addr *ina = &(IA_SNS(ifa)->sns_addr); 959 struct arpcom *ac = IFP2AC(ifp); 960 961 if (ns_nullhost(*ina)) 962 ina->x_host = *(union ns_host *)(ac->ac_enaddr); 963 else 964 bcopy(ina->x_host.c_host, ac->ac_enaddr, 965 sizeof ac->ac_enaddr); 966 967 /* 968 * Set new address 969 */ 970 IF_INIT(ifp); 971 break; 972 } 973 #endif 974 default: 975 IF_INIT(ifp); 976 break; 977 } 978 break; 979 980 case SIOCGIFADDR: 981 bcopy(IFP2AC(ifp)->ac_enaddr, 982 ((struct sockaddr *)ifr->ifr_data)->sa_data, 983 ETHER_ADDR_LEN); 984 break; 985 986 case SIOCSIFMTU: 987 /* 988 * Set the interface MTU. 989 */ 990 if (ifr->ifr_mtu > ETHERMTU) { 991 error = EINVAL; 992 } else { 993 ifp->if_mtu = ifr->ifr_mtu; 994 } 995 break; 996 default: 997 error = EINVAL; 998 break; 999 } 1000 return (error); 1001 1002 #undef IF_INIT 1003 } 1004 1005 int 1006 ether_resolvemulti( 1007 struct ifnet *ifp, 1008 struct sockaddr **llsa, 1009 struct sockaddr *sa) 1010 { 1011 struct sockaddr_dl *sdl; 1012 struct sockaddr_in *sin; 1013 #ifdef INET6 1014 struct sockaddr_in6 *sin6; 1015 #endif 1016 u_char *e_addr; 1017 1018 switch(sa->sa_family) { 1019 case AF_LINK: 1020 /* 1021 * No mapping needed. Just check that it's a valid MC address. 1022 */ 1023 sdl = (struct sockaddr_dl *)sa; 1024 e_addr = LLADDR(sdl); 1025 if ((e_addr[0] & 1) != 1) 1026 return EADDRNOTAVAIL; 1027 *llsa = 0; 1028 return 0; 1029 1030 #ifdef INET 1031 case AF_INET: 1032 sin = (struct sockaddr_in *)sa; 1033 if (!IN_MULTICAST(ntohl(sin->sin_addr.s_addr))) 1034 return EADDRNOTAVAIL; 1035 MALLOC(sdl, struct sockaddr_dl *, sizeof *sdl, M_IFMADDR, 1036 M_WAITOK | M_ZERO); 1037 sdl->sdl_len = sizeof *sdl; 1038 sdl->sdl_family = AF_LINK; 1039 sdl->sdl_index = ifp->if_index; 1040 sdl->sdl_type = IFT_ETHER; 1041 sdl->sdl_alen = ETHER_ADDR_LEN; 1042 e_addr = LLADDR(sdl); 1043 ETHER_MAP_IP_MULTICAST(&sin->sin_addr, e_addr); 1044 *llsa = (struct sockaddr *)sdl; 1045 return 0; 1046 #endif 1047 #ifdef INET6 1048 case AF_INET6: 1049 sin6 = (struct sockaddr_in6 *)sa; 1050 if (IN6_IS_ADDR_UNSPECIFIED(&sin6->sin6_addr)) { 1051 /* 1052 * An IP6 address of 0 means listen to all 1053 * of the Ethernet multicast address used for IP6. 1054 * (This is used for multicast routers.) 1055 */ 1056 ifp->if_flags |= IFF_ALLMULTI; 1057 *llsa = 0; 1058 return 0; 1059 } 1060 if (!IN6_IS_ADDR_MULTICAST(&sin6->sin6_addr)) 1061 return EADDRNOTAVAIL; 1062 MALLOC(sdl, struct sockaddr_dl *, sizeof *sdl, M_IFMADDR, 1063 M_WAITOK | M_ZERO); 1064 sdl->sdl_len = sizeof *sdl; 1065 sdl->sdl_family = AF_LINK; 1066 sdl->sdl_index = ifp->if_index; 1067 sdl->sdl_type = IFT_ETHER; 1068 sdl->sdl_alen = ETHER_ADDR_LEN; 1069 e_addr = LLADDR(sdl); 1070 ETHER_MAP_IPV6_MULTICAST(&sin6->sin6_addr, e_addr); 1071 *llsa = (struct sockaddr *)sdl; 1072 return 0; 1073 #endif 1074 1075 default: 1076 /* 1077 * Well, the text isn't quite right, but it's the name 1078 * that counts... 