1 /*-
2 * Copyright (c) 1982, 1989, 1993
3 * The Regents of the University of California. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 * 4. Neither the name of the University nor the names of its contributors
14 * may be used to endorse or promote products derived from this software
15 * without specific prior written permission.
16 *
17 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
27 * SUCH DAMAGE.
28 *
29 * @(#)if_ethersubr.c 8.1 (Berkeley) 6/10/93
30 * $FreeBSD: releng/6.0/sys/net/if_ethersubr.c 151571 2005-10-23 02:37:28Z thompsa $
31 */
32
33 #include "opt_atalk.h"
34 #include "opt_inet.h"
35 #include "opt_inet6.h"
36 #include "opt_ipx.h"
37 #include "opt_bdg.h"
38 #include "opt_mac.h"
39 #include "opt_netgraph.h"
40 #include "opt_carp.h"
41
42 #include <sys/param.h>
43 #include <sys/systm.h>
44 #include <sys/kernel.h>
45 #include <sys/mac.h>
46 #include <sys/malloc.h>
47 #include <sys/module.h>
48 #include <sys/mbuf.h>
49 #include <sys/random.h>
50 #include <sys/socket.h>
51 #include <sys/sockio.h>
52 #include <sys/sysctl.h>
53
54 #include <net/if.h>
55 #include <net/if_arp.h>
56 #include <net/netisr.h>
57 #include <net/route.h>
58 #include <net/if_llc.h>
59 #include <net/if_dl.h>
60 #include <net/if_types.h>
61 #include <net/bpf.h>
62 #include <net/ethernet.h>
63 #include <net/bridge.h>
64 #include <net/if_bridgevar.h>
65 #include <net/if_vlan_var.h>
66
67 #if defined(INET) || defined(INET6)
68 #include <netinet/in.h>
69 #include <netinet/in_var.h>
70 #include <netinet/if_ether.h>
71 #include <netinet/ip_fw.h>
72 #include <netinet/ip_dummynet.h>
73 #endif
74 #ifdef INET6
75 #include <netinet6/nd6.h>
76 #endif
77
78 #ifdef DEV_CARP
79 #include <netinet/ip_carp.h>
80 #endif
81
82 #ifdef IPX
83 #include <netipx/ipx.h>
84 #include <netipx/ipx_if.h>
85 #endif
86 int (*ef_inputp)(struct ifnet*, struct ether_header *eh, struct mbuf *m);
87 int (*ef_outputp)(struct ifnet *ifp, struct mbuf **mp,
88 struct sockaddr *dst, short *tp, int *hlen);
89
90 #ifdef NETATALK
91 #include <netatalk/at.h>
92 #include <netatalk/at_var.h>
93 #include <netatalk/at_extern.h>
94
95 #define llc_snap_org_code llc_un.type_snap.org_code
96 #define llc_snap_ether_type llc_un.type_snap.ether_type
97
98 extern u_char at_org_code[3];
99 extern u_char aarp_org_code[3];
100 #endif /* NETATALK */
101
102 /* netgraph node hooks for ng_ether(4) */
103 void (*ng_ether_input_p)(struct ifnet *ifp, struct mbuf **mp);
104 void (*ng_ether_input_orphan_p)(struct ifnet *ifp, struct mbuf *m);
105 int (*ng_ether_output_p)(struct ifnet *ifp, struct mbuf **mp);
106 void (*ng_ether_attach_p)(struct ifnet *ifp);
107 void (*ng_ether_detach_p)(struct ifnet *ifp);
108
109 void (*vlan_input_p)(struct ifnet *, struct mbuf *);
110
111 /* bridge support */
112 int do_bridge;
113 bridge_in_t *bridge_in_ptr;
114 bdg_forward_t *bdg_forward_ptr;
115 bdgtakeifaces_t *bdgtakeifaces_ptr;
116 struct bdg_softc *ifp2sc;
117
118 struct mbuf *(*bridge_input_p)(struct ifnet *, struct mbuf *);
119 int (*bridge_output_p)(struct ifnet *, struct mbuf *,
120 struct sockaddr *, struct rtentry *);
121 void (*bridge_dn_p)(struct mbuf *, struct ifnet *);
122 void (*bridge_detach_p)(struct ifnet *ifp);
123
124 static const u_char etherbroadcastaddr[ETHER_ADDR_LEN] =
125 { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
126
127 static int ether_resolvemulti(struct ifnet *, struct sockaddr **,
128 struct sockaddr *);
129
130 /* XXX: should be in an arp support file, not here */
131 MALLOC_DEFINE(M_ARPCOM, "arpcom", "802.* interface internals");
132
133 #define senderr(e) do { error = (e); goto bad;} while (0)
134
135 #if defined(INET) || defined(INET6)
136 int
137 ether_ipfw_chk(struct mbuf **m0, struct ifnet *dst,
138 struct ip_fw **rule, int shared);
139 static int ether_ipfw;
140 #endif
141
142 /*
143 * Ethernet output routine.
144 * Encapsulate a packet of type family for the local net.
145 * Use trailer local net encapsulation if enough data in first
146 * packet leaves a multiple of 512 bytes of data in remainder.
147 * Assumes that ifp is actually pointer to arpcom structure.
