diff options
Diffstat (limited to 'sys/net')
| -rw-r--r-- | sys/net/if_bridge.c | 118 | ||||
| -rw-r--r-- | sys/net/if_bridgevar.h | 11 | ||||
| -rw-r--r-- | sys/net/if_epair.c | 35 | ||||
| -rw-r--r-- | sys/net/if_gif.c | 10 | ||||
| -rw-r--r-- | sys/net/iflib.c | 171 | ||||
| -rw-r--r-- | sys/net/pfvar.h | 4 |
6 files changed, 175 insertions, 174 deletions
diff --git a/sys/net/if_bridge.c b/sys/net/if_bridge.c index 46e54339a171..66555fd1feb5 100644 --- a/sys/net/if_bridge.c +++ b/sys/net/if_bridge.c @@ -259,6 +259,7 @@ struct bridge_iflist { struct epoch_context bif_epoch_ctx; ether_vlanid_t bif_pvid; /* port vlan id */ ifbvlan_set_t bif_vlan_set; /* if allowed tagged vlans */ + uint16_t bif_vlanproto; /* vlan protocol */ }; /* @@ -423,6 +424,7 @@ static int bridge_ioctl_gflags(struct bridge_softc *, void *); static int bridge_ioctl_sflags(struct bridge_softc *, void *); static int bridge_ioctl_gdefpvid(struct bridge_softc *, void *); static int bridge_ioctl_sdefpvid(struct bridge_softc *, void *); +static int bridge_ioctl_svlanproto(struct bridge_softc *, void *); static int bridge_pfil(struct mbuf **, struct ifnet *, struct ifnet *, int); #ifdef INET @@ -654,6 +656,9 @@ static const struct bridge_control bridge_control_table[] = { { bridge_ioctl_sdefpvid, sizeof(struct ifbrparam), BC_F_COPYIN|BC_F_SUSER }, + + { bridge_ioctl_svlanproto, sizeof(struct ifbreq), + BC_F_COPYIN|BC_F_SUSER }, }; static const int bridge_control_table_size = nitems(bridge_control_table); @@ -1494,8 +1499,10 @@ bridge_ioctl_add(struct bridge_softc *sc, void *arg) bif->bif_ifp = ifs; bif->bif_flags = IFBIF_LEARNING | IFBIF_DISCOVER; bif->bif_savedcaps = ifs->if_capenable; - if (sc->sc_flags & IFBRF_VLANFILTER) - bif->bif_pvid = sc->sc_defpvid; + bif->bif_vlanproto = ETHERTYPE_VLAN; + bif->bif_pvid = sc->sc_defpvid; + if (sc->sc_flags & IFBRF_DEFQINQ) + bif->bif_flags |= IFBIF_QINQ; /* * Assign the interface's MAC address to the bridge if it's the first @@ -1577,6 +1584,7 @@ bridge_ioctl_gifflags(struct bridge_softc *sc, void *arg) req->ifbr_addrmax = bif->bif_addrmax; req->ifbr_addrexceeded = bif->bif_addrexceeded; req->ifbr_pvid = bif->bif_pvid; + req->ifbr_vlanproto = bif->bif_vlanproto; /* Copy STP state options as flags */ if (bp->bp_operedge) @@ -1961,9 +1969,6 @@ bridge_ioctl_sifpvid(struct bridge_softc *sc, void *arg) struct ifbreq *req = arg; struct bridge_iflist *bif; - if ((sc->sc_flags & IFBRF_VLANFILTER) == 0) - return (EXTERROR(EINVAL, "VLAN filtering not enabled")); - bif = bridge_lookup_member(sc, req->ifbr_ifsname); if (bif == NULL) return (EXTERROR(ENOENT, "Interface is not a bridge member")); @@ -2252,6 +2257,24 @@ bridge_ioctl_sdefpvid(struct bridge_softc *sc, void *arg) return (0); } +static int +bridge_ioctl_svlanproto(struct bridge_softc *sc, void *arg) +{ + struct ifbreq *req = arg; + struct