1079 */ 1080 return EAFNOSUPPORT; 1081 } 1082 } 1083 1084 #if 0 1085 /* 1086 * This is for reference. We have a table-driven version 1087 * of the little-endian crc32 generator, which is faster 1088 * than the double-loop. 1089 */ 1090 uint32_t 1091 ether_crc32_le(const uint8_t *buf, size_t len) 1092 { 1093 uint32_t c, crc, carry; 1094 size_t i, j; 1095 1096 crc = 0xffffffffU; /* initial value */ 1097 1098 for (i = 0; i < len; i++) { 1099 c = buf[i]; 1100 for (j = 0; j < 8; j++) { 1101 carry = ((crc & 0x01) ? 1 : 0) ^ (c & 0x01); 1102 crc >>= 1; 1103 c >>= 1; 1104 if (carry) 1105 crc = (crc ^ ETHER_CRC_POLY_LE); 1106 } 1107 } 1108 1109 return (crc); 1110 } 1111 #else 1112 uint32_t 1113 ether_crc32_le(const uint8_t *buf, size_t len) 1114 { 1115 static const uint32_t crctab[] = { 1116 0x00000000, 0x1db71064, 0x3b6e20c8, 0x26d930ac, 1117 0x76dc4190, 0x6b6b51f4, 0x4db26158, 0x5005713c, 1118 0xedb88320, 0xf00f9344, 0xd6d6a3e8, 0xcb61b38c, 1119 0x9b64c2b0, 0x86d3d2d4, 0xa00ae278, 0xbdbdf21c 1120 }; 1121 uint32_t crc; 1122 size_t i; 1123 1124 crc = 0xffffffffU; /* initial value */ 1125 1126 for (i = 0; i < len; i++) { 1127 crc ^= buf[i]; 1128 crc = (crc >> 4) ^ crctab[crc & 0xf]; 1129 crc = (crc >> 4) ^ crctab[crc & 0xf]; 1130 } 1131 1132 return (crc); 1133 } 1134 #endif 1135 1136 uint32_t 1137 ether_crc32_be(const uint8_t *buf, size_t len) 1138 { 1139 uint32_t c, crc, carry; 1140 size_t i, j; 1141 1142 crc = 0xffffffffU; /* initial value */ 1143 1144 for (i = 0; i < len; i++) { 1145 c = buf[i]; 1146 for (j = 0; j < 8; j++) { 1147 carry = ((crc & 0x80000000U) ? 1 : 0) ^ (c & 0x01); 1148 crc <<= 1; 1149 c >>= 1; 1150 if (carry) 1151 crc = (crc ^ ETHER_CRC_POLY_BE) | carry; 1152 } 1153 } 1154 1155 return (crc); 1156 } 1157 1158 /* 1159 * find the size of ethernet header, and call classifier 1160 */ 1161 void 1162 altq_etherclassify(struct ifaltq *ifq, struct mbuf *m, 1163 struct altq_pktattr *pktattr) 1164 { 1165 struct ether_header *eh; 1166 uint16_t ether_type; 1167 int hlen, af, hdrsize; 1168 caddr_t hdr; 1169 1170 hlen = sizeof(struct ether_header); 1171 eh = mtod(m, struct ether_header *); 1172 1173 ether_type = ntohs(eh->ether_type); 1174 if (ether_type < ETHERMTU) { 1175 /* ick! LLC/SNAP */ 1176 struct llc *llc = (struct llc *)(eh + 1); 1177 hlen += 8; 1178 1179 if (m->m_len < hlen || 1180 llc->llc_dsap != LLC_SNAP_LSAP || 1181 llc->llc_ssap != LLC_SNAP_LSAP || 1182 llc->llc_control != LLC_UI) 1183 goto bad; /* not snap! */ 1184 1185 ether_type = ntohs(llc->llc_un.type_snap.ether_type); 1186 } 1187 1188 if (ether_type == ETHERTYPE_IP) { 1189 af = AF_INET; 1190 hdrsize = 20; /* sizeof(struct ip) */ 1191 #ifdef INET6 1192 } else if (ether_type == ETHERTYPE_IPV6) { 1193 af = AF_INET6; 1194 hdrsize = 40; /* sizeof(struct ip6_hdr) */ 1195 #endif 1196 } else 1197 goto bad; 1198 1199 while (m->m_len <= hlen) { 1200 hlen -= m->m_len; 1201 m = m->m_next; 1202 } 1203 hdr = m->m_data + hlen; 1204 if (m->m_len < hlen + hdrsize) { 1205 /* 1206 * ip header is not in a single mbuf. this should not 1207 * happen in the current code. 1208 * (todo: use m_pulldown in the future) 1209 */ 1210 goto bad; 1211 } 1212 m->m_data += hlen; 1213 m->m_len -= hlen; 1214 ifq_classify(ifq, m, af, pktattr); 1215 m->m_data -= hlen; 1216 m->m_len += hlen; 1217 1218 return; 1219 1220 bad: 1221 pktattr->pattr_class = NULL; 1222 pktattr->pattr_hdr = NULL; 1223 pktattr->pattr_af = AF_UNSPEC; 1224 } 1225 1226 static void 1227 ether_restore_header(struct mbuf **m0, const struct ether_header *eh, 1228 const struct ether_header *save_eh) 1229 { 1230 struct mbuf *m = *m0; 1231 1232 ether_restore_hdr++; 1233 1234 /* 1235 * Prepend the header, optimize for the common case of 1236 * eh pointing into the mbuf. 1237 */ 1238 if ((const void *)(eh + 1) == (void *)m->m_data) { 1239 m->m_data -= ETHER_HDR_LEN; 1240 m->m_len += ETHER_HDR_LEN; 1241 m->m_pkthdr.len += ETHER_HDR_LEN; 1242 } else { 1243 ether_prepend_hdr++; 1244 1245 M_PREPEND(m, ETHER_HDR_LEN, MB_DONTWAIT); 1246 if (m != NULL) { 1247 bcopy(save_eh, mtod(m, struct ether_header *), 1248 ETHER_HDR_LEN); 1249 } 1250 } 1251 *m0 = m; 1252 } 1253 1254 #ifdef ETHER_INPUT_CHAIN 1255 1256 static void 1257 ether_input_ipifunc(void *arg) 1258 { 1259 struct mbuf *m, *next; 1260 lwkt_port_t port; 1261 1262 m = arg; 1263 do { 1264 next = m->m_nextpkt; 1265 m->m_nextpkt = NULL; 1266 1267 port = m->m_pkthdr.header; 1268 m->m_pkthdr.header = NULL; 1269 1270 lwkt_sendmsg(port, 1271 &m->m_hdr.mh_netmsg.nm_netmsg.nm_lmsg); 1272 1273 m = next; 1274 } while (m != NULL); 1275 } 1276 1277 void 1278 ether_input_dispatch(struct mbuf_chain *chain) 1279 { 1280 #ifdef SMP 1281 int i; 1282 1283 for (i = 0; i < ncpus; ++i) { 1284 if (chain[i].mc_head != NULL) { 1285 lwkt_send_ipiq(globaldata_find(i), 1286 ether_input_ipifunc, chain[i].mc_head); 1287 } 1288 } 1289 #else 1290 ether_input_ipifunc(chain->mc_head); 1291 #endif 1292 } 1293 1294 #endif /* ETHER_INPUT_CHAIN */ 1295