search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Parallelize ifnet.if_addrhead accessing by duplicating the list itself
[dragonfly.git] / sys / netinet / ip_carp.c
blob6e704c14089a6f97dc45c5cd64196fdf9e486e7c
1 /*
2 * Copyright (c) 2002 Michael Shalayeff. All rights reserved.
3 * Copyright (c) 2003 Ryan McBride. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 *
14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
15 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
16 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
17 * IN NO EVENT SHALL THE AUTHOR OR HIS RELATIVES BE LIABLE FOR ANY DIRECT,
18 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
19 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
20 * SERVICES; LOSS OF MIND, USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
21 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
22 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
23 * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
24 * THE POSSIBILITY OF SUCH DAMAGE.
25 */
26 /*
27 * $FreeBSD: src/sys/netinet/ip_carp.c,v 1.48 2007/02/02 09:39:09 glebius Exp $
28 * $DragonFly: src/sys/netinet/ip_carp.c,v 1.7 2008/03/07 11:34:20 sephe Exp $
29 */
30
31 #include "opt_carp.h"
32 /*#include "opt_bpf.h"*/
33 #include "opt_inet.h"
34 #include "opt_inet6.h"
35
36 #include <sys/types.h>
37 #include <sys/param.h>
38 #include <sys/systm.h>
39 #include <sys/conf.h>
40 #include <sys/kernel.h>
41 #include <machine/limits.h>
42 #include <sys/malloc.h>
43 #include <sys/mbuf.h>
44 #include <sys/module.h>
45 #include <sys/time.h>
46 #include <sys/proc.h>
47 #include <sys/sysctl.h>
48 #include <sys/syslog.h>
49 #include <sys/signalvar.h>
50 #include <sys/filio.h>
51 #include <sys/sockio.h>
52 #include <sys/in_cksum.h>
53 #include <sys/socket.h>
54 #include <sys/vnode.h>
55
56 #include <machine/stdarg.h>
57
58 #include <net/bpf.h>
59 #include <net/ethernet.h>
60 #include <net/if.h>
61 #include <net/if_dl.h>
62 #include <net/if_types.h>
63 #include <net/route.h>
64 #include <net/if_clone.h>
65
66 #ifdef INET
67 #include <netinet/in.h>
68 #include <netinet/in_var.h>
69 #include <netinet/in_systm.h>
70 #include <netinet/ip.h>
71 #include <netinet/ip_var.h>
72 #include <netinet/if_ether.h>
73 #endif
74
75 #ifdef INET6
76 #include <netinet/icmp6.h>
77 #include <netinet/ip6.h>
78 #include <netinet6/ip6_var.h>
79 #include <netinet6/scope6_var.h>
80 #include <netinet6/nd6.h>
81 #endif
82
83 #include <crypto/sha1.h>
84 #include <netinet/ip_carp.h>
85 #include <sys/lock.h>
86
87 #define CARP_IFNAME "carp"
88 static MALLOC_DEFINE(M_CARP, "CARP", "CARP interfaces");
89 static MALLOC_DEFINE(M_IFNET, "IFNET", "IFNET CARP?");
90 SYSCTL_DECL(_net_inet_carp);
91
92 struct carp_softc {
93 struct ifnet *sc_ifp; /* Interface clue */
94 struct ifnet *sc_carpdev; /* Pointer to parent interface */
95 struct in_ifaddr *sc_ia; /* primary iface address */
96 struct ip_moptions sc_imo;
97 #ifdef INET6
98 struct in6_ifaddr *sc_ia6; /* primary iface address v6 */
99 struct ip6_moptions sc_im6o;
100 #endif /* INET6 */
101 TAILQ_ENTRY(carp_softc) sc_list;
102
103 enum { INIT = 0, BACKUP, MASTER } sc_state;
104
105 int sc_flags_backup;
106 int sc_suppress;
107
108 int sc_sendad_errors;
109 #define CARP_SENDAD_MAX_ERRORS 3
110 int sc_sendad_success;
111 #define CARP_SENDAD_MIN_SUCCESS 3
112
113 int sc_vhid;
114 int sc_advskew;
115 int sc_naddrs;
116 int sc_naddrs6;
117 int sc_advbase; /* seconds */
118 int sc_init_counter;
119 u_int64_t sc_counter;
120
121 /* authentication */
122 #define CARP_HMAC_PAD 64
123 unsigned char sc_key[CARP_KEY_LEN];
124 unsigned char sc_pad[CARP_HMAC_PAD];
125 SHA1_CTX sc_sha1;
126
127 struct callout sc_ad_tmo; /* advertisement timeout */
128 struct callout sc_md_tmo; /* master down timeout */
129 struct callout sc_md6_tmo; /* master down timeout */
130
131 LIST_ENTRY(carp_softc) sc_next; /* Interface clue */
132 };
133 #define SC2IFP(sc) ((sc)->sc_ifp)
134
135 int carp_suppress_preempt = 0;
136 int carp_opts[CARPCTL_MAXID] = { 0, 1, 0, 1, 0, 0 }; /* XXX for now */
137 SYSCTL_INT(_net_inet_carp, CARPCTL_ALLOW, allow, CTLFLAG_RW,
138 &carp_opts[CARPCTL_ALLOW], 0, "Accept incoming CARP packets");
139 SYSCTL_INT(_net_inet_carp, CARPCTL_PREEMPT, preempt, CTLFLAG_RW,
140 &carp_opts[CARPCTL_PREEMPT], 0, "high-priority backup preemption mode");
141 SYSCTL_INT(_net_inet_carp, CARPCTL_LOG, log, CTLFLAG_RW,
142 &carp_opts[CARPCTL_LOG], 0, "log bad carp packets");
143 SYSCTL_INT(_net_inet_carp, CARPCTL_ARPBALANCE, arpbalance, CTLFLAG_RW,
144 &carp_opts[CARPCTL_ARPBALANCE], 0, "balance arp responses");
145 SYSCTL_INT(_net_inet_carp, OID_AUTO, suppress_preempt, CTLFLAG_RD,
146 &carp_suppress_preempt, 0, "Preemption is suppressed");
147
148 struct carpstats carpstats;
149 SYSCTL_STRUCT(_net_inet_carp, CARPCTL_STATS, stats, CTLFLAG_RW,
150 &carpstats, carpstats,
151 "CARP statistics (struct carpstats, netinet/ip_carp.h)");
152
153 struct carp_if {
154 TAILQ_HEAD(, carp_softc) vhif_vrs;
155 int vhif_nvrs;
156
157 struct ifnet *vhif_ifp;
158 struct lock vhif_lock;
159 };
160
161 /* Get carp_if from softc. Valid after carp_set_addr{,6}. */
162 #define SC2CIF(sc) ((struct carp_if *)(sc)->sc_carpdev->if_carp)
163
164 #define CARP_LOCK_INIT(cif) lockinit(&(cif)->vhif_lock, "carp_if", 0, LK_NOWAIT);
165 #define CARP_LOCK_DESTROY(cif) ;
166 #define CARP_LOCK_ASSERT(cif) ;
167 #define CARP_LOCK(cif) lockmgr(&(cif)->vhif_lock, LK_EXCLUSIVE);
168 #define CARP_UNLOCK(cif) lockmgr(&(cif)->vhif_lock, LK_RELEASE);
169
170 #define CARP_SCLOCK(sc) lockmgr(&SC2CIF(sc)->vhif_lock, LK_EXCLUSIVE);
171 #define CARP_SCUNLOCK(sc) lockmgr(&SC2CIF(sc)->vhif_lock, LK_RELEASE);
172 #define CARP_SCLOCK_ASSERT(sc) ;
173
174 #define CARP_LOG(...) do { \
175 if (carp_opts[CARPCTL_LOG] > 0) \
176 log(LOG_INFO, __VA_ARGS__); \
177 } while (0)
178
179 #define CARP_DEBUG(...) do { \
180 if (carp_opts[CARPCTL_LOG] > 1) \
181 log(LOG_DEBUG, __VA_ARGS__); \
182 } while (0)
183
184 static void carp_hmac_prepare(struct carp_softc *);
185 static void carp_hmac_generate(struct carp_softc *, u_int32_t *,
186 unsigned char *);
187 static int carp_hmac_verify(struct carp_softc *, u_int32_t *,
188 unsigned char *);
189 static void carp_setroute(struct carp_softc *, int);
190 static void carp_input_c(struct mbuf *, struct carp_header *, sa_family_t);
191 static int carp_clone_create(struct if_clone *, int);
192 static void carp_clone_destroy(struct ifnet *);
193 static void carpdetach(struct carp_softc *, int);
194 static int carp_prepare_ad(struct mbuf *, struct carp_softc *,
195 struct carp_header *);
196 static void carp_send_ad_all(void);
197 static void carp_send_ad(void *);
198 static void carp_send_ad_locked(struct carp_softc *);
199 static void carp_send_arp(struct carp_softc *);
200 static void carp_master_down(void *);
201 static void carp_master_down_locked(struct carp_softc *);
202 static int carp_ioctl(struct ifnet *, u_long, caddr_t, struct ucred *);
203 static int carp_looutput(struct ifnet *, struct mbuf *, struct sockaddr *,
204 struct rtentry *);
205 static void carp_start(struct ifnet *);
206 static void carp_setrun(struct carp_softc *, sa_family_t);
207 static void carp_set_state(struct carp_softc *, int);
208 static int carp_addrcount(struct carp_if *, struct in_ifaddr *, int);
209 enum { CARP_COUNT_MASTER, CARP_COUNT_RUNNING };
210
211 static void carp_multicast_cleanup(struct carp_softc *);
212 static int carp_set_addr(struct carp_softc *, struct sockaddr_in *);
213 static int carp_del_addr(struct carp_softc *, struct sockaddr_in *);
214 static void carp_carpdev_state_locked(struct carp_if *);
215 static void carp_sc_state_locked(struct carp_softc *);
216 #ifdef INET6
217 static void carp_send_na(struct carp_softc *);
218 static int carp_set_addr6(struct carp_softc *, struct sockaddr_in6 *);
