Context Navigation

source: rtems-libbsd/freebsd/sys/net/if_bridge.c @ 66659ff

4.1155-freebsd-126-freebsd-12freebsd-9.3

Last change on this file since 66659ff was 66659ff, checked in by Sebastian Huber <sebastian.huber@…>, on 11/06/13 at 15:20:21
Update to FreeBSD 9.2
Property mode set to `100644`
File size: 86.2 KB

Line
1	#include <machine/rtems-bsd-kernel-space.h>
2
3	/* $NetBSD: if_bridge.c,v 1.31 2005/06/01 19:45:34 jdc Exp $ */
4
5	/*
6	* Copyright 2001 Wasabi Systems, Inc.
7	* All rights reserved.
8	*
9	* Written by Jason R. Thorpe for Wasabi Systems, Inc.
10	*
11	* Redistribution and use in source and binary forms, with or without
12	* modification, are permitted provided that the following conditions
13	* are met:
14	* 1. Redistributions of source code must retain the above copyright
15	* notice, this list of conditions and the following disclaimer.
16	* 2. Redistributions in binary form must reproduce the above copyright
17	* notice, this list of conditions and the following disclaimer in the
18	* documentation and/or other materials provided with the distribution.
19	* 3. All advertising materials mentioning features or use of this software
20	* must display the following acknowledgement:
21	* This product includes software developed for the NetBSD Project by
22	* Wasabi Systems, Inc.
23	* 4. The name of Wasabi Systems, Inc. may not be used to endorse
24	* or promote products derived from this software without specific prior
25	* written permission.
26	*
27	* THIS SOFTWARE IS PROVIDED BY WASABI SYSTEMS, INC. ``AS IS'' AND
28	* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
29	* TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
30	* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL WASABI SYSTEMS, INC
31	* BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
32	* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
33	* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
34	* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
35	* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
36	* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
37	* POSSIBILITY OF SUCH DAMAGE.
38	*/
39
40	/*
41	* Copyright (c) 1999, 2000 Jason L. Wright (jason@thought.net)
42	* All rights reserved.
43	*
44	* Redistribution and use in source and binary forms, with or without
45	* modification, are permitted provided that the following conditions
46	* are met:
47	* 1. Redistributions of source code must retain the above copyright
48	* notice, this list of conditions and the following disclaimer.
49	* 2. Redistributions in binary form must reproduce the above copyright
50	* notice, this list of conditions and the following disclaimer in the
51	* documentation and/or other materials provided with the distribution.
52	*
53	* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
54	* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
55	* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
56	* DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
57	* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
58	* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
59	* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
60	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
61	* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
62	* ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
63	* POSSIBILITY OF SUCH DAMAGE.
64	*
65	* OpenBSD: if_bridge.c,v 1.60 2001/06/15 03:38:33 itojun Exp
66	*/
67
68	/*
69	* Network interface bridge support.
70	*
71	* TODO:
72	*
73	* - Currently only supports Ethernet-like interfaces (Ethernet,
74	* 802.11, VLANs on Ethernet, etc.) Figure out a nice way
75	* to bridge other types of interfaces (FDDI-FDDI, and maybe
76	* consider heterogenous bridges).
77	*/
78
79	#include <sys/cdefs.h>
80	__FBSDID("$FreeBSD$");
81
82	#include <rtems/bsd/local/opt_inet.h>
83	#include <rtems/bsd/local/opt_inet6.h>
84
85	#include <rtems/bsd/sys/param.h>
86	#include <sys/mbuf.h>
87	#include <sys/malloc.h>
88	#include <sys/protosw.h>
89	#include <sys/systm.h>
90	#include <sys/jail.h>
91	#include <rtems/bsd/sys/time.h>
92	#include <sys/socket.h> /* for net/if.h */
93	#include <sys/sockio.h>
94	#include <sys/ctype.h> /* string functions */
95	#include <sys/kernel.h>
96	#include <sys/random.h>
97	#include <sys/syslog.h>
98	#include <sys/sysctl.h>
99	#include <vm/uma.h>
100	#include <sys/module.h>
101	#include <sys/priv.h>
102	#include <sys/proc.h>
103	#include <rtems/bsd/sys/lock.h>
104	#include <sys/mutex.h>
105	#include <sys/rwlock.h>
106
107	#include <net/bpf.h>
108	#include <net/if.h>
109	#include <net/if_clone.h>
110	#include <net/if_dl.h>
111	#include <net/if_types.h>
112	#include <net/if_var.h>
113	#include <net/pfil.h>
114	#include <net/vnet.h>
115
116	#include <netinet/in.h> /* for struct arpcom */
117	#include <netinet/in_systm.h>
118	#include <netinet/in_var.h>
119	#include <netinet/ip.h>
120	#include <netinet/ip_var.h>
121	#ifdef INET6
122	#include <netinet/ip6.h>
123	#include <netinet6/ip6_var.h>
124	#include <netinet6/in6_ifattach.h>
125	#endif
126	#if defined(INET) \|\| defined(INET6)
127	#include <netinet/ip_carp.h>
128	#endif
129	#include <machine/in_cksum.h>
130	#include <netinet/if_ether.h> /* for struct arpcom */
131	#include <net/bridgestp.h>
132	#include <net/if_bridgevar.h>
133	#include <net/if_llc.h>
134	#include <net/if_vlan_var.h>
135
136	#include <net/route.h>
137	#include <netinet/ip_fw.h>
138	#include <netpfil/ipfw/ip_fw_private.h>
139
140	/*
141	* Size of the route hash table. Must be a power of two.
142	*/
143	#ifndef BRIDGE_RTHASH_SIZE
144	#define BRIDGE_RTHASH_SIZE 1024
145	#endif
146
147	#define BRIDGE_RTHASH_MASK (BRIDGE_RTHASH_SIZE - 1)
148
149	/*
150	* Default maximum number of addresses to cache.
151	*/
152	#ifndef BRIDGE_RTABLE_MAX
153	#define BRIDGE_RTABLE_MAX 2000
154	#endif
155
156	/*
157	* Timeout (in seconds) for entries learned dynamically.
158	*/
159	#ifndef BRIDGE_RTABLE_TIMEOUT
160	#define BRIDGE_RTABLE_TIMEOUT (20 * 60) /* same as ARP */
161	#endif
162
163	/*
164	* Number of seconds between walks of the route list.
165	*/
166	#ifndef BRIDGE_RTABLE_PRUNE_PERIOD
167	#define BRIDGE_RTABLE_PRUNE_PERIOD (5 * 60)
168	#endif
169
170	/*
171	* List of capabilities to possibly mask on the member interface.
172	*/
173	#define BRIDGE_IFCAPS_MASK (IFCAP_TOE\|IFCAP_TSO\|IFCAP_TXCSUM)
174
175	/*
176	* List of capabilities to strip
177	*/
178	#define BRIDGE_IFCAPS_STRIP IFCAP_LRO
179
180	/*
181	* Bridge interface list entry.
182	*/
183	struct bridge_iflist {
184	LIST_ENTRY(bridge_iflist) bif_next;
185	struct ifnet bif_ifp; / member if */
186	struct bstp_port bif_stp; /* STP state */
187	uint32_t bif_flags; /* member if flags */
188	int bif_savedcaps; /* saved capabilities */
189	uint32_t bif_addrmax; /* max # of addresses */
190	uint32_t bif_addrcnt; /* cur. # of addresses */
191	uint32_t bif_addrexceeded;/* # of address violations */
192	};
193
194	/*
195	* Bridge route node.
196	*/
197	struct bridge_rtnode {
198	LIST_ENTRY(bridge_rtnode) brt_hash; /* hash table linkage */
199	LIST_ENTRY(bridge_rtnode) brt_list; /* list linkage */
200	struct bridge_iflist brt_dst; / destination if */
201	unsigned long brt_expire; /* expiration time */
202	uint8_t brt_flags; /* address flags */
203	uint8_t brt_addr[ETHER_ADDR_LEN];
204	uint16_t brt_vlan; /* vlan id */
205	};
206	#define brt_ifp brt_dst->bif_ifp
207
208	/*
209	* Software state for each bridge.
210	*/
211	struct bridge_softc {
212	struct ifnet sc_ifp; / make this an interface */
213	LIST_ENTRY(bridge_softc) sc_list;
214	struct mtx sc_mtx;
215	struct cv sc_cv;
216	uint32_t sc_brtmax; /* max # of addresses */
217	uint32_t sc_brtcnt; /* cur. # of addresses */
218	uint32_t sc_brttimeout; /* rt timeout in seconds */
219	struct callout sc_brcallout; /* bridge callout */
220	uint32_t sc_iflist_ref; /* refcount for sc_iflist */
221	uint32_t sc_iflist_xcnt; /* refcount for sc_iflist */
222	LIST_HEAD(, bridge_iflist) sc_iflist; /* member interface list */
223	LIST_HEAD(, bridge_rtnode) sc_rthash; / our forwarding table */
224	LIST_HEAD(, bridge_rtnode) sc_rtlist; /* list version of above */
225	uint32_t sc_rthash_key; /* key for hash */
226	LIST_HEAD(, bridge_iflist) sc_spanlist; /* span ports list */
227	struct bstp_state sc_stp; /* STP state */
228	uint32_t sc_brtexceeded; /* # of cache drops */
229	struct ifnet sc_ifaddr; / member mac copied from */
230	u_char sc_defaddr[6]; /* Default MAC address */
231	};
232
233	static struct mtx bridge_list_mtx;
234	eventhandler_tag bridge_detach_cookie = NULL;
235
236	int bridge_rtable_prune_period = BRIDGE_RTABLE_PRUNE_PERIOD;
237
238	uma_zone_t bridge_rtnode_zone;
239
240	static int bridge_clone_create(struct if_clone *, int, caddr_t);
241	static void bridge_clone_destroy(struct ifnet *);
242
243	static int bridge_ioctl(struct ifnet *, u_long, caddr_t);
244	static void bridge_mutecaps(struct bridge_softc *);
245	static void bridge_set_ifcap(struct bridge_softc , struct bridge_iflist ,
246	int);
247	static void bridge_ifdetach(void arg __unused, struct ifnet );
248	static void bridge_init(void *);
249	static void bridge_dummynet(struct mbuf , struct ifnet );
250	static void bridge_stop(struct ifnet *, int);
251	static void bridge_start(struct ifnet *);
252	static struct mbuf bridge_input(struct ifnet , struct mbuf *);
253	static int bridge_output(struct ifnet , struct mbuf , struct sockaddr *,
254	struct rtentry *);
255	static void bridge_enqueue(struct bridge_softc , struct ifnet ,
256	struct mbuf *);
257	static void bridge_rtdelete(struct bridge_softc , struct ifnet ifp, int);
258
259	static void bridge_forward(struct bridge_softc , struct bridge_iflist ,
260	struct mbuf *m);
261
262	static void bridge_timer(void *);
263
264	static void bridge_broadcast(struct bridge_softc , struct ifnet ,
265	struct mbuf *, int);
266	static void bridge_span(struct bridge_softc , struct mbuf );
267
268	static int bridge_rtupdate(struct bridge_softc , const uint8_t ,
269	uint16_t, struct bridge_iflist *, int, uint8_t);
270	static struct ifnet bridge_rtlookup(struct bridge_softc , const uint8_t *,
271	uint16_t);
272	static void bridge_rttrim(struct bridge_softc *);
273	static void bridge_rtage(struct bridge_softc *);
274	static void bridge_rtflush(struct bridge_softc *, int);
275	static int bridge_rtdaddr(struct bridge_softc , const uint8_t ,
276	uint16_t);
277
278	static int bridge_rtable_init(struct bridge_softc *);
279	static void bridge_rtable_fini(struct bridge_softc *);
280
281	static int bridge_rtnode_addr_cmp(const uint8_t , const uint8_t );
282	static struct bridge_rtnode bridge_rtnode_lookup(struct bridge_softc ,
283	const uint8_t *, uint16_t);
284	static int bridge_rtnode_insert(struct bridge_softc *,
285	struct bridge_rtnode *);
286	static void bridge_rtnode_destroy(struct bridge_softc *,
287	struct bridge_rtnode *);
288	static void bridge_rtable_expire(struct ifnet *, int);
289	static void bridge_state_change(struct ifnet *, int);
290
291	static struct bridge_iflist bridge_lookup_member(struct bridge_softc ,
292	const char *name);
293	static struct bridge_iflist bridge_lookup_member_if(struct bridge_softc ,
294	struct ifnet *ifp);
295	static void bridge_delete_member(struct bridge_softc *,
296	struct bridge_iflist *, int);
297	static void bridge_delete_span(struct bridge_softc *,
298	struct bridge_iflist *);
299
300	static int bridge_ioctl_add(struct bridge_softc , void );
301	static int bridge_ioctl_del(struct bridge_softc , void );
302	static int bridge_ioctl_gifflags(struct bridge_softc , void );
303	static int bridge_ioctl_sifflags(struct bridge_softc , void );
304	static int bridge_ioctl_scache(struct bridge_softc , void );
305	static int bridge_ioctl_gcache(struct bridge_softc , void );
306	static int bridge_ioctl_gifs(struct bridge_softc , void );
307	static int bridge_ioctl_rts(struct bridge_softc , void );
308	static int bridge_ioctl_saddr(struct bridge_softc , void );
309	static int bridge_ioctl_sto(struct bridge_softc , void );
310	static int bridge_ioctl_gto(struct bridge_softc , void );
311	static int bridge_ioctl_daddr(struct bridge_softc , void );
312	static int bridge_ioctl_flush(struct bridge_softc , void );
313	static int bridge_ioctl_gpri(struct bridge_softc , void );
314	static int bridge_ioctl_spri(struct bridge_softc , void );
315	static int bridge_ioctl_ght(struct bridge_softc , void );
316	static int bridge_ioctl_sht(struct bridge_softc , void );
317	static int bridge_ioctl_gfd(struct bridge_softc , void );
318	static int bridge_ioctl_sfd(struct bridge_softc , void );
319	static int bridge_ioctl_gma(struct bridge_softc , void );
320	static int bridge_ioctl_sma(struct bridge_softc , void );
321	static int bridge_ioctl_sifprio(struct bridge_softc , void );
322	static int bridge_ioctl_sifcost(struct bridge_softc , void );
323	static int bridge_ioctl_sifmaxaddr(struct bridge_softc , void );
324	static int bridge_ioctl_addspan(struct bridge_softc , void );
325	static int bridge_ioctl_delspan(struct bridge_softc , void );
326	static int bridge_ioctl_gbparam(struct bridge_softc , void );
327	static int bridge_ioctl_grte(struct bridge_softc , void );
328	static int bridge_ioctl_gifsstp(struct bridge_softc , void );
329	static int bridge_ioctl_sproto(struct bridge_softc , void );
330	static int bridge_ioctl_stxhc(struct bridge_softc , void );
331	static int bridge_pfil(struct mbuf *, struct ifnet , struct ifnet *,
332	int);
333	static int bridge_ip_checkbasic(struct mbuf **mp);
334	#ifdef INET6
335	static int bridge_ip6_checkbasic(struct mbuf **mp);
336	#endif /* INET6 */
337	static int bridge_fragment(struct ifnet , struct mbuf ,
338	struct ether_header , int, struct llc );
339	static void bridge_linkstate(struct ifnet *ifp);