148 */
149 int
150 ether_output(struct ifnet *ifp, struct mbuf *m,
151 struct sockaddr *dst, struct rtentry *rt0)
152 {
153 short type;
154 int error, hdrcmplt = 0;
155 u_char esrc[ETHER_ADDR_LEN], edst[ETHER_ADDR_LEN];
156 struct ether_header *eh;
157 int loop_copy = 0;
158 int hlen; /* link layer header length */
159
160 #ifdef MAC
161 error = mac_check_ifnet_transmit(ifp, m);
162 if (error)
163 senderr(error);
164 #endif
165
166 if (ifp->if_flags & IFF_MONITOR)
167 senderr(ENETDOWN);
168 if (!((ifp->if_flags & IFF_UP) &&
169 (ifp->if_drv_flags & IFF_DRV_RUNNING)))
170 senderr(ENETDOWN);
171
172 hlen = ETHER_HDR_LEN;
173 switch (dst->sa_family) {
174 #ifdef INET
175 case AF_INET:
176 error = arpresolve(ifp, rt0, m, dst, edst);
177 if (error)
178 return (error == EWOULDBLOCK ? 0 : error);
179 type = htons(ETHERTYPE_IP);
180 break;
181 case AF_ARP:
182 {
183 struct arphdr *ah;
184 ah = mtod(m, struct arphdr *);
185 ah->ar_hrd = htons(ARPHRD_ETHER);
186
187 loop_copy = -1; /* if this is for us, don't do it */
188
189 switch(ntohs(ah->ar_op)) {
190 case ARPOP_REVREQUEST:
191 case ARPOP_REVREPLY:
192 type = htons(ETHERTYPE_REVARP);
193 break;
194 case ARPOP_REQUEST:
195 case ARPOP_REPLY:
196 default:
197 type = htons(ETHERTYPE_ARP);
198 break;
199 }
200
201 if (m->m_flags & M_BCAST)
202 bcopy(ifp->if_broadcastaddr, edst, ETHER_ADDR_LEN);
203 else
204 bcopy(ar_tha(ah), edst, ETHER_ADDR_LEN);
205
206 }
207 break;
208 #endif
209 #ifdef INET6
210 case AF_INET6:
211 error = nd6_storelladdr(ifp, rt0, m, dst, (u_char *)edst);
212 if (error)
213 return error;
214 type = htons(ETHERTYPE_IPV6);
215 break;
216 #endif
217 #ifdef IPX
218 case AF_IPX:
219 if (ef_outputp) {
220 error = ef_outputp(ifp, &m, dst, &type, &hlen);
221 if (error)
222 goto bad;
223 } else
224 type = htons(ETHERTYPE_IPX);
225 bcopy((caddr_t)&(((struct sockaddr_ipx *)dst)->sipx_addr.x_host),
226 (caddr_t)edst, sizeof (edst));
227 break;
228 #endif
229 #ifdef NETATALK
230 case AF_APPLETALK:
231 {
232 struct at_ifaddr *aa;
233
234 if ((aa = at_ifawithnet((struct sockaddr_at *)dst)) == NULL)
235 senderr(EHOSTUNREACH); /* XXX */
236 if (!aarpresolve(ifp, m, (struct sockaddr_at *)dst, edst))
237 return (0);
238 /*
239 * In the phase 2 case, need to prepend an mbuf for the llc header.
240 */
241 if ( aa->aa_flags & AFA_PHASE2 ) {
242 struct llc llc;
243
244 M_PREPEND(m, LLC_SNAPFRAMELEN, M_DONTWAIT);
245 if (m == NULL)
246 senderr(ENOBUFS);
247 llc.llc_dsap = llc.llc_ssap = LLC_SNAP_LSAP;
248 llc.llc_control = LLC_UI;
249 bcopy(at_org_code, llc.llc_snap_org_code, sizeof(at_org_code));
250 llc.llc_snap_ether_type = htons( ETHERTYPE_AT );
251 bcopy(&llc, mtod(m, caddr_t), LLC_SNAPFRAMELEN);
252 type = htons(m->m_pkthdr.len);
253 hlen = LLC_SNAPFRAMELEN + ETHER_HDR_LEN;
254 } else {
255 type = htons(ETHERTYPE_AT);
256 }
257 break;
258 }
259 #endif /* NETATALK */
260
261 case pseudo_AF_HDRCMPLT:
262 hdrcmplt = 1;
263 eh = (struct ether_header *)dst->sa_data;
264 (void)memcpy(esrc, eh->ether_shost, sizeof (esrc));
265 /* FALLTHROUGH */
266
267 case AF_UNSPEC:
268 loop_copy = -1; /* if this is for us, don't do it */
269 eh = (struct ether_header *)dst->sa_data;
270 (void)memcpy(edst, eh->ether_dhost, sizeof (edst));
271 type = eh->ether_type;
272 break;
273
274 default:
275 if_printf(ifp, "can't handle af%d\n", dst->sa_family);
276 senderr(EAFNOSUPPORT);
277 }
278
279 /*
280 * Add local net header. If no space in first mbuf,
281 * allocate another.
282 */
283 M_PREPEND(m, ETHER_HDR_LEN, M_DONTWAIT);
284 if (m == NULL)
285 senderr(ENOBUFS);
286 eh = mtod(m, struct ether_header *);
287 (void)memcpy(&eh->ether_type, &type,
288 sizeof(eh->ether_type));
289 (void)memcpy(eh->ether_dhost, edst, sizeof (edst));
290 if (hdrcmplt)
291 (void)memcpy(eh->ether_shost, esrc,
292 sizeof(eh->ether_shost));
293 else
294 (void)memcpy(eh->ether_shost, IFP2ENADDR(ifp),
295 sizeof(eh->ether_shost));
296
297 /*
298 * Bridges require special output handling.