219 static int carp_del_addr6(struct carp_softc *, struct sockaddr_in6 *);
220 static void carp_multicast6_cleanup(struct carp_softc *);
221 #endif
222
223 static LIST_HEAD(, carp_softc) carpif_list;
224
225 struct if_clone carp_cloner = IF_CLONE_INITIALIZER(CARP_IFNAME, carp_clone_create, carp_clone_destroy, 0, IF_MAXUNIT);
226
227 static eventhandler_tag if_detach_event_tag;
228
229 static __inline u_int16_t
230 carp_cksum(struct mbuf *m, int len)
231 {
232 return (in_cksum(m, len));
233 }
234
235 static void
236 carp_hmac_prepare(struct carp_softc *sc)
237 {
238 u_int8_t version = CARP_VERSION, type = CARP_ADVERTISEMENT;
239 u_int8_t vhid = sc->sc_vhid & 0xff;
240 struct ifaddr_container *ifac;
241 int i;
242 #ifdef INET6
243 struct in6_addr in6;
244 #endif
245
246 if (sc->sc_carpdev)
247 CARP_SCLOCK(sc);
248
249 /* XXX: possible race here */
250
251 /* compute ipad from key */
252 bzero(sc->sc_pad, sizeof(sc->sc_pad));
253 bcopy(sc->sc_key, sc->sc_pad, sizeof(sc->sc_key));
254 for (i = 0; i < sizeof(sc->sc_pad); i++)
255 sc->sc_pad[i] ^= 0x36;
256
257 /* precompute first part of inner hash */
258 SHA1Init(&sc->sc_sha1);
259 SHA1Update(&sc->sc_sha1, sc->sc_pad, sizeof(sc->sc_pad));
260 SHA1Update(&sc->sc_sha1, (void *)&version, sizeof(version));
261 SHA1Update(&sc->sc_sha1, (void *)&type, sizeof(type));
262 SHA1Update(&sc->sc_sha1, (void *)&vhid, sizeof(vhid));
263 #ifdef INET
264 TAILQ_FOREACH(ifac, &SC2IFP(sc)->if_addrheads[mycpuid], ifa_link) {
265 struct ifaddr *ifa = ifac->ifa;
266
267 if (ifa->ifa_addr->sa_family == AF_INET)
268 SHA1Update(&sc->sc_sha1,
269 (void *)&ifatoia(ifa)->ia_addr.sin_addr.s_addr,
270 sizeof(struct in_addr));
271 }
272 #endif /* INET */
273 #ifdef INET6
274 TAILQ_FOREACH(ifac, &SC2IFP(sc)->if_addrheads[mycpuid], ifa_link) {
275 struct ifaddr *ifa = ifac->ifa;
276
277 if (ifa->ifa_addr->sa_family == AF_INET6) {
278 in6 = ifatoia6(ifa)->ia_addr.sin6_addr;
279 in6_clearscope(&in6);
280 SHA1Update(&sc->sc_sha1, (void *)&in6, sizeof(in6));
281 }
282 }
283 #endif /* INET6 */
284
285 /* convert ipad to opad */
286 for (i = 0; i < sizeof(sc->sc_pad); i++)
287 sc->sc_pad[i] ^= 0x36 ^ 0x5c;
288
289 if (sc->sc_carpdev)
290 CARP_SCUNLOCK(sc);
291 }
292
293 static void
294 carp_hmac_generate(struct carp_softc *sc, u_int32_t counter[2],
295 unsigned char md[20])
296 {
297 SHA1_CTX sha1ctx;
298
299 /* fetch first half of inner hash */
300 bcopy(&sc->sc_sha1, &sha1ctx, sizeof(sha1ctx));
301
302 SHA1Update(&sha1ctx, (void *)counter, sizeof(sc->sc_counter));
303 SHA1Final(md, &sha1ctx);
304
305 /* outer hash */
306 SHA1Init(&sha1ctx);
307 SHA1Update(&sha1ctx, sc->sc_pad, sizeof(sc->sc_pad));
308 SHA1Update(&sha1ctx, md, 20);
309 SHA1Final(md, &sha1ctx);
310 }
311
312 static int
313 carp_hmac_verify(struct carp_softc *sc, u_int32_t counter[2],
314 unsigned char md[20])
315 {
316 unsigned char md2[20];
317
318 CARP_SCLOCK_ASSERT(sc);
319
320 carp_hmac_generate(sc, counter, md2);
321
322 return (bcmp(md, md2, sizeof(md2)));
323 }
324
325 static void
326 carp_setroute(struct carp_softc *sc, int cmd)
327 {
328 struct ifaddr_container *ifac;
329
330 if (sc->sc_carpdev)
331 CARP_SCLOCK_ASSERT(sc);
332
333 crit_enter();
334 TAILQ_FOREACH(ifac, &SC2IFP(sc)->if_addrheads[mycpuid], ifa_link) {
335 struct ifaddr *ifa = ifac->ifa;
336
337 if (ifa->ifa_addr->sa_family == AF_INET &&
338 sc->sc_carpdev != NULL) {
339 int count = carp_addrcount(
340 (struct carp_if *)sc->sc_carpdev->if_carp,
341 ifatoia(ifa), CARP_COUNT_MASTER);
342
343 if ((cmd == RTM_ADD && count == 1) ||
344 (cmd == RTM_DELETE && count == 0))
345 rtinit(ifa, cmd, RTF_UP | RTF_HOST);
346 }
347 #ifdef INET6
348 if (ifa->ifa_addr->sa_family == AF_INET6) {
349 if (cmd == RTM_ADD)
350 in6_ifaddloop(ifa);
351 else
352 in6_ifremloop(ifa);
353 }
354 #endif /* INET6 */
355 }
356 crit_exit();
357
358 }
359
360 static int
361 carp_clone_create(struct if_clone *ifc, int unit)
362 {
363
364 struct carp_softc *sc;
365 struct ifnet *ifp;
366
367 MALLOC(sc, struct carp_softc *, sizeof(*sc), M_CARP, M_WAITOK|M_ZERO);
368 ifp = SC2IFP(sc) = kmalloc(sizeof(struct ifnet), M_IFNET, M_WAITOK|M_ZERO);
369
370 sc->sc_flags_backup = 0;
371 sc->sc_suppress = 0;
372 sc->sc_advbase = CARP_DFLTINTV;
373 sc->sc_vhid = -1; /* required setting */
374 sc->sc_advskew = 0;
375 sc->sc_init_counter = 1;
376 sc->sc_naddrs = sc->sc_naddrs6 = 0; /* M_ZERO? */
377
378 #ifdef INET6
379 sc->sc_im6o.im6o_multicast_hlim = CARP_DFLTTL;
380 #endif
381
382 /* sc->sc_imo.imo_membership = kmalloc((sizeof(struct in_multi) * IP_MAX_MEMBERSHIPS), M_CARP,M_WAITOK);*/
383 /*
384 sc->sc_imo.imo_max_memberships = IP_MAX_MEMBERSHIPS;
385 sc->sc_imo.imo_multicast_vif = -1;
386 */
387 callout_init(&sc->sc_ad_tmo);
388 callout_init(&sc->sc_md_tmo);
389 callout_init(&sc->sc_md6_tmo);
390
391 ifp->if_softc = sc;
392 if_initname(ifp, CARP_IFNAME, unit);
393 ifp->if_mtu = ETHERMTU;
394 ifp->if_flags = IFF_LOOPBACK;
395 ifp->if_ioctl = carp_ioctl;
396 ifp->if_output = carp_looutput;
397 ifp->if_start = carp_start;
398 ifp->if_type = IFT_CARP;
399 ifp->if_snd.ifq_maxlen = ifqmaxlen;
400 ifp->if_hdrlen = 0;
401 if_attach(ifp, NULL);
402 bpfattach(ifp, DLT_NULL, sizeof(u_int));
403
404 crit_enter();
405 LIST_INSERT_HEAD(&carpif_list, sc, sc_next);
406 crit_exit();
407
408 return (0);
409 }
410
411 static void
412 carp_clone_destroy(struct ifnet *ifp)
413 {
414 struct carp_softc *sc = ifp->if_softc;
415
416 if (sc->sc_carpdev)
417 CARP_SCLOCK(sc);
418 carpdetach(sc, 1); /* Returns unlocked. */
419
420 crit_enter();
421 LIST_REMOVE(sc, sc_next);
422 crit_exit();
423 bpfdetach(ifp);
424 if_detach(ifp);
425 /* if_free_type(ifp, IFT_ETHER);*/
426 /* kfree(sc->sc_imo.imo_membership, M_CARP); */
427 kfree(sc, M_CARP);
428 }
429
430 /*
431 * This function can be called on CARP interface destroy path,
432 * and in case of the removal of the underlying interface as
433 * well. We differentiate these two cases. In the latter case
434 * we do not cleanup our multicast memberships, since they
435 * are already freed. Also, in the latter case we do not
436 * release the lock on return, because the function will be
437 * called once more, for another CARP instance on the same
438 * interface.
439 */
440 static void
441 carpdetach(struct carp_softc *sc, int unlock)
442 {
443 struct carp_if *cif;
444
445 callout_stop(&sc->sc_ad_tmo);
446 callout_stop(&sc->sc_md_tmo);
447 callout_stop(&sc->sc_md6_tmo);
448
449 if (sc->sc_suppress)
450 carp_suppress_preempt--;
451 sc->sc_suppress = 0;
452
453 if (sc->sc_sendad_errors >= CARP_SENDAD_MAX_ERRORS)
454 carp_suppress_preempt--;
455 sc->sc_sendad_errors = 0;
456
457 carp_set_state(sc, INIT);
458 SC2IFP(sc)->if_flags &= ~IFF_UP;
459 carp_setrun(sc, 0);
460 if (unlock)
461 carp_multicast_cleanup(sc);
462 #ifdef INET6
463 carp_multicast6_cleanup(sc);
464 #endif
465
466 if (sc->sc_carpdev != NULL) {
467 cif = (struct carp_if *)sc->sc_carpdev->if_carp;
468 CARP_LOCK_ASSERT(cif);
469 TAILQ_REMOVE(&cif->vhif_vrs, sc, sc_list);
470 if (!--cif->vhif_nvrs) {
471 ifpromisc(sc->sc_carpdev, 0);
472 sc->sc_carpdev->if_carp = NULL;
473 CARP_LOCK_DESTROY(cif);
474 FREE(cif, M_IFADDR);
475 } else if (unlock)
476 CARP_UNLOCK(cif);
477 sc->sc_carpdev = NULL;
478 }
479 }
480
481 /* Detach an interface from the carp. */
482 static void
483 carp_ifdetach(void *arg __unused, struct ifnet *ifp)
484 {
485 struct carp_if *cif = (struct carp_if *)ifp->if_carp;
486 struct carp_softc *sc, *nextsc;
487
488 if (cif == NULL)
489 return;
490
491 /*
492 * XXX: At the end of for() cycle the lock will be destroyed.
493 */
494 CARP_LOCK(cif);
495 for (sc = TAILQ_FIRST(&cif->vhif_vrs); sc; sc = nextsc) {
496 nextsc = TAILQ_NEXT(sc, sc_list);
497 carpdetach(sc, 0);
498 }
499 CARP_UNLOCK(cif);
500 }
501
502 /*
503 * process input packet.
504 * we have rearranged checks order compared to the rfc,
505 * but it seems more efficient this way or not possible otherwise.