340	static void bridge_linkcheck(struct bridge_softc *sc);
341
342	extern void (bridge_linkstate_p)(struct ifnet ifp);
343
344	/* The default bridge vlan is 1 (IEEE 802.1Q-2003 Table 9-2) */
345	#define VLANTAGOF(_m) \
346	(_m->m_flags & M_VLANTAG) ? EVL_VLANOFTAG(_m->m_pkthdr.ether_vtag) : 1
347
348	static struct bstp_cb_ops bridge_ops = {
349	.bcb_state = bridge_state_change,
350	.bcb_rtage = bridge_rtable_expire
351	};
352
353	SYSCTL_DECL(_net_link);
354	static SYSCTL_NODE(_net_link, IFT_BRIDGE, bridge, CTLFLAG_RW, 0, "Bridge");
355
356	static int pfil_onlyip = 1; /* only pass IP[46] packets when pfil is enabled */
357	static int pfil_bridge = 1; /* run pfil hooks on the bridge interface */
358	static int pfil_member = 1; /* run pfil hooks on the member interface */
359	static int pfil_ipfw = 0; /* layer2 filter with ipfw */
360	static int pfil_ipfw_arp = 0; /* layer2 filter with ipfw */
361	static int pfil_local_phys = 0; /* run pfil hooks on the physical interface for
362	locally destined packets */
363	static int log_stp = 0; /* log STP state changes */
364	static int bridge_inherit_mac = 0; /* share MAC with first bridge member */
365	TUNABLE_INT("net.link.bridge.pfil_onlyip", &pfil_onlyip);
366	SYSCTL_INT(_net_link_bridge, OID_AUTO, pfil_onlyip, CTLFLAG_RW,
367	&pfil_onlyip, 0, "Only pass IP packets when pfil is enabled");
368	TUNABLE_INT("net.link.bridge.ipfw_arp", &pfil_ipfw_arp);
369	SYSCTL_INT(_net_link_bridge, OID_AUTO, ipfw_arp, CTLFLAG_RW,
370	&pfil_ipfw_arp, 0, "Filter ARP packets through IPFW layer2");
371	TUNABLE_INT("net.link.bridge.pfil_bridge", &pfil_bridge);
372	SYSCTL_INT(_net_link_bridge, OID_AUTO, pfil_bridge, CTLFLAG_RW,
373	&pfil_bridge, 0, "Packet filter on the bridge interface");
374	TUNABLE_INT("net.link.bridge.pfil_member", &pfil_member);
375	SYSCTL_INT(_net_link_bridge, OID_AUTO, pfil_member, CTLFLAG_RW,
376	&pfil_member, 0, "Packet filter on the member interface");
377	TUNABLE_INT("net.link.bridge.pfil_local_phys", &pfil_local_phys);
378	SYSCTL_INT(_net_link_bridge, OID_AUTO, pfil_local_phys, CTLFLAG_RW,
379	&pfil_local_phys, 0,
380	"Packet filter on the physical interface for locally destined packets");
381	TUNABLE_INT("net.link.bridge.log_stp", &log_stp);
382	SYSCTL_INT(_net_link_bridge, OID_AUTO, log_stp, CTLFLAG_RW,
383	&log_stp, 0, "Log STP state changes");
384	TUNABLE_INT("net.link.bridge.inherit_mac", &bridge_inherit_mac);
385	SYSCTL_INT(_net_link_bridge, OID_AUTO, inherit_mac, CTLFLAG_RW,
386	&bridge_inherit_mac, 0,
387	"Inherit MAC address from the first bridge member");
388
389	static VNET_DEFINE(int, allow_llz_overlap) = 0;
390	#define V_allow_llz_overlap VNET(allow_llz_overlap)
391	SYSCTL_VNET_INT(_net_link_bridge, OID_AUTO, allow_llz_overlap, CTLFLAG_RW,
392	&VNET_NAME(allow_llz_overlap), 0, "Allow overlap of link-local scope "
393	"zones of a bridge interface and the member interfaces");
394
395	struct bridge_control {
396	int (bc_func)(struct bridge_softc , void *);
397	int bc_argsize;
398	int bc_flags;
399	};
400
401	#define BC_F_COPYIN 0x01 /* copy arguments in */
402	#define BC_F_COPYOUT 0x02 /* copy arguments out */
403	#define BC_F_SUSER 0x04 /* do super-user check */
404
405	const struct bridge_control bridge_control_table[] = {
406	{ bridge_ioctl_add, sizeof(struct ifbreq),
407	BC_F_COPYIN\|BC_F_SUSER },
408	{ bridge_ioctl_del, sizeof(struct ifbreq),
409	BC_F_COPYIN\|BC_F_SUSER },
410
411	{ bridge_ioctl_gifflags, sizeof(struct ifbreq),
412	BC_F_COPYIN\|BC_F_COPYOUT },
413	{ bridge_ioctl_sifflags, sizeof(struct ifbreq),
414	BC_F_COPYIN\|BC_F_SUSER },
415
416	{ bridge_ioctl_scache, sizeof(struct ifbrparam),
417	BC_F_COPYIN\|BC_F_SUSER },
418	{ bridge_ioctl_gcache, sizeof(struct ifbrparam),
419	BC_F_COPYOUT },
420
421	{ bridge_ioctl_gifs, sizeof(struct ifbifconf),
422	BC_F_COPYIN\|BC_F_COPYOUT },
423	{ bridge_ioctl_rts, sizeof(struct ifbaconf),
424	BC_F_COPYIN\|BC_F_COPYOUT },
425
426	{ bridge_ioctl_saddr, sizeof(struct ifbareq),
427	BC_F_COPYIN\|BC_F_SUSER },
428
429	{ bridge_ioctl_sto, sizeof(struct ifbrparam),
430	BC_F_COPYIN\|BC_F_SUSER },
431	{ bridge_ioctl_gto, sizeof(struct ifbrparam),
432	BC_F_COPYOUT },
433
434	{ bridge_ioctl_daddr, sizeof(struct ifbareq),
435	BC_F_COPYIN\|BC_F_SUSER },
436
437	{ bridge_ioctl_flush, sizeof(struct ifbreq),
438	BC_F_COPYIN\|BC_F_SUSER },
439
440	{ bridge_ioctl_gpri, sizeof(struct ifbrparam),
441	BC_F_COPYOUT },
442	{ bridge_ioctl_spri, sizeof(struct ifbrparam),
443	BC_F_COPYIN\|BC_F_SUSER },
444
445	{ bridge_ioctl_ght, sizeof(struct ifbrparam),
446	BC_F_COPYOUT },
447	{ bridge_ioctl_sht, sizeof(struct ifbrparam),
448	BC_F_COPYIN\|BC_F_SUSER },
449
450	{ bridge_ioctl_gfd, sizeof(struct ifbrparam),
451	BC_F_COPYOUT },
452	{ bridge_ioctl_sfd, sizeof(struct ifbrparam),
453	BC_F_COPYIN\|BC_F_SUSER },
454
455	{ bridge_ioctl_gma, sizeof(struct ifbrparam),
456	BC_F_COPYOUT },
457	{ bridge_ioctl_sma, sizeof(struct ifbrparam),
458	BC_F_COPYIN\|BC_F_SUSER },
459
460	{ bridge_ioctl_sifprio, sizeof(struct ifbreq),
461	BC_F_COPYIN\|BC_F_SUSER },
462
463	{ bridge_ioctl_sifcost, sizeof(struct ifbreq),
464	BC_F_COPYIN\|BC_F_SUSER },
465
466	{ bridge_ioctl_addspan, sizeof(struct ifbreq),
467	BC_F_COPYIN\|BC_F_SUSER },
468	{ bridge_ioctl_delspan, sizeof(struct ifbreq),
469	BC_F_COPYIN\|BC_F_SUSER },
470
471	{ bridge_ioctl_gbparam, sizeof(struct ifbropreq),
472	BC_F_COPYOUT },
473
474	{ bridge_ioctl_grte, sizeof(struct ifbrparam),
475	BC_F_COPYOUT },
476
477	{ bridge_ioctl_gifsstp, sizeof(struct ifbpstpconf),
478	BC_F_COPYIN\|BC_F_COPYOUT },
479
480	{ bridge_ioctl_sproto, sizeof(struct ifbrparam),
481	BC_F_COPYIN\|BC_F_SUSER },
482
483	{ bridge_ioctl_stxhc, sizeof(struct ifbrparam),
484	BC_F_COPYIN\|BC_F_SUSER },
485
486	{ bridge_ioctl_sifmaxaddr, sizeof(struct ifbreq),
487	BC_F_COPYIN\|BC_F_SUSER },
488
489	};
490	const int bridge_control_table_size =
491	sizeof(bridge_control_table) / sizeof(bridge_control_table[0]);
492
493	LIST_HEAD(, bridge_softc) bridge_list;
494
495	IFC_SIMPLE_DECLARE(bridge, 0);
496
497	static int
498	bridge_modevent(module_t mod, int type, void *data)
499	{
500
501	switch (type) {
502	case MOD_LOAD:
503	mtx_init(&bridge_list_mtx, "if_bridge list", NULL, MTX_DEF);
504	if_clone_attach(&bridge_cloner);
505	bridge_rtnode_zone = uma_zcreate("bridge_rtnode",
506	sizeof(struct bridge_rtnode), NULL, NULL, NULL, NULL,
507	UMA_ALIGN_PTR, 0);
508	LIST_INIT(&bridge_list);
509	bridge_input_p = bridge_input;
510	bridge_output_p = bridge_output;
511	bridge_dn_p = bridge_dummynet;
512	bridge_linkstate_p = bridge_linkstate;
513	bridge_detach_cookie = EVENTHANDLER_REGISTER(
514	ifnet_departure_event, bridge_ifdetach, NULL,
515	EVENTHANDLER_PRI_ANY);
516	break;
517	case MOD_UNLOAD:
518	EVENTHANDLER_DEREGISTER(ifnet_departure_event,
519	bridge_detach_cookie);
520	if_clone_detach(&bridge_cloner);
521	uma_zdestroy(bridge_rtnode_zone);
522	bridge_input_p = NULL;
523	bridge_output_p = NULL;
524	bridge_dn_p = NULL;
525	bridge_linkstate_p = NULL;
526	mtx_destroy(&bridge_list_mtx);
527	break;
528	default:
529	return (EOPNOTSUPP);
530	}
531	return (0);
532	}
533
534	static moduledata_t bridge_mod = {
535	"if_bridge",
536	bridge_modevent,
537	0
538	};
539
540	DECLARE_MODULE(if_bridge, bridge_mod, SI_SUB_PSEUDO, SI_ORDER_ANY);
541	MODULE_DEPEND(if_bridge, bridgestp, 1, 1, 1);
542
543	/*
544	* handler for net.link.bridge.pfil_ipfw
545	*/
546	static int
547	sysctl_pfil_ipfw(SYSCTL_HANDLER_ARGS)
548	{
549	int enable = pfil_ipfw;
550	int error;
551
552	error = sysctl_handle_int(oidp, &enable, 0, req);
553	enable = (enable) ? 1 : 0;
554
555	if (enable != pfil_ipfw) {
556	pfil_ipfw = enable;
557
558	/*
559	* Disable pfil so that ipfw doesnt run twice, if the user
560	* really wants both then they can re-enable pfil_bridge and/or
561	* pfil_member. Also allow non-ip packets as ipfw can filter by
562	* layer2 type.
563	*/
564	if (pfil_ipfw) {
565	pfil_onlyip = 0;
566	pfil_bridge = 0;
567	pfil_member = 0;
568	}
569	}
570
571	return (error);
572	}
573	SYSCTL_PROC(_net_link_bridge, OID_AUTO, ipfw, CTLTYPE_INT\|CTLFLAG_RW,
574	&pfil_ipfw, 0, &sysctl_pfil_ipfw, "I", "Layer2 filter with IPFW");
575
576	/*
577	* bridge_clone_create:
578	*
579	* Create a new bridge instance.
580	*/
581	static int
582	bridge_clone_create(struct if_clone *ifc, int unit, caddr_t params)
583	{
584	struct bridge_softc sc, sc2;
585	struct ifnet bifp, ifp;
586	int fb, retry;
587	unsigned long hostid;
588
589	sc = malloc(sizeof(*sc), M_DEVBUF, M_WAITOK\|M_ZERO);
590	ifp = sc->sc_ifp = if_alloc(IFT_ETHER);
591	if (ifp == NULL) {
592	free(sc, M_DEVBUF);
593	return (ENOSPC);
594	}
595
596	BRIDGE_LOCK_INIT(sc);
597	sc->sc_brtmax = BRIDGE_RTABLE_MAX;
598	sc->sc_brttimeout = BRIDGE_RTABLE_TIMEOUT;
599
600	/* Initialize our routing table. */
601	bridge_rtable_init(sc);
602
603	callout_init_mtx(&sc->sc_brcallout, &sc->sc_mtx, 0);
604
605	LIST_INIT(&sc->sc_iflist);
606	LIST_INIT(&sc->sc_spanlist);
607
608	ifp->if_softc = sc;
609	if_initname(ifp, ifc->ifc_name, unit);
610	ifp->if_flags = IFF_BROADCAST \| IFF_SIMPLEX \| IFF_MULTICAST;
611	ifp->if_ioctl = bridge_ioctl;
612	ifp->if_start = bridge_start;
613	ifp->if_init = bridge_init;
614	ifp->if_type = IFT_BRIDGE;
615	IFQ_SET_MAXLEN(&ifp->if_snd, ifqmaxlen);
616	ifp->if_snd.ifq_drv_maxlen = ifqmaxlen;
617	IFQ_SET_READY(&ifp->if_snd);
618
619	/*
620	* Generate an ethernet address with a locally administered address.
621	*
622	* Since we are using random ethernet addresses for the bridge, it is
623	* possible that we might have address collisions, so make sure that
624	* this hardware address isn't already in use on another bridge.
625	* The first try uses the hostid and falls back to arc4rand().
626	*/
627	fb = 0;
628	getcredhostid(curthread->td_ucred, &hostid);
629	for (retry = 1; retry != 0;) {
630	if (fb \|\| hostid == 0) {
631	arc4rand(sc->sc_defaddr, ETHER_ADDR_LEN, 1);
632	sc->sc_defaddr[0] &= ~1;/* clear multicast bit */
633	sc->sc_defaddr[0] \|= 2; /* set the LAA bit */
634	} else {
635	sc->sc_defaddr[0] = 0x2;
636	sc->sc_defaddr[1] = (hostid >> 24) & 0xff;
637	sc->sc_defaddr[2] = (hostid >> 16) & 0xff;
638	sc->sc_defaddr[3] = (hostid >> 8 ) & 0xff;
639	sc->sc_defaddr[4] = hostid & 0xff;
640	sc->sc_defaddr[5] = ifp->if_dunit & 0xff;
641	}
642
643	fb = 1;
644	retry = 0;
645	mtx_lock(&bridge_list_mtx);
646	LIST_FOREACH(sc2, &bridge_list, sc_list) {
647	bifp = sc2->sc_ifp;
648	if (memcmp(sc->sc_defaddr,
649	IF_LLADDR(bifp), ETHER_ADDR_LEN) == 0)
650	retry = 1;
651	}
652	mtx_unlock(&bridge_list_mtx);
653	}
654
655	bstp_attach(&sc->sc_stp, &bridge_ops);
656	ether_ifattach(ifp, sc->sc_defaddr);
657	/* Now undo some of the damage... */
658	ifp->if_baudrate = 0;
659	ifp->if_type = IFT_BRIDGE;
660
661	mtx_lock(&bridge_list_mtx);
662	LIST_INSERT_HEAD(&bridge_list, sc, sc_list);
663	mtx_unlock(&bridge_list_mtx);
664
665	return (0);
666	}
667
668	/*
669	* bridge_clone_destroy:
670	*
671	* Destroy a bridge instance.
672	*/
673	static void
674	bridge_clone_destroy(struct ifnet *ifp)
675	{
676	struct bridge_softc *sc = ifp->if_softc;
677	struct bridge_iflist *bif;
678
679	BRIDGE_LOCK(sc);
680
681	bridge_stop(ifp, 1);
682	ifp->if_flags &= ~IFF_UP;
683
684	while ((bif = LIST_FIRST(&sc->sc_iflist)) != NULL)
685	bridge_delete_member(sc, bif, 0);
686
687	while ((bif = LIST_FIRST(&sc->sc_spanlist)) != NULL) {
688	bridge_delete_span(sc, bif);
689	}
690
691	BRIDGE_UNLOCK(sc);
692
693	callout_drain(&sc->sc_brcallout);
694
695	mtx_lock(&bridge_list_mtx);
696	LIST_REMOVE(sc, sc_list);
697	mtx_unlock(&bridge_list_mtx);
698
699	bstp_detach(&sc->sc_stp);
700	ether_ifdetach(ifp);
701	if_free_type(ifp, IFT_ETHER);
702
703	/* Tear down the routing table. */
704	bridge_rtable_fini(sc);
705
706	BRIDGE_LOCK_DESTROY(sc);
707	free(sc, M_DEVBUF);
708	}
709
710	/*
711	* bridge_ioctl:
712	*
713	* Handle a control request from the operator.
714	*/
715	static int
716	bridge_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data)
717	{
718	struct bridge_softc *sc = ifp->if_softc;
719	struct ifreq ifr = (struct ifreq )data;
720	struct bridge_iflist *bif;
721	struct thread *td = curthread;
722	union {
723	struct ifbreq ifbreq;
724	struct ifbifconf ifbifconf;
725	struct ifbareq ifbareq;
726	struct ifbaconf ifbaconf;
727	struct ifbrparam ifbrparam;
728	struct ifbropreq ifbropreq;
729	} args;
730	struct ifdrv ifd = (struct ifdrv ) data;
731	const struct bridge_control *bc;
732	int error = 0;
733
734	switch (cmd) {
735
736	case SIOCADDMULTI:
737	case SIOCDELMULTI:
738	break;
739
740	case SIOCGDRVSPEC:
741	case SIOCSDRVSPEC:
742	if (ifd->ifd_cmd >= bridge_control_table_size) {
743	error = EINVAL;
744	break;
745	}
746	bc = &bridge_control_table[ifd->ifd_cmd];
747
748	if (cmd == SIOCGDRVSPEC &&
749	(bc->bc_flags & BC_F_COPYOUT) == 0) {
750	error = EINVAL;
751	break;
752	}
753	else if (cmd == SIOCSDRVSPEC &&
754	(bc->bc_flags & BC_F_COPYOUT) != 0) {
755	error = EINVAL;
756	break;
757	}
758
759	if (bc->bc_flags & BC_F_SUSER) {
760	error = priv_check(td, PRIV_NET_BRIDGE);
761	if (error)
762	break;
763	}
764
765	if (ifd->ifd_len != bc->bc_argsize \|\|
766	ifd->ifd_len > sizeof(args)) {
767	error = EINVAL;
768	break;
769	}
770
771	bzero(&args, sizeof(args));
772	if (bc->bc_flags & BC_F_COPYIN) {
773	error = copyin(ifd->ifd_data, &args, ifd->ifd_len);
774	if (error)
775	break;
776	}
777
778	BRIDGE_LOCK(sc);
779	error = (*bc->bc_func)(sc, &args);
780	BRIDGE_UNLOCK(sc);
781	if (error)
782	break;
783
784	if (bc->bc_flags & BC_F_COPYOUT)
785	error = copyout(&args, ifd->ifd_data, ifd->ifd_len);
786
787	break;
788
789	case SIOCSIFFLAGS:
790	if (!(ifp->if_flags & IFF_UP) &&
791	(ifp->if_drv_flags & IFF_DRV_RUNNING)) {
792	/*
793	* If interface is marked down and it is running,
794	* then stop and disable it.