299 */
300 if (ifp->if_bridge) {
301 BRIDGE_OUTPUT(ifp, m, error);
302 return (error);
303 }
304
305 /*
306 * If a simplex interface, and the packet is being sent to our
307 * Ethernet address or a broadcast address, loopback a copy.
308 * XXX To make a simplex device behave exactly like a duplex
309 * device, we should copy in the case of sending to our own
310 * ethernet address (thus letting the original actually appear
311 * on the wire). However, we don't do that here for security
312 * reasons and compatibility with the original behavior.
313 */
314 if ((ifp->if_flags & IFF_SIMPLEX) && (loop_copy != -1) &&
315 m_tag_find(m, PACKET_TAG_PF_ROUTED, NULL) == NULL) {
316 int csum_flags = 0;
317
318 if (m->m_pkthdr.csum_flags & CSUM_IP)
319 csum_flags |= (CSUM_IP_CHECKED|CSUM_IP_VALID);
320 if (m->m_pkthdr.csum_flags & CSUM_DELAY_DATA)
321 csum_flags |= (CSUM_DATA_VALID|CSUM_PSEUDO_HDR);
322
323 if ((m->m_flags & M_BCAST) || (loop_copy > 0)) {
324 struct mbuf *n;
325
326 if ((n = m_copy(m, 0, (int)M_COPYALL)) != NULL) {
327 n->m_pkthdr.csum_flags |= csum_flags;
328 if (csum_flags & CSUM_DATA_VALID)
329 n->m_pkthdr.csum_data = 0xffff;
330 (void)if_simloop(ifp, n, dst->sa_family, hlen);
331 } else
332 ifp->if_iqdrops++;
333 } else if (bcmp(eh->ether_dhost, eh->ether_shost,
334 ETHER_ADDR_LEN) == 0) {
335 m->m_pkthdr.csum_flags |= csum_flags;
336 if (csum_flags & CSUM_DATA_VALID)
337 m->m_pkthdr.csum_data = 0xffff;
338 (void) if_simloop(ifp, m, dst->sa_family, hlen);
339 return (0); /* XXX */
340 }
341 }
342
343 #ifdef DEV_CARP
344 if (ifp->if_carp &&
345 (error = carp_output(ifp, m, dst, NULL)))
346 goto bad;
347 #endif
348
349 /* Handle ng_ether(4) processing, if any */
350 if (IFP2AC(ifp)->ac_netgraph != NULL) {
351 if ((error = (*ng_ether_output_p)(ifp, &m)) != 0) {
352 bad: if (m != NULL)
353 m_freem(m);
354 return (error);
355 }
356 if (m == NULL)
357 return (0);
358 }
359
360 /* Continue with link-layer output */
361 return ether_output_frame(ifp, m);
362 }
363
364 /*
365 * Ethernet link layer output routine to send a raw frame to the device.
366 *
367 * This assumes that the 14 byte Ethernet header is present and contiguous
368 * in the first mbuf (if BRIDGE'ing).
369 */
370 int
371 ether_output_frame(struct ifnet *ifp, struct mbuf *m)
372 {
373 #if defined(INET) || defined(INET6)
374 struct ip_fw *rule = ip_dn_claim_rule(m);
375 #else
376 void *rule = NULL;
377 #endif
378 int error;
379
380 if (rule == NULL && BDG_ACTIVE(ifp)) {
381 /*
382 * Beware, the bridge code notices the null rcvif and
383 * uses that identify that it's being called from
384 * ether_output as opposd to ether_input. Yech.
385 */
386 m->m_pkthdr.rcvif = NULL;
387 m = bdg_forward_ptr(m, ifp);
388 if (m != NULL)
389 m_freem(m);
390 return (0);
391 }
392 #if defined(INET) || defined(INET6)
393 if (IPFW_LOADED && ether_ipfw != 0) {
394 if (ether_ipfw_chk(&m, ifp, &rule, 0) == 0) {
395 if (m) {
396 m_freem(m);
397 return EACCES; /* pkt dropped */
398 } else
399 return 0; /* consumed e.g. in a pipe */
400 }
401 }
402 #endif
403
404 /*
405 * Queue message on interface, update output statistics if
406 * successful, and start output if interface not yet active.
407 */
408 IFQ_HANDOFF(ifp, m, error);
409 return (error);
410 }
411
412 #if defined(INET) || defined(INET6)
413 /*
414 * ipfw processing for ethernet packets (in and out).
415 * The second parameter is NULL from ether_demux, and ifp from
416 * ether_output_frame. This section of code could be used from
417 * bridge.c as well as long as we use some extra info
418 * to distinguish that case from ether_output_frame();
419 */
420 int
421 ether_ipfw_chk(struct mbuf **m0, struct ifnet *dst,
422 struct ip_fw **rule, int shared)
423 {
424 struct ether_header *eh;
425 struct ether_header save_eh;
426 struct mbuf *m;
427 int i;
428 struct ip_fw_args args;
429
430 if (*rule != NULL && fw_one_pass)
431 return 1; /* dummynet packet, already partially processed */
432
433 /*
434 * I need some amt of data to be contiguous, and in case others need
435 * the packet (shared==1) also better be in the first mbuf.