506 */
507 void
508 carp_input(struct mbuf *m, int hlen)
509 {
510 struct ip *ip = mtod(m, struct ip *);
511 struct carp_header *ch;
512 int iplen, len;
513
514 carpstats.carps_ipackets++;
515
516 if (!carp_opts[CARPCTL_ALLOW]) {
517 m_freem(m);
518 return;
519 }
520
521 /* check if received on a valid carp interface */
522 if (m->m_pkthdr.rcvif->if_carp == NULL) {
523 carpstats.carps_badif++;
524 CARP_LOG("carp_input: packet received on non-carp "
525 "interface: %s\n",
526 m->m_pkthdr.rcvif->if_xname);
527 m_freem(m);
528 return;
529 }
530
531 /* verify that the IP TTL is 255. */
532 if (ip->ip_ttl != CARP_DFLTTL) {
533 carpstats.carps_badttl++;
534 CARP_LOG("carp_input: received ttl %d != 255i on %s\n",
535 ip->ip_ttl,
536 m->m_pkthdr.rcvif->if_xname);
537 m_freem(m);
538 return;
539 }
540
541 iplen = ip->ip_hl << 2;
542
543 if (m->m_pkthdr.len < iplen + sizeof(*ch)) {
544 carpstats.carps_badlen++;
545 CARP_LOG("carp_input: received len %zd < "
546 "sizeof(struct carp_header)\n",
547 m->m_len - sizeof(struct ip));
548 m_freem(m);
549 return;
550 }
551
552 if (iplen + sizeof(*ch) < m->m_len) {
553 if ((m = m_pullup(m, iplen + sizeof(*ch))) == NULL) {
554 carpstats.carps_hdrops++;
555 CARP_LOG("carp_input: pullup failed\n");
556 return;
557 }
558 ip = mtod(m, struct ip *);
559 }
560 ch = (struct carp_header *)((char *)ip + iplen);
561
562 /*
563 * verify that the received packet length is
564 * equal to the CARP header
565 */
566 len = iplen + sizeof(*ch);
567 if (len > m->m_pkthdr.len) {
568 carpstats.carps_badlen++;
569 CARP_LOG("carp_input: packet too short %d on %s\n",
570 m->m_pkthdr.len,
571 m->m_pkthdr.rcvif->if_xname);
572 m_freem(m);
573 return;
574 }
575
576 if ((m = m_pullup(m, len)) == NULL) {
577 carpstats.carps_hdrops++;
578 return;
579 }
580 ip = mtod(m, struct ip *);
581 ch = (struct carp_header *)((char *)ip + iplen);
582
583 /* verify the CARP checksum */
584 m->m_data += iplen;
585 if (carp_cksum(m, len - iplen)) {
586 carpstats.carps_badsum++;
587 CARP_LOG("carp_input: checksum failed on %s\n",
588 m->m_pkthdr.rcvif->if_xname);
589 m_freem(m);
590 return;
591 }
592 m->m_data -= iplen;
593
594 carp_input_c(m, ch, AF_INET);
595 }
596
597 #ifdef INET6
598 int
599 carp6_input(struct mbuf **mp, int *offp, int proto)
600 {
601 struct mbuf *m = *mp;
602 struct ip6_hdr *ip6 = mtod(m, struct ip6_hdr *);
603 struct carp_header *ch;
604 u_int len;
605
606 carpstats.carps_ipackets6++;
607
608 if (!carp_opts[CARPCTL_ALLOW]) {
609 m_freem(m);
610 return (IPPROTO_DONE);
611 }
612
613 /* check if received on a valid carp interface */
614 if (m->m_pkthdr.rcvif->if_carp == NULL) {
615 carpstats.carps_badif++;
616 CARP_LOG("carp6_input: packet received on non-carp "
617 "interface: %s\n",
618 m->m_pkthdr.rcvif->if_xname);
619 m_freem(m);
620 return (IPPROTO_DONE);
621 }
622
623 /* verify that the IP TTL is 255 */
624 if (ip6->ip6_hlim != CARP_DFLTTL) {
625 carpstats.carps_badttl++;
626 CARP_LOG("carp6_input: received ttl %d != 255 on %s\n",
627 ip6->ip6_hlim,
628 m->m_pkthdr.rcvif->if_xname);
629 m_freem(m);
630 return (IPPROTO_DONE);
631 }
632
633 /* verify that we have a complete carp packet */
634 len = m->m_len;
635 IP6_EXTHDR_GET(ch, struct carp_header *, m, *offp, sizeof(*ch));
636 if (ch == NULL) {
637 carpstats.carps_badlen++;
638 CARP_LOG("carp6_input: packet size %u too small\n", len);
639 return (IPPROTO_DONE);
640 }
641
642
643 /* verify the CARP checksum */
644 m->m_data += *offp;
645 if (carp_cksum(m, sizeof(*ch))) {
646 carpstats.carps_badsum++;
647 CARP_LOG("carp6_input: checksum failed, on %s\n",
648 m->m_pkthdr.rcvif->if_xname);
649 m_freem(m);
650 return (IPPROTO_DONE);
651 }
652 m->m_data -= *offp;
653
654 carp_input_c(m, ch, AF_INET6);
655 return (IPPROTO_DONE);
656 }
657 #endif /* INET6 */
658
659 static void
660 carp_input_c(struct mbuf *m, struct carp_header *ch, sa_family_t af)
661 {
662 struct ifnet *ifp = m->m_pkthdr.rcvif;
663 struct carp_softc *sc;
664 u_int64_t tmp_counter;
665 struct timeval sc_tv, ch_tv;
666
667 /* verify that the VHID is valid on the receiving interface */
668 CARP_LOCK(ifp->if_carp);
669 TAILQ_FOREACH(sc, &((struct carp_if *)ifp->if_carp)->vhif_vrs, sc_list)
670 if (sc->sc_vhid == ch->carp_vhid)
671 break;
672
673 if (!sc || !((SC2IFP(sc)->if_flags & IFF_UP) && (SC2IFP(sc)->if_flags & IFF_RUNNING))) {
674 carpstats.carps_badvhid++;
675 CARP_UNLOCK(ifp->if_carp);
676 m_freem(m);
677 return;
678 }
679
680 getmicrotime(&SC2IFP(sc)->if_lastchange);
681 SC2IFP(sc)->if_ipackets++;
682 SC2IFP(sc)->if_ibytes += m->m_pkthdr.len;
683
684 if (SC2IFP(sc)->if_bpf) {
685 struct ip *ip = mtod(m, struct ip *);
686
687 /* BPF wants net byte order */
688 ip->ip_len = htons(ip->ip_len + (ip->ip_hl << 2));
689 ip->ip_off = htons(ip->ip_off);
690 bpf_mtap(SC2IFP(sc)->if_bpf, m);
691 }
692
693 /* verify the CARP version. */
694 if (ch->carp_version != CARP_VERSION) {
695 carpstats.carps_badver++;
696 SC2IFP(sc)->if_ierrors++;
697 CARP_UNLOCK(ifp->if_carp);
698 CARP_LOG("%s; invalid version %d\n",
699 SC2IFP(sc)->if_xname,
700 ch->carp_version);
701 m_freem(m);
702 return;
703 }
704
705 /* verify the hash */
706 if (carp_hmac_verify(sc, ch->carp_counter, ch->carp_md)) {
707 carpstats.carps_badauth++;
708 SC2IFP(sc)->if_ierrors++;
709 CARP_UNLOCK(ifp->if_carp);
710 CARP_LOG("%s: incorrect hash\n", SC2IFP(sc)->if_xname);
711 m_freem(m);
712 return;
713 }
714
715 tmp_counter = ntohl(ch->carp_counter[0]);
716 tmp_counter = tmp_counter<<32;
717 tmp_counter += ntohl(ch->carp_counter[1]);
718
719 /* XXX Replay protection goes here */
720
721 sc->sc_init_counter = 0;
722 sc->sc_counter = tmp_counter;
723
724 sc_tv.tv_sec = sc->sc_advbase;
725 if (carp_suppress_preempt && sc->sc_advskew < 240)
726 sc_tv.tv_usec = 240 * 1000000 / 256;
727 else
728 sc_tv.tv_usec = sc->sc_advskew * 1000000 / 256;
729 ch_tv.tv_sec = ch->carp_advbase;
730 ch_tv.tv_usec = ch->carp_advskew * 1000000 / 256;
731
732 switch (sc->sc_state) {
733 case INIT:
734 break;
735 case MASTER:
736 /*
737 * If we receive an advertisement from a master who's going to
738 * be more frequent than us, go into BACKUP state.
739 */
740 if (timevalcmp(&sc_tv, &ch_tv, >) ||
741 timevalcmp(&sc_tv, &ch_tv, ==)) {
742 callout_stop(&sc->sc_ad_tmo);
743 CARP_DEBUG("%s: MASTER -> BACKUP "
744 "(more frequent advertisement received)\n",
745 SC2IFP(sc)->if_xname);
746 carp_set_state(sc, BACKUP);
747 carp_setrun(sc, 0);
748 carp_setroute(sc, RTM_DELETE);
749 }
750 break;
751 case BACKUP:
752 /*
753 * If we're pre-empting masters who advertise slower than us,
754 * and this one claims to be slower, treat him as down.
755 */
756 if (carp_opts[CARPCTL_PREEMPT] &&
757 timevalcmp(&sc_tv, &ch_tv, <)) {
758 CARP_DEBUG("%s: BACKUP -> MASTER "
759 "(preempting a slower master)\n",
760 SC2IFP(sc)->if_xname);
761 carp_master_down_locked(sc);
762 break;
763 }
764
765 /*
766 * If the master is going to advertise at such a low frequency
767 * that he's guaranteed to time out, we'd might as well just
768 * treat him as timed out now.
769 */
770 sc_tv.tv_sec = sc->sc_advbase * 3;
771 if (timevalcmp(&sc_tv, &ch_tv, <)) {
772 CARP_DEBUG("%s: BACKUP -> MASTER "
773 "(master timed out)\n",
774 SC2IFP(sc)->if_xname);
775 carp_master_down_locked(sc);
776 break;
777 }
778
779 /*
780 * Otherwise, we reset the counter and wait for the next
781 * advertisement.