bridge_iflist *bif; + + bif = bridge_lookup_member(sc, req->ifbr_ifsname); + if (bif == NULL) + return (EXTERROR(ENOENT, "Interface is not a bridge member")); + + if (req->ifbr_vlanproto != ETHERTYPE_VLAN && + req->ifbr_vlanproto != ETHERTYPE_QINQ) + return (EXTERROR(EINVAL, "Invalid VLAN protocol")); + + bif->bif_vlanproto = req->ifbr_vlanproto; + + return (0); +} /* * bridge_ifdetach: * @@ -2383,24 +2406,25 @@ bridge_enqueue(struct bridge_softc *sc, struct ifnet *dst_ifp, struct mbuf *m, mflags = m->m_flags; /* - * If VLAN filtering is enabled, and the native VLAN ID of the - * outgoing interface matches the VLAN ID of the frame, remove - * the VLAN header. + * If the native VLAN ID of the outgoing interface matches the + * VLAN ID of the frame, remove the VLAN tag. */ - if ((sc->sc_flags & IFBRF_VLANFILTER) && - bif->bif_pvid != DOT1Q_VID_NULL && + if (bif->bif_pvid != DOT1Q_VID_NULL && VLANTAGOF(m) == bif->bif_pvid) { m->m_flags &= ~M_VLANTAG; m->m_pkthdr.ether_vtag = 0; } /* - * If underlying interface can not do VLAN tag insertion itself - * then attach a packet tag that holds it. + * There are two cases where we have to insert our own tag: + * if the member interface doesn't support hardware tagging, + * or if the tag proto is not 802.1q. */ if ((m->m_flags & M_VLANTAG) && - (dst_ifp->if_capenable & IFCAP_VLAN_HWTAGGING) == 0) { - m = ether_vlanencap(m, m->m_pkthdr.ether_vtag); + ((dst_ifp->if_capenable & IFCAP_VLAN_HWTAGGING) == 0 || + bif->bif_vlanproto != ETHERTYPE_VLAN)) { + m = ether_vlanencap_proto(m, m->m_pkthdr.ether_vtag, + bif->bif_vlanproto); if (m == NULL) { if_printf(dst_ifp, "unable to prepend VLAN header\n"); @@ -2411,6 +2435,12 @@ bridge_enqueue(struct bridge_softc *sc, struct ifnet *dst_ifp, struct mbuf *m, } M_ASSERTPKTHDR(m); /* We shouldn't transmit mbuf without pkthdr */ + /* + * XXXZL: gif(4) requires the af to be saved in csum_data field + * so that gif_transmit() routine can pull it back. + */ + if (dst_ifp->if_type == IFT_GIF) + m->m_pkthdr.csum_data = AF_LINK; if ((err = dst_ifp->if_transmit(dst_ifp, m))) { int n; @@ -2828,9 +2858,29 @@ bridge_input(struct ifnet *ifp, struct mbuf *m) NET_EPOCH_ASSERT(); + /* We need the Ethernet header later, so make sure we have it now. */ + if (m->m_len < ETHER_HDR_LEN) { + m = m_pullup(m, ETHER_HDR_LEN); + if (m == NULL) { + if_inc_counter(sc->sc_ifp, IFCOUNTER_IERRORS, 1); + m_freem(m); + return (NULL); + } + } + eh = mtod(m, struct ether_header *); vlan = VLANTAGOF(m); + /* + * If this frame has a VLAN tag and the receiving interface has a + * vlan(4) trunk, then it is is destined for vlan(4), not for us. + * This means if vlan(4) and bridge(4) are configured on the same + * interface, vlan(4) is preferred, which is what users typically + * expect. + */ + if (vlan != DOT1Q_VID_NULL && ifp->if_vlantrunk != NULL) + return (m); + bif = ifp->if_bridge; if (bif) sc = bif->bif_sc; @@ -3031,19 +3081,13 @@ bridge_input(struct ifnet *ifp, struct mbuf *m) do { GRAB_OUR_PACKETS(bifp) } while (0); /* - * Check the interface the packet arrived on. For tagged frames, - * we need to do this even if member_ifaddrs is disabled because - * vlan(4) might need to handle the traffic. + * If member_ifaddrs is enabled, see if the packet is destined for + * one of the members' addresses. */ - if (V_member_ifaddrs || (vlan && ifp->if_vlantrunk)) + if (V_member_ifaddrs) { + /* Check the interface the packet arrived on. */ do { GRAB_OUR_PACKETS(ifp) } while (0); - /* - * We only need to check other members interface if member_ifaddrs - * is enabled; otherwise we should have never traffic destined for - * a member's lladdr. - */ - if (V_member_ifaddrs) { CK_LIST_FOREACH(bif2, &sc->sc_iflist, bif_next) { GRAB_OUR_PACKETS(bif2->bif_ifp) } @@ -3246,9 +3290,31 @@ bridge_vfilter_in(const struct bridge_iflist *sbif, struct mbuf *m) if (vlan > DOT1Q_VID_MAX) return (false); - /* If VLAN filtering isn't enabled, pass everything. */ - if ((sbif->bif_sc->sc_flags & IFBRF_VLANFILTER) == 0) + /* + * If VLAN filtering isn't enabled, pass everything, but add a tag + * if the port has a pvid configured. + */ + if ((sbif->bif_sc->sc_flags & IFBRF_VLANFILTER) == 0) { + if (vlan == DOT1Q_VID_NULL && + sbif->bif_pvid != DOT1Q_VID_NULL) { + m->m_pkthdr.ether_vtag = sbif->bif_pvid; + m->m_flags |= M_VLANTAG; + } + return (true); + } + + /* If Q-in-Q is disabled, check for stacked tags. */ + if ((sbif->bif_flags & IFBIF_QINQ) == 0) { + struct ether_header *eh; + uint16_t proto; + + eh = mtod(m, struct ether_header *); + proto = ntohs(eh->ether_type); + + if (proto == ETHERTYPE_VLAN || proto == ETHERTYPE_QINQ) + return (false); + } if (vlan == DOT1Q_VID_NULL) { /* diff --git a/sys/net/if_bridgevar.h b/sys/net/if_bridgevar.h index 6718c5ebcc34..b0f579f688ac 100644 --- a/sys/net/if_bridgevar.h +++ b/sys/net/if_bridgevar.h @@ -131,13 +131,15 @@ #define BRDGSFLAGS 35 /* set bridge flags (ifbrparam) */ #define BRDGGDEFPVID 36 /* get default pvid (ifbrparam) */ #define BRDGSDEFPVID 37 /* set default pvid (ifbrparam) */ +#define BRDGSIFVLANPROTO 38 /* set if vlan protocol (ifbreq) */ /* BRDGSFLAGS, Bridge flags (non-interface-specific) */ typedef uint32_t ifbr_flags_t; #define IFBRF_VLANFILTER (1U<<0) /* VLAN filtering enabled */ +#define IFBRF_DEFQINQ (1U<<1) /* 802.1ad Q-in-Q allowed by default */ -#define IFBRFBITS "\020\01VLANFILTER" +#define IFBRFBITS "\020\01VLANFILTER\02DEFQINQ" /* * Generic bridge control request. @@ -156,6 +158,7 @@ struct ifbreq { uint32_t ifbr_addrmax; /* member if addr max */ uint32_t ifbr_addrexceeded; /* member if addr violations */ ether_vlanid_t ifbr_pvid; /* member if PVID */ + uint16_t ifbr_vlanproto; /* member