436 */
437 m = *m0;
438 i = min( m->m_pkthdr.len, max_protohdr);
439 if ( shared || m->m_len < i) {
440 m = m_pullup(m, i);
441 if (m == NULL) {
442 *m0 = m;
443 return 0;
444 }
445 }
446 eh = mtod(m, struct ether_header *);
447 save_eh = *eh; /* save copy for restore below */
448 m_adj(m, ETHER_HDR_LEN); /* strip ethernet header */
449
450 args.m = m; /* the packet we are looking at */
451 args.oif = dst; /* destination, if any */
452 args.rule = *rule; /* matching rule to restart */
453 args.next_hop = NULL; /* we do not support forward yet */
454 args.eh = &save_eh; /* MAC header for bridged/MAC packets */
455 i = ip_fw_chk_ptr(&args);
456 m = args.m;
457 if (m != NULL) {
458 /*
459 * Restore Ethernet header, as needed, in case the
460 * mbuf chain was replaced by ipfw.
461 */
462 M_PREPEND(m, ETHER_HDR_LEN, M_DONTWAIT);
463 if (m == NULL) {
464 *m0 = m;
465 return 0;
466 }
467 if (eh != mtod(m, struct ether_header *))
468 bcopy(&save_eh, mtod(m, struct ether_header *),
469 ETHER_HDR_LEN);
470 }
471 *m0 = m;
472 *rule = args.rule;
473
474 if (i == IP_FW_DENY) /* drop */
475 return 0;
476
477 KASSERT(m != NULL, ("ether_ipfw_chk: m is NULL"));
478
479 if (i == IP_FW_PASS) /* a PASS rule. */
480 return 1;
481
482 if (DUMMYNET_LOADED && (i == IP_FW_DUMMYNET)) {
483 /*
484 * Pass the pkt to dummynet, which consumes it.
485 * If shared, make a copy and keep the original.
486 */
487 if (shared) {
488 m = m_copypacket(m, M_DONTWAIT);
489 if (m == NULL)
490 return 0;
491 } else {
492 /*
493 * Pass the original to dummynet and
494 * nothing back to the caller
495 */
496 *m0 = NULL ;
497 }
498 ip_dn_io_ptr(m, dst ? DN_TO_ETH_OUT: DN_TO_ETH_DEMUX, &args);
499 return 0;
500 }
501 /*
502 * XXX at some point add support for divert/forward actions.
503 * If none of the above matches, we have to drop the pkt.
504 */
505 return 0;
506 }
507 #endif
508
509 /*
510 * Process a received Ethernet packet; the packet is in the
511 * mbuf chain m with the ethernet header at the front.
512 */
513 static void
514 ether_input(struct ifnet *ifp, struct mbuf *m)
515 {
516 struct ether_header *eh;
517 u_short etype;
518
519 /*
520 * Do consistency checks to verify assumptions
521 * made by code past this point.
522 */
523 if ((m->m_flags & M_PKTHDR) == 0) {
524 if_printf(ifp, "discard frame w/o packet header\n");
525 ifp->if_ierrors++;
526 m_freem(m);
527 return;
528 }
529 if (m->m_len < ETHER_HDR_LEN) {
530 /* XXX maybe should pullup? */
531 if_printf(ifp, "discard frame w/o leading ethernet "
532 "header (len %u pkt len %u)\n",
533 m->m_len, m->m_pkthdr.len);
534 ifp->if_ierrors++;
535 m_freem(m);
536 return;
537 }
538 eh = mtod(m, struct ether_header *);
539 etype = ntohs(eh->ether_type);
540 if (m->m_pkthdr.len >
541 ETHER_MAX_FRAME(ifp, etype, m->m_flags & M_HASFCS)) {
542 if_printf(ifp, "discard oversize frame "
543 "(ether type %x flags %x len %u > max %lu)\n",
544 etype, m->m_flags, m->m_pkthdr.len,
545 ETHER_MAX_FRAME(ifp, etype,
546 m->m_flags & M_HASFCS));
547 ifp->if_ierrors++;
548 m_freem(m);
549 return;
550 }
551 if (m->m_pkthdr.rcvif == NULL) {
552 if_printf(ifp, "discard frame w/o interface pointer\n");
553 ifp->if_ierrors++;
554 m_freem(m);
555 return;
556 }
557 #ifdef DIAGNOSTIC
558 if (m->m_pkthdr.rcvif != ifp) {
559 if_printf(ifp, "Warning, frame marked as received on %s\n",
560 m->m_pkthdr.rcvif->if_xname);
561 }
562 #endif
563
564 #ifdef MAC
565 /*
566 * Tag the mbuf with an appropriate MAC label before any other
567 * consumers can get to it.
568 */
569 mac_create_mbuf_from_ifnet(ifp, m);
570 #endif
571
572 /*
573 * Give bpf a chance at the packet.
574 */
575 BPF_MTAP(ifp, m);
576
577 if (ifp->if_flags & IFF_MONITOR) {
578 /*
579 * Interface marked for monitoring; discard packet.
580 */
581 m_freem(m);
582 return;
583 }
584
585 /* If the CRC is still on the packet, trim it off. */
586 if (m->m_flags & M_HASFCS) {
587 m_adj(m, -ETHER_CRC_LEN);
588 m->m_flags &= ~M_HASFCS;
589 }
590
591 ifp->if_ibytes += m->m_pkthdr.len;
592
593 /* Handle ng_ether(4) processing, if any */
594 if (IFP2AC(ifp)->ac_netgraph != NULL) {
595 (*ng_ether_input_p)(ifp, &m);
596 if (m == NULL)
597 return;
598 }
599
600 /*
601 * Tap the packet off here for a bridge. bridge_input()
602 * will return NULL if it has consumed the packet, otherwise
603 * it gets processed as normal. Note that bridge_input()
604 * will always return the original packet if we need to
605 * process it locally.