795	*/
796	BRIDGE_LOCK(sc);
797	bridge_stop(ifp, 1);
798	BRIDGE_UNLOCK(sc);
799	} else if ((ifp->if_flags & IFF_UP) &&
800	!(ifp->if_drv_flags & IFF_DRV_RUNNING)) {
801	/*
802	* If interface is marked up and it is stopped, then
803	* start it.
804	*/
805	(*ifp->if_init)(sc);
806	}
807	break;
808
809	case SIOCSIFMTU:
810	if (ifr->ifr_mtu < 576) {
811	error = EINVAL;
812	break;
813	}
814	if (LIST_EMPTY(&sc->sc_iflist)) {
815	sc->sc_ifp->if_mtu = ifr->ifr_mtu;
816	break;
817	}
818	BRIDGE_LOCK(sc);
819	LIST_FOREACH(bif, &sc->sc_iflist, bif_next) {
820	if (bif->bif_ifp->if_mtu != ifr->ifr_mtu) {
821	log(LOG_NOTICE, "%s: invalid MTU: %lu(%s)"
822	" != %d\n", sc->sc_ifp->if_xname,
823	bif->bif_ifp->if_mtu,
824	bif->bif_ifp->if_xname, ifr->ifr_mtu);
825	error = EINVAL;
826	break;
827	}
828	}
829	if (!error)
830	sc->sc_ifp->if_mtu = ifr->ifr_mtu;
831	BRIDGE_UNLOCK(sc);
832	break;
833	default:
834	/*
835	* drop the lock as ether_ioctl() will call bridge_start() and
836	* cause the lock to be recursed.
837	*/
838	error = ether_ioctl(ifp, cmd, data);
839	break;
840	}
841
842	return (error);
843	}
844
845	/*
846	* bridge_mutecaps:
847	*
848	* Clear or restore unwanted capabilities on the member interface
849	*/
850	static void
851	bridge_mutecaps(struct bridge_softc *sc)
852	{
853	struct bridge_iflist *bif;
854	int enabled, mask;
855
856	/* Initial bitmask of capabilities to test */
857	mask = BRIDGE_IFCAPS_MASK;
858
859	LIST_FOREACH(bif, &sc->sc_iflist, bif_next) {
860	/* Every member must support it or its disabled */
861	mask &= bif->bif_savedcaps;
862	}
863
864	LIST_FOREACH(bif, &sc->sc_iflist, bif_next) {
865	enabled = bif->bif_ifp->if_capenable;
866	enabled &= ~BRIDGE_IFCAPS_STRIP;
867	/* strip off mask bits and enable them again if allowed */
868	enabled &= ~BRIDGE_IFCAPS_MASK;
869	enabled \|= mask;
870	bridge_set_ifcap(sc, bif, enabled);
871	}
872
873	}
874
875	static void
876	bridge_set_ifcap(struct bridge_softc sc, struct bridge_iflist bif, int set)
877	{
878	struct ifnet *ifp = bif->bif_ifp;
879	struct ifreq ifr;
880	int error;
881
882	bzero(&ifr, sizeof(ifr));
883	ifr.ifr_reqcap = set;
884
885	if (ifp->if_capenable != set) {
886	error = (*ifp->if_ioctl)(ifp, SIOCSIFCAP, (caddr_t)&ifr);
887	if (error)
888	if_printf(sc->sc_ifp,
889	"error setting interface capabilities on %s\n",
890	ifp->if_xname);
891	}
892	}
893
894	/*
895	* bridge_lookup_member:
896	*
897	* Lookup a bridge member interface.
898	*/
899	static struct bridge_iflist *
900	bridge_lookup_member(struct bridge_softc sc, const char name)
901	{
902	struct bridge_iflist *bif;
903	struct ifnet *ifp;
904
905	BRIDGE_LOCK_ASSERT(sc);
906
907	LIST_FOREACH(bif, &sc->sc_iflist, bif_next) {
908	ifp = bif->bif_ifp;
909	if (strcmp(ifp->if_xname, name) == 0)
910	return (bif);
911	}
912
913	return (NULL);
914	}
915
916	/*
917	* bridge_lookup_member_if:
918	*
919	* Lookup a bridge member interface by ifnet*.
920	*/
921	static struct bridge_iflist *
922	bridge_lookup_member_if(struct bridge_softc sc, struct ifnet member_ifp)
923	{
924	struct bridge_iflist *bif;
925
926	BRIDGE_LOCK_ASSERT(sc);
927
928	LIST_FOREACH(bif, &sc->sc_iflist, bif_next) {
929	if (bif->bif_ifp == member_ifp)
930	return (bif);
931	}
932
933	return (NULL);
934	}
935
936	/*
937	* bridge_delete_member:
938	*
939	* Delete the specified member interface.
940	*/
941	static void
942	bridge_delete_member(struct bridge_softc sc, struct bridge_iflist bif,
943	int gone)
944	{
945	struct ifnet *ifs = bif->bif_ifp;
946	struct ifnet *fif = NULL;
947
948	BRIDGE_LOCK_ASSERT(sc);
949
950	if (bif->bif_flags & IFBIF_STP)
951	bstp_disable(&bif->bif_stp);
952
953	ifs->if_bridge = NULL;
954	BRIDGE_XLOCK(sc);
955	LIST_REMOVE(bif, bif_next);
956	BRIDGE_XDROP(sc);
957
958	/*
959	* If removing the interface that gave the bridge its mac address, set
960	* the mac address of the bridge to the address of the next member, or
961	* to its default address if no members are left.
962	*/
963	if (bridge_inherit_mac && sc->sc_ifaddr == ifs) {
964	if (LIST_EMPTY(&sc->sc_iflist)) {
965	bcopy(sc->sc_defaddr,
966	IF_LLADDR(sc->sc_ifp), ETHER_ADDR_LEN);
967	sc->sc_ifaddr = NULL;
968	} else {
969	fif = LIST_FIRST(&sc->sc_iflist)->bif_ifp;
970	bcopy(IF_LLADDR(fif),
971	IF_LLADDR(sc->sc_ifp), ETHER_ADDR_LEN);
972	sc->sc_ifaddr = fif;
973	}
974	EVENTHANDLER_INVOKE(iflladdr_event, sc->sc_ifp);
975	}
976
977	bridge_linkcheck(sc);
978	bridge_mutecaps(sc); /* recalcuate now this interface is removed */
979	bridge_rtdelete(sc, ifs, IFBF_FLUSHALL);
980	KASSERT(bif->bif_addrcnt == 0,
981	("%s: %d bridge routes referenced", __func__, bif->bif_addrcnt));
982
983	BRIDGE_UNLOCK(sc);
984	if (!gone) {
985	switch (ifs->if_type) {
986	case IFT_ETHER:
987	case IFT_L2VLAN:
988	/*
989	* Take the interface out of promiscuous mode.
990	*/
991	(void) ifpromisc(ifs, 0);
992	break;
993
994	case IFT_GIF:
995	break;
996
997	default:
998	#ifdef DIAGNOSTIC
999	panic("bridge_delete_member: impossible");
1000	#endif
1001	break;
1002	}
1003	/* reneable any interface capabilities */
1004	bridge_set_ifcap(sc, bif, bif->bif_savedcaps);
1005	}
1006	bstp_destroy(&bif->bif_stp); /* prepare to free */
1007	BRIDGE_LOCK(sc);
1008	free(bif, M_DEVBUF);
1009	}
1010
1011	/*
1012	* bridge_delete_span:
1013	*
1014	* Delete the specified span interface.
1015	*/
1016	static void
1017	bridge_delete_span(struct bridge_softc sc, struct bridge_iflist bif)
1018	{
1019	BRIDGE_LOCK_ASSERT(sc);
1020
1021	KASSERT(bif->bif_ifp->if_bridge == NULL,
1022	("%s: not a span interface", __func__));
1023
1024	LIST_REMOVE(bif, bif_next);
1025	free(bif, M_DEVBUF);
1026	}
1027
1028	static int
1029	bridge_ioctl_add(struct bridge_softc sc, void arg)
1030	{
1031	struct ifbreq *req = arg;
1032	struct bridge_iflist *bif = NULL;
1033	struct ifnet *ifs;
1034	int error = 0;
1035
1036	ifs = ifunit(req->ifbr_ifsname);
1037	if (ifs == NULL)
1038	return (ENOENT);
1039	if (ifs->if_ioctl == NULL) /* must be supported */
1040	return (EINVAL);
1041
1042	/* If it's in the span list, it can't be a member. */
1043	LIST_FOREACH(bif, &sc->sc_spanlist, bif_next)
1044	if (ifs == bif->bif_ifp)
1045	return (EBUSY);
1046
1047	if (ifs->if_bridge == sc)
1048	return (EEXIST);
1049
1050	if (ifs->if_bridge != NULL)
1051	return (EBUSY);
1052
1053	switch (ifs->if_type) {
1054	case IFT_ETHER:
1055	case IFT_L2VLAN:
1056	case IFT_GIF:
1057	/* permitted interface types */
1058	break;
1059	default:
1060	return (EINVAL);
1061	}
1062
1063	#ifdef INET6
1064	/*
1065	* Two valid inet6 addresses with link-local scope must not be
1066	* on the parent interface and the member interfaces at the
1067	* same time. This restriction is needed to prevent violation
1068	* of link-local scope zone. Attempts to add a member
1069	* interface which has inet6 addresses when the parent has
1070	* inet6 triggers removal of all inet6 addresses on the member
1071	* interface.
1072	*/
1073
1074	/* Check if the parent interface has a link-local scope addr. */
1075	if (V_allow_llz_overlap == 0 &&
1076	in6ifa_llaonifp(sc->sc_ifp) != NULL) {
1077	/*
1078	* If any, remove all inet6 addresses from the member
1079	* interfaces.
1080	*/
1081	BRIDGE_XLOCK(sc);
1082	LIST_FOREACH(bif, &sc->sc_iflist, bif_next) {
1083	if (in6ifa_llaonifp(bif->bif_ifp)) {
1084	BRIDGE_UNLOCK(sc);
1085	in6_ifdetach(bif->bif_ifp);
1086	BRIDGE_LOCK(sc);
1087	if_printf(sc->sc_ifp,
1088	"IPv6 addresses on %s have been removed "
1089	"before adding it as a member to prevent "
1090	"IPv6 address scope violation.\n",
1091	bif->bif_ifp->if_xname);
1092	}
1093	}
1094	BRIDGE_XDROP(sc);
1095	if (in6ifa_llaonifp(ifs)) {
1096	BRIDGE_UNLOCK(sc);
1097	in6_ifdetach(ifs);
1098	BRIDGE_LOCK(sc);
1099	if_printf(sc->sc_ifp,
1100	"IPv6 addresses on %s have been removed "
1101	"before adding it as a member to prevent "
1102	"IPv6 address scope violation.\n",
1103	ifs->if_xname);
1104	}
1105	}
1106	#endif
1107	/* Allow the first Ethernet member to define the MTU */
1108	if (LIST_EMPTY(&sc->sc_iflist))
1109	sc->sc_ifp->if_mtu = ifs->if_mtu;
1110	else if (sc->sc_ifp->if_mtu != ifs->if_mtu) {
1111	if_printf(sc->sc_ifp, "invalid MTU: %lu(%s) != %lu\n",
1112	ifs->if_mtu, ifs->if_xname, sc->sc_ifp->if_mtu);
1113	return (EINVAL);
1114	}
1115
1116	bif = malloc(sizeof(*bif), M_DEVBUF, M_NOWAIT\|M_ZERO);
1117	if (bif == NULL)
1118	return (ENOMEM);
1119
1120	bif->bif_ifp = ifs;
1121	bif->bif_flags = IFBIF_LEARNING \| IFBIF_DISCOVER;
1122	bif->bif_savedcaps = ifs->if_capenable;
1123
1124	/*
1125	* Assign the interface's MAC address to the bridge if it's the first
1126	* member and the MAC address of the bridge has not been changed from
1127	* the default randomly generated one.
1128	*/
1129	if (bridge_inherit_mac && LIST_EMPTY(&sc->sc_iflist) &&
1130	!memcmp(IF_LLADDR(sc->sc_ifp), sc->sc_defaddr, ETHER_ADDR_LEN)) {
1131	bcopy(IF_LLADDR(ifs), IF_LLADDR(sc->sc_ifp), ETHER_ADDR_LEN);
1132	sc->sc_ifaddr = ifs;
1133	EVENTHANDLER_INVOKE(iflladdr_event, sc->sc_ifp);
1134	}
1135
1136	ifs->if_bridge = sc;
1137	bstp_create(&sc->sc_stp, &bif->bif_stp, bif->bif_ifp);
1138	/*
1139	* XXX: XLOCK HERE!?!
1140	*
1141	* NOTE: insert_*HEAD* should be safe for the traversals.