782 */
783 carp_setrun(sc, af);
784 break;
785 }
786
787 CARP_UNLOCK(ifp->if_carp);
788
789 m_freem(m);
790 return;
791 }
792
793 static int
794 carp_prepare_ad(struct mbuf *m, struct carp_softc *sc, struct carp_header *ch)
795 {
796 struct m_tag *mtag;
797 struct ifnet *ifp = SC2IFP(sc);
798
799 if (sc->sc_init_counter) {
800 /* this could also be seconds since unix epoch */
801 sc->sc_counter = karc4random();
802 sc->sc_counter = sc->sc_counter << 32;
803 sc->sc_counter += karc4random();
804 } else
805 sc->sc_counter++;
806
807 ch->carp_counter[0] = htonl((sc->sc_counter>>32)&0xffffffff);
808 ch->carp_counter[1] = htonl(sc->sc_counter&0xffffffff);
809
810 carp_hmac_generate(sc, ch->carp_counter, ch->carp_md);
811
812 /* Tag packet for carp_output */
813 mtag = m_tag_get(PACKET_TAG_CARP, sizeof(struct ifnet *), MB_DONTWAIT);
814 if (mtag == NULL) {
815 m_freem(m);
816 SC2IFP(sc)->if_oerrors++;
817 return (ENOMEM);
818 }
819 bcopy(&ifp, (caddr_t)(mtag + 1), sizeof(struct ifnet *));
820 m_tag_prepend(m, mtag);
821
822 return (0);
823 }
824
825 static void
826 carp_send_ad_all(void)
827 {
828 struct carp_softc *sc;
829
830 LIST_FOREACH(sc, &carpif_list, sc_next) {
831 if (sc->sc_carpdev == NULL)
832 continue;
833 CARP_SCLOCK(sc);
834 if ((SC2IFP(sc)->if_flags & IFF_UP) && (SC2IFP(sc)->if_flags & IFF_RUNNING) &&
835 sc->sc_state == MASTER)
836 carp_send_ad_locked(sc);
837 CARP_SCUNLOCK(sc);
838 }
839 }
840
841 static void
842 carp_send_ad(void *v)
843 {
844 struct carp_softc *sc = v;
845
846 CARP_SCLOCK(sc);
847 carp_send_ad_locked(sc);
848 CARP_SCUNLOCK(sc);
849 }
850
851 static void
852 carp_send_ad_locked(struct carp_softc *sc)
853 {
854 struct carp_header ch;
855 struct timeval tv;
856 struct carp_header *ch_ptr;
857 struct mbuf *m;
858 int len, advbase, advskew;
859
860
861 /* bow out if we've lost our UPness or RUNNINGuiness */
862 if (!((SC2IFP(sc)->if_flags & IFF_UP) && (SC2IFP(sc)->if_flags & IFF_RUNNING))) {
863 advbase = 255;
864 advskew = 255;
865 } else {
866 advbase = sc->sc_advbase;
867 if (!carp_suppress_preempt || sc->sc_advskew > 240)
868 advskew = sc->sc_advskew;
869 else
870 advskew = 240;
871 tv.tv_sec = advbase;
872 tv.tv_usec = advskew * 1000000 / 256;
873 }
874
875 ch.carp_version = CARP_VERSION;
876 ch.carp_type = CARP_ADVERTISEMENT;
877 ch.carp_vhid = sc->sc_vhid;
878 ch.carp_advbase = advbase;
879 ch.carp_advskew = advskew;
880 ch.carp_authlen = 7; /* XXX DEFINE */
881 ch.carp_pad1 = 0; /* must be zero */
882 ch.carp_cksum = 0;
883
884 #ifdef INET
885 if (sc->sc_ia) {
886 struct ip *ip;
887
888 MGETHDR(m, M_NOWAIT, MT_HEADER);
889 if (m == NULL) {
890 SC2IFP(sc)->if_oerrors++;
891 carpstats.carps_onomem++;
892 /* XXX maybe less ? */
893 if (advbase != 255 || advskew != 255)
894 callout_reset(&sc->sc_ad_tmo, tvtohz_high(&tv),
895 carp_send_ad, sc);
896 return;
897 }
898 len = sizeof(*ip) + sizeof(ch);
899 m->m_pkthdr.len = len;
900 m->m_pkthdr.rcvif = NULL;
901 m->m_len = len;
902 MH_ALIGN(m, m->m_len);
903 m->m_flags |= M_MCAST;
904 ip = mtod(m, struct ip *);
905 ip->ip_v = IPVERSION;
906 ip->ip_hl = sizeof(*ip) >> 2;
907 ip->ip_tos = IPTOS_LOWDELAY;
908 ip->ip_len = len;
909 ip->ip_id = ip_newid();
910 ip->ip_off = IP_DF;
911 ip->ip_ttl = CARP_DFLTTL;
912 ip->ip_p = IPPROTO_CARP;
913 ip->ip_sum = 0;
914 ip->ip_src.s_addr = sc->sc_ia->ia_addr.sin_addr.s_addr;
915 ip->ip_dst.s_addr = htonl(INADDR_CARP_GROUP);
916
917 ch_ptr = (struct carp_header *)(&ip[1]);
918 bcopy(&ch, ch_ptr, sizeof(ch));
919 if (carp_prepare_ad(m, sc, ch_ptr))
920 return;
921
922 m->m_data += sizeof(*ip);
923 ch_ptr->carp_cksum = carp_cksum(m, len - sizeof(*ip));
924 m->m_data -= sizeof(*ip);
925
926 getmicrotime(&SC2IFP(sc)->if_lastchange);
927 SC2IFP(sc)->if_opackets++;
928 SC2IFP(sc)->if_obytes += len;
929 carpstats.carps_opackets++;
930
931 if (ip_output(m, NULL, NULL, IP_RAWOUTPUT, &sc->sc_imo, NULL)) {
932 SC2IFP(sc)->if_oerrors++;
933 if (sc->sc_sendad_errors < INT_MAX)
934 sc->sc_sendad_errors++;
935 if (sc->sc_sendad_errors == CARP_SENDAD_MAX_ERRORS) {
936 carp_suppress_preempt++;
937 if (carp_suppress_preempt == 1) {
938 CARP_SCUNLOCK(sc);
939 carp_send_ad_all();
940 CARP_SCLOCK(sc);
941 }
942 }
943 sc->sc_sendad_success = 0;
944 } else {
945 if (sc->sc_sendad_errors >= CARP_SENDAD_MAX_ERRORS) {
946 if (++sc->sc_sendad_success >=
947 CARP_SENDAD_MIN_SUCCESS) {
948 carp_suppress_preempt--;
949 sc->sc_sendad_errors = 0;
950 }
951 } else
952 sc->sc_sendad_errors = 0;
953 }
954 }
955 #endif /* INET */
956 #ifdef INET6
957 if (sc->sc_ia6) {
958 struct ip6_hdr *ip6;
959
960 MGETHDR(m, M_NOWAIT, MT_HEADER);
961 if (m == NULL) {
962 SC2IFP(sc)->if_oerrors++;
963 carpstats.carps_onomem++;
964 /* XXX maybe less ? */
965 if (advbase != 255 || advskew != 255)
966 callout_reset(&sc->sc_ad_tmo, tvtohz_high(&tv),
967 carp_send_ad, sc);
968 return;
969 }
970 len = sizeof(*ip6) + sizeof(ch);
971 m->m_pkthdr.len = len;
972 m->m_pkthdr.rcvif = NULL;
973 m->m_len = len;
974 MH_ALIGN(m, m->m_len);
975 m->m_flags |= M_MCAST;
976 ip6 = mtod(m, struct ip6_hdr *);
977 bzero(ip6, sizeof(*ip6));
978 ip6->ip6_vfc |= IPV6_VERSION;
979 ip6->ip6_hlim = CARP_DFLTTL;
980 ip6->ip6_nxt = IPPROTO_CARP;
981 bcopy(&sc->sc_ia6->ia_addr.sin6_addr, &ip6->ip6_src,
982 sizeof(struct in6_addr));
983 /* set the multicast destination */
984
985 ip6->ip6_dst.s6_addr16[0] = htons(0xff02);
986 ip6->ip6_dst.s6_addr8[15] = 0x12;
987 if (in6_setscope(&ip6->ip6_dst, sc->sc_carpdev, NULL) != 0) {
988 SC2IFP(sc)->if_oerrors++;
989 m_freem(m);
990 CARP_LOG("%s: in6_setscope failed\n", __func__);
991 return;
992 }
993
994 ch_ptr = (struct carp_header *)(&ip6[1]);
995 bcopy(&ch, ch_ptr, sizeof(ch));
996 if (carp_prepare_ad(m, sc, ch_ptr))
997 return;
998
999 m->m_data += sizeof(*ip6);
1000 ch_ptr->carp_cksum = carp_cksum(m, len - sizeof(*ip6));
1001 m->m_data -= sizeof(*ip6);
1002
1003 getmicrotime(&SC2IFP(sc)->if_lastchange);
1004 SC2IFP(sc)->if_opackets++;
1005 SC2IFP(sc)->if_obytes += len;
1006 carpstats.carps_opackets6++;
1007
1008 if (ip6_output(m, NULL, NULL, 0, &sc->sc_im6o, NULL, NULL)) {
1009 SC2IFP(sc)->if_oerrors++;
1010 if (sc->sc_sendad_errors < INT_MAX)
1011 sc->sc_sendad_errors++;
1012 if (sc->sc_sendad_errors == CARP_SENDAD_MAX_ERRORS) {
1013 carp_suppress_preempt++;
1014 if (carp_suppress_preempt == 1) {
1015 CARP_SCUNLOCK(sc);
1016 carp_send_ad_all();
1017 CARP_SCLOCK(sc);
1018 }
1019 }
1020 sc->sc_sendad_success = 0;
1021 } else {
1022 if (sc->sc_sendad_errors >= CARP_SENDAD_MAX_ERRORS) {
1023 if (++sc->sc_sendad_success >=
1024 CARP_SENDAD_MIN_SUCCESS) {
1025 carp_suppress_preempt--;
1026 sc->sc_sendad_errors = 0;
1027 }
1028 } else
1029 sc->sc_sendad_errors = 0;
1030 }
1031 }
1032 #endif /* INET6 */
1033
1034 if (advbase != 255 || advskew != 255)
1035 callout_reset(&sc->sc_ad_tmo, tvtohz_high(&tv),
1036 carp_send_ad, sc);
1037
1038 }
1039
1040 /*
1041 * Broadcast a gratuitous ARP request containing
1042 * the virtual router MAC address for each IP address
1043 * associated with the virtual router.