606 */
607 if (ifp->if_bridge) {
608 BRIDGE_INPUT(ifp, m);
609 if (m == NULL)
610 return;
611 }
612
613 /* Check for bridging mode */
614 if (BDG_ACTIVE(ifp) )
615 if ((m = bridge_in_ptr(ifp, m)) == NULL)
616 return;
617
618 /* First chunk of an mbuf contains good entropy */
619 if (harvest.ethernet)
620 random_harvest(m, 16, 3, 0, RANDOM_NET);
621 ether_demux(ifp, m);
622 }
623
624 /*
625 * Upper layer processing for a received Ethernet packet.
626 */
627 void
628 ether_demux(struct ifnet *ifp, struct mbuf *m)
629 {
630 struct ether_header *eh;
631 int isr;
632 u_short ether_type;
633 #if defined(NETATALK)
634 struct llc *l;
635 #endif
636 #if defined(INET) || defined(INET6)
637 struct ip_fw *rule = ip_dn_claim_rule(m);
638 #endif
639
640 KASSERT(ifp != NULL, ("ether_demux: NULL interface pointer"));
641
642 eh = mtod(m, struct ether_header *);
643 ether_type = ntohs(eh->ether_type);
644
645 #if defined(INET) || defined(INET6)
646 if (rule) /* packet was already bridged */
647 goto post_stats;
648 #endif
649
650 if (!(BDG_ACTIVE(ifp)) && !(ifp->if_bridge) &&
651 !((ether_type == ETHERTYPE_VLAN || m->m_flags & M_VLANTAG) &&
652 ifp->if_nvlans > 0)) {
653 #ifdef DEV_CARP
654 /*
655 * XXX: Okay, we need to call carp_forus() and - if it is for
656 * us jump over code that does the normal check
657 * "IFP2ENADDR(ifp) == ether_dhost". The check sequence is a bit
658 * different from OpenBSD, so we jump over as few code as
659 * possible, to catch _all_ sanity checks. This needs
660 * evaluation, to see if the carp ether_dhost values break any
661 * of these checks!
662 */
663 if (ifp->if_carp && carp_forus(ifp->if_carp, eh->ether_dhost))
664 goto pre_stats;
665 #endif
666 /*
667 * Discard packet if upper layers shouldn't see it because it
668 * was unicast to a different Ethernet address. If the driver
669 * is working properly, then this situation can only happen
670 * when the interface is in promiscuous mode.
671 *
672 * If VLANs are active, and this packet has a VLAN tag, do
673 * not drop it here but pass it on to the VLAN layer, to
674 * give them a chance to consider it as well (e. g. in case
675 * bridging is only active on a VLAN). They will drop it if
676 * it's undesired.
677 */
678 if ((ifp->if_flags & IFF_PROMISC) != 0
679 && !ETHER_IS_MULTICAST(eh->ether_dhost)
680 && bcmp(eh->ether_dhost,
681 IFP2ENADDR(ifp), ETHER_ADDR_LEN) != 0
682 && (ifp->if_flags & IFF_PPROMISC) == 0) {
683 m_freem(m);
684 return;
685 }
686 }
687
688 #ifdef DEV_CARP
689 pre_stats:
690 #endif
691 /* Discard packet if interface is not up */
692 if ((ifp->if_flags & IFF_UP) == 0) {
693 m_freem(m);
694 return;
695 }
696 if (ETHER_IS_MULTICAST(eh->ether_dhost)) {
697 if (bcmp(etherbroadcastaddr, eh->ether_dhost,
698 sizeof(etherbroadcastaddr)) == 0)
699 m->m_flags |= M_BCAST;
700 else
701 m->m_flags |= M_MCAST;
702 }
703 if (m->m_flags & (M_BCAST|M_MCAST))
704 ifp->if_imcasts++;
705
706 #if defined(INET) || defined(INET6)
707 post_stats:
708 if (IPFW_LOADED && ether_ipfw != 0) {
709 if (ether_ipfw_chk(&m, NULL, &rule, 0) == 0) {
710 if (m)
711 m_freem(m);
712 return;
713 }
714 }
715 #endif
716
717 /*
718 * Check to see if the device performed the VLAN decapsulation and
719 * provided us with the tag.
720 */
721 if (m->m_flags & M_VLANTAG) {
722 /*
723 * If no VLANs are configured, drop.
724 */
725 if (ifp->if_nvlans == 0) {
726 ifp->if_noproto++;
727 m_freem(m);
728 return;
729 }
730 /*
731 * vlan_input() will either recursively call ether_input()
732 * or drop the packet.
733 */
734 KASSERT(vlan_input_p != NULL,("ether_input: VLAN not loaded!"));
735 (*vlan_input_p)(ifp, m);
736 return;
737 }
738
739 /*
740 * Handle protocols that expect to have the Ethernet header
741 * (and possibly FCS) intact.