1142	*/
1143	LIST_INSERT_HEAD(&sc->sc_iflist, bif, bif_next);
1144
1145	/* Set interface capabilities to the intersection set of all members */
1146	bridge_mutecaps(sc);
1147	bridge_linkcheck(sc);
1148
1149	/* Place the interface into promiscuous mode */
1150	switch (ifs->if_type) {
1151	case IFT_ETHER:
1152	case IFT_L2VLAN:
1153	BRIDGE_UNLOCK(sc);
1154	error = ifpromisc(ifs, 1);
1155	BRIDGE_LOCK(sc);
1156	break;
1157	}
1158
1159	if (error) {
1160	bridge_delete_member(sc, bif, 0);
1161	free(bif, M_DEVBUF);
1162	}
1163	return (error);
1164	}
1165
1166	static int
1167	bridge_ioctl_del(struct bridge_softc sc, void arg)
1168	{
1169	struct ifbreq *req = arg;
1170	struct bridge_iflist *bif;
1171
1172	bif = bridge_lookup_member(sc, req->ifbr_ifsname);
1173	if (bif == NULL)
1174	return (ENOENT);
1175
1176	bridge_delete_member(sc, bif, 0);
1177
1178	return (0);
1179	}
1180
1181	static int
1182	bridge_ioctl_gifflags(struct bridge_softc sc, void arg)
1183	{
1184	struct ifbreq *req = arg;
1185	struct bridge_iflist *bif;
1186	struct bstp_port *bp;
1187
1188	bif = bridge_lookup_member(sc, req->ifbr_ifsname);
1189	if (bif == NULL)
1190	return (ENOENT);
1191
1192	bp = &bif->bif_stp;
1193	req->ifbr_ifsflags = bif->bif_flags;
1194	req->ifbr_state = bp->bp_state;
1195	req->ifbr_priority = bp->bp_priority;
1196	req->ifbr_path_cost = bp->bp_path_cost;
1197	req->ifbr_portno = bif->bif_ifp->if_index & 0xfff;
1198	req->ifbr_proto = bp->bp_protover;
1199	req->ifbr_role = bp->bp_role;
1200	req->ifbr_stpflags = bp->bp_flags;
1201	req->ifbr_addrcnt = bif->bif_addrcnt;
1202	req->ifbr_addrmax = bif->bif_addrmax;
1203	req->ifbr_addrexceeded = bif->bif_addrexceeded;
1204
1205	/* Copy STP state options as flags */
1206	if (bp->bp_operedge)
1207	req->ifbr_ifsflags \|= IFBIF_BSTP_EDGE;
1208	if (bp->bp_flags & BSTP_PORT_AUTOEDGE)
1209	req->ifbr_ifsflags \|= IFBIF_BSTP_AUTOEDGE;
1210	if (bp->bp_ptp_link)
1211	req->ifbr_ifsflags \|= IFBIF_BSTP_PTP;
1212	if (bp->bp_flags & BSTP_PORT_AUTOPTP)
1213	req->ifbr_ifsflags \|= IFBIF_BSTP_AUTOPTP;
1214	if (bp->bp_flags & BSTP_PORT_ADMEDGE)
1215	req->ifbr_ifsflags \|= IFBIF_BSTP_ADMEDGE;
1216	if (bp->bp_flags & BSTP_PORT_ADMCOST)
1217	req->ifbr_ifsflags \|= IFBIF_BSTP_ADMCOST;
1218	return (0);
1219	}
1220
1221	static int
1222	bridge_ioctl_sifflags(struct bridge_softc sc, void arg)
1223	{
1224	struct ifbreq *req = arg;
1225	struct bridge_iflist *bif;
1226	struct bstp_port *bp;
1227	int error;
1228
1229	bif = bridge_lookup_member(sc, req->ifbr_ifsname);
1230	if (bif == NULL)
1231	return (ENOENT);
1232	bp = &bif->bif_stp;
1233
1234	if (req->ifbr_ifsflags & IFBIF_SPAN)
1235	/* SPAN is readonly */
1236	return (EINVAL);
1237
1238	if (req->ifbr_ifsflags & IFBIF_STP) {
1239	if ((bif->bif_flags & IFBIF_STP) == 0) {
1240	error = bstp_enable(&bif->bif_stp);
1241	if (error)
1242	return (error);
1243	}
1244	} else {
1245	if ((bif->bif_flags & IFBIF_STP) != 0)
1246	bstp_disable(&bif->bif_stp);
1247	}
1248
1249	/* Pass on STP flags */
1250	bstp_set_edge(bp, req->ifbr_ifsflags & IFBIF_BSTP_EDGE ? 1 : 0);
1251	bstp_set_autoedge(bp, req->ifbr_ifsflags & IFBIF_BSTP_AUTOEDGE ? 1 : 0);
1252	bstp_set_ptp(bp, req->ifbr_ifsflags & IFBIF_BSTP_PTP ? 1 : 0);
1253	bstp_set_autoptp(bp, req->ifbr_ifsflags & IFBIF_BSTP_AUTOPTP ? 1 : 0);
1254
1255	/* Save the bits relating to the bridge */
1256	bif->bif_flags = req->ifbr_ifsflags & IFBIFMASK;
1257
1258	return (0);
1259	}
1260
1261	static int
1262	bridge_ioctl_scache(struct bridge_softc sc, void arg)
1263	{
1264	struct ifbrparam *param = arg;
1265
1266	sc->sc_brtmax = param->ifbrp_csize;
1267	bridge_rttrim(sc);
1268
1269	return (0);
1270	}
1271
1272	static int
1273	bridge_ioctl_gcache(struct bridge_softc sc, void arg)
1274	{
1275	struct ifbrparam *param = arg;
1276
1277	param->ifbrp_csize = sc->sc_brtmax;
1278
1279	return (0);
1280	}
1281
1282	static int
1283	bridge_ioctl_gifs(struct bridge_softc sc, void arg)
1284	{
1285	struct ifbifconf *bifc = arg;
1286	struct bridge_iflist *bif;
1287	struct ifbreq breq;
1288	char buf, outbuf;
1289	int count, buflen, len, error = 0;
1290
1291	count = 0;
1292	LIST_FOREACH(bif, &sc->sc_iflist, bif_next)
1293	count++;
1294	LIST_FOREACH(bif, &sc->sc_spanlist, bif_next)
1295	count++;
1296
1297	buflen = sizeof(breq) * count;
1298	if (bifc->ifbic_len == 0) {
1299	bifc->ifbic_len = buflen;
1300	return (0);
1301	}
1302	BRIDGE_UNLOCK(sc);
1303	outbuf = malloc(buflen, M_TEMP, M_WAITOK \| M_ZERO);
1304	BRIDGE_LOCK(sc);
1305
1306	count = 0;
1307	buf = outbuf;
1308	len = min(bifc->ifbic_len, buflen);
1309	bzero(&breq, sizeof(breq));
1310	LIST_FOREACH(bif, &sc->sc_iflist, bif_next) {
1311	if (len < sizeof(breq))
1312	break;
1313
1314	strlcpy(breq.ifbr_ifsname, bif->bif_ifp->if_xname,
1315	sizeof(breq.ifbr_ifsname));
1316	/* Fill in the ifbreq structure */
1317	error = bridge_ioctl_gifflags(sc, &breq);
1318	if (error)
1319	break;
1320	memcpy(buf, &breq, sizeof(breq));
1321	count++;
1322	buf += sizeof(breq);
1323	len -= sizeof(breq);
1324	}
1325	LIST_FOREACH(bif, &sc->sc_spanlist, bif_next) {
1326	if (len < sizeof(breq))
1327	break;
1328
1329	strlcpy(breq.ifbr_ifsname, bif->bif_ifp->if_xname,
1330	sizeof(breq.ifbr_ifsname));
1331	breq.ifbr_ifsflags = bif->bif_flags;
1332	breq.ifbr_portno = bif->bif_ifp->if_index & 0xfff;
1333	memcpy(buf, &breq, sizeof(breq));
1334	count++;
1335	buf += sizeof(breq);
1336	len -= sizeof(breq);
1337	}
1338
1339	BRIDGE_UNLOCK(sc);
1340	bifc->ifbic_len = sizeof(breq) * count;
1341	error = copyout(outbuf, bifc->ifbic_req, bifc->ifbic_len);
1342	BRIDGE_LOCK(sc);
1343	free(outbuf, M_TEMP);
1344	return (error);
1345	}
1346
1347	static int
1348	bridge_ioctl_rts(struct bridge_softc sc, void arg)
1349	{
1350	struct ifbaconf *bac = arg;
1351	struct bridge_rtnode *brt;
1352	struct ifbareq bareq;
1353	char buf, outbuf;
1354	int count, buflen, len, error = 0;
1355
1356	if (bac->ifbac_len == 0)
1357	return (0);
1358
1359	count = 0;
1360	LIST_FOREACH(brt, &sc->sc_rtlist, brt_list)
1361	count++;
1362	buflen = sizeof(bareq) * count;
1363
1364	BRIDGE_UNLOCK(sc);
1365	outbuf = malloc(buflen, M_TEMP, M_WAITOK \| M_ZERO);
1366	BRIDGE_LOCK(sc);
1367
1368	count = 0;
1369	buf = outbuf;
1370	len = min(bac->ifbac_len, buflen);
1371	bzero(&bareq, sizeof(bareq));
1372	LIST_FOREACH(brt, &sc->sc_rtlist, brt_list) {
1373	if (len < sizeof(bareq))
1374	goto out;
1375	strlcpy(bareq.ifba_ifsname, brt->brt_ifp->if_xname,
1376	sizeof(bareq.ifba_ifsname));
1377	memcpy(bareq.ifba_dst, brt->brt_addr, sizeof(brt->brt_addr));
1378	bareq.ifba_vlan = brt->brt_vlan;
1379	if ((brt->brt_flags & IFBAF_TYPEMASK) == IFBAF_DYNAMIC &&
1380	time_uptime < brt->brt_expire)
1381	bareq.ifba_expire = brt->brt_expire - time_uptime;
1382	else
1383	bareq.ifba_expire = 0;
1384	bareq.ifba_flags = brt->brt_flags;
1385
1386	memcpy(buf, &bareq, sizeof(bareq));
1387	count++;
1388	buf += sizeof(bareq);
1389	len -= sizeof(bareq);
1390	}
1391	out:
1392	BRIDGE_UNLOCK(sc);
1393	bac->ifbac_len = sizeof(bareq) * count;
1394	error = copyout(outbuf, bac->ifbac_req, bac->ifbac_len);
1395	BRIDGE_LOCK(sc);
1396	free(outbuf, M_TEMP);
1397	return (error);
1398	}
1399
1400	static int
1401	bridge_ioctl_saddr(struct bridge_softc sc, void arg)
1402	{
1403	struct ifbareq *req = arg;
1404	struct bridge_iflist *bif;
1405	int error;
1406
1407	bif = bridge_lookup_member(sc, req->ifba_ifsname);
1408	if (bif == NULL)
1409	return (ENOENT);
1410
1411	error = bridge_rtupdate(sc, req->ifba_dst, req->ifba_vlan, bif, 1,
1412	req->ifba_flags);
1413
1414	return (error);
1415	}
1416
1417	static int
1418	bridge_ioctl_sto(struct bridge_softc sc, void arg)
1419	{
1420	struct ifbrparam *param = arg;
1421
1422	sc->sc_brttimeout = param->ifbrp_ctime;
1423	return (0);
1424	}
1425
1426	static int
1427	bridge_ioctl_gto(struct bridge_softc sc, void arg)
1428	{
1429	struct ifbrparam *param = arg;
1430
1431	param->ifbrp_ctime = sc->sc_brttimeout;
1432	return (0);
1433	}
1434
1435	static int
1436	bridge_ioctl_daddr(struct bridge_softc sc, void arg)
1437	{
1438	struct ifbareq *req = arg;
1439
1440	return (bridge_rtdaddr(sc, req->ifba_dst, req->ifba_vlan));
1441	}
1442
1443	static int
1444	bridge_ioctl_flush(struct bridge_softc sc, void arg)
1445	{
1446	struct ifbreq *req = arg;
1447
1448	bridge_rtflush(sc, req->ifbr_ifsflags);
1449	return (0);
1450	}
1451
1452	static int
1453	bridge_ioctl_gpri(struct bridge_softc sc, void arg)
1454	{
1455	struct ifbrparam *param = arg;
1456	struct bstp_state *bs = &sc->sc_stp;
1457
1458	param->ifbrp_prio = bs->bs_bridge_priority;
1459	return (0);
1460	}
1461
1462	static int
1463	bridge_ioctl_spri(struct bridge_softc sc, void arg)
1464	{
1465	struct ifbrparam *param = arg;
1466
1467	return (bstp_set_priority(&sc->sc_stp, param->ifbrp_prio));
1468	}
1469
1470	static int
1471	bridge_ioctl_ght(struct bridge_softc sc, void arg)
1472	{
1473	struct ifbrparam *param = arg;
1474	struct bstp_state *bs = &sc->sc_stp;
1475
1476	param->ifbrp_hellotime = bs->bs_bridge_htime >> 8;
1477	return (0);
1478	}
1479
1480	static int
1481	bridge_ioctl_sht(struct bridge_softc sc, void arg)
1482	{
1483	struct ifbrparam *param = arg;
1484
1485	return (bstp_set_htime(&sc->sc_stp, param->ifbrp_hellotime));
1486	}
1487
1488	static int
1489	bridge_ioctl_gfd(struct bridge_softc sc, void arg)
1490	{
1491	struct ifbrparam *param = arg;
1492	struct bstp_state *bs = &sc->sc_stp;
1493
1494	param->ifbrp_fwddelay = bs->bs_bridge_fdelay >> 8;
1495	return (0);
1496	}
1497
1498	static int
1499	bridge_ioctl_sfd(struct bridge_softc sc, void arg)
1500	{
1501	struct ifbrparam *param = arg;
1502
1503	return (bstp_set_fdelay(&sc->sc_stp, param->ifbrp_fwddelay));
1504	}
1505
1506	static int
1507	bridge_ioctl_gma(struct bridge_softc sc, void arg)
1508	{
1509	struct ifbrparam *param = arg;
1510	struct bstp_state *bs = &sc->sc_stp;
1511
1512	param->ifbrp_maxage = bs->bs_bridge_max_age >> 8;
1513	return (0);
1514	}
1515
1516	static int
1517	bridge_ioctl_sma(struct bridge_softc sc, void arg)
1518	{
1519	struct ifbrparam *param = arg;
1520
1521	return (bstp_set_maxage(&sc->sc_stp, param->ifbrp_maxage));
1522	}
1523
1524	static int
1525	bridge_ioctl_sifprio(struct bridge_softc sc, void arg)
1526	{
1527	struct ifbreq *req = arg;
1528	struct bridge_iflist *bif;
1529
1530	bif = bridge_lookup_member(sc, req->ifbr_ifsname);
1531	if (bif == NULL)
1532	return (ENOENT);
1533
1534	return (bstp_set_port_priority(&bif->bif_stp, req->ifbr_priority));
1535	}
1536
1537	static int
1538	bridge_ioctl_sifcost(struct bridge_softc sc, void arg)
1539	{
1540	struct ifbreq *req = arg;
1541	struct bridge_iflist *bif;
1542
1543	bif = bridge_lookup_member(sc, req->ifbr_ifsname);
1544	if (bif == NULL)
1545	return (ENOENT);
1546
1547	return (bstp_set_path_cost(&bif->bif_stp, req->ifbr_path_cost));
1548	}
1549
1550	static int
1551	bridge_ioctl_sifmaxaddr(struct bridge_softc sc, void arg)
1552	{
1553	struct ifbreq *req = arg;
1554	struct bridge_iflist *bif;
1555
1556	bif = bridge_lookup_member(sc, req->ifbr_ifsname);
1557	if (bif == NULL)
1558	return (ENOENT);
1559
1560	bif->bif_addrmax = req->ifbr_addrmax;
1561	return (0);
1562	}
1563
1564	static int
1565	bridge_ioctl_addspan(struct bridge_softc sc, void arg)
1566	{
1567	struct ifbreq *req = arg;
1568	struct bridge_iflist *bif = NULL;
1569	struct ifnet *ifs;
1570
1571	ifs = ifunit(req->ifbr_ifsname);
1572	if (ifs == NULL)
1573	return (ENOENT);
1574
1575	LIST_FOREACH(bif, &sc->sc_spanlist, bif_next)
1576	if (ifs == bif->bif_ifp)
1577	return (EBUSY);
1578
1579	if (ifs->if_bridge != NULL)
1580	return (EBUSY);
1581
1582	switch (ifs->if_type) {
1583	case IFT_ETHER:
1584	case IFT_GIF:
1585	case IFT_L2VLAN:
1586	break;
1587	default:
1588	return (EINVAL);
1589	}
1590
1591	bif = malloc(sizeof(*bif), M_DEVBUF, M_NOWAIT\|M_ZERO);
1592	if (bif == NULL)
1593	return (ENOMEM);
1594
1595	bif->bif_ifp = ifs;
1596	bif->bif_flags = IFBIF_SPAN;
1597
1598	LIST_INSERT_HEAD(&sc->sc_spanlist, bif, bif_next);
1599
1600	return (0);
1601	}
1602
1603	static int
1604	bridge_ioctl_delspan(struct bridge_softc sc, void arg)
1605	{
1606	struct ifbreq *req = arg;
1607	struct bridge_iflist *bif;
1608	struct ifnet *ifs;
1609
1610	ifs = ifunit(req->ifbr_ifsname);
1611	if (ifs == NULL)
1612	return (ENOENT);
1613
1614	LIST_FOREACH(bif, &sc->sc_spanlist, bif_next)
1615	if (ifs == bif->bif_ifp)
1616	break;
1617
1618	if (bif == NULL)
1619	return (ENOENT);
1620
1621	bridge_delete_span(sc, bif);
1622
1623	return (0);
1624	}
1625
1626	static int
1627	bridge_ioctl_gbparam(struct bridge_softc sc, void arg)
1628	{
1629	struct ifbropreq *req = arg;
1630	struct bstp_state *bs = &sc->sc_stp;
1631	struct bstp_port *root_port;
1632
1633	req->ifbop_maxage = bs->bs_bridge_max_age >> 8;
1634	req->ifbop_hellotime = bs->bs_bridge_htime >> 8;
1635	req->ifbop_fwddelay = bs->bs_bridge_fdelay >> 8;
1636
1637	root_port = bs->bs_root_port;
1638	if (root_port == NULL)
1639	req->ifbop_root_port = 0;
1640	else
1641	req->ifbop_root_port = root_port->bp_ifp->if_index;
1642
1643	req->ifbop_holdcount = bs->bs_txholdcount;
1644	req->ifbop_priority = bs->bs_bridge_priority;
1645	req->ifbop_protocol = bs->bs_protover;
1646	req->ifbop_root_path_cost = bs->bs_root_pv.pv_cost;
1647	req->ifbop_bridgeid = bs->bs_bridge_pv.pv_dbridge_id;
1648	req->ifbop_designated_root = bs->bs_root_pv.pv_root_id;
1649	req->ifbop_designated_bridge = bs->bs_root_pv.pv_dbridge_id;
1650	req->ifbop_last_tc_time.tv_sec = bs->bs_last_tc_time.tv_sec;
1651	req->ifbop_last_tc_time.tv_usec = bs->bs_last_tc_time.tv_usec;
1652
1653	return (0);
1654	}
1655
1656	static int
1657	bridge_ioctl_grte(struct bridge_softc sc, void arg)
1658	{
1659	struct ifbrparam *param = arg;
1660
1661	param->ifbrp_cexceeded = sc->sc_brtexceeded;
1662	return (0);
1663	}
1664
1665	static int
1666	bridge_ioctl_gifsstp(struct bridge_softc sc, void arg)
1667	{
1668	struct ifbpstpconf *bifstp = arg;
1669	struct bridge_iflist *bif;
1670	struct bstp_port *bp;
1671	struct ifbpstpreq bpreq;
1672	char buf, outbuf;
1673	int count, buflen, len, error = 0;
1674
1675	count = 0;
1676	LIST_FOREACH(bif, &sc->sc_iflist, bif_next) {
1677	if ((bif->bif_flags & IFBIF_STP) != 0)
1678	count++;
1679	}
1680
1681	buflen = sizeof(bpreq) * count;
1682	if (bifstp->ifbpstp_len == 0) {
1683	bifstp->ifbpstp_len = buflen;
1684	return (0);
1685	}
1686
1687	BRIDGE_UNLOCK(sc);
1688	outbuf = malloc(buflen, M_TEMP, M_WAITOK \| M_ZERO);
1689	BRIDGE_LOCK(sc);
1690
1691	count = 0;
1692	buf = outbuf;
1693	len = min(bifstp->ifbpstp_len, buflen);
1694	bzero(&bpreq, sizeof(bpreq));
1695	LIST_FOREACH(bif, &sc->sc_iflist, bif_next) {
1696	if (len < sizeof(bpreq))
1697	break;
1698
1699	if ((bif->bif_flags & IFBIF_STP) == 0)
1700	continue;
1701
1702	bp = &bif->bif_stp;
1703	bpreq.ifbp_portno = bif->bif_ifp->if_index & 0xfff;
1704	bpreq.ifbp_fwd_trans = bp->bp_forward_transitions;
1705	bpreq.ifbp_design_cost = bp->bp_desg_pv.pv_cost;
1706	bpreq.ifbp_design_port = bp->bp_desg_pv.pv_port_id;
1707	bpreq.ifbp_design_bridge = bp->bp_desg_pv.pv_dbridge_id;
1708	bpreq.ifbp_design_root = bp->bp_desg_pv.pv_root_id;
1709
1710	memcpy(buf, &bpreq, sizeof(bpreq));
1711	count++;
1712	buf += sizeof(bpreq);
1713	len -= sizeof(bpreq);
1714	}
1715
1716	BRIDGE_UNLOCK(sc);
1717	bifstp->ifbpstp_len = sizeof(bpreq) * count;
1718	error = copyout(outbuf, bifstp->ifbpstp_req, bifstp->ifbpstp_len);
1719	BRIDGE_LOCK(sc);
1720	free(outbuf, M_TEMP);
1721	return (error);
1722	}
1723
1724	static int
1725	bridge_ioctl_sproto(struct bridge_softc sc, void arg)
1726	{
1727	struct ifbrparam *param = arg;
1728
1729	return (bstp_set_protocol(&sc->sc_stp, param->ifbrp_proto));
1730	}
1731
1732	static int
1733	bridge_ioctl_stxhc(struct bridge_softc sc, void arg)
1734	{
1735	struct ifbrparam *param = arg;
1736
1737	return (bstp_set_holdcount(&sc->sc_stp, param->ifbrp_txhc));
1738	}
1739
1740	/*
1741	* bridge_ifdetach:
1742	*
1743	* Detach an interface from a bridge. Called when a member
1744	* interface is detaching.