1044 */
1045 static void
1046 carp_send_arp(struct carp_softc *sc)
1047 {
1048 struct ifaddr_container *ifac;
1049
1050 TAILQ_FOREACH(ifac, &SC2IFP(sc)->if_addrheads[mycpuid], ifa_link) {
1051 struct ifaddr *ifa = ifac->ifa;
1052
1053 if (ifa->ifa_addr->sa_family != AF_INET)
1054 continue;
1055 lwkt_serialize_enter(sc->sc_carpdev->if_serializer);
1056 arp_ifinit2(sc->sc_carpdev, ifa, IF_LLADDR(sc->sc_ifp));
1057 lwkt_serialize_exit(sc->sc_carpdev->if_serializer);
1058
1059 DELAY(1000); /* XXX */
1060 }
1061 }
1062
1063 #ifdef INET6
1064 static void
1065 carp_send_na(struct carp_softc *sc)
1066 {
1067 struct ifaddr_container *ifac;
1068 struct in6_addr *in6;
1069 static struct in6_addr mcast = IN6ADDR_LINKLOCAL_ALLNODES_INIT;
1070
1071 TAILQ_FOREACH(ifac, &SC2IFP(sc)->if_addrheads[mycpuid], ifa_link) {
1072 struct ifaddr *ifa = ifac->ifa;
1073
1074 if (ifa->ifa_addr->sa_family != AF_INET6)
1075 continue;
1076
1077 in6 = &ifatoia6(ifa)->ia_addr.sin6_addr;
1078 nd6_na_output(sc->sc_carpdev, &mcast, in6,
1079 ND_NA_FLAG_OVERRIDE, 1, NULL);
1080 DELAY(1000); /* XXX */
1081 }
1082 }
1083 #endif /* INET6 */
1084
1085 static int
1086 carp_addrcount(struct carp_if *cif, struct in_ifaddr *ia, int type)
1087 {
1088 struct carp_softc *vh;
1089 int count = 0;
1090
1091 CARP_LOCK_ASSERT(cif);
1092
1093 TAILQ_FOREACH(vh, &cif->vhif_vrs, sc_list) {
1094 if ((type == CARP_COUNT_RUNNING &&
1095 (SC2IFP(vh)->if_flags & IFF_UP) && (SC2IFP(vh)->if_flags & IFF_RUNNING)) ||
1096 (type == CARP_COUNT_MASTER && vh->sc_state == MASTER)) {
1097 struct ifaddr_container *ifac;
1098
1099 TAILQ_FOREACH(ifac, &SC2IFP(vh)->if_addrheads[mycpuid],
1100 ifa_link) {
1101 struct ifaddr *ifa = ifac->ifa;
1102
1103 if (ifa->ifa_addr->sa_family == AF_INET &&
1104 ia->ia_addr.sin_addr.s_addr ==
1105 ifatoia(ifa)->ia_addr.sin_addr.s_addr)
1106 count++;
1107 }
1108 }
1109 }
1110 return (count);
1111 }
1112
1113 int
1114 carp_iamatch(void *v, struct in_ifaddr *ia,
1115 struct in_addr *isaddr, u_int8_t **enaddr)
1116 {
1117 struct carp_if *cif = v;
1118 struct carp_softc *vh;
1119 int index, count = 0;
1120
1121 CARP_LOCK(cif);
1122
1123 if (carp_opts[CARPCTL_ARPBALANCE]) {
1124 /*
1125 * XXX proof of concept implementation.
1126 * We use the source ip to decide which virtual host should
1127 * handle the request. If we're master of that virtual host,
1128 * then we respond, otherwise, just drop the arp packet on
1129 * the floor.
1130 */
1131 count = carp_addrcount(cif, ia, CARP_COUNT_RUNNING);
1132 if (count == 0) {
1133 /* should never reach this */
1134 CARP_UNLOCK(cif);
1135 return (0);
1136 }
1137
1138 /* this should be a hash, like pf_hash() */
1139 index = ntohl(isaddr->s_addr) % count;
1140 count = 0;
1141
1142 TAILQ_FOREACH(vh, &cif->vhif_vrs, sc_list) {
1143 if ((SC2IFP(vh)->if_flags & IFF_UP) && (SC2IFP(vh)->if_flags & IFF_RUNNING)) {
1144 struct ifaddr_container *ifac;
1145
1146 TAILQ_FOREACH(ifac, &SC2IFP(vh)->if_addrheads[mycpuid], ifa_link) {
1147 struct ifaddr *ifa = ifac->ifa;
1148
1149 if (ifa->ifa_addr->sa_family ==
1150 AF_INET &&
1151 ia->ia_addr.sin_addr.s_addr ==
1152 ifatoia(ifa)->ia_addr.sin_addr.s_addr) {
1153 if (count == index) {
1154 if (vh->sc_state ==
1155 MASTER) {
1156 *enaddr = IF_LLADDR(vh->sc_ifp);
1157 CARP_UNLOCK(cif);
1158 return (1);
1159 } else {
1160 CARP_UNLOCK(cif);
1161 return (0);
1162 }
1163 }
1164 count++;
1165 }
1166 }
1167 }
1168 }
1169 } else {
1170 TAILQ_FOREACH(vh, &cif->vhif_vrs, sc_list) {
1171 if ((SC2IFP(vh)->if_flags & IFF_UP) && (SC2IFP(vh)->if_flags & IFF_RUNNING) &&
1172 vh->sc_state == MASTER) {
1173 *enaddr = IF_LLADDR(vh->sc_ifp);
1174 CARP_UNLOCK(cif);
1175 return (1);
1176 }
1177 }
1178 }
1179 CARP_UNLOCK(cif);
1180 return(0);
1181 }
1182
1183 #ifdef INET6
1184 struct ifaddr *
1185 carp_iamatch6(void *v, struct in6_addr *taddr)
1186 {
1187 struct carp_if *cif = v;
1188 struct carp_softc *vh;
1189
1190 CARP_LOCK(cif);
1191 TAILQ_FOREACH(vh, &cif->vhif_vrs, sc_list) {
1192 struct ifaddr_container *ifac;
1193
1194 TAILQ_FOREACH(ifac, &SC2IFP(vh)->if_addrheads[mycpuid], ifa_link) {
1195 struct ifaddr *ifa = ifac->ifa;
1196
1197 if (IN6_ARE_ADDR_EQUAL(taddr,
1198 &ifatoia6(ifa)->ia_addr.sin6_addr) &&
1199 (SC2IFP(vh)->if_flags & IFF_UP) && (SC2IFP(vh)->if_flags & IFF_RUNNING) &&
1200 vh->sc_state == MASTER) {
1201 CARP_UNLOCK(cif);
1202 return (ifa);
1203 }
1204 }
1205 }
1206 CARP_UNLOCK(cif);
1207
1208 return (NULL);
1209 }
1210
1211 void *
1212 carp_macmatch6(void *v, struct mbuf *m, const struct in6_addr *taddr)
1213 {
1214 struct m_tag *mtag;
1215 struct carp_if *cif = v;
1216 struct carp_softc *sc;
1217
1218 CARP_LOCK(cif);
1219 TAILQ_FOREACH(sc, &cif->vhif_vrs, sc_list) {
1220 struct ifaddr_container *ifac;
1221
1222 TAILQ_FOREACH(ifac, &SC2IFP(sc)->if_addrheads[mycpuid], ifa_link) {
1223 struct ifaddr *ifa = ifac->ifa;
1224
1225 if (IN6_ARE_ADDR_EQUAL(taddr,
1226 &ifatoia6(ifa)->ia_addr.sin6_addr) &&
1227 (SC2IFP(sc)->if_flags & IFF_UP) && (SC2IFP(sc)->if_flags & IFF_RUNNING)) {
1228 struct ifnet *ifp = SC2IFP(sc);
1229 mtag = m_tag_get(PACKET_TAG_CARP,
1230 sizeof(struct ifnet *), MB_DONTWAIT);
1231 if (mtag == NULL) {
1232 /* better a bit than nothing */
1233 CARP_UNLOCK(cif);
1234 return (IF_LLADDR(sc->sc_ifp));
1235 }
1236 bcopy(&ifp, (caddr_t)(mtag + 1),
1237 sizeof(struct ifnet *));
1238 m_tag_prepend(m, mtag);
1239
1240 CARP_UNLOCK(cif);
1241 return (IF_LLADDR(sc->sc_ifp));
1242 }
1243 }
1244 }
1245 CARP_UNLOCK(cif);
1246
1247 return (NULL);
1248 }
1249 #endif
1250
1251 struct ifnet *
1252 carp_forus(void *v, void *dhost)
1253 {
1254 struct carp_if *cif = v;
1255 struct carp_softc *vh;
1256 u_int8_t *ena = dhost;
1257
1258 /**
1259 * XXX: See here for check on MAC adr is not for virtual use
1260 *
1261 **/
1262
1263 if (ena[0] || ena[1] || ena[2] != 0x5e || ena[3] || ena[4] != 1)
1264 {
1265 return (NULL);
1266 }
1267
1268 CARP_LOCK(cif);
1269 TAILQ_FOREACH(vh, &cif->vhif_vrs, sc_list)
1270 if ((SC2IFP(vh)->if_flags & IFF_UP) && (SC2IFP(vh)->if_flags & IFF_RUNNING) &&
1271 vh->sc_state == MASTER &&
1272 !bcmp(dhost, IF_LLADDR(vh->sc_ifp), ETHER_ADDR_LEN)) {
1273 CARP_UNLOCK(cif);
1274 return (SC2IFP(vh));
1275 }
1276
1277 CARP_UNLOCK(cif);
1278 return (NULL);
1279 }
1280
1281 static void
1282 carp_master_down(void *v)
1283 {
1284 struct carp_softc *sc = v;
1285
1286 lwkt_serialize_enter(sc->sc_ifp->if_serializer);
1287 carp_master_down_locked(sc);
1288 lwkt_serialize_exit(sc->sc_ifp->if_serializer);
1289 }
1290
1291 static void
1292 carp_master_down_locked(struct carp_softc *sc)
1293 {
1294 if (sc->sc_carpdev)
1295 CARP_SCLOCK_ASSERT(sc);
1296
1297 switch (sc->sc_state) {
1298 case INIT:
1299 kprintf("%s: master_down event in INIT state\n",
1300 SC2IFP(sc)->if_xname);
1301 break;
1302 case MASTER:
1303 break;
1304 case BACKUP:
1305 carp_set_state(sc, MASTER);
1306 carp_send_ad_locked(sc);
1307 carp_send_arp(sc);
1308 #ifdef INET6
1309 carp_send_na(sc);
1310 #endif /* INET6 */
1311 carp_setrun(sc, 0);
1312 carp_setroute(sc, RTM_ADD);
1313 break;
1314 }
1315 }
1316
1317 /*
1318 * When in backup state, af indicates whether to reset the master down timer
1319 * for v4 or v6. If it's set to zero, reset the ones which are already pending.