742 */
743 switch (ether_type) {
744 case ETHERTYPE_VLAN:
745 if (ifp->if_nvlans != 0) {
746 KASSERT(vlan_input_p,("ether_input: VLAN not loaded!"));
747 (*vlan_input_p)(ifp, m);
748 } else {
749 ifp->if_noproto++;
750 m_freem(m);
751 }
752 return;
753 }
754
755 /* Strip off Ethernet header. */
756 m_adj(m, ETHER_HDR_LEN);
757
758 /* If the CRC is still on the packet, trim it off. */
759 if (m->m_flags & M_HASFCS) {
760 m_adj(m, -ETHER_CRC_LEN);
761 m->m_flags &= ~M_HASFCS;
762 }
763
764 switch (ether_type) {
765 #ifdef INET
766 case ETHERTYPE_IP:
767 if (ip_fastforward(m))
768 return;
769 isr = NETISR_IP;
770 break;
771
772 case ETHERTYPE_ARP:
773 if (ifp->if_flags & IFF_NOARP) {
774 /* Discard packet if ARP is disabled on interface */
775 m_freem(m);
776 return;
777 }
778 isr = NETISR_ARP;
779 break;
780 #endif
781 #ifdef IPX
782 case ETHERTYPE_IPX:
783 if (ef_inputp && ef_inputp(ifp, eh, m) == 0)
784 return;
785 isr = NETISR_IPX;
786 break;
787 #endif
788 #ifdef INET6
789 case ETHERTYPE_IPV6:
790 isr = NETISR_IPV6;
791 break;
792 #endif
793 #ifdef NETATALK
794 case ETHERTYPE_AT:
795 isr = NETISR_ATALK1;
796 break;
797 case ETHERTYPE_AARP:
798 isr = NETISR_AARP;
799 break;
800 #endif /* NETATALK */
801 default:
802 #ifdef IPX
803 if (ef_inputp && ef_inputp(ifp, eh, m) == 0)
804 return;
805 #endif /* IPX */
806 #if defined(NETATALK)
807 if (ether_type > ETHERMTU)
808 goto discard;
809 l = mtod(m, struct llc *);
810 if (l->llc_dsap == LLC_SNAP_LSAP &&
811 l->llc_ssap == LLC_SNAP_LSAP &&
812 l->llc_control == LLC_UI) {
813 if (bcmp(&(l->llc_snap_org_code)[0], at_org_code,
814 sizeof(at_org_code)) == 0 &&
815 ntohs(l->llc_snap_ether_type) == ETHERTYPE_AT) {
816 m_adj(m, LLC_SNAPFRAMELEN);
817 isr = NETISR_ATALK2;
818 break;
819 }
820 if (bcmp(&(l->llc_snap_org_code)[0], aarp_org_code,
821 sizeof(aarp_org_code)) == 0 &&
822 ntohs(l->llc_snap_ether_type) == ETHERTYPE_AARP) {
823 m_adj(m, LLC_SNAPFRAMELEN);
824 isr = NETISR_AARP;
825 break;
826 }
827 }
828 #endif /* NETATALK */
829 goto discard;
830 }
831 netisr_dispatch(isr, m);
832 return;
833
834 discard:
835 /*
836 * Packet is to be discarded. If netgraph is present,
837 * hand the packet to it for last chance processing;
838 * otherwise dispose of it.
839 */
840 if (IFP2AC(ifp)->ac_netgraph != NULL) {
841 /*
842 * Put back the ethernet header so netgraph has a
843 * consistent view of inbound packets.
844 */
845 M_PREPEND(m, ETHER_HDR_LEN, M_DONTWAIT);
846 (*ng_ether_input_orphan_p)(ifp, m);
847 return;
848 }
849 m_freem(m);
850 }
851
852 /*
853 * Convert Ethernet address to printable (loggable) representation.
854 * This routine is for compatibility; it's better to just use
855 *
856 * printf("%6D", <pointer to address>, ":");
857 *
858 * since there's no static buffer involved.
859 */
860 char *
861 ether_sprintf(const u_char *ap)
862 {
863 static char etherbuf[18];
864 snprintf(etherbuf, sizeof (etherbuf), "%6D", ap, ":");
865 return (etherbuf);
866 }
867
868 /*
869 * Perform common duties while attaching to interface list
870 */
871 void
872 ether_ifattach(struct ifnet *ifp, const u_int8_t *llc)
873 {
874 int i;
875 struct ifaddr *ifa;
876 struct sockaddr_dl *sdl;
877
878 ifp->if_addrlen = ETHER_ADDR_LEN;
879 ifp->if_hdrlen = ETHER_HDR_LEN;
880 if_attach(ifp);
881 ifp->if_mtu = ETHERMTU;
882 ifp->if_output = ether_output;
883 ifp->if_input = ether_input;
884 ifp->if_resolvemulti = ether_resolvemulti;
885 if (ifp->if_baudrate == 0)
886 ifp->if_baudrate = IF_Mbps(10); /* just a default */
887 ifp->if_broadcastaddr = etherbroadcastaddr;
888
889 ifa = ifaddr_byindex(ifp->if_index);
890 KASSERT(ifa != NULL, ("%s: no lladdr!\n", __func__));
891 sdl = (struct sockaddr_dl *)ifa->ifa_addr;
892 sdl->sdl_type = IFT_ETHER;
893 sdl->sdl_alen = ifp->if_addrlen;
894 bcopy(llc, LLADDR(sdl), ifp->if_addrlen);
895 /*
896 * XXX: This doesn't belong here; we do it until
897 * XXX: all drivers are cleaned up
898 */
899 if (llc != IFP2ENADDR(ifp))
900 bcopy(llc, IFP2ENADDR(ifp), ifp->if_addrlen);
901
902 bpfattach(ifp, DLT_EN10MB, ETHER_HDR_LEN);
903 if (ng_ether_attach_p != NULL)
904 (*ng_ether_attach_p)(ifp);
905 if (BDG_LOADED)
906 bdgtakeifaces_ptr();
907
908 /* Announce Ethernet MAC address if non-zero. */
909 for (i = 0; i < ifp->if_addrlen; i++)
910 if (llc[i] != 0)
911 break;
912 if (i != ifp->if_addrlen)
913 if_printf(ifp, "Ethernet address: %6D\n", llc, ":");
914 if (debug_mpsafenet && (ifp->if_flags & IFF_NEEDSGIANT) != 0)
915 if_printf(ifp, "if_start running deferred for Giant\n");
916 }
917
918 /*
919 * Perform common duties while detaching an Ethernet interface
920 */
921 void
922 ether_ifdetach(struct ifnet *ifp)
923 {
924 if (IFP2AC(ifp)->ac_netgraph != NULL)
925 (*ng_ether_detach_p)(ifp);
926
927 if (ifp->if_bridge) {
928 KASSERT(bridge_detach_p != NULL,
929 ("bridge_detach_p is NULL"));
930 (*bridge_detach_p)(ifp);
931 }
932
933 bpfdetach(ifp);
934 if_detach(ifp);
935 if (BDG_LOADED)
936 bdgtakeifaces_ptr();
937 }
938
939 SYSCTL_DECL(_net_link);
940 SYSCTL_NODE(_net_link, IFT_ETHER, ether, CTLFLAG_RW, 0, "Ethernet");
941 #if defined(INET) || defined(INET6)
942 SYSCTL_INT(_net_link_ether, OID_AUTO, ipfw, CTLFLAG_RW,
943 ðer_ipfw,0,"Pass ether pkts through firewall");
944 #endif
945
946 #if 0
947 /*
948 * This is for reference. We have a table-driven version
949 * of the little-endian crc32 generator, which is faster
950 * than the double-loop.