1745	*/
1746	static void
1747	bridge_ifdetach(void arg __unused, struct ifnet ifp)
1748	{
1749	struct bridge_softc *sc = ifp->if_bridge;
1750	struct bridge_iflist *bif;
1751
1752	if (ifp->if_flags & IFF_RENAMING)
1753	return;
1754
1755	/* Check if the interface is a bridge member */
1756	if (sc != NULL) {
1757	BRIDGE_LOCK(sc);
1758
1759	bif = bridge_lookup_member_if(sc, ifp);
1760	if (bif != NULL)
1761	bridge_delete_member(sc, bif, 1);
1762
1763	BRIDGE_UNLOCK(sc);
1764	return;
1765	}
1766
1767	/* Check if the interface is a span port */
1768	mtx_lock(&bridge_list_mtx);
1769	LIST_FOREACH(sc, &bridge_list, sc_list) {
1770	BRIDGE_LOCK(sc);
1771	LIST_FOREACH(bif, &sc->sc_spanlist, bif_next)
1772	if (ifp == bif->bif_ifp) {
1773	bridge_delete_span(sc, bif);
1774	break;
1775	}
1776
1777	BRIDGE_UNLOCK(sc);
1778	}
1779	mtx_unlock(&bridge_list_mtx);
1780	}
1781
1782	/*
1783	* bridge_init:
1784	*
1785	* Initialize a bridge interface.
1786	*/
1787	static void
1788	bridge_init(void *xsc)
1789	{
1790	struct bridge_softc sc = (struct bridge_softc )xsc;
1791	struct ifnet *ifp = sc->sc_ifp;
1792
1793	if (ifp->if_drv_flags & IFF_DRV_RUNNING)
1794	return;
1795
1796	BRIDGE_LOCK(sc);
1797	callout_reset(&sc->sc_brcallout, bridge_rtable_prune_period * hz,
1798	bridge_timer, sc);
1799
1800	ifp->if_drv_flags \|= IFF_DRV_RUNNING;
1801	bstp_init(&sc->sc_stp); /* Initialize Spanning Tree */
1802
1803	BRIDGE_UNLOCK(sc);
1804	}
1805
1806	/*
1807	* bridge_stop:
1808	*
1809	* Stop the bridge interface.
1810	*/
1811	static void
1812	bridge_stop(struct ifnet *ifp, int disable)
1813	{
1814	struct bridge_softc *sc = ifp->if_softc;
1815
1816	BRIDGE_LOCK_ASSERT(sc);
1817
1818	if ((ifp->if_drv_flags & IFF_DRV_RUNNING) == 0)
1819	return;
1820
1821	callout_stop(&sc->sc_brcallout);
1822	bstp_stop(&sc->sc_stp);
1823
1824	bridge_rtflush(sc, IFBF_FLUSHDYN);
1825
1826	ifp->if_drv_flags &= ~IFF_DRV_RUNNING;
1827	}
1828
1829	/*
1830	* bridge_enqueue:
1831	*
1832	* Enqueue a packet on a bridge member interface.
1833	*
1834	*/
1835	static void
1836	bridge_enqueue(struct bridge_softc sc, struct ifnet dst_ifp, struct mbuf *m)
1837	{
1838	int len, err = 0;
1839	short mflags;
1840	struct mbuf *m0;
1841
1842	len = m->m_pkthdr.len;
1843	mflags = m->m_flags;
1844
1845	/* We may be sending a fragment so traverse the mbuf */
1846	for (; m; m = m0) {
1847	m0 = m->m_nextpkt;
1848	m->m_nextpkt = NULL;
1849
1850	/*
1851	* If underlying interface can not do VLAN tag insertion itself
1852	* then attach a packet tag that holds it.
1853	*/
1854	if ((m->m_flags & M_VLANTAG) &&
1855	(dst_ifp->if_capenable & IFCAP_VLAN_HWTAGGING) == 0) {
1856	m = ether_vlanencap(m, m->m_pkthdr.ether_vtag);
1857	if (m == NULL) {
1858	if_printf(dst_ifp,
1859	"unable to prepend VLAN header\n");
1860	dst_ifp->if_oerrors++;
1861	continue;
1862	}
1863	m->m_flags &= ~M_VLANTAG;
1864	}
1865
1866	if ((err = dst_ifp->if_transmit(dst_ifp, m))) {
1867	m_freem(m0);
1868	break;
1869	}
1870	}
1871
1872	if (err == 0) {
1873	sc->sc_ifp->if_opackets++;
1874	sc->sc_ifp->if_obytes += len;
1875	if (mflags & M_MCAST)
1876	sc->sc_ifp->if_omcasts++;
1877	}
1878	}
1879
1880	/*
1881	* bridge_dummynet:
1882	*
1883	* Receive a queued packet from dummynet and pass it on to the output
1884	* interface.
1885	*
1886	* The mbuf has the Ethernet header already attached.
1887	*/
1888	static void
1889	bridge_dummynet(struct mbuf m, struct ifnet ifp)
1890	{
1891	struct bridge_softc *sc;
1892
1893	sc = ifp->if_bridge;
1894
1895	/*
1896	* The packet didnt originate from a member interface. This should only
1897	* ever happen if a member interface is removed while packets are
1898	* queued for it.
1899	*/
1900	if (sc == NULL) {
1901	m_freem(m);
1902	return;
1903	}
1904
1905	if (PFIL_HOOKED(&V_inet_pfil_hook)
1906	#ifdef INET6
1907	\|\| PFIL_HOOKED(&V_inet6_pfil_hook)
1908	#endif
1909	) {
1910	if (bridge_pfil(&m, sc->sc_ifp, ifp, PFIL_OUT) != 0)
1911	return;
1912	if (m == NULL)
1913	return;
1914	}
1915
1916	bridge_enqueue(sc, ifp, m);
1917	}
1918
1919	/*
1920	* bridge_output:
1921	*
1922	* Send output from a bridge member interface. This
1923	* performs the bridging function for locally originated
1924	* packets.
1925	*
1926	* The mbuf has the Ethernet header already attached. We must
1927	* enqueue or free the mbuf before returning.
1928	*/
1929	static int
1930	bridge_output(struct ifnet ifp, struct mbuf m, struct sockaddr *sa,
1931	struct rtentry *rt)
1932	{
1933	struct ether_header *eh;
1934	struct ifnet *dst_if;
1935	struct bridge_softc *sc;
1936	uint16_t vlan;
1937
1938	if (m->m_len < ETHER_HDR_LEN) {
1939	m = m_pullup(m, ETHER_HDR_LEN);
1940	if (m == NULL)
1941	return (0);
1942	}
1943
1944	eh = mtod(m, struct ether_header *);
1945	sc = ifp->if_bridge;
1946	vlan = VLANTAGOF(m);
1947
1948	BRIDGE_LOCK(sc);
1949
1950	/*
1951	* If bridge is down, but the original output interface is up,
1952	* go ahead and send out that interface. Otherwise, the packet
1953	* is dropped below.
1954	*/
1955	if ((sc->sc_ifp->if_drv_flags & IFF_DRV_RUNNING) == 0) {
1956	dst_if = ifp;
1957	goto sendunicast;
1958	}
1959
1960	/*
1961	* If the packet is a multicast, or we don't know a better way to
1962	* get there, send to all interfaces.
1963	*/
1964	if (ETHER_IS_MULTICAST(eh->ether_dhost))
1965	dst_if = NULL;
1966	else
1967	dst_if = bridge_rtlookup(sc, eh->ether_dhost, vlan);
1968	if (dst_if == NULL) {
1969	struct bridge_iflist *bif;
1970	struct mbuf *mc;
1971	int error = 0, used = 0;
1972
1973	bridge_span(sc, m);
1974
1975	BRIDGE_LOCK2REF(sc, error);
1976	if (error) {
1977	m_freem(m);
1978	return (0);
1979	}
1980
1981	LIST_FOREACH(bif, &sc->sc_iflist, bif_next) {
1982	dst_if = bif->bif_ifp;
1983
1984	if (dst_if->if_type == IFT_GIF)
1985	continue;
1986	if ((dst_if->if_drv_flags & IFF_DRV_RUNNING) == 0)
1987	continue;
1988
1989	/*
1990	* If this is not the original output interface,
1991	* and the interface is participating in spanning
1992	* tree, make sure the port is in a state that
1993	* allows forwarding.
1994	*/
1995	if (dst_if != ifp && (bif->bif_flags & IFBIF_STP) &&
1996	bif->bif_stp.bp_state == BSTP_IFSTATE_DISCARDING)
1997	continue;
1998
1999	if (LIST_NEXT(bif, bif_next) == NULL) {
2000	used = 1;
2001	mc = m;
2002	} else {
2003	mc = m_copypacket(m, M_DONTWAIT);
2004	if (mc == NULL) {
2005	sc->sc_ifp->if_oerrors++;
2006	continue;
2007	}
2008	}
2009
2010	bridge_enqueue(sc, dst_if, mc);
2011	}
2012	if (used == 0)
2013	m_freem(m);
2014	BRIDGE_UNREF(sc);
2015	return (0);
2016	}
2017
2018	sendunicast:
2019	/*
2020	* XXX Spanning tree consideration here?
2021	*/
2022
2023	bridge_span(sc, m);
2024	if ((dst_if->if_drv_flags & IFF_DRV_RUNNING) == 0) {
2025	m_freem(m);
2026	BRIDGE_UNLOCK(sc);
2027	return (0);
2028	}
2029
2030	BRIDGE_UNLOCK(sc);
2031	bridge_enqueue(sc, dst_if, m);
2032	return (0);
2033	}
2034
2035	/*
2036	* bridge_start:
2037	*
2038	* Start output on a bridge.
2039	*
2040	*/
2041	static void
2042	bridge_start(struct ifnet *ifp)
2043	{
2044	struct bridge_softc *sc;
2045	struct mbuf *m;
2046	struct ether_header *eh;
2047	struct ifnet *dst_if;
2048
2049	sc = ifp->if_softc;
2050
2051	ifp->if_drv_flags \|= IFF_DRV_OACTIVE;
2052	for (;;) {
2053	IFQ_DEQUEUE(&ifp->if_snd, m);
2054	if (m == 0)
2055	break;
2056	ETHER_BPF_MTAP(ifp, m);
2057
2058	eh = mtod(m, struct ether_header *);
2059	dst_if = NULL;
2060
2061	BRIDGE_LOCK(sc);
2062	if ((m->m_flags & (M_BCAST\|M_MCAST)) == 0) {
2063	dst_if = bridge_rtlookup(sc, eh->ether_dhost, 1);
2064	}
2065
2066	if (dst_if == NULL)
2067	bridge_broadcast(sc, ifp, m, 0);
2068	else {
2069	BRIDGE_UNLOCK(sc);
2070	bridge_enqueue(sc, dst_if, m);
2071	}
2072	}
2073	ifp->if_drv_flags &= ~IFF_DRV_OACTIVE;
2074	}
2075
2076	/*
2077	* bridge_forward:
2078	*
2079	* The forwarding function of the bridge.
2080	*
2081	* NOTE: Releases the lock on return.
2082	*/
2083	static void
2084	bridge_forward(struct bridge_softc sc, struct bridge_iflist sbif,
2085	struct mbuf *m)
2086	{
2087	struct bridge_iflist *dbif;
2088	struct ifnet src_if, dst_if, *ifp;
2089	struct ether_header *eh;
2090	uint16_t vlan;
2091	uint8_t *dst;
2092	int error;
2093
2094	src_if = m->m_pkthdr.rcvif;
2095	ifp = sc->sc_ifp;
2096
2097	ifp->if_ipackets++;
2098	ifp->if_ibytes += m->m_pkthdr.len;
2099	vlan = VLANTAGOF(m);
2100
2101	if ((sbif->bif_flags & IFBIF_STP) &&
2102	sbif->bif_stp.bp_state == BSTP_IFSTATE_DISCARDING)
2103	goto drop;
2104
2105	eh = mtod(m, struct ether_header *);
2106	dst = eh->ether_dhost;
2107
2108	/* If the interface is learning, record the address. */
2109	if (sbif->bif_flags & IFBIF_LEARNING) {
2110	error = bridge_rtupdate(sc, eh->ether_shost, vlan,
2111	sbif, 0, IFBAF_DYNAMIC);
2112	/*
2113	* If the interface has addresses limits then deny any source
2114	* that is not in the cache.
2115	*/
2116	if (error && sbif->bif_addrmax)
2117	goto drop;
2118	}
2119
2120	if ((sbif->bif_flags & IFBIF_STP) != 0 &&
2121	sbif->bif_stp.bp_state == BSTP_IFSTATE_LEARNING)
2122	goto drop;
2123
2124	/*
2125	* At this point, the port either doesn't participate
2126	* in spanning tree or it is in the forwarding state.
2127	*/
2128
2129	/*
2130	* If the packet is unicast, destined for someone on
2131	* "this" side of the bridge, drop it.
2132	*/
2133	if ((m->m_flags & (M_BCAST\|M_MCAST)) == 0) {
2134	dst_if = bridge_rtlookup(sc, dst, vlan);
2135	if (src_if == dst_if)
2136	goto drop;
2137	} else {
2138	/*
2139	* Check if its a reserved multicast address, any address
2140	* listed in 802.1D section 7.12.6 may not be forwarded by the
2141	* bridge.
2142	* This is currently 01-80-C2-00-00-00 to 01-80-C2-00-00-0F
2143	*/
2144	if (dst[0] == 0x01 && dst[1] == 0x80 &&
2145	dst[2] == 0xc2 && dst[3] == 0x00 &&
2146	dst[4] == 0x00 && dst[5] <= 0x0f)
2147	goto drop;
2148
2149	/* ...forward it to all interfaces. */
2150	ifp->if_imcasts++;
2151	dst_if = NULL;
2152	}
2153
2154	/*
2155	* If we have a destination interface which is a member of our bridge,
2156	* OR this is a unicast packet, push it through the bpf(4) machinery.
2157	* For broadcast or multicast packets, don't bother because it will
2158	* be reinjected into ether_input. We do this before we pass the packets
2159	* through the pfil(9) framework, as it is possible that pfil(9) will
2160	* drop the packet, or possibly modify it, making it difficult to debug
2161	* firewall issues on the bridge.
2162	*/
2163	if (dst_if != NULL \|\| (m->m_flags & (M_BCAST \| M_MCAST)) == 0)
2164	ETHER_BPF_MTAP(ifp, m);
2165
2166	/* run the packet filter */
2167	if (PFIL_HOOKED(&V_inet_pfil_hook)
2168	#ifdef INET6
2169	\|\| PFIL_HOOKED(&V_inet6_pfil_hook)
2170	#endif
2171	) {
2172	BRIDGE_UNLOCK(sc);
2173	if (bridge_pfil(&m, ifp, src_if, PFIL_IN) != 0)
2174	return;
2175	if (m == NULL)
2176	return;
2177	BRIDGE_LOCK(sc);
2178	}
2179
2180	if (dst_if == NULL) {
2181	bridge_broadcast(sc, src_if, m, 1);
2182	return;
2183	}
2184
2185	/*
2186	* At this point, we're dealing with a unicast frame
2187	* going to a different interface.