1320 */
1321 static void
1322 carp_setrun(struct carp_softc *sc, sa_family_t af)
1323 {
1324 struct timeval tv;
1325
1326 if (sc->sc_carpdev == NULL) {
1327 SC2IFP(sc)->if_flags &= ~IFF_RUNNING;
1328 carp_set_state(sc, INIT);
1329 return;
1330 }
1331
1332 if (SC2IFP(sc)->if_flags & IFF_UP &&
1333 sc->sc_vhid > 0 && (sc->sc_naddrs || sc->sc_naddrs6))
1334 SC2IFP(sc)->if_flags |= IFF_RUNNING;
1335 else {
1336 SC2IFP(sc)->if_flags &= ~IFF_RUNNING;
1337 carp_setroute(sc, RTM_DELETE);
1338 return;
1339 }
1340
1341 switch (sc->sc_state) {
1342 case INIT:
1343 if (carp_opts[CARPCTL_PREEMPT] && !carp_suppress_preempt) {
1344 carp_send_ad_locked(sc);
1345 carp_send_arp(sc);
1346 #ifdef INET6
1347 carp_send_na(sc);
1348 #endif /* INET6 */
1349 CARP_DEBUG("%s: INIT -> MASTER (preempting)\n",
1350 SC2IFP(sc)->if_xname);
1351 carp_set_state(sc, MASTER);
1352 carp_setroute(sc, RTM_ADD);
1353 } else {
1354 CARP_DEBUG("%s: INIT -> BACKUP\n", SC2IFP(sc)->if_xname);
1355 carp_set_state(sc, BACKUP);
1356 carp_setroute(sc, RTM_DELETE);
1357 carp_setrun(sc, 0);
1358 }
1359 break;
1360 case BACKUP:
1361 callout_stop(&sc->sc_ad_tmo);
1362 tv.tv_sec = 3 * sc->sc_advbase;
1363 tv.tv_usec = sc->sc_advskew * 1000000 / 256;
1364 switch (af) {
1365 #ifdef INET
1366 case AF_INET:
1367 callout_reset(&sc->sc_md_tmo, tvtohz_high(&tv),
1368 carp_master_down, sc);
1369 break;
1370 #endif /* INET */
1371 #ifdef INET6
1372 case AF_INET6:
1373 callout_reset(&sc->sc_md6_tmo, tvtohz_high(&tv),
1374 carp_master_down, sc);
1375 break;
1376 #endif /* INET6 */
1377 default:
1378 if (sc->sc_naddrs)
1379 callout_reset(&sc->sc_md_tmo, tvtohz_high(&tv),
1380 carp_master_down, sc);
1381 if (sc->sc_naddrs6)
1382 callout_reset(&sc->sc_md6_tmo, tvtohz_high(&tv),
1383 carp_master_down, sc);
1384 break;
1385 }
1386 break;
1387 case MASTER:
1388 tv.tv_sec = sc->sc_advbase;
1389 tv.tv_usec = sc->sc_advskew * 1000000 / 256;
1390 callout_reset(&sc->sc_ad_tmo, tvtohz_high(&tv),
1391 carp_send_ad, sc);
1392 break;
1393 }
1394 }
1395
1396 static void
1397 carp_multicast_cleanup(struct carp_softc *sc)
1398 {
1399 struct ip_moptions *imo = &sc->sc_imo;
1400 u_int16_t n = imo->imo_num_memberships;
1401
1402 /* Clean up our own multicast memberships */
1403 while (n-- > 0) {
1404 if (imo->imo_membership[n] != NULL) {
1405 in_delmulti(imo->imo_membership[n]);
1406 imo->imo_membership[n] = NULL;
1407 }
1408 }
1409 imo->imo_num_memberships = 0;
1410 imo->imo_multicast_ifp = NULL;
1411 }
1412
1413 #ifdef INET6
1414 static void
1415 carp_multicast6_cleanup(struct carp_softc *sc)
1416 {
1417 struct ip6_moptions *im6o = &sc->sc_im6o;
1418
1419 while (!LIST_EMPTY(&im6o->im6o_memberships)) {
1420 struct in6_multi_mship *imm =
1421 LIST_FIRST(&im6o->im6o_memberships);
1422
1423 LIST_REMOVE(imm, i6mm_chain);
1424 in6_leavegroup(imm);
1425 }
1426 im6o->im6o_multicast_ifp = NULL;
1427 }
1428 #endif
1429
1430 static int
1431 carp_set_addr(struct carp_softc *sc, struct sockaddr_in *sin)
1432 {
1433 struct ifnet *ifp;
1434 struct carp_if *cif;
1435 struct in_ifaddr *ia, *ia_if;
1436 struct ip_moptions *imo = &sc->sc_imo;
1437 struct in_addr addr;
1438 u_long iaddr = htonl(sin->sin_addr.s_addr);
1439 int own, error;
1440
1441 if (sin->sin_addr.s_addr == 0)
1442 {
1443 if (!(SC2IFP(sc)->if_flags & IFF_UP))
1444 {
1445 carp_set_state(sc, INIT);
1446 }
1447 if (sc->sc_naddrs)
1448 {
1449 SC2IFP(sc)->if_flags |= IFF_UP;
1450 }
1451 carp_setrun(sc, 0);
1452 return (0);
1453 }
1454 /* we have to do it by hands to check we won't match on us */
1455 ia_if = NULL; own = 0;
1456 TAILQ_FOREACH(ia, &in_ifaddrhead, ia_link) {
1457 /* and, yeah, we need a multicast-capable iface too */
1458 if (ia->ia_ifp != SC2IFP(sc) &&
1459 (ia->ia_ifp->if_flags & IFF_MULTICAST) &&
1460 (iaddr & ia->ia_subnetmask) == ia->ia_subnet) {
1461 if (!ia_if)
1462 ia_if = ia;
1463 if (sin->sin_addr.s_addr ==
1464 ia->ia_addr.sin_addr.s_addr)
1465 own++;
1466 }
1467 }
1468
1469
1470 if (!ia_if)
1471 return (EADDRNOTAVAIL);
1472
1473 ia = ia_if;
1474 ifp = ia->ia_ifp;
1475
1476 if (ifp == NULL || (ifp->if_flags & IFF_MULTICAST) == 0 ||
1477 (imo->imo_multicast_ifp && imo->imo_multicast_ifp != ifp))
1478 return (EADDRNOTAVAIL);
1479
1480 if (imo->imo_num_memberships == 0) {
1481 addr.s_addr = htonl(INADDR_CARP_GROUP);
1482 if ((imo->imo_membership[0] = in_addmulti(&addr, ifp)) == NULL)
1483 return (ENOBUFS);
1484 imo->imo_num_memberships++;
1485 imo->imo_multicast_ifp = ifp;
1486 imo->imo_multicast_ttl = CARP_DFLTTL;
1487 imo->imo_multicast_loop = 0;
1488 }
1489
1490 if (!ifp->if_carp) {
1491
1492 MALLOC(cif, struct carp_if *, sizeof(*cif), M_CARP,
1493 M_WAITOK|M_ZERO);
1494 if ((error = ifpromisc(ifp, 1))) {
1495 FREE(cif, M_CARP);
1496 goto cleanup;
1497 }
1498
1499 CARP_LOCK_INIT(cif);
1500 CARP_LOCK(cif);
1501 cif->vhif_ifp = ifp;
1502 TAILQ_INIT(&cif->vhif_vrs);
1503 ifp->if_carp = cif;
1504
1505 } else {
1506 struct carp_softc *vr;
1507
1508 cif = (struct carp_if *)ifp->if_carp;
1509 CARP_LOCK(cif);
1510 TAILQ_FOREACH(vr, &cif->vhif_vrs, sc_list)
1511 if (vr != sc && vr->sc_vhid == sc->sc_vhid) {
1512 CARP_UNLOCK(cif);
1513 error = EINVAL;
1514 goto cleanup;
1515 }
1516 }
1517 sc->sc_ia = ia;
1518 sc->sc_carpdev = ifp;
1519
1520 { /* XXX prevent endless loop if already in queue */
1521 struct carp_softc *vr, *after = NULL;
1522 int myself = 0;
1523 cif = (struct carp_if *)ifp->if_carp;
1524
1525 /* XXX: cif should not change, right? So we still hold the lock */
1526 CARP_LOCK_ASSERT(cif);
1527
1528 TAILQ_FOREACH(vr, &cif->vhif_vrs, sc_list) {
1529 if (vr == sc)
1530 myself = 1;
1531 if (vr->sc_vhid < sc->sc_vhid)
1532 after = vr;
1533 }
1534
1535 if (!myself) {
1536 /* We're trying to keep things in order */
1537 if (after == NULL) {
1538 TAILQ_INSERT_TAIL(&cif->vhif_vrs, sc, sc_list);
1539 } else {
1540 TAILQ_INSERT_AFTER(&cif->vhif_vrs, after, sc, sc_list);
1541 }
1542 cif->vhif_nvrs++;
1543 }
1544 }
1545
1546 sc->sc_naddrs++;
1547 SC2IFP(sc)->if_flags |= IFF_UP;
1548 if (own)
1549 sc->sc_advskew = 0;
1550
1551
1552 carp_sc_state_locked(sc);
1553 carp_setrun(sc, 0);
1554
1555 CARP_UNLOCK(cif);
1556
1557 return (0);
1558
1559 cleanup:
1560 in_delmulti(imo->imo_membership[--imo->imo_num_memberships]);
1561 return (error);
1562
1563 }
1564
1565 static int
1566 carp_del_addr(struct carp_softc *sc, struct sockaddr_in *sin)
1567 {
1568 int error = 0;
1569
1570 if (!--sc->sc_naddrs) {
1571 struct carp_if *cif = (struct carp_if *)sc->sc_carpdev->if_carp;
1572 struct ip_moptions *imo = &sc->sc_imo;
1573
1574 CARP_LOCK(cif);
1575 callout_stop(&sc->sc_ad_tmo);
1576 SC2IFP(sc)->if_flags &= ~IFF_UP;
1577 SC2IFP(sc)->if_flags &= ~IFF_RUNNING;
1578 sc->sc_vhid = -1;
1579 in_delmulti(imo->imo_membership[--imo->imo_num_memberships]);
1580 imo->imo_multicast_ifp = NULL;
1581 TAILQ_REMOVE(&cif->vhif_vrs, sc, sc_list);
1582 if (!--cif->vhif_nvrs) {
1583 sc->sc_carpdev->if_carp = NULL;
1584 CARP_LOCK_DESTROY(cif);
1585 FREE(cif, M_IFADDR);
1586 } else {
1587 CARP_UNLOCK(cif);
1588 }
1589 }
1590
1591 return (error);
1592 }
1593
1594 #ifdef INET6
1595 static int
1596 carp_set_addr6(struct carp_softc *sc, struct sockaddr_in6 *sin6)
1597 {
1598 struct ifnet *ifp;
1599 struct carp_if *cif;
1600 struct in6_ifaddr *ia, *ia_if;
1601 struct ip6_moptions *im6o = &sc->sc_im6o;
1602 struct in6_multi_mship *imm;
1603 struct in6_addr in6;
1604 int own, error;
1605
1606 if (IN6_IS_ADDR_UNSPECIFIED(&sin6->sin6_addr)) {
1607 if (!(SC2IFP(sc)->if_flags & IFF_UP))
1608 carp_set_state(sc, INIT);
1609 if (sc->sc_naddrs6)
1610 SC2IFP(sc)->if_flags |= IFF_UP;
1611 carp_setrun(sc, 0);
1612 return (0);
1613 }
1614
1615 /* we have to do it by hands to check we won't match on us */
1616 ia_if = NULL; own = 0;
1617 for (ia = in6_ifaddr; ia; ia = ia->ia_next) {
1618 int i;
1619
1620 for (i = 0; i < 4; i++) {
1621 if ((sin6->sin6_addr.s6_addr32[i] &
1622 ia->ia_prefixmask.sin6_addr.s6_addr32[i]) !=
1623 (ia->ia_addr.sin6_addr.s6_addr32[i] &
1624 ia->ia_prefixmask.sin6_addr.s6_addr32[i]))
1625 break;
1626 }
1627 /* and, yeah, we need a multicast-capable iface too */
1628 if (ia->ia_ifp != SC2IFP(sc) &&
1629 (ia->ia_ifp->if_flags & IFF_MULTICAST) &&
1630 (i == 4)) {
1631 if (!ia_if)
1632 ia_if = ia;
1633 if (IN6_ARE_ADDR_EQUAL(&sin6->sin6_addr,
1634 &ia->ia_addr.sin6_addr))
1635 own++;
1636 }
1637 }
1638
1639 if (!ia_if)
1640 return (EADDRNOTAVAIL);
1641 ia = ia_if;
1642 ifp = ia->ia_ifp;
1643
1644 if (ifp == NULL || (ifp->if_flags & IFF_MULTICAST) == 0 ||
1645 (im6o->im6o_multicast_ifp && im6o->im6o_multicast_ifp != ifp))
1646 return (EADDRNOTAVAIL);
1647
1648 if (!sc->sc_naddrs6) {
1649 im6o->im6o_multicast_ifp = ifp;
1650
1651 /* join CARP multicast address */
1652 bzero(&in6, sizeof(in6));
1653 in6.s6_addr16[0] = htons(0xff02);
1654 in6.s6_addr8[15] = 0x12;
1655 if (in6_setscope(&in6, ifp, NULL) != 0)
1656 goto cleanup;
1657 if ((imm = in6_joingroup(ifp, &in6, &error)) == NULL)
1658 goto cleanup;
1659 LIST_INSERT_HEAD(&im6o->im6o_memberships, imm, i6mm_chain);
1660
1661 /* join solicited multicast address */
1662 bzero(&in6, sizeof(in6));
1663 in6.s6_addr16[0] = htons(0xff02);
1664 in6.s6_addr32[1] = 0;
1665 in6.s6_addr32[2] = htonl(1);
1666 in6.s6_addr32[3] = sin6->sin6_addr.s6_addr32[3];
1667 in6.s6_addr8[12] = 0xff;
1668 if (in6_setscope(&in6, ifp, NULL) != 0)
1669 goto cleanup;
1670 if ((imm = in6_joingroup(ifp, &in6, &error)) == NULL)
1671 goto cleanup;
1672 LIST_INSERT_HEAD(&im6o->im6o_memberships, imm, i6mm_chain);
1673 }
1674
1675 if (!ifp->if_carp) {
1676 MALLOC(cif, struct carp_if *, sizeof(*cif), M_CARP,
1677 M_WAITOK|M_ZERO);
1678 if ((error = ifpromisc(ifp, 1))) {
1679 FREE(cif, M_CARP);
1680 goto cleanup;
1681 }
1682
1683 CARP_LOCK_INIT(cif);
1684 CARP_LOCK(cif);
1685 cif->vhif_ifp = ifp;
1686 TAILQ_INIT(&cif->vhif_vrs);
1687 ifp->if_carp = cif;
1688
1689 } else {
1690 struct carp_softc *vr;
1691
1692 cif = (struct carp_if *)ifp->if_carp;
1693 CARP_LOCK(cif);
1694 TAILQ_FOREACH(vr, &cif->vhif_vrs, sc_list)
1695 if (vr != sc && vr->sc_vhid == sc->sc_vhid) {
1696 CARP_UNLOCK(cif);
1697 error = EINVAL;
1698 goto cleanup;
1699 }
1700 }
1701 sc->sc_ia6 = ia;
1702 sc->sc_carpdev = ifp;
1703
1704 { /* XXX prevent endless loop if already in queue */
1705 struct carp_softc *vr, *after = NULL;
1706 int myself = 0;
1707 cif = (struct carp_if *)ifp->if_carp;
1708 CARP_LOCK_ASSERT(cif);
1709
1710 TAILQ_FOREACH(vr, &cif->vhif_vrs, sc_list) {
1711 if (vr == sc)
1712 myself = 1;
1713 if (vr->sc_vhid < sc->sc_vhid)
1714 after = vr;
1715 }
1716
1717 if (!myself) {
1718 /* We're trying to keep things in order */
1719 if (after == NULL) {
1720 TAILQ_INSERT_TAIL(&cif->vhif_vrs, sc, sc_list);
1721 } else {
1722 TAILQ_INSERT_AFTER(&cif->vhif_vrs, after, sc, sc_list);
1723 }
1724 cif->vhif_nvrs++;
1725 }
1726 }
1727
1728 sc->sc_naddrs6++;
1729 SC2IFP(sc)->if_flags |= IFF_UP;
1730 if (own)
1731 sc->sc_advskew = 0;
1732 carp_sc_state_locked(sc);
1733 carp_setrun(sc, 0);
1734
1735 CARP_UNLOCK(cif);
1736
1737 return (0);
1738
1739 cleanup:
1740 /* clean up multicast memberships */
1741 if (!sc->sc_naddrs6) {
1742 while (!LIST_EMPTY(&im6o->im6o_memberships)) {
1743 imm = LIST_FIRST(&im6o->im6o_memberships);
1744 LIST_REMOVE(imm, i6mm_chain);
1745 in6_leavegroup(imm);
1746 }
1747 }
1748 return (error);
1749 }
1750
1751 static int
1752 carp_del_addr6(struct carp_softc *sc, struct sockaddr_in6 *sin6)
1753 {
1754 int error = 0;
1755
1756 if (!--sc->sc_naddrs6) {
1757 struct carp_if *cif = (struct carp_if *)sc->sc_carpdev->if_carp;
1758 struct ip6_moptions *im6o = &sc->sc_im6o;
1759
1760 CARP_LOCK(cif);
1761 callout_stop(&sc->sc_ad_tmo);
1762 SC2IFP(sc)->if_flags &= ~IFF_UP;
1763 SC2IFP(sc)->if_flags &= ~IFF_RUNNING;
1764 sc->sc_vhid = -1;
1765 while (!LIST_EMPTY(&im6o->im6o_memberships)) {
1766 struct in6_multi_mship *imm =
1767 LIST_FIRST(&im6o->im6o_memberships);
1768
1769 LIST_REMOVE(imm, i6mm_chain);
1770 in6_leavegroup(imm);
1771 }
1772 im6o->im6o_multicast_ifp = NULL;
1773 TAILQ_REMOVE(&cif->vhif_vrs, sc, sc_list);
1774 if (!--cif->vhif_nvrs) {
1775 CARP_LOCK_DESTROY(cif);
1776 sc->sc_carpdev->if_carp = NULL;
1777 FREE(cif, M_IFADDR);
1778 } else
1779 CARP_UNLOCK(cif);
1780 }
1781
1782 return (error);
1783 }
1784 #endif /* INET6 */
1785
1786 static int
1787 carp_ioctl(struct ifnet *ifp, u_long cmd, caddr_t addr, struct ucred *creds)
1788 {
1789 struct carp_softc *sc = ifp->if_softc, *vr;
1790 struct carpreq carpr;
1791 struct ifaddr *ifa;
1792 struct ifreq *ifr;
1793 struct ifaliasreq *ifra;
1794 int locked = 0, error = 0;
1795
1796 ifa = (struct ifaddr *)addr;
1797 ifra = (struct ifaliasreq *)addr;
1798 ifr = (struct ifreq *)addr;
1799
1800
1801 switch (cmd) {
1802 case SIOCSIFADDR:
1803 switch (ifa->ifa_addr->sa_family) {
1804 #ifdef INET
1805 case AF_INET:
1806 SC2IFP(sc)->if_flags |= IFF_UP;
1807 bcopy(ifa->ifa_addr, ifa->ifa_dstaddr,
1808 sizeof(struct sockaddr));
1809 error = carp_set_addr(sc, satosin(ifa->ifa_addr));
1810 break;
1811 #endif /* INET */
1812 #ifdef INET6
1813 case AF_INET6:
1814 SC2IFP(sc)->if_flags |= IFF_UP;
1815 error = carp_set_addr6(sc, satosin6(ifa->ifa_addr));
1816 break;
1817 #endif /* INET6 */
1818 default:
1819 error = EAFNOSUPPORT;
1820 break;
1821 }
1822 break;
1823
1824 case SIOCAIFADDR:
1825 switch (ifa->ifa_addr->sa_family) {
1826 #ifdef INET
1827 case AF_INET:
1828 SC2IFP(sc)->if_flags |= IFF_UP;
1829 bcopy(ifa->ifa_addr, ifa->ifa_dstaddr,
1830 sizeof(struct sockaddr));
1831 error = carp_set_addr(sc, satosin(&ifra->ifra_addr));
1832 break;
1833 #endif /* INET */
1834 #ifdef INET6
1835 case AF_INET6:
1836 SC2IFP(sc)->if_flags |= IFF_UP;
1837 error = carp_set_addr6(sc, satosin6(&ifra->ifra_addr));
1838 break;
1839 #endif /* INET6 */
1840 default:
1841 error = EAFNOSUPPORT;
1842 break;
1843 }
1844 break;
1845
1846 case SIOCDIFADDR:
1847 switch (ifa->ifa_addr->sa_family) {
1848 #ifdef INET
1849 case AF_INET:
1850 error = carp_del_addr(sc, satosin(&ifra->ifra_addr));
1851 break;
1852 #endif /* INET */
1853 #ifdef INET6
1854 case AF_INET6:
1855 error = carp_del_addr6(sc, satosin6(&ifra->ifra_addr));
1856 break;
1857 #endif /* INET6 */
1858 default:
1859 error = EAFNOSUPPORT;
1860 break;
1861 }
1862 break;
1863
1864 case SIOCSIFFLAGS:
1865 if (sc->sc_carpdev) {
1866 locked = 1;
1867 CARP_SCLOCK(sc);
1868 }
1869 if (sc->sc_state != INIT && !(ifr->ifr_flags & IFF_UP)) {
1870 callout_stop(&sc->sc_ad_tmo);
1871 callout_stop(&sc->sc_md_tmo);
1872 callout_stop(&sc->sc_md6_tmo);
1873 if (sc->sc_state == MASTER)
1874 carp_send_ad_locked(sc);
1875 carp_set_state(sc, INIT);
1876 carp_setrun(sc, 0);
1877 } else if (sc->sc_state == INIT && (ifr->ifr_flags & IFF_UP)) {
1878 SC2IFP(sc)->if_flags |= IFF_UP;
1879 carp_setrun(sc, 0);
1880 }
1881 break;
1882
1883 case SIOCSVH:
1884 error = suser(curthread);
1885 if (error)
1886 break;