951 */
952 uint32_t
953 ether_crc32_le(const uint8_t *buf, size_t len)
954 {
955 size_t i;
956 uint32_t crc;
957 int bit;
958 uint8_t data;
959
960 crc = 0xffffffff; /* initial value */
961
962 for (i = 0; i < len; i++) {
963 for (data = *buf++, bit = 0; bit < 8; bit++, data >>= 1)
964 carry = (crc ^ data) & 1;
965 crc >>= 1;
966 if (carry)
967 crc = (crc ^ ETHER_CRC_POLY_LE);
968 }
969
970 return (crc);
971 }
972 #else
973 uint32_t
974 ether_crc32_le(const uint8_t *buf, size_t len)
975 {
976 static const uint32_t crctab[] = {
977 0x00000000, 0x1db71064, 0x3b6e20c8, 0x26d930ac,
978 0x76dc4190, 0x6b6b51f4, 0x4db26158, 0x5005713c,
979 0xedb88320, 0xf00f9344, 0xd6d6a3e8, 0xcb61b38c,
980 0x9b64c2b0, 0x86d3d2d4, 0xa00ae278, 0xbdbdf21c
981 };
982 size_t i;
983 uint32_t crc;
984
985 crc = 0xffffffff; /* initial value */
986
987 for (i = 0; i < len; i++) {
988 crc ^= buf[i];
989 crc = (crc >> 4) ^ crctab[crc & 0xf];
990 crc = (crc >> 4) ^ crctab[crc & 0xf];
991 }
992
993 return (crc);
994 }
995 #endif
996
997 uint32_t
998 ether_crc32_be(const uint8_t *buf, size_t len)
999 {
1000 size_t i;
1001 uint32_t crc, carry;
1002 int bit;
1003 uint8_t data;
1004
1005 crc = 0xffffffff; /* initial value */
1006
1007 for (i = 0; i < len; i++) {
1008 for (data = *buf++, bit = 0; bit < 8; bit++, data >>= 1) {
1009 carry = ((crc & 0x80000000) ? 1 : 0) ^ (data & 0x01);
1010 crc <<= 1;
1011 if (carry)
1012 crc = (crc ^ ETHER_CRC_POLY_BE) | carry;
1013 }
1014 }
1015
1016 return (crc);
1017 }
1018
1019 int
1020 ether_ioctl(struct ifnet *ifp, int command, caddr_t data)
1021 {
1022 struct ifaddr *ifa = (struct ifaddr *) data;
1023 struct ifreq *ifr = (struct ifreq *) data;
1024 int error = 0;
1025
1026 switch (command) {
1027 case SIOCSIFADDR:
1028 ifp->if_flags |= IFF_UP;
1029
1030 switch (ifa->ifa_addr->sa_family) {
1031 #ifdef INET
1032 case AF_INET:
1033 ifp->if_init(ifp->if_softc); /* before arpwhohas */
1034 arp_ifinit(ifp, ifa);
1035 break;
1036 #endif
1037 #ifdef IPX
1038 /*
1039 * XXX - This code is probably wrong
1040 */
1041 case AF_IPX:
1042 {
1043 struct ipx_addr *ina = &(IA_SIPX(ifa)->sipx_addr);
1044
1045 if (ipx_nullhost(*ina))
1046 ina->x_host =
1047 *(union ipx_host *)
1048 IFP2ENADDR(ifp);
1049 else {
1050 bcopy((caddr_t) ina->x_host.c_host,
1051 (caddr_t) IFP2ENADDR(ifp),
1052 ETHER_ADDR_LEN);
1053 }
1054
1055 /*
1056 * Set new address
1057 */
1058 ifp->if_init(ifp->if_softc);
1059 break;
1060 }
1061 #endif
1062 default:
1063 ifp->if_init(ifp->if_softc);
1064 break;
1065 }
1066 break;
1067
1068 case SIOCGIFADDR:
1069 {
1070 struct sockaddr *sa;
1071
1072 sa = (struct sockaddr *) & ifr->ifr_data;
1073 bcopy(IFP2ENADDR(ifp),
1074 (caddr_t) sa->sa_data, ETHER_ADDR_LEN);
1075 }
1076 break;
1077
1078 case SIOCSIFMTU:
1079 /*
1080 * Set the interface MTU.