2188	*/
2189	if ((dst_if->if_drv_flags & IFF_DRV_RUNNING) == 0)
2190	goto drop;
2191
2192	dbif = bridge_lookup_member_if(sc, dst_if);
2193	if (dbif == NULL)
2194	/* Not a member of the bridge (anymore?) */
2195	goto drop;
2196
2197	/* Private segments can not talk to each other */
2198	if (sbif->bif_flags & dbif->bif_flags & IFBIF_PRIVATE)
2199	goto drop;
2200
2201	if ((dbif->bif_flags & IFBIF_STP) &&
2202	dbif->bif_stp.bp_state == BSTP_IFSTATE_DISCARDING)
2203	goto drop;
2204
2205	BRIDGE_UNLOCK(sc);
2206
2207	if (PFIL_HOOKED(&V_inet_pfil_hook)
2208	#ifdef INET6
2209	\|\| PFIL_HOOKED(&V_inet6_pfil_hook)
2210	#endif
2211	) {
2212	if (bridge_pfil(&m, ifp, dst_if, PFIL_OUT) != 0)
2213	return;
2214	if (m == NULL)
2215	return;
2216	}
2217
2218	bridge_enqueue(sc, dst_if, m);
2219	return;
2220
2221	drop:
2222	BRIDGE_UNLOCK(sc);
2223	m_freem(m);
2224	}
2225
2226	/*
2227	* bridge_input:
2228	*
2229	* Receive input from a member interface. Queue the packet for
2230	* bridging if it is not for us.
2231	*/
2232	static struct mbuf *
2233	bridge_input(struct ifnet ifp, struct mbuf m)
2234	{
2235	struct bridge_softc *sc = ifp->if_bridge;
2236	struct bridge_iflist bif, bif2;
2237	struct ifnet *bifp;
2238	struct ether_header *eh;
2239	struct mbuf mc, mc2;
2240	uint16_t vlan;
2241	int error;
2242
2243	if ((sc->sc_ifp->if_drv_flags & IFF_DRV_RUNNING) == 0)
2244	return (m);
2245
2246	bifp = sc->sc_ifp;
2247	vlan = VLANTAGOF(m);
2248
2249	/*
2250	* Implement support for bridge monitoring. If this flag has been
2251	* set on this interface, discard the packet once we push it through
2252	* the bpf(4) machinery, but before we do, increment the byte and
2253	* packet counters associated with this interface.
2254	*/
2255	if ((bifp->if_flags & IFF_MONITOR) != 0) {
2256	m->m_pkthdr.rcvif = bifp;
2257	ETHER_BPF_MTAP(bifp, m);
2258	bifp->if_ipackets++;
2259	bifp->if_ibytes += m->m_pkthdr.len;
2260	m_freem(m);
2261	return (NULL);
2262	}
2263	BRIDGE_LOCK(sc);
2264	bif = bridge_lookup_member_if(sc, ifp);
2265	if (bif == NULL) {
2266	BRIDGE_UNLOCK(sc);
2267	return (m);
2268	}
2269
2270	eh = mtod(m, struct ether_header *);
2271
2272	bridge_span(sc, m);
2273
2274	if (m->m_flags & (M_BCAST\|M_MCAST)) {
2275	/* Tap off 802.1D packets; they do not get forwarded. */
2276	if (memcmp(eh->ether_dhost, bstp_etheraddr,
2277	ETHER_ADDR_LEN) == 0) {
2278	bstp_input(&bif->bif_stp, ifp, m); /* consumes mbuf */
2279	BRIDGE_UNLOCK(sc);
2280	return (NULL);
2281	}
2282
2283	if ((bif->bif_flags & IFBIF_STP) &&
2284	bif->bif_stp.bp_state == BSTP_IFSTATE_DISCARDING) {
2285	BRIDGE_UNLOCK(sc);
2286	return (m);
2287	}
2288
2289	/*
2290	* Make a deep copy of the packet and enqueue the copy
2291	* for bridge processing; return the original packet for
2292	* local processing.
2293	*/
2294	mc = m_dup(m, M_DONTWAIT);
2295	if (mc == NULL) {
2296	BRIDGE_UNLOCK(sc);
2297	return (m);
2298	}
2299
2300	/* Perform the bridge forwarding function with the copy. */
2301	bridge_forward(sc, bif, mc);
2302
2303	/*
2304	* Reinject the mbuf as arriving on the bridge so we have a
2305	* chance at claiming multicast packets. We can not loop back
2306	* here from ether_input as a bridge is never a member of a
2307	* bridge.
2308	*/
2309	KASSERT(bifp->if_bridge == NULL,
2310	("loop created in bridge_input"));
2311	mc2 = m_dup(m, M_DONTWAIT);
2312	if (mc2 != NULL) {
2313	/* Keep the layer3 header aligned */
2314	int i = min(mc2->m_pkthdr.len, max_protohdr);
2315	mc2 = m_copyup(mc2, i, ETHER_ALIGN);
2316	}
2317	if (mc2 != NULL) {
2318	mc2->m_pkthdr.rcvif = bifp;
2319	(*bifp->if_input)(bifp, mc2);
2320	}
2321
2322	/* Return the original packet for local processing. */
2323	return (m);
2324	}
2325
2326	if ((bif->bif_flags & IFBIF_STP) &&
2327	bif->bif_stp.bp_state == BSTP_IFSTATE_DISCARDING) {
2328	BRIDGE_UNLOCK(sc);
2329	return (m);
2330	}
2331
2332	#if (defined(INET) \|\| defined(INET6))
2333	# define OR_CARP_CHECK_WE_ARE_DST(iface) \
2334	\|\| ((iface)->if_carp \
2335	&& (*carp_forus_p)((iface), eh->ether_dhost))
2336	# define OR_CARP_CHECK_WE_ARE_SRC(iface) \
2337	\|\| ((iface)->if_carp \
2338	&& (*carp_forus_p)((iface), eh->ether_shost))
2339	#else
2340	# define OR_CARP_CHECK_WE_ARE_DST(iface)
2341	# define OR_CARP_CHECK_WE_ARE_SRC(iface)
2342	#endif
2343
2344	#ifdef INET6
2345	# define OR_PFIL_HOOKED_INET6 \
2346	\|\| PFIL_HOOKED(&V_inet6_pfil_hook)
2347	#else
2348	# define OR_PFIL_HOOKED_INET6
2349	#endif
2350
2351	#define GRAB_OUR_PACKETS(iface) \
2352	if ((iface)->if_type == IFT_GIF) \
2353	continue; \
2354	/* It is destined for us. */ \
2355	if (memcmp(IF_LLADDR((iface)), eh->ether_dhost, ETHER_ADDR_LEN) == 0 \
2356	OR_CARP_CHECK_WE_ARE_DST((iface)) \
2357	) { \
2358	if ((iface)->if_type == IFT_BRIDGE) { \
2359	ETHER_BPF_MTAP(iface, m); \
2360	iface->if_ipackets++; \
2361	/* Filter on the physical interface. */ \
2362	if (pfil_local_phys && \
2363	(PFIL_HOOKED(&V_inet_pfil_hook) \
2364	OR_PFIL_HOOKED_INET6)) { \
2365	if (bridge_pfil(&m, NULL, ifp, \
2366	PFIL_IN) != 0 \|\| m == NULL) { \
2367	BRIDGE_UNLOCK(sc); \
2368	return (NULL); \
2369	} \
2370	eh = mtod(m, struct ether_header *); \
2371	} \
2372	} \
2373	if (bif->bif_flags & IFBIF_LEARNING) { \
2374	error = bridge_rtupdate(sc, eh->ether_shost, \
2375	vlan, bif, 0, IFBAF_DYNAMIC); \
2376	if (error && bif->bif_addrmax) { \
2377	BRIDGE_UNLOCK(sc); \
2378	m_freem(m); \
2379	return (NULL); \
2380	} \
2381	} \
2382	m->m_pkthdr.rcvif = iface; \
2383	BRIDGE_UNLOCK(sc); \
2384	return (m); \
2385	} \
2386	\
2387	/* We just received a packet that we sent out. */ \
2388	if (memcmp(IF_LLADDR((iface)), eh->ether_shost, ETHER_ADDR_LEN) == 0 \
2389	OR_CARP_CHECK_WE_ARE_SRC((iface)) \
2390	) { \
2391	BRIDGE_UNLOCK(sc); \
2392	m_freem(m); \
2393	return (NULL); \
2394	}
2395
2396	/*
2397	* Unicast. Make sure it's not for the bridge.
2398	*/
2399	do { GRAB_OUR_PACKETS(bifp) } while (0);
2400
2401	/*
2402	* Give a chance for ifp at first priority. This will help when the
2403	* packet comes through the interface like VLAN's with the same MACs
2404	* on several interfaces from the same bridge. This also will save
2405	* some CPU cycles in case the destination interface and the input
2406	* interface (eq ifp) are the same.
2407	*/
2408	do { GRAB_OUR_PACKETS(ifp) } while (0);
2409
2410	/* Now check the all bridge members. */
2411	LIST_FOREACH(bif2, &sc->sc_iflist, bif_next) {
2412	GRAB_OUR_PACKETS(bif2->bif_ifp)
2413	}
2414
2415	#undef OR_CARP_CHECK_WE_ARE_DST
2416	#undef OR_CARP_CHECK_WE_ARE_SRC
2417	#undef OR_PFIL_HOOKED_INET6
2418	#undef GRAB_OUR_PACKETS
2419
2420	/* Perform the bridge forwarding function. */
2421	bridge_forward(sc, bif, m);
2422
2423	return (NULL);
2424	}
2425
2426	/*
2427	* bridge_broadcast:
2428	*
2429	* Send a frame to all interfaces that are members of
2430	* the bridge, except for the one on which the packet
2431	* arrived.
2432	*
2433	* NOTE: Releases the lock on return.
2434	*/
2435	static void
2436	bridge_broadcast(struct bridge_softc sc, struct ifnet src_if,
2437	struct mbuf *m, int runfilt)
2438	{
2439	struct bridge_iflist dbif, sbif;
2440	struct mbuf *mc;
2441	struct ifnet *dst_if;
2442	int error = 0, used = 0, i;
2443
2444	sbif = bridge_lookup_member_if(sc, src_if);
2445
2446	BRIDGE_LOCK2REF(sc, error);
2447	if (error) {
2448	m_freem(m);
2449	return;
2450	}
2451
2452	/* Filter on the bridge interface before broadcasting */
2453	if (runfilt && (PFIL_HOOKED(&V_inet_pfil_hook)
2454	#ifdef INET6
2455	\|\| PFIL_HOOKED(&V_inet6_pfil_hook)
2456	#endif
2457	)) {
2458	if (bridge_pfil(&m, sc->sc_ifp, NULL, PFIL_OUT) != 0)
2459	goto out;
2460	if (m == NULL)
2461	goto out;
2462	}
2463
2464	LIST_FOREACH(dbif, &sc->sc_iflist, bif_next) {
2465	dst_if = dbif->bif_ifp;
2466	if (dst_if == src_if)
2467	continue;
2468
2469	/* Private segments can not talk to each other */
2470	if (sbif && (sbif->bif_flags & dbif->bif_flags & IFBIF_PRIVATE))
2471	continue;
2472
2473	if ((dbif->bif_flags & IFBIF_STP) &&
2474	dbif->bif_stp.bp_state == BSTP_IFSTATE_DISCARDING)
2475	continue;
2476
2477	if ((dbif->bif_flags & IFBIF_DISCOVER) == 0 &&
2478	(m->m_flags & (M_BCAST\|M_MCAST)) == 0)
2479	continue;
2480
2481	if ((dst_if->if_drv_flags & IFF_DRV_RUNNING) == 0)
2482	continue;
2483
2484	if (LIST_NEXT(dbif, bif_next) == NULL) {
2485	mc = m;
2486	used = 1;
2487	} else {
2488	mc = m_dup(m, M_DONTWAIT);
2489	if (mc == NULL) {
2490	sc->sc_ifp->if_oerrors++;
2491	continue;
2492	}
2493	}
2494
2495	/*
2496	* Filter on the output interface. Pass a NULL bridge interface
2497	* pointer so we do not redundantly filter on the bridge for
2498	* each interface we broadcast on.
2499	*/
2500	if (runfilt && (PFIL_HOOKED(&V_inet_pfil_hook)
2501	#ifdef INET6
2502	\|\| PFIL_HOOKED(&V_inet6_pfil_hook)
2503	#endif
2504	)) {
2505	if (used == 0) {
2506	/* Keep the layer3 header aligned */
2507	i = min(mc->m_pkthdr.len, max_protohdr);
2508	mc = m_copyup(mc, i, ETHER_ALIGN);
2509	if (mc == NULL) {
2510	sc->sc_ifp->if_oerrors++;
2511	continue;
2512	}
2513	}
2514	if (bridge_pfil(&mc, NULL, dst_if, PFIL_OUT) != 0)
2515	continue;
2516	if (mc == NULL)
2517	continue;
2518	}
2519
2520	bridge_enqueue(sc, dst_if, mc);
2521	}
2522	if (used == 0)
2523	m_freem(m);
2524
2525	out:
2526	BRIDGE_UNREF(sc);
2527	}
2528
2529	/*
2530	* bridge_span:
2531	*
2532	* Duplicate a packet out one or more interfaces that are in span mode,
2533	* the original mbuf is unmodified.
2534	*/
2535	static void
2536	bridge_span(struct bridge_softc sc, struct mbuf m)
2537	{
2538	struct bridge_iflist *bif;
2539	struct ifnet *dst_if;
2540	struct mbuf *mc;
2541
2542	if (LIST_EMPTY(&sc->sc_spanlist))
2543	return;
2544
2545	LIST_FOREACH(bif, &sc->sc_spanlist, bif_next) {
2546	dst_if = bif->bif_ifp;
2547
2548	if ((dst_if->if_drv_flags & IFF_DRV_RUNNING) == 0)
2549	continue;
2550
2551	mc = m_copypacket(m, M_DONTWAIT);
2552	if (mc == NULL) {
2553	sc->sc_ifp->if_oerrors++;
2554	continue;
2555	}
2556
2557	bridge_enqueue(sc, dst_if, mc);
2558	}
2559	}
2560
2561	/*
2562	* bridge_rtupdate:
2563	*
2564	* Add a bridge routing entry.
2565	*/
2566	static int
2567	bridge_rtupdate(struct bridge_softc sc, const uint8_t dst, uint16_t vlan,
2568	struct bridge_iflist *bif, int setflags, uint8_t flags)
2569	{
2570	struct bridge_rtnode *brt;
2571	int error;
2572
2573	BRIDGE_LOCK_ASSERT(sc);
2574
2575	/* Check the source address is valid and not multicast. */
2576	if (ETHER_IS_MULTICAST(dst) \|\|
2577	(dst[0] == 0 && dst[1] == 0 && dst[2] == 0 &&
2578	dst[3] == 0 && dst[4] == 0 && dst[5] == 0) != 0)
2579	return (EINVAL);
2580
2581	/* 802.1p frames map to vlan 1 */
2582	if (vlan == 0)
2583	vlan = 1;
2584
2585	/*
2586	* A route for this destination might already exist. If so,
2587	* update it, otherwise create a new one.
2588	*/
2589	if ((brt = bridge_rtnode_lookup(sc, dst, vlan)) == NULL) {
2590	if (sc->sc_brtcnt >= sc->sc_brtmax) {
2591	sc->sc_brtexceeded++;
2592	return (ENOSPC);
2593	}
2594	/* Check per interface address limits (if enabled) */
2595	if (bif->bif_addrmax && bif->bif_addrcnt >= bif->bif_addrmax) {
2596	bif->bif_addrexceeded++;
2597	return (ENOSPC);
2598	}
2599
2600	/*
2601	* Allocate a new bridge forwarding node, and
2602	* initialize the expiration time and Ethernet
2603	* address.
2604	*/
2605	brt = uma_zalloc(bridge_rtnode_zone, M_NOWAIT \| M_ZERO);
2606	if (brt == NULL)
2607	return (ENOMEM);
2608
2609	if (bif->bif_flags & IFBIF_STICKY)
2610	brt->brt_flags = IFBAF_STICKY;
2611	else
2612	brt->brt_flags = IFBAF_DYNAMIC;
2613
2614	memcpy(brt->brt_addr, dst, ETHER_ADDR_LEN);
2615	brt->brt_vlan = vlan;
2616
2617	if ((error = bridge_rtnode_insert(sc, brt)) != 0) {
2618	uma_zfree(bridge_rtnode_zone, brt);
2619	return (error);
2620	}
2621	brt->brt_dst = bif;
2622	bif->bif_addrcnt++;
2623	}
2624
2625	if ((brt->brt_flags & IFBAF_TYPEMASK) == IFBAF_DYNAMIC &&
2626	brt->brt_dst != bif) {
2627	brt->brt_dst->bif_addrcnt--;
2628	brt->brt_dst = bif;
2629	brt->brt_dst->bif_addrcnt++;
2630	}
2631
2632	if ((flags & IFBAF_TYPEMASK) == IFBAF_DYNAMIC)
2633	brt->brt_expire = time_uptime + sc->sc_brttimeout;
2634	if (setflags)
2635	brt->brt_flags = flags;
2636
2637	return (0);
2638	}
2639
2640	/*
2641	* bridge_rtlookup:
2642	*
2643	* Lookup the destination interface for an address.