1887 if ((error = copyin(ifr->ifr_data, &carpr, sizeof carpr)))
1888 break;
1889 error = 1;
1890 if (sc->sc_carpdev) {
1891 locked = 1;
1892 CARP_SCLOCK(sc);
1893 }
1894 if (sc->sc_state != INIT && carpr.carpr_state != sc->sc_state) {
1895 switch (carpr.carpr_state) {
1896 case BACKUP:
1897 callout_stop(&sc->sc_ad_tmo);
1898 carp_set_state(sc, BACKUP);
1899 carp_setrun(sc, 0);
1900 carp_setroute(sc, RTM_DELETE);
1901 break;
1902 case MASTER:
1903 carp_master_down_locked(sc);
1904 break;
1905 default:
1906 break;
1907 }
1908 }
1909 if (carpr.carpr_vhid > 0) {
1910 if (carpr.carpr_vhid > 255) {
1911 error = EINVAL;
1912 break;
1913 }
1914 if (sc->sc_carpdev) {
1915 struct carp_if *cif;
1916 cif = (struct carp_if *)sc->sc_carpdev->if_carp;
1917 TAILQ_FOREACH(vr, &cif->vhif_vrs, sc_list)
1918 if (vr != sc &&
1919 vr->sc_vhid == carpr.carpr_vhid)
1920 return EEXIST;
1921 }
1922 sc->sc_vhid = carpr.carpr_vhid;
1923 IF_LLADDR(sc->sc_ifp)[0] = 0;
1924 IF_LLADDR(sc->sc_ifp)[1] = 0;
1925 IF_LLADDR(sc->sc_ifp)[2] = 0x5e;
1926 IF_LLADDR(sc->sc_ifp)[3] = 0;
1927 IF_LLADDR(sc->sc_ifp)[4] = 1;
1928 IF_LLADDR(sc->sc_ifp)[5] = sc->sc_vhid;
1929 error--;
1930 }
1931 if (carpr.carpr_advbase > 0 || carpr.carpr_advskew > 0) {
1932 if (carpr.carpr_advskew >= 255) {
1933 error = EINVAL;
1934 break;
1935 }
1936 if (carpr.carpr_advbase > 255) {
1937 error = EINVAL;
1938 break;
1939 }
1940 sc->sc_advbase = carpr.carpr_advbase;
1941 sc->sc_advskew = carpr.carpr_advskew;
1942 error--;
1943 }
1944 bcopy(carpr.carpr_key, sc->sc_key, sizeof(sc->sc_key));
1945 if (error > 0)
1946 error = EINVAL;
1947 else {
1948 error = 0;
1949 carp_setrun(sc, 0);
1950 }
1951 break;
1952
1953 case SIOCGVH:
1954 /* XXX: lockless read */
1955 bzero(&carpr, sizeof(carpr));
1956 carpr.carpr_state = sc->sc_state;
1957 carpr.carpr_vhid = sc->sc_vhid;
1958 carpr.carpr_advbase = sc->sc_advbase;
1959 carpr.carpr_advskew = sc->sc_advskew;
1960 error = suser(curthread);
1961 if (error == 0)
1962 bcopy(sc->sc_key, carpr.carpr_key,
1963 sizeof(carpr.carpr_key));
1964 error = copyout(&carpr, ifr->ifr_data, sizeof(carpr));
1965 break;
1966
1967 default:
1968 error = EINVAL;
1969 }
1970
1971 if (locked)
1972 CARP_SCUNLOCK(sc);
1973
1974 carp_hmac_prepare(sc);
1975
1976 return (error);
1977 }
1978
1979 /*
1980 * XXX: this is looutput. We should eventually use it from there.
1981 */
1982 static int
1983 carp_looutput(struct ifnet *ifp, struct mbuf *m, struct sockaddr *dst,
1984 struct rtentry *rt)
1985 {
1986 u_int32_t af;
1987
1988 M_ASSERTPKTHDR(m); /* check if we have the packet header */
1989
1990 if (rt && rt->rt_flags & (RTF_REJECT|RTF_BLACKHOLE)) {
1991 m_freem(m);
1992 return (rt->rt_flags & RTF_BLACKHOLE ? 0 :
1993 rt->rt_flags & RTF_HOST ? EHOSTUNREACH : ENETUNREACH);
1994 }
1995
1996 ifp->if_opackets++;
1997 ifp->if_obytes += m->m_pkthdr.len;
1998
1999 /* BPF writes need to be handled specially. */
2000 if (dst->sa_family == AF_UNSPEC) {
2001 bcopy(dst->sa_data, &af, sizeof(af));
2002 dst->sa_family = af;
2003 }
2004
2005 #if 1 /* XXX */
2006 switch (dst->sa_family) {
2007 case AF_INET:
2008 case AF_INET6:
2009 case AF_IPX:
2010 case AF_APPLETALK:
2011 break;
2012 default:
2013 m_freem(m);
2014 return (EAFNOSUPPORT);
2015 }
2016 #endif
2017 return(if_simloop(ifp, m, dst->sa_family, 0));
2018 }
2019
2020 /*
2021 * Start output on carp interface. This function should never be called.
2022 */
2023 static void
2024 carp_start(struct ifnet *ifp)
2025 {
2026 #ifdef DEBUG
2027 kprintf("%s: start called\n", ifp->if_xname);
2028 #endif
2029 }
2030
2031 int
2032 carp_output(struct ifnet *ifp, struct mbuf *m, struct sockaddr *sa,
2033 struct rtentry *rt)
2034 {
2035 struct m_tag *mtag;
2036 struct carp_softc *sc;
2037 struct ifnet *carp_ifp;
2038
2039 if (!sa)
2040 return (0);
2041
2042 switch (sa->sa_family) {
2043 #ifdef INET
2044 case AF_INET:
2045 break;
2046 #endif /* INET */
2047 #ifdef INET6
2048 case AF_INET6:
2049 break;
2050 #endif /* INET6 */
2051 default:
2052 return (0);
2053 }
2054
2055 mtag = m_tag_find(m, PACKET_TAG_CARP, NULL);
2056 if (mtag == NULL)
2057 return (0);
2058
2059 bcopy(mtag + 1, &carp_ifp, sizeof(struct ifnet *));
2060 sc = carp_ifp->if_softc;
2061
2062 /* Set the source MAC address to Virtual Router MAC Address */
2063 switch (ifp->if_type) {
2064 case IFT_ETHER:
2065 case IFT_L2VLAN: {
2066 struct ether_header *eh;
2067
2068 eh = mtod(m, struct ether_header *);
2069 eh->ether_shost[0] = 0;
2070 eh->ether_shost[1] = 0;
2071 eh->ether_shost[2] = 0x5e;
2072 eh->ether_shost[3] = 0;
2073 eh->ether_shost[4] = 1;
2074 eh->ether_shost[5] = sc->sc_vhid;
2075 }
2076 break;
2077 default:
2078 kprintf("%s: carp is not supported for this interface type\n",
2079 ifp->if_xname);
2080 return (EOPNOTSUPP);
2081 }
2082
2083 return (0);
2084
2085 }
2086
2087 static void
2088 carp_set_state(struct carp_softc *sc, int state)
2089 {
2090
2091 if (sc->sc_carpdev)
2092 CARP_SCLOCK_ASSERT(sc);
2093
2094 if (sc->sc_state == state)
2095 return;
2096
2097 sc->sc_state = state;
2098 switch (state) {
2099 case BACKUP:
2100 SC2IFP(sc)->if_link_state = LINK_STATE_DOWN;
2101 break;
2102 case MASTER:
2103 SC2IFP(sc)->if_link_state = LINK_STATE_UP;
2104 break;
2105 default:
2106 SC2IFP(sc)->if_link_state = LINK_STATE_UNKNOWN;
2107 break;
2108 }
2109 rt_ifmsg(SC2IFP(sc));
2110 }
2111
2112 void
2113 carp_carpdev_state(void *v)
2114 {
2115 struct carp_if *cif = v;
2116
2117 CARP_LOCK(cif);
2118 carp_carpdev_state_locked(cif);
2119 CARP_UNLOCK(cif);
2120 }
2121
2122 static void
2123 carp_carpdev_state_locked(struct carp_if *cif)
2124 {
2125 struct carp_softc *sc;
2126
2127 TAILQ_FOREACH(sc, &cif->vhif_vrs, sc_list)
2128 carp_sc_state_locked(sc);
2129 }
2130
2131 static void
2132 carp_sc_state_locked(struct carp_softc *sc)
2133 {
2134 CARP_SCLOCK_ASSERT(sc);
2135
2136 if ( !(sc->sc_carpdev->if_flags & IFF_UP)) {
2137 sc->sc_flags_backup = SC2IFP(sc)->if_flags;
2138 SC2IFP(sc)->if_flags &= ~IFF_UP;
2139 SC2IFP(sc)->if_flags &= ~IFF_RUNNING;
2140 callout_stop(&sc->sc_ad_tmo);
2141 callout_stop(&sc->sc_md_tmo);
2142 callout_stop(&sc->sc_md6_tmo);
2143 carp_set_state(sc, INIT);
2144 carp_setrun(sc, 0);
2145 if (!sc->sc_suppress) {
2146 carp_suppress_preempt++;
2147 if (carp_suppress_preempt == 1) {
2148 CARP_SCUNLOCK(sc);
2149 carp_send_ad_all();
2150 CARP_SCLOCK(sc);
2151 }
2152 }
2153 sc->sc_suppress = 1;
2154 } else {
2155 SC2IFP(sc)->if_flags |= sc->sc_flags_backup;
2156 carp_set_state(sc, INIT);
2157 carp_setrun(sc, 0);
2158 if (sc->sc_suppress)
2159 carp_suppress_preempt--;
2160 sc->sc_suppress = 0;
2161 }
2162
2163 return;
2164 }
2165
2166 static int
2167 carp_modevent(module_t mod, int type, void *data)
2168 {
2169 switch (type) {
2170 case MOD_LOAD:
2171 if_detach_event_tag = EVENTHANDLER_REGISTER(ifnet_departure_event,
2172 carp_ifdetach, NULL, EVENTHANDLER_PRI_ANY);
2173 if (if_detach_event_tag == NULL)
2174 return (ENOMEM);
2175
2176 LIST_INIT(&carpif_list);
2177 if_clone_attach(&carp_cloner);
2178 break;
2179
2180 case MOD_UNLOAD:
2181 EVENTHANDLER_DEREGISTER(ifnet_departure_event, if_detach_event_tag);
2182 if_clone_detach(&carp_cloner);
2183 break;
2184
2185 default:
2186 return (EINVAL);
2187 }
2188
2189 return (0);
2190 }
2191
2192 static moduledata_t carp_mod = {
2193 "carp",
2194 carp_modevent,
2195 0
2196 };
2197
2198 DECLARE_MODULE(carp, carp_mod, SI_SUB_PSEUDO, SI_ORDER_ANY);
DragonFly BSD