1081 */
1082 if (ifr->ifr_mtu > ETHERMTU) {
1083 error = EINVAL;
1084 } else {
1085 ifp->if_mtu = ifr->ifr_mtu;
1086 }
1087 break;
1088 default:
1089 error = EINVAL; /* XXX netbsd has ENOTTY??? */
1090 break;
1091 }
1092 return (error);
1093 }
1094
1095 static int
1096 ether_resolvemulti(struct ifnet *ifp, struct sockaddr **llsa,
1097 struct sockaddr *sa)
1098 {
1099 struct sockaddr_dl *sdl;
1100 #ifdef INET
1101 struct sockaddr_in *sin;
1102 #endif
1103 #ifdef INET6
1104 struct sockaddr_in6 *sin6;
1105 #endif
1106 u_char *e_addr;
1107
1108 switch(sa->sa_family) {
1109 case AF_LINK:
1110 /*
1111 * No mapping needed. Just check that it's a valid MC address.
1112 */
1113 sdl = (struct sockaddr_dl *)sa;
1114 e_addr = LLADDR(sdl);
1115 if (!ETHER_IS_MULTICAST(e_addr))
1116 return EADDRNOTAVAIL;
1117 *llsa = 0;
1118 return 0;
1119
1120 #ifdef INET
1121 case AF_INET:
1122 sin = (struct sockaddr_in *)sa;
1123 if (!IN_MULTICAST(ntohl(sin->sin_addr.s_addr)))
1124 return EADDRNOTAVAIL;
1125 MALLOC(sdl, struct sockaddr_dl *, sizeof *sdl, M_IFMADDR,
1126 M_NOWAIT|M_ZERO);
1127 if (sdl == NULL)
1128 return ENOMEM;
1129 sdl->sdl_len = sizeof *sdl;
1130 sdl->sdl_family = AF_LINK;
1131 sdl->sdl_index = ifp->if_index;
1132 sdl->sdl_type = IFT_ETHER;
1133 sdl->sdl_alen = ETHER_ADDR_LEN;
1134 e_addr = LLADDR(sdl);
1135 ETHER_MAP_IP_MULTICAST(&sin->sin_addr, e_addr);
1136 *llsa = (struct sockaddr *)sdl;
1137 return 0;
1138 #endif
1139 #ifdef INET6
1140 case AF_INET6:
1141 sin6 = (struct sockaddr_in6 *)sa;
1142 if (IN6_IS_ADDR_UNSPECIFIED(&sin6->sin6_addr)) {
1143 /*
1144 * An IP6 address of 0 means listen to all
1145 * of the Ethernet multicast address used for IP6.
1146 * (This is used for multicast routers.)
1147 */
1148 ifp->if_flags |= IFF_ALLMULTI;
1149 *llsa = 0;
1150 return 0;
1151 }
1152 if (!IN6_IS_ADDR_MULTICAST(&sin6->sin6_addr))
1153 return EADDRNOTAVAIL;
1154 MALLOC(sdl, struct sockaddr_dl *, sizeof *sdl, M_IFMADDR,
1155 M_NOWAIT|M_ZERO);
1156 if (sdl == NULL)
1157 return (ENOMEM);
1158 sdl->sdl_len = sizeof *sdl;
1159 sdl->sdl_family = AF_LINK;
1160 sdl->sdl_index = ifp->if_index;
1161 sdl->sdl_type = IFT_ETHER;
1162 sdl->sdl_alen = ETHER_ADDR_LEN;
1163 e_addr = LLADDR(sdl);
1164 ETHER_MAP_IPV6_MULTICAST(&sin6->sin6_addr, e_addr);
1165 *llsa = (struct sockaddr *)sdl;
1166 return 0;
1167 #endif
1168
1169 default:
1170 /*
1171 * Well, the text isn't quite right, but it's the name
1172 * that counts...
1173 */
1174 return EAFNOSUPPORT;
1175 }
1176 }
1177
1178 static void*
1179 ether_alloc(u_char type, struct ifnet *ifp)
1180 {
1181 struct arpcom *ac;
1182
1183 ac = malloc(sizeof(struct arpcom), M_ARPCOM, M_WAITOK | M_ZERO);
1184 ac->ac_ifp = ifp;
1185
1186 return (ac);
1187 }
1188
1189 static void
1190 ether_free(void *com, u_char type)
1191 {
1192
1193 free(com, M_ARPCOM);
1194 }
1195
1196 static int
1197 ether_modevent(module_t mod, int type, void *data)
1198 {
1199
1200 switch (type) {
1201 case MOD_LOAD:
1202 if_register_com_alloc(IFT_ETHER, ether_alloc, ether_free);
1203 break;
1204 case MOD_UNLOAD:
1205 if_deregister_com_alloc(IFT_ETHER);
1206 break;
1207 default:
1208 return EOPNOTSUPP;
1209 }
1210
1211 return (0);
1212 }
1213
1214 static moduledata_t ether_mod = {
1215 "ether",
1216 ether_modevent,
1217 0
1218 };
1219
1220 DECLARE_MODULE(ether, ether_mod, SI_SUB_INIT_IF, SI_ORDER_ANY);
1221 MODULE_VERSION(ether, 1);
Cache object: 2553ad47547bda81692f79332cc53782
|