2644	*/
2645	static struct ifnet *
2646	bridge_rtlookup(struct bridge_softc sc, const uint8_t addr, uint16_t vlan)
2647	{
2648	struct bridge_rtnode *brt;
2649
2650	BRIDGE_LOCK_ASSERT(sc);
2651
2652	if ((brt = bridge_rtnode_lookup(sc, addr, vlan)) == NULL)
2653	return (NULL);
2654
2655	return (brt->brt_ifp);
2656	}
2657
2658	/*
2659	* bridge_rttrim:
2660	*
2661	* Trim the routine table so that we have a number
2662	* of routing entries less than or equal to the
2663	* maximum number.
2664	*/
2665	static void
2666	bridge_rttrim(struct bridge_softc *sc)
2667	{
2668	struct bridge_rtnode brt, nbrt;
2669
2670	BRIDGE_LOCK_ASSERT(sc);
2671
2672	/* Make sure we actually need to do this. */
2673	if (sc->sc_brtcnt <= sc->sc_brtmax)
2674	return;
2675
2676	/* Force an aging cycle; this might trim enough addresses. */
2677	bridge_rtage(sc);
2678	if (sc->sc_brtcnt <= sc->sc_brtmax)
2679	return;
2680
2681	LIST_FOREACH_SAFE(brt, &sc->sc_rtlist, brt_list, nbrt) {
2682	if ((brt->brt_flags & IFBAF_TYPEMASK) == IFBAF_DYNAMIC) {
2683	bridge_rtnode_destroy(sc, brt);
2684	if (sc->sc_brtcnt <= sc->sc_brtmax)
2685	return;
2686	}
2687	}
2688	}
2689
2690	/*
2691	* bridge_timer:
2692	*
2693	* Aging timer for the bridge.
2694	*/
2695	static void
2696	bridge_timer(void *arg)
2697	{
2698	struct bridge_softc *sc = arg;
2699
2700	BRIDGE_LOCK_ASSERT(sc);
2701
2702	bridge_rtage(sc);
2703
2704	if (sc->sc_ifp->if_drv_flags & IFF_DRV_RUNNING)
2705	callout_reset(&sc->sc_brcallout,
2706	bridge_rtable_prune_period * hz, bridge_timer, sc);
2707	}
2708
2709	/*
2710	* bridge_rtage:
2711	*
2712	* Perform an aging cycle.
2713	*/
2714	static void
2715	bridge_rtage(struct bridge_softc *sc)
2716	{
2717	struct bridge_rtnode brt, nbrt;
2718
2719	BRIDGE_LOCK_ASSERT(sc);
2720
2721	LIST_FOREACH_SAFE(brt, &sc->sc_rtlist, brt_list, nbrt) {
2722	if ((brt->brt_flags & IFBAF_TYPEMASK) == IFBAF_DYNAMIC) {
2723	if (time_uptime >= brt->brt_expire)
2724	bridge_rtnode_destroy(sc, brt);
2725	}
2726	}
2727	}
2728
2729	/*
2730	* bridge_rtflush:
2731	*
2732	* Remove all dynamic addresses from the bridge.
2733	*/
2734	static void
2735	bridge_rtflush(struct bridge_softc *sc, int full)
2736	{
2737	struct bridge_rtnode brt, nbrt;
2738
2739	BRIDGE_LOCK_ASSERT(sc);
2740
2741	LIST_FOREACH_SAFE(brt, &sc->sc_rtlist, brt_list, nbrt) {
2742	if (full \|\| (brt->brt_flags & IFBAF_TYPEMASK) == IFBAF_DYNAMIC)
2743	bridge_rtnode_destroy(sc, brt);
2744	}
2745	}
2746
2747	/*
2748	* bridge_rtdaddr:
2749	*
2750	* Remove an address from the table.
2751	*/
2752	static int
2753	bridge_rtdaddr(struct bridge_softc sc, const uint8_t addr, uint16_t vlan)
2754	{
2755	struct bridge_rtnode *brt;
2756	int found = 0;
2757
2758	BRIDGE_LOCK_ASSERT(sc);
2759
2760	/*
2761	* If vlan is zero then we want to delete for all vlans so the lookup
2762	* may return more than one.
2763	*/
2764	while ((brt = bridge_rtnode_lookup(sc, addr, vlan)) != NULL) {
2765	bridge_rtnode_destroy(sc, brt);
2766	found = 1;
2767	}
2768
2769	return (found ? 0 : ENOENT);
2770	}
2771
2772	/*
2773	* bridge_rtdelete:
2774	*
2775	* Delete routes to a speicifc member interface.
2776	*/
2777	static void
2778	bridge_rtdelete(struct bridge_softc sc, struct ifnet ifp, int full)
2779	{
2780	struct bridge_rtnode brt, nbrt;
2781
2782	BRIDGE_LOCK_ASSERT(sc);
2783
2784	LIST_FOREACH_SAFE(brt, &sc->sc_rtlist, brt_list, nbrt) {
2785	if (brt->brt_ifp == ifp && (full \|\|
2786	(brt->brt_flags & IFBAF_TYPEMASK) == IFBAF_DYNAMIC))
2787	bridge_rtnode_destroy(sc, brt);
2788	}
2789	}
2790
2791	/*
2792	* bridge_rtable_init:
2793	*
2794	* Initialize the route table for this bridge.
2795	*/
2796	static int
2797	bridge_rtable_init(struct bridge_softc *sc)
2798	{
2799	int i;
2800
2801	sc->sc_rthash = malloc(sizeof(sc->sc_rthash) BRIDGE_RTHASH_SIZE,
2802	M_DEVBUF, M_NOWAIT);
2803	if (sc->sc_rthash == NULL)
2804	return (ENOMEM);
2805
2806	for (i = 0; i < BRIDGE_RTHASH_SIZE; i++)
2807	LIST_INIT(&sc->sc_rthash[i]);
2808
2809	sc->sc_rthash_key = arc4random();
2810
2811	LIST_INIT(&sc->sc_rtlist);
2812
2813	return (0);
2814	}
2815
2816	/*
2817	* bridge_rtable_fini:
2818	*
2819	* Deconstruct the route table for this bridge.
2820	*/
2821	static void
2822	bridge_rtable_fini(struct bridge_softc *sc)
2823	{
2824
2825	KASSERT(sc->sc_brtcnt == 0,
2826	("%s: %d bridge routes referenced", __func__, sc->sc_brtcnt));
2827	free(sc->sc_rthash, M_DEVBUF);
2828	}
2829
2830	/*
2831	* The following hash function is adapted from "Hash Functions" by Bob Jenkins
2832	* ("Algorithm Alley", Dr. Dobbs Journal, September 1997).
2833	*/
2834	#define mix(a, b, c) \
2835	do { \
2836	a -= b; a -= c; a ^= (c >> 13); \
2837	b -= c; b -= a; b ^= (a << 8); \
2838	c -= a; c -= b; c ^= (b >> 13); \
2839	a -= b; a -= c; a ^= (c >> 12); \
2840	b -= c; b -= a; b ^= (a << 16); \
2841	c -= a; c -= b; c ^= (b >> 5); \
2842	a -= b; a -= c; a ^= (c >> 3); \
2843	b -= c; b -= a; b ^= (a << 10); \
2844	c -= a; c -= b; c ^= (b >> 15); \
2845	} while (/CONSTCOND/0)
2846
2847	static __inline uint32_t
2848	bridge_rthash(struct bridge_softc sc, const uint8_t addr)
2849	{
2850	uint32_t a = 0x9e3779b9, b = 0x9e3779b9, c = sc->sc_rthash_key;
2851
2852	b += addr[5] << 8;
2853	b += addr[4];
2854	a += addr[3] << 24;
2855	a += addr[2] << 16;
2856	a += addr[1] << 8;
2857	a += addr[0];
2858
2859	mix(a, b, c);
2860
2861	return (c & BRIDGE_RTHASH_MASK);
2862	}
2863
2864	#undef mix
2865
2866	static int
2867	bridge_rtnode_addr_cmp(const uint8_t a, const uint8_t b)
2868	{
2869	int i, d;
2870
2871	for (i = 0, d = 0; i < ETHER_ADDR_LEN && d == 0; i++) {
2872	d = ((int)a[i]) - ((int)b[i]);
2873	}
2874
2875	return (d);
2876	}
2877
2878	/*
2879	* bridge_rtnode_lookup:
2880	*
2881	* Look up a bridge route node for the specified destination. Compare the
2882	* vlan id or if zero then just return the first match.
2883	*/
2884	static struct bridge_rtnode *
2885	bridge_rtnode_lookup(struct bridge_softc sc, const uint8_t addr, uint16_t vlan)
2886	{
2887	struct bridge_rtnode *brt;
2888	uint32_t hash;
2889	int dir;
2890
2891	BRIDGE_LOCK_ASSERT(sc);
2892
2893	hash = bridge_rthash(sc, addr);
2894	LIST_FOREACH(brt, &sc->sc_rthash[hash], brt_hash) {
2895	dir = bridge_rtnode_addr_cmp(addr, brt->brt_addr);
2896	if (dir == 0 && (brt->brt_vlan == vlan \|\| vlan == 0))
2897	return (brt);
2898	if (dir > 0)
2899	return (NULL);
2900	}
2901
2902	return (NULL);
2903	}
2904
2905	/*
2906	* bridge_rtnode_insert:
2907	*
2908	* Insert the specified bridge node into the route table. We
2909	* assume the entry is not already in the table.
2910	*/
2911	static int
2912	bridge_rtnode_insert(struct bridge_softc sc, struct bridge_rtnode brt)
2913	{
2914	struct bridge_rtnode *lbrt;
2915	uint32_t hash;
2916	int dir;
2917
2918	BRIDGE_LOCK_ASSERT(sc);
2919
2920	hash = bridge_rthash(sc, brt->brt_addr);
2921
2922	lbrt = LIST_FIRST(&sc->sc_rthash[hash]);
2923	if (lbrt == NULL) {
2924	LIST_INSERT_HEAD(&sc->sc_rthash[hash], brt, brt_hash);
2925	goto out;
2926	}
2927
2928	do {
2929	dir = bridge_rtnode_addr_cmp(brt->brt_addr, lbrt->brt_addr);
2930	if (dir == 0 && brt->brt_vlan == lbrt->brt_vlan)
2931	return (EEXIST);
2932	if (dir > 0) {
2933	LIST_INSERT_BEFORE(lbrt, brt, brt_hash);
2934	goto out;
2935	}
2936	if (LIST_NEXT(lbrt, brt_hash) == NULL) {
2937	LIST_INSERT_AFTER(lbrt, brt, brt_hash);
2938	goto out;
2939	}
2940	lbrt = LIST_NEXT(lbrt, brt_hash);
2941	} while (lbrt != NULL);
2942
2943	#ifdef DIAGNOSTIC
2944	panic("bridge_rtnode_insert: impossible");
2945	#endif
2946
2947	out:
2948	LIST_INSERT_HEAD(&sc->sc_rtlist, brt, brt_list);
2949	sc->sc_brtcnt++;
2950
2951	return (0);
2952	}
2953
2954	/*
2955	* bridge_rtnode_destroy:
2956	*
2957	* Destroy a bridge rtnode.
2958	*/
2959	static void
2960	bridge_rtnode_destroy(struct bridge_softc sc, struct bridge_rtnode brt)
2961	{
2962	BRIDGE_LOCK_ASSERT(sc);
2963
2964	LIST_REMOVE(brt, brt_hash);
2965
2966	LIST_REMOVE(brt, brt_list);
2967	sc->sc_brtcnt--;
2968	brt->brt_dst->bif_addrcnt--;
2969	uma_zfree(bridge_rtnode_zone, brt);
2970	}
2971
2972	/*
2973	* bridge_rtable_expire:
2974	*
2975	* Set the expiry time for all routes on an interface.
2976	*/
2977	static void
2978	bridge_rtable_expire(struct ifnet *ifp, int age)
2979	{
2980	struct bridge_softc *sc = ifp->if_bridge;
2981	struct bridge_rtnode *brt;
2982
2983	BRIDGE_LOCK(sc);
2984
2985	/*
2986	* If the age is zero then flush, otherwise set all the expiry times to
2987	* age for the interface
2988	*/
2989	if (age == 0)
2990	bridge_rtdelete(sc, ifp, IFBF_FLUSHDYN);
2991	else {
2992	LIST_FOREACH(brt, &sc->sc_rtlist, brt_list) {
2993	/* Cap the expiry time to 'age' */
2994	if (brt->brt_ifp == ifp &&
2995	brt->brt_expire > time_uptime + age &&
2996	(brt->brt_flags & IFBAF_TYPEMASK) == IFBAF_DYNAMIC)
2997	brt->brt_expire = time_uptime + age;
2998	}
2999	}
3000	BRIDGE_UNLOCK(sc);
3001	}
3002
3003	/*
3004	* bridge_state_change:
3005	*
3006	* Callback from the bridgestp code when a port changes states.
3007	*/
3008	static void
3009	bridge_state_change(struct ifnet *ifp, int state)
3010	{
3011	struct bridge_softc *sc = ifp->if_bridge;
3012	static const char *stpstates[] = {
3013	"disabled",
3014	"listening",
3015	"learning",
3016	"forwarding",
3017	"blocking",
3018	"discarding"
3019	};
3020
3021	if (log_stp)
3022	log(LOG_NOTICE, "%s: state changed to %s on %s\n",
3023	sc->sc_ifp->if_xname, stpstates[state], ifp->if_xname);
3024	}
3025
3026	/*
3027	* Send bridge packets through pfil if they are one of the types pfil can deal
3028	* with, or if they are ARP or REVARP. (pfil will pass ARP and REVARP without
3029	* question.) If bifp or ifp are NULL then packet filtering is skipped for
3030	* that interface.
3031	*/
3032	static int
3033	bridge_pfil(struct mbuf *mp, struct ifnet bifp, struct ifnet *ifp, int dir)
3034	{
3035	int snap, error, i, hlen;
3036	struct ether_header *eh1, eh2;
3037	struct ip_fw_args args;
3038	struct ip *ip;
3039	struct llc llc1;
3040	u_int16_t ether_type;
3041
3042	snap = 0;
3043	error = -1; /* Default error if not error == 0 */
3044
3045	#if 0
3046	/* we may return with the IP fields swapped, ensure its not shared */
3047	KASSERT(M_WRITABLE(*mp), ("%s: modifying a shared mbuf", __func__));
3048	#endif
3049
3050	if (pfil_bridge == 0 && pfil_member == 0 && pfil_ipfw == 0)
3051	return (0); /* filtering is disabled */
3052
3053	i = min((*mp)->m_pkthdr.len, max_protohdr);
3054	if ((*mp)->m_len < i) {
3055	mp = m_pullup(mp, i);
3056	if (*mp == NULL) {
3057	printf("%s: m_pullup failed\n", __func__);
3058	return (-1);
3059	}
3060	}
3061
3062	eh1 = mtod(mp, struct ether_header );
3063	ether_type = ntohs(eh1->ether_type);
3064
3065	/*
3066	* Check for SNAP/LLC.
3067	*/
3068	if (ether_type < ETHERMTU) {
3069	struct llc llc2 = (struct llc )(eh1 + 1);
3070
3071	if ((*mp)->m_len >= ETHER_HDR_LEN + 8 &&
3072	llc2->llc_dsap == LLC_SNAP_LSAP &&
3073	llc2->llc_ssap == LLC_SNAP_LSAP &&
3074	llc2->llc_control == LLC_UI) {
3075	ether_type = htons(llc2->llc_un.type_snap.ether_type);
3076	snap = 1;
3077	}
3078	}
3079
3080	/*
3081	* If we're trying to filter bridge traffic, don't look at anything
3082	* other than IP and ARP traffic. If the filter doesn't understand
3083	* IPv6, don't allow IPv6 through the bridge either. This is lame
3084	* since if we really wanted, say, an AppleTalk filter, we are hosed,
3085	* but of course we don't have an AppleTalk filter to begin with.
3086	* (Note that since pfil doesn't understand ARP it will pass ALL
3087	* ARP traffic.)
3088	*/
3089	switch (ether_type) {
3090	case ETHERTYPE_ARP:
3091	case ETHERTYPE_REVARP:
3092	if (pfil_ipfw_arp == 0)
3093	return (0); /* Automatically pass */
3094	break;
3095
3096	case ETHERTYPE_IP:
3097	#ifdef INET6
3098	case ETHERTYPE_IPV6:
3099	#endif /* INET6 */
3100	break;
3101	default:
3102	/*
3103	* Check to see if the user wants to pass non-ip
3104	* packets, these will not be checked by pfil(9) and
3105	* passed unconditionally so the default is to drop.