if VLAN protocol */ uint8_t pad[32]; }; @@ -172,12 +175,11 @@ struct ifbreq { #define IFBIF_BSTP_ADMEDGE 0x0200 /* member stp admin edge enabled */ #define IFBIF_BSTP_ADMCOST 0x0400 /* member stp admin path cost */ #define IFBIF_PRIVATE 0x0800 /* if is a private segment */ -/* was IFBIF_VLANFILTER 0x1000 */ -#define IFBIF_QINQ 0x2000 /* if allows 802.1ad Q-in-Q */ +#define IFBIF_QINQ 0x1000 /* if allows 802.1ad Q-in-Q */ #define IFBIFBITS "\020\001LEARNING\002DISCOVER\003STP\004SPAN" \ "\005STICKY\014PRIVATE\006EDGE\007AUTOEDGE\010PTP" \ - "\011AUTOPTP" + "\011AUTOPTP\015QINQ" #define IFBIFMASK ~(IFBIF_BSTP_EDGE|IFBIF_BSTP_AUTOEDGE|IFBIF_BSTP_PTP| \ IFBIF_BSTP_AUTOPTP|IFBIF_BSTP_ADMEDGE| \ IFBIF_BSTP_ADMCOST) /* not saved */ @@ -252,6 +254,7 @@ struct ifbrparam { * addresses */ #define ifbrp_flags ifbrp_ifbrpu.ifbrpu_int32 /* bridge flags */ #define ifbrp_defpvid ifbrp_ifbrpu.ifbrpu_int16 /* default pvid */ +#define ifbrp_vlanproto ifbrp_ifbrpu.ifbrpu_int8 /* vlan protocol */ /* * Bridge current operational parameters structure. diff --git a/sys/net/if_epair.c b/sys/net/if_epair.c index 7051e31565d4..a213a84e17db 100644 --- a/sys/net/if_epair.c +++ b/sys/net/if_epair.c @@ -58,6 +58,7 @@ #include <sys/smp.h> #include <sys/socket.h> #include <sys/sockio.h> +#include <sys/sysctl.h> #include <sys/taskqueue.h> #include <net/bpf.h> @@ -97,6 +98,15 @@ static unsigned int next_index = 0; #define EPAIR_LOCK() mtx_lock(&epair_n_index_mtx) #define EPAIR_UNLOCK() mtx_unlock(&epair_n_index_mtx) +SYSCTL_DECL(_net_link); +static SYSCTL_NODE(_net_link, OID_AUTO, epair, CTLFLAG_RW | CTLFLAG_MPSAFE, 0, + "Pair of virtual cross-over connected Ethernet-like interfaces"); + +static bool use_ether_gen_addr = true; +SYSCTL_BOOL(_net_link_epair, OID_AUTO, ether_gen_addr, CTLFLAG_RWTUN, + &use_ether_gen_addr, false, + "Generate MAC with FreeBSD OUI using ether_gen_addr(9)"); + struct epair_softc; struct epair_queue { struct mtx mtx; @@ -496,15 +506,29 @@ epair_clone_match(struct if_clone *ifc, const char *name) } static void +epair_generate_mac_byname(struct epair_softc *sc, uint8_t eaddr[]) +{ + struct ether_addr gen_eaddr; + int i; + + ether_gen_addr_byname(if_name(sc->ifp), &gen_eaddr); + for (i = 0; i < ETHER_ADDR_LEN; i++) + eaddr[i] = gen_eaddr.octet[i]; +} + +static void epair_clone_add(struct if_clone *ifc, struct epair_softc *scb) { struct ifnet *ifp; uint8_t eaddr[ETHER_ADDR_LEN]; /* 00:00:00:00:00:00 */ ifp = scb->ifp; - /* Copy epairNa etheraddr and change the last byte. */ - memcpy(eaddr, scb->oifp->if_hw_addr, ETHER_ADDR_LEN); - eaddr[5] = 0x0b; + if (!use_ether_gen_addr) { + /* Copy epairNa etheraddr and change the last byte. */ + memcpy(eaddr, scb->oifp->if_hw_addr, ETHER_ADDR_LEN); + eaddr[5] = 0x0b; + } else + epair_generate_mac_byname(scb, eaddr); ether_ifattach(ifp, eaddr); if_clone_addif(ifc, ifp); @@ -719,7 +743,10 @@ epair_clone_create(struct if_clone *ifc, char *name, size_t len, /* Finish initialization of interface <n>a. */ ifp = sca->ifp; epair_setup_ifp(sca, name, unit); - epair_generate_mac(sca, eaddr); + if (!use_ether_gen_addr) + epair_generate_mac(sca, eaddr); + else + epair_generate_mac_byname(sca, eaddr); ether_ifattach(ifp, eaddr); diff --git a/sys/net/if_gif.c b/sys/net/if_gif.c index ef64c15074ed..272ab214a788 100644 --- a/sys/net/if_gif.c +++ b/sys/net/if_gif.c @@ -312,10 +312,7 @@ gif_transmit(struct ifnet *ifp, struct mbuf *m) goto err; } /* Now pull back the af that we stashed in the csum_data. */ - if (ifp->if_bridge) - af = AF_LINK; - else - af = m->m_pkthdr.csum_data; + af = m->m_pkthdr.csum_data; m->m_flags &= ~(M_BCAST|M_MCAST); M_SETFIB(m, sc->gif_fibnum); BPF_MTAP2(ifp, &af, sizeof(af), m); @@ -355,6 +352,8 @@ gif_transmit(struct ifnet *ifp, struct mbuf *m) break; #endif case AF_LINK: + KASSERT(ifp->if_bridge != NULL, + ("%s: bridge not attached", __func__)); proto = IPPROTO_ETHERIP; M_PREPEND(m, sizeof(struct etherip_header), M_NOWAIT); if (m == NULL) { @@ -405,9 +404,6 @@ gif_output(struct ifnet *ifp, struct mbuf *m, const struct sockaddr *dst, { uint32_t af; - KASSERT(ifp->if_bridge == NULL, - ("%s: unexpectedly called with bridge attached", __func__)); - /* BPF writes need to be handled specially. */ if (dst->sa_family == AF_UNSPEC || dst->sa_family == pseudo_AF_HDRCMPLT) memcpy(&af, dst->sa_data, sizeof(af)); diff --git a/sys/net/iflib.c b/sys/net/iflib.c index 2b8f0e617df3..6638c90882aa 100644 --- a/sys/net/iflib.c +++ b/sys/net/iflib.c @@ -70,6 +70,7 @@ #include <netinet/ip.h> #include <netinet/ip6.h> #include <netinet/tcp.h> +#include <netinet/udp.h> #include <netinet/ip_var.h> #include <netinet6/ip6_var.h> @@ -2889,51 +2890,6 @@ iflib_rxd_pkt_get(iflib_rxq_t rxq, if_rxd_info_t ri) return (m); } -#if defined(INET6) || defined(INET) -static void -iflib_get_ip_forwarding(struct lro_ctrl *lc, bool *v4, bool *v6) -{ - CURVNET_SET(if_getvnet(lc->ifp)); -#if defined(INET6) - *v6 = V_ip6_forwarding; -#endif -#if defined(INET) - *v4 = V_ipforwarding; -#endif - CURVNET_RESTORE(); -} - -/* - * Returns true if it's possible this packet could be LROed. - * if it returns false, it is guaranteed that tcp_lro_rx() - * would not return zero. - */ -static bool -iflib_check_lro_possible(struct mbuf *m, bool v4_forwarding, bool v6_forwarding) -{ - struct ether_header *eh; - - eh = mtod(m, struct ether_header *); - switch (eh->ether_type) { -#if defined(INET6) - case htons(ETHERTYPE_IPV6): - return (!v6_forwarding); -#endif -#if defined(INET) - case htons(ETHERTYPE_IP): - return (!v4_forwarding); -#endif - } - - return (false); -} -#else -static void -iflib_get_ip_forwarding(struct lro_ctrl *lc __unused, bool *v4 __unused, bool *v6 __unused) -{ -} -#endif - static void _task_fn_rx_watchdog(void *context) { @@ -2955,18 +2911,16 @@ iflib_rxeof(iflib_rxq_t rxq, qidx_t budget) int err, budget_left, rx_bytes, rx_pkts; iflib_fl_t fl; int lro_enabled; - bool v4_forwarding, v6_forwarding, lro_possible; uint8_t retval = 0; /* * XXX early demux data packets so that if_input processing only handles * acks in interrupt context */ - struct mbuf *m, *mh, *mt, *mf; + struct mbuf *m, *mh, *mt; NET_EPOCH_ASSERT(); - lro_possible = v4_forwarding = v6_forwarding = false; ifp = ctx->ifc_ifp; mh = mt = NULL; MPASS(budget > 0); @@ -2982,6 +2936,8 @@ iflib_rxeof(iflib_rxq_t rxq, qidx_t budget) return (retval); } + lro_enabled = (if_getcapenable(ifp) & IFCAP_LRO); + /* pfil needs the vnet to be set */ CURVNET_SET_QUIET(if_getvnet(ifp)); for (budget_left = budget; budget_left > 0 && avail > 0;) { @@ -3026,7 +2982,17 @@ iflib_rxeof(iflib_rxq_t rxq, qidx_t budget) if (__predict_false(m == NULL)) continue; - /* imm_pkt: -- cxgb */ +#ifndef __NO_STRICT_ALIGNMENT + if (!IP_ALIGNED(m) && (m = iflib_fixup_rx(m)) == NULL) + continue; +#endif +#if defined(INET6) || defined(INET) + if (lro_enabled) { + tcp_lro_queue_mbuf(&rxq->ifr_lc, m); + continue; + } +#endif + if (mh == NULL) mh = mt = m; else { @@ -3039,49 +3005,8 @@ iflib_rxeof(iflib_rxq_t rxq, qidx_t budget) for (i = 0, fl = &rxq->ifr_fl[0]; i < sctx->isc_nfl; i++, fl++) retval |= iflib_fl_refill_all(ctx, fl); - lro_enabled = (if_getcapenable(ifp) & IFCAP_LRO); - if (lro_enabled) - iflib_get_ip_forwarding(&rxq->ifr_lc, &v4_forwarding, &v6_forwarding); - mt = mf = NULL; - while (mh != NULL) { - m = mh; - mh = mh->m_nextpkt; - m->m_nextpkt = NULL; -#ifndef __NO_STRICT_ALIGNMENT - if (!IP_ALIGNED(m) && (m = iflib_fixup_rx(m)) == NULL) - continue; -#endif -#if defined(INET6) || defined(INET) - if (lro_enabled) { - if (!lro_possible) { - lro_possible = iflib_check_lro_possible(m, v4_forwarding, v6_forwarding); - if (lro_possible && mf != NULL) { - if_input(ifp, mf); - DBG_COUNTER_INC(rx_if_input); - mt = mf = NULL; - } - } - if ((m->m_pkthdr.csum_flags & (CSUM_L4_CALC | CSUM_L4_VALID)) == - (CSUM_L4_CALC | CSUM_L4_VALID)) { - if (lro_possible && tcp_lro_rx(&rxq->ifr_lc, m, 0) == 0) - continue; - } - } -#endif - if (lro_possible) { - if_input(ifp, m); - DBG_COUNTER_INC(rx_if_input); - continue; - } - - if (mf == NULL) - mf = m; - if (mt != NULL) - mt->m_nextpkt = m; - mt = m; - } - if (mf != NULL) { - if_input(ifp, mf); + if (mh != NULL) { + if_input(ifp, mh); DBG_COUNTER_INC(rx_if_input); } @@ -3372,42 +3297,28 @@ iflib_parse_header(iflib_txq_t txq, if_pkt_info_t pi, struct mbuf **mp) #ifdef INET case ETHERTYPE_IP: { - struct mbuf *n; - struct ip *ip = NULL; - struct tcphdr *th = NULL; - int minthlen; + struct ip *ip; + struct tcphdr *th; + uint8_t hlen; - minthlen = min(m->m_pkthdr.len, pi->ipi_ehdrlen + sizeof(*ip) + sizeof(*th)); - if (__predict_false(m->m_len < minthlen)) { - /* - * if this code bloat is causing too much of a hit - * move it to a separate function and mark it noinline - */ - if (m->m_len == pi->ipi_ehdrlen) { - n = m->m_next; - MPASS(n); - if (n->m_len >= sizeof(*ip)) { - ip = (struct ip *)n->m_data; - if (n->m_len >= (ip->ip_hl << 2) + sizeof(*th)) - th = (struct tcphdr *)((caddr_t)ip + (ip->ip_hl << 2)); - } else { - txq->ift_pullups++; - if (__predict_false((m = m_pullup(m, minthlen)) == NULL)) - return (ENOMEM); - ip = (struct ip *)(m->m_data + pi->ipi_ehdrlen); - } - } else { - txq->ift_pullups++; - if (__predict_false((m = m_pullup(m, minthlen)) == NULL)) - return (ENOMEM); - ip = (struct ip *)(m->m_data + pi->ipi_ehdrlen); - if (m->m_len >= (ip->ip_hl << 2) + sizeof(*th)) - th = (struct tcphdr *)((caddr_t)ip + (ip->ip_hl << 2)); - } - } else { - ip = (struct ip *)(m->m_data + pi->ipi_ehdrlen); - if (m->m_len >= (ip->ip_hl << 2) + sizeof(*th)) - th = (struct tcphdr *)((caddr_t)ip + (ip->ip_hl << 2)); + hlen = pi->ipi_ehdrlen + sizeof(*ip); + if (__predict_false(m->m_len < hlen)) { + txq->ift_pullups++; + if (__predict_false((m = m_pullup(m, hlen)) == NULL)) + return (ENOMEM); + } + ip = (struct ip *)(m->m_data + pi->ipi_ehdrlen); + hlen = pi->ipi_ehdrlen + (ip->ip_hl << 2); + if (ip->ip_p == IPPROTO_TCP) { + hlen += sizeof(*th); + th = (struct tcphdr *)((char *)ip + (ip->ip_hl << 2)); + } else if (ip->ip_p == IPPROTO_UDP) { + hlen += sizeof(struct udphdr); + } + if (__predict_false(m->m_len < hlen)) { + txq->ift_pullups++; + if ((m = m_pullup(m, hlen)) == NULL) + return (ENOMEM); } pi->ipi_ip_hlen = ip->ip_hl << 2; pi->ipi_ipproto = ip->ip_p; @@ -3417,12 +3328,6 @@ iflib_parse_header(iflib_txq_t txq, if_pkt_info_t pi, struct mbuf **mp) /* TCP checksum offload may require TCP header length */ if (IS_TX_OFFLOAD4(pi)) { if (__predict_true(pi->ipi_ipproto == IPPROTO_TCP)) { - if (__predict_false(th == NULL)) { - txq->ift_pullups++; - if (__predict_false((m = m_pullup(m, (ip->ip_hl << 2) + sizeof(*th))) == NULL)) - return (ENOMEM); - th = (struct tcphdr *)((caddr_t)ip + pi->ipi_ip_hlen); - } pi->ipi_tcp_hflags = tcp_get_flags(th); pi->ipi_tcp_hlen = th->th_off << 2; pi->ipi_tcp_seq = th->th_seq; diff --git a/sys/net/pfvar.h b/sys/net/pfvar.h index 8dae95c2cc2e..c397f0b67896 100644 --- a/sys/net/pfvar.h +++ b/sys/net/pfvar.h @@ -2338,6 +2338,10 @@ VNET_DECLARE(uma_zone_t, pf_udp_mapping_z); #define V_pf_udp_mapping_z VNET(pf_udp_mapping_z) VNET_DECLARE(uma_zone_t, pf_state_scrub_z); #define V_pf_state_scrub_z VNET(pf_state_scrub_z) +VNET_DECLARE(uma_zone_t, pf_anchor_z); +#define V_pf_anchor_z VNET(pf_anchor_z) +VNET_DECLARE(uma_zone_t, pf_eth_anchor_z); +#define V_pf_eth_anchor_z VNET(pf_eth_anchor_z) extern void pf_purge_thread(void *); extern void pf_unload_vnet_purge(void); |