3106	*/
3107	if (pfil_onlyip)
3108	goto bad;
3109	}
3110
3111	/* Strip off the Ethernet header and keep a copy. */
3112	m_copydata(*mp, 0, ETHER_HDR_LEN, (caddr_t) &eh2);
3113	m_adj(*mp, ETHER_HDR_LEN);
3114
3115	/* Strip off snap header, if present */
3116	if (snap) {
3117	m_copydata(*mp, 0, sizeof(struct llc), (caddr_t) &llc1);
3118	m_adj(*mp, sizeof(struct llc));
3119	}
3120
3121	/*
3122	* Check the IP header for alignment and errors
3123	*/
3124	if (dir == PFIL_IN) {
3125	switch (ether_type) {
3126	case ETHERTYPE_IP:
3127	error = bridge_ip_checkbasic(mp);
3128	break;
3129	#ifdef INET6
3130	case ETHERTYPE_IPV6:
3131	error = bridge_ip6_checkbasic(mp);
3132	break;
3133	#endif /* INET6 */
3134	default:
3135	error = 0;
3136	}
3137	if (error)
3138	goto bad;
3139	}
3140
3141	/* XXX this section is also in if_ethersubr.c */
3142	// XXX PFIL_OUT or DIR_OUT ?
3143	if (V_ip_fw_chk_ptr && pfil_ipfw != 0 &&
3144	dir == PFIL_OUT && ifp != NULL) {
3145	struct m_tag *mtag;
3146
3147	error = -1;
3148	/* fetch the start point from existing tags, if any */
3149	mtag = m_tag_locate(*mp, MTAG_IPFW_RULE, 0, NULL);
3150	if (mtag == NULL) {
3151	args.rule.slot = 0;
3152	} else {
3153	struct ipfw_rule_ref *r;
3154
3155	/* XXX can we free the tag after use ? */
3156	mtag->m_tag_id = PACKET_TAG_NONE;
3157	r = (struct ipfw_rule_ref *)(mtag + 1);
3158	/* packet already partially processed ? */
3159	if (r->info & IPFW_ONEPASS)
3160	goto ipfwpass;
3161	args.rule = *r;
3162	}
3163
3164	args.m = *mp;
3165	args.oif = ifp;
3166	args.next_hop = NULL;
3167	args.next_hop6 = NULL;
3168	args.eh = &eh2;
3169	args.inp = NULL; /* used by ipfw uid/gid/jail rules */
3170	i = V_ip_fw_chk_ptr(&args);
3171	*mp = args.m;
3172
3173	if (*mp == NULL)
3174	return (error);
3175
3176	if (ip_dn_io_ptr && (i == IP_FW_DUMMYNET)) {
3177
3178	/* put the Ethernet header back on */
3179	M_PREPEND(*mp, ETHER_HDR_LEN, M_DONTWAIT);
3180	if (*mp == NULL)
3181	return (error);
3182	bcopy(&eh2, mtod(*mp, caddr_t), ETHER_HDR_LEN);
3183
3184	/*
3185	* Pass the pkt to dummynet, which consumes it. The
3186	* packet will return to us via bridge_dummynet().
3187	*/
3188	args.oif = ifp;
3189	ip_dn_io_ptr(mp, DIR_FWD \| PROTO_IFB, &args);
3190	return (error);
3191	}
3192
3193	if (i != IP_FW_PASS) /* drop */
3194	goto bad;
3195	}
3196
3197	ipfwpass:
3198	error = 0;
3199
3200	/*
3201	* Run the packet through pfil
3202	*/
3203	switch (ether_type) {
3204	case ETHERTYPE_IP:
3205	/*
3206	* before calling the firewall, swap fields the same as
3207	* IP does. here we assume the header is contiguous
3208	*/
3209	ip = mtod(mp, struct ip );
3210
3211	ip->ip_len = ntohs(ip->ip_len);
3212	ip->ip_off = ntohs(ip->ip_off);
3213
3214	/*
3215	* Run pfil on the member interface and the bridge, both can
3216	* be skipped by clearing pfil_member or pfil_bridge.
3217	*
3218	* Keep the order:
3219	* in_if -> bridge_if -> out_if
3220	*/
3221	if (pfil_bridge && dir == PFIL_OUT && bifp != NULL)
3222	error = pfil_run_hooks(&V_inet_pfil_hook, mp, bifp,
3223	dir, NULL);
3224
3225	if (mp == NULL \|\| error != 0) / filter may consume */
3226	break;
3227
3228	if (pfil_member && ifp != NULL)
3229	error = pfil_run_hooks(&V_inet_pfil_hook, mp, ifp,
3230	dir, NULL);
3231
3232	if (mp == NULL \|\| error != 0) / filter may consume */
3233	break;
3234
3235	if (pfil_bridge && dir == PFIL_IN && bifp != NULL)
3236	error = pfil_run_hooks(&V_inet_pfil_hook, mp, bifp,
3237	dir, NULL);
3238
3239	if (mp == NULL \|\| error != 0) / filter may consume */
3240	break;
3241
3242	/* check if we need to fragment the packet */
3243	if (pfil_member && ifp != NULL && dir == PFIL_OUT) {
3244	i = (*mp)->m_pkthdr.len;
3245	if (i > ifp->if_mtu) {
3246	error = bridge_fragment(ifp, *mp, &eh2, snap,
3247	&llc1);
3248	return (error);
3249	}
3250	}
3251
3252	/* Recalculate the ip checksum and restore byte ordering */
3253	ip = mtod(mp, struct ip );
3254	hlen = ip->ip_hl << 2;
3255	if (hlen < sizeof(struct ip))
3256	goto bad;
3257	if (hlen > (*mp)->m_len) {
3258	if ((mp = m_pullup(mp, hlen)) == 0)
3259	goto bad;
3260	ip = mtod(mp, struct ip );
3261	if (ip == NULL)
3262	goto bad;
3263	}
3264	ip->ip_len = htons(ip->ip_len);
3265	ip->ip_off = htons(ip->ip_off);
3266	ip->ip_sum = 0;
3267	if (hlen == sizeof(struct ip))
3268	ip->ip_sum = in_cksum_hdr(ip);
3269	else
3270	ip->ip_sum = in_cksum(*mp, hlen);
3271
3272	break;
3273	#ifdef INET6
3274	case ETHERTYPE_IPV6:
3275	if (pfil_bridge && dir == PFIL_OUT && bifp != NULL)
3276	error = pfil_run_hooks(&V_inet6_pfil_hook, mp, bifp,
3277	dir, NULL);
3278
3279	if (mp == NULL \|\| error != 0) / filter may consume */
3280	break;
3281
3282	if (pfil_member && ifp != NULL)
3283	error = pfil_run_hooks(&V_inet6_pfil_hook, mp, ifp,
3284	dir, NULL);
3285
3286	if (mp == NULL \|\| error != 0) / filter may consume */
3287	break;
3288
3289	if (pfil_bridge && dir == PFIL_IN && bifp != NULL)
3290	error = pfil_run_hooks(&V_inet6_pfil_hook, mp, bifp,
3291	dir, NULL);
3292	break;
3293	#endif
3294	default:
3295	error = 0;
3296	break;
3297	}
3298
3299	if (*mp == NULL)
3300	return (error);
3301	if (error != 0)
3302	goto bad;
3303
3304	error = -1;
3305
3306	/*
3307	* Finally, put everything back the way it was and return
3308	*/
3309	if (snap) {
3310	M_PREPEND(*mp, sizeof(struct llc), M_DONTWAIT);
3311	if (*mp == NULL)
3312	return (error);
3313	bcopy(&llc1, mtod(*mp, caddr_t), sizeof(struct llc));
3314	}
3315
3316	M_PREPEND(*mp, ETHER_HDR_LEN, M_DONTWAIT);
3317	if (*mp == NULL)
3318	return (error);
3319	bcopy(&eh2, mtod(*mp, caddr_t), ETHER_HDR_LEN);
3320
3321	return (0);
3322
3323	bad:
3324	m_freem(*mp);
3325	*mp = NULL;
3326	return (error);
3327	}
3328
3329	/*
3330	* Perform basic checks on header size since
3331	* pfil assumes ip_input has already processed
3332	* it for it. Cut-and-pasted from ip_input.c.
3333	* Given how simple the IPv6 version is,
3334	* does the IPv4 version really need to be
3335	* this complicated?
3336	*
3337	* XXX Should we update ipstat here, or not?
3338	* XXX Right now we update ipstat but not
3339	* XXX csum_counter.
3340	*/
3341	static int
3342	bridge_ip_checkbasic(struct mbuf **mp)
3343	{
3344	struct mbuf m = mp;
3345	struct ip *ip;
3346	int len, hlen;
3347	u_short sum;
3348
3349	if (*mp == NULL)
3350	return (-1);
3351
3352	if (IP_HDR_ALIGNED_P(mtod(m, caddr_t)) == 0) {
3353	if ((m = m_copyup(m, sizeof(struct ip),
3354	(max_linkhdr + 3) & ~3)) == NULL) {
3355	/* XXXJRT new stat, please */
3356	KMOD_IPSTAT_INC(ips_toosmall);
3357	goto bad;
3358	}
3359	} else if (__predict_false(m->m_len < sizeof (struct ip))) {
3360	if ((m = m_pullup(m, sizeof (struct ip))) == NULL) {
3361	KMOD_IPSTAT_INC(ips_toosmall);
3362	goto bad;
3363	}
3364	}
3365	ip = mtod(m, struct ip *);
3366	if (ip == NULL) goto bad;
3367
3368	if (ip->ip_v != IPVERSION) {
3369	KMOD_IPSTAT_INC(ips_badvers);
3370	goto bad;
3371	}
3372	hlen = ip->ip_hl << 2;
3373	if (hlen < sizeof(struct ip)) { /* minimum header length */
3374	KMOD_IPSTAT_INC(ips_badhlen);
3375	goto bad;
3376	}
3377	if (hlen > m->m_len) {
3378	if ((m = m_pullup(m, hlen)) == 0) {
3379	KMOD_IPSTAT_INC(ips_badhlen);
3380	goto bad;
3381	}
3382	ip = mtod(m, struct ip *);
3383	if (ip == NULL) goto bad;
3384	}
3385
3386	if (m->m_pkthdr.csum_flags & CSUM_IP_CHECKED) {
3387	sum = !(m->m_pkthdr.csum_flags & CSUM_IP_VALID);
3388	} else {
3389	if (hlen == sizeof(struct ip)) {
3390	sum = in_cksum_hdr(ip);
3391	} else {
3392	sum = in_cksum(m, hlen);
3393	}
3394	}
3395	if (sum) {
3396	KMOD_IPSTAT_INC(ips_badsum);
3397	goto bad;
3398	}
3399
3400	/* Retrieve the packet length. */
3401	len = ntohs(ip->ip_len);
3402
3403	/*
3404	* Check for additional length bogosity
3405	*/
3406	if (len < hlen) {
3407	KMOD_IPSTAT_INC(ips_badlen);
3408	goto bad;
3409	}
3410
3411	/*
3412	* Check that the amount of data in the buffers
3413	* is as at least much as the IP header would have us expect.
3414	* Drop packet if shorter than we expect.
3415	*/
3416	if (m->m_pkthdr.len < len) {
3417	KMOD_IPSTAT_INC(ips_tooshort);
3418	goto bad;
3419	}
3420
3421	/* Checks out, proceed */
3422	*mp = m;
3423	return (0);
3424
3425	bad:
3426	*mp = m;
3427	return (-1);
3428	}
3429
3430	#ifdef INET6
3431	/*
3432	* Same as above, but for IPv6.
3433	* Cut-and-pasted from ip6_input.c.
3434	* XXX Should we update ip6stat, or not?
3435	*/
3436	static int
3437	bridge_ip6_checkbasic(struct mbuf **mp)
3438	{
3439	struct mbuf m = mp;
3440	struct ip6_hdr *ip6;
3441
3442	/*
3443	* If the IPv6 header is not aligned, slurp it up into a new
3444	* mbuf with space for link headers, in the event we forward
3445	* it. Otherwise, if it is aligned, make sure the entire base
3446	* IPv6 header is in the first mbuf of the chain.
3447	*/
3448	if (IP6_HDR_ALIGNED_P(mtod(m, caddr_t)) == 0) {
3449	struct ifnet *inifp = m->m_pkthdr.rcvif;
3450	if ((m = m_copyup(m, sizeof(struct ip6_hdr),
3451	(max_linkhdr + 3) & ~3)) == NULL) {
3452	/* XXXJRT new stat, please */
3453	IP6STAT_INC(ip6s_toosmall);
3454	in6_ifstat_inc(inifp, ifs6_in_hdrerr);
3455	goto bad;
3456	}
3457	} else if (__predict_false(m->m_len < sizeof(struct ip6_hdr))) {
3458	struct ifnet *inifp = m->m_pkthdr.rcvif;
3459	if ((m = m_pullup(m, sizeof(struct ip6_hdr))) == NULL) {
3460	IP6STAT_INC(ip6s_toosmall);
3461	in6_ifstat_inc(inifp, ifs6_in_hdrerr);
3462	goto bad;
3463	}
3464	}
3465
3466	ip6 = mtod(m, struct ip6_hdr *);
3467
3468	if ((ip6->ip6_vfc & IPV6_VERSION_MASK) != IPV6_VERSION) {
3469	IP6STAT_INC(ip6s_badvers);
3470	in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_hdrerr);
3471	goto bad;
3472	}
3473
3474	/* Checks out, proceed */
3475	*mp = m;
3476	return (0);
3477
3478	bad:
3479	*mp = m;
3480	return (-1);
3481	}
3482	#endif /* INET6 */
3483
3484	/*
3485	* bridge_fragment:
3486	*
3487	* Return a fragmented mbuf chain.
3488	*/
3489	static int
3490	bridge_fragment(struct ifnet ifp, struct mbuf m, struct ether_header *eh,
3491	int snap, struct llc *llc)
3492	{
3493	struct mbuf *m0;
3494	struct ip *ip;
3495	int error = -1;
3496
3497	if (m->m_len < sizeof(struct ip) &&
3498	(m = m_pullup(m, sizeof(struct ip))) == NULL)
3499	goto out;
3500	ip = mtod(m, struct ip *);
3501
3502	error = ip_fragment(ip, &m, ifp->if_mtu, ifp->if_hwassist,
3503	CSUM_DELAY_IP);
3504	if (error)
3505	goto out;
3506
3507	/* walk the chain and re-add the Ethernet header */
3508	for (m0 = m; m0; m0 = m0->m_nextpkt) {
3509	if (error == 0) {
3510	if (snap) {
3511	M_PREPEND(m0, sizeof(struct llc), M_DONTWAIT);
3512	if (m0 == NULL) {
3513	error = ENOBUFS;
3514	continue;
3515	}
3516	bcopy(llc, mtod(m0, caddr_t),
3517	sizeof(struct llc));
3518	}
3519	M_PREPEND(m0, ETHER_HDR_LEN, M_DONTWAIT);
3520	if (m0 == NULL) {
3521	error = ENOBUFS;
3522	continue;
3523	}
3524	bcopy(eh, mtod(m0, caddr_t), ETHER_HDR_LEN);
3525	} else
3526	m_freem(m);
3527	}
3528
3529	if (error == 0)
3530	KMOD_IPSTAT_INC(ips_fragmented);
3531
3532	return (error);
3533
3534	out:
3535	if (m != NULL)
3536	m_freem(m);
3537	return (error);
3538	}
3539
3540	static void
3541	bridge_linkstate(struct ifnet *ifp)
3542	{
3543	struct bridge_softc *sc = ifp->if_bridge;
3544	struct bridge_iflist *bif;
3545
3546	BRIDGE_LOCK(sc);
3547	bif = bridge_lookup_member_if(sc, ifp);
3548	if (bif == NULL) {
3549	BRIDGE_UNLOCK(sc);
3550	return;
3551	}
3552	bridge_linkcheck(sc);
3553	BRIDGE_UNLOCK(sc);
3554
3555	bstp_linkstate(&bif->bif_stp);
3556	}
3557
3558	static void
3559	bridge_linkcheck(struct bridge_softc *sc)
3560	{
3561	struct bridge_iflist *bif;
3562	int new_link, hasls;
3563
3564	BRIDGE_LOCK_ASSERT(sc);
3565	new_link = LINK_STATE_DOWN;
3566	hasls = 0;
3567	/* Our link is considered up if at least one of our ports is active */
3568	LIST_FOREACH(bif, &sc->sc_iflist, bif_next) {
3569	if (bif->bif_ifp->if_capabilities & IFCAP_LINKSTATE)
3570	hasls++;
3571	if (bif->bif_ifp->if_link_state == LINK_STATE_UP) {
3572	new_link = LINK_STATE_UP;
3573	break;
3574	}
3575	}
3576	if (!LIST_EMPTY(&sc->sc_iflist) && !hasls) {
3577	/* If no interfaces support link-state then we default to up */
3578	new_link = LINK_STATE_UP;
3579	}
3580	if_link_state_change(sc->sc_ifp, new_link);
3581	}

Note: See TracBrowser for help on using the repository browser.

Download in other formats: